In computing, Postfix is a free and open-source mail transfer agent (MTA) that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA.
It is released under the IBM Public License 1.0 which is a free software licence.
Originally written in 1997 by Wietse Venema at the IBM Thomas J. Watson Research Center and first released in December 1998, Postfix continues as of 2011 to be actively developed by its creator and other contributors. The software is also known by its former names VMailer and IBM Secure Mailer.
Features
- Transport Layer Security
- delegation of SMTP policies to an external process (this allows greylisting) and advanced filtering (e.g. using policyd-weight, Postfix can check the E-mail meta-information (sender, recipient, client, helo) against various DNSBLs and for RFC compliance, and reject near-certain spam ahead of receiving the body of the messages, lessening server load)
- delegation of the delivery to an external process (this allows inspection of the header and body of an email) different databases for maps: Berkeley DB, CDB, DBM, LDAP, MySQL, SQLite and PostgreSQL
- Mbox-style mailboxes, Maildir-style mailboxes, and virtual domains
- Address rewriting (envelope and header), VERP, SMTP-AUTH via SASL
- milter support[1] compatible with Sendmail milters
- compilable on AIX, BSD, HP-UX, IRIX, GNU/Linux, Mac OS X, Solaris, Tru64 UNIX and, generally speaking, on every Unix-like operating system that ships with a C compiler and which delivers a standard POSIX development environment. It is the default MTA on NetBSD.[2]
Postfix has a particular resilience against buffer overflows[3] and can handle large amounts of e-mail.[4] A Postfix system implements a cooperating network of different daemons.[5] Each daemon fulfills a single task using minimum privileges.[5] In this way, if a daemon is compromised, the impact remains limited to that daemon and cannot spread throughout the entire system. Only one process has root privileges (master), and few processes actually write to locations outside the queue directory (local, virtual) or invoke external programs (local, pipe).[5] Most daemons can be easily chrooted and communicate through named pipes or UNIX-domain sockets.