[postconf-devel] [postconf.5.html] UPDATE

Werner Detter werner at detter.biz
Sun Mar 18 19:06:24 CET 2012


Hi,

wollt ihr mein Skript hier nicht mal deaktivieren nachdem das Projekt ja
quasi tot ist? :)

Grüsse,
Werner




Am 18.03.12 19:00, schrieb postconf-devel at de.postfix.org:
> -- generated message --
> 
> postconf.5.html has been updated:
> 
> *** /tmp/postconf.5.html.orig	2012-03-05 11:40:00.000000000 +0100
> --- /tmp/postconf.5.html	2012-03-18 19:00:02.000000000 +0100
> ***************
> *** 87,109 ****
>   
> - <DT><b><a name="access_map_defer_code">access_map_defer_code</a>
> - (default: 450)</b></DT><DD>
> - 
> - <p>
> - The numerical Postfix SMTP server response code for
> - an <a href="access.5.html">access(5)</a> map "defer" action, including "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>"
> - or "<a href="postconf.5.html#defer_if_reject">defer_if_reject</a>". Prior to Postfix 2.6, the response
> - is hard-coded as "450".
> - </p>
> - 
> - <p>
> - Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>.
> - </p>
> - 
> - <p>
> - This feature is available in Postfix 2.6 and later.
> - </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="access_map_reject_code">access_map_reject_code</a>
> --- 87,88 ----
> ***************
> *** 112,115 ****
>   <p>
> ! The numerical Postfix SMTP server response code for
> ! an <a href="access.5.html">access(5)</a> map "reject" action.
>   </p>
> --- 91,94 ----
>   <p>
> ! The numerical Postfix SMTP server response code when a client
> ! is rejected by an <a href="access.5.html">access(5)</a> map restriction.
>   </p>
> ***************
> *** 123,146 ****
>   
> - <DT><b><a name="address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a>
> - (default: 12h)</b></DT><DD>
> - 
> - <p> The amount of time between <a href="verify.8.html">verify(8)</a> address verification
> - database cleanup runs. This feature requires that the database
> - supports the "delete" and "sequence" operators.  Specify a zero
> - interval to disable database cleanup. </p>
> - 
> - <p> After each database cleanup run, the <a href="verify.8.html">verify(8)</a> daemon logs the
> - number of entries that were retained and dropped. A cleanup run is
> - logged as "partial" when the daemon terminates early after "<b>postfix
> - reload</b>", "<b>postfix stop</b>", or no requests for $<a href="postconf.5.html#max_idle">max_idle</a>
> - seconds. </p>
> - 
> - <p> Time units: s (seconds), m (minutes), h (hours), d (days), w
> - (weeks). </p>
> - 
> - <p> This feature is available in Postfix 2.7. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="address_verify_default_transport">address_verify_default_transport</a>
> --- 102,103 ----
> ***************
> *** 176,181 ****
>   <DT><b><a name="address_verify_map">address_verify_map</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
>   <p>
> ! Lookup table for persistent address verification status
>   storage.  The table is maintained by the <a href="verify.8.html">verify(8)</a> service, and
> --- 133,138 ----
>   <DT><b><a name="address_verify_map">address_verify_map</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional lookup table for persistent address verification status
>   storage.  The table is maintained by the <a href="verify.8.html">verify(8)</a> service, and
> ***************
> *** 185,190 ****
>   <p>
> ! The lookup table is persistent by default (Postfix 2.7 and later).
> ! Specify an empty table name to keep the information in volatile
> ! memory which is lost after "<b>postfix reload</b>" or "<b>postfix
> ! stop</b>". This is the default with Postfix version 2.6 and earlier.
>   </p>
> --- 142,145 ----
>   <p>
> ! By default, the information is kept in volatile memory, and is lost
> ! after "<b>postfix reload</b>" or "<b>postfix stop</b>".
>   </p>
> ***************
> *** 194,204 ****
>   database becomes corrupted, the world comes to an end. To recover
> ! delete (NOT: truncate) the file and do "<b>postfix reload</b>".
>   </p>
>   
> ! <p> Postfix daemon processes do not use root privileges when opening
> ! this file (Postfix 2.5 and later).  The file must therefore be
> ! stored under a Postfix-owned directory such as the <a href="postconf.5.html#data_directory">data_directory</a>.
> ! As a migration aid, an attempt to open the file under a non-Postfix
> ! directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a
> ! warning is logged. </p>
>   
> --- 149,158 ----
>   database becomes corrupted, the world comes to an end. To recover
> ! delete the file and do "<b>postfix reload</b>".
>   </p>
>   
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file. The file should now be stored under the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
> ! under a non-Postfix directory is redirected to the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
>   
> ***************
> *** 276,278 ****
>   <DT><b><a name="address_verify_poll_count">address_verify_poll_count</a>
> ! (default: normal: 3, overload: 1)</b></DT><DD>
>   
> --- 230,232 ----
>   <DT><b><a name="address_verify_poll_count">address_verify_poll_count</a>
> ! (default: 3)</b></DT><DD>
>   
> ***************
> *** 283,289 ****
>   
> ! <p> By default, the Postfix SMTP server polls the <a href="verify.8.html">verify(8)</a> service
> ! up to three times under non-overload conditions, and only once when
> ! under overload.  With Postfix version 2.5 and earlier, the SMTP
> ! server always polls the <a href="verify.8.html">verify(8)</a> service up to three times by
> ! default.  </p>
>   
> --- 237,241 ----
>   
> ! <p>
> ! The default poll count is 3.
> ! </p>
>   
> ***************
> *** 291,293 ****
>   Specify 1 to implement a crude form of greylisting, that is, always
> ! defer the first delivery request for a new address.
>   </p>
> --- 243,245 ----
>   Specify 1 to implement a crude form of greylisting, that is, always
> ! defer the first delivery request for a never seen before address.
>   </p>
> ***************
> *** 295,297 ****
>   <p>
> ! Examples:
>   </p>
> --- 247,249 ----
>   <p>
> ! Example:
>   </p>
> ***************
> *** 299,303 ****
>   <pre>
> - # Postfix ≤ 2.6 default
> - <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = 3
> - # Poor man's greylisting
>   <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = 1
> --- 251,252 ----
> ***************
> *** 435,447 ****
>   
> - <DT><b><a name="address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a>
> - (default: $<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>)</b></DT><DD>
> - 
> - <p> Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter
> - setting for address verification probes.  </p>
> - 
> - <p> This feature is available in Postfix 2.7 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a>
> --- 384,385 ----
> ***************
> *** 461,489 ****
>   
> - <DT><b><a name="address_verify_sender_ttl">address_verify_sender_ttl</a>
> - (default: 0s)</b></DT><DD>
> - 
> - <p> The time between changes in the time-dependent portion of address
> - verification probe sender addresses. The time-dependent portion is
> - appended to the localpart of the address specified with the
> - <a href="postconf.5.html#address_verify_sender">address_verify_sender</a> parameter. This feature is ignored when the
> - probe sender addresses is the null sender, i.e. the <a href="postconf.5.html#address_verify_sender">address_verify_sender</a>
> - value is empty or <>. </p>
> - 
> - <p> Historically, the probe sender address was fixed. This has
> - caused such addresses to end up on spammer mailing lists, and has
> - resulted in wasted network and processing resources.  </p>
> - 
> - <p> To enable time-dependent probe sender addresses, specify a
> - non-zero time value (an integral value plus an optional one-letter
> - suffix that specifies the time unit).  Specify a value of at least
> - several hours, to avoid problems with senders that use greylisting.
> - Avoid nice TTL values, to make the result less predictable.  Time
> - units are: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> - </p>
> - 
> - <p> This feature is available in Postfix 2.9 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="address_verify_service_name">address_verify_service_name</a>
> --- 399,400 ----
> ***************
> *** 695,697 ****
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> --- 606,608 ----
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ***************
> *** 749,762 ****
>   
> - <DT><b><a name="always_add_missing_headers">always_add_missing_headers</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> Always add (Resent-) From:, To:, Date: or Message-ID: headers
> - when not present.  Postfix 2.6 and later add these headers only
> - when clients match the <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter
> - setting.  Earlier Postfix versions always add these headers; this
> - may break DKIM signatures that cover non-existent headers. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="always_bcc">always_bcc</a>
> --- 660,661 ----
> ***************
> *** 776,779 ****
>   To avoid mailer loops, automatic BCC recipients are not generated
> ! after Postfix forwards mail internally, or after Postfix generates
> ! mail itself. </p>
>   
> --- 675,678 ----
>   To avoid mailer loops, automatic BCC recipients are not generated
> ! for mail that Postfix forwards internally, nor for mail that Postfix
> ! generates itself. </p>
>   
> ***************
> *** 859,861 ****
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> --- 758,760 ----
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ***************
> *** 896,898 ****
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> --- 795,797 ----
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ***************
> *** 906,908 ****
>   How long the <a href="postkick.1.html">postkick(1)</a> command waits for a request to enter the
> ! Postfix daemon process input buffer before giving up.
>   </p>
> --- 805,807 ----
>   How long the <a href="postkick.1.html">postkick(1)</a> command waits for a request to enter the
> ! server's input buffer before giving up.
>   </p>
> ***************
> *** 922,924 ****
>   <DT><b><a name="authorized_flush_users">authorized_flush_users</a>
> ! (default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
>   
> --- 821,823 ----
>   <DT><b><a name="authorized_flush_users">authorized_flush_users</a>
> ! (default: static:anyone)</b></DT><DD>
>   
> ***************
> *** 956,958 ****
>   <DT><b><a name="authorized_mailq_users">authorized_mailq_users</a>
> ! (default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
>   
> --- 855,857 ----
>   <DT><b><a name="authorized_mailq_users">authorized_mailq_users</a>
> ! (default: static:anyone)</b></DT><DD>
>   
> ***************
> *** 990,992 ****
>   <DT><b><a name="authorized_submit_users">authorized_submit_users</a>
> ! (default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
>   
> --- 889,891 ----
>   <DT><b><a name="authorized_submit_users">authorized_submit_users</a>
> ! (default: static:anyone)</b></DT><DD>
>   
> ***************
> *** 1021,1023 ****
>   <pre>
> ! <a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> = !www, <a href="DATABASE_README.html#types">static</a>:all
>   </pre>
> --- 920,922 ----
>   <pre>
> ! <a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> = !www, static:all
>   </pre>
> ***************
> *** 1034,1036 ****
>   
> ! <p> What remote SMTP clients are allowed to specify the XVERP command.
>   This command requests that mail be delivered one recipient at a
> --- 933,935 ----
>   
> ! <p> What SMTP clients are allowed to specify the XVERP command.
>   This command requests that mail be delivered one recipient at a
> ***************
> *** 1246,1252 ****
>   <p> The maximal amount of original message text that is sent in a
> ! non-delivery notification. Specify a byte count.  A message is
> ! returned as either message/rfc822 (the complete original) or as
> ! text/rfc822-headers (the headers only).  With Postfix version 2.4
> ! and earlier, a message is always returned as message/rfc822 and is
> ! truncated when it exceeds the size limit.
>   </p>
> --- 1145,1151 ----
>   <p> The maximal amount of original message text that is sent in a
> ! non-delivery notification. Specify a byte count. With Postfix 2.4
> ! and later, a message is returned as either message/rfc822 (the
> ! complete original) or as text/rfc822-headers (the headers only).
> ! With earlier Postfix versions, a message is always returned as
> ! message/rfc822 and is truncated when it exceeds the size limit.
>   </p>
> ***************
> *** 1293,1295 ****
>   <p>
> ! Enable inter-operability with remote SMTP clients that implement an obsolete
>   version of the AUTH command (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>). Examples of such clients
> --- 1192,1194 ----
>   <p>
> ! Enable inter-operability with SMTP clients that implement an obsolete
>   version of the AUTH command (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>). Examples of such clients
> ***************
> *** 1360,1362 ****
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> --- 1259,1261 ----
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ***************
> *** 1537,1540 ****
>   
> - <p> This feature is available in Postfix 2.2 and later. </p>
> - 
>   
> --- 1436,1437 ----
> ***************
> *** 1568,1593 ****
>   
> ! <p> After the message is queued, send the entire message to the
> ! specified <i>transport:destination</i>. The <i>transport</i> name
> ! specifies the first field of a mail delivery agent definition in
> ! <a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>destination</i> is described
> ! in the manual page of the corresponding delivery agent.  More
> ! information about external content filters is in the Postfix
> ! <a href="FILTER_README.html">FILTER_README</a> file.  </p>
> ! 
> ! <p> Notes: </p>
> ! 
> ! <ul>
> ! 
> ! <li> <p> This setting has lower precedence than a FILTER action
> ! that is specified in an <a href="access.5.html">access(5)</a>, <a href="header_checks.5.html">header_checks(5)</a> or <a href="header_checks.5.html">body_checks(5)</a>
> ! table. </p>
> ! 
> ! <li> <p> The meaning of an empty next-hop filter <i>destination</i>
> ! is version dependent.  Postfix 2.7 and later will use the recipient
> ! domain; earlier versions will use $<a href="postconf.5.html#myhostname">myhostname</a>.  Specify
> ! "<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> = $<a href="postconf.5.html#myhostname">myhostname</a>" for compatibility with Postfix
> ! 2.6 or earlier, or specify a <a href="postconf.5.html#content_filter">content_filter</a> value with an explicit
> ! next-hop <i>destination</i>.  </p>
>   
> ! </ul>
>   
> --- 1465,1477 ----
>   
> ! <p>
> ! The name of a mail delivery transport that filters mail after
> ! it is queued.
> ! </p>
>   
> ! <p>
> ! This parameter uses the same syntax as the right-hand side of a
> ! Postfix <a href="transport.5.html">transport(5)</a> table. This setting has a lower precedence
> ! than a content filter that is specified with an <a href="access.5.html">access(5)</a> table or
> ! in a <a href="header_checks.5.html">header_checks(5)</a> or <a href="header_checks.5.html">body_checks(5)</a> table.
> ! </p>
>   
> ***************
> *** 1622,1656 ****
>   
> - <DT><b><a name="daemon_table_open_error_is_fatal">daemon_table_open_error_is_fatal</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> How a Postfix daemon process handles errors while opening lookup
> - tables: gradual degradation or immediate termination. </p>
> - 
> - <dl>
> - 
> - <dt> <b> no </b> (default) </dt> <dd> <p> Gradual degradation: a
> - daemon process logs a message of type "error" and continues execution
> - with reduced functionality. Features that do not depend on the
> - unavailable table will work normally, while features that depend
> - on the table will result in a type "warning" message.  <br> When
> - the <a href="postconf.5.html#notify_classes">notify_classes</a> parameter value contains the "data" class, the
> - Postfix SMTP server and client will report transcripts of sessions
> - with an error because a table is unavailable.  </p> </dd>
> - 
> - <dt> <b> yes </b> (historical behavior) </dt> <dd> <p> Immediate
> - termination: a daemon process logs a type "fatal" message and
> - terminates immediately.  This option reduces the number of possible
> - code paths through Postfix, and may therefore be slightly more
> - secure than the default.  </p> </dd>
> - 
> - </dl>
> - 
> - <p> For the sake of sanity, the number of type "error" messages is
> - limited to 13 over the lifetime of a daemon process. </p>
> - 
> - <p> This feature is available in Postfix 2.9 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="daemon_timeout">daemon_timeout</a>
> --- 1506,1507 ----
> ***************
> *** 1711,1713 ****
>   <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = 127.0.0.1
> ! <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = example.com
>   </pre>
> --- 1562,1564 ----
>   <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = 127.0.0.1
> ! <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = some.domain
>   </pre>
> ***************
> *** 1960,1962 ****
>   
> ! <p> Use <a href="postconf.5.html#transport_destination_concurrency_negative_feedback"><i>transport</i>_destination_concurrency_negative_feedback</a>
>   to specify a transport-specific override, where <i>transport</i>
> --- 1811,1813 ----
>   
> ! <p> Use <a href="postconf.5.html#transport_destination_concurrency_positive_feedback"><i>transport</i>_destination_concurrency_negative_feedback</a>
>   to specify a transport-specific override, where <i>transport</i>
> ***************
> *** 2033,2036 ****
>   <p> NOTE: the delay is enforced by the queue manager. The delay
> ! timer state does not survive "<b>postfix reload</b>" or "<b>postfix
> ! stop</b>".
>   </p>
> --- 1884,1886 ----
>   <p> NOTE: the delay is enforced by the queue manager. The delay
> ! timer state does not survive "postfix reload" or "postfix stop".
>   </p>
> ***************
> *** 2042,2048 ****
>   
> - <p> NOTE: with a non-zero _destination_rate_delay, specify a
> - <a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a> of 10
> - or more to prevent Postfix from deferring all mail for the same
> - destination after only one connection or handshake error. </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 1892,1893 ----
> ***************
> *** 2093,2109 ****
>   
> - <DT><b><a name="default_filter_nexthop">default_filter_nexthop</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> When a <a href="postconf.5.html#content_filter">content_filter</a> or FILTER request specifies no explicit
> - next-hop destination, use $<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> instead; when
> - that value is empty, use the domain in the recipient address.
> - Specify "<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> = $<a href="postconf.5.html#myhostname">myhostname</a>" for compatibility
> - with Postfix version 2.6 and earlier, or specify an explicit next-hop
> - destination with each <a href="postconf.5.html#content_filter">content_filter</a> value or FILTER action. </p>
> - 
> - <p> This feature is available in Postfix 2.7 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="default_minimum_delivery_slots">default_minimum_delivery_slots</a>
> --- 1938,1939 ----
> ***************
> *** 2156,2158 ****
>   <p>
> ! The default Postfix SMTP server response template for a request that is
>   rejected by an RBL-based restriction. This template can be overruled
> --- 1986,1988 ----
>   <p>
> ! The default SMTP server response template for a request that is
>   rejected by an RBL-based restriction. This template can be overruled
> ***************
> *** 2346,2356 ****
>   $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>,
> ! or $<a href="postconf.5.html#relay_domains">relay_domains</a>.  This information can be overruled with the
> ! <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter and with the
> ! <a href="transport.5.html">transport(5)</a> table. </p>
> ! 
> ! <p>
> ! In order of decreasing precedence, the nexthop destination is taken
> ! from $<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>, $<a href="postconf.5.html#default_transport">default_transport</a>,
>   $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or from the recipient
> ! domain.
>   </p>
> --- 2176,2182 ----
>   $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>,
> ! or $<a href="postconf.5.html#relay_domains">relay_domains</a>.  In order of decreasing precedence, the nexthop
> ! destination is taken from $<a href="postconf.5.html#default_transport">default_transport</a>,
>   $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or from the recipient
> ! domain. This information can be overruled with the <a href="transport.5.html">transport(5)</a>
> ! table.
>   </p>
> ***************
> *** 2360,2363 ****
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> destination is optional; its syntax is documented
> ! in the manual page of the corresponding delivery agent.
>   </p>
> --- 2186,2189 ----
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> part is optional.  For more details see the
> ! <a href="transport.5.html">transport(5)</a> manual page.
>   </p>
> ***************
> *** 2462,2464 ****
>   
> ! <li> c = time in connection setup, including DNS, EHLO and STARTTLS
>   
> --- 2288,2290 ----
>   
> ! <li> c = time in connection setup, including DNS, EHLO and TLS
>   
> ***************
> *** 2651,2673 ****
>   
> - <DT><b><a name="dnsblog_reply_delay">dnsblog_reply_delay</a>
> - (default: 0s)</b></DT><DD>
> - 
> - <p> A debugging aid to artifically delay DNS responses. </p>
> - 
> - <p> This feature is available in Postfix 2.8.  </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="dnsblog_service_name">dnsblog_service_name</a>
> - (default: dnsblog)</b></DT><DD>
> - 
> - <p> The name of the <a href="dnsblog.8.html">dnsblog(8)</a> service entry in <a href="master.5.html">master.cf</a>. This
> - service performs DNS white/blacklist lookups. </p>
> - 
> - <p> This feature is available in Postfix 2.8 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="dont_remove">dont_remove</a>
> --- 2477,2478 ----
> ***************
> *** 2704,2716 ****
>   
> - <DT><b><a name="empty_address_default_transport_maps_lookup_key">empty_address_default_transport_maps_lookup_key</a>
> - (default: <>)</b></DT><DD>
> - 
> - <p> The <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> search string that
> - will be used instead of the null sender address. </p>
> - 
> - <p> This feature is available in Postfix 2.7 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="empty_address_recipient">empty_address_recipient</a>
> --- 2509,2510 ----
> ***************
> *** 2752,2839 ****
>   
> - <DT><b><a name="enable_long_queue_ids">enable_long_queue_ids</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> Enable long, non-repeating, queue IDs (queue file names).  The
> - benefit of non-repeating names is simpler logfile analysis and
> - easier queue migration (there is no need to run "postsuper" to
> - change queue file names that don't match their message file inode
> - number).  </p>
> - 
> - <p> Note: see below for how to prepare long queue file names
> - for migration to Postfix ≤ 2.8. </p>
> - 
> - <p> Changing the parameter value to "yes" has the following effects:
> - </p>
> - 
> - <ul>
> - 
> - <li> <p> Existing queue file names are not affected. </p>
> - 
> - <li> <p> New queue files are created with names such as 3Pt2mN2VXxznjll.
> - These are encoded in a 52-character alphabet that contains digits
> - (0-9), upper-case letters (B-Z) and lower-case letters (b-z). For
> - safety reasons the vowels (AEIOUaeiou) are excluded from the alphabet.
> - The name format is: 6 or more characters for the time in seconds,
> - 4 characters for the time in microseconds, the 'z'; the remainder
> - is the file inode number encoded in the first 51 characters of the
> - 52-character alphabet.  </p>
> - 
> - <li> <p> New messages have a Message-ID header with
> - <i>queueID</i>@<i><a href="postconf.5.html#myhostname">myhostname</a></i>.  </p>
> - 
> - <li> <p> The mailq (postqueue -p) output has a wider Queue ID column.
> - The number of whitespace-separated fields is not changed. <p>
> - 
> - <li> <p> The <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> algorithm uses the first characters
> - of the queue file creation time in microseconds, after conversion
> - into hexadecimal representation. This produces the same queue hashing
> - behavior as if the queue file name was created with "<a href="postconf.5.html#enable_long_queue_ids">enable_long_queue_ids</a>
> - = no". </p>
> - 
> - </ul>
> - 
> - <p> Changing the parameter value to "no" has the following effects:
> - </p>
> - 
> - <ul>
> - 
> - <li> <p> Existing long queue file names are renamed to the short
> - form (while running "postfix reload" or "postsuper").  </p>
> - 
> - <li> <p> New queue files are created with names such as C3CD21F3E90
> - from a hexadecimal alphabet that contains digits (0-9) and upper-case
> - letters (A-F). The name format is: 5 characters for the time in
> - microseconds; the remainder is the file inode number. </p>
> - 
> - <li> <p> New messages have a Message-ID header with
> - <i>YYYYMMDDHHMMSS.queueid</i>@<i><a href="postconf.5.html#myhostname">myhostname</a></i>, where
> - <i>YYYYMMDDHHMMSS</i> are the year, month, day, hour, minute and
> - second.
> - 
> - <li> <p> The mailq (postqueue -p) output has the same format as
> - with Postfix ≤ 2.8. <p>
> - 
> - <li> <p> The <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> algorithm uses the first characters
> - of the queue file name, with the hexadecimal representation of the
> - file creation time in microseconds.  </p>
> - 
> - </ul>
> - 
> - <p> Before migration to Postfix ≤ 2.8, the following commands
> - are required to convert long queue file names into short names: </p>
> - 
> - <pre>
> - # postfix stop
> - # postconf <a href="postconf.5.html#enable_long_queue_ids">enable_long_queue_ids</a>=no
> - # postsuper
> - </pre>
> - 
> - <p> Repeat the postsuper command until it reports no more queue file
> - name changes. </p>
> - 
> - <p> This feature is available in Postfix 2.9 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="enable_original_recipient">enable_original_recipient</a>
> --- 2546,2547 ----
> ***************
> *** 3254,3267 ****
>   The number of subdirectory levels for queue directories listed with
> ! the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter. Queue hashing is implemented by
> ! creating one or more levels of directories with one-character names.
> ! Originally, these directory names were equal to the first characters
> ! of the queue file name, with the hexadecimal representation of the
> ! file creation time in microseconds. </p>
> ! 
> ! <p> With long queue file names, queue hashing produces the same
> ! results as with short names. The file creation time in microseconds
> ! is converted into hexadecimal form before the result is used for
> ! queue hashing.  The base 16 encoding gives finer control over the
> ! number of subdirectories than is possible with the base 52 encoding
> ! of long queue file names.  </p>
>   
> --- 2962,2965 ----
>   The number of subdirectory levels for queue directories listed with
> ! the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
> ! </p>
>   
> ***************
> *** 3460,3462 ****
>   <p>
> ! With the default 100 Postfix SMTP server process limit, "<a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
>   = 1s" limits the mail inflow to 100 messages per second above the
> --- 3158,3160 ----
>   <p>
> ! With the default 100 SMTP server process limit, "<a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
>   = 1s" limits the mail inflow to 100 messages per second above the
> ***************
> *** 3497,3500 ****
>   "inside" and "outside" interfaces, this can prevent each instance from
> ! being able to reach remote SMTP servers on the "other side" of the
> ! firewall. Setting
>   <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> to 0.0.0.0 avoids the potential problem for
> --- 3195,3197 ----
>   "inside" and "outside" interfaces, this can prevent each instance from
> ! being able to reach servers on the "other side" of the firewall. Setting
>   <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> to 0.0.0.0 avoids the potential problem for
> ***************
> *** 3536,3538 ****
>   <DT><b><a name="inet_protocols">inet_protocols</a>
> ! (default: all)</b></DT><DD>
>   
> --- 3233,3235 ----
>   <DT><b><a name="inet_protocols">inet_protocols</a>
> ! (default: ipv4)</b></DT><DD>
>   
> ***************
> *** 3544,3552 ****
>   
> - <p> With Postfix 2.8 and earlier the default is "ipv4". For backwards
> - compatibility with these releases, the Postfix 2.9 and later upgrade
> - procedure appends an explicit "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4" setting to
> - <a href="postconf.5.html">main.cf</a> when no explicit setting is present. This compatibility
> - workaround will be phased out as IPv6 deployment becomes more common.
> - </p>
> - 
>   <p> This feature is available in Postfix 2.2 and later. </p>
> --- 3241,3242 ----
> ***************
> *** 3564,3566 ****
>   <p> When IPv4 support is enabled via the <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter,
> ! Postfix will look up DNS type A records, and will convert
>   IPv4-in-IPv6 client IP addresses (::ffff:1.2.3.4) to their original
> --- 3254,3256 ----
>   <p> When IPv4 support is enabled via the <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter,
> ! Postfix will to DNS type A record lookups, and will convert
>   IPv4-in-IPv6 client IP addresses (::ffff:1.2.3.4) to their original
> ***************
> *** 3581,3584 ****
>   <pre>
> ! <a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4
> ! <a href="postconf.5.html#inet_protocols">inet_protocols</a> = all (DEFAULT)
>   <a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv6
> --- 3271,3274 ----
>   <pre>
> ! <a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4 (DEFAULT)
> ! <a href="postconf.5.html#inet_protocols">inet_protocols</a> = all
>   <a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv6
> ***************
> *** 3659,3663 ****
>   The time after which a client closes an idle internal communication
> ! channel.  The purpose is to allow Postfix daemon processes to
> ! terminate voluntarily after they become idle. This is used, for
> ! example, by the Postfix address resolving and rewriting clients.
>   </p>
> --- 3349,3353 ----
>   The time after which a client closes an idle internal communication
> ! channel.  The purpose is to allow servers to terminate voluntarily
> ! after they become idle. This is used, for example, by the address
> ! resolving and rewriting clients.
>   </p>
> ***************
> *** 3697,3702 ****
>   The time after which a client closes an active internal communication
> ! channel.  The purpose is to allow Postfix daemon processes to
> ! terminate voluntarily
>   after reaching their client limit.  This is used, for example, by
> ! the Postfix address resolving and rewriting clients.
>   </p>
> --- 3387,3391 ----
>   The time after which a client closes an active internal communication
> ! channel.  The purpose is to allow servers to terminate voluntarily
>   after reaching their client limit.  This is used, for example, by
> ! the address resolving and rewriting clients.
>   </p>
> ***************
> *** 3724,3749 ****
>   
> - <DT><b><a name="lmtp_address_preference">lmtp_address_preference</a>
> - (default: ipv6)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.8 and later.  </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="lmtp_assume_final">lmtp_assume_final</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> When a remote LMTP server announces no DSN support, assume that
> - the
> - server performs final delivery, and send "delivered" delivery status
> - notifications instead of "relayed". The default setting is backwards
> - compatible to avoid the infinetisimal possibility of breaking
> - existing LMTP-based content filters. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_bind_address">lmtp_bind_address</a>
> --- 3413,3414 ----
> ***************
> *** 3770,3782 ****
>   
> - <DT><b><a name="lmtp_body_checks">lmtp_body_checks</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a> configuration
> - parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.5 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_cache_connection">lmtp_cache_connection</a>
> --- 3435,3436 ----
> ***************
> *** 3790,3800 ****
>   
> - <p> This parameter is available in Postfix version 2.2 and earlier.
> - With Postfix version 2.3 and later, see <a href="postconf.5.html#lmtp_connection_cache_on_demand">lmtp_connection_cache_on_demand</a>,
> - <a href="postconf.5.html#lmtp_connection_cache_destinations">lmtp_connection_cache_destinations</a>, or <a href="postconf.5.html#lmtp_connection_reuse_time_limit">lmtp_connection_reuse_time_limit</a>.
> - </p>
> - 
>   <p>
>   The effectiveness of cached connections will be determined by the
> ! number of remote LMTP servers in use, and the concurrency limit specified
> ! for the Postfix LMTP client. Cached connections are closed under any of
>   the following conditions:
> --- 3444,3449 ----
>   
>   <p>
>   The effectiveness of cached connections will be determined by the
> ! number of LMTP servers in use, and the concurrency limit specified
> ! for the LMTP client. Cached connections are closed under any of
>   the following conditions:
> ***************
> *** 3804,3806 ****
>   
> ! <li> The Postfix LMTP client idle time limit is reached.  This limit is
>   specified with the Postfix <a href="postconf.5.html#max_idle">max_idle</a> configuration parameter.
> --- 3453,3455 ----
>   
> ! <li> The LMTP client idle time limit is reached.  This limit is
>   specified with the Postfix <a href="postconf.5.html#max_idle">max_idle</a> configuration parameter.
> ***************
> *** 3814,3816 ****
>   
> ! <li> Upon the onset of another delivery request, the remote LMTP server
>   associated with the current session does not respond to the RSET
> --- 3463,3465 ----
>   
> ! <li> Upon the onset of another delivery request, the LMTP server
>   associated with the current session does not respond to the RSET
> ***************
> *** 3821,3823 ****
>   <p>
> ! Most of these limitations have been with the Postfix
>   a connection cache that is shared among multiple LMTP client
> --- 3470,3472 ----
>   <p>
> ! Most of these limitations will be removed after Postfix implements
>   a connection cache that is shared among multiple LMTP client
> ***************
> *** 3843,3845 ****
>   
> ! <p> The Postfix LMTP client time limit for completing a TCP connection, or
>   zero (use the operating system built-in time limit).  When no
> --- 3492,3494 ----
>   
> ! <p> The LMTP client time limit for completing a TCP connection, or
>   zero (use the operating system built-in time limit).  When no
> ***************
> *** 3912,3917 ****
>   
> ! <p> The Postfix LMTP client time limit for sending the LMTP ".",
> ! and for receiving the remote LMTP server response.  When no response
> ! is received within the deadline, a warning is logged that the mail
> ! may be delivered multiple times.  </p>
>   
> --- 3561,3566 ----
>   
> ! <p> The LMTP client time limit for sending the LMTP ".", and for
> ! receiving the server response.  When no response is received within
> ! the deadline, a warning is logged that the mail may be delivered
> ! multiple times.  </p>
>   
> ***************
> *** 3929,3933 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the LMTP DATA command,
> ! and
> ! for receiving the remote LMTP server response.
>   </p>
> --- 3578,3581 ----
>   <p>
> ! The LMTP client time limit for sending the LMTP DATA command, and
> ! for receiving the server response.
>   </p>
> ***************
> *** 3946,3949 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the LMTP message
> ! content.
>   When the connection stalls for more than $<a href="postconf.5.html#lmtp_data_xfer_timeout">lmtp_data_xfer_timeout</a>
> --- 3594,3596 ----
>   <p>
> ! The LMTP client time limit for sending the LMTP message content.
>   When the connection stalls for more than $<a href="postconf.5.html#lmtp_data_xfer_timeout">lmtp_data_xfer_timeout</a>
> ***************
> *** 4002,4005 ****
>   case insensitive lists of LHLO keywords (pipelining, starttls,
> ! auth, etc.) that the Postfix LMTP client will ignore in the LHLO
> ! response
>   from a remote LMTP server. See <a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> for
> --- 3649,3651 ----
>   case insensitive lists of LHLO keywords (pipelining, starttls,
> ! auth, etc.) that the LMTP client will ignore in the LHLO response
>   from a remote LMTP server. See <a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> for
> ***************
> *** 4017,4020 ****
>   <p> A case insensitive list of LHLO keywords (pipelining, starttls,
> ! auth, etc.) that the Postfix LMTP client will ignore in the LHLO
> ! response
>   from a remote LMTP server. </p>
> --- 3663,3665 ----
>   <p> A case insensitive list of LHLO keywords (pipelining, starttls,
> ! auth, etc.) that the LMTP client will ignore in the LHLO response
>   from a remote LMTP server. </p>
> ***************
> *** 4038,4050 ****
>   
> - <DT><b><a name="lmtp_dns_resolver_options">lmtp_dns_resolver_options</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_dns_resolver_options">smtp_dns_resolver_options</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.8 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_enforce_tls">lmtp_enforce_tls</a>
> --- 3683,3684 ----
> ***************
> *** 4071,4083 ****
>   
> - <DT><b><a name="lmtp_header_checks">lmtp_header_checks</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a> configuration
> - parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.5 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_host_lookup">lmtp_host_lookup</a>
> --- 3705,3706 ----
> ***************
> *** 4114,4116 ****
>   /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     mylmtp ... lmtp -o <a href="postconf.5.html#lmtp_lhlo_name">lmtp_lhlo_name</a>=foo.bar.com
>   </pre>
> --- 3737,3739 ----
>   /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     mylmtp ... lmtp -o <a href="postconf.5.html#lmtp_lhloname">lmtp_lhlo_name</a>=foo.bar.com
>   </pre>
> ***************
> *** 4128,4131 ****
>   
> ! <p> The Postfix LMTP client time limit for sending the LHLO command,
> ! and for receiving the initial remote LMTP server response. </p>
>   
> --- 3751,3754 ----
>   
> ! <p> The LMTP client time limit for sending the LHLO command, and
> ! for receiving the initial server response. </p>
>   
> ***************
> *** 4152,4155 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the MAIL FROM command,
> ! and for receiving the remote LMTP server response.
>   </p>
> --- 3775,3778 ----
>   <p>
> ! The LMTP client time limit for sending the MAIL FROM command, and
> ! for receiving the server response.
>   </p>
> ***************
> *** 4164,4176 ****
>   
> - <DT><b><a name="lmtp_mime_header_checks">lmtp_mime_header_checks</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a>
> - configuration parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.5 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_mx_address_limit">lmtp_mx_address_limit</a>
> --- 3787,3788 ----
> ***************
> *** 4197,4220 ****
>   
> - <DT><b><a name="lmtp_nested_header_checks">lmtp_nested_header_checks</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a>
> - configuration parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.5 and later. </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="lmtp_per_record_deadline">lmtp_per_record_deadline</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.9 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_pix_workaround_delay_time">lmtp_pix_workaround_delay_time</a>
> --- 3809,3810 ----
> ***************
> *** 4267,4270 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the QUIT command,
> ! and for receiving the remote LMTP server response.
>   </p>
> --- 3857,3860 ----
>   <p>
> ! The LMTP client time limit for sending the QUIT command, and for
> ! receiving the server response.
>   </p>
> ***************
> *** 4305,4308 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the RCPT TO command,
> ! and for receiving the remote LMTP server response.
>   </p>
> --- 3895,3898 ----
>   <p>
> ! The LMTP client time limit for sending the RCPT TO command, and
> ! for receiving the server response.
>   </p>
> ***************
> *** 4317,4329 ****
>   
> - <DT><b><a name="lmtp_reply_filter">lmtp_reply_filter</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.7 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_rset_timeout">lmtp_rset_timeout</a>
> --- 3907,3908 ----
> ***************
> *** 4331,4335 ****
>   
> ! <p> The Postfix LMTP client time limit for sending the RSET command,
> ! and for receiving the remote LMTP server response. The LMTP client
> ! sends RSET in
>   order to finish a recipient address probe, or to verify that a
> --- 3910,3913 ----
>   
> ! <p> The LMTP client time limit for sending the RSET command, and
> ! for receiving the server response. The LMTP client sends RSET in
>   order to finish a recipient address probe, or to verify that a
> ***************
> *** 4403,4405 ****
>   <p>
> ! Optional Postfix LMTP client lookup tables with one username:password entry
>   per host or domain.  If a remote host or domain has no username:password
> --- 3981,3983 ----
>   <p>
> ! Optional LMTP client lookup tables with one username:password entry
>   per host or domain.  If a remote host or domain has no username:password
> ***************
> *** 4503,4515 ****
>   
> - <DT><b><a name="lmtp_send_dummy_mail_auth">lmtp_send_dummy_mail_auth</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.9 and later.  </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_send_xforward_command">lmtp_send_xforward_command</a>
> --- 4081,4082 ----
> ***************
> *** 4518,4520 ****
>   <p>
> ! Send an XFORWARD command to the remote LMTP server when the LMTP LHLO
>   server response announces XFORWARD support.  This allows an <a href="lmtp.8.html">lmtp(8)</a>
> --- 4085,4087 ----
>   <p>
> ! Send an XFORWARD command to the LMTP server when the LMTP LHLO
>   server response announces XFORWARD support.  This allows an <a href="lmtp.8.html">lmtp(8)</a>
> ***************
> *** 4609,4621 ****
>   
> - <DT><b><a name="lmtp_tls_block_early_mail_reply">lmtp_tls_block_early_mail_reply</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a>
> - configuration parameter.  See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.7 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_tls_cert_file">lmtp_tls_cert_file</a>
> --- 4176,4177 ----
> ***************
> *** 4631,4643 ****
>   
> - <DT><b><a name="lmtp_tls_ciphers">lmtp_tls_ciphers</a>
> - (default: export)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> configuration
> - parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_tls_dcert_file">lmtp_tls_dcert_file</a>
> --- 4187,4188 ----
> ***************
> *** 4664,4673 ****
>   
> ! <DT><b><a name="lmtp_tls_eccert_file">lmtp_tls_eccert_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> configuration
> ! parameter.  See there for details. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
> --- 4209,4217 ----
>   
> ! <DT><b><a name="lmtp_tls_enforce_peername">lmtp_tls_enforce_peername</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! configuration parameter.  See there for details. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 4676,4707 ****
>   
> ! <DT><b><a name="lmtp_tls_eckey_file">lmtp_tls_eckey_file</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> configuration
> ! parameter.  See there for details. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="lmtp_tls_enforce_peername">lmtp_tls_enforce_peername</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! configuration parameter.  See there for details. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="lmtp_tls_exclude_ciphers">lmtp_tls_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
> ! configuration parameter.  See there for details. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> --- 4220,4228 ----
>   
> ! <DT><b><a name="lmtp_tls_exclude_ciphers">lmtp_tls_exclude_ciphers</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
> ! configuration parameter.  See there for details. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 4820,4832 ****
>   
> - <DT><b><a name="lmtp_tls_protocols">lmtp_tls_protocols</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> configuration
> - parameter. See there for details. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="lmtp_tls_scert_verifydepth">lmtp_tls_scert_verifydepth</a>
> --- 4341,4342 ----
> ***************
> *** 4912,4915 ****
>   <p>
> ! The Postfix LMTP client time limit for sending the XFORWARD command,
> ! and for receiving the remote LMTP server response.
>   </p>
> --- 4422,4425 ----
>   <p>
> ! The LMTP client time limit for sending the XFORWARD command, and
> ! for receiving the server response.
>   </p>
> ***************
> *** 4939,4943 ****
>   By default, non-Postfix commands are executed directly; commands
> ! are given to given to the default shell (typically, /bin/sh) only
> ! when they contain shell meta characters or shell built-in commands.
> ! </p>
>   
> --- 4449,4452 ----
>   By default, non-Postfix commands are executed directly; commands
> ! are given to given to /bin/sh only when they contain shell meta
> ! characters or shell built-in commands.  </p>
>   
> ***************
> *** 4957,4959 ****
>   <a href="postconf.5.html#local_command_shell">local_command_shell</a> = /some/where/smrsh -c
> - <a href="postconf.5.html#local_command_shell">local_command_shell</a> = /bin/bash -c
>   </pre>
> --- 4466,4467 ----
> ***************
> *** 5038,5041 ****
>   <dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
> ! remote SMTP client TLS certificate fingerprint or public key fingerprint
> ! (Postfix 2.9 and later) is listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
>   The fingerprint digest algorithm is configurable via the
> --- 4546,4548 ----
>   <dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
> ! client TLS certificate fingerprint is listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
>   The fingerprint digest algorithm is configurable via the
> ***************
> *** 5047,5049 ****
>   <dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
> ! remote SMTP client TLS certificate is successfully verified, regardless of
>   whether it is listed on the server, and regardless of the certifying
> --- 4554,4556 ----
>   <dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
> ! client TLS certificate is successfully verified, regardless of
>   whether it is listed on the server, and regardless of the certifying
> ***************
> *** 5070,5072 ****
>   <pre>
> ! <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all
>   </pre>
> --- 4577,4579 ----
>   <pre>
> ! <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all
>   </pre>
> ***************
> *** 5178,5181 ****
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> destination is optional; its syntax is documented
> ! in the manual page of the corresponding delivery agent.
>   </p>
> --- 4685,4688 ----
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> part is optional.  For more details see the
> ! <a href="transport.5.html">transport(5)</a> manual page.
>   </p>
> ***************
> *** 5626,5629 ****
>   client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
> ! <a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a>, <a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or
> ! <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> restriction.
>   </p>
> --- 5133,5135 ----
>   client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
> ! <a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> restriction.
>   </p>
> ***************
> *** 5715,5717 ****
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> --- 5221,5223 ----
>   <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ***************
> *** 5763,5797 ****
>   
> - <DT><b><a name="master_service_disable">master_service_disable</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> Selectively disable <a href="master.8.html">master(8)</a> listener ports by service type
> - or by service name and type.  Specify a list of service types
> - ("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
> - "name" is the first field of a <a href="master.5.html">master.cf</a> entry and "type" is a
> - service type. As with other Postfix matchlists, a search stops at
> - the first match.  Specify "!pattern" to exclude a service from the
> - list. By default, all <a href="master.8.html">master(8)</a> listener ports are enabled.  </p>
> - 
> - <p> Note: this feature does not support "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
> - patterns, nor does it support wildcards such as "*" or "all". This
> - is intentional. </p>
> - 
> - <p> Examples: </p>
> - 
> - <pre>
> - # Turn on all <a href="master.8.html">master(8)</a> listener ports (the default).
> - <a href="postconf.5.html#master_service_disable">master_service_disable</a> =
> - # Turn off only the main SMTP listener port.
> - <a href="postconf.5.html#master_service_disable">master_service_disable</a> = smtp.inet
> - # Turn off all TCP/IP listener ports.
> - <a href="postconf.5.html#master_service_disable">master_service_disable</a> = inet
> - # Turn off all TCP/IP listener ports except "foo".
> - <a href="postconf.5.html#master_service_disable">master_service_disable</a> = !foo.inet, inet
> - </pre>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="max_idle">max_idle</a>
> --- 5269,5270 ----
> ***************
> *** 5874,5882 ****
>   
> - <p> Note 1: this feature does not recognize text that requires MIME
> - decoding. It inspects raw message content, just like <a href="postconf.5.html#header_checks">header_checks</a>
> - and <a href="postconf.5.html#body_checks">body_checks</a>.  </p>
> - 
> - <p> Note 2: this feature is disabled with "<a href="postconf.5.html#receive_override_options">receive_override_options</a>
> - = <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>".  </p>
> - 
>   <p> Example: </p>
> --- 5347,5348 ----
> ***************
> *** 5915,5923 ****
>   
> - <p> Note 1: this feature does not recognize text that requires MIME
> - decoding. It inspects raw message content, just like <a href="postconf.5.html#header_checks">header_checks</a>
> - and <a href="postconf.5.html#body_checks">body_checks</a>.  </p>
> - 
> - <p> Note 2: this feature is disabled with "<a href="postconf.5.html#receive_override_options">receive_override_options</a>
> - = <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>".  </p>
> - 
>   <p> Example: </p>
> --- 5381,5382 ----
> ***************
> *** 5951,5953 ****
>   <DT><b><a name="milter_connect_macros">milter_connect_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5410,5412 ----
>   <DT><b><a name="milter_connect_macros">milter_connect_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 5997,5999 ****
>   <DT><b><a name="milter_data_macros">milter_data_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5456,5458 ----
>   <DT><b><a name="milter_data_macros">milter_data_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6025,6029 ****
>   
> - <dt>quarantine</dt> <dd>Like "accept", but freeze the message in
> - the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>. Available with Postfix 2.6 and later. </dd>
> - 
>   </dl>
> --- 5484,5485 ----
> ***************
> *** 6036,6038 ****
>   <DT><b><a name="milter_end_of_data_macros">milter_end_of_data_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5492,5494 ----
>   <DT><b><a name="milter_end_of_data_macros">milter_end_of_data_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6048,6050 ****
>   <DT><b><a name="milter_end_of_header_macros">milter_end_of_header_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5504,5506 ----
>   <DT><b><a name="milter_end_of_header_macros">milter_end_of_header_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6059,6094 ****
>   
> - <DT><b><a name="milter_header_checks">milter_header_checks</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> Optional lookup tables for content inspection of message headers
> - that are produced by Milter applications.  See the <a href="header_checks.5.html">header_checks(5)</a>
> - manual page available actions. Currently, PREPEND is not implemented.
> - </p>
> - 
> - <p> The following example sends all mail that is marked as SPAM to
> - a spam handling machine. Note that matches are case-insensitive
> - by default. </p>
> - 
> - <pre>
> - /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> -     <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>
> - </pre>
> - 
> - <pre>
> - /etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>:
> -     /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
> - </pre>
> - 
> - <p> The <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> mechanism could also be used for
> - whitelisting. For example it could be used to skip heavy content
> - inspection for DKIM-signed mail from known friendly domains. </p>
> - 
> - <p> This feature is available in Postfix 2.7, and as an optional
> - patch for Postfix 2.6. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="milter_helo_macros">milter_helo_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5515,5518 ----
>   
>   <DT><b><a name="milter_helo_macros">milter_helo_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6129,6131 ****
>   <DT><b><a name="milter_mail_macros">milter_mail_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5553,5555 ----
>   <DT><b><a name="milter_mail_macros">milter_mail_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6141,6147 ****
>   <DT><b><a name="milter_protocol">milter_protocol</a>
> ! (default: 6)</b></DT><DD>
>   
>   <p> The mail filter protocol version and optional protocol extensions
> ! for communication with a Milter application; prior to Postfix 2.6
> ! the default protocol is 2. Postfix
>   sends this version number during the initial protocol handshake.
> --- 5565,5570 ----
>   <DT><b><a name="milter_protocol">milter_protocol</a>
> ! (default: 2)</b></DT><DD>
>   
>   <p> The mail filter protocol version and optional protocol extensions
> ! for communication with a Milter (mail filter) application. Postfix
>   sends this version number during the initial protocol handshake.
> ***************
> *** 6155,6158 ****
>   <dt>2</dt> <dd>Use Sendmail 8 mail filter protocol version 2 (default
> ! with Sendmail version 8.11 .. 8.13 and Postfix version 2.3 ..
> ! 2.5).</dd>
>   
> --- 5578,5580 ----
>   <dt>2</dt> <dd>Use Sendmail 8 mail filter protocol version 2 (default
> ! as of Sendmail version 8.11).</dd>
>   
> ***************
> *** 6163,6165 ****
>   <dt>6</dt> <dd>Use Sendmail 8 mail filter protocol version 6 (default
> ! with Sendmail version 8.14 and Postfix version 2.6).</dd>
>   
> --- 5585,5587 ----
>   <dt>6</dt> <dd>Use Sendmail 8 mail filter protocol version 6 (default
> ! as of Sendmail version 8.14).</dd>
>   
> ***************
> *** 6182,6184 ****
>   <DT><b><a name="milter_rcpt_macros">milter_rcpt_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5604,5606 ----
>   <DT><b><a name="milter_rcpt_macros">milter_rcpt_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6194,6196 ****
>   <DT><b><a name="milter_unknown_command_macros">milter_unknown_command_macros</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 5616,5618 ----
>   <DT><b><a name="milter_unknown_command_macros">milter_unknown_command_macros</a>
> ! (default: see postconf -n output)</b></DT><DD>
>   
> ***************
> *** 6275,6361 ****
>   
> - <DT><b><a name="multi_instance_directories">multi_instance_directories</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> An optional list of non-default Postfix configuration directories;
> - these directories belong to additional Postfix instances that share
> - the Postfix executable files and documentation with the default
> - Postfix instance, and that are started, stopped, etc., together
> - with the default Postfix instance.  Specify a list of pathnames
> - separated by comma or whitespace.  </p>
> - 
> - <p> When $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> is empty, the <a href="postfix.1.html">postfix(1)</a> command
> - runs in single-instance mode and operates on a single Postfix
> - instance only. Otherwise, the <a href="postfix.1.html">postfix(1)</a> command runs in multi-instance
> - mode and invokes the multi-instance manager specified with the
> - <a href="postconf.5.html#multi_instance_wrapper">multi_instance_wrapper</a> parameter. The multi-instance manager in
> - turn executes <a href="postfix.1.html">postfix(1)</a> commands for the default instance and for
> - all Postfix instances in $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>.  </p>
> - 
> - <p> Currently, this parameter setting is ignored except for the
> - default <a href="postconf.5.html">main.cf</a> file. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="multi_instance_enable">multi_instance_enable</a>
> - (default: no)</b></DT><DD>
> - 
> - <p> Allow this Postfix instance to be started, stopped, etc., by a
> - multi-instance manager.  By default, new instances are created in
> - a safe state that prevents them from being started inadvertently.
> - This parameter is reserved for the multi-instance manager.  </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="multi_instance_group">multi_instance_group</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The optional instance group name of this Postfix instance. A
> - group identifies closely-related Postfix instances that the
> - multi-instance manager can start, stop, etc., as a unit.  This
> - parameter is reserved for the multi-instance manager. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="multi_instance_name">multi_instance_name</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The optional instance name of this Postfix instance. This name
> - becomes also the default value for the <a href="postconf.5.html#syslog_name">syslog_name</a> parameter. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="multi_instance_wrapper">multi_instance_wrapper</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> The pathname of a multi-instance manager command that the
> - <a href="postfix.1.html">postfix(1)</a> command invokes when the <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
> - parameter value is non-empty. The pathname may be followed by
> - initial command arguments separated by whitespace; shell
> - metacharacters such as quotes are not supported in this context.
> - </p>
> - 
> - <p> The <a href="postfix.1.html">postfix(1)</a> command invokes the manager command with the
> - <a href="postfix.1.html">postfix(1)</a> non-option command arguments on the manager command line,
> - and with all installation configuration parameters exported into
> - the manager command process environment. The manager command in
> - turn invokes the <a href="postfix.1.html">postfix(1)</a> command for individual Postfix instances
> - as "postfix -c <i><a href="postconf.5.html#config_directory">config_directory</a></i> <i>command</i>".  </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a>
> --- 5697,5698 ----
> ***************
> *** 6449,6452 ****
>   The internet domain name of this mail system.  The default is to
> ! use $<a href="postconf.5.html#myhostname">myhostname</a> minus the first component, or "localdomain" (Postfix
> ! 2.3 and later).  $<a href="postconf.5.html#mydomain">mydomain</a> is used as
>   a default value for many other configuration parameters.
> --- 5786,5788 ----
>   The internet domain name of this mail system.  The default is to
> ! use $<a href="postconf.5.html#myhostname">myhostname</a> minus the first component.  $<a href="postconf.5.html#mydomain">mydomain</a> is used as
>   a default value for many other configuration parameters.
> ***************
> *** 6470,6475 ****
>   The internet hostname of this mail system. The default is to use
> ! the fully-qualified domain name (FQDN) from gethostname(), or to
> ! use the non-FQDN result from gethostname() and append ".$<a href="postconf.5.html#mydomain">mydomain</a>".
> ! $<a href="postconf.5.html#myhostname">myhostname</a> is used as a default value for many other configuration
> ! parameters.  </p>
>   
> --- 5806,5810 ----
>   The internet hostname of this mail system. The default is to use
> ! the fully-qualified domain name from gethostname(). $<a href="postconf.5.html#myhostname">myhostname</a> is
> ! used as a default value for many other configuration parameters.
> ! </p>
>   
> ***************
> *** 6480,6482 ****
>   <pre>
> ! <a href="postconf.5.html#myhostname">myhostname</a> = host.example.com
>   </pre>
> --- 5815,5817 ----
>   <pre>
> ! <a href="postconf.5.html#myhostname">myhostname</a> = host.domain.tld
>   </pre>
> ***************
> *** 6490,6492 ****
>   <p>
> ! The list of "trusted" remote SMTP clients that have more privileges than
>   "strangers".
> --- 5825,5827 ----
>   <p>
> ! The list of "trusted" SMTP clients that have more privileges than
>   "strangers".
> ***************
> *** 6559,6561 ****
>   <li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" when Postfix
> ! should "trust" remote SMTP clients in the same IP subnetworks as the local
>   machine.  On Linux, this works correctly only with interfaces
> --- 5894,5896 ----
>   <li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" when Postfix
> ! should "trust" SMTP clients in the same IP subnetworks as the local
>   machine.  On Linux, this works correctly only with interfaces
> ***************
> *** 6564,6566 ****
>   <li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" when Postfix should
> ! "trust" remote SMTP clients in the same IP class A/B/C networks as the
>   local machine.  Don't do this with a dialup site - it would cause
> --- 5899,5901 ----
>   <li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" when Postfix should
> ! "trust" SMTP clients in the same IP class A/B/C networks as the
>   local machine.  Don't do this with a dialup site - it would cause
> ***************
> *** 6645,6648 ****
>   via the Postfix <a href="qmqpd.8.html">qmqpd(8)</a> server, and old mail that is re-injected
> ! into the queue with "postsuper -r".  Specify space or comma as
> ! separator. See the <a href="MILTER_README.html">MILTER_README</a> document for details.  </p>
>   
> --- 5980,5983 ----
>   via the Postfix <a href="qmqpd.8.html">qmqpd(8)</a> server, and old mail that is re-injected
> ! into the queue with "postsuper -r".  See the <a href="MILTER_README.html">MILTER_README</a> document
> ! for details.  </p>
>   
> ***************
> *** 6688,6697 ****
>   
> - <dt><b>data</b></dt>
> - 
> - <dd>Send the postmaster a transcript of the SMTP session with an
> - error because a critical data file was unavailable. The notification
> - is sent to the address specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a>
> - configuration parameter (default: postmaster). <br> This feature
> - is available in Postfix 2.9 and later.  </dd>
> - 
>   <dt><b>delay</b></dt>
> --- 6023,6024 ----
> ***************
> *** 6778,6781 ****
>   only domains whose primary MX hosts match the listed networks.
> ! The parameter value syntax is the same as with the <a href="postconf.5.html#mynetworks">mynetworks</a>
> ! parameter; note, however, that the default value is empty.  </p>
>   
> --- 6105,6107 ----
>   only domains whose primary MX hosts match the listed networks.
> ! </p>
>   
> ***************
> *** 6812,6834 ****
>   
> ! <DT><b><a name="postmulti_control_commands">postmulti_control_commands</a>
> ! (default: reload flush)</b></DT><DD>
> ! 
> ! <p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager
> ! treats as "control" commands, that operate on running instances. For
> ! these commands, disabled instances are skipped. </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postmulti_start_commands">postmulti_start_commands</a>
> ! (default: start)</b></DT><DD>
>   
> ! <p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager treats
> ! as "start" commands. For these commands, disabled instances are "checked"
> ! rather than "started", and failure to "start" a member instance of an
> ! instance group will abort the start-up of later instances. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
> --- 6138,6165 ----
>   
> ! <DT><b><a name="prepend_delivered_header">prepend_delivered_header</a>
> ! (default: command, file, forward)</b></DT><DD>
>   
> + <p> The message delivery contexts where the Postfix <a href="local.8.html">local(8)</a> delivery
> + agent prepends a Delivered-To:  message header with the address
> + that the mail was delivered to. This information is used for mail
> + delivery loop detection.  </p>
>   
> ! <p>
> ! By default, the Postfix local delivery agent prepends a Delivered-To:
> ! header when forwarding mail and when delivering to file (mailbox)
> ! and command. Turning off the Delivered-To: header when forwarding
> ! mail is not recommended.
> ! </p>
>   
> ! <p>
> ! Specify zero or more of <b>forward</b>, <b>file</b>, or <b>command</b>.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> = forward
> ! </pre>
>   
> ***************
> *** 6837,6846 ****
>   
> ! <DT><b><a name="postmulti_stop_commands">postmulti_stop_commands</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
> ! 
> ! <p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager treats
> ! as "stop" commands. For these commands, disabled instances are skipped,
> ! and enabled instances are processed in reverse order. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
> --- 6168,6175 ----
>   
> ! <DT><b><a name="process_id">process_id</a>
> ! (read-only)</b></DT><DD>
>   
> ! <p>
> ! The process ID of a Postfix command or daemon process.
> ! </p>
>   
> ***************
> *** 6849,6945 ****
>   
> ! <DT><b><a name="postscreen_access_list">postscreen_access_list</a>
> ! (default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>)</b></DT><DD>
>   
> ! <p> Permanent white/blacklist for remote SMTP client IP addresses.
> ! <a href="postscreen.8.html">postscreen(8)</a> searches this list immediately after a remote SMTP
> ! client connects.  Specify a comma- or whitespace-separated list of
> ! commands (in upper or lower case) or lookup tables. The search stops
> ! upon the first command that fires for the client IP address. </p>
>   
> - <dl>
>   
> ! <dt> <b> <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a> </b> </dt> <dd> Whitelist the client and
> ! terminate the search if the client IP address matches $<a href="postconf.5.html#mynetworks">mynetworks</a>.
> ! Do not subject the client to any before/after 220 greeting tests.
> ! Pass the connection immediately to a Postfix SMTP server process.
> ! </dd>
>   
> ! <dt> <b> <a href="DATABASE_README.html">type:table</a> </b> </dt> <dd> Query the specified lookup
> ! table. Each table lookup result is an access list, except that
> ! access lists inside a table cannot specify <a href="DATABASE_README.html">type:table</a> entries.  <br>
> ! To discourage the use of hash, btree, etc. tables, there is no
> ! support for substring matching like <a href="smtpd.8.html">smtpd(8)</a>. Use CIDR tables
> ! instead.  </dd>
> ! 
> ! <dt> <b> permit </b> </dt> <dd> Whitelist the client and terminate
> ! the search. Do not subject the client to any before/after 220
> ! greeting tests. Pass the connection immediately to a Postfix SMTP
> ! server process. </dd>
> ! 
> ! <dt> <b> reject </b> </dt> <dd> Blacklist the client and terminate
> ! the search. Subject the client to the action configured with the
> ! <a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> configuration parameter. </dd>
> ! 
> ! <dt> <b> dunno </b> </dt> <dd> All <a href="postscreen.8.html">postscreen(8)</a> access lists
> ! implicitly have this command at the end. <br> When <b> dunno </b>
> ! is executed inside a lookup table, return from the lookup table and
> ! evaluate the next command.  <br> When <b> dunno </b> is executed
> ! outside a lookup table, terminate the search, and subject the client
> ! to the configured before/after 220 greeting tests. </dd>
>   
> ! </dl>
>   
> - <p> Example: </p>
>   
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
> ! 		<a href="cidr_table.5.html">cidr</a>:/etc/postfix/postscreen_access.cidr
> !     <a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> = enforce
> ! </pre>
>   
> ! <pre>
> ! /etc/postfix/postscreen_access.<a href="cidr_table.5.html">cidr</a>:
> !     # Rules are evaluated in the order as specified.
> !     # Blacklist 192.168.* except 192.168.0.1.
> !     192.168.0.1         dunno
> !     192.168.0.0/16      reject
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_bare_newline_action">postscreen_bare_newline_action</a>
> ! (default: ignore)</b></DT><DD>
>   
> ! <p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client sends
> ! a bare newline character, that is, a newline not preceded by carriage
> ! return.  Specify one of the following: </p>
>   
> ! <dl>
>   
> - <dt> <b>ignore</b> </dt>
>   
> ! <dd> Ignore the failure of this test. Allow other tests to complete.
> ! Do <i>not</i> repeat this test before some the result from some
> ! other test expires.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail permanently. </dd>
>   
> ! <dt> <b>enforce</b> </dt>
>   
> ! <dd> Allow other tests to complete. Reject attempts to deliver mail
> ! with a 550 SMTP reply, and log the helo/sender/recipient information.
> ! Repeat this test the next time the client connects. </dd>
>   
> ! <dt> <b>drop</b> </dt>
>   
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects.  </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6178,6265 ----
>   
> ! <DT><b><a name="process_id_directory">process_id_directory</a>
> ! (default: pid)</b></DT><DD>
>   
> ! <p>
> ! The location of Postfix PID files relative to $<a href="postconf.5.html#queue_directory">queue_directory</a>.
> ! This is a read-only parameter.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="process_name">process_name</a>
> ! (read-only)</b></DT><DD>
>   
> ! <p>
> ! The process name of a Postfix command or daemon process.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="propagate_unmatched_extensions">propagate_unmatched_extensions</a>
> ! (default: canonical, virtual)</b></DT><DD>
>   
> ! <p>
> ! What address lookup tables copy an address extension from the lookup
> ! key to the lookup result.
> ! </p>
>   
> + <p>
> + For example, with a <a href="virtual.5.html">virtual(5)</a> mapping of "<i>joe at example.com =>
> + joe.user at example.net</i>", the address "<i>joe+foo at example.com</i>"
> + would rewrite to "<i>joe.user+foo at example.net</i>".
> + </p>
>   
> ! <p>
> ! Specify zero or more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>,
> ! <b>forward</b>, <b>include</b> or <b>generic</b>. These cause
> ! address extension
> ! propagation with <a href="canonical.5.html">canonical(5)</a>, <a href="virtual.5.html">virtual(5)</a>, and <a href="aliases.5.html">aliases(5)</a> maps,
> ! with <a href="local.8.html">local(8)</a> .forward and :include: file lookups, and with <a href="smtp.8.html">smtp(8)</a>
> ! generic maps, respectively.  </p>
>   
> ! <p>
> ! Note: enabling this feature for types other than <b>canonical</b>
> ! and <b>virtual</b> is likely to cause problems when mail is forwarded
> ! to other sites, especially with mail that is sent to a mailing list
> ! exploder address.
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual, alias,
> !         forward, include
> ! <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="proxy_interfaces">proxy_interfaces</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! The network interface addresses that this mail system receives mail
> ! on by way of a proxy or network address translation unit.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ! <p> You must specify your "outside" proxy/NAT addresses when your
> ! system is a backup MX host for other domains, otherwise mail delivery
> ! loops will happen when the primary MX host is down.  </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
> ! </pre>
>   
> ***************
> *** 6948,6959 ****
>   
> ! <DT><b><a name="postscreen_bare_newline_enable">postscreen_bare_newline_enable</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enable "bare newline" SMTP protocol tests in the <a href="postscreen.8.html">postscreen(8)</a>
> ! server. These tests are expensive: a remote SMTP client must
> ! disconnect after
> ! it passes the test, before it can talk to a real Postfix SMTP server.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6268,6281 ----
>   
> ! <DT><b><a name="proxy_read_maps">proxy_read_maps</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
> ! access for the read-only service.
> ! Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.
>   </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 6962,6978 ****
>   
> ! <DT><b><a name="postscreen_bare_newline_ttl">postscreen_bare_newline_ttl</a>
> ! (default: 30d)</b></DT><DD>
> ! 
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
> ! a successful "bare newline" SMTP protocol test. During this
> ! time, the client IP address is excluded from this test. The default
> ! is long because a remote SMTP client must disconnect after it passes
> ! the test,
> ! before it can talk to a real Postfix SMTP server. </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6284,6296 ----
>   
> ! <DT><b><a name="proxy_write_maps">proxy_write_maps</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
> ! access for the read-write service. Postfix-owned local database
> ! files should be stored under the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>.
> ! Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.  </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.5 and later.
> ! </p>
>   
> ***************
> *** 6981,7012 ****
>   
> ! <DT><b><a name="postscreen_blacklist_action">postscreen_blacklist_action</a>
> ! (default: ignore)</b></DT><DD>
>   
> ! <p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client is
> ! permanently blacklisted with the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> parameter.
> ! Specify one of the following: </p>
>   
> ! <dl>
> ! 
> ! <dt> <b>ignore</b> (default) </dt>
> ! 
> ! <dd> Ignore  this result. Allow other tests to complete.  Repeat
> ! this test the next time the client connects.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail. </dd>
>   
> ! <dt> <b>enforce</b> </dt>
>   
> - <dd> Allow other tests to complete. Reject attempts to deliver mail
> - with a 550 SMTP reply, and log the helo/sender/recipient information.
> - Repeat this test the next time the client connects. </dd>
>   
> ! <dt> <b>drop</b> </dt>
>   
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects. </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6299,6332 ----
>   
> ! <DT><b><a name="qmgr_clog_warn_time">qmgr_clog_warn_time</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The minimal delay between warnings that a specific destination is
> ! clogging up the Postfix <a href="QSHAPE_README.html#active_queue">active queue</a>. Specify 0 to disable.
> ! </p>
>   
> ! <p>
> ! This feature is enabled with the <a href="postconf.5.html#helpful_warnings">helpful_warnings</a> parameter.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="qmgr_fudge_factor">qmgr_fudge_factor</a>
> ! (default: 100)</b></DT><DD>
>   
> ! <p>
> ! Obsolete feature: the percentage of delivery resources that a busy
> ! mail system will use up for delivery of a large mailing  list
> ! message.
> ! </p>
>   
> ! <p>
> ! This feature exists only in the <a href="qmgr.8.html">oqmgr(8)</a> old queue manager. The
> ! current queue manager solves the problem in a better way.
> ! </p>
>   
> ***************
> *** 7015,7035 ****
>   
> ! <DT><b><a name="postscreen_cache_cleanup_interval">postscreen_cache_cleanup_interval</a>
> ! (default: 12h)</b></DT><DD>
> ! 
> ! <p> The amount of time between <a href="postscreen.8.html">postscreen(8)</a> cache cleanup runs.
> ! Cache cleanup increases the load on the cache database and should
> ! therefore not be run frequently. This feature requires that the
> ! cache database supports the "delete" and "sequence" operators.
> ! Specify a zero interval to disable cache cleanup. </p>
> ! 
> ! <p> After each cache cleanup run, the <a href="postscreen.8.html">postscreen(8)</a> daemon logs the
> ! number of entries that were retained and dropped. A cleanup run is
> ! logged as "partial" when the daemon terminates early after "<b>postfix
> ! reload</b>", "<b>postfix stop</b>", or no requests for $<a href="postconf.5.html#max_idle">max_idle</a>
> ! seconds. </p>
> ! 
> ! <p> Time units: s (seconds), m (minutes), h (hours), d (days), w
> ! (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6335,6342 ----
>   
> ! <DT><b><a name="qmgr_message_active_limit">qmgr_message_active_limit</a>
> ! (default: 20000)</b></DT><DD>
>   
> ! <p>
> ! The maximal number of messages in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
> ! </p>
>   
> ***************
> *** 7038,7084 ****
>   
> ! <DT><b><a name="postscreen_cache_map">postscreen_cache_map</a>
> ! (default: btree:$<a href="postconf.5.html#data_directory">data_directory</a>/postscreen_cache)</b></DT><DD>
>   
> ! <p> Persistent storage for the <a href="postscreen.8.html">postscreen(8)</a> server decisions. </p>
>   
> - <p> To share a <a href="postscreen.8.html">postscreen(8)</a> cache between multiple <a href="postscreen.8.html">postscreen(8)</a>
> - instances, use "<a href="postconf.5.html#postscreen_cache_map">postscreen_cache_map</a> = <a href="proxymap.8.html">proxy</a>:btree:/path/to/file".
> - This requires Postfix version 2.9 or later; earlier <a href="proxymap.8.html">proxymap(8)</a>
> - implementations don't support cache cleanup. For an alternative
> - approach see the <a href="memcache_table.5.html">memcache_table(5)</a> manpage. </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> - <DT><b><a name="postscreen_cache_retention_time">postscreen_cache_retention_time</a>
> - (default: 7d)</b></DT><DD>
>   
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will cache an expired
> ! temporary whitelist entry before it is removed. This prevents clients
> ! from being logged as "NEW" just because their cache entry expired
> ! an hour ago. It also prevents the cache from filling up with clients
> ! that passed some deep protocol test once and never came back. </p>
>   
> ! <p> Time units: s (seconds), m (minutes), h (hours), d (days), w
> ! (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_client_connection_count_limit">postscreen_client_connection_count_limit</a>
> ! (default: $<a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>)</b></DT><DD>
>   
> ! <p> How many simultaneous connections any remote SMTP client is
> ! allowed to have
> ! with the <a href="postscreen.8.html">postscreen(8)</a> daemon. By default, this limit is the same
> ! as with the Postfix SMTP server. Note that the triage process can
> ! take several seconds, with the time spent in <a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a>
> ! delay, and with the time spent talking to the <a href="postscreen.8.html">postscreen(8)</a> built-in
> ! dummy SMTP protocol engine. </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6345,6404 ----
>   
> ! <DT><b><a name="qmgr_message_recipient_limit">qmgr_message_recipient_limit</a>
> ! (default: 20000)</b></DT><DD>
>   
> ! <p> The maximal number of recipients held in memory by the Postfix
> ! queue manager, and the maximal size of the size of the short-term,
> ! in-memory "dead" destination status cache.  </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="qmgr_message_recipient_minimum">qmgr_message_recipient_minimum</a>
> + (default: 10)</b></DT><DD>
>   
> ! <p>
> ! The minimal number of in-memory recipients for any message. This
> ! takes priority over any other in-memory recipient limits (i.e.,
> ! the global <a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a> and the per transport
> ! _recipient_limit) if necessary. The minimum value allowed for this
> ! parameter is 1.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="qmqpd_authorized_clients">qmqpd_authorized_clients</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! What clients are allowed to connect to the QMQP server port.
> ! </p>
>   
> + <p>
> + By default, no client is allowed to use the service. This is
> + because the QMQP server will relay mail to any destination.
> + </p>
>   
> ! <p>
> ! Specify a list of client patterns. A list pattern specifies a host
> ! name, a domain name, an internet address, or a network/mask pattern,
> ! where the mask specifies the number of bits in the network part.
> ! When a pattern specifies a file name, its contents are substituted
> ! for the file name; when a pattern is a "<a href="DATABASE_README.html">type:table</a>" table specification,
> ! table lookup is used instead.  </p>
>   
> ! <p>
> ! Patterns are separated by whitespace and/or commas. In order to
> ! reverse the result, precede a pattern with an
> ! exclamation point (!). The form "!/file/name" is supported only
> ! in Postfix version 2.4 and later.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a> = !192.168.0.1, 192.168.0.0/24
> ! </pre>
>   
> ***************
> *** 7087,7098 ****
>   
> ! <DT><b><a name="postscreen_command_count_limit">postscreen_command_count_limit</a>
> ! (default: 20)</b></DT><DD>
>   
> ! <p> The limit on the total number of commands per SMTP session for
> ! <a href="postscreen.8.html">postscreen(8)</a>'s built-in SMTP protocol engine.  This SMTP engine
> ! defers or rejects all attempts to deliver mail, therefore there is
> ! no need to enforce separate limits on the number of junk commands
> ! and error commands.  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6407,6416 ----
>   
> ! <DT><b><a name="qmqpd_client_port_logging">qmqpd_client_port_logging</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enable logging of the remote QMQP client port in addition to
> ! the hostname and IP address. The logging format is "host[address]:port".
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 7101,7109 ****
>   
> ! <DT><b><a name="postscreen_command_filter">postscreen_command_filter</a>
> ! (default: $<a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>)</b></DT><DD>
>   
> ! <p> A mechanism to transform commands from remote SMTP clients.
> ! See <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 6419,6433 ----
>   
> ! <DT><b><a name="qmqpd_error_delay">qmqpd_error_delay</a>
> ! (default: 1s)</b></DT><DD>
>   
> ! <p>
> ! How long the QMQP server will pause before sending a negative reply
> ! to the client. The purpose is to slow down confused or malicious
> ! clients.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ***************
> *** 7112,7120 ****
>   
> ! <DT><b><a name="postscreen_command_time_limit">postscreen_command_time_limit</a>
> ! (default: ${stress?10}${stress:300}s)</b></DT><DD>
>   
> ! <p> The time limit to read an entire command line with <a href="postscreen.8.html">postscreen(8)</a>'s
> ! built-in SMTP protocol engine. </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6436,6450 ----
>   
> ! <DT><b><a name="qmqpd_timeout">qmqpd_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The time limit for sending or receiving information over the network.
> ! If a read or write operation blocks for more than $<a href="postconf.5.html#qmqpd_timeout">qmqpd_timeout</a>
> ! seconds the QMQP server gives up and disconnects.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ***************
> *** 7123,7131 ****
>   
> ! <DT><b><a name="postscreen_disable_vrfy_command">postscreen_disable_vrfy_command</a>
> ! (default: $<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a>)</b></DT><DD>
> ! 
> ! <p> Disable the SMTP VRFY command in the <a href="postscreen.8.html">postscreen(8)</a> daemon.  See
> ! <a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a> for details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6453,6461 ----
>   
> ! <DT><b><a name="queue_directory">queue_directory</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The location of the Postfix top-level queue directory. This is the
> ! root directory of Postfix daemon processes that run chrooted.
> ! </p>
>   
> ***************
> *** 7134,7145 ****
>   
> ! <DT><b><a name="postscreen_discard_ehlo_keyword_address_maps">postscreen_discard_ehlo_keyword_address_maps</a>
> ! (default: $<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP client address, with
> ! case insensitive lists of EHLO keywords (pipelining, starttls, auth,
> ! etc.) that the <a href="postscreen.8.html">postscreen(8)</a> server will not send in the EHLO response
> ! to a remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> for details.
> ! The table is not searched by hostname for robustness reasons.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 6464,6477 ----
>   
> ! <DT><b><a name="queue_file_attribute_count_limit">queue_file_attribute_count_limit</a>
> ! (default: 100)</b></DT><DD>
>   
> ! <p>
> ! The maximal number of (name=value) attributes that may be stored
> ! in a Postfix queue file. The limit is enforced by the <a href="cleanup.8.html">cleanup(8)</a>
> ! server.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 7148,7193 ****
>   
> ! <DT><b><a name="postscreen_discard_ehlo_keywords">postscreen_discard_ehlo_keywords</a>
> ! (default: $<a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>)</b></DT><DD>
> ! 
> ! <p> A case insensitive list of EHLO keywords (pipelining, starttls,
> ! auth, etc.) that the <a href="postscreen.8.html">postscreen(8)</a> server will not send in the EHLO
> ! response to a remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>
> ! for details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> - <DT><b><a name="postscreen_dnsbl_action">postscreen_dnsbl_action</a>
> - (default: ignore)</b></DT><DD>
>   
> ! <p>The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client's combined
> ! DNSBL score is equal to or greater than a threshold (as defined
> ! with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> and <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>
> ! parameters).  Specify one of the following: </p>
>   
> ! <dl>
>   
> ! <dt> <b>ignore</b> (default) </dt>
>   
> ! <dd> Ignore the failure of this test. Allow other tests to complete.
> ! Repeat this test the next time the client connects.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail. </dd>
>   
> ! <dt> <b>enforce</b> </dt>
>   
> - <dd> Allow other tests to complete. Reject attempts to deliver mail
> - with a 550 SMTP reply, and log the helo/sender/recipient information.
> - Repeat this test the next time the client connects. </dd>
>   
> ! <dt> <b>drop</b> </dt>
>   
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects. </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6480,6535 ----
>   
> ! <DT><b><a name="queue_minfree">queue_minfree</a>
> ! (default: 0)</b></DT><DD>
>   
> ! <p>
> ! The minimal amount of free space in bytes in the queue file system
> ! that is needed to receive mail.  This is currently used by the SMTP
> ! server to decide if it will accept any mail at all.
> ! </p>
>   
> + <p>
> + By default, the Postfix version 2.1 SMTP server rejects MAIL FROM commands
> + when the amount of free space is less than 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>.
> + To specify a higher minimum free space limit, specify a <a href="postconf.5.html#queue_minfree">queue_minfree</a>
> + value that is at least 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>.
> + </p>
>   
> ! <p>
> ! With Postfix versions 2.0 and earlier, a <a href="postconf.5.html#queue_minfree">queue_minfree</a> value of
> ! zero means there is no minimum required amount of free space.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="queue_run_delay">queue_run_delay</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
> ! prior to Postfix 2.4 the default value was 1000s.
> ! </p>
>   
> ! <p> This parameter should be set less than or equal to
> ! $<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>. See also $<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a>.  </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="queue_service_name">queue_service_name</a>
> ! (default: qmgr)</b></DT><DD>
>   
> ! <p>
> ! The name of the <a href="qmgr.8.html">qmgr(8)</a> service. This service manages the Postfix
> ! queue and schedules delivery requests.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 7196,7224 ****
>   
> ! <DT><b><a name="postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> A mapping from actual DNSBL domain name which includes a secret
> ! password, to the DNSBL domain name that postscreen will reply with
> ! when it rejects mail.  When no mapping is found, the actual DNSBL
> ! domain will be used. </p>
>   
> ! <p> For maximal stability it is best to use a file that is read
> ! into memory such as <a href="pcre_table.5.html">pcre</a>:, <a href="regexp_table.5.html">regexp</a>: or <a href="DATABASE_README.html#types">texthash</a>: (<a href="DATABASE_README.html#types">texthash</a>: is similar
> ! to hash:, except a) there is no need to run <a href="postmap.1.html">postmap(1)</a> before the
> ! file can be used, and b) <a href="DATABASE_README.html#types">texthash</a>: does not detect changes after
> ! the file is read). </p>
>   
> - <p> Example: </p>
>   
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> = <a href="DATABASE_README.html#types">texthash</a>:/etc/postfix/dnsbl_reply
> ! </pre>
>   
> ! <pre>
> ! /etc/postfix/dnsbl_reply:
> !    secret.zen.spamhaus.org	zen.spamhaus.org
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6538,6564 ----
>   
> ! <DT><b><a name="rbl_reply_maps">rbl_reply_maps</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional lookup tables with RBL response templates. The tables are
> ! indexed by the RBL domain name. By default, Postfix uses the default
> ! template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration
> ! parameter. See there for a discussion of the syntax of RBL reply
> ! templates.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="readme_directory">readme_directory</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The location of Postfix README files that describe how to build,
> ! configure or operate a specific Postfix subsystem or feature.
> ! </p>
>   
> ***************
> *** 7227,7286 ****
>   
> ! <DT><b><a name="postscreen_dnsbl_sites">postscreen_dnsbl_sites</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>Optional list of DNS white/blacklist domains, filters and weight
> ! factors. When the list is non-empty, the <a href="dnsblog.8.html">dnsblog(8)</a> daemon will
> ! query these domains with the IP addresses of remote SMTP clients,
> ! and <a href="postscreen.8.html">postscreen(8)</a> will update an SMTP client's DNSBL score with
> ! each non-error reply. </p>
>   
> ! <p> Caution: when postscreen rejects mail, it replies with the DNSBL
> ! domain name. Use the <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> feature to hide
> ! "password" information in DNSBL domain names. </p>
>   
> ! <p> When a client's score is equal to or greater than the threshold
> ! specified with <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>, <a href="postscreen.8.html">postscreen(8)</a> can drop
> ! the connection with the remote SMTP client. </p>
>   
> ! <p> Specify a list of domain=filter*weight entries, separated by
> ! comma or whitespace.  </p>
>   
> ! <ul>
>   
> ! <li> <p> When no "=filter" is specified, <a href="postscreen.8.html">postscreen(8)</a> will use any
> ! non-error DNSBL reply.  Otherwise, <a href="postscreen.8.html">postscreen(8)</a> uses only DNSBL
> ! replies that match the filter. The filter has the form d.d.d.d,
> ! where each d is a number, or a pattern inside [] that contains one
> ! or more ";"-separated numbers or number..number ranges.  </p>
> ! 
> ! <li> <p> When no "*weight" is specified, <a href="postscreen.8.html">postscreen(8)</a> increments
> ! the remote SMTP client's DNSBL score by 1.  Otherwise, the weight must be
> ! an integral number, and <a href="postscreen.8.html">postscreen(8)</a> adds the specified weight to
> ! the remote SMTP client's DNSBL score.  Specify a negative number for
> ! whitelisting.  </p>
>   
> ! <li> <p> When one <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> entry produces multiple
> ! DNSBL responses, <a href="postscreen.8.html">postscreen(8)</a> applies the weight at most once.
> ! </p>
>   
> ! </ul>
>   
> ! <p> Examples: </p>
>   
> ! <p> To use example.com as a high-confidence blocklist, and to
> ! block mail with example.net and example.org only when both agree:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> = 2
> ! <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> = example.com*2, example.net, example.org
> ! </pre>
>   
> ! <p> To filter only DNSBL replies containing 127.0.0.4: </p>
>   
>   <pre>
> ! <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> = example.com=127.0.0.4
>   </pre>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6567,6628 ----
>   
> ! <DT><b><a name="receive_override_options">receive_override_options</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Enable or disable recipient validation, built-in content
> ! filtering, or address mapping. Typically, these are specified in
> ! <a href="master.5.html">master.cf</a> as command-line arguments for the <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a> or
> ! <a href="pickup.8.html">pickup(8)</a> daemons. </p>
> ! 
> ! <p> Specify zero or more of the following options.  The options
> ! override <a href="postconf.5.html">main.cf</a> settings and are either implemented by <a href="smtpd.8.html">smtpd(8)</a>,
> ! <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a> themselves, or they are forwarded to the
> ! cleanup server.  </p>
> ! 
> ! <dl>
>   
> ! <dt><b><a name="no_unknown_recipient_checks">no_unknown_recipient_checks</a></b></dt>
>   
> ! <dd>Do not try to reject unknown recipients (SMTP server only).
> ! This is typically specified AFTER an external content filter.
> ! </dd>
>   
> ! <dt><b><a name="no_address_mappings">no_address_mappings</a></b></dt>
>   
> ! <dd>Disable canonical address mapping, virtual alias map expansion,
> ! address masquerading, and automatic BCC (blind carbon-copy)
> ! recipients. This is typically specified BEFORE an external content
> ! filter. </dd>
>   
> ! <dt><b><a name="no_header_body_checks">no_header_body_checks</a></b></dt>
>   
> ! <dd>Disable header/body_checks. This is typically specified AFTER
> ! an external content filter. </dd>
>   
> ! <dt><b><a name="no_milters">no_milters</a></b></dt>
>   
> ! <dd>Disable Milter (mail filter) applications. This is typically
> ! specified AFTER an external content filter. </dd>
>   
> ! </dl>
>   
> ! <p>
> ! Note: when the "BEFORE content filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a>
> ! setting is specified in the <a href="postconf.5.html">main.cf</a> file, specify the "AFTER content
> ! filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a> setting in <a href="master.5.html">master.cf</a> (and vice
> ! versa).
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#receive_override_options">receive_override_options</a> =
> !     <a href="postconf.5.html#no_unknown_recipient_checks">no_unknown_recipient_checks</a>, <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>
> ! <a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
>   </pre>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 7289,7341 ****
>   
> ! <DT><b><a name="postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>
> ! (default: 1)</b></DT><DD>
> ! 
> ! <p> The inclusive lower bound for blocking a remote SMTP client, based on
> ! its combined DNSBL score as defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a>
> ! parameter. </p>
> ! 
> ! <p> This feature is available in Postfix 2.8.  </p>
> ! 
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>
> ! (default: 1h)</b></DT><DD>
>   
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
> ! a successful DNS blocklist test. During this time, the client IP address
> ! is excluded from this test. The default is relatively short, because a
> ! good client can immediately talk to a real Postfix SMTP server.
>   </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_enforce_tls">postscreen_enforce_tls</a>
> ! (default: $<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b></DT><DD>
>   
> ! <p> Mandatory TLS: announce STARTTLS support to remote SMTP clients, and
> ! require that clients use TLS encryption.  See smtpd_postscreen_enforce_tls
> ! for details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later.
> ! Preferably, use <a href="postconf.5.html#postscreen_tls_security_level">postscreen_tls_security_level</a> instead. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_expansion_filter">postscreen_expansion_filter</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> List of characters that are permitted in <a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a>
> ! attribute expansions.  See <a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> for further
> ! details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 6631,6690 ----
>   
> ! <DT><b><a name="recipient_bcc_maps">recipient_bcc_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional BCC (blind carbon-copy) address lookup tables, indexed by
> ! recipient address.  The BCC address (multiple results are not
> ! supported) is added when mail enters from outside of Postfix.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ! <p>
> ! The table search order is as follows:
>   </p>
>   
> ! <ul>
>   
> ! <li> Look up the "user+extension at domain.tld" address including the
> ! optional address extension.
>   
> + <li> Look up the "user at domain.tld" address without the optional
> + address extension.
>   
> ! <li> Look up the "user+extension" address local part when the
> ! recipient domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> ! <li> Look up the "user" address local part when the recipient domain
> ! equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> ! <li> Look up the "@domain.tld" part.
>   
> ! </ul>
>   
> + <p>
> + Specify the types and names of databases to use.  After change,
> + run "<b>postmap /etc/postfix/recipient_bcc</b>".
> + </p>
>   
> ! <p>
> ! Note: if mail to the BCC address bounces it will be returned to
> ! the sender.
> ! </p>
>   
> ! <p> Note: automatic BCC recipients are produced only for new mail.
> ! To avoid mailer loops, automatic BCC recipients are not generated
> ! for mail that Postfix forwards internally, nor for mail that Postfix
> ! generates itself. </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> = hash:/etc/postfix/recipient_bcc
> ! </pre>
>   
> ***************
> *** 7344,7354 ****
>   
> ! <DT><b><a name="postscreen_forbidden_commands">postscreen_forbidden_commands</a>
> ! (default: $<a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a>)</b></DT><DD>
>   
> ! <p> List of commands that the <a href="postscreen.8.html">postscreen(8)</a> server considers in
> ! violation of the SMTP protocol. See <a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> for
> ! syntax, and <a href="postconf.5.html#postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a> for possible actions.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6693,6706 ----
>   
> ! <DT><b><a name="recipient_canonical_classes">recipient_canonical_classes</a>
> ! (default: envelope_recipient, header_recipient)</b></DT><DD>
> ! 
> ! <p> What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
> ! mapping.  By default, <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address mapping is
> ! applied to envelope recipient addresses, and to header recipient
> ! addresses.  </p>
>   
> ! <p> Specify one or more of: envelope_recipient, header_recipient
>   </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ***************
> *** 7357,7391 ****
>   
> ! <DT><b><a name="postscreen_greet_action">postscreen_greet_action</a>
> ! (default: ignore)</b></DT><DD>
> ! 
> ! <p>The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client speaks
> ! before its turn within the time specified with the <a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a>
> ! parameter.  Specify one of the following: </p>
>   
> ! <dl>
>   
> ! <dt> <b>ignore</b> (default) </dt>
>   
> ! <dd> Ignore the failure of this test. Allow other tests to complete.
> ! Repeat this test the next time the client connects.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail. </dd>
>   
> ! <dt> <b>enforce</b> </dt>
>   
> - <dd> Allow other tests to complete. Reject attempts to deliver mail
> - with a 550 SMTP reply, and log the helo/sender/recipient information.
> - Repeat this test the next time the client connects. </dd>
>   
> ! <dt> <b>drop</b> </dt>
>   
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects. </dd>
>   
> ! </dl>
>   
> ! <p> In either case, <a href="postscreen.8.html">postscreen(8)</a> will not whitelist the remote SMTP client
> ! IP address. </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6709,6752 ----
>   
> ! <DT><b><a name="recipient_canonical_maps">recipient_canonical_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional address mapping lookup tables for envelope and header
> ! recipient addresses.
> ! The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
> ! </p>
>   
> ! <p>
> ! Note: $<a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> = hash:/etc/postfix/recipient_canonical
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="recipient_delimiter">recipient_delimiter</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! The separator between user names and address extensions (user+foo).
> ! See <a href="canonical.5.html">canonical(5)</a>, <a href="local.8.html">local(8)</a>, <a href="relocated.5.html">relocated(5)</a> and <a href="virtual.5.html">virtual(5)</a> for the
> ! effects this has on aliases, canonical, virtual, relocated and
> ! on .forward file lookups.  Basically, the software tries user+foo
> ! and .forward+foo before trying user and .forward.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> = +
> ! </pre>
>   
> ***************
> *** 7394,7406 ****
>   
> ! <DT><b><a name="postscreen_greet_banner">postscreen_greet_banner</a>
> ! (default: $<a href="postconf.5.html#smtpd_banner">smtpd_banner</a>)</b></DT><DD>
>   
> ! <p> The <i>text</i> in the optional "220-<i>text</i>..." server
> ! response that
> ! <a href="postscreen.8.html">postscreen(8)</a> sends ahead of the real Postfix SMTP server's "220
> ! text..." response, in an attempt to confuse bad SMTP clients so
> ! that they speak before their turn (pre-greet).  Specify an empty
> ! value to disable this feature.  </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6755,6767 ----
>   
> ! <DT><b><a name="reject_code">reject_code</a>
> ! (default: 554)</b></DT><DD>
>   
> ! <p>
> ! The numerical Postfix SMTP server response code when a remote SMTP
> ! client request is rejected by the "reject" restriction.
> ! </p>
>   
> ! <p>
> ! Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>.
> ! </p>
>   
> ***************
> *** 7409,7442 ****
>   
> ! <DT><b><a name="postscreen_greet_ttl">postscreen_greet_ttl</a>
> ! (default: 1d)</b></DT><DD>
> ! 
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
> ! a successful PREGREET test. During this time, the client IP address
> ! is excluded from this test. The default is relatively short, because
> ! a good client can immediately talk to a real Postfix SMTP server. </p>
> ! 
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
> ! 
> ! <p> This feature is available in Postfix 2.8. </p>
> ! 
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_greet_wait">postscreen_greet_wait</a>
> ! (default: ${stress?2}${stress:6}s)</b></DT><DD>
>   
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will wait for an SMTP
> ! client to send a command before its turn, and for DNS blocklist
> ! lookup results to arrive (default: up to 2 seconds under stress,
> ! up to 6 seconds otherwise).  <p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  </p>
>   
> ! <p> Time units: s (seconds), m (minutes), h (hours), d (days), w
> ! (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6770,6797 ----
>   
> ! <DT><b><a name="relay_clientcerts">relay_clientcerts</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> List of tables with remote SMTP client-certificate fingerprints
> ! for which the Postfix SMTP server will allow access with the
> ! <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a> feature.
> ! The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  </p>
>   
> ! <p> Postfix lookup tables are in the form of (key, value) pairs.
> ! Since we only need the key, the value can be chosen freely, e.g.
> ! the name of the user or host:
> ! D7:04:2F:A7:0B:8C:A5:21:FA:31:77:E1:41:8A:EE:80 lutzpc.at.home </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a> = hash:/etc/postfix/relay_clientcerts
> ! </pre>
>   
> ! <p>For more fine-grained control, use <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> to select
> ! an appropriate <a href="access.5.html">access(5)</a> policy for each client.
> ! See <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a>.</p>
>   
> ! <p>This feature is available with Postfix version 2.2.</p>
>   
> ***************
> *** 7445,7453 ****
>   
> ! <DT><b><a name="postscreen_helo_required">postscreen_helo_required</a>
> ! (default: $<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a>)</b></DT><DD>
>   
> ! <p> Require that a remote SMTP client sends HELO or EHLO before
> ! commencing a MAIL transaction. </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6800,6810 ----
>   
> ! <DT><b><a name="relay_destination_concurrency_limit">relay_destination_concurrency_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of parallel deliveries to the same destination
> ! via the relay message delivery transport. This limit is enforced
> ! by the queue manager. The message delivery transport name is the
> ! first field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> This feature is available in Postfix 2.0 and later. </p>
>   
> ***************
> *** 7456,7502 ****
>   
> ! <DT><b><a name="postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a>
> ! (default: drop)</b></DT><DD>
> ! 
> ! <p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client sends
> ! non-SMTP commands as specified with the <a href="postconf.5.html#postscreen_forbidden_commands">postscreen_forbidden_commands</a>
> ! parameter.  Specify one of the following: </p>
>   
> ! <dl>
>   
> ! <dt> <b>ignore</b> </dt>
>   
> ! <dd> Ignore the failure of this test. Allow other tests to complete.
> ! Do <i>not</i> repeat this test before some the result from some
> ! other test expires.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail permanently. </dd>
> ! 
> ! <dt> <b>enforce</b> </dt>
> ! 
> ! <dd> Allow other tests to complete. Reject attempts to deliver mail
> ! with a 550 SMTP reply, and log the helo/sender/recipient information.
> ! Repeat this test the next time the client connects. </dd>
> ! 
> ! <dt> <b>drop</b> </dt>
> ! 
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects. This action is the
> ! same as with the Postfix SMTP server's <a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a>
> ! feature.  </dd>
>   
> - </dl>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_non_smtp_command_enable">postscreen_non_smtp_command_enable</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enable "non-SMTP command" tests in the <a href="postscreen.8.html">postscreen(8)</a> server. These
> ! tests are expensive: a client must disconnect after it passes the
> ! test, before it can talk to a real Postfix SMTP server. </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6813,6859 ----
>   
> ! <DT><b><a name="relay_destination_recipient_limit">relay_destination_recipient_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of recipients per message for the relay
> ! message delivery transport. This limit is enforced by the queue
> ! manager. The message delivery transport name is the first field in
> ! the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> Setting this parameter to a value of 1 changes the meaning of
> ! <a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> from concurrency per domain
> ! into concurrency per recipient.  </p>
>   
> ! <p> This feature is available in Postfix 2.0 and later. </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="relay_domains">relay_domains</a>
> + (default: $<a href="postconf.5.html#mydestination">mydestination</a>)</b></DT><DD>
>   
> ! <p> What destination domains (and subdomains thereof) this system
> ! will relay mail to. Subdomain matching is controlled with the
> ! <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter. For details about how
> ! the <a href="postconf.5.html#relay_domains">relay_domains</a> value is used, see the description of the
> ! <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> and <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> SMTP recipient
> ! restrictions.  </p>
>   
> ! <p> Domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a> are delivered with the
> ! $<a href="postconf.5.html#relay_transport">relay_transport</a> mail delivery transport. The SMTP server validates
> ! recipient addresses with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> and rejects non-existent
> ! recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
> ! <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
>   
> ! <p> Note: Postfix will not automatically forward mail for domains
> ! that list this system as their primary or backup MX host. See the
> ! <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page.  </p>
>   
> ! <p> Specify a list of host or domain names, "/file/name" patterns
> ! or "<a href="DATABASE_README.html">type:table</a>" lookup tables, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace. A
> ! "/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
> ! lookup table is matched when a (parent) domain appears as lookup
> ! key. Specify "!pattern" to exclude a domain from the list. The form
> ! "!/file/name" is supported only in Postfix version 2.4 and later.
> ! </p>
>   
> ***************
> *** 7505,7520 ****
>   
> ! <DT><b><a name="postscreen_non_smtp_command_ttl">postscreen_non_smtp_command_ttl</a>
> ! (default: 30d)</b></DT><DD>
> ! 
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
> ! a successful "non_smtp_command" SMTP protocol test. During this
> ! time, the client IP address is excluded from this test. The default
> ! is long because a client must disconnect after it passes the test,
> ! before it can talk to a real Postfix SMTP server. </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6862,6875 ----
>   
> ! <DT><b><a name="relay_domains_reject_code">relay_domains_reject_code</a>
> ! (default: 554)</b></DT><DD>
>   
> ! <p>
> ! The numerical Postfix SMTP server response code when a client
> ! request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient
> ! restriction.
> ! </p>
>   
> ! <p>
> ! Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>.
> ! </p>
>   
> ***************
> *** 7523,7569 ****
>   
> ! <DT><b><a name="postscreen_pipelining_action">postscreen_pipelining_action</a>
> ! (default: enforce)</b></DT><DD>
> ! 
> ! <p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client
> ! sends
> ! multiple commands instead of sending one command and waiting for
> ! the server to respond.  Specify one of the following: </p>
> ! 
> ! <dl>
>   
> ! <dt> <b>ignore</b> </dt>
>   
> ! <dd> Ignore the failure of this test. Allow other tests to complete.
> ! Do <i>not</i> repeat this test before some the result from some
> ! other test expires.
> ! This option is useful for testing and collecting statistics
> ! without blocking mail permanently. </dd>
>   
> ! <dt> <b>enforce</b> </dt>
>   
> ! <dd> Allow other tests to complete. Reject attempts to deliver mail
> ! with a 550 SMTP reply, and log the helo/sender/recipient information.
> ! Repeat this test the next time the client connects. </dd>
>   
> ! <dt> <b>drop</b> </dt>
>   
> ! <dd> Drop the connection immediately with a 521 SMTP reply. Repeat
> ! this test the next time the client connects. </dd>
>   
> - </dl>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_pipelining_enable">postscreen_pipelining_enable</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enable "pipelining" SMTP protocol tests in the <a href="postscreen.8.html">postscreen(8)</a>
> ! server. These tests are expensive: a good client must disconnect
> ! after it passes the test, before it can talk to a real Postfix SMTP
> ! server. </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 6878,6944 ----
>   
> ! <DT><b><a name="relay_recipient_maps">relay_recipient_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Optional lookup tables with all valid addresses in the domains
> ! that match $<a href="postconf.5.html#relay_domains">relay_domains</a>. Specify @domain as a wild-card for
> ! domains that have no valid recipient list, and become a source of
> ! backscatter mail: Postfix accepts spam for non-existent recipients
> ! and then floods innocent people with undeliverable mail.  Technically,
> ! tables
> ! listed with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> are used as lists: Postfix needs
> ! to know only if a lookup string is found or not, but it does not
> ! use the result from table lookup.  </p>
>   
> ! <p>
> ! If this parameter is non-empty, then the Postfix SMTP server will reject
> ! mail to unknown relay users. This feature is off by default.
> ! </p>
>   
> ! <p>
> ! See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
> ! file.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> = hash:/etc/postfix/relay_recipients
> ! </pre>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="relay_transport">relay_transport</a>
> + (default: relay)</b></DT><DD>
>   
> ! <p>
> ! The default mail delivery transport and next-hop destination for
> ! remote delivery to domains listed with $<a href="postconf.5.html#relay_domains">relay_domains</a>. In order of
> ! decreasing precedence, the nexthop destination is taken from
> ! $<a href="postconf.5.html#relay_transport">relay_transport</a>, $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or
> ! from the recipient domain. This information can be overruled with
> ! the <a href="transport.5.html">transport(5)</a> table.
> ! </p>
>   
> ! <p>
> ! Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
> ! is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> part is optional.  For more details see the
> ! <a href="transport.5.html">transport(5)</a> manual page.
> ! </p>
>   
> ! <p>
> ! See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
> ! file.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 7572,7614 ****
>   
> ! <DT><b><a name="postscreen_pipelining_ttl">postscreen_pipelining_ttl</a>
> ! (default: 30d)</b></DT><DD>
>   
> ! <p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
> ! a successful "pipelining" SMTP protocol test. During this time, the
> ! client IP address is excluded from this test. The default is
> ! long because a good client must disconnect after it passes the test,
> ! before it can talk to a real Postfix SMTP server. </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_post_queue_limit">postscreen_post_queue_limit</a>
> ! (default: $<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b></DT><DD>
>   
> - <p> The number of clients that can be waiting for service from a
> - real Postfix SMTP server process. When this queue is full, all
> - clients will
> - receive a 421 reponse. </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_pre_queue_limit">postscreen_pre_queue_limit</a>
> ! (default: $<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b></DT><DD>
>   
> ! <p> The number of non-whitelisted clients that can be waiting for
> ! a decision whether they will receive service from a real Postfix
> ! SMTP server
> ! process. When this queue is full, all non-whitelisted clients will
> ! receive a 421 reponse. </p>
>   
> ! <p> This feature is available in Postfix 2.8. </p>
>   
> --- 6947,7012 ----
>   
> ! <DT><b><a name="relayhost">relayhost</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! The next-hop destination of non-local mail; overrides non-local
> ! domains in recipient addresses. This information is overruled with
> ! <a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#default_transport">default_transport</a>, <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! and with the <a href="transport.5.html">transport(5)</a> table.
> ! </p>
>   
> ! <p>
> ! On an intranet, specify the organizational domain name. If your
> ! internal DNS uses no MX records, specify the name of the intranet
> ! gateway host instead.
> ! </p>
>   
> ! <p>
> ! In the case of SMTP, specify a domain name, hostname, hostname:port,
> ! [hostname]:port, [hostaddress] or [hostaddress]:port. The form
> ! [hostname] turns off MX lookups.
> ! </p>
>   
> + <p>
> + If you're connected via UUCP, see the <a href="UUCP_README.html">UUCP_README</a> file for useful
> + information.
> + </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [gateway.my.domain]
> ! <a href="postconf.5.html#relayhost">relayhost</a> = uucphost
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [an.ip.add.ress]
> ! </pre>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="relocated_maps">relocated_maps</a>
> + (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional lookup tables with new contact information for users or
> ! domains that no longer exist.  The table format and lookups are
> ! documented in <a href="relocated.5.html">relocated(5)</a>.
> ! </p>
>   
> ! <p>
> ! If you use this feature, run "<b>postmap /etc/postfix/relocated</b>" to
> ! build the necessary DBM or DB file after change, then "<b>postfix
> ! reload</b>" to make the changes visible.
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relocated_maps">relocated_maps</a> = dbm:/etc/postfix/relocated
> ! <a href="postconf.5.html#relocated_maps">relocated_maps</a> = hash:/etc/postfix/relocated
> ! </pre>
>   
> ***************
> *** 7617,7639 ****
>   
> ! <DT><b><a name="postscreen_reject_footer">postscreen_reject_footer</a>
> ! (default: $<a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a>)</b></DT><DD>
> ! 
> ! <p> Optional information that is appended after a 4XX or 5XX
> ! <a href="postscreen.8.html">postscreen(8)</a> server
> ! response. See <a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> for further details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="postscreen_tls_security_level">postscreen_tls_security_level</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>)</b></DT><DD>
>   
> ! <p> The SMTP TLS security level for the <a href="postscreen.8.html">postscreen(8)</a> server; when
> ! a non-empty value is specified, this overrides the obsolete parameters
> ! <a href="postconf.5.html#postscreen_use_tls">postscreen_use_tls</a> and <a href="postconf.5.html#postscreen_enforce_tls">postscreen_enforce_tls</a>. See <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>
> ! for details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 7015,7045 ----
>   
> ! <DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Don't rewrite message headers from remote clients at all when
> ! this parameter is empty; otherwise, rewrite message headers and
> ! append the specified domain name to incomplete addresses.  The
> ! <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls what clients Postfix
> ! considers local. </p>
>   
> + <p> Examples:  </p>
>   
> ! <p> The safe setting: append "domain.invalid" to incomplete header
> ! addresses from remote SMTP clients, so that those addresses cannot
> ! be confused with local addresses. </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> = domain.invalid
> ! </pre>
> ! </blockquote>
>   
> ! <p> The default, purist, setting: don't rewrite headers from remote
> ! clients at all. </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> =
> ! </pre>
> ! </blockquote>
>   
> ***************
> *** 7642,7651 ****
>   
> ! <DT><b><a name="postscreen_use_tls">postscreen_use_tls</a>
> ! (default: $<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b></DT><DD>
> ! 
> ! <p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
> ! but do not require that clients use TLS encryption. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later.
> ! Preferably, use <a href="postconf.5.html#postscreen_tls_security_level">postscreen_tls_security_level</a> instead. </p>
>   
> --- 7048,7058 ----
>   
> ! <DT><b><a name="require_home_directory">require_home_directory</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Whether or not a <a href="local.8.html">local(8)</a> recipient's home directory must exist
> ! before mail delivery is attempted. By default this test is disabled.
> ! It can be useful for environments that import home directories to
> ! the mail server (NOT RECOMMENDED).
> ! </p>
>   
> ***************
> *** 7654,7671 ****
>   
> ! <DT><b><a name="postscreen_watchdog_timeout">postscreen_watchdog_timeout</a>
> ! (default: 10s)</b></DT><DD>
>   
> ! <p> How much time a <a href="postscreen.8.html">postscreen(8)</a> process may take to respond to
> ! a remote SMTP client command or to perform a cache operation before it
> ! is terminated by a built-in watchdog timer.  This is a safety
> ! mechanism that prevents <a href="postscreen.8.html">postscreen(8)</a> from becoming non-responsive
> ! due to a bug in Postfix itself or in system software.  To avoid
> ! false alarms and unnecessary cache corruption this limit cannot be
> ! set under 10s.  </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 7061,7079 ----
>   
> ! <DT><b><a name="resolve_dequoted_address">resolve_dequoted_address</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Resolve a recipient address safely instead of correctly, by
> ! looking inside quotes.  </p>
>   
> ! <p> By default, the Postfix address resolver does not quote the
> ! address localpart as per <a href="http://tools.ietf.org/html/rfc822">RFC 822</a>, so that additional @ or % or !
> ! operators remain visible. This behavior is safe but it is also
> ! technically incorrect.  </p>
>   
> ! <p> If you specify "<a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> = no", then
> ! the Postfix
> ! resolver will not know about additional @ etc. operators in the
> ! address localpart. This opens opportunities for obscure mail relay
> ! attacks with user at domain@domain addresses when Postfix provides
> ! backup MX service for Sendmail systems.  </p>
>   
> ***************
> *** 7674,7724 ****
>   
> ! <DT><b><a name="postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a>
> ! (default: <a href="DATABASE_README.html#types">static</a>:all)</b></DT><DD>
>   
> ! <p> A list of local <a href="postscreen.8.html">postscreen(8)</a> server IP addresses where a
> ! non-whitelisted remote SMTP client can obtain <a href="postscreen.8.html">postscreen(8)</a>'s temporary
> ! whitelist status. This status is required before the client can
> ! talk to a Postfix SMTP server process.  By default, a client can
> ! obtain <a href="postscreen.8.html">postscreen(8)</a>'s whitelist status on any local <a href="postscreen.8.html">postscreen(8)</a>
> ! server IP address. </p>
>   
> ! <p> When <a href="postscreen.8.html">postscreen(8)</a> listens on both primary and backup MX
> ! addresses, the <a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> parameter can be
> ! configured to give the temporary whitelist status only when a client
> ! connects to a primary MX address. Once a client is whitelisted it
> ! can talk to a Postfix SMTP server on any address. Thus, clients
> ! that connect only to backup MX addresses will never become whitelisted,
> ! and will never be allowed to talk to a Postfix SMTP server process.
> ! </p>
>   
> ! <p> Example: </p>
>   
> - <pre>
> - /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> -     # Don't whitelist connections to the backup IP address.
> -     <a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> = !168.100.189.8, <a href="DATABASE_README.html#types">static</a>:all
> - </pre>
>   
> ! <p> This feature is available in Postfix 2.9 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="prepend_delivered_header">prepend_delivered_header</a>
> ! (default: command, file, forward)</b></DT><DD>
>   
> - <p> The message delivery contexts where the Postfix <a href="local.8.html">local(8)</a> delivery
> - agent prepends a Delivered-To:  message header with the address
> - that the mail was delivered to. This information is used for mail
> - delivery loop detection.  </p>
>   
> ! <p>
> ! By default, the Postfix local delivery agent prepends a Delivered-To:
> ! header when forwarding mail and when delivering to file (mailbox)
> ! and command. Turning off the Delivered-To: header when forwarding
> ! mail is not recommended.
> ! </p>
>   
>   <p>
> ! Specify zero or more of <b>forward</b>, <b>file</b>, or <b>command</b>.
>   </p>
> --- 7082,7119 ----
>   
> ! <DT><b><a name="resolve_null_domain">resolve_null_domain</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Resolve an address that ends in the "@" null domain as if the
> ! local hostname were specified, instead of rejecting the address as
> ! invalid.  </p>
>   
> ! <p> This feature is available in Postfix 2.1 and later.
> ! Earlier versions always resolve the null domain as the local
> ! hostname.  </p>
>   
> ! <p> The Postfix SMTP server uses this feature to reject mail from
> ! or to addresses that end in the "@" null domain, and from addresses
> ! that rewrite into a form that ends in the "@" null domain.  </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="resolve_numeric_domain">resolve_numeric_domain</a>
> + (default: no)</b></DT><DD>
>   
> ! <p> Resolve "user at ipaddress" as "user@[ipaddress]", instead of
> ! rejecting the address as invalid.  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later.
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="rewrite_service_name">rewrite_service_name</a>
> ! (default: rewrite)</b></DT><DD>
>   
>   <p>
> ! The name of the address rewriting service. This service rewrites
> ! addresses to standard form and resolves them to a (delivery method,
> ! next-hop host, recipient) triple.
>   </p>
> ***************
> *** 7726,7734 ****
>   <p>
> ! Example:
>   </p>
>   
> - <pre>
> - <a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> = forward
> - </pre>
> - 
>   
> --- 7121,7125 ----
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
>   
>   
> ***************
> *** 7736,7742 ****
>   
> ! <DT><b><a name="process_id">process_id</a>
> ! (read-only)</b></DT><DD>
>   
>   <p>
> ! The process ID of a Postfix command or daemon process.
>   </p>
> --- 7127,7133 ----
>   
> ! <DT><b><a name="sample_directory">sample_directory</a>
> ! (default: /etc/postfix)</b></DT><DD>
>   
>   <p>
> ! The name of the directory with example Postfix configuration files.
>   </p>
> ***************
> *** 7746,7755 ****
>   
> ! <DT><b><a name="process_id_directory">process_id_directory</a>
> ! (default: pid)</b></DT><DD>
>   
> ! <p>
> ! The location of Postfix PID files relative to $<a href="postconf.5.html#queue_directory">queue_directory</a>.
> ! This is a read-only parameter.
>   </p>
>   
>   
> --- 7137,7153 ----
>   
> ! <DT><b><a name="send_cyrus_sasl_authzid">send_cyrus_sasl_authzid</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> When authenticating to a remote SMTP or LMTP server with the
> ! default setting "no", send no SASL authoriZation ID (authzid); send
> ! only the SASL authentiCation ID (authcid) plus the authcid's password.
>   </p>
>   
> + <p> The non-default setting "yes" enables the behavior of older
> + Postfix versions.  These always send a SASL authzid that is equal
> + to the SASL authcid, but this causes inter-operability problems
> + with some SMTP servers. </p>
> + 
> + <p> This feature is available in Postfix 2.4.4 and later. </p>
> + 
>   
> ***************
> *** 7757,7763 ****
>   
> ! <DT><b><a name="process_name">process_name</a>
> ! (read-only)</b></DT><DD>
>   
>   <p>
> ! The process name of a Postfix command or daemon process.
>   </p>
> --- 7155,7162 ----
>   
> ! <DT><b><a name="sender_based_routing">sender_based_routing</a>
> ! (default: no)</b></DT><DD>
>   
>   <p>
> ! This parameter should not be used. It was replaced by <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! in Postfix version 2.3.
>   </p>
> ***************
> *** 7767,7774 ****
>   
> ! <DT><b><a name="propagate_unmatched_extensions">propagate_unmatched_extensions</a>
> ! (default: canonical, virtual)</b></DT><DD>
>   
>   <p>
> ! What address lookup tables copy an address extension from the lookup
> ! key to the lookup result.
>   </p>
> --- 7166,7176 ----
>   
> ! <DT><b><a name="sender_bcc_maps">sender_bcc_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Optional BCC (blind carbon-copy) address lookup tables, indexed
> ! by sender address.  The BCC address (multiple results are not
> ! supported) is added when mail enters from outside of Postfix.  </p>
>   
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> ***************
> *** 7776,7816 ****
>   <p>
> ! For example, with a <a href="virtual.5.html">virtual(5)</a> mapping of "<i>joe at example.com =>
> ! joe.user at example.net</i>", the address "<i>joe+foo at example.com</i>"
> ! would rewrite to "<i>joe.user+foo at example.net</i>".
>   </p>
>   
> ! <p>
> ! Specify zero or more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>,
> ! <b>forward</b>, <b>include</b> or <b>generic</b>. These cause
> ! address extension
> ! propagation with <a href="canonical.5.html">canonical(5)</a>, <a href="virtual.5.html">virtual(5)</a>, and <a href="aliases.5.html">aliases(5)</a> maps,
> ! with <a href="local.8.html">local(8)</a> .forward and :include: file lookups, and with <a href="smtp.8.html">smtp(8)</a>
> ! generic maps, respectively.  </p>
>   
> ! <p>
> ! Note: enabling this feature for types other than <b>canonical</b>
> ! and <b>virtual</b> is likely to cause problems when mail is forwarded
> ! to other sites, especially with mail that is sent to a mailing list
> ! exploder address.
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual, alias,
> !         forward, include
> ! <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="proxy_interfaces">proxy_interfaces</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! The network interface addresses that this mail system receives mail
> ! on by way of a proxy or network address translation unit.
>   </p>
> --- 7178,7204 ----
>   <p>
> ! The table search order is as follows:
>   </p>
>   
> ! <ul>
>   
> ! <li> Look up the "user+extension at domain.tld" address including the
> ! optional address extension.
>   
> ! <li> Look up the "user at domain.tld" address without the optional
> ! address extension.
>   
> ! <li> Look up the "user+extension" address local part when the
> ! sender domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> + <li> Look up the "user" address local part when the sender domain
> + equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> ! <li> Look up the "@domain.tld" part.
>   
> ! </ul>
>   
>   <p>
> ! Specify the types and names of databases to use.  After change,
> ! run "<b>postmap /etc/postfix/sender_bcc</b>".
>   </p>
> ***************
> *** 7818,7825 ****
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
>   
> ! <p> You must specify your "outside" proxy/NAT addresses when your
> ! system is a backup MX host for other domains, otherwise mail delivery
> ! loops will happen when the primary MX host is down.  </p>
>   
> --- 7206,7215 ----
>   <p>
> ! Note: if mail to the BCC address bounces it will be returned to
> ! the sender.
>   </p>
>   
> ! <p> Note: automatic BCC recipients are produced only for new mail.
> ! To avoid mailer loops, automatic BCC recipients are not generated
> ! for mail that Postfix forwards internally, nor for mail that Postfix
> ! generates itself. </p>
>   
> ***************
> *** 7830,7832 ****
>   <pre>
> ! <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
>   </pre>
> --- 7220,7222 ----
>   <pre>
> ! <a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> = hash:/etc/postfix/sender_bcc
>   </pre>
> ***************
> *** 7836,7875 ****
>   
> ! <DT><b><a name="proxy_read_maps">proxy_read_maps</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
> ! access for the read-only service.
> ! Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.
>   </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> - </DD>
>   
> ! <DT><b><a name="proxy_write_maps">proxy_write_maps</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
> ! access for the read-write service. Postfix-owned local database
> ! files should be stored under the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>.
> ! Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.  </p>
>   
>   <p>
> ! This feature is available in Postfix 2.5 and later.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="proxymap_service_name">proxymap_service_name</a>
> ! (default: proxymap)</b></DT><DD>
>   
> ! <p> The name of the proxymap read-only table lookup service.  This
> ! service is normally implemented by the <a href="proxymap.8.html">proxymap(8)</a> daemon. </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
> --- 7226,7268 ----
>   
> ! <DT><b><a name="sender_canonical_classes">sender_canonical_classes</a>
> ! (default: envelope_sender, header_sender)</b></DT><DD>
>   
> ! <p> What addresses are subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address
> ! mapping.  By default, <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address mapping is
> ! applied to envelope sender addresses, and to header sender addresses.
>   </p>
>   
> ! <p> Specify one or more of: envelope_sender, header_sender </p>
>   
> + <p> This feature is available in Postfix 2.2 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="sender_canonical_maps">sender_canonical_maps</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional address mapping lookup tables for envelope and header
> ! sender addresses.
> ! The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
>   </p>
>   
> + <p>
> + Example: you want to rewrite the SENDER address "user at ugly.domain"
> + to "user at pretty.domain", while still being able to send mail to
> + the RECIPIENT address "user at ugly.domain".
> + </p>
>   
> ! <p>
> ! Note: $<a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> = hash:/etc/postfix/sender_canonical
> ! </pre>
>   
> ***************
> *** 7878,7905 ****
>   
> ! <DT><b><a name="proxywrite_service_name">proxywrite_service_name</a>
> ! (default: proxywrite)</b></DT><DD>
> ! 
> ! <p> The name of the proxywrite read-write table lookup service.
> ! This service is normally implemented by the <a href="proxymap.8.html">proxymap(8)</a> daemon.
> ! </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
>   
> ! </DD>
>   
> ! <DT><b><a name="qmgr_clog_warn_time">qmgr_clog_warn_time</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The minimal delay between warnings that a specific destination is
> ! clogging up the Postfix <a href="QSHAPE_README.html#active_queue">active queue</a>. Specify 0 to disable.
>   </p>
>   
> ! <p>
> ! This feature is enabled with the <a href="postconf.5.html#helpful_warnings">helpful_warnings</a> parameter.
> ! </p>
>   
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
> --- 7271,7297 ----
>   
> ! <DT><b><a name="sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> A sender-dependent override for the global <a href="postconf.5.html#relayhost">relayhost</a> parameter
> ! setting. The tables are searched by the envelope sender address and
> ! @domain. This information is overruled with <a href="postconf.5.html#relay_transport">relay_transport</a>,
> ! <a href="postconf.5.html#default_transport">default_transport</a> and with the <a href="transport.5.html">transport(5)</a> table. </p>
>   
> ! <p> For safety reasons, this feature does not allow $number
> ! substitutions in regular expression maps. </p>
>   
>   <p>
> ! This feature is available in Postfix 2.3 and later.
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="sendmail_path">sendmail_path</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
>   <p>
> ! A Sendmail compatibility feature that specifies the location of
> ! the Postfix <a href="sendmail.1.html">sendmail(1)</a> command. This command can be used to
> ! submit mail into the Postfix queue.
>   </p>
> ***************
> *** 7909,7915 ****
>   
> ! <DT><b><a name="qmgr_daemon_timeout">qmgr_daemon_timeout</a>
> ! (default: 1000s)</b></DT><DD>
>   
> ! <p> How much time a Postfix queue manager process may take to handle
> ! a request before it is terminated by a built-in watchdog timer.
>   </p>
> --- 7301,7308 ----
>   
> ! <DT><b><a name="service_throttle_time">service_throttle_time</a>
> ! (default: 60s)</b></DT><DD>
>   
> ! <p>
> ! How long the Postfix <a href="master.8.html">master(8)</a> waits before forking a server that
> ! appears to be malfunctioning.
>   </p>
> ***************
> *** 7921,7924 ****
>   
> - <p> This feature is available in Postfix 2.8 and later.  </p>
> - 
>   
> --- 7314,7315 ----
> ***************
> *** 7926,7939 ****
>   
> ! <DT><b><a name="qmgr_fudge_factor">qmgr_fudge_factor</a>
> ! (default: 100)</b></DT><DD>
> ! 
> ! <p>
> ! Obsolete feature: the percentage of delivery resources that a busy
> ! mail system will use up for delivery of a large mailing  list
> ! message.
> ! </p>
>   
>   <p>
> ! This feature exists only in the <a href="qmgr.8.html">oqmgr(8)</a> old queue manager. The
> ! current queue manager solves the problem in a better way.
>   </p>
> --- 7317,7326 ----
>   
> ! <DT><b><a name="setgid_group">setgid_group</a>
> ! (default: postdrop)</b></DT><DD>
>   
>   <p>
> ! The group ownership of set-gid Postfix commands and of group-writable
> ! Postfix directories. When this parameter value is changed you need
> ! to re-run "<b>postfix set-permissions</b>" (with Postfix version 2.0 and
> ! earlier: "<b>/etc/postfix/post-install set-permissions</b>".
>   </p>
> ***************
> *** 7943,7967 ****
>   
> ! <DT><b><a name="qmgr_ipc_timeout">qmgr_ipc_timeout</a>
> ! (default: 60s)</b></DT><DD>
> ! 
> ! <p> The time limit for the queue manager to send or receive information
> ! over an internal communication channel.  The purpose is to break
> ! out of deadlock situations. If the time limit is exceeded the
> ! software either retries or aborts the operation. </p>
>   
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
> - <p> This feature is available in Postfix 2.8 and later.  </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="qmgr_message_active_limit">qmgr_message_active_limit</a>
> - (default: 20000)</b></DT><DD>
> - 
>   <p>
> ! The maximal number of messages in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
>   </p>
> --- 7330,7342 ----
>   
> ! <DT><b><a name="show_user_unknown_table_name">show_user_unknown_table_name</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Display the name of the recipient table in the "User unknown"
> ! responses.  The extra detail makes trouble shooting easier but also
> ! reveals information that is nobody elses business.
>   </p>
>   
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
> ***************
> *** 7971,7991 ****
>   
> ! <DT><b><a name="qmgr_message_recipient_limit">qmgr_message_recipient_limit</a>
> ! (default: 20000)</b></DT><DD>
> ! 
> ! <p> The maximal number of recipients held in memory by the Postfix
> ! queue manager, and the maximal size of the size of the short-term,
> ! in-memory "dead" destination status cache.  </p>
> ! 
> ! 
> ! </DD>
>   
> ! <DT><b><a name="qmgr_message_recipient_minimum">qmgr_message_recipient_minimum</a>
> ! (default: 10)</b></DT><DD>
>   
>   <p>
> ! The minimal number of in-memory recipients for any message. This
> ! takes priority over any other in-memory recipient limits (i.e.,
> ! the global <a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a> and the per transport
> ! _recipient_limit) if necessary. The minimum value allowed for this
> ! parameter is 1.
>   </p>
> --- 7346,7357 ----
>   
> ! <DT><b><a name="showq_service_name">showq_service_name</a>
> ! (default: showq)</b></DT><DD>
>   
> ! <p>
> ! The name of the <a href="showq.8.html">showq(8)</a> service. This service produces mail queue
> ! status reports.
> ! </p>
>   
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
> ***************
> *** 7995,8002 ****
>   
> ! <DT><b><a name="qmqpd_authorized_clients">qmqpd_authorized_clients</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! What remote QMQP clients are allowed to connect to the Postfix QMQP
> ! server port.
>   </p>
> --- 7361,7367 ----
>   
> ! <DT><b><a name="smtp_always_send_ehlo">smtp_always_send_ehlo</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Always send EHLO at the start of an SMTP session.
>   </p>
> ***************
> *** 8004,8022 ****
>   <p>
> ! By default, no client is allowed to use the service. This is
> ! because the QMQP server will relay mail to any destination.
>   </p>
>   
> ! <p>
> ! Specify a list of client patterns. A list pattern specifies a host
> ! name, a domain name, an internet address, or a network/mask pattern,
> ! where the mask specifies the number of bits in the network part.
> ! When a pattern specifies a file name, its contents are substituted
> ! for the file name; when a pattern is a "<a href="DATABASE_README.html">type:table</a>" table specification,
> ! table lookup is used instead.  </p>
>   
>   <p>
> ! Patterns are separated by whitespace and/or commas. In order to
> ! reverse the result, precede a pattern with an
> ! exclamation point (!). The form "!/file/name" is supported only
> ! in Postfix version 2.4 and later.
>   </p>
> --- 7369,7384 ----
>   <p>
> ! With "<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> = no", Postfix sends EHLO only when
> ! the word "ESMTP" appears in the server greeting banner (example:
> ! 220 spike.porcupine.org ESMTP Postfix).
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_bind_address">smtp_bind_address</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! An optional numerical network address that the Postfix SMTP client
> ! should bind to when making an IPv4 connection.
>   </p>
> ***************
> *** 8024,8043 ****
>   <p>
> ! Example:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a> = !192.168.0.1, 192.168.0.0/24
>   </pre>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="qmqpd_client_port_logging">qmqpd_client_port_logging</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Enable logging of the remote QMQP client port in addition to
> ! the hostname and IP address. The logging format is "host[address]:port".
> ! </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> --- 7386,7407 ----
>   <p>
> ! This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
> ! it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
> ! for example:
>   </p>
>   
> + <blockquote>
>   <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>=11.22.33.44
>   </pre>
> + </blockquote>
>   
> + <p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv4
> + address, and that address is a non-loopback address, it is
> + automatically used as the <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>.  This supports virtual
> + IP hosting, but can be a problem on multi-homed firewalls. See the
> + <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
>   
> ! <p> Note 2: address information may be enclosed inside <tt>[]</tt>,
> ! but this form is not required here. </p>
>   
> ***************
> *** 8046,8088 ****
>   
> ! <DT><b><a name="qmqpd_error_delay">qmqpd_error_delay</a>
> ! (default: 1s)</b></DT><DD>
> ! 
> ! <p>
> ! How long the Postfix QMQP server will pause before sending a negative
> ! reply to the remote QMQP client. The purpose is to slow down confused
> ! or malicious clients.
> ! </p>
>   
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="qmqpd_timeout">qmqpd_timeout</a>
> ! (default: 300s)</b></DT><DD>
> ! 
> ! <p>
> ! The time limit for sending or receiving information over the network.
> ! If a read or write operation blocks for more than $<a href="postconf.5.html#qmqpd_timeout">qmqpd_timeout</a>
> ! seconds the Postfix QMQP server gives up and disconnects.
> ! </p>
>   
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="queue_directory">queue_directory</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The location of the Postfix top-level queue directory. This is the
> ! root directory of Postfix daemon processes that run chrooted.
> ! </p>
>   
> --- 7410,7442 ----
>   
> ! <DT><b><a name="smtp_bind_address6">smtp_bind_address6</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! An optional numerical network address that the Postfix SMTP client
> ! should bind to when making an IPv6 connection.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
>   <p>
> ! This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
> ! it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
> ! for example:
>   </p>
>   
> + <blockquote>
> + <pre>
> + /etc/postfix/<a href="master.5.html">master.cf</a>:
> +     smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>=1:2:3:4:5:6:7:8
> + </pre>
> + </blockquote>
>   
> ! <p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv6
> ! address, and that address is a non-loopback address, it is
> ! automatically used as the <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>.  This supports virtual
> ! IP hosting, but can be a problem on multi-homed firewalls. See the
> ! <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
>   
> ! <p> Note 2: address information may be enclosed inside <tt>[]</tt>,
> ! but this form is not recommended here. </p>
>   
> ***************
> *** 8091,8104 ****
>   
> ! <DT><b><a name="queue_file_attribute_count_limit">queue_file_attribute_count_limit</a>
> ! (default: 100)</b></DT><DD>
>   
> ! <p>
> ! The maximal number of (name=value) attributes that may be stored
> ! in a Postfix queue file. The limit is enforced by the <a href="cleanup.8.html">cleanup(8)</a>
> ! server.
>   </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> --- 7445,7455 ----
>   
> ! <DT><b><a name="smtp_body_checks">smtp_body_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted <a href="header_checks.5.html">body_checks(5)</a> tables for the Postfix SMTP client.
> ! These tables are searched while mail is being delivered.  Actions
> ! that change the delivery time or destination are not available.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 8107,8129 ****
>   
> ! <DT><b><a name="queue_minfree">queue_minfree</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p>
> ! The minimal amount of free space in bytes in the queue file system
> ! that is needed to receive mail.  This is currently used by the
> ! Postfix SMTP server to decide if it will accept any mail at all.
> ! </p>
>   
> ! <p>
> ! By default, the Postfix SMTP server rejects MAIL FROM commands when
> ! the amount of free space is less than 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>
> ! (Postfix version 2.1 and later).
> ! To specify a higher minimum free space limit, specify a <a href="postconf.5.html#queue_minfree">queue_minfree</a>
> ! value that is at least 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>.
> ! </p>
>   
> ! <p>
> ! With Postfix versions 2.0 and earlier, a <a href="postconf.5.html#queue_minfree">queue_minfree</a> value of
> ! zero means there is no minimum required amount of free space.
> ! </p>
>   
> --- 7458,7471 ----
>   
> ! <DT><b><a name="smtp_cname_overrides_servername">smtp_cname_overrides_servername</a>
> ! (default: version dependent)</b></DT><DD>
>   
> ! <p> Allow DNS CNAME records to override the servername that the
> ! Postfix SMTP client uses for logging, SASL password lookup, TLS
> ! policy decisions, or TLS certificate verification. The value "no"
> ! hardens Postfix <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> hostname-based policies against
> ! false hostname information in DNS CNAME records, and makes SASL
> ! password file lookups more predictable. This is the default setting
> ! as of Postfix 2.3. </p>
>   
> ! <p> This feature is available in Postfix 2.2.9 and later. </p>
>   
> ***************
> *** 8132,8143 ****
>   
> ! <DT><b><a name="queue_run_delay">queue_run_delay</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
> ! prior to Postfix 2.4 the default value was 1000s.
>   </p>
>   
> ! <p> This parameter should be set less than or equal to
> ! $<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>. See also $<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a>.  </p>
>   
> --- 7474,7490 ----
>   
> ! <DT><b><a name="smtp_connect_timeout">smtp_connect_timeout</a>
> ! (default: 30s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for completing a TCP connection, or
> ! zero (use the operating system built-in time limit).
>   </p>
>   
> ! <p>
> ! When no connection can be made within the deadline, the Postfix
> ! SMTP client
> ! tries the next address on the mail exchanger list. Specify 0 to
> ! disable the time limit (i.e. use whatever timeout is implemented by
> ! the operating system).
> ! </p>
>   
> ***************
> *** 8151,8181 ****
>   
> ! <DT><b><a name="queue_service_name">queue_service_name</a>
> ! (default: qmgr)</b></DT><DD>
>   
> ! <p>
> ! The name of the <a href="qmgr.8.html">qmgr(8)</a> service. This service manages the Postfix
> ! queue and schedules delivery requests.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="rbl_reply_maps">rbl_reply_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional lookup tables with RBL response templates. The tables are
> ! indexed by the RBL domain name. By default, Postfix uses the default
> ! template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration
> ! parameter. See there for a discussion of the syntax of RBL reply
> ! templates.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> --- 7498,7535 ----
>   
> ! <DT><b><a name="smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Permanently enable SMTP connection caching for the specified
> ! destinations.  With SMTP connection caching, a connection is not
> ! closed immediately after completion of a mail transaction.  Instead,
> ! the connection is kept open for up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
> ! seconds.  This allows connections to be reused for other deliveries,
> ! and can improve mail delivery performance. </p>
>   
> ! <p> Specify a comma or white space separated list of destinations
> ! or pseudo-destinations: </p>
>   
> + <ul>
>   
> ! <li> if mail is sent without a <a href="postconf.5.html#relayhost">relay host</a>: a domain name (the
> ! right-hand side of an email address, without the [] around a numeric
> ! IP address),
>   
> ! <li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
> ! [] or non-default TCP port), as specified in <a href="postconf.5.html">main.cf</a> or in the
> ! transport map,
>   
> ! <li> if mail is sent via a UNIX-domain socket: a pathname (without
> ! the unix: prefix),
>   
> ! <li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
> ! defined above,
> ! 
> ! <li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names on
> ! the left-hand side.  The right-hand side result from "<a href="DATABASE_README.html">type:table</a>"
> ! lookups is ignored.
> ! 
> ! </ul>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ***************
> *** 8184,8192 ****
>   
> ! <DT><b><a name="readme_directory">readme_directory</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The location of Postfix README files that describe how to build,
> ! configure or operate a specific Postfix subsystem or feature.
> ! </p>
>   
> --- 7538,7551 ----
>   
> ! <DT><b><a name="smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Temporarily enable SMTP connection caching while a destination
> ! has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.  With SMTP connection
> ! caching, a connection is not closed immediately after completion
> ! of a mail transaction.  Instead, the connection is kept open for
> ! up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> seconds.  This allows
> ! connections to be reused for other deliveries, and can improve mail
> ! delivery performance. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ***************
> *** 8195,8256 ****
>   
> ! <DT><b><a name="receive_override_options">receive_override_options</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Enable or disable recipient validation, built-in content
> ! filtering, or address mapping. Typically, these are specified in
> ! <a href="master.5.html">master.cf</a> as command-line arguments for the <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a> or
> ! <a href="pickup.8.html">pickup(8)</a> daemons. </p>
>   
> ! <p> Specify zero or more of the following options.  The options
> ! override <a href="postconf.5.html">main.cf</a> settings and are either implemented by <a href="smtpd.8.html">smtpd(8)</a>,
> ! <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a> themselves, or they are forwarded to the
> ! cleanup server.  </p>
>   
> - <dl>
>   
> ! <dt><b><a name="no_unknown_recipient_checks">no_unknown_recipient_checks</a></b></dt>
>   
> ! <dd>Do not try to reject unknown recipients (SMTP server only).
> ! This is typically specified AFTER an external content filter.
> ! </dd>
>   
> ! <dt><b><a name="no_address_mappings">no_address_mappings</a></b></dt>
>   
> ! <dd>Disable canonical address mapping, virtual alias map expansion,
> ! address masquerading, and automatic BCC (blind carbon-copy)
> ! recipients. This is typically specified BEFORE an external content
> ! filter. </dd>
>   
> - <dt><b><a name="no_header_body_checks">no_header_body_checks</a></b></dt>
>   
> ! <dd>Disable header/body_checks. This is typically specified AFTER
> ! an external content filter. </dd>
>   
> ! <dt><b><a name="no_milters">no_milters</a></b></dt>
>   
> ! <dd>Disable Milter (mail filter) applications. This is typically
> ! specified AFTER an external content filter. </dd>
>   
> ! </dl>
>   
> ! <p>
> ! Note: when the "BEFORE content filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a>
> ! setting is specified in the <a href="postconf.5.html">main.cf</a> file, specify the "AFTER content
> ! filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a> setting in <a href="master.5.html">master.cf</a> (and vice
> ! versa).
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#receive_override_options">receive_override_options</a> =
> !     <a href="postconf.5.html#no_unknown_recipient_checks">no_unknown_recipient_checks</a>, <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>
> ! <a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
> ! </pre>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> --- 7554,7629 ----
>   
> ! <DT><b><a name="smtp_connection_cache_reuse_limit">smtp_connection_cache_reuse_limit</a>
> ! (default: 10)</b></DT><DD>
>   
> ! <p> When SMTP connection caching is enabled, the number of times that
> ! an SMTP session may be reused before it is closed.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.2. In Postfix 2.3 it is
> ! replaced by $<a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>.</p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
> ! (default: 2s)</b></DT><DD>
>   
> ! <p> When SMTP connection caching is enabled, the amount of time that
> ! an unused SMTP client socket is kept open before it is closed.  Do
> ! not specify larger values without permission from the remote sites.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p> The amount of time during which Postfix will use an SMTP
> ! connection repeatedly.  The timer starts when the connection is
> ! initiated (i.e. it includes the connect, greeting and helo latency,
> ! in addition to the latencies of subsequent mail delivery transactions).
> ! </p>
>   
> ! <p> This feature addresses a performance stability problem with
> ! remote SMTP servers. This problem is not specific to Postfix: it
> ! can happen when any MTA sends large amounts of SMTP email to a site
> ! that has multiple MX hosts. </p>
>   
> ! <p> The problem starts when one of a set of MX hosts becomes slower
> ! than the rest.  Even though SMTP clients connect to fast and slow
> ! MX hosts with equal probability, the slow MX host ends up with more
> ! simultaneous inbound connections than the faster MX hosts, because
> ! the slow MX host needs more time to serve each client request. </p>
>   
> ! <p> The slow MX host becomes a connection attractor.  If one MX
> ! host becomes N times slower than the rest, it dominates mail delivery
> ! latency unless there are more than N fast MX hosts to counter the
> ! effect. And if the number of MX hosts is smaller than N, the mail
> ! delivery latency becomes effectively that of the slowest MX host
> ! divided by the total number of MX hosts. </p>
>   
> ! <p> The solution uses connection caching in a way that differs from
> ! Postfix version 2.2.  By limiting the amount of time during which a connection
> ! can be used repeatedly (instead of limiting the number of deliveries
> ! over that connection), Postfix not only restores fairness in the
> ! distribution of simultaneous connections across a set of MX hosts,
> ! it also favors deliveries over connections that perform well, which
> ! is exactly what we want.  </p>
>   
> ! <p> The default reuse time limit, 300s, is comparable to the various
> ! smtp transaction timeouts which are fair estimates of maximum excess
> ! latency for a slow delivery.  Note that hosts may accept thousands
> ! of messages over a single connection within the default connection
> ! reuse time limit. This number is much larger than the default Postfix
> ! version 2.2 limit of 10 messages per cached connection. It may prove necessary
> ! to lower the limit to avoid interoperability issues with MTAs that
> ! exhibit bugs when many messages are delivered via a single connection.
> ! A lower reuse time limit risks losing the benefit of connection
> ! reuse when the average connection and mail delivery latency exceeds
> ! the reuse time limit.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 8259,8267 ****
>   
> ! <DT><b><a name="recipient_bcc_maps">recipient_bcc_maps</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional BCC (blind carbon-copy) address lookup tables, indexed by
> ! recipient address.  The BCC address (multiple results are not
> ! supported) is added when mail enters from outside of Postfix.
>   </p>
> --- 7632,7639 ----
>   
> ! <DT><b><a name="smtp_data_done_timeout">smtp_data_done_timeout</a>
> ! (default: 600s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the SMTP ".", and for receiving
> ! the server response.
>   </p>
> ***************
> *** 8269,8271 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> --- 7641,7644 ----
>   <p>
> ! When no response is received within the deadline, a warning is
> ! logged that the mail may be delivered multiple times.
>   </p>
> ***************
> *** 8273,8319 ****
>   <p>
> ! The table search order is as follows:
>   </p>
>   
> - <ul>
> - 
> - <li> Look up the "user+extension at domain.tld" address including the
> - optional address extension.
> - 
> - <li> Look up the "user at domain.tld" address without the optional
> - address extension.
> - 
> - <li> Look up the "user+extension" address local part when the
> - recipient domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> - or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
> - 
> - <li> Look up the "user" address local part when the recipient domain
> - equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
> - 
> - <li> Look up the "@domain.tld" part.
>   
> ! </ul>
>   
> ! <p>
> ! Specify the types and names of databases to use.  After change,
> ! run "<b>postmap /etc/postfix/recipient_bcc</b>".
> ! </p>
>   
>   <p>
> ! Note: if mail to the BCC address bounces it will be returned to
> ! the sender.
>   </p>
>   
> - <p> Note: automatic BCC recipients are produced only for new mail.
> - To avoid mailer loops, automatic BCC recipients are not generated
> - after Postfix forwards mail internally, or after Postfix generates
> - mail itself. </p>
> - 
>   <p>
> ! Example:
>   </p>
>   
> - <pre>
> - <a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> = hash:/etc/postfix/recipient_bcc
> - </pre>
> - 
>   
> --- 7646,7667 ----
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_data_init_timeout">smtp_data_init_timeout</a>
> ! (default: 120s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the SMTP DATA command, and for
> ! receiving the server response.
>   </p>
>   
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
>   
> ***************
> *** 8321,8334 ****
>   
> ! <DT><b><a name="recipient_canonical_classes">recipient_canonical_classes</a>
> ! (default: envelope_recipient, header_recipient)</b></DT><DD>
> ! 
> ! <p> What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
> ! mapping.  By default, <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address mapping is
> ! applied to envelope recipient addresses, and to header recipient
> ! addresses.  </p>
>   
> ! <p> Specify one or more of: envelope_recipient, header_recipient
>   </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> --- 7669,7683 ----
>   
> ! <DT><b><a name="smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
> ! (default: 180s)</b></DT><DD>
>   
> ! <p>
> ! The SMTP client time limit for sending the SMTP message content.
> ! When the connection makes no progress for more than $<a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
> ! seconds the Postfix SMTP client terminates the transfer.
>   </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ***************
> *** 8337,8345 ****
>   
> ! <DT><b><a name="recipient_canonical_maps">recipient_canonical_maps</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional address mapping lookup tables for envelope and header
> ! recipient addresses.
> ! The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
>   </p>
> --- 7686,7692 ----
>   
> ! <DT><b><a name="smtp_defer_if_no_mx_address_found">smtp_defer_if_no_mx_address_found</a>
> ! (default: no)</b></DT><DD>
>   
>   <p>
> ! Defer mail delivery when no MX record resolves to an IP address.
>   </p>
> ***************
> *** 8347,8349 ****
>   <p>
> ! Note: $<a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
>   </p>
> --- 7694,7698 ----
>   <p>
> ! The default (no) is to return the mail as undeliverable. With older
> ! Postfix versions the default was to keep trying to deliver the mail
> ! until someone fixed the MX record or until the mail was too old.
>   </p>
> ***************
> *** 8351,8358 ****
>   <p>
> ! Example:
>   </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> = hash:/etc/postfix/recipient_canonical
> ! </pre>
>   
> --- 7700,7708 ----
>   <p>
> ! Note: Postfix always ignores MX records with equal or worse preference
> ! than the local MTA itself.
>   </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 8361,8380 ****
>   
> ! <DT><b><a name="recipient_delimiter">recipient_delimiter</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! The separator between user names and address extensions (user+foo).
> ! See <a href="canonical.5.html">canonical(5)</a>, <a href="local.8.html">local(8)</a>, <a href="relocated.5.html">relocated(5)</a> and <a href="virtual.5.html">virtual(5)</a> for the
> ! effects this has on aliases, canonical, virtual, relocated and
> ! on .forward file lookups.  Basically, the software tries user+foo
> ! and .forward+foo before trying user and .forward.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> = +
> ! </pre>
>   
> --- 7711,7719 ----
>   
> ! <DT><b><a name="smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of parallel deliveries to the same destination
> ! via the smtp message delivery transport. This limit is enforced by
> ! the queue manager. The message delivery transport name is the first
> ! field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ***************
> *** 8383,8395 ****
>   
> ! <DT><b><a name="reject_code">reject_code</a>
> ! (default: 554)</b></DT><DD>
>   
> ! <p>
> ! The numerical Postfix SMTP server response code when a remote SMTP
> ! client request is rejected by the "reject" restriction.
> ! </p>
>   
> ! <p>
> ! Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>.
> ! </p>
>   
> --- 7722,7734 ----
>   
> ! <DT><b><a name="smtp_destination_recipient_limit">smtp_destination_recipient_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of recipients per message for the smtp
> ! message delivery transport. This limit is enforced by the queue
> ! manager. The message delivery transport name is the first field in
> ! the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> Setting this parameter to a value of 1 changes the meaning of
> ! <a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> from concurrency per domain
> ! into concurrency per recipient.  </p>
>   
> ***************
> *** 8398,8414 ****
>   
> ! <DT><b><a name="reject_tempfail_action">reject_tempfail_action</a>
> ! (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>)</b></DT><DD>
>   
> ! <p> The Postfix SMTP server's action when a reject-type restriction
> ! fails due to a temporary error condition. Specify "defer" to defer
> ! the remote SMTP client request immediately. With the default
> ! "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
> ! for opportunities to reject mail, and defers the client request
> ! only if it would otherwise be accepted. </p>
> ! 
> ! <p> For finer control, see: <a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a>,
> ! <a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a>, <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a>,
> ! and <a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a>.  </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
> --- 7737,7749 ----
>   
> ! <DT><b><a name="smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP server address, with
> ! case insensitive lists of EHLO keywords (pipelining, starttls, auth,
> ! etc.) that the Postfix SMTP client will ignore in the EHLO response from a
> ! remote SMTP server. See <a href="postconf.5.html#smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a> for details. The
> ! table is not indexed by hostname for consistency with
> ! <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ***************
> *** 8417,8444 ****
>   
> ! <DT><b><a name="relay_clientcerts">relay_clientcerts</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> List of tables with remote SMTP client-certificate fingerprints or
> ! public key fingerprints (Postfix 2.9 and later) for which the Postfix
> ! SMTP server will allow access with the <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
> ! feature.  The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  </p>
>   
> ! <p> Postfix lookup tables are in the form of (key, value) pairs.
> ! Since we only need the key, the value can be chosen freely, e.g.
> ! the name of the user or host:
> ! D7:04:2F:A7:0B:8C:A5:21:FA:31:77:E1:41:8A:EE:80 lutzpc.at.home </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a> = hash:/etc/postfix/relay_clientcerts
> ! </pre>
>   
> ! <p>For more fine-grained control, use <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> to select
> ! an appropriate <a href="access.5.html">access(5)</a> policy for each client.
> ! See <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a>.</p>
>   
> ! <p>This feature is available with Postfix version 2.2.</p>
>   
> --- 7752,7773 ----
>   
> ! <DT><b><a name="smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> A case insensitive list of EHLO keywords (pipelining, starttls,
> ! auth, etc.) that the Postfix SMTP client will ignore in the EHLO
> ! response from a remote SMTP server. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p> Notes: </p>
>   
> ! <ul>
>   
> ! <li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
> ! this action from being logged. </p>
>   
> ! <li> <p> Use the <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> feature to
> ! discard EHLO keywords selectively. </p>
> ! 
> ! </ul>
>   
> ***************
> *** 8447,8457 ****
>   
> ! <DT><b><a name="relay_destination_concurrency_limit">relay_destination_concurrency_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of parallel deliveries to the same destination
> ! via the relay message delivery transport. This limit is enforced
> ! by the queue manager. The message delivery transport name is the
> ! first field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> This feature is available in Postfix 2.0 and later. </p>
>   
> --- 7776,7800 ----
>   
> ! <DT><b><a name="smtp_enforce_tls">smtp_enforce_tls</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enforcement mode: require that remote SMTP servers use TLS
> ! encryption, and never send mail in the clear.  This also requires
> ! that the remote SMTP server hostname matches the information in
> ! the remote server certificate, and that the remote SMTP server
> ! certificate was issued by a CA that is trusted by the Postfix SMTP
> ! client. If the certificate doesn't verify or the hostname doesn't
> ! match, delivery is deferred and mail stays in the queue.  </p>
>   
> ! <p> The server hostname is matched against all names provided as
> ! dNSNames in the SubjectAlternativeName.  If no dNSNames are specified,
> ! the CommonName is checked.  The behavior may be changed with the
> ! <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> option.  </p>
> ! 
> ! <p> This option is useful only if you are definitely sure that you
> ! will only connect to servers that support <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> _and_ that
> ! provide valid server certificates.  Typical use is for clients that
> ! send all their email to a dedicated mailhub.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
>   
> ***************
> *** 8460,8506 ****
>   
> ! <DT><b><a name="relay_destination_recipient_limit">relay_destination_recipient_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
>   
> ! <p> The maximal number of recipients per message for the relay
> ! message delivery transport. This limit is enforced by the queue
> ! manager. The message delivery transport name is the first field in
> ! the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> Setting this parameter to a value of 1 changes the meaning of
> ! <a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> from concurrency per domain
> ! into concurrency per recipient.  </p>
>   
> ! <p> This feature is available in Postfix 2.0 and later. </p>
>   
>   
> - </DD>
>   
> ! <DT><b><a name="relay_domains">relay_domains</a>
> ! (default: $<a href="postconf.5.html#mydestination">mydestination</a>)</b></DT><DD>
>   
> ! <p> What destination domains (and subdomains thereof) this system
> ! will relay mail to. Subdomain matching is controlled with the
> ! <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter. For details about how
> ! the <a href="postconf.5.html#relay_domains">relay_domains</a> value is used, see the description of the
> ! <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> and <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> SMTP recipient
> ! restrictions.  </p>
>   
> ! <p> Domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a> are delivered with the
> ! $<a href="postconf.5.html#relay_transport">relay_transport</a> mail delivery transport. The SMTP server validates
> ! recipient addresses with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> and rejects non-existent
> ! recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
> ! <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
>   
> ! <p> Note: Postfix will not automatically forward mail for domains
> ! that list this system as their primary or backup MX host. See the
> ! <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page.  </p>
>   
> ! <p> Specify a list of host or domain names, "/file/name" patterns
> ! or "<a href="DATABASE_README.html">type:table</a>" lookup tables, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace. A
> ! "/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
> ! lookup table is matched when a (parent) domain appears as lookup
> ! key. Specify "!pattern" to exclude a domain from the list. The form
> ! "!/file/name" is supported only in Postfix version 2.4 and later.
> ! </p>
>   
> --- 7803,7845 ----
>   
> ! <DT><b><a name="smtp_fallback_relay">smtp_fallback_relay</a>
> ! (default: $<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b></DT><DD>
>   
> ! <p>
> ! Optional list of relay hosts for SMTP destinations that can't be
> ! found or that are unreachable. With Postfix 2.2 and earlier this
> ! parameter is called <a href="postconf.5.html#fallback_relay">fallback_relay</a>.  </p>
>   
> ! <p>
> ! By default, mail is returned to the sender when a destination is
> ! not found, and delivery is deferred when a destination is unreachable.
> ! </p>
>   
> ! <p> The fallback relays must be SMTP destinations. Specify a domain,
> ! host, host:port, [host]:port, [address] or [address]:port; the form
> ! [host] turns off MX lookups.  If you specify multiple SMTP
> ! destinations, Postfix will try them in the specified order.  </p>
>   
> + <p> To prevent mailer loops between MX hosts and fall-back hosts,
> + Postfix version 2.2 and later will not use the fallback relays for
> + destinations that it is MX host for (assuming DNS lookup is turned on).
> + </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_generic_maps">smtp_generic_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Optional lookup tables that perform address rewriting in the
> ! SMTP client, typically to transform a locally valid address into
> ! a globally valid address when sending mail across the Internet.
> ! This is needed when the local machine does not have its own Internet
> ! domain name, but uses something like <i>localdomain.local</i>
> ! instead.  </p>
>   
> ! <p> The table format and lookups are documented in <a href="generic.5.html">generic(5)</a>;
> ! examples are shown in the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> and
> ! <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> documents. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 8509,8522 ****
>   
> ! <DT><b><a name="relay_domains_reject_code">relay_domains_reject_code</a>
> ! (default: 554)</b></DT><DD>
>   
> ! <p>
> ! The numerical Postfix SMTP server response code when a client
> ! request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient
> ! restriction.
>   </p>
>   
> ! <p>
> ! Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>.
> ! </p>
>   
> --- 7848,7858 ----
>   
> ! <DT><b><a name="smtp_header_checks">smtp_header_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted <a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP client.
> ! These tables are searched while mail is being delivered.  Actions
> ! that change the delivery time or destination are not available.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 8525,8542 ****
>   
> ! <DT><b><a name="relay_recipient_maps">relay_recipient_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Optional lookup tables with all valid addresses in the domains
> ! that match $<a href="postconf.5.html#relay_domains">relay_domains</a>. Specify @domain as a wild-card for
> ! domains that have no valid recipient list, and become a source of
> ! backscatter mail: Postfix accepts spam for non-existent recipients
> ! and then floods innocent people with undeliverable mail.  Technically,
> ! tables
> ! listed with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> are used as lists: Postfix needs
> ! to know only if a lookup string is found or not, but it does not
> ! use the result from table lookup.  </p>
>   
>   <p>
> ! If this parameter is non-empty, then the Postfix SMTP server will reject
> ! mail to unknown relay users. This feature is off by default.
>   </p>
> --- 7861,7867 ----
>   
> ! <DT><b><a name="smtp_helo_name">smtp_helo_name</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
>   
>   <p>
> ! The hostname to send in the SMTP EHLO or HELO command.
>   </p>
> ***************
> *** 8544,8547 ****
>   <p>
> ! See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
> ! file.
>   </p>
> --- 7869,7872 ----
>   <p>
> ! The default value is the machine hostname.  Specify a hostname or
> ! [ip.add.re.ss].
>   </p>
> ***************
> *** 8549,8556 ****
>   <p>
> ! Example:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> = hash:/etc/postfix/relay_recipients
>   </pre>
>   
> --- 7874,7886 ----
>   <p>
> ! This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP
> ! clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
> ! client, for example:
>   </p>
>   
> + <blockquote>
>   <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     mysmtp ... smtp -o <a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a>=foo.bar.com
>   </pre>
> + </blockquote>
>   
> ***************
> *** 8563,8586 ****
>   
> ! <DT><b><a name="relay_transport">relay_transport</a>
> ! (default: relay)</b></DT><DD>
> ! 
> ! <p>
> ! The default mail delivery transport and next-hop destination for
> ! remote delivery to domains listed with $<a href="postconf.5.html#relay_domains">relay_domains</a>. In order of
> ! decreasing precedence, the nexthop destination is taken from
> ! $<a href="postconf.5.html#relay_transport">relay_transport</a>, $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or
> ! from the recipient domain. This information can be overruled with
> ! the <a href="transport.5.html">transport(5)</a> table.
> ! </p>
> ! 
> ! <p>
> ! Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
> ! is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> destination is optional; its syntax is documented
> ! in the manual page of the corresponding delivery agent.
> ! </p>
>   
>   <p>
> ! See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
> ! file.
>   </p>
> --- 7893,7900 ----
>   
> ! <DT><b><a name="smtp_helo_timeout">smtp_helo_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the HELO or EHLO command,
> ! and for receiving the initial server response.
>   </p>
> ***************
> *** 8588,8590 ****
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
> --- 7902,7905 ----
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
> ***************
> *** 8594,8604 ****
>   
> ! <DT><b><a name="relayhost">relayhost</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! The next-hop destination of non-local mail; overrides non-local
> ! domains in recipient addresses. This information is overruled with
> ! <a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>,
> ! <a href="postconf.5.html#default_transport">default_transport</a>, <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! and with the <a href="transport.5.html">transport(5)</a> table.
>   </p>
> --- 7909,7916 ----
>   
> ! <DT><b><a name="smtp_host_lookup">smtp_host_lookup</a>
> ! (default: dns)</b></DT><DD>
>   
>   <p>
> ! What mechanisms when the Postfix SMTP client uses to look up a host's IP
> ! address.  This parameter is ignored when DNS lookups are disabled.
>   </p>
> ***************
> *** 8606,8650 ****
>   <p>
> ! On an intranet, specify the organizational domain name. If your
> ! internal DNS uses no MX records, specify the name of the intranet
> ! gateway host instead.
>   </p>
>   
> ! <p>
> ! In the case of SMTP, specify a domain name, hostname, hostname:port,
> ! [hostname]:port, [hostaddress] or [hostaddress]:port. The form
> ! [hostname] turns off MX lookups.
> ! </p>
>   
> ! <p>
> ! If you're connected via UUCP, see the <a href="UUCP_README.html">UUCP_README</a> file for useful
> ! information.
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [gateway.example.com]
> ! <a href="postconf.5.html#relayhost">relayhost</a> = uucphost
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [an.ip.add.ress]
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="relocated_maps">relocated_maps</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional lookup tables with new contact information for users or
> ! domains that no longer exist.  The table format and lookups are
> ! documented in <a href="relocated.5.html">relocated(5)</a>.
>   </p>
>   
>   <p>
> ! If you use this feature, run "<b>postmap /etc/postfix/relocated</b>" to
> ! build the necessary DBM or DB file after change, then "<b>postfix
> ! reload</b>" to make the changes visible.
>   </p>
> --- 7918,7954 ----
>   <p>
> ! Specify one of the following:
>   </p>
>   
> ! <dl>
>   
> ! <dt><b>dns</b></dt>
>   
> ! <dd>Hosts can be found in the DNS (preferred).  </dd>
>   
> ! <dt><b>native</b></dt>
> ! 
> ! <dd>Use the native naming service only (nsswitch.conf, or equivalent
> ! mechanism).  </dd>
>   
> + <dt><b>dns, native</b></dt>
>   
> ! <dd>Use the native service for hosts not found in the DNS.  </dd>
>   
> ! </dl>
>   
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
> + 
> + </DD>
> + 
> + <DT><b><a name="smtp_line_length_limit">smtp_line_length_limit</a>
> + (default: 990)</b></DT><DD>
> + 
>   <p>
> ! The maximal length of message header and body lines that Postfix
> ! will send via SMTP.  Longer lines are broken by inserting
> ! "<CR><LF><SPACE>". This minimizes the damage to
> ! MIME formatted mail.
>   </p>
> ***************
> *** 8652,8661 ****
>   <p>
> ! Examples:
>   </p>
>   
> - <pre>
> - <a href="postconf.5.html#relocated_maps">relocated_maps</a> = dbm:/etc/postfix/relocated
> - <a href="postconf.5.html#relocated_maps">relocated_maps</a> = hash:/etc/postfix/relocated
> - </pre>
> - 
>   
> --- 7956,7961 ----
>   <p>
> ! By default, the line length is limited to 990 characters, because
> ! some server implementations cannot receive mail with long lines.
>   </p>
>   
>   
> ***************
> *** 8663,8693 ****
>   
> ! <DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Don't rewrite message headers from remote clients at all when
> ! this parameter is empty; otherwise, rewrite message headers and
> ! append the specified domain name to incomplete addresses.  The
> ! <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls what clients Postfix
> ! considers local. </p>
>   
> ! <p> Examples:  </p>
>   
> - <p> The safe setting: append "domain.invalid" to incomplete header
> - addresses from remote SMTP clients, so that those addresses cannot
> - be confused with local addresses. </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> = domain.invalid
> ! </pre>
> ! </blockquote>
>   
> ! <p> The default, purist, setting: don't rewrite headers from remote
> ! clients at all. </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> =
> ! </pre>
> ! </blockquote>
>   
> --- 7963,7989 ----
>   
> ! <DT><b><a name="smtp_mail_timeout">smtp_mail_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The SMTP client time limit for sending the MAIL FROM command, and
> ! for receiving the server response.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_mime_header_checks">smtp_mime_header_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted mime_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
> ! client. These tables are searched while mail is being delivered.
> ! Actions that change the delivery time or destination are not
> ! available.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 8696,8759 ****
>   
> ! <DT><b><a name="require_home_directory">require_home_directory</a>
> ! (default: no)</b></DT><DD>
>   
>   <p>
> ! Require that a <a href="local.8.html">local(8)</a> recipient's home directory exists
> ! before mail delivery is attempted. By default this test is disabled.
> ! It can be useful for environments that import home directories to
> ! the mail server (IMPORTING HOME DIRECTORIES IS NOT RECOMMENDED).
>   </p>
>   
>   
> - </DD>
>   
> ! <DT><b><a name="reset_owner_alias">reset_owner_alias</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Reset the <a href="local.8.html">local(8)</a> delivery agent's idea of the owner-alias
> ! attribute, when delivering mail to a child alias that does not have
> ! its own owner alias. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. With older
> ! Postfix releases, the behavior is as if this parameter is set to
> ! "yes". </p>
>   
> ! <p> As documented in <a href="aliases.5.html">aliases(5)</a>, when an alias <i>name</i> has a
> ! companion alias named owner-<i>name</i>, delivery errors will be
> ! reported to the owner alias instead of the sender. This configuration
> ! is recommended for mailing lists. <p>
> ! 
> ! <p> A less known property of the owner alias is that it also forces
> ! the <a href="local.8.html">local(8)</a> delivery agent to write local and remote addresses
> ! from alias expansion to a new queue file, instead of attempting to
> ! deliver mail to local addresses as soon as they come out of alias
> ! expansion.  </p>
> ! 
> ! <p> Writing local addresses from alias expansion to a new queue
> ! file allows for robust handling of temporary delivery errors: errors
> ! with one local member have no effect on deliveries to other members
> ! of the list.  On the other hand, delivery to local addresses as
> ! soon as they come out of alias expansion is fragile: a temporary
> ! error with one local address from alias expansion will cause the
> ! entire alias to be expanded repeatedly until the error goes away,
> ! or until the message expires in the queue.  In that case, a problem
> ! with one list member results in multiple message deliveries to other
> ! list members. </p>
> ! 
> ! <p> The default behavior of Postfix 2.8 and later is to keep the
> ! owner-alias attribute of the parent alias, when delivering mail to
> ! a child alias that does not have its own owner alias. Then, local
> ! addresses from that child alias will be written to a new queue file,
> ! and a temporary error with one local address will not affect delivery
> ! to other mailing list members. </p>
> ! 
> ! <p> Unfortunately, older Postfix releases reset the owner-alias
> ! attribute when delivering mail to a child alias that does not have
> ! its own owner alias.  The <a href="local.8.html">local(8)</a> delivery agent then attempts to
> ! deliver local addresses as soon as they come out of child alias
> ! expansion.  If delivery to any address from child alias expansion
> ! fails with a temporary error condition, the entire mailing list may
> ! be expanded repeatedly until the mail expires in the queue, resulting
> ! in multiple deliveries of the same message to mailing list members.
> ! </p>
>   
> --- 7992,8019 ----
>   
> ! <DT><b><a name="smtp_mx_address_limit">smtp_mx_address_limit</a>
> ! (default: 5)</b></DT><DD>
>   
>   <p>
> ! The maximal number of MX (mail exchanger) IP addresses that can
> ! result from mail exchanger lookups, or zero (no limit). Prior to
> ! Postfix version 2.3, this limit was disabled by default.
>   </p>
>   
> + <p>
> + This feature is available in Postfix 2.1 and later.
> + </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_mx_session_limit">smtp_mx_session_limit</a>
> ! (default: 2)</b></DT><DD>
>   
> ! <p> The maximal number of SMTP sessions per delivery request before
> ! giving up or delivering to a fall-back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no
> ! limit). This restriction ignores sessions that fail to complete the
> ! SMTP initial handshake (Postfix version 2.2 and earlier) or that fail to
> ! complete the EHLO and TLS handshake (Postfix version 2.3 and later).  </p>
>   
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
>   
> ***************
> *** 8762,8780 ****
>   
> ! <DT><b><a name="resolve_dequoted_address">resolve_dequoted_address</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> Resolve a recipient address safely instead of correctly, by
> ! looking inside quotes.  </p>
>   
> ! <p> By default, the Postfix address resolver does not quote the
> ! address localpart as per <a href="http://tools.ietf.org/html/rfc822">RFC 822</a>, so that additional @ or % or !
> ! operators remain visible. This behavior is safe but it is also
> ! technically incorrect.  </p>
>   
> ! <p> If you specify "<a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> = no", then
> ! the Postfix
> ! resolver will not know about additional @ etc. operators in the
> ! address localpart. This opens opportunities for obscure mail relay
> ! attacks with user at domain@domain addresses when Postfix provides
> ! backup MX service for Sendmail systems.  </p>
>   
> --- 8022,8032 ----
>   
> ! <DT><b><a name="smtp_nested_header_checks">smtp_nested_header_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted nested_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
> ! client. These tables are searched while mail is being delivered.
> ! Actions that change the delivery time or destination are not
> ! available.  </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 8783,8798 ****
>   
> ! <DT><b><a name="resolve_null_domain">resolve_null_domain</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Resolve an address that ends in the "@" null domain as if the
> ! local hostname were specified, instead of rejecting the address as
> ! invalid.  </p>
>   
> - <p> This feature is available in Postfix 2.1 and later.
> - Earlier versions always resolve the null domain as the local
> - hostname.  </p>
>   
> ! <p> The Postfix SMTP server uses this feature to reject mail from
> ! or to addresses that end in the "@" null domain, and from addresses
> ! that rewrite into a form that ends in the "@" null domain.  </p>
>   
> --- 8035,8058 ----
>   
> ! <DT><b><a name="smtp_never_send_ehlo">smtp_never_send_ehlo</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Never send EHLO at the start of an SMTP session. See also the
> ! <a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter.  </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
> ! (default: 10s)</b></DT><DD>
> ! 
> ! <p>
> ! How long the Postfix SMTP client pauses before sending
> ! ".<CR><LF>" in order to work around the PIX firewall
> ! "<CR><LF>.<CR><LF>" bug.
> ! </p>
> ! 
> ! <p>
> ! Choosing a too short time makes this workaround ineffective when
> ! sending large messages over slow network connections.
> ! </p>
>   
> ***************
> *** 8801,8809 ****
>   
> ! <DT><b><a name="resolve_numeric_domain">resolve_numeric_domain</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Resolve "user at ipaddress" as "user@[ipaddress]", instead of
> ! rejecting the address as invalid.  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later.
>   
> --- 8061,8071 ----
>   
> ! <DT><b><a name="smtp_pix_workaround_maps">smtp_pix_workaround_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP server address, with
> ! per-destination workarounds for CISCO PIX firewall bugs.  The table
> ! is not indexed by hostname for consistency with
> ! <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>. </p>
>   
> ! <p> This feature is available in Postfix 2.4 and later. </p>
>   
> ***************
> *** 8812,8820 ****
>   
> ! <DT><b><a name="rewrite_service_name">rewrite_service_name</a>
> ! (default: rewrite)</b></DT><DD>
>   
>   <p>
> ! The name of the address rewriting service. This service rewrites
> ! addresses to standard form and resolves them to a (delivery method,
> ! next-hop host, recipient) triple.
>   </p>
> --- 8074,8087 ----
>   
> ! <DT><b><a name="smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a>
> ! (default: 500s)</b></DT><DD>
> ! 
> ! <p> How long a message must be queued before the Postfix SMTP client
> ! turns on the PIX firewall "<CR><LF>.<CR><LF>"
> ! bug workaround for delivery through firewalls with "smtp fixup"
> ! mode turned on.  </p>
>   
>   <p>
> ! By default, the workaround is turned off for mail that is queued
> ! for less than 500 seconds. In other words, the workaround is normally
> ! turned off for the first delivery attempt.
>   </p>
> ***************
> *** 8822,8824 ****
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
> --- 8089,8093 ----
>   <p>
> ! Specify 0 to enable the PIX firewall
> ! "<CR><LF>.<CR><LF>" bug workaround upon the
> ! first delivery attempt.
>   </p>
> ***************
> *** 8828,8855 ****
>   
> ! <DT><b><a name="sample_directory">sample_directory</a>
> ! (default: /etc/postfix)</b></DT><DD>
> ! 
> ! <p>
> ! The name of the directory with example Postfix configuration files.
> ! Starting with Postfix 2.1, these files have been replaced with the
> ! <a href="postconf.5.html">postconf(5)</a> manual page.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="send_cyrus_sasl_authzid">send_cyrus_sasl_authzid</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> When authenticating to a remote SMTP or LMTP server with the
> ! default setting "no", send no SASL authoriZation ID (authzid); send
> ! only the SASL authentiCation ID (authcid) plus the authcid's password.
> ! </p>
>   
> ! <p> The non-default setting "yes" enables the behavior of older
> ! Postfix versions.  These always send a SASL authzid that is equal
> ! to the SASL authcid, but this causes inter-operability problems
> ! with some SMTP servers. </p>
>   
> ! <p> This feature is available in Postfix 2.4.4 and later. </p>
>   
> --- 8097,8122 ----
>   
> ! <DT><b><a name="smtp_pix_workarounds">smtp_pix_workarounds</a>
> ! (default: disable_esmtp, delay_dotcrlf)</b></DT><DD>
>   
> + <p> A list that specifies zero or more workarounds for CISCO PIX
> + firewall bugs. These workarounds are implemented by the Postfix
> + SMTP client. Workaround names are separated by comma or space, and
> + are case insensitive.  This parameter setting can be overruled with
> + per-destination <a href="postconf.5.html#smtp_pix_workaround_maps">smtp_pix_workaround_maps</a> settings. </p>
>   
> ! <dl>
>   
> ! <dt><b>delay_dotcrlf</b><dd> Insert a delay before sending
> ! ".<CR><LF>" after the end of the message content.  The
> ! delay is subject to the <a href="postconf.5.html#smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a> and
> ! <a href="postconf.5.html#smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a> parameter settings. </dd>
>   
> ! <dt><b>disable_esmtp</b><dd> Disable all extended SMTP commands:
> ! send HELO instead of EHLO. </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.4 and later. The default
> ! settings are backwards compatible with earlier Postfix versions.
> ! </p>
>   
> ***************
> *** 8858,8865 ****
>   
> ! <DT><b><a name="sender_based_routing">sender_based_routing</a>
> ! (default: no)</b></DT><DD>
>   
>   <p>
> ! This parameter should not be used. It was replaced by <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! in Postfix version 2.3.
>   </p>
> --- 8125,8137 ----
>   
> ! <DT><b><a name="smtp_quit_timeout">smtp_quit_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the QUIT command, and for
> ! receiving the server response.
> ! </p>
> ! 
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
> ***************
> *** 8869,8879 ****
>   
> ! <DT><b><a name="sender_bcc_maps">sender_bcc_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Optional BCC (blind carbon-copy) address lookup tables, indexed
> ! by sender address.  The BCC address (multiple results are not
> ! supported) is added when mail enters from outside of Postfix.  </p>
>   
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> --- 8141,8149 ----
>   
> ! <DT><b><a name="smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Quote addresses in SMTP MAIL FROM and RCPT TO commands as required
> ! by <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. This includes putting quotes around an address localpart
> ! that ends in ".".
>   </p>
> ***************
> *** 8881,8926 ****
>   <p>
> ! The table search order is as follows:
>   </p>
>   
> ! <ul>
>   
> ! <li> Look up the "user+extension at domain.tld" address including the
> ! optional address extension.
> ! 
> ! <li> Look up the "user at domain.tld" address without the optional
> ! address extension.
>   
> ! <li> Look up the "user+extension" address local part when the
> ! sender domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> - <li> Look up the "user" address local part when the sender domain
> - equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
>   
> ! <li> Look up the "@domain.tld" part.
>   
> ! </ul>
>   
>   <p>
> ! Specify the types and names of databases to use.  After change,
> ! run "<b>postmap /etc/postfix/sender_bcc</b>".
>   </p>
>   
> - <p>
> - Note: if mail to the BCC address bounces it will be returned to
> - the sender.
> - </p>
>   
> ! <p> Note: automatic BCC recipients are produced only for new mail.
> ! To avoid mailer loops, automatic BCC recipients are not generated
> ! after Postfix forwards mail internally, or after Postfix generates
> ! mail itself. </p>
>   
>   <p>
> ! Example:
>   </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> = hash:/etc/postfix/sender_bcc
> ! </pre>
>   
> --- 8151,8198 ----
>   <p>
> ! The default is to comply with <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. If you have to send mail to
> ! a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>:
>   </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     broken-smtp . . . smtp -o <a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>=no
> ! </pre>
> ! </blockquote>
>   
> ! <p>
> ! and route mail for the destination in question to the "broken-smtp"
> ! message delivery with a <a href="transport.5.html">transport(5)</a> table.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_randomize_addresses">smtp_randomize_addresses</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Randomize the order of equal-preference MX host addresses.  This
> ! is a performance feature of the Postfix SMTP client.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_rcpt_timeout">smtp_rcpt_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the SMTP RCPT TO command, and
> ! for receiving the server response.
>   </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ***************
> *** 8929,8941 ****
>   
> ! <DT><b><a name="sender_canonical_classes">sender_canonical_classes</a>
> ! (default: envelope_sender, header_sender)</b></DT><DD>
> ! 
> ! <p> What addresses are subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address
> ! mapping.  By default, <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address mapping is
> ! applied to envelope sender addresses, and to header sender addresses.
> ! </p>
>   
> ! <p> Specify one or more of: envelope_sender, header_sender </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> --- 8201,8211 ----
>   
> ! <DT><b><a name="smtp_rset_timeout">smtp_rset_timeout</a>
> ! (default: 20s)</b></DT><DD>
>   
> ! <p> The SMTP client time limit for sending the RSET command, and
> ! for receiving the server response. The SMTP client sends RSET in
> ! order to finish a recipient address probe, or to verify that a
> ! cached session is still usable.  </p>
>   
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
>   
> ***************
> *** 8944,8972 ****
>   
> ! <DT><b><a name="sender_canonical_maps">sender_canonical_maps</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional address mapping lookup tables for envelope and header
> ! sender addresses.
> ! The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
> ! </p>
>   
> ! <p>
> ! Example: you want to rewrite the SENDER address "user at ugly.domain"
> ! to "user at pretty.domain", while still being able to send mail to
> ! the RECIPIENT address "user at ugly.domain".
>   </p>
>   
> ! <p>
> ! Note: $<a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
> ! </p>
>   
> ! <p>
> ! Example:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> = hash:/etc/postfix/sender_canonical
>   </pre>
>   
>   
> --- 8214,8253 ----
>   
> ! <DT><b><a name="smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> An optional table to prevent repeated SASL authentication
> ! failures with the same remote SMTP server hostname, username and
> ! password. Each table (key, value) pair contains a server name, a
> ! username and password, and the full server response. This information
> ! is stored when a remote SMTP server rejects an authentication attempt
> ! with a 535 reply code.  As long as the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a>
> ! information does no change, and as long as the <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
> ! information does not expire (see <a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>) the
> ! Postfix SMTP client avoids SASL authentication attempts with the
> ! same server, username and password, and instead bounces or defers
> ! mail as controlled with the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> configuration
> ! parameter.  </p>
>   
> ! <p> Use a per-destination delivery concurrency of 1 (for example,
> ! "<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> = 1",
> ! "<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> = 1", etc.), otherwise multiple
> ! delivery agents may experience a login failure at the same time.
>   </p>
>   
> ! <p> The table must be accessed via the proxywrite service, i.e. the
> ! map name must start with "<a href="proxymap.8.html">proxy</a>:". The table should be stored under
> ! the directory specified with the <a href="postconf.5.html#data_directory">data_directory</a> parameter. </p>
>   
> ! <p> This feature uses cryptographic hashing to protect plain-text
> ! passwords, and requires that Postfix is compiled with TLS support.
>   </p>
>   
> + <p> Example: </p>
> + 
>   <pre>
> ! <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> = <a href="proxymap.8.html">proxy</a>:btree:/var/lib/postfix/sasl_auth_cache
>   </pre>
>   
> + <p> This feature is available in Postfix 2.5 and later. </p>
> + 
>   
> ***************
> *** 8974,8994 ****
>   
> ! <DT><b><a name="sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> A sender-dependent override for the global <a href="postconf.5.html#default_transport">default_transport</a>
> ! parameter setting. The tables are searched by the envelope sender
> ! address and @domain. A lookup result of DUNNO terminates the search
> ! without overriding the global <a href="postconf.5.html#default_transport">default_transport</a> parameter setting.
> ! This information is overruled with the <a href="transport.5.html">transport(5)</a> table. </p>
> ! 
> ! <p> Note: this overrides <a href="postconf.5.html#default_transport">default_transport</a>, not <a href="postconf.5.html#transport_maps">transport_maps</a>, and
> ! therefore the expected syntax is that of <a href="postconf.5.html#default_transport">default_transport</a>, not the
> ! syntax of <a href="postconf.5.html#transport_maps">transport_maps</a>.  Specifically, this does not support the
> ! <a href="postconf.5.html#transport_maps">transport_maps</a> syntax for null transport, null nexthop, or null
> ! email addresses. </p>
>   
> ! <p> For safety reasons, this feature does not allow $number
> ! substitutions in regular expression maps. </p>
>   
> ! <p> This feature is available in Postfix 2.7 and later.  </p>
>   
> --- 8255,8263 ----
>   
> ! <DT><b><a name="smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>
> ! (default: 90d)</b></DT><DD>
>   
> ! <p> The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
> ! is removed. </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 8997,9016 ****
>   
> ! <DT><b><a name="sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> A sender-dependent override for the global <a href="postconf.5.html#relayhost">relayhost</a> parameter
> ! setting. The tables are searched by the envelope sender address and
> ! @domain. A lookup result of DUNNO terminates the search without
> ! overriding the global <a href="postconf.5.html#relayhost">relayhost</a> parameter setting (Postfix 2.6 and
> ! later). This information is overruled with <a href="postconf.5.html#relay_transport">relay_transport</a>,
> ! <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>, <a href="postconf.5.html#default_transport">default_transport</a> and with
> ! the <a href="transport.5.html">transport(5)</a> table. </p>
>   
> ! <p> For safety reasons, this feature does not allow $number
> ! substitutions in regular expression maps. </p>
>   
>   <p>
> ! This feature is available in Postfix 2.3 and later.
>   </p>
>   
>   
> --- 8266,8283 ----
>   
> ! <DT><b><a name="smtp_sasl_auth_enable">smtp_sasl_auth_enable</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Enable SASL authentication in the Postfix SMTP client.  By default,
> ! the Postfix SMTP client uses no authentication.
> ! </p>
>   
>   <p>
> ! Example:
>   </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
> + </pre>
> + 
>   
> ***************
> *** 9018,9044 ****
>   
> ! <DT><b><a name="sendmail_fix_line_endings">sendmail_fix_line_endings</a>
> ! (default: always)</b></DT><DD>
> ! 
> ! <p> Controls how the Postfix sendmail command converts email message
> ! line endings from <CR><LF> into UNIX format (<LF>).
> ! </p>
>   
> ! <dl>
>   
> ! <dt> <b>always</b> </dt> <dd> Always convert message lines ending
> ! in <CR><LF>. This setting is the default with Postfix
> ! 2.9 and later. </dd>
> ! 
> ! <dt> <b>strict</b> </dt> <dd> Convert message lines ending in
> ! <CR><LF> only if the first input line ends in
> ! <CR><LF>. This setting is backwards-compatible with
> ! Postfix 2.8 and earlier. </dd>
>   
> ! <dt> <b>never</b> </dt> <dd> Never convert message lines ending in
> ! <CR><LF>. This setting exists for completeness only.
> ! </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.9 and later. </p>
>   
> --- 8285,8307 ----
>   
> ! <DT><b><a name="smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> When a remote SMTP server rejects a SASL authentication request
> ! with a 535 reply code, defer mail delivery instead of returning
> ! mail as undeliverable. The latter behavior was hard-coded prior to
> ! Postfix version 2.5. </p>
>   
> ! <p> Note: the setting "yes" overrides the global <a href="postconf.5.html#soft_bounce">soft_bounce</a>
> ! parameter, but the setting "no" does not. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! # Default as of Postfix 2.5
> ! <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = yes
> ! # The old hard-coded default
> ! <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = no
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 9047,9057 ****
>   
> ! <DT><b><a name="sendmail_path">sendmail_path</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
>   <p>
> ! A Sendmail compatibility feature that specifies the location of
> ! the Postfix <a href="sendmail.1.html">sendmail(1)</a> command. This command can be used to
> ! submit mail into the Postfix queue.
>   </p>
>   
>   
> --- 8310,8340 ----
>   
> ! <DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! If non-empty, a Postfix SMTP client filter for the remote SMTP
> ! server's list of offered SASL mechanisms.  Different client and
> ! server implementations may support different mechanism lists. By
> ! default, the Postfix SMTP client will use the intersection of the
> ! two. <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> further restricts what server
> ! mechanisms the client will take into consideration.  </p>
> ! 
> ! <p> Specify mechanism names, "/file/name" patterns or "<a href="DATABASE_README.html">type:table</a>"
> ! lookup tables. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups
> ! is ignored. Specify "!pattern" to exclude a mechanism name from the
> ! list. The form "!/file/name" is supported only in Postfix version
> ! 2.4 and later. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
> ! 
> ! <p>
> ! Examples:
>   </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = plain, login
> + <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = /etc/postfix/smtp_mechs
> + <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !login, static:rest
> + </pre>
> + 
>   
> ***************
> *** 9059,9066 ****
>   
> ! <DT><b><a name="service_throttle_time">service_throttle_time</a>
> ! (default: 60s)</b></DT><DD>
>   
>   <p>
> ! How long the Postfix <a href="master.8.html">master(8)</a> waits before forking a server that
> ! appears to be malfunctioning.
>   </p>
> --- 8342,8352 ----
>   
> ! <DT><b><a name="smtp_sasl_password_maps">smtp_sasl_password_maps</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional SMTP client lookup tables with one username:password entry
> ! per remote hostname or domain, or sender address when sender-dependent
> ! authentication is enabled.  If no username:password entry is found,
> ! then the Postfix SMTP client will not
> ! attempt to authenticate to the remote host.
>   </p>
> ***************
> *** 9068,9071 ****
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
> --- 8354,8357 ----
>   <p>
> ! The Postfix SMTP client opens the lookup table before going to
> ! chroot jail, so you can leave the password file in /etc/postfix.
>   </p>
> ***************
> *** 9075,9085 ****
>   
> ! <DT><b><a name="setgid_group">setgid_group</a>
> ! (default: postdrop)</b></DT><DD>
>   
> ! <p>
> ! The group ownership of set-gid Postfix commands and of group-writable
> ! Postfix directories. When this parameter value is changed you need
> ! to re-run "<b>postfix set-permissions</b>" (with Postfix version 2.0 and
> ! earlier: "<b>/etc/postfix/post-install set-permissions</b>".
> ! </p>
>   
> --- 8361,8372 ----
>   
> ! <DT><b><a name="smtp_sasl_path">smtp_sasl_path</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Implementation-specific information that the Postfix SMTP client
> ! passes through to
> ! the SASL plug-in implementation that is selected with
> ! <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  Typically this specifies the name of a
> ! configuration file or rendezvous point. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9088,9147 ****
>   
> ! <DT><b><a name="show_user_unknown_table_name">show_user_unknown_table_name</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Display the name of the recipient table in the "User unknown"
> ! responses.  The extra detail makes trouble shooting easier but also
> ! reveals information that is nobody elses business.
> ! </p>
>   
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="showq_service_name">showq_service_name</a>
> ! (default: showq)</b></DT><DD>
>   
> ! <p>
> ! The name of the <a href="showq.8.html">showq(8)</a> service. This service produces mail queue
> ! status reports.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_address_preference">smtp_address_preference</a>
> ! (default: any)</b></DT><DD>
>   
> ! <p> The address type ("ipv6", "ipv4" or "any") that the Postfix
> ! SMTP client will try first, when a destination has IPv6 and IPv4
> ! addresses with equal MX preference. This feature has no effect
> ! unless the <a href="postconf.5.html#inet_protocols">inet_protocols</a> setting enables both IPv4 and IPv6.
> ! With Postfix 2.8 the default is "ipv6".  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_always_send_ehlo">smtp_always_send_ehlo</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Always send EHLO at the start of an SMTP session.
>   </p>
>   
> ! <p>
> ! With "<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> = no", the Postfix SMTP client sends
> ! EHLO only when
> ! the word "ESMTP" appears in the server greeting banner (example:
> ! 220 spike.porcupine.org ESMTP Postfix).
> ! </p>
>   
> --- 8375,8424 ----
>   
> ! <DT><b><a name="smtp_sasl_security_options">smtp_sasl_security_options</a>
> ! (default: noplaintext, noanonymous)</b></DT><DD>
>   
> ! <p> Postfix SMTP client SASL security options; as of Postfix 2.3
> ! the list of available
> ! features depends on the SASL client implementation that is selected
> ! with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  </p>
> ! 
> ! <p> The following security features are defined for the <b>cyrus</b>
> ! client SASL implementation: </p>
>   
>   <p>
> ! Specify zero or more of the following:
>   </p>
>   
> + <dl>
>   
> ! <dt><b>noplaintext</b></dt>
>   
> ! <dd>Disallow methods that use plaintext passwords. </dd>
>   
> ! <dt><b>noactive</b></dt>
>   
> + <dd>Disallow methods subject to active (non-dictionary) attack.
> + </dd>
>   
> ! <dt><b>nodictionary</b></dt>
>   
> ! <dd>Disallow methods subject to passive (dictionary) attack. </dd>
>   
> ! <dt><b>noanonymous</b></dt>
>   
> ! <dd>Disallow methods that allow anonymous authentication. </dd>
>   
> + <dt><b>mutual_auth</b></dt>
>   
> ! <dd>Only allow methods that provide mutual authentication (not
> ! available with SASL version 1). </dd>
>   
> ! </dl>
>   
>   <p>
> ! Example:
>   </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> = noplaintext
> ! </pre>
>   
> ***************
> *** 9150,9180 ****
>   
> ! <DT><b><a name="smtp_bind_address">smtp_bind_address</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! An optional numerical network address that the Postfix SMTP client
> ! should bind to when making an IPv4 connection.
> ! </p>
> ! 
> ! <p>
> ! This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
> ! it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
> ! for example:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>=11.22.33.44
> ! </pre>
> ! </blockquote>
>   
> ! <p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv4
> ! address, and that address is a non-loopback address, it is
> ! automatically used as the <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>.  This supports virtual
> ! IP hosting, but can be a problem on multi-homed firewalls. See the
> ! <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
>   
> ! <p> Note 2: address information may be enclosed inside <tt>[]</tt>,
> ! but this form is not required here. </p>
>   
> --- 8427,8435 ----
>   
> ! <DT><b><a name="smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>
> ! (default: $<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b></DT><DD>
>   
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! client uses for TLS encrypted SMTP sessions. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9183,9215 ****
>   
> ! <DT><b><a name="smtp_bind_address6">smtp_bind_address6</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! An optional numerical network address that the Postfix SMTP client
> ! should bind to when making an IPv6 connection.
> ! </p>
>   
> - <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p>
> ! This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
> ! it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
> ! for example:
> ! </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>=1:2:3:4:5:6:7:8
> ! </pre>
> ! </blockquote>
>   
> ! <p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv6
> ! address, and that address is a non-loopback address, it is
> ! automatically used as the <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>.  This supports virtual
> ! IP hosting, but can be a problem on multi-homed firewalls. See the
> ! <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
>   
> ! <p> Note 2: address information may be enclosed inside <tt>[]</tt>,
> ! but this form is not recommended here. </p>
>   
> --- 8438,8458 ----
>   
> ! <DT><b><a name="smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a>
> ! (default: $<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>)</b></DT><DD>
>   
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! client uses for TLS encrypted SMTP sessions with a verified server
> ! certificate. This feature is under construction as of Postfix version
> ! 2.3. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_sasl_type">smtp_sasl_type</a>
> ! (default: cyrus)</b></DT><DD>
>   
> ! <p> The SASL plug-in type that the Postfix SMTP client should use
> ! for authentication.  The available types are listed with the
> ! "<b>postconf -A</b>" command. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9218,9228 ****
>   
> ! <DT><b><a name="smtp_body_checks">smtp_body_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted <a href="header_checks.5.html">body_checks(5)</a> tables for the Postfix SMTP client.
> ! These tables are searched while mail is being delivered.  Actions
> ! that change the delivery time or destination are not available.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> --- 8461,8481 ----
>   
> ! <DT><b><a name="smtp_send_xforward_command">smtp_send_xforward_command</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Send the non-standard XFORWARD command when the Postfix SMTP server
> ! EHLO response announces XFORWARD support.
>   </p>
>   
> ! <p>
> ! This allows an "smtp" delivery agent, used for injecting mail into
> ! a content filter, to forward the name, address, protocol and HELO
> ! name of the original client to the content filter and downstream
> ! queuing SMTP server. This can produce more useful logging than
> ! localhost[127.0.0.1] etc.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 9231,9244 ****
>   
> ! <DT><b><a name="smtp_cname_overrides_servername">smtp_cname_overrides_servername</a>
> ! (default: version dependent)</b></DT><DD>
>   
> ! <p> Allow DNS CNAME records to override the servername that the
> ! Postfix SMTP client uses for logging, SASL password lookup, TLS
> ! policy decisions, or TLS certificate verification. The value "no"
> ! hardens Postfix <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> hostname-based policies against
> ! false hostname information in DNS CNAME records, and makes SASL
> ! password file lookups more predictable. This is the default setting
> ! as of Postfix 2.3. </p>
>   
> ! <p> This feature is available in Postfix 2.2.9 and later. </p>
>   
> --- 8484,8497 ----
>   
> ! <DT><b><a name="smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Enable sender-dependent authentication in the Postfix SMTP client; this is
> ! available only with SASL authentication, and disables SMTP connection
> ! caching to ensure that mail from different senders will use the
> ! appropriate credentials.  </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.3 and later.
> ! </p>
>   
> ***************
> *** 9247,9254 ****
>   
> ! <DT><b><a name="smtp_connect_timeout">smtp_connect_timeout</a>
> ! (default: 30s)</b></DT><DD>
>   
>   <p>
> ! The Postfix SMTP client time limit for completing a TCP connection, or
> ! zero (use the operating system built-in time limit).
>   </p>
> --- 8500,8507 ----
>   
> ! <DT><b><a name="smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a>
> ! (default: yes)</b></DT><DD>
>   
>   <p>
> ! Skip SMTP servers that greet with a 4XX status code (go away, try
> ! again later).
>   </p>
> ***************
> *** 9256,9268 ****
>   <p>
> ! When no connection can be made within the deadline, the Postfix
> ! SMTP client
> ! tries the next address on the mail exchanger list. Specify 0 to
> ! disable the time limit (i.e. use whatever timeout is implemented by
> ! the operating system).
>   </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> --- 8509,8518 ----
>   <p>
> ! By default, Postfix moves on the next mail exchanger. Specify
> ! "<a href="postconf.5.html#smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a> = no" if Postfix should defer delivery
> ! immediately.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.0 and earlier.
> ! Later Postfix versions always skip SMTP servers that greet with a
> ! 4XX status code. </p>
>   
> ***************
> *** 9271,9308 ****
>   
> ! <DT><b><a name="smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Permanently enable SMTP connection caching for the specified
> ! destinations.  With SMTP connection caching, a connection is not
> ! closed immediately after completion of a mail transaction.  Instead,
> ! the connection is kept open for up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
> ! seconds.  This allows connections to be reused for other deliveries,
> ! and can improve mail delivery performance. </p>
>   
> ! <p> Specify a comma or white space separated list of destinations
> ! or pseudo-destinations: </p>
>   
> - <ul>
>   
> ! <li> if mail is sent without a <a href="postconf.5.html#relayhost">relay host</a>: a domain name (the
> ! right-hand side of an email address, without the [] around a numeric
> ! IP address),
>   
> ! <li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
> ! [] or non-default TCP port), as specified in <a href="postconf.5.html">main.cf</a> or in the
> ! transport map,
>   
> ! <li> if mail is sent via a UNIX-domain socket: a pathname (without
> ! the unix: prefix),
>   
> - <li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
> - defined above,
>   
> ! <li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names on
> ! the left-hand side.  The right-hand side result from "<a href="DATABASE_README.html">type:table</a>"
> ! lookups is ignored.
>   
> ! </ul>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> --- 8521,8555 ----
>   
> ! <DT><b><a name="smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Skip SMTP servers that greet with a 5XX status code (go away, do
> ! not try again later).
> ! </p>
>   
> ! <p> By default, the Postfix SMTP client moves on the next mail
> ! exchanger. Specify "<a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> = no" if Postfix should
> ! bounce the mail immediately. The default setting is incorrect, but
> ! it is what a lot of people expect to happen.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_skip_quit_response">smtp_skip_quit_response</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Do not wait for the response to the SMTP QUIT command.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_starttls_timeout">smtp_starttls_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p> Time limit for Postfix SMTP client write and read operations
> ! during TLS startup and shutdown handshake procedures. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9311,9350 ****
>   
> ! <DT><b><a name="smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Temporarily enable SMTP connection caching while a destination
> ! has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.  With SMTP connection
> ! caching, a connection is not closed immediately after completion
> ! of a mail transaction.  Instead, the connection is kept open for
> ! up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> seconds.  This allows
> ! connections to be reused for other deliveries, and can improve mail
> ! delivery performance. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
>   
> ! </DD>
>   
> - <DT><b><a name="smtp_connection_cache_reuse_limit">smtp_connection_cache_reuse_limit</a>
> - (default: 10)</b></DT><DD>
>   
> ! <p> When SMTP connection caching is enabled, the number of times that
> ! an SMTP session may be reused before it is closed.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.2. In Postfix 2.3 it is
> ! replaced by $<a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>.</p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
> ! (default: 2s)</b></DT><DD>
>   
> ! <p> When SMTP connection caching is enabled, the amount of time that
> ! an unused SMTP client socket is kept open before it is closed.  Do
> ! not specify larger values without permission from the remote sites.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> --- 8558,8597 ----
>   
> ! <DT><b><a name="smtp_tls_CAfile">smtp_tls_CAfile</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The file with the certificate of the certification authority
> ! (CA) that issued the Postfix SMTP client certificate.  This is
> ! needed only when the CA certificate is not already present in the
> ! client certificate file.  </p>
>   
> ! <p> Example: </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> = /etc/postfix/CAcert.pem
> + </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_tls_CApath">smtp_tls_CApath</a>
> ! (default: empty)</b></DT><DD>
>   
> + <p> Directory with PEM format certificate authority certificates
> + that the Postfix SMTP client uses to verify a remote SMTP server
> + certificate.  Don't forget to create the necessary "hash" links
> + with, for example, "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs".
> + </p>
>   
> ! <p> To use this option in chroot mode, this directory (or a copy)
> ! must be inside the chroot jail. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> = /etc/postfix/certs
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9353,9423 ****
>   
> ! <DT><b><a name="smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p> The amount of time during which Postfix will use an SMTP
> ! connection repeatedly.  The timer starts when the connection is
> ! initiated (i.e. it includes the connect, greeting and helo latency,
> ! in addition to the latencies of subsequent mail delivery transactions).
> ! </p>
>   
> ! <p> This feature addresses a performance stability problem with
> ! remote SMTP servers. This problem is not specific to Postfix: it
> ! can happen when any MTA sends large amounts of SMTP email to a site
> ! that has multiple MX hosts. </p>
>   
> ! <p> The problem starts when one of a set of MX hosts becomes slower
> ! than the rest.  Even though SMTP clients connect to fast and slow
> ! MX hosts with equal probability, the slow MX host ends up with more
> ! simultaneous inbound connections than the faster MX hosts, because
> ! the slow MX host needs more time to serve each client request. </p>
> ! 
> ! <p> The slow MX host becomes a connection attractor.  If one MX
> ! host becomes N times slower than the rest, it dominates mail delivery
> ! latency unless there are more than N fast MX hosts to counter the
> ! effect. And if the number of MX hosts is smaller than N, the mail
> ! delivery latency becomes effectively that of the slowest MX host
> ! divided by the total number of MX hosts. </p>
> ! 
> ! <p> The solution uses connection caching in a way that differs from
> ! Postfix version 2.2.  By limiting the amount of time during which a connection
> ! can be used repeatedly (instead of limiting the number of deliveries
> ! over that connection), Postfix not only restores fairness in the
> ! distribution of simultaneous connections across a set of MX hosts,
> ! it also favors deliveries over connections that perform well, which
> ! is exactly what we want.  </p>
>   
> ! <p> The default reuse time limit, 300s, is comparable to the various
> ! smtp transaction timeouts which are fair estimates of maximum excess
> ! latency for a slow delivery.  Note that hosts may accept thousands
> ! of messages over a single connection within the default connection
> ! reuse time limit. This number is much larger than the default Postfix
> ! version 2.2 limit of 10 messages per cached connection. It may prove necessary
> ! to lower the limit to avoid interoperability issues with MTAs that
> ! exhibit bugs when many messages are delivered via a single connection.
> ! A lower reuse time limit risks losing the benefit of connection
> ! reuse when the average connection and mail delivery latency exceeds
> ! the reuse time limit.  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_data_done_timeout">smtp_data_done_timeout</a>
> ! (default: 600s)</b></DT><DD>
>   
> ! <p>
> ! The Postfix SMTP client time limit for sending the SMTP ".", and
> ! for receiving the remote SMTP server response.
> ! </p>
>   
> ! <p>
> ! When no response is received within the deadline, a warning is
> ! logged that the mail may be delivered multiple times.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> --- 8600,8651 ----
>   
> ! <DT><b><a name="smtp_tls_cert_file">smtp_tls_cert_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP client RSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP client private RSA key,
> ! and these may be the same as the Postfix SMTP server RSA certificate and key
> ! file. </p>
>   
> ! <p> Do not configure client certificates unless you <b>must</b> present
> ! client TLS certificates to one or more servers. Client certificates are
> ! not usually needed, and can cause problems in configurations that work
> ! well without them. The recommended setting is to let the defaults stand: </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> =
> ! <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> =
> ! <a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> =
> ! <a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> =
> ! </pre>
> ! </blockquote>
>   
> ! <p> The best way to use the default settings is to comment out the above
> ! parameters in <a href="postconf.5.html">main.cf</a> if present. </p>
>   
> ! <p> In order to verify certificates, the CA certificate (in case
> ! of a certificate chain, all CA certificates) must be available.
> ! You should add these certificates to the client certificate, the
> ! client certificate first, then the issuing CA(s). </p>
>   
> + <p> Example: the certificate for "client.dom.ain" was issued by
> + "intermediate CA" which itself has a certificate of "root CA".
> + Create the client.pem file with "cat client_cert.pem intermediate_CA.pem
> + root_CA.pem > client.pem". </p>
>   
> ! <p> If you also want to verify remote SMTP server certificates issued by
> ! these CAs, you can also add the CA certificates to the <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a>,
> ! in which case it is not necessary to have them in the <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>
> ! or <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>. </p>
>   
> ! <p> A certificate supplied here must be usable as an SSL client certificate
> ! and hence pass the "openssl verify -purpose sslclient ..." test. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> = /etc/postfix/client.pem
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9426,9456 ****
>   
> ! <DT><b><a name="smtp_data_init_timeout">smtp_data_init_timeout</a>
> ! (default: 120s)</b></DT><DD>
> ! 
> ! <p>
> ! The Postfix SMTP client time limit for sending the SMTP DATA command,
> ! and for receiving the remote SMTP server response.
> ! </p>
> ! 
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
> ! 
> ! 
> ! </DD>
>   
> ! <DT><b><a name="smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
> ! (default: 180s)</b></DT><DD>
>   
> ! <p>
> ! The Postfix SMTP client time limit for sending the SMTP message content.
> ! When the connection makes no progress for more than $<a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
> ! seconds the Postfix SMTP client terminates the transfer.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> --- 8654,8671 ----
>   
> ! <DT><b><a name="smtp_tls_cipherlist">smtp_tls_cipherlist</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
> ! cipher list. As this feature applies to all TLS security levels, it is easy
> ! to create inter-operability problems by choosing a non-default cipher
> ! list. Do not use a non-default TLS cipher list on hosts that deliver email
> ! to the public Internet: you will be unable to send email to servers that
> ! only support the ciphers you exclude. Using a restricted cipher list
> ! may be more appropriate for an internal MTA, where one can exert some
> ! control over the TLS software and settings of the peer servers. </p>
>   
> ! <p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
>   
> ! <p> This feature is available in Postfix version 2.2. It is not used with
> ! Postfix 2.3 and later; use <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> instead. </p>
>   
> ***************
> *** 9459,9482 ****
>   
> ! <DT><b><a name="smtp_defer_if_no_mx_address_found">smtp_defer_if_no_mx_address_found</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Defer mail delivery when no MX record resolves to an IP address.
> ! </p>
>   
> ! <p>
> ! The default (no) is to return the mail as undeliverable. With older
> ! Postfix versions the default was to keep trying to deliver the mail
> ! until someone fixed the MX record or until the mail was too old.
>   </p>
>   
> ! <p>
> ! Note: the Postfix SMTP client always ignores MX records with equal
> ! or worse preference
> ! than the local MTA itself.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> --- 8674,8691 ----
>   
> ! <DT><b><a name="smtp_tls_dcert_file">smtp_tls_dcert_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP client DSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP client private DSA key. </p>
>   
> ! <p> See the discussion under <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> for more details.
>   </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> = /etc/postfix/client-dsa.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9485,9523 ****
>   
> ! <DT><b><a name="smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
> ! 
> ! <p> The maximal number of parallel deliveries to the same destination
> ! via the smtp message delivery transport. This limit is enforced by
> ! the queue manager. The message delivery transport name is the first
> ! field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_destination_recipient_limit">smtp_destination_recipient_limit</a>
> ! (default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
>   
> - <p> The maximal number of recipients per message for the smtp
> - message delivery transport. This limit is enforced by the queue
> - manager. The message delivery transport name is the first field in
> - the entry in the <a href="master.5.html">master.cf</a> file.  </p>
>   
> ! <p> Setting this parameter to a value of 1 changes the meaning of
> ! <a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> from concurrency per domain
> ! into concurrency per recipient.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP server address, with
> ! case insensitive lists of EHLO keywords (pipelining, starttls, auth,
> ! etc.) that the Postfix SMTP client will ignore in the EHLO response from a
> ! remote SMTP server. See <a href="postconf.5.html#smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a> for details. The
> ! table is not indexed by hostname for consistency with
> ! <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> --- 8694,8730 ----
>   
> ! <DT><b><a name="smtp_tls_dkey_file">smtp_tls_dkey_file</a>
> ! (default: $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b></DT><DD>
>   
> + <p> File with the Postfix SMTP client DSA private key in PEM format.
> + This file may be combined with the Postfix SMTP client DSA certificate
> + file specified with $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted, but file permissions should grant read/write
> ! access only to the system superuser account ("root"). </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> + (default: yes)</b></DT><DD>
>   
> ! <p> With mandatory TLS encryption, require that the remote SMTP
> ! server hostname matches the information in the remote SMTP server
> ! certificate.  As of <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> the requirements for hostname checking
> ! for MTA clients are not specified. </p>
>   
> ! <p> This option can be set to "no" to disable strict peer name
> ! checking. This setting has no effect on sessions that are controlled
> ! via the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table.  </p>
>   
> ! <p> Disabling the hostname verification can make sense in closed
> ! environment where special CAs are created.  If not used carefully,
> ! this option opens the danger of a "man-in-the-middle" attack (the
> ! CommonName of this attacker will be logged). </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
>   
> ***************
> *** 9526,9547 ****
>   
> ! <DT><b><a name="smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> A case insensitive list of EHLO keywords (pipelining, starttls,
> ! auth, etc.) that the Postfix SMTP client will ignore in the EHLO
> ! response from a remote SMTP server. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
> ! 
> ! <p> Notes: </p>
>   
> ! <ul>
>   
> ! <li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
> ! this action from being logged. </p>
>   
> ! <li> <p> Use the <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> feature to
> ! discard EHLO keywords selectively. </p>
>   
> ! </ul>
>   
> --- 8733,8764 ----
>   
> ! <DT><b><a name="smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> List of ciphers or cipher types to exclude from the Postfix
> ! SMTP client cipher
> ! list at all TLS security levels. This is not an OpenSSL cipherlist, it is
> ! a simple list separated by whitespace and/or commas. The elements are a
> ! single cipher, or one or more "+" separated cipher properties, in which
> ! case only ciphers matching <b>all</b> the properties are excluded. </p>
>   
> ! <p> Examples (some of these will cause problems): </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = MD5, DES
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = DES+MD5
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = kEDH+aRSA
> ! </pre>
> ! </blockquote>
>   
> ! <p> The first setting, disables anonymous ciphers. The next setting
> ! disables ciphers that use the MD5 digest algorithm or the (single) DES
> ! encryption algorithm. The next setting disables ciphers that use MD5 and
> ! DES together.  The next setting disables the two ciphers "AES256-SHA"
> ! and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
> ! key exchange with RSA authentication. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9550,9576 ****
>   
> ! <DT><b><a name="smtp_dns_resolver_options">smtp_dns_resolver_options</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> DNS Resolver options for the Postfix SMTP client.  Specify zero
> ! or more of the following options, separated by comma or whitespace.
> ! Option names are case-sensitive. Some options refer to domain names
> ! that are specified in the file /etc/resolv.conf or equivalent. </p>
>   
> ! <dl>
>   
> ! <dt><b>res_defnames</b></dt>
>   
> ! <dd> Append the current domain name to single-component names (those
> ! that do not contain a "." character). This can produce incorrect
> ! results, and is the hard-coded behavior prior to Postfix 2.8. </dd>
>   
> ! <dt><b>res_dnsrch</b></dt>
>   
> ! <dd> Search for host names in the current domain and in parent
> ! domains. This can produce incorrect results and is therefore not
> ! recommended. </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.8 and later.  </p>
>   
> --- 8767,8825 ----
>   
> ! <DT><b><a name="smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> List of acceptable remote SMTP server certificate fingerprints
> ! for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> =
> ! fingerprint). At this security level, certificate authorities are
> ! not used, and certificate expiration times are ignored. Instead,
> ! server certificates are verified directly via their "fingerprint". The
> ! fingerprint is a message digest of the server certificate. The digest
> ! algorithm is selected via the <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b>
> ! parameter. </p>
>   
> ! <p> When an <b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a></b> table entry specifies the
> ! "fingerprint" security level, any "match" attributes in that entry specify
> ! the list of valid fingerprints for the corresponding destination. Multiple
> ! fingerprints can be combined with a "|" delimiter in a single match
> ! attribute, or multiple match attributes can be employed. </p>
>   
> ! <p> Example: Certificate fingerprint verification with internal mailhub.
> ! Two matching fingerprints are listed. The <a href="postconf.5.html#relayhost">relayhost</a> may be multiple
> ! physical hosts behind a load-balancer, each with its own private/public
> ! key and self-signed certificate. Alternatively, a single <a href="postconf.5.html#relayhost">relayhost</a> may
> ! be in the process of switching from one set of private/public keys to
> ! another, and both keys are trusted just prior to the transition. </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
> ! <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! <a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
> !     3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !     EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! </pre>
> ! </blockquote>
>   
> ! <p> Example: Certificate fingerprint verification with selected destinations.
> ! As in the example above, we show two matching fingerprints: </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = hash:/etc/postfix/tls_policy
> !     <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! </pre>
> ! </blockquote>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/tls_policy:
> !     example.com	fingerprint
> !         match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !         match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! </pre>
> ! </blockquote>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 9579,9661 ****
>   
> ! <DT><b><a name="smtp_enforce_tls">smtp_enforce_tls</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Enforcement mode: require that remote SMTP servers use TLS
> ! encryption, and never send mail in the clear.  This also requires
> ! that the remote SMTP server hostname matches the information in
> ! the remote server certificate, and that the remote SMTP server
> ! certificate was issued by a CA that is trusted by the Postfix SMTP
> ! client. If the certificate doesn't verify or the hostname doesn't
> ! match, delivery is deferred and mail stays in the queue.  </p>
> ! 
> ! <p> The server hostname is matched against all names provided as
> ! dNSNames in the SubjectAlternativeName.  If no dNSNames are specified,
> ! the CommonName is checked.  The behavior may be changed with the
> ! <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> option.  </p>
> ! 
> ! <p> This option is useful only if you are definitely sure that you
> ! will only connect to servers that support <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> _and_ that
> ! provide valid server certificates.  Typical use is for clients that
> ! send all their email to a dedicated mailhub.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
> ! 
> ! 
> ! </DD>
>   
> ! <DT><b><a name="smtp_fallback_relay">smtp_fallback_relay</a>
> ! (default: $<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b></DT><DD>
>   
> ! <p>
> ! Optional list of relay hosts for SMTP destinations that can't be
> ! found or that are unreachable. With Postfix 2.2 and earlier this
> ! parameter is called <a href="postconf.5.html#fallback_relay">fallback_relay</a>.  </p>
>   
> ! <p>
> ! By default, mail is returned to the sender when a destination is
> ! not found, and delivery is deferred when a destination is unreachable.
>   </p>
>   
> ! <p> The fallback relays must be SMTP destinations. Specify a domain,
> ! host, host:port, [host]:port, [address] or [address]:port; the form
> ! [host] turns off MX lookups.  If you specify multiple SMTP
> ! destinations, Postfix will try them in the specified order.  </p>
>   
> ! <p> To prevent mailer loops between MX hosts and fall-back hosts,
> ! Postfix version 2.2 and later will not use the fallback relays for
> ! destinations that it is MX host for (assuming DNS lookup is turned on).
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_generic_maps">smtp_generic_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> - <p> Optional lookup tables that perform address rewriting in the
> - Postfix SMTP client, typically to transform a locally valid address into
> - a globally valid address when sending mail across the Internet.
> - This is needed when the local machine does not have its own Internet
> - domain name, but uses something like <i>localdomain.local</i>
> - instead.  </p>
>   
> ! <p> The table format and lookups are documented in <a href="generic.5.html">generic(5)</a>;
> ! examples are shown in the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> and
> ! <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> documents. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_header_checks">smtp_header_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted <a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP client.
> ! These tables are searched while mail is being delivered.  Actions
> ! that change the delivery time or destination are not available.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> --- 8828,8898 ----
>   
> ! <DT><b><a name="smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a>
> ! (default: md5)</b></DT><DD>
>   
> ! <p> The message digest algorithm used to construct remote SMTP server
> ! certificate fingerprints. At the "fingerprint" TLS security level
> ! (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> = fingerprint), the server certificate is
> ! verified by directly matching its <i>fingerprint</i>. The fingerprint
> ! is the message digest of the server certificate using the selected
> ! algorithm. With a digest algorithm resistant to "second pre-image"
> ! attacks, it is not feasible to create a new public key and a matching
> ! certificate that has the same fingerprint. </p>
>   
> ! <p> The default algorithm is <b>md5</b>; this is consistent with
> ! the backwards compatible setting of the digest used to verify client
> ! certificates in the SMTP server. </p>
>   
> ! <p> The best practice algorithm is now <b>sha1</b>. Recent advances in hash
> ! function cryptanalysis have led to md5 being deprecated in favor of sha1.
> ! However, as long as there are no known "second pre-image" attacks
> ! against md5, its use in this context can still be considered safe.
>   </p>
>   
> ! <p> While additional digest algorithms are often available with OpenSSL's
> ! libcrypto, only those used by libssl in SSL cipher suites are available to
> ! Postfix. For now this means just md5 or sha1. </p>
>   
> ! <p> To find the fingerprint of a specific certificate file, with a
> ! specific digest algorithm, run:
>   </p>
>   
> + <blockquote>
> + <pre>
> + $ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
> + </pre>
> + </blockquote>
> + 
> + <p> The text to the right of "=" sign is the desired fingerprint.
> + For example: </p>
>   
> ! <blockquote>
> ! <pre>
> ! $ openssl x509 -noout -fingerprint -sha1 -in cert.pem
> ! SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
> ! </pre>
> ! </blockquote>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_tls_key_file">smtp_tls_key_file</a>
> ! (default: $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b></DT><DD>
>   
> + <p> File with the Postfix SMTP client RSA private key in PEM format.
> + This file may be combined with the Postfix SMTP client RSA certificate
> + file specified with $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted, but file permissions should grant read/write
> ! access only to the system superuser account ("root"). </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> = $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9664,9709 ****
>   
> ! <DT><b><a name="smtp_helo_name">smtp_helo_name</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
>   
> ! <p>
> ! The hostname to send in the SMTP EHLO or HELO command.
> ! </p>
>   
> ! <p>
> ! The default value is the machine hostname.  Specify a hostname or
> ! [ip.add.re.ss].
> ! </p>
>   
> ! <p>
> ! This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP
> ! clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
> ! client, for example:
> ! </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     mysmtp ... smtp -o <a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a>=foo.bar.com
> ! </pre>
> ! </blockquote>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_helo_timeout">smtp_helo_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The Postfix SMTP client time limit for sending the HELO or EHLO command,
> ! and for receiving the initial remote SMTP server response.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> --- 8901,8929 ----
>   
> ! <DT><b><a name="smtp_tls_loglevel">smtp_tls_loglevel</a>
> ! (default: 0)</b></DT><DD>
>   
> ! <p> Enable additional Postfix SMTP client logging of TLS activity.
> ! Each logging level also includes the information that is logged at
> ! a lower logging level.  </p>
>   
> ! <dl compact>
>   
> ! <dt> </dt> <dd> 0 Disable logging of TLS activity. </dd>
>   
> ! <dt> </dt> <dd> 1 Log TLS handshake and certificate information. </dd>
>   
> ! <dt> </dt> <dd> 2 Log levels during TLS negotiation. </dd>
>   
> + <dt> </dt> <dd> 3 Log hexadecimal and ASCII dump of TLS negotiation
> + process.  </dd>
>   
> ! <dt> </dt> <dd> 4 Log hexadecimal and ASCII dump of complete
> ! transmission after STARTTLS. </dd>
>   
> ! </dl>
>   
> ! <p> Use "<a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> = 3" only in case of problems. Use of
> ! loglevel 4 is strongly discouraged. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9712,9740 ****
>   
> ! <DT><b><a name="smtp_host_lookup">smtp_host_lookup</a>
> ! (default: dns)</b></DT><DD>
>   
> ! <p>
> ! What mechanisms the Postfix SMTP client uses to look up a host's IP
> ! address.  This parameter is ignored when DNS lookups are disabled
> ! (see: <a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a>).
> ! </p>
>   
> ! <p>
> ! Specify one of the following:
> ! </p>
>   
>   <dl>
>   
> ! <dt><b>dns</b></dt>
> ! 
> ! <dd>Hosts can be found in the DNS (preferred).  </dd>
> ! 
> ! <dt><b>native</b></dt>
>   
> ! <dd>Use the native naming service only (nsswitch.conf, or equivalent
> ! mechanism).  </dd>
>   
> ! <dt><b>dns, native</b></dt>
>   
> ! <dd>Use the native service for hosts not found in the DNS.  </dd>
>   
> --- 8932,9001 ----
>   
> ! <DT><b><a name="smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>
> ! (default: medium)</b></DT><DD>
>   
> ! <p> The minimum TLS cipher grade that the Postfix SMTP client will
> ! use with
> ! mandatory TLS encryption.  The default value "medium" is suitable
> ! for most destinations with which you may want to enforce TLS, and
> ! is beyond the reach of today's crypt-analytic methods. See
> ! <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for information on how to configure ciphers
> ! on a per-destination basis. </p>
>   
> ! <p> The following cipher grades are supported: </p>
>   
>   <dl>
> + <dt><b>export</b></dt>
> + <dd> Enable the mainstream "EXPORT" grade or better OpenSSL
> + ciphers.  This is always used for opportunistic encryption. It is
> + not recommended for mandatory encryption unless you must enforce TLS
> + with "crippled" peers. The underlying cipherlist is specified via the
> + <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> configuration parameter, which you are strongly
> + encouraged to not change. The default value of <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a>
> + includes anonymous ciphers, but these are automatically filtered out if
> + the client is configured to verify server certificates. If you must
> + exclude anonymous ciphers also at the "encrypt" security level, set
> + "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>low</b></dt>
> ! <dd> Enable the mainstream "LOW" grade or better OpenSSL ciphers.  This
> ! setting is only appropriate for internal mail servers.  The underlying
> ! cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> configuration
> ! parameter, which you are strongly encouraged to not change. The default
> ! value of <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> includes anonymous ciphers, but these are
> ! automatically filtered out if the client is configured to verify server
> ! certificates. If you must exclude anonymous ciphers also at the "encrypt"
> ! security level, set "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>medium</b></dt>
> ! <dd> Enable the mainstream "MEDIUM" grade or better OpenSSL ciphers.
> ! The underlying cipherlist is specified via the <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to not change.
> ! The default value of <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> includes anonymous ciphers,
> ! but these are automatically filtered out if the client is configured to
> ! verify server certificates. If you must exclude anonymous ciphers also
> ! at the "encrypt" security level, set "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a>
> ! = aNULL". </dd>
>   
> ! <dt><b>high</b></dt>
> ! <dd> Enable only the mainstream "HIGH" grade OpenSSL ciphers.  This
> ! setting is appropriate when all mandatory TLS destinations support
> ! some of "HIGH" grade ciphers, this is not uncommon. The underlying
> ! cipherlist is specified via the <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> configuration
> ! parameter, which you are strongly encouraged to not change. The default
> ! value of <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> includes anonymous ciphers, but these are
> ! automatically filtered out if the client is configured to verify server
> ! certificates. If you must exclude anonymous ciphers also at the "encrypt"
> ! security level, set "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>null</b></dt>
> ! <dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
> ! without encryption.  This setting is only appropriate in the rare case
> ! that all servers are prepared to use NULL ciphers (not normally enabled
> ! in TLS servers). A plausible use-case is an LMTP server listening on a
> ! UNIX-domain socket that is configured to support "NULL" ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to not
> ! change. The default value of <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> excludes anonymous
> ! ciphers (OpenSSL 0.9.8 has NULL ciphers that offer data integrity without
> ! encryption or authentication). </dd>
>   
> ***************
> *** 9742,9746 ****
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> --- 9003,9005 ----
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9749,9767 ****
>   
> ! <DT><b><a name="smtp_line_length_limit">smtp_line_length_limit</a>
> ! (default: 998)</b></DT><DD>
>   
> ! <p>
> ! The maximal length of message header and body lines that Postfix
> ! will send via SMTP. This limit does not include the <CR><LF>
> ! at the end of each line.  Longer lines are broken by inserting
> ! "<CR><LF><SPACE>", to minimize the damage to MIME
> ! formatted mail.
> ! </p>
>   
> ! <p>
> ! The Postfix limit of 998 characters not including <CR><LF>
> ! is consistent with the SMTP limit of 1000 characters including
> ! <CR><LF>.  The Postfix limit was 990 with Postfix 2.8
> ! and earlier.
> ! </p>
>   
> --- 9008,9018 ----
>   
> ! <DT><b><a name="smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Additional list of ciphers or cipher types to exclude from the
> ! SMTP client cipher list at mandatory TLS security levels. This list
> ! works in addition to the exclusions listed with <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
> ! (see there for syntax details).  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9770,9796 ****
>   
> ! <DT><b><a name="smtp_mail_timeout">smtp_mail_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The Postfix SMTP client time limit for sending the MAIL FROM command,
> ! and for receiving the remote SMTP server response.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_mime_header_checks">smtp_mime_header_checks</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Restricted mime_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
> ! client. These tables are searched while mail is being delivered.
> ! Actions that change the delivery time or destination are not
> ! available.  </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> --- 9021,9056 ----
>   
> ! <DT><b><a name="smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a>
> ! (default: SSLv3, TLSv1)</b></DT><DD>
>   
> ! <p> List of SSL/TLS protocols that the Postfix SMTP client will use with
> ! mandatory TLS encryption.  In <a href="postconf.5.html">main.cf</a> the values are separated by
> ! whitespace, commas or colons. In the policy table "protocols" attribute
> ! (see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid separator is colon. An
> ! empty value means allow all protocols. The valid protocol names, (see
> ! <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and "TLSv1". </p>
>   
> ! <p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
> ! protocol exclusions. One can now explicitly exclude SSLv2 by setting
> ! "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
> ! SSLv3 set "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
> ! the protocols to include, rather than protocols to exclude, is still
> ! supported; use the form you find more intuitive. </p>
>   
> + <p> Since SSL version 2 has known protocol weaknesses and is now
> + deprecated, the default setting excludes "SSLv2".  This means that by
> + default, SSL version 2 will not be used at the "encrypt" security level
> + and higher. </p>
>   
> ! <p> See the documentation of the <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> parameter and
> ! <a href="TLS_README.html">TLS_README</a> for more information about security levels. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
> ! # Alternative form with Postfix ≥ 2.5:
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 9799,9828 ****
>   
> ! <DT><b><a name="smtp_mx_address_limit">smtp_mx_address_limit</a>
> ! (default: 5)</b></DT><DD>
> ! 
> ! <p>
> ! The maximal number of MX (mail exchanger) IP addresses that can
> ! result from Postfix SMTP client mail exchanger lookups, or zero (no
> ! limit). Prior to
> ! Postfix version 2.3, this limit was disabled by default.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_mx_session_limit">smtp_mx_session_limit</a>
> ! (default: 2)</b></DT><DD>
>   
> ! <p> The maximal number of SMTP sessions per delivery request before
> ! the Postfix SMTP client
> ! gives up or delivers to a fall-back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no
> ! limit). This restriction ignores sessions that fail to complete the
> ! SMTP initial handshake (Postfix version 2.2 and earlier) or that fail to
> ! complete the EHLO and TLS handshake (Postfix version 2.3 and later).  </p>
>   
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
>   
> --- 9059,9073 ----
>   
> ! <DT><b><a name="smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Log the hostname of a remote SMTP server that offers STARTTLS,
> ! when TLS is not already enabled for that server. </p>
>   
> ! <p> The logfile record looks like:  </p>
>   
> ! <pre>
> ! postfix/smtp[pid]:  Host offered STARTTLS: [name.of.host]
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 9831,9890 ****
>   
> ! <DT><b><a name="smtp_nested_header_checks">smtp_nested_header_checks</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Restricted nested_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
> ! client. These tables are searched while mail is being delivered.
> ! Actions that change the delivery time or destination are not
> ! available.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_never_send_ehlo">smtp_never_send_ehlo</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Never send EHLO at the start of an SMTP session. See also the
> ! <a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_per_record_deadline">smtp_per_record_deadline</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Change the behavior of the smtp_*_timeout time limits, from a
> ! time limit per read or write system call, to a time limit to send
> ! or receive a complete record (an SMTP command line, SMTP response
> ! line, SMTP message content line, or TLS protocol message).  This
> ! limits the impact from hostile peers that trickle data one byte at
> ! a time.  </p>
> ! 
> ! <p> Note: when per-record deadlines are enabled, a short timeout
> ! may cause problems with TLS over very slow network connections.
> ! The reasons are that a TLS protocol message can be up to 16 kbytes
> ! long (with TLSv1), and that an entire TLS protocol message must be
> ! sent or received within the per-record deadline.  </p>
>   
> ! <p> This feature is available in Postfix 2.9 and later. With older
> ! Postfix releases, the behavior is as if this parameter is set to
> ! "no". </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
> ! (default: 10s)</b></DT><DD>
>   
> ! <p>
> ! How long the Postfix SMTP client pauses before sending
> ! ".<CR><LF>" in order to work around the PIX firewall
> ! "<CR><LF>.<CR><LF>" bug.
> ! </p>
>   
> ! <p>
> ! Choosing a too short time makes this workaround ineffective when
> ! sending large messages over slow network connections.
> ! </p>
>   
> --- 9076,9151 ----
>   
> ! <DT><b><a name="smtp_tls_per_site">smtp_tls_per_site</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Optional lookup tables with the Postfix SMTP client TLS usage
> ! policy by next-hop destination and by remote SMTP server hostname.
> ! When both lookups succeed, the more specific per-site policy (NONE,
> ! MUST, etc) overrides the less specific one (MAY), and the more secure
> ! per-site policy (MUST, etc) overrides the less secure one (NONE).
> ! With Postfix 2.3 and later <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> is strongly discouraged:
> ! use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
>   
> ! <p> Use of the bare hostname as the per-site table lookup key is
> ! discouraged. Always use the full destination nexthop (enclosed in
> ! [] with a possible ":port" suffix). A recipient domain or MX-enabled
> ! transport next-hop with no port suffix may look like a bare hostname,
> ! but is still a suitable <i>destination</i>. </p>
>   
> + <p> Specify a next-hop destination or server hostname on the left-hand
> + side; no wildcards are allowed. The next-hop destination is either
> + the recipient domain, or the destination specified with a <a href="transport.5.html">transport(5)</a>
> + table, the <a href="postconf.5.html#relayhost">relayhost</a> parameter, or the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter.
> + On the right hand side specify one of the following keywords:  </p>
>   
> ! <dl>
>   
> ! <dt> NONE </dt> <dd> Don't use TLS at all. This overrides a less
> ! specific <b>MAY</b> lookup result from the alternate host or next-hop
> ! lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>,
> ! and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings. </dd>
>   
> ! <dt> MAY </dt> <dd> Try to use TLS if the server announces support,
> ! otherwise use the unencrypted connection. This has less precedence
> ! than a more specific result (including <b>NONE</b>) from the alternate
> ! host or next-hop lookup key, and has less precedence than the more
> ! specific global "<a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> = yes" or "<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! = yes".  </dd>
>   
> ! <dt> MUST_NOPEERMATCH </dt> <dd> Require TLS encryption, but do not
> ! require that the remote SMTP server hostname matches the information
> ! in the remote SMTP server certificate, or that the server certificate
> ! was issued by a trusted CA. This overrides a less secure <b>NONE</b>
> ! or a less specific <b>MAY</b> lookup result from the alternate host
> ! or next-hop lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>,
> ! <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings.  </dd>
>   
> + <dt> MUST </dt> <dd> Require TLS encryption, require that the remote
> + SMTP server hostname matches the information in the remote SMTP
> + server certificate, and require that the remote SMTP server certificate
> + was issued by a trusted CA. This overrides a less secure <b>NONE</b>
> + and <b>MUST_NOPEERMATCH</b> or a less specific <b>MAY</b> lookup
> + result from the alternate host or next-hop lookup key, and overrides
> + the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> + settings.  </dd>
>   
> ! </dl>
>   
> ! <p> The above keywords correspond to the "none", "may", "encrypt" and
> ! "verify" security levels for the new <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> parameter
> ! introduced in Postfix 2.3. Starting with Postfix 2.3, and independently
> ! of how the policy is specified, the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters only apply when TLS encryption
> ! is mandatory. Connections for which encryption is optional enable
> ! all "export" grade and better ciphers. </p>
>   
> ! <p> As long as no secure DNS lookup mechanism is available, false
> ! hostnames in MX or CNAME responses can change the server hostname
> ! that Postfix uses for TLS policy lookup and server certificate
> ! verification. Even with a perfect match between the server hostname and
> ! the server certificate, there is no guarantee that Postfix is connected
> ! to the right server.  See <a href="TLS_README.html">TLS_README</a> (Closing a DNS loophole with obsolete
> ! per-site TLS policies) for a possible work-around. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
>   
> ***************
> *** 9893,9938 ****
>   
> ! <DT><b><a name="smtp_pix_workaround_maps">smtp_pix_workaround_maps</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP server address, with
> ! per-destination workarounds for CISCO PIX firewall bugs.  The table
> ! is not indexed by hostname for consistency with
> ! <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>. </p>
> ! 
> ! <p> This feature is available in Postfix 2.4 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a>
> ! (default: 500s)</b></DT><DD>
> ! 
> ! <p> How long a message must be queued before the Postfix SMTP client
> ! turns on the PIX firewall "<CR><LF>.<CR><LF>"
> ! bug workaround for delivery through firewalls with "smtp fixup"
> ! mode turned on.  </p>
> ! 
> ! <p>
> ! By default, the workaround is turned off for mail that is queued
> ! for less than 500 seconds. In other words, the workaround is normally
> ! turned off for the first delivery attempt.
> ! </p>
> ! 
> ! <p>
> ! Specify 0 to enable the PIX firewall
> ! "<CR><LF>.<CR><LF>" bug workaround upon the
> ! first delivery attempt.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_pix_workarounds">smtp_pix_workarounds</a>
> ! (default: disable_esmtp, delay_dotcrlf)</b></DT><DD>
>   
> ! <p> A list that specifies zero or more workarounds for CISCO PIX
> ! firewall bugs. These workarounds are implemented by the Postfix
> ! SMTP client. Workaround names are separated by comma or space, and
> ! are case insensitive.  This parameter setting can be overruled with
> ! per-destination <a href="postconf.5.html#smtp_pix_workaround_maps">smtp_pix_workaround_maps</a> settings. </p>
>   
> --- 9154,9188 ----
>   
> ! <DT><b><a name="smtp_tls_policy_maps">smtp_tls_policy_maps</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Optional lookup tables with the Postfix SMTP client TLS security
> ! policy by next-hop destination; when a non-empty value is specified,
> ! this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.  See
> ! <a href="TLS_README.html">TLS_README</a> for a more detailed discussion of TLS security levels.
>   </p>
>   
> + <p> The TLS policy table is indexed by the full next-hop destination,
> + which is either the recipient domain, or the verbatim next-hop
> + specified in the transport table, $<a href="postconf.5.html#local_transport">local_transport</a>, $<a href="postconf.5.html#virtual_transport">virtual_transport</a>,
> + $<a href="postconf.5.html#relay_transport">relay_transport</a> or $<a href="postconf.5.html#default_transport">default_transport</a>. This includes any enclosing
> + square brackets and any non-default destination server port suffix. The
> + LMTP socket type prefix (inet: or unix:) is not included in the lookup
> + key. </p>
>   
> ! <p> Only the next-hop domain, or $<a href="postconf.5.html#myhostname">myhostname</a> with LMTP over UNIX-domain
> ! sockets, is used as the nexthop name for certificate verification. The
> ! port and any enclosing square brackets are used in the table lookup key,
> ! but are not used for server name verification. </p>
>   
> ! <p> When the lookup key is a domain name without enclosing square brackets
> ! or any <i>:port</i> suffix (typically the recipient domain), and the full
> ! domain is not found in the table, just as with the <a href="transport.5.html">transport(5)</a> table,
> ! the parent domain starting with a leading "." is matched recursively. This
> ! allows one to specify a security policy for a recipient domain and all
> ! its sub-domains. </p>
>   
> ! <p> The lookup result is a security level, followed by an optional list
> ! of whitespace and/or comma separated name=value attributes that override
> ! related <a href="postconf.5.html">main.cf</a> settings. The TLS security levels in order of increasing
> ! security are: </p>
>   
> ***************
> *** 9940,12458 ****
>   
> ! <dt><b>delay_dotcrlf</b><dd> Insert a delay before sending
> ! ".<CR><LF>" after the end of the message content.  The
> ! delay is subject to the <a href="postconf.5.html#smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a> and
> ! <a href="postconf.5.html#smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a> parameter settings. </dd>
> ! 
> ! <dt><b>disable_esmtp</b><dd> Disable all extended SMTP commands:
> ! send HELO instead of EHLO. </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.4 and later. The default
> ! settings are backwards compatible with earlier Postfix versions.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_quit_timeout">smtp_quit_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The Postfix SMTP client time limit for sending the QUIT command,
> ! and for receiving the remote SMTP server response.
> ! </p>
>   
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
> ! as required
> ! by <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. This includes putting quotes around an address localpart
> ! that ends in ".".
> ! </p>
> ! 
> ! <p>
> ! The default is to comply with <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. If you have to send mail to
> ! a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="master.5.html">master.cf</a>:
> !     broken-smtp . . . smtp -o <a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>=no
> ! </pre>
> ! </blockquote>
> ! 
> ! <p>
> ! and route mail for the destination in question to the "broken-smtp"
> ! message delivery with a <a href="transport.5.html">transport(5)</a> table.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_randomize_addresses">smtp_randomize_addresses</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Randomize the order of equal-preference MX host addresses.  This
> ! is a performance feature of the Postfix SMTP client.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_rcpt_timeout">smtp_rcpt_timeout</a>
> ! (default: 300s)</b></DT><DD>
> ! 
> ! <p>
> ! The Postfix SMTP client time limit for sending the SMTP RCPT TO
> ! command, and for receiving the remote SMTP server response.
> ! </p>
> ! 
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_reply_filter">smtp_reply_filter</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> A mechanism to transform replies from remote SMTP servers one
> ! line at a time.  This is a last-resort tool to work around server
> ! replies that break inter-operability with the Postfix SMTP client.
> ! Other uses involve fault injection to test Postfix's handling of
> ! invalid responses. </p>
> ! 
> ! <p> Notes: </p>
> ! 
> ! <ul>
> ! 
> ! <li> <p> In the case of a multi-line reply, the Postfix SMTP client
> ! uses the final reply line's numerical SMTP reply code and enhanced
> ! status code.  </p>
> ! 
> ! <li> <p> The numerical SMTP reply code (XYZ) takes precedence over
> ! the enhanced status code (X.Y.Z).  When the enhanced status code
> ! initial digit differs from the SMTP reply code initial digit, or
> ! when no enhanced status code is present, the Postfix SMTP client
> ! uses a generic enhanced status code (X.0.0) instead. </p>
> ! 
> ! </ul>
> ! 
> ! <p> Specify the name of a "<a href="DATABASE_README.html">type:table</a>" lookup table. The search
> ! string is a single SMTP reply line as received from the remote SMTP
> ! server, except that the trailing <CR><LF> are removed.
> ! When the lookup succeeds, the result replaces the single SMTP reply
> ! line. </p>
> ! 
> ! <p> Examples: </p>
> ! 
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/reply_filter
> ! </pre>
> ! 
> ! <pre>
> ! /etc/postfix/reply_filter:
> !     # Transform garbage into "250-filler..." so that it looks like
> !     # one line from a multi-line reply. It does not matter what we
> !     # substitute here as long it has the right syntax.  The Postfix
> !     # SMTP client will use the final line's numerical SMTP reply
> !     # code and enhanced status code.
> !     !/^([2-5][0-9][0-9]($|[- ]))/ 250-filler for garbage
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.7. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_rset_timeout">smtp_rset_timeout</a>
> ! (default: 20s)</b></DT><DD>
> ! 
> ! <p> The Postfix SMTP client time limit for sending the RSET command,
> ! and for receiving the remote SMTP server response. The SMTP client
> ! sends RSET in
> ! order to finish a recipient address probe, or to verify that a
> ! cached session is still usable.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> An optional table to prevent repeated SASL authentication
> ! failures with the same remote SMTP server hostname, username and
> ! password. Each table (key, value) pair contains a server name, a
> ! username and password, and the full server response. This information
> ! is stored when a remote SMTP server rejects an authentication attempt
> ! with a 535 reply code.  As long as the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a>
> ! information does no change, and as long as the <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
> ! information does not expire (see <a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>) the
> ! Postfix SMTP client avoids SASL authentication attempts with the
> ! same server, username and password, and instead bounces or defers
> ! mail as controlled with the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> configuration
> ! parameter.  </p>
> ! 
> ! <p> Use a per-destination delivery concurrency of 1 (for example,
> ! "<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> = 1",
> ! "<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> = 1", etc.), otherwise multiple
> ! delivery agents may experience a login failure at the same time.
> ! </p>
> ! 
> ! <p> The table must be accessed via the proxywrite service, i.e. the
> ! map name must start with "<a href="proxymap.8.html">proxy</a>:". The table should be stored under
> ! the directory specified with the <a href="postconf.5.html#data_directory">data_directory</a> parameter. </p>
> ! 
> ! <p> This feature uses cryptographic hashing to protect plain-text
> ! passwords, and requires that Postfix is compiled with TLS support.
> ! </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> = <a href="proxymap.8.html">proxy</a>:btree:/var/lib/postfix/sasl_auth_cache
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>
> ! (default: 90d)</b></DT><DD>
> ! 
> ! <p> The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
> ! is removed. </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_auth_enable">smtp_sasl_auth_enable</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p>
> ! Enable SASL authentication in the Postfix SMTP client.  By default,
> ! the Postfix SMTP client uses no authentication.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> When a remote SMTP server rejects a SASL authentication request
> ! with a 535 reply code, defer mail delivery instead of returning
> ! mail as undeliverable. The latter behavior was hard-coded prior to
> ! Postfix version 2.5. </p>
> ! 
> ! <p> Note: the setting "yes" overrides the global <a href="postconf.5.html#soft_bounce">soft_bounce</a>
> ! parameter, but the setting "no" does not. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! # Default as of Postfix 2.5
> ! <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = yes
> ! # The old hard-coded default
> ! <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = no
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! If non-empty, a Postfix SMTP client filter for the remote SMTP
> ! server's list of offered SASL mechanisms.  Different client and
> ! server implementations may support different mechanism lists; by
> ! default, the Postfix SMTP client will use the intersection of the
> ! two. <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> specifies an optional third mechanism
> ! list to intersect with. </p>
> ! 
> ! <p> Specify mechanism names, "/file/name" patterns or "<a href="DATABASE_README.html">type:table</a>"
> ! lookup tables. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups
> ! is ignored. Specify "!pattern" to exclude a mechanism name from the
> ! list. The form "!/file/name" is supported only in Postfix version
> ! 2.4 and later. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
> ! 
> ! <p>
> ! Examples:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = plain, login
> ! <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = /etc/postfix/smtp_mechs
> ! <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !login, <a href="DATABASE_README.html#types">static</a>:rest
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_password_maps">smtp_sasl_password_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! Optional Postfix SMTP client lookup tables with one username:password
> ! entry
> ! per remote hostname or domain, or sender address when sender-dependent
> ! authentication is enabled.  If no username:password entry is found,
> ! then the Postfix SMTP client will not
> ! attempt to authenticate to the remote host.
> ! </p>
> ! 
> ! <p>
> ! The Postfix SMTP client opens the lookup table before going to
> ! chroot jail, so you can leave the password file in /etc/postfix.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_path">smtp_sasl_path</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Implementation-specific information that the Postfix SMTP client
> ! passes through to
> ! the SASL plug-in implementation that is selected with
> ! <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  Typically this specifies the name of a
> ! configuration file or rendezvous point. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_security_options">smtp_sasl_security_options</a>
> ! (default: noplaintext, noanonymous)</b></DT><DD>
> ! 
> ! <p> Postfix SMTP client SASL security options; as of Postfix 2.3
> ! the list of available
> ! features depends on the SASL client implementation that is selected
> ! with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  </p>
> ! 
> ! <p> The following security features are defined for the <b>cyrus</b>
> ! client SASL implementation: </p>
> ! 
> ! <p>
> ! Specify zero or more of the following:
> ! </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b>noplaintext</b></dt>
> ! 
> ! <dd>Disallow methods that use plaintext passwords. </dd>
> ! 
> ! <dt><b>noactive</b></dt>
> ! 
> ! <dd>Disallow methods subject to active (non-dictionary) attack.
> ! </dd>
> ! 
> ! <dt><b>nodictionary</b></dt>
> ! 
> ! <dd>Disallow methods subject to passive (dictionary) attack. </dd>
> ! 
> ! <dt><b>noanonymous</b></dt>
> ! 
> ! <dd>Disallow methods that allow anonymous authentication. </dd>
> ! 
> ! <dt><b>mutual_auth</b></dt>
> ! 
> ! <dd>Only allow methods that provide mutual authentication (not
> ! available with SASL version 1). </dd>
> ! 
> ! </dl>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> = noplaintext
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>
> ! (default: $<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b></DT><DD>
> ! 
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! client uses for TLS encrypted SMTP sessions. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a>
> ! (default: $<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>)</b></DT><DD>
> ! 
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! client uses for TLS encrypted SMTP sessions with a verified server
> ! certificate. </p>
> ! 
> ! <p> When mail is sent to the public MX host for the recipient's
> ! domain, server certificates are by default optional, and delivery
> ! proceeds even if certificate verification fails. For delivery via
> ! a submission service that requires SASL authentication, it may be
> ! appropriate to send plaintext passwords only when the connection
> ! to the server is strongly encrypted <b>and</b> the server identity
> ! is verified. </p>
> ! 
> ! <p> The <a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> parameter makes it
> ! possible to only enable plaintext mechanisms when a secure connection
> ! to the server is available. Submission servers subject to this
> ! policy must either have verifiable certificates or offer suitable
> ! non-plaintext SASL mechanisms. </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sasl_type">smtp_sasl_type</a>
> ! (default: cyrus)</b></DT><DD>
> ! 
> ! <p> The SASL plug-in type that the Postfix SMTP client should use
> ! for authentication.  The available types are listed with the
> ! "<b>postconf -A</b>" command. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Whether or not to append the "AUTH=<>" option to the MAIL
> ! FROM command in SASL-authenticated SMTP sessions. The default is
> ! not to send this, to avoid problems with broken remote SMTP servers.
> ! Before Postfix 2.9 the behavior is as if "<a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
> ! = yes".
> ! 
> ! <p> This feature is available in Postfix 2.9 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_send_xforward_command">smtp_send_xforward_command</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p>
> ! Send the non-standard XFORWARD command when the Postfix SMTP server
> ! EHLO response announces XFORWARD support.
> ! </p>
> ! 
> ! <p>
> ! This allows a Postfix SMTP delivery agent, used for injecting mail
> ! into
> ! a content filter, to forward the name, address, protocol and HELO
> ! name of the original client to the content filter and downstream
> ! queuing SMTP server. This can produce more useful logging than
> ! localhost[127.0.0.1] etc.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p>
> ! Enable sender-dependent authentication in the Postfix SMTP client; this is
> ! available only with SASL authentication, and disables SMTP connection
> ! caching to ensure that mail from different senders will use the
> ! appropriate credentials.  </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.3 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Skip SMTP servers that greet with a 4XX status code (go away, try
> ! again later).
> ! </p>
> ! 
> ! <p>
> ! By default, the Postfix SMTP client moves on the next mail exchanger.
> ! Specify
> ! "<a href="postconf.5.html#smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a> = no" if Postfix should defer delivery
> ! immediately.
> ! </p>
> ! 
> ! <p> This feature is available in Postfix 2.0 and earlier.
> ! Later Postfix versions always skip remote SMTP servers that greet
> ! with a
> ! 4XX status code. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Skip remote SMTP servers that greet with a 5XX status code (go away,
> ! do
> ! not try again later).
> ! </p>
> ! 
> ! <p> By default, the Postfix SMTP client moves on the next mail
> ! exchanger. Specify "<a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> = no" if Postfix should
> ! bounce the mail immediately. The default setting is incorrect, but
> ! it is what a lot of people expect to happen.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_skip_quit_response">smtp_skip_quit_response</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Do not wait for the response to the SMTP QUIT command.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_starttls_timeout">smtp_starttls_timeout</a>
> ! (default: 300s)</b></DT><DD>
> ! 
> ! <p> Time limit for Postfix SMTP client write and read operations
> ! during TLS startup and shutdown handshake procedures. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_CAfile">smtp_tls_CAfile</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> A file containing CA certificates of root CAs trusted to sign
> ! either remote SMTP server certificates or intermediate CA certificates.
> ! These are loaded into memory before the <a href="smtp.8.html">smtp(8)</a> client enters the
> ! chroot jail. If the number of trusted roots is large, consider using
> ! <a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> instead, but note that the latter directory must be
> ! present in the chroot jail if the <a href="smtp.8.html">smtp(8)</a> client is chrooted. This
> ! file may also be used to augment the client certificate trust chain,
> ! but it is best to include all the required certificates directly in
> ! $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>. </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> = /path/to/system_CA_file" to use
> ! ONLY the system-supplied default certificate authority certificates.
> ! </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
> ! appending the system-supplied default CAs and trusting third-party
> ! certificates. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> = /etc/postfix/CAcert.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_CApath">smtp_tls_CApath</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Directory with PEM format certificate authority certificates
> ! that the Postfix SMTP client uses to verify a remote SMTP server
> ! certificate.  Don't forget to create the necessary "hash" links
> ! with, for example, "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs".
> ! </p>
> ! 
> ! <p> To use this option in chroot mode, this directory (or a copy)
> ! must be inside the chroot jail. </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> = /path/to/system_CA_directory" to
> ! use ONLY the system-supplied default certificate authority certificates.
> ! </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
> ! appending the system-supplied default CAs and trusting third-party
> ! certificates. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> = /etc/postfix/certs
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Try to detect a mail hijacking attack based on a TLS protocol
> ! vulnerability (CVE-2009-3555), where an attacker prepends malicious
> ! HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client TLS session.
> ! The attack would succeed with non-Postfix SMTP servers that reply
> ! to the malicious HELO, MAIL, RCPT, DATA commands after negotiating
> ! the Postfix SMTP client TLS session.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.7. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_cert_file">smtp_tls_cert_file</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client RSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP client private RSA key,
> ! and these may be the same as the Postfix SMTP server RSA certificate and key
> ! file. </p>
> ! 
> ! <p> Do not configure client certificates unless you <b>must</b> present
> ! client TLS certificates to one or more servers. Client certificates are
> ! not usually needed, and can cause problems in configurations that work
> ! well without them. The recommended setting is to let the defaults stand: </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> =
> ! <a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> =
> ! <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> =
> ! <a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> =
> ! <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> =
> ! <a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> =
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> The best way to use the default settings is to comment out the above
> ! parameters in <a href="postconf.5.html">main.cf</a> if present. </p>
> ! 
> ! <p> To enable remote SMTP servers to verify the Postfix SMTP client
> ! certificate, the issuing CA certificates must be made available to the
> ! server. You should include the required certificates in the client
> ! certificate file, the client certificate first, then the issuing
> ! CA(s) (bottom-up order). </p>
> ! 
> ! <p> Example: the certificate for "client.example.com" was issued by
> ! "intermediate CA" which itself has a certificate issued by "root CA".
> ! Create the client.pem file with "cat client_cert.pem intermediate_CA.pem
> ! root_CA.pem > client.pem". </p>
> ! 
> ! <p> If you also want to verify remote SMTP server certificates issued by
> ! these CAs, you can add the CA certificates to the <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a>, in
> ! which case it is not necessary to have them in the <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>,
> ! <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> or <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>. </p>
> ! 
> ! <p> A certificate supplied here must be usable as an SSL client certificate
> ! and hence pass the "openssl verify -purpose sslclient ..." test. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> = /etc/postfix/client.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_cipherlist">smtp_tls_cipherlist</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
> ! cipher list. As this feature applies to all TLS security levels, it is easy
> ! to create inter-operability problems by choosing a non-default cipher
> ! list. Do not use a non-default TLS cipher list on hosts that deliver email
> ! to the public Internet: you will be unable to send email to servers that
> ! only support the ciphers you exclude. Using a restricted cipher list
> ! may be more appropriate for an internal MTA, where one can exert some
> ! control over the TLS software and settings of the peer servers. </p>
> ! 
> ! <p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
> ! 
> ! <p> This feature is available in Postfix version 2.2. It is not used with
> ! Postfix 2.3 and later; use <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> instead. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_ciphers">smtp_tls_ciphers</a>
> ! (default: export)</b></DT><DD>
> ! 
> ! <p> The minimum TLS cipher grade that the Postfix SMTP client
> ! will use with opportunistic TLS encryption. Cipher types listed in
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> are excluded from the base definition of
> ! the selected cipher grade. The default value "export" ensures maximum
> ! inter-operability. Because encryption is optional, stronger controls
> ! are not appropriate, and this setting SHOULD NOT be changed unless the
> ! change is essential. </p>
> ! 
> ! <p> When TLS is mandatory the cipher grade is chosen via the
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> configuration parameter, see there for syntax
> ! details. See <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for information on how to configure
> ! ciphers on a per-destination basis. </p>
> ! 
> ! <p> Example: </p>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. With earlier Postfix
> ! releases only the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter is implemented,
> ! and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_dcert_file">smtp_tls_dcert_file</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client DSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP client private DSA key. </p>
> ! 
> ! <p> See the discussion under <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> for more details.
> ! </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> = /etc/postfix/client-dsa.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_dkey_file">smtp_tls_dkey_file</a>
> ! (default: $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client DSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP client DSA certificate
> ! file specified with $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>. </p>
> ! 
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_eccert_file">smtp_tls_eccert_file</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client ECDSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP client ECDSA private key. </p>
> ! 
> ! <p> See the discussion under <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> for more details.
> ! </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> = /etc/postfix/ecdsa-ccert.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_eckey_file">smtp_tls_eckey_file</a>
> ! (default: $<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client ECDSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP client ECDSA
> ! certificate file specified with $<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>. </p>
> ! 
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> With mandatory TLS encryption, require that the remote SMTP
> ! server hostname matches the information in the remote SMTP server
> ! certificate.  As of <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> the requirements for hostname checking
> ! for MTA clients are not specified. </p>
> ! 
> ! <p> This option can be set to "no" to disable strict peer name
> ! checking. This setting has no effect on sessions that are controlled
> ! via the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table.  </p>
> ! 
> ! <p> Disabling the hostname verification can make sense in closed
> ! environment where special CAs are created.  If not used carefully,
> ! this option opens the danger of a "man-in-the-middle" attack (the
> ! CommonName of this attacker will be logged). </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> List of ciphers or cipher types to exclude from the Postfix
> ! SMTP client cipher
> ! list at all TLS security levels. This is not an OpenSSL cipherlist, it is
> ! a simple list separated by whitespace and/or commas. The elements are a
> ! single cipher, or one or more "+" separated cipher properties, in which
> ! case only ciphers matching <b>all</b> the properties are excluded. </p>
> ! 
> ! <p> Examples (some of these will cause problems): </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = MD5, DES
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = DES+MD5
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
> ! <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = kEDH+aRSA
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> The first setting, disables anonymous ciphers. The next setting
> ! disables ciphers that use the MD5 digest algorithm or the (single) DES
> ! encryption algorithm. The next setting disables ciphers that use MD5 and
> ! DES together.  The next setting disables the two ciphers "AES256-SHA"
> ! and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
> ! key exchange with RSA authentication. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> List of acceptable remote SMTP server certificate fingerprints for
> ! the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> =
> ! fingerprint). At this security level, certificate authorities are not
> ! used, and certificate expiration times are ignored. Instead, server
> ! certificates are verified directly via their certificate fingerprint
> ! or public key fingerprint (Postfix 2.9 and later). The fingerprint
> ! is a message digest of the server certificate (or public key). The
> ! digest algorithm is selected via the <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b>
> ! parameter. </p>
> ! 
> ! <p> When an <b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a></b> table entry specifies the
> ! "fingerprint" security level, any "match" attributes in that entry specify
> ! the list of valid fingerprints for the corresponding destination. Multiple
> ! fingerprints can be combined with a "|" delimiter in a single match
> ! attribute, or multiple match attributes can be employed. </p>
> ! 
> ! <p> Example: Certificate fingerprint verification with internal mailhub.
> ! Two matching fingerprints are listed. The <a href="postconf.5.html#relayhost">relayhost</a> may be multiple
> ! physical hosts behind a load-balancer, each with its own private/public
> ! key and self-signed certificate. Alternatively, a single <a href="postconf.5.html#relayhost">relayhost</a> may
> ! be in the process of switching from one set of private/public keys to
> ! another, and both keys are trusted just prior to the transition. </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
> ! <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! <a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
> !     3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !     EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> Example: Certificate fingerprint verification with selected destinations.
> ! As in the example above, we show two matching fingerprints: </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = hash:/etc/postfix/tls_policy
> !     <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! </pre>
> ! </blockquote>
> ! 
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/tls_policy:
> !     example.com	fingerprint
> !         match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !         match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a>
> ! (default: md5)</b></DT><DD>
> ! 
> ! <p> The message digest algorithm used to construct remote SMTP server
> ! certificate fingerprints. At the "fingerprint" TLS security level
> ! (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> = fingerprint), the server certificate is
> ! verified by directly matching its certificate fingerprint or its public
> ! key fingerprint (Postfix 2.9 and later). The fingerprint is the
> ! message digest of the server certificate (or its public key)
> ! using the selected
> ! algorithm. With a digest algorithm resistant to "second pre-image"
> ! attacks, it is not feasible to create a new public key and a matching
> ! certificate (or public/private key-pair) that has the same fingerprint. </p>
> ! 
> ! <p> The default algorithm is <b>md5</b>; this is consistent with
> ! the backwards compatible setting of the digest used to verify client
> ! certificates in the SMTP server. </p>
> ! 
> ! <p> The best practice algorithm is now <b>sha1</b>. Recent advances in hash
> ! function cryptanalysis have led to md5 being deprecated in favor of sha1.
> ! However, as long as there are no known "second pre-image" attacks
> ! against md5, its use in this context can still be considered safe.
> ! </p>
> ! 
> ! <p> While additional digest algorithms are often available with OpenSSL's
> ! libcrypto, only those used by libssl in SSL cipher suites are available to
> ! Postfix. For now this means just md5 or sha1. </p>
> ! 
> ! <p> To find the fingerprint of a specific certificate file, with a
> ! specific digest algorithm, run:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! $ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> The text to the right of "=" sign is the desired fingerprint.
> ! For example: </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! $ openssl x509 -noout -fingerprint -sha1 -in cert.pem
> ! SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> Public key fingerprints are more difficult to extract, however,
> ! the SHA-1 public key fingerprint is often present as the value of the
> ! "Subject Key Identifier" extension in X.509v3 certificates. The Postfix
> ! SMTP server and client log the peer certificate fingerprint and public
> ! key fingerprint when TLS loglevel is 1 or higher. </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_key_file">smtp_tls_key_file</a>
> ! (default: $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP client RSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP client RSA certificate
> ! file specified with $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>. </p>
> ! 
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> = $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_loglevel">smtp_tls_loglevel</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p> Enable additional Postfix SMTP client logging of TLS activity.
> ! Each logging level also includes the information that is logged at
> ! a lower logging level.  </p>
> ! 
> ! <dl compact>
> ! 
> ! <dt> </dt> <dd> 0 Log only a summary message on TLS handshake completion
> ! — no logging of remote SMTP server certificate trust-chain
> ! verification errors if server certificate verification is not required.
> ! With Postfix 2.8 and earlier, disable logging of TLS activity.  </dd>
> ! 
> ! <dt> </dt> <dd> 1 Also log remote SMTP server trust-chain verification
> ! errors and peer certificate summary information. With Postfix 2.8
> ! and earlier, log TLS handshake and certificate information.  </dd>
> ! 
> ! <dt> </dt> <dd> 2 Also log levels during TLS negotiation.  </dd>
> ! 
> ! <dt> </dt> <dd> 3 Also log hexadecimal and ASCII dump of TLS negotiation
> ! process.  </dd>
> ! 
> ! <dt> </dt> <dd> 4 Also log hexadecimal and ASCII dump of complete
> ! transmission after STARTTLS. </dd>
> ! 
> ! </dl>
> ! 
> ! <p> Do not use "<a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> = 2" or higher except in case of
> ! problems. Use of loglevel 4 is strongly discouraged. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>
> ! (default: medium)</b></DT><DD>
> ! 
> ! <p> The minimum TLS cipher grade that the Postfix SMTP client will
> ! use with
> ! mandatory TLS encryption.  The default value "medium" is suitable
> ! for most destinations with which you may want to enforce TLS, and
> ! is beyond the reach of today's cryptanalytic methods. See
> ! <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for information on how to configure ciphers
> ! on a per-destination basis. </p>
> ! 
> ! <p> The following cipher grades are supported: </p>
> ! 
> ! <dl>
> ! <dt><b>export</b></dt>
> ! <dd> Enable "EXPORT" grade or better OpenSSL
> ! ciphers.  This is the default for opportunistic encryption. It is
> ! not recommended for mandatory encryption unless you must enforce TLS
> ! with "crippled" peers. The underlying cipherlist is specified via the
> ! <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> configuration parameter, which you are strongly
> ! encouraged to not change. </dd>
> ! 
> ! <dt><b>low</b></dt>
> ! <dd> Enable "LOW" grade or better OpenSSL ciphers.  This
> ! setting is only appropriate for internal mail servers.  The underlying
> ! cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> configuration
> ! parameter, which you are strongly encouraged to not change. </dd>
> ! 
> ! <dt><b>medium</b></dt>
> ! <dd> Enable "MEDIUM" grade or better OpenSSL ciphers.
> ! The underlying cipherlist is specified via the <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to not change.
> ! </dd>
> ! 
> ! <dt><b>high</b></dt>
> ! <dd> Enable only "HIGH" grade OpenSSL ciphers.  This setting may
> ! be appropriate when all mandatory TLS destinations (e.g. when all
> ! mail is routed to a suitably capable <a href="postconf.5.html#relayhost">relayhost</a>) support at least one
> ! "HIGH" grade cipher. The underlying cipherlist is specified via the
> ! <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> configuration parameter, which you are strongly
> ! encouraged to not change. </dd>
> ! 
> ! <dt><b>null</b></dt>
> ! <dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
> ! without encryption.  This setting is only appropriate in the rare case
> ! that all servers are prepared to use NULL ciphers (not normally enabled
> ! in TLS servers). A plausible use-case is an LMTP server listening on a
> ! UNIX-domain socket that is configured to support "NULL" ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to not
> ! change. </dd>
> ! 
> ! </dl>
> ! 
> ! <p> The underlying cipherlists for grades other than "null" include
> ! anonymous ciphers, but these are automatically filtered out if the
> ! Postfix SMTP client is configured to verify server certificates.
> ! You are very unlikely to need to take any steps to exclude anonymous
> ! ciphers, they are excluded automatically as necessary.  If you must
> ! exclude anonymous ciphers at the "may" or "encrypt" security levels,
> ! when the Postfix SMTP client does not need or use peer certificates, set
> ! "<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL". To exclude anonymous ciphers only when
> ! TLS is enforced, set "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = aNULL". </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Additional list of ciphers or cipher types to exclude from the
> ! Postfix SMTP client cipher list at mandatory TLS security levels. This list
> ! works in addition to the exclusions listed with <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
> ! (see there for syntax details).  </p>
> ! 
> ! <p> Starting with Postfix 2.6, the mandatory cipher exclusions can be
> ! specified on a per-destination basis via the TLS policy "exclude"
> ! attribute. See <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for notes and examples. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a>
> ! (default: SSLv3, TLSv1)</b></DT><DD>
> ! 
> ! <p> List of SSL/TLS protocols that the Postfix SMTP client will use with
> ! mandatory TLS encryption.  In <a href="postconf.5.html">main.cf</a> the values are separated by
> ! whitespace, commas or colons. In the policy table "protocols" attribute
> ! (see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid separator is colon. An
> ! empty value means allow all protocols. The valid protocol names, (see
> ! <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and "TLSv1". </p>
> ! 
> ! <p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
> ! protocol exclusions. One can now explicitly exclude SSLv2 by setting
> ! "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
> ! SSLv3 set "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
> ! the protocols to include, rather than protocols to exclude, is still
> ! supported; use the form you find more intuitive. </p>
> ! 
> ! <p> Since SSL version 2 has known protocol weaknesses and is now
> ! deprecated, the default setting excludes "SSLv2".  This means that by
> ! default, SSL version 2 will not be used at the "encrypt" security level
> ! and higher. </p>
> ! 
> ! <p> See the documentation of the <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> parameter and
> ! <a href="TLS_README.html">TLS_README</a> for more information about security levels. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
> ! # Alternative form with Postfix ≥ 2.5:
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Log the hostname of a remote SMTP server that offers STARTTLS,
> ! when TLS is not already enabled for that server. </p>
> ! 
> ! <p> The logfile record looks like:  </p>
> ! 
> ! <pre>
> ! postfix/smtp[pid]:  Host offered STARTTLS: [name.of.host]
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_per_site">smtp_tls_per_site</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Optional lookup tables with the Postfix SMTP client TLS usage
> ! policy by next-hop destination and by remote SMTP server hostname.
> ! When both lookups succeed, the more specific per-site policy (NONE,
> ! MUST, etc) overrides the less specific one (MAY), and the more secure
> ! per-site policy (MUST, etc) overrides the less secure one (NONE).
> ! With Postfix 2.3 and later <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> is strongly discouraged:
> ! use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
> ! 
> ! <p> Use of the bare hostname as the per-site table lookup key is
> ! discouraged. Always use the full destination nexthop (enclosed in
> ! [] with a possible ":port" suffix). A recipient domain or MX-enabled
> ! transport next-hop with no port suffix may look like a bare hostname,
> ! but is still a suitable <i>destination</i>. </p>
> ! 
> ! <p> Specify a next-hop destination or server hostname on the left-hand
> ! side; no wildcards are allowed. The next-hop destination is either
> ! the recipient domain, or the destination specified with a <a href="transport.5.html">transport(5)</a>
> ! table, the <a href="postconf.5.html#relayhost">relayhost</a> parameter, or the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter.
> ! On the right hand side specify one of the following keywords:  </p>
> ! 
> ! <dl>
> ! 
> ! <dt> NONE </dt> <dd> Don't use TLS at all. This overrides a less
> ! specific <b>MAY</b> lookup result from the alternate host or next-hop
> ! lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>,
> ! and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings. </dd>
> ! 
> ! <dt> MAY </dt> <dd> Try to use TLS if the server announces support,
> ! otherwise use the unencrypted connection. This has less precedence
> ! than a more specific result (including <b>NONE</b>) from the alternate
> ! host or next-hop lookup key, and has less precedence than the more
> ! specific global "<a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> = yes" or "<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! = yes".  </dd>
> ! 
> ! <dt> MUST_NOPEERMATCH </dt> <dd> Require TLS encryption, but do not
> ! require that the remote SMTP server hostname matches the information
> ! in the remote SMTP server certificate, or that the server certificate
> ! was issued by a trusted CA. This overrides a less secure <b>NONE</b>
> ! or a less specific <b>MAY</b> lookup result from the alternate host
> ! or next-hop lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>,
> ! <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings.  </dd>
> ! 
> ! <dt> MUST </dt> <dd> Require TLS encryption, require that the remote
> ! SMTP server hostname matches the information in the remote SMTP
> ! server certificate, and require that the remote SMTP server certificate
> ! was issued by a trusted CA. This overrides a less secure <b>NONE</b>
> ! and <b>MUST_NOPEERMATCH</b> or a less specific <b>MAY</b> lookup
> ! result from the alternate host or next-hop lookup key, and overrides
> ! the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
> ! settings.  </dd>
> ! 
> ! </dl>
> ! 
> ! <p> The above keywords correspond to the "none", "may", "encrypt" and
> ! "verify" security levels for the new <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> parameter
> ! introduced in Postfix 2.3. Starting with Postfix 2.3, and independently
> ! of how the policy is specified, the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters apply when TLS encryption
> ! is mandatory. Connections for which encryption is optional typically
> ! enable all "export" grade and better ciphers (see <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>
> ! and <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>). </p>
> ! 
> ! <p> As long as no secure DNS lookup mechanism is available, false
> ! hostnames in MX or CNAME responses can change the server hostname
> ! that Postfix uses for TLS policy lookup and server certificate
> ! verification. Even with a perfect match between the server hostname and
> ! the server certificate, there is no guarantee that Postfix is connected
> ! to the right server.  See <a href="TLS_README.html">TLS_README</a> (Closing a DNS loophole with obsolete
> ! per-site TLS policies) for a possible work-around. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_policy_maps">smtp_tls_policy_maps</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Optional lookup tables with the Postfix SMTP client TLS security
> ! policy by next-hop destination; when a non-empty value is specified,
> ! this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.  See
> ! <a href="TLS_README.html">TLS_README</a> for a more detailed discussion of TLS security levels.
> ! </p>
> ! 
> ! <p> The TLS policy table is indexed by the full next-hop destination,
> ! which is either the recipient domain, or the verbatim next-hop
> ! specified in the transport table, $<a href="postconf.5.html#local_transport">local_transport</a>, $<a href="postconf.5.html#virtual_transport">virtual_transport</a>,
> ! $<a href="postconf.5.html#relay_transport">relay_transport</a> or $<a href="postconf.5.html#default_transport">default_transport</a>. This includes any enclosing
> ! square brackets and any non-default destination server port suffix. The
> ! LMTP socket type prefix (inet: or unix:) is not included in the lookup
> ! key. </p>
> ! 
> ! <p> Only the next-hop domain, or $<a href="postconf.5.html#myhostname">myhostname</a> with LMTP over UNIX-domain
> ! sockets, is used as the nexthop name for certificate verification. The
> ! port and any enclosing square brackets are used in the table lookup key,
> ! but are not used for server name verification. </p>
> ! 
> ! <p> When the lookup key is a domain name without enclosing square brackets
> ! or any <i>:port</i> suffix (typically the recipient domain), and the full
> ! domain is not found in the table, just as with the <a href="transport.5.html">transport(5)</a> table,
> ! the parent domain starting with a leading "." is matched recursively. This
> ! allows one to specify a security policy for a recipient domain and all
> ! its sub-domains. </p>
> ! 
> ! <p> The lookup result is a security level, followed by an optional list
> ! of whitespace and/or comma separated name=value attributes that override
> ! related <a href="postconf.5.html">main.cf</a> settings. The TLS security levels in order of increasing
> ! security are: </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b>none</b></dt>
> ! <dd>No TLS. No additional attributes are supported at this level. </dd>
> ! 
> ! <dt><b>may</b></dt>
> ! <dd>Opportunistic TLS. Since sending in the clear is acceptable,
> ! demanding stronger than default TLS security merely reduces
> ! inter-operability. The optional "ciphers", "exclude" and "protocols"
> ! attributes (available for opportunistic TLS with Postfix ≥ 2.6)
> ! override the "<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>", "<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>" and
> ! "<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>" configuration parameters. When opportunistic TLS
> ! handshakes fail, Postfix retries the connection with TLS disabled.
> ! This allows mail delivery to sites with non-interoperable TLS
> ! implementations.</dd>
> ! 
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption. At this level
> ! and higher, the optional "protocols" attribute overrides the <a href="postconf.5.html">main.cf</a>
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameter, the optional "ciphers" attribute
> ! overrides the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter, and the
> ! optional "exclude" attribute (Postfix ≥ 2.6) overrides the <a href="postconf.5.html">main.cf</a>
> ! <a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> parameter. In the policy table,
> ! multiple protocols or excluded ciphers must be separated by colons,
> ! as attribute values may not contain whitespace or commas. </dd>
> ! 
> ! <dt><b>fingerprint</b></dt> <dd>Certificate fingerprint
> ! verification. Available with Postfix 2.5 and later. At this security
> ! level, there are no trusted certificate authorities. The certificate
> ! trust chain, expiration date, ... are not checked. Instead,
> ! the optional <b>match</b> attribute, or else the <a href="postconf.5.html">main.cf</a>
> ! <b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b> parameter, lists the certificate
> ! fingerprints or the public key fingerprint (Postfix 2.9 and later)
> ! of the valid server certificate. The digest
> ! algorithm used to calculate the fingerprint is selected by the
> ! <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. Multiple fingerprints can
> ! be combined with a "|" delimiter in a single match attribute, or multiple
> ! match attributes can be employed. The ":" character is not used as a
> ! delimiter as it occurs between each pair of fingerprint (hexadecimal)
> ! digits. </dd>
> ! 
> ! <dt><b>verify</b></dt> <dd>Mandatory TLS verification.  At this security
> ! level, DNS MX lookups are trusted to be secure enough, and the name
> ! verified in the server certificate is usually obtained indirectly via
> ! unauthenticated DNS MX lookups.  The optional "match" attribute overrides
> ! the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. In the policy table,
> ! multiple match patterns and strategies must be separated by colons.
> ! In practice explicit control over matching is more common with the
> ! "secure" policy, described below. </dd>
> ! 
> ! <dt><b>secure</b></dt> <dd>Secure-channel TLS. At this security level, DNS
> ! MX lookups, though potentially used to determine the candidate next-hop
> ! gateway IP addresses, are <b>not</b> trusted to be secure enough for TLS
> ! peername verification. Instead, the default name verified in the server
> ! certificate is obtained directly from the next-hop, or is explicitly
> ! specified via the optional <b>match</b> attribute which overrides the
> ! <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> parameter. In the policy table,
> ! multiple match patterns and strategies must be separated by colons.
> ! The match attribute is most useful when multiple domains are supported by
> ! common server, the policy entries for additional domains specify matching
> ! rules for the primary domain certificate. While transport table overrides
> ! routing the secondary domains to the primary nexthop also allow secure
> ! verification, they risk delivery to the wrong destination when domains
> ! change hands or are re-assigned to new gateways. With the "match"
> ! attribute approach, routing is not perturbed, and mail is deferred if
> ! verification of a new MX host fails. </dd>
> ! 
> ! </dl>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = hash:/etc/postfix/tls_policy
> !     # Postfix 2.5 and later
> !     <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! </pre>
> ! 
> ! <pre>
> ! /etc/postfix/tls_policy:
> !     example.edu                 none
> !     example.mil                 may
> !     example.gov                 encrypt protocols=TLSv1
> !     example.com                 verify ciphers=high
> !     example.net                 secure
> !     .example.net                secure match=.example.net:example.net
> !     [mail.example.org]:587      secure match=nexthop
> !     # Postfix 2.5 and later
> !     [thumb.example.org]          fingerprint
> !     	match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! 	match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> ! </pre>
> ! 
> ! <p> <b>Note:</b> The <b>hostname</b> strategy if listed in a non-default
> ! setting of <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> or in the <b>match</b> attribute
> ! in the policy table can render the <b>secure</b> level vulnerable to
> ! DNS forgery. Do not use the <b>hostname</b> strategy for secure-channel
> ! configurations in environments where DNS security is not assured. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_protocols">smtp_tls_protocols</a>
> ! (default: !SSLv2)</b></DT><DD>
> ! 
> ! <p> List of TLS protocols that the Postfix SMTP client will exclude or
> ! include with opportunistic TLS encryption. Starting with Postfix 2.6,
> ! the Postfix SMTP client will by default not use the obsolete SSLv2
> ! protocol. </p>
> ! 
> ! <p> In <a href="postconf.5.html">main.cf</a> the values are separated by whitespace, commas or
> ! colons. In the policy table (see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid
> ! separator is colon. An empty value means allow all protocols. The valid
> ! protocol names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3"
> ! and "TLSv1". </p>
> ! 
> ! <p> To include a protocol list its name, to exclude it, prefix the name
> ! with a "!" character. To exclude SSLv2 even for opportunistic TLS set
> ! "<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
> ! "<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
> ! include, is supported, but not recommended. OpenSSL provides no mechanisms
> ! for excluding protocols not known at compile-time. If Postfix is linked
> ! against an OpenSSL library that supports additional protocol versions,
> ! they cannot be excluded using either syntax. </p>
> ! 
> ! <p> Example: </p>
> ! <pre>
> ! # TLSv1 only!
> ! <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a>
> ! (default: 9)</b></DT><DD>
> ! 
> ! <p> The verification depth for remote SMTP server certificates. A depth
> ! of 1 is sufficient if the issuing CA is listed in a local CA file. </p>
> ! 
> ! <p> The default verification depth is 9 (the OpenSSL default) for
> ! compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
> ! the default value was 5, but the limit was not actually enforced. If
> ! you have set this to a lower non-default value, certificates with longer
> ! trust chains may now fail to verify. Certificate chains with 1 or 2
> ! CAs are common, deeper chains are more rare and any number between 5
> ! and 9 should suffice in practice. You can choose a lower number if,
> ! for example, you trust certificates directly signed by an issuing CA
> ! but not any CAs it delegates to. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a>
> ! (default: nexthop, dot-nexthop)</b></DT><DD>
> ! 
> ! <p> How the Postfix SMTP client verifies the server certificate
> ! peername for the
> ! "secure" TLS security level. In a "secure" TLS policy table
> ! ($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
> ! overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
> ! 
> ! <p> This parameter specifies one or more patterns or strategies separated
> ! by commas, whitespace or colons.  In the policy table the only valid
> ! separator is the colon character. </p>
> ! 
> ! <p> For a description of the pattern and strategy syntax see the
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. The "hostname" strategy should
> ! be avoided in this context, as in the absence of a secure global DNS, using
> ! the results of MX lookups in certificate verification is not immune to active
> ! (man-in-the-middle) attacks on DNS. </p>
> ! 
> ! <p>
> ! Sample <a href="postconf.5.html">main.cf</a> setting:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
> ! </pre>
> ! </blockquote>
> ! 
> ! <p>
> ! Sample policy table override:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! example.net     secure match=example.com:.example.com
> ! .example.net    secure match=example.com:.example.com
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_security_level">smtp_tls_security_level</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> The default SMTP TLS security level for the Postfix SMTP client;
> ! when a non-empty value is specified, this overrides the obsolete
> ! parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
> ! </p>
> ! 
> ! <p> Specify one of the following security levels: </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b>none</b></dt> <dd> TLS will not be used unless enabled for specific
> ! destinations via <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>. </dd>
> ! 
> ! <dt><b>may</b></dt>
> ! <dd> Opportunistic TLS. Use TLS if this is supported by the remote
> ! SMTP server, otherwise use plaintext. Since
> ! sending in the clear is acceptable, demanding stronger than default TLS
> ! security merely reduces inter-operability.
> ! The "<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>" and "<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>" (Postfix ≥ 2.6)
> ! configuration parameters provide control over the protocols and
> ! cipher grade used with opportunistic TLS.  With earlier releases the
> ! opportunistic TLS cipher grade is always "export" and no protocols
> ! are disabled.
> ! When TLS handshakes fail, the connection is retried with TLS disabled.
> ! This allows mail delivery to sites with non-interoperable TLS
> ! implementations. </dd>
> ! 
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption. Since a minimum
> ! level of security is intended, it is reasonable to be specific about
> ! sufficiently secure protocol versions and ciphers. At this security level
> ! and higher, the <a href="postconf.5.html">main.cf</a> parameters <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> specify the TLS protocols and minimum
> ! cipher grade which the administrator considers secure enough for
> ! mandatory encrypted sessions. This security level is not an appropriate
> ! default for systems delivering mail to the Internet. </dd>
> ! 
> ! <dt><b>fingerprint</b></dt> <dd>Certificate fingerprint
> ! verification. Available with Postfix 2.5 and later. At this security
> ! level, there are no trusted certificate authorities. The certificate
> ! trust chain, expiration date, ... are not checked. Instead, the
> ! <b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b> parameter lists the certificate
> ! fingerprint or public key fingerprint (Postfix 2.9 and later) of
> ! the valid server certificate. The digest
> ! algorithm used to calculate the fingerprint is selected by the
> ! <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. </dd>
> ! 
> ! <dt><b>verify</b></dt> <dd>Mandatory TLS verification. At this security
> ! level, DNS MX lookups are trusted to be secure enough, and the name
> ! verified in the server certificate is usually obtained indirectly
> ! via unauthenticated DNS MX lookups. The <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
> ! parameter controls how the server name is verified. In practice explicit
> ! control over matching is more common at the "secure" level, described
> ! below. This security level is not an appropriate default for systems
> ! delivering mail to the Internet. </dd>
> ! 
> ! <dt><b>secure</b></dt> <dd>Secure-channel TLS.  At this security level,
> ! DNS MX lookups, though potentially used to determine the candidate
> ! next-hop gateway IP addresses, are <b>not</b> trusted to be secure enough
> ! for TLS peername verification. Instead, the default name verified in
> ! the server certificate is obtained from the next-hop domain as specified
> ! in the <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> configuration parameter. The default
> ! matching rule is that a server certificate matches when its name is equal
> ! to or is a sub-domain of the nexthop domain. This security level is not
> ! an appropriate default for systems delivering mail to the Internet. </dd>
> ! 
> ! </dl>
> ! 
> ! <p>
> ! Examples:
> ! </p>
> ! 
> ! <pre>
> ! # No TLS. Formerly: <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>=no and <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>=no.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = none
> ! </pre>
> ! 
> ! <pre>
> ! # Opportunistic TLS.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may
> ! # Postfix ≥ 2.6:
> ! # Do not tweak opportunistic ciphers or protocol unless it is essential
> ! # to do so (if a security vulnerability is found in the SSL library that
> ! # can be mitigated by disabling a particular protocol or raising the
> ! # cipher grade from "export" to "low" or "medium").
> ! <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
> ! <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2
> ! </pre>
> ! 
> ! <pre>
> ! # Mandatory (high-grade) TLS encryption.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! </pre>
> ! 
> ! <pre>
> ! # Mandatory TLS verification of hostname or nexthop domain.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = verify
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
> ! </pre>
> ! 
> ! <pre>
> ! # Secure channel TLS with exact nexthop name match.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = secure
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
> ! </pre>
> ! 
> ! <pre>
> ! # Certificate fingerprint verification (Postfix ≥ 2.5).
> ! # The CA-less "fingerprint" security level only scales to a limited
> ! # number of destinations. As a global default rather than a per-site
> ! # setting, this is practical when mail for all recipients is sent
> ! # to a central mail hub.
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
> !     3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !     EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Name of the file containing the optional Postfix SMTP client
> ! TLS session cache. Specify a database type that supports enumeration,
> ! such as <b>btree</b> or <b>sdbm</b>; there is no need to support
> ! concurrent access.  The file is created if it does not exist. The <a href="smtp.8.html">smtp(8)</a>
> ! daemon does not use this parameter directly, rather the cache is
> ! implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
> ! per-smtp-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not effective.
> ! Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon:
> ! $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
> ! (and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to
> ! be stored separately. It is not at this time possible to store multiple
> ! caches in a single database. </p>
> ! 
> ! <p> Note: <b>dbm</b> databases are not suitable. TLS
> ! session objects are too large. </p>
> ! 
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file. The file should now be stored under the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
> ! under a non-Postfix directory is redirected to the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> = btree:/var/lib/postfix/smtp_scache
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a>
> ! (default: 3600s)</b></DT><DD>
> ! 
> ! <p> The expiration time of Postfix SMTP client TLS session cache
> ! information.  A cache cleanup is performed periodically
> ! every $<a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> seconds. As with
> ! $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>, this parameter is implemented in the
> ! <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtp-instance <a href="master.5.html">master.cf</a> overrides
> ! are not possible. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
> ! (default: hostname)</b></DT><DD>
> ! 
> ! <p> How the Postfix SMTP client verifies the server certificate
> ! peername for the
> ! "verify" TLS security level. In a "verify" TLS policy table
> ! ($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
> ! overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
> ! 
> ! <p> This parameter specifies one or more patterns or strategies separated
> ! by commas, whitespace or colons.  In the policy table the only valid
> ! separator is the colon character. </p>
> ! 
> ! <p> Patterns specify domain names, or domain name suffixes: </p>
> ! 
> ! <dl>
> ! 
> ! <dt><i>example.com</i></dt> <dd> Match the <i>example.com</i> domain,
> ! i.e. one of the names the server certificate must be <i>example.com</i>,
> ! upper and lower case distinctions are ignored. </dd>
> ! 
> ! <dt><i>.example.com</i></dt>
> ! <dd> Match subdomains of the <i>example.com</i> domain, i.e. match
> ! a name in the server certificate that consists of a non-zero number of
> ! labels followed by a <i>.example.com</i> suffix. Case distinctions are
> ! ignored.</dd>
> ! 
> ! </dl>
> ! 
> ! <p> Strategies specify a transformation from the next-hop domain
> ! to the expected name in the server certificate: </p>
> ! 
> ! <dl>
> ! 
> ! <dt>nexthop</dt>
> ! <dd> Match against the next-hop domain, which is either the recipient
> ! domain, or the transport next-hop configured for the domain stripped of
> ! any optional socket type prefix, enclosing square brackets and trailing
> ! port. When MX lookups are not suppressed, this is the original nexthop
> ! domain prior to the MX lookup, not the result of the MX lookup. For
> ! LMTP delivery via UNIX-domain sockets, the verified next-hop name is
> ! $<a href="postconf.5.html#myhostname">myhostname</a>.  This strategy is suitable for use with the "secure"
> ! policy. Case is ignored.</dd>
> ! 
> ! <dt>dot-nexthop</dt>
> ! <dd> As above, but match server certificate names that are subdomains
> ! of the next-hop domain. Case is ignored.</dd>
> ! 
> ! <dt>hostname</dt> <dd> Match against the hostname of the server, often
> ! obtained via an unauthenticated DNS MX lookup. For LMTP delivery via
> ! UNIX-domain sockets, the verified name is $<a href="postconf.5.html#myhostname">myhostname</a>. This matches
> ! the verification strategy of the "MUST" keyword in the obsolete
> ! <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table, and is suitable for use with the "verify"
> ! security level. When the next-hop name is enclosed in square brackets
> ! to suppress MX lookups, the "hostname" strategy is the same as the
> ! "nexthop" strategy. Case is ignored.</dd>
> ! 
> ! </dl>
> ! 
> ! <p>
> ! Sample <a href="postconf.5.html">main.cf</a> setting:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
> ! </pre>
> ! 
> ! <p>
> ! Sample policy table override:
> ! </p>
> ! 
> ! <pre>
> ! example.com     verify  match=hostname:nexthop
> ! .example.com    verify  match=example.com:.example.com:hostname
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_use_tls">smtp_use_tls</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Opportunistic mode: use TLS when a remote SMTP server announces
> ! STARTTLS support, otherwise send the mail in the clear. Beware:
> ! some SMTP servers offer STARTTLS even if it is not configured.  With
> ! Postfix < 2.3, if the TLS handshake fails, and no other server is
> ! available, delivery is deferred and mail stays in the queue. If this
> ! is a concern for you, use the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> feature instead.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtp_xforward_timeout">smtp_xforward_timeout</a>
> ! (default: 300s)</b></DT><DD>
> ! 
> ! <p>
> ! The Postfix SMTP client time limit for sending the XFORWARD command,
> ! and for receiving the remote SMTP server response.
> ! </p>
> ! 
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a>
> ! (default: $<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b></DT><DD>
> ! 
> ! <p> What remote SMTP clients are allowed to specify the XVERP command.
> ! This command requests that mail be delivered one recipient at a
> ! time with a per recipient return address.  </p>
> ! 
> ! <p> By default, no clients are allowed to specify XVERP.  </p>
> ! 
> ! <p> This parameter was renamed with Postfix version 2.1. The default value
> ! is backwards compatible with Postfix version 2.0.  </p>
> ! 
> ! <p> Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also specify hostnames or
> ! .domain names (the initial dot causes the domain to match any name
> ! below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> ! pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> ! is matched when a table entry matches a lookup string (the lookup
> ! result is ignored).  Continue long lines by starting the next line
> ! with whitespace. Specify "!pattern" to exclude an address or network
> ! block from the list. The form "!/file/name" is supported only in
> ! Postfix version 2.4 and later.  </p>
> ! 
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! What remote SMTP clients are allowed to use the XCLIENT feature.  This
> ! command overrides remote SMTP client information that is used for access
> ! control. Typical use is for SMTP-based content filters, fetchmail-like
> ! programs, or SMTP server access rule testing. See the <a href="XCLIENT_README.html">XCLIENT_README</a>
> ! document for details.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
> ! <p>
> ! By default, no clients are allowed to specify XCLIENT.
> ! </p>
> ! 
> ! <p>
> ! Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also specify hostnames or
> ! .domain names (the initial dot causes the domain to match any name
> ! below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> ! pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> ! is matched when a table entry matches a lookup string (the lookup
> ! result is ignored).  Continue long lines by starting the next line
> ! with whitespace. Specify "!pattern" to exclude an address or network
> ! block from the list. The form "!/file/name" is supported only in
> ! Postfix version 2.4 and later.  </p>
> ! 
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! What remote SMTP clients are allowed to use the XFORWARD feature.  This
> ! command forwards information that is used to improve logging after
> ! SMTP-based content filters. See the <a href="XFORWARD_README.html">XFORWARD_README</a> document for
> ! details.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
> ! 
> ! <p>
> ! By default, no clients are allowed to specify XFORWARD.
> ! </p>
> ! 
> ! <p>
> ! Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also specify hostnames or
> ! .domain names (the initial dot causes the domain to match any name
> ! below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> ! pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> ! is matched when a table entry matches a lookup string (the lookup
> ! result is ignored).  Continue long lines by starting the next line
> ! with whitespace. Specify "!pattern" to exclude an address or network
> ! block from the list. The form "!/file/name" is supported only in
> ! Postfix version 2.4 and later.  </p>
> ! 
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_banner">smtpd_banner</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b></DT><DD>
> ! 
> ! <p>
> ! The text that follows the 220 status code in the SMTP greeting
> ! banner. Some people like to see the mail version advertised. By
> ! default, Postfix shows no version.
> ! </p>
> ! 
> ! <p>
> ! You MUST specify $<a href="postconf.5.html#myhostname">myhostname</a> at the start of the text. This is
> ! required by the SMTP protocol.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_banner">smtpd_banner</a> = $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a> ($<a href="postconf.5.html#mail_version">mail_version</a>)
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>
> ! (default: 50)</b></DT><DD>
> ! 
> ! <p>
> ! How many simultaneous connections any client is allowed to
> ! make to this service.  By default, the limit is set to half
> ! the default process limit value.
> ! </p>
> ! 
> ! <p>
> ! To disable this feature, specify a limit of 0.
> ! </p>
> ! 
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p>
> ! The maximal number of connection attempts any client is allowed to
> ! make to this service per time unit.  The time unit is specified
> ! with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
> ! </p>
> ! 
> ! <p>
> ! By default, a client can make as many connections per time unit as
> ! Postfix can accept.
> ! </p>
> ! 
> ! <p>
> ! To disable this feature, specify a limit of 0.
> ! </p>
> ! 
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> = 1000
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a>
> ! (default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
> ! 
> ! <p>
> ! Clients that are excluded from smtpd_client_*_count/rate_limit
> ! restrictions. See the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter
> ! description for the parameter value syntax.
> ! </p>
> ! 
> ! <p>
> ! By default, clients in trusted networks are excluded. Specify a
> ! list of network blocks, hostnames or .domain names (the initial
> ! dot causes the domain to match any name below it).
> ! </p>
> ! 
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> value, and
> ! in files specified with "/file/name".  IP version 6 addresses
> ! contain the ":" character, and would otherwise be confused with a
> ! "<a href="DATABASE_README.html">type:table</a>" pattern.  </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p>
> ! The maximal number of message delivery requests that any client is
> ! allowed to make to this service per time unit, regardless of whether
> ! or not Postfix actually accepts those messages.  The time unit is
> ! specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
> ! </p>
> ! 
> ! <p>
> ! By default, a client can send as many message delivery requests
> ! per time unit as Postfix can accept.
> ! </p>
> ! 
> ! <p>
> ! To disable this feature, specify a limit of 0.
> ! </p>
> ! 
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> = 1000
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p>
> ! The maximal number of new (i.e., uncached) TLS sessions that a
> ! remote SMTP client is allowed to negotiate with this service per
> ! time unit.  The time unit is specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a>
> ! configuration parameter.
> ! </p>
> ! 
> ! <p>
> ! By default, a remote SMTP client can negotiate as many new TLS
> ! sessions per time unit as Postfix can accept.
> ! </p>
> ! 
> ! <p>
> ! To disable this feature, specify a limit of 0. Otherwise, specify
> ! a limit that is at least the per-client concurrent session limit,
> ! or else legitimate client sessions may be rejected.
> ! </p>
> ! 
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.3 and later.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a> = 100
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_port_logging">smtpd_client_port_logging</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Enable logging of the remote SMTP client port in addition to
> ! the hostname and IP address. The logging format is "host[address]:port".
> ! </p>
> ! 
> ! <p> This feature is available in Postfix 2.5 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p>
> ! The maximal number of recipient addresses that any client is allowed
> ! to send to this service per time unit, regardless of whether or not
> ! Postfix actually accepts those recipients.  The time unit is specified
> ! with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
> ! </p>
> ! 
> ! <p>
> ! By default, a client can send as many recipient addresses per time
> ! unit as Postfix can accept.
> ! </p>
> ! 
> ! <p>
> ! To disable this feature, specify a limit of 0.
> ! </p>
> ! 
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> = 1000
> ! </pre>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_client_restrictions">smtpd_client_restrictions</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! Optional Postfix SMTP server access restrictions in the context of
> ! a remote SMTP client connection request.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
> ! </p>
> ! 
> ! <p>
> ! The default is to allow all connection requests.
> ! </p>
> ! 
> ! <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
> ! </p>
> ! 
> ! <p>
> ! The following restrictions are specific to client hostname or
> ! client network address information.
> ! </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b><a name="check_ccert_access">check_ccert_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd> Use the remote SMTP client certificate fingerprint or the public key
> ! fingerprint (Postfix 2.9 and later) as lookup key for the specified
> ! <a href="access.5.html">access(5)</a> database; with Postfix version 2.2, also require that the
> ! remote SMTP client certificate is verified successfully.
> ! The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  This feature is available with Postfix version
> ! 2.2 and later. </dd>
> ! 
> ! <dt><b><a name="check_client_access">check_client_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified access database for the client hostname,
> ! parent domains, client IP address, or networks obtained by stripping
> ! least significant octets. See the <a href="access.5.html">access(5)</a> manual page for details. </dd>
> ! 
> ! <dt><b><a name="check_client_mx_access">check_client_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
> ! client hostname, and execute the corresponding action.  Note: a result
> ! of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
> ! to exclude specific hosts from blacklists.  This feature is available
> ! in Postfix 2.7 and later.  </dd>
> ! 
> ! <dt><b><a name="check_client_ns_access">check_client_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers for
> ! the client hostname, and execute the corresponding action.  Note: a
> ! result of "OK" is not allowed for safety reasons. Instead, use DUNNO
> ! in order to exclude specific hosts from blacklists.  This feature is
> ! available in Postfix 2.7 and later.  </dd>
> ! 
> ! <dt><b><a name="check_reverse_client_hostname_access">check_reverse_client_hostname_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified access database for the unverified reverse
> ! client hostname, parent domains, client IP address, or networks
> ! obtained by stripping least significant octets. See the <a href="access.5.html">access(5)</a>
> ! manual page for details.  Note: a result of "OK" is not allowed for
> ! safety reasons.  Instead, use DUNNO in order to exclude specific
> ! hosts from blacklists.  This feature is available in Postfix 2.6
> ! and later.</dd>
> ! 
> ! <dt><b><a name="check_reverse_client_hostname_mx_access">check_reverse_client_hostname_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
> ! unverified reverse client hostname, and execute the corresponding
> ! action.  Note: a result of "OK" is not allowed for safety reasons.
> ! Instead, use DUNNO in order to exclude specific hosts from blacklists.
> ! This feature is available in Postfix 2.7 and later.  </dd>
> ! 
> ! <dt><b><a name="check_reverse_client_hostname_ns_access">check_reverse_client_hostname_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers for
> ! the unverified reverse client hostname, and execute the corresponding
> ! action.  Note: a result of "OK" is not allowed for safety reasons.
> ! Instead, use DUNNO in order to exclude specific hosts from blacklists.
> ! This feature is available in Postfix 2.7 and later.  </dd>
> ! 
> ! <dt><b><a name="permit_inet_interfaces">permit_inet_interfaces</a></b></dt>
> ! 
> ! <dd>Permit the request when the client IP address matches
> ! $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>. </dd>
> ! 
> ! <dt><b><a name="permit_mynetworks">permit_mynetworks</a></b></dt>
> ! 
> ! <dd>Permit the request when the client IP address matches any
> ! network or network address listed in  $<a href="postconf.5.html#mynetworks">mynetworks</a>. </dd>
> ! 
> ! <dt><b><a name="permit_sasl_authenticated">permit_sasl_authenticated</a></b></dt>
> ! 
> ! <dd> Permit the request when the client is successfully
> ! authenticated via the <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH) protocol. </dd>
> ! 
> ! <dt><b><a name="permit_tls_all_clientcerts">permit_tls_all_clientcerts</a></b></dt>
> ! 
> ! <dd> Permit the request when the remote SMTP client certificate is
> ! verified successfully.  This option must be used only if a special
> ! CA issues the certificates and only this CA is listed as trusted
> ! CA. Otherwise, clients with a third-party certificate would also
> ! be allowed to relay.  Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" when the
> ! trusted CA is specified with <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> or <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>,
> ! to prevent Postfix from appending the system-supplied default CAs.
> ! This feature is available with Postfix version 2.2.</dd>
> ! 
> ! <dt><b><a name="permit_tls_clientcerts">permit_tls_clientcerts</a></b></dt>
> ! 
> ! <dd>Permit the request when the remote SMTP client certificate
> ! fingerprint or public key fingerprint (Postfix 2.9 and later) is
> ! listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
> ! The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  This feature is available with Postfix version
> ! 2.2. </dd>
> ! 
> ! <dt><b><a name="reject_rbl_client">reject_rbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the reversed client network address is
> ! listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
> ! (Postfix version 2.1 and later only).  Each "<i>d</i>" is a number,
> ! or a pattern inside "[]" that contains one or more ";"-separated
> ! numbers or number..number ranges (Postfix version 2.8 and later).
> ! If no "<i>=d.d.d.d</i>" is specified, reject the request when the
> ! reversed client network address is listed with any A record under
> ! <i>rbl_domain</i>. <br>
> ! The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
> ! rejected requests (default:  554), the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a>  parameter
> ! specifies the default server reply, and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a>  parameter
> ! specifies tables with server replies indexed by <i>rbl_domain</i>.
> ! This feature is available in Postfix 2.0 and later.  </dd>
> ! 
> ! <dt><b><a name="permit_dnswl_client">permit_dnswl_client <i>dnswl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Accept the request when the reversed client network address is
> ! listed with the A record "<i>d.d.d.d</i>" under <i>dnswl_domain</i>.
> ! Each "<i>d</i>" is a number, or a pattern inside "[]" that contains
> ! one or more ";"-separated numbers or number..number ranges.
> ! If no "<i>=d.d.d.d</i>" is specified, accept the request when the
> ! reversed client network address is listed with any A record under
> ! <i>dnswl_domain</i>. <br> For safety, <a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a> is silently
> ! ignored when it would override <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>.  The
> ! result is DEFER_IF_REJECT when whitelist lookup fails.  This feature
> ! is available in Postfix 2.8 and later.  </dd>
> ! 
> ! <dt><b><a name="reject_rhsbl_client">reject_rhsbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the client hostname is listed with the
> ! A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
> ! 2.1 and later only).  Each "<i>d</i>" is a number, or a pattern
> ! inside "[]" that contains one or more ";"-separated numbers or
> ! number..number ranges (Postfix version 2.8 and later).  If no
> ! "<i>=d.d.d.d</i>" is specified, reject the request when the client
> ! hostname is listed with
> ! any A record under <i>rbl_domain</i>. See the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>
> ! description above for additional RBL related configuration parameters.
> ! This feature is available in Postfix 2.0 and later; with Postfix
> ! version 2.8 and later, <a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a> will usually
> ! produce better results.  </dd>
> ! 
> ! <dt><b><a name="permit_rhswl_client">permit_rhswl_client <i>rhswl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Accept the request when the client hostname is listed with the
> ! A record "<i>d.d.d.d</i>" under <i>rhswl_domain</i>.  Each "<i>d</i>"
> ! is a number, or a pattern inside "[]" that contains one or more
> ! ";"-separated numbers or number..number ranges. If no
> ! "<i>=d.d.d.d</i>" is specified, accept the request when the client
> ! hostname is listed with any A record under <i>rhswl_domain</i>.
> ! <br> Caution: client name whitelisting is fragile, since the client
> ! name lookup can fail due to temporary outages.  Client name
> ! whitelisting should be used only to reduce false positives in e.g.
> ! DNS-based blocklists, and not for making access rule exceptions.
> ! <br> For safety, <a href="postconf.5.html#permit_rhswl_client">permit_rhswl_client</a> is silently ignored when it
> ! would override <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>.  The result is DEFER_IF_REJECT
> ! when whitelist lookup fails.  This feature is available in Postfix
> ! 2.8 and later.  </dd>
> ! 
> ! <dt><b><a name="reject_rhsbl_reverse_client">reject_rhsbl_reverse_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the unverified reverse client hostname
> ! is listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>.
> ! Each "<i>d</i>" is a number, or a pattern inside "[]" that contains
> ! one or more ";"-separated numbers or number..number ranges.
> ! If no "<i>=d.d.d.d</i>" is specified, reject the request when the
> ! unverified reverse client hostname is listed with any A record under
> ! <i>rbl_domain</i>. See the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description above for
> ! additional RBL related configuration parameters.  This feature is
> ! available in Postfix 2.8 and later.  </dd>
> ! 
> ! <dt><b><a name="reject_unknown_client_hostname">reject_unknown_client_hostname</a></b> (with Postfix < 2.3: reject_unknown_client)</dt>
> ! 
> ! <dd>Reject the request when 1) the client IP address->name mapping
> ! fails, 2) the name->address mapping fails, or 3) the name->address
> ! mapping does not match the client IP address.  <br> This is a
> ! stronger restriction than the <a href="postconf.5.html#reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a>
> ! feature, which triggers only under condition 1) above. <br> The
> ! <a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response code
> ! for rejected requests (default: 450). The reply is always 450 in
> ! case the address->name or name->address lookup failed due to
> ! a temporary problem. </dd>
> ! 
> ! <dt><b><a name="reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a></b></dt>
> ! 
> ! <dd>Reject the request when the client IP address has no address->name
> ! mapping. <br> This is a weaker restriction than the
> ! <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> feature, which requires not only
> ! that the address->name and name->address mappings exist, but
> ! also that the two mappings reproduce the client IP address.  <br>
> ! The <a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response
> ! code for rejected requests (default: 450).  The reply is always 450
> ! in case the address->name lookup failed due to a temporary
> ! problem. <br> This feature is available in Postfix 2.3 and
> ! later.  </dd>
> ! 
> ! </dl>
> ! 
> ! <p>
> ! In addition, you can use any of the following <a name="generic">
> ! generic</a> restrictions.  These restrictions are applicable in
> ! any SMTP command context.
> ! </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b><a name="check_policy_service">check_policy_service <i>servername</i></a></b></dt>
> ! 
> ! <dd>Query the specified policy server. See the <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a>
> ! document for details. This feature is available in Postfix 2.1
> ! and later. </dd>
> ! 
> ! <dt><b><a name="defer">defer</a></b></dt>
> ! 
> ! <dd>Defer the request. The client is told to try again later. This
> ! restriction is useful at the end of a restriction list, to make
> ! the default policy explicit. <br> The <a href="postconf.5.html#defer_code">defer_code</a> parameter specifies
> ! the SMTP server reply code (default: 450).</dd>
> ! 
> ! <dt><b><a name="defer_if_permit">defer_if_permit</a></b></dt>
> ! 
> ! <dd>Defer the request if some later restriction would result in an
> ! explicit or implicit PERMIT action.  This is useful when a blacklisting
> ! feature fails due to a temporary problem.  This feature is available
> ! in Postfix version 2.1 and later.  </dd>
> ! 
> ! <dt><b><a name="defer_if_reject">defer_if_reject</a></b></dt>
> ! 
> ! <dd>Defer the request if some later restriction would result in a
> ! REJECT action.  This is useful when a whitelisting feature fails
> ! due to a temporary problem.  This feature is available in Postfix
> ! version 2.1 and later.  </dd>
> ! 
> ! <dt><b><a name="permit">permit</a></b></dt>
> ! 
> ! <dd>Permit the request. This restriction is useful at the end of
> ! a restriction list, to make the default policy explicit.</dd>
> ! 
> ! <dt><b><a name="reject_multi_recipient_bounce">reject_multi_recipient_bounce</a></b></dt>
> ! 
> ! <dd>Reject the request when the envelope sender is the null address,
> ! and the message has multiple envelope recipients. This usage has
> ! rare but legitimate applications: under certain conditions,
> ! multi-recipient mail that was posted with the DSN option NOTIFY=NEVER
> ! may be forwarded with the null sender address.
> ! <br> Note: this restriction can only work reliably
> ! when used in <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> or
> ! <a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>, because the total number of
> ! recipients is not known at an earlier stage of the SMTP conversation.
> ! Use at the RCPT stage will only reject the second etc.  recipient.
> ! <br>
> ! The <a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> parameter specifies the
> ! response code for rejected requests (default:  550).  This feature
> ! is available in Postfix 2.1 and later. </dd>
>   
> ! <dt><b><a name="reject_plaintext_session">reject_plaintext_session</a></b></dt>
>   
> ! <dd>Reject the request when the connection is not encrypted. This
> ! restriction should not be used before the client has had a chance
> ! to negotiate encryption with the AUTH or STARTTLS commands.
> ! <br>
> ! The <a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> parameter specifies the response
> ! code for rejected requests (default:  450).  This feature is available
> ! in Postfix 2.3 and later. </dd>
>   
> - <dt><b><a name="reject_unauth_pipelining">reject_unauth_pipelining</a></b></dt>
>   
> ! <dd>Reject the request when the client sends SMTP commands ahead
> ! of time where it is not allowed, or when the client sends SMTP
> ! commands ahead of time without knowing that Postfix actually supports
> ! ESMTP command pipelining. This stops mail from bulk mail software
> ! that improperly uses ESMTP command pipelining in order to speed up
> ! deliveries.
> ! <br> With Postfix 2.6 and later, the SMTP server sets a per-session
> ! flag whenever it detects illegal pipelining, including pipelined
> ! EHLO or HELO commands. The <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> feature simply
> ! tests whether the flag was set at any point in time during the
> ! session.
> ! <br> With older Postfix versions, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> checks
> ! the current status of the input read queue, and its usage is not
> ! recommended in contexts other than <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a>.  </dd>
>   
> ! <dt><b><a name="reject">reject</a></b></dt>
>   
> ! <dd>Reject the request. This restriction is useful at the end of
> ! a restriction list, to make the default policy explicit.  The
> ! <a href="postconf.5.html#reject_code">reject_code</a> configuration parameter specifies the response code for
> ! rejected requests (default: 554).</dd>
>   
> ! <dt><b><a name="sleep">sleep <i>seconds</i></a></b></dt>
>   
> ! <dd>Pause for the specified number of seconds and proceed with
> ! the next restriction in the list, if any. This may stop zombie
> ! mail when used as:
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
> !         sleep 1, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
> !     <a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = no
> ! </pre>
> ! This feature is available in Postfix 2.3. </dd>
>   
> - <dt><b><a name="warn_if_reject">warn_if_reject</a></b></dt>
>   
> ! <dd> A safety net for testing. When "<a href="postconf.5.html#warn_if_reject">warn_if_reject</a>" is placed
> ! before a reject-type restriction, access table query, or
> ! <a href="postconf.5.html#check_policy_service">check_policy_service</a> query, this logs a "reject_warning" message
> ! instead of rejecting a request (when a reject-type restriction fails
> ! due to a temporary error, this logs a "reject_warning" message for
> ! any implicit "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" actions that would normally prevent
> ! mail from being accepted by some later access restriction). This
> ! feature has no effect on <a href="postconf.5.html#defer_if_reject">defer_if_reject</a> restrictions.  </dd>
>   
> ! </dl>
>   
> ! <p>
> ! Other restrictions that are valid in this context:
> ! </p>
>   
> ! <ul>
>   
> ! <li> SMTP command specific restrictions that are described under
> ! the <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>, <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> parameters. When helo, sender or
> ! recipient restrictions are listed under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>,
> ! they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
> ! $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> is evaluated at the time of the RCPT TO
> ! command.
>   
> ! </ul>
>   
>   <p>
> ! Example:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a>
>   </pre>
>   
> --- 9190,9352 ----
>   
> ! <dt><b>none</b></dt>
> ! <dd>No TLS. No additional attributes are supported at this level. </dd>
>   
> ! <dt><b>may</b></dt>
> ! <dd>Opportunistic TLS. No additional attributes are supported at this
> ! level. Since sending in the clear is acceptable, demanding stronger
> ! than default TLS security parameters merely reduces inter-operability.
> ! Postfix 2.3 and later ignore the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters at this security level; all
> ! protocols are allowed and "export" grade or better ciphers are used.
> ! When TLS handshakes fail, the connection is retried with TLS disabled.
> ! This allows mail delivery to sites with non-interoperable TLS
> ! implementations.</dd>
>   
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption. At this level
> ! and higher the optional "ciphers" attribute overrides the <a href="postconf.5.html">main.cf</a>
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter and the optional "protocols"
> ! keyword overrides the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameter.
> ! In the policy table, multiple protocols must be separated by colons,
> ! as attribute values may not contain whitespace or commas. </dd>
>   
> + <dt><b>fingerprint</b></dt> <dd>Certificate fingerprint
> + verification. Available with Postfix 2.5 and later. At this security
> + level, there are no trusted certificate authorities. The certificate
> + trust chain, expiration date, ... are not checked. Instead,
> + the optional <b>match</b> attribute, or else the <a href="postconf.5.html">main.cf</a>
> + <b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b> parameter, lists the
> + valid "fingerprints" of the server certificate. The digest
> + algorithm used to calculate the fingerprint is selected by the
> + <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. Multiple fingerprints can
> + be combined with a "|" delimiter in a single match attribute, or multiple
> + match attributes can be employed. The ":" character is not used as a
> + delimiter as it occurs between each pair of fingerprint (hexadecimal)
> + digits. </dd>
>   
> ! <dt><b>verify</b></dt> <dd>Mandatory TLS verification.  At this security
> ! level, DNS MX lookups are trusted to be secure enough, and the name
> ! verified in the server certificate is usually obtained indirectly via
> ! unauthenticated DNS MX lookups.  The optional "match" attribute overrides
> ! the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. In the policy table,
> ! multiple match patterns and strategies must be separated by colons.
> ! In practice explicit control over matching is more common with the
> ! "secure" policy, described below. </dd>
>   
> ! <dt><b>secure</b></dt> <dd>Secure-channel TLS. At this security level, DNS
> ! MX lookups, though potentially used to determine the candidate next-hop
> ! gateway IP addresses, are <b>not</b> trusted to be secure enough for TLS
> ! peername verification. Instead, the default name verified in the server
> ! certificate is obtained directly from the next-hop, or is explicitly
> ! specified via the optional <b>match</b> attribute which overrides the
> ! <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> parameter. In the policy table,
> ! multiple match patterns and strategies must be separated by colons.
> ! The match attribute is most useful when multiple domains are supported by
> ! common server, the policy entries for additional domains specify matching
> ! rules for the primary domain certificate. While transport table overrides
> ! routing the secondary domains to the primary nexthop also allow secure
> ! verification, they risk delivery to the wrong destination when domains
> ! change hands or are re-assigned to new gateways. With the "match"
> ! attribute approach, routing is not perturbed, and mail is deferred if
> ! verification of a new MX host fails. </dd>
>   
> ! </dl>
>   
>   <p>
> ! Example:
>   </p>
>   
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = hash:/etc/postfix/tls_policy
> !     # Postfix 2.5 and later
> !     <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
> ! </pre>
>   
>   <pre>
> ! /etc/postfix/tls_policy:
> !     example.edu                 none
> !     example.mil                 may
> !     example.gov                 encrypt protocols=TLSv1
> !     example.com                 verify ciphers=high
> !     example.net                 secure
> !     .example.net                secure match=.example.net:example.net
> !     [mail.example.org]:587      secure match=nexthop
> !     # Postfix 2.5 and later
> !     [thumb.example.org]          fingerprint
> !     	match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
> ! 	match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> ! </pre>
>   
> ! <p> <b>Note:</b> The <b>hostname</b> strategy if listed in a non-default
> ! setting of <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> or in the <b>match</b> attribute
> ! in the policy table can render the <b>secure</b> level vulnerable to
> ! DNS forgery. Do not use the <b>hostname</b> strategy for secure-channel
> ! configurations in environments where DNS security is not assured. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a>
> ! (default: 9)</b></DT><DD>
>   
> ! <p> The verification depth for remote SMTP server certificates. A depth
> ! of 1 is sufficient if the issuing CA is listed in a local CA file. </p>
>   
> ! <p> The default verification depth is 9 (the OpenSSL default) for
> ! compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
> ! the default value was 5, but the limit was not actually enforced. If
> ! you have set this to a lower non-default value, certificates with longer
> ! trust chains may now fail to verify. Certificate chains with 1 or 2
> ! CAs are common, deeper chains are more rare and any number between 5
> ! and 9 should suffice in practice. You can choose a lower number if,
> ! for example, you trust certificates directly signed by an issuing CA
> ! but not any CAs it delegates to. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a>
> ! (default: nexthop, dot-nexthop)</b></DT><DD>
>   
> ! <p> The server certificate peername verification method for the
> ! "secure" TLS security level. In a "secure" TLS policy table
> ! ($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
> ! overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
>   
> ! <p> This parameter specifies one or more patterns or strategies separated
> ! by commas, whitespace or colons.  In the policy table the only valid
> ! separator is the colon character. </p>
>   
> ! <p> For a description of the pattern and strategy syntax see the
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. The "hostname" strategy should
> ! be avoided in this context, as in the absence of a secure global DNS, using
> ! the results of MX lookups in certificate verification is not immune to active
> ! (man-in-the-middle) attacks on DNS. </p>
>   
> ! <p>
> ! Sample <a href="postconf.5.html">main.cf</a> setting:
> ! </p>
> ! 
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
> ! </pre>
> ! </blockquote>
>   
>   <p>
> ! Sample policy table override:
>   </p>
>   
> + <blockquote>
>   <pre>
> ! example.net     secure match=example.com:.example.com
> ! .example.net    secure match=example.com:.example.com
>   </pre>
> + </blockquote>
> + 
> + <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 12461,12502 ****
>   
> ! <DT><b><a name="smtpd_command_filter">smtpd_command_filter</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> A mechanism to transform commands from remote SMTP clients.
> ! This is a last-resort tool to work around client commands that break
> ! inter-operability with the Postfix SMTP server.  Other uses involve
> ! fault injection to test Postfix's handling of invalid commands.
>   </p>
>   
> ! <p> Specify the name of a "<a href="DATABASE_README.html">type:table</a>" lookup table. The search
> ! string is the SMTP command as received from the remote SMTP client,
> ! except that initial whitespace and the trailing <CR><LF>
> ! are removed.  The result value is executed by the Postfix SMTP
> ! server.  </p>
>   
> ! <p> There is no need to use <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> for the following
> ! cases: </p>
>   
> ! <ul>
>   
> ! <li> <p> Use "<a href="postconf.5.html#resolve_numeric_domain">resolve_numeric_domain</a> = yes" to accept
> ! "<i>user at ipaddress</i>". </p>
>   
> ! <li> <p> Postfix already accepts the correct form
> ! "<i>user@[ipaddress]</i>". Use <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> or <a href="postconf.5.html#canonical_maps">canonical_maps</a>
> ! to translate these into domain names if necessary.  </p>
> ! 
> ! <li> <p> Use "<a href="postconf.5.html#strict_rfc821_envelopes">strict_rfc821_envelopes</a> = no" to accept "RCPT TO:<<i>User
> ! Name <user at example.com>></i>". Postfix will ignore the "<i>User
> ! Name</i>" part and deliver to the <i><user at example.com></i> address.
> ! </p>
>   
> ! </ul>
>   
> ! <p> Examples of problems that can be solved with the <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>
> ! feature: </p>
>   
>   <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/command_filter
>   </pre>
> --- 9355,9428 ----
>   
> ! <DT><b><a name="smtp_tls_security_level">smtp_tls_security_level</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> The default SMTP TLS security level for the Postfix SMTP client;
> ! when a non-empty value is specified, this overrides the obsolete
> ! parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
>   </p>
>   
> ! <p> Specify one of the following security levels: </p>
> ! 
> ! <dl>
>   
> ! <dt><b>none</b></dt> <dd> TLS will not be used unless enabled for specific
> ! destinations via <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>. </dd>
>   
> ! <dt><b>may</b></dt>
> ! <dd> Opportunistic TLS. TLS will be used if supported by the server. Since
> ! sending in the clear is acceptable, demanding stronger than default TLS
> ! security parameters merely reduces inter-operability. Postfix 2.3 and
> ! later ignore the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters at this security level; all
> ! protocols are allowed and "export" grade or better ciphers are used.
> ! When TLS handshakes fail, the connection is retried with TLS disabled.
> ! This allows mail delivery to sites with non-interoperable TLS
> ! implementations. </dd>
>   
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption. Since a minimum
> ! level of security is intended, it reasonable to be specific about
> ! sufficiently secure protocol versions and ciphers. At this security level
> ! and higher, the <a href="postconf.5.html">main.cf</a> parameters <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> and
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> specify the TLS protocols and minimum
> ! cipher grade which the administrator considers secure enough for
> ! mandatory encrypted sessions. This security level is not an appropriate
> ! default for systems delivering mail to the Internet. </dd>
>   
> ! <dt><b>fingerprint</b></dt> <dd>Certificate fingerprint
> ! verification. Available with Postfix 2.5 and later. At this security
> ! level, there are no trusted certificate authorities. The certificate
> ! trust chain, expiration date, ... are not checked. Instead,
> ! the <b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b> parameter lists
> ! the valid "fingerprints" of the server certificate. The digest
> ! algorithm used to calculate the fingerprint is selected by the
> ! <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. </dd>
>   
> ! <dt><b>verify</b></dt> <dd>Mandatory TLS verification. At this security
> ! level, DNS MX lookups are trusted to be secure enough, and the name
> ! verified in the server certificate is usually obtained indirectly
> ! via unauthenticated DNS MX lookups. The <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
> ! parameter controls how the server name is verified. In practice explicit
> ! control over matching is more common at the "secure" level, described
> ! below. This security level is not an appropriate default for systems
> ! delivering mail to the Internet. </dd>
> ! 
> ! <dt><b>secure</b></dt> <dd>Secure-channel TLS.  At this security level,
> ! DNS MX lookups, though potentially used to determine the candidate
> ! next-hop gateway IP addresses, are <b>not</b> trusted to be secure enough
> ! for TLS peername verification. Instead, the default name verified in
> ! the server certificate is obtained from the next-hop domain as specified
> ! in the <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> configuration parameter. The default
> ! matching rule is that a server certificate matches when its name is equal
> ! to or is a sub-domain of the nexthop domain. This security level is not
> ! an appropriate default for systems delivering mail to the Internet. </dd>
> ! 
> ! </dl>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
>   <pre>
> ! # No TLS. Formerly: <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>=no and <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>=no.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = none
>   </pre>
> ***************
> *** 12504,12508 ****
>   <pre>
> ! /etc/postfix/command_filter:
> !     # Work around clients that send malformed HELO commands.
> !     /^HELO\s*$/ HELO domain.invalid
>   </pre>
> --- 9430,9433 ----
>   <pre>
> ! # Opportunistic TLS.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may
>   </pre>
> ***************
> *** 12510,12513 ****
>   <pre>
> !     # Work around clients that send empty lines.
> !     /^\s*$/     NOOP
>   </pre>
> --- 9435,9439 ----
>   <pre>
> ! # Mandatory (high-grade) TLS encryption.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
>   </pre>
> ***************
> *** 12515,12519 ****
>   <pre>
> !     # Work around clients that send RCPT TO:<'user at domain'>.
> !     # WARNING: do not lose the parameters that follow the address.
> !     /^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/     RCPT TO:<$1>$2
>   </pre>
> --- 9441,9446 ----
>   <pre>
> ! # Mandatory TLS verification of hostname or nexthop domain.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = verify
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
>   </pre>
> ***************
> *** 12521,12525 ****
>   <pre>
> !     # Append XVERP to MAIL FROM commands to request VERP-style delivery.
> !     # See <a href="VERP_README.html">VERP_README</a> for more information on how to use Postfix VERP.
> !     /^(MAIL FROM:<listname at example\.com>.*)/   $1 XVERP
>   </pre>
> --- 9448,9454 ----
>   <pre>
> ! # Secure channel TLS with exact nexthop name match.
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = secure
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
>   </pre>
> ***************
> *** 12527,12535 ****
>   <pre>
> !     # Bounce-never mail sink. Use <a href="postconf.5.html#notify_classes">notify_classes</a>=bounce,resource,software
> !     # to send bounced mail to the postmaster (with message body removed).
> !     /^(RCPT\s+TO:.*?)\bNOTIFY=\S+\b(.*)/ $1 NOTIFY=NEVER $2
> !     /^(RCPT\s+TO:.*)/                    $1 NOTIFY=NEVER
>   </pre>
>   
> ! <p> This feature is available in Postfix 2.7. </p>
>   
> --- 9456,9472 ----
>   <pre>
> ! # Certificate fingerprint verification (Postfix ≥ 2.5).
> ! # The CA-less "fingerprint" security level only scales to a limited
> ! # number of destinations. As a global default rather than a per-site
> ! # setting, this is practical when mail for all recipients is sent
> ! # to a central mail hub.
> ! <a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
> ! <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
> ! <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
> ! <a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
> !     3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
> !     EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
>   </pre>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 12538,12609 ****
>   
> ! <DT><b><a name="smtpd_data_restrictions">smtpd_data_restrictions</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional access restrictions that the Postfix SMTP server applies
> ! in the context of the SMTP DATA command.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
> ! 
> ! <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
> ! </p>
> ! 
> ! <p>
> ! The following restrictions are valid in this context:
> ! </p>
> ! 
> ! <ul>
> ! 
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> ! 
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
>   
> ! <li>However, no recipient information is available in the case of
> ! multi-recipient mail. Acting on only one recipient would be misleading,
> ! because any decision will affect all recipients equally. Acting on
> ! all recipients would require a possibly very large amount of memory,
> ! and would also be misleading for the reasons mentioned before.
>   
> ! </ul>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
> ! <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a>
>   </pre>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> Postpone the start of an SMTP mail transaction until a valid
> ! RCPT TO command is received. Specify "no" to create a mail transaction
> ! as soon as the Postfix SMTP server receives a valid MAIL FROM
> ! command. </p>
> ! 
> ! <p> With sites that reject lots of mail, the default setting reduces
> ! the use of
> ! disk, CPU and memory resources. The downside is that rejected
> ! recipients are logged with NOQUEUE instead of a mail transaction
> ! ID. This complicates the logfile analysis of multi-recipient mail.
> ! </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> --- 9475,9508 ----
>   
> ! <DT><b><a name="smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Name of the file containing the optional Postfix SMTP client
> ! TLS session cache. Specify a database type that supports enumeration,
> ! such as <b>btree</b> or <b>sdbm</b>; there is no need to support
> ! concurrent access.  The file is created if it does not exist. The <a href="smtp.8.html">smtp(8)</a>
> ! daemon does not use this parameter directly, rather the cache is
> ! implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
> ! per-smtp-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not effective.
> ! Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon:
> ! $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
> ! (and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to
> ! be stored separately. It is not at this time possible to store multiple
> ! caches in a single database. </p>
>   
> ! <p> Note: <b>dbm</b> databases are not suitable. TLS
> ! session objects are too large. </p>
>   
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file. The file should now be stored under the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
> ! under a non-Postfix directory is redirected to the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
>   
> ! <p> Example: </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> = btree:/var/lib/postfix/smtp_scache
>   </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 12612,12635 ****
>   
> ! <DT><b><a name="smtpd_delay_reject">smtpd_delay_reject</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Wait until the RCPT TO command before evaluating
> ! $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
> ! $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until the ETRN command before
> ! evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
> ! </p>
>   
> ! <p>
> ! This feature is turned on by default because some clients apparently
> ! mis-behave when the Postfix SMTP server rejects commands before
> ! RCPT TO.
> ! </p>
>   
> ! <p>
> ! The default setting has one major benefit: it allows Postfix to log
> ! recipient address information when rejecting a client name/address
> ! or sender address, so that it is possible to find out whose mail
> ! is being rejected.
> ! </p>
>   
> --- 9511,9523 ----
>   
> ! <DT><b><a name="smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a>
> ! (default: 3600s)</b></DT><DD>
>   
> ! <p> The expiration time of Postfix SMTP client TLS session cache
> ! information.  A cache cleanup is performed periodically
> ! every $<a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> seconds. As with
> ! $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>, this parameter is implemented in the
> ! <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtp-instance <a href="master.5.html">master.cf</a> overrides
> ! are not possible. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 12638,12691 ****
>   
> ! <DT><b><a name="smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP client address, with
> ! case insensitive lists of EHLO keywords (pipelining, starttls, auth,
> ! etc.) that the Postfix SMTP server will not send in the EHLO response
> ! to a
> ! remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> for details.
> ! The table is not searched by hostname for robustness reasons.  </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> A case insensitive list of EHLO keywords (pipelining, starttls,
> ! auth, etc.) that the Postfix SMTP server will not send in the EHLO
> ! response
> ! to a remote SMTP client. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p> Notes: </p>
>   
> ! <ul>
>   
> ! <li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
> ! this action from being logged. </p>
>   
> ! <li> <p> Use the <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> feature
> ! to discard EHLO keywords selectively.  </p>
>   
> ! </ul>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Optional access restrictions that the Postfix SMTP server
> ! applies in the context of the SMTP END-OF-DATA command.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p> See <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> for details and limitations. </p>
>   
> --- 9526,9603 ----
>   
> ! <DT><b><a name="smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
> ! (default: hostname)</b></DT><DD>
>   
> ! <p> The server certificate peername verification method for the
> ! "verify" TLS security level. In a "verify" TLS policy table
> ! ($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
> ! overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
>   
> ! <p> This parameter specifies one or more patterns or strategies separated
> ! by commas, whitespace or colons.  In the policy table the only valid
> ! separator is the colon character. </p>
>   
> + <p> Patterns specify domain names, or domain name suffixes: </p>
>   
> ! <dl>
>   
> ! <dt><i>example.com</i></dt> <dd> Match the <i>example.com</i> domain,
> ! i.e. one of the names the server certificate must be <i>example.com</i>,
> ! upper and lower case distinctions are ignored. </dd>
>   
> ! <dt><i>.example.com</i></dt>
> ! <dd> Match subdomains of the <i>example.com</i> domain, i.e. match
> ! a name in the server certificate that consists of a non-zero number of
> ! labels followed by a <i>.example.com</i> suffix. Case distinctions are
> ! ignored.</dd>
>   
> ! </dl>
>   
> ! <p> Strategies specify a transformation from the next-hop domain
> ! to the expected name in the server certificate: </p>
>   
> ! <dl>
>   
> ! <dt>nexthop</dt>
> ! <dd> Match against the next-hop domain, which is either the recipient
> ! domain, or the transport next-hop configured for the domain stripped of
> ! any optional socket type prefix, enclosing square brackets and trailing
> ! port. When MX lookups are not suppressed, this is the original nexthop
> ! domain prior to the MX lookup, not the result of the MX lookup. For
> ! LMTP delivery via UNIX-domain sockets, the verified next-hop name is
> ! $<a href="postconf.5.html#myhostname">myhostname</a>.  This strategy is suitable for use with the "secure"
> ! policy. Case is ignored.</dd>
>   
> ! <dt>dot-nexthop</dt>
> ! <dd> As above, but match server certificate names that are subdomains
> ! of the next-hop domain. Case is ignored.</dd>
>   
> ! <dt>hostname</dt> <dd> Match against the hostname of the server, often
> ! obtained via an unauthenticated DNS MX lookup. For LMTP delivery via
> ! UNIX-domain sockets, the verified name is $<a href="postconf.5.html#myhostname">myhostname</a>. This matches
> ! the verification strategy of the "MUST" keyword in the obsolete
> ! <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table, and is suitable for use with the "verify"
> ! security level. When the next-hop name is enclosed in square brackets
> ! to suppress MX lookups, the "hostname" strategy is the same as the
> ! "nexthop" strategy. Case is ignored.</dd>
>   
> + </dl>
>   
> ! <p>
> ! Sample <a href="postconf.5.html">main.cf</a> setting:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
> ! </pre>
>   
> ! <p>
> ! Sample policy table override:
>   </p>
>   
> ! <pre>
> ! example.com     verify  match=hostname:nexthop
> ! .example.com    verify  match=example.com:.example.com:hostname
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 12694,12727 ****
>   
> ! <DT><b><a name="smtpd_enforce_tls">smtpd_enforce_tls</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Mandatory TLS: announce STARTTLS support to remote SMTP clients,
> ! and require that clients use TLS encryption.  According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a>
> ! this MUST NOT be applied in case of a publicly-referenced SMTP
> ! server.  This option is therefore off by default. </p>
> ! 
> ! <p> Note 1: "<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> = yes" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
> ! 
> ! <p> Note 2: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
> ! STARTTLS due to insufficient privileges to access the server private
> ! key. This is intended behavior. </p>
>   
>   <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_error_sleep_time">smtpd_error_sleep_time</a>
> ! (default: 1s)</b></DT><DD>
> ! 
> ! <p>With Postfix version 2.1 and later: the SMTP server response delay after
> ! a client has made more than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and
> ! fewer than $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering mail.
> ! </p>
> ! 
> ! <p>With Postfix version 2.0 and earlier: the SMTP server delay before
> ! sending a reject (4xx or 5xx) response, when the client has made
> ! fewer than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors without delivering
> ! mail. </p>
>   
> --- 9606,9619 ----
>   
> ! <DT><b><a name="smtp_use_tls">smtp_use_tls</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Opportunistic mode: use TLS when a remote SMTP server announces
> ! STARTTLS support, otherwise send the mail in the clear. Beware:
> ! some SMTP servers offer STARTTLS even if it is not configured.  With
> ! Postfix < 2.3, if the TLS handshake fails, and no other server is
> ! available, delivery is deferred and mail stays in the queue. If this
> ! is a concern for you, use the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> feature instead.  </p>
>   
>   <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
>   
> ***************
> *** 12730,12745 ****
>   
> ! <DT><b><a name="smtpd_etrn_restrictions">smtpd_etrn_restrictions</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p>
> ! Optional SMTP server access restrictions in the context of a client
> ! ETRN request.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
> ! </p>
>   
>   <p>
> ! The Postfix ETRN implementation accepts only destinations that are
> ! eligible for the Postfix "fast flush" service. See the <a href="ETRN_README.html">ETRN_README</a>
> ! file for details.
>   </p>
> --- 9622,9629 ----
>   
> ! <DT><b><a name="smtp_xforward_timeout">smtp_xforward_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The SMTP client time limit for sending the XFORWARD command, and
> ! for receiving the server response.
>   </p>
> ***************
> *** 12747,12752 ****
>   <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
>   </p>
> --- 9631,9634 ----
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
> ***************
> *** 12754,12790 ****
>   <p>
> ! The following restrictions are specific to the domain name information
> ! received with the ETRN command.
>   </p>
>   
> - <dl>
> - 
> - <dt><b><a name="check_etrn_access">check_etrn_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> - 
> - <dd>Search the specified access database for the ETRN domain name
> - or its parent domains. See the <a href="access.5.html">access(5)</a> manual page for details.
> - </dd>
> - 
> - </dl>
>   
> ! <p>
> ! Other restrictions that are valid in this context:
> ! </p>
>   
> ! <ul>
>   
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
>   
> ! </ul>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, reject
> ! </pre>
>   
> --- 9636,9672 ----
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a>
> ! (default: $<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b></DT><DD>
>   
> ! <p> What SMTP clients are allowed to specify the XVERP command.
> ! This command requests that mail be delivered one recipient at a
> ! time with a per recipient return address.  </p>
>   
> ! <p> By default, no clients are allowed to specify XVERP.  </p>
>   
> ! <p> This parameter was renamed with Postfix version 2.1. The default value
> ! is backwards compatible with Postfix version 2.0.  </p>
>   
> ! <p> Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also specify hostnames or
> ! .domain names (the initial dot causes the domain to match any name
> ! below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> ! pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> ! is matched when a table entry matches a lookup string (the lookup
> ! result is ignored).  Continue long lines by starting the next line
> ! with whitespace. Specify "!pattern" to exclude an address or network
> ! block from the list. The form "!/file/name" is supported only in
> ! Postfix version 2.4 and later.  </p>
>   
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
>   
> ***************
> *** 12793,12801 ****
>   
> ! <DT><b><a name="smtpd_expansion_filter">smtpd_expansion_filter</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
>   <p>
> ! What characters are allowed in $name expansions of RBL reply
> ! templates. Characters not in the allowed set are replaced by "_".
> ! Use C like escapes to specify special characters such as whitespace.
>   </p>
> --- 9675,9685 ----
>   
> ! <DT><b><a name="smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! What SMTP clients are allowed to use the XCLIENT feature.  This
> ! command overrides SMTP client information that is used for access
> ! control. Typical use is for SMTP-based content filters, fetchmail-like
> ! programs, or SMTP server access rule testing. See the <a href="XCLIENT_README.html">XCLIENT_README</a>
> ! document for details.
>   </p>
> ***************
> *** 12803,12805 ****
>   <p>
> ! This parameter is not subjected to $parameter expansion.
>   </p>
> --- 9687,9689 ----
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> ***************
> *** 12807,12811 ****
>   <p>
> ! This feature is available in Postfix 2.0 and later.
>   </p>
>   
>   
> --- 9691,9714 ----
>   <p>
> ! By default, no clients are allowed to specify XCLIENT.
>   </p>
>   
> + <p>
> + Specify a list of network/netmask patterns, separated by commas
> + and/or whitespace. The mask specifies the number of bits in the
> + network part of a host address. You can also specify hostnames or
> + .domain names (the initial dot causes the domain to match any name
> + below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> + pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> + is matched when a table entry matches a lookup string (the lookup
> + result is ignored).  Continue long lines by starting the next line
> + with whitespace. Specify "!pattern" to exclude an address or network
> + block from the list. The form "!/file/name" is supported only in
> + Postfix version 2.4 and later.  </p>
> + 
> + <p> Note: IP version 6 address information must be specified inside
> + <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> value, and in
> + files specified with "/file/name".  IP version 6 addresses contain
> + the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> + pattern.  </p>
> + 
>   
> ***************
> *** 12813,12823 ****
>   
> ! <DT><b><a name="smtpd_forbidden_commands">smtpd_forbidden_commands</a>
> ! (default: CONNECT, GET, POST)</b></DT><DD>
>   
>   <p>
> ! List of commands that cause the Postfix SMTP server to immediately
> ! terminate the session with a 221 code. This can be used to disconnect
> ! clients that obviously attempt to abuse the system. In addition to the
> ! commands listed in this parameter, commands that follow the "Label:"
> ! format of message headers will also cause a disconnect.
>   </p>
> --- 9716,9725 ----
>   
> ! <DT><b><a name="smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! What SMTP clients are allowed to use the XFORWARD feature.  This
> ! command forwards information that is used to improve logging after
> ! SMTP-based content filters. See the <a href="XFORWARD_README.html">XFORWARD_README</a> document for
> ! details.
>   </p>
> ***************
> *** 12825,12843 ****
>   <p>
> ! This feature is available in Postfix 2.2 and later.
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_hard_error_limit">smtpd_hard_error_limit</a>
> ! (default: normal: 20, overload: 1)</b></DT><DD>
>   
>   <p>
> ! The maximal number of errors a remote SMTP client is allowed to
> ! make without delivering mail. The Postfix SMTP server disconnects
> ! when the limit is exceeded. Normally the default limit is 20, but
> ! it changes under overload to just 1. With Postfix 2.5 and earlier,
> ! the SMTP server always allows up to 20 errors by default.
>   
> ! </p>
>   
> --- 9727,9753 ----
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
> ! <p>
> ! By default, no clients are allowed to specify XFORWARD.
> ! </p>
>   
>   <p>
> ! Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also specify hostnames or
> ! .domain names (the initial dot causes the domain to match any name
> ! below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
> ! pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
> ! is matched when a table entry matches a lookup string (the lookup
> ! result is ignored).  Continue long lines by starting the next line
> ! with whitespace. Specify "!pattern" to exclude an address or network
> ! block from the list. The form "!/file/name" is supported only in
> ! Postfix version 2.4 and later.  </p>
>   
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
>   
> ***************
> *** 12846,12854 ****
>   
> ! <DT><b><a name="smtpd_helo_required">smtpd_helo_required</a>
> ! (default: no)</b></DT><DD>
>   
>   <p>
> ! Require that a remote SMTP client introduces itself with the HELO
> ! or EHLO command before sending the MAIL command or other commands
> ! that require EHLO negotiation.
>   </p>
> --- 9756,9769 ----
>   
> ! <DT><b><a name="smtpd_banner">smtpd_banner</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b></DT><DD>
> ! 
> ! <p>
> ! The text that follows the 220 status code in the SMTP greeting
> ! banner. Some people like to see the mail version advertised. By
> ! default, Postfix shows no version.
> ! </p>
>   
>   <p>
> ! You MUST specify $<a href="postconf.5.html#myhostname">myhostname</a> at the start of the text. This is
> ! required by the SMTP protocol.
>   </p>
> ***************
> *** 12860,12862 ****
>   <pre>
> ! <a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes
>   </pre>
> --- 9775,9777 ----
>   <pre>
> ! <a href="postconf.5.html#smtpd_banner">smtpd_banner</a> = $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a> ($<a href="postconf.5.html#mail_version">mail_version</a>)
>   </pre>
> ***************
> *** 12866,12875 ****
>   
> ! <DT><b><a name="smtpd_helo_restrictions">smtpd_helo_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional restrictions that the Postfix SMTP server applies in the
> ! context of the SMTP HELO command.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
>   </p>
> --- 9781,9789 ----
>   
> ! <DT><b><a name="smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>
> ! (default: 50)</b></DT><DD>
>   
>   <p>
> ! How many simultaneous connections any client is allowed to
> ! make to this service.  By default, the limit is set to half
> ! the default process limit value.
>   </p>
> ***************
> *** 12877,12884 ****
>   <p>
> ! The default is to permit everything.
> ! </p>
> ! 
> ! <p> Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
> ! restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
> ! simply skip <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> by not sending HELO or EHLO).
>   </p>
> --- 9791,9793 ----
>   <p>
> ! To disable this feature, specify a limit of 0.
>   </p>
> ***************
> *** 12886,12891 ****
>   <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
>   </p>
> --- 9795,9798 ----
>   <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
>   </p>
> ***************
> *** 12893,13086 ****
>   <p>
> ! The following restrictions are specific to the hostname information
> ! received with the HELO or EHLO command.
>   </p>
>   
> - <dl>
> - 
> - <dt><b><a name="check_helo_access">check_helo_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> - 
> - <dd>Search the specified <a href="access.5.html">access(5)</a> database for the HELO or EHLO
> - hostname or parent domains, and execute the corresponding action.
> - Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
> - restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
> - simply skip <a href="postconf.5.html#check_helo_access">check_helo_access</a> by not sending HELO or EHLO).  </dd>
> - 
> - <dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> - 
> - <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> - the HELO or EHLO hostname, and execute the corresponding action.
> - Note 1: a result of "OK" is not allowed for safety reasons. Instead,
> - use DUNNO in order to exclude specific hosts from blacklists.  Note
> - 2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
> - restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
> - simply skip <a href="postconf.5.html#check_helo_mx_access">check_helo_mx_access</a> by not sending HELO or EHLO).  This
> - feature is available in Postfix 2.1 and later.
> - </dd>
> - 
> - <dt><b><a name="check_helo_ns_access">check_helo_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> - 
> - <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> - for the HELO or EHLO hostname, and execute the corresponding action.
> - Note 1: a result of "OK" is not allowed for safety reasons. Instead,
> - use DUNNO in order to exclude specific hosts from blacklists.  Note
> - 2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
> - restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
> - simply skip <a href="postconf.5.html#check_helo_ns_access">check_helo_ns_access</a> by not sending HELO or EHLO). This
> - feature is available in Postfix 2.1 and later.
> - </dd>
> - 
> - <dt><b><a name="reject_invalid_helo_hostname">reject_invalid_helo_hostname</a></b> (with Postfix < 2.3: reject_invalid_hostname)</dt>
> - 
> - <dd>Reject the request when the HELO or EHLO hostname syntax is
> - invalid. Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce
> - this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply
> - skip <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a> by not sending HELO or EHLO).
> - <br> The <a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> specifies the response code
> - for rejected requests (default: 501).</dd>
> - 
> - <dt><b><a name="reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a></b> (with Postfix < 2.3: reject_non_fqdn_hostname)</dt>
> - 
> - <dd>Reject the request when the HELO or EHLO hostname is not in
> - fully-qualified domain form, as required by the RFC. Note: specify
> - "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this restriction
> - (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply skip
> - <a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a> by not sending HELO or EHLO).  <br>
> - The <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
> - rejected requests (default: 504).</dd>
> - 
> - <dt><b><a name="reject_rhsbl_helo">reject_rhsbl_helo <i>rbl_domain=d.d.d.d</i></a></b></dt>
> - 
> - <dd>Reject the request when the HELO or EHLO hostname hostname is
> - listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
> - (Postfix version 2.1 and later only).  Each "<i>d</i>" is a number,
> - or a pattern inside "[]" that contains one or more ";"-separated
> - numbers or number..number ranges (Postfix version 2.8 and later).
> - If no "<i>=d.d.d.d</i>" is
> - specified, reject the request when the HELO or EHLO hostname is
> - listed with any A record under <i>rbl_domain</i>. See the
> - <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description for additional RBL related configuration
> - parameters.  Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
> - enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
> - client can simply skip <a href="postconf.5.html#reject_rhsbl_helo">reject_rhsbl_helo</a> by not sending HELO or
> - EHLO). This feature is available in Postfix 2.0
> - and later.  </dd>
> - 
> - <dt><b><a name="reject_unknown_helo_hostname">reject_unknown_helo_hostname</a></b> (with Postfix < 2.3: reject_unknown_hostname)</dt>
>   
> ! <dd>Reject the request when the HELO or EHLO hostname has no DNS A
> ! or MX record. <br> The <a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> parameter
> ! specifies the numerical response code for rejected requests (default:
> ! 450). <br> The <a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a> parameter
> ! specifies the action after a temporary DNS error (default:
> ! <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
> ! enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
> ! client can simply skip <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> by not sending
> ! HELO or EHLO). </dd>
>   
> ! </dl>
>   
>   <p>
> ! Other restrictions that are valid in this context:
>   </p>
>   
> - <ul>
> - 
> - <li> <a href="#generic">Generic</a> restrictions that can be used
> - in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> - 
> - <li> Client hostname or network address specific restrictions
> - described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> - 
> - <li> SMTP command specific restrictions described under
> - <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.  When
> - sender or recipient restrictions are listed under <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
> - they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
> - $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> is evaluated at the time of the RCPT TO
> - command.
> - 
> - </ul>
> - 
>   <p>
> ! Examples:
>   </p>
>   
> - <pre>
> - <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
> - <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>
> - </pre>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_history_flush_threshold">smtpd_history_flush_threshold</a>
> - (default: 100)</b></DT><DD>
> - 
>   <p>
> ! The maximal number of lines in the Postfix SMTP server command history
> ! before it is flushed upon receipt of EHLO, RSET, or end of DATA.
>   </p>
>   
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_junk_command_limit">smtpd_junk_command_limit</a>
> - (default: normal: 100, overload: 1)</b></DT><DD>
> - 
>   <p>
> ! The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
> ! SMTP client can send before the Postfix SMTP server starts to
> ! increment the error counter with each junk command.  The junk
> ! command count is reset after mail is delivered.  See also the
> ! <a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> and <a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> configuration
> ! parameters.  Normally the default limit is 100, but it changes under
> ! overload to just 1. With Postfix 2.5 and earlier, the SMTP server
> ! always allows up to 100 junk commands by default.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> Enable logging of the named "permit" actions in SMTP server
> ! access lists.  This does not affect conditional actions such as
> ! "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>". </p>
> ! 
> ! <p> Specify a list of "permit" action names, "/file/name" or
> ! "<a href="DATABASE_README.html">type:table</a>" patterns, separated by commas and/or whitespace. The
> ! list is matched left to right, and the search stops on the first
> ! match. A "/file/name" pattern is replaced by its contents; a
> ! "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name matches a lookup
> ! key (the lookup result is ignored).  Continue long lines by starting
> ! the next line with whitespace. Specify "!pattern" to exclude a name
> ! from the list. </p>
>   
> ! <p> Examples: </p>
>   
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     # Log all "permit" actions.
> !     <a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> = <a href="DATABASE_README.html#types">static</a>:all
> ! </pre>
>   
>   <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     # Log "<a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a>" only.
> !     <a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> = <a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a>
>   </pre>
>   
> - <p> This feature is available in Postfix 2.10 and later.  </p>
> - 
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_milters">smtpd_milters</a>
> - (default: empty)</b></DT><DD>
> - 
> - <p> A list of Milter (mail filter) applications for new mail that
> - arrives via the Postfix <a href="smtpd.8.html">smtpd(8)</a> server. Specify space or comma as
> - separator. See the <a href="MILTER_README.html">MILTER_README</a> document for details.  </p>
> - 
> - <p> This feature is available in Postfix 2.3 and later. </p>
> - 
>   
> --- 9800,9842 ----
>   <p>
> ! This feature is available in Postfix 2.2 and later.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a>
> ! (default: 0)</b></DT><DD>
>   
>   <p>
> ! The maximal number of connection attempts any client is allowed to
> ! make to this service per time unit.  The time unit is specified
> ! with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
>   </p>
>   
>   <p>
> ! By default, a client can make as many connections per time unit as
> ! Postfix can accept.
>   </p>
>   
>   <p>
> ! To disable this feature, specify a limit of 0.
>   </p>
>   
>   <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> = 1000
>   </pre>
>   
>   
> ***************
> *** 13088,13145 ****
>   
> ! <DT><b><a name="smtpd_noop_commands">smtpd_noop_commands</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! List of commands that the Postfix SMTP server replies to with "250
> ! Ok", without doing any syntax checks and without changing state.
> ! This list overrides any commands built into the Postfix SMTP server.
>   </p>
>   
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a>
> - (default: <>)</b></DT><DD>
> - 
>   <p>
> ! The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables instead of the
> ! null sender address.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_peername_lookup">smtpd_peername_lookup</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p> Attempt to look up the remote SMTP client hostname, and verify that
> ! the name matches the client IP address. A client name is set to
> ! "unknown" when it cannot be looked up or verified, or when name
> ! lookup is disabled.  Turning off name lookup reduces delays due to
> ! DNS lookup and increases the maximal inbound delivery rate. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_per_record_deadline">smtpd_per_record_deadline</a>
> ! (default: normal: no, overload: yes)</b></DT><DD>
> ! 
> ! <p> Change the behavior of the <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> time limit, from a
> ! time limit per read or write system call, to a time limit to send
> ! or receive a complete record (an SMTP command line, SMTP response
> ! line, SMTP message content line, or TLS protocol message).  This
> ! limits the impact from hostile peers that trickle data one byte at
> ! a time.  </p>
> ! 
> ! <p> Note: when per-record deadlines are enabled, a short timeout
> ! may cause problems with TLS over very slow network connections.
> ! The reasons are that a TLS protocol message can be up to 16 kbytes
> ! long (with TLSv1), and that an entire TLS protocol message must be
> ! sent or received within the per-record deadline.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.9 and later. With older
> ! Postfix releases, the behavior is as if this parameter is set to
> ! "no". </p>
>   
> --- 9844,9869 ----
>   
> ! <DT><b><a name="smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a>
> ! (default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
>   
>   <p>
> ! Clients that are excluded from connection count, connection rate,
> ! or SMTP request rate restrictions. See the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter
> ! description for the parameter value syntax.
>   </p>
>   
>   <p>
> ! By default, clients in trusted networks are excluded. Specify a
> ! list of network blocks, hostnames or .domain names (the initial
> ! dot causes the domain to match any name below it).
>   </p>
>   
> + <p> Note: IP version 6 address information must be specified inside
> + <tt>[]</tt> in the <a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> value, and
> + in files specified with "/file/name".  IP version 6 addresses
> + contain the ":" character, and would otherwise be confused with a
> + "<a href="DATABASE_README.html">type:table</a>" pattern.  </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.2 and later.
> ! </p>
>   
> ***************
> *** 13148,13155 ****
>   
> ! <DT><b><a name="smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The time after which an idle SMTPD policy service connection is
> ! closed.
>   </p>
> --- 9872,9881 ----
>   
> ! <DT><b><a name="smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a>
> ! (default: 0)</b></DT><DD>
>   
>   <p>
> ! The maximal number of message delivery requests that any client is
> ! allowed to make to this service per time unit, regardless of whether
> ! or not Postfix actually accepts those messages.  The time unit is
> ! specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
>   </p>
> ***************
> *** 13157,13170 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a>
> ! (default: 1000s)</b></DT><DD>
>   
>   <p>
> ! The time after which an active SMTPD policy service connection is
> ! closed.
>   </p>
> --- 9883,9899 ----
>   <p>
> ! By default, a client can send as many message delivery requests
> ! per time unit as Postfix can accept.
>   </p>
>   
> + <p>
> + To disable this feature, specify a limit of 0.
> + </p>
>   
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
>   
>   <p>
> ! This feature is available in Postfix 2.2 and later.
>   </p>
> ***************
> *** 13172,13176 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> --- 9901,9909 ----
>   <p>
> ! Example:
>   </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> = 1000
> + </pre>
> + 
>   
> ***************
> *** 13178,13185 ****
>   
> ! <DT><b><a name="smtpd_policy_service_timeout">smtpd_policy_service_timeout</a>
> ! (default: 100s)</b></DT><DD>
>   
>   <p>
> ! The time limit for connecting to, writing to or receiving from a
> ! delegated SMTPD policy server.
>   </p>
> --- 9911,9920 ----
>   
> ! <DT><b><a name="smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a>
> ! (default: 0)</b></DT><DD>
>   
>   <p>
> ! The maximal number of new (i.e., uncached) TLS sessions that a
> ! remote SMTP client is allowed to negotiate with this service per
> ! time unit.  The time unit is specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a>
> ! configuration parameter.
>   </p>
> ***************
> *** 13187,13200 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_proxy_ehlo">smtpd_proxy_ehlo</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
>   
>   <p>
> ! How the Postfix SMTP server announces itself to the proxy filter.
> ! By default, the Postfix hostname is used.
>   </p>
> --- 9922,9940 ----
>   <p>
> ! By default, a remote SMTP client can negotiate as many new TLS
> ! sessions per time unit as Postfix can accept.
>   </p>
>   
> + <p>
> + To disable this feature, specify a limit of 0. Otherwise, specify
> + a limit that is at least the per-client concurrent session limit,
> + or else legitimate client sessions may be rejected.
> + </p>
>   
> ! <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
> ! </p>
>   
>   <p>
> ! This feature is available in Postfix 2.3 and later.
>   </p>
> ***************
> *** 13202,13206 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> --- 9942,9950 ----
>   <p>
> ! Example:
>   </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a> = 100
> + </pre>
> + 
>   
> ***************
> *** 13208,13228 ****
>   
> ! <DT><b><a name="smtpd_proxy_filter">smtpd_proxy_filter</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The hostname and TCP port of the mail filtering proxy server.
> ! The proxy receives all mail from the Postfix SMTP server, and is
> ! supposed to give the result to another Postfix SMTP server process.
>   </p>
>   
> ! <p> Specify "host:port" or "inet:host:port" for a TCP endpoint, or
> ! "unix:pathname" for a UNIX-domain endpoint. The host can be specified
> ! as an IP address or as a symbolic name; no MX lookups are done.
> ! When no "host" or "host:"  are specified, the local machine is
> ! assumed.  Pathname interpretation is relative to the Postfix queue
> ! directory.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
> ! 
> ! <p> The "inet:" and "unix:" prefixes are available in Postfix 2.3
> ! and later.  </p>
>   
> --- 9952,9961 ----
>   
> ! <DT><b><a name="smtpd_client_port_logging">smtpd_client_port_logging</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Enable logging of the remote SMTP client port in addition to
> ! the hostname and IP address. The logging format is "host[address]:port".
>   </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 13231,13273 ****
>   
> ! <DT><b><a name="smtpd_proxy_options">smtpd_proxy_options</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! List of options that control how the Postfix SMTP server
> ! communicates with a before-queue content filter. Specify zero or
> ! more of the following, separated by comma or whitespace.  </p>
> ! 
> ! <dl>
> ! 
> ! <dt><b>speed_adjust</b></dt>
> ! 
> ! <dd> <p> Do not connect to a before-queue content filter until an entire
> ! message has been received. This reduces the number of simultaneous
> ! before-queue content filter processes. </p>
> ! 
> ! <p> NOTE 1: A filter must not <i>selectively</i> reject recipients
> ! of a multi-recipient message.  Rejecting all recipients is OK, as
> ! is accepting all recipients. </p>
> ! 
> ! <p> NOTE 2: This feature increases the minimum amount of free queue
> ! space by $<a href="postconf.5.html#message_size_limit">message_size_limit</a>. The extra space is needed to save the
> ! message to a temporary file. </p> </dd>
> ! 
> ! </dl>
>   
>   <p>
> ! This feature is available in Postfix 2.7 and later.
>   </p>
>   
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_proxy_timeout">smtpd_proxy_timeout</a>
> - (default: 100s)</b></DT><DD>
> - 
>   <p>
> ! The time limit for connecting to a proxy filter and for sending or
> ! receiving information.  When a connection fails the client gets a
> ! generic error message while more detailed information is logged to
> ! the maillog file.
>   </p>
> --- 9964,9982 ----
>   
> ! <DT><b><a name="smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a>
> ! (default: 0)</b></DT><DD>
>   
>   <p>
> ! The maximal number of recipient addresses that any client is allowed
> ! to send to this service per time unit, regardless of whether or not
> ! Postfix actually accepts those recipients.  The time unit is specified
> ! with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
> ! </p>
>   
>   <p>
> ! By default, a client can make as many recipient addresses per time
> ! unit as Postfix can accept.
>   </p>
>   
>   <p>
> ! To disable this feature, specify a limit of 0.
>   </p>
> ***************
> *** 13275,13278 ****
>   <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
>   </p>
> --- 9984,9987 ----
>   <p>
> ! WARNING: The purpose of this feature is to limit abuse. It must
> ! not be used to regulate legitimate mail traffic.
>   </p>
> ***************
> *** 13280,13305 ****
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_recipient_limit">smtpd_recipient_limit</a>
> - (default: 1000)</b></DT><DD>
> - 
>   <p>
> ! The maximal number of recipients that the Postfix SMTP server
> ! accepts per message delivery request.
>   </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a>
> ! (default: 1000)</b></DT><DD>
> ! 
> ! <p> The number of recipients that a remote SMTP client can send in
> ! excess of the limit specified with $<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before
> ! the Postfix SMTP server increments the per-session error count
> ! for each excess recipient.  </p>
>   
> --- 9989,10000 ----
>   <p>
> ! This feature is available in Postfix 2.2 and later.
>   </p>
>   
>   <p>
> ! Example:
>   </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> = 1000
> ! </pre>
>   
> ***************
> *** 13308,13349 ****
>   
> ! <DT><b><a name="smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>
> ! (default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b></DT><DD>
> ! 
> ! <p>
> ! The access restrictions that the Postfix SMTP server applies in
> ! the context of the RCPT TO command.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
> ! </p>
>   
>   <p>
> ! By default, the Postfix SMTP server accepts:
>   </p>
>   
> - <ul>
> - 
> - <li> Mail from clients whose IP address matches $<a href="postconf.5.html#mynetworks">mynetworks</a>, or:
> - 
> - <li> Mail to remote destinations that match $<a href="postconf.5.html#relay_domains">relay_domains</a>, except
> - for addresses that contain sender-specified routing
> - (user at elsewhere@domain), or:
> - 
> - <li> Mail to local destinations that match $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> - or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or
> - $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
> - 
> - </ul>
> - 
>   <p>
> ! IMPORTANT: If you change this parameter setting, you must specify
> ! at least one of the following restrictions. Otherwise Postfix will
> ! refuse to receive mail:
>   </p>
>   
> - <blockquote>
> - <pre>
> - reject, defer, <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
> - </pre>
> - </blockquote>
> - 
>   <p>
> --- 10003,10016 ----
>   
> ! <DT><b><a name="smtpd_client_restrictions">smtpd_client_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional SMTP server access restrictions in the context of a client
> ! SMTP connection request.
>   </p>
>   
>   <p>
> ! The default is to allow all connection requests.
>   </p>
>   
>   <p>
> ***************
> *** 13356,13359 ****
>   <p>
> ! The following restrictions are specific to the recipient address
> ! that is received with the RCPT TO command.
>   </p>
> --- 10023,10026 ----
>   <p>
> ! The following restrictions are specific to client hostname or
> ! client network address information.
>   </p>
> ***************
> *** 13362,13503 ****
>   
> ! <dt><b><a name="check_recipient_access">check_recipient_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the resolved RCPT
> ! TO address, domain, parent domains, or localpart@, and execute the
> ! corresponding action.  </dd>
>   
> ! <dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> ! the RCPT TO domain, and execute the corresponding action.  Note:
> ! a result of "OK" is not allowed for safety reasons. Instead, use
> ! DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later. </dd>
>   
> ! <dt><b><a name="check_recipient_ns_access">check_recipient_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> ! for the RCPT TO domain, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="permit_auth_destination">permit_auth_destination</a></b></dt>
>   
> ! <dd>Permit the request when one of the following is true:
>   
> ! <ul>
>   
> ! <li> Postfix is mail forwarder: the resolved RCPT TO domain matches
> ! $<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and the address contains no
> ! sender-specified routing (user at elsewhere@domain),
>   
> ! <li> Postfix is the final destination: the resolved RCPT TO domain
> ! matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
> ! $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and the address
> ! contains no sender-specified routing (user at elsewhere@domain).
>   
> ! </ul></dd>
>   
> ! <dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
>   
> ! <dd>Permit the request when the local mail system is backup MX for
> ! the RCPT TO domain, or when the domain is an authorized destination
> ! (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
>   
> ! <ul>
>   
> ! <li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> does not accept addresses that have
> ! sender-specified routing information (example: user at elsewhere@domain).
>   
> ! <li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> can be vulnerable to mis-use when
> ! access is not restricted with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>.
>   
> ! <li> Safety: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> no longer
> ! accepts the address when the local mail system is primary MX for
> ! the recipient domain.  Exception: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> accepts the address
> ! when it specifies an authorized destination (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
> ! for definition).
>   
> ! <li> Limitation: mail may be rejected in case of a temporary DNS
> ! lookup problem with Postfix prior to version 2.0.
>   
> ! </ul></dd>
>   
> ! <dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
>   
> ! <dd>Reject the request when the RCPT TO address is not in
> ! fully-qualified domain form, as required by the RFC. <br> The
> ! <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
> ! rejected requests (default: 504). </dd>
>   
> ! <dt><b><a name="reject_rhsbl_recipient">reject_rhsbl_recipient <i>rbl_domain=d.d.d.d</i></a></b></dt>
>   
> ! <dd>Reject the request when the RCPT TO domain is listed with the
> ! A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
> ! 2.1 and later only).  Each "<i>d</i>" is a number, or a pattern
> ! inside "[]" that contains one or more ";"-separated numbers or
> ! number..number ranges (Postfix version 2.8 and later). If no
> ! "<i>=d.d.d.d</i>" is specified, reject
> ! the request when the RCPT TO domain is listed with
> ! any A record under <i>rbl_domain</i>. <br> The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a>
> ! parameter specifies the response code for rejected requests (default:
> ! 554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter specifies the default server
> ! reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter specifies tables with server
> ! replies indexed by <i>rbl_domain</i>.  This feature is available
> ! in Postfix version 2.0 and later.</dd>
>   
> ! <dt><b><a name="reject_unauth_destination">reject_unauth_destination</a></b></dt>
>   
> ! <dd>Reject the request unless one of the following is true:
>   
> ! <ul>
>   
> ! <li> Postfix is mail forwarder: the resolved RCPT TO domain matches
> ! $<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and contains no sender-specified
> ! routing (user at elsewhere@domain),
>   
> ! <li> Postfix is the final destination: the resolved RCPT TO domain
> ! matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
> ! $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and contains
> ! no sender-specified routing (user at elsewhere@domain).
>   
> ! </ul> The <a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> parameter specifies the response
> ! code for rejected requests (default: 554). </dd>
>   
> ! <dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
>   
> ! <dd>Reject the request when Postfix is not final destination for
> ! the recipient domain, and the RCPT TO domain has 1) no DNS A or MX
> ! record or 2) a malformed MX record such as a record with
> ! a zero-length MX hostname (Postfix version 2.3 and later). <br> The
> ! <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies the numerical
> ! response code for rejected requests (default: 450).  The response
> ! is always 450 in case of a temporary DNS error. <br> The
> ! <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> parameter specifies the action
> ! after a temporary DNS error (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).  </dd>
>   
> ! <dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (with Postfix version 2.0: check_recipient_maps)</dt>
>   
> ! <dd> Reject the request when the RCPT TO address is not listed in
> ! the list of valid recipients for its domain class. See the
> ! <a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> parameter description for details.
> ! This feature is available in Postfix 2.1 and later.</dd>
>   
> ! <dt><b><a name="reject_unverified_recipient">reject_unverified_recipient</a></b></dt>
>   
> ! <dd>Reject the request when mail to the RCPT TO address is known
> ! to bounce, or when the recipient address destination is not reachable.
> ! Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
> ! see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details.  <br> The
> ! <a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> parameter specifies the numerical
> ! response code when an address is known to bounce (default: 450,
> ! change into 550 when you are confident that it is safe to do so).
> ! <br>The <a href="postconf.5.html#unverified_recipient_defer_code">unverified_recipient_defer_code</a> parameter specifies the
> ! numerical response code when an address probe failed due to a
> ! temporary problem (default: 450). <br> The
> ! <a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a> parameter specifies the action
> ! after addres probe failure due to a temporary problem (default:
> ! <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).  <br>  This feature is available in Postfix 2.1
> ! and later.  </dd>
>   
> --- 10029,10245 ----
>   
> ! <dt><b><a name="check_ccert_access">check_ccert_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd> Use the client certificate fingerprint as lookup key for the
> ! specified <a href="access.5.html">access(5)</a> database; with Postfix version 2.2, also require that
> ! the SMTP client certificate is verified successfully.
> ! The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  This feature is available with Postfix version
> ! 2.2 and later. </dd>
>   
> ! <dt><b><a name="check_client_access">check_client_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified access database for the client hostname,
> ! parent domains, client IP address, or networks obtained by stripping
> ! least significant octets. See the <a href="access.5.html">access(5)</a> manual page for details. </dd>
>   
> ! <dt><b><a name="check_reverse_client_hostname_access">check_reverse_client_hostname_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified access database for the unverified reverse
> ! client hostname, parent domains, client IP address, or networks
> ! obtained by stripping least significant octets. See the <a href="access.5.html">access(5)</a>
> ! manual page for details.  Note: a result of "OK" is not allowed for
> ! safety reasons.  Instead, use DUNNO in order to exclude specific
> ! hosts from blacklists.  This feature is available in Postfix 2.6
> ! and later.</dd>
>   
> ! <dt><b><a name="permit_inet_interfaces">permit_inet_interfaces</a></b></dt>
>   
> ! <dd>Permit the request when the client IP address matches
> ! $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>. </dd>
>   
> ! <dt><b><a name="permit_mynetworks">permit_mynetworks</a></b></dt>
>   
> ! <dd>Permit the request when the client IP address matches any
> ! network or network address listed in  $<a href="postconf.5.html#mynetworks">mynetworks</a>. </dd>
>   
> ! <dt><b><a name="permit_sasl_authenticated">permit_sasl_authenticated</a></b></dt>
> ! 
> ! <dd> Permit the request when the client is successfully
> ! authenticated via the <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH) protocol. </dd>
> ! 
> ! <dt><b><a name="permit_tls_all_clientcerts">permit_tls_all_clientcerts</a></b></dt>
> ! 
> ! <dd> Permit the request when the remote SMTP client certificate is
> ! verified successfully.  This option must be used only if a special
> ! CA issues the certificates and only this CA is listed as trusted
> ! CA, otherwise all clients with a recognized certificate would be
> ! allowed to relay. This feature is available with Postfix version 2.2.</dd>
> ! 
> ! <dt><b><a name="permit_tls_clientcerts">permit_tls_clientcerts</a></b></dt>
> ! 
> ! <dd>Permit the request when the remote SMTP client certificate
> ! fingerprint is listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
> ! The fingerprint digest algorithm is configurable via the
> ! <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
> ! Postfix version 2.5).  This feature is available with Postfix version
> ! 2.2. </dd>
> ! 
> ! <dt><b><a name="reject_rbl_client">reject_rbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the reversed client network address is
> ! listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
> ! (Postfix version 2.1 and later only).  If no "<i>=d.d.d.d</i>" is
> ! specified, reject the request when the reversed client network
> ! address is listed with any A record under <i>rbl_domain</i>. <br>
> ! The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
> ! rejected requests (default:  554), the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a>  parameter
> ! specifies the default server reply, and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a>  parameter
> ! specifies tables with server replies indexed by <i>rbl_domain</i>.
> ! This feature is available in Postfix 2.0 and later.  </dd>
> ! 
> ! <dt><b><a name="reject_rhsbl_client">reject_rhsbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the client hostname is listed with the
> ! A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
> ! 2.1 and later only).  If no "<i>=d.d.d.d</i>" is specified, reject
> ! the request when the client hostname is listed with
> ! any A record under <i>rbl_domain</i>. See the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>
> ! description above for additional RBL related configuration parameters.
> ! This feature is available in Postfix 2.0 and later.  </dd>
> ! 
> ! <dt><b><a name="reject_unknown_client_hostname">reject_unknown_client_hostname</a></b> (with Postfix < 2.3: reject_unknown_client)</dt>
> ! 
> ! <dd>Reject the request when 1) the client IP address->name mapping
> ! fails, 2) the name->address mapping fails, or 3) the name->address
> ! mapping does not match the client IP address.  <br> This is a
> ! stronger restriction than the <a href="postconf.5.html#reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a>
> ! feature, which triggers only under condition 1) above. <br> The
> ! <a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response code
> ! for rejected requests (default: 450). The reply is always 450 in
> ! case the address->name or name->address lookup failed due to
> ! a temporary problem. </dd>
>   
> ! <dt><b><a name="reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a></b></dt>
>   
> ! <dd>Reject the request when the client IP address has no address->name
> ! mapping. <br> This is a weaker restriction than the
> ! <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> feature, which requires not only
> ! that the address->name and name->address mappings exist, but
> ! also that the two mappings reproduce the client IP address.  <br>
> ! The <a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response
> ! code for rejected requests (default: 450).  The reply is always 450
> ! in case the address->name lookup failed due to a temporary
> ! problem. <br> This feature is available in Postfix 2.3 and
> ! later.  </dd>
>   
> ! </dl>
>   
> ! <p>
> ! In addition, you can use any of the following <a name="generic">
> ! generic</a> restrictions.  These restrictions are applicable in
> ! any SMTP command context.
> ! </p>
>   
> ! <dl>
>   
> ! <dt><b><a name="check_policy_service">check_policy_service <i>servername</i></a></b></dt>
>   
> ! <dd>Query the specified policy server. See the <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a>
> ! document for details. This feature is available in Postfix 2.1
> ! and later. </dd>
>   
> ! <dt><b><a name="defer">defer</a></b></dt>
>   
> ! <dd>Defer the request. The client is told to try again later. This
> ! restriction is useful at the end of a restriction list, to make
> ! the default policy explicit. <br> The <a href="postconf.5.html#defer_code">defer_code</a> parameter specifies
> ! the SMTP server reply code (default: 450).</dd>
>   
> ! <dt><b><a name="defer_if_permit">defer_if_permit</a></b></dt>
>   
> ! <dd>Defer the request if some later restriction would result in an
> ! explicit or implicit PERMIT action.  This is useful when a blacklisting
> ! feature fails due to a temporary problem.  This feature is available
> ! in Postfix version 2.1 and later.  </dd>
>   
> ! <dt><b><a name="defer_if_reject">defer_if_reject</a></b></dt>
>   
> ! <dd>Defer the request if some later restriction would result in a
> ! REJECT action.  This is useful when a whitelisting feature fails
> ! due to a temporary problem.  This feature is available in Postfix
> ! version 2.1 and later.  </dd>
>   
> ! <dt><b><a name="permit">permit</a></b></dt>
>   
> ! <dd>Permit the request. This restriction is useful at the end of
> ! a restriction list, to make the default policy explicit.</dd>
>   
> ! <dt><b><a name="reject_multi_recipient_bounce">reject_multi_recipient_bounce</a></b></dt>
>   
> ! <dd>Reject the request when the envelope sender is the null address,
> ! and the message has multiple envelope recipients. This usage has
> ! rare but legitimate applications: under certain conditions,
> ! multi-recipient mail that was posted with the DSN option NOTIFY=NEVER
> ! may be forwarded with the null sender address.
> ! <br> Note: this restriction can only work reliably
> ! when used in <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> or
> ! <a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>, because the total number of
> ! recipients is not known at an earlier stage of the SMTP conversation.
> ! Use at the RCPT stage will only reject the second etc.  recipient.
> ! <br>
> ! The <a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> parameter specifies the
> ! response code for rejected requests (default:  550).  This feature
> ! is available in Postfix 2.1 and later. </dd>
>   
> ! <dt><b><a name="reject_plaintext_session">reject_plaintext_session</a></b></dt>
>   
> ! <dd>Reject the request when the connection is not encrypted. This
> ! restriction should not be used before the client has had a chance
> ! to negotiate encryption with the AUTH or STARTTLS commands.
> ! <br>
> ! The <a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> parameter specifies the response
> ! code for rejected requests (default:  450).  This feature is available
> ! in Postfix 2.3 and later. </dd>
>   
> ! <dt><b><a name="reject_unauth_pipelining">reject_unauth_pipelining</a></b></dt>
>   
> ! <dd>Reject the request when the client sends SMTP commands ahead
> ! of time where it is not allowed, or when the client sends SMTP
> ! commands ahead of time without knowing that Postfix actually supports
> ! ESMTP command pipelining. This stops mail from bulk mail software
> ! that improperly uses ESMTP command pipelining in order to speed up
> ! deliveries. <br> Note: <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> is not useful
> ! outside <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> when 1) the client uses ESMTP (EHLO
> ! instead of HELO) and 2) with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes" (the
> ! default).  The use of <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> in the other
> ! restriction contexts is therefore not recommended.  </dd>
>   
> ! <dt><b><a name="reject">reject</a></b></dt>
>   
> ! <dd>Reject the request. This restriction is useful at the end of
> ! a restriction list, to make the default policy explicit.  The
> ! <a href="postconf.5.html#reject_code">reject_code</a> configuration parameter specifies the response code to
> ! rejected requests (default: 554).</dd>
>   
> ! <dt><b><a name="sleep">sleep <i>seconds</i></a></b></dt>
>   
> ! <dd>Pause for the specified number of seconds and proceed with
> ! the next restriction in the list, if any. This may stop zombie
> ! mail when used as:
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
> !         sleep 1, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
> !     <a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = no
> ! </pre>
> ! This feature is available in Postfix 2.3. </dd>
> ! 
> ! <dt><b><a name="warn_if_reject">warn_if_reject</a></b></dt>
> ! 
> ! <dd>Change the meaning of the next restriction, so that it logs
> ! a warning instead of rejecting a request (look for logfile records
> ! that contain "reject_warning"). This is useful for testing new
> ! restrictions in a "live" environment without risking unnecessary
> ! loss of mail. </dd>
>   
> ***************
> *** 13511,13518 ****
>   
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> ! 
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>.
>   
> --- 10253,10261 ----
>   
> ! <li> SMTP command specific restrictions that are described under
> ! the <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>, <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> parameters. When helo, sender or
> ! recipient restrictions are listed under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>,
> ! they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
> ! $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> is evaluated at the time of the RCPT TO
> ! command.
>   
> ***************
> *** 13525,13527 ****
>   <pre>
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
>   </pre>
> --- 10268,10270 ----
>   <pre>
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a>
>   </pre>
> ***************
> *** 13531,13608 ****
>   
> ! <DT><b><a name="smtpd_reject_footer">smtpd_reject_footer</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Optional information that is appended after each Postfix SMTP
> ! server
> ! 4XX or 5XX response. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> = For assistance, call 800-555-0101.
> !      Please provide the following information in your problem report:
> !      time ($localtime), client ($client_address) and server
> !      ($server_name).
> ! </pre>
>   
> ! <p> Server response: </p>
>   
> ! <pre>
> !     550-5.5.1 <user at example> Recipient address rejected: User unknown
> !     550 5.5.1 For assistance, call 800-555-0101. Please provide the
> !     following information in your problem report: time (Jan 4 15:42:00),
> !     client (192.168.1.248) and server (mail1.example.com).
> ! </pre>
>   
> ! <p> Note: the above text is meant to make it easier to find the
> ! Postfix logfile records for a failed SMTP session. The text itself
> ! is not logged to the Postfix SMTP server's maillog file. </p>
>   
> ! <p> Be sure to keep the text as short as possible. Long text may
> ! be truncated before it is logged to the remote SMTP client's maillog
> ! file, or before it is returned to the sender in a delivery status
> ! notification.  </p>
>   
> ! <p> This feature supports a limited number of $name attributes in
> ! the footer text. These are replaced by their current value for the
> ! SMTP session: </p>
>   
> ! <dl>
>   
> ! <dt> <b>client_address</b> </dt> <dd> The Client IP address that
> ! is logged in the maillog file. </dd>
>   
> - <dt> <b>client_port</b> </dt> <dd> The client TCP port that is
> - logged in the maillog file. </dd>
>   
> ! <dt> <b>localtime</b> </dt> <dd> The server local time (Mmm dd
> ! hh:mm:ss) that is logged in the maillog file. </dd>
>   
> ! <dt> <b>server_name</b> </dt> <dd> The server's <a href="postconf.5.html#myhostname">myhostname</a> value.
> ! This attribute is made available for sites with multiple MTAs
> ! (perhaps behind a load-balancer), where the server name can help
> ! the server support team to quickly find the right log files.  </dd>
>   
> ! </dl>
>   
> ! <p> Notes: </p>
>   
> ! <ul>
>   
> - <li> <p> NOT SUPPORTED are other attributes such as sender, recipient,
> - or <a href="postconf.5.html">main.cf</a> parameters.  </p>
>   
> ! <li> <p> For safety reasons, text that does not match
> ! $<a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> is censored. </p>
>   
> ! </ul>
>   
> ! <p> This feature supports the two-character sequence \n as a request
> ! for a line break in the footer text. Postfix automatically inserts
> ! after each line break the three-digit SMTP reply code (and optional
> ! enhanced status code) from the original Postfix reject message.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 10274,10362 ----
>   
> ! <DT><b><a name="smtpd_data_restrictions">smtpd_data_restrictions</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional access restrictions that the Postfix SMTP server applies
> ! in the context of the SMTP DATA command.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ! <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
> ! </p>
>   
> ! <p>
> ! The following restrictions are valid in this context:
> ! </p>
>   
> ! <ul>
>   
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
>   
> ! </ul>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
> ! <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a>
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Postpone the start of an SMTP mail transaction until a valid
> ! RCPT TO command is received. Specify "no" to create a mail transaction
> ! as soon as the SMTP server receives a valid MAIL FROM command. </p>
>   
> ! <p> With sites that reject lots of mail, the default setting reduces
> ! the use of
> ! disk, CPU and memory resources. The downside is that rejected
> ! recipients are logged with NOQUEUE instead of a mail transaction
> ! ID. This complicates the logfile analysis of multi-recipient mail.
> ! </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_delay_reject">smtpd_delay_reject</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Wait until the RCPT TO command before evaluating
> ! $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
> ! $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until the ETRN command before
> ! evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
> ! </p>
> ! 
> ! <p>
> ! This feature is turned on by default because some clients apparently
> ! mis-behave when the Postfix SMTP server rejects commands before
> ! RCPT TO.
>   </p>
>   
> ! <p>
> ! The default setting has one major benefit: it allows Postfix to log
> ! recipient address information when rejecting a client name/address
> ! or sender address, so that it is possible to find out whose mail
> ! is being rejected.
> ! </p>
>   
> ***************
> *** 13611,13641 ****
>   
> ! <DT><b><a name="smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Request that the Postfix SMTP server rejects mail for unknown
> ! recipient addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a>
> ! access restriction is specified. This prevents the Postfix queue
> ! from filling up with undeliverable MAILER-DAEMON messages.
> ! </p>
>   
> ! <p> An address is always considered "known" when it matches a
> ! <a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping.
>   
> ! <ul>
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
> ! $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
> ! recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
> ! recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
> ! is not null.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the recipient
> ! is not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
> ! is not null.
>   
> --- 10365,10398 ----
>   
> ! <DT><b><a name="smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Lookup tables, indexed by the remote SMTP client address, with
> ! case insensitive lists of EHLO keywords (pipelining, starttls, auth,
> ! etc.) that the SMTP server will not send in the EHLO response to a
> ! remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> for details.
> ! The table is not searched by hostname for robustness reasons.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. </p>
> ! 
> ! 
> ! </DD>
>   
> ! <DT><b><a name="smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> A case insensitive list of EHLO keywords (pipelining, starttls,
> ! auth, etc.) that the SMTP server will not send in the EHLO response
> ! to a remote SMTP client. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p> Notes: </p>
>   
> ! <ul>
>   
> ! <li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
> ! this action from being logged. </p>
>   
> ! <li> <p> Use the <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> feature
> ! to discard EHLO keywords selectively.  </p>
>   
> ***************
> *** 13643,13648 ****
>   
> - <p>
> - This feature is available in Postfix 2.1 and later.
> - </p>
> - 
>   
> --- 10400,10401 ----
> ***************
> *** 13650,13684 ****
>   
> ! <DT><b><a name="smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Request that the Postfix SMTP server rejects mail from unknown
> ! sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
> ! access restriction is specified. This can slow down an explosion
> ! of forged mail from worms or viruses.  </p>
>   
> ! <p> An address is always considered "known" when it matches a
> ! <a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping.
>   
> ! <ul>
>   
> - <li> The sender domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
> - $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the sender is not listed in
> - $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the sender
> ! is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
> ! sender is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
> ! is not null.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the sender is
> ! not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> is
> ! not null.
>   
> ! </ul>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> --- 10403,10434 ----
>   
> ! <DT><b><a name="smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Optional access restrictions that the Postfix SMTP server
> ! applies in the context of the SMTP END-OF-DATA command. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. </p>
>   
> ! <p> See <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> for syntax details. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_enforce_tls">smtpd_enforce_tls</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Mandatory TLS: announce STARTTLS support to SMTP clients,
> ! and require that clients use TLS encryption.  According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a>
> ! this MUST NOT be applied in case of a publicly-referenced SMTP
> ! server.  This option is off by default and should be used only on
> ! dedicated servers. </p>
>   
> ! <p> Note 1: "<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> = yes" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
>   
> ! <p> Note 2: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
> ! STARTTLS due to insufficient privileges to access the server private
> ! key. This is intended behavior. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
>   
> ***************
> *** 13687,13701 ****
>   
> ! <DT><b><a name="smtpd_restriction_classes">smtpd_restriction_classes</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! User-defined aliases for groups of access restrictions. The aliases
> ! can be specified in <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> etc., and on the
> ! right-hand side of a Postfix <a href="access.5.html">access(5)</a> table.
>   </p>
>   
> ! <p>
> ! One major application is for implementing per-recipient UCE control.
> ! See the <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a> document for other examples.
> ! </p>
>   
> --- 10437,10450 ----
>   
> ! <DT><b><a name="smtpd_error_sleep_time">smtpd_error_sleep_time</a>
> ! (default: 1s)</b></DT><DD>
>   
> ! <p>With Postfix version 2.1 and later: the SMTP server response delay after
> ! a client has made more than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and
> ! fewer than $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering mail.
>   </p>
>   
> ! <p>With Postfix version 2.0 and earlier: the SMTP server delay before
> ! sending a reject (4xx or 5xx) response, when the client has made
> ! fewer than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors without delivering
> ! mail. </p>
>   
> ***************
> *** 13704,13714 ****
>   
> ! <DT><b><a name="smtpd_sasl_application_name">smtpd_sasl_application_name</a>
> ! (default: smtpd)</b></DT><DD>
>   
>   <p>
> ! The application name that the Postfix SMTP server uses for SASL
> ! server initialization. This
> ! controls the name of the SASL configuration file. The default value
> ! is <b>smtpd</b>, corresponding to a SASL configuration file named
> ! <b>smtpd.conf</b>.
>   </p>
> --- 10453,10460 ----
>   
> ! <DT><b><a name="smtpd_etrn_restrictions">smtpd_etrn_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional SMTP server access restrictions in the context of a client
> ! ETRN request.
>   </p>
> ***************
> *** 13716,13730 ****
>   <p>
> ! This feature is available in Postfix 2.1 and 2.2. With Postfix 2.3
> ! it was renamed to <a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.
>   </p>
>   
> - 
> - </DD>
> - 
> - <DT><b><a name="smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>
> - (default: no)</b></DT><DD>
> - 
>   <p>
> ! Enable SASL authentication in the Postfix SMTP server. By default,
> ! the Postfix SMTP server does not use authentication.
>   </p>
> --- 10462,10473 ----
>   <p>
> ! The Postfix ETRN implementation accepts only destinations that are
> ! eligible for the Postfix "fast flush" service. See the <a href="ETRN_README.html">ETRN_README</a>
> ! file for details.
>   </p>
>   
>   <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
>   </p>
> ***************
> *** 13732,13768 ****
>   <p>
> ! If a remote SMTP client is authenticated, the <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>
> ! access restriction can be used to permit relay access, like this:
>   </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
> !     <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, ...
> ! </pre>
> ! </blockquote>
>   
> ! <p> To reject all SMTP connections from unauthenticated clients,
> ! specify "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes" (which is the default) and use:
> ! </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, reject
> ! </pre>
> ! </blockquote>
>   
>   <p>
> ! See the <a href="SASL_README.html">SASL_README</a> file for SASL configuration and operation details.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Report the SASL authenticated user name in the <a href="smtpd.8.html">smtpd(8)</a> Received
> ! message header.  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later.  </p>
>   
> --- 10475,10511 ----
>   <p>
> ! The following restrictions are specific to the domain name information
> ! received with the ETRN command.
>   </p>
>   
> ! <dl>
>   
> ! <dt><b><a name="check_etrn_access">check_etrn_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified access database for the ETRN domain name
> ! or its parent domains. See the <a href="access.5.html">access(5)</a> manual page for details.
> ! </dd>
> ! 
> ! </dl>
>   
>   <p>
> ! Other restrictions that are valid in this context:
>   </p>
>   
> + <ul>
>   
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
>   
> ! </ul>
>   
> ! <p>
> ! Example:
> ! </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, reject
> ! </pre>
>   
> ***************
> *** 13771,13778 ****
>   
> ! <DT><b><a name="smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! What remote SMTP clients the Postfix SMTP server will not offer
> ! AUTH support to.
>   </p>
> --- 10514,10522 ----
>   
> ! <DT><b><a name="smtpd_expansion_filter">smtpd_expansion_filter</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
>   <p>
> ! What characters are allowed in $name expansions of RBL reply
> ! templates. Characters not in the allowed set are replaced by "_".
> ! Use C like escapes to specify special characters such as whitespace.
>   </p>
> ***************
> *** 13780,13785 ****
>   <p>
> ! Some clients (Netscape 4 at least) have a bug that causes them to
> ! require a login and password whenever AUTH is offered, whether it's
> ! necessary or not. To work around this, specify, for example,
> ! $<a href="postconf.5.html#mynetworks">mynetworks</a> to prevent Postfix from offering AUTH to local clients.
>   </p>
> --- 10524,10526 ----
>   <p>
> ! This parameter is not subjected to $parameter expansion.
>   </p>
> ***************
> *** 13787,13815 ****
>   <p>
> ! Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also "/file/name" or
> ! "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name" pattern is replaced by its
> ! contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table entry
> ! matches a lookup string (the lookup result is ignored).  Continue
> ! long lines by starting the next line with whitespace. Specify
> ! "!pattern" to exclude an address or network block from the list.
> ! The form "!/file/name" is supported only in Postfix version 2.4 and
> ! later.  </p>
>   
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
>   
>   <p>
> ! Example:
>   </p>
>   
> - <pre>
> - <a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
> - </pre>
> - 
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> --- 10528,10548 ----
>   <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_forbidden_commands">smtpd_forbidden_commands</a>
> ! (default: CONNECT, GET, POST)</b></DT><DD>
>   
>   <p>
> ! List of commands that causes the Postfix SMTP server to immediately
> ! terminate the session with a 221 code. This can be used to disconnect
> ! clients that obviously attempt to abuse the system. In addition to the
> ! commands listed in this parameter, commands that follow the "Label:"
> ! format of message headers will also cause a disconnect.
>   </p>
>   
>   <p>
> ! This feature is available in Postfix 2.2 and later.
>   </p>
> ***************
> *** 13819,13830 ****
>   
> ! <DT><b><a name="smtpd_sasl_local_domain">smtpd_sasl_local_domain</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! The name of the Postfix SMTP server's local SASL authentication
> ! realm.
>   </p>
>   
>   <p>
> ! By default, the local authentication realm name is the null string.
>   </p>
> --- 10552,10571 ----
>   
> ! <DT><b><a name="smtpd_hard_error_limit">smtpd_hard_error_limit</a>
> ! (default: 20)</b></DT><DD>
>   
>   <p>
> ! The maximal number of errors a remote SMTP client is allowed to
> ! make without delivering mail. The Postfix SMTP server disconnects
> ! when the limit is exceeded.
>   </p>
>   
> + 
> + </DD>
> + 
> + <DT><b><a name="smtpd_helo_required">smtpd_helo_required</a>
> + (default: no)</b></DT><DD>
> + 
>   <p>
> ! Require that a remote SMTP client introduces itself at the beginning
> ! of an SMTP session with the HELO or EHLO command.
>   </p>
> ***************
> *** 13832,13834 ****
>   <p>
> ! Examples:
>   </p>
> --- 10573,10575 ----
>   <p>
> ! Example:
>   </p>
> ***************
> *** 13836,13839 ****
>   <pre>
> ! <a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
> ! <a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
>   </pre>
> --- 10577,10579 ----
>   <pre>
> ! <a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes
>   </pre>
> ***************
> *** 13843,13874 ****
>   
> ! <DT><b><a name="smtpd_sasl_path">smtpd_sasl_path</a>
> ! (default: smtpd)</b></DT><DD>
> ! 
> ! <p> Implementation-specific information that the Postfix SMTP server
> ! passes through to
> ! the SASL plug-in implementation that is selected with
> ! <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  Typically this specifies the name of a
> ! configuration file or rendezvous point. </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later. In earlier
> ! releases it was called <b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a></b>. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_sasl_security_options">smtpd_sasl_security_options</a>
> ! (default: noanonymous)</b></DT><DD>
>   
> ! <p> Postfix SMTP server SASL security options; as of Postfix 2.3
> ! the list of available
> ! features depends on the SASL server implementation that is selected
> ! with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  </p>
>   
> ! <p> The following security features are defined for the <b>cyrus</b>
> ! server SASL implementation: </p>
>   
>   <p>
> ! Restrict what authentication mechanisms the Postfix SMTP server
> ! will offer to the client.  The list of available authentication
> ! mechanisms is system dependent.
>   </p>
> --- 10583,10601 ----
>   
> ! <DT><b><a name="smtpd_helo_restrictions">smtpd_helo_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional restrictions that the Postfix SMTP server applies in the
> ! context of the SMTP HELO command.
> ! </p>
>   
> ! <p>
> ! The default is to permit everything.
> ! </p>
>   
>   <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
>   </p>
> ***************
> *** 13876,13878 ****
>   <p>
> ! Specify zero or more of the following:
>   </p>
> --- 10603,10606 ----
>   <p>
> ! The following restrictions are specific to the hostname information
> ! received with the HELO or EHLO command.
>   </p>
> ***************
> *** 13881,13907 ****
>   
> ! <dt><b>noplaintext</b></dt>
>   
> ! <dd>Disallow methods that use plaintext passwords. </dd>
>   
> ! <dt><b>noactive</b></dt>
>   
> ! <dd>Disallow methods subject to active (non-dictionary) attack. </dd>
>   
> ! <dt><b>nodictionary</b></dt>
>   
> ! <dd>Disallow methods subject to passive (dictionary) attack. </dd>
>   
> ! <dt><b>noanonymous</b></dt>
>   
> ! <dd>Disallow methods that allow anonymous authentication. </dd>
>   
> ! <dt><b>forward_secrecy</b></dt>
>   
> ! <dd>Only allow methods that support forward secrecy (Dovecot only).
>   </dd>
>   
> ! <dt><b>mutual_auth</b></dt>
>   
> ! <dd>Only allow methods that provide mutual authentication (not available
> ! with Cyrus SASL version 1). </dd>
>   
> --- 10609,10661 ----
>   
> ! <dt><b><a name="check_helo_access">check_helo_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the HELO or EHLO
> ! hostname or parent domains, and execute the corresponding action.
> ! </dd>
>   
> ! <dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> ! the HELO or EHLO hostname, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="check_helo_ns_access">check_helo_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> ! for the HELO or EHLO hostname, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="reject_invalid_helo_hostname">reject_invalid_helo_hostname</a></b> (with Postfix < 2.3: reject_invalid_hostname)</dt>
>   
> ! <dd>Reject the request when the HELO or EHLO hostname syntax is
> ! invalid. <br> The <a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> specifies the response
> ! code to rejected requests (default: 501).</dd>
>   
> ! <dt><b><a name="reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a></b> (with Postfix < 2.3: reject_non_fqdn_hostname)</dt>
>   
> ! <dd>Reject the request when the HELO or EHLO hostname is not in
> ! fully-qualified domain form, as required by the RFC. <br> The
> ! <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code to
> ! rejected requests (default: 504).</dd>
> ! 
> ! <dt><b><a name="reject_rhsbl_helo">reject_rhsbl_helo <i>rbl_domain=d.d.d.d</i></a></b></dt>
> ! 
> ! <dd>Reject the request when the HELO or EHLO hostname hostname is
> ! listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
> ! (Postfix version 2.1 and later only).  If no "<i>=d.d.d.d</i>" is
> ! specified, reject the request when the HELO or EHLO hostname is
> ! listed with any A record under <i>rbl_domain</i>. See the
> ! <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description for additional RBL related configuration
> ! parameters.  This feature is available in Postfix 2.0 and later.
>   </dd>
>   
> ! <dt><b><a name="reject_unknown_helo_hostname">reject_unknown_helo_hostname</a></b> (with Postfix < 2.3: reject_unknown_hostname)</dt>
>   
> ! <dd>Reject the request when the HELO or EHLO hostname has no DNS A
> ! or MX record. <br> The <a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> specifies the
> ! response code to rejected requests (default: 450). </dd>
>   
> ***************
> *** 13910,13926 ****
>   <p>
> ! By default, the Postfix SMTP server accepts plaintext passwords but
> ! not anonymous logins.
>   </p>
>   
> ! <p>
> ! Warning: it appears that clients try authentication methods in the
> ! order as advertised by the server (e.g., PLAIN ANONYMOUS CRAM-MD5)
> ! which means that if you disable plaintext passwords, clients will
> ! log in anonymously, even when they should be able to use CRAM-MD5.
> ! So, if you disable plaintext logins, disable anonymous logins too.
> ! Postfix treats anonymous login as no authentication.
> ! </p>
>   
>   <p>
> ! Example:
>   </p>
> --- 10664,10687 ----
>   <p>
> ! Other restrictions that are valid in this context:
>   </p>
>   
> ! <ul>
> ! 
> ! <li> <a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> ! 
> ! <li> Client hostname or network address specific restrictions
> ! described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
> ! 
> ! <li> SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.  When
> ! sender or recipient restrictions are listed under <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
> ! they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
> ! $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> is evaluated at the time of the RCPT TO
> ! command.
> ! 
> ! </ul>
>   
>   <p>
> ! Examples:
>   </p>
> ***************
> *** 13928,13930 ****
>   <pre>
> ! <a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> = noanonymous, noplaintext
>   </pre>
> --- 10689,10692 ----
>   <pre>
> ! <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
> ! <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>
>   </pre>
> ***************
> *** 13934,13942 ****
>   
> ! <DT><b><a name="smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a>
> ! (default: $<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a>)</b></DT><DD>
>   
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! server uses for TLS encrypted SMTP sessions. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 10696,10719 ----
>   
> ! <DT><b><a name="smtpd_history_flush_threshold">smtpd_history_flush_threshold</a>
> ! (default: 100)</b></DT><DD>
>   
> ! <p>
> ! The maximal number of lines in the Postfix SMTP server command history
> ! before it is flushed upon receipt of EHLO, RSET, or end of DATA.
> ! </p>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_junk_command_limit">smtpd_junk_command_limit</a>
> ! (default: 100)</b></DT><DD>
> ! 
> ! <p>
> ! The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
> ! SMTP client can send before the Postfix SMTP server starts to
> ! increment the error counter with each junk command.  The junk
> ! command count is reset after mail is delivered.  See also the
> ! <a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> and <a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> configuration
> ! parameters.
> ! </p>
>   
> ***************
> *** 13945,13952 ****
>   
> ! <DT><b><a name="smtpd_sasl_type">smtpd_sasl_type</a>
> ! (default: cyrus)</b></DT><DD>
>   
> ! <p> The SASL plug-in type that the Postfix SMTP server should use
> ! for authentication. The available types are listed with the
> ! "<b>postconf -a</b>" command. </p>
>   
> --- 10722,10729 ----
>   
> ! <DT><b><a name="smtpd_milters">smtpd_milters</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> A list of Milter (mail filter) applications for new mail that
> ! arrives via the Postfix <a href="smtpd.8.html">smtpd(8)</a> server.  See the <a href="MILTER_README.html">MILTER_README</a>
> ! document for details.  </p>
>   
> ***************
> *** 13957,13959 ****
>   
> ! <DT><b><a name="smtpd_sender_login_maps">smtpd_sender_login_maps</a>
>   (default: empty)</b></DT><DD>
> --- 10734,10736 ----
>   
> ! <DT><b><a name="smtpd_noop_commands">smtpd_noop_commands</a>
>   (default: empty)</b></DT><DD>
> ***************
> *** 13961,13993 ****
>   <p>
> ! Optional lookup table with the SASL login names that own sender
> ! (MAIL FROM) addresses.
>   </p>
>   
>   <p>
> ! Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup tables. With lookups from
> ! indexed files such as DB or DBM, or from networked tables such as
> ! NIS, LDAP or SQL, the following search operations are done with a
> ! sender address of <i>user at domain</i>:  </p>
>   
> - <dl>
>   
> ! <dt> 1) <i>user at domain</i> </dt>
>   
> ! <dd>This table lookup is always done and has the highest precedence. </dd>
>   
> ! <dt> 2) <i>user</i> </dt>
>   
> ! <dd>This table lookup is done only when the <i>domain</i> part of the
> ! sender address matches $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. </dd>
>   
> - <dt> 3) <i>@domain</i> </dt>
>   
> ! <dd>This table lookup is done last and has the lowest precedence. </dd>
>   
> ! </dl>
>   
>   <p>
> ! In all cases the result of table lookup must be either "not found"
> ! or a list of SASL login names separated by comma and/or whitespace.
>   </p>
> --- 10738,10782 ----
>   <p>
> ! List of commands that the Postfix SMTP server replies to with "250
> ! Ok", without doing any syntax checks and without changing state.
> ! This list overrides any commands built into the Postfix SMTP server.
>   </p>
>   
> + 
> + </DD>
> + 
> + <DT><b><a name="smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a>
> + (default: <>)</b></DT><DD>
> + 
>   <p>
> ! The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables instead of the
> ! null sender address.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_peername_lookup">smtpd_peername_lookup</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Attempt to look up the remote SMTP client hostname, and verify that
> ! the name matches the client IP address. A client name is set to
> ! "unknown" when it cannot be looked up or verified, or when name
> ! lookup is disabled.  Turning off name lookup reduces delays due to
> ! DNS lookup and increases the maximal inbound delivery rate. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a>
> ! (default: 300s)</b></DT><DD>
>   
>   <p>
> ! The time after which an idle SMTPD policy service connection is
> ! closed.
> ! </p>
> ! 
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
> ***************
> *** 13997,14006 ****
>   
> ! <DT><b><a name="smtpd_sender_restrictions">smtpd_sender_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
>   <p>
> ! Optional restrictions that the Postfix SMTP server applies in the
> ! context of the MAIL FROM command.
> ! See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
> ! restriction lists" for a discussion of evaluation context and time.
>   </p>
> --- 10786,10793 ----
>   
> ! <DT><b><a name="smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a>
> ! (default: 1000s)</b></DT><DD>
>   
>   <p>
> ! The time after which an active SMTPD policy service connection is
> ! closed.
>   </p>
> ***************
> *** 14008,14017 ****
>   <p>
> ! The default is to permit everything.
>   </p>
>   
>   <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
>   </p>
> --- 10795,10808 ----
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
> + 
> + </DD>
> + 
> + <DT><b><a name="smtpd_policy_service_timeout">smtpd_policy_service_timeout</a>
> + (default: 100s)</b></DT><DD>
> + 
>   <p>
> ! The time limit for connecting to, writing to or receiving from a
> ! delegated SMTPD policy server.
>   </p>
> ***************
> *** 14019,14130 ****
>   <p>
> ! The following restrictions are specific to the sender address
> ! received with the MAIL FROM command.
>   </p>
>   
> - <dl>
>   
> ! <dt><b><a name="check_sender_access">check_sender_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MAIL FROM
> ! address, domain, parent domains, or localpart@, and execute the
> ! corresponding action. </dd>
>   
> ! <dt><b><a name="check_sender_mx_access">check_sender_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> ! the MAIL FROM address, and execute the corresponding action.  Note:
> ! a result of "OK" is not allowed for safety reasons. Instead, use
> ! DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later. </dd>
>   
> - <dt><b><a name="check_sender_ns_access">check_sender_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> ! for the MAIL FROM address, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
> ! authenticated clients only. This feature is available in
> ! Postfix version 2.1 and later. </dd>
>   
> ! <dt><b><a name="reject_non_fqdn_sender">reject_non_fqdn_sender</a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM address is not in
> ! fully-qualified domain form, as required by the RFC. <br> The
> ! <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
> ! rejected requests (default: 504). </dd>
>   
> ! <dt><b><a name="reject_rhsbl_sender">reject_rhsbl_sender <i>rbl_domain=d.d.d.d</i></a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM domain is listed with
> ! the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix
> ! version 2.1 and later only).  Each "<i>d</i>" is a number, or a
> ! pattern inside "[]" that contains one or more ";"-separated numbers
> ! or number..number ranges (Postfix version 2.8 and later). If no
> ! "<i>=d.d.d.d</i>" is specified,
> ! reject the request when the MAIL FROM domain is
> ! listed with any A record under <i>rbl_domain</i>. <br> The
> ! <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
> ! rejected requests (default:  554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter
> ! specifies the default server reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter
> ! specifies tables with server replies indexed by <i>rbl_domain</i>.
> ! This feature is available in Postfix 2.0 and later.</dd>
>   
> - <dt><b><a name="reject_sender_login_mismatch">reject_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Reject the request when $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> specifies an
> ! owner for the MAIL FROM address, but the client is not (SASL) logged
> ! in as that MAIL FROM address owner; or when the client is (SASL)
> ! logged in, but the client login name doesn't own the MAIL FROM
> ! address according to $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.</dd>
>   
> ! <dt><b><a name="reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
> ! unauthenticated clients only. This feature is available in
> ! Postfix version 2.1 and later. </dd>
>   
> - <dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
>   
> ! <dd>Reject the request when Postfix is not final destination for
> ! the sender address, and the MAIL FROM domain has 1) no DNS A or MX
> ! record, or 2) a malformed MX record such as a record with
> ! a zero-length MX hostname (Postfix version 2.3 and later). <br> The
> ! <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies the numerical
> ! response code for rejected requests (default: 450).  The response
> ! is always 450 in case of a temporary DNS error. <br> The
> ! <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> parameter specifies the action
> ! after a temporary DNS error (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). </dd>
>   
> ! <dt><b><a name="reject_unlisted_sender">reject_unlisted_sender</a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM address is not listed in
> ! the list of valid recipients for its domain class. See the
> ! <a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> parameter description for details.
> ! This feature is available in Postfix 2.1 and later.</dd>
>   
> - <dt><b><a name="reject_unverified_sender">reject_unverified_sender</a></b></dt>
>   
> ! <dd>Reject the request when mail to the MAIL FROM address is known to
> ! bounce, or when the sender address destination is not reachable.
> ! Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
> ! see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details. <br> The
> ! <a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> parameter specifies the numerical
> ! response code when an address is known to bounce (default: 450,
> ! change into 550 when you are confident that it is safe to do so).
> ! <br>The <a href="postconf.5.html#unverified_sender_defer_code">unverified_sender_defer_code</a> specifies the numerical response
> ! code when an address address probe failed due to a temporary problem
> ! (default: 450).  <br> The <a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a> parameter
> ! specifies the action after address probe failure due to a temporary
> ! problem (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).  <br> This feature is available
> ! in Postfix 2.1 and later.  </dd>
>   
> ! </dl>
>   
>   <p>
> ! Other restrictions that are valid in this context:
>   </p>
> --- 10810,10909 ----
>   <p>
> ! This feature is available in Postfix 2.1 and later.
>   </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_proxy_ehlo">smtpd_proxy_ehlo</a>
> ! (default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
>   
> ! <p>
> ! How the Postfix SMTP server announces itself to the proxy filter.
> ! By default, the Postfix hostname is used.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_proxy_filter">smtpd_proxy_filter</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The hostname and TCP port of the mail filtering proxy server.
> ! The proxy receives all mail from the Postfix SMTP server, and is
> ! supposed to give the result to another Postfix SMTP server process.
> ! </p>
>   
> ! <p> Specify "host:port" or "inet:host:port" for a TCP endpoint, or
> ! "unix:pathname" for a UNIX-domain endpoint. The host can be specified
> ! as an IP address or as a symbolic name; no MX lookups are done.
> ! When no "host" or "host:"  are specified, the local machine is
> ! assumed.  Pathname interpretation is relative to the Postfix queue
> ! directory.  </p>
>   
> ! <p> This feature is available in Postfix 2.1 and later.  </p>
> ! 
> ! <p> The "inet:" and "unix:" prefixes are available in Postfix 2.3
> ! and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_proxy_timeout">smtpd_proxy_timeout</a>
> ! (default: 100s)</b></DT><DD>
> ! 
> ! <p>
> ! The time limit for connecting to a proxy filter and for sending or
> ! receiving information.  When a connection fails the client gets a
> ! generic error message while more detailed information is logged to
> ! the maillog file.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_recipient_limit">smtpd_recipient_limit</a>
> ! (default: 1000)</b></DT><DD>
>   
> ! <p>
> ! The maximal number of recipients that the Postfix SMTP server
> ! accepts per message delivery request.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a>
> ! (default: 1000)</b></DT><DD>
>   
> ! <p> The number of recipients that a remote SMTP client can send in
> ! excess of the limit specified with $<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before
> ! the Postfix SMTP server increments the per-session error count
> ! for each excess recipient.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>
> ! (default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b></DT><DD>
>   
>   <p>
> ! The access restrictions that the Postfix SMTP server applies in
> ! the context of the RCPT TO command.
> ! </p>
> ! 
> ! <p>
> ! By default, the Postfix SMTP server accepts:
>   </p>
> ***************
> *** 14133,14145 ****
>   
> ! <li> <a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li> SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
>   
> ! <li> SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>. When recipient restrictions are listed
> ! under <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, they have effect only with
> ! "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> is
> ! evaluated at the time of the RCPT TO command.
>   
> --- 10912,10922 ----
>   
> ! <li> Mail from clients whose IP address matches $<a href="postconf.5.html#mynetworks">mynetworks</a>, or:
>   
> ! <li> Mail to remote destinations that match $<a href="postconf.5.html#relay_domains">relay_domains</a>, except
> ! for addresses that contain sender-specified routing
> ! (user at elsewhere@domain), or:
>   
> ! <li> Mail to local destinations that match $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> ! or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or
> ! $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
>   
> ***************
> *** 14148,14354 ****
>   <p>
> ! Examples:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>,
> !     <a href="postconf.5.html#check_sender_access">check_sender_access</a> hash:/etc/postfix/access
>   </pre>
>   
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_service_name">smtpd_service_name</a>
> ! (default: smtpd)</b></DT><DD>
> ! 
> ! <p> The internal service that <a href="postscreen.8.html">postscreen(8)</a> hands off allowed
> ! connections to. In a future version there may be different
> ! classes of SMTP service. </p>
> ! 
> ! <p> This feature is available in Postfix 2.8. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_soft_error_limit">smtpd_soft_error_limit</a>
> ! (default: 10)</b></DT><DD>
>   
>   <p>
> ! The number of errors a remote SMTP client is allowed to make without
> ! delivering mail before the Postfix SMTP server slows down all its
> ! responses.
>   </p>
>   
> ! <ul>
>   
> ! <li><p>With Postfix version 2.1 and later, the Postfix SMTP server
> ! delays all responses by $<a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> seconds. </p>
>   
> ! <li><p>With Postfix versions 2.0 and earlier, the Postfix SMTP
> ! server delays all responses by (number of errors) seconds. </p>
>   
> ! </ul>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_starttls_timeout">smtpd_starttls_timeout</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The time limit for Postfix SMTP server write and read operations
> ! during TLS startup and shutdown handshake procedures. The current
> ! default value is stress-dependent. Before Postfix version 2.8, it
> ! was fixed at 300s. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_timeout">smtpd_timeout</a>
> ! (default: normal: 300s, overload: 10s)</b></DT><DD>
>   
> ! <p>
> ! The time limit for sending a Postfix SMTP server response and for
> ! receiving a remote SMTP client request. Normally the default limit
> ! is 300s, but it changes under overload to just 10s. With Postfix
> ! 2.5 and earlier, the SMTP server always uses a time limit of 300s
> ! by default.
> ! </p>
>   
> ! <p>
> ! Note: if you set SMTP time limits to very large values you may have
> ! to update the global <a href="postconf.5.html#ipc_timeout">ipc_timeout</a> parameter.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_CAfile">smtpd_tls_CAfile</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> A file containing (PEM format) CA certificates of root CAs trusted
> ! to sign either remote SMTP client certificates or intermediate CA
> ! certificates.  These are loaded into memory before the <a href="smtpd.8.html">smtpd(8)</a> server
> ! enters the chroot jail. If the number of trusted roots is large, consider
> ! using <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> instead, but note that the latter directory must
> ! be present in the chroot jail if the <a href="smtpd.8.html">smtpd(8)</a> server is chrooted. This
> ! file may also be used to augment the server certificate trust chain,
> ! but it is best to include all the required certificates directly in the
> ! server certificate file. </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> = /path/to/system_CA_file" to use ONLY
> ! the system-supplied default certificate authority certificates.
> ! </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
> ! appending the system-supplied default CAs and trusting third-party
> ! certificates. </p>
> ! 
> ! <p> By default (see <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>), client certificates are not
> ! requested, and <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> should remain empty. If you do make use
> ! of client certificates, the distinguished names (DNs) of the certificate
> ! authorities listed in <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> are sent to the remote SMTP client
> ! in the client certificate request message. MUAs with multiple client
> ! certificates may use the list of preferred certificate authorities
> ! to select the correct client certificate.  You may want to put your
> ! "preferred" CA or CAs in this file, and install other trusted CAs in
> ! $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> = /etc/postfix/CAcert.pem
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_CApath">smtpd_tls_CApath</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> A directory containing (PEM format) CA certificates of root CAs
> ! trusted to sign either remote SMTP client certificates or intermediate CA
> ! certificates. Do not forget to create the necessary "hash" links with,
> ! for example, "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs". To use
> ! <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> in chroot mode, this directory (or a copy) must be
> ! inside the chroot jail. </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> = /path/to/system_CA_directory" to
> ! use ONLY the system-supplied default certificate authority certificates.
> ! </p>
> ! 
> ! <p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
> ! appending the system-supplied default CAs and trusting third-party
> ! certificates. </p>
> ! 
> ! <p> By default (see <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>), client certificates are
> ! not requested, and <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> should remain empty. In contrast
> ! to <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, DNs of certificate authorities installed
> ! in $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> are not included in the client certificate
> ! request message. MUAs with multiple client certificates may use the
> ! list of preferred certificate authorities to select the correct
> ! client certificate.  You may want to put your "preferred" CA or
> ! CAs in $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, and install the remaining trusted CAs in
> ! $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> = /etc/postfix/certs
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Force the Postfix SMTP server to issue a TLS session id, even
> ! when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
> ! is empty). This behavior is compatible with Postfix < 2.3. </p>
>   
> ! <p> With Postfix 2.3 and later the Postfix SMTP server can disable
> ! session id generation when TLS session caching is turned off. This
> ! keeps remote SMTP clients from caching sessions that almost certainly cannot
> ! be re-used.  </p>
>   
> ! <p> By default, the Postfix SMTP server always generates TLS session
> ! ids. This works around a known defect in mail client applications
> ! such as MS Outlook, and may also prevent interoperability issues
> ! with other MTAs. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> = no
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Ask a remote SMTP client for a client certificate. This
> ! information is needed for certificate based mail relaying with,
> ! for example, the <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a> feature. </p>
>   
> ! <p> Some clients such as Netscape will either complain if no
> ! certificate is available (for the list of CAs in $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>)
> ! or will offer multiple client certificates to choose from. This
> ! may be annoying, so this option is "off" by default. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 10925,11107 ----
>   <p>
> ! IMPORTANT: If you change this parameter setting, you must specify
> ! at least one of the following restrictions. Otherwise Postfix will
> ! refuse to receive mail:
>   </p>
>   
> + <blockquote>
>   <pre>
> ! reject, defer, <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
>   </pre>
> + </blockquote>
>   
> ! <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
> ! </p>
>   
>   <p>
> ! The following restrictions are specific to the recipient address
> ! that is received with the RCPT TO command.
>   </p>
>   
> ! <dl>
>   
> ! <dt><b><a name="check_recipient_access">check_recipient_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the resolved RCPT
> ! TO address, domain, parent domains, or localpart@, and execute the
> ! corresponding action.  </dd>
>   
> ! <dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
> ! 
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> ! the RCPT TO domain, and execute the corresponding action.  Note:
> ! a result of "OK" is not allowed for safety reasons. Instead, use
> ! DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later. </dd>
>   
> + <dt><b><a name="check_recipient_ns_access">check_recipient_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> ! for the RCPT TO domain, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="permit_auth_destination">permit_auth_destination</a></b></dt>
>   
> ! <dd>Permit the request when one of the following is true:
>   
> ! <ul>
>   
> + <li> Postfix is mail forwarder: the resolved RCPT TO domain matches
> + $<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and the address contains no
> + sender-specified routing (user at elsewhere@domain),
>   
> ! <li> Postfix is the final destination: the resolved RCPT TO domain
> ! matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
> ! $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and the address
> ! contains no sender-specified routing (user at elsewhere@domain).
>   
> ! </ul></dd>
>   
> ! <dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
>   
> ! <dd>Permit the request when the local mail system is backup MX for
> ! the RCPT TO domain, or when the domain is an authorized destination
> ! (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
>   
> ! <ul>
>   
> + <li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> does not accept addresses that have
> + sender-specified routing information (example: user at elsewhere@domain).
>   
> ! <li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> can be vulnerable to mis-use when
> ! access is not restricted with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>.
>   
> ! <li> Safety: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> no longer
> ! accepts the address when the local mail system is primary MX for
> ! the recipient domain.  Exception: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> accepts the address
> ! when it specifies an authorized destination (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
> ! for definition).
>   
> ! <li> Limitation: mail may be rejected in case of a temporary DNS
> ! lookup problem with Postfix prior to version 2.0.
>   
> ! </ul></dd>
>   
> ! <dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
>   
> ! <dd>Reject the request when the RCPT TO address is not in
> ! fully-qualified domain form, as required by the RFC. <br> The
> ! <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code to
> ! rejected requests (default: 504). </dd>
>   
> + <dt><b><a name="reject_rhsbl_recipient">reject_rhsbl_recipient <i>rbl_domain=d.d.d.d</i></a></b></dt>
>   
> ! <dd>Reject the request when the RCPT TO domain is listed with the
> ! A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
> ! 2.1 and later only).  If no "<i>=d.d.d.d</i>" is specified, reject
> ! the request when the RCPT TO domain is listed with
> ! any A record under <i>rbl_domain</i>. <br> The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a>
> ! parameter specifies the response code for rejected requests (default:
> ! 554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter specifies the default server
> ! reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter specifies tables with server
> ! replies indexed by <i>rbl_domain</i>.  This feature is available
> ! in Postfix version 2.0 and later.</dd>
>   
> ! <dt><b><a name="reject_unauth_destination">reject_unauth_destination</a></b></dt>
>   
> ! <dd>Reject the request unless one of the following is true:
>   
> ! <ul>
>   
> ! <li> Postfix is mail forwarder: the resolved RCPT TO domain matches
> ! $<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and contains no sender-specified
> ! routing (user at elsewhere@domain),
>   
> ! <li> Postfix is the final destination: the resolved RCPT TO domain
> ! matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
> ! $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and contains
> ! no sender-specified routing (user at elsewhere@domain).
>   
> + </ul> The <a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> parameter specifies the response
> + code for rejected requests (default: 554). </dd>
>   
> ! <dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
>   
> ! <dd>Reject the request when Postfix is not final destination for
> ! the recipient domain, and the RCPT TO domain has no DNS A or MX
> ! record, or when it has a malformed MX record such as a record with
> ! a zero-length MX hostname (Postfix version 2.3 and later). <br> The
> ! <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies the response code
> ! for rejected requests (default: 450).  The response is always 450
> ! in case of a temporary DNS error.</dd>
>   
> ! <dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (with Postfix version 2.0: check_recipient_maps)</dt>
>   
> ! <dd> Reject the request when the RCPT TO address is not listed in
> ! the list of valid recipients for its domain class. See the
> ! <a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> parameter description for details.
> ! This feature is available in Postfix 2.1 and later.</dd>
>   
> ! <dt><b><a name="reject_unverified_recipient">reject_unverified_recipient</a></b></dt>
>   
> ! <dd>Reject the request when mail to the RCPT TO address is known
> ! to bounce, or when the recipient address destination is not reachable.
> ! Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
> ! see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details.  <br> The
> ! <a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> parameter specifies the response
> ! when an address is known to bounce (default: 450, change into 550
> ! when you are confident that it is safe to do so).  The
> ! <a href="postconf.5.html#unverified_recipient_defer_code">unverified_recipient_defer_code</a> parameter specifies the response
> ! when an address probe failed due to a temporary problem (default:
> ! 450).  This feature is available in Postfix 2.1 and later.  </dd>
>   
> ! </dl>
>   
> ! <p>
> ! Other restrictions that are valid in this context:
> ! </p>
>   
> + <ul>
>   
> ! <li><a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li>SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>.
>   
> ! </ul>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
> ! </pre>
>   
> ***************
> *** 14357,14388 ****
>   
> ! <DT><b><a name="smtpd_tls_auth_only">smtpd_tls_auth_only</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> When TLS encryption is optional in the Postfix SMTP server, do
> ! not announce or accept SASL authentication over unencrypted
> ! connections. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a>
> ! (default: 9)</b></DT><DD>
>   
> ! <p> The verification depth for remote SMTP client certificates. A
> ! depth of 1 is sufficient if the issuing CA is listed in a local CA
> ! file. </p>
>   
> ! <p> The default verification depth is 9 (the OpenSSL default) for
> ! compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
> ! the default value was 5, but the limit was not actually enforced. If
> ! you have set this to a lower non-default value, certificates with longer
> ! trust chains may now fail to verify. Certificate chains with 1 or 2
> ! CAs are common, deeper chains are more rare and any number between 5
> ! and 9 should suffice in practice. You can choose a lower number if,
> ! for example, you trust certificates directly signed by an issuing CA
> ! but not any CAs it delegates to. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11110,11143 ----
>   
> ! <DT><b><a name="smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p>
> ! Request that the Postfix SMTP server rejects mail for unknown
> ! recipient addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a>
> ! access restriction is specified. This prevents the Postfix queue
> ! from filling up with undeliverable MAILER-DAEMON messages.
> ! </p>
>   
> ! <ul>
>   
> + <li> The recipient domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> + or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
> + $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
> ! recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
> ! recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
> ! is not null.
>   
> ! <li> The recipient domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the recipient
> ! is not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
> ! is not null.
>   
> ! </ul>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 14391,14446 ****
>   
> ! <DT><b><a name="smtpd_tls_cert_file">smtpd_tls_cert_file</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP server RSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP server private RSA key. </p>
> ! 
> ! <p> Public Internet MX hosts without certificates signed by a "reputable"
> ! CA must generate, and be prepared to present to most clients, a
> ! self-signed or private-CA signed certificate. The client will not be
> ! able to authenticate the server, but unless it is running Postfix 2.3 or
> ! similar software, it will still insist on a server certificate. </p>
> ! 
> ! <p> For servers that are <b>not</b> public Internet MX hosts, Postfix
> ! 2.3 supports configurations with no certificates. This entails the
> ! use of just the anonymous TLS ciphers, which are not supported by
> ! typical SMTP clients. Since such clients will not, as a rule, fall
> ! back to plain text after a TLS handshake failure, the server will
> ! be unable to receive email from TLS enabled clients. To avoid
> ! accidental configurations with no certificates, Postfix 2.3 enables
> ! certificate-less operation only when the administrator explicitly
> ! sets "<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = none". This ensures that new Postfix
> ! configurations will not accidentally run with no certificates. </p>
>   
> ! <p> Both RSA and DSA certificates are supported.  When both types
> ! are present, the cipher used determines which certificate will be
> ! presented to the client.  For Netscape and OpenSSL clients without
> ! special cipher choices the RSA certificate is preferred. </p>
>   
> ! <p> To enable a remote SMTP client to verify the Postfix SMTP server
> ! certificate, the issuing CA certificates must be made available to the
> ! client. You should include the required certificates in the server
> ! certificate file, the server certificate first, then the issuing
> ! CA(s) (bottom-up order). </p>
>   
> ! <p> Example: the certificate for "server.example.com" was issued by
> ! "intermediate CA" which itself has a certificate of "root CA".
> ! Create the server.pem file with "cat server_cert.pem intermediate_CA.pem
> ! root_CA.pem > server.pem". </p>
>   
> ! <p> If you also want to verify client certificates issued by these
> ! CAs, you can add the CA certificates to the <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, in which
> ! case it is not necessary to have them in the <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> or
> ! <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
>   
> ! <p> A certificate supplied here must be usable as an SSL server certificate
> ! and hence pass the "openssl verify -purpose sslserver ..." test. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = /etc/postfix/server.pem
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11146,11177 ----
>   
> ! <DT><b><a name="smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Request that the Postfix SMTP server rejects mail from unknown
> ! sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
> ! access restriction is specified. This can slow down an explosion
> ! of forged mail from worms or viruses.  </p>
>   
> ! <ul>
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
> ! $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the sender is not listed in
> ! $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the sender
> ! is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
> ! sender is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
> ! is not null.
>   
> ! <li> The sender domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the sender is
> ! not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> is
> ! not null.
>   
> ! </ul>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 14449,14467 ****
>   
> ! <DT><b><a name="smtpd_tls_cipherlist">smtpd_tls_cipherlist</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
> ! cipher list. It is easy to create inter-operability problems by choosing
> ! a non-default cipher list. Do not use a non-default TLS cipherlist for
> ! MX hosts on the public Internet. Clients that begin the TLS handshake,
> ! but are unable to agree on a common cipher, may not be able to send any
> ! email to the SMTP server. Using a restricted cipher list may be more
> ! appropriate for a dedicated MSA or an internal mailhub, where one can
> ! exert some control over the TLS software and settings of the connecting
> ! clients. </p>
> ! 
> ! <p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
>   
> ! <p>This feature is available with Postfix version 2.2. It is not used with
> ! Postfix 2.3 and later; use <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> instead. </p>
>   
> --- 11180,11194 ----
>   
> ! <DT><b><a name="smtpd_restriction_classes">smtpd_restriction_classes</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! User-defined aliases for groups of access restrictions. The aliases
> ! can be specified in <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> etc., and on the
> ! right-hand side of a Postfix <a href="access.5.html">access(5)</a> table.
> ! </p>
>   
> ! <p>
> ! One major application is for implementing per-recipient UCE control.
> ! See the <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a> document for other examples.
> ! </p>
>   
> ***************
> *** 14470,14494 ****
>   
> ! <DT><b><a name="smtpd_tls_ciphers">smtpd_tls_ciphers</a>
> ! (default: export)</b></DT><DD>
> ! 
> ! <p> The minimum TLS cipher grade that the Postfix SMTP server
> ! will use with opportunistic TLS encryption. Cipher types listed in
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> are excluded from the base definition of
> ! the selected cipher grade. The default value "export" ensures maximum
> ! inter-operability. Because encryption is optional, stronger controls
> ! are not appropriate, and this setting SHOULD NOT be changed unless the
> ! change is essential. </p>
> ! 
> ! <p> When TLS is mandatory the cipher grade is chosen via the
> ! <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> configuration parameter, see there for syntax
> ! details. </p>
>   
> ! <p> Example: </p>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a> = export
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.6 and later. With earlier Postfix
> ! releases only the <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> parameter is implemented,
> ! and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p>
>   
> --- 11197,11213 ----
>   
> ! <DT><b><a name="smtpd_sasl_application_name">smtpd_sasl_application_name</a>
> ! (default: smtpd)</b></DT><DD>
>   
> ! <p>
> ! The application name that the Postfix SMTP server uses for SASL
> ! server initialization. This
> ! controls the name of the SASL configuration file. The default value
> ! is <b>smtpd</b>, corresponding to a SASL configuration file named
> ! <b>smtpd.conf</b>.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and 2.2. With Postfix 2.3
> ! it was renamed to <a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.
> ! </p>
>   
> ***************
> *** 14497,14514 ****
>   
> ! <DT><b><a name="smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server DSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP server private DSA key. </p>
>   
> ! <p> See the discussion under <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for more details.
>   </p>
>   
> ! <p> Example: </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> = /etc/postfix/server-dsa.pem
>   </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11216,11250 ----
>   
> ! <DT><b><a name="smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Enable SASL authentication in the Postfix SMTP server. By default,
> ! the Postfix SMTP server does not use authentication.
> ! </p>
>   
> ! <p>
> ! If a remote SMTP client is authenticated, the <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>
> ! access restriction can be used to permit relay access, like this:
>   </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
> !     <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, ...
> ! </pre>
> ! </blockquote>
> ! 
> ! <p> To reject all SMTP connections from unauthenticated clients,
> ! specify "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes" (which is the default) and use:
> ! </p>
>   
> + <blockquote>
>   <pre>
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, reject
>   </pre>
> + </blockquote>
>   
> ! <p>
> ! See the <a href="SASL_README.html">SASL_README</a> file for SASL configuration and operation details.
> ! </p>
>   
> ***************
> *** 14517,14546 ****
>   
> ! <DT><b><a name="smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> File with DH parameters that the Postfix SMTP server should
> ! use with EDH ciphers. </p>
>   
> ! <p> Instead of using the exact same parameter sets as distributed
> ! with other TLS packages, it is more secure to generate your own
> ! set of parameters with something like the following command:  </p>
>   
> ! <blockquote>
> ! <pre>
> ! openssl gendh -out /etc/postfix/dh_1024.pem -2 1024
> ! </pre>
> ! </blockquote>
>   
> ! <p> Your actual source for entropy may differ. Some systems have
> ! /dev/random; on other system you may consider using the "Entropy
> ! Gathering Daemon EGD", available at <a href="http://egd.sourceforge.net/">http://egd.sourceforge.net/</a>
>   </p>
>   
> - <p> Example: </p>
> - 
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> = /etc/postfix/dh_1024.pem
>   </pre>
>   
> ! <p>This feature is available with Postfix version 2.2.</p>
>   
> --- 11253,11309 ----
>   
> ! <DT><b><a name="smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Report the SASL authenticated user name in the <a href="smtpd.8.html">smtpd(8)</a> Received
> ! message header.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.3 and later.  </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! What remote SMTP clients the Postfix SMTP server will not offer
> ! AUTH support to.
> ! </p>
>   
> ! <p>
> ! Some clients (Netscape 4 at least) have a bug that causes them to
> ! require a login and password whenever AUTH is offered, whether it's
> ! necessary or not. To work around this, specify, for example,
> ! $<a href="postconf.5.html#mynetworks">mynetworks</a> to prevent Postfix from offering AUTH to local clients.
> ! </p>
>   
> ! <p>
> ! Specify a list of network/netmask patterns, separated by commas
> ! and/or whitespace. The mask specifies the number of bits in the
> ! network part of a host address. You can also "/file/name" or
> ! "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name" pattern is replaced by its
> ! contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table entry
> ! matches a lookup string (the lookup result is ignored).  Continue
> ! long lines by starting the next line with whitespace. Specify
> ! "!pattern" to exclude an address or network block from the list.
> ! The form "!/file/name" is supported only in Postfix version 2.4 and
> ! later.  </p>
> ! 
> ! <p> Note: IP version 6 address information must be specified inside
> ! <tt>[]</tt> in the <a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> value, and in
> ! files specified with "/file/name".  IP version 6 addresses contain
> ! the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
> ! pattern.  </p>
>   
> ! <p>
> ! Example:
>   </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
>   </pre>
>   
> ! <p>
> ! This feature is available in Postfix 2.1 and later.
> ! </p>
>   
> ***************
> *** 14549,14567 ****
>   
> ! <DT><b><a name="smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> File with DH parameters that the Postfix SMTP server should
> ! use with EDH ciphers. </p>
>   
> ! <p> See also the discussion under the <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
> ! configuration parameter.  </p>
>   
> ! <p> Example: </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> = /etc/postfix/dh_512.pem
>   </pre>
>   
> - <p>This feature is available with Postfix version 2.2.</p>
> - 
>   
> --- 11312,11334 ----
>   
> ! <DT><b><a name="smtpd_sasl_local_domain">smtpd_sasl_local_domain</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p>
> ! The name of the Postfix SMTP server's local SASL authentication
> ! realm.
> ! </p>
>   
> ! <p>
> ! By default, the local authentication realm name is the null string.
> ! </p>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
> ! <a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
>   </pre>
>   
>   
> ***************
> *** 14569,14583 ****
>   
> ! <DT><b><a name="smtpd_tls_dkey_file">smtpd_tls_dkey_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP server DSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP server DSA certificate
> ! file specified with $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11336,11348 ----
>   
> ! <DT><b><a name="smtpd_sasl_path">smtpd_sasl_path</a>
> ! (default: smtpd)</b></DT><DD>
>   
> ! <p> Implementation-specific information that the Postfix SMTP server
> ! passes through to
> ! the SASL plug-in implementation that is selected with
> ! <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  Typically this specifies the name of a
> ! configuration file or rendezvous point. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. In earlier
> ! releases it was called <b>smtpd_sasl_application_name</b>. </p>
>   
> ***************
> *** 14586,14650 ****
>   
> ! <DT><b><a name="smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> File with the Postfix SMTP server ECDSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP server private ECDSA key. </p>
> ! 
> ! <p> See the discussion under <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for more details. </p>
> ! 
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> = /etc/postfix/ecdsa-scert.pem
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_eckey_file">smtpd_tls_eckey_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server ECDSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP server ECDSA certificate
> ! file specified with $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when Postfix is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The Postfix SMTP server security grade for ephemeral elliptic-curve
> ! Diffie-Hellman (EECDH) key exchange. </p>
>   
> ! <p> The available choices are: </p>
>   
> ! <dl>
>   
> ! <dt><b>none</b></dt> <dd> Don't use EECDH. Ciphers based on EECDH key
> ! exchange will be disabled. This is the default in Postfix versions
> ! 2.6 and 2.7. </dd>
> ! 
> ! <dt><b>strong</b></dt> <dd> Use EECDH with approximately 128
> ! bits of security at a reasonable computational cost. This is the
> ! current best-practice trade-off between security and computational
> ! efficiency. This is the default in Postfix version 2.8 and later.
>   </dd>
>   
> ! <dt><b>ultra</b></dt> <dd> Use EECDH with approximately 192 bits of
> ! security at computational cost that is approximately twice as high
> ! as 128 bit strength ECC. Barring significant progress in attacks on
> ! elliptic curve crypto-systems, the "strong" curve is sufficient for most
> ! users. </dd>
>   
> --- 11351,11400 ----
>   
> ! <DT><b><a name="smtpd_sasl_security_options">smtpd_sasl_security_options</a>
> ! (default: noanonymous)</b></DT><DD>
>   
> ! <p> Postfix SMTP server SASL security options; as of Postfix 2.3
> ! the list of available
> ! features depends on the SASL server implementation that is selected
> ! with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  </p>
>   
> ! <p> The following security features are defined for the <b>cyrus</b>
> ! server SASL implementation: </p>
>   
> + <p>
> + Restrict what authentication mechanisms the Postfix SMTP server
> + will offer to the client.  The list of available authentication
> + mechanisms is system dependent.
> + </p>
>   
> ! <p>
> ! Specify zero or more of the following:
> ! </p>
>   
> ! <dl>
>   
> ! <dt><b>noplaintext</b></dt>
>   
> ! <dd>Disallow methods that use plaintext passwords. </dd>
>   
> ! <dt><b>noactive</b></dt>
>   
> + <dd>Disallow methods subject to active (non-dictionary) attack. </dd>
>   
> ! <dt><b>nodictionary</b></dt>
>   
> ! <dd>Disallow methods subject to passive (dictionary) attack. </dd>
>   
> ! <dt><b>noanonymous</b></dt>
>   
> ! <dd>Disallow methods that allow anonymous authentication. </dd>
>   
> ! <dt><b>forward_secrecy</b></dt>
>   
> ! <dd>Only allow methods that support forward secrecy (Dovecot only).
>   </dd>
>   
> ! <dt><b>mutual_auth</b></dt>
> ! 
> ! <dd>Only allow methods that provide mutual authentication (not available
> ! with Cyrus SASL version 1). </dd>
>   
> ***************
> *** 14652,14690 ****
>   
> ! <p> This feature is available in Postfix 2.6 and later, when it is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
>   
> - <p> List of ciphers or cipher types to exclude from the SMTP server
> - cipher list at all TLS security levels. Excluding valid ciphers
> - can create interoperability problems. DO NOT exclude ciphers unless it
> - is essential to do so. This is not an OpenSSL cipherlist; it is a simple
> - list separated by whitespace and/or commas. The elements are a single
> - cipher, or one or more "+" separated cipher properties, in which case
> - only ciphers matching <b>all</b> the properties are excluded. </p>
>   
> ! <p> Examples (some of these will cause problems): </p>
>   
> ! <blockquote>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = MD5, DES
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = DES+MD5
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = kEDH+aRSA
> ! </pre>
> ! </blockquote>
>   
> ! <p> The first setting disables anonymous ciphers. The next setting
> ! disables ciphers that use the MD5 digest algorithm or the (single) DES
> ! encryption algorithm. The next setting disables ciphers that use MD5 and
> ! DES together.  The next setting disables the two ciphers "AES256-SHA"
> ! and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
> ! key exchange with RSA authentication. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> --- 11402,11435 ----
>   
> ! <p>
> ! By default, the Postfix SMTP server accepts plaintext passwords but
> ! not anonymous logins.
> ! </p>
>   
> + <p>
> + Warning: it appears that clients try authentication methods in the
> + order as advertised by the server (e.g., PLAIN ANONYMOUS CRAM-MD5)
> + which means that if you disable plaintext passwords, clients will
> + log in anonymously, even when they should be able to use CRAM-MD5.
> + So, if you disable plaintext logins, disable anonymous logins too.
> + Postfix treats anonymous login as no authentication.
> + </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> = noanonymous, noplaintext
> ! </pre>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a>
> ! (default: $<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a>)</b></DT><DD>
>   
> ! <p> The SASL authentication security options that the Postfix SMTP
> ! server uses for TLS encrypted SMTP sessions. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 14693,14775 ****
>   
> ! <DT><b><a name="smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a>
> ! (default: md5)</b></DT><DD>
>   
> ! <p> The message digest algorithm to construct remote SMTP
> ! client-certificate
> ! fingerprints or public key fingerprints (Postfix 2.9 and later)
> ! for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and <b><a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a></b>. The
> ! default algorithm is <b>md5</b>, for backwards compatibility with Postfix
> ! releases prior to 2.5.  </p>
>   
> ! <p> Advances in hash
> ! function cryptanalysis have led to md5 being deprecated in favor of sha1.
> ! However, as long as there are no known "second pre-image" attacks
> ! against md5, its use in this context can still be considered safe.
> ! </p>
>   
> - <p> While additional digest algorithms are often available with OpenSSL's
> - libcrypto, only those used by libssl in SSL cipher suites are available to
> - Postfix. </p>
>   
> ! <p> To find the fingerprint of a specific certificate file, with a
> ! specific digest algorithm, run: </p>
>   
> ! <blockquote>
> ! <pre>
> ! $ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
> ! </pre>
> ! </blockquote>
>   
> ! <p> The text to the right of "=" sign is the desired fingerprint.
> ! For example: </p>
>   
> ! <blockquote>
> ! <pre>
> ! $ openssl x509 -noout -fingerprint -sha1 -in cert.pem
> ! SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
> ! </pre>
> ! </blockquote>
>   
> ! <p> Public key fingerprints are more difficult to extract, however,
> ! the SHA-1 public key fingerprint is often present as the value of the
> ! "Subject Key Identifier" extension in X.509v3 certificates. The Postfix
> ! SMTP server and client log the peer certificate fingerprint and public
> ! key fingerprint when TLS loglevel is 1 or higher. </p>
>   
> ! <p> Example: client-certificate access table, with sha1 fingerprints: </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> = sha1
> !     <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
> !         <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> hash:/etc/postfix/access,
> !         reject
> ! </pre>
> ! <pre>
> ! /etc/postfix/access:
> !     # Action folded to next line...
> !     AF:88:7C:AD:51:95:6F:36:96:F6:01:FB:2E:48:CD:AB:49:25:A2:3B
> !         OK
> !     85:16:78:FD:73:6E:CE:70:E0:31:5F:0D:3C:C8:6D:C4:2C:24:59:E1
> !         <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
> ! </pre>
> ! </blockquote>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_key_file">smtpd_tls_key_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server RSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP server RSA certificate
> ! file specified with $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted. File permissions should grant read-only
> ! access to the system superuser account ("root"), and no access
> ! to anyone else. </p>
>   
> --- 11438,11487 ----
>   
> ! <DT><b><a name="smtpd_sasl_type">smtpd_sasl_type</a>
> ! (default: cyrus)</b></DT><DD>
>   
> ! <p> The SASL plug-in type that the Postfix SMTP server should use
> ! for authentication. The available types are listed with the
> ! "<b>postconf -a</b>" command. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_sender_login_maps">smtpd_sender_login_maps</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional lookup table with the SASL login names that own sender
> ! (MAIL FROM) addresses.
> ! </p>
>   
> ! <p>
> ! Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup tables. With lookups from
> ! indexed files such as DB or DBM, or from networked tables such as
> ! NIS, LDAP or SQL, the following search operations are done with a
> ! sender address of <i>user at domain</i>:  </p>
>   
> ! <dl>
>   
> ! <dt> 1) <i>user at domain</i> </dt>
>   
> ! <dd>This table lookup is always done and has the highest precedence. </dd>
>   
> ! <dt> 2) <i>user</i> </dt>
>   
> + <dd>This table lookup is done only when the <i>domain</i> part of the
> + sender address matches $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
> + or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. </dd>
>   
> ! <dt> 3) <i>@domain</i> </dt>
>   
> ! <dd>This table lookup is done last and has the lowest precedence. </dd>
>   
> ! </dl>
>   
> ! <p>
> ! In all cases the result of table lookup must be either "not found"
> ! or a list of SASL login names separated by comma and/or whitespace.
> ! </p>
>   
> ***************
> *** 14778,14936 ****
>   
> ! <DT><b><a name="smtpd_tls_loglevel">smtpd_tls_loglevel</a>
> ! (default: 0)</b></DT><DD>
>   
> ! <p> Enable additional Postfix SMTP server logging of TLS activity.
> ! Each logging level also includes the information that is logged at
> ! a lower logging level.  </p>
>   
> ! <dl compact>
>   
> ! <dt> </dt> <dd> 0 Log only a summary message on TLS handshake completion
> ! — no logging of remote SMTP client certificate trust-chain verification
> ! errors
> ! if client certificate verification is not required. With Postfix 2.8
> ! and earlier, disable logging of TLS activity. </dd>
> ! 
> ! <dt> </dt> <dd> 1 Also log trust-chain verification errors and peer
> ! certificate name and issuer. With Postfix 2.8 and earlier, log TLS
> ! handshake and certificate information. </dd>
>   
> ! <dt> </dt> <dd> 2 Also log levels during TLS negotiation. </dd>
>   
> ! <dt> </dt> <dd> 3 Also log hexadecimal and ASCII dump of TLS negotiation
> ! process. </dd>
>   
> ! <dt> </dt> <dd> 4 Also log hexadecimal and ASCII dump of complete
> ! transmission after STARTTLS. </dd>
>   
> ! </dl>
>   
> ! <p> Do not use "<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> = 2" or higher except in case
> ! of problems. Use of loglevel 4 is strongly discouraged. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>
> ! (default: medium)</b></DT><DD>
>   
> ! <p> The minimum TLS cipher grade that the Postfix SMTP server will
> ! use with mandatory TLS encryption. The default grade ("medium") is
> ! sufficiently strong that any benefit from globally restricting TLS
> ! sessions to a more stringent grade is likely negligible, especially
> ! given the fact that many implementations still do not offer any stronger
> ! ("high" grade) ciphers, while those that do, will always use "high"
> ! grade ciphers. So insisting on "high" grade ciphers is generally
> ! counter-productive. Allowing "export" or "low" ciphers is typically
> ! not a good idea, as systems limited to just these are limited to
> ! obsolete browsers. No known SMTP clients fail to support at least
> ! one "medium" or "high" grade cipher. </p>
>   
> ! <p> The following cipher grades are supported: </p>
>   
> ! <dl>
> ! <dt><b>export</b></dt>
> ! <dd> Enable "EXPORT" grade or stronger OpenSSL ciphers.
> ! This is the most appropriate setting for public MX hosts, and is always
> ! used with opportunistic TLS encryption. The underlying cipherlist
> ! is specified via the <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> configuration parameter,
> ! which you are strongly encouraged to not change. </dd>
>   
> ! <dt><b>low</b></dt>
> ! <dd> Enable "LOW" grade or stronger OpenSSL ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to
> ! not change. </dd>
>   
> ! <dt><b>medium</b></dt>
> ! <dd> Enable "MEDIUM" grade or stronger OpenSSL ciphers. These use 128-bit
> ! or longer symmetric bulk-encryption keys. This is the default minimum
> ! strength for mandatory TLS encryption. The underlying cipherlist is
> ! specified via the <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> configuration parameter, which
> ! you are strongly encouraged to not change. </dd>
>   
> ! <dt><b>high</b></dt>
> ! <dd> Enable only "HIGH" grade OpenSSL ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to
> ! not change. </dd>
>   
> ! <dt><b>null</b></dt>
> ! <dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
> ! without encryption.  This setting is only appropriate in the rare
> ! case that all clients are prepared to use NULL ciphers (not normally
> ! enabled in TLS clients). The underlying cipherlist is specified via the
> ! <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> configuration parameter, which you are strongly
> ! encouraged to not change. </dd>
>   
> ! </dl>
>   
> ! <p> Cipher types listed in
> ! <a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> or <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> are
> ! excluded from the base definition of the selected cipher grade. See
> ! <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a> for cipher controls that apply to opportunistic
> ! TLS. </p>
>   
> ! <p> The underlying cipherlists for grades other than "null" include
> ! anonymous ciphers, but these are automatically filtered out if the
> ! server is configured to ask for remote SMTP client certificates.  You are very
> ! unlikely to need to take any steps to exclude anonymous ciphers, they
> ! are excluded automatically as required.  If you must exclude anonymous
> ! ciphers even when Postfix does not need or use peer certificates, set
> ! "<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL". To exclude anonymous ciphers only
> ! when TLS is enforced, set "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL". </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Additional list of ciphers or cipher types to exclude from the
> ! Postfix SMTP server cipher list at mandatory TLS security levels.
> ! This list
> ! works in addition to the exclusions listed with <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
> ! (see there for syntax details).  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a>
> ! (default: SSLv3, TLSv1)</b></DT><DD>
>   
> ! <p> The SSL/TLS protocols accepted by the Postfix SMTP server with
> ! mandatory TLS encryption. If the list is empty, the server supports all
> ! available SSL/TLS protocol versions.  A non-empty value is a list
> ! of protocol
> ! names separated by whitespace, commas or colons. The supported protocol
> ! names are "SSLv2", "SSLv3" and "TLSv1", and are not case sensitive. </p>
>   
> ! <p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
> ! protocol exclusions. One can now explicitly exclude SSLv2 by setting
> ! "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
> ! SSLv3 set "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
> ! the protocols to include, rather than protocols to exclude, is still
> ! supported, use the form you find more intuitive. </p>
>   
> ! <p> Since SSL version 2 has known protocol weaknesses and is now
> ! deprecated, the default setting excludes "SSLv2".  This means that
> ! by default, SSL version 2 will not be used at the "encrypt" security
> ! level. </p>
>   
> ! <p> Example: </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
> ! # Alternative form with Postfix ≥ 2.5:
> ! <a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
>   </pre>
>   
> - <p> This feature is available in Postfix 2.3 and later. </p>
> - 
>   
> --- 11490,11641 ----
>   
> ! <DT><b><a name="smtpd_sender_restrictions">smtpd_sender_restrictions</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p>
> ! Optional restrictions that the Postfix SMTP server applies in the
> ! context of the MAIL FROM command.
> ! </p>
>   
> ! <p>
> ! The default is to permit everything.
> ! </p>
>   
> ! <p>
> ! Specify a list of restrictions, separated by commas and/or whitespace.
> ! Continue long lines by starting the next line with whitespace.
> ! Restrictions are applied in the order as specified; the first
> ! restriction that matches wins.
> ! </p>
>   
> ! <p>
> ! The following restrictions are specific to the sender address
> ! received with the MAIL FROM command.
> ! </p>
>   
> ! <dl>
>   
> ! <dt><b><a name="check_sender_access">check_sender_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MAIL FROM
> ! address, domain, parent domains, or localpart@, and execute the
> ! corresponding action. </dd>
>   
> ! <dt><b><a name="check_sender_mx_access">check_sender_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
> ! the MAIL FROM address, and execute the corresponding action.  Note:
> ! a result of "OK" is not allowed for safety reasons. Instead, use
> ! DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later. </dd>
>   
> + <dt><b><a name="check_sender_ns_access">check_sender_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
>   
> ! <dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
> ! for the MAIL FROM address, and execute the corresponding action.
> ! Note: a result of "OK" is not allowed for safety reasons. Instead,
> ! use DUNNO in order to exclude specific hosts from blacklists.  This
> ! feature is available in Postfix 2.1 and later.  </dd>
>   
> ! <dt><b><a name="reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
> ! authenticated clients only. This feature is available in
> ! Postfix version 2.1 and later. </dd>
>   
> ! <dt><b><a name="reject_non_fqdn_sender">reject_non_fqdn_sender</a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM address is not in
> ! fully-qualified domain form, as required by the RFC. <br> The
> ! <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code to
> ! rejected requests (default: 504). </dd>
>   
> ! <dt><b><a name="reject_rhsbl_sender">reject_rhsbl_sender <i>rbl_domain=d.d.d.d</i></a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM domain is listed with
> ! the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix
> ! version 2.1 and later only).  If no "<i>=d.d.d.d</i>" is specified,
> ! reject the request when the MAIL FROM domain is
> ! listed with any A record under <i>rbl_domain</i>. <br> The
> ! <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
> ! rejected requests (default:  554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter
> ! specifies the default server reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter
> ! specifies tables with server replies indexed by <i>rbl_domain</i>.
> ! This feature is available in Postfix 2.0 and later.</dd>
>   
> ! <dt><b><a name="reject_sender_login_mismatch">reject_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Reject the request when $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> specifies an
> ! owner for the MAIL FROM address, but the client is not (SASL) logged
> ! in as that MAIL FROM address owner; or when the client is (SASL)
> ! logged in, but the client login name doesn't own the MAIL FROM
> ! address according to $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.</dd>
>   
> ! <dt><b><a name="reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a></b></dt>
>   
> ! <dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
> ! unauthenticated clients only. This feature is available in
> ! Postfix version 2.1 and later. </dd>
>   
> ! <dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
>   
> ! <dd>Reject the request when Postfix is not final destination for
> ! the sender address, and the MAIL FROM address has no DNS A or MX
> ! record, or when it has a malformed MX record such as a record with
> ! a zero-length MX hostname (Postfix version 2.3 and later). <br> The
> ! <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies the response code
> ! for rejected requests (default: 450).  The response is always 450
> ! in case of a temporary DNS error.  </dd>
>   
> + <dt><b><a name="reject_unlisted_sender">reject_unlisted_sender</a></b></dt>
>   
> ! <dd>Reject the request when the MAIL FROM address is not listed in
> ! the list of valid recipients for its domain class. See the
> ! <a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> parameter description for details.
> ! This feature is available in Postfix 2.1 and later.</dd>
>   
> ! <dt><b><a name="reject_unverified_sender">reject_unverified_sender</a></b></dt>
>   
> ! <dd>Reject the request when mail to the MAIL FROM address is known to
> ! bounce, or when the sender address destination is not reachable.
> ! Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
> ! see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details. <br> The
> ! <a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> parameter specifies the response when
> ! an address is known to bounce (default: 450, change into 550 when
> ! you are confident that it is safe to do so). The
> ! <a href="postconf.5.html#unverified_sender_defer_code">unverified_sender_defer_code</a> specifies the response when an address
> ! address probe failed due to a temporary problem (default: 450).
> ! This feature is available in Postfix 2.1 and later.  </dd>
>   
> ! </dl>
>   
> + <p>
> + Other restrictions that are valid in this context:
> + </p>
>   
> ! <ul>
>   
> ! <li> <a href="#generic">Generic</a> restrictions that can be used
> ! in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
>   
> ! <li> SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
>   
> ! <li> SMTP command specific restrictions described under
> ! <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>. When recipient restrictions are listed
> ! under <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, they have effect only with
> ! "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> is
> ! evaluated at the time of the RCPT TO command.
>   
> ! </ul>
>   
> ! <p>
> ! Examples:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
> ! <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>,
> !     <a href="postconf.5.html#check_sender_access">check_sender_access</a> hash:/etc/postfix/access
>   </pre>
>   
>   
> ***************
> *** 14938,14983 ****
>   
> ! <DT><b><a name="smtpd_tls_protocols">smtpd_tls_protocols</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> List of TLS protocols that the Postfix SMTP server will exclude
> ! or include with opportunistic TLS encryption. This parameter SHOULD be
> ! left at its default empty value, allowing all protocols to be used with
> ! opportunistic TLS. </p>
> ! 
> ! <p> In <a href="postconf.5.html">main.cf</a> the values are separated by whitespace, commas or
> ! colons. An empty value means allow all protocols. The valid protocol
> ! names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and
> ! "TLSv1". In <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> table entries, "protocols" attribute
> ! values are separated by a colon. </p>
> ! 
> ! <p> To include a protocol list its name, to exclude it, prefix the name
> ! with a "!" character. To exclude SSLv2 even for opportunistic TLS set
> ! "<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
> ! "<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
> ! include, is supported, but not recommended. OpenSSL provides no mechanisms
> ! for excluding protocols not known at compile-time. If Postfix is linked
> ! against an OpenSSL library that supports additional protocol versions,
> ! they cannot be excluded using either syntax. </p>
> ! 
> ! <p> Example: </p>
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_received_header">smtpd_tls_received_header</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Request that the Postfix SMTP server produces Received:  message
> ! headers that include information about the protocol and cipher used,
> ! as well as the remote SMTP client CommonName and client certificate issuer
> ! CommonName.  This is disabled by default, as the information may
> ! be modified in transit through other mail servers.  Only information
> ! that was recorded by the final destination can be trusted. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11643,11662 ----
>   
> ! <DT><b><a name="smtpd_soft_error_limit">smtpd_soft_error_limit</a>
> ! (default: 10)</b></DT><DD>
>   
> + <p>
> + The number of errors a remote SMTP client is allowed to make without
> + delivering mail before the Postfix SMTP server slows down all its
> + responses.
> + </p>
>   
> ! <ul>
>   
> ! <li><p>With Postfix version 2.1 and later, the Postfix SMTP server
> ! delays all responses by $<a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> seconds. </p>
>   
> ! <li><p>With Postfix versions 2.0 and earlier, the Postfix SMTP
> ! server delays all responses by (number of errors) seconds. </p>
>   
> ! </ul>
>   
> ***************
> *** 14986,14996 ****
>   
> ! <DT><b><a name="smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> With mandatory TLS encryption, require a trusted remote SMTP client
> ! certificate in order to allow TLS connections to proceed.  This
> ! option implies "<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> = yes". </p>
>   
> ! <p> When TLS encryption is optional, this setting is ignored with
> ! a warning written to the mail log. </p>
>   
> --- 11665,11671 ----
>   
> ! <DT><b><a name="smtpd_starttls_timeout">smtpd_starttls_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p> The time limit for Postfix SMTP server write and read operations
> ! during TLS startup and shutdown handshake procedures. </p>
>   
> ***************
> *** 15001,15043 ****
>   
> ! <DT><b><a name="smtpd_tls_security_level">smtpd_tls_security_level</a>
> ! (default: empty)</b></DT><DD>
> ! 
> ! <p> The SMTP TLS security level for the Postfix SMTP server; when
> ! a non-empty value is specified, this overrides the obsolete parameters
> ! <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. This parameter is ignored with
> ! "<a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> = yes".  </p>
>   
> ! <p> Specify one of the following security levels: </p>
>   
> ! <dl>
>   
> ! <dt><b>none</b></dt> <dd> TLS will not be used. </dd>
>   
> - <dt><b>may</b></dt> <dd> Opportunistic TLS: announce STARTTLS support
> - to remote SMTP clients, but do not require that clients use TLS encryption.
> - </dd>
>   
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption: announce
> ! STARTTLS support to remote SMTP clients, and require that clients use TLS
> ! encryption. According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> this MUST NOT be applied in case
> ! of a publicly-referenced SMTP server. Instead, this option should
> ! be used only on dedicated servers. </dd>
>   
> ! </dl>
>   
> ! <p> Note 1: the "fingerprint", "verify" and "secure" levels are not
> ! supported here.
> ! The Postfix SMTP server logs a warning and uses "encrypt" instead.
> ! To verify remote SMTP client certificates, see <a href="TLS_README.html">TLS_README</a> for a discussion
> ! of the <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>, <a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>, and <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
> ! features.  </p>
>   
> ! <p> Note 2: The parameter setting "<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> =
> ! encrypt" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes".</p>
>   
> ! <p> Note 3: when invoked via "sendmail -bs", Postfix will never
> ! offer STARTTLS due to insufficient privileges to access the server
> ! private key. This is intended behavior.</p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> --- 11676,11715 ----
>   
> ! <DT><b><a name="smtpd_timeout">smtpd_timeout</a>
> ! (default: 300s)</b></DT><DD>
>   
> ! <p>
> ! The time limit for sending a Postfix SMTP server response and for
> ! receiving a remote SMTP client request.
> ! </p>
>   
> ! <p>
> ! Note: if you set SMTP time limits to very large values you may have
> ! to update the global <a href="postconf.5.html#ipc_timeout">ipc_timeout</a> parameter.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_CAfile">smtpd_tls_CAfile</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The file with the certificate of the certification authority
> ! (CA) that issued the Postfix SMTP server certificate.  This is
> ! needed only when the CA certificate is not already present in the
> ! server certificate file.  This file may also contain the CA
> ! certificates of other trusted CAs.  You must use this file for the
> ! list of trusted CAs if you want to use chroot-mode. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> = /etc/postfix/CAcert.pem
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15046,15072 ****
>   
> ! <DT><b><a name="smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Name of the file containing the optional Postfix SMTP server
> ! TLS session cache. Specify a database type that supports enumeration,
> ! such as <b>btree</b> or <b>sdbm</b>; there is no need to support
> ! concurrent access.  The file is created if it does not exist. The <a href="smtpd.8.html">smtpd(8)</a>
> ! daemon does not use this parameter directly, rather the cache is
> ! implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
> ! per-smtpd-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not
> ! effective. Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a>
> ! daemon: $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
> ! (and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to be
> ! stored separately. It is not at this time possible to store multiple
> ! caches in a single database. </p>
> ! 
> ! <p> Note: <b>dbm</b> databases are not suitable. TLS
> ! session objects are too large. </p>
> ! 
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file. The file should now be stored under the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
> ! under a non-Postfix directory is redirected to the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
> ! 
>   <p> Example: </p>
> --- 11718,11734 ----
>   
> ! <DT><b><a name="smtpd_tls_CApath">smtpd_tls_CApath</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> Directory with PEM format certificate authority certificates
> ! that the Postfix SMTP server offers to remote SMTP clients for the
> ! purpose of client certificate verification.  Do not forget to create
> ! the necessary "hash" links with, for example, "$OPENSSL_HOME/bin/c_rehash
> ! /etc/postfix/certs".  </p>
> ! 
> ! <p> To use this option in chroot mode, this directory (or a copy)
> ! must be inside the chroot jail. Please note that in this case the
> ! CA certificates are not offered to the client, so that e.g.  Netscape
> ! clients might not offer certificates issued by them.  Use of this
> ! feature is therefore not recommended. </p>
> ! 
>   <p> Example: </p>
> ***************
> *** 15074,15076 ****
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> = btree:/var/lib/postfix/smtpd_scache
>   </pre>
> --- 11736,11738 ----
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> = /etc/postfix/certs
>   </pre>
> ***************
> *** 15082,15110 ****
>   
> ! <DT><b><a name="smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>
> ! (default: 3600s)</b></DT><DD>
> ! 
> ! <p> The expiration time of Postfix SMTP server TLS session cache
> ! information. A cache cleanup is performed periodically
> ! every $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> seconds. As with
> ! $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, this parameter is implemented in the
> ! <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtpd-instance <a href="master.5.html">master.cf</a> overrides
> ! are not possible. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Run the Postfix SMTP server in the non-standard "wrapper" mode,
> ! instead of using the STARTTLS command. </p>
>   
> ! <p> If you want to support this service, enable a special port in
> ! <a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
> ! server's command line. Port 465 (smtps) was once chosen for this
> ! purpose. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 11744,11769 ----
>   
> ! <DT><b><a name="smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>
> ! (default: yes)</b></DT><DD>
>   
> + <p> Force the Postfix SMTP server to issue a TLS session id, even
> + when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
> + is empty). This behavior is compatible with Postfix < 2.3. </p>
>   
> ! <p> With Postfix 2.3 and later the Postfix SMTP server can disable
> ! session id generation when TLS session caching is turned off. This
> ! keeps clients from caching sessions that almost certainly cannot
> ! be re-used.  </p>
>   
> ! <p> By default, the Postfix SMTP server always generates TLS session
> ! ids. This works around a known defect in mail client applications
> ! such as MS Outlook, and may also prevent interoperability issues
> ! with other MTAs. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> = no
> ! </pre>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 15113,15126 ****
>   
> ! <DT><b><a name="smtpd_use_tls">smtpd_use_tls</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
> ! but do not require that clients use TLS encryption. </p>
>   
> ! <p> Note: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
> ! STARTTLS due to insufficient privileges to access the server private
> ! key. This is intended behavior. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
>   
> --- 11772,11786 ----
>   
> ! <DT><b><a name="smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> Ask a remote SMTP client for a client certificate. This
> ! information is needed for certificate based mail relaying with,
> ! for example, the <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a> feature. </p>
>   
> ! <p> Some clients such as Netscape will either complain if no
> ! certificate is available (for the list of CAs in $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>)
> ! or will offer multiple client certificates to choose from. This
> ! may be annoying, so this option is "off" by default. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15129,15148 ****
>   
> ! <DT><b><a name="soft_bounce">soft_bounce</a>
>   (default: no)</b></DT><DD>
>   
> ! <p>
> ! Safety net to keep mail queued that would otherwise be returned to
> ! the sender.  This parameter disables locally-generated bounces,
> ! and prevents the Postfix SMTP server from rejecting mail permanently,
> ! by changing 5xx reply codes into 4xx.  However, <a href="postconf.5.html#soft_bounce">soft_bounce</a> is no
> ! cure for address rewriting mistakes or mail routing mistakes.
> ! </p>
> ! 
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#soft_bounce">soft_bounce</a> = yes
> ! </pre>
>   
> --- 11789,11798 ----
>   
> ! <DT><b><a name="smtpd_tls_auth_only">smtpd_tls_auth_only</a>
>   (default: no)</b></DT><DD>
>   
> ! <p> When TLS encryption is optional in the Postfix SMTP server, do
> ! not announce or accept SASL authentication over unencrypted
> ! connections. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15151,15164 ****
>   
> ! <DT><b><a name="stale_lock_time">stale_lock_time</a>
> ! (default: 500s)</b></DT><DD>
>   
> ! <p>
> ! The time after which a stale exclusive mailbox lockfile is removed.
> ! This is used for delivery to file or mailbox.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> --- 11801,11820 ----
>   
> ! <DT><b><a name="smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a>
> ! (default: 9)</b></DT><DD>
>   
> ! <p> The verification depth for remote SMTP client certificates. A
> ! depth of 1 is sufficient if the issuing CA is listed in a local CA
> ! file. </p>
>   
> ! <p> The default verification depth is 9 (the OpenSSL default) for
> ! compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
> ! the default value was 5, but the limit was not actually enforced. If
> ! you have set this to a lower non-default value, certificates with longer
> ! trust chains may now fail to verify. Certificate chains with 1 or 2
> ! CAs are common, deeper chains are more rare and any number between 5
> ! and 9 should suffice in practice. You can choose a lower number if,
> ! for example, you trust certificates directly signed by an issuing CA
> ! but not any CAs it delegates to. </p>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15167,15194 ****
>   
> ! <DT><b><a name="stress">stress</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> This feature is documented in the <a href="STRESS_README.html">STRESS_README</a> document. </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="strict_7bit_headers">strict_7bit_headers</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Reject mail with 8-bit text in message headers. This blocks mail
> ! from poorly written applications.
> ! </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it is likely to reject legitimate email.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> --- 11823,11877 ----
>   
> ! <DT><b><a name="smtpd_tls_cert_file">smtpd_tls_cert_file</a>
>   (default: empty)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server RSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP server private RSA key. </p>
>   
> ! <p> Public Internet MX hosts without certificates signed by a "reputable"
> ! CA must generate, and be prepared to present to most clients, a
> ! self-signed or private-CA signed certificate. The client will not be
> ! able to authenticate the server, but unless it is running Postfix 2.3 or
> ! similar software, it will still insist on a server certificate. </p>
>   
> + <p> For servers that are <b>not</b> public Internet MX hosts, Postfix
> + 2.3 supports configurations with no certificates. This entails the
> + use of just the anonymous TLS ciphers, which are not supported by
> + typical SMTP clients. Since such clients will not, as a rule, fall
> + back to plain text after a TLS handshake failure, the server will
> + be unable to receive email from TLS enabled clients. To avoid
> + accidental configurations with no certificates, Postfix 2.3 enables
> + certificate-less operation only when the administrator explicitly
> + sets "<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = none". This ensures that new Postfix
> + configurations will not accidentally run with no certificates. </p>
>   
> ! <p> Both RSA and DSA certificates are supported.  When both types
> ! are present, the cipher used determines which certificate will be
> ! presented to the client.  For Netscape and OpenSSL clients without
> ! special cipher choices the RSA certificate is preferred. </p>
>   
> ! <p> In order to verify a certificate, the CA certificate (in case
> ! of a certificate chain, all CA certificates) must be available.
> ! You should add these certificates to the server certificate, the
> ! server certificate first, then the issuing CA(s).  </p>
>   
> ! <p> Example: the certificate for "server.dom.ain" was issued by
> ! "intermediate CA" which itself has a certificate of "root CA".
> ! Create the server.pem file with "cat server_cert.pem intermediate_CA.pem
> ! root_CA.pem > server.pem". </p>
>   
> ! <p> If you also want to verify client certificates issued by these
> ! CAs, you can add the CA certificates to the <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, in which
> ! case it is not necessary to have them in the <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> or
> ! <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
>   
> ! <p> A certificate supplied here must be usable as an SSL server certificate
> ! and hence pass the "openssl verify -purpose sslserver ..." test. </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = /etc/postfix/server.pem
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15197,15213 ****
>   
> ! <DT><b><a name="strict_8bitmime">strict_8bitmime</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and <a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a>.
> ! </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it is likely to reject legitimate email.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> --- 11880,11898 ----
>   
> ! <DT><b><a name="smtpd_tls_cipherlist">smtpd_tls_cipherlist</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Obsolete Postfix < 2.3 control for the Postfix SMTP server TLS
> ! cipher list. It is easy to create inter-operability problems by choosing
> ! a non-default cipher list. Do not use a non-default TLS cipherlist for
> ! MX hosts on the public Internet. Clients that begin the TLS handshake,
> ! but are unable to agree on a common cipher, may not be able to send any
> ! email to the SMTP server. Using a restricted cipher list may be more
> ! appropriate for a dedicated MSA or an internal mailhub, where one can
> ! exert some control over the TLS software and settings of the connecting
> ! clients. </p>
>   
> ! <p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
>   
> ! <p>This feature is available with Postfix version 2.2. It is not used with
> ! Postfix 2.3 and later; use <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> instead. </p>
>   
> ***************
> *** 15216,15301 ****
>   
> ! <DT><b><a name="strict_8bitmime_body">strict_8bitmime_body</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p>
> ! Reject 8-bit message body text without 8-bit MIME content encoding
> ! information.  This blocks mail from poorly written applications.
> ! </p>
>   
> ! <p>
> ! Unfortunately, this also rejects majordomo approval requests when
> ! the included request contains valid 8-bit MIME mail, and it rejects
> ! bounces from mailers that do not MIME encapsulate 8-bit content
> ! (for example, bounces from qmail or from old versions of Postfix).
> ! </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it is likely to reject legitimate email.
>   </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> - <DT><b><a name="strict_mailbox_ownership">strict_mailbox_ownership</a>
> - (default: yes)</b></DT><DD>
>   
> ! <p> Defer delivery when a mailbox file is not owned by its recipient.
> ! The default setting is not backwards compatible.  </p>
>   
> ! <p> This feature is available in Postfix 2.5.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="strict_mime_encoding_domain">strict_mime_encoding_domain</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Reject mail with invalid Content-Transfer-Encoding: information
> ! for the message/* or multipart/* MIME content types.  This blocks
> ! mail from poorly written software.
>   </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it will reject mail after a single violation.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> - </DD>
>   
> ! <DT><b><a name="strict_rfc821_envelopes">strict_rfc821_envelopes</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Require that addresses received in SMTP MAIL FROM and RCPT TO
> ! commands are enclosed with <>, and that those addresses do
> ! not contain <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> style comments or phrases.  This stops mail
> ! from poorly written software.
> ! </p>
>   
> ! <p>
> ! By default, the Postfix SMTP server accepts <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> syntax in MAIL
> ! FROM and RCPT TO addresses.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="sun_mailtool_compatibility">sun_mailtool_compatibility</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Obsolete SUN mailtool compatibility feature. Instead, use
> ! "<a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> = dotlock".
> ! </p>
>   
> --- 11901,11970 ----
>   
> ! <DT><b><a name="smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server DSA certificate in PEM format.
> ! This file may also contain the Postfix SMTP server private DSA key. </p>
>   
> ! <p> See the discussion under <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for more details.
>   </p>
>   
> ! <p> Example: </p>
>   
> + <pre>
> + <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> = /etc/postfix/server-dsa.pem
> + </pre>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
> ! (default: empty)</b></DT><DD>
>   
> + <p> File with DH parameters that the Postfix SMTP server should
> + use with EDH ciphers. </p>
>   
> ! <p> Instead of using the exact same parameter sets as distributed
> ! with other TLS packages, it is more secure to generate your own
> ! set of parameters with something like the following command:  </p>
>   
> ! <blockquote>
> ! <pre>
> ! openssl gendh -out /etc/postfix/dh_1024.pem -2 1024
> ! </pre>
> ! </blockquote>
>   
> ! <p> Your actual source for entropy may differ. Some systems have
> ! /dev/random; on other system you may consider using the "Entropy
> ! Gathering Daemon EGD", available at <a href="http://egd.sourceforge.net/">http://egd.sourceforge.net/</a>
>   </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> = /etc/postfix/dh_1024.pem
> ! </pre>
>   
> + <p>This feature is available with Postfix version 2.2.</p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> File with DH parameters that the Postfix SMTP server should
> ! use with EDH ciphers. </p>
>   
> + <p> See also the discussion under the <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
> + configuration parameter.  </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> = /etc/postfix/dh_512.pem
> ! </pre>
>   
> ! <p>This feature is available with Postfix version 2.2.</p>
>   
> ***************
> *** 15304,15358 ****
>   
> ! <DT><b><a name="swap_bangpath">swap_bangpath</a>
> ! (default: yes)</b></DT><DD>
> ! 
> ! <p>
> ! Enable the rewriting of "site!user" into "user at site".  This is
> ! necessary if your machine is connected to UUCP networks.  It is
> ! enabled by default.
> ! </p>
>   
> ! <p> Note: with Postfix version 2.2, message header address rewriting
> ! happens only when one of the following conditions is true: </p>
>   
> ! <ul>
>   
> ! <li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
>   
> - <li> The message is received from a network client that matches
> - $<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
>   
> ! <li> The message is received from the network, and the
> ! <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
>   
> ! </ul>
>   
> ! <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
>   <pre>
> ! <a href="postconf.5.html#swap_bangpath">swap_bangpath</a> = no
>   </pre>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="syslog_facility">syslog_facility</a>
> ! (default: mail)</b></DT><DD>
> ! 
> ! <p>
> ! The syslog facility of Postfix logging. Specify a facility as
> ! defined in syslog.conf(5). The default facility is "mail".
> ! </p>
> ! 
> ! <p>
> ! Warning: a non-default <a href="postconf.5.html#syslog_facility">syslog_facility</a> setting takes effect only
> ! after a Postfix process has completed initialization.  Errors during
> ! process initialization will be logged with the default facility.
> ! Examples are errors while parsing the command line arguments, and
> ! errors while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
> ! </p>
>   
> --- 11973,12021 ----
>   
> ! <DT><b><a name="smtpd_tls_dkey_file">smtpd_tls_dkey_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server DSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP server DSA certificate
> ! file specified with $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted, but file permissions should grant read/write
> ! access only to the system superuser account ("root"). </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> List of ciphers or cipher types to exclude from the SMTP server
> ! cipher list at all TLS security levels. Excluding valid ciphers
> ! can create interoperability problems. DO NOT exclude ciphers unless it
> ! is essential to do so. This is not an OpenSSL cipherlist; it is a simple
> ! list separated by whitespace and/or commas. The elements are a single
> ! cipher, or one or more "+" separated cipher properties, in which case
> ! only ciphers matching <b>all</b> the properties are excluded. </p>
>   
> ! <p> Examples (some of these will cause problems): </p>
>   
> + <blockquote>
>   <pre>
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = MD5, DES
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = DES+MD5
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = kEDH+aRSA
>   </pre>
> + </blockquote>
>   
> + <p> The first setting disables anonymous ciphers. The next setting
> + disables ciphers that use the MD5 digest algorithm or the (single) DES
> + encryption algorithm. The next setting disables ciphers that use MD5 and
> + DES together.  The next setting disables the two ciphers "AES256-SHA"
> + and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
> + key exchange with RSA authentication. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 15361,15391 ****
>   
> ! <DT><b><a name="syslog_name">syslog_name</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p>
> ! The mail system name that is prepended to the process name in syslog
> ! records, so that "smtpd" becomes, for example, "postfix/smtpd".
>   </p>
>   
> ! <p>
> ! Warning: a non-default <a href="postconf.5.html#syslog_name">syslog_name</a> setting takes effect only after
> ! a Postfix process has completed initialization. Errors during
> ! process initialization will be logged with the default name. Examples
> ! are errors while parsing the command line arguments, and errors
> ! while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
>   </p>
>   
>   
> ! </DD>
> ! 
> ! <DT><b><a name="tcp_windowsize">tcp_windowsize</a>
> ! (default: 0)</b></DT><DD>
> ! 
> ! <p> An optional workaround for routers that break TCP window scaling.
> ! Specify a value > 0 and < 65536 to enable this feature.  With
> ! Postfix TCP servers (<a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>), this feature is implemented
> ! by the Postfix <a href="master.8.html">master(8)</a> daemon.  </p>
> ! 
> ! <p> To change this parameter without stopping Postfix, you need to
> ! first terminate all Postfix TCP servers: </p>
>   
> --- 12024,12046 ----
>   
> ! <DT><b><a name="smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a>
> ! (default: md5)</b></DT><DD>
>   
> ! <p> The message digest algorithm used to construct client-certificate
> ! fingerprints for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and
> ! <b><a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a></b>. The default algorithm is <b>md5</b>,
> ! for backwards compatibility with Postfix releases prior to 2.5.
>   </p>
>   
> ! <p> The best practice algorithm is now <b>sha1</b>. Recent advances in hash
> ! function cryptanalysis have led to md5 being deprecated in favor of sha1.
> ! However, as long as there are no known "second pre-image" attacks
> ! against md5, its use in this context can still be considered safe.
>   </p>
>   
> + <p> While additional digest algorithms are often available with OpenSSL's
> + libcrypto, only those used by libssl in SSL cipher suites are available to
> + Postfix. For now this means just md5 or sha1. </p>
>   
> ! <p> To find the fingerprint of a specific certificate file, with a
> ! specific digest algorithm, run: </p>
>   
> ***************
> *** 15393,15396 ****
>   <pre>
> ! # postconf -e <a href="postconf.5.html#master_service_disable">master_service_disable</a>=inet
> ! # postfix reload
>   </pre>
> --- 12048,12050 ----
>   <pre>
> ! $ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
>   </pre>
> ***************
> *** 15398,15402 ****
>   
> ! <p> This immediately terminates all processes that accept network
> ! connections.  Next, you enable Postfix TCP servers with the updated
> ! <a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> setting: </p>
>   
> --- 12052,12055 ----
>   
> ! <p> The text to the right of "=" sign is the desired fingerprint.
> ! For example: </p>
>   
> ***************
> *** 15404,15407 ****
>   <pre>
> ! # postconf -e <a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a>=65535 <a href="postconf.5.html#master_service_disable">master_service_disable</a>=
> ! # postfix reload
>   </pre>
> --- 12057,12060 ----
>   <pre>
> ! $ openssl x509 -noout -fingerprint -sha1 -in cert.pem
> ! SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
>   </pre>
> ***************
> *** 15409,15432 ****
>   
> ! <p> If you skip these steps with a running Postfix system, then the
> ! <a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> change will work only for Postfix TCP clients (<a href="smtp.8.html">smtp(8)</a>,
> ! <a href="lmtp.8.html">lmtp(8)</a>).  </p>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
> ! 
> ! </DD>
>   
> ! <DT><b><a name="tls_append_default_CA">tls_append_default_CA</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Append the system-supplied default certificate authority
> ! certificates to the ones specified with *_tls_CApath or *_tls_CAfile.
> ! The default is "no"; this prevents Postfix from trusting third-party
> ! certificates and giving them relay permission with
> ! <a href="postconf.5.html#permit_tls_all_clientcerts">permit_tls_all_clientcerts</a>.  </p>
> ! 
> ! <p> This feature is available in Postfix 2.4.15, 2.5.11, 2.6.8,
> ! 2.7.2 and later versions. Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = yes" for
> ! backwards compatibility, to avoid breaking certificate verification
> ! with sites that don't use <a href="postconf.5.html#permit_tls_all_clientcerts">permit_tls_all_clientcerts</a>. </p>
>   
> --- 12062,12084 ----
>   
> ! <p> Example: client-certificate access table, with sha1 fingerprints: </p>
>   
> ! <blockquote>
> ! <pre>
> ! /etc/postfix/<a href="postconf.5.html">main.cf</a>:
> !     <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> = sha1
> !     <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
> !         <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> hash:/etc/postfix/access,
> !         reject
> ! </pre>
> ! <pre>
> ! /etc/postfix/access:
> !     # Action folded to next line...
> !     AF:88:7C:AD:51:95:6F:36:96:F6:01:FB:2E:48:CD:AB:49:25:A2:3B
> !         OK
> !     85:16:78:FD:73:6E:CE:70:E0:31:5F:0D:3C:C8:6D:C4:2C:24:59:E1
> !         <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
> ! </pre>
> ! </blockquote>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 15435,15446 ****
>   
> ! <DT><b><a name="tls_daemon_random_bytes">tls_daemon_random_bytes</a>
> ! (default: 32)</b></DT><DD>
>   
> ! <p> The number of pseudo-random bytes that an <a href="smtp.8.html">smtp(8)</a> or <a href="smtpd.8.html">smtpd(8)</a>
> ! process requests from the <a href="tlsmgr.8.html">tlsmgr(8)</a> server in order to seed its
> ! internal pseudo random number generator (PRNG).  The default of 32
> ! bytes (equivalent to 256 bits) is sufficient to generate a 128bit
> ! (or 168bit) session key. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 12087,12098 ----
>   
> ! <DT><b><a name="smtpd_tls_key_file">smtpd_tls_key_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix SMTP server RSA private key in PEM format.
> ! This file may be combined with the Postfix SMTP server RSA certificate
> ! file specified with $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>. </p>
>   
> ! <p> The private key must be accessible without a pass-phrase, i.e. it
> ! must not be encrypted, but file permissions should grant read/write
> ! access only to the system superuser account ("root"). </p>
>   
> ***************
> *** 15449,15557 ****
>   
> ! <DT><b><a name="tls_disable_workarounds">tls_disable_workarounds</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
> ! 
> ! <p> List or bit-mask of OpenSSL bug work-arounds to disable. </p>
> ! 
> ! <p> The OpenSSL toolkit includes a set of work-arounds for buggy SSL/TLS
> ! implementations. Applications, such as Postfix, that want to maximize
> ! interoperability ask the OpenSSL library to enable the full set of
> ! recommended work-arounds. </p>
> ! 
> ! <p> From time to time, it is discovered that a work-around creates a
> ! security issue, and should no longer be used. If upgrading OpenSSL
> ! to a fixed version is not an option or an upgrade is not available
> ! in a timely manner, or in closed environments where no buggy clients
> ! or servers exist, it may be appropriate to disable some or all of the
> ! OpenSSL interoperability work-arounds. This parameter specifies which
> ! bug work-arounds to disable. </p>
> ! 
> ! <p> If the value of the parameter is a hexadecimal long integer starting
> ! with "0x", the bug work-arounds corresponding to the bits specified in
> ! its value are removed from the <b>SSL_OP_ALL</b> work-around bit-mask
> ! (see openssl/ssl.h and SSL_CTX_set_options(3)). You can specify more
> ! bits than are present in SSL_OP_ALL, excess bits are ignored. Specifying
> ! 0xFFFFFFFF disables all bug-workarounds on a 32-bit system. This should
> ! also be sufficient on 64-bit systems, until OpenSSL abandons support
> ! for 32-bit systems and starts using the high 32 bits of a 64-bit
> ! bug-workaround mask. </p>
> ! 
> ! <p> Otherwise, the parameter is a white-space or comma separated list
> ! of specific named bug work-arounds chosen from the list below. It
> ! is possible that your OpenSSL version includes new bug work-arounds
> ! added after your Postfix source code was last updated, in that case
> ! you can only disable one of these via the hexadecimal syntax above. </p>
> ! 
> ! <dl>
>   
> ! <dt><b>MICROSOFT_SESS_ID_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>NETSCAPE_CHALLENGE_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>LEGACY_SERVER_CONNECT</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>NETSCAPE_REUSE_CIPHER_CHANGE_BUG</b></dt> <dd> also aliased
> ! as <b>CVE-2010-4180</b>. Postfix 2.8 disables this work-around by
> ! default with OpenSSL versions that may predate the fix. Fixed in
> ! OpenSSL 0.9.8q and OpenSSL 1.0.0c.</dd>
>   
> ! <dt><b>SSLREF2_REUSE_CERT_TYPE_BUG</b></dt> <dd>See
> ! SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>MICROSOFT_BIG_SSLV3_BUFFER</b></dt> <dd>See
> ! SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>MSIE_SSLV2_RSA_PADDING</b></dt> <dd> also aliased as
> ! <b>CVE-2005-2969</b>. Postfix 2.8 disables this work-around by
> ! default with OpenSSL versions that may predate the fix. Fixed in
> ! OpenSSL 0.9.7h and OpenSSL 0.9.8a.</dd>
>   
> ! <dt><b>SSLEAY_080_CLIENT_DH_BUG</b></dt> <dd>See
> ! SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>TLS_D5_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>TLS_BLOCK_PADDING_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
>   
> - <dt><b>TLS_ROLLBACK_BUG</b></dt> <dd>See SSL_CTX_set_options(3).
> - This is disabled in OpenSSL 0.9.7 and later. Nobody should still
> - be using 0.9.6! </dd>
>   
> ! <dt><b>DONT_INSERT_EMPTY_FRAGMENTS</b></dt> <dd>See
> ! SSL_CTX_set_options(3)</dd>
>   
> ! <dt><b>CRYPTOPRO_TLSEXT_BUG</b></dt> <dd>New with GOST support in
> ! OpenSSL 1.0.0.</dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.8 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tls_eecdh_strong_curve">tls_eecdh_strong_curve</a>
> ! (default: prime256v1)</b></DT><DD>
>   
> ! <p> The elliptic curve used by the Postfix SMTP server for sensibly
> ! strong
> ! ephemeral ECDH key exchange. This curve is used by the Postfix SMTP
> ! server when "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = strong". The phrase "sensibly
> ! strong" means approximately 128-bit security based on best known
> ! attacks. The selected curve must be implemented by OpenSSL (as
> ! reported by ecparam(1) with the "-list_curves" option) and be one
> ! of the curves listed in Section 5.1.1 of <a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a>. You should not
> ! generally change this setting. </p>
>   
> ! <p> This default curve is specified in NSA "Suite B" Cryptography
> ! (see <a href="http://www.nsa.gov/ia/industry/crypto_suite_b.cfm">http://www.nsa.gov/ia/industry/crypto_suite_b.cfm</a>) for
> ! information classified as SECRET. </p>
>   
> ! <p> Note: elliptic curve names are poorly standardized; different
> ! standards groups are assigning different names to the same underlying
> ! curves.  The curve with the X9.62 name "prime256v1" is also known
> ! under the SECG name "secp256r1", but OpenSSL does not recognize the
> ! latter name. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when it is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
> --- 12101,12210 ----
>   
> ! <DT><b><a name="smtpd_tls_loglevel">smtpd_tls_loglevel</a>
> ! (default: 0)</b></DT><DD>
>   
> ! <p> Enable additional Postfix SMTP server logging of TLS activity.
> ! Each logging level also includes the information that is logged at
> ! a lower logging level.  </p>
>   
> ! <dl compact>
>   
> ! <dt> </dt> <dd> 0 Disable logging of TLS activity. </dd>
>   
> ! <dt> </dt> <dd> 1 Log TLS handshake and certificate information. </dd>
>   
> ! <dt> </dt> <dd> 2 Log levels during TLS negotiation. </dd>
>   
> ! <dt> </dt> <dd> 3 Log hexadecimal and ASCII dump of TLS negotiation
> ! process.  </dd>
>   
> ! <dt> </dt> <dd> 4 Also log hexadecimal and ASCII dump of complete
> ! transmission after STARTTLS. </dd>
>   
> ! </dl>
>   
> ! <p> Use "<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> = 3" only in case of problems. Use of
> ! loglevel 4 is strongly discouraged. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>
> ! (default: medium)</b></DT><DD>
>   
> ! <p> The minimum TLS cipher grade that the Postfix SMTP server will
> ! use with mandatory
> ! TLS encryption. Cipher types listed in <a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>
> ! or <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> are excluded from the base definition
> ! of the selected cipher grade. With opportunistic TLS encryption,
> ! the "export" grade is used unconditionally with exclusions specified
> ! only via <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>. </p>
>   
> ! <p> The following cipher grades are supported: </p>
>   
> + <dl>
> + <dt><b>export</b></dt>
> + <dd> Enable the mainstream "EXPORT" grade or better OpenSSL ciphers.
> + This is the most appropriate setting for public MX hosts, and is always
> + used with opportunistic TLS encryption. The underlying cipherlist
> + is specified via the <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> configuration parameter,
> + which you are strongly encouraged to not change. The default value
> + of <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> includes anonymous ciphers, but these are
> + automatically filtered out if the server is configured to ask for
> + client certificates. If you must always exclude anonymous ciphers,
> + set "<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL". To exclude anonymous ciphers
> + only when TLS is enforced, set "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> =
> + aNULL". </dd>
>   
> ! <dt><b>low</b></dt>
> ! <dd> Enable the mainstream "LOW" grade or better OpenSSL ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to
> ! not change. The default value of <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> includes
> ! anonymous ciphers, but these are automatically filtered out if the
> ! server is configured to ask for client certificates. If you must
> ! always exclude anonymous ciphers, set "<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> =
> ! aNULL". To exclude anonymous ciphers only when TLS is enforced, set
> ! "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>medium</b></dt>
> ! <dd> Enable the mainstream "MEDIUM" grade or better OpenSSL ciphers. These
> ! are essentially the 128-bit or stronger ciphers. This is the default
> ! minimum strength for mandatory TLS encryption. MSAs that enforce
> ! TLS and have clients that do not support any "MEDIUM" or "HIGH"
> ! grade ciphers, may need to configure a weaker ("low" or "export")
> ! minimum cipher grade. The underlying cipherlist is specified via the
> ! <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> configuration parameter, which you are strongly
> ! encouraged to not change. The default value of <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a>
> ! includes anonymous ciphers, but these are automatically filtered out if
> ! the server is configured to ask for client certificates. If you must
> ! always exclude anonymous ciphers, set "<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> =
> ! aNULL". To exclude anonymous ciphers only when TLS is enforced, set
> ! "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>high</b></dt>
> ! <dd> Enable only the mainstream "HIGH" grade OpenSSL ciphers. The
> ! underlying cipherlist is specified via the <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a>
> ! configuration parameter, which you are strongly encouraged to
> ! not change. The default value of <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> includes
> ! anonymous ciphers, but these are automatically filtered out if the
> ! server is configured to ask for client certificates. If you must
> ! always exclude anonymous ciphers, set "<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> =
> ! aNULL". To exclude anonymous ciphers only when TLS is enforced, set
> ! "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL". </dd>
>   
> ! <dt><b>null</b></dt>
> ! <dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
> ! without encryption.  This setting is only appropriate in the rare
> ! case that all clients are prepared to use NULL ciphers (not normally
> ! enabled in TLS clients). The underlying cipherlist is specified via the
> ! <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> configuration parameter, which you are strongly
> ! encouraged to not change. The default value of <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a>
> ! excludes anonymous ciphers (OpenSSL 0.9.8 has NULL ciphers that offer
> ! data integrity without encryption or authentication). </dd>
>   
> ! </dl>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 15560,15581 ****
>   
> ! <DT><b><a name="tls_eecdh_ultra_curve">tls_eecdh_ultra_curve</a>
> ! (default: secp384r1)</b></DT><DD>
> ! 
> ! <p> The elliptic curve used by the Postfix SMTP server for maximally
> ! strong
> ! ephemeral ECDH key exchange. This curve is used by the Postfix SMTP
> ! server when "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = ultra". The phrase "maximally
> ! strong" means approximately 192-bit security based on best known attacks.
> ! This additional strength comes at a significant computational cost, most
> ! users should instead set "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = strong".  The selected
> ! curve must be implemented by OpenSSL (as reported by ecparam(1) with the
> ! "-list_curves" option) and be one of the curves listed in Section 5.1.1
> ! of <a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a>. You should not generally change this setting. </p>
>   
> ! <p> This default "ultra" curve is specified in NSA "Suite B" Cryptography
> ! (see <a href="http://www.nsa.gov/ia/industry/crypto_suite_b.cfm">http://www.nsa.gov/ia/industry/crypto_suite_b.cfm</a>) for information
> ! classified as TOP SECRET. </p>
>   
> ! <p> This feature is available in Postfix 2.6 and later, when it is
> ! compiled and linked with OpenSSL 1.0.0 or later. </p>
>   
> --- 12213,12223 ----
>   
> ! <DT><b><a name="smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Additional list of ciphers or cipher types to exclude from the
> ! SMTP server cipher list at mandatory TLS security levels. This list
> ! works in addition to the exclusions listed with <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
> ! (see there for syntax details).  </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 15584,15615 ****
>   
> ! <DT><b><a name="tls_export_cipherlist">tls_export_cipherlist</a>
> ! (default: ALL:+RC4:@STRENGTH)</b></DT><DD>
> ! 
> ! <p> The OpenSSL cipherlist for "EXPORT" or higher grade ciphers. This
> ! defines the meaning of the "export" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. This is
> ! the cipherlist for the opportunistic ("may") TLS client security
> ! level and is the default cipherlist for the SMTP server. You are
> ! strongly encouraged to not change this setting. With OpenSSL 1.0.0 and
> ! later the cipherlist may start with an "aNULL:" prefix, which restores
> ! the 0.9.8-compatible ordering of the aNULL ciphers to the top of the
> ! list when they are enabled. This prefix is not needed with previous
> ! OpenSSL releases. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tls_high_cipherlist">tls_high_cipherlist</a>
> ! (default: ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "HIGH" grade ciphers. This defines
> ! the meaning of the "high" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are
> ! strongly encouraged to not change this setting. With OpenSSL 1.0.0 and
> ! later the cipherlist may start with an "aNULL:" prefix, which restores
> ! the 0.9.8-compatible ordering of the aNULL ciphers to the top of the
> ! list when they are enabled. This prefix is not needed with previous
> ! OpenSSL releases. </p>
>   
> --- 12226,12256 ----
>   
> ! <DT><b><a name="smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a>
> ! (default: SSLv3, TLSv1)</b></DT><DD>
>   
> ! <p> The SSL/TLS protocols accepted by the Postfix SMTP server with
> ! mandatory TLS encryption. If the list is empty, the server supports all
> ! available SSL/TLS protocol versions.  A non-empty value is a list
> ! of protocol
> ! names separated by whitespace, commas or colons. The supported protocol
> ! names are "SSLv2", "SSLv3" and "TLSv1", and are not case sensitive. </p>
>   
> + <p> With Postfix ≥ 2.5 the parameter syntax is expanded to support
> + protocol exclusions. One can now explicitly exclude SSLv2 by setting
> + "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2". To exclude both SSLv2 and
> + SSLv3 set "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
> + the protocols to include, rather than protocols to exclude, is still
> + supported, use the form you find more intuitive. </p>
>   
> ! <p> Since SSL version 2 has known protocol weaknesses and is now
> ! deprecated, the default setting excludes "SSLv2".  This means that
> ! by default, SSL version 2 will not be used at the "encrypt" security
> ! level. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
> ! # Alternative form with Postfix ≥ 2.5:
> ! <a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
> ! </pre>
>   
> ***************
> *** 15620,15634 ****
>   
> ! <DT><b><a name="tls_low_cipherlist">tls_low_cipherlist</a>
> ! (default: ALL:!EXPORT:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "LOW" or higher grade ciphers. This defines
> ! the meaning of the "low" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are
> ! strongly encouraged to not change this setting.  With OpenSSL 1.0.0 and
> ! later the cipherlist may start with an "aNULL:" prefix, which restores
> ! the 0.9.8-compatible ordering of the aNULL ciphers to the top of the
> ! list when they are enabled. This prefix is not needed with previous
> ! OpenSSL releases. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> --- 12261,12273 ----
>   
> ! <DT><b><a name="smtpd_tls_received_header">smtpd_tls_received_header</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Request that the Postfix SMTP server produces Received:  message
> ! headers that include information about the protocol and cipher used,
> ! as well as the client CommonName and client certificate issuer
> ! CommonName.  This is disabled by default, as the information may
> ! be modified in transit through other mail servers.  Only information
> ! that was recorded by the final destination can be trusted. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 15637,15707 ****
>   
> ! <DT><b><a name="tls_medium_cipherlist">tls_medium_cipherlist</a>
> ! (default: ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. This
> ! defines the meaning of the "medium" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. This is
> ! the default cipherlist for mandatory TLS encryption in the TLS
> ! client (with anonymous ciphers disabled when verifying server
> ! certificates). You are strongly encouraged to not change this
> ! setting.  With OpenSSL 1.0.0 and later the cipherlist may start with an
> ! "aNULL:" prefix, which restores the 0.9.8-compatible ordering of the
> ! aNULL ciphers to the top of the list when they are enabled. This prefix
> ! is not needed with previous OpenSSL releases. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> - </DD>
>   
> ! <DT><b><a name="tls_null_cipherlist">tls_null_cipherlist</a>
> ! (default: eNULL:!aNULL)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "NULL" grade ciphers that provide
> ! authentication without encryption. This defines the meaning of the "null"
> ! setting in smtpd_mandatory_tls_ciphers, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>.  You are strongly encouraged to not
> ! change this setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tls_preempt_cipherlist">tls_preempt_cipherlist</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> With SSLv3 and later, use the Postfix SMTP server's cipher
> ! preference order instead of the remote client's cipher preference
> ! order. </p>
> ! 
> ! <p> By default, the OpenSSL server selects the client's most preferred
> ! cipher that the server supports. With SSLv3 and later, the server may
> ! choose its own most preferred cipher that is supported (offered) by
> ! the client. Setting "<a href="postconf.5.html#tls_preempt_cipherlist">tls_preempt_cipherlist</a> = yes" enables server cipher
> ! preferences. </p>
> ! 
> ! <p> While server cipher selection may in some cases lead to a more secure
> ! or performant cipher choice, there is some risk of interoperability
> ! issues. In the past, some SSL clients have listed lower priority ciphers
> ! that they did not implement correctly. If the server chooses a cipher
> ! that the client prefers less, it may select a cipher whose client
> ! implementation is flawed. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later, in combination
> ! with OpenSSL 0.9.7 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tls_random_bytes">tls_random_bytes</a>
> ! (default: 32)</b></DT><DD>
>   
> ! <p> The number of bytes that <a href="tlsmgr.8.html">tlsmgr(8)</a> reads from $<a href="postconf.5.html#tls_random_source">tls_random_source</a>
> ! when (re)seeding the in-memory pseudo random number generator (PRNG)
> ! pool. The default of 32 bytes (256 bits) is good enough for 128bit
> ! symmetric keys.  If using EGD or a device file, a maximum of 255
> ! bytes is read. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> --- 12276,12333 ----
>   
> ! <DT><b><a name="smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> With mandatory TLS encryption, require a trusted remote SMTP client
> ! certificate in order to allow TLS connections to proceed.  This
> ! option implies "<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> = yes". </p>
>   
> ! <p> When TLS encryption is optional, this setting is ignored with
> ! a warning written to the mail log. </p>
>   
> + <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="smtpd_tls_security_level">smtpd_tls_security_level</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> The SMTP TLS security level for the Postfix SMTP server; when
> ! a non-empty value is specified, this overrides the obsolete parameters
> ! <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. This parameter is ignored with
> ! "<a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> = yes".  </p>
>   
> + <p> Specify one of the following security levels: </p>
>   
> ! <dl>
>   
> ! <dt><b>none</b></dt> <dd> TLS will not be used. </dd>
>   
> ! <dt><b>may</b></dt> <dd> Opportunistic TLS: announce STARTTLS support
> ! to SMTP clients, but do not require that clients use TLS encryption.
> ! </dd>
>   
> ! <dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption: announce
> ! STARTTLS support to SMTP clients, and require that clients use TLS
> ! encryption. According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> this MUST NOT be applied in case
> ! of a publicly-referenced SMTP server. Instead, this option should
> ! be used only on dedicated servers. </dd>
>   
> + </dl>
>   
> ! <p> Note 1: the "fingerprint", "verify" and "secure" levels are not
> ! supported here.
> ! The Postfix SMTP server logs a warning and uses "encrypt" instead.
> ! To verify SMTP client certificates, see <a href="TLS_README.html">TLS_README</a> for a discussion
> ! of the <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>, <a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>, and <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
> ! features.  </p>
>   
> ! <p> Note 2: The parameter setting "<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> =
> ! encrypt" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes".</p>
>   
> ! <p> Note 3: when invoked via "sendmail -bs", Postfix will never
> ! offer STARTTLS due to insufficient privileges to access the server
> ! private key. This is intended behavior.</p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 15710,15736 ****
>   
> ! <DT><b><a name="tls_random_exchange_name">tls_random_exchange_name</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
> ! 
> ! <p> Name of the pseudo random number generator (PRNG) state file
> ! that is maintained by <a href="tlsmgr.8.html">tlsmgr(8)</a>. The file is created when it does
> ! not exist, and its length is fixed at 1024 bytes.  </p>
> ! 
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file, and the default file location was changed from
> ! ${<a href="postconf.5.html#config_directory">config_directory</a>}/prng_exch to ${<a href="postconf.5.html#data_directory">data_directory</a>}/prng_exch.  As
> ! a migration aid, an attempt to open the file under a non-Postfix
> ! directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a
> ! warning is logged. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tls_random_prng_update_period">tls_random_prng_update_period</a>
> ! (default: 3600s)</b></DT><DD>
>   
> ! <p> The time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to save the state of
> ! the pseudo random number generator (PRNG) to the file specified
> ! with $<a href="postconf.5.html#tls_random_exchange_name">tls_random_exchange_name</a>.  </p>
>   
> --- 12336,12367 ----
>   
> ! <DT><b><a name="smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> Name of the file containing the optional Postfix SMTP server
> ! TLS session cache. Specify a database type that supports enumeration,
> ! such as <b>btree</b> or <b>sdbm</b>; there is no need to support
> ! concurrent access.  The file is created if it does not exist. The <a href="smtpd.8.html">smtpd(8)</a>
> ! daemon does not use this parameter directly, rather the cache is
> ! implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
> ! per-smtpd-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not
> ! effective. Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a>
> ! daemon: $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
> ! (and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to be
> ! stored separately. It is not at this time possible to store multiple
> ! caches in a single database. </p>
>   
> + <p> Note: <b>dbm</b> databases are not suitable. TLS
> + session objects are too large. </p>
>   
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file. The file should now be stored under the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
> ! under a non-Postfix directory is redirected to the Postfix-owned
> ! <a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
>   
> ! <p> Example: </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> = btree:/var/lib/postfix/smtpd_scache
> ! </pre>
>   
> ***************
> *** 15741,15749 ****
>   
> ! <DT><b><a name="tls_random_reseed_period">tls_random_reseed_period</a>
>   (default: 3600s)</b></DT><DD>
>   
> ! <p> The maximal time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to re-seed the
> ! in-memory pseudo random number generator (PRNG) pool from external
> ! sources.  The actual time between re-seeding attempts is calculated
> ! using the PRNG, and is between 0 and the time specified.  </p>
>   
> --- 12372,12382 ----
>   
> ! <DT><b><a name="smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>
>   (default: 3600s)</b></DT><DD>
>   
> ! <p> The expiration time of Postfix SMTP server TLS session cache
> ! information. A cache cleanup is performed periodically
> ! every $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> seconds. As with
> ! $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, this parameter is implemented in the
> ! <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtpd-instance <a href="master.5.html">master.cf</a> overrides
> ! are not possible. </p>
>   
> ***************
> *** 15754,15767 ****
>   
> ! <DT><b><a name="tls_random_source">tls_random_source</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The external entropy source for the in-memory <a href="tlsmgr.8.html">tlsmgr(8)</a> pseudo
> ! random number generator (PRNG) pool. Be sure to specify a non-blocking
> ! source.  If this source is not a regular file, the entropy source
> ! type must be prepended:  egd:/path/to/egd_socket for a source with
> ! EGD compatible socket interface, or dev:/path/to/device for a
> ! device file.  </p>
>   
> ! <p> Note: on OpenBSD systems specify /dev/arandom when /dev/urandom
> ! gives timeout errors.  </p>
>   
> --- 12387,12398 ----
>   
> ! <DT><b><a name="smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p> Run the Postfix SMTP server in the non-standard "wrapper" mode,
> ! instead of using the STARTTLS command. </p>
>   
> ! <p> If you want to support this service, enable a special port in
> ! <a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
> ! server's command line. Port 465 (smtps) was once chosen for this
> ! purpose. </p>
>   
> ***************
> *** 15772,15781 ****
>   
> ! <DT><b><a name="tlsproxy_enforce_tls">tlsproxy_enforce_tls</a>
> ! (default: $<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b></DT><DD>
>   
> ! <p> Mandatory TLS: announce STARTTLS support to remote SMTP clients, and
> ! require that clients use TLS encryption. See <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> for
> ! further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12403,12416 ----
>   
> ! <DT><b><a name="smtpd_use_tls">smtpd_use_tls</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p> Opportunistic TLS: announce STARTTLS support to SMTP clients,
> ! but do not require that clients use TLS encryption. </p>
>   
> ! <p> Note: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
> ! STARTTLS due to insufficient privileges to access the server private
> ! key. This is intended behavior. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later. With
> ! Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
>   
> ***************
> *** 15784,15792 ****
>   
> ! <DT><b><a name="tlsproxy_service_name">tlsproxy_service_name</a>
> ! (default: tlsproxy)</b></DT><DD>
>   
> ! <p> The name of the <a href="tlsproxy.8.html">tlsproxy(8)</a> service entry in <a href="master.5.html">master.cf</a>. This
> ! service performs plaintext <=> TLS ciphertext conversion. <p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12419,12438 ----
>   
> ! <DT><b><a name="soft_bounce">soft_bounce</a>
> ! (default: no)</b></DT><DD>
> ! 
> ! <p>
> ! Safety net to keep mail queued that would otherwise be returned to
> ! the sender.  This parameter disables locally-generated bounces,
> ! and prevents the Postfix SMTP server from rejecting mail permanently,
> ! by changing 5xx reply codes into 4xx.  However, <a href="postconf.5.html#soft_bounce">soft_bounce</a> is no
> ! cure for address rewriting mistakes or mail routing mistakes.
> ! </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#soft_bounce">soft_bounce</a> = yes
> ! </pre>
>   
> ***************
> *** 15795,15804 ****
>   
> ! <DT><b><a name="tlsproxy_tls_CAfile">tlsproxy_tls_CAfile</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>)</b></DT><DD>
>   
> ! <p> A file containing (PEM format) CA certificates of root CAs
> ! trusted to sign either remote SMTP client certificates or intermediate
> ! CA certificates.  See <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12441,12454 ----
>   
> ! <DT><b><a name="stale_lock_time">stale_lock_time</a>
> ! (default: 500s)</b></DT><DD>
>   
> ! <p>
> ! The time after which a stale exclusive mailbox lockfile is removed.
> ! This is used for delivery to file or mailbox.
> ! </p>
>   
> ! <p>
> ! Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
> ! The default time unit is s (seconds).
> ! </p>
>   
> ***************
> *** 15807,15816 ****
>   
> ! <DT><b><a name="tlsproxy_tls_CApath">tlsproxy_tls_CApath</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>)</b></DT><DD>
>   
> ! <p> A directory containing (PEM format) CA certificates of root CAs
> ! trusted to sign either remote SMTP client certificates or intermediate
> ! CA certificates. See <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12457,12464 ----
>   
> ! <DT><b><a name="stress">stress</a>
> ! (default: empty)</b></DT><DD>
>   
> ! <p> This feature is documented in the <a href="STRESS_README.html">STRESS_README</a> document. </p>
>   
> ! <p> This feature is available in Postfix 2.5 and later. </p>
>   
> ***************
> *** 15819,15863 ****
>   
> ! <DT><b><a name="tlsproxy_tls_always_issue_session_ids">tlsproxy_tls_always_issue_session_ids</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>)</b></DT><DD>
> ! 
> ! <p> Force the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server to issue a TLS session id,
> ! even when TLS session caching is turned off. See
> ! <a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> - <DT><b><a name="tlsproxy_tls_ask_ccert">tlsproxy_tls_ask_ccert</a>
> - (default: $<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>)</b></DT><DD>
>   
> ! <p> Ask a remote SMTP client for a client certificate. See
> ! <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tlsproxy_tls_ccert_verifydepth">tlsproxy_tls_ccert_verifydepth</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a>)</b></DT><DD>
>   
> - <p> The verification depth for remote SMTP client certificates. A
> - depth of 1 is sufficient if the issuing CA is listed in a local CA
> - file. See <a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tlsproxy_tls_cert_file">tlsproxy_tls_cert_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server RSA certificate in PEM
> ! format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! private RSA key.  See <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for further details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12467,12530 ----
>   
> ! <DT><b><a name="strict_7bit_headers">strict_7bit_headers</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Reject mail with 8-bit text in message headers. This blocks mail
> ! from poorly written applications.
> ! </p>
>   
> + <p>
> + This feature should not be enabled on a general purpose mail server,
> + because it is likely to reject legitimate email.
> + </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="strict_8bitmime">strict_8bitmime</a>
> ! (default: no)</b></DT><DD>
>   
> + <p>
> + Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and <a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a>.
> + </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it is likely to reject legitimate email.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
>   
> ! </DD>
>   
> + <DT><b><a name="strict_8bitmime_body">strict_8bitmime_body</a>
> + (default: no)</b></DT><DD>
>   
> ! <p>
> ! Reject 8-bit message body text without 8-bit MIME content encoding
> ! information.  This blocks mail from poorly written applications.
> ! </p>
>   
> ! <p>
> ! Unfortunately, this also rejects majordomo approval requests when
> ! the included request contains valid 8-bit MIME mail, and it rejects
> ! bounces from mailers that do not MIME encapsulate 8-bit content
> ! (for example, bounces from qmail or from old versions of Postfix).
> ! </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it is likely to reject legitimate email.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 15866,15875 ****
>   
> ! <DT><b><a name="tlsproxy_tls_ciphers">tlsproxy_tls_ciphers</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>)</b></DT><DD>
>   
> ! <p> The minimum TLS cipher grade that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! will use with opportunistic TLS encryption. See <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>
> ! for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12533,12541 ----
>   
> ! <DT><b><a name="strict_mailbox_ownership">strict_mailbox_ownership</a>
> ! (default: yes)</b></DT><DD>
>   
> ! <p> Defer delivery when a mailbox file is not owned by its recipient.
> ! The default setting is not backwards compatible.  </p>
>   
> ! <p> This feature is available in Postfix 2.5.3 and later. </p>
>   
> ***************
> *** 15878,15900 ****
>   
> ! <DT><b><a name="tlsproxy_tls_dcert_file">tlsproxy_tls_dcert_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server DSA certificate in PEM
> ! format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! private DSA key.  See <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> for further details.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="tlsproxy_tls_dh1024_param_file">tlsproxy_tls_dh1024_param_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>)</b></DT><DD>
> ! 
> ! <p> File with DH parameters that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! should use with EDH ciphers. See <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> for
> ! further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12544,12562 ----
>   
> ! <DT><b><a name="strict_mime_encoding_domain">strict_mime_encoding_domain</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Reject mail with invalid Content-Transfer-Encoding: information
> ! for the message/* or multipart/* MIME content types.  This blocks
> ! mail from poorly written software.
>   </p>
>   
> ! <p>
> ! This feature should not be enabled on a general purpose mail server,
> ! because it will reject mail after a single violation.
> ! </p>
>   
> ! <p>
> ! This feature is available in Postfix 2.0 and later.
> ! </p>
>   
> ***************
> *** 15903,15912 ****
>   
> ! <DT><b><a name="tlsproxy_tls_dh512_param_file">tlsproxy_tls_dh512_param_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>)</b></DT><DD>
>   
> ! <p> File with DH parameters that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! should use with EDH ciphers. See <a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> for
> ! further details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12565,12580 ----
>   
> ! <DT><b><a name="strict_rfc821_envelopes">strict_rfc821_envelopes</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Require that addresses received in SMTP MAIL FROM and RCPT TO
> ! commands are enclosed with <>, and that those addresses do
> ! not contain <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> style comments or phrases.  This stops mail
> ! from poorly written software.
> ! </p>
>   
> ! <p>
> ! By default, the Postfix SMTP server accepts <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> syntax in MAIL
> ! FROM and RCPT TO addresses.
> ! </p>
>   
> ***************
> *** 15915,15925 ****
>   
> ! <DT><b><a name="tlsproxy_tls_dkey_file">tlsproxy_tls_dkey_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server DSA private key in PEM
> ! format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
> ! server DSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>.
> ! See <a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12583,12591 ----
>   
> ! <DT><b><a name="sun_mailtool_compatibility">sun_mailtool_compatibility</a>
> ! (default: no)</b></DT><DD>
>   
> ! <p>
> ! Obsolete SUN mailtool compatibility feature. Instead, use
> ! "<a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> = dotlock".
> ! </p>
>   
> ***************
> *** 15928,15963 ****
>   
> ! <DT><b><a name="tlsproxy_tls_eccert_file">tlsproxy_tls_eccert_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b></DT><DD>
> ! 
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server ECDSA certificate in
> ! PEM format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
> ! server private ECDSA key.  See <a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> for further
> ! details. </p>
> ! 
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tlsproxy_tls_eckey_file">tlsproxy_tls_eckey_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server ECDSA private key in
> ! PEM format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
> ! server ECDSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>.
> ! See <a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
>   
> ! </DD>
>   
> ! <DT><b><a name="tlsproxy_tls_eecdh_grade">tlsproxy_tls_eecdh_grade</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a>)</b></DT><DD>
>   
> ! <p> The Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server security grade for ephemeral
> ! elliptic-curve Diffie-Hellman (EECDH) key exchange. See
> ! <a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12594,12629 ----
>   
> ! <DT><b><a name="swap_bangpath">swap_bangpath</a>
> ! (default: yes)</b></DT><DD>
>   
> + <p>
> + Enable the rewriting of "site!user" into "user at site".  This is
> + necessary if your machine is connected to UUCP networks.  It is
> + enabled by default.
> + </p>
>   
> ! <p> Note: with Postfix version 2.2, message header address rewriting
> ! happens only when one of the following conditions is true: </p>
>   
> ! <ul>
>   
> ! <li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
>   
> ! <li> The message is received from a network client that matches
> ! $<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
>   
> + <li> The message is received from the network, and the
> + <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
>   
> ! </ul>
>   
> ! <p> To get the behavior before Postfix version 2.2, specify
> ! "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all". </p>
>   
> ! <p>
> ! Example:
> ! </p>
>   
> ! <pre>
> ! <a href="postconf.5.html#swap_bangpath">swap_bangpath</a> = no
> ! </pre>
>   
> ***************
> *** 15966,15975 ****
>   
> ! <DT><b><a name="tlsproxy_tls_exclude_ciphers">tlsproxy_tls_exclude_ciphers</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>)</b></DT><DD>
>   
> ! <p> List of ciphers or cipher types to exclude from the <a href="tlsproxy.8.html">tlsproxy(8)</a>
> ! server cipher list at all TLS security levels. See
> ! <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12632,12648 ----
>   
> ! <DT><b><a name="syslog_facility">syslog_facility</a>
> ! (default: mail)</b></DT><DD>
>   
> ! <p>
> ! The syslog facility of Postfix logging. Specify a facility as
> ! defined in syslog.conf(5). The default facility is "mail".
> ! </p>
>   
> ! <p>
> ! Warning: a non-default <a href="postconf.5.html#syslog_facility">syslog_facility</a> setting takes effect only
> ! after a Postfix process has completed initialization.  Errors during
> ! process initialization will be logged with the default facility.
> ! Examples are errors while parsing the command line arguments, and
> ! errors while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
> ! </p>
>   
> ***************
> *** 15978,15988 ****
>   
> ! <DT><b><a name="tlsproxy_tls_fingerprint_digest">tlsproxy_tls_fingerprint_digest</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a>)</b></DT><DD>
>   
> ! <p> The message digest algorithm to construct remote SMTP
> ! client-certificate
> ! fingerprints. See <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> for further details.
>   </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12651,12667 ----
>   
> ! <DT><b><a name="syslog_name">syslog_name</a>
> ! (default: postfix)</b></DT><DD>
>   
> ! <p>
> ! The mail system name that is prepended to the process name in syslog
> ! records, so that "smtpd" becomes, for example, "postfix/smtpd".
>   </p>
>   
> ! <p>
> ! Warning: a non-default <a href="postconf.5.html#syslog_name">syslog_name</a> setting takes effect only after
> ! a Postfix process has completed initialization. Errors during
> ! process initialization will be logged with the default name. Examples
> ! are errors while parsing the command line arguments, and errors
> ! while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
> ! </p>
>   
> ***************
> *** 15991,16001 ****
>   
> ! <DT><b><a name="tlsproxy_tls_key_file">tlsproxy_tls_key_file</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a>)</b></DT><DD>
>   
> ! <p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server RSA private key in PEM
> ! format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
> ! server RSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>.
> ! See <a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12670,12681 ----
>   
> ! <DT><b><a name="tls_daemon_random_bytes">tls_daemon_random_bytes</a>
> ! (default: 32)</b></DT><DD>
>   
> ! <p> The number of pseudo-random bytes that an <a href="smtp.8.html">smtp(8)</a> or <a href="smtpd.8.html">smtpd(8)</a>
> ! process requests from the <a href="tlsmgr.8.html">tlsmgr(8)</a> server in order to seed its
> ! internal pseudo random number generator (PRNG).  The default of 32
> ! bytes (equivalent to 256 bits) is sufficient to generate a 128bit
> ! (or 168bit) session key. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16004,16014 ****
>   
> ! <DT><b><a name="tlsproxy_tls_loglevel">tlsproxy_tls_loglevel</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a>)</b></DT><DD>
>   
> ! <p> Enable additional Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server logging of TLS
> ! activity.  Each logging level also includes the information that
> ! is logged at a lower logging level. See <a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> for
> ! further details.  </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12684,12696 ----
>   
> ! <DT><b><a name="tls_export_cipherlist">tls_export_cipherlist</a>
> ! (default: ALL:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "EXPORT" or higher grade ciphers. This
> ! defines the meaning of the "export" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. This is
> ! the cipherlist for the opportunistic ("may") TLS client security
> ! level and is the default cipherlist for the SMTP server. You are
> ! strongly encouraged to not change this setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 16017,16026 ****
>   
> ! <DT><b><a name="tlsproxy_tls_mandatory_ciphers">tlsproxy_tls_mandatory_ciphers</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>)</b></DT><DD>
>   
> ! <p> The minimum TLS cipher grade that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! will use with mandatory TLS encryption. See <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>
> ! for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12699,12709 ----
>   
> ! <DT><b><a name="tls_high_cipherlist">tls_high_cipherlist</a>
> ! (default: ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "HIGH" grade ciphers. This defines
> ! the meaning of the "high" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are
> ! strongly encouraged to not change this setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 16029,16038 ****
>   
> ! <DT><b><a name="tlsproxy_tls_mandatory_exclude_ciphers">tlsproxy_tls_mandatory_exclude_ciphers</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>)</b></DT><DD>
>   
> ! <p> Additional list of ciphers or cipher types to exclude from the
> ! <a href="tlsproxy.8.html">tlsproxy(8)</a> server cipher list at mandatory TLS security levels.
> ! See <a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12712,12722 ----
>   
> ! <DT><b><a name="tls_low_cipherlist">tls_low_cipherlist</a>
> ! (default: ALL:!EXPORT:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "LOW" or higher grade ciphers. This defines
> ! the meaning of the "low" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are
> ! strongly encouraged to not change this setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 16041,16051 ****
>   
> ! <DT><b><a name="tlsproxy_tls_mandatory_protocols">tlsproxy_tls_mandatory_protocols</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a>)</b></DT><DD>
>   
> ! <p> The SSL/TLS protocols accepted by the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
> ! with mandatory TLS encryption. If the list is empty, the server
> ! supports all available SSL/TLS protocol versions.  See
> ! <a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12725,12738 ----
>   
> ! <DT><b><a name="tls_medium_cipherlist">tls_medium_cipherlist</a>
> ! (default: ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. This
> ! defines the meaning of the "medium" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
> ! <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. This is
> ! the default cipherlist for mandatory TLS encryption in the TLS
> ! client (with anonymous ciphers disabled when verifying server
> ! certificates). You are strongly encouraged to not change this
> ! setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 16054,16063 ****
>   
> ! <DT><b><a name="tlsproxy_tls_protocols">tlsproxy_tls_protocols</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a>)</b></DT><DD>
>   
> ! <p> List of TLS protocols that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server will
> ! exclude or include with opportunistic TLS encryption. See
> ! <a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12741,12752 ----
>   
> ! <DT><b><a name="tls_null_cipherlist">tls_null_cipherlist</a>
> ! (default: eNULL:!aNULL)</b></DT><DD>
>   
> ! <p> The OpenSSL cipherlist for "NULL" grade ciphers that provide
> ! authentication without encryption. This defines the meaning of the "null"
> ! setting in smtpd_mandatory_tls_ciphers, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
> ! <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>.  You are strongly encouraged to not
> ! change this setting. </p>
>   
> ! <p> This feature is available in Postfix 2.3 and later. </p>
>   
> ***************
> *** 16066,16075 ****
>   
> ! <DT><b><a name="tlsproxy_tls_req_ccert">tlsproxy_tls_req_ccert</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>)</b></DT><DD>
>   
> ! <p> With mandatory TLS encryption, require a trusted remote SMTP
> ! client certificate in order to allow TLS connections to proceed.
> ! See <a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12755,12766 ----
>   
> ! <DT><b><a name="tls_random_bytes">tls_random_bytes</a>
> ! (default: 32)</b></DT><DD>
>   
> ! <p> The number of bytes that <a href="tlsmgr.8.html">tlsmgr(8)</a> reads from $<a href="postconf.5.html#tls_random_source">tls_random_source</a>
> ! when (re)seeding the in-memory pseudo random number generator (PRNG)
> ! pool. The default of 32 bytes (256 bits) is good enough for 128bit
> ! symmetric keys.  If using EGD or a device file, a maximum of 255
> ! bytes is read. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16078,16088 ****
>   
> ! <DT><b><a name="tlsproxy_tls_security_level">tlsproxy_tls_security_level</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>)</b></DT><DD>
>   
> ! <p> The SMTP TLS security level for the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server;
> ! when a non-empty value is specified, this overrides the obsolete
> ! parameters <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. See
> ! <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12769,12785 ----
>   
> ! <DT><b><a name="tls_random_exchange_name">tls_random_exchange_name</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
> ! 
> ! <p> Name of the pseudo random number generator (PRNG) state file
> ! that is maintained by <a href="tlsmgr.8.html">tlsmgr(8)</a>. The file is created when it does
> ! not exist, and its length is fixed at 1024 bytes.  </p>
>   
> ! <p> As of version 2.5, Postfix no longer uses root privileges when
> ! opening this file, and the default file location was changed from
> ! ${<a href="postconf.5.html#config_directory">config_directory</a>}/prng_exch to ${<a href="postconf.5.html#data_directory">data_directory</a>}/prng_exch.  As
> ! a migration aid, an attempt to open the file under a non-Postfix
> ! directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a
> ! warning is logged. </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16091,16101 ****
>   
> ! <DT><b><a name="tlsproxy_tls_session_cache_timeout">tlsproxy_tls_session_cache_timeout</a>
> ! (default: $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>)</b></DT><DD>
>   
> ! <p> The expiration time of Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server TLS session
> ! cache information. A cache cleanup is performed periodically every
> ! $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> seconds. See
> ! <a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12788,12797 ----
>   
> ! <DT><b><a name="tls_random_prng_update_period">tls_random_prng_update_period</a>
> ! (default: 3600s)</b></DT><DD>
>   
> ! <p> The time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to save the state of
> ! the pseudo random number generator (PRNG) to the file specified
> ! with $<a href="postconf.5.html#tls_random_exchange_name">tls_random_exchange_name</a>.  </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16104,16113 ****
>   
> ! <DT><b><a name="tlsproxy_use_tls">tlsproxy_use_tls</a>
> ! (default: $<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b></DT><DD>
>   
> ! <p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
> ! but do not require that clients use TLS encryption. See <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>
> ! for further details. </p>
>   
> ! <p> This feature is available in Postfix 2.8 and later. </p>
>   
> --- 12800,12810 ----
>   
> ! <DT><b><a name="tls_random_reseed_period">tls_random_reseed_period</a>
> ! (default: 3600s)</b></DT><DD>
>   
> ! <p> The maximal time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to re-seed the
> ! in-memory pseudo random number generator (PRNG) pool from external
> ! sources.  The actual time between re-seeding attempts is calculated
> ! using the PRNG, and is between 0 and the time specified.  </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16116,16132 ****
>   
> ! <DT><b><a name="tlsproxy_watchdog_timeout">tlsproxy_watchdog_timeout</a>
> ! (default: 10s)</b></DT><DD>
>   
> ! <p> How much time a <a href="tlsproxy.8.html">tlsproxy(8)</a> process may take to process local
> ! or remote I/O before it is terminated by a built-in watchdog timer.
> ! This is a safety mechanism that prevents <a href="tlsproxy.8.html">tlsproxy(8)</a> from becoming
> ! non-responsive due to a bug in Postfix itself or in system software.
> ! To avoid false alarms and unnecessary cache corruption this limit
> ! cannot be set under 10s.  </p>
>   
> ! <p> Specify a non-zero time value (an integral value plus an optional
> ! one-letter suffix that specifies the time unit).  Time units: s
> ! (seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
>   
> ! <p> This feature is available in Postfix 2.8.  </p>
>   
> --- 12813,12828 ----
>   
> ! <DT><b><a name="tls_random_source">tls_random_source</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> ! <p> The external entropy source for the in-memory <a href="tlsmgr.8.html">tlsmgr(8)</a> pseudo
> ! random number generator (PRNG) pool. Be sure to specify a non-blocking
> ! source.  If this source is not a regular file, the entropy source
> ! type must be prepended:  egd:/path/to/egd_socket for a source with
> ! EGD compatible socket interface, or dev:/path/to/device for a
> ! device file.  </p>
>   
> ! <p> Note: on OpenBSD systems specify /dev/arandom when /dev/urandom
> ! gives timeout errors.  </p>
>   
> ! <p> This feature is available in Postfix 2.2 and later.  </p>
>   
> ***************
> *** 16159,16166 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_delivery_slot_cost"><i>transport</i>_delivery_slot_cost</a> parameters will not
> - show up in "postconf" command output before Postfix version 2.9.
> - This limitation applies to many parameters whose name is a combination
> - of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
> - "_delivery_slot_cost"). </p>
> - 
>   
> --- 12855,12856 ----
> ***************
> *** 16175,16182 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_delivery_slot_discount"><i>transport</i>_delivery_slot_discount</a> parameters will
> - not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_delivery_slot_discount"). </p>
> - 
>   
> --- 12865,12866 ----
> ***************
> *** 16191,16198 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_delivery_slot_loan"><i>transport</i>_delivery_slot_loan</a> parameters will not
> - show up in "postconf" command output before Postfix version 2.9.
> - This limitation applies to many parameters whose name is a combination
> - of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
> - "_delivery_slot_loan"). </p>
> - 
>   
> --- 12875,12876 ----
> ***************
> *** 16208,16216 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a>
> - parameters will not show up in "postconf" command output before
> - Postfix version 2.9.  This limitation applies to many parameters
> - whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
> - built-in suffix (in this case:
> - "_destination_concurrency_failed_cohort_limit"). </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 12886,12887 ----
> ***************
> *** 16228,16236 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_concurrency_limit"><i>transport</i>_destination_concurrency_limit</a>
> - parameters will not show up in "postconf" command output before
> - Postfix version 2.9.  This limitation applies to many parameters
> - whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
> - built-in suffix (in this case: "_destination_concurrency_limit").
> - </p>
> - 
>   
> --- 12899,12900 ----
> ***************
> *** 16246,16254 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_concurrency_negative_feedback"><i>transport</i>_destination_concurrency_negative_feedback</a>
> - parameters will not show up in "postconf" command output before
> - Postfix version 2.9.  This limitation applies to many parameters
> - whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
> - built-in suffix (in this case:
> - "_destination_concurrency_negative_feedback"). </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 12910,12911 ----
> ***************
> *** 16266,16274 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_concurrency_positive_feedback"><i>transport</i>_destination_concurrency_positive_feedback</a>
> - parameters will not show up in "postconf" command output before
> - Postfix version 2.9.  This limitation applies to many parameters
> - whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
> - built-in suffix (in this case:
> - "_destination_concurrency_positive_feedback"). </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 12923,12924 ----
> ***************
> *** 16285,16292 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_rate_delay"><i>transport</i>_destination_rate_delay</a> parameters
> - will not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_destination_rate_delay"). </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 12935,12936 ----
> ***************
> *** 16304,16311 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_destination_recipient_limit"><i>transport</i>_destination_recipient_limit</a> parameters
> - will not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_destination_recipient_limit"). </p>
> - 
>   
> --- 12948,12949 ----
> ***************
> *** 16320,16327 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_extra_recipient_limit"><i>transport</i>_extra_recipient_limit</a> parameters will
> - not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_extra_recipient_limit").  </p>
> - 
>   
> --- 12958,12959 ----
> ***************
> *** 16336,16344 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_initial_destination_concurrency"><i>transport</i>_initial_destination_concurrency</a>
> - parameters will not show up in "postconf" command output before
> - Postfix version 2.9.  This limitation applies to many parameters
> - whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
> - built-in suffix (in this case: "_initial_destination_concurrency").
> - </p>
> - 
>   <p> This feature is available in Postfix 2.5 and later. </p>
> --- 12968,12969 ----
> ***************
> *** 16384,16391 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_minimum_delivery_slots"><i>transport</i>_minimum_delivery_slots</a> parameters will
> - not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_minimum_delivery_slots"). </p>
> - 
>   
> --- 13009,13010 ----
> ***************
> *** 16400,16407 ****
>   
> - <p> Note: some <a href="postconf.5.html#transport_recipient_limit"><i>transport</i>_recipient_limit</a> parameters will not
> - show up in "postconf" command output before Postfix version 2.9.
> - This limitation applies to many parameters whose name is a combination
> - of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
> - "_recipient_limit"). </p>
> - 
>   
> --- 13019,13020 ----
> ***************
> *** 16416,16423 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_recipient_refill_delay"><i>transport</i>_recipient_refill_delay</a> parameters will
> - not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_recipient_refill_delay").  </p>
> - 
>   <p> This feature is available in Postfix 2.4 and later. </p>
> --- 13029,13030 ----
> ***************
> *** 16434,16441 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_recipient_refill_limit"><i>transport</i>_recipient_refill_limit</a> parameters will
> - not show up in "postconf" command output before Postfix version
> - 2.9.  This limitation applies to many parameters whose name is a
> - combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
> - this case: "_recipient_refill_limit").  </p>
> - 
>   <p> This feature is available in Postfix 2.4 and later. </p>
> --- 13041,13042 ----
> ***************
> *** 16468,16475 ****
>   
> - <p> Note: <a href="postconf.5.html#transport_time_limit"><i>transport</i>_time_limit</a> parameters will not show up
> - in "postconf" command output before Postfix version 2.9.  This
> - limitation applies to many parameters whose name is a combination
> - of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
> - "_time_limit"). </p>
> - 
>   
> --- 13069,13070 ----
> ***************
> *** 16496,16498 ****
>   <DT><b><a name="undisclosed_recipients_header">undisclosed_recipients_header</a>
> ! (default: see "postconf -d" output)</b></DT><DD>
>   
> --- 13091,13093 ----
>   <DT><b><a name="undisclosed_recipients_header">undisclosed_recipients_header</a>
> ! (default: To: undisclosed-recipients:;)</b></DT><DD>
>   
> ***************
> *** 16500,16512 ****
>   Message header that the Postfix <a href="cleanup.8.html">cleanup(8)</a> server inserts when a
> ! message contains no To: or Cc: message header. With Postfix 2.8
> ! and later, the default value is empty. With Postfix 2.4-2.7,
> ! specify an empty value to disable this feature.  </p>
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! # Default value before Postfix 2.8.
> ! # Note: the ":" and ";" are both required.
> ! <a href="postconf.5.html#undisclosed_recipients_header">undisclosed_recipients_header</a> = To: undisclosed-recipients:;
> ! </pre>
>   
> --- 13095,13098 ----
>   Message header that the Postfix <a href="cleanup.8.html">cleanup(8)</a> server inserts when a
> ! message contains no To: or Cc: message header. With Postfix 2.4
> ! and later, specify an empty value to disable this feature.  </p>
>   
> ***************
> *** 16532,16549 ****
>   
> - <DT><b><a name="unknown_address_tempfail_action">unknown_address_tempfail_action</a>
> - (default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
> - 
> - <p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
> - or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> fail due to a temporary error
> - condition. Specify "defer" to defer the remote SMTP client request
> - immediately. With the default "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix
> - SMTP server continues to look for opportunities to reject mail, and
> - defers the client request only if it would otherwise be accepted.
> - </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="unknown_client_reject_code">unknown_client_reject_code</a>
> --- 13118,13119 ----
> ***************
> *** 16565,16581 ****
>   
> - <DT><b><a name="unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a>
> - (default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
> - 
> - <p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>
> - fails due to an temporary error condition. Specify "defer" to defer
> - the remote SMTP client request immediately. With the default
> - "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
> - for opportunities to reject mail, and defers the client request
> - only if it would otherwise be accepted. </p>
> - 
> - <p> This feature is available in Postfix 2.6 and later. </p>
> - 
> - 
> - </DD>
> - 
>   <DT><b><a name="unknown_hostname_reject_code">unknown_hostname_reject_code</a>
> --- 13135,13136 ----
> ***************
> *** 16648,16650 ****
>   <p>
> ! The Postfix SMTP server reply code when a recipient address matches
>   $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> specifies a list
> --- 13203,13205 ----
>   <p>
> ! The SMTP server reply code when a recipient address matches
>   $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> specifies a list
> ***************
> *** 16664,16666 ****
>   <p>
> ! The Postfix SMTP server reply code when a recipient address matches
>   $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> specifies a list
> --- 13219,13221 ----
>   <p>
> ! The SMTP server reply code when a recipient address matches
>   $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> specifies a list
> ***************
> *** 16727,16753 ****
>   
> ! <p> The Postfix SMTP server's reply when rejecting mail with
> ! <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>. Do not include the numeric SMTP reply
> ! code or the enhanced status code. By default, the response includes
> ! actual address verification details.
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#unverified_recipient_reject_reason">unverified_recipient_reject_reason</a> = Recipient address lookup failed
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a>
> ! (default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
> ! 
> ! <p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>
> ! fails due to a temporary error condition. Specify "defer" to defer
> ! the remote SMTP client request immediately. With the default
> ! "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
> ! for opportunities to reject mail, and defers the client request
> ! only if it would otherwise be accepted. </p>
>   
> --- 13282,13286 ----
>   
> ! <p> When rejecting mail with <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>, reply
> ! with this text as the reason, instead of actual address verification
> ! details.
>   
> ***************
> *** 16809,16835 ****
>   
> ! <p> The Postfix SMTP server's reply when rejecting mail with
> ! <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>. Do not include the numeric SMTP reply
> ! code or the enhanced status code. By default, the response includes
> ! actual address verification details.
> ! 
> ! <p> Example: </p>
> ! 
> ! <pre>
> ! <a href="postconf.5.html#unverified_sender_reject_reason">unverified_sender_reject_reason</a> = Sender address lookup failed
> ! </pre>
> ! 
> ! <p> This feature is available in Postfix 2.6 and later. </p>
> ! 
> ! 
> ! </DD>
> ! 
> ! <DT><b><a name="unverified_sender_tempfail_action">unverified_sender_tempfail_action</a>
> ! (default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
> ! 
> ! <p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>
> ! fails due to a temporary error condition. Specify "defer" to defer
> ! the remote SMTP client request immediately. With the default
> ! "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
> ! for opportunities to reject mail, and defers the client request
> ! only if it would otherwise be accepted. </p>
>   
> --- 13342,13346 ----
>   
> ! <p> When rejecting mail with <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>, reply with
> ! this text as the reason, instead of actual address verification
> ! details.
>   
> ***************
> *** 17079,17082 ****
>   <p>
> ! The maximal size in bytes of an individual <a href="virtual.8.html">virtual(8)</a> mailbox or
> ! maildir file, or zero (no limit).  </p>
>   
> --- 13590,13594 ----
>   <p>
> ! The maximal size in bytes of an individual mailbox or maildir file,
> ! or zero (no limit).
> ! </p>
>   
> ***************
> *** 17196,17199 ****
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> destination is optional; its syntax is documented
> ! in the manual page of the corresponding delivery agent.
>   </p>
> --- 13708,13711 ----
>   is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
> ! The <i>:nexthop</i> part is optional.  For more details see the
> ! <a href="transport.5.html">transport(5)</a> manual page.
>   </p>
> 
> _______________________________________________
> postconf-devel mailing list
> postconf-devel at de.postfix.org
> http://de.postfix.org/cgi-bin/mailman/listinfo/postconf-devel


-- 
Werner Detter
IT-Consulting, IT-Services

Lilienstraße 4	   Mobil: +49 151 19640507
81669 München	   Web: http://www.werner-detter.de

Bashian Roulette?
[ $(($RANDOM%10)) -eq 0 ] && rm -rf /

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
URL: <http://de.postfix.org/pipermail/postconf-devel/attachments/20120318/1ace5f2f/attachment-0001.pgp>


More information about the postconf-devel mailing list