VERIFY(8)                                                            VERIFY(8)

NAME
       verify - Postfix address verification server

SYNOPSIS
       verify [generic Postfix daemon options]

DESCRIPTION
       The  Postfix  address  verification  server  maintains a record of what
       recipient addresses are known to be deliverable or undeliverable.

       Addresses are verified by submitting  probe  messages  to  the  Postfix
       queue.  Probe  messages  are  run through all the routing and rewriting
       machinery except for final delivery,  and  are  discarded  rather  than
       being deferred or bounced.

       Address  verification relies on the answer from the nearest MTA for the
       specified address, and will  therefore  not  detect  all  undeliverable
       addresses.

       This  server  is  designed  to  run under control by the Postfix master
       server. It maintains an optional persistent database.  To  avoid  being
       interrupted  by  "postfix stop" in the middle of a database update, the
       process runs in a separate process group.

       This server implements the following requests:

       VRFY_ADDR_UPDATE address status text
              Update the status of the specified address.

       VRFY_ADDR_QUERY address
              Look up the status and text of the specified  address.   If  the
              status  is  unknown,  a  probe  is  sent and a default status is
              returned.

       The server reply status is one of:

       VRFY_STAT_OK
              The request completed normally.

       VRFY_STAT_BAD
              The server rejected the request (bad request name,  bad  request
              parameter value).

       VRFY_STAT_FAIL
              The request failed.

       The recipient status is one of:

       DEL_RCPT_STAT_OK
              The address is deliverable.

       DEL_RCPT_STAT_DEFER
              The address is undeliverable due to a temporary problem.

       DEL_RCPT_STAT_BOUNCE
              The address is undeliverable due to a permanent problem.

       DEL_RCPT_STAT_TODO
              The address status is being determined.

SECURITY
       The  address verification server is not security-sensitive. It does not
       talk to the network, and it does not talk to local users.   The  verify
       server can run chrooted at fixed low privilege.

       The  address  verification  server  can  be  coerced to store unlimited
       amounts of garbage. Limiting the cache size trades  one  problem  (disk
       space  exhaustion)  for  another  one  (poor  response  time  to client
       requests).

DIAGNOSTICS
       Problems and transactions are logged to syslogd(8).

BUGS
       If the persistent database ever gets corrupted then the world comes  to
       an  end and human intervention is needed. This violates a basic Postfix
       principle.

CONFIGURATION PARAMETERS
       See the Postfix main.cf file for syntax details and for default values.
       Use the postfix reload command after a configuration change.

Cache control
       address_verify_map
              Optional table for persistent recipient status storage. The file
              is opened before the process enters a chroot jail and before  it
              drops  root  privileges.  By default, the information is kept in
              volatile memory, and is lost after  postfix  reload  or  postfix
              stop.

              To  recover  from  a  corrupted  address  verification database,
              delete the file and do postfix reload.

       address_verify_sender
              The sender address to use for probe messages. Specify  an  empty
              value  (address_verify_sender  =)  or  <> if you want to use the
              null sender address.

       address_verify_positive_expire_time
              The amount of time after  which  a  known  to  be  good  address
              expires.

       address_verify_positive_refresh_time
              The minimal amount of time after which a proactive probe is sent
              to verify that a known to be good address  is  still  good.  The
              address  status  is not updated when the probe fails (optimistic
              caching).

       address_verify_negative_cache
              A boolean parameter that controls whether negative probe results
              are  stored in the address verification cache. When enabled, the
              cache may pollute quickly with garbage. When  disabled,  Postfix
              will generate an address probe for every lookup.

       address_verify_negative_expire_time
              The amount of time after which a rejected address expires.

       address_verify_negative_refresh_time
              The minimal amount of time after which a proactive probe is sent
              to verify that a known to be bad address is still bad.

Probe message routing
       By default, probe messages are delivered via the same route as  regular
       messages.   The  following  parameters can be used to override specific
       message routing mechanisms.

       address_verify_relayhost
              Overrides the relayhost setting.

       address_verify_transport_maps
              Overrides the transport_maps setting.

       address_verify_local_transport
              Overrides the local_transport setting.

       address_verify_virtual_transport
              Overrides the virtual_transport setting.

       address_verify_relay_transport
              Overrides the relay_transport setting.

       address_verify_default_transport
              Overrides the default_transport setting.

SEE ALSO
       trivial-rewrite(8) address rewriting and resolving

LICENSE
       The Secure Mailer license must be distributed with this software.

AUTHOR(S)
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

                                                                     VERIFY(8)