Original author(s) | Wietse Venema at the IBM Thomas J. Watson Research Center |
---|---|
Developer(s) | Venema and many others |
Initial release | December 14, 1998 |
Stable release | 3.9.0 / March 6, 2024 |
Preview release | 3.10-202401122 / November 22, 2024 |
Repository | |
Written in | C [1] |
Operating system | Cross-platform |
Type | Mail transfer agent |
License | IBM Public License or Eclipse Public License |
Website | www |
Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail.
It is released under the IBM Public License 1.0 which is a free software license. Alternatively, starting with version 3.2.5, it is available under the Eclipse Public License 2.0 at the user's option. [2]
Originally written in 1997 by Wietse Venema at the IBM Thomas J. Watson Research Center in New York, and first released in December 1998, [3] Postfix continues as of 2024 [update] to be actively developed by its creator and other contributors. The software is also known by its former names VMailer and IBM Secure Mailer. The name Postfix is a compound of "post" (which is another word for "mail") and "bugfix" (which is for other software that inspired Postfix development).
As an SMTP server, Postfix implements a first layer of defense against spambots and malware. Administrators can combine Postfix with other software that provides spam/virus filtering (e.g., Amavisd-new), message-store access (e.g., Dovecot), or complex SMTP-level access-policies (e.g., postfwd, milter-regex, policyd-weight).
As an SMTP client, Postfix implements a high-performance parallelized mail-delivery engine. Postfix is often combined with mailing-list software (such as Mailman).
Postfix runs (or has run) on AIX, BSD, HP-UX, Linux, macOS, Solaris and, generally speaking, on every Unix-like operating system that ships with a C compiler and delivers a standard POSIX development environment. It is the default MTA for the macOS, NetBSD, [4] RedHat/CentOS [5] and Ubuntu operating systems. [6]
This page or section uses colour as the only way to convey important information. |
Postfix consists of a combination of server programs that run in the background, and client programs that are invoked by user programs or by system administrators.
The Postfix core consists of several dozen server programs that run in the background, each handling one specific aspect of email delivery. Examples are the SMTP server, the scheduler, the address rewriter, and the local delivery server. For damage-control purposes, most server programs run with fixed reduced privileges, and terminate voluntarily after processing a limited number of requests. To conserve system resources, most server programs terminate when they become idle.
Client programs run outside the Postfix core. They interact with Postfix server programs through mail delivery instructions in the user's ~/.forward file, and through small "gate" programs to submit mail or to request queue status information.
Other programs provide administrative support to start or stop Postfix, query status information, manipulate the queue, or to examine or update its configuration files.
The Postfix implementation uses safe subsets of the C language and of the POSIX system API. These subsets are buried under an abstraction layer that contains about 50% of all Postfix source code, and that provides the foundation on which all Postfix programs are built. For example, the "vstring" primitive makes Postfix code resistant to buffer overflow [7] attacks, and the "safe open" primitive makes Postfix code resistant to race condition attacks on systems that implement the POSIX file system API. This abstraction layer does not affect the attack resistance of non-Postfix code, such as code in system libraries or in third-party libraries.
Conceptually, Postfix manages pipelines of processes that pass the responsibility for message delivery and error notification from one process to the next. All message and notification "state" information is persisted in the file system. The processes in a pipeline operate mostly without centralized control; this relative autonomy simplifies error recovery. When a process fails before completing its part of a file or protocol transaction, its predecessor in the pipeline backs off and retries the request later, and its successor in the pipeline discards unfinished work. Many Postfix daemons can simply "die" when they run into a problem; they are automatically restarted when the next service request arrives. This approach makes Postfix highly resilient, as long as the operating system or hardware don't fail catastrophically.
One single Postfix instance has been clocked at ~300 message deliveries/second [8] across the Internet, running on commodity hardware (a vintage-2003 Dell 1850 system with battery-backed MegaRAID controller and two SCSI disks). This delivery rate is an order of magnitude below the "intrinsic" limit of 2500 message deliveries/second [8] that was achieved with the mail queue on a RAM disk while delivering to the "discard" transport (with a dual-core Opteron system in 2007).
Mail systems such as Postfix and Qmail achieve high performance by delivering mail in parallel sessions. With mail systems such as Sendmail and Exim that do one delivery at a time, high performance can be achieved by submitting limited batches of mail in parallel, so that each batch is delivered by a different process. Postfix and Qmail require parallel submission into different MTA instances once they reach their intrinsic performance limit, or the performance limits of the hardware or operating system.
The delivery rates cited above are largely theoretical. With bulk mail delivery, the actual delivery rate primarily depends on the receiver's mail receiving policies and by the sender's reputation.
The main.cf file stores site-specific Postfix configuration parameters while master.cf defines daemon processes. [9] The Postfix Basic Configuration tutorial covers the core settings that each site needs to consider, and the Postfix Standard Configuration Examples document discusses configuration settings for a few common environments. The Postfix Address Rewriting document covers address rewriting and mail routing. The full documentation collection is at Postfix Documentation
More complex Postfix implementations may include: integration with other applications such as SpamAssassin; support for multiple virtual domain names - and use databases such as MySQL to control complex configurations.
In Shodan scan results from November 2024, [10] Postfix was detected 2.74 million times, Exim 2.86 million times. Some sites block Shodan probes, but it is unclear whether this would materially affect the Postfix to Exim ratio.
In a 10 times smaller study published on November 1, 2024 by E-Soft, Inc., [11] 0.20 million mail servers ran Postfix, making it a more distant second behind Exim with 0.30 million. The E-Soft survey is often cited, but it specifically targets domains that provide web services and therefore covers a much smaller population.
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per RFC 8314. For retrieving messages, IMAP is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync.
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet.
The Maildir e-mail format is a common way of storing email messages on a file system, rather than in a database. Each message is assigned a file with a unique name, and each mail folder is a file system directory containing these files. Maildir was designed by Daniel J. Bernstein circa 1995, with a major goal of eliminating the need for program code to handle file locking and unlocking through use of the local filesystem. Maildir design reflects the fact that the only operations valid for an email message is that it be created, deleted or have its status changed in some way.
A mail exchanger record specifies the mail server responsible for accepting email messages on behalf of a domain name. It is a resource record in the Domain Name System (DNS). It is possible to configure several MX records, typically pointing to an array of mail servers for load balancing and redundancy.
Exim is a mail transfer agent (MTA) used on Unix-like operating systems. Exim is a free software distributed under the terms of the GNU General Public License, and it aims to be a general and flexible mailer with extensive facilities for checking incoming e-mail.
qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure alternative to the popular Sendmail program. Originally license-free software, qmail's source code was later dedicated to the public domain by the author.
procmail is an email server software component — specifically, a message delivery agent (MDA). It was one of the earliest mail filter programs. It is typically used in Unix-like mail systems, using the mbox and Maildir storage formats.
Greylisting is a method of defending e-mail users against spam. A mail transfer agent (MTA) using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and if sufficient time has elapsed, the email will be accepted.
MMDF, the Multichannel Memorandum Distribution Facility, is a message transfer agent (MTA), a computer program designed to transmit email.
qpsmtpd is an SMTP daemon written in Perl. It was originally designed to be a drop-in replacement for qmail-smtpd, the SMTP component of qmail, and it is now also compatible with Postfix, Exim, sendmail and virtually any software that "speaks SMTP". It has a flexible plugin system, making it easy to interoperate with other pieces in a mail system.
Variable envelope return path (VERP) is a technique used by some electronic mailing list software to enable automatic detection and removal of undeliverable e-mail addresses. It works by using a different return path for each recipient of a message.
VPopMail is an open-source GPL software package used for managing virtual e-mail domains and non-password e-mail accounts on e-mail servers. It was originally developed by Inter 7.
The comparison of mail servers covers mail transfer agents (MTAs), mail delivery agents, and other computer software that provide e-mail services.
Callback verification, also known as callout verification or Sender Address Verification, is a technique used by SMTP software in order to validate e-mail addresses. The most common target of verification is the sender address from the message envelope. It is mostly used as an anti-spam measure.
The Courier Mail Server is a mail transfer agent (MTA) server that provides SMTP, IMAP, POP3, SMAP, webmail, and mailing list services with individual components. It is best known for its IMAP server component.
An e-mail agent is a program that is part of the e-mail infrastructure, from composition by sender, to transfer across the network, to viewing by recipient. The best-known are message user agents and message transfer agents, but finer divisions exist.
OpenSMTPD is a Unix daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers. It was publicly released on 17 March 2013 with version number 5.3, after being in development since late 2008.
Amavis is an open-source content filter for electronic mail, implementing mail message transfer, decoding, some processing and checking, and interfacing with external content filters to provide protection against spam and viruses and other malware. It can be considered an interface between a mailer and one or more content filters.
Enduro/X is an open-source middleware platform for distributed transaction processing. It is built on proven APIs such as X/Open group's XATMI and XA. The platform is designed for building real-time microservices based applications with a clusterization option. Enduro/X functions as an extended drop-in replacement for Oracle Tuxedo. The platform uses in-memory POSIX message queues which insures high inter-process communication throughput.