MYSQL_TABLE(5)                                                  MYSQL_TABLE(5)

NAME
       mysql_table - Postfix MySQL client configuration

SYNOPSIS
       postmap -q "string" mysql:/etc/postfix/filename

       postmap -q - mysql:/etc/postfix/filename <inputfile

DESCRIPTION
       The  Postfix  mail system uses optional tables for address rewriting or
       mail routing. These tables are usually in dbm or db format.

       Alternatively, lookup tables can be specified as MySQL  databases.   In
       order  to use MySQL lookups, define a MySQL source as a lookup table in
       main.cf, for example:
           alias_maps = mysql:/etc/mysql-aliases.cf

       The file /etc/postfix/mysql-aliases.cf has the same format as the Post-
       fix main.cf file, and can specify the parameters described below.

BACKWARDS COMPATIBILITY
       For  compatibility  with  other Postfix lookup tables, MySQL parameters
       can also be defined in main.cf.  In order to do that, specify as  MySQL
       source  a  name  that  doesn't  begin with a slash or a dot.  The MySQL
       parameters will then be accessible as the name you've given the  source
       in  its  definition, an underscore, and the name of the parameter.  For
       example, if the map is specified as  "mysql:mysqlname",  the  parameter
       "hosts" below would be defined in main.cf as "mysqlname_hosts".

       Note:  with  this form, the passwords for the MySQL sources are written
       in main.cf, which is normally world-readable.  Support  for  this  form
       will be removed in a future Postfix version.

       Normally,  the  SQL  query  is  specified  via a single query parameter
       (described in more detail below).  When this parameter is not specified
       in  the map definition, Postfix reverts to an older interface, with the
       SQL query constructed from the  select_field,  table,  where_field  and
       additional_conditions  parameters.  The old interface will be gradually
       phased out. To migrate to the new interface set:

           query = SELECT [select_field]
               FROM [table]
               WHERE [where_field] = '%s'
                   [additional_conditions]

       Insert the value, not the name, of each legacy parameter. Note that the
       additional_conditions  parameter  is  optional  and  if not empty, will
       always start with AND.

LIST MEMBERSHIP
       When using SQL to store  lists  such  as  $mynetworks,  $mydestination,
       $relay_domains,  $local_recipient_maps, etc., it is important to under-
       stand that the table must store each list member as a separate key. The
       table  lookup  verifies  the *existence* of the key. See "Postfix lists
       versus tables" in the DATABASE_README document for a discussion.

       Do NOT create tables that return the full list of domains in  $mydesti-
       nation or $relay_domains etc., or IP addresses in $mynetworks.

       DO create tables with each matching item as a key and with an arbitrary
       value. With SQL databases it is not uncommon to return the  key  itself
       or a constant value.

MYSQL PARAMETERS
       hosts  The  hosts  that  Postfix will try to connect to and query from.
              Specify unix: for UNIX domain sockets, inet: for TCP connections
              (default).  Example:
                  hosts = host1.some.domain host2.some.domain:port
                  hosts = unix:/file/name

              The  hosts  are tried in random order, with all connections over
              UNIX domain sockets being tried before those over TCP.  The con-
              nections  are  automatically closed after being idle for about 1
              minute, and are re-opened as necessary. Postfix versions 2.0 and
              earlier do not randomize the host order.

              NOTE: if you specify localhost as a hostname (even if you prefix
              it with inet:), MySQL will connect to the  default  UNIX  domain
              socket.  In order to instruct MySQL to connect to localhost over
              TCP you have to specify
                  hosts = 127.0.0.1

       user, password
              The user name and password to log into the mysql server.   Exam-
              ple:
                  user = someone
                  password = some_password

       dbname The database name on the servers. Example:
                  dbname = customer_database

       query  The  SQL query template used to search the database, where %s is
              a substitute for the address Postfix is trying to resolve,  e.g.
                  query = SELECT replacement FROM aliases WHERE mailbox = '%s'

              This parameter supports the following '%' expansions:

              %%     This is replaced by a literal '%' character.

              %s     This  is  replaced by the input key.  SQL quoting is used
                     to make sure that the input key does not  add  unexpected
                     metacharacters.

              %u     When the input key is an address of the form user@domain,
                     %u is replaced by  the  SQL  quoted  local  part  of  the
                     address.   Otherwise, %u is replaced by the entire search
                     string.  If the localpart is empty,  the  query  is  sup-
                     pressed and returns no results.

              %d     When the input key is an address of the form user@domain,
                     %d is replaced by the  SQL  quoted  domain  part  of  the
                     address.   Otherwise, the query is suppressed and returns
                     no results.

              %[SUD] The upper-case equivalents of the above expansions behave
                     in  the  query  parameter identically to their lower-case
                     counter-parts.  With  the  result_format  parameter  (see
                     below),  they expand the input key rather than the result
                     value.

              %[1-9] The patterns %1, %2, ... %9 are replaced  by  the  corre-
                     sponding  most  significant  component of the input key's
                     domain. If the input key is  user@mail.example.com,  then
                     %1 is com, %2 is example and %3 is mail. If the input key
                     is unqualified or does not have enough domain  components
                     to  satisfy all the specified patterns, the query is sup-
                     pressed and returns no results.

              The domain parameter described below limits the  input  keys  to
              addresses  in  matching  domains.  When  the domain parameter is
              non-empty, SQL queries for unqualified addresses or addresses in
              non-matching domains are suppressed and return no results.

              This  parameter is available with Postfix 2.2. In prior releases
              the  SQL  query  was  built  from   the   separate   parameters:
              select_field,  table, where_field and additional_conditions. The
              mapping from the old parameters to the equivalent query is:

                  SELECT [select_field]
                  FROM [table]
                  WHERE [where_field] = '%s'
                        [additional_conditions]

              The '%s' in the WHERE  clause  expands  to  the  escaped  search
              string.   With  Postfix  2.2 these legacy parameters are used if
              the query parameter is not specified.

              NOTE: DO NOT put quotes around the query parameter.

       result_format (default: %s)
              Format template applied to result attributes. Most commonly used
              to  append  (or prepend) text to the result. This parameter sup-
              ports the following '%' expansions:

              %%     This is replaced by a literal '%' character.

              %s     This is replaced by the value of  the  result  attribute.
                     When result is empty it is skipped.

              %u     When the result attribute value is an address of the form
                     user@domain, %u is replaced by  the  local  part  of  the
                     address.  When  the  result  has an empty localpart it is
                     skipped.

              %d     When a result attribute value is an address of  the  form
                     user@domain,  %d  is  replaced  by the domain part of the
                     attribute value. When the result  is  unqualified  it  is
                     skipped.

              %[SUD1-9]
                     The  upper-case  and decimal digit expansions interpolate
                     the parts of the input key rather than the result.  Their
                     behavior  is  identical to that described with query, and
                     in fact because  the  input  key  is  known  in  advance,
                     queries  whose  key  does not contain all the information
                     specified in  the  result  template  are  suppressed  and
                     return no results.

              For example, using "result_format = smtp:[%s]" allows one to use
              a mailHost attribute as the basis of a transport(5) table. After
              applying  the result format, multiple values are concatenated as
              comma  separated  strings.  The  expansion_limit  and  parameter
              explained  below  allows one to restrict the number of values in
              the result, which is especially useful for maps that must return
              at most one value.

              The  default value %s specifies that each result value should be
              used as is.

              This parameter is available with Postfix 2.2 and later.

              NOTE: DO NOT put quotes around the result format!

       domain (default: no domain list)
              This is a list of domain names, paths to files, or dictionaries.
              When   specified,  only  fully  qualified  search  keys  with  a
              *non-empty* localpart and a matching  domain  are  eligible  for
              lookup:  'user'  lookups,  bare  domain  lookups  and  "@domain"
              lookups are not performed. This  can  significantly  reduce  the
              query load on the MySQL server.
                  domain = postfix.org, hash:/etc/postfix/searchdomains

              It  is best not to use SQL to store the domains eligible for SQL
              lookups.

              This parameter is available with Postfix 2.2 and later.

              NOTE: DO NOT define this parameter for local(8) aliases, because
              the input keys are always unqualified.

       expansion_limit (default: 0)
              A  limit  on  the total number of result elements returned (as a
              comma separated list) by a lookup against the map.  A setting of
              zero  disables the limit. Lookups fail with a temporary error if
              the limit is exceeded.  Setting the  limit  to  1  ensures  that
              lookups do not return multiple values.

       option_file
              Read  options  from the given file instead of the default my.cnf
              location.

              This parameter is available with Postfix 2.11 and later.

       option_group
              Read options from the given group.

              Postfix 3.1 and earlier don't read [client]  option  group  set-
              tings  unless  a non-empty option_file or option_group value are
              specified. To enable this, specify, for example, "option_group =
              client".

              This parameter is available with Postfix 2.11 and later.

       tls_cert_file
              File containing client's X509 certificate.

              This parameter is available with Postfix 2.11 and later.

       tls_key_file
              File  containing the private key corresponding to tls_cert_file.

              This parameter is available with Postfix 2.11 and later.

       tls_CAfile
              File containing certificates for all of the  X509  Certification
              Authorities  the  client  will recognize.  Takes precedence over
              tls_CApath.

              This parameter is available with Postfix 2.11 and later.

       tls_CApath
              Directory containing X509 Certification  Authority  certificates
              in separate individual files.

              This parameter is available with Postfix 2.11 and later.

       tls_verify_cert (default: no)
              Verify  that  the  server's  name matches the common name in the
              certificate.

              This parameter is available with Postfix 2.11 and later.

OBSOLETE QUERY INTERFACE
       This section describes an interface that is deprecated  as  of  Postfix
       2.2.  It  is  replaced  by  the  more general query interface described
       above.  If the  query  parameter  is  defined,  the  legacy  parameters
       described  here  ignored.   Please  migrate to the new interface as the
       legacy interface may be removed in a future release.

       The following parameters can be used  to  fill  in  a  SELECT  template
       statement of the form:

           SELECT [select_field]
           FROM [table]
           WHERE [where_field] = '%s'
                 [additional_conditions]

       The specifier %s is replaced by the search string, and is escaped so if
       it contains single quotes or other odd characters, it will not cause  a
       parse error, or worse, a security problem.

       select_field
              The SQL "select" parameter. Example:
                  select_field = forw_addr

       table  The SQL "select .. from" table name. Example:
                  table = mxaliases

       where_field
              The SQL "select .. where" parameter. Example:
                  where_field = alias

       additional_conditions
              Additional conditions to the SQL query. Example:
                  additional_conditions = AND status = 'paid'

SEE ALSO
       postmap(1), Postfix lookup table maintenance
       postconf(5), configuration parameters
       ldap_table(5), LDAP lookup tables
       pgsql_table(5), PostgreSQL lookup tables
       sqlite_table(5), SQLite lookup tables

README FILES
       DATABASE_README, Postfix lookup table overview
       MYSQL_README, Postfix MYSQL client guide

LICENSE
       The Secure Mailer license must be distributed with this software.

HISTORY
       MySQL support was introduced with Postfix version 1.0.

AUTHOR(S)
       Original implementation by:
       Scott Cotton, Joshua Marcus
       IC Group, Inc.

       Further enhancements by:
       Liviu Daia
       Institute of Mathematics of the Romanian Academy
       P.O. BOX 1-764
       RO-014700 Bucharest, ROMANIA

                                                                MYSQL_TABLE(5)