proxymap [generic Postfix daemon options]
To overcome chroot restrictions. For example, a chrooted SMTP
server needs access to the system passwd file in order to
reject mail for non-existent local addresses, but it is not
practical to maintain a copy of the passwd file in the chroot
jail. The solution:
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
To consolidate the number of open lookup tables by sharing
one open table among multiple processes. For example, making
mysql connections from every Postfix daemon process results
in "too many connections" errors. The solution:
virtual_alias_maps = proxy:mysql:/etc/postfix/virtual_alias.cf
The total number of connections is limited by the number of proxymap server processes.
|The proxymap(8) server implements the following requests:|
|open maptype:mapname flags||Open the table with type maptype and name mapname, as controlled by flags. The reply includes the maptype dependent flags (to distinguish a fixed string table from a regular expression table).|
|lookup maptype:mapname flags key||Look up the data stored under the requested key. The reply is the request completion status code (below) and the lookup result value. The maptype:mapname and flags are the same as with the open request.|
The proxymap(8) server is not a trusted daemon process, and must not be used to look up sensitive information such as user or group IDs, mailbox file/directory names or external commands.
In Postfix version 2.2 and later, the proxymap client recognizes requests to access a table for security-sensitive purposes, and opens the table directly. This allows the same main.cf setting to be used by sensitive and non-sensitive processes.
The text below provides only a parameter summary. See postconf(5) for more details including examples.
|config_directory (see postconf -d output)||The default location of the Postfix main.cf and master.cf configuration files.|
|daemon_timeout (18000s)||How much time a Postfix daemon process may take to handle a request before it is terminated by a built-in watchdog timer.|
|ipc_timeout (3600s)||The time limit for sending or receiving information over an internal communication channel.|
|max_idle (100s)||The maximum amount of time that an idle Postfix daemon process waits for the next service request before exiting.|
|max_use (100)||The maximal number of connection requests before a Postfix daemon process terminates.|
|process_id (read-only)||The process ID of a Postfix command or daemon process.|
|process_name (read-only)||The process name of a Postfix command or daemon process.|
|proxy_read_maps (see postconf -d output)||The lookup tables that the proxymap(8) server is allowed to access.|
postconf(5), configuration parameters master(5), generic daemon options
DATABASE_README, Postfix lookup table overview
Wietse Venema IBM T.J. Watson Research P.O. Box 704 Yorktown Heights, NY 10598, USA