VERIFY(8)                                                            VERIFY(8)

       verify - Postfix address verification server

       verify [generic Postfix daemon options]

       The  verify(8)  address  verification  server  maintains a
       record of what recipient addresses are known to be  deliv-
       erable or undeliverable.

       Addresses  are  verified  by injecting probe messages into
       the Postfix queue. Probe messages are run through all  the
       routing and rewriting machinery except for final delivery,
       and are discarded rather than being deferred or bounced.

       Address verification relies on the answer from the nearest
       MTA  for  the  specified  address,  and will therefore not
       detect all undeliverable addresses.

       The verify(8) server is designed to run under  control  by
       the  Postfix  master server. It maintains an optional per-
       sistent database.  To avoid being interrupted by  "postfix
       stop" in the middle of a database update, the process runs
       in a separate process group.

       The verify(8) server implements the following requests:

       update address status text
              Update  the  status  and  text  of  the   specified

       query address
              Look  up  the  status  and  text  for the specified
              address.  If the status is unknown, a probe is sent
              and an "in progress" status is returned.

       The address verification server is not security-sensitive.
       It does not talk to the network, and it does not  talk  to
       local  users.  The verify server can run chrooted at fixed
       low privilege.

       The address verification server can be  coerced  to  store
       unlimited  amounts  of  garbage. Limiting the cache expiry
       time  trades  one  problem  (disk  space  exhaustion)  for
       another one (poor response time to client requests).

       With  Postfix  version 2.5 and later, the verify(8) server
       no  longer  uses  root   privileges   when   opening   the
       address_verify_map  cache  file.  The  file  should now be
       stored  under  the  Postfix-owned  data_directory.   As  a
       migration  aid,  an  attempt  to open a cache file under a
       non-Postfix directory is redirected to  the  Postfix-owned
       data_directory, and a warning is logged.

       Problems and transactions are logged to syslogd(8).

       Address verification probe messages add additional traffic
       to the mail queue.  Recipient verification  may  cause  an
       increased  load  on  down-stream  servers in the case of a
       dictionary attack  or  a  flood  of  backscatter  bounces.
       Sender  address  verification  may  cause  your site to be
       blacklisted by some providers.

       If the persistent database ever gets  corrupted  then  the
       world  comes  to  an end and human intervention is needed.
       This violates a basic Postfix principle.

       Changes to are not  picked  up  automatically,  as
       verify(8) processes are long-lived. Use the command "post-
       fix reload" after a configuration change.

       The text below provides  only  a  parameter  summary.  See
       postconf(5) for more details including examples.

       address_verify_map (see 'postconf -d' output)
              Lookup  table  for  persistent address verification
              status storage.

       address_verify_sender ($double_bounce_sender)
              The sender address to use in  address  verification
              probes; prior to Postfix 2.5 the default was "post-

       address_verify_positive_expire_time (31d)
              The time after which  a  successful  probe  expires
              from the address verification cache.

       address_verify_positive_refresh_time (7d)
              The time after which a successful address verifica-
              tion probe needs to be refreshed.

       address_verify_negative_cache (yes)
              Enable caching of failed address verification probe

       address_verify_negative_expire_time (3d)
              The  time  after  which a failed probe expires from
              the address verification cache.

       address_verify_negative_refresh_time (3h)
              The time after which a failed address  verification
              probe needs to be refreshed.

       Available with Postfix 2.7 and later:

       address_verify_cache_cleanup_interval (12h)
              The  amount of time between verify(8) address veri-
              fication database cleanup runs.

       By default, probe messages  are  delivered  via  the  same
       route  as  regular messages.  The following parameters can
       be used to override specific message routing mechanisms.

       address_verify_relayhost ($relayhost)
              Overrides  the  relayhost  parameter  setting   for
              address verification probes.

       address_verify_transport_maps ($transport_maps)
              Overrides  the transport_maps parameter setting for
              address verification probes.

       address_verify_local_transport ($local_transport)
              Overrides the local_transport parameter setting for
              address verification probes.

       address_verify_virtual_transport ($virtual_transport)
              Overrides  the  virtual_transport parameter setting
              for address verification probes.

       address_verify_relay_transport ($relay_transport)
              Overrides the relay_transport parameter setting for
              address verification probes.

       address_verify_default_transport ($default_transport)
              Overrides  the  default_transport parameter setting
              for address verification probes.

       Available in Postfix 2.3 and later:

              Overrides    the    sender_dependent_relayhost_maps
              parameter  setting for address verification probes.

       Available in Postfix 2.7 and later:

              Overrides    the    sender_dependent_default_trans-
              port_maps  parameter  setting for address verifica-
              tion probes.

       config_directory (see 'postconf -d' output)
              The default location of  the  Postfix  and
     configuration files.

       daemon_timeout (18000s)
              How  much time a Postfix daemon process may take to
              handle a request  before  it  is  terminated  by  a
              built-in watchdog timer.

       ipc_timeout (3600s)
              The time limit for sending or receiving information
              over an internal communication channel.

       process_id (read-only)
              The process ID  of  a  Postfix  command  or  daemon

       process_name (read-only)
              The  process  name  of  a Postfix command or daemon

       queue_directory (see 'postconf -d' output)
              The location of the Postfix top-level queue  direc-

       syslog_facility (mail)
              The syslog facility of Postfix logging.

       syslog_name (see 'postconf -d' output)
              The  mail  system  name  that  is  prepended to the
              process name in syslog  records,  so  that  "smtpd"
              becomes, for example, "postfix/smtpd".

       smtpd(8), Postfix SMTP server
       cleanup(8), enqueue Postfix message
       postconf(5), configuration parameters
       syslogd(5), system logging

       ADDRESS_VERIFICATION_README, address verification howto

       The Secure Mailer license must be  distributed  with  this

       This service was introduced with Postfix version 2.1.

       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA