Postfix feature overview
Supported environments
Postfix runs (or has run) on AIX, BSD, HP-UX, IRIX, LINUX, MacOS X, Solaris, Tru64 UNIX, and other UNIX systems. It requires ANSI C, a POSIX.1 library, and BSD sockets. In addition, Postfix requires that the file system satisfies a number of requirements that are described at the end of this page.
Main features
The following is a list of major Postfix features. Some features require third-party libraries (examples: LDAP, SQL, TLS). Other features are available only when the necessary operating system support exists and Postfix knows how to use it (examples: IP version 6, connection caching).
Recent additions
Postfix 3.9 | MongDB database. |
Postfix 3.8 | SMTP client support for RFC 2782 service discovery with SRV record lookup. |
Postfix 3.7 | Updated defense against remote clients or servers that 'trickle' SMTP or LMTP traffic, replacing the old per-record deadlines with per-request deadlines and minimum data rates. |
Postfix 3.5 | HAProxy v2 support in postscreen and smtpd |
Container support
Postfix 3.4 | Logging to stdout from Postfix daemon and non-daemon programs. |
Postfix 3.3 | Support to run as PID=1 in a Linux container. |
Protocol support
Postfix 3.8 | SMTP client support for RFC 2782 service discovery with SRV record lookup. |
Postfix 3.7 | Updated defense against remote clients or servers that 'trickle' SMTP or LMTP traffic, replacing the old per-record deadlines with per-request deadlines and minimum data rates. |
Postfix 3.5 | HAProxy v2 support in postscreen and smtpd |
Postfix 3.4 | SNI (server name indication) support for both SMTP client and server roles. |
Postfix 3.4 | SMTP server support for RFC 3030 CHUNKING (without BINARYMIME). |
Postfix 3.4 | Multiple SMTP deliveries over the same TLS-encrypted connection. This reuses the existing tlsproxy(8) and scache(8) services. |
Postfix 3.0 | Email Address Internationalization as described in RFC 6531 (SMTPUTF8 Extension), RFC 6532 (Email headers), and RFC 6533 (Delivery status notifications). |
Postfix 3.0 | Configurable DNS reply filter for the Postfix SMTP client and server. |
Postfix 3.0 | Configurable delivery status filter for the Postfix SMTP client and other delivery agents. |
Postfix 3.0 | RFC 7505 ("Null MX" No Service Resource Record), Earlier Postfix versions will bounce mail because of a "Malformed DNS server reply". |
Postfix 2.11 | RFC 7672 (SMTP security via opportunistic DANE TLS) PKI-less TLS server certificate verification based on DANE (DNS-Based Authentication of Named Entities). |
Postfix 2.10 | HAproxy support in postscreen and smtpd |
Postfix 2.9 | Defense against remote clients or servers that 'trickle' SMTP or LMTP traffic, replacing timeouts per I/O system call with per-record deadlines. |
Postfix 2.9 | Nginx proxy support in smtpd including SASL credential passing |
Postfix 2.3 | DKIM, DomainKeys and SenderID authentication (via Milter plug-in) |
Postfix 2.3 | DSN status notifications |
Postfix 2.3 | Enhanced status codes |
Postfix 2.3 | Plug-in support for multiple SASL implementations (Cyrus, Dovecot) |
Postfix 2.2 | Connection cache for SMTP |
Postfix 2.2 | IP version 6 |
Postfix 2.2 | TLS encryption and authentication |
Postfix 2.0 | MIME (including 8BITMIME to 7BIT conversion) |
Postfix 1.0 | ETRN on-demand relay |
Postfix 1.0 | LMTP client |
Postfix 1.0 | Pipelining (SMTP client and server) |
Postfix 1.0 | SASL authentication |
Postfix 1.1 | QMQP server |
Junk mail control
Postfix 3.1 | Postscreen DNSBL/WL cache TTL support for non-existent records. |
Postfix 2.8 | Postscreen zombie blocker. |
Postfix 2.8 | DNS whitelist support in smtpd and in postscreen. |
Postfix 2.5 | Stress-dependent configuration |
Postfix 2.3 | Sendmail Milter (mail filter) protocol |
Postfix 2.2 | SMTP server per-client rate and concurrency limits |
Postfix 2.1 | Access control per client/sender/recipient/etc. |
Postfix 2.1 | Address probing callout |
Postfix 2.1 | Greylisting plug-in |
Postfix 2.1 | SPF plug-in |
Postfix 1.1 | Content filter (built-in, external before queue, external after queue) |
By popular demand...
Postfix 3.5 | Forced message expiration. |
Postfix 3.4 | Logging to Postfix logfile, without using syslogd or systemd. |
Postfix 2.9 | Non-repeating (long) queue IDs |
Postfix 2.8 | Server reject "footer" text |
Postfix 2.3 | Configurable delivery status notification message text |
Postfix 2.3 | Sender-dependent SMTP relay lookup |
Postfix 2.3 | Sender-dependent SASL password lookup |
Database support
Postfix 3.9 | MongDB database. |
Postfix 3.7 | Support for the pcre2 library. |
Postfix 3.7 | Support to inline the content of small cidr:, pcre:, and regexp: tables in Postfix parameter values. |
Postfix 3.2 | MySQL stored procedure support. |
Postfix 3.0 | multi-database operators: pipelining with pipemap:{map1, map2, ...} and concatenation with unionmap:{map1, map2, ...} |
Postfix 2.11 | LMDB database |
Postfix 2.10 | Sendmail-style socketmap |
Postfix 2.9 | Gradual degradation: in many cases a Postfix daemon will log a warning and continue providing the services that are still available, instead of immediately terminating with a fatal error. |
Postfix 2.9 | Memcache database |
Postfix 2.8 | SQLite database |
Postfix 2.2 | CDB database |
Postfix 2.0 | PostgreSQL database |
Postfix 1.0 | LDAP database |
Postfix 1.0 | MySQL database |
Postfix 1.0 | Berkeley DB database |
Postfix 1.0 | DBM database |
Mailbox support
Postfix 1.0 | Maildir and mailbox format |
Postfix 1.0 | Virtual domains |
Address manipulation
Postfix 2.2 | Masquerading addresses in outbound SMTP mail |
Postfix 2.2 | Selective address rewriting |
Postfix 1.1 | VERP envelope return addresses |
Postfix file system requirements
The Postfix mail queue requires that:
-
Renaming a file to a near-by directory does not change the file's inode number.
-
A file is not lost after fsync() for that file (not its parent directory) returns successfully, and then the system crashes. This must remain true even when that file is later renamed to a near-by directory.
-
When Postfix in a virtual guest machine flushes a file with fsync(), the file information must not be cached in volatile host memory. Instead the information must immediately be written to disk (or to persistent cache) before fsync() returns in the virtual guest machine.
-
Postfix can set the execute bit on a queue file. If this does not work, then no mail will ever be delivered.
In addition to the above, Postfix maildir delivery requires that:
-
A file can be hard linked between different near-by directories.
-
A file is not lost when it is hard-linked to a near-by directory, unlinked from the old directory, and then the system crashes.
Postfix mailbox delivery introduces no additional requirements.
Files in the Postfix command_directory require that:
-
The setgid bit works. This is required to access the mail queue with the postdrop command, and to access protected UNIX-domain sockets with the postdrop and postqueue commands.