1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
|
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"https://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
<title> Postfix manual - memcache_table(5) </title>
</head> <body> <pre>
MEMCACHE_TABLE(5) MEMCACHE_TABLE(5)
<b><a name="name">NAME</a></b>
memcache_table - Postfix memcache client configuration
<b><a name="synopsis">SYNOPSIS</a></b>
<b>postmap -q "</b><i>string</i><b>" <a href="memcache_table.5.html">memcache</a>:/etc/postfix/</b><i>filename</i>
<b>postmap -q - <a href="memcache_table.5.html">memcache</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
<b><a name="description">DESCRIPTION</a></b>
The Postfix mail system uses optional tables for address rewriting or
mail routing. These tables are usually in <b><a href="lmdb_table.5.html">lmdb</a>:</b>, <b><a href="CDB_README.html">cdb</a>:</b>, <b><a href="DATABASE_README.html#types">hash</a>:</b>, or <b><a href="DATABASE_README.html#types">dbm</a>:</b>
format.
Alternatively, lookup tables can be specified as memcache instances. To
use memcache lookups, define a memcache source as a lookup table in
<a href="postconf.5.html">main.cf</a>, for example:
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="memcache_table.5.html">memcache</a>:/etc/postfix/memcache-aliases.cf
The file /etc/postfix/memcache-aliases.cf has the same format as the
Postfix <a href="postconf.5.html">main.cf</a> file, and specifies the parameters described below.
The Postfix memcache client supports the lookup, update, delete and
sequence (first/next) operations. The sequence operation requires a
backup database that supports the operation.
<b><a name="memcache_main_parameters">MEMCACHE MAIN PARAMETERS</a></b>
<b>memcache (default: inet:localhost:11211)</b>
The memcache server (note: singular) that Postfix will try to
connect to. For a TCP server specify "inet:" followed by a
hostname or address, ":", and a port name or number. Specify an
IPv6 address inside "[]". For a UNIX-domain server specify
"unix:" followed by the socket pathname. Examples:
memcache = inet:memcache.example.com:11211
memcache = inet:127.0.0.1:11211
memcache = inet:[fc00:8d00:189::3]:11211
memcache = unix:/path/to/socket
NOTE: to access a UNIX-domain socket with the <a href="proxymap.8.html">proxymap(8)</a>
server, the socket must be accessible by the unprivileged post-
fix user.
<b>backup (default: undefined)</b>
An optional Postfix database that provides persistent backup for
the memcache database. The Postfix memcache client will update
the memcache database whenever it looks up or changes informa-
tion in the persistent database. Specify a Postfix "<a href="DATABASE_README.html">type:table</a>"
database. Examples:
# Non-shared postscreen cache.
backup = <a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/<a href="postconf.5.html#postscreen_cache_map">postscreen_cache_map</a>
# Shared postscreen cache for processes on the same host.
backup = <a href="proxymap.8.html">proxy</a>:<a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/<a href="postconf.5.html#postscreen_cache_map">postscreen_cache_map</a>
Access to remote proxymap servers is under development.
NOTE 1: When sharing a persistent <a href="postscreen.8.html"><b>postscreen</b>(8)</a> or <a href="verify.8.html"><b>verify</b>(8)</a>
cache, disable automatic cache cleanup (set
*_cache_cleanup_interval = 0) except with one Postfix instance
that will be responsible for cache cleanup.
NOTE 2: When multiple tables share the same memcache database,
each table should use the <b>key_format</b> feature (see below) to
prepend its own unique string to the lookup key. Otherwise,
automatic <a href="postscreen.8.html"><b>postscreen</b>(8)</a> or <a href="verify.8.html"><b>verify</b>(8)</a> cache cleanup may not work.
NOTE 3: When the backup database is accessed with "<a href="proxymap.8.html">proxy</a>:"
lookups, the full backup database name (including the "<a href="proxymap.8.html">proxy</a>:"
prefix) must be specified in the proxymap server's
<a href="postconf.5.html#proxy_read_maps">proxy_read_maps</a> or <a href="postconf.5.html#proxy_write_maps">proxy_write_maps</a> setting (depending on
whether the access is read-only or read-write).
<b>flags (default: 0)</b>
Optional flags that should be stored along with a memcache
update. The flags are ignored when looking up information.
<b>ttl (default: 3600)</b>
The expiration time in seconds of memcache updates.
NOTE 1: When using a memcache table as <a href="postscreen.8.html"><b>postscreen</b>(8)</a> or <a href="verify.8.html"><b>ver-</b></a>
<a href="verify.8.html"><b>ify</b>(8)</a> cache without persistent backup, specify a zero
*_cache_cleanup_interval value with all Postfix instances that
use the memcache, and specify the largest <a href="postscreen.8.html"><b>postscreen</b>(8)</a> *_ttl
value or <a href="verify.8.html"><b>verify</b>(8)</a> *_expire_time value as the memcache table's
<b>ttl</b> value.
NOTE 2: According to memcache protocol documentation, a value
greater than 30 days (2592000 seconds) specifies absolute UNIX
time. Smaller values are relative to the time of the update.
<b><a name="memcache_key_parameters">MEMCACHE KEY PARAMETERS</a></b>
<b>key_digest (default: empty)</b>
After processing the <b>key_format</b> setting, and before sending a
request to the memcache server, run the key through the named
message digest algorithm and convert the result to lowercase
hexadecimal characters. This prevents a database access error
when keys may exceed the memcache server's key length limit
(usually, 250 bytes). Specify the name of a message digest algo-
rithm that is supported by OpenSSL, for example, <b>sha256</b>.
This feature is available in Postfix 3.11 and later, and
requires that Postfix is built with TLS support.
<b>key_format (default: %s)</b>
Format of the lookup and update keys that the Postfix memcache
client sends to the memcache server. By default, these are the
same as the lookup and update keys that the memcache client
receives from Postfix applications.
NOTE 1: The <b>key_format</b> feature is not used for <b>backup</b> database
requests.
NOTE 2: When multiple tables share the same memcache database,
each table should prepend its own unique string to the lookup
key. Otherwise, automatic <a href="postscreen.8.html"><b>postscreen</b>(8)</a> or <a href="verify.8.html"><b>verify</b>(8)</a> cache
cleanup may not work.
Examples:
key_format = aliases:%s
key_format = verify:%s
key_format = postscreen:%s
The <b>key_format</b> parameter supports the following '%' expansions:
<b>%%</b> This is replaced by a literal '%' character.
<b>%s</b> This is replaced by the memcache client input key.
<b>%u</b> When the input key is an address of the form user@domain,
<b>%u</b> is replaced by the SQL quoted local part of the
address. Otherwise, <b>%u</b> is replaced by the entire search
string. If the localpart is empty, a lookup is silently
suppressed and returns no results (an update is skipped
with a warning).
<b>%d</b> When the input key is an address of the form user@domain,
<b>%d</b> is replaced by the domain part of the address. Other-
wise, a lookup is silently suppressed and returns no
results (an update is skipped with a warning).
<b>%[SUD]</b> The upper-case equivalents of the above expansions behave
in the <b>key_format</b> parameter identically to their
lower-case counter-parts.
<b>%[1-9]</b> The patterns %1, %2, ... %9 are replaced by the corre-
sponding most significant component of the input key's
domain. If the input key is <i>user@mail.example.com</i>, then
%1 is <b>com</b>, %2 is <b>example</b> and %3 is <b>mail</b>. If the input key
is unqualified or does not have enough domain components
to satisfy all the specified patterns, a lookup is
silently suppressed and returns no results (an update is
skipped with a warning).
<b>domain (default: no domain list)</b>
This feature can significantly reduce database server load.
Specify a list of domain names, paths to files, or "<a href="DATABASE_README.html">type:table</a>"
databases. When specified, only fully qualified search keys
with a *non-empty* localpart and a matching domain are eligible
for lookup or update: bare 'user' lookups, bare domain lookups
and "@domain" lookups are silently skipped (updates are skipped
with a warning). Example:
domain = example.com, <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/searchdomains
<b><a name="memcache_error_controls">MEMCACHE ERROR CONTROLS</a></b>
<b>data_size_limit (default: 10240)</b>
The maximal memcache reply data length in bytes.
<b>line_size_limit (default: 1024)</b>
The maximal memcache reply line length in bytes.
<b>max_try (default: 2)</b>
The number of times to try a memcache command before giving up.
The memcache client does not retry a command when the memcache
server accepts no connection.
<b>retry_pause (default: 1)</b>
The time in seconds before retrying a failed memcache command.
<b>timeout (default: 2)</b>
The time limit for sending a memcache command and for receiving
a memcache reply.
<b><a name="bugs">BUGS</a></b>
The Postfix memcache client cannot be used for security-sensitive
tables such as <b><a href="postconf.5.html#alias_maps">alias_maps</a></b> (these may contain "<i>|command</i> and "<i>/file/name</i>"
destinations), or <b><a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a></b>, <b><a href="postconf.5.html#virtual_gid_maps">virtual_gid_maps</a></b> and <b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mail</a>-</b>
<b><a href="postconf.5.html#virtual_mailbox_maps">box_maps</a></b> (these specify UNIX process privileges for "<i>/file/name</i>" desti-
nations). In a typical deployment a memcache database is writable by
any process that can talk to the memcache server; in contrast, secu-
rity-sensitive tables must never be writable by the unprivileged Post-
fix user.
The Postfix memcache client requires additional configuration when used
as <a href="postscreen.8.html"><b>postscreen</b>(8)</a> or <a href="verify.8.html"><b>verify</b>(8)</a> cache. For details see the <b>backup</b> and
<b>ttl</b> parameter discussions in the MEMCACHE MAIN PARAMETERS section
above.
<b><a name="see_also">SEE ALSO</a></b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<b><a name="readme_files">README FILES</a></b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<a href="MEMCACHE_README.html">MEMCACHE_README</a>, Postfix memcache client guide
<b><a name="license">LICENSE</a></b>
The Secure Mailer license must be distributed with this software.
<b><a name="history">HISTORY</a></b>
Memcache support was introduced with Postfix version 2.9.
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
MEMCACHE_TABLE(5)
</pre> </body> </html>
|
