sort of in a good state, initial import after refactoring

.gitignore

@@ -0,0 +1,9 @@
+.DS_Store
+.*.sw?
+*.vim
+.vscode
+.venv
+target
+tmp*
+*-workspace.json
+data/out/

data/bookstore/books.xml

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<bookstore>
+
+<book category="cooking">
+  <title lang="en">Everyday Italian</title>
+  <author>Giada De Laurentiis</author>
+  <year>2005</year>
+  <price>30.00</price>
+</book>
+
+<book category="children">
+  <title lang="en">Harry Potter</title>
+  <author>J K. Rowling</author>
+  <year>2005</year>
+  <price>29.99</price>
+</book>
+
+<book category="web">
+  <title lang="en">XQuery Kick Start</title>
+  <author>James McGovern</author>
+  <author>Per Bothner</author>
+  <author>Kurt Cagle</author>
+  <author>James Linn</author>
+  <author>Vaidyanathan Nagarajan</author>
+  <year>2003</year>
+  <price>49.99</price>
+</book>
+
+<book category="web" cover="paperback">
+  <title lang="en">Learning XML</title>
+  <author>Erik T. Ray</author>
+  <year>2003</year>
+  <price>39.95</price>
+</book>
+
+</bookstore>

data/bookstore/orders.json

@@ -0,0 +1,14 @@
+[
+    {
+        "book": "Everyday Italian",
+        "user": 4081
+    },
+    {
+        "book": "Harry Potter",
+        "user": 5079
+    },
+    {
+	"book": "Everyday Italian",
+	"user": 2070
+    }
+]

data/bookstore/users.csv

@@ -0,0 +1,7 @@
+Identifier;Access code;Recovery code;First name;Last name;Department;Location
+9012;12se74;rb9012;Rachel;Booker;Sales;Manchester
+2070;04ap67;lg2070;Laura;Grey;Depot;London
+FGKJSDFKGJSDFGKJSDFKGJSDFKGSJDFGKSJDFKGJDFKGJF
+4081;30no86;cj4081;Craig;Johnson;Depot;London
+9346;14ju73;mj9346;Mary;Jenkins;Engineering;Manchester
+5079;09ja61;js5079;Jamie;Smith;Engineering;Manchester

data/incoming/ADDRESS_CLASS_README.html

@@ -0,0 +1,279 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+        "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Address Classes </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Address Classes </h1>
+
+<hr>
+
+<h2>Introduction</h2>
+
+<p> Postfix version 2.0 introduces the concept of address classes.
+This is a way of grouping recipient addresses by their delivery
+method.  The idea comes from discussions with Victor Duchovni.
+Although address classes introduced a few incompatibilities they
+also made it possible to improve the handling of <a href="VIRTUAL_README.html#canonical">hosted domains</a>
+and of unknown recipients. </p>
+
+<p> This document provides information on the following topics: </p>
+
+<ul>
+
+<li><a href="#wtf">What are address classes good for?</a>
+
+<li><a href="#classes">What address classes does Postfix implement?</a>
+
+<li><a href="#improvements">Improvements compared to Postfix 1.1</a>
+
+<li><a href="#incompatibility">Incompatibilities with Postfix 1.1</a>
+
+</ul>
+
+<h2><a name="wtf">What are address classes good for?</a></h2>
+
+<p> Why should you care about address classes? This is how Postfix
+decides what mail to accept, and how to deliver it.  In other words,
+address classes are very important for the operation of Postfix. </p>
+
+<p> An address class is defined by three items. </p>
+
+<ul>
+
+<li> <p> The list of domains that are a member of the class: for
+example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
+
+<li> <p> The default delivery transport. For example, the local,
+virtual or relay delivery transport (delivery transports are defined
+in <a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations simple,
+by avoiding the need for explicit routing information in transport
+maps. </p>
+
+<li> <p> The list of valid recipient addresses for that address
+class. The Postfix SMTP server rejects invalid recipients with
+"User unknown in &lt;name of address class here&gt; table".  This
+helps to keep the Postfix queue free of undeliverable MAILER-DAEMON
+messages. </p>
+
+</ul>
+
+<h2><a name="classes">What address classes does Postfix implement?</a></h2>
+
+<p> Initially the list of address classes is hard coded, but this
+is meant to become extensible. The summary below describes the main
+purpose of each class, and what the relevant configuration parameters
+are. </p>
+
+<p> The <a name="local_domain_class">local </a> domain class. </p>
+
+<ul>
+
+<li> <p> Purpose: final delivery for traditional UNIX system accounts
+and traditional Sendmail-style aliases. This is typically used for
+the <a href="VIRTUAL_README.html#canonical">canonical domains</a> of the machine.  For a discussion of the
+difference between <a href="VIRTUAL_README.html#canonical">canonical domains</a>, <a href="VIRTUAL_README.html#canonical">hosted domains</a> and other
+domains, see the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
+
+<li> <p> Domain names are listed with the <a href="postconf.5.html#mydestination">mydestination</a> parameter.
+This domain class also includes mail for <i>user@[ipaddress]</i>
+when the IP address is listed with the <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
+<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameters. </p>
+
+<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>
+parameter, as described in <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a>. The Postfix SMTP
+server rejects invalid recipients with "User unknown in local
+recipient table". If the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> parameter value is
+empty, then the Postfix SMTP server accepts any address in the
+<a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> class. </p>
+
+<li> <p> The mail delivery transport is specified with the
+<a href="postconf.5.html#local_transport">local_transport</a> parameter. The default value is <b><a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a></b>
+for delivery with the <a href="local.8.html">local(8)</a> delivery agent. </p>
+
+</ul>
+
+<p> The <a name="virtual_alias_class">virtual alias </a> domain
+class. </p>
+
+<ul>
+
+<li> <p> Purpose: <a href="VIRTUAL_README.html#canonical">hosted domains</a> where each recipient address is
+aliased to a local UNIX system account or to a remote address.  A
+<a href="VIRTUAL_README.html#virtual_alias">virtual alias example</a> is given in the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
+
+<li> <p> Domain names are listed in <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>. The
+default value is $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> for Postfix 1.1 compatibility.
+</p>
+
+<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
+parameter. The Postfix SMTP server rejects invalid recipients with
+"User unknown in virtual alias table".  The default value is
+$<a href="postconf.5.html#virtual_maps">virtual_maps</a> for Postfix 1.1 compatibility. </p>
+
+<li> <p> There is no mail delivery transport parameter. Every
+address must be aliased to some other address. </p>
+
+</ul>
+
+<p> The <a name="virtual_mailbox_class">virtual mailbox </a> domain
+class. </p>
+
+<ul>
+
+<li> <p> Purpose: final delivery for <a href="VIRTUAL_README.html#canonical">hosted domains</a> where each
+recipient address can have its own mailbox, and where users do not
+need to have a UNIX system account.  A <a href="VIRTUAL_README.html#virtual_mailbox">virtual mailbox example</a> is
+given in the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
+
+<li> <p> Domain names are listed with the <a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>
+parameter. The default value is $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> for Postfix
+1.1 compatibility. </p>
+
+<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
+parameter. The Postfix SMTP server rejects invalid recipients with
+"User unknown in virtual mailbox table". If this parameter value
+is empty, the Postfix SMTP server accepts all recipients for domains
+listed in $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.  </p>
+
+<li> <p> The mail delivery transport is specified with the
+<a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter. The default value is <b>virtual</b>
+for delivery with the <a href="virtual.8.html">virtual(8)</a> delivery agent. </p>
+
+</ul>
+
+<p> The <a name="relay_domain_class">relay </a> domain class. </p>
+
+<ul>
+
+<li> <p> Purpose: mail forwarding to remote destinations that list
+your system as primary or backup MX host. For a discussion of the
+basic configuration details, see the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a>
+document.  For a discussion of the difference between canonical
+domains, <a href="VIRTUAL_README.html#canonical">hosted domains</a> and other domains, see the <a href="VIRTUAL_README.html">VIRTUAL_README</a>
+file. </p>
+
+<li> <p> Domain names are listed with the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter.
+</p>
+
+<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
+parameter. The Postfix SMTP server rejects invalid recipients with
+"User unknown in relay recipient table". If this parameter value
+is empty, the Postfix SMTP server accepts all recipients for domains
+listed with the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter. </p>
+
+<li> <p> The mail delivery transport is specified with the
+<a href="postconf.5.html#relay_transport">relay_transport</a> parameter. The default value is <b>relay</b> which
+is a clone of the <a href="smtp.8.html">smtp(8)</a> delivery agent. </p>
+
+</ul>
+
+<p> The <a name="default_domain_class">default </a> domain class.
+</p>
+
+<ul>
+
+<li> <p> Purpose: mail forwarding to the Internet on behalf of
+authorized clients. For a discussion of the basic configuration
+details, see the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> file. For a discussion
+of the difference between <a href="VIRTUAL_README.html#canonical">canonical domains</a>, <a href="VIRTUAL_README.html#canonical">hosted domains</a> and
+other domains, see the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
+
+<li> <p> This class has no destination domain table. </p>
+
+<li> <p> This class has no valid recipient address table. </p>
+
+<li> <p> The mail delivery transport is specified with the
+<a href="postconf.5.html#default_transport">default_transport</a> parameter. The default value is <b>smtp</b> for
+delivery with the <a href="smtp.8.html">smtp(8)</a> delivery agent. </p>
+
+</ul>
+
+<h2><a name="improvements">Improvements compared to Postfix
+1.1</a></h2>
+
+<p> Postfix 2.0 address classes made the following improvements
+possible over earlier Postfix versions: </p>
+
+<ul>
+
+<li> <p> You no longer need to specify all the <a href="virtual.8.html">virtual(8)</a> mailbox
+domains in the Postfix transport map. The <a href="virtual.8.html">virtual(8)</a> delivery agent
+has become a first-class citizen just like <a href="local.8.html">local(8)</a> or <a href="smtp.8.html">smtp(8)</a>.
+</p>
+
+<li> <p> On mail gateway systems, address classes provide separation
+of inbound mail relay traffic ($<a href="postconf.5.html#relay_transport">relay_transport</a>) from outbound
+traffic ($<a href="postconf.5.html#default_transport">default_transport</a>). This eliminates a problem where
+inbound mail deliveries could become resource starved in the presence
+of a high volume of outbound mail. </p>
+
+<li> <p> The SMTP server rejects unknown recipients in a more
+consistent manner than was possible with Postfix version 1. This
+is needed to keep undeliverable mail (and bounced undeliverable
+mail) out of the mail queue. This is controlled by the
+<a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> configuration parameter. </p>
+
+<li> <p> As of Postfix version 2.1, the SMTP server also rejects
+unknown sender addresses (i.e. addresses that it would reject as
+unknown recipient addresses).  Sender "egress filtering" can help
+to slow down an email worm explosion.  This is controlled by the
+<a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> configuration parameter. </p>
+
+</ul>
+
+<h2><a name="incompatibility">Incompatibilities with Postfix 1.1</a></h2>
+
+<p> Postfix 2.0 address classes introduce a few incompatible changes
+in documented behavior. In order to ease the transitions, new
+parameters have default values that are backwards compatible. </p>
+
+<ul>
+
+<li> <p> The <a href="postconf.5.html#virtual_maps">virtual_maps</a> parameter is replaced by <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
+(for address lookups) and by <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> (for the names
+of what were formerly called "Postfix-style virtual domains"). </p>
+
+<p> For backwards compatibility with Postfix version 1.1, the new
+<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> parameter defaults to $<a href="postconf.5.html#virtual_maps">virtual_maps</a>, and the
+new <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> parameter defaults to $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
+</p>
+
+<li> <p> The <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> parameter now has a companion
+parameter called <a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> (for the names of domains
+served by the virtual delivery agent). The <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
+parameter is now used for address lookups only. </p>
+
+<p> For backwards compatibility with Postfix version 1.1, the new
+<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> parameter defaults to $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>.
+</p>
+
+<li> <p> Introduction of the <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> parameter.  The
+Postfix SMTP server can use this to block mail for relay recipients
+that don't exist. This list is empty by default, which means accept
+any recipient. </p>
+
+<li> <p> The <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> feature is now turned on by
+default.  The Postfix SMTP server uses this to reject mail for
+unknown local recipients. See the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> file hints
+and tips. </p>
+
+<li> <p> Introduction of the relay delivery transport in <a href="master.5.html">master.cf</a>.
+This helps to avoid mail delivery scheduling problems on inbound
+mail relays when there is a lot of outbound mail, but may require
+that you update your "<a href="postconf.5.html#defer_transports">defer_transports</a>" setting. </p>
+
+</ul>
+
+</body>
+
+</html>

data/incoming/ADDRESS_REWRITING_README

@@ -0,0 +1,840 @@
+PPoossttffiixx AAddddrreessss RReewwrriittiinngg
+
+-------------------------------------------------------------------------------
+
+PPoossttffiixx aaddddrreessss rreewwrriittiinngg ppuurrppoossee
+
+Address rewriting is at the heart of the Postfix mail system. Postfix rewrites
+addresses for many different purposes. Some are merely cosmetic, and some are
+necessary to deliver correctly formatted mail to the correct destination.
+Examples of address rewriting in Postfix are:
+
+  * Transform an incomplete address into a complete address. For example,
+    transform "username" into "username@example.com", or transform
+    "username@hostname" into "username@hostname.example.com".
+
+  * Replace an address by an equivalent address. For example, replace
+    "username@example.com" by "firstname.lastname@example.com" when sending
+    mail, and do the reverse transformation when receiving mail.
+
+  * Replace an internal address by an external address. For example, replace
+    "username@localdomain.local" by "isp-account@isp.example" when sending mail
+    from a home computer to the Internet.
+
+  * Replace an address by multiple addresses. For example, replace the address
+    of an alias by the addresses listed under that alias.
+
+  * Determine how and where to deliver mail for a specific address. For
+    example, deliver mail for "username@example.com" with the smtp(8) delivery
+    agent, to the hosts that are listed in the DNS as the mail servers for the
+    domain "example.com".
+
+Although Postfix currently has no address rewriting language, it can do
+surprisingly powerful address manipulation via table lookup. Postfix typically
+uses lookup tables with fixed strings to map one address to one or multiple
+addresses, and typically uses regular expressions to map multiple addresses to
+one or multiple addresses. Fixed-string lookup tables may be in the form of
+local files, or in the form of NIS, LDAP or SQL databases. The DATABASE_README
+document gives an introduction to Postfix lookup tables.
+
+Topics covered in this document:
+
+  * To rewrite message headers or not, or to label as invalid
+  * Postfix address rewriting overview
+  * Address rewriting when mail is received
+
+      o Rewrite addresses to standard form
+      o Canonical address mapping
+      o Address masquerading
+      o Automatic BCC recipients
+      o Virtual aliasing
+
+  * Address rewriting when mail is delivered
+
+      o Resolve address to destination
+      o Mail transport switch
+      o Relocated users table
+
+  * Address rewriting with remote delivery
+
+      o Generic mapping for outgoing SMTP mail
+
+  * Address rewriting with local delivery
+
+      o Local alias database
+      o Local per-user .forward files
+      o Local catch-all address
+
+  * Debugging your address manipulations
+
+TToo rreewwrriittee mmeessssaaggee hheeaaddeerrss oorr nnoott,, oorr ttoo llaabbeell aass iinnvvaalliidd
+
+Postfix versions 2.1 and earlier always rewrite message header addresses, and
+append Postfix's own domain information to addresses that Postfix considers
+incomplete. While rewriting message header addresses is OK for mail with a
+local origin, it is undesirable for remote mail:
+
+  * Message header address rewriting is frowned upon by mail standards,
+  * Appending Postfix's own domain produces incorrect results with some
+    incomplete addresses,
+  * Appending Postfix's own domain sometimes creates the appearance that spam
+    is sent by local users.
+
+Postfix versions 2.2 give you the option to either not rewrite message headers
+from remote SMTP clients at all, or to label incomplete addresses in such
+message headers as invalid. Here is how it works:
+
+  * Postfix always rewrites message headers from local SMTP clients and from
+    the Postfix sendmail command, and appends its own domain to incomplete
+    addresses. The local_header_rewrite_clients parameter controls what SMTP
+    clients Postfix considers local (by default, only local network interface
+    addresses).
+  * Postfix never rewrites message header addresses from remote SMTP clients
+    when the remote_header_rewrite_domain parameter value is empty (the default
+    setting).
+  * Otherwise, Postfix rewrites message headers from remote SMTP clients, and
+    appends the remote_header_rewrite_domain value to incomplete addresses.
+    This feature can be used to append a reserved domain such as
+    "domain.invalid", so that incomplete addresses cannot be mistaken for local
+    addresses.
+
+PPoossttffiixx aaddddrreessss rreewwrriittiinngg oovveerrvviieeww
+
+The figure below zooms in on those parts of Postfix that are most involved with
+address rewriting activity. See the OVERVIEW document for an overview of the
+complete Postfix architecture. Names followed by a number are Postfix daemon
+programs, while unnumbered names represent Postfix queues or internal sources
+of mail messages.
+
+                  trivial-                              trivial-
+                 rewrite(8)                            rewrite(8)
+                 (std form)                            (resolve)
+
+                      ^ |                                   ^ |
+                      | v                                   | v
+
+    smtpd(8)                                                         smtp(8)
+
+    qmqpd(8)  >- cleanup(8) -> incoming ->  active  ->   qmgr(8)  -< lmtp(8)
+
+    pickup(8)                                                        local(8)
+
+                       ^                      ^ |
+                       |                      | v
+
+                  bounces
+                 forwarding                deferred
+                  notices
+
+The table below summarizes all Postfix address manipulations. If you're reading
+this document for the first time, skip forward to "Address rewriting when mail
+is received". Once you've finished reading the remainder of this document, the
+table will help you to quickly find what you need.
+
+     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
+    |AAddddrreessss     |SSccooppee   |DDaaeemmoonn  |GGlloobbaall ttuurrnn--oonn      |SSeelleeccttiivvee ttuurrnn--ooffff ccoonnttrrooll   |
+    |mmaanniippuullaattiioonn|        |        |ccoonnttrrooll             |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Rewrite     |        |trivial-|append_at_myorigin, |                             |
+    |addresses to|all mail|rewrite |append_dot_mydomain,|local_header_rewrite_clients,|
+    |standard    |        |(8)     |swap_bangpath,      |remote_header_rewrite_domain |
+    |form        |        |        |allow_percent_hack  |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Canonical   |        |cleanup |                    |receive_override_options,    |
+    |address     |all mail|(8)     |canonical_maps      |local_header_rewrite_clients,|
+    |mapping     |        |        |                    |remote_header_rewrite_domain |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Address     |        |cleanup |                    |receive_override_options,    |
+    |masquerading|all mail|(8)     |masquerade_domains  |local_header_rewrite_clients,|
+    |            |        |        |                    |remote_header_rewrite_domain |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Automatic   |        |cleanup |always_bcc,         |                             |
+    |BCC         |new mail|(8)     |sender_bcc_maps,    |receive_override_options     |
+    |recipients  |        |        |recipient_bcc_maps  |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Virtual     |all mail|cleanup |virtual_alias_maps  |receive_override_options     |
+    |aliasing    |        |(8)     |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Resolve     |        |trivial-|                    |                             |
+    |address to  |all mail|rewrite |none                |none                         |
+    |destination |        |(8)     |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Mail        |        |trivial-|                    |                             |
+    |transport   |all mail|rewrite |transport_maps      |none                         |
+    |switch      |        |(8)     |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Relocated   |        |trivial-|                    |                             |
+    |users table |all mail|rewrite |relocated_maps      |none                         |
+    |            |        |(8)     |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Generic     |outgoing|        |                    |                             |
+    |mapping     |SMTP    |smtp(8) |smtp_generic_maps   |none                         |
+    |table       |mail    |        |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Local alias |local   |        |                    |                             |
+    |database    |mail    |local(8)|alias_maps          |none                         |
+    |            |only    |        |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Local per-  |local   |        |                    |                             |
+    |user        |mail    |local(8)|forward_path        |none                         |
+    |.forward    |only    |        |                    |                             |
+    |files       |        |        |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |Local catch-|local   |        |                    |                             |
+    |all address |mail    |local(8)|luser_relay         |none                         |
+    |            |only    |        |                    |                             |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+
+AAddddrreessss rreewwrriittiinngg wwhheenn mmaaiill iiss rreecceeiivveedd
+
+The cleanup(8) server receives mail from outside of Postfix as well as mail
+from internal sources such as forwarded mail, undeliverable mail that is
+bounced to the sender, and postmaster notifications about problems with the
+mail system.
+
+The cleanup(8) server transforms the sender, recipients and message content
+into a standard form before writing it to an incoming queue file. The server
+cleans up sender and recipient addresses in message headers and in the
+envelope, adds missing message headers such as From: or Date: that are required
+by mail standards, and removes message headers such as Bcc: that should not be
+present. The cleanup(8) server delegates the more complex address manipulations
+to the trivial-rewrite(8) server as described later in this document.
+
+Address manipulations at this stage are:
+
+  * Rewrite addresses to standard form
+  * Canonical address mapping
+  * Address masquerading
+  * Automatic BCC recipients
+  * Virtual aliasing
+
+RReewwrriittee aaddddrreesssseess ttoo ssttaannddaarrdd ffoorrmm
+
+Before the cleanup(8) daemon runs an address through any address mapping lookup
+table, it first rewrites the address to the standard
+"user@fully.qualified.domain" form, by sending the address to the trivial-
+rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the
+number of entries needed in lookup tables.
+
+The Postfix trivial-rewrite(8) daemon implements the following hard-coded
+address manipulations:
+
+    Rewrite "@hosta,@hostb:user@site" to "user@site"
+        In case you wonder what this is, the address form above is called a
+        route address, and specifies that mail for "user@site" be delivered via
+        "hosta" and "hostb". Usage of this form has been deprecated for a long
+        time. Postfix has no ability to handle route addresses, other than to
+        strip off the route part.
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter, or if the
+        remote_header_rewrite_domain configuration parameter specifies a non-
+        empty value. To get the behavior before Postfix 2.2, specify
+        "local_header_rewrite_clients = static:all".
+
+    Rewrite "site!user" to "user@site"
+        This feature is controlled by the boolean swap_bangpath parameter
+        (default: yes). The purpose is to rewrite UUCP-style addresses to
+        domain style. This is useful only when you receive mail via UUCP, but
+        it probably does not hurt otherwise.
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter, or if the
+        remote_header_rewrite_domain configuration parameter specifies a non-
+        empty value. To get the behavior before Postfix 2.2, specify
+        "local_header_rewrite_clients = static:all".
+
+    Rewrite "user%domain" to "user@domain"
+        This feature is controlled by the boolean allow_percent_hack parameter
+        (default: yes). Typically, this is used in order to deal with
+        monstrosities such as "user%domain@otherdomain".
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter, or if the
+        remote_header_rewrite_domain configuration parameter specifies a non-
+        empty value. To get the behavior before Postfix 2.2, specify
+        "local_header_rewrite_clients = static:all".
+
+    Rewrite "user" to "user@$myorigin"
+        This feature is controlled by the boolean append_at_myorigin parameter
+        (default: yes). You should never turn off this feature, because a lot
+        of Postfix components expect that all addresses have the form
+        "user@domain".
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter; otherwise they append the
+        domain name specified with the remote_header_rewrite_domain
+        configuration parameter, if one is specified. To get the behavior
+        before Postfix 2.2, specify "local_header_rewrite_clients = static:
+        all".
+
+        If your machine is not the main machine for $myorigin and you wish to
+        have some users delivered locally without going via that main machine,
+        make an entry in the virtual alias table that redirects
+        "user@$myorigin" to "user@$myhostname". See also the "delivering some
+        users locally" section in the STANDARD_CONFIGURATION_README document.
+
+    Rewrite "user@host" to "user@host.$mydomain"
+        This feature is controlled by the boolean append_dot_mydomain parameter
+        (default: yes). The purpose is to get consistent treatment of different
+        forms of the same hostname.
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter; otherwise they append the
+        domain name specified with the remote_header_rewrite_domain
+        configuration parameter, if one is specified. To get the behavior
+        before Postfix 2.2, specify "local_header_rewrite_clients = static:
+        all".
+
+        Some will argue that rewriting "host" to "host.domain" is bad. That is
+        why it can be turned off. Others like the convenience of having
+        Postfix's own domain appended automatically.
+
+    Rewrite "user@site." to "user@site" (without the trailing dot).
+        A single trailing dot is silently removed. However, an address that
+        ends in multiple dots will be rejected as an invalid address.
+
+        NOTE: Postfix versions 2.2 and later rewrite message headers from
+        remote SMTP clients only if the client matches the
+        local_header_rewrite_clients parameter, or if the
+        remote_header_rewrite_domain configuration parameter specifies a non-
+        empty value. To get the behavior before Postfix 2.2, specify
+        "local_header_rewrite_clients = static:all".
+
+CCaannoonniiccaall aaddddrreessss mmaappppiinngg
+
+The cleanup(8) daemon uses the canonical(5) tables to rewrite addresses in
+message envelopes and in message headers. By default all header and envelope
+addresses are rewritten; this is controlled with the canonical_classes
+configuration parameter.
+
+NOTE: Postfix versions 2.2 and later rewrite message headers from remote SMTP
+clients only if the client matches the local_header_rewrite_clients parameter,
+or if the remote_header_rewrite_domain configuration parameter specifies a non-
+empty value. To get the behavior before Postfix 2.2, specify
+"local_header_rewrite_clients = static:all".
+
+Address rewriting is done for local and remote addresses. The mapping is useful
+to replace login names by "Firstname.Lastname" style addresses, or to clean up
+invalid domains in mail addresses produced by legacy mail systems.
+
+Canonical mapping is disabled by default. To enable, edit the canonical_maps
+parameter in the main.cf file and specify one or more lookup tables, separated
+by whitespace or commas.
+
+Example:
+
+    /etc/postfix/main.cf:
+        canonical_maps = hash:/etc/postfix/canonical
+
+    /etc/postfix/canonical:
+        wietse        Wietse.Venema
+
+For static mappings as shown above, lookup tables such as hash:, ldap:, mysql:
+or pgsql: are sufficient. For dynamic mappings you can use regular expression
+tables. This requires that you become intimately familiar with the ideas
+expressed in regexp_table(5), pcre_table(5) and canonical(5).
+
+In addition to the canonical maps which are applied to both sender and
+recipient addresses, you can specify canonical maps that are applied only to
+sender addresses or to recipient addresses.
+
+Example:
+
+    /etc/postfix/main.cf:
+        sender_canonical_maps = hash:/etc/postfix/sender_canonical
+        recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
+
+The sender and recipient canonical maps are applied before the common canonical
+maps. The sender_canonical_classes and recipient_canonical_classes parameters
+control what addresses are subject to sender_canonical_maps and
+recipient_canonical_maps mappings, respectively.
+
+Sender-specific rewriting is useful when you want to rewrite ugly sender
+addresses to pretty ones, and still want to be able to send mail to the those
+ugly address without creating a mailer loop.
+
+Canonical mapping can be turned off selectively for mail received by smtpd(8),
+qmqpd(8), or pickup(8), by overriding main.cf settings in the master.cf file.
+This feature is available in Postfix version 2.1 and later.
+
+Example:
+
+    /etc/postfix/master.cf:
+        127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+            -o receive_override_options=no_address_mappings
+
+Note: do not specify whitespace around the "=" here.
+
+AAddddrreessss mmaassqquueerraaddiinngg
+
+Address masquerading is a method to hide hosts inside a domain behind their
+mail gateway, and to make it appear as if the mail comes from the gateway
+itself, instead of from individual machines.
+
+NOTE: Postfix versions 2.2 and later rewrite message headers from remote SMTP
+clients only if the client matches the local_header_rewrite_clients parameter,
+or if the remote_header_rewrite_domain configuration parameter specifies a non-
+empty value. To get the behavior before Postfix 2.2, specify
+"local_header_rewrite_clients = static:all".
+
+Address masquerading is disabled by default, and is implemented by the cleanup
+(8) server. To enable, edit the masquerade_domains parameter in the main.cf
+file and specify one or more domain names separated by whitespace or commas.
+When Postfix tries to masquerade a domain, it processes the list from left to
+right, and processing stops at the first match.
+
+Example:
+
+    /etc/postfix/main.cf:
+        masquerade_domains = foo.example.com example.com
+
+strips "any.thing.foo.example.com" to "foo.example.com", but strips
+"any.thing.else.example.com" to "example.com".
+
+A domain name prefixed with "!" means do not masquerade this domain or its
+subdomains:
+
+    /etc/postfix/main.cf:
+        masquerade_domains = !foo.example.com example.com
+
+does not change "any.thing.foo.example.com" and "foo.example.com", but strips
+"any.thing.else.example.com" to "example.com".
+
+The masquerade_exceptions configuration parameter specifies what user names
+should not be subjected to address masquerading. Specify one or more user names
+separated by whitespace or commas.
+
+Example:
+
+    /etc/postfix/main.cf:
+        masquerade_exceptions = root
+
+By default, Postfix makes no exceptions.
+
+Subtle point: by default, address masquerading is applied only to message
+headers and to envelope sender addresses, but not to envelope recipients. This
+allows you to use address masquerading on a mail gateway machine, while still
+being able to forward mail from outside to users on individual machines.
+
+In order to subject envelope recipient addresses to masquerading, too, specify
+(Postfix version 1.1 and later):
+
+    /etc/postfix/main.cf:
+        masquerade_classes = envelope_sender, envelope_recipient,
+            header_sender, header_recipient
+
+If you rewrite the envelope recipient like this, Postfix will no longer be able
+to send mail to individual machines.
+
+Address masquerading can be turned off selectively for mail received by smtpd
+(8), qmqpd(8), or pickup(8), by overriding main.cf settings in the master.cf
+file. This feature is available in Postfix version 2.1 and later.
+
+Example:
+
+    /etc/postfix/master.cf:
+        127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+            -o receive_override_options=no_address_mappings
+
+Note: do not specify whitespace around the "=" here.
+
+AAuuttoommaattiicc BBCCCC rreecciippiieennttss
+
+After applying the canonical and masquerade mappings, the cleanup(8) daemon can
+generate optional BCC (blind carbon-copy) recipients. Postfix provides three
+mechanisms:
+
+    always_bcc = address
+        Deliver a copy of all mail to the specified address. In Postfix
+        versions before 2.1, this feature is implemented by smtpd(8), qmqpd(8),
+        or pickup(8).
+    sender_bcc_maps = type:table
+        Search the specified "type:table" lookup table with the envelope sender
+        address for an automatic BCC address. This feature is available in
+        Postfix 2.1 and later.
+    recipient_bcc_maps = type:table
+        Search the specified "type:table" lookup table with the envelope
+        recipient address for an automatic BCC address. This feature is
+        available in Postfix 2.1 and later.
+
+Note: automatic BCC recipients are produced only for new mail. To avoid mailer
+loops, automatic BCC recipients are not generated for mail that Postfix
+forwards internally, nor for mail that Postfix generates itself.
+
+Automatic BCC recipients (including always_bcc) can be turned off selectively
+for mail received by smtpd(8), qmqpd(8), or pickup(8), by overriding main.cf
+settings in the master.cf file. This feature is available in Postfix version
+2.1 and later.
+
+Example:
+
+    /etc/postfix/master.cf:
+        127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+            -o receive_override_options=no_address_mappings
+
+Note: do not specify whitespace around the "=" here.
+
+VViirrttuuaall aalliiaassiinngg
+
+Before writing the recipients to the queue file, the cleanup(8) daemon uses the
+optional virtual(5) alias tables to redirect mail for recipients. The mapping
+affects only envelope recipient addresses; it has no effect on message headers
+or envelope sender addresses. Virtual alias lookups are useful to redirect mail
+for virtual alias domains to real user mailboxes, and to redirect mail for
+domains that no longer exist. Virtual alias lookups can also be used to
+transform " Firstname.Lastname " back into UNIX login names, although it seems
+that local aliases may be a more appropriate vehicle. See the VIRTUAL_README
+document for an overview of methods to host virtual domains with Postfix.
+
+Virtual aliasing is disabled by default. To enable, edit the virtual_alias_maps
+parameter in the main.cf file and specify one or more lookup tables, separated
+by whitespace or commas.
+
+Example:
+
+    /etc/postfix/main.cf:
+        virtual_alias_maps = hash:/etc/postfix/virtual
+
+    /etc/postfix/virtual:
+        Wietse.Venema        wietse
+
+Addresses found in virtual alias maps are subjected to another iteration of
+virtual aliasing, but are not subjected to canonical mapping, in order to avoid
+loops.
+
+For static mappings as shown above, lookup tables such as hash:, ldap:, mysql:
+or pgsql: are sufficient. For dynamic mappings you can use regular expression
+tables. This requires that you become intimately familiar with the ideas
+expressed in regexp_table(5), pcre_table(5) and virtual(5).
+
+Virtual aliasing can be turned off selectively for mail received by smtpd(8),
+qmqpd(8), or pickup(8), by overriding main.cf settings in the master.cf file.
+This feature is available in Postfix version 2.1 and later.
+
+Example:
+
+    /etc/postfix/master.cf:
+        127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+            -o receive_override_options=no_address_mappings
+
+Note: do not specify whitespace around the "=" here.
+
+At this point the message is ready to be stored into the Postfix incoming
+queue.
+
+AAddddrreessss rreewwrriittiinngg wwhheenn mmaaiill iiss ddeelliivveerreedd
+
+The Postfix queue manager sorts mail according to its destination and gives it
+to Postfix delivery agents such as local(8), smtp(8), or lmtp(8). Just like the
+cleanup(8) server, the Postfix queue manager delegates the more complex address
+manipulations to the trivial-rewrite(8) server.
+
+Address manipulations at this stage are:
+
+  * Resolve address to destination
+  * Mail transport switch
+  * Relocated users table
+
+Each Postfix delivery agent tries to deliver the mail to its destination, while
+encapsulating the sender, recipients, and message content according to the
+rules of the SMTP, LMTP, etc. protocol. When mail cannot be delivered, it is
+either returned to the sender or moved to the deferred queue and tried again
+later.
+
+Address manipulations when mail is delivered via the smtp(8) delivery agent:
+
+  * Generic mapping for outgoing SMTP mail
+
+Address manipulations when mail is delivered via the local(8) delivery agent:
+
+  * Local alias database
+  * Local per-user .forward files
+  * Local catch-all address
+
+The remainder of this document presents each address manipulation step in more
+detail, with specific examples or with pointers to documentation with examples.
+
+RReessoollvvee aaddddrreessss ttoo ddeessttiinnaattiioonn
+
+The Postfix qmgr(8) queue manager selects new mail from the incoming queue or
+old mail from the deferred queue, and asks the trivial-rewrite(8) address
+rewriting and resolving daemon where it should be delivered.
+
+As of version 2.0, Postfix distinguishes four major address classes. Each class
+has its own list of domain names, and each class has its own default delivery
+method, as shown in the table below. See the ADDRESS_CLASS_README document for
+the fine details. Postfix versions before 2.0 only distinguish between local
+delivery and everything else.
+
+     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
+    |DDeessttiinnaattiioonn ddoommaaiinn lliisstt          |DDeeffaauulltt ddeelliivveerryy mmeetthhoodd|AAvvaaiillaabbiilliittyy|
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
+    |$mydestination, $inet_interfaces,|$local_transport       |Postfix 1.0 |
+    |$proxy_interfaces                |                       |            |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
+    |$virtual_mailbox_domains         |$virtual_transport     |Postfix 2.0 |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
+    |$relay_domains                   |$relay_transport       |Postfix 2.0 |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
+    |none                             |$default_transport     |Postfix 1.0 |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ |
+
+MMaaiill ttrraannssppoorrtt sswwiittcchh
+
+Once the trivial-rewrite(8) daemon has determined a default delivery method it
+searches the optional transport(5) table for information that overrides the
+message destination and/or delivery method. Typical use of the transport(5)
+table is to send mail to a system that is not connected to the Internet, or to
+use a special SMTP client configuration for destinations that have special
+requirements. See, for example, the STANDARD_CONFIGURATION_README and
+UUCP_README documents, and the examples in the transport(5) manual page.
+
+Transport table lookups are disabled by default. To enable, edit the
+transport_maps parameter in the main.cf file and specify one or more lookup
+tables, separated by whitespace or commas.
+
+Example:
+
+    /etc/postfix/main.cf:
+        transport_maps = hash:/etc/postfix/transport
+
+RReellooccaatteedd uusseerrss ttaabbllee
+
+Next, the trivial-rewrite(8) address rewriting and resolving daemon runs each
+recipient through the relocated(5) database. This table provides information on
+how to reach users that no longer have an account, or what to do with mail for
+entire domains that no longer exist. When mail is sent to an address that is
+listed in this table, the message is returned to the sender with an informative
+message.
+
+The relocated(5) database is searched after transport(5) table lookups, in
+anticipation of transport(5) tables that can replace one recipient address by a
+different one.
+
+Lookups of relocated users are disabled by default. To enable, edit the
+relocated_maps parameter in the main.cf file and specify one or more lookup
+tables, separated by whitespace or commas.
+
+Example:
+
+    /etc/postfix/main.cf:
+        relocated_maps = hash:/etc/postfix/relocated
+
+    /etc/postfix/relocated:
+        username@example.com      otheruser@elsewhere.tld
+
+As of Postfix version 2, mail for a relocated user will be rejected by the SMTP
+server with the reason "user has moved to otheruser@elsewhere.tld". Older
+Postfix versions will receive the mail first, and then return it to the sender
+as undeliverable, with the same reason.
+
+GGeenneerriicc mmaappppiinngg ffoorr oouuttggooiinngg SSMMTTPP mmaaiill
+
+Some hosts have no valid Internet domain name, and instead use a name such as
+localdomain.local. This can be a problem when you want to send mail over the
+Internet, because many mail servers reject mail addresses with invalid domain
+names.
+
+With the smtp_generic_maps parameter you can specify generic(5) lookup tables
+that replace local mail addresses by valid Internet addresses when mail leaves
+the machine via SMTP. The generic(5) mapping replaces envelope and header
+addresses, and is non-recursive. It does not happen when you send mail between
+addresses on the local machine.
+
+This feature is available in Postfix version 2.2 and later.
+
+Example:
+
+    /etc/postfix/main.cf:
+        smtp_generic_maps = hash:/etc/postfix/generic
+
+    /etc/postfix/generic:
+        his@localdomain.local               hisaccount@hisisp.example
+        her@localdomain.local               heraccount@herisp.example
+        @localdomain.local                  hisaccount+local@hisisp.example
+
+When mail is sent to a remote host via SMTP, this replaces
+his@localdomain.local by his ISP mail address, replaces her@localdomain.local
+by her ISP mail address, and replaces other local addresses by his ISP account,
+with an address extension of +local (this example assumes that the ISP supports
+"+" style address extensions).
+
+LLooccaall aalliiaass ddaattaabbaassee
+
+When mail is to be delivered locally, the local(8) delivery agent runs each
+local recipient name through the aliases(5) database. The mapping does not
+affect addresses in message headers. Local aliases are typically used to
+implement distribution lists, or to direct mail for standard aliases such as
+postmaster to real people. The table can also be used to map
+"Firstname.Lastname" addresses to login names.
+
+Alias lookups are enabled by default. The default configuration depends on the
+operating system environment, but it is typically one of the following:
+
+    /etc/postfix/main.cf:
+        alias_maps = hash:/etc/aliases
+        alias_maps = dbm:/etc/aliases, nis:mail.aliases
+
+The pathname of the alias database file is controlled with the alias_database
+configuration parameter. The value is system dependent. Usually it is one of
+the following:
+
+    /etc/postfix/main.cf:
+        alias_database = hash:/etc/aliases (4.4BSD, LINUX)
+        alias_database = dbm:/etc/aliases (4.3BSD, SYSV<4)
+        alias_database = dbm:/etc/mail/aliases (SYSV4)
+
+An aliases(5) file can specify that mail should be delivered to a local file,
+or to a command that receives the message in the standard input stream. For
+security reasons, deliveries to command and file destinations are performed
+with the rights of the alias database owner. A default userid, default_privs,
+is used for deliveries to commands or files in "root"-owned aliases.
+
+LLooccaall ppeerr--uusseerr ..ffoorrwwaarrdd ffiilleess
+
+With delivery via the local(8) delivery agent, users can control their own mail
+delivery by specifying destinations in a file called .forward in their home
+directories. The syntax of these files is the same as with the local aliases(5)
+file, except that the left-hand side of the alias (lookup key and colon) are
+not present.
+
+LLooccaall ccaattcchh--aallll aaddddrreessss
+
+When the local(8) delivery agent finds that a message recipient does not exist,
+the message is normally returned to the sender ("user unknown"). Sometimes it
+is desirable to forward mail for non-existing recipients to another machine.
+For this purpose you can specify an alternative destination with the
+luser_relay configuration parameter.
+
+Alternatively, mail for non-existent recipients can be delegated to an entirely
+different message transport, as specified with the fallback_transport
+configuration parameter. For details, see the local(8) delivery agent
+documentation.
+
+Note: if you use the luser_relay feature in order to receive mail for non-UNIX
+accounts, then you must specify:
+
+    /etc/postfix/main.cf:
+        local_recipient_maps =
+
+(i.e. empty) in the main.cf file, otherwise the Postfix SMTP server will reject
+mail for non-UNIX accounts with "User unknown in local recipient table". See
+the LOCAL_RECIPIENT_README file for more information on this.
+
+luser_relay can specify one address. It is subjected to "$name" expansions.
+Examples:
+
+    $user@other.host
+        The bare username, without address extension, is prepended to
+        "@other.host". For example, mail for "username+foo" is sent to
+        "username@other.host".
+
+    $local@other.host
+        The entire original recipient localpart, including address extension,
+        is prepended to "@other.host". For example, mail for "username+foo" is
+        sent to "username+foo@other.host".
+
+    sysadmin+$user
+        The bare username, without address extension, is appended to
+        "sysadmin". For example, mail for "username+foo" is sent to
+        "sysadmin+username".
+
+    sysadmin+$local
+        The entire original recipient localpart, including address extension,
+        is appended to "sysadmin". For example, mail for "username+foo" is sent
+        to "sysadmin+username+foo".
+
+DDeebbuuggggiinngg yyoouurr aaddddrreessss mmaanniippuullaattiioonnss
+
+Postfix version 2.1 and later can produce mail delivery reports for debugging
+purposes. These reports not only show sender/recipient addresses after address
+rewriting and alias expansion or forwarding, they also show information about
+delivery to mailbox, delivery to non-Postfix command, responses from remote
+SMTP servers, and so on.
+
+Postfix can produce two types of mail delivery reports for debugging:
+
+  * What-if: report what would happen, but do not actually deliver mail. This
+    mode of operation is requested with:
+
+    $ //uussrr//ssbbiinn//sseennddmmaaiill --bbvv aaddddrreessss......
+    Mail Delivery Status Report will be mailed to <your login name>.
+
+  * What happened: deliver mail and report successes and/or failures, including
+    replies from remote SMTP servers. This mode of operation is requested with:
+
+    $ //uussrr//ssbbiinn//sseennddmmaaiill --vv aaddddrreessss......
+    Mail Delivery Status Report will be mailed to <your login name>.
+
+These reports contain information that is generated by Postfix delivery agents.
+Since these run as daemon processes and do not interact with users directly,
+the result is sent as mail to the sender of the test message. The format of
+these reports is practically identical to that of ordinary non-delivery
+notifications.
+
+As an example, below is the delivery report that is produced with the command
+"sendmail -bv postfix-users@postfix.org". The first part of the report contains
+human-readable text. In this case, mail would be delivered via mail.cloud9.net,
+and the SMTP server replies with "250 Ok". Other reports may show delivery to
+mailbox, or delivery to non-Postfix command.
+
+    Content-Description: Notification
+    Content-Type: text/plain
+
+    This is the mail system at host spike.porcupine.org.
+
+    Enclosed is the mail delivery report that you requested.
+
+                            The mail system
+
+    <postfix-users@postfix.org>: delivery via mail.cloud9.net[168.100.1.4]: 250
+    2.1.5 Ok
+
+The second part of the report is in machine-readable form, and includes the
+following information:
+
+  * The envelope sender address (wietse@porcupine.org).
+  * The envelope recipient address (postfix-users@postfix.org). If the
+    recipient address was changed by Postfix then Postfix also includes the
+    original recipient address.
+  * The delivery status.
+
+Some details depend on Postfix version. The example below is for Postfix
+version 2.3 and later.
+
+    Content-Description: Delivery report
+    Content-Type: message/delivery-status
+
+    Reporting-MTA: dns; spike.porcupine.org
+    X-Postfix-Queue-ID: 84863BC0E5
+    X-Postfix-Sender: rfc822; wietse@porcupine.org
+    Arrival-Date: Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+
+    Final-Recipient: rfc822; postfix-users@postfix.org
+    Action: deliverable
+    Status: 2.1.5
+    Remote-MTA: dns; mail.cloud9.net
+    Diagnostic-Code: smtp; 250 2.1.5 Ok
+
+The third part of the report contains the message that Postfix would have
+delivered, including From: and To: message headers, so that you can see any
+effects of address rewriting on those. Mail submitted with "sendmail -bv" has
+no body content so none is shown in the example below.
+
+    Content-Description: Message
+    Content-Type: message/rfc822
+
+    Received: by spike.porcupine.org (Postfix, from userid 1001)
+            id 84863BC0E5; Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+    Subject: probe
+    To: postfix-users@postfix.org
+    Message-Id: <20061126220101.84863BC0E5@spike.porcupine.org>
+    Date: Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+    From: wietse@porcupine.org (Wietse Venema)
+

data/incoming/ADDRESS_REWRITING_README.html

@@ -0,0 +1,1246 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+        "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Address Rewriting </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix
+Address Rewriting </h1>
+
+<hr>
+
+<h2> <a name="purpose"> Postfix address rewriting purpose </a> </h2>
+
+<p> Address rewriting is at the heart of the Postfix mail system.
+Postfix rewrites addresses for many different purposes. Some are
+merely cosmetic, and some are necessary to deliver correctly
+formatted mail to the correct destination. Examples of
+address rewriting in Postfix are:  </p>
+
+<ul>
+
+<li> <p> Transform an incomplete address into a complete address.
+For example, transform "username" into "username@example.com", or
+transform "username@hostname" into "username@hostname.example.com".
+</p>
+
+<li> <p> Replace an address by an equivalent address.  For example,
+replace "username@example.com" by "firstname.lastname@example.com"
+when sending mail, and do the reverse transformation when receiving
+mail.  </p>
+
+<li> <p> Replace an internal address by an external address.  For
+example, replace "username@localdomain.local" by "isp-account@isp.example"
+when sending mail from a home computer to the Internet.
+</p>
+
+<li> <p> Replace an address by multiple addresses. For example,
+replace the address of an alias by the addresses listed under that
+alias.  </p>
+
+<li> <p> Determine how and where to deliver mail for a specific
+address.  For example, deliver mail for "username@example.com" with
+the <a href="smtp.8.html">smtp(8)</a> delivery agent, to the hosts that are listed in the
+DNS as the mail servers for the domain "example.com". </p>
+
+</ul>
+
+<p> Although Postfix currently has no address rewriting language,
+it can do surprisingly powerful address manipulation via table
+lookup.  Postfix typically uses lookup tables with fixed strings
+to map one address to one or multiple addresses, and typically uses
+regular expressions to map multiple addresses to one or multiple
+addresses.  Fixed-string lookup tables may be in the form of local
+files, or in the form of NIS, LDAP or SQL databases.  The
+<a href="DATABASE_README.html">DATABASE_README</a> document gives an introduction to Postfix lookup
+tables. </p>
+
+<p> Topics covered in this document: </p>
+
+<ul>
+
+<li> <a href="#william"> To rewrite message headers or not, or to label
+as invalid </a>
+
+<li> <a href="#overview"> Postfix address rewriting overview </a>
+
+<li> <a href="#receiving"> Address rewriting when mail is received</a>
+
+<ul>
+
+<li> <a href="#standard"> Rewrite addresses to standard form</a>
+
+<li> <a href="#canonical"> Canonical address mapping </a>
+
+<li> <a href="#masquerade"> Address masquerading </a>
+
+<li> <a href="#auto_bcc"> Automatic BCC recipients</a>
+
+<li> <a href="#virtual"> Virtual aliasing </a>
+
+</ul>
+
+<li> <a href="#delivering"> Address rewriting when mail is delivered</a>
+
+<ul>
+
+<li> <a href="#resolve"> Resolve address to destination </a>
+
+<li> <a href="#transport"> Mail transport switch </a>
+
+<li> <a href="#relocated"> Relocated users table </a>
+
+</ul>
+
+<li> <a href="#remote"> Address rewriting with remote delivery </a>
+
+<ul>
+
+<li> <a href="#generic"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<li> <a href="#local"> Address rewriting with local delivery </a>
+
+<ul>
+
+<li> <a href="#aliases"> Local alias database </a>
+
+<li> <a href="#forward"> Local per-user .forward files </a>
+
+<li> <a href="#luser_relay"> Local catch-all address </a>
+
+</ul>
+
+<li> <a href="#debugging"> Debugging your address manipulations </a>
+
+</ul>
+
+<h2> <a name="william"> To rewrite message headers or not, or to label
+as invalid </a> </h2>
+
+<p> Postfix versions 2.1 and earlier always rewrite message header
+addresses, and append Postfix's own domain information to addresses
+that Postfix considers incomplete.  While rewriting message header
+addresses is OK for mail with a local origin, it is undesirable
+for remote mail: </p>
+
+<ul>
+
+<li> Message header address rewriting is frowned upon by mail standards,
+
+<li> Appending Postfix's own domain produces incorrect results with
+some incomplete addresses,
+
+<li> Appending Postfix's own domain sometimes creates the appearance
+that spam is sent by local users.
+
+</ul>
+
+<p> Postfix versions 2.2 give you the option to either not rewrite
+message headers from remote SMTP clients at all, or to label
+incomplete addresses in such message headers as invalid. Here is
+how it works:  </p>
+
+<ul>
+
+<li> Postfix always rewrites message headers from local SMTP clients
+and from the Postfix sendmail command, and appends its own domain
+to incomplete addresses.  The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter
+controls what SMTP clients Postfix considers local (by default,
+only local network interface addresses).
+
+<li> Postfix never rewrites message header addresses from remote
+SMTP clients when the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value
+is empty (the default setting).
+
+<li> Otherwise, Postfix rewrites message headers from remote SMTP
+clients, and appends the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> value to
+incomplete addresses.  This feature can be used to append a reserved
+domain such as "domain.invalid", so that incomplete addresses cannot
+be mistaken for local addresses.
+
+</ul>
+
+<h2> <a name="overview"> Postfix address rewriting overview </a> </h2>
+
+<p> The figure below zooms in on those parts of Postfix that are most
+involved with address rewriting activity. See the <a href="OVERVIEW.html">OVERVIEW</a> document
+for an overview of the complete Postfix architecture.  Names followed
+by a number are Postfix daemon programs, while unnumbered names
+represent Postfix queues or internal sources of mail messages. </p>
+
+<blockquote>
+
+<table>
+
+<tr>
+
+<td colspan="2"> </td>
+
+<td bgcolor="#f0f0ff" align="center"> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a><br>(std
+form) </td>
+
+<td colspan="5"> </td>
+
+<td bgcolor="#f0f0ff" align="center"> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a><br>(resolve)
+</td>
+
+</tr>
+
+<tr>
+
+<td colspan="2"> </td>
+
+<td align="center"><table><tr><td align="center"> ^<br> <tt> |
+</tt> </td><td align="center"> <tt> |<br>v </tt> </td></tr></table>
+
+<td colspan="5"> </td>
+
+<td align="center"><table><tr><td align="center"> ^<br> <tt> |
+</tt> </td><td align="center"> <tt> |<br>v </tt> </td></tr></table>
+
+<td colspan="2"> </td>
+
+</tr>
+
+<tr>
+
+<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="smtpd.8.html">smtpd(8)</a>
+</td>
+
+<td rowspan="3" align="center" valign="middle"> <tt> &gt;- </tt>
+</td>
+
+<td rowspan="3" bgcolor="#f0f0ff" align="center"> <a href="cleanup.8.html">cleanup(8)</a> </td>
+
+<td rowspan="3" align="center" valign="middle"> <tt> -&gt; </tt>
+</td>
+
+<td rowspan="3" bgcolor="#f0f0ff" align="center"> <a
+href="QSHAPE_README.html#incoming_queue"> incoming </a> </td>
+
+<td rowspan="3" align="center" valign="middle"> <tt> -&gt; </tt>
+</td>
+
+<td rowspan="3" bgcolor="#f0f0ff" align="center"> <a
+href="QSHAPE_README.html#active_queue"> active </a> </td>
+
+<td rowspan="3" align="center" valign="middle"> <tt> -&gt; </tt>
+</td>
+
+<td rowspan="3" bgcolor="#f0f0ff" align="center"> <a href="qmgr.8.html">qmgr(8)</a> </td>
+
+<td rowspan="3" align="center" valign="middle"> <tt> -&lt; </tt>
+</td>
+
+<td bgcolor="#f0f0ff" align="center" valign="middle">
+<a href="smtp.8.html">smtp(8)</a> </td>
+
+</tr>
+
+<tr> 
+
+<td bgcolor="#f0f0ff" align="center" valign="middle">
+<a href="qmqpd.8.html">qmqpd(8)</a> </td>
+
+<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="lmtp.8.html">lmtp(8)</a> </td>
+
+</tr>
+
+<tr>
+
+<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="pickup.8.html">pickup(8)</a>
+</td>
+
+<td bgcolor="#f0f0ff" align="center" valign="middle"> <a href="local.8.html">local(8)</a>
+</td>
+
+</tr>
+
+<tr>
+
+<td colspan="2"> </td>
+
+<td align="center"> ^<br> <tt> | </tt> </td>
+
+<td colspan="3"> </td>
+
+<td align="center"><table><tr><td align="center"> ^<br> <tt> |
+</tt> </td><td align="center"> <tt> |<br>v </tt> </td></tr></table>
+
+<td colspan="4"> </td>
+
+</tr>
+
+<tr>
+
+<td colspan="2"> </td>
+
+<td align="center"> bounces<br> forwarding<br> notices</td>
+
+<td colspan="3"> </td>
+
+<td bgcolor="#f0f0ff" align="center"> <a
+href="QSHAPE_README.html#deferred_queue"> deferred </a>
+
+<td colspan="2"> </td>
+
+</table>
+
+</blockquote>
+
+<p> The table below summarizes all Postfix address manipulations.
+If you're reading this document for the first time, skip forward
+to "<a href="ADDRESS_REWRITING_README.html#receiving">Address
+rewriting when mail is received</a>". Once you've finished reading
+the remainder of this document, the table will help you to quickly
+find what you need.  </p>
+
+<blockquote>
+
+<table border="1">
+
+<tr> <th nowrap> Address manipulation </th> <th nowrap> Scope </th>
+<th> Daemon </th> <th nowrap> Global turn-on control </th> <th nowrap> Selective
+turn-off control </th> </tr>
+
+<tr> <td> <a href="#standard"> Rewrite addresses to standard form</a>
+</td> <td nowrap> all mail </td> <td> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td>
+<td> <a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>, <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>, <a href="postconf.5.html#swap_bangpath">swap_bangpath</a>,
+<a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a> </td> <td> <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> </td> </tr>
+
+<tr> <td> <a href="#canonical"> Canonical address mapping </a> </td>
+<td nowrap> all mail </td> <td> <a href="cleanup.8.html">cleanup(8)</a> </td> <td> <a href="postconf.5.html#canonical_maps">canonical_maps</a>
+</td> <td> <a href="postconf.5.html#receive_override_options">receive_override_options</a>, <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> </td> </tr>
+
+<tr> <td> <a href="#masquerade"> Address masquerading </a> </td> <td
+nowrap> all mail </td> <td> <a href="cleanup.8.html">cleanup(8)</a> </td> <td> <a href="postconf.5.html#masquerade_domains">masquerade_domains</a>
+</td> <td> <a href="postconf.5.html#receive_override_options">receive_override_options</a>, <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> </td> </tr>
+
+<tr> <td> <a href="#auto_bcc"> Automatic BCC recipients </a> </td>
+<td nowrap> new mail </td> <td> <a href="cleanup.8.html">cleanup(8)</a> </td> <td> <a href="postconf.5.html#always_bcc">always_bcc</a>,
+<a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a>, <a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> </td> <td> <a href="postconf.5.html#receive_override_options">receive_override_options</a>
+</td> </tr>
+
+<tr> <td> <a href="#virtual"> Virtual aliasing </a> </td> <td
+nowrap> all mail </td> <td> <a href="cleanup.8.html">cleanup(8)</a> </td> <td> <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
+</td> <td> <a href="postconf.5.html#receive_override_options">receive_override_options</a> </td> </tr>
+
+<tr> <td> <a href="#resolve"> Resolve address to destination </a>
+</td> <td nowrap> all mail </td> <td> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td>
+<td> none </td> <td> none </td> </tr>
+
+<tr> <td> <a href="#transport"> Mail transport switch</a> </td>
+<td nowrap> all mail </td> <td> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td> <td>
+<a href="postconf.5.html#transport_maps">transport_maps</a> </td> <td> none </td> </tr>
+
+<tr> <td> <a href="#relocated"> Relocated users table</a> </td>
+<td nowrap> all mail </td> <td> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td> <td>
+<a href="postconf.5.html#relocated_maps">relocated_maps</a> </td> <td> none </td> </tr>
+
+<tr> <td> <a href="#generic"> Generic mapping table </a> </td> <td>
+outgoing SMTP mail </td> <td> <a href="smtp.8.html">smtp(8)</a> </td> <td> <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>
+</td> <td> none </td> </tr>
+
+<tr> <td> <a href="#aliases"> Local alias database</a> </td> <td>
+local mail only </td> <td> <a href="local.8.html">local(8)</a> </td> <td> <a href="postconf.5.html#alias_maps">alias_maps</a> </td> <td> none
+</td> </tr>
+
+<tr> <td> <a href="#forward"> Local per-user .forward files</a>
+</td> <td> local mail only </td> <td> <a href="local.8.html">local(8)</a> </td> <td> <a href="postconf.5.html#forward_path">forward_path</a>
+</td> <td> none </td> </tr>
+
+<tr> <td> <a href="#luser_relay"> Local catch-all address</a> </td>
+<td> local mail only </td> <td> <a href="local.8.html">local(8)</a> </td> <td> <a href="postconf.5.html#luser_relay">luser_relay</a> </td> <td>
+none </td> </tr>
+
+</table>
+
+</blockquote>
+
+<h2> <a name="receiving"> Address rewriting when mail is received</a>
+</h2>
+
+<p> The <a href="cleanup.8.html">cleanup(8)</a> server receives mail from outside of Postfix as
+well as mail from internal sources such as forwarded mail,
+undeliverable mail that is bounced to the sender, and postmaster
+notifications about problems with the mail system.  </p>
+
+<p> The <a href="cleanup.8.html">cleanup(8)</a> server transforms the sender, recipients and
+message content into a standard form before writing it to an incoming
+queue file. The server cleans up sender and recipient addresses in
+message headers and in the envelope, adds missing message headers
+such as From: or Date: that are required by mail standards, and
+removes message headers such as Bcc: that should not be present.
+The <a href="cleanup.8.html">cleanup(8)</a> server delegates the more complex address manipulations
+to the <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> server as described later in this document.
+</p>
+
+<p> Address manipulations at this stage are:  </p>
+
+<ul>
+
+<li> <a href="#standard"> Rewrite addresses to standard form</a>
+
+<li> <a href="#canonical"> Canonical address mapping</a>
+
+<li> <a href="#masquerade"> Address masquerading</a>
+
+<li> <a href="#auto_bcc"> Automatic BCC recipients</a>
+
+<li> <a href="#virtual"> Virtual aliasing </a>
+
+</ul>
+
+<h3> <a name="standard"> Rewrite addresses to standard form</a> </h3>
+
+<p> Before the <a href="cleanup.8.html">cleanup(8)</a> daemon runs an address through any address
+mapping lookup table, it first rewrites the address to the standard
+"user@fully.qualified.domain" form, by sending the address to the
+<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon.  The purpose of rewriting to standard
+form is to reduce the number of entries needed in lookup tables.
+</p>
+
+<p> The Postfix <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon implements the following
+hard-coded address manipulations: </p>
+
+<blockquote>
+
+<dl>
+
+<dt>Rewrite "@hosta,@hostb:user@site" to "user@site"</dt>
+
+<dd> <p> In case you wonder what this is, the address form above
+is called a route address, and specifies that mail for "user@site"
+be delivered via "hosta" and "hostb". Usage of this form has been
+deprecated for a long time.  Postfix has no ability to handle route
+addresses, other than to strip off the route part.  </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p> </dd>
+
+<dt>Rewrite "site!user" to "user@site" </dt>
+
+<dd> <p> This feature is controlled by the boolean <a href="postconf.5.html#swap_bangpath">swap_bangpath</a>
+parameter (default: yes).  The purpose is to rewrite UUCP-style
+addresses to domain style. This is useful only when you receive
+mail via UUCP, but it probably does not hurt otherwise. </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p> </dd>
+
+<dt>Rewrite "user%domain" to "user@domain"</dt>
+
+<dd> <p> This feature is controlled by the boolean <a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a>
+parameter (default: yes). Typically, this is used in order to deal
+with monstrosities such as "user%domain@otherdomain". </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p> </dd>
+
+<dt>
+
+Rewrite "user" to "user@$<a href="postconf.5.html#myorigin">myorigin</a>" </dt>
+
+<dd> <p> This feature is controlled by the boolean <a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>
+parameter (default: yes).  You should never turn off this feature,
+because a lot of Postfix components expect that all addresses have
+the form "user@domain".  </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter; otherwise they append the
+domain name specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a>
+configuration parameter, if one is specified. To get the behavior
+before Postfix 2.2, specify "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> =
+<a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p> If your machine is not the main machine for $<a href="postconf.5.html#myorigin">myorigin</a> and you
+wish to have some users delivered locally without going via that
+main machine, make an entry in the <a href="#virtual">virtual
+alias</a> table that redirects "user@$myorigin" to
+"user@$<a href="postconf.5.html#myhostname">myhostname</a>". See also the "delivering some
+users locally" section in the <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a>
+document. </p> </dd>
+
+<dt>
+
+Rewrite "user@host" to "user@host.$<a href="postconf.5.html#mydomain">mydomain</a>" </dt>
+
+<dd> <p> This feature is controlled by the boolean <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>
+parameter (default: yes).  The purpose is to get consistent treatment
+of different forms of the same hostname. </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter; otherwise they append the
+domain name specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a>
+configuration parameter, if one is specified. To get the behavior
+before Postfix 2.2, specify "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> =
+<a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p> Some will argue that rewriting "host" to "host.domain"
+is bad. That is why it can be turned off. Others like the convenience
+of having Postfix's own domain appended automatically. </p> </dd>
+
+<dt>Rewrite "user@site." to "user@site" (without the trailing dot).</dt>
+
+<dd> <p> A single trailing dot is silently removed. However, an
+address that ends in multiple dots will be rejected as an invalid
+address. </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p> </dd>
+
+</dl>
+
+</blockquote>
+
+<h3> <a name="canonical"> Canonical address mapping </a> </h3>
+
+<p> The <a href="cleanup.8.html">cleanup(8)</a> daemon uses the <a href="canonical.5.html">canonical(5)</a> tables to rewrite
+addresses in message envelopes and in message headers.  By default
+all header and envelope addresses are rewritten; this is controlled
+with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> configuration parameter.  </p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p>
+
+<p> Address rewriting is 
+done for local and remote addresses.  The mapping is useful to
+replace login names by "Firstname.Lastname" style addresses, or to
+clean up invalid domains in mail addresses produced by legacy mail
+systems. </p>
+
+<p> Canonical mapping is disabled by default. To enable, edit the
+<a href="postconf.5.html#canonical_maps">canonical_maps</a> parameter in the <a href="postconf.5.html">main.cf</a> file and specify one or
+more lookup tables, separated by whitespace or commas. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#canonical_maps">canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/canonical
+
+/etc/postfix/canonical:
+    wietse        Wietse.Venema
+</pre>
+</blockquote>
+
+<p> For static mappings as shown above, lookup tables such as <a href="DATABASE_README.html#types">hash</a>:,
+<a href="ldap_table.5.html">ldap</a>:, <a href="mysql_table.5.html">mysql</a>:  or <a href="pgsql_table.5.html">pgsql</a>: are sufficient. For dynamic mappings you
+can use regular expression tables. This requires that you become
+intimately familiar with the ideas expressed in <a href="regexp_table.5.html">regexp_table(5)</a>,
+<a href="pcre_table.5.html">pcre_table(5)</a> and <a href="canonical.5.html">canonical(5)</a>.  </p>
+
+<p> In addition to the canonical maps which are applied to both sender
+and recipient addresses, you can specify canonical maps that are
+applied only to sender addresses or to recipient addresses. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/sender_canonical
+    <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/recipient_canonical
+</pre>
+</blockquote>
+
+<p> The sender and recipient canonical maps are applied before the
+common canonical maps. The <a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> and
+<a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> parameters control what addresses are
+subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> and <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a>
+mappings, respectively. </p>
+
+<p> Sender-specific rewriting is useful when you want to rewrite
+ugly sender addresses to pretty ones, and still want to be able to
+send mail to the those ugly address without creating a mailer loop.
+</p>
+
+<p> Canonical mapping can be turned off selectively for mail received
+by <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a>, by overriding <a href="postconf.5.html">main.cf</a> settings
+in the <a href="master.5.html">master.cf</a> file.  This feature is available in Postfix version
+2.1 and later.  </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+        -o <a href="postconf.5.html#receive_override_options">receive_override_options</a>=<a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+</blockquote>
+
+<p> Note: do not specify whitespace around the "=" here. </p>
+
+<h3> <a name="masquerade"> Address masquerading </a> </h3>
+
+<p> Address masquerading is a method to hide hosts inside a domain
+behind their mail gateway, and to make it appear as if the mail
+comes from the gateway itself, instead of from individual machines.
+</p>
+
+<p> NOTE: Postfix versions 2.2 and later rewrite message headers
+from remote SMTP clients only if the client matches the
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter, or if the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter specifies a
+non-empty value. To get the behavior before Postfix 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all".  </p>
+
+<p> Address masquerading is disabled by default, and is implemented
+by the <a href="cleanup.8.html">cleanup(8)</a> server. To enable, edit the <a href="postconf.5.html#masquerade_domains">masquerade_domains</a>
+parameter in the <a href="postconf.5.html">main.cf</a> file and specify one or more domain names
+separated by whitespace or commas.  When Postfix tries to masquerade
+a domain, it processes the list from left to right, and processing
+stops at the first match.  </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#masquerade_domains">masquerade_domains</a> = foo.example.com example.com
+</pre>
+</blockquote>
+
+<p> strips "any.thing.foo.example.com" to "foo.example.com", but
+strips "any.thing.else.example.com" to "example.com". </p>
+
+<p> A domain name prefixed with "<tt>!</tt>" means do not masquerade
+this domain or its subdomains: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#masquerade_domains">masquerade_domains</a> = !foo.example.com example.com
+</pre>
+</blockquote>
+
+<p> does not change "any.thing.foo.example.com" and "foo.example.com",
+but strips "any.thing.else.example.com" to "example.com". </p>
+
+<p> The <a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> configuration parameter specifies
+what user names should not be subjected to address masquerading.
+Specify one or more user names separated by whitespace or commas.
+</p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> = root
+</pre>
+</blockquote>
+
+<p> By default, Postfix makes no exceptions. </p>
+
+<p> Subtle point: by default, address masquerading is applied only to
+message headers and to envelope sender addresses, but not to envelope
+recipients. This allows you to use address masquerading on a mail
+gateway machine, while still being able to forward mail from outside
+to users on individual machines. </p>
+
+<p> In order to subject envelope recipient addresses to masquerading,
+too, specify (Postfix version 1.1 and later):</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#masquerade_classes">masquerade_classes</a> = envelope_sender, envelope_recipient,
+        header_sender, header_recipient
+</pre>
+</blockquote>
+
+<p> If you rewrite the envelope recipient like this, Postfix will
+no longer be able to send mail to individual machines. </p>
+
+<p> Address masquerading can be turned off selectively for mail
+received by <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a>, by overriding <a href="postconf.5.html">main.cf</a>
+settings in the <a href="master.5.html">master.cf</a> file.  This feature is available in
+Postfix version 2.1 and later. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+        -o <a href="postconf.5.html#receive_override_options">receive_override_options</a>=<a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+</blockquote>
+
+<p> Note: do not specify whitespace around the "=" here. </p>
+
+<h3> <a name="auto_bcc"> Automatic BCC recipients</a> </h3>
+
+<p> After applying the canonical and masquerade mappings, the
+<a href="cleanup.8.html">cleanup(8)</a> daemon can generate optional BCC (blind carbon-copy)
+recipients. Postfix provides three mechanisms: </p>
+
+<blockquote>
+
+<dl>
+
+<dt> <a href="postconf.5.html#always_bcc">always_bcc</a> = address </dt> <dd> Deliver a copy of all mail to
+the specified address. In Postfix versions before 2.1, this feature
+is implemented by <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a>. </dd>
+
+<dt> <a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> = <a href="DATABASE_README.html">type:table</a>  </dt> <dd> Search the specified
+"<a href="DATABASE_README.html">type:table</a>" lookup table with the envelope sender address for an
+automatic BCC address. This feature is available in Postfix 2.1
+and later. </dd>
+
+<dt> <a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> = <a href="DATABASE_README.html">type:table</a>  </dt> <dd> Search the specified
+"<a href="DATABASE_README.html">type:table</a>" lookup table with the envelope recipient address for
+an automatic BCC address. This feature is available in Postfix 2.1
+and later. </dd>
+
+</dl>
+
+</blockquote>
+
+<p> Note: automatic BCC recipients are produced only for new mail.
+To avoid mailer loops, automatic BCC recipients are not generated
+for mail that Postfix forwards internally, nor for mail that Postfix
+generates itself. </p>
+
+<p> Automatic BCC recipients (including <a href="postconf.5.html#always_bcc">always_bcc</a>) can be turned
+off selectively for mail received by <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a>,
+by overriding <a href="postconf.5.html">main.cf</a> settings in the <a href="master.5.html">master.cf</a> file.  This feature
+is available in Postfix version 2.1 and later. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+        -o <a href="postconf.5.html#receive_override_options">receive_override_options</a>=<a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+</blockquote>
+
+<p> Note: do not specify whitespace around the "=" here. </p>
+
+<h3> <a name="virtual"> Virtual aliasing </a> </h3>
+
+<p> Before writing the recipients to the queue file, the <a href="cleanup.8.html">cleanup(8)</a>
+daemon uses the optional <a href="virtual.5.html">virtual(5)</a> alias tables to redirect mail
+for recipients.  The mapping affects only envelope recipient
+addresses; it has no effect on message headers or envelope sender
+addresses.  Virtual alias lookups are useful to redirect mail for
+<a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a> to real user mailboxes, and to redirect mail
+for domains that no longer exist.  Virtual alias lookups can also
+be used to transform " Firstname.Lastname " back into UNIX login
+names, although it seems that local <a href="#aliases">aliases</a>
+may be a more appropriate vehicle. See the <a href="VIRTUAL_README.html">VIRTUAL_README</a> document
+for an overview of methods to host virtual domains with Postfix.
+</p>
+
+<p> Virtual aliasing is disabled by default. To enable, edit the
+<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> parameter in the <a href="postconf.5.html">main.cf</a> file and
+specify one or more lookup tables, separated by whitespace or
+commas. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/virtual
+
+/etc/postfix/virtual:
+    Wietse.Venema        wietse
+</pre>
+</blockquote>
+
+<p> Addresses found in virtual alias maps are subjected to another
+iteration of virtual aliasing, but are not subjected to canonical
+mapping, in order to avoid loops. </p>
+
+<p> For static mappings as shown above, lookup tables such as <a href="DATABASE_README.html#types">hash</a>:,
+<a href="ldap_table.5.html">ldap</a>:, <a href="mysql_table.5.html">mysql</a>: or <a href="pgsql_table.5.html">pgsql</a>: are sufficient. For dynamic mappings you
+can use regular expression tables. This requires that you become
+intimately familiar with the ideas expressed in <a href="regexp_table.5.html">regexp_table(5)</a>,
+<a href="pcre_table.5.html">pcre_table(5)</a> and <a href="virtual.5.html">virtual(5)</a>.  </p>
+
+<p> Virtual aliasing can be turned off selectively for mail received
+by <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a>, by overriding <a href="postconf.5.html">main.cf</a> settings
+in the <a href="master.5.html">master.cf</a> file.  This feature is available in Postfix version
+2.1 and later. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    127.0.0.1:10026    inet  n      -      n      -      -     smtpd
+        -o <a href="postconf.5.html#receive_override_options">receive_override_options</a>=<a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+</blockquote>
+
+<p> Note: do not specify whitespace around the "=" here. </p>
+
+<p> At this point the message is ready to be stored into the
+Postfix <a href="QSHAPE_README.html#incoming_queue">incoming queue</a>. </p>
+
+<h2> <a name="delivering"> Address rewriting when mail is delivered</a> </h2>
+
+<p> The Postfix queue manager sorts mail according to its destination
+and gives it to Postfix delivery agents such as <a href="local.8.html">local(8)</a>, <a href="smtp.8.html">smtp(8)</a>,
+or <a href="lmtp.8.html">lmtp(8)</a>. Just like the <a href="cleanup.8.html">cleanup(8)</a> server, the Postfix queue
+manager delegates the more complex address manipulations to the
+<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> server. </p>
+
+<p> Address manipulations at this stage are:  </p>
+
+<ul>
+
+<li> <a href="#resolve"> Resolve address to destination </a>
+
+<li> <a href="#transport"> Mail transport switch</a>
+
+<li> <a href="#relocated"> Relocated users table</a>
+
+</ul>
+
+<p> Each Postfix delivery agent tries to deliver the mail to its
+destination, while encapsulating the sender, recipients, and message
+content according to the rules of the SMTP, LMTP, etc.  protocol.
+When mail cannot be delivered, it is either returned to the sender
+or moved to the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> and tried again later.  </p>
+
+<p> <a name="remote">Address</a> manipulations when mail is delivered
+via the <a href="smtp.8.html">smtp(8)</a> delivery agent: </p>
+
+<ul>
+
+<li> <a href="#generic"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<p> <a name="local">Address</a> manipulations when mail is delivered
+via the <a href="local.8.html">local(8)</a> delivery agent: </p>
+
+<ul>
+
+<li> <a href="#aliases"> Local alias database</a>
+
+<li> <a href="#forward"> Local per-user .forward files</a>
+
+<li> <a href="#luser_relay"> Local catch-all address</a>
+
+</ul>
+
+<p> The remainder of this document presents each address manipulation
+step in more detail, with specific examples or with pointers to
+documentation with examples. </p>
+
+<h3> <a name="resolve"> Resolve address to destination </a> </h3>
+
+<p> The Postfix <a href="qmgr.8.html">qmgr(8)</a> queue manager selects new mail from the
+<a href="QSHAPE_README.html#incoming_queue">incoming queue</a> or old mail from the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a>, and asks the
+<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> address rewriting and resolving daemon where it
+should be delivered. </p>
+
+<p> As of version 2.0, Postfix distinguishes four major address
+classes. Each class has its own list of domain names, and each
+class has its own default delivery method, as shown in the table
+below.  See the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> document for the fine details.
+Postfix versions before 2.0 only distinguish between local delivery
+and everything else.  </p>
+
+<blockquote>
+
+<table border="1">
+
+<tr><th align="left">Destination domain list </th> <th
+align="left">Default delivery method </th> <th>Availability
+</th> </tr>
+
+<tr><td>$<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> </td>
+<td>$<a href="postconf.5.html#local_transport">local_transport</a> </td> <td>Postfix 1.0</td></tr>
+
+<tr><td>$<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> </td> <td>$<a href="postconf.5.html#virtual_transport">virtual_transport</a> </td>
+<td>Postfix 2.0</td> </tr>
+
+<tr><td>$<a href="postconf.5.html#relay_domains">relay_domains</a> </td> <td>$<a href="postconf.5.html#relay_transport">relay_transport</a> </td> <td>Postfix
+2.0</td> </tr>
+
+<tr><td>none </td> <td>$<a href="postconf.5.html#default_transport">default_transport</a> </td> <td>Postfix 1.0</td>
+</tr>
+
+</table>
+
+</blockquote>
+
+<h3> <a name="transport"> Mail transport switch </a> </h3>
+
+<p> Once the <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon has determined a default
+delivery method it searches the optional <a href="transport.5.html">transport(5)</a> table for
+information that overrides the message destination and/or delivery
+method.  Typical use of the <a href="transport.5.html">transport(5)</a> table is to send mail to
+a system
+that is not connected to the Internet, or to use a special SMTP
+client configuration for destinations that have special requirements.
+See, for example, the <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> and <a href="UUCP_README.html">UUCP_README</a>
+documents, and the examples in the <a href="transport.5.html">transport(5)</a> manual page.  </p>
+
+<p> Transport table lookups are disabled by default. To enable,
+edit the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter in the <a href="postconf.5.html">main.cf</a> file and specify
+one or more lookup tables, separated by whitespace or commas. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
+</pre>
+</blockquote>
+
+<h3> <a name="relocated"> Relocated users table </a> </h3>
+
+<p> Next, the <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> address rewriting and resolving
+daemon runs each recipient through the <a href="relocated.5.html">relocated(5)</a> database.  This
+table provides information on how to reach users that no longer
+have an account, or what to do with mail for entire domains that
+no longer exist.  When mail is sent to an address that is listed
+in this table, the message is returned to the sender with an
+informative message.  </p>
+
+<p> The <a href="relocated.5.html">relocated(5)</a> database is searched after <a href="transport.5.html">transport(5)</a>
+table lookups, in anticipation of <a href="transport.5.html">transport(5)</a> tables that
+can replace one recipient address by a different one. </p>
+
+<p> Lookups of relocated users are disabled by default. To enable,
+edit the <a href="postconf.5.html#relocated_maps">relocated_maps</a> parameter in the <a href="postconf.5.html">main.cf</a> file and specify
+one or more lookup tables, separated by whitespace or commas. </p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#relocated_maps">relocated_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated
+
+/etc/postfix/relocated:
+    username@example.com      otheruser@elsewhere.tld
+</pre>
+</blockquote>
+
+<p> As of Postfix version 2, mail for a relocated user will be
+rejected by the SMTP server with the reason "user has moved to
+otheruser@elsewhere.tld". Older Postfix versions will receive the
+mail first, and then return it to the sender as undeliverable, with
+the same reason.  </p>
+
+<h3> <a name="generic"> Generic mapping for outgoing SMTP mail </a> </h3>
+
+<p> Some hosts have no valid Internet domain name, and instead use
+a name such as <i>localdomain.local</i>. This can be a problem when
+you want to send mail over the Internet, because many mail servers
+reject mail addresses with invalid domain names. </p>
+
+<p> With the <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> parameter you can specify <a href="generic.5.html">generic(5)</a>
+lookup tables that replace local mail addresses by valid Internet
+addresses when mail leaves the machine via SMTP. The <a href="generic.5.html">generic(5)</a>
+mapping replaces envelope and header addresses, and is non-recursive.
+It does not happen when you send mail between addresses on the
+local machine. </p>
+
+<p> This feature is available in Postfix version 2.2 and later.</p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/generic
+
+/etc/postfix/generic:
+    his@localdomain.local               hisaccount@hisisp.example
+    her@localdomain.local               heraccount@herisp.example
+    @localdomain.local                  hisaccount+local@hisisp.example
+</pre>
+</blockquote>
+
+<p> When mail is sent to a remote host via SMTP, this replaces
+<i>his@localdomain.local</i> by his ISP mail address, replaces
+<i>her@localdomain.local</i> by her ISP mail address, and replaces
+other local addresses by his ISP account, with an address extension
+of +<i>local</i> (this example assumes that the ISP supports "+"
+style address extensions).  </p>
+
+<h3> <a name="aliases"> Local alias database </a> </h3>
+
+<p> When mail is to be delivered locally, the <a href="local.8.html">local(8)</a> delivery
+agent runs each local recipient name through the <a href="aliases.5.html">aliases(5)</a> database.
+The mapping does not affect addresses in message headers. Local
+aliases are typically used to implement distribution lists, or to
+direct mail for standard aliases such as postmaster to real people.
+The table can also be used to map "Firstname.Lastname" addresses
+to login names. </p>
+
+<p> Alias lookups are enabled by default. The default configuration
+depends on the operating system environment, but it is typically
+one of the following: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#alias_maps">alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/aliases
+    <a href="postconf.5.html#alias_maps">alias_maps</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/aliases, nis:mail.aliases
+</pre>
+</blockquote>
+
+<p> The pathname of the alias database file is controlled with the
+<a href="postconf.5.html#alias_database">alias_database</a> configuration parameter. The value is system dependent.
+Usually it is one of the following: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#alias_database">alias_database</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/aliases (4.4BSD, LINUX)
+    <a href="postconf.5.html#alias_database">alias_database</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/aliases (4.3BSD, SYSV&lt;4)
+    <a href="postconf.5.html#alias_database">alias_database</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/mail/aliases (SYSV4)
+</pre>
+</blockquote>
+
+<p> An <a href="aliases.5.html">aliases(5)</a> file can specify that mail should be delivered
+to a local file, or to a command that receives the message in the
+standard input stream.  For security reasons, deliveries to command
+and file destinations are performed with the rights of the alias
+database owner.  A default userid, <a href="postconf.5.html#default_privs">default_privs</a>, is used for
+deliveries to commands or files in "root"-owned aliases. </p>
+
+<h3> <a name="forward"> Local per-user .forward files </a> </h3>
+
+<p> With delivery via the <a href="local.8.html">local(8)</a> delivery agent, users can control
+their own mail delivery by specifying destinations in a file called
+.forward in their home directories. The syntax of these files is
+the same as with the local <a href="aliases.5.html">aliases(5)</a> file, except that the left-hand
+side of the alias (lookup key and colon) are not present. </p>
+
+<h3> <a name="luser_relay"> Local catch-all address </a> </h3>
+
+<p> When the <a href="local.8.html">local(8)</a> delivery agent finds that a message recipient
+does not exist, the message is normally returned to the sender ("user
+unknown").  Sometimes it is desirable to forward mail for non-existing
+recipients to another machine.  For this purpose you can specify
+an alternative destination with the <a href="postconf.5.html#luser_relay">luser_relay</a> configuration
+parameter. </p>
+
+<p> Alternatively, mail for non-existent recipients can be delegated
+to an entirely different message transport, as specified with the
+<a href="postconf.5.html#fallback_transport">fallback_transport</a> configuration parameter. For details, see the
+<a href="local.8.html">local(8)</a> delivery agent documentation. </p>
+
+<p> Note: if you use the <a href="postconf.5.html#luser_relay">luser_relay</a> feature in order to receive
+mail for non-UNIX accounts, then you must specify: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
+</pre>
+</blockquote>
+
+<p> (i.e. empty) in the <a href="postconf.5.html">main.cf</a> file, otherwise the Postfix SMTP
+server will reject mail for non-UNIX accounts with "User unknown
+in local recipient table". See the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> file
+for more information on this.
+</p>
+
+<p> <a href="postconf.5.html#luser_relay">luser_relay</a> can specify one address. It is subjected to "$name"
+expansions. Examples: </p>
+
+<blockquote>
+
+<dl>
+
+<dt>$user@other.host </dt>
+
+<dd> <p> The bare username, without address extension, is prepended
+to "@other.host". For example, mail for "username+foo" is sent to
+"username@other.host". </p> </dd>
+
+<dt>$local@other.host </dt>
+
+<dd> <p> The entire original recipient localpart, including address
+extension, is prepended to "@other.host". For example, mail for
+"username+foo" is sent to "username+foo@other.host". </p> </dd>
+
+<dt>sysadmin+$user </dt>
+
+<dd> <p> The bare username, without address extension, is appended
+to "sysadmin". For example, mail for "username+foo" is sent to
+"sysadmin+username". </p> </dd>
+
+<dt>sysadmin+$local </dt>
+
+<dd> <p> The entire original recipient localpart, including address
+extension, is appended to "sysadmin". For example, mail for
+"username+foo" is sent to "sysadmin+username+foo". </p> </dd>
+
+</dl>
+
+</blockquote>
+
+<h2> <a name="debugging"> Debugging your address manipulations </a> </h2>
+
+<p> Postfix version 2.1 and later can
+produce mail delivery reports for debugging purposes. These reports
+not only show sender/recipient addresses after address rewriting
+and alias expansion or forwarding, they also show information about
+delivery to mailbox, delivery to non-Postfix command, responses
+from remote SMTP servers, and so on.  </p>
+
+<p> Postfix can produce two types of mail delivery reports for
+debugging: </p>
+
+<ul>
+
+<li> <p> What-if: report what would happen, but do not actually
+deliver mail. This mode of operation is requested with: </p>
+
+<pre>
+$ <b>/usr/sbin/sendmail -bv address...</b>
+Mail Delivery Status Report will be mailed to &lt;your login name&gt;.
+</pre>
+
+<li> <p> What happened: deliver mail and report successes and/or
+failures, including replies from remote SMTP servers.  This mode
+of operation is requested with: </p>
+
+<pre>
+$ <b>/usr/sbin/sendmail -v address...</b>
+Mail Delivery Status Report will be mailed to &lt;your login name&gt;.
+</pre>
+
+</ul>
+
+<p> These reports contain information that is generated by Postfix
+delivery agents. Since these run as daemon processes and do not
+interact with users directly, the result is sent as mail to the
+sender of the test message. The format of these reports is practically
+identical to that of ordinary non-delivery notifications. </p>
+
+<p> As an example, below is the delivery report that is produced
+with the command "sendmail -bv postfix-users@postfix.org".  The
+first part of the report contains human-readable text. In this
+case, mail would be delivered via mail.cloud9.net, and the SMTP
+server replies with "250 Ok". Other reports may show delivery
+to mailbox, or delivery to non-Postfix command. </p>
+
+<blockquote>
+<pre>
+Content-Description: Notification
+Content-Type: text/plain
+
+This is the mail system at host spike.porcupine.org.
+
+Enclosed is the mail delivery report that you requested.
+
+                        The mail system
+
+&lt;postfix-users@postfix.org&gt;: delivery via mail.cloud9.net[168.100.1.4]: 250 2.1.5 Ok
+</pre>
+</blockquote>
+
+<p> The second part of the report is in machine-readable form, and
+includes the following information: </p>
+
+<ul>
+
+<li> The envelope sender address (wietse@porcupine.org).
+
+<li> The envelope recipient address (postfix-users@postfix.org).
+If the recipient address was changed by Postfix then Postfix also
+includes the original recipient address.
+
+<li> The delivery status.
+
+</ul>
+
+<p> Some details depend on Postfix version. The example below is
+for Postfix version 2.3 and later. </p>
+
+<blockquote>
+<pre>
+Content-Description: Delivery report
+Content-Type: message/delivery-status
+
+Reporting-MTA: dns; spike.porcupine.org
+X-Postfix-Queue-ID: 84863BC0E5
+X-Postfix-Sender: rfc822; wietse@porcupine.org
+Arrival-Date: Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+
+Final-Recipient: rfc822; postfix-users@postfix.org
+Action: deliverable
+Status: 2.1.5
+Remote-MTA: dns; mail.cloud9.net
+Diagnostic-Code: smtp; 250 2.1.5 Ok
+</pre>
+</blockquote>
+
+<p> The third part of the report contains the message that Postfix
+would have delivered, including From:  and To: message headers, so
+that you can see any effects of address rewriting on those. Mail
+submitted with "sendmail -bv" has no body content so none is shown
+in the example below. </p>
+
+<blockquote>
+<pre>
+Content-Description: Message
+Content-Type: message/rfc822
+
+Received: by spike.porcupine.org (Postfix, from userid 1001)
+        id 84863BC0E5; Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+Subject: probe
+To: postfix-users@postfix.org
+Message-Id: &lt;20061126220101.84863BC0E5@spike.porcupine.org&gt;
+Date: Sun, 26 Nov 2006 17:01:01 -0500 (EST)
+From: wietse@porcupine.org (Wietse Venema)
+</pre>
+</blockquote>
+
+</body>
+
+</html>

data/incoming/INSTALL.html

@@ -0,0 +1,1672 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+        "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Installation From Source Code </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix
+Installation From Source Code </h1>
+
+<hr>
+
+<h2> <a name="1">1 - Purpose of this document</a> </h2>
+
+<p> If you are using a pre-compiled version of Postfix, you should
+start with <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> and the general documentation
+referenced by it.  <a href="INSTALL.html">INSTALL</a> is only a bootstrap document to get
+Postfix up and running from scratch with the minimal number of
+steps; it should not be considered part of the general documentation.
+</p>
+
+<p> This document describes how to build, install and configure a
+Postfix system so that it can do one of the following: </p>
+
+<ul>
+
+<li> Send mail only, without changing an existing Sendmail
+installation.
+
+<li> Send and receive mail via a virtual host interface, still
+without any change to an existing Sendmail installation.
+
+<li> Run Postfix instead of Sendmail.
+
+</ul>
+
+<p> Topics covered in this document: </p>
+
+<ol>
+
+<li> <a href="#1">Purpose of this document</a>
+
+<li> <a href="#2">Typographical conventions</a>
+
+<li> <a href="#3">Documentation</a>
+
+<li> <a href="#4">Building on a supported system</a>
+
+<li> <a href="#5">Porting Postfix to an unsupported system</a>
+
+<li> <a href="#install">Installing the software after successful
+compilation </a>
+
+<li> <a href="#send_only">Configuring Postfix to send mail
+only </a>
+
+<li> <a href="#send_receive">Configuring Postfix to send and
+receive mail via virtual interface </a>
+
+<li> <a href="#replace">Running Postfix instead of Sendmail</a>
+
+<li> <a href="#mandatory">Mandatory configuration file edits</a>
+
+<li> <a href="#hamlet">To chroot or not to chroot</a>
+
+<li> <a href="#care">Care and feeding of the Postfix system</a>
+
+</ol>
+
+<h2> <a name="2">2 - Typographical conventions</a> </h2>
+
+<p> In the instructions below, a command written as </p>
+
+<blockquote>
+<pre>
+# command
+</pre>
+</blockquote>
+
+<p> should be executed as the superuser. </p>
+
+<p> A command written as </p>
+
+<blockquote>
+<pre>
+$ command
+</pre>
+</blockquote>
+
+<p> should be executed as an unprivileged user.  </p>
+
+<h2> <a name="3">3 - Documentation</a> </h2>
+
+<p> Documentation is available as README files (start with the file
+README_FILES/AAAREADME), as HTML web pages (point your browser to
+"html/index.html") and as UNIX-style manual pages. </p>
+
+<p> You should view the README files with a pager such as more(1)
+or less(1), because the files use backspace characters in order to
+produce <b>bold</b> font. To print a README file without backspace
+characters, use the col(1) command.  For example: </p>
+
+<blockquote>
+<pre>
+$ col -bx &lt;file | lpr
+</pre>
+</blockquote>
+
+<p> In order to view the manual pages before installing Postfix,
+point your MANPATH environment variable to the "man" subdirectory;
+be sure to use an absolute path.  </p>
+
+<blockquote>
+<pre>
+$ export MANPATH; MANPATH="`pwd`/man:$MANPATH"
+$ setenv MANPATH "`pwd`/man:$MANPATH"
+</pre>
+</blockquote>
+
+<p> Of particular interest is the <a href="postconf.5.html">postconf(5)</a> manual page that
+lists all the 500+ configuration parameters. The HTML version of
+this text makes it easy to navigate around.  </p>
+
+<p> All Postfix source files have their own built-in manual page.
+Tools to extract those embedded manual pages are available in the
+mantools directory. </p>
+
+<h2> <a name="4">4 - Building on a supported system</a> </h2>
+
+<p> Postfix development happens on FreeBSD and MacOS X, with regular
+tests on Linux (Fedora, Ubuntu) and Solaris. Support for other
+systems relies on feedback from their users, and may not always be
+up-to-date. </p>
+
+<p> OpenBSD is partially supported. The libc resolver does not
+implement the documented "internal resolver options which are [...]
+set by changing fields in the _res structure" (documented in the
+OpenBSD 5.6 resolver(3) manpage). This results in too many DNS
+queries, and false positives for queries that should fail. </p>
+
+<!--
+
+<p> At some point in time, a version of Postfix was supported on: </p>
+
+<blockquote>
+<p>
+AIX 3.2.5, 4.1.x, 4.2.0, 4.3.x, 5.2 <br>
+BSD/OS 2.x, 3.x, 4.x <br>
+FreeBSD 2.x .. 9.x <br>
+HP-UX  9.x, 10.x, 11.x <br>
+IRIX 5.x, 6.x <br>
+Linux Debian 1.3.1 and later <br>
+Linux RedHat 3.x (January 2004) and later <br>
+Linux Slackware 3.x and later <br>
+Linux SuSE 5.x and later <br>
+Linux Ubuntu 4.10 and later<br>
+Mac OS X <br>
+NEXTSTEP 3.x <br>
+NetBSD 1.x and later <br>
+OPENSTEP 4.x <br>
+OSF1.V3 - OSF1.V5 (Digital UNIX) <br>
+Reliant UNIX 5.x <br>
+SunOS 4.1.4 (March 2007) <br>
+SunOS 5.4 - 5.10 (Solaris 2.4..10) <br>
+Ultrix 4.x (well, that was long ago) <br>
+</p>
+</blockquote>
+
+<p> or something closely resemblant. </p>
+
+-->
+
+<p> Overview of topics: </p>
+
+<ul>
+
+<li><a href="#build_first">4.1 - Getting started</a> 
+
+<li><a href="#build_cc">4.2 - What compiler to use</a>
+
+<li><a href="#build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix &ge; 3.0)</a> 
+
+<li><a href="#build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix &ge; 3.0)</a> 
+
+<li><a href="#build_opt">4.5 - Building with optional features</a>
+
+<li><a href="#build_over">4.6 - Overriding built-in parameter default
+settings</a>
+
+<li><a href="#build_other">4.7 - Overriding other compile-time
+features</a>
+
+<li><a href="#build_proc">4.8 - Support for thousands of processes</a>
+
+<li><a href="#build_final">4.9 - Compiling Postfix, at last</a>
+
+</ul>
+
+
+<h3><a name="build_first">4.1 - Getting started</a> </h3>
+
+<p> On Solaris, the "make" command and other development utilities
+are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command
+search path. If these files do not exist, you need to install the
+development packages first. </p>
+
+<p> If you need to build Postfix for multiple architectures from a
+single source-code tree, use the "lndir" command to build a shadow
+tree with symbolic links to the source files. </p>
+
+<p> If at any time in the build process you get messages like: "make:
+don't know how to ..." you should be able to recover by running
+the following command from the Postfix top-level directory: </p>
+
+<blockquote>
+<pre>
+$ make -f Makefile.init makefiles
+</pre>
+</blockquote>
+
+<p> If you copied the Postfix source code after building it on another
+machine, it is a good idea to cd into the top-level directory and 
+first do this:</p>
+
+<blockquote>
+<pre>
+$ make tidy
+</pre>
+</blockquote>
+
+<p> This will get rid of any system dependencies left over from
+compiling the software elsewhere. </p>
+
+<h3><a name="build_cc">4.2 - What compiler to use</a></h3>
+
+<p> To build with GCC, or with the native compiler if people told me
+that is better for your system, just cd into the top-level Postfix
+directory of the source tree and type: </p>
+
+<blockquote>
+<pre>
+$ make
+</pre>
+</blockquote>
+
+<p> To build with a non-default compiler, you need to specify the name
+of the compiler. Here are a few examples: </p>
+
+<blockquote> 
+<pre>
+$ make makefiles CC=/opt/SUNWspro/bin/cc        (Solaris)
+$ make
+
+$ make makefiles CC="/opt/ansic/bin/cc -Ae"     (HP-UX)
+$ make
+
+$ make makefiles CC="purify cc"
+$ make
+</pre>
+</blockquote>
+
+<p> and so on. In some cases, optimization will be turned off
+automatically. </p>
+
+<h3><a name="build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix &ge; 3.0)</a> </h3>
+
+<p> On some systems Postfix can be built with Position-Independent
+Executables. PIE is used by the ASLR exploit mitigation technique
+(ASLR = Address-Space Layout Randomization): </p>
+
+<blockquote>
+<pre>
+$ make makefiles pie=yes ...other arguments...
+</pre>
+</blockquote>
+
+<p> (Specify "make makefiles pie=no" to explicitly disable Postfix
+position-independent executable support). </p>
+
+<p> Postfix PIE support appears to work on Fedora Core 20, Ubuntu
+14.04, FreeBSD 9 and 10, and NetBSD 6 (all with the default system
+compilers). </p>
+
+<p> Whether the "pie=yes" above has any effect depends on the
+compiler.  Some compilers always produce PIE executables, and some
+may even complain that the Postfix build option is redundant. </p>
+
+<h3><a name="build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix &ge; 3.0)</a> </h3>
+
+<p> Postfix dynamically-linked library and database plugin support
+exists for recent versions of Linux, FreeBSD and MacOS X.
+Dynamically-linked library builds may become the default at some
+point in the future. </p>
+
+<p> Overview of topics: </p>
+
+<ul>
+
+<li><a href="#shared_enable">4.4.1 Turning on Postfix dynamically-linked
+library support</a>
+
+<li><a href="#dynamicmaps_enable">4.4.2 Turning on Postfix database-plugin
+support</a>
+
+<li><a href="#shared_custom">4.4.3 Customizing Postfix dynamically-linked
+libraries and database plugins</a>
+
+<li><a href="#shared_tips">4.4.4 Tips for distribution maintainers</a>
+
+</ul>
+
+<p> Note: directories with Postfix dynamically-linked  libraries
+or database plugins should contain only postfix-related files.
+Postfix dynamically-linked libraries and database plugins should
+not be installed in a "public" system directory such as /usr/lib
+or /usr/local/lib.  Linking Postfix dynamically-linked library or
+database-plugin files into non-Postfix programs is not supported.
+Postfix dynamically-linked libraries and database plugins implement
+a Postfix-internal API that changes without maintaining compatibility.
+</p>
+
+<h4><a name="shared_enable"> 4.4.1 Turning on Postfix dynamically-linked
+library support </a></h4>
+
+<p> Postfix can be built with Postfix dynamically-linked libraries
+(files typically named <tt>libpostfix-*.so</tt>). Postfix
+dynamically-linked libraries add minor run-time overhead and result
+in significantly-smaller Postfix executable files. </p>
+
+<p> Specify "shared=yes" on the "make makefiles" command line to
+build Postfix with dynamically-linked library support. </p>
+
+<blockquote>
+<pre>
+$ make makefiles shared=yes ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> (Specify "make makefiles shared=no" to explicitly disable Postfix
+dynamically-linked library support). </p>
+
+<p> This installs dynamically-linked libraries in $<a href="postconf.5.html#shlib_directory">shlib_directory</a>,
+typically /usr/lib/postfix or /usr/local/lib/postfix, with file
+names libpostfix-<i>name</i>.so, where the <i>name</i> is a source-code
+directory name such as "util" or "global".  </p>
+
+<p> See section 4.4.3 "<a href="#shared_custom">Customizing Postfix
+dynamically-linked libraries and database plugins</a>" below for
+how to customize the Postfix dynamically-linked library location,
+including support to upgrade a running mail system safely.  </p>
+
+<h4><a name="dynamicmaps_enable"> 4.4.2 Turning on Postfix
+database-plugin support </a></h4>
+
+<p> Additionally, Postfix can be built to support dynamic loading
+of Postfix database clients (database plugins) with the Debian-style
+dynamicmaps feature. Postfix 3.0 supports dynamic loading of <a href="CDB_README.html">cdb</a>:,
+<a href="ldap_table.5.html">ldap</a>:, <a href="lmdb_table.5.html">lmdb</a>:, <a href="mysql_table.5.html">mysql</a>:, <a href="pcre_table.5.html">pcre</a>:, <a href="pgsql_table.5.html">pgsql</a>:, <a href="DATABASE_README.html#types">sdbm</a>:, and <a href="sqlite_table.5.html">sqlite</a>: database
+clients.  Dynamic loading is useful when you distribute or install
+pre-compiled Postfix packages. </p>
+
+<p> Specify "dynamicmaps=yes" on the "make makefiles" command line
+to build Postfix with support to dynamically load Postfix database
+clients with the Debian-style dynamicmaps feature.
+</p>
+
+<blockquote>
+<pre>
+$ make makefiles dynamicmaps=yes ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> (Specify "make makefiles dynamicmaps=no" to explicitly disable
+Postfix database-plugin support). </p>
+
+<p> This implicitly enables dynamically-linked library support,
+installs the configuration file dynamicmaps.cf in $<a href="postconf.5.html#meta_directory">meta_directory</a>
+(usually, /etc/postfix or /usr/local/etc/postfix), and installs
+database plugins in $<a href="postconf.5.html#shlib_directory">shlib_directory</a> (see above).  Database plugins
+are named postfix-<i>type</i>.so where the <i>type</i> is a database
+type such as "cdb" or "ldap". </p>
+
+<blockquote>
+
+<p> NOTE: The Postfix 3.0 build procedure expects that you specify
+database library dependencies with variables named <a href="CDB_README.html">AUXLIBS_CDB</a>,
+<a href="LDAP_README.html">AUXLIBS_LDAP</a>, etc.  With Postfix 3.0 and later, the old AUXLIBS
+variable still supports building a statically-loaded database client,
+but only the new <a href="CDB_README.html">AUXLIBS_CDB</a> etc. variables support building a
+dynamically-loaded or statically-loaded CDB etc. database client.
+See <a href="CDB_README.html">CDB_README</a>, <a href="LDAP_README.html">LDAP_README</a>, etc. for details.  </p>
+
+<p> Failure to follow this advice will defeat the purpose of dynamic
+database client loading. Every Postfix executable file will have
+database library dependencies. And that was exactly what dynamic
+database client loading was meant to avoid. </p>
+
+</blockquote>
+
+<p> See the next section for how to customize the location and
+version of Postfix database plugins and the location of the file
+dynamicmaps.cf.  </p>
+
+<h4><a name="shared_custom"> 4.4.3 Customizing Postfix dynamically-linked
+libraries and database plugins </a></h4>
+
+<h5> Customizing build-time and run-time options for Postfix
+dynamically-linked libraries and database plugins </h5>
+
+<p> The build-time environment variables SHLIB_CFLAGS, SHLIB_RPATH,
+and SHLIB_SUFFIX provide control over how Postfix libraries and
+plugins are compiled, linked, and named.
+
+<blockquote>
+<pre>
+$ make makefiles SHLIB_CFLAGS=flags SHLIB_RPATH=rpath SHLIB_SUFFIX=suffix ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> See section 4.7 "<a href="#build_other">Overriding other
+compile-time features</a>" below for details. </p>
+
+<h5> Customizing the location of Postfix dynamically-linked libraries
+and database plugins </h5>
+
+<p> As a reminder, the directories with Postfix dynamically-linked
+libraries or database plugins should contain only Postfix-related
+files.  Linking these files into other programs is not supported.
+</p>
+
+<p> To override the default location of Postfix dynamically-linked
+libraries and database plugins specify, for example: </p>
+
+<blockquote>
+<pre>
+$ make makefiles shared=yes <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
+</pre>
+</blockquote>
+
+<p> If you intend to upgrade Postfix without stopping the mail
+system, then you should append the Postfix release version to the
+<a href="postconf.5.html#shlib_directory">shlib_directory</a> pathname, to eliminate the possibility that programs
+will link with dynamically-linked libraries or database plugins
+from the wrong Postfix version.  For example: </p>
+
+<blockquote>
+<pre>
+$ make makefiles shared=yes \
+    <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
+</pre>
+</blockquote>
+
+<p> The command "make makefiles name=value..." will replace the
+string MAIL_VERSION at the end of a configuration parameter value
+with the Postfix release version. Do not try to specify something
+like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces inconsistent
+results with different versions of the make(1) command.  </p>
+
+<p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> setting after Postfix is
+built, with "make install" or "make upgrade". However, you may have
+to run ldconfig if you change <a href="postconf.5.html#shlib_directory">shlib_directory</a> after Postfix is built
+(the symptom is that Postfix programs fail because the run-time
+linker cannot find the files libpostfix-*.so).  No ldconfig command
+is needed if you keep the files libpostfix-*.so in the compiled-in
+default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
+
+<blockquote>
+<pre>
+# make upgrade <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
+# make install <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
+</pre>
+</blockquote>
+
+<p> To append the Postfix release version to the pathname if you
+intend to upgrade Postfix without stopping the mail system:  </p>
+
+<blockquote>
+<pre>
+# make upgrade <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
+# make install <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
+</pre>
+</blockquote>
+
+<p> See also the comments above for appending MAIL_VERSION with
+the "make makefiles" command. </p>
+
+<h5> Customizing the location of dynamicmaps.cf and other files
+</h5>
+
+<p> The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default setting as
+the <a href="postconf.5.html#config_directory">config_directory</a> parameter, typically /etc/postfix or
+/usr/local/etc/postfix. </p>
+
+<p> You can override the default <a href="postconf.5.html#meta_directory">meta_directory</a> location at compile
+time or after Postfix is built. To override the default location
+at compile time specify, for example: </p>
+
+<blockquote>
+<pre>
+% make makefiles <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
+</pre>
+</blockquote>
+
+<p> Here is a tip if you want to make a pathname dependent on the
+Postfix release version: the command "make makefiles name=value..."
+will replace the string MAIL_VERSION at the end of a configuration
+parameter value with the Postfix release version. Do not try to
+specify something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This
+produces inconsistent results with different versions of the make(1)
+command.  </p>
+
+<p> You can override the <a href="postconf.5.html#meta_directory">meta_directory</a> setting after Postfix is
+built, with "make install" or "make upgrade". </p>
+
+<blockquote>
+<pre>
+# make upgrade <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
+# make install <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
+</pre>
+</blockquote>
+
+<p> As with the command "make makefiles, the command "make
+install/upgrade name=value..." will replace the string MAIL_VERSION
+at the end of a configuration parameter value with the Postfix
+release version.  Do not try to specify something like $<a href="postconf.5.html#mail_version">mail_version</a>
+on this command line. This produces inconsistent results with
+different versions of the make(1) command.  </p>
+
+<h4><a name="shared_tips"> 4.4.4 Tips for distribution maintainers
+</a></h4>
+
+<ul>
+
+<li> <p> The <a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter setting also provides the
+default directory for database plugin files with a relative pathname
+in the file dynamicmaps.cf. </p>
+
+<li> <p> The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter specifies the location of the
+files dynamicmaps.cf, postfix-files, and some multi-instance template
+files. The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default value as
+the <a href="postconf.5.html#config_directory">config_directory</a> parameter (typically, /etc/postfix or
+/usr/local/etc/postfix). For backwards compatibility with Postfix
+2.6 .. 2.11, specify "<a href="postconf.5.html#meta_directory">meta_directory</a> = $<a href="postconf.5.html#daemon_directory">daemon_directory</a>" in <a href="postconf.5.html">main.cf</a>
+before installing or upgrading Postfix, or specify "<a href="postconf.5.html#meta_directory">meta_directory</a>
+= /path/name" on the "make makefiles", "make install" or "make
+upgrade" command line.  </p>
+
+<li> <p> The configuration file dynamicmaps.cf will automatically
+include files under the directory dynamicmaps.cf.d, just like the
+configuration file postfix-files will automatically include files
+under the directory postfix-files.d.  Thanks to this, you can install
+or deinstall a database plugin package without having to edit
+postfix-files or dynamicmaps.cf. Instead, you give that plugin its
+own configuration files under dynamicmaps.cf.d and postfix-files.d, and
+you add or remove those configuration files along with the database
+plugin dynamically-linked object.  </p>
+
+<li> <p> Each configuration file under the directory dynamicmaps.cf.d
+must have the same format as the configuration file dynamicmaps.cf.
+There is no requirement that these configuration file *names* have a
+specific format.  </p>
+
+<li> <p> Each configuration file under the directory postfix-files.d
+must have the same format as the configuration file postfix-files.
+There is no requirement that these configuration file *names* have a
+specific format.  </p>
+
+</ul>
+
+<h3><a name="build_opt">4.5 - Building with optional features</a></h3>
+
+By default, Postfix builds as a mail system with relatively few
+bells and whistles. Support for third-party databases etc.
+must be configured when Postfix is compiled.  The following documents
+describe how to build Postfix with support for optional features:
+
+<blockquote>
+<table border="1">
+
+<tr> <th>Optional feature </th> <th>Document </th> <th>Availability</th>
+</tr>
+
+<tr> <td> Berkeley DB database</td> <td><a href="DB_README.html">DB_README</a></td> <td> Postfix
+1.0 </td> </tr>
+
+<tr> <td> LMDB database</td> <td><a href="LMDB_README.html">LMDB_README</a></td> <td> Postfix
+2.11 </td> </tr>
+
+<tr> <td> LDAP database</td> <td><a href="LDAP_README.html">LDAP_README</a></td> <td> Postfix
+1.0 </td> </tr>
+
+<tr> <td> MySQL database</td> <td><a href="MYSQL_README.html">MYSQL_README</a></td> <td> Postfix
+1.0 </td> </tr>
+
+<tr> <td> Perl compatible regular expression</td> <td><a href="PCRE_README.html">PCRE_README</a></td>
+<td> Postfix 1.0 </td> </tr>
+
+<tr> <td> PostgreSQL database</td> <td><a href="PGSQL_README.html">PGSQL_README</a></td> <td>
+Postfix 2.0 </td> </tr>
+
+<tr> <td> SASL authentication </td> <td><a href="SASL_README.html">SASL_README</a></td> <td>
+Postfix 1.0 </td> </tr>
+
+<tr> <td> SQLite database</td> <td><a href="SQLITE_README.html">SQLITE_README</a></td> <td> Postfix
+2.8 </td> </tr>
+
+<tr> <td> STARTTLS session encryption </td> <td><a href="TLS_README.html">TLS_README</a></td> <td>
+Postfix 2.2 </td> </tr>
+
+</table>
+
+</blockquote>
+
+<p> Note: IP version 6 support is compiled into Postfix on operating
+systems that have IPv6 support. See the <a href="IPV6_README.html">IPV6_README</a> file for details.
+</p>
+
+<h3><a name="build_over">4.6 - Overriding built-in parameter default
+settings</a></h3>
+
+<h4>4.6.1 - Postfix 3.0 and later </h4>
+
+<p> All Postfix configuration parameters can be changed by editing
+a Postfix configuration file, except for one: the parameter that
+specifies the location of Postfix configuration files. In order to
+build Postfix with a configuration directory other than /etc/postfix,
+use: </p>
+
+<blockquote>
+<pre>
+$ make makefiles <a href="postconf.5.html#config_directory">config_directory</a>=/some/where ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> The command "make makefiles name=value ..." will replace the
+string MAIL_VERSION at the end of a configuration parameter value
+with the Postfix release version. Do not try to specify something
+like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces inconsistent
+results with different versions of the make(1) command.  </p>
+
+<p> Parameters whose defaults can be specified in this way are
+listed below. See the <a href="postconf.5.html">postconf(5)</a> manpage for a description
+(command: "<tt>nroff -man man/man5/postconf.5 | less</tt>").  </p>
+
+<blockquote>
+
+<table border="1">
+
+<tr> <th>parameter name</th>  <th>typical default</th> </tr>
+
+<tr> <td><a href="postconf.5.html#command_directory">command_directory</a></td> <td>/usr/sbin</td> </tr>
+
+<tr> <td><a href="postconf.5.html#config_directory">config_directory</a></td> <td>/etc/postfix</td> </tr>
+
+<tr> <td><a href="postconf.5.html#default_database_type">default_database_type</a></td> <td>hash</td> </tr>
+
+<tr> <td><a href="postconf.5.html#daemon_directory">daemon_directory</a></td> <td>/usr/libexec/postfix</td> </tr>
+
+<tr> <td><a href="postconf.5.html#data_directory">data_directory</a></td> <td>/var/lib/postfix</td> </tr>
+
+<tr> <td><a href="postconf.5.html#html_directory">html_directory</a></td> <td>no</td> </tr>
+
+<tr> <td><a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a></td> <td>/var/mail</td> </tr>
+
+<tr> <td><a href="postconf.5.html#mailq_path">mailq_path</a></td> <td>/usr/bin/mailq</td> </tr>
+
+<tr> <td><a href="postconf.5.html#manpage_directory">manpage_directory</a></td> <td>/usr/local/man</td> </tr>
+
+<tr> <td><a href="postconf.5.html#meta_directory">meta_directory</a></td> <td>/etc/postfix</td> </tr>
+
+<tr> <td><a href="postconf.5.html#newaliases_path">newaliases_path</a></td> <td>/usr/bin/newaliases</td> </tr>
+
+<tr> <td><a href="postconf.5.html#openssl_path">openssl_path</a></td> <td>openssl</td> </tr>
+
+<tr> <td><a href="postconf.5.html#queue_directory">queue_directory</a></td> <td>/var/spool/postfix</td> </tr>
+
+<tr> <td><a href="postconf.5.html#readme_directory">readme_directory</a></td> <td>no</td> </tr>
+
+<tr> <td><a href="postconf.5.html#sendmail_path">sendmail_path</a></td> <td>/usr/sbin/sendmail</td> </tr>
+
+<tr> <td><a href="postconf.5.html#shlib_directory">shlib_directory</a></td> <td>/usr/lib/postfix</td> </tr>
+
+</table>
+
+</blockquote>
+
+<h4>4.6.2 - All Postfix versions </h4>
+
+<p> All Postfix configuration parameters can be changed by editing
+a Postfix configuration file, except for one: the parameter that
+specifies the location of Postfix configuration files. In order to
+build Postfix with a configuration directory other than /etc/postfix,
+use: </p>
+
+<blockquote>
+<pre>
+$ make makefiles CCARGS='-DDEF_CONFIG_DIR=\"/some/where\"'
+$ make
+</pre>
+</blockquote>
+
+<p> IMPORTANT: Be sure to get the quotes right. These details matter
+a lot. </p>
+
+<p> Parameters whose defaults can be specified in this way are
+listed below. See the <a href="postconf.5.html">postconf(5)</a> manpage for a description
+(command: "<tt>nroff -man man/man5/postconf.5 | less</tt>").  </p>
+
+<blockquote>
+
+<table border="1">
+
+<tr><th> Macro name </th> <th>default value for</th>  <th>typical
+default</th> </tr>
+
+<tr> <td>DEF_COMMAND_DIR</td> <td><a href="postconf.5.html#command_directory">command_directory</a></td>
+<td>/usr/sbin</td> </tr>
+
+<tr> <td>DEF_CONFIG_DIR</td> <td><a href="postconf.5.html#config_directory">config_directory</a></td>
+<td>/etc/postfix</td> </tr>
+
+<tr> <td>DEF_DB_TYPE</td> <td><a href="postconf.5.html#default_database_type">default_database_type</a></td>
+<td>hash</td> </tr>
+
+<tr> <td>DEF_DAEMON_DIR</td> <td><a href="postconf.5.html#daemon_directory">daemon_directory</a></td>
+<td>/usr/libexec/postfix</td> </tr>
+
+<tr> <td>DEF_DATA_DIR</td> <td><a href="postconf.5.html#data_directory">data_directory</a></td>
+<td>/var/lib/postfix</td> </tr>
+
+<tr> <td>DEF_MAILQ_PATH</td> <td><a href="postconf.5.html#mailq_path">mailq_path</a></td> <td>/usr/bin/mailq</td>
+</tr>
+
+<tr> <td>DEF_HTML_DIR</td> <td><a href="postconf.5.html#html_directory">html_directory</a></td>
+<td>no</td> </tr>
+
+<tr> <td>DEF_MANPAGE_DIR</td> <td><a href="postconf.5.html#manpage_directory">manpage_directory</a></td>
+<td>/usr/local/man</td> </tr>
+
+<tr> <td>DEF_NEWALIAS_PATH</td> <td><a href="postconf.5.html#newaliases_path">newaliases_path</a></td>
+<td>/usr/bin/newaliases</td> </tr>
+
+<tr> <td>DEF_QUEUE_DIR</td> <td><a href="postconf.5.html#queue_directory">queue_directory</a></td>
+<td>/var/spool/postfix</td> </tr>
+
+<tr> <td>DEF_README_DIR</td> <td><a href="postconf.5.html#readme_directory">readme_directory</a></td>
+<td>no</td> </tr>
+
+<tr> <td>DEF_SENDMAIL_PATH</td> <td><a href="postconf.5.html#sendmail_path">sendmail_path</a></td>
+<td>/usr/sbin/sendmail</td> </tr>
+
+</table>
+
+</blockquote>
+
+<p> Note: the <a href="postconf.5.html#data_directory">data_directory</a> parameter (for caches and pseudo-random
+numbers) was introduced with Postfix version 2.5. </p>
+
+<h3><a name="build_other">4.7 - Overriding other compile-time
+features</a></h3>
+
+<p> The general method to override Postfix compile-time features
+is as follows: </p>
+
+<blockquote>
+<pre>
+$ make makefiles name=value name=value...
+$ make
+</pre>
+</blockquote>
+
+<p> The following is an extensive list of names and values. </p>
+
+<table border="1">
+
+<tr> <th colspan="2"> Name/Value </th> <th> Description </th> </tr>
+
+<tr> <td colspan="2"> AUXLIBS="object_library..."</td> <td> Specifies
+one or more non-default object libraries. Postfix 3.0 and later
+specify some of their database library dependencies with <a href="CDB_README.html">AUXLIBS_CDB</a>,
+<a href="LDAP_README.html">AUXLIBS_LDAP</a>, <a href="LMDB_README.html">AUXLIBS_LMDB</a>, <a href="MYSQL_README.html">AUXLIBS_MYSQL</a>, <a href="PCRE_README.html">AUXLIBS_PCRE</a>, <a href="PGSQL_README.html">AUXLIBS_PGSQL</a>,
+<a href="SDBM_README.html">AUXLIBS_SDBM</a>, and <a href="SQLITE_README.html">AUXLIBS_SQLITE</a>, respectively. </td> </tr>
+
+<tr> <td colspan="2"> CC=compiler_command</td> <td> Specifies a
+non-default compiler. On many systems, the default is <tt>gcc</tt>.
+</td> </tr>
+
+<tr> <td colspan="2"> CCARGS="compiler_arguments..."</td> <td>
+Specifies non-default compiler arguments, for example, a non-default
+<tt>include</tt> directory.  The following directives turn
+off Postfix features at compile time:</td> </tr>
+
+<tr> <td> </td> <td> -DNO_DB </td> <td> Do not build with Berkeley
+DB support. By default, Berkeley DB support is compiled in on
+platforms that are known to support this feature. If you override
+this, then you probably should also override DEF_DB_TYPE as described
+in section 4.6.  </td> </tr>
+
+<tr> <td> </td> <td> -DNO_DNSSEC </td> <td> Do not build with DNSSEC
+support, even if the resolver library appears to support it. </td>
+</tr>
+
+<tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with
+Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt>
+support is compiled in on Solaris versions that are known to support
+this feature.  </td> </tr>
+
+<tr> <td> </td> <td> -DNO_EPOLL </td> <td> Do not build with Linux
+EPOLL support.  By default, EPOLL support is compiled in on platforms
+that are known to support this feature. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_EAI </td> <td> Do not build with EAI
+(SMTPUTF8) support. By default, EAI support is compiled in when 
+the "icuuc" library and header files are found.  </td> </tr>
+
+<tr> <td> </td> <td> -DNO_INLINE </td> <td> Do not require support
+for C99 "inline" functions. Instead, implement argument typechecks
+for non-printf/scanf-like functions with ternary operators and
+unreachable code. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_IPV6 </td> <td> Do not build with IPv6
+support. By default, IPv6 support is compiled in on platforms that
+are known to have IPv6 support. Note: this directive is for debugging
+And testing only. It is not guaranteed to work on all platforms.
+If you don't want IPv6 support, set "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4" in
+<a href="postconf.5.html">main.cf</a>.
+</td> </tr>
+
+<tr> <td> </td> <td> -DNO_KQUEUE </td> <td> Do not build with FreeBSD
+/ NetBSD / OpenBSD / MacOSX KQUEUE support. By default, KQUEUE
+support is compiled in on platforms that are known to support it.
+</td> </tr>
+
+<tr> <td> </td> <td> -DNO_NIS </td> <td> Do not build with NIS or
+NISPLUS support. NIS is not available on some recent Linux
+distributions. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_NISPLUS </td> <td> Do not build with
+NISPLUS support. NISPLUS is not available on some recent Solaris
+distributions. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_PCRE </td> <td> Do not build with PCRE
+support. By default, PCRE support is compiled in when the
+<tt>pcre-config</tt> utility is installed. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_POSIX_GETPW_R </td> <td> Disable support
+for POSIX <tt>getpwnam_r/getpwuid_r</tt>. By default Postfix uses
+these where they are known to be available. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_SIGSETJMP </td> <td> Use
+<tt>setjmp()/longjmp()</tt> instead of <tt>sigsetjmp()/siglongjmp()</tt>.
+By default, Postfix uses <tt>sigsetjmp()/siglongjmp()</tt> when
+they are known to be available. </td> </tr>
+
+<tr> <td> </td> <td> -DNO_SNPRINTF </td> <td> Use <tt>sprintf()</tt>
+instead of <tt>snprintf()</tt>.  By default, Postfix uses
+<tt>snprintf()</tt> except on ancient systems. </td> </tr>
+
+<tr> <td colspan="2"> DEBUG=debug_level </td> <td> Specifies a
+non-default compiler debugging level. The default is "<tt>-g</tt>".
+Specify DEBUG= to turn off debugging. </td> </tr>
+
+<tr> <td colspan="2"> OPT=optimization_level </td> <td> Specifies
+a non-default optimization level. The default is "<tt>-O</tt>".
+Specify OPT= to turn off optimization. </td> </tr>
+
+<tr> <td colspan="2"> POSTFIX_INSTALL_OPTS=-option... </td> <td>
+Specifies options for the <tt>postfix-install</tt> command, separated
+by whitespace. Currently, the only supported option is
+"<tt>-keep-build-mtime</tt>". </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_CFLAGS=flags </td> <td> Specifies
+non-default compiler options for building Postfix dynamically-linked
+libraries and database plugins. The typical default is "-fPIC".
+</td> </tr>
+
+<tr> <td colspan="2"> SHLIB_RPATH=rpath </td> <td> Specifies
+a non-default runpath for Postfix dynamically-linked libraries. The
+typical default is "'-Wl,-rpath,${SHLIB_DIR}'". </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_SUFFIX=suffix </td> <td> Specifies
+a non-default suffix for Postfix dynamically-linked libraries and
+database plugins.  The typical default is "<tt>.so</tt>". </td>
+</tr>
+
+<tr> <td colspan="2"> WARN="warning_flags..." </td> <td> Specifies
+non-default compiler warning options for use when "<tt>make</tt>"
+is invoked in a source subdirectory only. </td>
+</tr>
+
+</table>
+
+<h3><a name="build_proc">4.8 - Support for thousands of processes</a></h3>
+
+<p> The number of connections that Postfix can manage simultaneously
+is limited by the number of processes that it can run.  This number
+in turn is limited by the number of files and sockets that a single
+process can open. For example, the Postfix queue manager has a
+separate connection to each delivery process, and the <a href="anvil.8.html">anvil(8)</a>
+server has one connection per <a href="smtpd.8.html">smtpd(8)</a> process. </p>
+
+<p> Postfix version 2.4 and later have no built-in limits on the
+number of open files or sockets, when compiled on systems that
+support one of the following: </p>
+
+<ul>
+
+<li> BSD kqueue(2) (FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9),
+
+<li> Solaris 8 /dev/poll,
+
+<li> Linux 2.6 epoll(4).
+
+</ul>
+
+
+<p> With other Postfix versions or operating systems, the number
+of file descriptors per process is limited by the value of the
+FD_SETSIZE macro. If you expect to run more than 1000 mail delivery
+processes, you may need to override the definition of the FD_SETSIZE
+macro to make select() work correctly: </p>
+
+<blockquote>
+<pre>
+$ make makefiles CCARGS=-DFD_SETSIZE=2048
+</pre>
+</blockquote>
+
+<p> Warning: the above has no effect on some Linux versions.
+Apparently, on these systems the FD_SETSIZE value can be changed
+only by using undocumented interfaces. Currently, that means
+including &lt;bits/types.h&gt; directly (which is not allowed) and
+overriding the __FD_SETSIZE macro. Beware, undocumented interfaces
+can change at any time and without warning. </p>
+
+<p> But wait, there is more: none of this will work unless the
+operating system is configured to handle thousands of connections.
+See the <a href="TUNING_README.html">TUNING_README</a> guide for examples of how to increase the
+number of open sockets or files. </p>
+
+<h3><a name="build_final">4.9 - Compiling Postfix, at last</a></h3>
+
+<p> If the command </p>
+
+<blockquote>
+<pre>
+$ make
+</pre>
+</blockquote>
+
+<p> is successful, then you can proceed to <a href="#install">install</a>
+Postfix (section 6).
+
+<p> If the command produces compiler error messages, it may be time
+to search the web or to ask the postfix-users@postfix.org mailing
+list, but be sure to search the mailing list archives first. Some
+mailing list archives are linked from <a href="http://www.postfix.org/">http://www.postfix.org/</a>. </p>
+
+<h2> <a name="5">5 - Porting Postfix to an unsupported system</a> </h2>
+
+<p> Each system type that Postfix knows is identified by a unique
+name. Examples:  SUNOS5, FREEBSD4, and so on.  When porting Postfix
+to a new system, the first step is to choose a SYSTEMTYPE name for
+the new system. You must use a name that includes at least the
+major version of the operating system (such as SUNOS4 or LINUX2),
+so that different releases of the same system can be supported
+without confusion.  </p>
+
+<p> Add a case statement to the "makedefs" shell script in the
+source code top-level directory that recognizes the new system
+reliably, and that emits the right system-specific information.
+Be sure to make the code robust against user PATH settings; if the
+system offers multiple UNIX flavors (e.g. BSD and SYSV) be sure to
+build for the native flavor, instead of the emulated one. </p>
+
+<p> Add an "#ifdef SYSTEMTYPE" section to the central util/sys_defs.h
+include file.  You may have to invent new feature macro names.
+Please choose sensible feature macro names such as HAS_DBM or
+FIONREAD_IN_SYS_FILIO_H.  
+
+<p> I strongly recommend against using "#ifdef SYSTEMTYPE" in
+individual source files.  While this may look like the quickest
+solution, it will create a mess when newer versions of the same
+SYSTEMTYPE need to be supported.  You're likely to end up placing
+"#ifdef" sections all over the source code again.  </p>
+
+<h2><a name="install">6 - Installing the software after successful
+compilation</a></h2>
+
+<p> This text describes how to install Postfix from source code.
+See the <a href="PACKAGE_README.html">PACKAGE_README</a> file if you are building a package for
+distribution to other systems. </p>
+
+<h3>6.1 - Save existing Sendmail binaries</h3>
+
+<p> <a name="save">IMPORTANT</a>: if you are REPLACING an existing
+Sendmail installation with Postfix, you may need to keep the old
+sendmail program running for some time in order to flush the mail
+queue. </p>
+
+<ul>
+
+<li> <p> Some systems implement a mail switch mechanism where
+different MTAs (Postfix, Sendmail, etc.) can be installed at the
+same time, while only one of them is actually being used. Examples
+of such switching mechanisms are the FreeBSD mailwrapper(8) or the
+Linux mail switch.  In this case you should try to "flip" the switch
+to "Postfix" before installing Postfix. </p>
+
+<li> <p> If your system has no mail switch mechanism, execute the
+following commands (your sendmail, newaliases and mailq programs
+may be in a different place): </p>
+
+<pre>
+# mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
+# mv /usr/bin/newaliases /usr/bin/newaliases.OFF
+# mv /usr/bin/mailq /usr/bin/mailq.OFF
+# chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF \
+    /usr/bin/mailq.OFF
+</pre>
+
+</ul>
+
+<h3>6.2 - Create account and groups</h3>
+
+<p> Before you install Postfix for the first time you need to
+create an account and a group:</p>
+
+<ul>
+
+<li> <p> Create a user account "postfix" with a user id and group
+id that are not used by any other user account.  Preferably, this
+is an account that no-one can log into.  The account does not need
+an executable login shell, and needs no existing home directory.
+My password and group file entries look like this: </p>
+
+<blockquote>
+<pre>
+/etc/passwd:
+    postfix:*:12345:12345:postfix:/no/where:/no/shell
+
+/etc/group:
+    postfix:*:12345:
+</pre>
+</blockquote>
+
+<p> Note: there should be no whitespace before "postfix:". </p>
+
+<li> <p> Create a group "postdrop" with a group id that is not used
+by any other user account. Not even by the postfix user account.
+My group file entry looks like:
+
+<blockquote>
+<pre>
+/etc/group:
+    postdrop:*:54321:
+</pre>
+</blockquote>
+
+<p> Note: there should be no whitespace before "postdrop:". </p>
+
+</ul>
+
+<h3>6.3 - Install Postfix</h3>
+
+<p> To install or upgrade Postfix from compiled source code, run
+one of the following commands as the super-user:</p>
+
+<blockquote>
+<pre>
+# make install       (interactive version, first time install)
+
+# make upgrade       (non-interactive version, for upgrades)
+</pre>
+</blockquote>
+
+<ul>
+
+<li> <p> The interactive version ("make install") asks for pathnames
+for Postfix data and program files, and stores your preferences in
+the <a href="postconf.5.html">main.cf</a> file. <b> If you don't want Postfix to overwrite
+non-Postfix "sendmail", "mailq" and "newaliases" files, specify
+pathnames that end in ".postfix"</b>. </p>
+
+<li> <p> The non-interactive version ("make upgrade") needs the
+/etc/postfix/<a href="postconf.5.html">main.cf</a> file from a previous installation. If the file
+does not exist, use interactive installation ("make install")
+instead. </p>
+
+<li> <p> If you specify name=value arguments on the "make install"
+or "make upgrade" command line, then these will take precedence
+over compiled-in default settings or <a href="postconf.5.html">main.cf</a> settings. </p>
+
+<p> The command "make install/upgrade name=value ..." will replace
+the string MAIL_VERSION at the end of a configuration parameter
+value with the Postfix release version. Do not try to specify
+something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces
+inconsistent results with different versions of the make(1) command.
+</p>
+
+</ul>
+
+<h3>6.4 - Configure Postfix</h3>
+
+<p> Proceed to the section on how you wish to run Postfix on
+your particular machine: </p>
+
+<ul>
+
+<li> <p> <a href="#send_only">Send</a> mail only, without changing
+an existing Sendmail installation (section 7). </p>
+
+<li> <p> <a href="#send_receive">Send and receive</a> mail via a
+virtual host interface, still without any change to an existing
+Sendmail installation (section 8). </p>
+
+<li> <p> Run Postfix <a href="#replace">instead of</a> Sendmail
+(section 9). </p>
+
+</ul>
+
+<h2><a name="send_only">7 - Configuring Postfix to send mail
+only</a></h2>
+
+<p> If you are going to use Postfix to send mail only, there is no
+need to change your existing sendmail setup. Instead, set up your
+mail user agent so that it calls the Postfix sendmail program
+directly. </p>
+
+<p> Follow the instructions in the "<a href="#mandatory">Mandatory
+configuration file edits</a>" in section 10, and review the "<a
+href="#hamlet">To chroot or not to chroot</a>" text in section
+11. </p>
+
+<p> You MUST comment out the "smtp inet" entry in /etc/postfix/<a href="master.5.html">master.cf</a>,
+in order to avoid conflicts with the real sendmail. Put a "#"
+character in front of the line that defines the smtpd service: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    #smtp      inet  n       -       n       -       -       smtpd
+</pre>
+</blockquote>
+
+<p> Start the Postfix system: </p>
+
+<blockquote>
+<pre>
+# postfix start
+</pre>
+</blockquote>
+
+<p> or, if you feel nostalgic, use the Postfix sendmail command: </p>
+
+<blockquote>
+<pre>
+# sendmail -bd -qwhatever
+</pre>
+</blockquote>
+
+<p> and watch your maillog file for any error messages. The pathname
+is /var/log/maillog, /var/log/mail, /var/log/syslog, or something
+else. Typically, the pathname is defined in the /etc/syslog.conf
+file. </p>
+
+<blockquote>
+<pre>
+$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
+</pre>
+</blockquote>
+
+<p> Note: the most important error message is logged first. Later
+messages are not as useful. </p>
+
+<p> In order to inspect the mail queue, use one of the following
+commands: </p>
+
+<blockquote>
+<pre>
+$ mailq
+
+$ sendmail -bp
+
+$ postqueue -p
+</pre>
+</blockquote>
+
+<p> See also the "<a href="#care">Care and feeding</a>" section 12
+below.  </p>
+
+<h2><a name="send_receive">8 - Configuring Postfix to send and
+receive mail via virtual interface</a></h2>
+
+<p> Alternatively, you can use the Postfix system to send AND
+receive mail while leaving your Sendmail setup intact, by running
+Postfix on a virtual interface address.  Simply configure your mail
+user agent to directly invoke the Postfix sendmail program.  </p>
+
+<p> To create a virtual network interface address, study your
+system ifconfig manual page. The command syntax could be any
+of: </p>
+
+<blockquote>
+<pre>
+# <b>ifconfig le0:1 &lt;address&gt; netmask &lt;mask&gt; up</b>
+# <b>ifconfig en0 alias &lt;address&gt; netmask 255.255.255.255</b>
+</pre>
+</blockquote>
+
+<p> In the /etc/postfix/<a href="postconf.5.html">main.cf</a> file, I would specify </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#myhostname">myhostname</a> = virtual.host.tld
+    <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
+    <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
+</pre>
+</blockquote>
+
+<p> Follow the instructions in the "<a href="#mandatory">Mandatory
+configuration file edits</a>" in section 10, and review the "<a
+name="#hamlet">To chroot or not to chroot</a>" text in section
+11. </p>
+
+<p> Start the Postfix system: </p>
+
+<blockquote>
+<pre>
+# postfix start
+</pre>
+</blockquote>
+
+<p> or, if you feel nostalgic, use the Postfix sendmail command: </p>
+
+<blockquote>
+<pre>
+# sendmail -bd -qwhatever
+</pre>
+</blockquote>
+
+<p> and watch your maillog file for any error messages. The pathname
+is /var/log/maillog, /var/log/mail, /var/log/syslog, or something
+else. Typically, the pathname is defined in the /etc/syslog.conf
+file. </p>
+
+<blockquote>
+<pre>
+$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
+</pre>
+</blockquote>
+
+<p> Note: the most important error message is logged first. Later
+messages are not as useful. </p>
+
+<p> In order to inspect the mail queue, use one of the following
+commands: </p>
+
+<blockquote>
+<pre>
+$ mailq
+
+$ sendmail -bp
+
+$ postqueue -p
+</pre>
+</blockquote>
+
+<p> See also the "<a href="#care">Care and feeding</a>" section 12
+below.  </p>
+
+<h2><a name="replace">9 - Running Postfix instead of Sendmail</a></h2>
+
+<p> Prior to installing Postfix you should <a href="#save">save</a>
+any existing sendmail program files as described in section 6.  Be
+sure to keep the old sendmail running for at least a couple days
+to flush any unsent mail. To do so, stop the sendmail daemon and
+restart it as: </p>
+
+<blockquote>
+<pre>
+# /usr/sbin/sendmail.OFF -q
+</pre>
+</blockquote>
+
+<p> Note: this is old sendmail syntax. Newer versions use separate
+processes for mail submission and for running the queue. </p>
+
+<p> After you have visited the "<a href="#mandatory">Mandatory
+configuration file edits</a>" section below, you can start the
+Postfix system with: </p>
+
+<blockquote>
+<pre>
+# postfix start
+</pre>
+</blockquote>
+
+<p> or, if you feel nostalgic, use the Postfix sendmail command: </p>
+
+<blockquote>
+<pre>
+# sendmail -bd -qwhatever
+</pre>
+</blockquote>
+
+<p> and watch your maillog file for any error messages. The pathname
+is /var/log/maillog, /var/log/mail, /var/log/syslog, or something
+else. Typically, the pathname is defined in the /etc/syslog.conf
+file. </p>
+
+<blockquote>
+<pre>
+$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
+</pre>
+</blockquote>
+
+<p> Note: the most important error message is logged first. Later
+messages are not as useful. </p>
+
+<p> In order to inspect the mail queue, use one of the following
+commands: </p>
+
+<blockquote>
+<pre>
+$ mailq
+
+$ sendmail -bp
+
+$ postqueue -p
+</pre>
+</blockquote>
+
+<p> See also the "<a href="#care">Care and feeding</a>" section 12
+below.  </p>
+
+<h2><a name="mandatory">10 - Mandatory configuration file edits</a></h2>
+
+<p> Note: the material covered in this section is covered in more
+detail in the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> document. The information
+presented below is targeted at experienced system administrators.
+</p>
+
+<h3>10.1 - Postfix configuration files</h3>
+
+<p> By default, Postfix configuration files are in /etc/postfix.
+The two most important files are <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a>; these files
+must be owned by root.  Giving someone else write permission to
+<a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a> (or to their parent directories) means giving
+root privileges to that person. </p>
+
+<p> In /etc/postfix/<a href="postconf.5.html">main.cf</a>, you will have to set up a minimal number
+of configuration parameters.  Postfix configuration parameters  
+resemble shell variables, with two important differences: the first  
+one is that Postfix does not know about quotes like the UNIX shell
+does.</p>
+
+<p> You specify a configuration parameter as: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    parameter = value
+</pre>
+</blockquote>
+
+<p> and you use it by putting a "$" character in front of its name: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    other_parameter = $parameter
+</pre>
+</blockquote>
+
+<p> You can use $parameter before it is given a value (that is the
+second main difference with UNIX shell variables). The Postfix
+configuration language uses lazy evaluation, and does not look at
+a parameter value until it is needed at runtime.  </p>
+
+<p> Whenever you make a change to the <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a> file,
+execute the following command in order to refresh a running mail
+system: </p>
+
+<blockquote>
+<pre>
+# postfix reload
+</pre>
+</blockquote>
+
+<h3>10.2 - Default domain for unqualified addresses</h3>
+
+<p> First of all, you must specify what domain will be appended to an
+unqualified address (i.e. an address without @domain.tld). The
+"<a href="postconf.5.html#myorigin">myorigin</a>" parameter defaults to the local hostname, but that is
+probably OK only for very small sites.  </p>
+
+<p> Some examples (use only one): </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#myhostname">myhostname</a>    (send mail as "user@$<a href="postconf.5.html#myhostname">myhostname</a>")
+    <a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a>      (send mail as "user@$<a href="postconf.5.html#mydomain">mydomain</a>")
+</pre>
+</blockquote>
+
+<h3>10.3 - What domains to receive locally</h3>
+
+<p> Next you need to specify what mail addresses Postfix should deliver
+locally. </p>
+
+<p> Some examples (use only one): </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost
+    <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost, $<a href="postconf.5.html#mydomain">mydomain</a>
+    <a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
+</pre>
+</blockquote>
+
+<p>The first example is appropriate for a workstation, the second
+is appropriate for the mailserver for an entire domain. The third
+example should be used when running on a virtual host interface.</p>
+
+<h3>10.4 - Proxy/NAT interface addresses </h3>
+
+<p> The <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameter specifies all network addresses
+that Postfix receives mail on by way of a proxy or network address
+translation unit. You may specify symbolic hostnames instead of
+network addresses. </p>
+
+<p> IMPORTANT: You must specify your proxy/NAT external addresses
+when your system is a backup MX host for other domains, otherwise
+mail delivery loops will happen when the primary MX host is down.
+</p>
+
+<p> Example: host behind NAT box running a backup MX host. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4 (the proxy/NAT external network address)
+</pre>
+</blockquote>
+
+<h3>10.5 - What local clients to relay mail from </h3>
+
+<p> If your machine is on an open network then you must specify
+what client IP addresses are authorized to relay their mail through
+your machine into the Internet.  The default setting includes all
+subnetworks that the machine is attached to. This may give relay
+permission to too many clients.  My own settings are: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#mynetworks">mynetworks</a> = 168.100.189.0/28, 127.0.0.0/8
+</pre>
+</blockquote>
+
+<h3>10.6 - What relay destinations to accept from strangers </h3>
+
+<p> If your machine is on an open network then you must also specify
+whether Postfix will forward mail from strangers.  The default
+setting will forward mail to all domains (and subdomains of) what
+is listed in $<a href="postconf.5.html#mydestination">mydestination</a>.  This may give relay permission for
+too many destinations.  Recommended settings (use only one): </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#relay_domains">relay_domains</a> =            (do not forward mail from strangers)
+    <a href="postconf.5.html#relay_domains">relay_domains</a> = $<a href="postconf.5.html#mydomain">mydomain</a>  (my domain and subdomains)
+    <a href="postconf.5.html#relay_domains">relay_domains</a> = $<a href="postconf.5.html#mydomain">mydomain</a>, other.domain.tld, ...
+</pre>
+</blockquote>
+
+<h3>10.7 - Optional: configure a smart host for remote delivery</h3>
+
+<p> If you're behind a firewall, you should set up a <a href="postconf.5.html#relayhost">relayhost</a>.  If
+you can, specify the organizational domain name so that Postfix
+can use DNS lookups, and so that it can fall back to a secondary
+MX host when the primary MX host is down. Otherwise just specify
+a hard-coded hostname.  </p>
+
+<p> Some examples (use only one): </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
+    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.$<a href="postconf.5.html#mydomain">mydomain</a>]
+</pre>
+</blockquote>
+
+<p> The form enclosed with <tt>[]</tt> eliminates DNS MX lookups. </p>
+
+<p> By default, the SMTP client will do DNS lookups even when you
+specify a <a href="postconf.5.html#relayhost">relay host</a>. If your machine has no access to a DNS server,
+turn off SMTP client DNS lookups like this: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> = yes
+</pre>
+</blockquote>
+
+<p> The <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> file has more hints and tips for
+firewalled and/or dial-up networks. </p>
+
+<h3>10.8 - Create the aliases database</h3>
+
+<p> Postfix uses a Sendmail-compatible <a href="aliases.5.html">aliases(5)</a> table to redirect
+mail for <a href="local.8.html">local(8)</a> recipients.  Typically, this information is kept
+in two files: in a text file /etc/aliases and in an indexed file
+/etc/aliases.db.  The command "postconf <a href="postconf.5.html#alias_maps">alias_maps</a>" will tell you
+the exact location of the text file.  </p>
+
+<p> First, be sure to update the text file with aliases for root,
+postmaster and "postfix" that forward mail to a real person.  Postfix
+has a sample aliases file /etc/postfix/aliases that you can adapt
+to local conditions.  </p>
+
+<blockquote>
+<pre>
+/etc/aliases:
+    root: you
+    postmaster: root
+    postfix: root
+    bin: root
+    <i>etcetera...</i>
+</pre>
+</blockquote>
+
+<p> Note: there should be no whitespace before the ":". </p>
+
+<p> Finally, build the indexed aliases file with one of the
+following commands: </p>
+
+<blockquote>
+<pre>
+# newaliases
+# sendmail -bi
+</pre>
+</blockquote>
+
+<h2><a name="hamlet">11 - To chroot or not to chroot</a></h2>
+
+<p> Postfix daemon processes can be configured (via <a href="master.5.html">master.cf</a>) to
+run in a chroot jail.  The processes run at a fixed low privilege
+and with access only to the Postfix queue directories (/var/spool/postfix).
+This provides a significant barrier against intrusion. The barrier
+is not impenetrable, but every little bit helps. </p>
+
+<p> With the exception of Postfix daemons that deliver mail locally
+and/or that execute non-Postfix commands, every Postfix daemon can
+run chrooted. </p>
+
+<p> Sites with high security requirements should consider to chroot
+all daemons that talk to the network:  the <a href="smtp.8.html">smtp(8)</a> and <a href="smtpd.8.html">smtpd(8)</a>
+processes, and perhaps also the <a href="lmtp.8.html">lmtp(8)</a> client. The author's own
+porcupine.org mail server runs all daemons chrooted that can be
+chrooted. </p>
+
+<p> The default /etc/postfix/<a href="master.5.html">master.cf</a> file specifies that no
+Postfix daemon runs chrooted.  In order to enable chroot operation,
+edit the file /etc/postfix/<a href="master.5.html">master.cf</a>. Instructions are in the file.
+</p>
+
+<p> Note that a chrooted daemon resolves all filenames relative to
+the Postfix queue directory (/var/spool/postfix). For successful
+use of a chroot jail,  most UNIX systems require you to bring in
+some files or device nodes.  The examples/chroot-setup directory
+in the source code distribution has a collection of scripts that
+help you set up Postfix chroot environments on different operating
+systems. </p>
+
+<p> Additionally, you almost certainly need to configure syslogd
+so that it listens on a socket inside the Postfix queue directory.
+Examples for specific systems: </p>
+
+<dl>
+
+<dt> FreeBSD: </dt>
+
+<dd> <pre>
+# mkdir -p /var/spool/postfix/var/run
+# syslogd -l /var/spool/postfix/var/run/log
+</pre> </dd>
+
+<dt> Linux, OpenBSD: </dt>
+
+<dd> <pre>
+# mkdir -p /var/spool/postfix/dev
+# syslogd -a /var/spool/postfix/dev/log
+</pre> </dd>
+
+</dl>
+
+<h2><a name="care">12 - Care and feeding of the Postfix system</a></h2>
+
+<p> Postfix daemon processes run in the background, and log problems
+and normal activity to the syslog daemon. The names of logfiles
+are specified in /etc/syslog.conf. At the very least you need
+something like:  </p>
+
+<blockquote>
+<pre>
+/etc/syslog.conf:
+    mail.err                                    /dev/console
+    mail.debug                                  /var/log/maillog
+</pre>
+</blockquote>
+
+<p> IMPORTANT: the syslogd will not create files. You must create
+them before (re)starting syslogd. </p>
+
+<p> IMPORTANT: on Linux you need to put a "-" character before
+the pathname, e.g., -/var/log/maillog, otherwise the syslogd
+will use more system resources than Postfix does. </p>
+
+<p> Hopefully, the number of problems will be small, but it is a good
+idea to run every night before the syslog files are rotated: </p>
+
+<blockquote>
+<pre>
+# postfix check
+# egrep '(reject|warning|error|fatal|panic):' /some/log/file
+</pre>
+</blockquote>
+
+<ul>
+
+<li> <p> The first line (postfix check) causes Postfix to report
+file permission/ownership discrepancies. </p>
+
+<li> <p> The second line looks for problem reports from the mail
+software, and reports how effective the relay and junk mail access
+blocks are.  This may produce a lot of output.  You will want to
+apply some postprocessing to eliminate uninteresting information.
+</p>
+
+</ul>
+
+<p>  The <a href="DEBUG_README.html#logging"> DEBUG_README </a>
+document describes the meaning of the "warning" etc. labels in
+Postfix logging. </p>
+
+</body>
+
+</html>

data/incoming/MYSQL_README.txt

@@ -0,0 +1,133 @@
+PPoossttffiixx MMyySSQQLL HHoowwttoo
+
+-------------------------------------------------------------------------------
+
+IInnttrroodduuccttiioonn
+
+The Postfix mysql map type allows you to hook up Postfix to a MySQL database.
+This implementation allows for multiple mysql databases: you can use one for a
+virtual(5) table, one for an access(5) table, and one for an aliases(5) table
+if you want. You can specify multiple servers for the same database, so that
+Postfix can switch to a good database server if one goes bad.
+
+Busy mail servers using mysql maps will generate lots of concurrent mysql
+clients, so the mysql server(s) should be run with this fact in mind. You can
+reduce the number of concurrent mysql clients by using the Postfix proxymap(8)
+service.
+
+BBuuiillddiinngg PPoossttffiixx wwiitthh MMyySSQQLL ssuuppppoorrtt
+
+These instructions assume that you build Postfix from source code as described
+in the INSTALL document. Some modification may be required if you build Postfix
+from a vendor-specific source package.
+
+Note: to use mysql with Debian GNU/Linux's Postfix, all you need is to install
+the postfix-mysql package and you're done. There is no need to recompile
+Postfix.
+
+The Postfix MySQL client utilizes the mysql client library, which can be
+obtained from:
+
+    http://www.mysql.com/downloads/
+    http://sourceforge.net/projects/mysql/
+
+In order to build Postfix with mysql map support, you will need to add -
+DHAS_MYSQL and -I for the directory containing the mysql headers, and the
+mysqlclient library (and libm) to AUXLIBS_MYSQL, for example:
+
+    make -f Makefile.init makefiles \
+        'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
+        'AUXLIBS_MYSQL=-L/usr/local/mysql/lib -lmysqlclient -lz -lm'
+
+Postfix versions before 3.0 use AUXLIBS instead of AUXLIBS_MYSQL. With Postfix
+3.0 and later, the old AUXLIBS variable still supports building a statically-
+loaded MySQL database client, but only the new AUXLIBS_MYSQL variable supports
+building a dynamically-loaded or statically-loaded MySQL database client.
+
+    Failure to use the AUXLIBS_MYSQL variable will defeat the purpose of
+    dynamic database client loading. Every Postfix executable file will have
+    MYSQL database library dependencies. And that was exactly what dynamic
+    database client loading was meant to avoid.
+
+On Solaris, use this instead:
+
+    make -f Makefile.init makefiles \
+        'CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include' \
+        'AUXLIBS_MYSQL=-L/usr/local/mysql/lib -R/usr/local/mysql/lib \
+            -lmysqlclient -lz -lm'
+
+Then, just run 'make'. This requires libz, the compression library. Older mysql
+implementations build without libz.
+
+UUssiinngg MMyySSQQLL ttaabblleess
+
+Once Postfix is built with mysql support, you can specify a map type in main.cf
+like this:
+
+    alias_maps = mysql:/etc/postfix/mysql-aliases.cf
+
+The file /etc/postfix/mysql-aliases.cf specifies lots of information telling
+Postfix how to reference the mysql database. For a complete description, see
+the mysql_table(5) manual page.
+
+EExxaammppllee:: llooccaall aalliiaasseess
+
+#
+# mysql config file for local(8) aliases(5) lookups
+#
+
+# The user name and password to log into the mysql server.
+user = someone
+password = some_password
+
+# The database name on the servers.
+dbname = customer_database
+
+# For Postfix 2.2 and later The SQL query template.
+# See mysql_table(5) for details.
+query = SELECT forw_addr FROM mxaliases WHERE alias='%s' AND status='paid'
+
+# For Postfix releases prior to 2.2. See mysql_table(5) for details.
+select_field = forw_addr
+table = mxaliases
+where_field = alias
+# Don't forget the leading "AND"!
+additional_conditions = AND status = 'paid'
+
+# This is necessary to make UTF8 queries work for Postfix 2.11 .. 3.1,
+# and is the default setting as of Postfix 3.2.
+option_group = client
+
+AAddddiittiioonnaall nnootteess
+
+Postfix 3.2 and later read [[cclliieenntt]] option group settings by default. To
+disable this, specify no ooppttiioonn__ffiillee and specify "ooppttiioonn__ggrroouupp ==" (i.e. an
+empty value).
+
+Postfix 3.1 and earlier don't read [[cclliieenntt]] option group settings unless a non-
+empty ooppttiioonn__ffiillee or ooppttiioonn__ggrroouupp value are specified. To enable this, specify,
+for example "ooppttiioonn__ggrroouupp == cclliieenntt".
+
+The MySQL configuration interface setup allows for multiple mysql databases:
+you can use one for a virtual table, one for an access table, and one for an
+aliases table if you want.
+
+Since sites that have a need for multiple mail exchangers may enjoy the
+convenience of using a networked mailer database, but do not want to introduce
+a single point of failure to their system, we've included the ability to have
+Postfix reference multiple hosts for access to a single mysql map. This will
+work if sites set up mirrored mysql databases on two or more hosts. Whenever
+queries fail with an error at one host, the rest of the hosts will be tried in
+random order. If no mysql server hosts are reachable, then mail will be
+deferred until at least one of those hosts is reachable.
+
+CCrreeddiittss
+
+  * The initial version was contributed by Scott Cotton and Joshua Marcus, IC
+    Group, Inc.
+  * Liviu Daia revised the configuration interface and added the main.cf
+    configuration feature.
+  * Liviu Daia with further refinements from Jose Luis Tallon and Victor
+    Duchovni developed the common query, result_format, domain and
+    expansion_limit interface for LDAP, MySQL and PosgreSQL.
+

data/incoming/SCHEDULER_README

@@ -0,0 +1,1160 @@
+PPoossttffiixx QQuueeuuee SScchheedduulleerr
+
+-------------------------------------------------------------------------------
+
+DDiissccllaaiimmeerr
+
+Many of the transport-specific configuration parameters discussed in this
+document will not show up in "postconf" command output before Postfix version
+2.9. This limitation applies to many parameters whose name is a combination of
+a master.cf service name such as "relay" and a built-in suffix such as
+"_destination_concurrency_limit".
+
+OOvveerrvviieeww
+
+The queue manager is by far the most complex part of the Postfix mail system.
+It schedules delivery of new mail, retries failed deliveries at specific times,
+and removes mail from the queue after the last delivery attempt. There are two
+major classes of mechanisms that control the operation of the queue manager.
+
+Topics covered by this document:
+
+  * Concurrency scheduling, concerned with the number of concurrent deliveries
+    to a specific destination, including decisions on when to suspend
+    deliveries after persistent failures.
+  * Preemptive scheduling, concerned with the selection of email messages and
+    recipients for a given destination.
+  * Credits, something this document would not be complete without.
+
+CCoonnccuurrrreennccyy sscchheedduulliinngg
+
+The following sections document the Postfix 2.5 concurrency scheduler, after a
+discussion of the limitations of the earlier concurrency scheduler. This is
+followed by results of medium-concurrency experiments, and a discussion of
+trade-offs between performance and robustness.
+
+The material is organized as follows:
+
+  * Drawbacks of the existing concurrency scheduler
+  * Summary of the Postfix 2.5 concurrency feedback algorithm
+  * Summary of the Postfix 2.5 "dead destination" detection algorithm
+  * Pseudocode for the Postfix 2.5 concurrency scheduler
+  * Results for delivery to concurrency limited servers
+  * Discussion of concurrency limited server results
+  * Limitations of less-than-1 per delivery feedback
+  * Concurrency configuration parameters
+
+DDrraawwbbaacckkss ooff tthhee eexxiissttiinngg ccoonnccuurrrreennccyy sscchheedduulleerr
+
+From the start, Postfix has used a simple but robust algorithm where the per-
+destination delivery concurrency is decremented by 1 after delivery failed due
+to connection or handshake failure, and incremented by 1 otherwise. Of course
+the concurrency is never allowed to exceed the maximum per-destination
+concurrency limit. And when a destination's concurrency level drops to zero,
+the destination is declared "dead" and delivery is suspended.
+
+Drawbacks of +/-1 concurrency feedback per delivery are:
+
+  * Overshoot due to exponential delivery concurrency growth with each pseudo-
+    cohort(*). This can be an issue with high-concurrency channels. For
+    example, with the default initial concurrency of 5, concurrency would
+    proceed over time as (5-10-20).
+
+  * Throttling down to zero concurrency after a single pseudo-cohort(*)
+    failure. This was especially an issue with low-concurrency channels where a
+    single failure could be sufficient to mark a destination as "dead", causing
+    the suspension of further deliveries to the affected destination.
+
+(*) A pseudo-cohort is a number of delivery requests equal to a destination's
+delivery concurrency.
+
+The revised concurrency scheduler has a highly modular structure. It uses
+separate mechanisms for per-destination concurrency control and for "dead
+destination" detection. The concurrency control in turn is built from two
+separate mechanisms: it supports less-than-1 feedback per delivery to allow for
+more gradual concurrency adjustments, and it uses feedback hysteresis to
+suppress concurrency oscillations. And instead of waiting for delivery
+concurrency to throttle down to zero, a destination is declared "dead" after a
+configurable number of pseudo-cohorts reports connection or handshake failure.
+
+SSuummmmaarryy ooff tthhee PPoossttffiixx 22..55 ccoonnccuurrrreennccyy ffeeeeddbbaacckk aallggoorriitthhmm
+
+We want to increment a destination's delivery concurrency when some (not
+necessarily consecutive) number of deliveries complete without connection or
+handshake failure. This is implemented with positive feedback g(N) where N is
+the destination's delivery concurrency. With g(N)=1 feedback per delivery,
+concurrency increases by 1 after each positive feedback event; this gives us
+the old scheduler's exponential growth in time. With g(N)=1/N feedback per
+delivery, concurrency increases by 1 after an entire pseudo-cohort N of
+positive feedback reports; this gives us linear growth in time. Less-than-
+1 feedback per delivery and integer truncation naturally give us hysteresis, so
+that transitions to larger concurrency happen every 1/g(N) positive feedback
+events.
+
+We want to decrement a destination's delivery concurrency when some (not
+necessarily consecutive) number of deliveries complete after connection or
+handshake failure. This is implemented with negative feedback f(N) where N is
+the destination's delivery concurrency. With f(N)=1 feedback per delivery,
+concurrency decreases by 1 after each negative feedback event; this gives us
+the old scheduler's behavior where concurrency is throttled down dramatically
+after a single pseudo-cohort failure. With f(N)=1/N feedback per delivery,
+concurrency backs off more gently. Again, less-than-1 feedback per delivery and
+integer truncation naturally give us hysteresis, so that transitions to lower
+concurrency happen every 1/f(N) negative feedback events.
+
+However, with negative feedback we introduce a subtle twist. We "reverse" the
+negative hysteresis cycle so that the transition to lower concurrency happens
+at the bbeeggiinnnniinngg of a sequence of 1/f(N) negative feedback events. Otherwise, a
+correction for overload would be made too late. This makes the choice of f(N)
+relatively unimportant, as borne out by measurements later in this document.
+
+In summary, the main ingredients for the Postfix 2.5 concurrency feedback
+algorithm are a) the option of less-than-1 positive feedback per delivery to
+avoid overwhelming servers, b) the option of less-than-1 negative feedback per
+delivery to avoid giving up too fast, c) feedback hysteresis to avoid rapid
+oscillation, and d) a "reverse" hysteresis cycle for negative feedback, so that
+it can correct for overload quickly.
+
+SSuummmmaarryy ooff tthhee PPoossttffiixx 22..55 ""ddeeaadd ddeessttiinnaattiioonn"" ddeetteeccttiioonn aallggoorriitthhmm
+
+We want to suspend deliveries to a specific destination after some number of
+deliveries suffers connection or handshake failure. The old scheduler declares
+a destination "dead" when negative (-1) feedback throttles the delivery
+concurrency down to zero. With less-than-1 feedback per delivery, this
+throttling down would obviously take too long. We therefore have to separate
+"dead destination" detection from concurrency feedback. This is implemented by
+introducing the concept of pseudo-cohort failure. The Postfix 2.5 concurrency
+scheduler declares a destination "dead" after a configurable number of pseudo-
+cohorts suffers from connection or handshake failures. The old scheduler
+corresponds to the special case where the pseudo-cohort failure limit is equal
+to 1.
+
+PPsseeuuddooccooddee ffoorr tthhee PPoossttffiixx 22..55 ccoonnccuurrrreennccyy sscchheedduulleerr
+
+The pseudo code shows how the ideas behind new concurrency scheduler are
+implemented as of November 2007. The actual code can be found in the module
+qmgr/qmgr_queue.c.
+
+Types:
+        Each destination has one set of the following variables
+        int concurrency
+        double success
+        double failure
+        double fail_cohorts
+
+Feedback functions:
+        N is concurrency; x, y are arbitrary numbers in [0..1] inclusive
+        positive feedback: g(N) = x/N | x/sqrt(N) | x
+        negative feedback: f(N) = y/N | y/sqrt(N) | y
+
+Initialization:
+        concurrency = initial_concurrency
+        success = 0
+        failure = 0
+        fail_cohorts = 0
+
+After success:
+        fail_cohorts = 0
+        Be prepared for feedback > hysteresis, or rounding error
+        success += g(concurrency)
+        while (success >= 1)            Hysteresis 1
+            concurrency += 1            Hysteresis 1
+            failure = 0
+            success -= 1                Hysteresis 1
+        Be prepared for overshoot
+        if (concurrency > concurrency limit)
+            concurrency = concurrency limit
+
+Safety:
+        Don't apply positive feedback unless
+            concurrency < busy_refcount + init_dest_concurrency
+        otherwise negative feedback effect could be delayed
+
+After failure:
+        if (concurrency > 0)
+            fail_cohorts += 1.0 / concurrency
+            if (fail_cohorts > cohort_failure_limit)
+                concurrency = 0
+        if (concurrency > 0)
+            Be prepared for feedback > hysteresis, rounding errors
+            failure -= f(concurrency)
+            while (failure < 0)
+                concurrency -= 1        Hysteresis 1
+                failure += 1            Hysteresis 1
+                success = 0
+            Be prepared for overshoot
+            if (concurrency < 1)
+                concurrency = 1
+
+RReessuullttss ffoorr ddeelliivveerryy ttoo ccoonnccuurrrreennccyy--lliimmiitteedd sseerrvveerrss
+
+Discussions about the concurrency scheduler redesign started early 2004, when
+the primary goal was to find alternatives that did not exhibit exponential
+growth or rapid concurrency throttling. No code was implemented until late
+2007, when the primary concern had shifted towards better handling of server
+concurrency limits. For this reason we measure how well the new scheduler does
+this job. The table below compares mail delivery performance of the old +/-
+1 feedback per delivery with several less-than-1 feedback functions, for
+different limited-concurrency server scenarios. Measurements were done with a
+FreeBSD 6.2 client and with FreeBSD 6.2 and various Linux servers.
+
+Server configuration:
+
+  * The mail flow was slowed down with 1 second latency per recipient
+    ("smtpd_client_restrictions = sleep 1"). The purpose was to make results
+    less dependent on hardware details, by avoiding slow-downs by queue file I/
+    O, logging I/O, and network I/O.
+  * Concurrency was limited by the server process limit ("default_process_limit
+    = 5" and "smtpd_client_event_limit_exceptions = static:all"). Postfix was
+    stopped and started after changing the process limit, because the same
+    number is also used as the backlog argument to the listen(2) system call,
+    and "postfix reload" does not re-issue this call.
+  * Mail was discarded with "local_recipient_maps = static:all" and
+    "local_transport = discard". The discard action in access maps or header/
+    body checks could not be used as it fails to update the in_flow_delay
+    counters.
+
+Client configuration:
+
+  * Queue file overhead was minimized by sending one message to a virtual alias
+    that expanded into 2000 different remote recipients. All recipients were
+    accounted for according to the maillog file. The
+    virtual_alias_expansion_limit setting was increased to avoid complaints
+    from the cleanup(8) server.
+  * The number of deliveries was maximized with
+    "smtp_destination_recipient_limit = 2". A smaller limit would cause Postfix
+    to schedule the concurrency per recipient instead of domain, which is not
+    what we want.
+  * Maximum concurrency was limited with "smtp_destination_concurrency_limit =
+    20", and initial_destination_concurrency was set to the same value.
+  * The positive and negative concurrency feedback hysteresis was 1.
+    Concurrency was incremented by 1 at the END of 1/feedback steps of positive
+    feedback, and was decremented by 1 at the START of 1/feedback steps of
+    negative feedback.
+  * The SMTP client used the default 30s SMTP connect timeout and 300s SMTP
+    greeting timeout.
+
+IImmppaacctt ooff tthhee 3300ss SSMMTTPP ccoonnnneecctt ttiimmeeoouutt
+
+The first results are for a FreeBSD 6.2 server, where our artificially low
+listen(2) backlog results in a very short kernel queue for established
+connections. The table shows that all deferred deliveries failed due to a 30s
+connection timeout, and none failed due to a server greeting timeout. This
+measurement simulates what happens when the server's connection queue is
+completely full under load, and the TCP engine drops new connections.
+
+    cclliieenntt sseerrvveerr ffeeeeddbbaacckk  ccoonnnneeccttiioonn ppeerrcceennttaaggee cclliieenntt         ttiimmeedd--oouutt iinn
+    lliimmiitt  lliimmiitt  ssttyyllee     ccaacchhiinngg    ddeeffeerrrreedd   ccoonnccuurrrreennccyy    ccoonnnneecctt//
+                                                  aavveerraaggee//ssttddddeevv ggrreeeettiinngg
+
+    -------------------------------------------------------------------------
+       20     5       1/N         no        9.9   19.4    0.49   198      -
+
+       20     5       1/N        yes       10.3   19.4    0.49   206      -
+
+       20     5   1/sqrt(N)       no       10.4   19.6    0.59   208      -
+
+       20     5   1/sqrt(N)      yes       10.6   19.6    0.61   212      -
+
+       20     5         1         no       10.1   19.5    1.29   202      -
+
+       20     5         1        yes       10.8   19.3    1.57   216      -
+
+    -------------------------------------------------------------------------
+
+    A busy server with a completely full connection queue. N is the client
+    delivery concurrency. Failed deliveries time out after 30s without
+    completing the TCP handshake. See text for a discussion of results.
+
+IImmppaacctt ooff tthhee 330000ss SSMMTTPP ggrreeeettiinngg ttiimmeeoouutt
+
+The next table shows results for a Fedora Core 8 server (results for RedHat 7.3
+are identical). In this case, the artificially small listen(2) backlog argument
+does not impact our measurement. The table shows that practically all deferred
+deliveries fail after the 300s SMTP greeting timeout. As these timeouts were
+10x longer than with the first measurement, we increased the recipient count
+(and thus the running time) by a factor of 10 to keep the results comparable.
+The deferred mail percentages are a factor 10 lower than with the first
+measurement, because the 1s per-recipient delay was 1/300th of the greeting
+timeout instead of 1/30th of the connection timeout.
+
+    cclliieenntt sseerrvveerr ffeeeeddbbaacckk  ccoonnnneeccttiioonn ppeerrcceennttaaggee cclliieenntt         ttiimmeedd--oouutt iinn
+    lliimmiitt  lliimmiitt  ssttyyllee     ccaacchhiinngg    ddeeffeerrrreedd   ccoonnccuurrrreennccyy    ccoonnnneecctt//
+                                                  aavveerraaggee//ssttddddeevv ggrreeeettiinngg
+
+    -------------------------------------------------------------------------
+       20     5       1/N         no       1.16   19.8    0.37   -      230
+
+       20     5       1/N        yes       1.36   19.8    0.36   -      272
+
+       20     5   1/sqrt(N)       no       1.21   19.9    0.23   4      238
+
+       20     5   1/sqrt(N)      yes       1.36   20.0    0.23   -      272
+
+       20     5         1         no       1.18   20.0    0.16   -      236
+
+       20     5         1        yes       1.39   20.0    0.16   -      278
+
+    -------------------------------------------------------------------------
+
+    A busy server with a non-full connection queue. N is the client delivery
+    concurrency. Failed deliveries complete at the TCP level, but time out
+    after 300s while waiting for the SMTP greeting. See text for a discussion
+    of results.
+
+IImmppaacctt ooff aaccttiivvee sseerrvveerr ccoonnccuurrrreennccyy lliimmiitteerr
+
+The final concurrency-limited result shows what happens when SMTP connections
+don't time out, but are rejected immediately with the Postfix server's
+smtpd_client_connection_count_limit feature (the server replies with a 421
+status and disconnects immediately). Similar results can be expected with
+concurrency limiting features built into other MTAs or firewalls. For this
+measurement we specified a server concurrency limit and a client initial
+destination concurrency of 5, and a server process limit of 10; all other
+conditions were the same as with the first measurement. The same result would
+be obtained with a FreeBSD or Linux server, because the "pushing back" is done
+entirely by the receiving side.
+
+    cclliieenntt sseerrvveerr ffeeeeddbbaacckk  ccoonnnneeccttiioonn ppeerrcceennttaaggee cclliieenntt         tthheeoorreettiiccaall
+    lliimmiitt  lliimmiitt  ssttyyllee     ccaacchhiinngg    ddeeffeerrrreedd   ccoonnccuurrrreennccyy    ddeeffeerr rraattee
+                                                  aavveerraaggee//ssttddddeevv
+
+    -------------------------------------------------------------------------
+       20     5       1/N         no       16.5   5.17    0.38         1/6
+
+       20     5       1/N        yes       16.5   5.17    0.38         1/6
+
+       20     5   1/sqrt(N)       no       24.5   5.28    0.45         1/4
+
+       20     5   1/sqrt(N)      yes       24.3   5.28    0.46         1/4
+
+       20     5         1         no       49.7   5.63    0.67         1/2
+
+       20     5         1        yes       49.7   5.68    0.70         1/2
+
+    -------------------------------------------------------------------------
+
+    A server with active per-client concurrency limiter that replies with 421
+    and disconnects. N is the client delivery concurrency. The theoretical
+    defer rate is 1/(1+roundup(1/feedback)). This is always 1/2 with the fixed
+    +/-1 feedback per delivery; with the concurrency-dependent feedback
+    variants, the defer rate decreases with increasing concurrency. See text
+    for a discussion of results.
+
+DDiissccuussssiioonn ooff ccoonnccuurrrreennccyy--lliimmiitteedd sseerrvveerr rreessuullttss
+
+All results in the previous sections are based on the first delivery runs only;
+they do not include any second etc. delivery attempts. It's also worth noting
+that the measurements look at steady-state behavior only. They don't show what
+happens when the client starts sending at a much higher or lower concurrency.
+
+The first two examples show that the effect of feedback is negligible when
+concurrency is limited due to congestion. This is because the initial
+concurrency is already at the client's concurrency maximum, and because there
+is 10-100 times more positive than negative feedback. Under these conditions,
+it is no surprise that the contribution from SMTP connection caching is also
+negligible.
+
+In the last example, the old +/-1 feedback per delivery will defer 50% of the
+mail when confronted with an active (anvil-style) server concurrency limit,
+where the server hangs up immediately with a 421 status (a TCP-level RST would
+have the same result). Less aggressive feedback mechanisms fare better than
+more aggressive ones. Concurrency-dependent feedback fares even better at
+higher concurrencies than shown here, but has limitations as discussed in the
+next section.
+
+LLiimmiittaattiioonnss ooff lleessss--tthhaann--11 ppeerr ddeelliivveerryy ffeeeeddbbaacckk
+
+Less-than-1 feedback is of interest primarily when sending large amounts of
+mail to destinations with active concurrency limiters (servers that reply with
+421, or firewalls that send RST). When sending small amounts of mail per
+destination, less-than-1 per-delivery feedback won't have a noticeable effect
+on the per-destination concurrency, because the number of deliveries to the
+same destination is too small. You might just as well use zero per-delivery
+feedback and stay with the initial per-destination concurrency. And when mail
+deliveries fail due to congestion instead of active concurrency limiters, the
+measurements above show that per-delivery feedback has no effect. With large
+amounts of mail you might just as well use zero per-delivery feedback and start
+with the maximal per-destination concurrency.
+
+The scheduler with less-than-1 concurrency feedback per delivery solves a
+problem with servers that have active concurrency limiters. This works only
+because feedback is handled in a peculiar manner: positive feedback will
+increment the concurrency by 1 at the eenndd of a sequence of events of length 1/
+feedback, while negative feedback will decrement concurrency by 1 at the
+bbeeggiinnnniinngg of such a sequence. This is how Postfix adjusts quickly for overshoot
+without causing lots of mail to be deferred. Without this difference in
+feedback treatment, less-than-1 feedback per delivery would defer 50% of the
+mail, and would be no better in this respect than the old +/-1 feedback per
+delivery.
+
+Unfortunately, the same feature that corrects quickly for concurrency overshoot
+also makes the scheduler more sensitive for noisy negative feedback. The reason
+is that one lonely negative feedback event has the same effect as a complete
+sequence of length 1/feedback: in both cases delivery concurrency is dropped by
+1 immediately. As a worst-case scenario, consider multiple servers behind a
+load balancer on a single IP address, and no backup MX address. When 1 out of K
+servers fails to complete the SMTP handshake or drops the connection, a
+scheduler with 1/N (N = concurrency) feedback stops increasing its concurrency
+once it reaches a concurrency level of about K, even though the good servers
+behind the load balancer are perfectly capable of handling more traffic.
+
+This noise problem gets worse as the amount of positive feedback per delivery
+gets smaller. A compromise is to use fixed less-than-1 positive feedback values
+instead of concurrency-dependent positive feedback. For example, to tolerate 1
+of 4 bad servers in the above load balancer scenario, use positive feedback of
+1/4 per "good" delivery (no connect or handshake error), and use an equal or
+smaller amount of negative feedback per "bad" delivery. The downside of using
+concurrency-independent feedback is that some of the old +/-1 feedback problems
+will return at large concurrencies. Sites that must deliver mail at non-trivial
+per-destination concurrencies will require special configuration.
+
+CCoonnccuurrrreennccyy ccoonnffiigguurraattiioonn ppaarraammeetteerrss
+
+The Postfix 2.5 concurrency scheduler is controlled with the following
+configuration parameters, where "transport_foo" provides a transport-specific
+parameter override. All parameter default settings are compatible with earlier
+Postfix versions.
+
+    PPaarraammeetteerr nnaammee                                        PPoossttffiixx DDeessccrriippttiioonn
+                                                          vveerrssiioonn
+
+    ---------------------------------------------------------------------------
+                                                                  Initial per-
+    initial_destination_concurrency                          all  destination
+    transport_initial_destination_concurrency                2.5  delivery
+                                                                  concurrency
+
+                                                                  Maximum per-
+    default_destination_concurrency_limit                    all  destination
+    transport_destination_concurrency_limit                  all  delivery
+                                                                  concurrency
+
+                                                                  Per-
+                                                                  destination
+                                                                  positive
+                                                                  feedback
+    default_destination_concurrency_positive_feedback        2.5  amount, per
+    transport_destination_concurrency_positive_feedback      2.5  delivery that
+                                                                  does not fail
+                                                                  with
+                                                                  connection or
+                                                                  handshake
+                                                                  failure
+
+                                                                  Per-
+                                                                  destination
+                                                                  negative
+                                                                  feedback
+    default_destination_concurrency_negative_feedback        2.5  amount, per
+    transport_destination_concurrency_negative_feedback      2.5  delivery that
+                                                                  fails with
+                                                                  connection or
+                                                                  handshake
+                                                                  failure
+
+                                                                  Number of
+                                                                  failed
+                                                                  pseudo-
+                                                                  cohorts after
+    default_destination_concurrency_failed_cohort_limit      2.5  which a
+    transport_destination_concurrency_failed_cohort_limit    2.5  destination
+                                                                  is declared
+                                                                  "dead" and
+                                                                  delivery is
+                                                                  suspended
+
+                                                                  Enable
+                                                                  verbose
+    destination_concurrency_feedback_debug                   2.5  logging of
+                                                                  concurrency
+                                                                  scheduler
+                                                                  activity
+
+    ---------------------------------------------------------------------------
+
+PPrreeeemmppttiivvee sscchheedduulliinngg
+
+The following sections describe the new queue manager and its preemptive
+scheduler algorithm. Note that the document was originally written to describe
+the changes between the new queue manager (in this text referred to as nqmgr,
+the name it was known by before it became the default queue manager) and the
+old queue manager (referred to as oqmgr). This is why it refers to oqmgr every
+so often.
+
+This document is divided into sections as follows:
+
+  * The structures used by nqmgr
+  * What happens when nqmgr picks up the message - how it is assigned to
+    transports, jobs, peers, entries
+  * How the entry selection works
+  * How the preemption works - what messages may be preempted and how and what
+    messages are chosen to preempt them
+  * How destination concurrency limits affect the scheduling algorithm
+  * Dealing with memory resource limits
+
+TThhee ssttrruuccttuurreess uusseedd bbyy nnqqmmggrr
+
+Let's start by recapitulating the structures and terms used when referring to
+queue manager and how it operates. Many of these are partially described
+elsewhere, but it is nice to have a coherent overview in one place:
+
+  * Each message structure represents one mail message which Postfix is to
+    deliver. The message recipients specify to what destinations is the message
+    to be delivered and what transports are going to be used for the delivery.
+
+  * Each recipient entry groups a batch of recipients of one message which are
+    all going to be delivered to the same destination (and over the same
+    transport).
+
+  * Each transport structure groups everything what is going to be delivered by
+    delivery agents dedicated for that transport. Each transport maintains a
+    set of queues (describing the destinations it shall talk to) and jobs
+    (referencing the messages it shall deliver).
+
+  * Each transport queue (not to be confused with the on-disk active queue or
+    incoming queue) groups everything what is going be delivered to given
+    destination (aka nexthop) by its transport. Each queue belongs to one
+    transport, so each destination may be referred to by several queues, one
+    for each transport. Each queue maintains a list of all recipient entries
+    (batches of message recipients) which shall be delivered to given
+    destination (the todo list), and a list of recipient entries already being
+    delivered by the delivery agents (the busy list).
+
+  * Each queue corresponds to multiple peer structures. Each peer structure is
+    like the queue structure, belonging to one transport and referencing one
+    destination. The difference is that it lists only the recipient entries
+    which all originate from the same message, unlike the queue structure,
+    whose entries may originate from various messages. For messages with few
+    recipients, there is usually just one recipient entry for each destination,
+    resulting in one recipient entry per peer. But for large mailing list
+    messages the recipients may need to be split to multiple recipient entries,
+    in which case the peer structure may list many entries for single
+    destination.
+
+  * Each transport job groups everything it takes to deliver one message via
+    its transport. Each job represents one message within the context of the
+    transport. The job belongs to one transport and message, so each message
+    may have multiple jobs, one for each transport. The job groups all the peer
+    structures, which describe the destinations the job's message has to be
+    delivered to.
+
+The first four structures are common to both nqmgr and oqmgr, the latter two
+were introduced by nqmgr.
+
+These terms are used extensively in the text below, feel free to look up the
+description above anytime you'll feel you have lost a sense what is what.
+
+WWhhaatt hhaappppeennss wwhheenn nnqqmmggrr ppiicckkss uupp tthhee mmeessssaaggee
+
+Whenever nqmgr moves a queue file into the active queue, the following happens:
+It reads all necessary information from the queue file as oqmgr does, and also
+reads as many recipients as possible - more on that later, for now let's just
+pretend it always reads all recipients.
+
+Then it resolves the recipients as oqmgr does, which means obtaining (address,
+nexthop, transport) triple for each recipient. For each triple, it finds the
+transport; if it does not exist yet, it instantiates it (unless it's dead).
+Within the transport, it finds the destination queue for given nexthop; if it
+does not exist yet, it instantiates it (unless it's dead). The triple is then
+bound to given destination queue. This happens in qmgr_resolve() and is
+basically the same as in oqmgr.
+
+Then for each triple which was bound to some queue (and thus transport), the
+program finds the job which represents the message within that transport's
+context; if it does not exist yet, it instantiates it. Within the job, it finds
+the peer which represents the bound destination queue within this jobs context;
+if it does not exist yet, it instantiates it. Finally, it stores the address
+from the resolved triple to the recipient entry which is appended to both the
+queue entry list and the peer entry list. The addresses for same nexthop are
+batched in the entries up to recipient_concurrency limit for that transport.
+This happens in qmgr_assign() and apart from that it operates with job and peer
+structures it is basically the same as in oqmgr.
+
+When the job is instantiated, it is enqueued on the transport's job list based
+on the time its message was picked up by nqmgr. For first batch of recipients
+this means it is appended to the end of the job list, but the ordering of the
+job list by the enqueue time is important as we will see shortly.
+
+[Now you should have pretty good idea what is the state of the nqmgr after
+couple of messages was picked up, what is the relation between all those job,
+peer, queue and entry structures.]
+
+HHooww tthhee eennttrryy sseelleeccttiioonn wwoorrkkss
+
+Having prepared all those above mentioned structures, the task of the nqmgr's
+scheduler is to choose the recipient entries one at a time and pass them to the
+delivery agent for corresponding transport. Now how does this work?
+
+The first approximation of the new scheduling algorithm is like this:
+
+    foreach transport (round-robin-by-transport)
+    do
+        if transport busy continue
+        if transport process limit reached continue
+        foreach transport's job (in the order of the transport's job list)
+        do
+            foreach job's peer (round-robin-by-destination)
+                 if peer->queue->concurrency < peer->queue->window
+                     return next peer entry.
+            done
+        done
+    done
+
+Now what is the "order of the transport's job list"? As we know already, the
+job list is by default kept in the order the message was picked up by the
+nqmgr. So by default we get the top-level round-robin transport, and within
+each transport we get the FIFO message delivery. The round-robin of the peers
+by the destination is perhaps of little importance in most real-life cases
+(unless the recipient_concurrency limit is reached, in one job there is only
+one peer structure for each destination), but theoretically it makes sure that
+even within single jobs, destinations are treated fairly.
+
+[By now you should have a feeling you really know how the scheduler works,
+except for the preemption, under ideal conditions - that is, no recipient
+resource limits and no destination concurrency problems.]
+
+HHooww tthhee pprreeeemmppttiioonn wwoorrkkss
+
+As you might perhaps expect by now, the transport's job list does not remain
+sorted by the job's message enqueue time all the time. The most cool thing
+about nqmgr is not the simple FIFO delivery, but that it is able to slip mail
+with little recipients past the mailing-list bulk mail. This is what the job
+preemption is about - shuffling the jobs on the transport's job list to get the
+best message delivery rates. Now how is it achieved?
+
+First I have to tell you that there are in fact two job lists in each
+transport. One is the scheduler's job list, which the scheduler is free to play
+with, while the other one keeps the jobs always listed in the order of the
+enqueue time and is used for recipient pool management we will discuss later.
+For now, we will deal with the scheduler's job list only.
+
+So, we have the job list, which is first ordered by the time the jobs' messages
+were enqueued, oldest messages first, the most recently picked one at the end.
+For now, let's assume that there are no destination concurrency problems.
+Without preemption, we pick some entry of the first (oldest) job on the queue,
+assign it to delivery agent, pick another one from the same job, assign it
+again, and so on, until all the entries are used and the job is delivered. We
+would then move onto the next job and so on and on. Now how do we manage to
+sneak in some entries from the recently added jobs when the first job on the
+job list belongs to a message going to the mailing-list and has thousands of
+recipient entries?
+
+The nqmgr's answer is that we can artificially "inflate" the delivery time of
+that first job by some constant for free - it is basically the same trick you
+might remember as "accumulation of potential" from the amortized complexity
+lessons. For example, instead of delivering the entries of the first job on the
+job list every time a delivery agent becomes available, we can do it only every
+second time. If you view the moments the delivery agent becomes available on a
+timeline as "delivery slots", then instead of using every delivery slot for the
+first job, we can use only every other slot, and still the overall delivery
+efficiency of the first job remains the same. So the delivery 11112222 becomes
+1.1.1.1.2.2.2.2 (1 and 2 are the imaginary job numbers, . denotes the free
+slot). Now what do we do with free slots?
+
+As you might have guessed, we will use them for sneaking the mail with little
+recipients in. For example, if we have one four-recipient mail followed by four
+one recipients mail, the delivery sequence (that is, the sequence in which the
+jobs are assigned to the delivery slots) might look like this: 12131415. Hmm,
+fine for sneaking in the single recipient mail, but how do we sneak in the mail
+with more than one recipient? Say if we have one four-recipient mail followed
+by two two-recipient mails?
+
+The simple answer would be to use delivery sequence 12121313. But the problem
+is that this does not scale well. Imagine you have mail with thousand
+recipients followed by mail with hundred recipients. It is tempting to suggest
+the delivery sequence like 121212...., but alas! Imagine there arrives another
+mail with say ten recipients. But there are no free slots anymore, so it can't
+slip by, not even if it had just only one recipients. It will be stuck until
+the hundred-recipient mail is delivered, which really sucks.
+
+So, it becomes obvious that while inflating the message to get free slots is
+great idea, one has to be really careful of how the free slots are assigned,
+otherwise one might corner himself. So, how does nqmgr really use the free
+slots?
+
+The key idea is that one does not have to generate the free slots in a uniform
+way. The delivery sequence 111...1 is no worse than 1.1.1.1, in fact, it is
+even better as some entries are in the first case selected earlier than in the
+second case, and none is selected later! So it is possible to first
+"accumulate" the free delivery slots and then use them all at once. It is even
+possible to accumulate some, then use them, then accumulate some more and use
+them again, as in 11..1.1 .
+
+Let's get back to the one hundred recipient example. We now know that we could
+first accumulate one hundred free slots, and only after then to preempt the
+first job and sneak the one hundred recipient mail in. Applying the algorithm
+recursively, we see the hundred recipient job can accumulate ten free delivery
+slots, and then we could preempt it and sneak in the ten-recipient mail... Wait
+wait wait! Could we? Aren't we overinflating the original one thousand
+recipient mail?
+
+Well, despite it looks so at the first glance, another trick will allow us to
+answer "no, we are not!". If we had said that we will inflate the delivery time
+twice at maximum, and then we consider every other slot as a free slot, then we
+would overinflate in case of the recursive preemption. BUT! The trick is that
+if we use only every n-th slot as a free slot for n>2, there is always some
+worst inflation factor which we can guarantee not to be breached, even if we
+apply the algorithm recursively. To be precise, if for every k>1 normally used
+slots we accumulate one free delivery slot, than the inflation factor is not
+worse than k/(k-1) no matter how many recursive preemptions happen. And it's
+not worse than (k+1)/k if only non-recursive preemption happens. Now, having
+got through the theory and the related math, let's see how nqmgr implements
+this.
+
+Each job has so called "available delivery slot" counter. Each transport has a
+transport_delivery_slot_cost parameter, which defaults to
+default_delivery_slot_cost parameter which is set to 5 by default. This is the
+k from the paragraph above. Each time k entries of the job are selected for
+delivery, this counter is incremented by one. Once there are some slots
+accumulated, job which requires no more than that number of slots to be fully
+delivered can preempt this job.
+
+[Well, the truth is, the counter is incremented every time an entry is selected
+and it is divided by k when it is used. But for the understanding it's good
+enough to use the above approximation of the truth.]
+
+OK, so now we know the conditions which must be satisfied so one job can
+preempt another one. But what job gets preempted, how do we choose what job
+preempts it if there are several valid candidates, and when does all this
+exactly happen?
+
+The answer for the first part is simple. The job whose entry was selected the
+last time is so called current job. Normally, it is the first job on the
+scheduler's job list, but destination concurrency limits may change this as we
+will see later. It is always only the current job which may get preempted.
+
+Now for the second part. The current job has certain amount of recipient
+entries, and as such may accumulate at maximum some amount of available
+delivery slots. It might have already accumulated some, and perhaps even
+already used some when it was preempted before (remember a job can be preempted
+several times). In either case, we know how many are accumulated and how many
+are left to deliver, so we know how many it may yet accumulate at maximum.
+Every other job which may be delivered by less than that number of slots is a
+valid candidate for preemption. How do we choose among them?
+
+The answer is - the one with maximum enqueue_time/recipient_entry_count. That
+is, the older the job is, the more we should try to deliver it in order to get
+best message delivery rates. These rates are of course subject to how many
+recipients the message has, therefore the division by the recipient (entry)
+count. No one shall be surprised that message with n recipients takes n times
+longer to deliver than message with one recipient.
+
+Now let's recap the previous two paragraphs. Isn't it too complicated? Why
+don't the candidates come only among the jobs which can be delivered within the
+number of slots the current job already accumulated? Why do we need to estimate
+how much it has yet to accumulate? If you found out the answer, congratulate
+yourself. If we did it this simple way, we would always choose the candidate
+with least recipient entries. If there were enough single recipient mails
+coming in, they would always slip by the bulk mail as soon as possible, and the
+two and more recipients mail would never get a chance, no matter how long they
+have been sitting around in the job list.
+
+This candidate selection has interesting implication - that when we choose the
+best candidate for preemption (this is done in qmgr_choose_candidate()), it may
+happen that we may not use it for preemption immediately. This leads to an
+answer to the last part of the original question - when does the preemption
+happen?
+
+The preemption attempt happens every time next transport's recipient entry is
+to be chosen for delivery. To avoid needless overhead, the preemption is not
+attempted if the current job could never accumulate more than
+transport_minimum_delivery_slots (defaults to default_minimum_delivery_slots
+which defaults to 3). If there is already enough accumulated slots to preempt
+the current job by the chosen best candidate, it is done immediately. This
+basically means that the candidate is moved in front of the current job on the
+scheduler's job list and decreasing the accumulated slot counter by the amount
+used by the candidate. If there is not enough slots... well, I could say that
+nothing happens and the another preemption is attempted the next time. But
+that's not the complete truth.
+
+The truth is that it turns out that it is not really necessary to wait until
+the jobs counter accumulates all the delivery slots in advance. Say we have
+ten-recipient mail followed by two two-recipient mails. If the preemption
+happened when enough delivery slot accumulate (assuming slot cost 2), the
+delivery sequence becomes 11112211113311. Now what would we get if we would
+wait only for 50% of the necessary slots to accumulate and we promise we would
+wait for the remaining 50% later, after we get back to the preempted job? If we
+use such slot loan, the delivery sequence becomes 11221111331111. As we can
+see, it makes it no considerably worse for the delivery of the ten-recipient
+mail, but it allows the small messages to be delivered sooner.
+
+The concept of these slot loans is where the transport_delivery_slot_discount
+and transport_delivery_slot_loan come from (they default to
+default_delivery_slot_discount and default_delivery_slot_loan, whose values are
+by default 50 and 3, respectively). The discount (resp. loan) specifies how
+many percent (resp. how many slots) one "gets in advance", when the number of
+slots required to deliver the best candidate is compared with the number of
+slots the current slot had accumulated so far.
+
+And it pretty much concludes this chapter.
+
+[Now you should have a feeling that you pretty much understand the scheduler
+and the preemption, or at least that you will have it after you read the last
+chapter couple more times. You shall clearly see the job list and the
+preemption happening at its head, in ideal delivery conditions. The feeling of
+understanding shall last until you start wondering what happens if some of the
+jobs are blocked, which you might eventually figure out correctly from what had
+been said already. But I would be surprised if your mental image of the
+scheduler's functionality is not completely shattered once you start wondering
+how it works when not all recipients may be read in-core. More on that later.]
+
+HHooww ddeessttiinnaattiioonn ccoonnccuurrrreennccyy lliimmiittss aaffffeecctt tthhee sscchheedduulliinngg aallggoorriitthhmm
+
+The nqmgr uses the same algorithm for destination concurrency control as oqmgr.
+Now what happens when the destination limits are reached and no more entries
+for that destination may be selected by the scheduler?
+
+From user's point of view it is all simple. If some of the peers of a job can't
+be selected, those peers are simply skipped by the entry selection algorithm
+(the pseudo-code described before) and only the selectable ones are used. If
+none of the peers may be selected, the job is declared a "blocker job". Blocker
+jobs are skipped by the entry selection algorithm and they are also excluded
+from the candidates for preemption of current job. Thus the scheduler
+effectively behaves as if the blocker jobs didn't exist on the job list at all.
+As soon as at least one of the peers of a blocker job becomes unblocked (that
+is, the delivery agent handling the delivery of the recipient entry for given
+destination successfully finishes), the job's blocker status is removed and the
+job again participates in all further scheduler actions normally.
+
+So the summary is that the users don't really have to be concerned about the
+interaction of the destination limits and scheduling algorithm. It works well
+on its own and there are no knobs they would need to control it.
+
+From a programmer's point of view, the blocker jobs complicate the scheduler
+quite a lot. Without them, the jobs on the job list would be normally delivered
+in strict FIFO order. If the current job is preempted, the job preempting it is
+completely delivered unless it is preempted itself. Without blockers, the
+current job is thus always either the first job on the job list, or the top of
+the stack of jobs preempting the first job on the job list.
+
+The visualization of the job list and the preemption stack without blockers
+would be like this:
+
+    first job->    1--2--3--5--6--8--...    <- job list
+    on job list    |
+                   4    <- preemption stack
+                   |
+    current job->  7
+
+In the example above we see that job 1 was preempted by job 4 and then job 4
+was preempted by job 7. After job 7 is completed, remaining entries of job 4
+are selected, and once they are all selected, job 1 continues.
+
+As we see, it's all very clean and straightforward. Now how does this change
+because of blockers?
+
+The answer is: a lot. Any job may become blocker job at any time, and also
+become normal job again at any time. This has several important implications:
+
+ 1. The jobs may be completed in arbitrary order. For example, in the example
+    above, if the current job 7 becomes blocked, the next job 4 may complete
+    before the job 7 becomes unblocked again. Or if both 7 and 4 are blocked,
+    then 1 is completed, then 7 becomes unblocked and is completed, then 2 is
+    completed and only after that 4 becomes unblocked and is completed... You
+    get the idea.
+
+    [Interesting side note: even when jobs are delivered out of order, from
+    single destination's point of view the jobs are still delivered in the
+    expected order (that is, FIFO unless there was some preemption involved).
+    This is because whenever a destination queue becomes unblocked (the
+    destination limit allows selection of more recipient entries for that
+    destination), all jobs which have peers for that destination are unblocked
+    at once.]
+
+ 2. The idea of the preemption stack at the head of the job list is gone. That
+    is, it must be possible to preempt any job on the job list. For example, if
+    the jobs 7, 4, 1 and 2 in the example above become all blocked, job 3
+    becomes the current job. And of course we do not want the preemption to be
+    affected by the fact that there are some blocked jobs or not. Therefore, if
+    it turns out that job 3 might be preempted by job 6, the implementation
+    shall make it possible.
+
+ 3. The idea of the linear preemption stack itself is gone. It's no longer true
+    that one job is always preempted by only one job at one time (that is
+    directly preempted, not counting the recursively nested jobs). For example,
+    in the example above, job 1 is directly preempted by only job 4, and job 4
+    by job 7. Now assume job 7 becomes blocked, and job 4 is being delivered.
+    If it accumulates enough delivery slots, it is natural that it might be
+    preempted for example by job 8. Now job 4 is preempted by both job 7 AND
+    job 8 at the same time.
+
+Now combine the points 2) and 3) with point 1) again and you realize that the
+relations on the once linear job list became pretty complicated. If we extend
+the point 3) example: jobs 7 and 8 preempt job 4, now job 8 becomes blocked
+too, then job 4 completes. Tricky, huh?
+
+If I illustrate the relations after the above mentioned examples (but those in
+point 1)), the situation would look like this:
+
+                                v- parent
+
+    adoptive parent ->    1--2--3--5--...      <- "stack" level 0
+                          |     |
+    parent gone ->        ?     6              <- "stack" level 1
+                         / \
+    children ->         7   8   ^- child       <- "stack" level 2
+
+                          ^- siblings
+
+Now how does nqmgr deal with all these complicated relations?
+
+Well, it maintains them all as described, but fortunately, all these relations
+are necessary only for purposes of proper counting of available delivery slots.
+For purposes of ordering the jobs for entry selection, the original rule still
+applies: "the job preempting the current job is moved in front of the current
+job on the job list". So for entry selection purposes, the job relations remain
+as simple as this:
+
+    7--8--1--2--6--3--5--..   <- scheduler's job list order
+
+The job list order and the preemption parent/child/siblings relations are
+maintained separately. And because the selection works only with the job list,
+you can happily forget about those complicated relations unless you want to
+study the nqmgr sources. In that case the text above might provide some helpful
+introduction to the problem domain. Otherwise I suggest you just forget about
+all this and stick with the user's point of view: the blocker jobs are simply
+ignored.
+
+[By now, you should have a feeling that there is more things going under the
+hood than you ever wanted to know. You decide that forgetting about this
+chapter is the best you can do for the sake of your mind's health and you
+basically stick with the idea how the scheduler works in ideal conditions, when
+there are no blockers, which is good enough.]
+
+DDeeaalliinngg wwiitthh mmeemmoorryy rreessoouurrccee lliimmiittss
+
+When discussing the nqmgr scheduler, we have so far assumed that all recipients
+of all messages in the active queue are completely read into the memory. This
+is simply not true. There is an upper bound on the amount of memory the nqmgr
+may use, and therefore it must impose some limits on the information it may
+store in the memory at any given time.
+
+First of all, not all messages may be read in-core at once. At any time, only
+qmgr_message_active_limit messages may be read in-core at maximum. When read
+into memory, the messages are picked from the incoming and deferred message
+queues and moved to the active queue (incoming having priority), so if there is
+more than qmgr_message_active_limit messages queued in the active queue, the
+rest will have to wait until (some of) the messages in the active queue are
+completely delivered (or deferred).
+
+Even with the limited amount of in-core messages, there is another limit which
+must be imposed in order to avoid memory exhaustion. Each message may contain
+huge amount of recipients (tens or hundreds of thousands are not uncommon), so
+if nqmgr read all recipients of all messages in the active queue, it may easily
+run out of memory. Therefore there must be some upper bound on the amount of
+message recipients which are read into the memory at the same time.
+
+Before discussing how exactly nqmgr implements the recipient limits, let's see
+how the sole existence of the limits themselves affects the nqmgr and its
+scheduler.
+
+The message limit is straightforward - it just limits the size of the lookahead
+the nqmgr's scheduler has when choosing which message can preempt the current
+one. Messages not in the active queue simply are not considered at all.
+
+The recipient limit complicates more things. First of all, the message reading
+code must support reading the recipients in batches, which among other things
+means accessing the queue file several times and continuing where the last
+recipient batch ended. This is invoked by the scheduler whenever the current
+job has space for more recipients, subject to transport's refill_limit and
+refill_delay parameters. It is also done any time when all in-core recipients
+of the message are dealt with (which may also mean they were deferred) but
+there are still more in the queue file.
+
+The second complication is that with some recipients left unread in the queue
+file, the scheduler can't operate with exact counts of recipient entries. With
+unread recipients, it is not clear how many recipient entries there will be, as
+they are subject to per-destination grouping. It is not even clear to what
+transports (and thus jobs) the recipients will be assigned. And with messages
+coming from the deferred queue, it is not even clear how many unread recipients
+are still to be delivered. This all means that the scheduler must use only
+estimates of how many recipients entries there will be. Fortunately, it is
+possible to estimate the minimum and maximum correctly, so the scheduler can
+always err on the safe side. Obviously, the better the estimates, the better
+results, so it is best when we are able to read all recipients in-core and turn
+the estimates into exact counts, or at least try to read as many as possible to
+make the estimates as accurate as possible.
+
+The third complication is that it is no longer true that the scheduler is done
+with a job once all of its in-core recipients are delivered. It is possible
+that the job will be revived later, when another batch of recipients is read in
+core. It is also possible that some jobs will be created for the first time
+long after the first batch of recipients was read in core. The nqmgr code must
+be ready to handle all such situations.
+
+And finally, the fourth complication is that the nqmgr code must somehow impose
+the recipient limit itself. Now how does it achieve it?
+
+Perhaps the easiest solution would be to say that each message may have at
+maximum X recipients stored in-core, but such solution would be poor for
+several reasons. With reasonable qmgr_message_active_limit values, the X would
+have to be quite low to maintain reasonable memory footprint. And with low X
+lots of things would not work well. The nqmgr would have problems to use the
+transport_destination_recipient_limit efficiently. The scheduler's preemption
+would be suboptimal as the recipient count estimates would be inaccurate. The
+message queue file would have to be accessed many times to read in more
+recipients again and again.
+
+Therefore it seems reasonable to have a solution which does not use a limit
+imposed on per-message basis, but which maintains a pool of available recipient
+slots, which can be shared among all messages in the most efficient manner. And
+as we do not want separate transports to compete for resources whenever
+possible, it seems appropriate to maintain such recipient pool for each
+transport separately. This is the general idea, now how does it work in
+practice?
+
+First we have to solve little chicken-and-egg problem. If we want to use the
+per-transport recipient pools, we first need to know to what transport(s) is
+the message assigned. But we will find that out only after we read in the
+recipients first. So it is obvious that we first have to read in some
+recipients, use them to find out to what transports is the message to be
+assigned, and only after that we can use the per-transport recipient pools.
+
+Now how many recipients shall we read for the first time? This is what
+qmgr_message_recipient_minimum and qmgr_message_recipient_limit values control.
+The qmgr_message_recipient_minimum value specifies how many recipients of each
+message we will read for the first time, no matter what. It is necessary to
+read at least one recipient before we can assign the message to a transport and
+create the first job. However, reading only qmgr_message_recipient_minimum
+recipients even if there are only few messages with few recipients in-core
+would be wasteful. Therefore if there is less than qmgr_message_recipient_limit
+recipients in-core so far, the first batch of recipients may be larger than
+qmgr_message_recipient_minimum - as large as is required to reach the
+qmgr_message_recipient_limit limit.
+
+Once the first batch of recipients was read in core and the message jobs were
+created, the size of the subsequent recipient batches (if any - of course it's
+best when all recipients are read in one batch) is based solely on the position
+of the message jobs on their corresponding transports' job lists. Each
+transport has a pool of transport_recipient_limit recipient slots which it can
+distribute among its jobs (how this is done is described later). The subsequent
+recipient batch may be as large as the sum of all recipient slots of all jobs
+of the message permits (plus the qmgr_message_recipient_minimum amount which
+always applies).
+
+For example, if a message has three jobs, first with 1 recipient still in-core
+and 4 recipient slots, second with 5 recipient in-core and 5 recipient slots,
+and third with 2 recipients in-core and 0 recipient slots, it has 1+5+2=7
+recipients in-core and 4+5+0=9 jobs' recipients slots in total. This means that
+we could immediately read 2+qmgr_message_recipient_minimum more recipients of
+that message in core.
+
+The above example illustrates several things which might be worth mentioning
+explicitly: first, note that although the per-transport slots are assigned to
+particular jobs, we can't guarantee that once the next batch of recipients is
+read in core, that the corresponding amounts of recipients will be assigned to
+those jobs. The jobs lend its slots to the message as a whole, so it is
+possible that some jobs end up sponsoring other jobs of their message. For
+example, if in the example above the 2 newly read recipients were assigned to
+the second job, the first job sponsored the second job with 2 slots. The second
+notable thing is the third job, which has more recipients in-core than it has
+slots. Apart from sponsoring by other job we just saw it can be result of the
+first recipient batch, which is sponsored from global recipient pool of
+qmgr_message_recipient_limit recipients. It can be also sponsored from the
+message recipient pool of qmgr_message_recipient_minimum recipients.
+
+Now how does each transport distribute the recipient slots among its jobs? The
+strategy is quite simple. As most scheduler activity happens on the head of the
+job list, it is our intention to make sure that the scheduler has the best
+estimates of the recipient counts for those jobs. As we mentioned above, this
+means that we want to try to make sure that the messages of those jobs have all
+recipients read in-core. Therefore the transport distributes the slots "along"
+the job list from start to end. In this case the job list sorted by message
+enqueue time is used, because it doesn't change over time as the scheduler's
+job list does.
+
+More specifically, each time a job is created and appended to the job list, it
+gets all unused recipient slots from its transport's pool. It keeps them until
+all recipients of its message are read. When this happens, all unused recipient
+slots are transferred to the next job (which is now in fact now first such job)
+on the job list which still has some recipients unread, or eventually back to
+the transport pool if there is no such job. Such transfer then also happens
+whenever a recipient entry of that job is delivered.
+
+There is also a scenario when a job is not appended to the end of the job list
+(for example it was created as a result of second or later recipient batch).
+Then it works exactly as above, except that if it was put in front of the first
+unread job (that is, the job of a message which still has some unread
+recipients in queue file), that job is first forced to return all of its unused
+recipient slots to the transport pool.
+
+The algorithm just described leads to the following state: The first unread job
+on the job list always gets all the remaining recipient slots of that transport
+(if there are any). The jobs queued before this job are completely read (that
+is, all recipients of their message were already read in core) and have at
+maximum as many slots as they still have recipients in-core (the maximum is
+there because of the sponsoring mentioned before) and the jobs after this job
+get nothing from the transport recipient pool (unless they got something before
+and then the first unread job was created and enqueued in front of them later -
+in such case the also get at maximum as many slots as they have recipients in-
+core).
+
+Things work fine in such state for most of the time, because the current job is
+either completely read in-core or has as much recipient slots as there are, but
+there is one situation which we still have to take care of specially. Imagine
+if the current job is preempted by some unread job from the job list and there
+are no more recipient slots available, so this new current job could read only
+batches of qmgr_message_recipient_minimum recipients at a time. This would
+really degrade performance. For this reason, each transport has extra pool of
+transport_extra_recipient_limit recipient slots, dedicated exactly for this
+situation. Each time an unread job preempts the current job, it gets half of
+the remaining recipient slots from the normal pool and this extra pool.
+
+And that's it. It sure does sound pretty complicated, but fortunately most
+people don't really have to care how exactly it works as long as it works.
+Perhaps the only important things to know for most people are the following
+upper bound formulas:
+
+Each transport has at maximum
+
+    max(
+    qmgr_message_recipient_minimum * qmgr_message_active_limit
+    + *_recipient_limit + *_extra_recipient_limit,
+    qmgr_message_recipient_limit
+    )
+
+recipients in core.
+
+The total amount of recipients in core is
+
+    max(
+    qmgr_message_recipient_minimum * qmgr_message_active_limit
+    + sum( *_recipient_limit + *_extra_recipient_limit ),
+    qmgr_message_recipient_limit
+    )
+
+where the sum is over all used transports.
+
+And this terribly complicated chapter concludes the documentation of nqmgr
+scheduler.
+
+[By now you should theoretically know the nqmgr scheduler inside out. In
+practice, you still hope that you will never have to really understand the last
+or last two chapters completely, and fortunately most people really won't.
+Understanding how the scheduler works in ideal conditions is more than good
+enough for vast majority of users.]
+
+CCrreeddiittss
+
+  * Wietse Venema designed and implemented the initial queue manager with per-
+    domain FIFO scheduling, and per-delivery +/-1 concurrency feedback.
+  * Patrik Rak designed and implemented preemption where mail with fewer
+    recipients can slip past mail with more recipients in a controlled manner,
+    and wrote up its documentation.
+  * Wietse Venema initiated a discussion with Patrik Rak and Victor Duchovni on
+    alternatives for the +/-1 feedback scheduler's aggressive behavior. This is
+    when K/N feedback was reviewed (N = concurrency). The discussion ended
+    without a good solution for both negative feedback and dead site detection.
+  * Victor Duchovni resumed work on concurrency feedback in the context of
+    concurrency-limited servers.
+  * Wietse Venema then re-designed the concurrency scheduler in terms of the
+    simplest possible concepts: less-than-1 concurrency feedback per delivery,
+    forward and reverse concurrency feedback hysteresis, and pseudo-cohort
+    failure. At this same time, concurrency feedback was separated from dead
+    site detection.
+  * These simplifications, and their modular implementation, helped to develop
+    further insights into the different roles that positive and negative
+    concurrency feedback play, and helped to identify some worst-case
+    scenarios.
+

data/incoming/bashref.pdf

@@ -0,0 +1,9009 @@
+%PDF-1.2
+7 0 obj
+<<
+/Type/Encoding
+/Differences[0/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi/Omega/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/exclam/quotedblright/numbersign/dollar/percent/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon/semicolon/exclamdown/equal/questiondown/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/quotedblleft/bracketright/circumflex/dotaccent/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y/z/endash/emdash/hungarumlaut/tilde/dieresis/suppress
+160/space/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi 173/Omega/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/dieresis]
+>>
+endobj
+10 0 obj
+<<
+/Encoding 7 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F1
+/FontDescriptor 9 0 R
+/BaseFont/NMFXFQ+CMBX12
+/FirstChar 33
+/LastChar 196
+/Widths[342.6 581 937.5 562.5 937.5 875 312.5 437.5 437.5 562.5 875 312.5 375 312.5
+562.5 562.5 562.5 562.5 562.5 562.5 562.5 562.5 562.5 562.5 562.5 312.5 312.5 342.6
+875 531.3 531.3 875 849.5 799.8 812.5 862.3 738.4 707.2 884.3 879.6 419 581 880.8
+675.9 1067.1 879.6 844.9 768.5 844.9 839.1 625 782.4 864.6 849.5 1162 849.5 849.5
+687.5 312.5 581 312.5 562.5 312.5 312.5 546.9 625 500 625 513.3 343.8 562.5 625 312.5
+343.8 593.8 312.5 937.5 625 562.5 625 593.8 459.5 443.8 437.5 625 593.8 812.5 593.8
+593.8 500 562.5 1125 562.5 562.5 562.5 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 675.9 937.5 875 787 750 879.6 812.5 875 812.5 875 0 0 812.5
+656.3 625 625 937.5 937.5 312.5 343.8 562.5 562.5 562.5 562.5 562.5 849.5 500 574.1
+812.5 875 562.5 1018.5 1143.5 875 312.5 562.5]
+>>
+endobj
+13 0 obj
+<<
+/Encoding 7 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F2
+/FontDescriptor 12 0 R
+/BaseFont/MHIHUQ+CMR10
+/FirstChar 33
+/LastChar 196
+/Widths[277.8 500 833.3 500 833.3 777.8 277.8 388.9 388.9 500 777.8 277.8 333.3 277.8
+500 500 500 500 500 500 500 500 500 500 500 277.8 277.8 277.8 777.8 472.2 472.2 777.8
+750 708.3 722.2 763.9 680.6 652.8 784.7 750 361.1 513.9 777.8 625 916.7 750 777.8
+680.6 777.8 736.1 555.6 722.2 750 750 1027.8 750 750 611.1 277.8 500 277.8 500 277.8
+277.8 500 555.6 444.4 555.6 444.4 305.6 500 555.6 277.8 305.6 527.8 277.8 833.3 555.6
+500 555.6 527.8 391.7 394.4 388.9 555.6 527.8 722.2 527.8 527.8 444.4 500 1000 500
+500 500 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 625 833.3
+777.8 694.4 666.7 750 722.2 777.8 722.2 777.8 0 0 722.2 583.3 555.6 555.6 833.3 833.3
+277.8 305.6 500 500 500 500 500 750 444.4 500 722.2 777.8 500 902.8 1013.9 777.8
+277.8 500]
+>>
+endobj
+14 0 obj
+<<
+/Type/Encoding
+/Differences[0/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi/Omega/arrowup/arrowdown/quotesingle/exclamdown/questiondown/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/visiblespace/exclam/quotedbl/numbersign/dollar/percent/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon/semicolon/less/equal/greater/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/backslash/bracketright/asciicircum/underscore/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y/z/braceleft/bar/braceright/asciitilde/dieresis/visiblespace
+160/space/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi 173/Omega/arrowup/arrowdown/quotesingle/exclamdown/questiondown/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/visiblespace/dieresis]
+>>
+endobj
+17 0 obj
+<<
+/Encoding 14 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F3
+/FontDescriptor 16 0 R
+/BaseFont/XMGLQP+CMTT10
+/FirstChar 33
+/LastChar 196
+/Widths[525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 525 525 525 525 525 525 525 525 525 525 0 0 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525]
+>>
+endobj
+19 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 381
+>>
+stream
+xÚeRËNä0¼ó}t¤Iã¶ǹ0HH{a²p@{ðBÏ2“¬’Ì�Y%'Ç•êªJªA¢”ðÒqÛörG $Ú
+Ú�ƒ’*‡TC{ý$¶~|-J]qϸ{æx­ÄßZŠ³+~µwpÓ‚ÆÆÁ{°ÉÀ	ŒiÐ-Àì“Ÿ’ØPôSN£ŠŒºFÛ$ϵ“Öâº/JåÄóùÄ]¡j1ùéØwùÝ¡òCʃ”Å%)lª$wór\4Rù;éñäi³¨„ÙË�^r‘´¨äòc�ÜbefÂCá´àaüæS'LѤ´ëd{þ;ñ)~S¤Ú ‡�PRVÙŽ€jíJ]Y$NçÐè$põÊS®ãÞŸø³h´Ø䶮ü8õQ'ºÿEŽ<ü‹åq~vÇ|
ù§B“øLqCZŠ»€M6ÛG?Kì¢f©›2ð¬¸ïST|�?ðzêܽäçµ	u5óÚØ`V«ÕÚÌ@X›‹/Kɪ¨
+endstream
+endobj
+21 0 obj
+<<
+/F1 10 0 R
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+6 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 21 0 R
+>>
+endobj
+26 0 obj
+<<
+/Encoding 7 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F4
+/FontDescriptor 25 0 R
+/BaseFont/VHLKDR+CMSL10
+/FirstChar 33
+/LastChar 196
+/Widths[277.8 500 833.3 500 833.3 777.8 277.8 388.9 388.9 500 777.8 277.8 333.3 277.8
+500 500 500 500 500 500 500 500 500 500 500 277.8 277.8 277.8 777.8 472.2 472.2 777.8
+750 708.3 722.2 763.9 680.6 652.8 784.7 750 361.1 513.9 777.8 625 916.7 750 777.8
+680.6 777.8 736.1 555.6 722.2 750 750 1027.8 750 750 611.1 277.8 500 277.8 500 277.8
+277.8 500 555.6 444.4 555.6 444.4 305.6 500 555.6 277.8 305.6 527.8 277.8 833.3 555.6
+500 555.6 527.8 391.7 394.4 388.9 555.6 527.8 722.2 527.8 527.8 444.4 500 1000 500
+500 500 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 625 833.3
+777.8 694.4 666.7 750 722.2 777.8 722.2 777.8 0 0 722.2 583.3 555.6 555.6 833.3 833.3
+277.8 305.6 500 500 500 500 500 808.6 444.4 500 722.2 777.8 500 902.8 1013.9 777.8
+277.8 500]
+>>
+endobj
+27 0 obj
+<<
+/Type/Encoding
+/Differences[0/minus/periodcentered/multiply/asteriskmath/divide/diamondmath/plusminus/minusplus/circleplus/circleminus/circlemultiply/circledivide/circledot/circlecopyrt/openbullet/bullet/equivasymptotic/equivalence/reflexsubset/reflexsuperset/lessequal/greaterequal/precedesequal/followsequal/similar/approxequal/propersubset/propersuperset/lessmuch/greatermuch/precedes/follows/arrowleft/arrowright/arrowup/arrowdown/arrowboth/arrownortheast/arrowsoutheast/similarequal/arrowdblleft/arrowdblright/arrowdblup/arrowdbldown/arrowdblboth/arrownorthwest/arrowsouthwest/proportional/prime/infinity/element/owner/triangle/triangleinv/negationslash/mapsto/universal/existential/logicalnot/emptyset/Rfractur/Ifractur/latticetop/perpendicular/aleph/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/union/intersection/unionmulti/logicaland/logicalor/turnstileleft/turnstileright/floorleft/floorright/ceilingleft/ceilingright/braceleft/braceright/angbracketleft/angbracketright/bar/bardbl/arrowbothv/arrowdblbothv/backslash/wreathproduct/radical/coproduct/nabla/integral/unionsq/intersectionsq/subsetsqequal/supersetsqequal/section/dagger/daggerdbl/paragraph/club/diamond/heart/spade/arrowleft
+161/minus/periodcentered/multiply/asteriskmath/divide/diamondmath/plusminus/minusplus/circleplus/circleminus
+173/circlemultiply/circledivide/circledot/circlecopyrt/openbullet/bullet/equivasymptotic/equivalence/reflexsubset/reflexsuperset/lessequal/greaterequal/precedesequal/followsequal/similar/approxequal/propersubset/propersuperset/lessmuch/greatermuch/precedes/follows/arrowleft/spade]
+>>
+endobj
+30 0 obj
+<<
+/Encoding 27 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F5
+/FontDescriptor 29 0 R
+/BaseFont/PJOEOU+CMSY10
+/FirstChar 33
+/LastChar 196
+/Widths[1000 500 500 1000 1000 1000 777.8 1000 1000 611.1 611.1 1000 1000 1000 777.8
+275 1000 666.7 666.7 888.9 888.9 0 0 555.6 555.6 666.7 500 722.2 722.2 777.8 777.8
+611.1 798.5 656.8 526.5 771.4 527.8 718.7 594.9 844.5 544.5 677.8 762 689.7 1200.9
+820.5 796.1 695.6 816.7 847.5 605.6 544.6 625.8 612.8 987.8 713.3 668.3 724.7 666.7
+666.7 666.7 666.7 666.7 611.1 611.1 444.4 444.4 444.4 444.4 500 500 388.9 388.9 277.8
+500 500 611.1 500 277.8 833.3 750 833.3 416.7 666.7 666.7 777.8 777.8 444.4 444.4
+444.4 611.1 777.8 777.8 777.8 777.8 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 777.8 277.8 777.8 500 777.8 500 777.8 777.8 777.8 777.8 0 0 777.8
+777.8 777.8 1000 500 500 777.8 777.8 777.8 777.8 777.8 777.8 777.8 777.8 777.8 777.8
+777.8 777.8 1000 1000 777.8 777.8 1000 777.8]
+>>
+endobj
+31 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1191
+>>
+stream
+xÚ�VK�£F¾çW ½$ÃMóHNóØY%Ú�V±7Rç€q{ÜZà™Ì¿OUm`ìÉ%wS]]õÕW�¶aè<9fùäÜ­nc'
+ƒ"rV;'Ê_$i�:«‡¿ÜÕ^÷ž/òÂÔ?íŠÈ5’"tK|n:­v�lU_uú8è¶ÁYk†½‚`§ÊáÔ©þ,.­Í²SéP5^œ¹º¹0qWö{ˆú½ªkl×®êzöý÷êWǧð"Ç�DI
+mü�çǹ«†2ZÐ=!\‰e©Žƒ:°Ö`;,OÜ8åÚŒAk/
¢dFM"¤‹5u?n5Bç�+wI¹uÙ8>ÍÙ¶Ô‰å%3P2…åÅZ!V	ÐÍc2eM„I�H'´È€}úí.ƒ3Þý®vªSM¥@’¹—‚&„õ¥4ìŸÊNf¥!d��}Xþvm51©Å"©U3Ž/íÄqP¼5ó‡—Ççä‘ ¾`	ðóø"÷푱¾vúiï‘î`ôdÄä?Â(Uð/'ÿ¾BÁb5Öq^�Œ’@&eTä¹Ï	ÚGFÛ)¨Ëv70ŠþA“Ôè´§†LA- ü¥©l()Q™!`øê™\toI��FëS‡œ˜RaÁÐb=”ßÍ5|•�=Þê~èôæ4˜ƒ„[ƒmoÊ�%±[µGmš�NM�²ÑýÙß�Ý¥¦Œö±kÙ³ގöjÞc�Uœ�|žCXÓºRØ¥ýQ—¡æÁ_Þ
«	¦C‡x¶àô¬_šQ@:ˆ
<Çy�4¿õ”§ ™Ö·4ç4碢2óòÄlQ¼¥˜îRT7m‡ý¡EkëÝ+6R²´mMOW§ƒ2pDe¢::gÓŒ¼$"5BÜcËÙJ¢l:C�“„*N *YüÖé—v4EÒýLÄ6½âi"rî=1ö_�‚Èúê`´¼ârMë¬Ï Ö²Ò ?mjMz‹Ï�5Á{ŒrÚL�§³FÊmÊÏ:c#ýLÂ(t_ô°ÇqÃ9
+#j-S¢ž¤\tš£úHe©*¾Ú/®Q[;T5ÀD4¶ Í¿oÙ�
ÎjÒCh
+WºvBéæ	ßëõ-Œ˜¤°dš¦‹�Øú—£o9ù¾++Öþ~ávÛ>=&e€A\š5ÅS)	†[®=ˆìR·\m/�çË°poq6–õl¤Y©Q%Öt¡nªúdÇÀäp¼ÓƒjœÚÂÓCMúWԯז$1«\þz¸ì[¹Üì¶rƒ£½±³mÐ\¯xÿ¸%–�?š¾Éÿ‹Zè›×‡ÿÞpÕëþ'ÏO#Aÿd`í	ZûÆ!Ùæm{°
ÙÂÑÄ*Zg‹Í|(¼ÓèÚ¦œÈ|^8$HcJÇ4ë³³^æöMÃ)¦ îÇ
Ÿ½éD™M�(³sâ²ù“F(®:ñ
+ñ#˜±]‰ät¥îíœÞÑI?ýC0›î„þ%b€×íѤ˜Õ&”
+èïg\qŽq=ƒN&6\¯ðf›æÿ¼Æï>]²€*Šáp¬íÕ¯uY©�/Oz°^…ïÿϼkûÁ¾øÂýr‹›aE)…Ù…s4ô·å­‘\ýð/Euÿ½
+endstream
+endobj
+32 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F5 30 0 R
+>>
+endobj
+23 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 32 0 R
+>>
+endobj
+35 0 obj
+<<
+/Type/Encoding
+/Differences[0/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi/Omega/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/exclam/quotedblright/numbersign/sterling/percent/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon/semicolon/exclamdown/equal/questiondown/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/quotedblleft/bracketright/circumflex/dotaccent/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y/z/endash/emdash/hungarumlaut/tilde/dieresis/suppress
+160/space/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi 173/Omega/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/dieresis]
+>>
+endobj
+38 0 obj
+<<
+/Encoding 35 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F6
+/FontDescriptor 37 0 R
+/BaseFont/NWDCVP+CMBXTI10
+/FirstChar 33
+/LastChar 196
+/Widths[386.1 620.6 944.4 868.5 944.4 885.5 355.6 473.3 473.3 591.1 885.5 355.6 414.4
+355.6 591.1 591.1 591.1 591.1 591.1 591.1 591.1 591.1 591.1 591.1 591.1 355.6 355.6
+386.1 885.5 591.1 591.1 885.5 865.5 816.7 826.7 875.5 756.7 727.2 895.3 896.1 471.7
+610.5 895 697.8 1072.8 896.1 855 787.2 855 859.4 650 796.1 880.8 865.5 1160 865.5
+865.5 708.9 356.1 620.6 356.1 591.1 355.6 355.6 591.1 532.2 532.2 591.1 532.2 400
+532.2 591.1 355.6 355.6 532.2 296.7 944.4 650 591.1 591.1 532.2 501.7 486.9 385 620.6
+532.2 767.8 560.6 561.7 490.6 591.1 1182.2 591.1 591.1 591.1 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 697.8 944.4 885.5 806.7 767.8 896.1
+826.7 885.5 826.7 885.5 0 0 826.7 755.6 674.4 703.9 1044.7 1059.4 355.6 385 591.1
+591.1 591.1 591.1 591.1 948.9 532.2 665 826.7 826.7 591.1 1022.8 1140.5 885.5 296.7
+591.1]
+>>
+endobj
+41 0 obj
+<<
+/Encoding 35 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F7
+/FontDescriptor 40 0 R
+/BaseFont/AYERYB+CMTI10
+/FirstChar 33
+/LastChar 196
+/Widths[306.7 514.4 817.8 769.1 817.8 766.7 306.7 408.9 408.9 511.1 766.7 306.7 357.8
+306.7 511.1 511.1 511.1 511.1 511.1 511.1 511.1 511.1 511.1 511.1 511.1 306.7 306.7
+306.7 766.7 511.1 511.1 766.7 743.3 703.9 715.6 755 678.3 652.8 773.6 743.3 385.6
+525 768.9 627.2 896.7 743.3 766.7 678.3 766.7 729.4 562.2 715.6 743.3 743.3 998.9
+743.3 743.3 613.3 306.7 514.4 306.7 511.1 306.7 306.7 511.1 460 460 511.1 460 306.7
+460 511.1 306.7 306.7 460 255.6 817.8 562.2 511.1 511.1 460 421.7 408.9 332.2 536.7
+460 664.4 463.9 485.6 408.9 511.1 1022.2 511.1 511.1 511.1 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 627.2 817.8 766.7 692.2 664.4 743.3 715.6
+766.7 715.6 766.7 0 0 715.6 613.3 562.2 587.8 881.7 894.4 306.7 332.2 511.1 511.1
+511.1 511.1 511.1 831.3 460 536.7 715.6 715.6 511.1 882.8 985 766.7 255.6 511.1]
+>>
+endobj
+42 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1470
+>>
+stream
+xÚíZËrÛ6Ý÷+¸¤Bˆ7°êįŒ;i“FšÉ¢í‚¦˜ˆ32©á£“þ}
‚ )�¤5i[´WÔP"lž{î¹ç^À@x_½úòλX¿¹A€„Þú‹G‚zI¼õÕ~²økýË›èAPý“%A¦®ˆú7ë…Ä~x·‹K̉Ÿ}ÑWê_fé~«òË¢]‰LôJê_€j\¯KñoÍsy¦Ö	üM•‰Zª~šuOCõI /¨êQÆÌ…\Î÷æ1\s
XÐ`UÝÝC
+¤ðÔÓ€4€
iþçmX*41ö“Â\/Âbû³Y„w‹H(þ?0�Y,ÆÔ‹BŠÊ¬ 
¨TAÁÒ&(h4(¡¾¿ØÆ»�`@'ÿ0?ᦕ
?Ì›^Z-1%€Po‰$Œ ¡Zˆ¨ÿ‰(O­?…+@� 2ÿp8:D,˜¸á8…ˆ%Fóæ ™$2Õ`¥9m>Þèz‡e•Ç¨2Øù¨ú18P€,)è´H›
+‹[‘¶)!Xý“.÷Ë𛣂kšÎ·ì=b}q”
C@a?XJÁn¤C$¥ìGèÃ~¡~ëÇyع“­–:榇K!ä`6Ž,m‘EÙß«¬LÒ¯ŽjÄ^<ÛO· Šv­<[ܵ§î­ì\Q¨ÉÌýØØ�Ëm˜‡Qç.«•õçô9—<‡ˆÊAëhÙ4 Ö—­ëfF¥¹æ¥­RGé=¥Âg–­ª³ã‘F¸Áè*«îÂHExvþÈ
ÊOciÐyûÛêvyÙ¡3¤lªÓÕõó—6„;Úò>«&
+wñrÕTÎ(Ñî:2š³^ìçaZìFê)W¥z¬GWTN
¶¹Á§,6…ì2»¿��ysSB0=Wé½ÅóöK?°pAI
—‡8»½3î4ºsbñ0Ý‰4×ÏÿÒÌ¥Q†ãDoÐzáä~o+Àx´ÈÑ9öÈ�©Ä
+…
+dïǤÑÁ]’TOÎ�|�õœâx	p÷Ž·�@¿OŠ²·Õ“jmxÇé+ƳŠ‚Ë[È)𑶾ÞfUºy(û	
ülGô®Ýü]ŽûUÛ[5¾'ÛkØp--ʼŠÜ�þü™ÍÕOM€@z ØZ­^ySÏPöb�c è(Ÿ ãŽßS95[¶``_ê�'Ö¶%z—g•�ódRP€ž\SŽßW2`Ú±®‰çÁûb×~Ý,ò«4ê
ÉûJbR
^úDrÔ‰)QžŠ‡M3âÆã£î=Â<¼�Ë86Åü)r&j�ª'ôMì(M¹2t$÷Äâø¬8Pº‡‚�%`x>’FO‚¬ñÀÝ(àTÀг÷Ñ#PÛ@@6®ÁÔÍùëoû0-ø5ß¿'ß¹K^+¹ÔæûEFñþCP®#7ÄÃ_t“ö![þÚì_'»Í	*½€s?æs€#¢=® ¦pÄή¤’OÖʧ¾…¦ eO㵿¨ú÷¶´È©ììúTí¿›íôê®(“²-
ÐyTw/»cGN†lÞæI¹U©ÏfLgŸ2(žëÄzÈ ´»£M!ÅO§!*‡ÅEq
+•0>‚‹Í@�žF­Ë=nPû¬[Â,ß
ZíwI9¼¦¼ÉÔîþl7;xt…Aô&ÙÅ©Rõ‡óƒ€žyµt	Hº‰	ÂãÓW;y3�D©Ê`jhøkXFúÞvx3¶>Ó|.¥°Ý�nÑ$�ìÎÖ4ÌùßgÚ"ü½ Ê'ì2RLžëÖd½ƒ-ˆŒ\XC¯Oñ&Éã‘¡—`àõÌÒ=KÍ%G
b9³íX;�½M÷U9ÐOÈÉS)ó"BÊ�l…‚NAˆF üP•ƒjµäóhjÝb#º~™1Ìõú§
/ilè
+endstream
+endobj
+43 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F6 38 0 R
+/F7 41 0 R
+>>
+endobj
+34 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 43 0 R
+>>
+endobj
+46 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1537
+>>
+stream
+xÚí[MsâF½çWè(ÌÎ÷hN){m'NÕ–·jw«R9( Õ
+D	‘òþûŒ4	4#'ö	„d™~Ýýúu·ð €Ð{ðÊ—ß¼Ëñ‡ì!$òÆ÷
+<D€¤ÞøêO?ŽCýËp5	!þ—è>Ê¢Å$Ò‡ŸÂÅ&ƒ¿Æx
�¼!V·(ï@d0”RúËeq7?ZLãŃ¹Ù4΢IM‹cêß­óå:/îôáFl~)ñ`yK0"Îõ‹píëÃò[m@%9`¬úR˜—æ±ÞPaˆX�ÕkkóGy¸˜†Ù¶ñåõ¹ë’ë,K3L� úÒ¢Ý�;|§ùaÛé˜aÀèN^gÚë¿«tѾ¼J˘¬çQ™4ùÊŽtu‹ èŽô“G·�'âì'oÃ9Ê3•I6†R]Íξüµà
†9±èÃWh|¯ÖË$ž„
IÝÄI¤Ùç*ZM²x™§™#pHî
õÉ]€²Zƒh0>¥EžþcaAú± y:há„ r§ ‘§;SÚŸˆšòÔ½*aUõ� MÅû6°ŸÅeöT:ö^éYéD§ÉV¶(â@Bÿú1š¬Þø˜ÎçÊ©Žô ðç¦ÇÉ£l33”µàu%™H'Ù(ž/
ýTàVªðq.Vqºp°2$xmáÜ…Ä@îÖl­ªf“
æ~Ù—à†?ª0t¡! .epàÌ
+�uM–ÝeH˜ÖiËðÆ>íü….QYº(eeàÛý† ƒôOmS/üØmjããªGj›#æHuµØ´æ¸5Ùž„³� @
+öA[5"×�q^7•ùÚ&æ x>/ŸyD
+f0!¨enXúa&6¸\€€ÜS.�J@ix—ú*õ1šEIR…w©7ñ­t=y	¼¡¼°ü‚9 5í`}©–ZœÕ9±,­âEëaV»G0ÿr'J&êƒm•È›5‹ÇÌoÃ<D1ÀuXž!Q=¦z«þP¢(ô[¢—é:[˜áE®¡Œƒ^Î8ëHµ™Xù`øm>`ØØ€]O¬›xëíJ¨r”8©|È
+Ç �ÝDv--´h	ìxfB8Ê·
¶ U’Ãëí“í¸‘’é†[ìŽqjj^1v~4‰ÃDwÝ\¢|�ѹ…÷>}
›&�Ñž:èKì:÷u ‰fqøwÙõ
©¿ýŸä~\"a\¬kðX•Ôüžª’_‹±à6š[3%Ú«ÞŒb³{BÕÁmÁî¢r樑ý誆[¼í¾ð¿(eÄšÆ$A�RæƒTNQrSH¤ZõÌÉ¢P˜gʼx§mãl•Íkþ¸Õ¤b–þ¨¦ÑX£jÅ5X¾Ê é´[õÑlË;.™Â43ÊÃ,_/›‘k.ß¿mb±è]2`†ù\tÑ;¯•ºÎ„<ÊÂI—	éd(˪K#€ð'óá]¨cH�¨=Ñ9ÖVž0»›o³°j–â•Ùwê㶓Ė“~u¬t€/9ý~ÑÝì2ú�©v:·ÕR8Ÿ`64Ÿ ¶v\ÇÍÍö¶�×k°~ȪmPÄT-y4õ"Åñ¼b²•çGÏ|ª(HÜÉE}Ô*9ÓÅ4.ÖeabögK¥§Šu©ƒ
¹Lœø”Þ�’Æ(
»ë5³GéYœÏæQOÕ‚þª³“Yeðf_)p7þ¼Âÿ"‰Ã•CqWFû.bŃ/uA¤›l̃/YV’íO§ËŸ€î=Å”Ëdí2Ú�bA{ˆ}U>‘�f?ëeR¸ò‡cCŠgÏN)û°“‘õû‚uK—ÀÈ`'Ú\¡­{ôÎáu!ñNh7ã”x¨”‹QdžJ´”/K“¤aä&f?gé|éø•‘g8âÆ1CgÁ»9Á6	|‰Vy›Ÿ¡˜±³Ír/Qx¢ëXE‡µ¨	zÐF–$ÿ|7ºý^ý|Hÿ$b9ùÖ)/ßp™+ù¶úõø—
°Áÿ-
+endstream
+endobj
+47 0 obj
+<<
+/F2 13 0 R
+/F7 41 0 R
+/F1 10 0 R
+/F6 38 0 R
+>>
+endobj
+45 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 47 0 R
+>>
+endobj
+50 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1722
+>>
+stream
+xÚíšMsÚFÇïýáÀFû¾{Œ»Mš6�š¶“i{Ø€lk*�$<æÛw¥Õ®„´´ÁHNJžŸþÏûŽ£ÛQùòýèböê
+�`$ÍnF„€ËÄ@’ÑìíŸã(Š&ÏÞ¿º‚#H&Å—¦! FS¤¿U~‰O¦":~¿ü<™bNÇo–Éã<]Ææ׬þµþ&Àt”¿ú—Œ™î{÷…îõfÛ>lsB‚*K6oÀžâ€—úç€`C@}· *–—,7,õh|¡²hž™»ñúnrÀ|\Êà(>lƒ†’"7„†¯E‰†¯_hm‡¿Šâ<J<ø)n÷Uãïp:野·Bÿ}"ÐX¥‘ú‡òÕnöÒ1à`ñ¨ËZGnlh7hcí
S$A ÌWª˜ýfy¯’…‰Û¢$4W—‹HËü¶½%)îp°Û6B"
s’ã»\áî;+ºÉT¿.Vó<Ò:,™/Ík…“M<M-2�e?ž#Í\»y³¦é]ŸCE
Õ"®�aË7L•!Û
 pü-€¶( °…q�¨Dy!c)e‹ù…J­`³,4 R±'†R>�Ú!¤UCèN„��ÐOË	bãÇ	ãð¾ $ƹI:U`ô°l¤›ƒ&Š6	ëx,D×~âìÇ>ûŒâ¸d¥HúMfòpòØñw%èØ^+A)�øH¼NoW¥Ø8÷œzpêt�¬œvä1jˆ]‡*�Qä®Òß,S[µUâ)ßE‰‘T~Wáý!Êòeºî€Eˆ�@~±´Ú¶Q l™ÖÌUÖ-pO®ŠrsuÅ¡§Õ‚@²Ó¨8_&,£@ó·Ò’A¿´°?qÙ@Ì(?»^›¦ž<é‹÷QvÚ‘V߉S•¾tsTÔžËDÅmTúOYžêÂÕÀàdWÅI7€@íÿQÒþT†m*»V÷±_1]—E@â3vÙMFê1›dýÕ:©"àE”,ŠÛàÜtÇþ€€>{1ôÌUF7/"À¬Qr /¼6sßU1®0iÙÓÛ,}v:Íb7x	 vㄶsRIô°ŠUîªÑÙÖÒ
ëêÿ~Ú†�lÀâìÀ[íxs§’ÛÚ†‰Àãð)÷4Z<‡÷›¶å‚×=7 5Õ~ëVEs£aÐ5s98Òv~*ìTÉ?^™ãr›ð‚¡w¯¢×¢scM !d¶j~˜L‹þrݬºŸu³‘FsƒÏõÜÛ{h­0zx€±¸š¸kyí'ÌXþ!Ìsgq3¥ž¡�]?”öÐãGŸÊ7+
+�<|'Ö�ÁêbÅ£–
¯<'\.…°T颚>¨yºô­rä¹í:nDQ=ª…
â'*7ZÞÛ¡M”ÍÃ8VI¸\eÛFúAdk¤}vƒµlymoUÝóhMaÃ^êíH#7¯*$´ð7¥B~kJ{öuàâ]ö6p±Šý/éò6UZQ®ÖúÒ­†pMµDÏß["hÕËw!hfÓ½›TÙöXv´\´Ï±š‹ômÝ0 ´¹x“Õâí·ÌdFN]�[¾ygŽN˜=ÉãD§Â0^wöpþ—†~õSg×Y=ƒÐsº
IYøE¹l3&ݲíBew›Å}]
¨yGyäÝôêNâÆ</¤6Ž
›È}qLº
\æ�CàSlîg§ÄÀxˆ3­8ÛéñÝ˧•dÞL¡]�ñ£Ãû¹‚9Ø´¯”õ¨øò±èªvÉtoÃ,ºM”~>Q£Áþó¤3�nÔG�8zÕæÓe-vÏd#ï;ÌÀ76¤ºjæc+ïè/DyèÁ%Ê‹/qî3,¼õUíÜ|—úU�ô.Ére‡Mº0*“Yç<�uez:H;Õ”Ä�Ê]ª)ý·F9eFIØRSy_‡ï…�ûlhÐŒ ²¯¨Ò?°UUÑÉDqJâæôœ¾øøP@÷ÄQ­q$Ž5
=ÓîÉ[ò2¥–)Þ`êf…›«�•®VÝ¢ïµ=��‡ó|•zÚTte/:çtÇ 
+�w ±áÉff¬îCšfgPßìé,
݉³´]WCèÆx¾qnåz�åá½¹ž«¼rfÍÆž
£ƒë¨­“ |ˆ§�vxv}§RçÈoÃ¥Ý7ó.äñ·qe߸ҵŸHØNÛ>VN]° ÍSô™÷°íPÙô•�²Åõw¸pÀ›GpÊl*6‚PœÇyð½õ¬¢qJß⾜}÷/†9UU
+endstream
+endobj
+51 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F6 38 0 R
+/F7 41 0 R
+>>
+endobj
+49 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 51 0 R
+>>
+endobj
+54 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 750
+>>
+stream
+xÚÝVMsÓ0½ó+t”ú´$nMÓ”2´Ã´i9“(­™ÄÎØI¡ÿž•å¸™8îd˜Ò�žKÊJï½Ý§E”PŠnQ=œ¢Áøíˆ#F‰eh<CÌ &ˆ•h<ü‚³û(æFŠiuÅB|éf®tùÄ…Ïó4�¸Æët}x;bˆI"¤Ã	ÅÂÕÑŽ–KøÃ.Ÿf¿à—Vø(Š�03¬å*ËoÃÒ`}[…�ÉcHΑÑ:‰b–$aÐû¾žorã’pÛ܃qí7 àC
'B÷!bc€¶(N8þQ”az˜}å*	ÄVajYŽËbá¿$ß¹&@±.sWq8�©�^Wwn>ï�&ÂM?gú5Oî
+ÇM˜j…³aÃVþÇÜZb$°š)êm ¥Ÿ-–s·puƯÒUVä¾xG=¨‹Qd6êÁ† ž�øêæ2'lÙRK?^€kMqPŠïÞ]@Á%lBtRHA”ò	5}zê‡b	Šš‚ô˜5™ék–Úšß.P%½ý¨g¡º¨ž/”Äq+ÞéÅõ¶4Î5ÚÞãðd½G×�ÙÄå•ëhÄ,܈¿¼
0¹K	7;œ
Oš#€'AXË“gÊZ‹�†Ã“‹áõù»@×û"â	þYar]5	½
+Y
S²ê�Yml°þà9˪Ïåp*§ªúÔ©'_o‘_u¸†„¢æù©þ�­#­­�¿‘V²Cêý,Ÿº¦Î‹Yƒ
5on6‡¸ñ�b±HóéžGXX’È¿ó ìB°É–¥IÑóÎ>�êÒU®¼÷Žå¦ÁÊ>GV@³±çÄŠ—¨ìNKÁ8Ñm¡JÕõ“Ç‘–é­\ЀH
è�‡•–Yú}îÂR ¦ÛEÁ#h_°#èb5D±k_û4òxÖù¤1ä^<ºÂÓ�Ÿ‹0ýfÛµHÛÃ×q
ýÇr’¡‡*ªüùš¸ê¥Z�Ö:TíŽèdüæ7VÍà
+endstream
+endobj
+55 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F6 38 0 R
+/F7 41 0 R
+>>
+endobj
+53 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 55 0 R
+>>
+endobj
+58 0 obj
+<<
+/Type/Encoding
+/Differences[0/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi/Omega/arrowup/arrowdown/quotesingle/exclamdown/questiondown/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/exclam/quotedblright/numbersign/dollar/percent/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon/semicolon/less/equal/greater/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/quotedblleft/bracketright/circumflex/dotaccent/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y/z/endash/emdash/hungarumlaut/tilde/dieresis/suppress
+160/space/Gamma/Delta/Theta/Lambda/Xi/Pi/Sigma/Upsilon/Phi/Psi 173/Omega/arrowup/arrowdown/quotesingle/exclamdown/questiondown/dotlessi/dotlessj/grave/acute/caron/breve/macron/ring/cedilla/germandbls/ae/oe/oslash/AE/OE/Oslash/suppress/dieresis]
+>>
+endobj
+61 0 obj
+<<
+/Encoding 58 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F8
+/FontDescriptor 60 0 R
+/BaseFont/PPGNWN+CMCSC10
+/FirstChar 33
+/LastChar 196
+/Widths[319.4 552.8 902.8 552.8 902.8 844.4 319.4 436.1 436.1 552.8 844.4 319.4 377.8
+319.4 552.8 552.8 552.8 552.8 552.8 552.8 552.8 552.8 552.8 552.8 552.8 319.4 319.4
+844.4 844.4 844.4 523.6 844.4 813.9 770.8 786.1 829.2 741.7 712.5 851.4 813.9 405.6
+566.7 843 683.3 988.9 813.9 844.4 741.7 844.4 800 611.1 786.1 813.9 813.9 1105.5
+813.9 813.9 669.4 319.4 552.8 319.4 552.8 319.4 319.4 613.3 580 591.1 624.4 557.8
+535.6 641.1 613.3 302.2 424.4 635.6 513.3 746.7 613.3 635.6 557.8 635.6 602.2 457.8
+591.1 613.3 613.3 835.6 613.3 613.3 502.2 552.8 1105.5 552.8 552.8 552.8 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 683.3 902.8 844.4 755.5
+727.8 813.9 786.1 844.4 786.1 844.4 0 0 786.1 552.8 552.8 319.4 319.4 523.6 302.2
+424.4 552.8 552.8 552.8 552.8 552.8 813.9 494.4 915.6 735.6 824.4 635.6 975 1091.7
+844.4 319.4 552.8]
+>>
+endobj
+62 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2837
+>>
+stream
+xÚ�YK“Û¸¾çW趜*‹&Hð•Röf½Ùds‰'åCœª@$±†"µéñüûô$%j&©\D�~~ÝÜDamŽzü¼ùøøþS¼QQXªÍãa£Š�JÂRoÿôÏàÇ“¹¶Ø&I¨ß?lµNƒ_Ú‡8†¾{ØÂs?VCݵ0.R¥õð¯Ç¿¼ÿ¤6*c"¸…sÔf«Ë° šêa›f1RI"¦OOÅoÖa¢q³ìMèäÍ¡lÿr2ìÌÓ vüühÜé�L`y–Éf—aÎplˆ5o„çp²<p'Û4ïpœ]ÏsUw>›vÏÓGs”å5ËÁö—Þ¯l<ø�H–¸)fn@F!8"NŽí¸b7ÑËëî‚2
lo†º="Í$p/n°çõ�|ÀO£x³½©”ö¶æŒLf_2S�iù¿©zsœ/g˜HKáV°`É¿™«d!Äħ…¯�ÝØ·vûáhj¤™$Áç?ƒÜÖ’�`äïúJ'ËÃg]Fa§kyâó`/'+“|í(f¶Ì8œ€Wºq¬£0—³¥vXÆÉËa°¯{[
<6meÝ@…«¥ÕØ÷–•‰:øG[çWd+yÄqŽÉWsZ]]…:•×x
�ϧºÂN|‚¹ˆvMo÷|IsÉÖgû
wg²ñ§}íÄ�aª—Šÿˆì’R~5;T}¢ƒ¿[ÇL§ƒ'3ÝÞ‘ßâb	<ñâ!ÑF¿AÊY˜é+¿Qâ7
+¼¡?Úæ…ÿ€Ÿ\ÀPw�åÿÏõpZÛQš„iò†ÜàP/7q:°à¶êz–V¾`åôÑÙÃØðø`Í0öþÍ¡ïÎ<ÏVÁ_»¾ej÷ºUEê+zºÃ_¬ÂüŠ?­J>?òãþ	E„„ykuïêy¨ryþ�G!&ˆò¦§Ä›voéhð�ŽßìØ–ø�áGÕµàÚ»ÐÙ^_Ÿ/�=‹AÛ8�ê÷WY…¬R…±ç¬¶VbŽ†É•é]:^s{¯ä*›?“` ¤"¼2
+°>J$]ãxΉkTõ×8Í+Ï'lû¬ØSiêò†½k¥ea™É‚/t\ÿD
U—:ø¹ïÆñ*	㯠ý2Q,}˜î€‰|…98Œ-%*ÓˆÂ1EºD cÈipp2¸„—¶cÏ[¼éW6R‘·¼#�ƒGmðØËŽÂC²ÈIØäsø`v'X
Ü{s>sN

+àHìòpí0.–>ÿåT“?'é]ÓÑgú­di)y-›
MÎf<&¡eÁ·zo%lÁ�ydìRîÿ�xÐŒû‰ˆáÙ›�¦Ñ¦Wa»Ôa‘ÿ�N(§QØc‹�T˜¥K‹çÜê
D9ÇÌØ<KLƒ1¥IüZ?ü†ovÏ’Óìmq&^Ü®;HñU9¹Í•ÒY:ñöÛXÂÝ…M¥Diaì—�ß-R Eô,	ú±uüÒ§•C|¾‚�Why¤IV=ý�nô
”b`�äÖH‰Iâ€û̯y2Ó³ÙÀ›�cù¤‹P
+*<àøku//çS(ƒ0*Äa䯾uãe’„YÆWpãìÊÉ}:b·Nû½vÝZµy4Ÿ{vÛ}çÖq2
Ër2½[à‘~çÞÇwac±4ÜÄ;||�›RØyf/�05¸p·áŠy¨BJUˆþ¯!nÃ2ôûÈ[/‘÷AXZCRGÉ!ˆÝ‡Æ«
éaâÒJò'
)óá&®˪3Y&q‘J0žÃ°ˆs1‹íw[�„ðŸÀy‡)Ž|¤Ü
ó1Ïbä|&]ËI‰ò'ÓI8w¶†ü†sr¨É9Ñ $zk¶¼b°ß±z`àˆÃÚÝœéµßa¿_'|Ú/ŒT= YA0Œq1WK³Âf@EèƒnFuÉ2ÂEä�²˜¤�“¤f˜btÁ)¦
ÏÎ….e”áK!´‹R®X°âëÌS¨©œÂXTdÁw{Àv¥’TTB¤AÏ7ØN<„N¦Ûˆ•`î•C6by°çõSú<˜Š^*ùL3zòy�—xÚç›…×&X·ÆoGt%¯Ç¡«©-Z¦†H>wYª«RçJŽq-ÊRk0ŒïLÓ°ó£	á9Y''~%^Ÿ˜ÄE ²Îºµ{ä,.ƒO€	dKÕ	”¬Û‰™Im·ÆH~‡¨R5š¨ù,„(lÔûwW€eZt­ìæup£³³
ç’(둯‰ï[Ê*«m'3#1~?x‰ß2Feh��<'£¯ŽÀèÕò“+Ñ®¯Ùð gŠ&Bë²;†¼¡=€z:XPŒƒE‰
†8iœýN@û–C¸VÁq¯›,œ±,à¿kHE3`…š0$Žj„"úÌðŠ3æ·ºïZ‚¸ÅqÉa`ÔëÝ™£TBîSdE)y”6÷ä^©8©^ T�ñø€š-Ê|—Ûóèömd]–´]»�BÆÕ²BcÙ•¦S¯‘cbgN{]äS/¼ÅT•½¯ä‘º½Œ+b(â9;úØóW­±oàcÆI
¦'T)dbì”à
+Nnì{ð×_o-({€Û8“ï–Û-;ï=ç×ܳz¥ºF³:±HkìëùE§sN‡ádž˜‘ÓÈ_�J<x}'Œª$õVMÃØc'ÄE´Ì]ÄÇKË}0Ûnt„)€.G‘9^�-�aüÍÃèÊ?}Áç™8FDž†ð
ö¤ß=uM|Àˆ%ÕH/¥±ä9°Q¬ÉaleÒ$$/b¶°?por‡Y%ÚÄÄE¬‹ü�¤&¯-ÏRv€çÂd¨#A“ÓƒZmóÔú¡‘XráåCo¹¦ÄÙzà)4.ÇCÒÄâw?$›=·ÁLÃ.¹€ui:%Ï÷ŸôÒŠô\>÷–ƒòÔr^XSªg,
²pC?V¤M8DZçzà	4þÖn!c†ôÌøyÃ-L*}²Ò׉¥„6ª¢£üêndŒ«Ç�"�‚SO�³qo ìßÀ–ÝÕ¹t§®a5»`Æ.¨£k†qÂÓÁ‹g&2~íó…½»¦&,þÀ¡Ã¶\â/sÆ+qcŠý˜rã:-0NpäèΆAk*x¬�./<wcÝ[ÊÅEºt¸bî'ée·(
+½öikÝÞ)Ö²0ö•úצuÕ[ˆ«§’`ë+É«ã²P(K$Áá
+ ;5R5Öͽ¼lÅ1Y¿m-ä·Ô	ÄÕ»�Ûò0÷­6<é,:è —H3ƒ$ð顈åt;ƒ÷x·Â"€Èñ{Ž¸Åþ¿´¼owçaêë×xûÓ:„a–¼ºpgÙRt �ò¸n÷
æž’ú\
+=ju5Ao5o"+T±Î4ÂÖ¶C‡ÌÒEË5»Ñ=5g±k2Ž•þøÉ~”¥“;Τ*3:;­zá‡)HCÜ +Ã"¾ÁÔõelD·ÒðÖQ<‘‡9HE¶9�²‹92^uå‹ù®§?”¼¬Å
+¾]¼¥_Z�vè.ƒûÿ	<Õw>&¡:JÅžõºŠíyYtyÞßëÞ§é�k1€ôÈâ¢æ“{翬
¿Žhc³çïQËüg¶[ÀOkµ|Ïšýg'ÿ“Ob»qàe‚#ñSW/k%·gSŒ^:?®J97ã²Úïx»Üò.¢[¤¬˜>ðw#=}
+âd•Ì54¼›"w˜zY
uÕ×bÆû©Í»Ç�³¿�3¿�g^‰ý?=þî?Õ£ú
+endstream
+endobj
+63 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+/F5 30 0 R
+/F4 26 0 R
+>>
+endobj
+57 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 63 0 R
+>>
+endobj
+66 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 583
+>>
+stream
+xÚmTM�Ó0½ó+rt¤MHl§I¯+$¨Ä�rp718q±�îößãñ¸í
+8y¾çÍ›I²ª¬ªlÌâó!{ܽ}O³º*·u¶;fu—Õ¬Üòl÷î;¡yA»¶kÈ£pS^0ÆÈy”V.½•“ÏbÉiKV¡ó»�YÍË-Ë
+¾-»XàÛ¤tˆä”ù"ûÕ«e•“Þ̳X‡šr)È9z%ôC°ñ†ÌÆyŒ2G|ý”jž1�ðœIZ´ïI(�bèsÒòEùœnÈeŸƒ•Þ*¹Ijí"ô°óð°²Æé
kV¶¥Ä4„þÊ¢(gh~8Z"‡Ay²f´bžã¸§Å2®b”®Ì‹fÃÈ'õSa$ñ‚ʤƩÐòým×ô@	ë(e#þ?l³FðM#g5H‡›;çMC„Uâ ¥ƒBŒ’=ÝT˜yF½7Ⱦ5úfpÞ®½ÇN~¯–ø€5#Í ×¥÷*—¯ï Þ”5‹p¾"Ñ匘=m6°*PŽRøÕÊ䥰À!Èö*Ä·½Ðú’RLÊUVZzŸŸ”S²º$X¨JÑ~
+4£dðë8§sÃðÈ+x{Å?W�ľÚksß+¬µjÈn’Ð<ƒëHrÜ'Æ°^¯Crý4â6qÀtÓ^¿—ÔU-)C
+×ñ¿¸ç08+ç�½ào{Z	¯’sNžDm'Ì€�b|*ä½Â*½áÄz«ñc”©p?føé5ß~x#O»7
?œ
+endstream
+endobj
+67 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+65 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 67 0 R
+>>
+endobj
+70 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2054
+>>
+stream
+xÚ­YÛŽã6}ÏWøiVÚŒHê:˜d6ÁÈÛ½ÀéË–i[Y]QšîæãSÅ"m¹¥±=Øyj™—ªb±êÔ)ö"da¸Ø.ìŸßÝ}ýƒXð�å|q·YðlÁ%Ë£Åݻ߃ïwjßën¹’RâõrEqðNß‹8mʾl³\‰\¤"�Ë?î~úú¾à)VÐ
+äóÅ*ÊYfe‰å*NÄ‹ÝvÓX{„ªW"e2±»îvÚhÔ/ƒõ©^)£@unn0zM_ý®k‡í®zZÒïÜ’NתlÖt´?_©U³i0¨Š‘]òh×ÊÆ3–IkØo¿Þ¾ÿÏÄþ8eq¾튷è®<بº¬žé•Ú¿{ð[è†~šgÓëÚ}÷ªY«n
FEq<({2»É­þwS>±å*ÍEð�2;Z‡‡ÀÉ¢m
+Ý5~ÏcÙïÈÈìhdç�ŒÓï[S>MÎ!9K¤;CÉÄ�w¯sçíNW}‚ÁäË»eŽ…£¥A[9¯ÞºóÌø4Ë™äS²å¡RÍÿ.ù…š½*œ­»Ï^=�^âNuª€È�ÑJâF7ù0”U_6õf¼[×tZøÑïTO_6‚àèe½¯t­mõ6 3€d‘ÀÏ®QÆ
Ž=àŠg/FÓ‡qE�½ÑÕ]žÇA§`IwÐÙ�.'Œö÷[Kí<øC?éb§TÎOû®ÝvªvþkkýB5¹¬l^\.&Zå&)8¯q$Ä^ßµ.(Ú½ÃávæÝ:²øíD4çäùǶ[Odˆ˜¥><éDœ{yºÛ´]�À”„�¢°ÌÞ‰µ6CS Ž@E<Þ÷´/§ÕÔ¤,eYæT6ú±*=1+Ì†%Jja}lH…õ±5¡­ª­z,›ík{‘°œ#Æéù߉%’…þè?N
”³(vÓÿp9;•ÁK…[õêÕ¬�äDˆ¸$dzÍÇÉóvøüù"Þ|
|œ³C~–ˆû๦²DÂBk÷˳²fòRàv9NLýTö.ñ{ÕærNÞY$à<ø°Œã@UƒýBíª.’‹#Œq›i8tDHØÜ·ôàŒ>
+€@åU$S¯Cœêà„¦ð·Ó¦ïÊ‚€t$M—Û�…Ô)ø=€¦q/0­VOe�û†š"z¬æ=
q|
ØmJ]­/Õ‘ƒº�/ò”  ÇÒðÔÓœÃ.³ÈƒsàN?Tn™ßH`2–D«_;pL?íUc�#Y?‹àíÆR¸“¹›©ï 4ÈJBW:•è'b(Ô,w³7(‰;ÍYèì<,ÆÊ
Ž1´Çò3&~f‡�8
ü18Ú¨ZÏÕ4GîT·|}5×ÝR¥½Ì‹¤¢
�qd‡ÉDr †âfÄ5[W?×ΦróLkMP½ÆÐ?Û‡‹6Fa`4&rÄÉ@øeÝRÉB£
��G÷]iè0¥&.-ëÄÚ…Yyê“Ä}ŸiÃThìÛè³[¿éÚš¾Ê~&˜7²WæòKyºHlcÄÌ
^�')Å´hl~­éʹ‚w¬„Ì‚Z;ÆØ”¦Æ¡ô€køý¸+)è'\>Æ
n,�jáp5
lâîÒÕ³ì-ɇ¯ûÀÆq“f
x£9y§æT×ûµ˜Oµ&Ô?eê.-Ûæ4DO/뼫HP­{Uø >ç§èà§49åÕ8Û[F<È2�)âÝ_C í&ŒÞÞÃgÑ—@é,8‰È·&�s�”n×”�É(fIê’c¾oX¹5£+÷%×é؉.£SVF¹|Š
¶	ž%	vº_ŒC¼º,â){óÿ‹˜g2ŸÇÊæÌçÉøæç	•GÒoÏŠšÉ	ÁÓ1Ö\QQfsh¨ç[ûäúFÊ”†ŠjBµ•Å•(tO0VéÃñÓ(èåèMàE]�Ÿ²@ƒ;|ü0Ec§R?•Û=P¶eÓ RÛ‹Èœå'xiß uÔU	g~K×ïÈ‘’©'¹2îSä—9Šceœ*Ë b_uQ…rSžóÀQ¹®¤v×î³ð
+¾Ó£…xs„‘p²8b2;©•g��Þè®;­ó¤Ù>;5Ó³…	Ë|£�|¸@9�®Â_ó,wçì$Ô.´ÑgÂ-=Ó]y±0õ®�fPWDøbC«À;e§‹QAú”lÖDâpèUeáVkRrëED<$Khô÷‘ô•ë‹#ùâªì#à.ñ÷j«=ywCƒˆ˜˜*ȧӇ¿û)ì!®b—Pz=S‘ÄT®ª¦ÄRªêDùÆ^¥¨ã
'<ßubBï�ÂâôáP«&œÊI_rªÉ« ”ü¾Ó+çŸ[™g>l£Oyƪ~ÿîjAßôס7;lÿ~{d˜�Þ¤ù®Àeê4#ÒˆEþ#óÄ'..�YîSh=;êeá(ØÒ—õ»—aŠ›Gþ@»OfÀŒfÞÅâìlIØé³öË;åj×¢çE©*š¨µjè€0íÛìÞ·çg]ÏþskúCw'Âè£þ<Dj—ZjçÚxÿäf£o=ÚÕû�6Jes|I¾IHìËQ¯–O~Ù
hÓ†âØæÇt°=½÷PnfÐI„,óq�Uc‚yÿ¡áœ¾ƒ~r*!c‰8“aÌ21Æ
zEù¼ߤ>7ô–ùì^1G©„P?$óÅ·ŸΟ�­_üóî«¿
™A¨
+endstream
+endobj
+71 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+69 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 71 0 R
+>>
+endobj
+74 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 541
+>>
+stream
+xÚ•SÁ’Ô ½ûÉ!l€d’wK×Ò*/ÖÜÔ“0j2ãº/ÐdfÜŒZž ›Ç£ßë¤(Ð
Åå=zØÞ=2DÒR´Ý#Ú ÊI[¢íÛ/¸ÌrÖÔM…„²œsŽ?˽4Rw2„%þ$tÆj|cömûñî‘_˜rÿEyÙ’&’YuÐìêÁª&U‹Š¹Ïò’·x’] „Vv‚Ô.cüûçAÁ9„Â/e��föÕÖ¸“ÖBfçK�'ðR°„=;õ•Uµì!ÞºÄî†z
+Ii´á`ÞCÞ+Ž«ü
Q¿²¼ˆÜ{GÁ»TMw2F鸥4˜ßûb�œÈÚ;p%§-¡Ü;ÊNyûâµÝI�ΓÝöòªˆû ºÁv�ãÛåjºyš„îC„éAØÓä…µgãB€­¯�P"\KýüD¹±ÔæR*§Œ4›Ô÷ãlÕÏ•Nƒ@Тà„E—s^– ±gœ— LÿwYĺùIêŽ õŽÉï'˜òÅÖû5�¥�“Ʀܬ­êýŸè!‰À7}L×OZ¹°k/ƒFë4h4u‡dy]øƒƒœJìRy˜�Ëb%°¸öáy6ýJÛ�jñp60=B¯ˆXCªu”F8�}MUV¤¡	tÃkZ5$6ælöÍ‚~÷ú5¥—7n÷Š3Âê'6H
+v…Õì?jÜÄ¿ô¿"Ñ»í›_"!O€
+endstream
+endobj
+75 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+73 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 75 0 R
+>>
+endobj
+78 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2373
+>>
+stream
+xÚ…XMs㸽çW¨*SU—@‚ÜÛÌf&Ù\&Y{köT
-ÁË©ɱ'¿>ý’²ääbƒ
 Ñè~ýº¡U'ÉêiEÿþ¾úxûÓgµJ“¸LW·�«´X¥:.ÍêöowÑ/ûê88¿Þh­"ýózcL}¬úz‹"Ýì]ÓððóºP‘«†Ñ»~½QYZš([½ýçOŸÓUjcEÚ7phºÚ˜2.è½Þd¹šTÚlR	ÃÏëRO*IÓÒNƒFnTëœT�Ž=\Q�”eTµü]m}×®Uý8 ÀF��çßX­^¨M³X«„Uv£oÝæÃSU·ìƒ› ug¶$0²²é*7ÁÒÛ½ãCX›ÒóíPÌVÑÖ
¾ÚÕCݵUÃ3¿·õ+ž·Ôi¬ÊÕ"“ftŠ(Òyu¾~ªaSó¿môâëap-O>¬•�dâfpÇ=OX±
+lÍŒ�>Lºù?5/cát¦�ƺj9cÛU»ëyªòŽŒæHÏWkUDß×YUuS=4¨47 •Rø®q¨Ùs(ócƒ`Â!…L«$r ÂDU3Vè*Ö
‡óª?Ǭzâ4„¶Õ3z�nŸ�¾;ð
+¼%Ų˜c©³Èc׳ÿOb
‘0¥¬è�¨"rÛú^ev[m8Zº(⌯Îi$–B–ð5´ƒä[?€ù•ß]ñ7�–�»cR)`Oó8c°ßî>:ÓÑ�=¥i¦¢_»{•'tðT?Bp|ý'ëùàLÔ_‰ôtÇ®ƒ¹‡¦£›mÑoÏýf~a¦@cœ2Œ;eÕໆ�î?nÅ	Áä)þ”Æ°Ó¤zBæâØnÑ?§Säu»È0­c=f�atéïÁÁÅÏÙ!KãÂÈrR¬æ3!`¯Çªíùз'•i\†ü‡#pxή¦ã`¬"6÷üH'vy¤Ž^ö5yp�ÇæH¸sÅÿ^p®
+	
+†N„éž/�ç»íÀ©Ûã80Dø ëÆA„:à{9
ŠéþÚñ"¶¡€àÄ´rßaH_˜í&�ßÁ>÷ê¶ã@h‚‰€ˆxbzkƒîàô‡‹H)�«0×/þæG»Ö�†ÕëEz×Dï6¥ýs%�›Ò™�’È»Šù'e÷\3ÕËŽñl£­saÙ°÷Ýø´çí•(tŽ®Ý:2¦Q'Yî‰qz¤Lpѯ�'Ö$–·ØçË×í®ÞVì50ƒ÷Àà�¬r@߭ЖåcƒMÃÍq×õ›Ýáþ0¬ŸÚγú|^°ØË3=TÀéØNöÞ_(ƒÚæå¿ž=¶*Ôºû5U
+¶�S‘S\¸1(¥;V"ij,F¹î¨ô/uïˆv²ˆâFÅ22Ppõ”Bq3@²  ­‡0�DB!ó)Ñ¿×;æÊdV´XY³?;^A)Üù]ÿé‘^@d	D�ǬS6�ÜáD‹ùOÑWY)Ý@¾(eø!…P!Þ:õ®!FÀñ‚gPÇÁU§ž'ƪï
%¬„k¨¯»±ç-/˜õÓ=ÎJ7³ƒ
+ÅÆW[dÝ9^ú´6ÁŒ2Áý8({�Ê¢cå{¼‹H{Y;tR£ejv³QzÑaà™ƒƒ‘Áj¡Qõ¨Ž@KãÝ�\ûÛ>PÏà<Ô\Ê+"º$x‘?°	ˆ¤\�_F\Ú.š““®YH%‡V¢6´;ÌxÇä.s»'ÁíI`÷ÓÐ0³T=C©fs;ÄUQ,8ZÙÐ`ZËw´¡]ÁB€Óâ[ÙÊ5‰RÕr§lí¬D–_‰r÷ŠKÚèÔ{QøéAz/I�·Èš	€QßCŠ¤.qOšFÀ¡´QPëFÏÀ�u;Ý0t\&
++¹ÀuäAû4,'å\°”�íT°.”¬/Gl9C1øÿe‹{Ù=Ùp®¿0¨ÒŒ^8Uñ?lÜf©�€�¶¾>†7gü¥�Úa0wo8{R¡XöÂõFäWø(O$dÁ`QÍÉ�ËÉ!1LJ�1üX£ç¼ø®O:3w
+:Ú±ÃC«0-9ñÄÏtd—jI!)•-ýÆ&›\3k›Ü„Aw:8ªø752Š”áM~è¸àÁ�„•Þ�»û¯H%’Ô“lÕŠJœ�îìì4 Œ%‘`çÅ	ŸŒÇcSSŽáKtñ"Õ	d¶çÊL¯ÀŽg¦×à…§i¦±·âʻٞc^&Y(ÌòÆl…�§�ù£m@Õ	¾p¡8Å“³Pžc
+ààîWêõ‰M»g.L`6¾Ú¾^lrÛrINìF~žq§€µß¿mS§6sì�¿
+pqþ€¯ÚX”‹ƒóX³ƒ•@ä#Àú™ !L‡ƒ	#vYHr»¤lüäJ‚ïÞ·å9K f?0€¹:/°suF©TgrâJ[·Æ\†ÈÂÑ)±�âáÝ¿Y9‚Â^T¥‚hàO	’Jïx1ÕÍœë¦*~càÚÞA¥…–sÇëäw€·˜‚Æ&ÐÀ[ªÚN…ë_E§¡+C>4u%Ì®-<zíò~Ó+Kž-ØÀUÀáòÑó¯Äae?¸#�<
,73¹¬âœwd‰£ÆU3ò¬¾_Ÿc(P<cè_èBéKt(vÚ–']	NÔüàíø«¯¡“•Ì¨\Nù†Ý¸…ßGìœj01ßäã�Ò»©Ü”Ñ/Ýas=¤ñ«äÔ|ÝâÒmy‡YÞ–ý�¨5ÂÞÆh©´ÒâLháŒ^<šù;ð«Yò«A~Íx0ñ+Œ?M›‰bm(æR‹Üpñ’ž{¸[x¢È¤™"ðÀ×I�Šeëˆ_MÝ2AE6p•À·p/		ç�À\‹î½û\óžùôÊaIN鎮x<yg›%&–Ïï©0Êú÷™]d¢°¾p"™û{�ÊËgè3%‚‰™"˜,#r�Y…Ò»ß{(pj
+¬S^2�‚È»÷àzÚŒŸôˤDÌý°ñÁ¶Z¾™µÅ“fª*z®*KŸòɈ‰÷œ›‹s?-~çX”(‰Ûÿ¦%[¡%Ö"σéüNÞª)q“¥5V¬ùrä†ñÙkÂÓƒÛtOê‡qÀ™Œ��`'I»I„58–ò4‰›† (f¥ôdÁÎE¡#Gi
ˆáÎgÑ~ûƒ'¸ù@œQK³C
+ÏÉZ§ÁŸnÿò_鹘ß
+endstream
+endobj
+79 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F7 41 0 R
+>>
+endobj
+77 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 79 0 R
+>>
+endobj
+84 0 obj
+<<
+/Encoding 14 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F9
+/FontDescriptor 83 0 R
+/BaseFont/UQXTFS+CMSLTT10
+/FirstChar 33
+/LastChar 196
+/Widths[525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 525 525 525 525 525 525 525 525 525 525 0 0 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525]
+>>
+endobj
+85 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2505
+>>
+stream
+xÚ�ÙŽÛFò}¿B	,µ1ìƒWž6¶Ç»� Yà‡æH­±)“”ÇÎקª«šlJœÑ<±Ïêº/.¢0ŠûùÏâõÍOïäBDa.7Û…ÈB…¹^ܼ½
’åJfi¯‹n·\)¥‚ÿ™­iM½68ÕÁoE½”ip,ªå§›_z'ðv”#¤< +�‡™¦BÊå*Ndðç±éËú�®ø�k|Þi︃+	·ÊŽ¾ÇÎlhÔ7ôm;A4¾.e\A¿3´Ù�ŠÀ¬K@Ò®ìMQP›-}צ틲æ	BÛm±îMÛÀ¦¥½Ç¥L`²áe‡ÃøÞÎTUˆ´-VLðDÄS‚Tk`žÜ†4!òp„ ñ»)»â¾²Û‚ÈI9öXkŠ~ojÄ«‡Í<¶ˆ,îM‰·�NH»ÂÅdxéК¯¸�À2¬5�i¿"t@É"Á"Q¤&�x˜8‚*²m›=�˜."æ­Y7uù—%æEGZÔ	+ÄFÉ ¨7´nÑ‚sghÙE ao€ššo‡¢îʦ&Ö#ç ‡šÔﺠ7%•“ÔáKRÓI�Ö(žM&
+ ²à.èŸ~³+öe</iíö­¹“qZ—= Ñ}Zdœ
–|GÝ-éüɶoN5Ó>Mš9¯<È­XÕpÀHkd%ò×öÖ»gbÔ,ÜúÊg6t¾ÜÒZÙó·cØ
í·æ€r·ÖͰʾ3Õ6\®R-‚�;س'lÖÍ~? ±+»¾i¿ŸèÑ1ˆ
+ŽÆq°-Öe\3ˆBœE‹ãÔ"Ÿ²úàœ,�°(pøÁ¬{•y¨èèíù}»üžÈ0(N8‹²ÑY²ÁBÄwK»šZz¬cÒ£cZ�ª¼#T/öè9uhYêxÙ+kÔ]§RWtóØ�ç¬Ìgº®Æë¹#wý‡3àq˜JÞü§…—xÂGóÝ
+@wÂÇ1ÙU2gWÚ'-ñ­
+
·
+g¦C)}©‚�*AÜRèÀá œ¼[f`èNðd-‘³ØBÙ5A¾—öMË›°Ð²êh²n µìÐa¾óŸ™ñ
+Ú÷
+7;cµM(V;�
+Ý~qîZìê²Ûw?/WI$gµEFI˜i�éÖ»l‚9qÀgBMsä']½b+*!Ó]ù6˜mš#Æ+pãäù]¥;áY€&�–À9h”†èkBÌõ'�Ñå=�2»ZŒÚÊúãFÔM½rZ‡ó{òÀÿï*R‰<�Qy!ò0v¼»»{Vé	¬MàK®¯ðŽ÷”ÀÖ„÷!±÷}O{çðÝ@‚–‚ó¨hòu	N«¨Ž†A(aw…ƒàÛ2¨Í7û†&a— zŽm›ª²iÌ#
+#ïcÙïh�a�4¾­Í�í,—üø„ƒ2Ët¬ÍcUÖæŒ�€k”ñˇ(x¿%�Å9DPg1ˆäI�Y˜;�‡¢lÚ�•¿Àdƒ44�B1ñ¦ðc"ýΉ® _¢ðCÛeGçë¦÷½{ÁÁ&}"êË4ä¡Nø”{æWä9ÎX@üô±@ìx!cJëJ�‰ñ¾#[Òe,Ã,ñ•¤´)dv¿eçr%?§Ýœ¦VÌ)¸WŽ|µCTyŸY
+y$%	ºfÊà(Ø@¼¨Á�nî–/õœº`g„.áOëXžóàº^WMGY`žœ%×*�L¼qÏù:\#¿Eëws®"ËC™Îà9O�©‚9±q|…	{ƒ�ã*ظfÇ)¦‹ø5œâLŸX3	8ÊïKF¶eEêj8—¼ÒR[w	kŽôaŸ†û_Áp–F¤ï¸ÚX¯¶^[šs¨ï­û°cjºrÖ:—LCè·Çw†‘­Íæ,Õ'jîöwV1Nò}S
Ÿ*OÕI‘:½¥ÈuI�ô“ê”ͨSÊꔹÀãÜS§l^�r
+çÀ~œS'5U§tT§„Õ)uê”ùê4	ŠB†E©¨ªYH•€ð,žW¥Ä©RâË4u
c�'
Ömáß9úr˜H|õ,ýüÚ‰I!�ú|Dr
Ä…øÏh€«sä³'^˜&~½�S›0àr�Uõ†£’T1†M�Ýç¸�N«çÒñ�:°ìX
+Ì.A¾qœ–“*žãø³$}‘*ùø8ŸÃTŒ…Çç€j
5?¨Fož´â±Bµ·œBâÆ`j±gj0æR
‡P!¬\®$B¥ý`Œ—*Œ)¸Þ~ ò¯�m©€»T*àžH1Š­´Î˜áXú�£óÅ$rü†d‚cæ”BX)„sMM
S“n͹DNÛ2ö»˜’KtÈ`ÑßiÜ`’ %õšp�Jfé§|TeHqâ
+°Ê�ÑŒ€¥C>óê’•h­æ,Ma¨zFG¦ ô?^²÷§±xÞÞOa4íLÎ;:�¦¼i”Y‘ï“*õÌ}!^V%'ÊeØœ)�·fÙ²¾�Òr8ÛÕ ÍÀ£V3ì`K_ÐŒŽoŸÅ5¸Ë 3Η¢¿Xùx¡˜B険Rx§j9Ugž	×Ь›£Í44Fy#Ó¶#®Œ]T<eKsTfÛÓþ±Þ7öΦľ˜ER˘Ò=ø<:¤;Ú¦;)¥;Ú5€H(§-˜¡´Ló12f‘xtD8¾çS&ä6÷v`HÁw¦¹
àŸP�{Cø°eœpòiCèL�¥mÚE¹×�QÀŽ¨Ý6íÞz!€‡•é:ÚÇf1~gLH{1ó‡%³uàÇŠ–»‘M™ðë؇Ï;öÙ}þz5õ†VŽÈ6\9O	Ñå§a>Ign\	s欥/ ¯Ú™uAJrýBâmÁÄ׎ú´Òrø*‰Wm¯(ñÅnáÔpeèEss.­
í<Ù¿.DdìŠRsg–‚éò„_wŒæíÿAàÓ¨‡+ƒ5ãÊ£pTr�vЊ8µbhÄrGðÔiAd7àŒI?2|ì*øQ›vò‡XÿéÊuúXSDþò‚US…ñËïÞ¯ÞŒÆSÿ�&¬�Ø�ä?	{ç„ÿàmô¼[+G±¼âz4÷;[cJ•ú€‡/ØxÌÀÏÚ<LÝ}Š€ÙØœH¦Ù¤-@Æ…8bKÃ*¹
tÑe릈Æ{Âg}L@yècú({HÉ4TÉدT)!V%tRŸô"'žaåõFQÙáîiÐÓ µÖªbíN}Gb)ºàj2¦]®£¨´ô†ïö@wÑbDÊ ÌLÂæü¿‰‹ŠØ™/Gü:to¶¤ÚÞO÷3«e×µ1kŽ‡†oî‡ÙØøûÙ>}ó�¿
‚`³i
+endstream
+endobj
+86 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+81 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 86 0 R
+>>
+endobj
+89 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1912
+>>
+stream
+xÚ•X[¯Û6~߯0°
u€FµlÉ—¾�szÙºuXòP VÅQNŒ:vf;=í~ýHQ²“ÚMӧȺPäGò#/`Aà=xæçµw»|ö*ôxÀ2î-·O=±LxËïý»�:tº™Í£(ô£ç³¹Ò¿Um‘ãTä/vº,iøj–†¾VݱÑílJž	?™ý½üíÙ«h�>‡K¹7KÍ«•¢='È„ÉÌ̺*uÓÑ+
rSn\ÍÆ‚éÔ<™Œ¬èõEÑk•ÏÂÄÿØT®¯’§/«Z‘žºÍÕ�4¥	sÍN5*ï¡\ùUmÌþÍ‹{Úw÷³„Uc{Q�mÝìIÞVëÍUvUVú±,ªëj.JÊUÓêÁÂÒhˆ•ê*‹»‹bwuSüWWˆr§J¸Së«þtQò'”	
Xä?*wµº.öJÕàÉEymQ=”×�uw�·hSv"’%‘óz5œ¥±]ïvö:]<ìôóuÑH`[üUÀ?îêÖø4“òú¨i¥hiÚ
+~
¹“ø¹u¥Àý’ö}Ä O(%“É…CP˜Ûõ•_WVƒ®vW6ÚNmŠ‡¢k§T`YrîŒÏ#ä8gÂAóë¯#EDÌxt†\6F.#—
ÈeçÈe¹Ì!t»ÓŸÕFçÅÞ@G¾]³ú"pÑWÀÁ�uCu¨öã(®Æ£O™ˆ¼9TN �.ßCv"Êó‹À~¾ˆ«²lk™ ©ËùÈl
ž|S¸t\uFÚÆHÖI(^¡`!¥Ð²O‚ÏUm€nMÄB<–¶j¹ð¦�›äÜ<¥}ʮۯR`S—¥jÜÁ[XvÊÊ·µ#rQÛ
¸X“õŒŒãX˃�£ÂE,	�îà)ÈÏæ2ý7˜T\ÌâhÊ}"ýå©QVWÔãLã�$àÿ(dqfÄß J,9®{³iªíÀ‚Æ q®7ne�ª±Ø¸ó	Ù#!!$?ŒÂ)™�¼÷˘»j{ÁhÄ<¥å˜\‰ž¤s¹žÄÒ
n'�9ÅFKRüKs	àdÌ’¡¯ò¼n6$>�,ü5Á ?6�uNp¿¬Í5è
þ	ÿ~ûghÞ¢‚!µ(Ü� ʘt™V7£Ãü.uþ|»¸7&�”Å¡Ý�.§/üšY?ö:BØ€ïÒ3ú€-u£7;NA惛ú¢3øÆe˜ w8ØaÒ5‡Z<—u½;¿p<É׳À5Ùdb\€’€ùxQïAT”Ý~i;½Ç¾$™PÂYsÎìuÛš¾gs¥­~ •V—:7*ã’Kwxä@üõæîŸß_.7¯_.F®€hìY³¥eR=€lm"K©ÿîiœ"ÎxrÅy½Æ�ÖTjoGõ“a©7?zCñcÛÔû¯äœ”3H+lÚð(Œ»È]¾|·|ñö÷›û?ÆvsäŸ3»Q4ÝDv?µ¶DirrÔ³×m[¬K$!xé¨�M[ÓO{\…1ÇÚ&È~œü0‘-œ%®õ`ûzL˜	Bm		}‘Ú,q_0ê#}1	9‰K
+y,AØ÷´C`Fˆäü¾½r,‰Wi“MÂ2 Ú¯;ËxYÀRy,S
+‚™c·½¸ÿk¤b’`�«NÄ™¡°=Ý™jd¦Ðg{†¬â$ë`[©[„�Ñ™:`dP6˜1¥±pU–Èð¸*;µûT]WÑ+WÑŸl¡ÑUŸ�
+!§³ë0ØdÑÎg#A')‘B–9—<{cª€÷r	í�H¼GH´«�”…ÂÛÄ4Ôl'JoáÝ.a66½Î
+zÉ›1tàÒ±r±ÀÁwZÂ0²fÜÅ€ÃšF†÷�LDmÌ]½G6�¿k'[qÚ¢ÜWÔÕbfgºªj^P)ÐØöôúÃÅ€Èä©e=Û™›?ÄCñÉ¡ôì�íÕ+×ÍÔYÒŽi®7•“«ÿÉ�u–A»–°èŒ¸ë%†2“<æwâ²8e2ì	N�„GÑ�˜ëcQvEE•#Åê
+C+ Mö^h™iðþ_¼fxKÒÚ¿W@í`+GæGÙjf'Í<Šj6¶€çù©½¶1{(ªÊ0v˜¦ÐÞAʚјŸ“˜¥.~žj(OH‚i[w;ÕÙœVæË4f`è�Þ«bPèìMa„Áéê\hæ›?[h®¦ß¾ëÄ�¾32H¤ͧ8Ü ÞЯO²HD_ið©�~LW]GØêü@$rhŽ\UëC®b$ÁžžìiéÓ¼fp°Õô°¤“F,”§š®5†!wË,5/°‰¢ÈãÓ:ŠµS;J5ƒ©ôÝ÷Kc
+
¢Þ*z奒ÒLR
ì6°“Ò˜ÚÆq–öMˆm)]ÒD<öc䵈Kÿýý¤\X1ÀšŠxf3ÈÍìÔÖ°Ì(úÙè6o
+g#§¶Mâh¯>š€iiƒ=èÈŒË)+™­#?ý¯è·M
+endstream
+endobj
+90 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+88 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 90 0 R
+>>
+endobj
+93 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2608
+>>
+stream
+xÚ•YKsܸ¾çW̞ĩx¸ð‘›í•S›Š+©µ*IU¡8˜bŠœ¤m¥öǧÝ 9âH•\†x4€F£_÷l’8I6Ç�ÿüyóáæçOr#’¸››ÃF‘Æ¥ÚÜürÛ�,òBG*÷¸Ý¥iýf¦7mm°«¢ÏU»•y4VÍöþæ/?¡âTáN;8@lvªŒ¿YËíNg2úòhš–ç:úØ==UíÞÑâ%
+yØ¥I¬…_ýè4röéÔàÙZEŽ÷�ášöaš±ÞÊ,B†µŒ*Þ<]l®Ë8ß$~_S?vt³Š>ô©W,iŠWÕ]ë¬Øè;<š;*²ƒ3
Sº¦éP`ßñÇì‰Åì<ã�›�”e¬ŠÍAhVÕÇ'ãÅ<¸wÄ�3§ª¯¿�çÙom¹SUûÝXŠ"�ÓÜïõ¹ë‘E• ‹ ÈØ“$iœ^Ä÷*"ž•!êœ?æü­á;=	‘�­î«öè‡îh@B=QÚ–îXœ¯‹×ÐÑ·­Ö°�5Ãt7EG¤—^µvžÝŸ¶;¥rÜÏOñò“%vMc[CC�âû£­qý#íI�ãÝ8œÆ�Û|PÏ/
+�ÚÆŒ£‘iÛ.÷À’àýÔ|?x&XÞîßÄÚ¤‚ "^Ô'êv=Qá;Ø®­ÖQСëáÝ9aØÎ
ƒ<‡Écß�'ÛãÉ`Ó8)
+ÈÚ¶ÙðÈÿ¯ÑÊRM"Ë…ià„uôõâÃÆWKSdS8rF~§ÉÀ	1åS熰f0múòýu¸r4ú¯‘æŠ×³cþ=zvY
éä””¬ë÷¼ÍÂä°;Ûì¹kI²X–ì%šªýº’’,â,e
+oÏI‚×y²mØ]M-KI:ˆƒ�1–VJf®	Ê€^o軆ױÓ]ÏDwp
^üñ±:íX)È@.e0xmÉE$ñ“D·¿˜;©óÖ«Ÿ»G®�ª£¡ùônr×:�n¼%ÀJ¤ïQòØ	²$ê£i�«¦y¦®cFk‹k¼IÁ’Š>³áåèBh�
�:懩G�Ü»‹æöÝ�dql£*ê�g+eÇ�¦óÔâÍq	ŸÖèª!Ø¢gëʱá.}ôì{Ó¥ï%É€WëÍ0öh¢:‹ÜP
££6?’|15JšÆÓ8�5�ß^ÿ°�~ñ+ýSdÓSI*î¶DAa‰\"5…Î¥;ƒ	ëhÕ+&aü©*Q¿Ø®ø{ê}Hûf÷¨¾*™ã¶Q¶ÞŠe¡ÙN�³?VV’Ê8[‘$ÀÉÊÔ@iCÿ^Ùád÷«M”ÂXJ4‡±õ2�))¼¯Dæ…,V;çy,yÕiR-`@œ‡Éví
“X¦ìa€?*ÝËë3›£ Æ
+µt«o�mÀ[Æ„”q¡_e-‹“Œ'/¸~ÒyçŸMΟ
Ûß1˜ÂÁ>˜¾éö%»ý•[q¤¡™¢òêµù„7·î,"N.{
`0M—È#Uoᣮ˜“ipÇ¿¯AßüÚW1#´²ŒËbmÙ)»þ)xˆEãé
++D’â%W‚Jã"[î};XâZªèvwº¿Ç&ø�Ÿîii9/-Eœ‰	Ÿzi¬�FË8áéö÷Õp®(Î÷�oîÇñýJh;©@«ó•ˆÐÊòmo!:2Udh/“oB„2H2Ñ1zì«mÁo^úÍV´¶z±’ºKü7ìÌÐ
Wc*ø®UPiÍ��´‰™EС4ܲÂÓ2&ów£dd&§©ÞTA_‡ A§Þ|³ÝèΔúŠ©Hvo…•o¦ÿòèbŠ¾/_²T±NÁëÙ
+«€'þ¬®FgíÄ>(ây ²µ£>	6™ƒ4žz˸�y:�AþÉúeÁI{“ÇĆ*^xá6	—rˆ@$0ÑgŒa¿ûÞH"è¡BGóÞ­À×4Õ‰²èÜ¡ô²ÐÊ®ö¸<‹üƒ~õQ¶ ûDR†):9õgC|ŸÝ`ž^(“žxªðÜŒÀ%E9;-h“~@c©Ð%ìQ
îž	Áw‡‰^bnÞrwZ{q«=®ˆŸîÄ öZŒéœ£É‰¥)o‚6;@ò“™ˆuº4ß<Ü÷fRj‚~ùýö4ºÄÖÔPqž½	@]ËÉ3�D$áÑr�q®zóëçëOûíóû›uÄþÃy!­|ÀÁ´£B‰<Sg¤>¿øž|ߊ®5E¤zB•Aœü‹XfK帀�E=r

:9?Œ£Ä¶mé4z? r�ÝØìiræ:{ëNMEÇQïËÒ (ÌX¶Ñˆ	pô–KBÐüǶ�A6H/)9ãÓ¤Œ´FÏ(B€‰|öÆÕ½
*”Þa‚/ˆ„3ýK؆_")X®Îó +œöYC	èëMÇi\„“1Ÿ°]ð¯Õo€
ï!(»�^H»8¹JáM!\.dñd}á(Dµ4QóÓqðÁo(ÊÀôÃh›Á¶>¦ˆ¹\D
ÕÒTÂ'	�œ1›—�ŽÞ·4	áËô†\Z†.gñª`Òs„À÷,4ÖÇæ^WmÛq<d'G¡Î™�OÚóJ¹êWÌxs–“ÌWÑç|

¦üQ8òAêUî¹%tÑw-VôüH2ahN
+Žô{SjÞþK|˜aÉ"c
ÆñònËcÌWx«ËÉázzsˆŒ›æt
Å›¬�£w,”…Ì+⻞pò8WRr*†yñà';×"¹¾'­Ë|®èÈñnn|`Ý”>t²ˆ³—"Î'\ªÐJt×!¼¡£”ÑuKy&¼dH¶ñu±±
"YúZD&C4„1Ê_±5åÛ\b±Š>/d€>)Céà•�ä´Ñkp±©<ÄPËj†’ôÒ*ì®^p€
�rlÁ©:Z=\ˆe¢Ìç”S«øÆK©•V;Eud�w6-ºSæ+Ô! 9û~è(|5lÜrPE Ÿ¿pô_|ðƒ'ÿ@>‹jEÙT+Ê"-¨X”´ïÕ}$Sü÷)Å2UDE¥;ðy$ÔIµÙ|®˜v*Áä‹+=~‡€!!Ú@ünFC`�kº`c
+Ë|KGÕ[£{{|ôjŠ5J*Ë,uh¼%ëI± Å+Mz	ôm×îþcz&$nñ’:§‚/ÎÓöÀk韹t.ZÐ1—â³ëôì0bU®H=å�r¢V’å¡à&çÁOI½~Ø[ãN‘‹¹òðÓ›	6
)Pmö>ÓXž|öŽhõ:™'¹@­©@mË_&Ë¢¦;Úº
+Ž:ϦÀÒº##&%É=à—W«é�tqHJU0ø|ahµç9êRyÌ£+”«H9Y“ÓXH¼ˆJJN�$Ç	¤�Ÿ‡m;³wq½pgSØX—(Š0ÏúoÈ'¦hSÕ³"2^`
+m®oþð_ánmE
+endstream
+endobj
+94 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+92 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 94 0 R
+>>
+endobj
+97 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2183
+>>
+stream
+xÚÕY[oä4~çWÌÓ’‘o|Ém÷‰�HP‰‡-îŒÛ	d’�d¶[Ä�ç;q&Ù¶+žxi<¾ŸëçÏî&fq¼¹ÛØÏ·›7W/ߊ
�YÁ7W·žo¸d…Ú\}ý.úê¨ÛÁtÛ�”"’¯¶;¥’è�îË=vÉè—£©*j¾Ýæ"2z8w¦ßîDÂÛß®¾ù–£Ä¸@é;Ø”ovª`¹Ý@2Áäv—¤"ú¡ìX)³$jnéûUs:éúГ˜PI…îDÁ2’ó%M‘ÁβMl+�¼!R¦„›Pâ¾BDš>½ùëlê½Á_’”�Þ¦6®ÑÑÀ©é\O[¶`r™ª¬Mï…´ºÓƒ9Ðä›­È¢ls/i=}ÊÉ"›®§¾ß¦I•³´pº¿^X–°Ìöù(C­Èà‚¥ÒÍz±&BN"`B&–ËÍBÉ)9Vcñ(s)"¢ÒP1é|)ׄøĹ›ýÏ?«Â’™0AªP£i‡²©uU=�tHáSY»`È Ò‡&Ù`È5ó<Ÿ4ý„³>&CLQyñä0jée� Ùµ¹Çœ[Tñä=F
„̳EÃS–R‹Ecúõ†š¶Tl«q)M©øæåj�aÅsƒŽ¸PP˜p‹• L>3æ$ë¨1”ïñ�¡¨]]‘ü¶3{sÀJvêß6UÕlEÝoÑ´­ðÙ€í3Å”|Vð?żO•-ê{ u�.‚EÂDJ%˜Ø‰£ùyd(]œù؜̧p ‰ñ—4!)’Ü¥“R©ƒ»d„»Ä']Oã'=B[éÖ!˜îh´¬ÝÀÒ‰b2y
+¢ý„¡!9ÀØS9Ð�½;,Êeh{ù~G¾à«L…¾Ò•©QÓ�¼cÚú²ŸÞœÊ}S5õG|õº%Vv:|ÜÎôÃñÌÀïfbé Þ®$-º¦¢‘æÓœ•ÌI8ãÙssGòxÚ°wg4le>˜ýy0^ÝI%2†—ñç�ãú‡z�:»¦nνEU®(´<µ.á�Fç»– ‹èêhÝþûgÝ ”ûš~j×MJ•õý$­@ìäb”QO£Öxàa&§ãðF[Uÿ¼ëš3™4wT2¹‘ùƒ-gù¬ª®H9ºŽ‹èÐö4R7õßc}j›�œÀt4>x�‚r:¯E’Õe´¡Ê¢iܯêð¨Ú)1©êiBé¶��H£³¹ÞZ—gѯGÈp´‰HÖdÐÍ
R·xž|Ø�•âd6ô~(=œâ„k¨CC#ÄþŒúÞ}O¢atýØ¥Ò,jõ�[šËë­íÌÉFì»êƒîN‘º=;Љ62“j5azV„ �€31STîò_å`ÑMO膽ˆnøÕµ«M”`>´U¹ÇâüÎJ@Nd£ÌžVù!,pü}Û5§E©^:ÿåÁ¼YŸ!‘ÉÈY"/iœðˆðNÈ8ä”Bòéà‚!MŸ5⑳"}îù…’æ±áÐÂmF§„
q‰Ìê5rD¬nT+8õgAM Ö¢ ¢À~Cµy¤3Ôáp#HgìÒãóªÄÒ,`7Ô¦½R®\al¬T
´mÕHxxH~(‡Ëi
§Uºhhªb9¢èaqR¨=€YΑì_°{˜´Æ¨b&óÇUÀ‚P°SmMšŒÜ¥Té\0†fp(›ŒîS9õ
+²
+Éòà0wæ�3CI’eÜM¥RŸ«”1.BIîª÷Jç?‚¨®[Û\E6
dôe½Ø‰Ç)ü¥wÊ^ƒ´#Œa>êË´�Dvå^vÃé†ß¥
+_D"�@qÖbn¶w “!GÝ®È1
+ËíIJ°SÄ¡à~d®+‹Ûù½	* ¦�]nÎE6Ò×¹•³mÝ*ÆÞï0/<5«O_x›®q8(�ÃlFVW›±<<‘dÈ/ðŽe®ÖúƒÛø§Ö—Ø	¬ü?–>uSï0z´Û%¼®Ä4„Ê4à;i�©ÍŒeM?D
+w1€À&êѬÑYêÎ�ÔgM:¦òRápšògH2Á4�~Y1RPòÌxÌù$EUØâ9�¸„¯_Ó½¦
qh‘$F–?ýš&Ã×4Zt—#—Û�DYŽ0±9èqÇ?öµ]s×éÓÉRzZ[÷@T÷dÂ.WYôÍHTšNôü†@þ®¬{Ï
è„Õ}9àRa¯
+&ÃÑ`:b­°¤±äï²Í›Ó_¼ÛÎï^8džÇ,éÃÙÁ­ûoðèy ÁÚËíÆÓ©©dø¥^sbNa¶ï¤fJ7mû
Ÿ^¬ËìéækšÌ(*-ñ4¼ý
P?ÜŒ¨ñîç`
ô$Ž=A‡a‘\o©¥ûž®:ûR�	zÉi)"Ï,ïÌmz„ãº(ßí´¶EÂæи.Kó0µðŠÆì·S�zxžüs]™¾_½üxv_ù?Œ=™t]yº39"ðÝ�Ÿ:{s}_ðþ‡=UCÁnm¬“˜IŽÎU–þJz‡¤5áEE5²ý'CÕ áJxròÑIøÅklû‘2˜ü6Ãz-#~œÜ¸c3±Ïuùžä
 0îè²™ÅÛü4¦�7í¡pn],»ayÛ:L»	Ä«¢tôÛJ9ÃñðLù±±¶gÂe¶î�¦3T‡x?ϸõB¶Ê¾ã‚ϼ-YAΣ-£™º3™‡$;+[*Jì oŒJ¸8~îÖÃ%3tÐð‡[f鬘Ú2nQý(5€å'Y˜�i+½÷„€Ê•ˆ€™?/»W=ò¯zìc7Z8£2+ü\åÊm6c‰ç9Wž2[c24ÆßíÄ©/·És–x⿾…øþ9#*þ†÷Êz⛫Ïþá>ë
+endstream
+endobj
+98 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F8 61 0 R
+/F9 84 0 R
+>>
+endobj
+96 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 98 0 R
+>>
+endobj
+101 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2278
+>>
+stream
+xÚåYK�ܸ¾çW4
V
X\ñ¥Gö’ub @Ïmf€È=j·µ4‘Ôko~}êAJTKÓž
²‡ ˜ÙT±Èz~Uœ]"’d÷iGßvoï¾{¯v2…ÜÝw2ßI-
+³»ûã}$“}¬r•Ûèm9œö±Ö:ú[u¬úª=TøÓD)۽ʢKÙìïþüÝ{=³ÊS¡³]l
+‘·K;ÖŽª˜©´ÚaŒÝù\¶OÊ_fEæ¿ßÇVÙè©[±S¹Hµ£:tíPýóRµ7˜J˜%6dk€m[1a ˜Xe™°jËTHèÝ—êp©™I�B^Ý
µt}�PïR
+ë/^ûØX5]û‰gå°:Å¡²—ðÎRQŽòäyƒÝh¬¾Ô#ÎT4Œåx¡Ý lÊÖ ¬ÒÒÆϧú€2€ÐQ�lÀm7òä_U߉}œÉ"º;U¼ÖWã¥oyî¸ÓÜo=¡»ÄYwÄ1�ÉšrpdNVºl^³b›<±³ÖíZm™ÈÓ_jœ$Eþ¼é
³îz”Ûvä±E÷¡oŸ‘/*\k5ÝL¬|0VJŠ¤(„Ò^ÙÍÚáêÖÛ‘tŒ§
?óíË/|Lwä³Qi«ˆÌу“Gh%Ô¬Ö17ün}ïB¢cQD×Lÿ×C¼øÿqr�ÌøP¶YâÜ,›Cç>Fq^»qô„|Ø5³È8”q6»ížÂ™¯Ã×»ù/ůžâ׬âWcü¦¯‰_™j‘™0€�ÀþW
ß­T"rùêàÍaMèëË0ÖÀÏǶ<¯¯¤Ü=Á½7×Õ~¥Ï]¿�ÚŠÔS!_Ž{„Ï‹Án2‘¬RÈf¬ërÍ"ÔŸ¢,#=Á(qìUÍR„ªÏDš–Úˆµoï8+Î) Q¶)�Z¤€ÌÛ¼ãªXÉ{‘wéAYÛ<:WgôØ�Pµ¥Q…$i‚AD¤z°ÐWÃ¥¹n9ÈÎËÃ\ÐÔÈ‚H}®ÇÓZ-�ÙfÏPÏ0ž/”EÝ…4’äÑع‘®“Ã¥ï]ãBÆ’dncÕC62:�~<2ùß×9>àr§m¸¡´")Ön¨¶ù[¾¥68�Jœ<ƒæÜ-�j¶¢+f¡B]¾«Ù*T•ö΂G« ˜`ä–ßè+¿
îì7À8ð¥¢g,ó£n¨Çºk¡’'’ç²»ŽäF°u<•ÞY °·6Ìè)U@2«H1‰¢¤©
+Ω8®-f-´“Á(M}óÛß³®H²Ù¾åcNåsýH÷®À&ôs`9ªCý lV=1õ\«b‚Õ
%äZºòôþô¥Ç¥¿Réæ40<¾aÑÈóEhÚçòòÖE$Ó‡=º©ÔœÜq̓¦2É„†¸Nú‚µÑ2hâl"ƒÏˆ¸Æd°À ‰K“Ï0›rô|Ø{ĺ0ÆØQ¹l�ì2
â¹IÛñ·z¬Î/¡Mpä³3„?H�kÖán+ÇÌQ©2{UªÄîÒŸ?yóòzyµ¯ûc%	Q!G«S¹‚ëëB¹jŸ•4aÀnKÙ€ÕÛrtÜ lήj¸
Ïbz*
+!>ûc×K—g”=¾�ÞR²¦a7J±�x÷«0–øxSörˆÕ„œ«*…±Á~uÈ¿¾_ß<ÿaÿ°ga^.�®µ¹.¬Â€}Mé_dB-Jÿ÷uOh¤/[‹|ÀrôÂð;'Qª�Âb6™]«<ÌmrVùrüio
xÂ¥ä2–ÊÃ
"©ÆF
ï@èYäó¥úKC€
Ó§*öI::
cc8ôµÃSàkRåÓgÓa¬~æ5—-q:eKü
)Ÿ'÷NUÓðü‡I�¨¨Âº|ˆß2Eù0×Ò½ÀZ ½�ÆýEMZrõ•ï-©òP‘)eMêWR©
Tšbf~fUàRó3Ó]Ûë†i¨��1´ñvìð�’ÕÑ;�¨¤þ°Å„9Öç5”+='ÌmÁ ,)|�ŠAÁ®€cÉt.1÷3Ê&‘'¯Þ¬}Ò�•_­!ôÜop26EСÑÁ„AÖC™qâœPA5^,ZL:2¹eð\.#G¯
žÌodp™,#‡*FË£¤VŒƒvNŠðdÚÈdÔ�ë‘aFCÌ“ùá«‹’S‰~€¼ø”®“Æ\¬Õ3µ’F2£®M§´;þ$ñ¦©{4Ã…	º`¿—¨â=tQ£\äßÙãÒr°J ’¹fÛ¨vðv/¶×s°î¥sa¦7	*<B\
 :l²�€lղ˞-rÕõÒ×ÙDWÀ]·l�ySs3¾‹S)¤âþ;ŸúëU¯ªæÖðc_•ÿØJ#,¦VP/ñÛÎ�>cÝ^ÖHbŠh?^ê¨È]ŸZu"çÔŠëFH^½Û�å+^ui×ß:6�o¸1á$‹_´FœDòsÉêd‡„Þ67¡)�³./ƒÝÓHC©¯ï6HÓqõñìÍ�f…»Ç‰ÿ$€Ž
+=F$_΄”t’Šk	ÿ]û47™Å…aì/‡q
Õ±ãT­}ýªO(üÃ>ñë/(™ù¢dðú'Ãúì•oŸi±|¹ »æCv4‹þò?xe7QÐI†Œî«fC„ðùöÜõU|[™´à¢æÚD‚×(¢$±ŸÅY3/Ôüfòý£#¡^w)Çpûz*ðožF
+’×Ça纨¬ŽõF=™s§8ùÆÝF+¯ìMçßwƒ¬Ki9¶9¿PàdÝ°˜¼–¾Ý8:B�-8÷ˆ2ÂâÁ1ÙzzUk‘ÚMß{Åã·Î�ó‚æÆa;K„íë³úoâ+ߧ4Í|XÉgMU’{7"
}�õ‚õ,j«º4:­\#U˜a]‰Òl¤ðíüJ^ËŠÆq®¢hµåïJçlCúvtã8m­³ée
cgAdá,¸‹‹ßFë
]¹Æ
�ŵº³d.<—QI†^k2ëôPI—‘:”Rj'’to
+8™R¬ûñÜTôx§¹q>°{w÷›Ömðh
+endstream
+endobj
+102 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+100 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 102 0 R
+>>
+endobj
+105 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2728
+>>
+stream
+xÚ�Y[�ܶ~ï¯,D[ì0’HÝâ—:­�ºH› Þ—bm ÜÎŽ�4Ñ%kþñ=R¢FšužHñzx®ß9Ú„"7Oj~ÜüpÿÝÛx…¢ˆ6÷‡M”o")
+µ¹ÿÛCð×£>÷¦½ÝJòûÛ­RIðƒîÊÉàýÑTwßÞæq`t?´¦»ÝÆ*-TE·ïÿ±I2‘ä›­*DN§þG¿{+§K¥å&¤ISu†ç‹i>NE¢ì]
EµîÍv×Ô�ùm0ußñÿq$»ã[ 0ʃ²Ã¶Î@¡©oã,èï`$]ïyª?î|ˆ“¬ÖoÜ5§Ó¸¤¬¯,½|Ó6J"fÐJ1;ËÃ’ÎTdŽÎ¦]%>gVöǹˆ#»`Wé
˜·UyuÇÍMÝÔÛÿ™¶á/ó©ì±—]"ë€I¬ðM5ß <Š\¤Ùuæ#WæÂQ^Òôf+ÓT)s$á7}2»¡7{
5÷ÄTP¤Ö€"!§óÈ’ÈýÒ¶Ì}èðKp‹¿¬9\,«t×so&íæëЧ¬iY¯™iØ+ÜÖô­à¤z_öeSópo:8ÉöÛÁˆ¥F !pI�2#‰i§ìçxsŽ'vŸ™Ñú#½P’È÷ä¹Hb§k7øæ4ñŸØ}¿¤:OEŒjœŠ(¿8³˜)bêäýÜ´ûÅ91˜¿{*Ü6Iðð!ø¸8¬'qžu�z·8Seha¼æáËâˆ(Qöµ#"!�
~B|¸]#մIJk[• P—ge‰p×½z…‡ñ+M§wÖ%T¾ÎK_>ð,wásI6ƒÎTf×—¿ßÆ`ÀÕgÌ
+§Á“º/ÌWÆB]%Þ»4õÌ|×´à$Ïàdzµ¼~²43»
+Éùµî0ÿVP±¬˜X¿�Þ<3›dâ¿_N¢ï�-7Ë‚“îwhGÓ-îÇ’¥Žc¸hÔÀù±Ò-BÑdIðîÀgóƒ ÓÙˆ–åAs&ã¾rQˆÌ1´nP~HØqÉOP>»ìÈŽÎOÝEy°7Ý®-Ç+6Û8…*f.è°Œñ$¤î.®q�ÆO±*Iƒ÷¨7䧒,P"æÑäGûa(«¾¬»�Ó$ödxF`´œ\/Œ˜Z?Vè2i%¿'ñ¤ƒŸÉ¸u(Lk@%"*ü�xhÚyÍ$Uï�Í€ÒN"ˆOºµ¤v‰S; «¡!òƒÐêê|Ô�¤°¦'xƒL�nõÔ¬‘«"±.fW`„Û,·Ìû²tÌ"‹=H
tð+£ÂîÞ’ØXM'üá	³3g -5Nóà„”
ÀóseG¬ÂPƒ…‘KŽS‹3pÁ’Ü(‹¦HáüÖUzñŒÆ‰C÷ßè|ÓžJŒè/Ñ<ìÜ%�¡¿@îÅ2x=�ðC£,2ºPÛ­T㳊culÛu
Q³+5NØ3óP‹ÃàW»À³çšjwìÂ÷Dr
‰VPÓI-dðF�ê‹tŒû@”°-œÉ’¥GF*xdžâG:±sÏߨÓØKÖä«É•¼zµ„P‘P#†E2eNÚ{ùb)§(xÝùe"v>u¨÷¦}jØZ:KxYíí̧³®;pw0ƒâžæ
,ñ"•²(nÚgjÂq
+akxìú²z7Ÿº®œØNqÉ|â”?
+~¶˜üÁ‰à÷[ðEˆÌqÐüv	ßÀ¯àÆDMŽ‰¢Ž Ja‹úy:3úT€óI:/£Y
+®9Z¾ãÍD‘\apÑ2/ž¿7\28Ç@5ƒÉžD§Í@ÛƒqÈΩ§qb<HŒ,¡¨òLÆð9†4{Òo˜!ëŶ},ûV·¸F†
�Ó
ì"w2iyÝZË¥Pò+øT3îîø8ãDD”ÍŒ
fGªôcجX�JEžýa«³‰¤YÊWù˜;D£×¤$€‘‹T3äBè}o˜tþV6°M‚uþov
+yB’¡Ë™<DÕßY‚�
q¢$Y^˜™Ò'Š588thKw”ˆ\½(n—ö`ÍG2˜á!KrŽÏª=w­Z8ŒfD[84©L5µuÀQ�¨Q¹Ë1‚ׂæ8¦¸úÀLrù‘®�E”']-³ˆYá[�ÙÎJ¶5·7ojª�`Ÿ…�–{x¶ºv-ßÄ{—ž©5zÏ“¯ÿõZ®X!áÞÝû�ÝD”ä/®Q“—[JF›¬äÞ�Ǧuë¿p³ožfß;Ý#Äî
+�‡fhoØšæ�99¾Øc~Õ5»ÆîáÄþ¹Y=ðÏ/ìqw
5À…gûQ§G'¿æàÎÜz,°QÌ¥iW„qÃMež:q³°�íB“HfqžŽÅì»*öKÛr‰�FØfXbXÄ %Eúµ4+¹ÀI‰u=à19Ê�Õü:Ü>—�ÁàSØŒdN¦+YF
 šå%Î�^Ëa0¹"˜^s˜–-^)‘0-�Ü»gžo^¤ˆ„hå×V8]¾R]¹ÓÂ+ÄÂ¥
WŽAVOÙrÝõí°C ‚®ªYþŒ|H]n™bðê>ó’'S#çœqù�Wœ¸œ6`®’}×ó8:Ÿ}j:;hùºÙ¦–9ü\ƒœÓZÙHw×ËF…WŠô�(òh.±õb‘Š}öúüój* ®Ð±˜|éK墇²^Ö› &xå¦n™Ì%"ué�âã+.Æì›+MöeÝ‹¥¦ñ¨Ú¬ø�Âh¾p*±YõPàØ:¸ŽÅZÈ–
é¤9«
 fìåö+µä¹”_@€oOéºÊ‹Qñ0fâ´žVŒ„•�QsÀÿ÷Ç1K,?̲ZÜ'í>YŒ÷ᯂpö<˜,m{n]ßÛÝ5·d*¸üH½§üŸm[LWq¢úó`ï£3ú„/KÓ	.<ø¹5;³w¥Ù#"(°Ý%xü«ãÝaæéÔ8)‹¡ó
+þŠ¢Æëšþ­«ÃZs*ûžk->Jä,¾é¨úL)`vL"œÛ."tQ^€Óœ¥>ÿ)‰È/à h—ïÌã©xFؼÉÍ7¹Y̓¼ç`êsDÄ8Ù±×Ôüi+ŒfWlV¬ºã(Ê&ýò^.5¿ÅXèm›"ÑØÖ¬°¥tå¾ìΕÍnjîmñ-¡ÿ(žÖP
+…ÍMh{ŒÃq„�öp%ϱÇÒW`ÜRƒÒ³H‘NÍ–º“%°ÄŽ�I9ÔjŠµÐõÕÂmfavƘ:öÿAæ4:KÆктï¶GNâ̸2rÀÙÕ@ŸÑ˜ñùŠ0™~LÞÞWšPD±çºðò-–xÎÂÀ¥g3Ôj3�T�tbà”nš¸Ø«,“qˆŽ‡S~n®‚;ÿM|\j—L]>
›œrá2'\cÎ?é²&zr¤çR©ghýÍÏoW®�åÀ7£ÂÙ
+ËZüNÔTr¿†Z2ŒI?~ðhø€ì°7�µÂ×52à3N‚£AÄÈë<Yã›@Yú²'S†/H~+U.ò¹Tçª]6ˆHƸ„Øþ~c{¨*rÕÒ%䣤¥3ÐÉŸ*F\BrRƾÌs®ðDªPa•{‰JR5U‚þýæ—Ÿþ³V[u�Sô7÷ú?ß
+endstream
+endobj
+106 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+104 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 106 0 R
+>>
+endobj
+109 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2536
+>>
+stream
+xÚ­Yß�Û6~¿¿ÂW¨\ÄŒHJ¢„"I/¹ôp
ŠìÅa7¸ÓÚôZˆ-¹’ÜÍöáþöÎp†e9ÝÅáàñ7‡Ã™o¾¡±ˆãÅýÂ}þ¾xsýò�ZÈXrq½]È|!µ(’Åõßn"©–+•«<�Þ”Ýn¹ÒZGíÖ¶¶^[¬&ч²^*�ÊýòÓõ?©i¾X%…ÈÝ
+×;‹í/ß%ãJ‹\.b׿n‡²Þt4(�#MEžð ²…Í’LFö‹]Ÿz»¡Z¹ím‹EÙr�Rì°G�ÝÛu_55užœ„}µ§Þ’öÒ�@±©áÍîZ[~ž‰£µÈ²©Ì$DåD_¬´�áä <IÊó¾ ½•=}v•—«Gа‰š
+dÌ"7DE½WZ £Ô…(¼tÀ¹�FŹ�¸	TŽ{ÛÛN�°ÒÀȾ©(ŒþÞ:ƒ(p ÷-Q{*‡c”8™û›Ëý¾Ác<¸á™“Ùuœ:w)8¸¡ïœEŸi`I�·*5{[—ž¶m›ƒßƒ›Ö§ÍÝ�;µ»©ZPAÓ>.s½ ½ñyèìŽûg>v£J]íè.Äk§ª7öõ6[jâášÅ¤NҺ݈¹
å¡:ù‚V©J£-m‰E¸e÷ýþ‡ð@)¨™Ò®w
ÍxlNTe~FÀò·ÁÒ···Ñ·ßþüÏAi9_Þ™õÅmkKF‘gB£
ÃYÈwoá'„¸]òz~@Š†è�.ŠÀP�‰ÙŽ­í:ôÄs•e‰PÞ¿ýc^I(*jõÚÝJV Týî`{0¬sp1)ZöåíCxQã0´x\Õþ¶L0ìSé Fg`åëuÓnªúª&v�#É< ¡=í-ÏÞØnÝVw˜‘›Ýwι-zJ=°ï�±á%ß‚µàr¹Œ®<lé\E™H©õæjg÷{j|=œü}‘DÇòžgu»`
Eý´¥&æÁÑR<uvž{·Èe¨*×Á°61•º©W¿Û¶��ìáæ*SD­íOmMå®/ûS‡Jˆ�^±-þ
'ÈÁŒö¡ê,u?{¾„׻ꬰiÝïç¢Ú_O$�µù3ß%« $—úffÛ06ÓOÛvš‹Tñ°o.vŠ
60ì+ëT‘�€ð*ÜPôÅâ›Sµï«ºÃÛWyη�=ºà¦mÓRKIŸí	�Kd¢Çq4ü^
+8ZcPD�œŸCÅBúhsGbÍ‘LÔ�†°rs òéÓeH¹¹ù
+­þœ|ì®$Ã
+ÍÏ)¾1W[úJúlì‘\½&xpCêв¡ 
+ë¼–­XûË=Ïr‡\ÍÃÁxî�M)‘˜§
/
Ôñ6‰þ”$ÑÛa4Idz°€|Á�®é”AEÆ!�ªèØVÀa(Gø3ÐvÐ&1:4Rè"tÙû[2‘`AzÓÇâ�¡žpP ?ºCg¡Ó jdÒD¿,
ÎÄ×_Žûªï	ÐaMâP 8¿ºz.ª̠rËšRahh-ꦧQ9Û‚PØæGÓmCá
Y	ˆÓÑ¢/zG¥¨¬­©g˜ñŸ9dRøàå&¤ðR$¾û;ZÌ�ók‹�ösÁo&‹!�ƒ�Jo˜4èȼ™Ò^V“#e@XÊTè˜:V™u¥¹F[•wž_Mgfa”w3Îû=Å�ÝYwºëúª?õ46I@Š¶q·³ƒÁh¢/
"R}¿žšÞR±µÇs9š`£ä„D{χ+‹3R“¡^0¥ÁvÁ5?³Ë.Ô�ÆÄœ±#­ÌoL*‡dt'«íS÷�K\ŽÖqd££®SíNËÌÙ1vÝa0íæ¾®~÷ƒJx€ŸVh‰YRç¿ìœ9'œ`a~žT
+ã¡éÕ«'ÍÖ s¾¸˜sìuó×g,–ήB%†�6€l8•iA¢%ÈÇc5“㙨­îw”²ÐâÛ³þÆ£îÆj‹5ÒŠÀR#M0o{ß@j¶¡zIŸcÙƒ?ÕÜVsç¡ìÉ~h´š�WèwW›øÜðß“×äzC÷½aIFïø+À
,D@,$Un~Fya¡åƒ—¤r˜-å€Ù&R1ËÑׂ1çuÌ€‘E™Ó(þâëf]v²›
9gàÊf,L¹Qæ™#ÆÙÈ»H6OÉÁ#<Iªx¥‘äA…H^>D:,NH^¡<Ƀ]@¦äJD…�¸× `£ì�¹Ðj:.›NâÑ< ªJó¡yŠ`Ôö¸Ûœzª´ö¾l]‡¤Œ>‰ÇEQÍTBCÇo¹?îJÕ¹Ý04¡HŸ[F‹‰
¹Ì.Á„Š9Ybd˜³`—“šc®n©J²@Á»%vŽ¾ÐQ²7´iH4nv±ÛCí@(°«½˜“1 ìÊp›¿-�«�‰ñ~™!aÔˆ>ûAö÷Ú½l<’¯A�ìi´ãY0œ½4�=1‡I©wP6€8Îm¨
îtmçÊ®ø%ê"ÖOQŸIìKRNËãlúuM9o¹	XæÀU]¶(1hyµ¨'àÃâ[šŠÄ»ò«ÿþ9†ó*1a‡’c5Ĉj�žÁýhÒ4bÈÝ;z	‚& ‘k»á7M<¿éÉ,y^ú\X-býìØ¥¥'@òRìÒñ˜7>»ÐŠtÎ
—s·ŠßŽ¾¹´bkƽ½‹`¿»}™ùÎŒ#=BJ~
+û'—7Ý‹âQžUš¡˜a2NñË(÷¦¨�&×CÞD­H/îOû²õ]ÁC„ñozæÜ0MÞö�4â–lÕhS/ß™ð
ò$¯Üv™BšµLeto¿ÌÛ4RãÛÓ�B*«ç°YÍ[z
+[šaKl
÷r°¥=l鶴<ƒ-íq³-�C«$õD&Hú„ØbÀ*~ÚÎñŠ#[2ª+¡º±Na%‰ºGzxÄ®ÖåU¬rT,è^]dJü¢éy.ü]ç÷½Ä‰�Ú4Ыð…*Sü(§#…/ZÀ9%ÈxGìð” Ó_£2ËEúJn><ú׸L�[M¸
+q‰È€”_æˆÍ"3(v¡N�”+Ž`�)
CJ�Ɔ)A¶N”ÇP€T#%p#9”éiˆ“Ãè30»¡¯��øœÈÿ•¬hô
+³1t„.d+y;ò•;
+|3³†ÈÉÿ€ÓPŠ‚Ѳ;Ú6|ãHråŽã´ž3ÆÆÁ%°5t	ì¤d::.üÀ‹}�á´©æʶõá:‰‹iÂ{n>Fâ,²ž7¯¯ÞÿûãÛ¯¯|?·Õ\9¾ãd&c&m÷öàÿ0�†ø’�湈Ís62z|Þ£è‰+ò%¸[Ì-,ß^ÿåD0n²
+endstream
+endobj
+110 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F7 41 0 R
+>>
+endobj
+108 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 110 0 R
+>>
+endobj
+113 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2086
+>>
+stream
+xÚµXK�Ü6¾ï¯è½j`š¢¤ä{íddÄ
ä�	�š3-D-õêᯓÿž*)Q­¶=	°'Qd‘,~U¬úŠ›˜Åñæac?ßl^î_¼³œoö÷žm¸d¹ÚìÿõsôêXœÓmwRŠH~¹Ý)•D/‹¾*±KFo�¦®©ùf›‰ÈÃØ™~»Jç*ârûËþ»M’²$ÛìTÎ2»êp40GgÑӨ톪m°'�Ú{™Dú¡«šjŸŠ¡Ü„ãÔ3‰™†ª³ÿiÔ™‡±.:7øt¥zØ„mwIGûiZmNnªÕ4Þìàðœº@ß‹72G2™�¿üúí·¿þøúû¯÷¯¾%ÁÅ�Üc5
8Á£ª9˜'U³h¢qC’mVACk7Zõ¸NL§VB\à‡=ˆnåDø„¶—øy±K}D¬˜ÒUH³Ø¹4@Rn‰í>�Ãôhúêæ@îÓ�w îÒó”‰ÜÎ}=
¢%)èŒ+½Ç¹ð'‹Êö„CwUƒ;àðØÛƒá =?οoëºE¹G7x�i™®Ú®¿AETWý@ëd`'<˜²3…]4p:dÛè^HòYø‚æ¥9˜¦4_®æ
+Δ´so#ÏçñœI�êŒÏj-p{»Ý®Lƒêå2ÔòG÷¡”2w—EfÑ»m¢¢¢ݯ÷szŸÍ|©P°£ÊpCƒ»¥4Þ­Êí7™7¹³®jhdìÉ)@§–¾ÖDï¶Ö,]upš9÷„AìÈóðdMÛ�ŠúøÐ êÂÐlçΦÙ2ÿü+†Yâ D¨Þ~›É¨�BÕa™°4ûü‰`Ixýqµû¢î
[i
+ %,tu±0_ûRÊ2¯À_¬Vã	‹ó•~bís"a2ÿäÑí—®nK!c�„æ,‘«�øŠlV¸hë¸Å™àÏÐx±NçÔ@á+�B4`ñÂCžéï¿ÿß!5�X ­ðÔ,åÏÄÓ«Ó®—ÁT§ÿ"œÞC'4ñ,	S"DpïsŽ\Ø.“Î&AÈHù¥éÃé�$Å𙾌	”òèÐÒ·ij!‹a�¹»dÏCFømÑf¸2å%h1X¤Wc0xS,žaÇ�ä¹½÷³¿x;ôã­Ð¼¬<űy˜B®‚ìÌîÙÓÙìè�Í$Z&S¦S`�d´þ˶9TÈF|h¾Hö/Þpt,¸>üæ¨?K„Õ[2Á“@Ò´ˆ¾éÚñLL/M¢Wíé¦ï¯È*.¢‰–ýù'°£Ž²
+¤ËH�îl…Ž1Ë´Ôñˆv¼ïiÒÐÒ÷
w§fAdÔBð[z�àON3§L‡�æÉ”#\©_¬86Õ€Y“«è§£i¦Ew>éÙ“Í„Ôm&•r�^OpéÃ
v!÷=€AÊ�H
+Í™XÉ™DÙuÎ纲É~¬g(o^h,Ì«¤?0
"¨}š÷o;2OÅé\›âL,æ¡g:Ï
éq8�ƒËÓ. ¾–pR*@ؾæb˜L‚]
×�!×PÄ8¤s‰6Àadwµó^àʦ8]á	t
+!Ð]‰ÀûÚdë�€¿^¡v"Ÿ'mVáUôÊç@|�Õ¥1ãÒnB
ô‡º(é^€ãôqHð„Àäè ×}°LØÒ,ô7”[°ucÅÁÐÅèÚ‰ß
è{ïª=è¤)类ml
•]+ ê8ð8É#¤ÔÎàê�ëKK3$K1`ÿϯ&§ƒ¿×ö>99ø]«ñË

�‹C‹‰üv{³fð´fÌ¡h¥ªˆþ,~±pN‡·ÿªf�GǸ´ð¢¦FÆ3(±@A¦0áöp*µ<øxßÀißVÄu�š+…rHé§ÚÉ$g:_åF,´zÕ,ÜÌë�óÌ¥‡®*îì‚ÙÄú‡Æ×ÔnI̯8ÛæWltæTÐÊrÚÁÜB	>àö»§g®¦"`áZ�7Ú´ƒg0ãøyHŠ?üqýê~ø7W1îqþ
+²–PÑk¬5Ðî4_`(ÁY᳋t%<~¿SV™3]`X »ú=5ﺢ4nÂt……÷åÅ.Ö
E�­ðg²ýê²Ø’8wï
+"¸«�iŽ8sر–Ìožl‚yôŸ–Ff³áºœ•§�`�›ÓãŒ6§ªl붡ß[›a°Õ˜Çx‹‹Á=—åþåÅPšÅÉg.ªJ/Èlgþ;B98BËã�dƒÛ·+°ä�¸þÅ°æþ‰*¦Sºaf4™ËEïZ�›fÕð‚‡Ú
*{g:WùÂèG¼Ž)º»fÀ‚.‰¡„\8–x�•N£@…zµÔ
5>ÐçªDš‡ýøLsÀ‚kAóþˆmd,«ûWcª‚�'šî�-zl»+d/Íæg	€*�ÐÙ;•à€ïIû,4¢£+=¿ÑK•,[pªÞ@t	)ÑÑ}מ¨u-°æp“³ÏøOê9û1’Õ¢-îœH]4¿­Ó>[ ¤	îÅÔZ§k‚×Ør.Ø\ôøzgU£@êR3 ÖчqLh}j÷’‡½C‚ªÖ¡ãx4=Õú
]ÍДðˆPâ9\Æ¡ìÂXÔ,Ë\2¬¥l�›C‰[`=|!ëIuÕzRh¦Õç®6›/ó„òñXAr9ƒ3» ´kÀNH¦ªÖU<•£µýPc¿|#œŸA/UþvR	5Ý=CYs¹
d°�ºV@=`™þäyÓÓëìõþ°ßH
+endstream
+endobj
+114 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F1 10 0 R
+>>
+endobj
+112 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 114 0 R
+>>
+endobj
+117 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3109
+>>
+stream
+xÚ�ZY�ÛÈ~ϯ ¦‹Kv7¯ì“íµ`�À'cáH=#f)R ){fƒü÷ÔÕdS”Æû¤>«««ëøª¨UFÑêaE??¯^ßüðN­â(,âÕÍý*ÎW±³ºùé6ˆÍz£r•'Áë²ß¯7Zëàƒ½·�m¶»&øµlÖ*Ne½þró÷ÞÅ«Ø„Ú ©
œ¯6¦s¢¦C½Þ$©
+>îm]Ãö,	Þ­œšíPµMÏ|fr²ÑQ˜fDÂ팢à~ÜEݲ³ÒàŸoÈU¹Vyðw(Š`hyâ¡kOGnnÛálvBá¾í¸Q—ƒ•¦}´ÛžÂÝS_5³cp –“›ò`'Rp—ÕF.�ºÀ°Ç%yÊl„ëM©àfoŸx”o

>Øî¸÷ŸS?p«®~ËѪ˜ ‰éIb*ŠÃ<[EtØŸMÂLËdgNuÙ-(hx¦ü*�ïÓ"=¹Ã¿ö¶aÇ+Š< ÕÞËõ˜íž^‘¤ ¬|	¹w]oŒ*‚ªçßS�²ÀVI#9ÒÂn_ŽøØŽ¸ƒ§¿„f¢™#ÜSW(GœEŽ¼-½£Ý·¨ñÁ¶*wà·jØóöa_Ä6+6òlÎxV¹Ó°â^åñøš!ÒÉœã
+O‹q!½?ŽOï�ÃUÿtœÞž:°AÔ„�Ïì'’Û–'ìãð#ª~4-ooì7–úÄ?ËüØɵmß³•Wò»í,Km�L'å€îØÙ�‡€³CHÄ�Êga¢‰ø»uî™8¬V¢æ°mg· ƒŽ¾3/¢ç8èŸø´òño]…ä©Ö-8e¼÷HT|á}Å´/3¡qv@¯µ0#ðY…,ø|^/(À‘q>±=5»�Ó¿sjE¦²övI)M2Úä®ê¬ï=*Y¦Ž§/ÃÜh‡±/‹aR€”?«$k¬tKþ•Áæ$/�²þÊ%Œcªd!4�•L7	Qô1z6>¡³½í¾®x6|ì$gÝvKiÅàÂ’X茜�Q%S²Èݳ=âÒ²–ùgm×i‚>ñÌ/Ž-P—¾s*x«‘5w¥œ®dt<]	z».Pöþt<Ö•Ý‘3÷ˆ«�¥3á=Pêy�,Þ]2�“ Ï_DGàª7w`Àp8™ñîiù6E˜¸°@¾OÇN
+¡�<íE‡†,ÓMFÖ¡�O'¡Ú�C“îûj“Ç“\gûææâGýÌ3­¯·rêGëñ‡†›·ofìp\ÉÓPkÿÍ߈§ÿòµ<
ñ?ˆnŸ×£º–kçJp�Ó¯S0§~rVt~Ue€)Ç7…šÅÍò0sªn{g
wÄ?xSxÄo¤S¶Y¨háÛEßÿ^Í©›¼ä„À=ç±þ÷0 ù˜àî4ðE%2õ$¶”›0�Åá�8öM%ÅçZêꉣˆ¬L”L¦Å£Ø¦Â¥|#À�É\•²ï©’
+³Âw‘[ñäo\ìWUÝR{#ýœÇËICc|Ë![‰ò ç«Ûm…¾—<D$à%ÊÅ’¢B°‘UFä�±ë¡«,
+^9¹š(›G	ÚãŒöMFã:Lyôöƒ·,`b°A€ÇR	D<ŠÈˆ²á "‰ú¤%–h?öâÄéE@ãÃHˆ1£OÈßmF2á'‡0ô<ÒYÆøö±¸Õåpê¹�’Åß’<°VŒ±±r#9ƒ6˜ùÝ*‚Ö©©	yD&T›l×aú@Ç1”ˆæÎïf[
QíÚ¦~º’!xHb'ëD‰ˆ`¨gX
­fl•5R}â• …~èkc‚Ë“	„¢};gÎãÕÀ�Ðp” ;Ræ?".ào%°N^Ñ8’¨Ž$´‰$ÂH÷ØuÙ˲É/ÐîÑ>lú*bÎ#€Ë+jñ¾P/(¢_Ç%yØp4´]µ-kîƒüz°
Ž29nÍÜ8´½P@V[™>õd3³•ðî"°yו[ìszÀîS ºœ!š8
+œGÄÛâÓâ9	øy�zJÅ)Ç
ëgAÉÂÞÞ�¤÷uíáŒÔ™\e̹þyŽMˆö®.›ß–x8×)N
+%�4!©+£äÚÃTŽ-:Õ,f“3�c¶%¤�<")]4Ê<ÅÚÌšÁˆƒf´28K·²HÙ¼mšêw·µêýi‹DöB�ìJXyšˆ]²_öqD¨ÐFX
¶?ÂPI¼ªû‘¢RîˆhLŒ°)‘#‘‹ËÒá<TEªâY8RLˆÞW=u:Òv‡ªqü£
ºX¤ÁÓ
Í$ñŸ®·‡jÛÖmóR
”‚
½KÈ!„¨J3mb°I GÊ} îðLÉ?~ª#
&53ߘIžM›º‡ÓAP:-Õœ§fZ3§èTµ=ØÙ:
Û¾b`ϳÇrsÅtàÜAò½“`wêX ]
2èU§°{*'€Lsóöd&1
�•î<ÄÇ&wø7Å	
älWÒ�¥†3´C+RÌn˜ v“ï^¨0r>ä/Ï><dŠ´ìãQªv8ܺi˳„”NÄ�â…
+?ÈÙâ|v{^\	ù¯Þ	úáéÁŠ‘¥ÿ`€$ÒÏE.)ƒ%
{�²y@O|¡!�N²vÂZd¥€ù•Ëñ¢Kå8í£ÛÜ`¥%@îäÄÇb�®mmc	·r™.¹’GSéïݧ÷oÞ¿úõí…*ä]Qî‹åëT¨ìªò®&”&U1øí-�56)à
+
© Z°Û8¥gè
]då¨^Yá[iBN~_Q¹O€�¯)GÐ>ô!2ƒ¢ÈÃb®†ÏJÅØ%Á~­º¶!!ç$äĪaEµ³¤«ƒœ…pxÌy×clÆ	jÌ
@©&}÷ £—蟛­}ÜÚ£Ð3¹31S\Ô'cý駷¯?ý¼x}
)¹z>Õ.?þðöæÓ‡÷Ky;¯0tå±gÎXhK™ÂaÕÀ³Ul•0î :_ÃòOZ0¼/{)s‚
âÈ5fÎÞ3?TŒš‰ÞùUL†iðÈçÖ^†³Írº
+j¹„«s^´Æï”é²ü¥ÃÜeów§ª&FYקYèölZ/ߺÈM�ÙŽJR81Ž%'FÈ)Âh
lƒ6OUt3VÑÍEÎÀk$Ž5t8‡y<¿.†)“BЫ9a_�MAJQV„‰MÔxeáž»¢B×¹RZ‡Ùó¯'uQãUÏk<B+žY’âSÌÍðk�•¯SP‡Qé0zûº=u�[Âþ¼f1q<ObÏa‘Ö2DÉØ°¼igûmWÝ1R•PWl²€"÷ŒõR}„–øå"fëÊ·‚_(¿Q.)Q“ncçZ}=ÅTC@—Kn¼P‰ô¦D{î,ÀÄ“«}ÉUÜ‘#?ã"–Ž5Dn¡XŽi]cEÍ·†)>¨4Æ�eÏ6•º(–â·šÇ�[cnŒóå=A*—z
/å@ß™bªQ¦
¸äŒÌY]禓øQ\yü­ý{¾<‹}õ bŒ¬
+?Ë/Æ4ÒúÓìu¨hBâÂ$ÉŒ¹¦¢g5ì��Â…®
8ø,[æØQ&à¤>ÑûE©á2·àXÄY,bŸ³É(�èö3ˆ7ÛÃ+—xX«s—g±ž1’àÔ•ê�XÊ°Ž‡vº‚¤Õ�ÄKHÆ·VY&,¶ö%*H–Ç®¢J	ζ<Äú
'ì²}|*R»”ŒÇK^Îÿ8€«Ýʸ—Tá`À¥^à•“R*Lø=K7¡NÇZ6àP9(ô4€ N,_:cW_òü…LÈ1ÔærÖ�ÐÁ’
"ÇoU/û„€þü“½�R6›–]2K®¢yŶ‹U4=«¢¹¢™³/m®`ü|J6þ€t%éVà~Ó™ÿ'Våóã%UÔR%¨«$oS.oÃÊÜdÂ0ì>:Pg,di
+Qã'cDÉ줄Ð"üf*ÔÄÔíÖýIeÓâ3 …jlè_ô´@ÆL÷‘ŠG1VþY¥ÆR÷ת¯(ÙA9s]‰
+˜íY!ó¬Rînœ÷þž‚uÐaúøžò7’ö7Êz~‡·7ú?–©{W
+endstream
+endobj
+118 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+116 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 118 0 R
+>>
+endobj
+121 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3279
+>>
+stream
+xÚ­ÛŽã¶õ½_a¬ŒÆŒDR·
ºI³Áöa äag�hmÙbK®.3³-úï=’¢.»3údŠ<<ä¹_èM(ÂpsÚÐÏÏ›î¾{+7Q(òhswÜDÙ&R"×›»¿}~<·¾l·;¥d þ²Ýi?]µÇ)üz./¾Ýf2(‹~hËn»“:ÉuÅÛ�wßDZäj³Ó¹È+�õ¾¯šPFQPWÜ¥#õ�‡ò^Æi]!­ÉàZle|æ=Ÿà”,(øRu}y`¨Çª?ól6Ë¿ã=¾{«F2e‹PnBºÐîÈë>"¡c³üšñ67{aÀÜŒ'ÌQ§‰ˆR³õPî/E[.Ðk-âÌÀ4íÅNK)¢d³QD,Šþó­ìÊ~
“´§}ªK_ÁU¦‚}s½3;üÒÁ}Е%-
çñv3øë™ç~`4ÝÇoá;Oƒ[q*Hå÷[±ÝÅyÜ�
º%o•Ô"µwÚ½]åm2ò[Þ"Bàí‚*EÌ숟c¬Ê¿ÌXPÅP›å¯pÔ¡x¬H¿ó˜4ŒG¤U88:Æ/£Ã
+xÓÔ—Ï<yÏúŒC&±¸Ø%ƒ&	ºfh÷%ªüÅŒq'šÏ.
+¥È¤Oý¥ª(	ƒ-b¸nÁÐ Ò lQjITGü�VU4W#‰åS(?
§%r‘Z^uÆÐáD'*WŸQÖŧKy`å€�…+kტí¦h»øál?ʧ}6-™0Nu�½{Ñh ^ùÑ
ŸèV“[}s-újo8œ$Á™ÜÅÃÖE<¿2¸ñ.|`j|nb±ÀԊψµˆ²ûÄ62+%ŸaOXø�ænrV,°«L¨xaè€�M›¸¤ÒÙãiÊhì±c�p ÁØAçH…âщÃpbù±³|XQŠ…Êà}Ó›I!ìFGOî±ñçò°�uP´j
+­EÌu¼8„¢È¿5
„×�Qá(%óâ‘‹Ñf¸ô¼@AÔ4˜­nƒ¦:”5NõØ!²/•dA}[Ñ¥Ö`1wHÞúPµM}Åqôy+º®46:R`ÜuÃa‘±(ÍzÝñì1ž«Ë¡-k�QU?¢7£ÅîÜ—�GCA\Å[¾1Åcº("+:º;òx.-–þ\™ÃF~Á¦}1t¢à=·¶
‰\…Õ¨?±ÍüXÝ1ŠÑ’áû a쇶«p½$ºh¯]ªkÕóÁöb·K±'1ÀrSOø¥bú@¢Ä3€ìÖ@`r˜å¸Á–!-JSô0T©PHÎ@”РˉtºŸÆÁ/[‚~‚f@ÆÓ-�›qÈ\„Œã
ƒhDâ[èÍbZ Š•�6ñ N€�5ÿZ-íQË>óœ5²4èú¦eÓÉК B\†²C«Œ’à]Ï{‹k”°tfa*’È܃Œk~QHAlŒ �ÂG8ÑÌbŽÆˆKÇ5µ9—„[ŒÏútÉ;öþå¾*PYh¬¸'IÐœMðTÙC/
êõ#ÒŸÅkâHR´F¦€ùÅÞgé@p±/8°à³F9Ò,ø‘Æ»‡±_¦DéËLD$@!ó]¥uì�Lû¹ %íÉá22ŸÐ
z²<=‰
9ì¤eü«lFK¢„ßkc³,ï„Lmu¸èÁy~úri3:3r!Pˆ
+îvСìù�”®«N“ákèªúÄõ�%@@ö\ž­DœÏ‚&1T‡¡P™ï±M¾Œµ‹´é²Ôœ?ÑÜ¡ìöme:® rãÂêíÒH¨g«)R9éˆÙþºè�ÇPªŽ³&UÇ9?`KHœ8`#§êœ;å9j�çÕQÏ zñ•
+R}˜Æ¤˜'Ž<AŽ~Yç"çõ)aÍ6Ê-’d90ÉJš‡’W¶`ˆ¬g'·Ðè‰Ù»Àˆ
u·2x�*Â4øG½/mrÈQËGÁñ`bG3Mè
¿åpbƒ’Õ”õ01Ô̘7‰=AŒ1Õ*ªZ¯¥¾[U`d‹ÜN
+™,r;åŠ8#H™(´l¤r‚\%ôËäxÂRÊå)>=†{]_ôåÕ„$Cÿq¥�M{ejrO÷•È_ÝFï7a˘ò~ÿa‰ÄK¦Fæ#ÈEfmûã‚¥»¿ϪwÇe„€3¢çeŽiƒÒ<€(Àƒ“I@jª•CÃX˜LÌÇÈ2
+àÜÏ,˜Í‚‚ÞÀìÂɧ±H^àåc´	SÄñAC}(ÛScŽ‡$Ô\ |Ú™`£#+ßžnEÝ�"õ4&F&xdrN2,A)ãíT£�Ep,à Õú3lîÏ€šúKÓýke÷Štüs šDëÒÂkCù:³„×ïÁ÷Eu¡‘NgU6i¦QEh™ûF:�Ùb"ˆKUß­h$<+“ªîËÓJþ§ÁY%óØÉÈÙ+é”jÄz!rL:é
+}UkÃÜ×Z¬´-xá*íÂTð”5â¯/
.Î!çìL!
+.‰¸þ?òïºÛóìóÕ=È@q¿½ß~µÑà$>m0°½ÁÄà*.	L:éŠØ6&]Ù�ˆ˜‡ÞøôÁÄOö<*y±(á’FR’b`Ëó7ìg4­ñ™ÝíRõ½óù6¦ðGÇ�cy0xŸ©u±yú´/]L¢¯�³4‹Æ®á7¯þúÍRè©m¤!ÉZ¨³*ö7™«(/d$”<çQðLÃؼÃÉ 3ôÁ4Ó—1}©£�P€�"¯¶³+J.=*½8&5	-Ï�‹òj
¡¶Þ;‹ÖLtæ·=
3½Ù³ªŽ‰ÆÚðæRÝjF¬\Å3G�ŒfûÅ|.ÀUñs­Çç<×#‚˜—|qÿN…ÙÄ´eq ¤fq“Xd‘Wý)eû‘³6ºÈ¬Â]¨¿ÿçÔ¦3¹MùÃ;jÂØèƒ}Ã’.Ÿ¨ù’¹V¬‘ï‚)¬WÓÑá¹y#Mvà¦ÆÈ)ë‘ù˜¶š.P3Yµ}.è¢Àr¿y’Ž25EÛ:åÆ@~b$ÖeÁptYð
q„à°ZîßpS¦Œ‡‚Qªï·$œpdÔJÛRg£�þüý³mK@ÒX/z®sÓW€ÁØW€rÇ,)Ë(k¯õ¸`’W¨¸&þšPç ˆÃ�GžÙÖx6É(¨w†¯mùP5CçCpQ�@•ñÛ™b¬¬0tÑø
‡Uæ êR•³kËK2ÀÑRöx®¸™a6Ú.ˆ„$ Ì|^TF½1cØé(›¤24yG”û¥~RÊ°Èkc‰­¯$¶©ß‰B|³�nÒñ
+s¤Ÿ"Ð/E uÊÊpÃá`ƒu”IN11³ýö,žØÓkójµÚv4g˜pÖiž¦˜ÁI`^®8T%6|ÀhBêHY�3WÞ® ré—«àpg:Aª^$£ÁEç
Lr£x™ÈY%’ih«J™Jt•l�Í@
Š4Zø:Üa›©ß8€r&80Î$5ÎDf6ÝÁEãLp’[07—	ž2ѧE6CÜ€T–“ØêRæ{ŽÝ0Y™ýÈ�[KÃäï+-ŸPD6¥\
+'©µî×ìµÑFÄ\—�Œ×é›ö@x®‹ä¨�mE€¾+‡Oc�§ª¦@ºžPÍé×)æÁ€Û¢2Nw¹~Bé�ÙµZ[�±9œ>‚Ää詺š¶+AP¡ìTZ}–¾{ä„CWb*Ê�Ÿ�òoéIæÏ�|±�˜Nªdñ”Hl«�%�ƒŸ•ž?—¨¥7PÒï(Ù¿Â"S<>Ç #”íðãcöø©±ßt?¿b­«ÿ?Í~×Y4ï—ã:Ô_y
ˆB-b¿ßŒàÅ|}º~3~Ø�«N6sŸ–÷T'(N±�Ä6.pÔàb=ã‘mœ)9‹Ch~T몜-Œ0ÎDd3ÃpÍåØñM¡bûÕÖç�ÊF*;>‰L�®7‚`Ƕ¹ò<Wä*ŸÑpÝ•	•ØdO‚�ècè·cZ%2µ¹ô<ÜüAUí�˜fÿƒ&ÞN€ÃãNB|wô®
+ßÆoápµúSï1}%ó—ÑøãÒdÄæ:€»$QKf½fŠæûË<³ø÷Ë™s™þËÄa2÷eŽo{GH¸kz°“9•a‹ãBÐ&ë�_ýûýž{R
+ù™
ѯ ÃÊÁêÒ«÷k6êÞ/]»DM<’{ÕYnÏÐÂCÓù‡j·C
›PW?'ƒÄk8&ƒ î³\Hv›xð�LL¬k¬qµ­§µöÚ³zÒžÕ¦=«•ý‚VË"GËY9�LõÛ—åZæµ×ÔÒ{Z ˆ„ŠÜBªãj+[Íþ�Ô™›sœUc移?ýf•ú¥
+endstream
+endobj
+122 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+120 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 122 0 R
+>>
+endobj
+125 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2537
+>>
+stream
+xÚÍYÝ�Û¸ï_án¨|ˆyI}¡½äz9¤@Ñ¢»@²‡VkÓkõdÉ¥${}g8C™²|É÷Ò'ñs8_üÍµŠE¯žVîóãêÍý·oå*‰E™¬î÷«¤X%J”zuÿ—÷Q’­7²�E½©ìa½QJEÿ4{Ó›vk°«£¿UíZæÑX5ëŸîÿºÚÕdµÑ¥(…¡ƒeiY3`#‰ªvG#c;�
s¤ÁXhhðûCuLOãš>ïï¦ihþÍX7CÝÒÄ÷Ýñ”íO¯°ŸF§êÉÐŒRk±†²èþÀc'”*êl=Ô]ËŒß zB¢Ÿª¾:`ÀÂâ,ŽªÞ`˜5GÞßW}Ý<ÓhoNMµ5;ê}:˜–Z},ñ-3íÇv‹çÒDmék>›í8øý¬lÞ™`µŠ¬ˆ@ãÈyê8».dć�B”ô
+
û%‚;�vÞ$™H•Ûù/ǶŠKd[ÅÅBQnnÒu·pJmÁO´§ÛÓø±C�ak8Ts²7<¹«Ÿê�š¨üšÏ'°¥Ù!뉊üôÑù™HjÏü$ö£ã•…ÿl:‹êÄžóðÕÇLd�ðß¾MÐÏã}ž4(s‘•Ž”ZÈõ&kÝ��‰Èlk'~žFÿX+ôïŽVx€/ÄJ‘Ñ
 ¯‹sï*΢¡7Õ`yØ|DÁL_ñdèyn
Z!'ÀÝÀ¸èÏ*EÊÖ\ßs¬�æ3Mvmí³Ž`Mï/òîO¿¢ÒÊÚú©=wÃÒ¥»Ðø¥;‹Úµ¤Ý¶ã%Àf‡;>­ñ°ë[�uÄ[Š\ºs¾Yh1ÍEZ¬b7ûƒs<D–t<~�V¡±tQ¸¨uîð3T=»(LïûîH­®5¨L­¼ï‡¤�Z¼| BtèœI¶Û‘^DŸêáP³—ïºñ‘Ü»ˆ>ŒÝ`ìÌ“vpÞé$ºv7
+T`0³;Á[¼àã°®jF^= _mqç!ä;�£J°dpÀÁŽ’܃�F&^2z�iÞÛ�:Döl'îP˜Â
—†–*›ñÝÛ»…™eŒWŽæC7'Š$]_W Mg¥\¾bNjPêåq™fB–¡À7·ßÜ,�ÍDî½Ëy/œc>Œ5«ý½pþ]0Ïå1y&
+ÉÛonš/ÈEâÉo»3QúÉ[¹Ü›�~i¯W—âŠ`Røyt9ŠD=ÛEŸ×©Bä§TJ¡.µCÞ�³7¤ÙÂRMÞSÓ†³‹:Œ‘ ©fWi¾v—òªD$êËþ“ç<¿ð½Û/(‚ƒÄò+gÂg.Sq@’¸"®âüÀAMp§ {¾S%¸8Å8W˜Û$ºï¯°X$!‹¹”ƒ5Í«	œ©1çRy.uôß®n}xD`éÆaŠ•ö¦§¨ÔhBÁru½]ú&/„vˆž¢wÑËÿKDO—ˆ.‹3¢Ë"ŸÛ¢Ë2?#-Le!º"…	æqŠ‰ßŠæ¼—Рzädw(·àðâÁìä7·ß]…:5s–Dz¨Ó3¨K’«P—
+@Ý
ùÈÍ­ä ÐâÈ<Òƒ‹ËTrôuw2"!)tãt¹c®&Û¸N]lÊNŠTäeˆgŤÖxR¤3OLçáx@»ˆ9øåùäk8:3cL):|ý•Áõ‹±Ï­žêÖÝ™k¡éç1eÎÚÀF×Cì\{¡…¢‚)XžÌ„ÁÝ—äšÊòI¡$¹$Ià;I‚§¡$f-'L[Ä?¶ð@üò¢�œ9Ó9_C^ßóŽªgúmÇÔ//=9]úE9�ò×]?Õ쇨ÄEr’ïÚ·K¼JR,hš.ò<ÿ…l÷Àب¡^«…gð}¾@ÛÞ]Fü‘2b.À.±?Æ»€è^¢ó¬|
+Y4ñ¼GÊ«zšpá#ÃeáBsáײ²cÕ\áš8
+˜þóo`Ú|v2è>ŒvÎ1/ÓPYZV½ÙrqÒ<{¾ŽÆÞjЧ¾½ñN5‰mšÃÄ×¥Ù|Qš‡è5Ò-
ÿ1ÈŸÀÓÅÃ|7S�¤�¶:I5ƒ6Öú ¬‚°u¢*Û2‹«'ÞZñ×2çÛ±Š„Ô„ÍØÒ"
+ÞÎË8žUHöÕò‚OiI‘]ϼR‘ø¸�ï4‹Ëy*O?N1ɶôóŠ‘�®À‚¥s•j‘óCPQ,8pƒ¾F†…õ`M³§á‡ÈŽ>Ðâz§”ÂB°ø?K
b%|긩—×ø÷•É)À¨!Ÿ¥¦Î(WoëÂSn_æ÷ZSÅç¾?¡qê9ÚË
+EÈi)
+O§Þ]}pðÓ™CÊNŸÄ9Ãw-�UiÊDzòiðàÅ�Eøv|tTÑÄyîjZ¤j–N9=¤ýZ‰8›…Þ=ôšÌPŸLYú5‘•Èu òD¦;AèçsöÊ,3t�L{¼L×`9†r(
-ýû—ZZ²”·‡úº¥³ôË–Ö3KË3eElÍA�Aç)gýÙ#®x€+õÜn8ÓRšœ{2ݽ¾k»Ñ"À¡Fù¦¿änÄ/Ó˜Tä9RqÊŽ�µ\ž£Šó”TŹ~1d·}}0
…lòþPó
ô-	‡°Q
[aMQ±jê_zŠ%zb>«ͯâºHY÷
øgWAíh)eŒØªh%Â8ÖØvÖ„/ë”iñ+06§W`ì@ÎO
ÿŽTøÞ{%óÄ·_�ä‘’ëe*¥ÁçL(¾vùã°„@BN{ØpžxÄ�
²9¡p‰{³ÁóÂ’jœf&Å™8–vNo‰õ":Lx	ö²ÔBû²}³ý-h�‹šTͳꡓ‰„ïß-`FÃ¥@aðÉ]§…W;îJQínpÀlxÁ~®±´ù’’<´B–³gQÚ ã�kވ̀·êŸÆðI7�ª==ß(ˆÚ gìÌ8OË}"I�)¯¨[ïi-”ß<`iàÔ˧á]LUôw¬>ÕÖø­Ã|§Ée®H¾DÞ†ý‘_ûõ´tÖþßÙˆ#AÅyîSͯ´â“çgj_ªKF¿˜¾{	êýûk¹#Öoe
C½…T•’Gàë5‡O—Ê’.ÆxBæ㔬¤$DÀÕ£íšÑ=.”è‡Ã�QOsz
+·Õ®V˜ õt½Dh|	æR›ëaçEØþp!ê2Ÿ*ký˜«åC€7ÄY
�ç8½Tà
+ôÌ8‹Gú¦¶èsy^Fwà͇‘b\Ät	Œ—ŒvêÃjêë_�^8‚ÖšgçÅàëën´Ô›Rá…6ý…+‚W`4-“èuc;šáD™’÷¥dÿ RŽ,ÓªbºÁ–e4Âñ$x¶Â3êøüáþwÿ®ÏÚ
+endstream
+endobj
+126 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F8 61 0 R
+>>
+endobj
+124 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 126 0 R
+>>
+endobj
+129 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2231
+>>
+stream
+xÚ­XK�ã6¾ï¯0‚dÀb$>ôH.™ÙÍ,°—d3
äÐ=Yf·…‘-G’{ºÌßz�e»�,0›b‘Åz~¬â*I²zZÑß¿Wïï~ø Wi"Êtu÷¸J‹UªD©Wwÿº�þ¹¯N£í×±R2R?®c­Mô¾š§TôqoÛ–‡Ö…Œl5ž{;¬c©³RGi¾þt÷Ÿ•É…)V±.EA\í‹­Ï£Ý!»2ªŽ80Itj«Úºqsäÿqoy•=®e=7}w<จFGx9ÁqEÔõDZ󛫑Guw8À9bç Ö{à€‚%«tMY×z-óhokäý¹9>±Ò‡ªi78ÔÀ®X×SÕWë£¢}×î¿ÆòÜð¨{¼ !K=H“·V ,?|HW©J£b´X¹ŠU"4§„YÇ&““ÅsýòrªŽCÓf:Q£cYŠTÑþi-l•eDŠÀ?›Îö�]@ëá¯)œ¼0áŒÇmstÓÕ#Ù�ü¿¯ß-óµî¸áÔú%àX03xˆDV³ÈJBp	Š;vŸÙE­d!2åV}­¢»½í-93Ve*
+É.5´¨ê�ÉûŒáCò€SÁ½»aé=¼0Ì�,Š™E)Dià$#Ê’Nz�™¼ö‚™×hÛCp3ïù¨K®1ï ¾Åßã;6íîÿâû7å½qö?ž×Fƒ]›jÛZ6æ7=vŽ5ôÚy;ŒÍx¿s{܃R½¾©#¾`\wýŽ�B?"Š|¹&fDYȽŠ3‘eÀ¯çú%nž¢4ä?>ò¿�1ƒ¾›
@ÝÈdŠÏ<p(â^‘L!n'R:G‰[FNåï$¦Ã¤0;gwèÒ„)¨
¥ù^€ù)&pvD~ˆvbR7Wñ_kÇxìâ¾yÚìà´Š«aÛÖ ¢QfvÝ	"IC)'Onس.:õÛ^!<'VaýŠ²åy4¼£=ø‘ù+
+¦ëÊÓÏ'D”È‘šMB2"nl¦ù]Õn× Mª–¿CcÂò
+Uï€iš½ã M\Ha2Ÿþ}G2Ôv<ºÂ�´0ÌUváXR8^€ÔY–CX’ÌIÁ²'ùÕíƒ42Ðø⇉�Œ£±á(ë…᧱<X†Ÿ–ÆE2ž£�ôa	}.n€ÉÏoBÒìg½ôsû
+‹ËÒç”N’Eâè4Ñ¢,1†T>aŒ-Ø0™cæ¹v©ŽO‹eá­—DtÛžXÓlÉ¡·³wxÉ>ÂOO'~‚o0O‡AyA‚ï�+§)(ÙÚé¤l¶
m¼ÿ.’HH|åßÌÔŽ
oð2¯íit(ßÈ[Aì»
+³€*š²~O€Œ@Å/K™æˆ±Õß}ÿów×J&òÜ£6TŽ÷G[3^!c%´�<¼ÿÈ™nëó§~C]}XŸ6ì-©µÈÊžª'‡;iö°æHuP»�93XBz‘ÿbzÜ3¹H}¢Rœ])­EêQáþçO_¯•VRÈK¥±7˜”†°îßõ=�Ñ+*çªi¯J®ÖÂÅ'ž›†yõŽëMmÀ>Xk“NÛ\	ž&™H¤“ëÏs7ºCz{èžÁÜ—jä¹Pr©1©�C.JÞÿ—Yâøw`é’·EÅt‘;Åp�Ôè#d×88MK(wø³Dù)P")Q>wˆ0m|K Rn
+ÞûË;h
+nöŠ{î)Ü.)·…”Ð8]ñçÁz|i†Ne&ðóÊã/û†énS¿mƾê_ùs{HåÁqb×{¤0/{²GÛW#*˜¸Û)þôø
+¸X
'•*XnU Êà–ëyÒ÷ÁUWRlÝ(®`¹}Ó€°«¸ŒsØ0Ç9œŒN)xþþC3ó-gÇPt$Ò‡=¬”
+KÖ®(0Þƒ°Øž±sÒ¾ƒ
KŒã’RvàéÉ‚üy´Ó¨sìK3Œh_ç7t`5BJàéœAR³[èÃE–v†Ùy¦cõ™:*·×ˆÁ{œé
+ªWð¿;¹jåÒ7Y1Ò©·Õ
��ÍÆ¥;´ÊÓe.áô¶¥Dü‚ŠŠGm}ÌaYÔðu%±2å¿Áö
=Y T�<Gw~<X,0FÏgŽdXÑ…L€fÿ<k׈¦i*Œ	cl×C%å.nãm<βRkŠU//8U
†o™qåŽ[ÐƳ#T4'Eq¯W”ø¸“Þ´³,31Ù™ëÍaê¾9�צÎç|ÁKúxn2PÒÐGt´‡8*——Vo1x_H`¨s(äR¨ü+ øÅvæuÇïUsäM:ú.Ä:Ÿ�0˜¬£R÷¢„œ&²{"š¤IB^åØU'Â.ΑØÝg’¸ ‰éJÎíèÞŒ”S`´;GÓÔ’0�”Ç;9¹êʦoXœRµÉ¥„«ûìÀXši;ÂY–󢲌_–A–Sæ\A…Yïyž`1Gon?½�Ë—šê(hð“òí©ÒÑô°Úþ™ƒš^x4>,*J7¶fu8aqU¦@ûZm=Þ÷ØÚBeWï;AÕ÷×nSo¶_møúçšQlqq5›o¯17YxÎ;´zBùo�t�æÉ"Ýñ›ÀTBìÈJKœ÷h¹¬[ )}•y]°‘{âËÕ^ úFˆëZ/ÅÚ�ɯו"ªÄį×ýÜ|*a­„[ß=¼-›Hà’-ÅoÐùü©V
!)&]Ê·Øœéé!Dz%g8§'c¸�Fûu3S;Gq½ƒRbDb®ß}
èk¬¸)è
+~"†ˆ3þÁÒ±¥2›_
uêmcwþt¼f‰öÊ=lðƒ£qÉ°À<à9õi9åqqf¼qS\z_|è}Ëì±£‡á~Ëüéüäôz+Ì

+r²9Öíyh8[V¢ÊÛ-Wfå9¶\®–+”³\®––ËU`¹ÜÁH®CËåryùø—»üêz’�
+endstream
+endobj
+130 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F5 30 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+128 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 130 0 R
+>>
+endobj
+133 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2804
+>>
+stream
+xÚµ]�ÛÆñ½¿BÊ«¥=r—Ÿ
ŠÀŽ�ÄEí
}È-OÚ“S¤BR¾;Îoï|-?åsûÐ'-ggggç{F+_ùþj¿¢ŸV¯n®¿×«ÀWY°º¹_é*0*W7¯ñ‚ôj£S�FÞ«¼=\mŒ1Þßí½mlµµøzïòêJ'Þ9/¯~½ùëjTƒÕ&ÌTJJûXlë}“ŸÅ6/Ë'<yw@7ñlw¥cïáJ§žµž¿þ>±¢#ìøDè‘·Çœú*ˆe7¯v‹ã:PZËþÓât¤’H6×ÌSQmËs[|ÄçXuµ	ÃÄû¹î,ïv‡¼ó^w‡%Ã&P~øbÆÑ>’ÈÛŽ5‚�™»úžõÒÐæG˪�/å'«
è7`ývHçéÄÊP„„¨üM«(!œWMNºÎ|Ï>žòª-êŠ?‹~ÓÌ;ñýÍ}ÝíŽ÷„'ÉY6“'>
³͌fjý�$CHx"æ©·Åõ!^:Û´kåâmáŒÏ1Œø�5 †i!,‡ñ;ñrâ6N�mmÃêßñ^Qñ€r.;4¸ÿm'X-o¶]Sl;2q<c;ð
+Áÿ
ø®f®åúªîžŸN%i}Å.4<‘¢ t{í	²A[±
¼ Ë;ÒÂññ:K˜{\lkÁ|ì�e‚1Ò0í7³}w4q
+&ê=˜¯uÈwh9­Ç…Áôn®Rí¡v²ÈËQ¹‘H]�ýÄÈê­Ž}�'Ê	ˆ=Ý�·N`GÛ±
�XFû	Œè
+6PÕž×ÿfw2#gKÀÂ�·ýñÓÒÝ:gý_\+¬2–g[ì î„•²Øw¥et°}~ºN•¥c�Þ‰O�óöìÁý^šŽàª¦±h\›ÞËêèÀrì›ð9Š:쟓Aà\ýv†Ð&djq¤ŠåvB¼·¬ÛÊ
+]Á×øL¬=
+”q±?'TW–£‹
c[�¹`4r˜w>^E
+J2‡Ø÷ZûÛYràÀ[ÁYh›HgÞË>T.Äq',F‰M]+œ*BOñ“”
ú)í½„Ùs%A¨ÚÛÝ -3ÕÖÜÎÀŽœ•-�,U‰éäjI|ÁRHUIŸª.ä13˜)R‰r¤ÕI4ä�$ž=b±?!4gÀ]NÏûЖªð0ÀisX¤@Ô1~�žIù
+²ü{�Î9Báft#	ŸŒ)Š•™xÈTÅ`/Å‹m˜Å‹$˜ÅÀ‘x
«q¼Hô$^ˆA/`£�‰¹ 0e’çãE4Š@°V8^Àb$NÈ¡Q©ž<{ˆ `q÷ä`ŒÿC¼¸9p:ò鶮9o;þdƒÎ<ª¹žNC5–Aœ ‡„U.gÛCÝ@ÅC
Ÿ[ñJ2¡O®[Tu«£ä‘iP2FeÁ
+e°©yøWªãíme›œã|2ï¡WÖà{
Ã�=Ù­&%�ñr¦U÷fÒË.?žJûÍ2¤*ñøaW4ZBïúÜ6×e
Òºn›íõ8Çõ§ºÜ­+û°Þm·¾;ïÛÏ{À—¥ñ˜(§ƒ©kÏq¶‡ú¡â‹›Í&‚°K,|:oï®?ÙǵÝÝçuYÐ×·êÛ?¯áÌ¿ìãgá!@ª~F<ð»t¢’˜È)�þ¤½›¢Ü‘áGÞ›>ò-Œš•¤3•h"ðöË™=8|@	×ÍŽ¿DƒûK+Ú&$üŠ!CøGhÇ<àr‹”\}‡ íÝ^ÊÚ±QÆÅÓߟ
†·WkTžeÉwÔ÷ÌÙÉâRáù|¤Ú%o膲IMÉ
#óÐæÊp©?Nl°%A7n9µ
�ÁÅ´˜]K5}Ï›X©Ê\`û@ø{t@éŽÛ+¡MgRZ“àƢ͘ç@Ò¦÷á…L•:¡B,Ž}Ÿ¬À¤1ðEi=•®#•Ú
sÑ"Œü4�R<¿™6å!±$+N:YÒ
…._ÎÙXž¶
³‹tBp-KŠœ¹2ã*×Þ0qIü¬±�ÚÊ/ÿpýTC¾Âؽèëb_E™ˆ°¬÷EÅ×UÒ™Íŧƒ¸C�¸‰
+í¸ê‰„L„Vn³ƒ	´ÒÉXܪ“†Fâ2J8tš¨¼Ý„RÁocO%$ #Hf
ÃáŒTkgúÔ’
zN¦%*töôãûwoбŠ]&mÖqËw4E"FÁ$!
+fN>
Tþ·Ôù}•ZÛIYk²¹Ð8\€Ùê#­²Ô—uóÄX|ßa˜PÙG»=wdayÂ��ïÚ®èÎqò·Íwètaä½ÇÀðP´–úœ´WóWÜ™j[—?GŠ4½"�ë™�Ÿˆ Ñ)¥¶-÷­Ðlws£Ô;ôäx½C{EL´×/ÏV¢LˆEéò)‘ÄDø½P'û>jNrËç+4´ú8®[0|’G.îÀuÎa	¨‘3ÄÅz¤bçëûçë¥ý˜œy_ÔÑ>ûljq±u°Oߨ0\æ#c.h~hc–âJS¥�8~ß|]Zc3a°´ŒžÏœL/-3uÛÒ2ƒ´Þÿôú’ÀL¨ÌdRg8Uâo7}$yñ¤`ù”Ì!t¢§µY�vªÖé2ÅÀç,Y ¨Çw
–Ü^§³½±J�>fhîÌÅÐà7çÐG¬YeDÚ,Ò‰‰Bå&?_h)û‘éš­O8¢jŸ-(I°œY�ã�²[„M#wÓ:â]jKãXiÇÆ‹K•˜µ¥@”\ ”óç…Ú.럵y–Þ%H¶R‹ìñ¬÷†ˆ‡_ÒôFñp˜fµêjǵ ØÒ-OMX÷M}Îrã'ÊŒcï8h¦4:é©i´©¹»ÂR¯ã}.ŸÏ¥<‡> µÎ¹“Gh�3LQ/¦W
	Øi—
(Aµ3Âݹ(;.Ÿ2#º1܇ñ�æS¢Òy+žktæ‘]ͼ&Ô}uj.ÛtÀ\�C‘!5øÝìσ^pçÜ^ü„OüˆUʿܸ^�Ò6¢“zïïë‹s×S¾§ç&^Ý^Qí›JíÛW¤sM·yÕ^“m	
‚RÉœ.ÅÚ@=Ôçn‚\B�À!	>–>úÙðŸÃ‹¯�ˆ™Y†˜�Ǧ}a"¢|󜿚Yö¸�±õàÕ_e®�êTŒ€¸ˆîªÜiD§«¾ü�š{’"xzi*¦y£0[7CY'&“BãÝçEÙÎ3äÐõ×0Ly˜˜L†‰þø
oØ4±}ô´ä ˆ ØW#Oøüå“–mÛ92nÐ<	£6<˜×
V¨G1{8%B´©7aŒV\Vu_vó•l�Hþýt£f[_ÎF}¹ò—gM	ë)üó¦bºpAk™ê6o-wヺÓé`pS(±"FÈôÿ/¢Ÿyß�‹ÓК2L
%䌇á$¾úÂh,¾atmíùÂÿ^ñé%­c²ß–Á’ÌRI€¥¾ûè‰�´L’‡Ó„
iW®`}yóã2ah•MÇÏc¹+í²Í»—oºH ŒT5	õÍîïÏÉlGeÎ
+¾{}‘Ö‚ñ’á âââ“K�8ê‹ec,–væ­¤â�ëVúêö‹#Ö~>;­
+‘dÞOoÛïÉeòÅ
Áý�.c…ÖýÃÐÏwÌÒ-—cËÞÿ2•¤_‰%Ãì¡g|R¿L@½L†2ív�ôêÍÍþb‘oB
+endstream
+endobj
+134 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F1 10 0 R
+>>
+endobj
+132 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 134 0 R
+>>
+endobj
+137 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2464
+>>
+stream
+xÚåY[�ÛÆ~ï¯P
¦k̹ñ’ @‘ÚN]´µ�.�‡$@i‰²ØP↤¼^Éoï¹‡C‘+o᧢/"9—3ç~¾3ZÅ"ŽWïWôønõíÍóWj%c‘ËÕÍ~%³•Ô"7«›?D>·}Ù®7Z«H½Þc£o‹®Úâ�Žþy(ëš__­3•EnËn½Q&ÉM$óõO7}þJ�ä7pª\mL.2:á·çû¦áU
66_Å´â_3ZÄÚM>ùË›¿¿\&!…V=�³!¥ÒÂ3qÊœìÛrw…›
¨vàÒ›CÉBwçw kíª¶ÜöM{?;(³ÂZÇÆm‹LºùfÏT{&o¢Cst�Ð'¯4ÃJ�;°ÒåÙ2‘"VÃá ®Xm´2"O'¢õ…Vxûý‹E
+Æ‚™¶Aœ£˜ç
›/däÓ›¿½f6OÛ<ýu‘–Œa}r…©D‹$›h‡å
?"NüÇ’ãeýÑQú¶:½Ì[ôüv·VIÔœëû’·xw[k•F÷øSú54BïsUÈ,fÐøLÇ´¾šI •Péƒ"$"¿b6•%Bë‰ÙæH)Lòà
&Rÿ¿èÈyÑæ_G›/Ö‘Äâç©DdŠia…^ol¢|eImôv­ã¨h‹cÉ¥(5ÑË�·Å©«šÓ<¼
Ö®�Ê…JÕÅrAJeÅ�zŸÌÃX¤Êóâh‹Z>#[âCåyT�P�}ÛÀgíÎ[¬}xØmÀ/l-~Ÿáwm›ã±8íxŠH×Wý¹ç·¯h«þt ÞRê†|š&a%ò„ÔfiYZE:`jqt*Žn¢iùÙÝQôð�š—õ
OzÂ:c‡ŽƒKŽÎ—àÃ\¬;më¦Ö�j˜è«ìžá1à¨�¶H†£0Eë|¶¹E]„,€Â¹çj5îù°+~
?oÛ¦‡âÈ‹}íü°¶õW¼«/Öáaáp÷¾mŽ<Îl:cw<V�å®*ú²¾gsŒWàëºÁ�w>H«!D½ärÛ!ZÍ4Z�C•ímÆs±Z¸óÁ¦}Xÿ¤€öÄ”	ÙCSßJ0…ÉSà{ºÆA@;°ŽÕ	SÃÉcÑ3³$†
$Wžvî=a2¼¹êøéwþ¨lÚv=�.”j™¢®8¬~]Š¹²‰Sãh•Ý¶¸eMíœ4è¾÷Ì^á��NM.õ® A~îê¢Õ•SÈ(wZè¤8VðÐ/熔ŽïœiA3ÆêˆbG™Ÿp7æ&G¥"ªÜíJAÓw�–¢`Ì
`úËܦ¦Ü¶S|™`pº
eccP	Áw|Ý7í‘ßСðÅOO”?ÉÜð|2O¥x�3Ý'ž5‹v¸$
-�–�q
Hu)ØÜÄ‘^ŸñÓä(Êåùi&¬Zf <Â5¬I9áV¶64�·H¹Ãœ›ºœ«�öñ¥!3r.ƒÁ¶üå\µÊ0|‡ÁxÉžŠ
ß~ž½·V/˜ê-•Ÿ¦«|Ú4fâ°–'Ž
ðFÒ©$6	3`
+°µ¶àf'À"€x_õè{–c'Å�à¹~Œ2
å€3ÆÄé1ŠU>Âñ½àƒ'i™÷:“5
+R Œo9ÅrÙÀU)–4!ÓXLkQç£ÌUŸ!çV½›º’s_ï¹~÷øðyÑ
‰ôH,8­„7ó·PcoD
+ˆ9!1ìØÖ$s
+`àÚ8ØHHµ0W—Pßeí9¢aˆ.3ÖQ=Ü�:ø…ÊKèÚ£D!Y׉ÃG	á#š$ËðáÀk u^¸ŠHãÎ䈖\ípØÍÛ‹ÚŽS˜É(ßâ;ñ	Á¶¤š$Í’¢u’‰G¹m6¬*|vPˆÑÁÙàÖ8À¥�OR¤zu;åþJpŽ}÷R4ôæa¦§:Ž”Ì‚‹©VÐ
6̈c\�¦w>š<@
+šV#3ÞI$©[™d³Š”&Q[ÀlËÓ.�ЛÛr”, ¤É£2 LQXÖ{p&k2ÈÀ$"çgý|jÐóÄlÚâ‰}à8—v0“8[„Ù‹×Lf,L¹”®0å~%!Yôï,§tDÏã¦Ø¡0r/þ$·‡|?_,¹Ð úíÓµ‚ùû¹Ë�W&�19}üì�ºíƒšW_Ž
·\Bl%_Ì$EÓìê,9øáڭП®5w?]Û9b²ü¤Û
6m«wœj™ Þ5
+:w@AæyYÅC
wéeÑ·ž©fÀ–°÷ � dÒw?¯Ë½Ûã€:@
/±€ï(R%yãRÀ#Ù¤¥:Ÿõ@˜¯%•ÅÐéã�%Œ²‡h}
+Nø0æêrͱúl^u&â!ºÿs?ÈDˆ‹ðPº—µIôoêéøÆ=«zW:>ƒ¦Ü@αïtš«\¡ž=€ÔõR÷saðV_hÙ0q1”�ö�²ÅBÇÍ%Ò™­ÿœÜ2¤ÆÕXœé!½Sf´X)]Nt„˜ˆ+¹ˆÀ[å6œO]醚֩Â1ì5Axâ\×ß`‘›«¾g¶2×VêÌ‚¾jrxx…zs®‰¥Œ¯
+p°àGOÅßšy;,a®Ç5!×™ç:㎟Ä5b
€0oé
– Î–YÛu‡n_àÏý:ÓÑ3v{F]©—AºZƒÏÓ¶>廓ÆPóKׯBy$îeêí¯ûaŒSECè>Ë�U×—§­#Â>„[YÄ�—°°ÊÄóƒ>³x=X‰"zz‰ ½lÚA¼h@K²háuC3¸£
oWœh¸‰Í¦µ’®YœTb–n—þ2ùɧŋRûÙ�p:ÔïyÖ.¦ü•‘³3²±˜Þù,3)·˜ö.«FàO¯},²ü1€>7! ×ÊÇ *×ý7ó:Ó¨°ew7E36lîÿ•y8©¦ÂÈ..Z_h%ß`8ÝU]ér¤8›iCéœ+tÖe¾€-�=J=v˜ž2¶ð�N.rõKþ;ûãU?}ЉÒkØB¨ìsN$Ç[Š«PYM.’щà•kÀÔ‰’
C$S'Âål$j¼É»æEéÄ—	X¼«ÞŸ(
é¾™‘Æv,ý¬„&�7ãöTâ¿�÷¹ÿMò°£ÄÏ�ÐØ£ºÀXM¼/3_4vo韙àbF8£ã]œâq»+Û
+–r¡L &×O“Íàúþ:žrBÓ�wÊþž<P8æðÆß4»¿�‡("+:r™qJ}yó»ÿ¹cJ»
+endstream
+endobj
+138 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F5 30 0 R
+>>
+endobj
+136 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 138 0 R
+>>
+endobj
+141 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2614
+>>
+stream
+xÚÍZY�ÜÆ~ϯ˜@
ÌU<m²y‰lÄ2 	-�­sgzwÏ�k’ã]%ÈOÝdsÉ�!2�'6û¨®®®ã«"W±ˆãÕýŠ?¬¾»þæ­\%±(’ÕõÝ*ÉW‰…^]ÿéC$㫵Ìen¢ïÊnwµVJE·w¶µõÆâ«ŽþRÖW2‹ŽåþêãõŸ¿y«FRkØ!Y­u!r¢ö»ó”"Ø-:]Å4üP¶åÁö¶�2Rd…›õ‡?.1nø±i·³õR‹$sþãÁ‰×Z
+™¯Öpì„�ýîŽ'é`�X¨b™Q9aTk7«êPviÄâÙïù­iùy¬;Û
í"�ú�ÅÎ,²OeÝUMíæ.°aÒ‘�G¤<œ7`C¦ØàI7Ö%?¶ëÊ{·cßpg¿+{ÇÃ�4©ÝôHtµ–:‰bÙ>Öœ©BdÉY–2î(gQÝôÜxhmgINýÍv¥ÃœÇ¶ê{ƒ—œ¸ÅN6º¾¬·%lGo¶mñ¬Ø„n·d˜º³û=\%Ï@ƒ•Û?dˆŽ­R‘›É©™;Û–›¾úåJæ‘EZJÂ�U}'®ÖZ›èo°[ûXu<¦ÜæÐøåÊè¨Ü-¯Y¸XÇ"S—(XaB1ñîxÛõUìíVÌmP�uÈÎR™|A3üý¯i†æE3L„IÎKI	“†RÊ‹Àñ�ôžÞu¬ðöwU}Ï~Y \š¦£Æ_2Oà;†Æh¼¤B©qžfÉšÁ]È,g˜tÙ•°B}ùŸÑ0"óŒ5ww ÈÙzeD*îb#L
+æÿ‚»ÅõÞ÷¶¾ïw‹ë“—õ9/„ÒaXù5dW¨ö¼ºÈ£ã?á}æWµPK,È	‰?Â5hW¢‹²­ÛeAéÒL8-2oÌàeÛž,Ib  †Qñ±1Ù×…
¸šiØèà˜0Ín*ˆ/™EגּèöJ¦Ñ§‹4w¸;ŒGÃí…vaP½yú_cF>:Ì—d¨„Ê&¡÷€agK~Ü™ö¶cž))„TÎÆزçP‹"O@âónk­àLY:Û(zˆW$ú$v¢�‹g¢§9$è<4N¼Å‰ŸÓ£?½PÒKÈ蜄5ž‡§`dž?)bu–‹b5ek�Dì@šÕÆîðÊD‚pw€.Ð/w|]7QgÝͽœCh/9†{?¼G¨À�ßô?:]x ì„­LÞ\¡â¥qt½«uÿl%·¬ç…Ó`·#6ãÐ+¼ÕG±“@vç’Æep¼üŒ2k/Ê…¼AŽV‘b„”=@KæJk†8¡Fc<Üܲ±¶<pßÚ²ç�H±æîÆ
ÛŸüó`Ã]ÿ²mƒ¢ÉmR‚9ñùÔ}'Þ»{Þ×î–ѽL 
+%_$Ì<K~pÜ~*؃V¸|¤Bßæ�3o
±[óC÷±£ËÅ�\IÆÉ»¶9ømEË&àÕ`€`Ûn6üuY¶ù·’™QB/{�£G?™fÙâ�È›�Vyà)‘Íga1ÑžyÖ›9‰1,…¢VÞ�
.C=î{¦[uóóª1»:ái†c�#lº
+mœÓSt±™È'ÉÞpZ¼Æ,%-
ÿy_Õ5eF1oŽÝWfŒ2™^”},Ò‹d?Å�À+©ò׶%{xê®�TõÖ>‘¢ÒÉÆ)K׈UŸº7ïW¾r¢Ì\f1ê0š–)–ˆ§ã_Ÿ¤�n6õæ´¼N`›ŽmsÏÀR,ââl ÷^ç`É9z�àè¢
zúÔåj
+?}T
pý�Õ2Lr@ön«à­	/Üû5U`å%Œ^K¸ó(�§pë¸÷㸆Ü�Òf©Ž¾Åü6Žj{_Rú›FóHÁÏœ
â*2Ì_5Çò'¢Xókk÷¼	HÚMhxû¦Æ�Œ
	{Ù{s˺<c6‘ã¡|ª.¬eá›|ëÒZì˜cUìu!W8UýµéÝW@
2%w²¢càÀðmÎøæ4ËíoÖsœzÒ/F¹ "�vLCצÙSÝú¼�
+'Ȉ}{[v®IbÄ%ÝC¹±ŽLÃ]tBbº©¶LÁùCRxœºiê;~¸€ÔÊÉ�
+Wˆ|È´Ö'5îEçbG`´NÁC¸IÇîBÇ·ŽŸÐ×·eÇ8^sØ×¾Š„�ç�‚;Ç°0‹Õ?¬¡\­§ªùù¸,
+ê¼ãRϦì줤N)•G„ïÒz¼,œ‘,$õ&ã´9Hê;w,â"çX‚VO'�ÿµËÉ
NåÓŒü&ýfîW4fëÁ.C:¬
+åP›ö ISë¸InžŒˆÚª¼Ý[·ìq×tócw³F]H¯ep"´õ§ÅRª+_s.æélÑ!ŠQSÙR‡8÷?”‘|Û¹~–·¹š 

±-' YéÃç»·ïç\Æ"÷8cô^„ʇê#ËmA³$pžº
+¡¼èþ	_œªî}xóÑ©–N0;üÝ:OûõRÌJ…ÔçKøCQiÜešqÈIõà;Æz’÷OÉ­ÉDÑ
ÄñX$ÀéäOécŠŠö»zéÂ�±¾‚W¨6Ö-¿‰~¢Àñ©Ãz¸¤$£«îëAç
+‘=+O/Ô‡’ÃòiÍ$Ìk)…pYŸ$“‹"Ì	dšsa$=|†±¿z䡼Rñ81æÇÂG„§2ù\N8Ü'[Çe¹ô9&ÍÆb®ð…«\è‰hÿ±c`’,Ƶ±$q1é�t¹#¶ˆ-íý„¦ï	Ã7 šðà̹lÝbtf•Ý6GP@nÿ|0Ò¡�28�]sÎøêÓ`‘éÄT‚ê–óÊ\tr¾Ž}“¯QŸOÞ‡¼:C.*ë.”UA±Õ$Z]ï,t°ŸÚ$!xΊ¢ÐG©¶ö©64Xt'z’ðê\HØL20NÖP“0cCâÏ+÷X²‚°yöó#äÉ%ê	ºÎós#ÌE©ˆ)©[&±1N/Mô�¯© ­PÄ°E ÷ÌkS8@w	ÏÅd?
uÌ'Ö<¢:tyàWd�I!‹KÒñÉå*]p:®§i£Î}:®ùkÒ¦­è 8ä
+àÔ^Êšc´ÕËî
+IpIn)
—jünüæln<p
ZcÊÁX4)Q‡—GH¸{öõs¹°ŒyTd÷ö`i#a9 é
4DG—Áã/ðUéÕ©¯J—}ã\­
g&ú‹ðzõê×ÿ{½Pg‘r(¢œúd9ùüjâÀÅâEx>´ôÿA´=Òï$ÐSº�²
ÔüòO®a㨣V¹ÕàõÙ¾ü.<i˜JýœâÄBNªîCé?Ï"%ŒÈ±™GÞVAxªñ	üK_þ‡ERQù?…ŒàÝw¹oÁyÀ>¼Êž£¥'á4—§¬çæXbŠs6“Ø—¥ #f¨Ÿ=ÿk$»äç‚°RLJ�ýÕ“)‚‚\ì
+fá`x
q«ï¯ó_j
9"
+endstream
+endobj
+142 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+140 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 142 0 R
+>>
+endobj
+145 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2730
+>>
+stream
+xÚÅZY�ã¸~ϯ0°;Xu0V‹‡(r‘‡`6;Áæ)À6�‡t€QÛêi'jË+Éé‚ü÷T±(–|L°@ž,ñ(ëüªäU‘ÅêóÊþüqõááþ#_±"7lõð¼bzÅDnäêáÍ~x©cÓß­…à™øþn-e™}¨‡Ý‡DöóKÓ¶ôøñNó¬©Çcßwk.•‘gw{øÓª¬òR¯ÖÒäÚR_ØcXÖüëPï·ÍßxöÏ»Rfu{t“Ý3n¾ÿ(#Þà©b«ÂR9Ô}ýÚ wvYt…Rä¥q«Þvã‘w§òlxéú±Fz{­Çͯ²—Ýþ3|¨G º§éÇ°ï$ÂA¼`9—î¤oæ|ä•p“ßYA¬EªÕ$ÌH›zhï@`U‘u=ýÚñ¡íöŸ-£¼b'Œre£8ý¶-1*óInßÌe,—¥çÔÒ|±lÛ´ çmêç"ûi®-sɯ«…ç\¹U»á« 1±úû¯ii'PŒ‚±%Ú
+×Ðöß.Ñž.ñÝ{$Q:Ý3Ùî›×5
[‚Áâ (ï7ÒYÓ×ã®sñ–ø[íΚ9¼Œ‘ljR'm§ÝÝ°ÃÝD“E²$r{º2g¹NnN·GŽKž�?ÁƒÔŽux°N6OÒOñ<øë±ë=23ÒP»FÔ¶6KÚæ\çUy‹2©	×{÷Û÷5ž÷…^I�ý®~jwE
wT±£ǧaÓï Á¥Ðγ¥\2"]åÚ\2"¬]
+cM<§Ì…ºd2"2©œÉ -o2ø23¼�5™*˜.DIá�¼Éà šþz“±2b\扼6¯8ý„Ñ!£¨-1ŒÚøLú†’½²²‡¨¾Û»ygC°…l(ÞÛ,°êŒçƒ
)kC@—lèTœkֹ̘¤dðí¿i‘IÑZ¶/‘„“jÒñ»�HÇo]¿�ëbåü‡äi$ÚZ$Ï_‡µw‹Dʯb.1:ˆÂ9×±o<¼4s/yá%€fáŠH�'"öQ­ã¤¬Éôð÷Ðw6Bm�›†Fj7á##¼üýhÓ*Îôkͨ>ò²j›=ŒÆ½EAœQÛ(΀}°¼(“Øfý©ŠÒ²¬¢¬�`gkûz×Úi·PPí�{Á<zƒ]GTyt[ÜA‰	yüçÁçÏ?©órïÏ%*`Âz}1
æ‰-¯0æ'#/Äy*Â|‘p/¹çBåú†L-ó‚%*aÒ(
+զȵHâP
+©3#�—	Rq¹”¢iãÝåüo©M@ÉÙÌ¿ž¾Pør‘-y™-ÎdÈyïÞ]CPHÄ1Fº— Q»lÀT%°´�e!}š› n‚©„ZÄT2çæ6Le)X9ª%QE•·¦C¡*'S£jµ„ T1K‡¸�î#(e%ÀRåeâQ
SÉBÍ1•,tŒ©dQÙø„Ã.ýIH`6ýÙ1kð°(v<·ŽÏŸ¤?<ÛA(¥ô’r‹˜é‹Ú-íJé ”L!”H!”Iîp¥�\t;Ä[å­&Ô­‰,’�ìt«‰H5!Q™¼D&¢ÐD(Ö(ƒöùÑÌh@VT¨Ho4m;Œ`7/cÈTd‚%2ñ‰1$A&Ø´sçL�	¶dâUØC&â	oPÌR[
+Ÿªÿ|º¿Ÿ&­œ�,å-†±Çˆ{º_”¹â)cÀ”R¿:»¿¿Á.]P^º ¸~Avű¢@¯Ã8ßaH�H	$9Ŧ×`¤Â¢8Eq8SOQqWÅ„â쬣¶s31Šó§Š;e|­¸¯àH—Fó¾„9Lr	VÅ—`ÎÇð�â.<øôŽ/>½ã«Zli��¨«Âô–[®w{¢<:®b˜Å¼gƒXAU<¾pßÚzCí­ŠÂï)KÏ–¬(†èUp3L(P7þd{SS	o\÷ÔÐÒÙs׿b&c€‡öí—KK#‘!‡6níùvÇ9³„IùàKšM‡Jᚎ¥§M}lžklrÀû	`çºZÔ�b(Á+úѹ˜ÖŒ�âÂ7�¤ŽS‹R7¡vAê*H]òÅN„av�_ˆæWE~îØý¶EÅ�ËÌÀî<�‚UêR‹1îYÉ
+ú‘HÙÄæê±TÕ ýÚ•idN„Úò´'xc6Æ‹âÒP'ýÚe…bi */ µÃ¥AŠåLLU¨aQ¦XÔ‚9ËS«1#©ø¥¿\êÿ€IjsS9âp;×C‹Ä/SñcÿkLšpPSÛÎ�Ì“™Iæ”!•…„‘섶Z€§-@c7¬"ˆºd⌨+}ÙsÔo:Ƭß,°9¶í{ÂïI,8ô
¦ÕõPíáqÝ;
¸Â
+_&XV”;U-„3ïY÷~«´¯.ÈoŸ»¶µ˜ôÍ_<³
+YøÇb²¦Wßu9¹¾@êzÝ�TªbQ
¦Ê•¾é3Oš;j¹6ô9ñZ«Ô2ן£Ä¡Êd7ã㊲¥Ê¸�»dZ¡SÇ]ýÐ/Ð/b _8 _$ýu³Ð_‡%qÉ9²×Oít^L¸¾Hq}q
×Ë9®—Ü·Ö+¹¨XÊë¯)ùrY8}Se!?-…�~â\YÈnµ_Š3eau£uPšÿãIÏÄÕK<µ;2³ìlô¬[Ö
FÖ!ØB(¸ëœópl,[Áæ�s2—óe^ÒE§]ty¥døi¬0qÈËÜ{¸z.!l+žýн¾’ÙVeöó‰g¥M+‰ßyÁ/r£ès¯ß*ÌLÈÁ…?Ëø”£ðóÉq<G$©Q{~61I¾‡hnp¢-Õˆ¶›ö9wY�
"�3F
÷Z=n6Ç~ �7Ûiµ_?è':+|Îhö›¶&K©ÝÞõ‡ïçV­sìÄ—è%¶^}Ì.ÖšÓ¹—jMj¦ÉüÐÖýþ ®¿Ê˧KEù-Œ|šóQ•TÔ•ØFÆ5ê
.#³éû'
Q¡fËÇñ'×L‘ðÍT·�P9S¡€Nø�‡ýNè0€-�pöEŸ
2h_ÀlÖSWIç2Éô‘=Iˆ™Ó§Æ©×Žaüt[÷[z›À>?Ÿ,u§ÚïƒÆÓ²!›‚	~ï‹>\ÀÔ¾yƒûmÞ|¯Ø†lÍG®ð#D._
m	œË2¢€o„Ž =컑FÍ÷„6ŸŽn˜þBO
žH
+,œ	�9{$üí±§º
øÏMvïÑwDÛ´gB9yz¯.Ê$HÓR¡C2
—ÛÔãÌÖEôoƒç]Û,~dSç]NûÂ|ƒ¹yò 
_¢2S(´h+,.œ¹á`óËqçày3u\`¥�žëa©wÅ‹2°×ûÝìr¼Ÿqþ—ËEéÖ…X‰úáqøøÅÌjú –®Ý®¡¢Á«¶nè‰òè?~9v£¢N€]ÿLN"tåB.̲A„ÀŽÒÐÚ�‚«úf¬©JÃ-£Ûæy¾=“^›š*XÉ°`Ý4‡‘ž)àSˆè“c[gR!>/ !üz7Eño¯Öá‹ÿ%&µ>ÿK0ý-�-u Öý>^¤…e„¡.Ž%æ;@ør¢>²!}öMâщxj+û~ó_�MÆ´
+endstream
+endobj
+146 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F1 10 0 R
+>>
+endobj
+144 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 146 0 R
+>>
+endobj
+149 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2430
+>>
+stream
+xÚ½YÝ�ã¶ï_ᇕ�µV"õÙ.HÚ\q
ZÝò�P®Í]±¥�(ÝæþûÎ%ÊÖÞ-Ð'‹Cr8óã|q¼Iâ$Ù<oèço›ïnß«MšÄuºyxÚ¤Õ&Õq�mþúS¤Ôv§*UåÑwÆ·;­uô/ûd{Ûî-³èï¦Ýª2ÍiûóÛpM7»¬Ž+âðhö8ý‹;ƒL×Ñ`ûsÓšÁ:gI4-ì»óÙ´¸ñÑ
Í0M×ÆÛ]YäÑ�GÛòäèšöY¸Án8øö½žuЪˆËz“�ß|ŒxA(™ÆY.óþÔK&Yk¿æã–§Cœ’8W2ýÔõç§("st�Ä) 
`¦&
q4½ÙŽÁ||ËÈ[UD¯[UEUÔZ1*¸äÅÚ8gÏžÍ/ÈM–Œ/ü;í�þÌWÔv­Ð�•¬ì-\À�çÝK±o@úÏÛJE1é�fh»4�ë‚4ø‹¿ •ëÅ9&�
+õŠT«PBœi­ƒãà³´ŒðˆŽWá/y¥ÛÅ/¹]ü$�ðÃÛѯcGrã^�]udÝÞ¼È�¿—}B¦i[۳⦂ìk3—³dºÖ½�ɇ'X­ÄŠñ#Ä…)æED3tí@ÁCšM£C7>žd/rƒ�öPF]�—”ÖpI§fâ‰×€U^žlkÎÂÂþöbZ‡g¯ã0™@Û
¬§Ü~�pz“ ÑC‹ê­Oƒpû>Å‘Ôèìïàpà,È_Çyœowy¡¢o{Pól‡f<Ê<ú>méL ¥.uœ“ÅÎ<”‚!9Y‡à¼:žf)qݧmžÁôh}uO²©å5fÁ»@Þ œgž²y1såÝ]
Ê
+O7
(ÑYßlh÷Y=%f"Òfàðí}3�…:£Ùº?]…(UA”%[Ì}¨[	vJÅ>º^ò*²XeS¸[	x»/z>ŒµAß
,�”ésŒ��q2ùÄãfà1¹%›,ªÙ/`Åäeèe=Ž²×\,„oZ('
xûÖ¥Q\©3]Ë)ºªZ“ªÎÙEpÕ¤
+œx³—:ÂûÕiô-Ä~^Þqtn=¿Vè|j¾€'Æö`ûçn	¼yÀ …Cû[;Ú¬‚X‚’TsîÔÉ24Ó|Ms¡�óLnNƒ>EZè¥ïÁªÉ�§ ¯“ ÈãŒò>Nêks©jòÑ<ôQ ‘ÉÀïU(šÙï!rà«!ÎvL<¿~<YÙ~jÜà·‰d(�V�s8+»îí~>¾Àˆ…?Ý­OàW63óó�DNó,]ª�[òò‚²¥h¶.¤7”Õüæpó¾Ðî}Ö)µ‚aòxMç6í¡ÙIYLs{{a0’
»Ee
†<€UJ0ÀÞöýŠÚƒ¯˜p‘Ó0Ò¼ûýدä„ÝZR(8)ü³Gž*ÚƒœîCæk™!2mÇ“e{z)[©`š‘ÄÛõl@ókÜg0•³,Ž�‘Ì[0ï
+3«ì}iÄóe›�µUPyæ:._B°SXé\*¥Ò¸(e‘ƒPË’õ^;W�º-ðßוnœhat{°ŸnŸW‡ep•¬ù#_ñ‘a<,ó(+¦4QV.œëGFžG${
R‡ºÓBžX_
+�®¥¹äî+5::öuöËâ´x»@ßAF˧ÂogP®æÞý_yશ¬™öe󾼊ËòêÜÐ7ʸð)›RpìG*¢©c‘Ô2×´/ãÀŸhlô;B+ …@e¼—꺤p�¿æÊÈÜŸúª�ƒÒ^z>­ˆ\wÅÙš¼X<{mÝe2ûÉï2oÎ=»Låq¥CÏáì“’…ÓWÎ6Ÿbœ¦x
/R=íÅ8Gþ4#4ª$ñ·ÏR= EsˆM}A
+[ >öÁŠ,ÈÓ
Ãi9—‹—ò­‡ó)/SÞ.9ï¤zõA\eqâ�ü¯M¼|ÛÄkj~³ !7 &7xù½B
+僊u³ÀôâÿÚ`1…TôÌ“XÌ
Ay3ƹ'ïÒ�Û¨<‹«/ºM{o%èª/Ba¸ÂÊ80¦·¢Uñ?	ðõ%‚ª,Ø©ËÒ#¨ „áæ&‚yo¤H7²�”Æ#EŠ;vãIVÏ�tØE®�É÷�Ò=¦Frr3€è£{€?ä‡X!^oÞB\C–FÿàÊTå>!«œ+øu/†:N*£´ Fò5¼­y¡h4pÙ7uTT¶z»
+Rqí_Gw+v­‚v¹4TþJß}i¯<Ö½£ƒ,'û$
+.Ú;
¿ýÁùaÔ¿6NJ
UTñz7‚¶úq/oyîÐõb>žËsj|Ð1¶‡rTz?ŠCÐ\\ööÐô\¿Ñï�&\‚ϯ©|mNž`7ÜÞá¤VJ‰–%—%îmdFjŒ©àÇ9ל©£x‚òÔv£ƒ7Ñ9£Ñ®ù…D‚p÷n¥ÙÁO�¾1ü@ÔÁkæfÑ)».s¥ÄŸæ–Ïs†ßßÓ)¹úýqÏAîé”Yt?õt¾ÖáüU—༖#~î
½Éjߪ¨Kߦá
e�ºáÂaAñt†™.!ÈRÿ€9‚à­6È4þ!ä{‡æpÑ{K�4)öë¸Ú¿ëµ¼ZÝT[21h�áåy0¯7(
²*óâ'½ë[l÷š<éÍZ&­T²i©æí›ïï¯Ë *N}62r’ៃ=5çØιJç¬ÊYY;x©§›Å
Þ¬Ÿå
zVuxA0½‹|¦s:QÈ(EÇCòP-Ýfþ\6®±Ÿ§˜3¯‚)T¬¾.\Å"E£žëU”el�¨wÎ/ <�•×Eä;Väv^�¢ÂUªVU§‹ºïŽòÆ»»Á<¾»kíë©iíu¨NU27¿(Ѧ’éÉò3¹eºi%
©rªýuäÿD T¯ZJ¡çzxœ£G²úO
ŸÐ­Œ)EÃYbEòdL4½g¦è]„ÞmPV­ÜZ–ϥݚ`iW¾6<Ru
ï?ƒ?‹BªØ~‚Ó·¼†�Rd¡=�ÙŒ�°FÛ^ì{=‚“Hþljt®¬ ÈãD…FÀ{/õÒ)F†9A_Ys‚Åó`>k6m§þe¯†ç¶ë)µÂ€¢^â“>$?7mËEpâ󬲭l£¨nówè;yŽçOÝÄÃ]î˜C³øþáÿ
¥)dÝ
+endstream
+endobj
+150 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F4 26 0 R
+>>
+endobj
+148 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 150 0 R
+>>
+endobj
+153 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2931
+>>
+stream
+xÚ•ZY“ÛÆ~ϯ`ùE k	
3ƒ
à<¤¤D+o*¶SѦò UU $ƒ
€–ôïÓ×à °‡_Ã9»{º¿>fW�«ÃŠ>ïWoï_ߪUøi¸ºß¯Âdj?5«û¿}ôþzÌÎ]Þ¬7Z+Oÿ°Þyo³¶Øb—ö>ó²äæí:Q^žu—&o×elj<¥×Ÿîÿ¾ÚÀIájcR?¡]·k{Ǭɶ¼wd½¢Åoì»cÎ�ßבñ²ò’ó¼z�;¾¾Õ#‚µòU´
+hë»Û<aÄ‘
+ý –ñ/«æ;¤¾5Ïl�Èø—cÑåí9Û
+A^Öþz…‘÷¦ÂîoS„Ý%"¬'/d£;f‹Ö„¡Ÿ¤«
ÜYÈwF¢„©ênvˆ|mŸ:#ð“pÆé
o˜•uuàæ—¢;bË 8…SÐ�l÷?˜=Ö›ŸÆÖ×É>œœÈ°½áãvyYœŠ®Jx惊â¼Üù,eä˜ÄÑÎoð´×æ¿]òŠoQ-©U—þØu¨E¥PH­¨Å¾P4¥ØÖÜê0—|'Ý-/Íø§°–7¨P�öîö²†íB£]D½],2 •ömø ;Æ�ñpzÝA.e)‚®j¹v¼…ºÙñ¯ö\]W8�€9*ñ¶ÛKÓ²ðaw€‘M×N›¿û
+¶E(GéÍÑÃÄpyÍárʩﻼ¹
+)ãGÎÔ¿ûnÆeµ×Í|9$£¯^͇¾q{?¬™È¬É¹Ñä]VT9¨Õ&±©÷ïê·KMw‡ƒÅ酌ݰR†‰òM<¶YÀÌKÉ¢õõöM}âÝ·Š/ÿzΪ¶¨+î‡û¦ï”씳–ñ|j3<ówüC[XºE5†T´#‡Ì%Ž4ù©V!³&LH÷p4»:’˜ah4È!ƒS3ÑTè.Ä\‰¡]¾…°Ú»úò¹Ìy‰¹u4UNÁœ‘€yœ…)šgpÃ�;ܤÓQ=ÒÑŸá8žÏ’ÄÅÞ
*GW�Ã(Õ˜õþ†{ÜÄ+qœiAÞìëæ$t¼¾
Ñë)Ù¥ŽŠ}¥ˆ*íG~@`•w[”yò‡­@×Þõ¤Ì´YöHQ©	÷öä}À1�ÌõT¢6Xí]ª2oÙ…‹ú™Øûïܘ¢Ðwè²Ù?iM¯x³úܱþG9á3¡FžK›wÜx€¦œý!ß�¯¹ññži³0.kÞ^
+4¢OÎÌâØ7éX9ÏÙ
פ�…kä7M1œ9rg»ab3„@†=R—ŽÓàÞ¸ÁÒ�ÆÔ;qß\bÊ€ƒsÞ÷û™Ä"?vØõŠHK–¤®|íÄú—¥-Ôd‹”õ™M
+ÇÓ?>¹�`«º¾	…@Z ˆvYt:ÐWx—�Ï|ïM@{à§Ê‰UOÄÎÀ�½M~Èìͤ7cÌ8�MüÔ±pÎ: gn&:òCT!�“t.Á¥Ë/6:²’#Ëó1ýíŠmV–ßx ­ô
€€Ë
+&JX-‹II|:
+(d!Àƒ>´í–»OYÇÒd�AöþÐvð^R	pm½¼0N€Qw, àǾ}}©v7‰bFÁpZKQþÚ‹I/hVPW€Ô‡²þ<=¤¡³‚Æ ñvE›
ö)¡hö�� –Ù±WæûŽÇ/•è]u`·¥#–
+Œá&3S?Lþ…¼†ó+!eƪ(›‘ªã¥˜Ð—‚Â7¡‹-`Ä	ßhñ÷Ø9pŒsZ3qÐ	;h
+‰œâšEN#ã+‡+û¬Xæ¨îa…o›ŽuLãæL‚¦‘VRìÅÎ!<KÆú1aZ'F4.‰�˜CƒÂ¾¼iZ±	*ÚXã’7|ÏMÁ~ž¢è`U…+
+4¶õéÔ÷ºu˜	ñ
_óí¥#¹E€�¤!²zI»EÜî#Š�{íÕ¨Þfm¾(^¢'©:¸YðâNÓãP€î^büÓ͸”˜�û‘ê²f� "tµ|ySã!aÜÅy0	É–ý’§h¶”v-‡õÿaà6”»àÇa-ü`°óÒ�B‹Ý'4”8˜Á©‡¼Ê›åL‘ˆó¯æ*ŸÂ®pɽ¦¡¯–ûOú3!·ãoLÛeMÇ´�gX‘Êš~8Ð$l8:.Np?äuä pß×eI6ûEÂ{Ë�4ÀGÉ‘¬:QÎÐJèþ™Dž5˜ÐŽWç’FÁ
‰ò(„WCÐ6ä±Ó_Üå1 ™õ9÷®îµw#³®óDcmc+Z€}×Þ‡ãvÜœ!'„ªo\©7cy`óºd›"¢-KÈqð[Ë}¢¼WT�µ}%6Ñàï*Î)j ©á`MÇåL)4æÊ—š¡°â?Ú-Ö41b´ÒãúåÌݶ 8£ga“Dè¤sü€a³VN®ÐØåí¶)œÿRñb-°(ç
@]æ¡’ò{£�ì™k 
üoÿ‘#jlJDÞ~ºá9€ãˆN¥‹à@Ó]>E-pi_M*]Kþ{œ>�ÈQ<Ôof›XßÆÏ�’½dƒG}îdƒ>W�¡Zì'É3j4bù8Ni]ùKÇX´ã~)DP~ì¨}ÿ�_ÞÞ½ÿù—½[tbf# oájBSdœ³[4=W„ƒQÚHœ¶ØEa]¥íšbÛIïQ&Rˆ
+‘á;pËW(c
g«M
+Q4MúúXæßÍuõêìCˆ¤G>\%¡ÄB}¾h9_¼À±gâëåê4°×±5	–°ƒó,lìùËÈžô.Vò«˜�&Þh©¾ÙžyÙ-‡“P%”¨Óº¨“;¹F…±‘Üšr™�UrmJX²ÈÆ\*%¤¡«UK=RCvöœGÇ-8ò[ÜK‡("ÙÊ®\A›5B镯á ØU“²û¡ª®æB¾‚Þp
+`Ê/»�i^%bQê’³D¼ô¸r#½<¤Þ�kÐMq¯¹áÐö ZÔ¼.Ÿhõ]ýûCÍTdŽ˜jÓWåX>6EfG*9.Ú”@ØíI½4Âæ’c/†Élãq°Œø1à—}"M_¬ê±+°¤d\sgF£p˜‹ ïJYSk‡¢ªD¦¶€²‰�C1<Êø3×K3zfxNÅq‡/W–G	%Ö¤!…¸Ç  æô!ïxç“ШË7„r)è}qʇI�IÞøk·[|I—ü&…žmdÖˆÑóK¢¥FíSö«²M°TŒ4#pó¿κ
äî„­&`E3R& F�­4¼„¤cô+OÆCL¸±6]t¿À;~^}{ôê“r •’òQÝ„i^DÈY¨ž<Rϧ½]:Æ �uaŠögÕjšz]¬öC.Wÿs­Ïåƒ:6ÞO¨µÐwì¡èÉ¢uÿºhçï¨Öº"=´ÆE쑧dK¦‡?åZo¸pÞÛ6=™Tn·œ»ÆÁ6õ9-_—{qÂ.߈3–ôx¨"@8+FG±|âLPÒB
+þÒ«R	Ì*º6/÷¶@*Ü+N2~í²êôqêü‰R
À>K8bŠÓ,?ÝÆ.ëHGÏxBFÅýÿES¼†¸Zþ+gpòÆ^eâ !®ÏD®T—I\Õ&½Î‘qlBú
ÒV25½:�&på'E»ØJ±»¿p’š¤“
m3ìE<¯É{�(X œÉMßz!•åªZé|ÿ åž¤ö}^ùMÞ°÷úTk9|ÖzMíøœ_ˆ§ùàõƒÖ½ËY¯tzʆ™ë4l?}BÄž>–³îÆ�é<CŸÐþ0‡g)hyýˆýÈ!ÎOSSPã2Fº†«H„Õ¶¼ìú'6¡ÏŒaq=/ñç„ñ©Hd–�¼©¼œ08£\ú¾™w÷ú?½â$
+endstream
+endobj
+154 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F8 61 0 R
+>>
+endobj
+152 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 154 0 R
+>>
+endobj
+157 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2626
+>>
+stream
+xÚÍYëoÛÈÿÞ¿B×/¡ÚhÃ}ñ‘âÐ&¾Kq…ƒ¢m§WJ¢-â(RGR¶ô�ïÌÎ.¹éÇ
Ò/ör³óüíÌh²0\Ü.Ì¿?/Þ_½ù <d)_\Ý,x²à’¥jqõݧ@¨åJ$"ÑÁû¬Ý-WRÊàÇü&oòj“ã§
+>fÕRÄÁ1+—Ÿ¯þòæƒH­à¾X©”%†Ú'ÆØgÚå]¨c¦ÓEhv|̺
RÛå-\ó€ˆ?à‡ê*·ƒúßíÌ„€�²nó-M‰¬É6]Þ´l¹RBïhç!+š1‘ñnškóLtŽàÚc"C
€Ýh‰“–vfù°Ë+PI(ƒm^ÕJ CEûß|PƒÀ‰f±¶7Yu›ÓÆüthò¶-êj¢¢8aRÚ€Ý\ŠÁ£#ˆ‡n—u´ØÖMgyY£5ƒ¼Ãí÷ø'w,w;PmVk#êŠGŠ…		¬
c•½Fª2(ÀǶ¸3tí|W·#[ñ`slÀ}–"‚›`"ÊÚ°µÉÊü•Õÿ¦.ˬ³g9˜ã—#yœ±@5ggß,Äe›w¯ÑGEP´äºûÞ½¶èJ?ÜЊá×BÇMÛѹ
rééUòà8«qúÞp‡SýÙO"@¨ˆ%ÜZîÓÔõYìÌújÌiFŸ3ÓáÌ7sŘ`ÝxçX”‚qwæ_/à°#7—ƒ'‘B³DùQqæ”"J2¹¯¡Í|f!(hCǵöQ*dÊ2v-Ÿ0ž0•Œ#‘}æ¢8±‘àV:²´aȬ;�[o{W,¬YKÿÑø%IÂ’Q”®I²ü/37sî\X¿¢%ò(€ƒ&´Ô¨	œ˜Ú�Çš…NŸŸóˆHzÀÔC˜Û”¯âg�,>8Þz=àÁÂJ�zÀ³žBG³z	ŸxE©á‘±‘p+µ‚�W4%ˆ‘
`½n¶t–ˆ'3 ÞÓåcqÛ€±-­�ëMà|›�}QoÐúkë8éP,6(+ŠÑ‚)íäÒ2¸[jdå1§†w»>Ž”¥î‘¸¼øé⯗—﮾Ÿ˜72O,mkwyYi¸	^ž¦ÈÖ%@1hGv),öu;-h&…Yý°Lœ×B¼ž²ý
IÁWbÝÔ
¶ùMv,;ú¸ F±Ñ‡=6ã»	d³Õö´ú2õ`¥}E씄;àY(HÔm‘­w5­OoLâþºõf{z˜¹Os¦{ÌcVyQ„ò•÷±€c52~‹3ä°4ÅyKûQƒ¸¶-68cÖ:’<Ô•(Eþƒ“n3¨ßhŽî›<|3 ÏBù=jV\5+QFðp(àºò
§!9®YhßxM€ÿgŒ®
°Ò_gHz”Žè Ñ}q»³	2Óƒ9®Íø„1¡€k•öãüq/á‹Gy¿¾Ø|·=ýãáŸ3lÚñȱiý¦¶xnÃÆ@x\™ˆ¢;ëu—Q	F0h²maü¡ìߘ¼
Ôê2\±§oH¦²é[Þ@‡¶Q
+ÿ×ày¨¬Ÿ—”ûÁdì¡aZƒ'cÆw¤3›ÌQL¢¯SË&Ž&S„E0o%1¡ß^èÓ„CPÜhc�|âµs0È'/BÁÄyTÝL©H&£�Ê»ËË	³ÔQ X¿+šºÚ°"~ªÚd¨¦"¨O
=ˆŸO·x
7]<ù\;ì	%&a4ÿ½èvæq/Ÿ‰õ”)ùTÊéåHÁ¾Sj>ÙäÉ‹R‹×“*ÇÉxþàÃ;¸�$¨%àÇg¡;ã�¸yÈÔ€Åö@_›“ŠÜ2îª­Ü[;¨ÄÈN³”8øôvÂ9ç–
duªÁ¤ÓËÛ©b�€£ï^ߘ3ûès¿ƒ*zr·ä6zw{Ä!ÏÖîn“8§®0N%¥©M q`Ë•Ø–+¸Ùi߬osT$¥:)% î¼¹8ñ.“á9ÔmqšFü…‡à·‚ȶ8YÖlßN["ŠQbÏ»³²:î—0c$v™·›¢°ãu™U?Ûñ¦êšÒŒ¼§·øF˜ùÛ&;ì츬ïç*ÄCSTnûáXmܸ=dˆzf|<ÐoÍøÞg�(LÓàDW�k¼“Å#qÞÑÓu
+`‚ìkV÷~ß'úìÂl<?¹¼½¬«[cX˜nž\X£Òß\Š7Àë“piRé	TÀ#+�»á&òØ-�ÿ¶N&I†;"Ip­¼§&
.­Ñ‡EžQõ=¡=[TCÅ#œ#þô…j³é9�¢yÕñK!4Š-„Â`B{,xBMÕ’UP’iWá�ò-Ó‰¢G�"ˆ5>œF‘§ÀîœÂ¬ƒSŽàÎJEfá4bqßãøöi8�œ4sg¿�GRý8’j‹¤ù
8ŒãX‰«")ä¤HÄÅ{pZ%'„A›ííȶ¡LÚŸÔ23¹'åpþš*`1‚RüìsÑWxã2sTAšH’úë¥m±´£QÓ–×XÕZ0�uígø,qÊ´�
¨ÆŸ
ùHn!ÄKCj³¤(õS�!ýÀèŸv ú„/B"(ûÀeOºbû°G*¤õ´y-ÕЛéZs5Þ#�Î\ȪßÇ4œÏÜéó'¡ÌäS£~³ÿØJ¥cs*ìÜ0gÌ(4L{SÈùC:´ÈòSw[Öë©ÇÀgí$W† 0µ¸P�5cZl�ßBÎϦõ*î鹩tÛv¬�E	JÄWC€sj17™å˜Ï«­»ú�á{SYà�¡’}½­ˆÁ$a›¬«
*¤Â
Æ[ʃ&ßÔ·UñÅt$#(/¨hE$Î2,¤¸ÍÛMS
Ï*Ô3?`¿4tZžWeÑvs¿�¤^¾‡dÄœÙn˜p¡ÌOµŽ&5”�˜šS�ÚÈù‚½µ¥yï'iW²is�Žgû7)"æþódc
YÈE½?�÷·E7ËÇО„›û×
+W Ý;öœƒÁq_BÛ�Œ±|÷”`e–” �
+¶sóa?ì¸^9ž¦+ý¦¦RCû�×
íIçqfj[¯R–º8ÌŸf“²oªëédøh|ɛڊÖ�h¤iZ
øœÐ;³)À{Qní/6Ñs‚³iªN?Ôy¢ÿîÑ£¯%ºgç±ìíÿ^øß]á+Ùÿôÿ"ûy4�d’¿J¦o¾®L¶àëv=å§M~°�§J<±"ÇÞ”מÄB!6!PU°`9ÁߎµAc¨qÌ÷õR†ÁÝ2ÂÔy.ñ
ÈÇ:Tc
+ܪծm#0‚Â:ßäöÇ"˜ÏO‡¬š�ܦä°r¬~Á«·ô5ã¹8{CD-u=Íãçû`‘‘5Êõsµ×#�`¯sþêy¡Éx)æÔ/mËÿöÙŸ^ûßôM½%?0}xœiò–~�Á7­©÷çoÁyôg6	ÅZýniY)<SÙ
+¤±ôì‹šÍ[Ê8¿¿úÍ
ì;¶0
+endstream
+endobj
+158 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F5 30 0 R
+/F8 61 0 R
+/F9 84 0 R
+/F1 10 0 R
+>>
+endobj
+156 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 158 0 R
+>>
+endobj
+161 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2024
+>>
+stream
+xÚíYÝ�Ü4ç¯Ø'ÈJ·¾Äv¾*T‰ŠÊªàxâ�Hïm ›,Nö®ýï™ñ؉“ì¶Eô‰';þÏçoÆÎ&da¸yؘæûÍ‹»ÛW|…,�6wûM”m"Ár¹¹ûö×àå¡8
JowBð@<ÛƒE_—8$‚Ÿªi¨ûj›ñ@ÃY«~»ã2ÉeÀãíow?ܾŠ6‘dB"ùœmv2g™9A°d»‹ü¤ªZ«r¨»¶§]>S9ÚñŒIÚöBí;­àä$
+
+jÊîx,ÚŠ>ê[`è�*σªnð3ê¡·óíé<ØínOwÆÁc±åiðž>Þ‚<i ˆ+9qÅó˜Eñ&4iË¿ªVÜÇKr»ìÜ×íÃŒïþä³@•uÑàÖ
Ž²4ÛìÀ@wµÝP f`GÌ�ù-O°ËI+<‘IË0,Š:=Ú‡�‚Ù‚ieLh0ÓôöÄ(­ù8÷DhÚéîDó-}’ö`¾lºÞnºçqÚ à8ØÉHEvG‘ȵˆG´ÛYk 4­î{ëT£ùˆcü4‚?Öºk�ØÏ‚
…ãypGÔð¸¦épÕÓ¨g=Ö8t1tÚ8„˜ôZªJ‘5&ÆɆçAq²†+Ü€áîýÓAÏäð0êÖÎRÓ×ÇSc¦…ç±0áÈNV
Vš4x¢ïb¶‘a<†óÈ1ó…V�ë'ÝÉKÕ“]!n
Ð’=„F*Šx3öžzž°7´l¯»#Í5j?ØõÍéúá`Ê½øˆ
¯ñÌHÚ3£Ø““¬‰ R}©ë“‘
+�Œ z÷‹mäh4èÖ=·1ÆùˆNb=ÚNh€¶;ÖƒE Mvš–¸4Äu?ÐG‰Ì
+½#Ÿ°x4ysQ˜”2
º=¶	Â�™ÿáLguiü�Ö S8õ;�‡ð /Ðsèñõ[X*ìäW ŠLåÖj¯tO“h«›ý:(te"€Ä÷NÏ$z&ç¾WÍ4áÞomT¾ÞÓÈà¢sÒ)>Ztju'’Ðèn¶a»ÑRw¸ÆaýZw"J�¬zžLw˜ ®Ì�î y4ÚŸt@žïEѤMSôï'··…Ù•ç‚FúACÇ€à‹�!ËUèÄ.>`å\Xj†j;5nZ"h,W±–:·€ð½¥
+{¯FÆS�i�‹“˜	7S~ƱþüÓðeN3†ºÄö-x†ÝªÞ�Š¶‡ãíö¡nª‹Sap‡:*ãQ\D«i‡¹—à˜é‡z0	Ål-4@8�3�œŸ&düu¡hJ«£±ÃãTR4–Ùº–. Ü�	Ϫ"‡¢ 
t°ËIÈD¢÷@ndÈV½Ã�Ó¨Dè……ù®UÔyBÃy7TÜAQw 	­ÈI:=Xz´ѺÓW¼óGÒƒ	�bp§Ú!/¥˜Ç1OZ(Šmûú¡­QmeÑÚ$0$©Àìl-ªÞ˜GoQçYw¢‚e	±+»M�%(ä^Q—±„[T›àjIN¦,LíþüËh…,»(”ˆÚž‚H\”1¤+øÁOîƒEè�E8‹PÌÁö
XÐyt攌Áh釉€;BÆuBÒ襙2Á¬ŽR§—”æ鄧,Oìk·§Cݨ™	ÅUîËÓ™Ë9@/¾`Í8e<þc»,aa|ÙV�º¶1eaî’CækŒ÷†œôc×ô”s–EÿPQiê*˜²8›û:/Îâ°ÂJa„Hƒê€Röv7)²4�U0.ü¼Ä%g‰‹œÖ]¼|›]ß31a�e¼"9œZ*HD­üé
+b.#C2O| ñ˶¶2מ�ºÔã–jÿ Ý
+ï>†–GPÓ·Ô£’×a‘m†èŽ„½º¥)Ü0ïä‰Ñ
NQäYUV«œIQ¶ªÉ—Ip(Þ6êÙ*LlÀB<ÐÝVêñv_Ý®"CÆp'î×WÖhº�J—pVÎl:×I&]è9l/¨�)!EÖ‰RΫ¥-0LÒ«VÄ’Ea!™±À½H`kŒá2g1_é¯*àqU>¢Ü7Û«úÏæ;ôSœü0ŽìŠˆ«ÃCô9x|ùò#<ðÍÃPžÖ¾G,v qè.$l~âáÂöép‚ªg� 8”rQ~­|‘3.V<ø¨O©È\÷0¨ñâAÆÂl§Š'ÍJÊ×6Jt«»»ª4áxíËd0&Mÿ…
+ó
½z\X‹ù’µ–Z÷Øô`î·ÀÝXÚL’¥x„ÿX…|.oÞ2�IÀÂ^éÇK{ü@AA‚X$²q°€›ùñ„¿ÌU5Ÿn/­]DÍÝË74]vm;ÞvÇmÉTËø>ZvtgUÒVVáÞf_HPè?Q5|²ož«ÿ}ó¿é›¡õÍÐ÷ÍpôMž�¾Î|3´NÎ}3$ßƒ_¾}C�¹oNÛ>‹onv’³$öýñÚ}Q7çñh¯…«t9³…·VÅ`—ë4ljÏ~q±›?0x/€x0%‹²åSe4¾‡Cw<�‡^â°ëwš>ìuz95ý¡;7õ§÷kC^UÓ[,õJ¨ÜnìCiï*ûâêÞ�/f`Æ{ž„uéÊ["*ä•Š¥_¾
+MÿKœ6Åôœßš‚Â…4÷ÝÝ8ÇN
+endstream
+endobj
+162 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+160 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 162 0 R
+>>
+endobj
+165 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1648
+>>
+stream
+xÚµXÛŽÛ6}ïWø)‘�˜)R—¶0РIÑE€vß’ÕÚô®¯äRr6	òñr†%ÙŽ› Oâu8Î9<Ô"fq¼¸[¸Ïo‹7Ï_‰�YÁ7»Ï<a…\Üüú&ér%r‘«èEÙÞ/WI’Dé�6ºÞh[•ÑŸe½Yt,÷Ëw7<Åíô¸°¦V°_¬dÁrg-a)ãË•JÙVFoºª¾3™Š~¯Ç-„ÎHëÉ*‰™ÎD?¯©í¼4jvö›E•›ïŠ›òØê»»{��o…Êöï›–šëò��n�û®Åæ�i&ô‡CY·áºÎY98›dKÒEì}´AiÌv¶%‘±¼ A]c»!BB0^,V9®\Ï­�{ä–Σ怵ZomC탣Ë-…†ÕØ8lµˆ¶ºÝ˜êÐÁçHĶ�,çäI=óS±,¡Îg`+/"¿(…¤ˆÚ®¬·¥!§úÈ£·ç|põøí’fìfN	8qžžu
+2IQgÕúØI¦Æ“¶n:ÌԖⶩ¬;zËÜÊ)ž1�iyãöãï ÂòØå5Äø¡$Co(˜QÚÂ(¿iè«Úç1NXž†k½Á!Å(Îb¼ß`~Ê
+Ÿ+ï~žMåœIŽÇ>×B*Á
+X_Œg øúØ}açƒö‹\¹a"(a ±Ï
+({B‘@èâëAh£Ž „Ro !>Â<¹„RüÊtBhÀ¤€Â£©(ˆv˜uM|mSÊ„œqq6ßS§
%�Pz^‚BB»¼?((‡F(„^îP…jD
	«ä%&P¨¦Å	®”J¢ßwØ�ICÚŠ£mƒsZìêméUÛá�Šš*³
.ìôö'ËU¹Ýöv�Á
BÕÛ	Fx;�9Ök‰ª
vÒóï´aŸmõIÄ’ سo&–Kß›YÖo>¿›Í9K“¹Y§ÈDè�;Ñ$óhM‡M!^3Äœ‚)1
¡É…¾ÿÌw(Å@oëS÷“ßÝÓgh€0x05çTE£Ùì›Û[mæFí–pPsð~§˜g즩ÍœÓê9}Šx¸³n�ÕŽ�Þ—´õ[Š®J	8ÁG)¦ëòv¯·v—ʇW‰Ix¡á±Úï±´++*9 (1Ìêaf'C‘8X…l
!‡BV'9XÆ9S_äà
nnË
@‡©(C 
«Fß÷¥Á6Ü0Š”9åŸôù'§ù§zïóOöÖçù'21 `ýy~/·/f Œ¼UrAM]�g\p/rÉâ<<ø¹Sp³'— á;Ÿ¢dà ñiD@ø¯AD–O!Q]æžš¡aHRû@ó8~"|Ë®ÓäY°£ß/E
+Fú&·]�²Öʼn[}#Gw
$ï¹òÖšù8KI3Q\£
+|1Ù\Re™%ž‰¤JPRýr€Ó]¢ëm¯ª¼ZBíþµ*‹KTY<PYÜÊOüv÷.¬Ð»ƒwZ?¥aÜŸD4z€"	š‰¸aÐä`EgAb:¸ÝâpsžgŠ¥Á)ägH|ÐfÎQ$^Åþ¡çPL·(+^¤Qü­õD^¤Å%A&@ÆüZA–eô*Š2»¼?-ëÂ(�H?•…±I4Èe”h–!æ¡Ì$KÔ…Öǹ"5}áU쩈=“Sb]ŽäT{[^GY‘Ò…„šx=†Òh•\¾RÍuôÒ�ß_­ç¯Ì‚ÿâÃ+·'0a	yæáõwðŽî	•‘¿gC^Ó˜K’¸5éŸ�²ÝïËz�îp
+zÙ4uÓc"=&â ÊÅè1O±LÄäðy“ÚyZŸÒ*�a9Q¨Ñr¶.ìr¢@afú—š­˜€qmÝr.ÙY¡ib@[D´%›ÃÎü=5šÇVOQ[*X.®¸azry¬løÑ1/
à&´o«€6MÝ“dÓ�ÿyaJ¥!´vâ;qÕö ;ùæH£š¼@HŒM‡¸Ó¼}OÖWþ»ËC&TÈÖ‰™HËY®´~òm+¡•×c.<ÑöÙHì!cšž)Ücÿ—âY	æ{<S¶ú
ÿ¡vÕ€úWÐÿ«÷KºwªVîègJóå \"»!¡…bø))ÖO¸Ëµ—7?üa¹
+endstream
+endobj
+166 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+164 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 166 0 R
+>>
+endobj
+169 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2123
+>>
+stream
+xÚ¥XK“¤6¾ï¯¨ÃÆšŠ˜Â 		9:1öx¼ÞÃ^Ü·iG˜¦Ô]Ø”y¸·ÿýf*%ýpø„�R©|~™Ò.‰“d÷¸³ŸwßÝ~ý™íÒ$Öéîöa—æ»”ÇZìn?}‰¾?—Átûç,âßìBdÑwE_•8Å£ŸO¦®iøyŸ³ÈÃØ™~`Bj1µÿåö?_N‘e¢‘ý
NMw¡ãÜžÀcgûC&YôoÓॲèS_•ãÙ4{žFCO|B1ÊxàiÌ”et{ªzÜÔ{¦¢ç¡"CSí~YÔ™cÕ™r¨Ú†ª¦º±üÖ“!ÂÞ)†s-};Sý¦Ë8ÝCמ[S�ºë@l8| ‰¾»Ò-Ž´PYÞIT ^»ƒSŒ”fV™ºj½liGQ5Uóˆs MS?“AÄl­âl—ØÝO¸£íŽ+£1‹ÔÝEOÕp"†MK‡
]QÕîÝ×Eó{·'k]˜í�ib}$ß32/î·6b”ßÑ;³Áh¼8ª–ˆ†S18ý™@	­
(ðÐ{yÔV“a_aÃ<¦¡ {s¤QÑOk4ÑEs,:·ì]mç¶Ð§lÏg �­(ÞyœrVŽl;ŽéË£DìáØZY)XQZ§xÕCàAÔò8—!û››/D”D*N•÷éŠKíÖ¡E=/f±b>\ V‚…æu‚[™�D„àÑÔÕ¹Âä¿Ž¢ÃJ‹ÿ¢Ge]Š®8ø5ÿ»M¹ö
Óz²4.Š¨ïû¡Æa^/:ˆHØoÑecëøÞ±LÕ¦�£<Ýá…<rû�,Ï(‚áë�¡C�Úð�9 ¹N¨”%q–¿™R<æÒAZdZG?atä"* dôL?%28�}J0OOsÕÆ¡‰ŠµšÍ_Êcí%£¬nŒí`Žh*�Û4¸æ­`—Ûô²s…ÂP!ªÊÉé˜AŒ$YÌy
+`?ÖÁ
f~­ 4ì̹EÅÿÜg2*jœä›¶æ"–ÅÔ ¦Pid£	²i�‡<8óÚó¦µít%"kF$jZ§Ž�¾£qÀpH30Ÿƒü¼Ò#�Óü(¬Bg
+ÊÂì=èÂk–O8
+C‹9™v/iƒü((€²‹kô=ë0gñ¾a¶ã Û¬Â<�ó"LéË»N_94­…yÌ o'ÎX7˜ˆ~jˆÎª‚ƒº¬H\½±…_çËäÁ)(ªæ�Ñ4¥Y�#õs„ÞÝ5æÉÖÓU¨ëXˆÐÚ�MÛ‘¸ �è]É”pÒw+Þ€Â~õ+bqFÆÞÕ²{ë6WÏæ*F¥‘ûZ´‚›µ\©Næêð†`^R.esùç{X¼b(ͤ'ÿu‹—?è+—h\¥q¦Ãò‚€Ê ñ¤x€Á¢�É–úÓ	†ÙßÓÒ†v0Î÷J77‡uo©æ,F
™d®ç@†69qPCgc›%<n(îi¶DÐÜ„‹6qšÍêâêÏ‘¦¨ƒÄõ(6RÇ™ºîÑéÒ�(4dêÛE]µ‹+|�ìí"ÀæÌÀ¢]{-Ô¿EŸÜÿŒCÊã�¤&±ÇDƱï©A̾;NzR:‡ce˜»A–`wtg¦¦nÑÈ5xù(j×åýÉ"Îõ„ð�'nþ"¯/ ?ƒŸšÇí[oéh¨oèå
+K~îûUê©ìÙºUü°hœEÐeò÷6�7«�±©Ð?m °z¬äu—{+Àeê^½Q,ÚΧÂy…¡ýx¹ÔÕéBx›šCn[»Z
ý‹ÝüÚµ)b•“sÕä\EÎý4Âée1Ðõ|ü¹ªýuÓP<¶Ý«÷Ì|y!XÞ%ñVàKBozîËk­{³Ú/c=5ý7ÿZí
1kÛéYK«,hï_~”&§ÀÌÑÙÊЯ¿<Á�Zo¢>ÎfC�€‚½Ñ18OŠw„ÑT$(|ú¥Dmãd±wX8·�›9V�%’ö�8j�…	y…¦³èA9ü7-ÁŠÔ€:ø~°ÑšçqvåŸ0PXò0€í¹8Y=,oÿ*
?­•8î¢ ¡î8Y²ÉæVP/8š<Kè²!}[ˆÖ4¹qÁ`¹žMý¢? ÓeùÂd-½xØþ˜3HIîeõðL3QLòÂxahø÷…º¡~Þ†úÚÂ֮Þj$V7±!-GzB¤[¡µ%~€M�(Žå}„Àï}f+Á–Üê*dÌ}‚Þî™äl&fZÝÚò˜«£NÏ�Að+£²n{¼µÀ�žm™p@ð¿Â�<Î3òxŽGÙ]—¬<„ËHËùÉ.ì/)kÿ“»½kP×ÅË—”±7o>Ð,{ÀWà—ý]øýöoÂ/Ÿt‚9øÅQíX]tõ3ýb¬á7@cümÇÁÇÞ¬–l
ÇJmæÃG€ô5ËCC¾îB̶Ü/<òØuï~]H¥CgzÁ9ÓaD0}…:Jí£#èIW;ÿÛ‹º<æ
7{ÀcÛ€•½ãEeÊ2B:í‘NŠÒr3ýª3Ò‘9ŒRšÃbŸHsg´&·œqn
~8áÀÏÒ/ÀOj}ìiÅmžåµO.0ã.Õx@µ„’¯…1A¤¥pq ÷
++tsÜ­üM«C¾‹ÀêXNò
+$Z¼Y’;÷,x¤±ÅãD¸þ&¬ùáëúÍýAš¸¨I²«p—ÍÄ=c Ï%‰¯>HáY{/GS�ðóDØmÜO×>D«Kgþ¬Ú±‡dÏYDØöÃí?þz¦›³
+endstream
+endobj
+170 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F5 30 0 R
+/F9 84 0 R
+>>
+endobj
+168 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 170 0 R
+>>
+endobj
+173 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1919
+>>
+stream
+xÚÅXß�Û6~ß_‘§Í
Õ–d[ºëÚPhèC¯À|‰’sì›íÜ]÷×�)G>7w:lOÑŠ¦Èï#©,bÇ‹ÝÂýü²xqñôµ\$±(’ÅÅv‘˜E¢D¡/?FÒ,WÒH“F/Ê~¿\)¥¢wvk;Û¬-Nuô¦l–2�Že½ütñÛÓ×	�Tµ‚/$‹•.„qÚ”È(L3½i—*ŽnªfZr½®jÔ—§ÑKÛ¯»êzh»ž†¶i4l%‘H§ñboɨÎnªÎ®‡ªmȬö,Ï#Û• ‰©@‘&[¬’T…Sô‘DŠ“H*r¹ˆÝf3;Ÿá9ÚüôìûÙÙ$àFÚßT»j˜)�FdŠ%V³{®L.”$ûÈu‡�|³”&²=ÜPçÑàî®Mt)Ó¼æñfô)Õ�Q2º˜[|W¦Âh–Ú¤ÝH¡§î’¡»âŒ7Ÿ€¦4‰@ƒÓ8^¢ÊfSvº[Õ\þþ9Ü<¾\â×J‹¼—)‘v«íÜñY‘ó^Õ¤šv A�P¿¯+´ÄnÄLonDjólVL> £uÝövCp-·ƒíèsWô5¢Ì7ÇëºZ—ƒ…ÀÌî•
1Ò¯q¿`o ¦	ð¾:TuÙÕŸ—Fº ��÷³Ë|+»žÿìŠ3¾{à?ÎdWbDž<†
U„ì�_©Ý$§>J¯D½bŸ#`Ðfíq ~¡çlpóäįDHIüJÿ~……$Áã+™	­ÆJRP%y§
«¶áZ’ž©%naëîõæ�-7ã
p

>,uÕ€;ÔõoÕžofdzç²ã¶…ˆÏàŸÌE�
ëòØ#îµdÄàÀ£Ç·{ÈT8Ì¢¦<ðbuÿ„½».›Þy
§íR©To‘s_2Ø«Ó€'øYNŠ¬™
Ó`JÄ]VÜ!±vØÓ´óQÆ	F™ œ%"MB(ßrÌ¡4Áé†~GZ¤�”U¨|òk¹™iâæãßqó˜~¾D5©…I [‘…|%Ä7Ìù¶J“"úuKÛ”3îÖÒ™@ûR	™†¾´wU?<!fTÂS~

B‚k¡4šK�¢‚%a~çÄîWwv}F¦þÜÇþ\«©
+,ĬA$¤J۵Ϭ€&¯FÀ>Jö{‹á*â¨ÄŸ$ê½RXZ�JaÃÝ­³ÜnÀ:NÙ«°Þïm]Ó�ãÐ
|=�Ŷm]»ªtK—wÙÜÞ鄦¡_QØÜSúj׬k̇žƒANó•ßÛví�BUÛ-§eW¢P¼Úí�"ê kLjgðÉÒ‚Ò¡–ñÈkL	©pTøD
÷.»»\Ü—=
e÷žtœ†¹_¿Y¦�¡»ª¼rÙÈíL®GŸ¹õ”¤@â®g=óc÷a4ŒÎLè¦Sà°AfƒjwÞWÜ©uœöû’›²&*/°W—ÜÎi°¥uÕ`mÁìfÇ
˜7et£œ¸Qå7ªÔ»Qed¡q.Ò�‹@zî"XtIħwÂo�*Ä6.0»ŒzËïízu߇ÔfSÙCˆ+‘â ‹>¾'ŒãxäXÿ	Q+Á!åÎÒ�$¿\âµ�£˜|Pœ“Ÿi?t
L;{(«†å¨_Æ呬Ÿ`2˜¿ºžU<I÷¾òÀ‚	«
ï%áy®%¿Ô©ò¸Ez®(.ƒ8j·||Ï2'Pi¤Ó¶â[©A:¸#N	]¡|Ù펫ùÆØž”b@½›D[fŒ`HÜ‘oS0ÿ`ÌÝfO{T‰øòZ+¹¼žše\—'(òÞ÷A8�.�”~�@È<g œLþŠã
tH		ùz°w�8ün‘vuôû¼ÓŠSlµ¨þ8KòA—õ©@t¡N[®ñŽ{Z�ÒKæ*¤¼hí¼év§2él«ê
Û¢Tšs @oáÂWÀ­§Uô$žê Ä袈úãU?TÃqðû	š7ìA_µ&‘ûçdzÛÁÒ�Øâà~@(äka<Ü
vº+?M5ûÁn¦ƒŸ�z’º¦™È°÷5Ø» F×td˜Ëð7È“ù^—;Ûkªd93—§µAeé½Èô¼™ ô‘ÖñôúØuÌ"Úñ¥†´~Sums®Æz
+L;iôôv·Uo]€�K3��çpÜ+7.ÙâphùןL8Œf"q0ãàïI’[
š�.tগڣ“ñØÏ©¼à¦ÐÄ¡�LÌ>‚ÁÔGpÀûöÈÉ'�óEjE•:‰Ït²ÝÞÓ=+R(Uƒ=\»ʶ¡(ât*@%ú_2ê£ë1~8(¿‹/�¶©?‡²¬.QÓ–í:zLÀ#ÚQa
.p
—ÖÌ")}+${wö®rµ>{[ÑDzÒ_¶k¿
x�GÎäˆ3¦A¢ˆaŠ˜�"f¤ˆ™P$¿ß·À>U„]§kOQþÊý�Q£O_ã…�<þq€VÀ8Óƒ2R #|)èöŸ(SÜ{B+÷hàשûïË¿¹'�%íüO+ä~×ÉÑÖè~jÝ¿ºøîoú;
“
+endstream
+endobj
+174 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+172 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 174 0 R
+>>
+endobj
+177 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2367
+>>
+stream
+xÚ•XK�Û8¾ï¯ða�‘�¶"‘zÎ-™IöqÙÒ·dl›n±%C”ÒÓûë·^”(Ëd.6I‹Åz|UÅM'ÉæyCÿØ|x|÷ImÒ$®ÓÍãq“V›TÇu¶yüýKôÛÉ\ÛowZ«HÿºÝeY}0®Ùã’Ž>ŸìùÌÃOÛJEÖcoÝv§²¢Î"Uoÿxü÷&ÍâZovYWÄõ_GØ’$Ñp²½Åa5Žÿ
Ùw—‹i¼Öš‹åå³=Bwd±`Ñþy5­kºö
ç%Ìí~`Δ׾qªhoíÁñ#‡¬Û÷Í|†]rØÛs·…Å—˜äßá2øÓqÊzùŠþÒ8gf@S$Õ,8NìŸÍàâí®(*º3®u­Pv²0m�îá<«eLÓZbX¢vV‡¸ñÉ
Í0îHT°iÊ‚æ$èÀzÉÒŒÒuMbñÈ
`/Çc”ÿ'²Ù0iÜÍWϤú1“³qÃv^h2©øVð+Û¡?výÅP‰prœªž§N¢ÔÏàCÛñjpX²8Ì¡2¯Œª^R’Á„o3œxd„‹¿fE×\*›½â¶ïÈcÞ}J1ˆ’J®¦ª¸&*—±ÚîòBE¿M‡—yôÙš~¿ÕI„ç–Y4}ø894±c•ýR'±bÞï%,@Fs«	X;¹€x¹mån×3Y¾4ìtÏH»]`µ©¨9òO
±>ž7m�S×\®ç{ZžÄ1í*¼ØøݯkYÎ
ù�Îؽ`ÅôÏãŲ¤(®±EapìνMûÌÈeöÇ21½æ9OËQžÇµ!JoÍ�.¯ÉéTQð
8˜.ƒ'Uä¯Å+`‘‘7"�ƒ(8YT•õÌÇ1xâÐƒ½\''uÌñ,ÈeÙÑ1â�
+eêåxð]oó¸¨BÇ4HRÍVÑql÷Œ‘ª@w=¼â¡Ì¼ŠWC™«4X7VôOWÿ¾i»oøküÁÁµó·FNÿlŽ:Ö<ø¹…â,ô
È3:!Ülà«y¶l]ð%q*QB¬Ø3ËpÀ&ÄÑ�Ž	Œ>t.fØ£ŠN8ÕðêU�±QüDÍ4¤˜Õœ˜§ïìùS#¼QqØÝqÔC†w-û46ç
ý"€Ô$!*#�µD N2¶‡&aË⪰âI#ÁÂp°0ì[úÕ¡~3	Hˆ~A<äJ+¶AÏå‰á?¯5Î>FÄÝ’PäD­—&¸¼¿,S~Äy
+?ÜÕËéV—ìYb¬RŒ•BL6žÌΖ@áNï>鑱KˆáßÿûþñŸ+ÐÖ@Q
+{CZÐÝÒ2:4=C׿ò4(
ˈ²å.sÌB,Ò~UyéÇ>ž‘Ž,+b­BïAËPjÕ¬BåÑY·È|§é“‡‹>Cô “êc¤êåóIèŽ#ˆ@y5Ã	æ�äòð¸Î÷pÓ)+0³G6˜H²"ºà$¢έIÊÊNV÷]{(ðàZ–.€¬¿ÂJ–I‘‡³«Ô˜Yu×ò‹^f{Ÿ{ó\
+;à<A!N²8åÁ—ÝØ·rø‹�M Y-ª¦„‹uîqSë¯[0u‹ïyÅ[F(…s%¦ñ)Þ-ÒJE°p{aUPÁóCÏWq•ú;>kYçñq]{~•sIøÊ5¤éðÆse‘%Ìþ	¸q@H‡ÃTTì=3›Ü—ÐûA!£‚†dåèz:clݸß[ç@�¨mœy�´E¶RQ¹Ð“%-ØÚ¾ïzBx8ÉeZ
+%@áÞB[Õ:¿*»¸‡ÏSi
+«¾DJUùPg
Pk_Øà`ö~œç|U\_\JS’ë‘#NfkL¥/O8æxµAø‰YåÑ¥ë½\ãQÞòk´W‰@ûfê½–ûÆ¡	|îÍ…ÉÉ*î5áÏÙ«é©ÄÂYØ=â”ó_Ów-a?ôkEU½jP曬-ì3®³b*‚M�ÍÕª(	–ž›ï\Ž>ÜX¢¬õ™€Ù 
+–’ö–ýl�¹òÍnÅ™ãk	´·üxÂZ{Éþȸå„‘ú–Óå¡ÓÕ+ÜRª…Æaz4ÍY¾Hg¾7�’ü.øl‡cψ£ˆUz“Z¨ö‚ŠèAzinG&žé›<ß*©u^	°µR¤ÜÁ7â‘ÃIÎ�ì‰9×öø/¥°P0TfAú(Tœû´å]¶qâY!+döÄ'¾Xîã:/ÂýA¨À¹^R#óÕƒÒH“¦Ò*.ÉfNVà
+:®xð%xúLÒJ•žMU:P«·ü¤«HåËbÌ�0¡¾¥Î”–2¢Óç±e*ã^[Æ3ßntgòÐ~Åšû¼ ÎzÀ.‹«³7…�âd…L@uÈ°qÅó4&‘Ê
 ãZ`ü΂Jãâæ
Aßy@øN[|L˜ K2þè
�Ÿæ=pxŸ
	ùÕ€3Ï­ŸV)vÍìxa c~ZCçúü¤Œ+ïæ*/§&lZ w8êl/·Ý~AÝþ¯|@>°K¡`(ë°¯ÿª
+µDÅ…/Û»+@Ë
0¤Ó-ô-ÍàƒÃÚ:÷Iƒp3
+‚þ˜˜CO//–`E#Ì/Ü~<òÞ½e¼‘Ç<Ky—Š´/‹Ó*.«Àj÷jÓ<ß®T›—q]rìêŸÓ,«(©£ýØ÷S+¥“Š#¯ë¿qrŠ Ò©²­%sÁÂnx½s³*N=îkiÒ8Ë'»Ý]ÄY!¯£;­·C:p×”j¡•uœO|ºë6
+·lè^¡ƒñ5Ùú‰TMçòõ2­Àâ
-ìÜ—»!d ‚ÒŒ|SÆDxë­™ƒß»²õî›`ÈmE$7\2�µo“GÚ§�PžÂ×Ï¡úúî²�û_D
+¨ü|	·Ò‹‚ Põ_RŒwk.	
¼†Þ\òÂu'ÞipÛCÁ°LÿRÀyOQøD0d¥åQÓÃ�ÒR*/"%Rñ:Ø÷}ÀcúFÊ(…påšçv~
+Á5Ò?fP|6_µ†UxÈ*àb¡!•ZRM†TA+î«bÕÜ1-?~µ7¥ñùióññoÿq%²
+endstream
+endobj
+178 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F5 30 0 R
+>>
+endobj
+176 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 178 0 R
+>>
+endobj
+181 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2405
+>>
+stream
+xÚ­ˎܸñž¯èƒk7-‘Ôë�Ãz×6Ø`É9x„#±»«¥†3ž¿O‹”¨–ÚÙ
ö$>ŠÅz?¨]ÈÂpwÜ™Ï_wîßâ»(dy´»?ì¢l	–ËÝýOŸÞíyƳ8ø úÓÝ^üCt§›BãTWÍOƒQÕw_îÿöþS<£ÊÍ^æ,3ÈxÂ	Æ¿Ž³$Þ… ?麾ÛË4cSUÛô4-õ�ÓF—v:vUs¤±þ¦‹AiÚvðÍ jNº«wâеg
'MsÛÛžÀ/
+XB>ÜÌàø
$�{�JDR!ȧªk›3Ž38uÍûžÛG	~~ûíÅr,w¨Ç©Ç‰ð+�*¼olA1iP(â�]
¹�>"äŽ#�ÞA�µÅÑvþÀ´R´ç³jÊ}]5ÚÞ×dz•GÿpG‹pГñdo1\	�«
¬Rõ†px
+6ad#_+°ÀY6BÜ"!L¤“]Áñ

…	ù«Td-ïUu¥zm)òì§F¶+¡ðˆ‰Ä"2§WW	θƒxÉiB÷O]X5È%ÇûüQðåm\Ôѧt¶f7IO_ÅîÓ]ƒ1Tí|Æ2.Ú]º·Ôgž»‡(N:Y•kÄ!‹"'G 9Îs0è¢Kã˱c;µ½Æa´ZzT*øë±kǦ¤½ÿ¶�=�¬�pNãLÈç_ª~@!¡ñîs Bø<K-¸³’4!À¿U�fÊ‘¦•RÈAÄ$®Þ¼Y31é¤i±«¦$ú×ÄÓ5bëš,eÜ¡yóÛo?ÿ´ºhÏÁšc‰_–$ðß'�6“&�ÂOôÕùRk[§§ýÖÆ�U –‡Ǫ*»ÖZ(ç°ä"5mT½EÓÒî£1M
+ÕºDAdcZ®zÒM$M¾˜ã¬î¾âý‹C@Cr8Æ)úô·4ͼ„`¦ÁÚ 
N) ² ‘Ð-¿F=88´uÝ"’g0Ty�‡Á¿š]€ ôž«Þf
+F¾�5­åXp§q9k¼§
È>´á¥-4J[žMJ=»‘k£”EÉïómB(£9⤽�šbTF‘|	¦
ÐÛ¸ô"ÃàL1¡¬š2’ÅF†ðeYyë½½¥0G³°:¥,wº¬:]xgÀ¢Végò gÍßËÂò5rAœc7ר¤ç;ŽðÕ„+\ Ûîå�ÈþÓ½$sKC§Õú� ­%œUÿõ�¸Ù9sÚ€×U˜_{Z"Æ‘_’áô¬ºÉ'î`blèo¤Ý¶Ðnbˆ$ukD›¶ê€‘Ë-ÞUÞIí.uX71«ö)
ö½sœª¹r›Í0`Ä}#Ï
+–2i3íÇõá/Ö¥]þ�P+ofÝ×B§.Öæ5Oί<dé¿ÖÍ:íÜË.³f"ñÏ—±GF‹�Û6äø'b®”mT°~wå™–	Tűi»«jm™fýªj
+„ö”É	¦4/³ýA˜˜rN0Y$s²ÈŒaÊXR)V8œ09!èœ/pvmÔÀÁB5¼	H�W&`4£pÎ="šÏu:‹oµ
&Žïdê œA¿ãc?TƒÁ"—Ñ”¼{ÀÒèbÚ
m��—áhÖÖ	L¢7ç“`­ú—ÆÔW' ÊTy2ýþöZj4µ›’·æ«è2b5}+/‹)/#ˆ)&æóåx©«ÂèMØ<-\žF°ï#·™�õ·B_L"ÝÅi<Y/' É€SWÀ¥É\ÅV*0p.ˆèZû=Ù½©®ìW7;¯ÂòvŒƒí\3S
&�J§õÄêÉ&Myý#Ô4q˜¦Joö-‹Ð;þ,®Uqf.›‰°gŒ¦�cš^*k­¶áô±ªºo¯e{n[;‚…BD2>�±?Ò³,\Üô³}šŠàG(n�(t;+L¤8Bý rkXø¿øˆ
+ 6u1ŒuõöÖõ±s¥Jm­ÑÎwãÅ¿ŸX…û\xq�Kã4¸8W­S0äÍ7Aóű=ýŸ�ö=aYnÓÑŸWÉ*f©kóÞZ:èr��™#‰ì¯kkºÌ‘EÏ@®}2vƒAIº ÊÅü\�ìô W�MQš²8^Ø|s4T+à€0E¾``b(ðwõ<ߊ#âSÝ…[k™ðP²Ì5zïKýô¾ëz-›ˆÅÂ	¬.ÉDð«ë�Qá°éBHŠWÎBÚmÈhÙ™€Ð_Ù–_8–º/ºêÅi?5•Ë¦³Pum+Y/Kr_¯ØœKô«ôí—趉ðé0ÌQä<›^©œŠ!8C5%¢ÙÎa<¬"0yèÓEÈDä7³’¢|.]{ì”)UbÊòVP6½¦”àm/±}°ÅÝujª±$	
ãË€ï�ö(
+ŽÐJW•¾ÿ$ýGœŒ	imàæS¡o39sï"Ø]B÷|r=±9ÙÂà­~©«†ÆÕ×0x˜:ëýÕËÅEU]ÿî†%€ßœ×1 —,u\ Ê¿<t+âÓùÉŠYƒ)?^Ñã1Ú>> �”&lÞ)
+tª¦…gœ*Õ‹1ñMR5Õe¬©r›IÜŒø Ø_Bq#ó¡GÆ錈ü`û5¢‡poS‡ñ=P€m(ÜÌ‚¤mç\þQôÁRô¬|AX
+b˜uðá+	PnPu£hý€ï`Hw
+½Ù8´g`Mòe³¾Á.Íx9ÏÈ	ð{ §Ü…Õ&K�z}Øú‰RÎúLˆ�0dU—ægÁâ‘P÷æÁ$>NùÛœ˜ªCÅ3Ú¢g—LÞPªäèze¯û<%Ï–µÝe“ƒŒeŽS[g[
?f¡kÉJ]Ô¶3ÁþÛÚ	b¥^J—%zžˆ¹8
Û6›“Îݶ#Ãÿí
Scøð�^ÑpYêr¹?åŠ(ÊY¸xß,u­IìÜ–ŽfDRæ›Ý#"±ÈX€zÏ”œSpÄeEÏŽ9Oè‰î{Ñ;œ-Xà*ဉs™Î}ÿU=Øèg
+Áþã©”NT ~êocW‡Êx
+綱ÝdÞ4µ	$·K­
+Ê�®61(ê’ÑŸ¡û[H¨‘‘þ[Þf…8çÒÜ{O¹WêâëÚüPk&î¥gÉsG]è7êø¬*UÓd³!2ýü3½¹#ÐòU2‡àáQålyùxÿ§ÿ
ۯx
+endstream
+endobj
+182 0 obj
+<<
+/F2 13 0 R
+/F5 30 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F1 10 0 R
+/F4 26 0 R
+>>
+endobj
+180 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 182 0 R
+>>
+endobj
+185 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2839
+>>
+stream
+xÚ­ÉrÛÈõž¯à!UVDzÁ–Ûر'šJ<N$W’+i‘�ˆ1	°°ØR¾>ok «RÉ…è~ÝýúíKs…Q´zXÑççÕ›ëßë•ŠÂ\­®ïW*[)ævuý§›àíÞ�º¢YoŒÑ�ùãzcm¼qm¹E�	®öÅáÀÃ÷ëL…ëú¦h×m“ÜF­?_ÿ²ÚÀMjµ±y˜Öc
²`WÞê8-v0ÉMPVøµA·/Ð"î@éàP´-C]µÖiðÄ““+�7`ÕIðu
˜§îòÄcÄÄüøÞŒ¼jkC›®"¢ª¯Ú¢ã-qfFv¸Jhýד
ÞxWñxª›Ž…²©fA
+ÖÊÖݶ>
wK̪àtè[–›�ͱ]m@!Ê
+	Â>bw»]Ù•uÕòôkéx°ÄªŠl?#qÆkæù”WD¶À«
µç`Wl®)„ÛÇÊ8U2r‹»<·!ó¨£4Œð˜„1m»F0iÄëײ©«#�Qª©
îë†wŒÒh[O:šø;x—ß}ßW[ÏŽNŒÏÞ‘Aʽ®ð÷;^ïŠã‰¶Ô�kÊÓ®,úÉD;wƒrâàÔhÞ�eõ€€4(É&’à[Ùíytr�;â_iàÚ¶|X%k€M®åï®h·M)„î†>ƒß«Â3hLhz3xg|Dœþºöó1Àn‰ä³äOî
E U â}=Be´ÓÏÈã}mç@4J€b„E�¶ ˆOÕÕá‰GäØ8x®×lÀVo	Ðnï—h•
…Ïfcs¢þòvÅ@p0·\¬zwß|™«R¡�'Æ
+8ê“6†Õ2Ã
n‘bŽ€‰

nØ–áì•?ó¦/]Y}Fíƹ9,Äêv-@à@09ÒFS!Ë‹!.$SÕ=³”29&¨ætp[²’Í ºö²ø‚:bq3ÄÃEüH$¨êŽÁ¿õmçQÖl,ñ ´ýî.ÆK—,oôWÈ3pú‚ŽÿÁ’
!	í™�²â~ý…¢Ë®âoñr«Ü�N¹È½€ÿ5Š»)ÝÝA �/ÉCåcèïÿùªý q-ßÊ6ƒº© g•HÇ°tr†�è˜ÇaœNEUß�Av*;3†íX‡	ËwÒ×�Å`^æ(öÝI"a>³ˆ�™UXD92Ë*Ôi˜(¢Ë„i¯7q¢ƒw�ë ”^A|àdv.(Ö«ÎÄ'dn6ÎlÆÀH”OéÁi6F±1Öd˜°4r‡¾í¡8�m{ž�Ì®pà…‘ãÏ¿‹¦fSŒw2Å4Þ;¹»í·ÛŒXBÏ<ðÿÄ¡¯ª«� …™ Uùˆ eµ+·5ezïÊ”LC¸-‘婃ƒg,ö’‘šMÉ*é!÷EJK
å[ÔÚÂ1Ï=¦žíqÖ‹Îò¦@‘F|¾uE|£‡ÍŽ²YE¨’á�š�Ž'��Á
ÏÏHp­ •„¬Hü0÷.®1â!óöór|é†Iík¦ç܉€A¾Ê•g
ÕÇ&ÉR	(¸äð�¶„0�6(�•…óú|ï½ë0ª £¯ã0ˆCÒYÄ_ÌÜl>ZŠSØIrÊu˜h	f>“�¡ç‚‘S$žmAù9atÞ> (ˆä‡¾à «t6‹oY2VØчéËÔ©¡F>¿×x/€{�¸P…:ž¥ïœdkò‰Ff	_Î99¦¦žB¸�|Ç#äöå�AlXÙb€p|Û@B»ÉœX<Ûž¬	/êøÛÐÇP]�súØàÄ0+}Xð
+"º²e~ósq¥’0–Ù`Ð]ß�¯1¯$@$óÒÅ3•2•SឣP:ó¨�	;aâ’)qC‡iy(ÕæÖõ”×agíVü-š†Â6,íú†k]?ž\ÕrASÞ‚ïʆ+¥vfæ…N�ì“�“eù–Â⩲‘ü¶w"¾/°L¥˜Õþ&y™á¸”/GK«ÍÐ<â¸ãÃFÊܸ­+î¾Èíõ�‡�Ô†8jCœ˜P‡Ð?ñäæ-$Œ8� ‡’6¶]Óo;¬Ý¡“VR9⚊n×0J$Â"¨­�²ˆ
+Ã%æ‡Ë5mœ¼Å“K#É0A’
o¹ùœž·vÚ>@pÉo×Ï8fê'¬u0ÑYÖ“,Œî¸BF¢L>Ø8®8ùŠa4hp‚’0ŽÊñ’'ÙωܣÛñŽçCö^VÈàaI°aç>¹�1§˜_i•ïÃul2¹‘
ð•/¯HV&ð¸EÜ!;·.Ü/þ4êBNe
+IW.©iŒšÝØØY�æq-!LKÜ‘2r’€©zÜÖMÃý,ö-XÁ¼ZÜ,•‹	—‹W”;—«D;­¥ú�R_ýGRåDÜPy䶾,B­(Ååmäe[Ý][TÛ‚¡Äc”Nž`Ò5îD5¦Òœ𢇪Ƨ­YO%aæ_M®.¾~÷÷¿Î} )÷ò–í¯áz<Zê5àÄ�n¿” XIôY˜Ÿeúhþä¦fÒ„€€w5[^ËSÎ,0 ¼s9œë™ùM$Q\Šsƒ*Æ8{`ÊM8Ãå‡ëùûRzÊHm€RËÞ^x.f®¡ö®v‡B&"²D{‘%Ëïy*Uaä;°o®œ?q-HPœË36'hóFA4ý©+!÷bDƒ˜­Åq/!îÆWŒŽÎcå:kµB;þ¾€lhâ±ÈÓ™"óÃ+î á}iùâºïdpÏ‹ã£h’J½@©×\Õ§áÁ-Žñ™o.+n¼øµÁB§ï|�å3.¿ä
JÛ±6ÎþöérΚ…à÷ $3©�ïoõ�\[³Ô›Zè +±òÎ;‹ñi	fþù6ŒïÔOvóãM1yz¼’º #AN¿ „e†
ÝXÏ<½—˜Ç¦êþ×—¾ËüÅE&ÉÁ¯Ÿ^A0tú3KÃ,� ººþøŠ"Ä"Thô´Xú©pðcͤ¸Á$‰†i;>²«c1à¿ôªäûSXó-¯¢w7=ŽXÉ0Ö?€»;hZZÆQVЫ–xõrŽö¹Ô*)--Dð–ŸAqxßÔGÑ«N®‘W3j	£¡%Ôl˜ˆŠ3ÃD@)‡)”:9â-‹4á¬}ª¸-iꪦJ…Љ0—ºq6´¥§K“¼^!¹ŽÏ÷3ë˜ü•ñ¢›Bb4ê>�†¿xÆ}UÔäS­ÐŠW.ÊZÝ·£éÀbÓ{¬p¢J ^Ùó:¥íÿÿÃYZO•̦¿k»²ë…6XÙÑXÒ=d9T]ñÄýwíšÝ桨 Ã1½€‡ãaŸÆŸÈ›ìBÎϲ0Íþ'§‡\’…ÙYú?8öß;?¤m5û÷Åï5èŽÃš‹UïŠ{Ç‚…^ç$^PF<Éi¾IFC™DÿùÓÇï&EÌ©Þ÷¬gËï�ìP06æBÆš
+ëƒ
‡½d^CeH\/q>þCö¹ùXꡯ *J¬6IÐÔZêß2t„Š’4±AÆ�mWŸNòðšAÈ»š€x"ácôÀOçü¿2s£HÇG% øí¯�ÃÆh‚É\ijª|jžEÕÒ;š¡nÒIÁæ{�hZùM¸¹6¯+<ë8¸¦÷aùˤ)ø–á¿
+ßÞâÀ›-�ÆÁž€ Uy›x�,ð‚ä5ÅåÞw$—¡¤Þ]ÿî?L±*G
+endstream
+endobj
+186 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+>>
+endobj
+184 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 186 0 R
+>>
+endobj
+189 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2961
+>>
+stream
+xÚ�YY�ÜÆ~ϯ˜ 
Ì´Ùݼ­$¶eÀ�­‘É@¸3=;ŒxLxxµùõ©“äg?±Øì®îº¿jî¢0ŠvO;z|¿{÷ðö;³‹£°ˆwÇ]œïbn÷ð×��5w÷&7y¼+‡Óݽµ6ø‡?úÞ·{�¯.ø©lïLLe}÷ëÃ�»{àïî]æÄaì`Z’%>²à\öcµŸê²çáw�o€JmP�<2œº©>0ý»g�ç—Þ7îôÛ�É`~Ǿkøóxò<,*kYü\�'þŒóà o¿³‹ÌÖaQì":ñ¡ºç–ç¬ôbóÐ$2åqªê±j™á§`ðže·Lr»{P`Ì
+üà÷cÕáLYh�0ÁÇ»GúKGÚû®Æ�(xǬ‡_ßðÔsùä™Êݧ;^ÔõülÊþ3®&eÀ;éžm72Ñû½¯@_ipKæ8ŒT ï¿ÿá—Ÿ·2ga‘É”i¨Ú§
“‡I¼Qh¢ÈÂIJ&úzÚ°�ãÐ¥²8¤u6t9,J¸ Ñ÷GÔqtÛhàiºú4�»Ö
ºÞ#IB«R'_×Ì°;‹Y€>•ènàZ^Æ?2AÎs½}ì²™-pÛê΄N7f!^‹CÀ‹#‡â£„Wrá¤I“a(­©a[|º{ÃQ¸„çàÛÃÀd¹=tlÂÌþ£k,°G
'Ò\°ãó‰ô„åY±+û¾»“ÈÏ­»§Jæ¨	€
šk`³ƒtI˜m,ïÀqY0̪�Gž‘sY�èŽ4pÄx@¢äǾkš²=ð*”@ϵ½ÌÔÏ!pVbŸ0“,ª§RÚåϧj�ÑtZMM!x˳ˆá0q®lÅ®•Íd¤2x×BÃNÒV3úø\‘Š€â@†�â™<ê¿øý4RÐç©Å�-‰”ŸY´ /$=èû>É‹àŸ'=‰80ý¢œ¿ž1ÝÎêŽ2Ñhwz/-«¥ïÚnB=Fk+Dyð[UòÜ[�lLf1oL;–7âØdÇ÷ó$IÁoØ$5òG{Jhã¾ÝQŽÈ¯³QE°$£l�´ÙÌY@Š±Tºr7È©UÝ¥U�$ Ô‚.Ø—Óàeý
Ñã¢SÍ#¯É›²§¢Ð¶½§^P5�?Tåèë=ȨBÈM’ ·IÃ,]›zËq’ÜñÔ{àÓs¨Ž'�ñØäo$Ú/ö‚IåQæÛÂ+û$¬B\=h`_YðÒjh
+Î~õ%âÃÙ0ßMMðARH–ö}u‡ma�8´´Ø²E¿›'…f"i)Ó”Yà‰^‚°Á‘ŸÀ7A ½ï8ÐʪåP ¬"üruw°Ü	0ÚhRU8†A׌uwp”ƒL6é„Å`E‚p}? ·¥XîÛû¹žÁDzšÏɘgH®Šs4%¼î3ÉaÓˆ’Á°‚3#qõà;dP`9oü¯8"¢èå"¿¿Yäµ~£î_ㆩ@ëÓýð{˜­%—†�–_»öt>×)Ò…ÔcgÜR�q<
c&>¾og¨)zÂɨ'fÎeR†iUBeµZ%–åA+
+›ÙÙeX=æfÖ\ë×:õ4SBiyXÊ( î8x8Q\Á(@e¬Y‹y�žgÎX})Jƒ±=Eº¬+ù�.u»œƒ�äõ󎲇ªX¼vvV•gðeÏ
�[š<çz‚ŸHR$4:�Ætwñq?õ½çPäõ‡
+’þØõ/w�æ@=¦ÈXå8»f=tŸ‡WØéêÊ/36.ž¹0wâvþùÛ‡¶ )FüÂ3ª#«7)Êa˜šóvÅ'ÇÞ3ÒxŸA�–éh.ÓQÐOíÀTÉu[!ŒpR#da¸¡Ê	Æ؆Ό'öU)+¡/+�	|‘pÅÙÑFp§Ù,fÅiZ`ÉìÉÿÖ'Pgæp�ì3Vú
ÿ¤Ü㬑âÔg‚#E~ý‰´�јˆ\|e¹»¡B÷'$@-–È>ð{Ù+/¬ç´¾»â½(Ô�û›¡;ãÒ9ƒ«” 
+ò
„—%
¿èDÏ£Og-DWÞË춓U‡Ãrr|_eúA‡„—f<ÒE,G‡ñkÜÙµJâ÷ÒíƒóùñÚ[Í\c„O¤ÖXXØ”xÊVßgqVS<ÏáüÈM;~yœ—Xi?‰¼‰!Ó8LÕK÷§¦;lCÔ.�àN­ë“pRTìÙÀC#ðÐd­!Éå¨\�§±îGÑ\÷X#…¾N=Ú�àwIÄpÀ¬à€Aì¤ä’+qį4€sÒ¯§'&:ƒñ;ð’ÍEè'9e
–ØÅaq‘³†3™ð¹�»Kîè¦Ç¹©Tºà:
{¨ç\ð¾å¯� „ŠEúà °’¾rÕpÑ!AO”hb±jùc¼z`a%Bn`D0Whíša%‚ùÿL‡	 Úc+'%Y`‘í«Gäˆx$H ò¿zV8Äœ\¿rÖL\¤‡=nv/Ð`Ñ
ݬ8¹bq’—ð	>Ó‹ðÃq5+|âH&+E8¼Øž @ãJJõ_/šøúˆ¦ÅŒÔñ $ôQ)/[C¤P‡Ù÷’"4W‘!ºJyR�8|"„ªÏü®¹'ÂK�«KZºvóåYQp˜'@ê;÷ÔÎ…v—ñR_]œJo…Ãò=
®ºÏHeÊ_Õ
+Î"O2èq�ÔRI3©[ð!�BÅñ
f”Öã¹qš&I£0!Ï
®À‹ä<çàY:®l¼I-΄™¶Ÿ'tçMš¬€�0š15¾8ÀÔœQÒ<L.Ìúñ])W’ćåfèòÔ®o¼,ß�:­H¨lɼ ©G)«V«5J­¯À¬Ÿ:j¥Šˆ#¨zl
›r ûK[}á9MùYÁ0
I
+†‚áXAHJ˜éR>ìBôM­Œ
/Ãè›o„ÇriSDšgºö•Ë¥Æ³`e[

^츘/LS�, V�bÔU+Ã�ÌÃC§É\©qHæ©"¤êè\GªDÌ@N‚½ƒ»Ñ+:MÍúã×Û;4~æ–=s¼\ÛØÄ…é…;q“£ ×	àÍð¢>¸Ù‰8ñ¹«�çÂTp™¼`wî»'€E˜!|NèjÕ-øøBulâµ{å¼íã�p«½QLž,ð¥|þ¼ÕLÆŠ³iÇ8ø™îõûú�6&Ìí:¹tRb‡®ñ›º{Cf+Í?Vå¾Òâ-Q„MäF–3ÔŧÙ}`P±Œl¢÷Gòµ.Û§	Âù•H¤vékdëRNÐNœçlDÀ¯{ˆÜ
+Š3¨;p|1Œ�+D]-‹ùÚ€€ôÕv¼äØÕ5ýnzfìå’
n"q«ÌT›üµÅת¯Ô®ƒÒÎA)z]Ï[ÂÒ®Úÿ,Z�n.a©™KÁêÆÆ®�ñ{Øß¼ŒàÝrŽxÚ
Ô1§Z§AêRu'FÍ…Ä…I1ˆ C”¶Ö¥ze
+”^Q@6Ê‚¯5€‡þ<Á
ô¹ºÓ ¬
+cœU‡ëæ&‘[4ôF“äÁ¡ã'ݳ#
¹ô@7@W24€bä'
<΃¿w£×ÏÊ�ã©®Æ4EäeE
%s}‡/\Q�ª«fµ™ì~åR·Ðƒ˜[V\w}÷·B­×›òKÕÐÛ†¿s0;úÕ»KÍäKœÚ°Õ¿UêBôÿÒËqägvUDøý•_ho çr@û¿}¬Ú·�· F…ó?·O€‡©aƒ'V3Pz6½¦_Ãgs Úa,ëš![¹ðÙÝaŽ]é÷F
#-_xÎ-2HH
£[A“˜wödV'®Œ”o‡©÷ƒ³éñqŒ#©¹]ƾ&¦E/©øŠA«I&nA¬²†—ÛYvä)ìz.˜¦¿—äïÈU®›¨K¹˜ŠÓ[A\ô·‡?üÈ»‡o
+endstream
+endobj
+190 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F9 84 0 R
+>>
+endobj
+188 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 190 0 R
+>>
+endobj
+193 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2490
+>>
+stream
+xÚ¥YY�ãÆ~ϯÐC€PÀŠ&ûàá·¬×Ç€#;†fGj�:K‘2IíÌäקŽn²%rf'È“ØWu�_UµVIœ$«‡ýümõþæ»�b•&q™®nö«´X¥2.ÕêæÃmôá:
¦[o¤‘ú~½QJGŸ¦®qJFï϶lÃÚã±jvýz#DžËHÊõ盟¿û˜®Ò<D|w¦«�*ã‚è«õFgb¤˜ë€"FŠD'dR!‡QÄ’�‰<�¶#0ª:㧛µÈ£¡²�ÙáT=ÚáàO
·¯gnðÓ½©÷1È-TôûÁ\omª£ûj÷î6þ¹¿âgƒ"¬6ŽoPpª‰oädM’Èöü{î�›©Ü݆wBç]?ðàei;¤,éz:Ã?½=žjwÊiшzãæ?™í`Û†2qÊŸ·Ÿ‚ÃÞŸß‘l¾‰ýSõ€ò‹,*îÖïàK•N9Àœ×£("ód¶çÁ°køÅÄÎîlÕÏëBDD*'ó´ç�7[²Þ×5|¶_lóÀ÷VMä:ÞrêÚ‡®:¢½’rô	ÒüÄ9;Ìä#*q>‚�Ùš¾¯ºg‚ê[ž&�
û/íÏ
鯪í°Fà„CÀNàXì{{_;ªmçÈ4ÎI
+ÓX¤XxŠþ²ö]tQߨÆÞœª®ÐLREçÁÖô1C7“p.‹… s7r¯Œ2Z÷�5w"KžyÈŽ†ó¬9:’E�»E	<|_õÞfÐ<„Ïï»öxEç}{î÷M1þŽ%­3�H–C¿Ð8»$Læ~‚X—˜Éœ˜„!?Î�ýãì¾QÁx²íx|¨&[¸0`#cÜæi0ÍŽâ=Ρ&=«PÏŸÌW$iº
+dR…š8V `às(.ùìÙ™~ÛÙ{r¼ýçÜtšÄ#<î
‰s•½F}ÒDzN!THx»ÃXÔÚ¥ööÅ)Œ¸,‚ûöÕ–©7�»ÿÝÞó‡G×®­ù4rNÉc=¸w„@nà�ÛŸ™â>ßìh)ʯÃ�eT(Â!¥%³¨d‥¥˜†-ýP‘f¾ðб…Ÿ#[x*‹DDœ¿ýP€¥O!…"d.V
7¹vÜ(âæ5 B9ÁZ¶çkp0*,VD%+,�n½©òè§ð`È�€DìPVÒT2Nç"/u¶áóX!p-éxtø
 šãÅg’)»À ˆsÞpûkx…¯šò‚y<ÂÌãJš”wëî—Š¼ï™ù¢l(Õ8ú)î³ îEä‚Ï8¸‡fÊTƒS
"@/™Z%ì�moŸfeŠLãLºt&ô€§c‘³’6ýÖÔ�~0™IýGÛBž3;Ê‹:2•Ç:!DPkÀ¶ ¥Êh×’\Û³O]T÷À‘ÊÝQm·æ4¸d
+WžÐní>oP	×Â~{ïõ­Dô/–\†Ud,
+'ùf¦ç^-a
+ÌÚGÉr
+bÑŸØÌé¥i¬ô%AÂz ÕÛ‡ÆîŸì0k¨‚ò”pÅ©Kˆ‘�XŒ�å`�yªÐUÑ/•ö
}Á¦Ð2NJÇÈ÷¯‰ýnv6‹srèÎfvXˆ¸|Ëá}U÷§‹É�è%×t ;ç±É×@Å9#—ÅÚ»þelíZþwåèaËòä¨\ß(ªßá^&¸�€
ýQg€à‹½ÁXCäz¡Ox¹5(c™»Ú‡L›Gû¶®)é=’ÃKH ®DÅÕ©¶PYX[Àj,x� W<ÊW<ppäV¹Š'ætLônúÝ@QÀ¨ËÒ“!‰ãû,[‹½Á`ÑÎÑMCäJŠÿ¹Ò$‘˜r�-HžÍ®êvñÜu„JÍ ?é"€ŒÂTï¨W
·mÝ6wëÁ<¿Ê>Pôh¡£[ÞY&ÏãÔƒMÕ= Ú
ýŒžS�|žq¶)!Ie„Å)÷¦°ÄƒFeÒ'Šgj¾Dp‡y:�VpQU
gR]²FÿÜo58ƒ×Må)s/
XÛG:Ã�éÌrã«4­¼ÐZgpÉÑzÃÙ9˜u¿ÿ1]»`M
8P²1S¢¿É˜žaË™g÷º]UH¹\Æó½­
µÙöôFŸ»@­ø="Õi¬uèÿ4†XV²…ðÃu¶<`F²r
+ÂÐ5
+P­Wo(eÀ…Rq"®ˆšP™Ü’¸¡Ù?wÝÅF8ö
)±\º¨ç¬<
”ðdô÷ýŒQpL™½�Q9e7Ww—Ï9(¾ÀðDå’t
EÑ;FÐ¥¼š´^¿þõ槥„”y�ùºÖØ]YWcB涎÷¶¢ÔX @>ªÌ2ë,ÔÕ+¢KˆïŠ1f­Ò½Q¢âv¾ˆøeuä*â&ÿš¡@�uþ:4‹8ñ·[Âÿ%…ö~ G?ÈÈÀ°AòÒ›ªãZr,ô
+'2ŒO;÷	øHò·ù„ÛÅ&H¼/$��Ï\„%£B��qé…üó²Å!‡‰Ié*Óè¼DÏ÷×\ƒ�òìm`,§ôç214ŽçÓ©¶T„»’ñ™ïsI
¢ß£°*9™\?a$‘²üv„“i„O9Gƒ�=ozDïYÊ%ÙÛ1•ôHíPOàüÿ˜:\u¼¥3ÞØJhгËn{â1ƒ2r|káw¢ªy »ŠŒ3,ª1áFŸ‡pÞ:*ƒßhžìp½�u\uÛd�1p“ºØM«té^áÒ”2Ù=olÜ8xBIý£ |êËò|	#e"°èyš«"0_Îr ú!„š¦qϪ-½qBŽ©Š!|ïtŽÇ$§Ë'ØrT:nöÚÄyë~›¶Ùp
@/¦üLˆAOéwÃEœ-€+Ôôµ¸à½�£7Ô@>˜z¨�·
+9F�Á<+FÒD�¥%W#÷ íº½È|ƒ$ÍK/”Š�HFðlÚ¨ò•z ×qqQ!þÈžZøN¿ª9Q_ÿA7ïV tÍ_lë $õ‹�[«­[8î‘àÜ¶þVW¨!x=�aW+ã"õö35¤‘¥˜yNkÎIí	œªLÃEéøÊ—ͼ¼ˆ|µž ™\ª§
+8&^$šÅ‰WÅàžDevñžašm
ÐGE6`zÍ%L{â!1¢R'㻟œ…ž<dJÐu\ÎÆätÆ¿q$•1„‘ú¸.ý݆W€£<ݺˆ?zWVî¿XJAÉy–9˜…ñÝ2Cé‚è|©
ðoåôút-tFª|Q4°|y‘nÆÞ_Nòðc\åÚÿæä¡EÇBÊOc?Þüé¿¿>tà
+endstream
+endobj
+194 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+192 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 194 0 R
+>>
+endobj
+197 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2520
+>>
+stream
+xÚ•Y[�Û6~ß_ᇢ
bV")’B±m“n[$hP°Ò«ØòXˆ,yu™iûã÷R¢‡šñôÁIQ‡ä¹}ß¡7)KÓÍÝÆ>þ¹ùþö›ù&KY‘mn›Ìl2Á
+¹¹}ó1òfË
7yò}9o¶Bˆä·êPõU»«°+“÷e{Ãu2•ÍͧÛ_¾ùQ,¢¶°B¶ÙÊ‚+m·Ç)£˜0›m–3­ýø6çyòqûîÛŸ\‡Ä‹8e˜Î6©ýd_÷Õnìú¯Ñ¢9gºp³>ÑÛàt°jÊxA«Ó®~8–íF¦2�¶‘'»©‡3âÁFÉÃ
WIשÛ;Xv`?;ZK.kñ4cZ¬o8ؒ䨚Ån¶*7ÉχXXÆLq]–a™_±èLm7R㮾ÇUíkk†­È$Ë9¨B°,·ŸØã¡’û›\&e3¹nwÀ§¶ïë[&¸[ò§_ß¿�öÄË�›0«¦	—èëòsãVÁ
ã*ÓPíA2ÏQó¶1Зï
+uo”[õ‡7¾»ý)Ú˜0,õʪþ¬‡qðŠ‘}È*†â ò‚¶ˆOÜ"¶tRº‘’ºCUö;Ôò‘†Ïåxij¾fÔLÚ¹jUÅŠÜÍúrÁ†wu;Њõx¼ÜB¡ú:ÒH‘³âŠ>4Ë‹ÀyP¦ubæÔÃS&ó0„n­y2‘ü;6DθWòöC´f–¡(zýŠdtç±îZjŸªÏ	žŠ
f‡ìŽ°q蚦è|À>O†¯'T<)¨kêMkêöËðí
(;EÍS$M¡Ùe_ј“®1ðMRíÝÑS&Œ˜Ï8RÏu²¯åÔ ¾ „»žžÎ<в>Œ�XIYª™öA´}wMK¸i	]εâZ¹`F¼Ä³rš|}{p\ÁÛHF¾lýÕkT¾ p
Q^dõŸ©v)“ªIF:„Oš¡›Ùð￾{óá_oâ]CÔ˜9c’atƸAŦ¥1*„2à6í¶:�Gg/¡T˜ÁíŒòTQëÐw§X	�èRy5£¨×ÇÀ
µ­¬O üÚm-Ö´RÌèç4-‚X
	~Ê� úPk?ŒÔ)û»iKúᦰX¼xîÉÁî-M“²µ	M87-d¨§¬FP‰}Ê"¦Ý®†ÃÔXIÜ€Xú<tÍ4ºfBR1
+GD	Vƒ°®ìNÓp�¸¦]
944™1dòÐ×ãXµ4h…3d2Œp¸²ßÓp7�çidób³ÃPæÑWãÔ·Ô†oÇi vížÿ­úÎ�è9úOÃýq5±è¨ùJ#‹6­spet‘Ü�Çm¬�ª¨‡ŠÅD+·©{›&3¢T];ÖíT=A¸üÛ'˜ˆã<ÛØIYñÁ*†I¿UÃd#+Ïœ¢ ÑV¢“ærEÕ—.ãÃK5`¸t} šM7 Ä/Yêwy€ØŠ²¦f™¦×k§ðÈûp¬=…y‹aJ¼äó	”Ù\ùÎbã?>“~�CÕ€ó¬%•Ìë É¢ÛÙ§=`³…]d�e@ã‘5ñÓy˜²„
w=Ÿ›š<S¦>�
+ IÕnr¦‚iÄ
+‹…†kæjÙu¼¨Z,7IÚbh+t>)uýÖzëL{¶B¥/9ä	ñg²)ä!€µ�6
Þ}’$Þw×W%ø' l†QŽN)3Jäø\ƒ²Ç61ëà3C
+_pÊ&8à³	¶}6Á¶¥ç™Ï&82µ
$‰˜ùàOÛ*dü ’?HôÛ§Ó¥P?©Kº_ºœi‘	žî@K•x ë馺§ò/N5öÍiFH&¼Y«’Æa­ 3ÏÔs°T!#2ÊMêE"ã¬tAôŽ›3àTÓÂoO#cwW�'÷Ô«	;'‰Ñ;›YÀé°‚„¬
dfý0ßb£±é®�³8±È]a|dÙˆÃÚÒ�SÀ�ÓäTØš	Úä[•—æF)^ŸøȆícƒ�™œK¡ûr%›ñ%ß¡‡gžtbÒLÈ0jP�yQémç.Œ‚ î�¯k-:‚Ï…D
&Ì߀E†×è.´†ö|L�ACØøz‘ƒ	žpa|ã.(v�¿žØ–‘?›|©Ñ-Õ‰²½\"ùÉk„-ïðÎË"AR/	t¾žølX-÷$+�ÅUÆTWëÈ¢òµ­†d½`æ`Òâ` Ö²^
+ÕW禢D“ÈÂ0ìk~Ãj
+�ï0»`À«’‘GÚþ¹·Á› ñ²¸ž=V¥,�®=¸N×Ê×l¹PÙ6W3�áËW®3Ê0œ—¹¬çN†Sýɱ]ÒÛ½½r³#=çlÝÕmk€/-¥'¡çººš/a‚3ƒcà,¼| Ëh¯\b]·/`f¾d	�}{¤ƒ»žG:B±z…d€nÎÎS pEïî`×»¾<‘Ü=Ù¸æ•+z[²€Rw.­v«–T¡%}‰í©�&˜™“Ü®„Ê.FkPô|IùLHÌe¢…•ÏD:j†ê¹+˜„pmß/ù‡)5Þ×}מ\}mõ‘Ù"?XqlÈè™/g}.{ƳÕ?(lñfw�˜3¥ãkD ï>r¡iÝ,V—8ú’2Cà)–œj
.¬"œ‡Ûv,8’®ys†¬\þE�.]&`Ù‹è,®Xzp+ën’²ò@kÙ®öv5ñ”-ÆSQ	®ˆÇß>•µ^üßе$[ö#%ÈRXUØ)×Û8ß[J›'¼)×sþL×°^çëuNX¯ópë4Põ}×[7Êo&¨·uPokW=kbÈx�W(,‹©¦7�EDTk!b&¾Ð~)¨Ç§H
¢Öu^ûWËg�"à°û–H÷
+ãÎXöÚÀ¸“
+rºíÂóµ…žù^:[6±V-)¤§xíWNô¹ô^„q"×ï¸Á2ÉZµßð	osöî€0°~‘�._ɼÈæób»vÏ‘0Ø9]6yd„FSîC±vžO»–.¤Éw­Ï±øm_ž©ÕÅ&å.þoÿùví?�ùÆÒïoNò 9ã&Œ,wÓèzw�5SÞùO ÁUª±Š^æÎç®�Ú„ï¹=´3Ï=?ÍT±¢|1áýø�X@2÷öï¦X³Kú_e©©@Í�ù¾ì¿ ý Û”®&‹îÆ�§›ç@G¤ÌdA ´9ÑbÇ“&)Ô<a‡Ðs¬;,/ø';œZ·4•þf„�õ\«s[]‘tïþ`0U„ÞcºXþÏÚ®þÕƒ¿Z¸«—¸¸àæ\­_î`Í�?‹Ú
„$¿Ç¿�i	J*röc:L-AÜ·.‰ž{ׇ®Fúööoÿ¬[Û†
+endstream
+endobj
+198 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+196 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 198 0 R
+>>
+endobj
+201 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3009
+>>
+stream
+xÚ•ZK�Û8¾ï¯ða�È@[‘ø¥,óHf²‡ÝA¦�9$
V±i[[òè‘Nç×o‹¤(Kíî=‘"i²XϯŠ^%q’¬+Óü²úñþõ[¶J“¸HW÷ûUš¯Rbuÿó‡è§cyéu»ÞpÎ"ñÝz#„Œ~?êÓ	‡xôãP�úª¦�Ÿšó¹¬wÝzØR<ârýéþ_+©b™¯6¢ˆs³g«÷¸£HÒ¨o¨íhGì~YK•mU~>é.^o2¡¢û£¦Éÿ↯ßò€ZÁcÉW‰ÙySÓ|x›4ÒN¿¢MšK_55õϺ¬»)-µiYtjꃣó\¶RO—Û5SÑ‘ÁA�seOªË³ž‘²á"�s¹Ú{Sbï¾ÁXé¯àZ5mwVLDïö4ä\•«8“ÁIÝì(.ð ZQ¶švê†ËåTéÝ|Ê$rGWö Þ0î¶ÀäöcŽÉ—g™»y&ã	m|¨¾ ït�ˆ"*iúTu=-höFa6¥1Jš]‰?
+ù£w$º¹éV¶ÝUÝåTâ�k`¦Þý)œþ°¥«)óìåWƒMFý™œhÕ¨úËÐS¿²«Jj@ÚgêõDz§«¦9¨M^õl/ê’DŸÍ­5~¤`8C‡·Ç~ÙQ[Õp\SdʨŒ™£,I8K¢ÝŒZÒÏ:Ù7§S³!<ÃÜ©#ÿ˜©ýKrË2×Ó0Ww&b)ìª;Ü‹‘Š�¤á¯ÌNî¸�±Ð@èà[B·@#æ
+Ðvº§N?·”4Iã„ÿ_¤ÆV.LÆUPÆ…2F‰xšƒú¡­©ßõe? !iAÁØ7Ý642ÔàÃìhYÛU52hÉ€–jG“N¥°_ÙísåôªÖ4Þìi±¼€zDü
¡7†?¤ÜóÞÍ
+çzÇ™‘Ǥ0w4Ù´Ô.™P£IJV´Š6~É+Ú‹HLýUéë¡ê�t¼¥Øª-ôŒÝL~ÜŽäV¤1W¡
+uc´ÚõÏî°Á U 9ÆŠ¢ÔA÷ âkžÅ<u!˜|ý¶·�™	ômUÐ%AHŽÍóX¸õf»ÉX1ïÄÝì× ¶©‹8ŸÜõY\¥ÙœÒ@"63gÃNS¬wá�˜*H·m+Ü̬Áx‰í¥l;«.6†u2¹<ùy¸:€ˆ.ž»’ÈÍg›
ÏÙ綩7Ö[HóPãû²2ÁÌœ‚™âRär¶H�]ØÐ:ïhñ£ÕÛæPWßôîûõF¦Šb$zšŸlD3•ÝoîPÕgy¤~97Õm`íL¦ÎG£OÖ'@ë`‚Þöä«s,?–äWpGyX
º3œu�$ôö�‡ceaŒYÙ›ád÷ûLÐG§QzxV@³….mƒÁ,SÄh—2¯48ôšºÝ¥ÜjÄyb1šÓÏ>.¹”<‰•‹ÊßÍô
Ã9õW×´#OÚï¯AwVæ©GnO�À†;ýûç‹Îñá?Œ÷¡»“ú�b&Yœ…ò%̶`<€GìJ-þ%Eôqf†ŸõÕYÓbÃlf!¶µ{ó§AW0fŽBÊ¿=éÄèÓlµ=ÁâB\úkï.˜Ä2¼à¿„
=<•.>	ï@`lÅgÁš'1·4ÄdÆîl´¬ÁÙ@4ûæýF°c²›±(œÜ[ú{jw
YBG¤S �qýðê…^£t8ˆ—µÐhí¤ªwú+,Ê$EîÌq:†£¦çmTEfD�]ÃÌh�ðqi‰(ùj#
pËýÞsV‡
+Q€†ºÐñŸßîßýûç¥ÂãyÀ̱½ù{pþ¦‘W��¿ùÇÄzá$J©ñI–Ym•—mÇå‹.�±ÉÄt†¢õÉ='Kæ‚Wðè�£®iMYÏ=´Wð\Btøk¨Z£yF^Û@‚wijÀÍÈ®-´¨çꚤŸ;éÛÒ”“c@
î2üáý/‹: ½l²4³0¸ð9;/’‰©q˜° 8Ÿñìœóg”túU}s.ûj[žN�ߣ¿-ÈHá¨3:É¡3Ì([Á©Ò„¼
em3á1+Bã$M®f=x?Æn£‰9CEé¯.'M#H‰M9]ÒÞOBJù¼¨½'C¼[ÙzDï*�Á¼Wµ‘Ê܈´×�»-ÇR†Á(I„³XMœt­®2&ã� !~ŸZÄã
_aƒYì-ÄMg?ÂY)xÊÚŸfo[cE]ˆ˜pÕ¶H‹u»½ œòg£—Œ;ÀC÷fsns	Ý„OÞ°?f¡¤2E
8vhui«_­ÐÖ¹0Á[ðˆÅYžÒjÅt{aÏlŸòºÈÁ…”ŸûȤj;ûË ±wP09sE˜Îª+mÀÐ5ãt³ôf¼ÌÆbÛRþmÈ™Ã,¸‘Û(k!3+b——¥4ҹϺiÏÆð!…±)JG}b!`ªy²ÂÂdŤܱ݀–ƒ3ÀÏÎM«i$ÄÕ6gÇZ›á7Ѫ’«}Q)µªg`EógÙ^˜CVÉ=ø¹fÄógÃóIÏ£TMçU®ëu¹[�B
+)|’½H�•º\ÍXL†%_¾Ã�"ÒmÛo“åa¬G=Xç†8PâÀ#Âb	QÞ”¸p-Áœ<0ø Èìó2ž¹’âUÒ)Çøs#éÌñÂ�®Ã
¥Ë<âÆyw}gc¥¬«N.r/ÀP_2œ�Ó”´\3EaSFàŠj©8G^x#U½«iŠtž¦›'¶6@àü®*u¹Ñ–Öœ
D–[:‚ØîKor¬£R_Z2â„�ãê�Q¸b–œ³¬¹™»@{®ºŽ.�ƒ>](æV”Û“aÝUhˆçY¨Ñ壷��J�zýæýû%à!&N9§¬‹†��C.ÌS
Ž{™ñ‘©fâ¡2I‰ „¢I�šR6Ø�Eú²Á0W1ô8ä»�8>©†/…
~]•°
~†NˆrâY퇌1Í®<½­µqªË	RzW/•™I	}‰Ì¼_pªBžÏUEð :éÆ�m§u½ 1™x
ªòÏ>…åK/<™p;"ÑfÏ,<½ÄbÈ°›»Í æâÓGÆ	¬Áe©€€·öÞÁFl]M2Io‡æVÜrV:íîÕ>ú Š"¶4¸[¨Ûfcõñe	€9
+v†øˆnɆ
+…„…—DfÝ:Ònƒ8¡€So{­éø¶2˜\Ü?Ò7V/h”ŒsñÌõÀVºýkÔ&þ”ó‘ù!„œ§³ÅQ#‚HŠ¦9š+”Ë/wvp’òán�ëŒîà€¹;º�D,Â:|šôõÓ耧�|pc{‚š
+Š'Ü‘:ÖÚp¹©µ‘ÈÀ¾Š	Ü\ª¾©˜©×ÞxBY<¶^²”ÍÊ>*NŠ—בæPÊ—ŸV‹l$€&cd†;ʪJB@ãDS0£ôš’¤ã¥ZJ€°%KÛ¤°Â„³·*ü¡Á!š�Ê‘™‚AMS%
ØÂ,Ž,LÙ˜g=_˜ÅmÜÙ^hL,
+-�SþL­.Lq!wIÓgÅ–×1±�ÙØNq�‘@[,-[ë‚^ò´t,»ãõ»R6Îl$�ñaóªý亗ÙÓP.Ç«ìQ¨K¯KB�±Éïµë]wþÞ”ŽÙÝ↳§iÁ�
ƒ…AÀ{}Ö¦|‚ð�
rªpO—à?ö•�$$ýѾèã
+“ðÂðÖÿ¥¿:÷úQ!ð1Ê£e7‡øJaÔ¼–y1¦[ÞÅbÞ‡ý®q¥n…L™>I?ZÀ­
	Ê:J®Tó2Э²¥”„ÖIú¿®s˜¼>wàîÇ’Bü FTyL
+H’
+pj•ùÔsR¶´QQˆà	Jð€0Éqº?¶Íp8Ò|(ÃèâжoÚÊ )˜Áÿj˜¢­�K1¤2"°¿ÿöÃý¯s3ÎG߉ˆBåöUv\Ài`ƒÅËÿ�!DˆÞÜÿíVZop
+endstream
+endobj
+202 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+200 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 202 0 R
+>>
+endobj
+205 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2948
+>>
+stream
+xÚ­Z[¯ã¶~ï¯0ÐõA֌ċD>ä¡i“"E,¶§O»”Ç–�…•%G—Ýn}g8¤DYòñ)Ð'S$EÎg¾ù†ò&aI²yÞ¸Ÿ¿m~xüî'¾IfÒÍãq“êM*˜‘›Ç¿¾ßŠìaÇ5×jûƒíN;!Äö]q,Ú¢Þø(·¿Úú�çÛÁVÿ¾Q9Sz³“†i·BYŸÊ§²ïv’gÛþT`#ß^l¢VWØvÿc§7Ð!ÍÖÖ\黟d$”̘ЛÄ-ù�«¼*j{.h^$¼”,S~ZÙÑCW¨e}Ï(EÕ€zùvoû²©©«9.7皥~ÑÕ]¹bRú	ìa—sµ}<¹i›�‘T¾Ù�MS²é¿è}1½/X"üë»v±zš2túØ<QÛæB‹$áAÁŽÚN1lt§¢ª|_C¿Ç¦}.zjÛ0ØçâŒÇ÷ä
çz 
gí-Ó�RR�RntE�2:VuÈVu #‰œe’Œ¤Ü¤ •L¹?®T­\_C]A+lûy|]+œ1ÓŠæÂy»¡Âîñ�Óâô¹6“ýo¿šŽ?ÓéöçãL$±b1ðÃÅú;§NVÊSÆóØJÁ¸È�»ão7\.UY š NHì?h;laì9EÜZ’½ýr*½à1{Á°Œ¿h=á¾iÛ¢»¸shêC˪·—¶tàÑF:òL�:R¸ )E&·gĈ¡êËKU,„R’‰CTØ…µíóp.h㎷-zv¦FëÑÓ—Q
+[ËóK¥˜Ô¼{€n—þ´”œg¨è+%/½¸‘ݨãÉùu
Ñàa‡Å2û
+aƒ2Û ¹{ÚäØ
+N
¬8÷¡ý+Š«Œé¯ª»ŠÃ"#^A{Ä+ìúËÐSÛáüzUèáPv—ÊâÉ}À^'¶†¤BÖ”MÑit¬,âlqa©@qjeÛ³E£}Åí#)Kà|ÌØWÖ "Ÿ�gì«?'¸PF.$ƒÁœçò3nSÔoðYo›–Þ)ýM]}¥Ö
+Œ*È›üµ¶] ‚œ¼D'1ÃA²
+�(e�;
˜¿ž`â¾9Ÿ­^œF˧óàÝ)òµE?´„íI|,]oû¡#QúßÿmC­¡®Š®#Va—Y8qÌâ%Ü
`2q¤ÀšuÓSãØõ�šî@p�ÚKâÔøü à\«ÒMâ“ËŽ¢ÊÑ lqn»ÔH¦3üe9w\¾¸4¸ÑŽ¹€�"Gcjû~÷ËÛ�-àHXnèá^x
Ç’DÏ4œ_×TCïŸ"T‡'Lk<3Óäý@/óÛMû©¬ŸiÆ¡l‹}ß´_´À<&
~>Òظ̊Ë‚…Ô¾{{
pçyæ×,Q±��{™Ø{eâ3©0I¤§{š!¡†4V:Dƒ!:zXißÐë`—þ¹ySAÞs/Teý	©N–’âØGÛjs+VCÒÙýr‡ó܈Õàf27DXçq«ÒÀVsiŽ³HóŒ4—¹vè†8éæÎtÆŽ�±;謵9ë,d}(CBÉÇðŶKáFûðÅž¾ØkýEÛb´aWé_„Ê
B‘$wÃM†ä£*hÞ¡€þsY“_šàï0‚~. z:)�4fžŽ“cGá/|øË)ü³1üÅJø‹—«G[؃ú+óQ�örüèÛ´¶™Ö69K‚mÎ%KƒŸ½ÿ~ñ~€Ÿm5¬,~pó£—ƒ1¶D¦Ô¤D*F,ûÕ¶Ÿ0¨ÓÛ|Qq–è;tÑ„0ÂÜ‹«�ÒÜAQj(¹ðŒ 
+?— .EèüÜÇ�Ž9$`cLþ8›·õ³óÆ,�Q÷ŠY
bš8b»á©+~&,•XXvås8¥XvÊÁR¯rHÅ‚åwǻ؉d"0~Ix�}1ãªêN"[9‰4ÍYžÝ9Š<Tq-–ù~W#`iî7tu!Z"˜žS¯¡Þ£ŒÈ	òÀ	ò|Eû<"í;{·f̳)*a½sa뎚·5N&ùv�ê+�q'ÇFaiëw³mà‡ÉÛÒ>U…WÔe˜	ñZŒ‡ˆ³Êí�Iùz‘Â
ñÃä@¯b†ÉMê
û‘aâ/y4Ö<N²,(¼»Üu9Xdt9Ü¡£ßØå@K½UÙõþ/‰»hà:�ãá.ÕŠqG•�X™HJƒ‰ºâ—ԲΗphE/°p–¾Z/ÜgL½°àxÝ€ý¾(Á~wÍ¿žÓC(Jò©(qrûµ,=ú„ô…ÀJ²y5f{bhcÚFz5áRžŒE	¶0ÂïX”pAƒcôû$-íé`Nœ�MU5(ù— 9Î{Š$ø~á½"IYÜrߥóJ¦BUˆn¡E`�ß’ã[\1¥®“87<äz~­Œñ®#^÷¸¹Í
+Â%,W¯5º¯“"ñÙňˆïðˆïðqûÀwxÄw¸ç;|YJ¸ðŒøn*ÀóÍ‚ïòÙ½�àP׈›œ˜¼ð—–k5‘¹[‰÷pè´¹ö\–~âbeó׉¤›œF¸‚~ðEsÈ«3§`#g[t–cIÿbjŒ“ìb“ÊFOþ:Ç•—TRá$q—Ñ«cåh}ñçm€µä˜â–u ¤s&8Ö‹R08Û:ór0ÖõÒ@Óɯ‘:u×ðåü"\tÆf:T3�{r¹ááßeO=ÞpÜ“lѽ·È(ÒâÛ-©™œ«Àc’,
+Cé máã-yk	ƒ÷ÆQÉ’�¾G”HBa�Íñ’e¥È&‹`Ã=ºUM¸Z‡†·JTa¯‹ÒP¬`Ge;?Íßž„·‹ý@Å*.^_½5ó¬Pç�¯<žˆïÅ”VøW]CÝS9 Õûaªªlï'� žKú„-)“K@¾}[^úi]È}T��oÒòÜ»†Ûà´,-f•Ú²¢æèæ…EVÐ5C»_!p@"âx Šñi(«¾t÷o�ˆép}9	�‹vå#�`2}ÁÏFªJm6Õ¥ä×2¥´puä<òJ#F.Dvš,±4yµ~‚�á|°Ó}ÕŠIÉ#½<2ˆíÝxÐíÏu¸<0j&ßì¡Îñ_ÌJKNœ&
ÒdÕŒdyÀ©w?>þóÝoË#„²$qßÚU7¸h1i2»èvÓ"?Æñ¶èÇ$ñÁÁég¢¡2œ)Ö~Xµáéâïh�Ìxv€½
(ÜŒ`Ü”Pûê¦ÞCÀ§ò¸¬µ•ÀÛ½ä*5Ìí¡±¤Š>bÂRþ#&
+8ô]yðòØpÛÏY–¯Uaáªãp•ÔCë"3Û˜…c[b–>Î’eð9l{ƸԎ3©GH_	¢l
+¢E°‹iøÁ¾’|�†TÆÉ·;•Ç~ý††n¥Þ$º´XK½ævêÍÝ�Yþ´“Tá{ dË]½w%šÛV4z±-’Þ¡8ÉUJ†·Ä¶*h!]QÌó-ê•ùV'¾:w[/呱<äf`5+cŽms^
+¡ÐÆ·�7
+ñíBB5åú¿l¹ÛL3ãÏÂå4á0¾ùã’'üLü×a£HüôʈùÅÄXE|“.×TÓ–±xbE<`/æ%ñ¢²t·¬¼&îþ¿Û1¼™º
+GlߢÇD&DËf1Ý#cçSøH–Äœ)õ¼v¢óî_g¬#Ã÷¢ní#÷X•¯©¯¦ËˆµrN0óÿq$­ýéCc¨¡„d‹Í2°vv3t ÁÃ9:�Gït}GÔD­µvi .žmï/jhæŠÅhºÿ쥑,¸'­=@‚Á•afN~ÇÿÚ@p$k¾+ùôìŽÃ1B¿5Îíö¼Í…Ìì3â?âAË•vðûÜ–²/ʉj-¯lÒ‰TÝ©\H8,¸€+×{w–„�úô%�ùããþN“j
+endstream
+endobj
+206 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+204 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 206 0 R
+>>
+endobj
+209 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2013
+>>
+stream
+xÚµYI¯ã6¾çW8˜
"-Fâ&jŽÝÓ	’Ësè×@ôlúY€-’œ¤ó맊EJÔÒo^s2Å¥XËW½ËX–í^vîçÇÝûÃ÷?ð]ž±2ßλÜìrÁJ¹;üóSòáRÝÛíS!x"ÿ±O¥TÉ/{½â”HÞ?êëP7ôñ¡½ÝªæÔïS΋B$¢Ø>ü¼SSf—Ê’Gó¸çEr©š{bûTå:ù錿ÿAN\(ÃD¾ËÜ�†V#KVj¿XÃuBIÓ4è÷ûµ¶§wð©eRûiÚg’ªï7{¢É¡¥Ég`Ù$–&sÇU‘.–V;;<ºÆSªááI…«ÿ´]ë$Mµa¼Ø¥ ¿œô÷h®¶ïWÒ	θxEº"4ûÒÙÊ›A$èŽÎˆéL!˜ÿþ·É\±¬ôË­§ã8›(ºŠ‚ŠÚ¤N2·ÐÛý^÷–­®NscX&w)ϘàîŠÁöƒÓ@,'}(·ðiÅ¡ƒ8ûøÛ^©¤º>@X¼ÆøS$Ƕ9ÕCÝ6•Ã�Nì÷؇™•ns
ªàž"î[]	|–AW`k©Dò±TêäB·¶wÂCW
¤,�®i0­ÑL‘ÜÏ�~ ³”ðÁ"7’	㢷÷ªsRrÛºÀdƒtd|ì÷uqCŠ¤íÆ8ÕžiÏpñ{î]}«ºÚú³'Û»Úsv¢9ÿumñÖßÉX±¥œS<ùÅQñø!Í$
>½¯ú
?Ìl'"Ö?#–ŒHîÕ‹¥ÝE¾/8ËtæÓ¬>qj‰óžn#¿ÊÕñh”—%ʉS9í~�£%Úù푹�Þá´Ž)ã'Füõ„a\Üâ³~Cã#3ú‹Î´òë†Ìàå!À¥éÚas&CˆûŽˆU=ëáîúü¥n^èz´º—:gyKm	£Â1â~Ir6Ú[³B¸­ÿ¹Ø&D»bWeL…øñi#`‰Àë¹ínD&Ä®GO±BŠÃ§=¹‹˜t¦“�²ÌÐNl¸SGJ+4;��M’³Í•lÓ
XŸ×¡eaÀiP¨E‰Ô2÷Cö·*Iéé~éøÄ¥çºq>Ë�žŒ‹äšpþÜ^½Ïùµbn•àɵî¢cœ/âÆ“=B"pDWþÚv§� ‚±�ó£=Ù渴³8\KËå¦E7C¨„DbìaÞ=¼iëu. hój@Vç)ï\]·“MnÐq÷¹;ñ”¼�ý™÷±ÀÐÓ~+?Œ	äß.÷£íuá�¨uyJbžòŸíZæ²`å_JBœCÁQû‹&�édZ;oòÌ´ôëÀôÛÞ
¨«O~Ÿgë¢î‘™òèÎÌÂâ‘eœˆ!ÉV
+N}Q7a…ÌWŠ‚© eZ­È`Y#ƒ¯Ôd0ðG¯Àæ~IEP£¬ì ó‰�ˆÅè‘1B†™%ž3ž¿ÊãŒBçY€É
½ñr]ŒÞ7è­ý¿éÍÖXÖ­•¦§Üô¿•Ö®	À½3|]gÁåG•
ã�À¡ž�ðuØÈJ\0._­Š)°Œ¶�	p–‰¯¦5ŒeÉ35:À©ÌÀ/f…ªÌªÌʨBõg|2ÀaE[z;Ð7zNt¨ÉI
†C„Šì÷\9Çw¾Ṳ̀H\ö|Ü0<»Êp™â$;åþI·Ùb—>nݦºõîŒ
+ð(ÛË(loĈ|}Ïòõ¶k†”}… A=×/ó¥±’˜hX@zTE’.¡¾¸^¿&³ª~:S{ào7ɤðŽ*—bU÷hÏŠÙ¨sp÷±]üöµ2æ»wDÃßY,ôç[VdÊëÏx%AfÔ_á—ÌT`昴tl¨Þ"ð±Ó^‰¤½HÚDJM•Ô¤™�Nq}Ò|,Œ‘iK®u&MÕ}Y×Ds§”¾y+BZ£¹'ÂÒpìuðÃõ:8ð½¾||X¤ò0�¯ö
ÞØþ€¾ýÑ´?O{?IÌ«rn#ØCÏ
+e°ÎœýÌÅO�¼nèâž[%5e>Œ¦Šÿ°2WŠ'¢b­«•Ö¥'§¼khêÅáÇ×>õ‰¶�¬,ÚæwÔžùÛôBJ…äW¬½<Ä_ó<Ú
£&”¹D©ñ1v¼`‹ƒLøóKz&çOF-1µÊã‹ËlÂ%ág=¾p8ÃN,zilL¸èÁÄ2�*ì~\‡�öSL�	±=¤!'›mð”ܘNëi1hÄ�pÄå�âb2
e+¡€Sä°µîüpn\˜Ê\׋@šÔÜœz„7¨ÂÚQ°´i‚ô‚Ñr–†•_·;Å·‡X“Í»n1Š¡8@“Àm®¨\bk×Ø—Êã;/–z‘Á‚6e0îI
·9mã(t—ÁËp�Žë¾àYz?)[Ímïß<�FUÍ*Íjš£WUûGu\ÞP›¯¢df츒-ýòé±i:BãLäœT.ÁZ³×�Eôò‰N—cð±‘Z3èä×[Á˜1ÑƤ3ºš‡ëÆ”Á$]&D‚5l¤VF¹5+×ó7Bµ¤\½:ùWx‘E¾d0ì�EZé¹K38Þ¶arËÜhÞ³-^¦Td,ä®	†)ùÂÖôÅTr‡Îæê«^4d�ñq¨é¡éíBq<†ê¯¤ÿ*07„®ãX…œóñðÍ
ú}9
+endstream
+endobj
+210 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+208 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 210 0 R
+>>
+endobj
+213 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2767
+>>
+stream
+xÚ•YY�Û8~ß_á}™¨�˜#ñ�Ä×`zY`$=ÀI€Q»é67²ä•äéôb~üV±H‰²ÔNÏ‹Mñ(²®¯ŠÅMÊÒtó¸q¿lÞÝýø3ßd)ÓÙæn¿ÉÊM&˜–›»Ÿ>%¢¼Ùò’—*yWõ‡›­"ù`ö¦3ÍÎà§Lþ^57¼HÎU}óåîoU0Un¶R³ÒQ�´¨êÏGãf}<öÊh¯÷{˜šgÉp0ÔøÌUÑõ~ð
ìIÛÓÈoHîÇŸEÄB–3%6©#ûWŽ8T¬à~ðÍ[¤QN{v¦?×~KÚ :Pc«Á¶
}µ{š6‡Î˜­cn›qθ"ö”Ûê’�"1ßN°]ï	–É®=žPÜIÛ›ê¢=Æó•p¾ceÛ<ÒçL¬ìf«d™üs8Ð!Òx{Ó=ÙÞ »EÈÉ‹#ϲHNUçϪk|Ãü~£dRÕçj 1ÐÊn×vþ8"Z¿¼3;3;©ø!˜�HÎ=­‚&�L©;צ§¾Úö´	ÚÎ=I¹ü#!{â)ËsG_Ñ‚¶£ÿcÛ™óËWÌ�t‡§�…˜É¿Q&ød‚m'7y.YÌd‚3P&n9Ê„°PÎRb†¼&ŒÒcfÿÛ,S,+bÉöhˆñ2gÏ™ž�Ì|ö`…Ž¦ý«³Áveª“öŒ�Ì›6ν鰕yá@Wÿç>úyn7~&1Bç=R|&ŠžP–ôS×4>R²CO�ªð`ë@ °÷¼�Nq‰vf8w
‰¬ªáìíÊúÿÿ™®]Z…žÉ­«NëbÃ�­â*ù´­O_|“(ê‰bbÌ<Ø€.¡ªdRúqGD®É
+Ô&Mêíc2»!Y°4ÌaŒ}Yj4+S–y²¹ÉòAÖÞÐAÑn±œkÁŠK."Ú<c|7sÃ'ƒõ��©.ôÍìÎC𬧃q~'½A@W0·|g,a@ï�6“L1È€„
+F3D†ª�„Ç2»3ÂQò’Ë
+M—ä€eqM")A"Îæ4øÅ}?á¿N“ÏZµ1ª 9ΦIˆµYlŸ)Á$%;¥Ÿ÷ù†H;|„ó_ŒÚt€–¶[S°à2Èm»KÅK�F .1.g±§Ú!Û�?pä(Õb€G½s8iíMO_¶¡ÐRÄå^4øðljâ¹¹ö1©<öŸÖÏ;T~²¯Ùo_ná¥ê—xÒ��¢=”|Í”b¹ºny„Ìx€<‘PE¨Ça/ÀÚGÕR¸9
Mò³y0p×éÅ	gŒ¸
+íQøVœÉWYP9šºíƒŽ
DòX@p&ˆ¶Îœå¸?¶) iÄŒ}ÞîU<øe¶.P»èÖ~u1s›kŽ(å„Ž/H~ôr.™4í@[b¨�œr<š\ñ­„¶§Å>YÆd|Á‹©pÀ�Ó¡ê)óò¨h\âÂ9ŸNµ5.AY@>	
šèuå$ëiŒ³(a+(|U}ߺ}v6äl*y²Ã�Z/šÆÜôÿXJ¡)�Ïr�1þ©¿r1Çb¶yJÀÝmS?Sk%¹×­úºÔ¨GÄiþ}èhÞ.ÃgÉòÀGˆùs+‚ø´{r¹P9²Cz€
0QóšO5Ó³üÒ¥òikE*W4�^CК�—ÇÇ‚Œ#ãž”ÓÑ€m<eúÛ·Ý‘V‡j ¾c…þ…Nùžq¤3.9[$îhµ\ê* ks:¨ràÛ%عâ4’¥A°Ûú{ÚÂ=Ú“G| ·«à<=µ‡°ItÿðOÉщ‘DE½N®…ÂwK½±ÝTÇ@�ž²‰T1©cµÁ®¶£Ë¤õ€>.5Ó­gEî.iæíK–¿Ëô-W=¬`EÃÞÄ,&þ
+F]£mà�€3j9‡Â;Í�R#ÈqAôó0½Â²
~ù1W:ˆ
›äÆ
+Œ·ê
uÙàc6y
¦*Êñ/
„Ë«
ÄàÇ÷¿¬%—©=Ï`œûFt­?YLUûÓ:Âã-¤¾å�›¤â"[¼‚nÅ„n¶_BÄôyÒÅbÍÒ 7PÃb­˜†oÿýþnÉ6g�ë·Fr&¯eŸ™ž¼Ê	)UQš-ÒܧAØ"ð‚F5Ð4߬+'H¡HšÐW­Øpβ×å ¯—ãO·ï~]±
€gKc[GW¥ä!vqà"eÅw2§h@*ºœÀ—Çʽ«+¸a2ós-Q‚Ž§z~ˆe¨AÇSÁõ÷Á4æ¯Ã1_¤ñÒ¥#ÿÎWâ–̾G2Á19íMmvÚ
+ËÅ¡à®Èëd€1¼êœŽf°»›غÂ9‚^Ù$¤e<›©€pì`
Ù0Wʨ€Á(܇W+º†T2%…LøŽÍý¹Ù!¶ /%•>iÄ]˜dÈÁ€Èƒéw�õ±G\À÷3.%1®æÛðX·÷iH¸¹¯iGÂj¶õⶖG׬Z*’OéÓýÙÖƒõd?ƒê=/ÍnÚN2N�O¾Íw´°ÿ‚ê‘ErªýR¡á–I±Tr¼EŠÙS~ÇAVCek—=	’üÛÁw Äçhƒ4ÜК5n3™N(ºŽÀn'vÕ
+Ÿ¤ŠT“z^j<»
+jEÀàÛ–uÞRúèóHñ2€I¦²+†a!9¾—¹‚×þÁÀ.¯h  ¶'��º¸ˆ<LlÚf‹E´@ÝÝÝ�€+¶!CÓ{pW¥’ÿ�6alw‘\Û…û¨kWØ|¢ÜªÀû$Zh‹.£*²Pí»0ƒÈê×d�õ©2Îîm'š"÷—Áb&#è¶{úŸŽ6#
aE
r´…ÐS�%cgÅ©7òPyÇBæ(\˜G‰*vÛãÑ<àU€.@éB&0»j–1EIV3?7ƒ­Wáj2’»z:ØÚ¼¼ú«3šç'w9ïB0+g¾Xç£{ÖÁ“Mï}ÛAza³â>|*¨ØýÒ}$+ƒç£Í™pÅ|Kw²åþÕònl⇮ÒAb!!ùã�ÕÕÁ¹Q¹þP„‚L+€"‡ãË+\•X>Œ|d¬g+>Õ³•¯g«±ÈJ6s¢ŠéȤ¡—Þ¼ÓüÚs™˜nø
+®Œàƒ”ï‹pÚ…FO—Å#ߥ‘ÖòÙ™Pð�R\D‰±xT®ƒ¾P˜Â§þU«sг�´òYèÄ£kŸÍ–r÷ótÊM¾w!Óú
+îCv„ùáöî×ÿXR�L¨úu™R¾ýù¤£—
+ÎqÆ_F…urQÁÕ²¬Ð¥{ Á—˜”*Ïzª×é1
¢q*»[6~RÚC]Qº#¾Ž¡_¸øjÊ:ÙÒ…Òéڷ怒¥c˜nÏÝάÕ-Ç·Ÿé„ò%ÍsFL,û÷!b¼…�ñ*¼üÐe¸'Æ¢²§NΡ6@ì{@r‰1
+¸¥n_Œ}»ªñ%IdPp­¼%úMPú¸ÄÁ±,*Erwêö3G׺,âùC‹à´øÆH…t÷îØÒ[c¨w¸gTûhéÞ_caÝá„Ý‚’f&S²õ�ž:_Ö2½Äô7N|ƒâ·80ùÎT®¶~)é»ñ-ôêkžLB"" öÕ~ǵÜ.ËÅë“»ñ]î¡¥Yž,)
+v�jïûç°c,*ëeA²_ymD˜‡ËYôÜx>VýW'‡Û»¿ü,v Ò
+endstream
+endobj
+214 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+212 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 214 0 R
+>>
+endobj
+217 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2454
+>>
+stream
+xÚµÉnÜÈõž¯èÛP€»†µ±È	rˆgì`‚AŒ„ä Õ]­&Ì&Û\$k¾>ïÕ«"‹b[6‚øT+ß¾7)KÓÍÃÆ
Û¼½ùñ½Øð”|ssØð|Ã%+Ôææ—Ûäçcylwµ•R$ꧫ­R:¹>ÚºÆ-™¼«z¨ZüÜžNe³ï¯¶B#Y\ÝÝüýÇ÷ržgLšÍV,wðÇSÙ¼Új¡“Ûíù.̮Ì3€Â0©6©ûøÔîí
+ƒPŒgþÂ�FÌm¹N™(`̘ ®íä™GK“ÞóÓs×7y²³}ÿCO{„6µ¿ºël9TmC+bÆÁj	µŠK
+&Ê
ªIù�B3£ý-†âæɯ‡,ž³LÆ°ò‹°@Ê
ã½ChªÆsñT
Gœ©¤¤�}õP
oÈà	ÆAO`œ¡!‰"K*ÔnaÐ9ÀÓ8wv°{:,ýaÙÐèe7”5­Ý7ãé
+6==ÝŸ
yZ$ÕÁßh�ØQ¡ùF„4ôÏ'¼D°ÛºÚÑöBÚ Ç–&á‘ƸNúêTÕ%Z:ÏP}4Ë�ŽËÝΞ^Ü¿G4Ït‚fóҹə
+jÜÁPWÊ‘‚¥&Ü ÇA}Ëü’¾3ÅtþuÛA¯¢K(5$´=UP�2åE uƒfE,‡ÝØu–$W•<^i`º--ÛŽ™÷‘BÁÁÌ¡‚ñÜ!#™(�wâ?Ê’ÿ¬½,Ù¢·×+–8g*x󞔳w¸	w–ôãù\WN;°‹¦ÝŽ-Ê•0·BBP±uY¦pU5•ÝÃxòRB‰‚ikyä‘“‡àÉ7tâÂ$”´tÆš9cͼ±âé¡íNå€LI0Ïf4$X(fBDÜž/JPG ^‚d	2c&‹MÁÑŸ™I¦È©AŸÞ¯$i
+¦ùWÍD(Ml—YÛ¥	ìáö8œ�â`®:±ÁXÒ€ò¡™wN˜�Êà�Yð~°³co÷Ä*OÁ?ò˜URBôi+z_Æ“GlB˜»†æýPc¸Œ£J“?,æ·s qŸÎ!yþ¡Œ;Ì#‡±®Ÿig‡tËæÁÙø~Û-A6ë<’~«á¾´ÚÜù6äi¢G.4KÔ0L m¶�;™´ÀV÷Tõ–…ØgÏ´ƒ
®àÔQäÉÓÑ64óžo)¼n‹|Ôñ®ÓŠÏ"x)Î"¸¾�E€ÅUbK(}á´‡u" JÁ}E‚SG¥Áèr?t厄õ¡kOë�¯2L™$s³R¤u9§umºÿØ¿™£Â}{X!�êg“
+±Îœ‰@Cgû±<Ή`<;YÚîTõ=Ä€Þ§{“.ÓÁÔ\0%{Z¯ãŒa<Ÿ8|ùõ6‡cDQ0Å©òkz(¼=Ö„ylStäKÁÃãkA£˜
+ÒhÊÓåZмR
+(&µà»Ù€ PìªòÞ•{™ ÷„ñ06»C—…Ôo2_Ñ´Œ†)_DC
ªÿ¼�h«.}jÉ)øÃiÓzä.lûOÊΑ´tâ¬ðÊ9Õs­‰ÉI¹ë"Yä¸}üj1ùœƒ�÷eªGäÁ6ΠsrÆd¹’Ì&µ|IF“-uö`;�•e†R
¡N‡)¨JU9ÿ2$>b�).ðÍuÁxPÆöð?pNQ¼q,aŠ¹FŒÄ rV¯IAd,
µÖ¹�Ûœ0hŠ²ÀÑ
§Á*1¤ˆœS@wwQñ
\a4ÆV¦©ÂŽ/¶žÉ �3HǧÑ,ÕqöùÝ–û¶qÉLó…zÚ¢”¢g‡éi9'l¸5?íÞSp¢…¨Ê4äd-æœó)'üò£ËZ«Ø>6@�ÏyërPq&Å«z(Ø¢|‘H‡g<!ØqÈØšR`�þŒƒap–¹ïÀ	¸íÛ²ÇàbtÔ9ÃbêœW¨°‡.«P„ts¤ú¬ßzUâboû]Wy
ú÷U„Ã=«)Ð)ãƒ	Ü›ê“+ù•w6åK8;–sˆ¢Ï<:ëi°ŸÛì]’T.µSü!fm \g«’ëöd©äpý…ta«·4�(–Ê“ˆE‹Oa»
+�—ê&Iù
®MŽ–ÇY g:TÈ綯>¯Ÿûiž¦Õå�
@AÙí/$4‘§Ô"ƒjHÉe]•ýåŒFG/Ÿ9V	-ƒfˆ-¡…�pû—Õ÷q¼ztÍÛº[˜Þ *aŒ]J�™Ä4±ðïÐT)#�PO[h&Ê(ÿ®€3uðèBà…†Ö|sÏ‚À(î¾YARfn£',u+§®xjÉÍ"P¨’ºê�ç@£ƒeC}¤
‹ˆ#5 *¸j²j:§>Nª&4¢néû×—þJY×.Ü>õÔ“Ÿµtw�°é›‚Ú,ÔÂd"< ,cà�¹'
çR<[”¼ º¶½Ñâ4<'øŒžA­/™
+ïÕ£—Òè¯Gש‡|:¶ý:Q‚sAƒó³Ä
+„ÜÅ㇞³pè\¤f™Ž¥‚5‚’úR›ðÄ7`�žØ-‹“¿ÊRoeˆù‡YFy·¢g\¶žžé¯œøìÅ;‹�ÈüWo«ôEç?�¿x›sætŠ—áéözJ&°ÈXF§·ò�ïÏåƒ�ÂF^‰à%Ú×ø‚+z4XDwâãáiÇ4g:„ã�öùTž×%+¨R,#Ùí¶>÷�ÿ¼þ×	[ŽE¹ò}�~ZA’P„ðµì¾¸&XãÿV÷*,à°·Ÿ¾Â!y
è³X¼}9†ê»Xztt¨j{1#n9×ø‚ø½Éûü*y$ÍŸ\-¾õ…Ëë¤~‹|­ð$Ú^–f�Qô¥,_ã+áºjì’k±Œ
+JľÿKÕŸëШ~�ϸñ»Š+“|€R×M³ùw.r:¾õÅ3mþæ?Ë’w{hlš‡;×å>v¹ï̇+š}ÄÕ>_È–.>§Q£ïV(
‰ý•©×”4|tqÿ™ íÑ6;K+LäÓMq¸Æâ*©ÿ&íºöÍš8wŽÈøH‚“’†fž-/ Oi½n¨œ^ùB7‹ÄÝp‡ž¦~Ð0áôgÕHVý„0Ú±vïÞО}Éîþ®@ÇDá’Â
±Hèh²ßá÷Zýxƒso8�sÜÉ™¤ÝÛžL~m–”’(ßCXAQІ’�( ½H?\ùÍ{WñŠ<zZÄÞháô�/”“|`á~D�®ªÑ›4�ËÞ•o8wbî.{{.»r þîæOÿ„ƒ’S
+endstream
+endobj
+218 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F1 10 0 R
+/F8 61 0 R
+>>
+endobj
+216 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 218 0 R
+>>
+endobj
+221 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1708
+>>
+stream
+xÚÕXK�Û6¾÷W¹TDŒ$R¯äÔ$M�¢EÛtÓK6@¹6½&*KŽûȯï‡z-e¯ÑäÒ‹EÉáÌ7Îp° XݬÌç§ÕëËï¢U°<\]nWa¶
+9ËÅêòíGO~”EYì½–ÍîÂçœ{ïÕVÕª\+ü+¼_ey¥^'‹‹O—?¯â”ÅÙÊ9ËYßt{e–´¯`GzŠÝ°ç0L…÷7îyñŽ�ǧË’U`ö>»ºzãßãOýìe­üZÉ�¯KÝú[](Ú:•<	�ìÞïÙ…‹ÐûíÐêªlìyzß$ñšîp(´ÚXòN¢|·øcØ®üˆç�ð
Š� hwŠôßVEQáÒ;]Þ )òöJ–ð§y騫€…¡aáïi>ŸÈ³ ·"ÿ£öòà¨%"&r’$6ë>4Vw1.Š8KÓž�Ñc™g‚Ûe²
„ò€ÃÁdMTô½Fðì"yʼnZ·jƒÿC˜„M0ÎòžSð^7êsgÍNˆ&)‹¦x^ërƒ˜¡�ÂÈûa½V‡V^®na X>Q.;¦\À²~Y)÷
+ôãq¨³Ä2»Tíåºq˜EKz¤ž;û–϶ûM+Ë�¬7Ÿ¬Ÿåãs$™Y—øíU+^[Ñq^àJa:jÝ÷‹LⳘÜj7ÄB&ÎÝìï«[µd¤
ù'9¬«ýp}?Á�†uSx£Œ£¥&ðW]6ªn]¦!‹{‹3W²`ôÁ%`ršÖàxCés§o/báÉ#!ƒH0tˆ+'ëA¶ÉÏÓ»‡ÿ•Ã$cQxÒ§9gQþ´�”ã„Åñ¹±a’s¼GÂóCÁ–» û!!H)gRÊ,–@ˆ{úE7-eå!=÷‘WSµ%’,Šþê’›B—öæÚvåÚ\‚Økl’»'y«›C!m.äq>=*	†£è_/"ÑÊ0‡tHdmW6Ýy$â’¦gµ;IVföÚ©R{-K™ÕïÌំ¾º<t­…®îIv	‘§â¤nµ,ôiu\i¡N#J€þ~¦e×]]÷7‰cE>…vn}‚µnš3Ì|{¾™#0Û(þƒ@ÂûF›kÌP¬<84òDIdW]?�ãw4¶YN0v‚ÆÎèÄ€Œmø;f_26Œ-\cskl17öãhù¯Æ¶¸þõm¬=Gxfq>ZÜ&4@øGlÎ7¹ƒ‰@øÏMô‡Šž5Ê#ÂÐX õªÅÂÿXPáÒd]5´E“;Eƒ¦­M"8Ði,[2^Ú§Šœ¼'1©"±©"Ÿ{È{pßÈ�<&G�
ªõ�1'
‡�éÇ%®´ß2Uüùÿ²†”±ÐY‘±=Ù`§ƒ.~ª-àtø ñ4ûÙlYW{·ÀSlvè@²Êâ‘Ðñüh…äG¡@ ¦º}>­[ŸºŸlyþèTmõ‘ä¥UŸ¼îvz¸#GÝjÌÀ?!n1*êˆn«a²ÇÆí¦‚‹”'¤8†Rv
@iŸÎàè¾2õ“ Ѳ¤Ž-pÄ#í{¤ú´ˆÞ�«fµ’«}ˆ=øW*¥1ÉLùú©æbóiOx¯ö•mÖ‡Ë�^ Hiç±
Ð7ﵫo³$™7ÏK²p$'T;Ü1kÝŸ¡ðËf§ŠâhÁï¨ÿFvÝ?�Æø=ÍÌ286¹Ã£BAÝ«u×ö•áÝN•êcH-à…cÇq
+7Á²xÒv˜cÈBªVF
à2>õ˜KtÓ(˽Zµ]�ER	¼•m×ÐXÛïUW4êÊB5–*í]’¿˜¢Kc
–APèš²é…è^qS6ª®{Re[ƒ§«/ò©×�.ZmBh•%Œc?š°$šMúq{�™6¥dÙ	·y÷­yÿøµÀ‡¥Ã»O}Ó8»#1>S|úä˜ÐóßCŒàœ±Ãk<ÏL©
#ó^§çx[ÆÞA6
ŬҭëF"ïòQ¸is�31¾¦Tê
ÃÞ7ð\Ý6DT÷º%¹»ð€Ci»€¾99ÛŽ.A5HiÉ4ØÐû)©l^‹åðàg+ä^g ÌÛ�;Ýîf7
¬ÅÕ�J;ê¯%v#„8
JJmNŸ”ÓgÉ$oûtdÓÃ×®ËG‡C*ÊÙ�'|™‹
+C¤P'ù†H7`­¬Jß­‰(8M
¸ugA|ܽ'>�,�’HYÙnõ1~|¢%LÛd¸øÞ°dVŽ­á.¥\·úñò»
�Åît
+endstream
+endobj
+222 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+220 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 222 0 R
+>>
+endobj
+225 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2712
+>>
+stream
+xÚ�YK“ܶ¾çWÌÍœ*&@� íÊA²­Ä¾$eoìƒVUÂÎpvYæ�S|ìÊùõé@bDî®*'âÙhôókp—ˆ$ÙÝïèó�Ý»›oß«�LD)w7§�,v2¥ÞÝüø!úáÁ^ƪßÇiª"ýÝ>Ö:‹~{¨š‡ÒèÝT7cÝrç‡î|¶íqØÇJ“FZî?Þüòíût!^ä"5»X—¢ úÛ4H>SYô�W—Ëj�‰BîZY}¾ô+rJ™»y6¸I\Âä»Xæ"§%¿VãÔ·À_jÊh|¨ Q$Ñ¡k÷*�ÆêóÈ3݉¿–Æÿr�ÃX?*îÓ]ßMpwOÅ’L uYnNNÐ<M-ìïZîu=­#uèëˈìÃUb¾ÌÜ•«Ã4VG–îS=>p9_	–®Ê’+I”"õ“ÝZŠpâ<=tS¨VR#ÊÒ-¹c�·{:8ujÃr–´äà„Ãdô•Bót¥Ðà
¿àÍú’`5Ih7+6K‘{6�õpiì^Ñ_ q]8�c£!­é2‰ZÔètÆUw`¶ Ýž—€ó
+'¼U™iªÖžÝn4O˜%!3‘d¬Cv ÃÔ÷�‚Æ…ôB»)ÝDìã\–ÑÏ'²üi»6n«{Ø])£š‰U÷ä•@°xù0].MMÖ‚4†•ðS)E–ýÿÒ7Bç/‹¬³ÄÈذׂa-èÔi
ˆӂ֋i!-¼�!¡´h%Èž¦”ÓЙ5ó¬!?t úየk�u{ÏkÆníjãƒuÎïÖµsWªÛ0b@Ã+5'¥šÂyê¼a‰Ãhx­?AÅY!£›RÌ@´é­§êú³]öŸY`!›lMÎF1èhªãŽ'Š(Ш>Ûó¥©Þð
+¸)�^úz6Á”ífgÞxØ9T‚EwC7…�×æ‹'õdýؤ›„C:JÄÌó˜˜wOÑÚ*‰÷™Žl3¹)"Ã	¦¶©7ÄBWK4Uɼ¼íFn8ù£†±kÝŽÐÕÔ¢U2ÁÐ;² 
+nzGì–„ÖݱB¾>óƒb»6=¶�6œøAˆ >²ø¿´;Xáóê8kƒ/êN¬Ü4ÎŒÈÊ]ÎœpÚ;p^&Õ`.BõøINÁñå÷Ç�«<\@öa5 vu¬6x¯YgòLXl?�«vV$²BdÊç0!6ºRæ¡€ý_§véT!ô»
©,ÚŸE™uE#[ …c³„g;$•ŠÂ¸•õ}Ûõl‡¹t¼ýæ*DÐØv\�/sƒPéå[èÓM�õÁH�Ê„Fú¯¶
tZxtZú$Î�ÃÜ°‡±d=zê&
+¸¸—£“¬lO–øÀñ†¶à	X¸H¼üûíÍ?×¹Ç,©Ûö.Ÿ¦Y)Œ
+# ÇD¨dA)Se9ž	{¨‰Á
¿–?îÎØ\ÄŽ½@ì!¢L´(¼a4keCÕÙœ"ÁùeÔOmK—GªŸÖŽ ïkèÌÄ3°9¯òo�^F¶YÇf�„ºJ³¡EiØÄ––yqq‡ãÌCî©úÖº5Ïy´b0ó¼(2¡½J
Ž•=2yÂÏH•ó…àð™UºŠJÁ‹ð*=pÜó€åL;.¥äL¢‹bCÈ௵øò¢Ö¾aÝ…å…øí\ÙÖcÄŽ¿�\äϱ:Ù©¹ãB÷äØ9m`j%_5øu˜ðiÕƒS±–"סåßO¶·üÊË™ÛÔ${È® Í9ì’ËŸA
�‘öh{·cɦšd>ç£=û<Í[ÆiàvÝzzµ9Ø¡Zc)š•*’Êp£>­
0àâµàEâ‚÷[N®@îŽ2eÅ–R™rU%r¿ê{?ÔÑ–¡ÂLÒ0~ÄI–nø\»#æk#Ù5÷q™`rîüBš‘¾‚í0H=ÕCå"5Ï-Õ)Å2>[ãBlçÌ®M>—KÅÿþšÉ#�Îý´a­Âøà?nÒÊ¿ åÜÛq�®¯@0.†0Ì+®oÝò|K Ò$ç_µí™ä#³ÙbFp±äy•ÿØ°³uï É?sï@†HÃßÛQbà¶åÏñ®qÇ=!c¹[i	*�ƒu5)œÕ!•9) ùž¿¾ŽÁ6×›ØBÄïnI(,`0©+ªtîÉOV¾Wˆä+àQîäC¿ƒs‚ºŽõñ{ˆ_‰ñ¯*醰e’Š¤øj‹E"³´,bØ‹�Ó�„^0’†Ï¹ëÝ¡œ4z.“:œbbRén_lkï<�~n=ÿhZ„Á
KMårŽùЈ+}ŒÀqÞc¢ÿVÈ$¶6bž0“–¯~Ndž*Å8b%�<Ž‡Ð”ˆT†	ߘ
ªÎNü…°ùr�`œD�‡]«ÁOºÁžÞ×ýøùã\3||î
Oj⎯Cv¼õ‚ç!χ¿¯	6ñHwE \jâC?W;¤FhÄÛý­Ti\AÚ×ö®AëÂ!rJUÑýüƒÃ`g·ãØ×w¯0…j¨á(‚ÃDÛ­•ŸB•�®$â�|) <ÌÝÂA‹¹+ÑÈCË3¡²±g$�«·
W>ΰÅîÝ)ŸïNÖÃxîÙr>)ž‰¦ÅWƒ°4)ƒhZzÐ
+­ðNa¬,‰»>ÇÍryOx]
Æ+.“·Ê»�ü%}dh.¾¶ýæÑ$v¤»
óÕò|ðÌå—ºªÔô‚œ29¿ìæ·Ç#½XÏ”“ØÀ²lPÙIEQ–$NE0¼•è�P�Äï_Õ03ëÏiê»ztÇ�þœk…eÒ¥x¬×Ì#Û…J†Ø€�+Ýpø1-„m*WqÖÑϯ6å>¢Í’ú±Öí‚ŒÙí¼Âq&~dåŠq%�/^ßÇcu7Ýoá±|MŸ�˜ŒÓ#äÊ]êȃbƒ�·÷rÉ´ÃCw×�Újy¹…‚»bz¿U³LŠHÅ�ïìðÀÜ¿™áã¯‰€:°·‹½§Wå4JËÛ=f˜Ä¿r–z~WÅöŒG`­“?Œ²ü¡Ñ¸çl½ý Ž»ž¸BÇ5ó	�^¡ÇÙ©7
+u®tÂz-älqøº‚ äÈÃv`¨òÄÅ#>¬ge²…Edˆxß¿†x‘v}Fpëø´õþe¼Yħ—˱uã±Ò©kšY~bxXÈÀÏüGЮ ˜b4H-÷¢ËBñ�˜ ˜À3X\j@ÞÓx™¨m¸ÐÕæËà�ËøO-â·z€öü<YjÔMuäéÐí°O/G3íœÓV¹÷øë»ÖíLì»-Ç\ž3c»FMg|0ÿéÙ�Ÿ‹Ò¼ñËåÿˆb¶îÁÚöýàdy%5ñž	kÏ„N.7>¼%`±è‘0$½ÿÁ¤ÑîoÚ5L“àQÓ6,+¼û—êÏJÙcÝ5EW0¹g0aquXýâal¾€ABÅ∀¥{Ÿ(‹Ànq°¯,ÿÕDåV’œ¡üÞŠ"EɃ9ž«±>ðÊÊÃ;¿"]ý#ñŠ˜´(:¹È°
0Õÿ¿†Á·3qÒ	䧘3êvÏ-º켸ˆ†¿kè0öä0�žŸç®¬úC	~›Øa€´íÿî^ÿ˜ÜÁO7ûæ.‹
+endstream
+endobj
+226 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+224 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 226 0 R
+>>
+endobj
+229 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2135
+>>
+stream
+xÚ•ËŽã6ò¾_áÛÈØ#QÔ+@;Hg°$Ìz°‡ñ a[t[YòŠROw¾~«X¤D[wçÄW±XïW‹¢ÕãÊVï7?üÂWqÄÊxµÙ¯âb'¬«ÍÏŸÁ×!/x‘ï¥>¬Ã$I‚�j¯zÕî.Eð«l×<FÙ¬¿lþõÃ/ÉŒ*ÍYZ¬BQ²Â`{á— ‘9þU~ELŠ€ÄÄ–f¨•GµÀÂ39
§YÐ+Yumó².xÀÖ¡ˆ‹`sPZáin°hšîdÛv͇ƒjiö€|Zj]?¶ª¢ÕÓ:�lF@t¬ÂT°Œ¯BZLB{@.^P:<ÐãƒVÿ
-Ï‚�öÝQ¹Ù==ÈA-˜¦½®'��­V[H7´â�K–s’ïpS¾ê'’o˜¤Q ä;,¤�FLÜ–6è³´ ±aqÁJ÷æÐËÝCÂç'ä0ôõÃ8(ÔRY›u‘x«B:ã`?¶»¡îZM˺=¨¾F©¥üêë ˆ˜å%)$5Oü|ÿþÓ‡%1+GD[-ñˆŽ��÷›O[¢ÈY–Îœž�Æ(	ö}wÄh¶v²iêö‘ú šÙ÷Ù8’”™N"!+�B<~R“e´�úD溫Á�W•lé=8Þ;K"ÓíkùÐ(ý&‹z~Åcû¯€ÌÈXS~Íš–ƯXSæˆPD÷Lu=jݤ£ÏŸÈw`o×� @M«§ZÚ+F²ˆÌ?Õ!‰³9žùkßMÎȬKÏrHÈ'm„Éó$øc!¶$a‘°ü})/ÄA‡ïCÝê
¢.DÐíiüãZôtr¯aå>Vc�>bpn!Ú]Nf›2KK!Á)îÁþ¨Uå ìEœÞ]q¸ˆ3^ú­Ô®‘ýR×BÌdm´×DÂ÷
¨d	¿e@IÄr{ÞtH,:Û`e 
ö4øVš]à`Súhº�ËdüLÅÜ=bÍ
D—ó(øçžðJ|#[âiÁ¢Üw_Ã…ñÇZ;m€t ü›IEñßÏ#?-äG)†9¢	žMMNZº—`©3Î;z�ƒÂ�½e–hŠ—ç33†G0$$Š3à—²þ+„Y·KxŒ…GgL�ßQt,JHçhß0/#“+GMóÚŽª¾£ÙØBlÓtKڵɫ@K´Ôv'´g
ìAYÓ�”„¡Æ©ÐŠ0·Ý9úd’,îiÔ\Øt…ô‚á™xc¥ÀóÖîJœ/Ñj¤Ø‚Óeˆ³’	'¦pïÌ¥ûéA^)¦R;Á¿»£)í+Žv³ zË+ôRmb-T¡Ùã�<ã¾Ýˆ,6wqÛžN•¬œ�‘
¡8K'M$á-$	G"	gZ"Éb*Á.h}ÕP(’}/�ñøÒ¤97¡¡M*I&]p—ºaüÝ&£±­hkQÁ
¼~¡•|¦õœÄbø�rê†EÆò¥
}þ‡#S
)¥‘NòÙË£ ÛµÙLƒ®5{±ñU§pæ;`ÊY‘z!S/ãYÊ—•ŒäáS#NIƒÕ2º›¢…¦çB4wáK¢UB‹‹3ëqúæen^Å‘ô�3Ô"/‹€w\ƒÍÙ¨ðÀEœ›š
A$­Ï!}RïluÕZø›ÞGÎ;`f¼GŠAqìHÃMßÂb/:Áœê„±×|ب\P‹àüFäù-\¿JÙÂä«ZŸé%éªÅ6TÏ5$~¿ñ‚ÀP¢ÄÈ~%å^±èÒ¨â˜	gvï®T—\@¹ìW—jw ò‹Œ%Å}1Ÿ„)$ÔÏa«î¿Ø9á,gœ¹ÀLakøþqYË9"2ƾ,hcž³¤ôsοÇádâ
d‹kî…ù<»|ÓCÆbWÐjÔ*D&­N²‡¯"´SfÓ'¨ûd�cÝ΀V؃ÒF«¾A�½R'6=šnט¦q¼ÜðìÙ³³H‘¤äì	¦ASj€•sè,Â’Z,SÒÌ@¤Nža{ÛÎœ[Lˆ”Z3Š_æÚŸš:$¼eÙ¤£	Åx:õ�ÛU5J¡†_¶à¼¡ç_ò5ÆÔ³…ê5’8ŸÀGX�ØKck�ŠãTaä¨> Ämásª©~"h.õ(ÓÀÖ•¾_u#õ!Tz'O¦Œ5FçTËÞö/P‹ž'å<‹"‚¤QÛQµRPNØŽ1
±ùšF³¹™ï_Õ(àvâÀ9„ÓKÒŠ”	[o�K)“µP[’<v�2–ŸAÇ?1Š/�CúË0•„c3B]úÑí¨iñí5NM2¡MI[ɹƌ¨¯äœ•Ú˱ÐÕJrµEã—Æ;H:ϧÇß­‚hÛãÀºËO«Ü‰Ö&×$MfkƒÔpœ¢xÊç/)„¢>
g&7
lõI¸Æ†:¨E{¤
Rè	Ød™419Áz“+9¯R~Æ¡
ØÏ'jÁ…ˆ'õ
+>©×Žgôé䔉{Ñ$u<Ÿ¤¾ð[pÜ‚ß""ùÔ]VÔ	Ë2¨¶�É™ÖéÅ¥S”ÐYMy.|Õ'wic1*ÕS=~Ä\´UÊ”‘SÃå<êʇLäç¥ïÑÔE!o…ãM_<zw�Ïõô³ÙèÇ+ÉÛ<ä%ïíVÞü’�2Ÿ7ðÐÖÙnÓl×oøuÚnn¢žæiú\ü¾ÄâÛÝÄç‹Ù”‰LÑd3Ñ[¨V7_ñ]á-Øö7±Aiy´šUªzÂö&B`”ð½™ÝÛ¿ù;¨ukÓà ҹ@yííOìC××v¶Õj¨„äÛ0?ÝÄL	¥0†þ5¼ÛíÛÌó»‰÷›¿ýY4ˆî
+endstream
+endobj
+230 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+228 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 230 0 R
+>>
+endobj
+233 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2445
+>>
+stream
+xÚ­YKoãȾçWè`)`ÔË~‘ì9ìîÌd7—9ØBK”Å„&’Ûùõ©êªæäå=äÄ~©ºû몯ÚÄ"Ž7�ÿùëæ盿ª�Œ…“››ãFf©…3››Ï·Ñ/§üÜív§µŠÌŸ¶;clôíTTéèçKYõeM�_š§§¼>tÛ�Riª#£·÷7ûñ«…ÛTØl³3Nd^þÝ]LkÜäR»‰ý|]×4?9 I„Ô<ߟ
+ØÛê¨(O[•Fýî¡ìqHE{ìŸò6ßÓ
`èùÔtüƒï[k£¼º4Sv4<làY´ïóŠÀzCëýyÌx—2îÊ�•±âù»è¿EÛð^
.ÝìTê„•›À.
_«-
+uvèÊDzïî¶hwŒ­‚g•î[+Ruå¤VŠ,™A›fhaè-´i:@›º´°ØCßAàìJ³õKh�p@«d›š7€Í”PŽ€µÿ`Õ—«*ûë¯k¬Ñ’aM¬FÇoaÅU«Ñj
++Î ¬øe�*:/ù¡Ø—Ox#œy_eu�¼à/˜ àEäZúöxüç­ò/ªéØ0W°”Ò
+™Nµ´¨ó‡Êq“%BÐ26�Îí¬²Ñí®¾­óÐ:.ßD+Ãw;–Èx*1©ˆS^ä…–º xi9©P+­ITÀiAU…÷KPU¦ñdþ~D_ø~Úé˜^FMô0,t:&^hî™kÅv—À+|ö¿)ëG–µò㼪Ô¯çn¶vû�?ž¾6‹Gs² ƒ%i&uOyG
6è$ê?T-Z”øm Ž#ã©PFÃÞù·ÅK±¿ôEؾìOÍ¥Ÿ’X²;Ã�ÒTþø꯮œßO9/¸¶ÎyÂc}i18Šïx•¢¦I”fÈí‚|V”V7-˜SõÊEÞ:9@€ùRÝÊ:$¬dWã'5>¢q.úíHÃÿZè–T™ºµ[²à”~~@’ý™Š.]qÀ›ÛÄßï-$V¨…ROù5q�Ìù>pöñ>¨¯¸…�ãèï°Oû\vËÍvJK1#•w÷LÆ=MÊ„Ø™,aBÀ­\¬¢¯ÛŒØ×û=�+|f4fÔ+üÁ¥ã_·Ÿšl¬E’b.º~y–L(ÉÊ:o_i³csAë@ÁßË|!8KG?ûÇüt³Æ°ÆŠ$�ª3hO_äæØ#sì‰I7�žšµÆ8_£íʦþ4Ðr½²mÐЊF9 ¡pÄ@³¸tÇrWáH­p
¯Dˆ^”°SRC56IÂŽ	ËÝ5Ü=l¾;¤Ï(£9÷pCj{Ïßîr>W¥×oT<¯	ÚìBó$l8ø„U¥Í”aAÞ>^ž€!0æñ[�žÏDPyË»å´YUv=Ÿ�¯MEÐÀã;#ƒ@;#
]DEµ%íæ5;ɲèŸÀy4W7ômЬ¨9;ß'ôõ†Á†I>´öMÝA‡÷ðÇãaƒMiIXAÓl:M[&Ñ
ÇéÊ‹:+tÀo—ÌPéð¢Ø~*òº£¦w6ã{àH‘ÞÇN½,zö0ᢜ%•õ¡Üç£äæHO!ãD¤njnϧ‚ �†4uÓSÃGºšžûñ¸u¿¡øË­€L–ö‘Ê57ñ¨æÐfP°éÙ¾UƒüàGü®Ð¨‹gjÀ`'øïE@
q�¹nñ˜Ûæ‰äu•²®ì4Ü}6à 6ýw±ï—¡¦Â܆CgH•¦ñØt[‡¡-ûDÞqP@°Ý+ðâ:ÜÔã”÷<|a›lZ9¼‚hU|¡‚ ]«rôH8¼òHÚ3�Ñá£WB!á•°ý\k×X?™ªØ¡¨Šžy5§ÏŒ»ñŒ>Ê
EcU^'k��ìô‘"1-Kȱ­{ËËšTLJ"ÐÌCYFÉ7CRÑFù3£Ö‘)¢zŽ"h}àŠQÿ:êy»�œ«Ü{$L<Á™Ä0•À‚砬ȳé>ä’Ñlè4Dê3õlÁ•µå¾ï–Y€©�;Á…b¦ãÏMRŽ±D6s Ix¢sÓ•/k.F‡ n]}ú)Õ”j�Né±äZ,èfGWÑI&èHŽዱ Iee“kð'n„÷#]C=‘ìéQ’=‚Jñ[˜)>GûCv3óèØÍ2.sƒ1�„v!}ÿdC,°`Zpûm,q‰ª»çðèœ?²kî¶ï:šv[ô—6�PŸ÷—ŽÚ%©’ƒ­K]�æËèÃ:‘¦WÃl'd`¿ Ý»"H'à¬$›ø@OF-}Ù¬‘$ƒˆœ—m«ˆ2È$f!	åì¼SY Oî`úZäüäĈõŠJ(p“óÛ„?g8µ?OÔ†Bz×m½fÚC@²’‹K
ÈéÖŸ'L>Ãú³@‰Œ+Ž˜
+²w†�œtSßÝ/¤ã“Ä.I¿—Ž8…'_»ÂÜ'fz¢(y4t¦û.°ÖžXOm/àý6ÍJ@�åwÏÎÙó¡èó²"²HùMpÜ›Œøû¡â‹ÓÏKB'T§Å…•R}tc_¢-Ž>�¤­éÃ.I&C€‡Å•ÄÎk}¾†"§žÉq¥¾o‚n™±Or«	8¨Ó�@üŸääß‚ÀÑù©>l4Ó*X¸Kþ
4¥U"™4‹ñ™�‚0ó¿tDp�™w¯us†À×Ò¾Ë�Ø°ˆm,È¡D-bÃvÍccm:ôæTyû䳬â÷<ù
+q€·Ã˜Š‰©uÞà‰K€Âw[¼œá	:ŽæîÎŒu½Ûkõò+2l6æÒk\“ÅHïo\Ì2�á:óR·ó#Ùø’0ö_Ø3XñmÁ»?=FÂë>
}‡vØM¶¨¨e8æ©Íž›TsnK�P�2pò_B>¶¨ï+f)Ö[Ȧÿ4¨±@9–ÃÒU¸sªýé,Ê÷û¦
îÉQ†_ªŠ¸¨½TÿÚsUöð—|[®yÒ927�\�B�ÛocæNÇ›¨ïO¨GXˆ9)ŽÀº]ª°±¬¯|8>žq�ÄæÝ2#’©|G¥¦ø¡ƒYLqéH°SØ)^òš	­¯ëÑ€<
Ë”±X×ìòS·sŠÌ¡	áÜøšÛ¯š}^½c¿~êwobw?Fúï”î¯ÿ£¸Z»7B_xû—«¿ÿ>þ¡òNñŸÃ!(¶üró‡ÿ
‚Ž
+endstream
+endobj
+234 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F8 61 0 R
+>>
+endobj
+232 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 234 0 R
+>>
+endobj
+237 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2908
+>>
+stream
+xÚ•Z[¯£È~ϯ°"­Kǽô…’‡H«ÌD%Úhs¤(Ú3RŒ�ÉÚà|f&¿>ué†Æp.ûä¦iª«ªëòUµ7±ˆãÍã†~þ²ùáþûj#c‘ËÍýa#³�Ô"7›û?ÿ³Ý©LeIôCÑ·;­uôSu¨ºª)+|4Ñß‹f«ÒèZœ¶ŸîÿºIR‘d›�ÉEF>l3µ‘‰ª¢ÄµG~*ºÇ빂¯m4ÜÁTSøFG§£hÒóÓ6I`y]|>UümSœ«=nøý3ñ®b-¤ÚÄ´3.á�t*2qêži•]UÕžXÐQÑìqÚDEß×�ÍÊ.Ra¬#¬�®+[‘·J�nv:•B¥›(X²‚ï�ÕR
+-”'ß^†ºm´µ©_RÂ
쌌£Ï¤´ŠøT¾ñC{àßáèÞ2ÙÞ--Ëê
+ðTà<¾ñŽ::—"IÝ–ûª<ÝRd&•…"ÏIÄBçîí©-Ù`æb�^äL¬8�ÚæôÍ©ß;õ%´ENId«¢kO2ÀèK=küÜj4)œ:\›eþãv—€€õÀÓçâ”·BUXéó3‹[�I„J^23-…—ãXàA<mÝÑÀ&Ž£§º¯Éžñ¡/Û‹;>U¥Vè$µ«ú¡«KwNy4€�…gZ<ãEäy²cÔCÏö½ú´ïÛ]+2?z×Uõs_öC1\{¦Y»oÿWun¿ksªú~q¸qhÕÏž®	}ÏéĮ̈¨½}½¯ø¡à/Ñ*)�È"`ºnX¥äyõŠƒf©x1
+èXdÙ
'ýõr9Õp/Y·dS#TöÛÈ¢$lº‰6ŸŸg±'Ó¦ ÚÛÒsvUákk�†AaD;K�ˆ+­ÈÃW`æIô3“ÊMDæM³Yl4¼Ÿâí2I±w’´æýWô#ä¿àØý‡ý±:�î8G°uÕÍãl±·3\
jyŠ¹0zÎjÀM.|4BOÐZ±ó"1Úú]Ï»\ P‘½+zUp,©
+{éêf8¬*Ö½bÅµjÒÞSÑ-ã_&Œ™k7³Ê䇶;€‘xÉòd”„_ºÌ:,Ý4Q"ÍŸ?a¥àˆU ó¿0}wõPqN$#`‡•ì˜gf|�öûÅn‰±Îp¶
G³/º=?�A_Цq|möUw³ºly“®=ñÌxøbXɯ;™È›<*|Ƴ)…ïŒÎV6ø}¼vt!¥D$:
ZZrø)1
‹®€ØÞá
+ß±³È4úr¬=hÂW$)¦¢nzžŽ]UñÚ�rþ…“¢Û5�ïZÈ•cþ[•CÿJy*Œ
+Õp9ä¾R»dá¸êï˜ób™p´/8\}¾P$ÃÛK�1Çä™ø~<LœåÃ$’Ù|&[õe&ÃYjé«_¯>‰%%çêÉ<K¹×çÝn`Ž2ΊüÞ³™;6s@`ò›ü*å	dÁA{Y‡½SY?¨$-Z˜Tà¨&ü«ó”O&Ïf"ÀtY@RÄÃËs
+9dØlÁGÌ+šêëÀ£þ
+@@ë!š¥•*;‚’Ñ1�ÐÅ%èÏWó#Ú‰
…î÷5ƒmœ&�×$¼5¹†àÒ{GÖ‡H>l—Q"ÚÌœ‹Ž>QÑ–
Ҋدýîó‚Tbß1£NÙBñ´rÊs�†8gÃÒV_/h¬2Pw2«|ú¿ô'ª¥L…¦r2o~$«<.…AÙvù“¶Ù£Y,ËH�æ·ôÕ�
«
¿máFK]ò‰äá¡\ÕµuýLõ.®(¾PÜÔNž–@˜˜©Ë¯ …¤é
+?2UXµzŽÞ½|ún�2FØl¤òû7Qa¨½Ê•N'5<<üé5“D)„!µ¦xÐUçÖXö´«ŒFKS	
¥ÀÒZ
+Aå@õs’‡fÖóŒ«
­1,Ã9¬šx´¦–XÈI/ñk‚ •sáJP•dc†¦ƒWdÈÆœùaõ¡½v<Ú×�P³<l± O�+È×¹J!­ú]¿ûõ-L=ãð3agJ|ÞïÇÚ�ü>IGx¢˜aò
®*ÁUcµ––®š‹>4L¿àý\¢)öWœ¥ê§Æ¦ÎvÕ[l5A|bo,ú¹ó°n@.1&¹øSݨҵ¸ ŒH}Pñ ùÙ¸@4\�ÆjL~8Ïè.Uúƒ1™¼åÂɱUÃßµn©ÿþåbÞÐÌ­\r
ÆáÏ©+€pçY,îc®FuºÞ„«zÌ”Ë	vhåêÔ-ìÐ&=£ü…jâyš©‚í
‚ÆtüÆ @Qtßxšs›AîÁ>ÝZ2Ã8›V­ñgmí›J
0o“@Üþã”1÷ÊIÚ�¯±SaÃXÓ(jìv�lëŽÌ
ªœsÛ-w²©PúÍÕŒ'LfAD)˜cA´T>V.ÒíÐ<ôžŒß¹¸1G‘,¦4Jèµ.ØØi¢Ž˜ÆÑ3¢®Œ¼~äfŽÀÞ
w/i}ë8Aç+�1Ìr5âJ&	¤.—®“†äíÞ‡ï;•«$¼äT@¥Þzç Ù·Ÿ¦Vó„!ÈE%Ç4:FãÜ…ñîÏ6m³[®9õéÚ½©¥‚
™ÕºŸ^¸ªj¡O~\,Jð~„ØS‹HÏúÏÙT;Bû!m„¶c³õTŸ_'d€P³JhìT–Pg-SÄ…1¶�”./R‚£?_†·Q^¤4ÔçÊ»¯�½‡0æ:¼ÒDq{\_Üã°R}¨©Yâ©,;2é�_=L!ÄJ?EbËƶôcSñMÇ©ö#º†€_63¼‚8€zyŽÃ‚v~Ò¸‚4fŸÅ¹ÅG:ÂÐqrö€
»ú2¬ô5¡ŒžÚ^YaòƒÈæ­Ú;³oÈ‘ͺÔLl¹U‹¿!¨¡ê[ã/•4ñ*”u™C\_Í@�11àQŒÇ§=,i¢ëÞðrÓv´&áF-ÌNbâ2]RX6“T*òYeýâ)™x¾sÝn7ÄPôArÅàç
søDÉ7öõ4ÜÒ�Lôš­¾´¿ÖDÔíB
+Ä–W8uªC;]`ts&14ÇYP‰ÄFÄó
+ïXÕôQyôÓq†rí`Pm_]
+UmçÉ�'�Ÿ±
+<®†
”ƒÃ
+þÉß*=å!Ëø‚O¸s”?8T$!‹kQ\ËâºzË µ›^>¢–Ìy¡Éü][š³³ò2iUœyÌ
GÈqOE]2}5”J¤£q
]}˜Ï.(çé´Âè̵—˨œå{”ÝX†ïZ'7]>�ùùÝKg	ÙA>m&`FDH
>’|üðÏå9Ä�_êÒ½@çØr 7iy¦‡¨3xõ[¡Ô�‘¡“f.¨âÈ[;÷x”ßÚÌ]{�!߶d`íMCr=BañO͆%©T6ÃHpº©…7î
+M¼å_®÷ítiˆáÉÝç²
+´Ä"kµëˆ5¿�êâ\Î|@³ÌÆß‘à€Û†8ºXûT„#¥0)8㇭ïMò0ã½¢‰É¹h—viœÎ”	Ÿr·V…衤‹ŒÒm†+˜%³þã)LHWLIé?]+úÂóË’©YôÓûüíßKS¥~À,dÜGf®r”æ¦ÏWrûï25âW1€¥&²õw¨4]5û]{Øù\~Q5e{åv?Ä(PÎB™Oå‰Ç¯s)ìt‡†XËQn]?Û2äWš6í}s·JMoÇÛžI1î@‹�ÎøÎG¬@OT8ä..ÒÄèŒí—¬ø[l…}+"@'‡Cúñ2¶ÞcÍ%Яyaz~;�l¹°‚Ô”j~Kt:Q2üâŠúÑËÜ�Êûûßý�
)
+endstream
+endobj
+238 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+236 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 238 0 R
+>>
+endobj
+241 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2112
+>>
+stream
+xÚ•Y[¯ã¸
~ï¯È[`¢µn¾ì>ugg‹-
+,°s€>ÌP�XIŒ:vÆ—9Øþú’"}É8''}’BÉE~üH)›XÄñæ¸	Íß7??ýð«ÚÈXärótØÈl#µÈÍæé—OÑû“»ô¾Ýî´V‘ùq»3ÆFO¾ªP¤£Ÿ‡²êËš~¼oÎgWÝv§TšêÈØí—§üð«ž·©°Ùfgr‘…õwŽ¦ä‹ý­ˆóM†]íΞf,44J˜qÆÓÉÃæ©�^¶*�šwש‰\Ër×uå±ö‰û†¤�ÿ:ø?éKWÑXYåÞw4¡9PÛ�뻶u8ÿOšümkQVºçŠ4³‚ñf&”æÎ4tøï`E	*õ®Sñ—Œ\�mÅl®ÓèoÁâ0à+fÍQÕ8ç£ÂPëÏ
|Ûª,
+'†ms^)¨”ܳ±6“~ÏàOXïдaÚ~¥"¡#Ú0ƒŒ c�ú¡êÆD¿Ãp»RAB/Õ¼ÅMT.’	íqXÐHÇÖà·c
ªb¶�Ì
k*IB`+î‚­ðUy~l&‘ÑgeÓ¶ëñGíQ«“kÝ>D
+Š=·ÎkõÝ­´ñ蕲£•†‰{"tCëÛsY»ÞÓ„~Ô©¬/COݪ¬ý;ò•4R$ré¬Öõ'DZ[ûüê†9df\»Šæ�æxWàRN}†P]µà�gÔ|bΠ_ÿœ>ûP”_ÞÄ/îÈYúyKË•I‚…ð¬WQÎÕ<÷nä'†©‰>i}0õ¼Þ­Ö!Ä,-Y£6Kx¡Ö÷C[£ÇU¹Á@…"#¬°[¡Õ¤ã¯[ÊŠtTö
+¥¼Õìp×À¤.ØŸ1”d"I—'.à€§fßœ/•ïæeë¨
Ø|Èâ—»¿™]úWbtáý_ÊîR1]o<i/¹¿ØM¦3;%£—²?5!¾âpjlúÖ•U`l›1‚x>’fʤ†]ß{Ø‹§kh0nj…Ò+´À v໎‰³Ñ„»+ñÆé¿3@ô�1@VðÙñKÎø}SWòÄM	cñ-øqôz|åoL"K‡3	Uù´½Ë¿�:J#Q¹®
355IGÙ±ü†îô5ØWAê}v
Ðÿé*×�pŠ�Š†UG_ÖMOŸâIâx-Çkûnï.ô
	öhµ1FÄšT¨ØÐ9ížL»k�ÈMÝ•…oCþ…ßDDù˜EIx�TOâ!†i;ÄM@ã:ú­žg—û¡r-Ò¡�â`í¡+{ì‹”(/®l)0ÏSâ`”2TéåÊå�/ƒNH…S�ø:ë!twqð±¬8Á#¯ËèLî,‚5@
ÄIà}‚íœäÛ c¨BÏQ3B5¤’ìÚÇü=•ÐA›¬Lë‰:2SñÐQû»4Ö—g�dò&�½wà�Õ~Z‹ÄN©ãVnÉD,ǽBÙ�…=©G4– ¿$¡üCýpÚHfª¡£f¦y$D„Äe‰D,LǾRyJ�-…ež2Ï©<ÜZÖ7*&‹iç
“ÅÂŒUUç
šEð¢ XiËlæ“3वj¹Äï{Nu6WÕRyX™_ÆwmŸkE\(®(Ôô”Ðç¤HÁ5óëTJ�°¥	ßåÛKɼuŒ¹R]�q¸ÆCq·æý#¸éJ_=ékB%\±Êj[^úæFµo¥0Ùë;æB�Þ8’J›å™ºSCy{“%BgX£À}eÙYe£O»Ë×nø2þhÆÞÚÒ;|>_G–e]*â�Bˆ/«3Àu#:]èò´Í :Ñ@&˹VÏc¾=Væ*À,0ËéVÉC#Û¶MŵΈFpàWÝDZËYæˆþ[Ù@ÛåRGÿ‚£u³f8Z®ÙEÖŒ
+aIù†““Šþ}#BÌÇWÕÛò5
ü>rÕ_i5Ú-lf aáªÄÛT=�Ä…/t:ß÷á–½ø¸£¡’ÛbQî…’‡ON@q�‡½
+ìpñIsºõ;"�Å´?´/'Ï÷$˜L’ÅÈÐñ”nO¼FG-¨
+ö¶™áJ
&®-¦àF¦ÍãKó‰ÀpÁ=¦„Žuz
+I˜3Ö“Ê*,ú—¥Á”ßó|m*;×4ŒîÆ„²õL=¸ôÔ;sMæÏÕLŽéƒ«自!ÏçrjœßÙ�óFév\)
@[U]@~x×xaêTÑÙ»~t?®¬ÿLJšq¥éžÚ‡«%üðTÞ�V4d3]Ú®xbIžR¨×©Lf½ƒž_Q®2K-‡ú=e‹Ì> ¨¼£iž‹äZÓ¯÷¸ári}Gèž­
D!AŸ�úþȘN@:ÖØïz×ü%Ç$-”,BQÙ"·ÞÛìýãÚÙwD}¾ä<MæÅ"µTp‚ìŒØª¾¼Üxê“*Çû[üæÖö•—,3¾d
N—e0=be>Q²Iå-^É1ƯyêŠV€mœp>Jå\¦jrÊýdÿõmÃ’I�žW¶HìübǶ¸�RÈɼ¿‘Xü4RX*µ¤€º©w¤CxU@4¼”Ýco8ͯU]ß–{t…±üÜ‹�«mÍí=3¿`¾êúD¤é²·f&OÚ±é¸[`-š†·jüY®”º‘~ÍâõÆQÑëÉ”L‚u5˜5É×é?¼ÚÇè÷›%j¶FÎj³|.žÇ?pQ~Äu?B©=mf„&é§�/Qô#EüϾ*“ñ XùyKwóOùµË_Ë
+endstream
+endobj
+242 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+240 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 242 0 R
+>>
+endobj
+245 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2224
+>>
+stream
+xÚ�XK“Û6¾ï¯Ðm9U#„	Ì-³±SÙJ²U›qíÁN%±L‘*><v~ýö$5¤=s ØhôókìB†»Ç
?íîî¿{«wQ¨òhwÜEvÅ*Ov÷?¾’ôf¯­¶&¸+úÓÍ>Žãà¿îè:×þM‚_‹æFgÁXÔ7Üÿ{g2eìnŸäʇŸ�°MÛÀUÃÉu<ÿw~÷6žM•¥»�¾Ø÷¼¼”)R‰‘å2�–xå¼´V¹ß¼_ëê™×Ø»’)O -Óš–9$3«•ö¶—¡)ÎnuJbT"[Šîq<;P’
†þ–¹‚.ø ²ê/uq£Óà²I–º:Wˆƒ:ÝëÈ*�íö`˜ˆ
3´lŒáÔöŽ§ JÕ6=ÿy:UäJ6Ó ƒlêÝÀf#ý
al€tËóÎõ´wàCõ	­êê/76‰‚©
+#à]S»^kÑ´O•¤iAð[/Ÿ[(Š�
+µh§?�Ü+õÅï;©ØßkºH‚Š+j²ó!h?hΚÙàÃ
Óð_x^ºc1Ößn‘)�ãHÜ“1Âî?Œ]ƒsôC1Œ=ÏŸN®áuÕUóÈäY0øSÉø·ëZÞ[™RÔõÊ…t+�\ûÐÚí!ˆôìEŽÙ¹†î�ú
-èºÙ‹�äZ%–}ÄÐ',J^0H�†´	þGÂ0>_(
e¡OàH>áÉ©¿'œ˜˜�]wymÑV"Œ#ïýfj\ø
dŽçŠI2ÛWÄ–�ટ|NxòðéÆ$ ùªd·éO¬°ñЙ�Ÿ9ìA3ËîãÊ}M¬Bû¢÷¦kï�AÚïWìöÖ¨8
¬²}r(ÑÂ~*ºµKHz�
åW‹�Fª°qàG‰ë<E=eÊDY€×³šÓˆýJ˜¦±Ê¼ûÊu"5*�eùa¬jpfvhÏç¢)=çb¸–MÅa˜å*ΖÎAÆK!¶;È@mGÁkÄÆp�¾ñKþÃ	0…(ßcžâI&ä74k�ÌDX³_tj˜É“Ï ~±e¥ê×î;x¹’1q’à€Ê=Í£cÇZµ¶¸7"X<íöçÓÄÊÚádh�gÞ¬¡	ÎUƒ‹D×u-xÌ¡š5L#QéIêuM!�{ZaVð°¸®‚
ù“¶™¼Eƒ1g_=¿ˆ3»ü†¯ìeÃB“³—€æŸ*O¶§e{ØÓ¡`®T˜{b ét_œ³ÊÝ
ìGüa1Á‘k\ê‹øGW4¢�¶—â.£IÌ×phGϦ¨¤Ä¤ î¾çœhÒë�~Þ‹�=H2ä&x¸pDè„•ß&Pb÷6Òdef±r=QdàaÈ=i<¶cƒå@§‚+�8iŽÿ^
+Ä3˯.]Ŧuþ[—LØD+Q.ßãà\Ù£m’lãs1§¼)†˜ÖÔ)²`m.Ð:ð ²z,2wÿª øxB˜ú�¤i 4õIf<NÑ3
¼0»r0Úg|ZÓdlÚ4¹3ÐÈ$¸ñG9Þx¾@¢$´òA÷ªc¬�ðdÇ„¡ûÂøç-�î³;Œƒl¨äìMdùŽÆ’|0౤xc²D<Ö-$­nmkçöªºBÞ95[‘]‹±eѱ®|µãQÒO·8c(¿Ò”OUÓW»×Y3
weÛ%Ll;¸ç¶Ã,Â>€Ê#ð‰è8Z)Ž²Ià
+¤qˤ:ÚEq‡Vǵâw¤St„ E#ë¢,×Ïy‰XF'HwyDÆÌÐã—Ÿ{óû7�³„îus)�¼ÿõŸ_ÞýúÛšE·l+S¥£+k�˦—ªWœM  ‡ÄЊapç¹|&�whº)d
iZ‚:FZÊb.ïðUÁÏÔŠ¹Ôn�Ûxõ«‰Œ¢3¶Þ
+Neà�x%)ï༜ž:é†ÀúvJxc7¢ÿ oÑËw�Û»²’–!¶‚FòYNr#דÀ¯Ê{e;<ÖíÃËêÈ ê�B¯~ UÍ¡KR(üƒ6*«÷#D�ôX5�t>Æ·Ç!Ã*þRÐJ'ˆÕ&°Ba=%ÜSxµa2Èqà>_ H{ˆþÂÝ1õ‹êȉŠ#¿,ä"V‡¶ä?¸€íÔóRDhD§Ö7¸�ñ
+² ÆI�'&Ur^%+‡¢á]@ó¹ú+À2ÌDÜÝV
:TH¥ô
Ô¢ç�ëqô°>%X
+8³mXoA5·£8+ÝétÆr3°§§ØÔ?4þqú„|YÁ65HbnÃJFîyÿÆj$è°•šd7¾gAÇØŠ [eËŽ‹|®üúÅ¢w¯mºLäÃ	ñš|JdÆ›0a¾\v#¶Œk‡®’¸’5ù‡y$ÃrC§
‚^Ì`ùf/‡ýîû
"ЕDi�ª”'ïå»?°LAbºØ—àJƒÓÜÃ6$y؆sO“Çþó ÏTIdüƒ
+/ ÐÞJ­ßp‚þuÑ=”îa||9µÅSe¡‡Òå‰Hå_º¼@b(±Ò $ˆI·ÞŒàh€Dý5š•|ϯ�*×ËW±µjriTÀTO�6½ò<ùöÅçI3çŒùÒÍÈ›zÆ¥;Ôè…«Ú«|ÚÀïèÏMÞ5Ÿ—(Í“÷w‚¬áº…WápÇœÈÍbhbØÍ0cÄ9½Æ…ÙôÐ	êí%IùŒ×·cw�Œ7g¿Ì7ñ”éJžHIÇEª ç�8�
2mÄ��ïùšR*q(
{ÄðN kÇÆ_Ö|Q
+ƒ~¼\êŠýFGÙ‡	xCÿÔâ_�JíôÖ¤ÅS¨8iß­ë8Gj76<ñŽ©õ¶í£D«Ð[öÇ7wï~ZCÃHE²
úà‹@�x=ÿ)xÀ"Èo‡š˜àÒ[�ìÙ;ãaXž-š{9€Ï?V)hÒ
N[éŸê#w	»7÷ÿø?ëÑu€
+endstream
+endobj
+246 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+244 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 246 0 R
+>>
+endobj
+249 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2078
+>>
+stream
+xÚåXÝoÛ6ß_a&µ&~‰Òž¶tI—aë†$ëKStŠMÇÂlÉÓG’bØÿ¾;ÞÑ–#7
†½íIäQ<÷ÍI'Éävâ?¯''W_ŸÉ‰Hâ\L®–‘M„Šs=¹úþ]ôjUl;×LgJÉH3�im¢Ë•[¯‘¤¢“¾\weE“WõfST‹v:“ÒZi;}õãDH'Ùd¦ó8óLU<�¥&�ΗÀO$Q·r4˜š4}Eƒ›©´ÑG'¹ÿx~}¦'b’xÞߟžüöš~ÜI©8üÐ5Å–x5®ë›ª¥C
+úÜM�ŽŠu�%YT³„ò¥¿ÉLXk_àGyqUšÒ%pÐ2:©�Ê–¾îÁÍ{€é–þðx
¹à
ýMSã²#òõnaÏiÙWó®¬+Z¨/NB‚–¬ÞíÁá¼)·�I·  š"¢
+”tQ�ÆB2`ñMÐc@“$9ܬöËmÝ7s7VG†(Ò/7dAíõô%”iºˆ‰æE¸GW�ΘÉ$‹…ÞŸ´9>ÊÆyÎGyu€�¶åMª_€HLš5*N‘Ÿ‰Sâ§ã#†§ó:ùîò‡ß]¼~5:ј8'¢u<æÞÎuÈåíÓ\oŽIÔƒåÊ,Z^“H)Zú.jûÆ/‡543�ÔpÙ°ý‚#X9´_Ú¸EÛbt®£Ö9^º`t01±Ä�ŽÞ�íŠho§™ñÊâfíÚ÷/)Ll‹[ÞoÌõ”ñ%ìü'õgÈbgÝ©ÈÑCçÞWp‚:Ke¹
+ÏX@‰°ûH�kà@mWv=²Ò\²øèÃïn\©Eqeάˆ
nk‰ð�‘ÜM
Ñú�)ãŠ÷e·ÛF&bvÑz>ô•òj�ý1­ãÜÓ#^§‚K–ÕÊ5eGâsà™f™úÇ'£Œeú´±Êà̧W¿]¼yÒÃ0¸¶Aã‰EÈ.•²ÊO›âÆ,ƒ ´Óu&�×5ºÖpÁ�®ñŸGºÎu~\×æÿ¬ëÓ‹‹_.žÔ5*jàfB@~CVY`åºÛu}3ŽO66!b—9€êº—8"9=	¶»j�hâl[tPLT4ÙÝóÐÊë_fy´tÄp×Òúã�†´‚¦õN[|ŬQN<ˆ_*†�š¼û�â`ÔúÙ‹c½8ÉÔ ’IZò#Œ1²•A‘°9ñϾîÜgQ4šQ|ÌS¥q2拯F‡j3!çv
":â¾lê«‘ À OÅ
ë`;/¾ü·ç‡¾<z~�¡ò6aÅD…2Ÿk–u³AkÀ5tβ:bÅ6�334„=)ò¶hŠ�Ã:÷1/#ã Ÿ¿�x©
Üö¨ZN¢)ZÍ×uë£HšsÁ‰»îÁdˆæ
båÌ]­JÞXûTLÔ8u¨^Øîh²«äÀ‚nYôëî9¹,Êõ³Üƒ¹µR"ø/ÍûUICSäÉQª¦ »	.…ä,º–Æ®Aú�ki}Ñ7TÃ`½Â%Zq³±73ÂtqpWSÿ
•#¯í”ÁSL7O£B%	ØÖÜ}X–·UÝ|ÊW…„o_lÊø¡¸‘AR-Sñ€ÕÖF-[ï¼D|}?íú›¯ÂÁŒó Œ³ó×o~¹8I¥¡,‰„käG}fHÁzºo)DBw™àÀ?îQ”ºÁÖM锨QÂÅXœ,hwÚ‚î]Eä¡c’6q™ùáÌ`Ü®GbXuw¸L ë/‰Êê|w¨NìPJœrYlvlתõG"‘TuÛ–@bR ×¥ÐT]:^Úå	d‚uî@Ò5×¼2MÆ5¯„…2.ãI­	)\TÚD€ær\né}ü¤Êl§Cs6ÓP
SüðLñCBclÿûBÎr[õÀ³–›îyž¢rÅž‚ˆ‡65g÷¤!D†€liF™÷PÿtÞ\rvv¨ð©ßF¦$¬¢áœ•
ÀL³8
ÄÉ)5V¦À½[½à6‹àB;/ž…è¤+¶[ÒégJB,Q"Ü/I=›ºùH“5Lhäu‰^°E[Gwòe’¼û&éžE^c�åÿBR‰Ùÿ;x
A:é¡S
Vpí`”?œ_^��ÿtÄr³8UœcöJÚSpDå£Í‚™ Í=”–ñX(6�,ðQ
+éVï
+U!üÛ Ép2™¥߇]€z]Ìs2&j¡qnQ>iîf¯ÌTeZ^‰ttáŠÅš_z4¿égù�HE©~§¤§ �”f¸GE·åÝÔ÷J4åç'
€c_ÓõHëU<VaÒèÌ߉J[J£˜ÈCpؾ›z¯çbvÍËòã31Ëì.D$Œ�˜el÷™=ÄæŒî$,€FEo¨—Ä`%<Ž¯t¤ÜA„D#£ªîhPnÀ‰Ê¢s”oðÍ£m)M	�-Ò8-É]^N°‚j@“¾N¢óªíàn(µÈç?ͯZxI
 ´"3ð”ºð~ïi¾‹õÇ«p¼Ún@u3?0<¨SLêÁdàökïD÷Áu’Ãfº!·C[ØÔôå+šyñy“à˜X·'âçVX"T Z³Q ip)~%ÂïÐ(pŒvRGâ}éµ
#,g7øDŠ�|9œú‚f^€ëTHB•M.BY”“ßÂgPÁò¼&
eEv›‹ðãïGZ®<NÂCá·c°ð!/´sž“÷`uà$$™÷éÕÿ	â?
+endstream
+endobj
+250 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F8 61 0 R
+>>
+endobj
+248 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 250 0 R
+>>
+endobj
+253 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1881
+>>
+stream
+xÚµXK�Û6¾÷Wí¡2+I½Žé#m
+’íi¤\‹¶ÕÊ’+ÊÙäßw^”½+·ëíIÃ!9C~óàŒIœ$‹í‚>?,¾¹yþR-Ò$®ÒÅÍf‘–‹TÇ•YÜ|w™r¹R¥*³èëwË•Ö:zã6npÝÚáÐD?Ûn©ŠèhÛåû›ŸišÅi¾X™*.IÄ¡u£«am©¢w‘wŽÉ·n=6}ǃ26qÎäí·ý~o»Úóðå²ÔQ?à �`
+¥Á¶÷Ï€S™è`·"/Mô»eLGH+¸AÊ7¸Ù5žÏÝD!ÐÌ3‘ëì]K§æÞã3ÓµÛØc;’Àç/õ	žUVÄY	Ê8פaw<ô�ûÔŒ¼öÊ°t:Ì«
HÏ@aÄäy€x÷MÛ•U0ÛÕ3½i¸fp7”óöÕ?þòz¦O—±*eÉس0KRAþoý�M;×ÉdÇœ†L8ºÁ‚Q>"�¨feÔö[˜CPW©Ñ±Ñ|›ŒTø�#á^_`6tO6¾Ž²1�·o›mg[OVÔ“qQ*F|ó¦‡uÖà0®õOÂÿ¢m{¼Ü=:µ‰,~2
«jfÞÁ®×îšn++šqÇÔ¯s»+Áü«ùâ"L~ÍÐ.¨gm�Þ	kgÇKG�(`6Ù‰ÁímÓ­‚AŠ¸Rç¡›LGë¥Ê£�E„Üà‘§"´ƒÉŒhCªm:ÇëñPÈÁË—‘0ÁFý€±�3MÇLÛMã¹Ç rŠq˜ýïq¨HCVjü_Ea2 2*èÿSàþ4°Ç�›)ª’8Õ²}½¯/ª˜ì®‡òðzsu{Ê—íجØʤÑ:d=6­Vq™�ÃgŒ�$�¼ÅÝ€8Ø©f…:~w²ÏØŸyÀΫ°)¯ë°½s÷xÏ£Á‚˜!¤
ÔÑ£oÍŒêݾY÷m°¦wð9P-–†D3H*8�gõÞ7ÄUÖÄÌó�SÌßvp.TS%SJª(Çz¦Fv= &׺ÙÈw”/½8�}G;ðƒL+-8>Ö2��ñVs˜DišFyœ"‘D·¯:±#üï¸:©è9 ¬˜æ!+Ââ<ì¸2º�›‚¤�ËÃQ–ìmtýÈ‹ÄÖ<Xã
+°èÖÕ×2M{o‡îÉxÒE´JbI%A3ïTV´ŽiN=8)ÏðvøòéÜ[ð€uzúaOì�•’¬è-C}ëµóÞÕ¼´¡bEå†CDå:j­…Õìe²yî³'jQ¹:;WýÎQ‡a\'Y{Ћ¶zŒ©J«¸
+©ãK¶œVá*š’(í©N{ò«§d²€äzU–qR�¿e›¦½ ±ˆƒe&̦Œ¨œ­¿œ™³¨Ðâ¼)¤èºñ‡V<Š®|ÁaÒ<;‘»þƒÛÆÏ Gâ“,…ÚÓ±K.¤&ÒÁ…€xæ‰èpj²;û¬‚w´–�âV°Hª) 8Pì8â	™K9“´Ú�_Ëyéxé5€Ã,£õúÅÍ�³û©,®džœW�’³N¡Ÿ™e§x†àËù15!»—ºÌ˜81ž
+ÉÆtÙÓKŠ@^SZuýÚz·mû»ëêY£ŒØΘB,`TÞ;Jìx^Ä™ ³ûÀ šBQ†Píªé úõÍYM
6 ”àÀ

5‹q†Ø
€ù^<CŸiUêÁ‚ð¾»&ÿ1x‹ÝuNl œ ª*‘�€È3Hì`É¡ó¼…P€¯åÕ�l;¡«¯E
J¶I¿pln(%Cç>¹õq”Çý‘§§±	®Œ§š»z!W�«Ïè8+dúöv¶úD�ñ}W7èñ¶åB„̧¬¿Î.IuÒU<¶íßøñYE�[NZ,§¸wâ~
#0+øΟ‰UÆ™‡ì¼·ë™Í2<…IŽyáå¢,ŽkùÓa¢:rÏ•ö8€ÝžñÔT¶iÊ6àoï]Ë^tf‡¡ßbz³2´±ŠJ,Ç,Ü?X¨e9Ó
ça:«À�×
Ӑ
aPNÕ’S¿ˆƒ»E$n_ý…¢êL�)‹Gÿ2ê'œK“âÝÉ’ëhäIIeU•Ò� ?”ˆH7~®ö¿èT$ÈÍíà¯Ë,Xdÿ,e7—,ìž—»Ú
Ûžg°ß»}‡Sê“âEú
‘r¼»°›ñ8ò
lè$@$x9Åè¹H�åòlCÂùãØ�Ž×@ÃÚs�‹(¸ÓÈnèX8ÿà-'™«ù;Œ±A}¨ÑT–á·v~=4²]æ¤ÚŘͱÇ7fúã„Ó“wá �+&À»¤—åîöXžyM8ƒ7ÍÓìô¿¢(¸27Ù¿kpÕ?ùÑ4847´ôõÓ}‘9õEÆ”¡[!’ú"¤¸/Bjrz ±/¢ï(_Y3õEĔŧ#ñxO7àR<dôgø=ø÷-Q‚˜‚Kdà½9K?ñøüÏ/;ûçW”„~V)é‹@Èy_T¦Ôå„5°ÄÃ|óÅŸ&S�þ
+endstream
+endobj
+254 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+252 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 254 0 R
+>>
+endobj
+257 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2247
+>>
+stream
+xÚ•YK“Û¸¾çWè�ª¥ªL,ñ 	æ¶ÞÄyœ\µS•ƒíÚp$hÄ2‡døðxöק
��Hy”@j4úñõC»„%Éîig‡¿ïÞ?üüAìxÂ
+¾{8í¸ÞqÉ
+µ{øë§è×sÙ�¦ßÇRŠHýe+•F¿�M]ã’ŒÞOU=V
}üÚ>?—ÍqØÇB乌T±ÿòð¯ç)ãÙ.VÓ–è#Б�e<:ìE�ËæÉÙ>Naãá\
´G£ˆšv¤…Þf¤µ—³ihq<;RÃXöãÔÑþg‘æµq„ÊÞЪùnÓhŽï,gÉ.†§rzjY×-òòR5Op¸Žp¡Â…ÃÎØÒâ±ö×ßöø´žV�G á>Z7Òcà·%}Nš°bßK½‰CþRËß0öÕaD)ÁÖÏ䢱8ÍYªw±HXÊéì¹:�¿3ýc;:hØ_Hÿó„÷æð`â@G~q¿¥si…q}±NY–
—ó•««¤`…?ñ8Û
+îz˜�¼F{Q•nÝô=	JGÏfÊ'C¬9uòcøçše"T!ñ`mñÐNDŸ>Í÷ƒ1h™øAz…	œÈ¢éU†6™“â`£=ÑØYKm‡j¬Ú¦t6ß•}ùlÀ+†»TÑNýÁtåx¾OBy©‹,Ý”ºÊñ½I@}-öœ%+±•GÓ€–‹wX!àäÛ>MÁø'C'àé×r.­�¿<ücu™+àîúRA'iŽW7«Þƶ%ý	!˜æáû-鬬ë„¢ð¿.
+çw ‚$‰†©ëêÊi§Üظ±šž�UºSp³íP—4÷k¦)k ¶Â„Gdç•ÐïhNåT�÷èü{÷ô»9œÛO§SÒ)[ª|SÙi¸î&I‘±,]y˜R`ò�1^òXZœý:ÔåpŽÍp(;2x:;˜ÿN¦9XTƒÏùÙ
+ŸMXç˳P[‹86Dð`},AȧYJâè8
4w
'êj	sa™ÔãÎTnüÃô-�­N´`M’P�$”dÂ;ÐiÀK‡•¼ 
+͇(,9g¨‡DB7îÍ¢L]¸(±¢À´Z„ö—j0`b¹H£Ûáh”¤@Œˆf8NM°œùw"¸¦	9žòÒ²dœ´p½r£½~e¦S
É�8Áµ`0¤¾”ËZ,)SÞŒ*GŠ"Ò¤
�¢V]É!†%
 ×l¸ûUb�‡ö
:C¾bž1-WhV¼A¢âù?UµÙ|@œi¦ó�Ú/ÄÛðÚ¬¼>ß'PÉ5£¹bÒ»[Ñ.˜ôhú´ë¢ÇofJðC1Ž}z�hü‘U¦4|yGç:
+m°#åçý–èg"E7¾v7gw yJ£OqyêÆ�_Ü×J–²uáÞ²È1¸WË
ÆØ—µ ¹R,½�ô‡½¦ümÙ ÔdÑym†€Tzuõe ™mCƒ¿7ÇêPŽè)�Δ ÑG5Òø‚kíTéóÑãšJ
@(ž˜¾Ç2Gb17!ºß`Á•’>”Ç:ØÂ_àlÈ:›}p–
¹â¹se®£ÿ¬D+AnÞŽâu®ÄùòüŸˆ†V8·Àm§ôõ2“ègÉ…�\
+7gÊ_NÉ—¶É’,é†
ЩvÜ“Tû#x9W”§Ó'±ì5ît{ºõf®Ë=c€å‘¤q>Áø‰sÈÕ5Ât¼âd‰ÿÙijÈ7`M/¤�l¶Å#P*®BèŠP€A?¦"Õú­�/*–YBeAZlr‘ËWóú‚Ú¸‡­ê´�	“ꇮW°B‡ðœÙ”8³Z³´óóaÙËÜiL¤‚%ü2§³:ñR}GuK_q�»œÎ-[IÀâü;ª÷úohyèªHÉÛ¥ý�=@9:b1¬_�°–Ô)%Yš/©U ‰Î›þH*2a‚‡R
0(’‰*›d‡	Ô–1ª1š9Šž)½�
+­j)(逨äçÒœr¾ ƶWg,õŠ¥ÜapäèžSYÕSï
%.cã…f|`¢p&“mÓÞ—ãnÀ²ÀÄ’m#=‹0Þ°"{Àü¾©¨¬ÆæW#é™w«N;³Ðn‘õáO}EAÛ¥Ó+‡\V_@OaP´Kû–¾¡@‰POr¿Tº«&7ð"ƒwD@W¼¸M-iöæ=…bân\r"t�¦a-D,9½È¶,C¨¥
+‰?¾õ¤1×a0‡ŒÌÖ8/i°³�
¦ì]F
 SØôÍn˜ÒŤkÇæ¹dùÿ“iˆÊ%B�†.A•‰Œo¼T	&ïÖ’zAÞIcøi5†ì;�ͲNôýáî^¦¬�×>.5¡>ѱp":C…Hö\¨-“E¢üÇ Ú¬&h³“�GqVäwÛ
Ò˜‘s
ö€mš»Be¢ÈâØhÌ
›J}U»×	šJ ø¹94÷,š—¾ê\¼){åx®ܶÏ.r‚t®?o7P‚È£s»R�J\SR%ržÅl›å›ùe"xvÅ6®Ý€gHãøð,¯‘r•:Ýu¢q~@W—ÖëéU(`\
z@Ž@C€´±Gh�h¦ÁXÀSŽ‚\�TxsKÌ©v% ‰îâõ§*›{Ñ�~7‡z:RC9§œÈ¸-²oXõ)‘Í–òŒ€OÓ
L˜ëWZ¢-í›×ù¦Bô×ò^O£œ~"òÐœ½†—ä#¬ëë¡%#F¥ß(jD!}Nn{°öH|ztà¤ëÀ©F—çí[é�7ÊcK…ß@„	faRŽ£yîFºÆ¶']߶'—þ;N/ô—p×XTÑKEÝ[¬}sòËÙô¶šv\/ñ'(&/3w¹ÔE.=v¾Ÿ	–†J V$ÈsŒ/äÒJsBÄѵÉव®Â6ƒ\'ók·¸•s@YØX—i€.J_4ÎPb.åUInÛfž9³ÐØ"Ñ2ÓßøUŒç«ÌùFgµ¸n�à_@HçoúÜÌÍ

+endstream
+endobj
+258 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+256 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 258 0 R
+>>
+endobj
+261 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1985
+>>
+stream
+xÚµX[�ä´~çWôÛ¦%bÇIÜ à–ËBbG𰬄§Û=‘›œdf‡_ª\vÇ™Î̶–å)Ž].×å«r•7	K’ÍÝÆ~¾ß|{óÅk¾I¶K77ÇM*7iÆvbsóß·Qžlc.¹Ì£oÕpÚÆY–E¿ê£6ºÝküÑϪÝò2šT½}wóÓ¯³™•,XVnb±cÒr{=èqç<�ÞÆêøÚ¼¯ÞùßÞ�ˆÏ.)+™à›Ä2iU£/Nâ‚¥…#xûõ%ƒ”‰Ü-ß«zZa2î…“ƒ1öŽèëÄ<KY™nâ´`ÅÎ’ßœVØq–y�½ÖOY‰Œ©£ÙwM£ÚX”gQ5àWDÃÔ÷u¥ôwì
€¶Wcu[ÕÕ¸åEôH»ªñDãIÓà�i«“®ë¯p\F§ýõ£@›¸ÈÙ.u2–æV}�ËÚ|Žîåœa½~Rùû
뺥߃î�Þ«ÑŠ	tUKߣBÙ€—Œ¬àÀª;Ò–qÍ`‰d¹tÖ8è}­Œ^³Xé-v;Uõèsæclã,
ÇJp[Â8Azª«¦²Þ°ø”¡+ÝšÇçþp¬›¶ÆéþÍÏ£SH&K'Ö™ùè²vçIÉòÜ^>‘k¡3@?÷Hê�uÝ}uÐÆå·Á7š®†‰]
Z]š±hÀ�ÑC7™½ÝºK#E”y©ªV·µ£;úâYpDôƒß2ŒÊXG#Á-îœÏ°Z‘´Mdm<„R*¢½•ì¢áqu3ÐÏxRˆ°4‰T]2qAú÷øw"²@Q¶�E–G?Ý6ǵëÇÊŸ`#Öî*sk%ÈÌ~¿-‚tÔ0ŒŠ¡Iz@sç…¾¼ðnÂ+~sἜ¡ýŸ“jï41¥€‡�ѽµugÆ9BìÊÐ]ü9d⪆Îá¾òq'|ø#[ϔܽ$P(ôŸRè“2‡UhòM¬^ú›ºvÉa2p]YôR9ÇbšyªŽ>\e³ý‹Çßxk4ê}Õزq>­þvK”1}w™þÁó²ÖN¶½ÑêZaŸLE’Pü—6þ_¹ÔP£óÓ ïgÓ«Ä;~2ñ	o!Zñ		Çsaþ¹JÄú‹èR™%ò3\{·WŽ¦vY9üeÓô|o¢5;ÚÓè¦3�[É£«do>Rv7¸KæØà‘-Ïд¨ÖUQØ~äÙ­û
¸’„ž†ë¢§é6
"�ûooª~ìÌp•}úëdì«>ôÕíg$Ö5q‡
¤Q9X�'®=oüÈóTÓM¡ë½Ý÷ýäð\5:,êÀîáÃu6Ÿþ-\„™É'‚•bÆjÐ-n—¡jïj—i§A›«ô¸¿Bö¥0±0/ŽV|[½™›%ÚEqN¨`^èû¬ÈÆŸVfŒÊ®‹¨üÑ%\±è�¸¼¬R½8ÔÁ¾ŽµRQ.+¨² 
+
+æi]:©`Ðê€yd{,KhÕ	Öû
+#Ú¦?˜õ?ö(Ðm.©%Rûþ2P)ÃF5{Q§8ËSÛÌ%éYÀáÂýg‰·‘­b.LÄq@Ÿ_l‡vÂw™¶p[Û}Þ¨°ÕÔE³PνìÔZµôÊõ.XéE…ÌÑÚª¼ .‘ï¤/ûËeùƒTžáÈòv’8z¹ ·àJ‹‚¥2¬Š]U
+·Ó™M•¡„î.Á¿Þï#Bªˆt
÷›€û-Îw<úÎ7Õ =
@>­Þ€kˆ/é²–Ìæ
ÞòËBÞU¢B¸Fvf�yH⬇$þåð8ÛwSëˆ*Ê}‘¸`™G^º:íÔ{l¥àß(^7ßÒàØŸï\äó‚6áýûÉÞ˜i�w9tÈwøSºø„Yª~ÑÌ<‰ª£_­Ð
ôs){Zr씯•�i»g¹qÉJO½Ò.­0£~®<+蠟ʪ³=Dê1“z„㔋/°,É.A,’ä܈„S? ’�Ð,DiMœAXã÷ì[¯À7L“"µÉÚQ¬¨Ÿ%,õyv¥2~
+�ÐMÔÔ ïA0ý¶¸S"£U/{Õ:¥EÊ
+*�&\ÄT(�ï˜É[¨¢}1�¸à2�ôû½î1_@
+¦”RìÖp‘ËsF[©CPŸÉ^9ΧÊ÷õÜÝ#È+<ÌU–˜¯�˜óSÊJ]·0ÞâÈâ¹#§½O“Í0˜|ב§<0›­ê•¼�§°;^‘|öyûAÌ¿Ì
+t6ÁôA �Àê(¼òýæÔ{UûR« @¹ì’–	“ÁU;ß’Æɾ-Jû*4NÍÛ@…¹¿µéhÆgGœµO5HÕºr
y…‡—Áû
ÚÜ�ÌÝÔÌÙ¿Ü�3
\°áòíÆ=jc:_B’ËàNÎvñáœ-ç‚‘’&,ÚñL¹¸[¼.¶ ‘žy^t‹þ}ñÙ'E™Ì%Àú{wð È#>+¯Õi&™�…‚s~"Ät
R.<žÖWE‰qðT¾¢ð¨>š®A~þLÐjƒM±TüâŒÕá¹t™U¬K–±â|G¨çHwAÂQ
2çøª¸8šˆÜë2¦HNÏùç�7a®"‹¾ñ»m·a}¨kðŸ<€¿ÁJ§s�@€fß:Fï\`öêÎá¯Ì(è¾»ùìÿÐf�£
+endstream
+endobj
+262 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+260 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 262 0 R
+>>
+endobj
+265 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2062
+>>
+stream
+xÚ¥XK“ã6¾ï¯ð^¹ªÅH"õJN™Î$›T¶65Ó©=t÷�¶é¶Òzx)iƽ•¿
ÚrËãê­œH‚$~>‚ZD"ŠO×ü´xw÷Í�É"ŽD/¸XÄR”jq÷Ã}p»ÓûÁØe(e¨o—¡RiðqgêE2x7VõPµ4¸íšF·›~&IžË �—�w¿|óc¼ˆ•�
+•‡ðÍxªRN?È—aš%ÁÝ΀’”›�:^µS1µO¡qaRˆ2q:îvUO¬NÖ¨ÀûŽÚu×ìëj­³¡ÃN4Uq»1½±Ÿ–I˜ÞÏp§Cég>hoÖCÕµ‚l“'ÛB6..á×Ãi`ѢȄ,@žŠ¼8N„i’÷a¨Wf»{nÚý0~:¼»ýÇo�~ª£/”“Óç±ÈóEä”t{4cf…LE–ð§J÷‰ØëÑöilL;Ì4¥	ø‰Ö!g¾e”‰8�ìç-¸_AÛa[²�it–„üAÄ
ÆõÚšëÇ=øÉlnfÖÄE!Š˜íadÏC£%Ooª~_küÀ`ØñZݘžíh7Ôù´LÓ@×£áÅÝ–@ £ÿÂ$*D‘©³k)’Bòn[éU퀈4Cg;¶.Xú—ŽÖE`R¨@¯×�ÝTí-:n�¥0¿­e”P�µ[¬umXF»ûíØv¶Ñr›:c9Öã,h¤ÁÊ©34cÍػ܀¾Æ°�sP¿yã�‡@~p6〄9l>»#`gr„ú%tQ�â3ÄÄÜÞFo®­ÁNů
VQ´m7`?9×:KÄ2ÌÀ�?srÓÉEî³cßõÕaF2Ò§FCˆooC`mbÿ³yê•yÎ8(¯œž­®zˆ€Ó¡SLhœø÷δ„æ1ipà2;§Ìe!Æ/<A°æì�"Û£ˆÍtŠ†ÁV«q@ÄC%Ëà_{™¨¯ÚòŽ=Á¹ç~©’4'€w.–€0)†$‡.v¶]]gRLÀõÑÝ ÿv–Ø1fì>ê™CÒ\¤ž‡þ©í3èK“×A!Ó˜²ç|Ö‘øó®Z/“,Øá0b@a•w.ŸŠ„CØ´¶†ï
+ÔGÒ$0‡3Tˆ
+0Hl¡;C”Ÿ*ÛµŽõŠ` H�fpA?®zóŸñ˜ë8·æÛôÂ-CxL1[]ÅìVCfƒËfAUÍz{¢nÒئjéÔ¸f¥×hÐó“íÆÖÉòà�nÕÓ,w�²ÖÁ-óøi³©à�EÀZG‘
+¬³ðj(‘94RZ™{½½!ÁÞV1fÉ4ƒS­9$‚E�¶/~\úÃu	@sÀ÷‡j ¼ž ”eé²Æ%<5}U†aŠ"Òà
²ÔЖ�†cåR$"¦îýGÚ<CÍV�7À{ý„ªTKꘕ*
+3nØQOSÓvmø_c;‘ãYÓØBîð>
+Wè€ÝRŸŽ"áRäËz[]Õ=iråˆöÚò¤n·ÜÐ’#(E¤Þ9¤°îœ;fÙ¦ç…A$ï*ÈõzîL)…J}Õdç
+”HO�íPÕW<»
+ñåóÒÅ9’¡Ê
+>¸R”ÕØR®aÇô<…×5¶z^µÅi!2
+ˆªYq“‰ÄßJèC㨾h²LdùÔcìŠ,'WdùèTv‚æM¯ã&E.yúÏ?/îÎxý}C•½ãR°¦b«(@²ÜÈ×=
­F‹èzºrû¸e‚ðA–>	¦lÓžî'ªº$”ÕcÏ;ÎŽ’G"õeÁßçdpªyð{R6X½ÇTBs—‚G¿íý‡s| ÷à»K˜1I\‘å%=IÌÁ¬Çã!Îȧ	DÜé.|HœÆ"SÓÜq4ñ¦e{•¨z¼véžÃÛÓ÷±¸¦;íÉ´ˆ�.a\<ÕÝjØ?,ßÂÈ»«üê+áÁ‹ðÕAÔ4¦A¿#D�§–ÄP­ô;G—'*bîÒÜrEå(ÌY\qw”óÌ]ãÞ•�ó$ùÉ=!PÔñyªüs�–ü®4-âÈ/Ò•/Íáúߘ­ëáM¾z¾
+Õ÷®þÃì?uÉ,s|t–‚ø€xÅ}_=QÝ’¹Ú¶�ñ«"È`¼»ÖîD˜ªíœ¿‰ã/”E*–Tmá
+M
{‰P¢²ÄŒ=÷†]×ßÕ,Ü[vÅîÕÓ…Ä‘û&´›«hÿÒ­üÿ‚Çvõ].�e
œkò¯E95÷¬fOê\!ÂeLòm9Õ^5]îßÍ$=p´Â' v6µÎØaN¢
@Ü|Ýo¾Š÷Ÿ›	DϱRÄzlº�¬Ö›;C5çÜ[TXk[íêS  ð…Ðѧ%d½í,>s
+àJÊ@\æ3û^Á
$º¡�Ï@ÔÁÅ&�”kôWhn”cÛþ-Ø_ø—“âËpú+'tôùÚG*êìIÿȦϭµ`¶À“›q]»á÷—{–8Íjj�¥|ƒ	i)Joêüý&øß+™f‰®ksØã“èRÄ•S>øÈW†DžÕ'pv_õ\xÆñ©>¹ô;æÓxj×
+¼iÀ2Lû+–¥ÿ§eïþŠetm4zÝÁ$Òò;R\‚Œ|á—ŸÂÚ/º¢)�êÒ{:ÞÄ8¯Ya]µÜƒBœ_WPs`˜¡(ót…³GºÂAAG&…œx;eØ_Ýg°÷ž>óÈÿ&D–3‘-Þßý팣åk
+endstream
+endobj
+266 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F8 61 0 R
+/F4 26 0 R
+>>
+endobj
+264 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 266 0 R
+>>
+endobj
+269 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1094
+>>
+stream
+xÚ­X_�Û6ߧð£Ì®ÿÇ~\»»µŠ»Ðëƒb˱pŽHv.·O_R’³tÜ+â'IMþDR$e/ÂÐÛyføÃ{»ys{Q”‘·i¼¨ð¢$(Soóû’Å+?.â"#o©nW~’$ä/Ö0ÅDÅp™’�T¬â5h·úºùóÍ}r!*Ê‚(÷ü´
+#Ž)ÅN¼·Œ:³u�•^hxèžYETO$¦q�®£Ï&r¢(H3·L>ö#ØÏ"Ë ŠG@½¢[ÑÝ툚ATs�|pN”ý$®Íí¸Zð?íº…Õ.ˆëž�TÔKZêý2À¤z™µÔ� Û ¥qI*¹ßã)Ìbü¸ˆÉ¯@ÉbDlvj¦+Å·x	sÜ\À˜„ä�U=—Â
êMøâîoY�÷N,Jr�šhÅ;Þs¦¿¢Î(#ºcv?+?O#²
h–&VΑ–†!�õDçóêIb@ßСë­6¦n2GÏ Ü{~\áÁ,·nY×é+Ö={66ß	©“Í�ƒà7qÖ>£Õ"{æv–!h“¸Ìæp0N�Nžb´æbgwŸî_û‰½<KU/t›žnÚ½¢b!@û[%†IȪ“Û-SsŽM×»%p±«²“¸ÝqBîÀNái–ÀÓÉÝ,œwt
öv.;Ø[\ÏßœÑþ=o^:ïv‰óB³¥Zšáv@R°j¿Tféo¿0‡öEóŠ.Õ9|¾ÝB~€jÄç}h °Aß¾…¢˜Å)é[,ØE	¿”°óã*Ëíf¹ecÉÔ 	JÅš°Ž÷±)˜0ž¥M%L
+©áMò„tTc
ÊSòHßµæí¥îW–áÜKࢗ–×U®ËZßÚµ,B
+ÿ_¦ä¥N›TuOûAÃÑc¬ø
+ǘV3ã�±%4§Y»m�cd‘#ÁZ¢-�$gz¨üé©+¦u3t�#Šë§i26!P„ÏMVtmÇškl«jËq¥ýxMi>HÍOó	¬¥ÂöG‰s
L\cÖRÔzäh1$c@$e:>Ÿ€òÜÂëÉÝÇéEw„Ÿ8K©+6¡ã¡×pØÇ8Ë™2g/H£äÞn T¿¸¸#a†÷1œ9aùxË¢0L‚Ø
+†@5Uµ.-uOû
+OjyD˜Ãïÿ!›®/?O×%„­fÌNÿëYa‘Qdù]£ŠÄÏŸ>üc§¥±IÍ C�„ªëV�m]<® R²"#¥mt¬M³ýc¢6ºÌa€cOŸð,Nˆsп÷éØ)u¢éÔCºW¼r-£ÜõWX!lØ6v«oéÈäôªØTüÈ;¶c‹¾y·§Ô#S[©—zFo¯:G>‹åo=B™K U]‘r‰Ä‡lŒ9¦s›ÛÐͬ†÷Ôø&8?8xÖ_A_–Aø�›OKþ“8ýؘÞÝæ—oô}w†
+endstream
+endobj
+270 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+268 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 270 0 R
+>>
+endobj
+273 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2197
+>>
+stream
+xÚµk�ã6îûýŠ°h`¢µ%?ÛÃ�íìíŠvÐ	î>ì=O¢LŒ:¶Ï²çñï�éGb7“/ýŠ¢)Šo*W¸îâqaþ¹¸^¿ÿ$ž+o±Þ-¼xá)‘ø‹õ�_��û´jt½\)%ÿ»åÊ÷çn¯óQʹn³¼É
+Z|,‡´ØšåJÊ(RN –¿­ÿõþ“˜‘âÅÊODlù¯*"‘§$®Ý^/cå´5ò�|§´¿�SÕÙS–ëG½¥õ¡„cg«År„‰ó…éš}fN(®`㎞ˆ&½PŠ~wýÃÝçßo~þ÷T¼@„’©à²3lDv\æ¬d¢Dì-V e�´|/ƒ(× «ïI'­5žS”
aªšÄßhcô®à+Ï1dÜߵŦÉÊâOdÅ^×Yƒú²ôuy ˆõâZi+�.–2rž²º,ÇNcÕ&í}AŸrVž!ºùÝ盟~úåv}7«?&zZ
H›¥9Æs² œ¬¡ƒÒª²W×imx§D°]¬ìV^(EŒo2Ü!¢;(×±.
úË‹²Ö[�.í;_v´K\õZJC{¦Ik«CD>gÍž þÄu4˜1Ô`‰§¥DÊÄi
DÏHÅlpç±.Ûê~IDÙ–~­ÁÐÿkÓœÀ¦äß=s¬u·ey[hÂ�/Kã¯'žyBu‘6ˆ^ \Ÿ·Ë
+Œô,ãPør¬gÔ�ï»ìp˜¶ªòŒ|5Œðt£i'í=5c›ô´X
+|;!±-~o	¼#ÝF¨[$£û#]¶�º±5[’8F£P®KšLX“ˆ M"ÄšLPu࡯¬Gدæ\=H„žÕø‘æˆy'«‡NHÆ¢µÕ{sä‹8;
{ÀŒ2”ì¯ÛäMì·Òë¼Êƒû‚.i2«ÄÌš�°é%]²²^b„ñ(7)Á$óyãT,	
Mb!d�*áTëªf¶XÀfSâ�¢��Örˆ¥]5D�åz“¿˜XoÅEÈK„ï‘	›³UèæŦ#¨p鎋¡B¶¤<åsœ
V¿èMÛ0^AÅÒD°¡Òx‘0íÛ%·Ní;mÁþí¥S0ä5´•b`¹�£ëº¬	õ¼·ÑgØzWÖ+¹E¦uzÐö¶¸Ô/«i«Ò€§`À¨ØùÁ:yÔ�¡’Ø9@ÁJ5-ž3›P
B#“ß"
+S£ZPˆÆìê@LÛ´ÞŽX_M=¯WJ?EY¬ N@†¤ä‘Ö«°‹é3»ß‰dí–5çé¬qn댊Í䨬¨Zv¢<+l)²îÂ}_SëÁ¿.’èåR‰tü�þ´¢�rG(“ª\ÌÞj®¦5c\äïï§G‹¨k¡v×àPS¾ð¼Ë¾¿%‘ÿ\˜•ô¡âË£Âú†H›ÔLÓ¹rEp^&9’)Ü32Eápܼ®�Î!]NÅ
G«èXœUèr6B<$ƒfQœm¦ºóÂH(oE½9•ö²â*âÈõm‹�ÕŒ«[Û´Aøú¨ì¶Œ)mòØd)µb€|FÊÒæ Í3_ÙªDGy‚Ów,»ˆ‹¹]F@¿@BÛZ®}¯;”$¸½>ó)¦}ÛM	×=ã!%ƒ9òVO“gÉ�î\¡¤pû¾ó'j…C3M4uÆwÊ£ûD]‰â-í@›C~µŠ¦O‰ÊK½6sªº$¢©ÏZJ(5Öì±’Tw
+lï“:™5¦K¼½�¸ß™κ¬r_Ÿ/–¶ÕƒH覥Àã¤�Èqá#ÌåE$³‚ÛáÎ=t#¼s§7M�W"�_¯íדêtÓqúíŠî\QMÈ‹î—‚†ê5õ_Ø4tý–�Ç#öª†KÅVïR0ày5‘–>¾Q#ô·ß8ì�V‚È)ÛÆV,Äà)Û¬în�ˆÖØF
ÁÿÎwÇ	óþp.'|{…Á,çxÈ¡ÁþðÍ´Áö„1QÜÿÍJñÔ“ÿãÃynăFd„J;Ûþ¡Æ^/Ncp•GAM„z?ê/ò⛳ö±£¶‡X?±Ÿ#?À—(æЄvtX
+·KÐ7¿þ:—Jâî;ÆáÀ;z.P²÷¹ñ«ƒ½:°L] ÓôâE"NÆùδ œ¦í>9zO…hȦœÎxàO)!n«�túV!¦¸ž›~%±gã3iØæ-nØ
+Hiž¿vý&·v#ÍQÓGhÓnPÌ=u…؃̹…çºô.4øÅçósIAIß—s!äCWÄ?„È,ÛX3?Ï�lÔ”õ+1ÛŽ¶»t›C:„E"
_?<çK÷Fã‡'1Ã
:%Gœ†99Ʊãy�ÍŽ!t©œãhÈŽ÷8^÷Ù`ÎŽ´ØÙ¿à:6ž
+&¥Ùú×e�{ûvà¢ÏÚÀ
\�ª$½”°+óܦ˜g\ƒª_¸¢©Ì¡s³d03üaˆ‚7,Ë“Á-RC(M¢`ä…` ÔÌ5žQ×xn¶Ó4鋤Û~Þgcf§…5�ìç$HÓÖµîG"@P!AÇ€1¶{‹è¨«½5 É6ôÄ%‰œ}'€fß?òë_CËc_ú¬a;A­‚Ðu®™Ž�‚¯S³'ü`fÄM’tòò‘¥
ì[¥}JÉÅnâ;Ýý2Á{s¹særÇ™IFjõÝþ<«V\óËÕ±Z'v>Qq·‘GoîŸ_òË¡~Iqî»â‡ÃýN³IÙ¥Ã÷­©ß›W3ñôîõ-s4ô›ÒÏŒ{#Ýûø¹s¦%p“aL³"ä%XfV�Ø^ØBÃ((LNÞÓŠï¦u!ñX[ïÀƒ¤�ñ¿A÷ïi©7û’ w·ÿùqj‹±ªŽ儯̱zÞγ™ù#áDÔ/»¥!@Š°EXŽf²ŒJɨ –óªoåIO‹›õßþ@]Õ
+endstream
+endobj
+274 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+272 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 274 0 R
+>>
+endobj
+277 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1981
+>>
+stream
+xÚ•XYoÜ6~ï¯X "£-QÔ•>5È�h$R 
YËõ
+ÑJRŠ“þúÎpH‰²6vú"ñ‡ßœä&bQ´¹Ù˜ß‹Í“«Ëç|G¬Œ7W»M\lâ„•bsõôc�Šó�¼Hƒ'•ÞŸ‡I’oåN*ÙÕ»"ø«êÎyŒU{þéêÏËç‰ÇJ£lŠ’†ÝÙy˜rÔ[ü§Áå¨Õ¥þ®§®¬÷=µÎÞ|xŠÜ6Ñ&abÆ�·}]µ¸ÈŸOOqgÌò=Þn×Ä333K
+ (YÌ
AxEçñ Is–À§_îàøEh9\@«LÂá;ó`PÕ‘ún…K™0[>OŸ=yÿbµS™ۨê¶+<fyjçß>»zÿöÕšCÁÒıP’¤jº½TÍ ·$Úµ'°Þ˶¥áÝØÕ!¡,¼ôqš¾ÓpbÁ‹ î/QèñZÍ0Îe0MZJM=ùMÖ£‘{Mÿ8
+ª‰O¸Ö½/‹ipþÚ¨¾;P{`¤è«½\Û`œ²¼xì4»í4~mî6AÕk•€‡F׫CÕ¶ˆuCo xyT°8ñáõ5¾†Øà_�õ9Ïã�<¨+-5[É’}ú6>lÃ"y🃸7£ƒO Ò`×·m�·D:ìM­þˆšFÛO#–�#�Ô8bäzÝ YÕÒÇJU9HuÂ}-XJ:p*T)ìÿø©ÛFKÜ(wì�ÙçöÙ‚½éO,�!5†Þþ�©O‰QÂ’É”u
;ê	ꃴ2„röÌÒ�üŠ´Ð]³£°©ûƒ¤ù~Gé@s×:yã´Û6öVDðymæyÊDn7>¡u–s;ùè„áð¢_Xν†ó®¹1˜‹2&�`Cg‡Èü�.¤IF;jKYµv­’‡ªéšîf¥ž¤,žB ºò4õ|¯GÆ‘CÐzY1±Ð`¥5œÀ ¸ Eø7'‰Ëµm™ÁɶÀ4³²4ÑƬû|"b¬˜´ñm%r3á¬ä1¡Py’ħܙeøõg˜Yäíñs�©À¦Æ-xn;*ƒ¶ûxš1ŒÛ‰	fœÏ’Nk0X𬜕N‰:æ…µ$Z9¿¼ÇùÉÈÈ!ý ª÷Uw#·Œ±
+mï5š
èö$bà².bÿv¯3UáI©=À¾Ø*OðͲ9—„?Á×ؼ&n°Ú?;õÐ~=Í_£“–Ø)©�bcswX@v­:›®ÁÒE>©Z�
+8çÐÉkk[VUuJ®ç8dª+܈&M¤*\††ÉÊè'Ñp°•²vA;Sð…†[?	��C…¤ßg!së·ûØõc7çÄ»z�:3qП…÷zˆ³'Áò6È0ÿâ8ys^x1Ét_­BS
Õlù³‘	<ΫÁ�á:¸äå"q!El¸e.da4�…
 R-4Þ«­T6õ€m­ Ì	ß‹ÔÅÚüYæâÐ`-”ÄÀ¹àôK‚uâá>ÇWè-BX+ÃüI8ʺ1ÉF&OÔ€9+]8þuµM9g}SÜ$‰5YBÐ0eí†C‚/ÉnÄl7H©$:­]>TÃhYK
žx‹fR¡k}·sÿJÕ»˜×JmG«ŽV8_L3XÜXë'ßñYcux<¶��•—Ïc¸x±DL%a‰Eæ#”W0¸Ò¥Þáý„OæpÅ›vhºµ;¸B¨ÁD‹LžŸÃ�¡Ç€™
T„C¯šÚ„yHJVšÒ>Ç‹�+´
+�),âGð„u‚yKw{‰#¨À8ñ`»m¥¶ÔÛWš2KÝ¢{@œÌ¥�Ò¶êR$U\Óá,½»Ž�åãù²> ‰ò±“l/…z?½ÒgžÝfPÇ~0²ˆb{‘QdÔ‡ºQÄ
ß|À„W
ý1ηç¡71}‹E³ˆs[ØÀNš‚½Õ9Ž\;�›­·ˆa†™çvª?P«7é‘€sÌ­X²hŠóEÏZ°-m•œÜdbÐ�
Ï”•ÜÅ1b––ÆBgiqñ,­ñ(eyzÉÁf¹]¯\œ°Ç„îµ.ñ@w;*ƒ9RM7Yœh	¾þËxdS&šž[é^ÚB¾²>ø#aýèà·ƒR)t¢9b\,Xv}R€ V�èdÒt�ðÎ%¿5ƒ^HJ8&VÒ?Lê8Ì9™s³Ÿôïz0vT²–[„'6ËóćAÝ«
ç¤`•Ænê�zntâà„EJ#Å|{‡ÈH×ô¬XøàC¹»-¬kê[ˆ÷öè¡É%^…H.—@}´t9Á¸i,|/:é{˜Å³ÿç{¹ó½Ì•}¸—ïk‘+uö¦ü1—!+L��έ’Ìã�«Oíë
Çüè?ÎÌÉH«Û%5懼“Ž»Ì³–ü.&\Ä,)ïÇ$f¿‹É2mm¥®Uc=ö΃Ç;YÏy,:vw™„E‹èóq>Ï›×ï^þm%ÝŽŸ.\qpcw‡«.%µE¨-Må¢Ç©ì•ósÑ�ÏîåŠ;uŠ3ƒÇë{8>B&~°¹†dú…ž5ÛWMúÕ}<Fi_N¿"sÓ{v­fp­c¯lømûm‰zT³`KžÏnÍn ýéE)ÍûŒ¡}võËCÀˆ
+endstream
+endobj
+278 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F7 41 0 R
+>>
+endobj
+276 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 278 0 R
+>>
+endobj
+281 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2118
+>>
+stream
+xÚ­X[�ë¶~ï¯ðC€#kF"u¡Z Åž[²AÓ,²Fûp4\‰»V"K®$gÏé¯Ïg(˶v³úbÑÃ!9üæÊY„"�÷ùfñvýõG¹ˆB‘G‹õÃ"Ò‹H‰<^¬ß
+ÞmÍ~°Ýr¥”’?/Wqœw[[×HRÁ?—Z¦«Ì}mûåJf!ò%ËŸÖß}ý1ZD™�nÓœ-Vq.´Û7Y®’TŽ;e	씫ãNnýT¨%‚ýED‚­·œ‡YP,ex1‘PÚ¾èª{”&°ŽIÃÖÒdO'âð·eOd�ÃØÌ@“oM¿¥Ñ¡·½X®Ò4‰:0‡¡Ý™¡*L]!>Ó÷ÕcãD_¬X^2Jœ¼¥}0‡z Ôèäú€Ç"°CKtƒŸ8hðF‡ÝRê€oÑÑ|û@°>%#رP1‚EX«P¨ˆÀÁý¶=t�%¼ÿ'è@Ÿ‹0wÛ
+*×åAa»ÁT
‘cža¬ò,ð\N%¸¶7;K¤'¼¸ÁŸ/Äkú3ÞñþԌʃ›†÷jý^…
ᮞÑ_
!g­9\
Ñæuuª*’èL¬
+u�Ti‘ÑÁïÞß^¯¿½À8ÉD¢¡c¹sŠ¶n›Uo÷¦3ƒ-‰XW=Ú'šRʪ³ÅÐv•3aé̵$ÃC{k:òüŸ{3liæ¡íˆ/u~%S‘zÙŠòÒ<RE<}¨ê
ôë@W±YN¨“Ïíngšò¥Þ?ŸâôíߘE)ç£Öˆ¿LÀò]g�ÇHpFÙ½ÁX”†ÁÖ™²yœ¾üþë˜ô‡,£²‘Ë!�ƒ9$d¢„Œ_@"RŸ!A"ú{È¡“Ü
$S¸�œš%ÙÙX¿swgýU?ºÓhlìM<cê¾�²¤ÑýÄ“†ª.Ù3ìç½iúªe?Ü€eðfwÑHW"’†ŸÖn5JNåýàwú銼bo-�"½Y¾¬h²‰›�w/êù fÃÇ‚"³Ü‡ýÎø{š£ð�#ï7Ä»‘Ifë²GÝç)#„O[Ûø¥ÌËÁËm²¯«¡gN<®íJ>ÉðN.q¡8­ŽH¿Æä¿¿¾ùû‹PÜàÍuÂæ€#¼ãκć=¹·s¶ô5ôAjÛ¸p+u€Múg¬=’"á“Q´Ù¸k‘Kf:µMô1/OÓ£`W¨‚„0{A$b9
Un¸ëOâ¬rn}šÇ)Óu‡i
+Òÿ�©jâuIgº]¿G‘[TÎ8J¢B¯ÕÖ³¡|b¼*�/C9É¢q䤅ïQ==ž¶XyŠ
[¥^v ûü
+C¾EW9MC”ã‚Äë<ÄXGüÊ[º‡ƒÆ>]Ú-â…	5ÖÁã�ŽÃÐç�Pj»/4Q˜†èG<ÜTäK.À}zˆjx'ªß¢`ß�rà(Jr°'9%² �ŽÇ)r".
+é�«<±–£”‘Šo@"pi<ÆEXÂZ©šÇ“¥Ó`ÀT¡õ¡kwDÇë៧
+“*Î"ü|™PSp,Ÿ1ÿvi?"S<ùFp&M5&ž‰¢þå R‰ôÑ>QtùÄ›	ìç�FÎÂŽS£J®.„‹´:åó¿ú÷eŽK„—Î7Œ‡¸¡+‹¦‡3dãáò85ÍØÂXDé¹!¾Þ#É~¸]_ÿøÍ
\Ô�‰vŒ(“èPçœ8Ú=gDg»±ÖÀ@³ïÈï
+À“bH|´.%ç+h3ô‘õÑpÂeÑ+‘�UU3¨4*™†%áæï_BÕ”öó,ñ€š }5
@=@.dúÿ
 E’N
xULN™˜œD>&'œA€rR^#�¼,âØìŠiÜŽ�;c3îFд¿òRŠ½0àz_•1T]×—‘í¿¶kW�]‰Uꆅu½YeZÐùŽPBüRüM£©±ãB¸Ú…FâD„Þ¯g„‡÷˜èÁn ÍîÁq<'œñëLŠ<9y�BkÀõ)I!ùx?ú7¹�›¤h‡ìÆç!”úfÏYÇtÄçÞ‹(2=aâky¢üÅG×…µÎz¬[áaOY1¤õÈÞ\&Ǫ©†ÊpXj¹:ˆT”<àŸÛó5ÕÃí]ô
+Õ&Ç�q(h�ζÛ4îH›�˜¬CíÙõä媳“—«æ—|žU¿ôζÙô«Íæ·Íæ«}ò
}gùèãÛ
ÎHEÎ& ]…81íO·.ßã‹ÄÁiSe¨‚[w=÷”sÿ”z–!)
+Ù�B¦B|·¯íÀÿØ}CŽgðµ}aØDˆÐÛÿlS8oc®FpÂt3ïJqǸæ6).cšŽð)>«\
+í¡«¸´-+x`°9c3÷0Ž’œð›˜Ž|]xïmÑ6%>ͼñà”7ìæ�&m�ø4CJ–9ž5-”?ü¯¢A‚JOÊ™“NVJ8<iVInVQ�†úSò�[ƒc
+.Ô[jÓ�4ʸM×ùN ˆ©íÆF_IŸÁ|#ðŠ:&÷¿°›ô¹ÉX¶ôuïœlàã„ðÄì¬ï.ÂúÝ3­©c!íVº8‰œž1Á�ê_ÆXÑc�Œƒ³»ÊTù‡nz,J�JÀ"Õa�ƒcËNæ%®{�søBJí¤É{Lš®=v…ÁaÏZ}ÈEí÷âgC[»hy~u
+
cùõK{Oæ6YGvø`
+ˆ·¥c`ðÍXt@ð'Š>}G{©àÝù^'½kê`ȱƒ:�ë`œ7ôÞ^ß½ÜÎÝëáà›æØy㌦¼’܃¶õm[{V’�4ºœO6ý` –q¡Ê%j—,æÃúO¿Ó7;L
+endstream
+endobj
+282 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+>>
+endobj
+280 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 282 0 R
+>>
+endobj
+285 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2289
+>>
+stream
+xÚ�YÝoÜ8¿¿b
+œØQmIþÂá’lÒæФ@2Ù; -ö<'cìŒgà�¦½ÅÝß~¤HÙòØiòd‰’(Š¤~$å™/|ö43Ÿ³Óåû9|‘³åã,Hf�©ž-½÷Âh¾�‰LBï4«7ó…RÊ»Éó*/×9vµw••s{m¶�]þãý…êY-`‡`¶Ð©H·Ó“Û�¿ŸÜ|8£™Î¦a,Ât¶€�Úø¤¤Í²ªÊ�ýê~›‡!ЊlµÍ‰ò¼Ù×y7¨½lÛæ5ö%Ìc›
7HÒÝ\&Þ
+{yEK÷�4á�UÙ.oòª¦~ÁbäÙ—²qM€…p–™O²‡Fv³hÍ[·(
+6H¼•Q¢L€á÷|Ý6žä™ÙvKuC[ý!æ-#oIÌÔ´ì¸eÇ	®ìHoöDŸg$tÝ®ª=HTâÁ¤ò¾xõ&G¡°óØ–kVI8sEÔz]‡†htžü�Fž‹f3ò©‘„°+n'F.�
+iaƒãÅ h7\ïÛ
+¼ï˜�ÒBÙ)_æ$HQ“xYC}ò 4ûQØ€™†"v=ÐLÕ~2°HûÞ?7 D3’á'¨û¸)[�ü‚–Lz†�%ccÉÈX¢%ñëZ²ºÕŽlf7:´`«æAÞ�4k‘¦¬žŸ\Ä@„ª³œ7 4ç$‡0:É›z´C¿¾CØ˱/·?ˆá3+55W¿ù÷&/øØ %À¤Ä=üC¾jŸžŠò	ì˜$ÞÎx;P±›¢ûæܼͭïBGI�{4hž¶Å¬WECùx‘žx©J‰ù£qy dôyÈÉ÷;¶CèhäƉˆ><Ðœa¤!ÀK­­†ì&;x¡Íw‚q	ß®©7°j|=¤�Ö:+:ñ—¹c¶”Z¾¾HÒ�-{lËH3lGÛ`9FfÛ8aÍ~š¥1¡Yd00
+	Ñ"Æm$ 
úEIßnÂia)#-õH;º?„º*¢nŸÇ�/2ŒËŒgub`WSЈ-¨@c›Õ
ósѦö;D‚oÖ[DŠÕ€í¦­ Cwï4 � UÝ�¾AqŒô©úÉ ô¦È¶Då؃äš(Y3п20•xû¦ÙïLX
+�ÕhŠsâÑM08¥â
 ZöZ%C¼ƒ~ÝÛ ôL7Ó,ÌAûE˜“p"}„B¿½†sq˜0Îáöçì(¸°A<0ÀòÉ@¨ôõ=C!åù”²È§TÊɆƒ|fÜÅ9tqF-Î)ç”Å9˜@8gƒf÷,.ð‘Û ðIàï
>ldôŸÔ|Ua`ìR)Bý*Ú%B§Gh‡œMúògAòs´‹o@;•«€ÐÎIRÏ>_]�\ÿú3À#²ÓDh»]V>�£;pdœ
+ù
+åÆŽî] Õ¨f¤f|Óچ訤ój"®‘òÚr›×5ÏßL\?·%ÝpÝ¥k$Œ4w?ý�ÆSé–B£ÊëvÛPÛd*2´›*; 4:¦ð
¤çMaSf-djfS4CQ&a®“Ä$ß½°¦$hú0Hé}±ËÝ4ÞÁ&¬Îf<2úùõKŽüè¹�XoˆCë¨
Š
˜ _ohq¨nRa\ä¦ôû?°iî|P¤‡	liêd´Ø¦å¸‰¹‹¿`ß„‚2ˆxõX½ù÷CÆÃÝ.¹ÑÖ©¦/G§Ø+©â
…'ƒø�€T5í�:„¶¼Âœ
hUž1SvbÀfå6~ÉyÍ1êh
džv°N{a�êr:œÐ‰.
+¸!r8ÂÙ´¢øí®ñ¯ó³»ååçëßo—7—×Þ¸ËÀ•³ê©Ýu‰ÊqRgÿãhÉ�­lëÑÞ
äÝvø¯ÄÄõ,S,®³>�$”�LýBá�ÿéòúüúóëG>1W_º5;v‡É&\³#.ìò®Š¶&*…|)-ø@jEÕ•œ¬ƒyA�²õ¡a@ÉÖ{€åÅDRu0Œöå!¢¦ˆß¾ð×Ú?––¦PîÿþB;ÑZØÀwqw}v}ru>Ò_Š@
Ëa·\‰åðîOÇ÷ÿ»€ómvo�¤%å�„[›•AÅ9ˆvï×ô“ˆOÚÄ/9¦¯;µ"±»è>¾ÀäÕDð‡«+uÞýiµ0-~’ŠÀ¢ì3
+dðǧw‘üAP¥+å³�Ñ0|Xp‰¨�Ý W£Ê"‰;Ñ%ÔrVtlªáŒbœÔ~$b9´Áíç»›³ó—l „õ9¥–©wW�5#“>yyáj©¸Ï‰è¼s…ÅÉÍO:ÉèI"8J ›ƒ÷~ÂÔoÀ›ó«“åÙÇ7‚@â@ N�"%R,$|­¢î1Ý7	�U]O¥I• ·r¸’‡qš2N„²Öøûÿ^Mù(³êµ÷ä]y•5ô
/M‚A…�Ø�&“)ªR}�q?Þ>±µð�!ÙÔ™À¯iŸáC³�zÐQB
+ÊòÓÔ»?;æ
„º©Úuƒ�ÏȯS¡¤k*Ž„qà>&Ç‹ÐVA*†Üc›;‘*öéQÏ�;|§•>Sjêr¾x|9+–7–œ78S@<ýÒÛe
á,Süé´�å)Lá‡�[<µÛÌfÔ@…Ú„6/⣣ø‘=
+´è(Çø-UÚW.åÄS¥v Ù4v«£sûœ/ÁO‰ì¹³|jw|êHJöÞ¥Ï=êeù¢‡š�Íz,NlòºøOÎùTí„ÝiÔ�9š:~»A�ìfvSÈ&r"‚-™âSß1”†¾
Id”ºH‚Ý!’ …‘›ãtBÆ>!	n¥@¤€€¡€§÷á¥Ï	�n�˜¹Œ]³÷1þý`ÿL¡”âÁkù�û8ø
2¬;¦Ÿ(L-FŠ¿;½ýxþéÓ몿,×Uwª	Âx±½/9Ëw~Œ™+1 Ûê ]Ùz%¦*‡TÚæ[QíK³eB€1¨“ƒ9ûs‰™À¨@èíîQkð/hè²>18_þåÿíE†
+endstream
+endobj
+286 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+284 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 286 0 R
+>>
+endobj
+289 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1720
+>>
+stream
+xÚ½XKsÛ6¾÷Wh¦=P3B‚¹ÙŽÝ¸Ml�¥$Ó±=X‚-¶4©’TœL§ÿ½»X€"Eɱ/½ˆKܾÝ�|æû£û‘yü::œ½>á£Àgi0šÝ�‚d„,£ÙÛ+ïh©V�®Æ“0äž|3ž!½éRç9…Þ§qÂ=Ueê6×õxÂc×Åã›Ùo¯OÂ�Ò	Ø
+F‘²Äè=<˜¾ûòéørzzvrN«;.ȘÉt4
7r㬥ܫ´Z”EþßB0[©1�½ï4ùu,¥s…F®½Z[qªçMVôaÄb®œŠúæÄæGÞJÝkšŒÅõ˜¤ÇeY[=ú
×ßb¨ž®jt}ä“«Ò¸º,ó¬•!8DkÈ.dÅ]Y=(눼’Ð,³š¤¬¨UÌ5}QÞÑ衪—l<‘ààl©iŒâÍ׺¦µª®³ûB/¬ÆÒiÖC»;îÊ@«*4
+PLwež—¸ð±~3õ'ŒÁ½òovâ›t¢ Àƃ‚(#ïO³1áöÂ@�kð7iý¥‰kêëÑIf)˜/Á;´Ré\«ZÜ	9ã�]s=fÃäå"d‰Øa𢳢\Ô	ŽïNì
.d±®»SƒC&~ `ñþùK\©fŽ¾,é5×äY¾Ã¬S²Ûjø«·ëÌÔ][_lS¼Ä¦Ë'óeÛ¬k—f÷ìÕ° F%"œxºQÁÀ$�ŸÄËXí�B¾$
+àax„r(gÛ\2Ÿ[w>½›ýqq<0 $P;­Ùå0‡#%ÝéðùÙSü?p¶Ç¦d¢�|`¨žÍÒÒØ|]UÚTXCŸv¨¶]ï¨vgÚtý?:ÿñÃÙt�ë´kdcáûà±-Êm%÷w8ˆìW5dÕ¼ÖpÂb&{“¨/ðæåÃ*ô‚´�FNm m‡—N0£*§·ÇlÑ,­¸Ô†7 DÈ­¤—*«*£}ËŠ{Ú:ò±%å<«›šQsp°nJ<ãæ*75–†nHX¯LÎÓgêg®³UÓÇK
6‡'’¥.·¦§¿~>=;z·3ÿ‚ý	&)mÝÁ_Ž>Ÿ_¾}Fÿ�{ÍH™…þ†"ffì÷¶©Nçí/ÿ+hdúïÀLœ2ß•9†�j	)qÇËjA†ç%! ²Â€€cíÒ^f›ÕëªÆC'í–O,¸2`aзÎC”“8N¡Î°A‰\7%t&vÆt0y*ËÝ´ô¨/CÉ$&<kjQ¼[&]êv…Ñ�Žý…¿¦N`¢­!lx0¸ª¬÷½æ¾R�÷Ôë%VÁ*×6%áýNͳB3ݼ»^ÄM//	‹Pˆ½«‹ªÜÒyÔê¼yÕu€rÂvŠ�²�ïdégtRîýéÙñ�3nFà†-¸�vê�¨¼B#vAä°ãb«ÆoÜŒÃNv°ƒi‹„<v n°ö‘è�á´ýÄbh…DZ󰦹ì¸6�
Ø‚�²
¿]õP°ÚZdQ_Yœ'd¾M»E(ƒ°�2õP6¼ô"d7À^œŸžÍžy–ñÄwd“ÀT?>i’ _Ҹؕ4N®ÌAWRåÒ´"À¹t:ÒxôTÚ~ã>+ˆBpÑ“v[jqE¢¥wŠ„íÇö€¡ÀÂUÅùŒ“–†œÏ8d®<ðTÍ–"�i…B¹ÏDÔš —v”'}CéÞö7ÜêW앤­‹#·žáfý½Æœ6ˇDÄ‚¦ÿ¹­îL/˜íá¬Æm¹>mX®†Ä¹€|æ]dÜ¥Ø7¦�+`ê�/Θ¢ÅñMÑâð¦hñm'CãG·í�Û·[B¯hw¥Í†šñÙ¥fss#j±S´âÿ)Z<š/�~Ÿ>·…䣆J&ÈKsáQ•š7tæHi&±¹K_X~©Õ"7MçÙm¥ªï4ÕTZ55M˜7ŒmZ2ºMY¹Y×±õO%Ûã?
Ô®EFQdE²ƒþ¥ B¬äAnK‰7^ÿY­UâêÀ¤.˜\°IM‡JCcyYÌ#ÈðÆ®«‰ô<ƒD´Ù-±ÓíõŸ¥³Ænï•ö�ÙöÑØ
+©[1½çú¶†2¶¼ä:ÒJƒwÏ>±Mûö¼&1LEÿ)±ÕIáÿIÐÌÕÐ1<©¤,J¥«'ì�Ù×lAä*~5}O5ÞYßg^øÀõƒZ´ýB*]¯'}¹E@Ò§ÝÃ…†û½NÝàtŸ–nPìÐ�]Ñe’Ø0	*qL‚²‰W·½Þñì§ÿ4EfÈ
+endstream
+endobj
+290 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+288 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 290 0 R
+>>
+endobj
+293 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2575
+>>
+stream
+xÚ�YKsܸ¾çWLr1U¥á’øÊM–eGÉúQ²|HÙ›ZjˆÑ°Ì!gù°ìòÛÓ�n�àp$+¹A°ÑhôãënÌ*ðƒ`u¿2�7«—·¿¼«0ð³pu»]…é*”~¦V·¯>{Qz¶©H#ïeÞíÎÖRJïFou«ë�ÆWå½Íë3‘xC^�ývû÷U”øQºZ«ÌO
‡û6ßïó»
+©ÓØÛ4ûC¥û²©é}›oʪìKÝÑû¯ÓLúQo&ºÔ�q�xŸ?´ÍÏË‘çoçF†`µ†#„t„C~¯Ið0H¾œùHñËk9x�"g°$óa–\¾ûáæêïÿ$ZG9–¸G†ôäSAæåm›£~Ðë·³(‚¹’„Ä™mÛìiô°+7Hº£WR,ŽZ� ^¿ãeÔ¿×t]IœàۤŽhîu­Û¼×…{xïŽe’±ðr|(¯ÛéªÂ¡ô¶CmUo%Ø1Éq¿¯øÍÂ;œg&F0ds˜›
ÖÏL‹ÜÉ´Îbk\øÆ]/mÅ‹ÁVdoÛ¦fö6>øØøÕõÍÇÛ‹Ë<bâ`´®È„k]|�[g6�	‚>/벾ǹ�T%2PÌÐB¼˜ïsjœL½¾£ÙfKÏq]Q¶MË»v}nüæ«f—�÷
+?¯—6‡NQìår �·8‘ ‘Í“ìÄ5ö¾âktü=ñš¶Ðí8÷ƒÙ¶üµ(»CŪ�ã1Àeô#§csÈPøYÂJ†cv+ˆØO¬êËÚXuVƳ„è¸'½KÐKßÐs¯÷(Ó($kQ#24Z6T»²£‘c\|�×0?‹Ì°}Ò—¡3'¶ã¦�ù^”[fg�ˆ&Y˜*¯0æ3©Ÿû*ž^®	zè'Šc•†*ñ¥ÕØaèvÅB§RúÊRäu±`!„¯¤åЖD‚šŸ¥#‰Œ¦‡Îȧ&á)HGFì†fò‚�j-dè‰(`Z
+XšžŽ4Í9ª„ˆ“€-¿ƒ©Ì.€Šd`œ
‹*Œï¡DDªºáe&vy}Ï$#Côž²) eäFj*=�-
+"ïz»PpªüH°þÅÈœ±

ã¢À¨;Ý#ÖE™Wš=•W5E¹‚)tí›2¯h`úÀ
€I–yèoxZ]÷rËOæ\’§Âi•β]7Üuú��Ï^ �î9˜{õöâòã“€{�¢¨±Ú€Ñ%5¦Ei¿äÑQ”røH>8 )¿•mC’k�{>ìôœ6“"ÌAÔµ=ïòPö;w¿jÐˤõûÞüÀÆQ¿<.jƒ>¾8§ŒnŸ
ÿ®öƨÊ–÷v¤i`¥„aÉTíP3òe¬äÃO½Ï7ÝbéÝ:�
¨Ú‚å¨L¶}ê'‘kùª¬9ÃêʵúþYöþtýêIsßî˜)•�{ÝBid|J¡:!O¥I€’–èË‚?¡¹dÉ£\‹¸Æ'XºeÈWŒžý‚xÜÔòÏ�øúòêÕõíó‰škÚQ¬‚F9ïœÓk¡·ùP±ðc•b:âÒßÂDùYÄÛ­õBš0ô•ýü‚˜4‡©Ö¢Ü¥N¦•DøIÈK·›%çÈŽÒ4IÅà\ë„
+![bjwuxýæÝû›«§+1Û>TM½îô!§‚×´U‰‰GÆàÙ�‹Çáwj*: <!W4¦r�1ƒŒ3ÛmÓî)”`a§Òu¾gr*nOU[ Fô/!QF‘„¼”ÆÄG;Àk²tø" ¸è©@aä´¦f2S&¶Ž„
û5UwH
+Ê^äð$ó•M�)V9UvÌüû¦
+î! Òþ,þ©}™…«�iK4�¥ /°ªÀ�¨ŠŽ#ñ‚Öu9*Õ
IX
+ðî1g±òÅÒûÍ_ÿ³,S¬»/PE¾P3üôîòÝÅÛ«ŸörÞH¨ò� äD/ m/€�hh´e~NÀ,&ŒcgƤªU¼/a½´A;wJý]o†©yÞÐNC‘BØ$ºÒ&IÆ7a‚SŒÊºÐßiyÀqdãjÇÑ1ʼn�@ºøÁû»âŸhûX\T–
+B«Z= ¸*%qU ¸Âlú¾Ù¯÷�©;�Ú‚kÁ€+™#÷‰ý0e›þå©ì¼ÏOÅ—ôcùÔjûq”˜ªÐp^…R�¡/â¹Ý ¦L-‡«�©£ÌBŒrzXG
*§…ÇÚ°ãúÎ*kQÕɼ
 â¢p	$äÁÓQ¡²II»«o¦ùãSE‚ð}<UÝ�ËÚœÎqD…–�ýÐÚàâ§n[“)a¸l?˜‚_§Šê0S“A�ä`:XÉQe«jÄ\‚‰±ª†!UÕ—\A›ªš¥|Ín™–u6€š&ÅpN,¹X1{I5bÜ©ªZ>¿ª~óëû—OfP·UÆ‚3Y¦Qœ$<Ç1>yßëÖôxðVhS‹S˜†¶C
+S䜯›’'/5=Y˜8�ah³ñS—V*œça…iê�×ç\H[Ô0Ðå–rÊH1g$˜pyŸ\#¦-ˆŠ•°D­¼êбU6ÏáR¥”ÃeªÌ6™£Rü|`B¨¸,†<mYaKºs·}È­TvÔB4Éy܉ó8IKî-2?š¥ç„ÏrÉ›÷Ÿ>||F:UœN©Ê…t6ïÕ‘`™NÕÔ±ì0¢lª¼û¶�;¹7®³Õóf
¾pƒáôWùÒ=�{%È›­�ØÙUDÌ›œ‚Ø2Hfáê=Éó°Ó5â¶�Sx:pŠ©ÁÀi”Npj&™”ás‡…Óè4œ®ÃXPy4ø1)?Ë\H•ÎEÅsr„Ti/*òæ0Úº*g*�TŽMÛÿv-‘EæŠÉ[!E÷›]~âÒÁOŠùOFFeÍ<w-Þhã�<uÓ›ËF
$9^ŒŽ‡¯Ö•Û¦¢	Ü™îw�Áˆ;çxß«¼?†ÒÞÌ"-²/{SÖ1_â_ÿ~%�•ÿι2§«÷P9ÿ«ÀKæKHïó߬,8}ÍÔx{Ïn‚¹gò0Œðž}­$We¸
+‘´5
	“>NuM&΃•§ÞS9uFìK…£¦pÑ„ÐÇK?´¥ÉÌ x!ì¥
+lX¶Ÿ�™=m会kf<¤ñgŒÅ7œLb‹í^•á5BÁ”�˜oð1¾ÍŒžÜíªõDz¢ÕO…ÛææÏO /LW’u�Y§Áÿ
+�%1� |¢v&øF”iè˜iêKåÄ´Î5øù»ãņÀñb¼ŠÈb[Þâ%•¶#s)’ÅTO®•-¤G¾ÆŸ3£cʵ>_º�£Ý4;¡]dzîó¯Ÿ+7cåf
ߧäqîwe[ÐðXÓ)UéD¥¥qô*Ò{°r¥ZG»7ÆÓ]Ýþ鿤eÔ
+endstream
+endobj
+294 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+292 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 294 0 R
+>>
+endobj
+297 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2622
+>>
+stream
+xÚ•Y[�ܶ~ﯠ@£)vd]HJjŸRg�l�Æ@¼h�ÆAÊ�Ñì¨ÖHIãµûÐßÞs£ÄÉ›Ý'ÞI�ûw¨UFÑê~EÍ·«¿Ý¾z“¬â(,âÕí~ç«8
µºýæçàõÁ>e·Þ¤i迬7JéàÝ¡¬kœJƒ¬ó$°]eïê²_o’,BºbýËí÷+�…:_mTætÖp(a“)‚®<ÚªÙѱ0l÷ÜòzuÕeÕsk¹Ù¶ÇcÙ¬8‘�ÒÒ¾=5;Þn{ÿ<è¼OtÖõƒœ�Û¶³[æNq`é³£Õø�™ÿÇu’m·»ŠÂ§þdëú3rüÉ_½I'ÑeqhR8wþ‘W=Áê0Kdñ«p½ÑEÜÒ'ÂY‡ªÚŽÖ#›±	«[ì{ßœ§ÁÖžz”8Ò{›UПîú¡NCÕ6ÄÏ&ËÂT3SšÑ‚¦Š8¸ƒ&Jôª‡žØñÌ¾í°“° q†W5÷<ï„Óó*ÜG­�'¤G`T¥Qp3ðԯβ6íÀ{šr[ö=
+Wˆ?_Ú³!0¼~²ÁÛõl¢)±–¦*ºÒ2å¶t%Ù¬’Âý%±8X"ã�Ë�gqáLÝ´ðbµI’P§ôyßݼ»}ý÷oæª'BÖ=ëxžÔ†@YžŽk�ÿ‹¨›S‘	PH�óÉu±ÅÌŽªaàöîyj$Üžºnò ""m³5™8nö3&ÏÄÿ%þT%ü‘Ï&:85}‰ß‘KÞ—Ö--t«A:½Xݶ²5Ï<t­ÌuCUötä#Šˆü·ïÝ1ÒºÓÀüËßNâ>äªð- úrI�q‡IÊT‡o¼ýéí_Т'Ž¯Ñ¸1,Õm³éK0D; ÷(‘¸‡JÀöãZƒ}Õ'”oã�ìÚº&ŸÂÉC‹s�Ž‚”Óó~Û•Üé-Ò|\‹¯"%ú.¡¢gAl²ŽØÐw…¼éegb²ÆS­,Á7k÷ÍHQ5Ûú´s£yŒšØYÂ}Ó‚ä출ÉÒ$a‘»hHæ¸ßó½�‡Šƒµ‹T÷dø¸\
n‰Î/”ž«ˆƒt-tõeøÄU–%t(!Ñ¥Pa
oÃ%’NŒ‚ÄYdd°<*‡)ëçRJcFçRÚ�ú%ƒKŒó›BŽI2Ÿß1dj” t}	fip´ƒ?”\«À×Ê�U{¢M~&�%ñ!JhÍDbØÓFñ�‹b4ÑF£XpiËÌ2ÉÌT¶dH`GgºkYåOˆŽ¢@mh»á`	À�’ÙòUyjýR“åÃÆã—t&ÏT±öP�Ê
ÉMå“ïá�b9[ˆ/?Ëç—‡‘Ã!egû/\cÚšø1ñdKPåW˜ôLÄ$£‰Aw´)Š^H*�ë2Ϙ	Ó%lGÐJšã
 ‹Ö÷?âT«PŸÑ}×ADFB–ì6¹$$æºØ&h]èÀGÔ”L„¦‚3—¶›ƒ´¿&ãÿÌ„¾c#16R€ ÃåËLµÈ8³2‡0d3A·Ø²y ×²[ÈÁ¹	cgyO%(“…qâ§a8|LÈÐ:ž#–Œ#çÑ…‹î<kyNx¯\ç“(®? •�²b�†©ïÛÎPà"c¸=)@/,Uœec�I‡å ;b9èSŒ¦õóÐŒ{Û†—Æ3¦ÈA@´÷t‡Á(øO¹dK{¶5_ŽOÚŧY`ïK=]Ü|ûãÛŸ®Ÿôk4©4fà§ÀØûR?æ“r¡É3àÂs"BìR2A¯ämG‚‹õPmœ9Lj6Q)ÄÐ?£ü,Y0¢�z§“Ià@ä’ŠPµ*Ggw»Rör6ˆ¦"ËK(üÞv;(	{¯Äó©§Ø¶”f2OB•<Çþ½½„öRX/.ÑÞ››®Ÿ
Ø#4öH=ÁÕÐ2?ÐÁ³–>‰Z?Gz¢�tƒIl@B>“—
IAarë¶ïʽÍó`QŽz
+PÂ,äVÕÿ÷*¼³ýáW÷—RÈu˜çSršĤ²%�¾»ù×õSøYM’M ‚=ÚOÕQ* š Ôq^ñJ>É�s
ì:
¥)•®@…�—¸Í=1〕…r…ãÿIOL\ɉ,U~ÕXl‚þÑ÷¹éÊŒž(’Ì3ì+<J¢.L_�£¹$’°ºS³µì~¸+œw¥ñg|jq§¶ü	ĺ!Öy¢‘…#&¾…êÙ6ŒÉ8"äONš†$�쳚%Mˆ®#<Šz2þLL8Cô‚G¾x�‡ic¯¯þ+›í
úü¦«†`Ε”õòôƒ¥zÃ¥{ÅfP"ί$û^¾”Ÿ îDÍ+çQ°qò( ðQ^'^¤£èéõŒŒ0«SmæÕ#N
+HÐjt™qÖšžg
¦íxžä©1,l+JÝÚEC‘Gk/àèÑqp+@äS½››É„Ì´™%_8�’¯vÑOûAL�u‘Ž“àÚŽ
„ÞR	#¶a@LF†©õtúTüñÓÓ$½\ﺔ8fW%ù’ÑáY1„C�oŠ2h]²Ù£‚÷äWØ«€ ÚVrÎ<´&�‚”K~ò	��`
+øÃ=¾5�b߯	2˜I€\ëšk
+OS£H•Îù(h9‰sßÞCh ¶µƒ©z„À¸¾ç’Ø_eÓ)·¨òtfæ=Ò ³»ÓÍÍKŸ8Lãgäë�PúÕ;
ö(F�Ôe?£ãàyŒD ½l
Ú>Îò§GøžØñ	ûâõØ�Ä]V-xÌÙû>7©8_*ªŒF7g¶þ´¤Ûô˵:[æx7¹`áêðBûEVá‡×B¹gT˜u!—gih²§>Ê38<íhQ½Ÿùú©„‡KË~kØõw<sêÙá ky÷�%ëøÐ×€þÊÏÎ7qV„éYˆ»cûerïI?‹gáó²� '(îø ÑvYnF9b �0 y)¡5Ñ:üz
­*2	‰ò2Œå7—0;ÕéÌ&2/ÀÊÓvUCgBÕPÏéªFÊVÚÃBöžŒ‚³=„�¦—OÚê2�-¡j]„QòÒRf–“Ø°•gaþûI°wªåt$§T×€ìâ8Zúî8óWàÔô"…‡Žñ@n Xø��÷üŽ»Ó
äðj'–VmmíÞlr|¨ò"
hz¡ÊÉôËbS	×ìØLüå± æhéá+•ãág6“_æ9+
)x1d„¬p$sj„SF±s¾2@GÙßל›àuËÀ”:‰(U˜Çÿ„z*åÁúñk1¢´<áPÓ•ü`”Åá„Cב	éE™æ,7ˮƪ*~ùNœ›
™³V[Wƒ¬I²d¶ç5ÄóÞ4—j.ä__bÎ'ê-¯ˆ%$ä—Z8±X(£åÉAû!ãwl!~—ã¦L6)þaÜ›¹Ñþ݈
ó”}Î�ÛK�øêúöÿêÿ
+endstream
+endobj
+298 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+296 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 298 0 R
+>>
+endobj
+301 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2330
+>>
+stream
+xÚµÉnëFò>_¡Ã¡‹&Ù\‘“ã‘ßxà%°õ0â Ó¦Z
ŠÔãb?ç�oŸª®j.¢¼ä�›UÕÕµWuÏÛqfO3ýù2ûiuzáÍ\ÇNÜÙj3sã™+ìÄŸ­þõ«:ó…{q`ý$ëí|!„°îÔFUªHþúÖµ,æ^dµ2Ÿÿ¶úÏé…èY-àw¶ð;ÖÜþ}y¿Z]^//nï®ÏVD>89ˆì ™-àt—N¿ÜÌ~ì[Í6«qXÏó °d•ÉÇ\Ž0¾U«†Hd±¦EQ6„ùB«Íó“ù"ð\+kFÌòö€S[+æ ™PbSV;ɧÔM•O´8éâ÷º8¤G õâM“íÔDcß³�h‘¨)ÁžQlí�1´¡ßf‹vŽK3Рº‘»=
e]Ã6 N3Ù Ø|Éš-Q*™¢îú/²ÀŠMY½‘¢Cè7¶ÖY½Ï%‚^çl\£¬à:-à@•G"Yˆ�D;t¹ðíÈe�Ìy­}Û�<¶YÞd…
ž	<ío&ìo\�ý�‡øû„-ĆqÈ0Œ—•¢ÅK•5
hKœKs‚"£ØŽÝaÌõF‚Pð‚Hk44~aë+EþNc³@»;RµªžÑöÚ)€—iUÖ5³Úª<'µªë¬,j{š<&;ò(}nïW—WË7‡,z^’ceV`ôº¤+8Ò±
+¹ãU¹¡¯¤�Q×|ðuû]u·«‹ÜYÓ÷¹½@ر‘æT5é鶬!åŽí…Löƒ‘Ô°¯·e›s
+×Åè!†<JzV¥$¦kèZ/[t3ÂHx±¥V(µ®	ŠQ€ ´ÜísÕ0­$ J‹–‚˜Œ½ÄZV9Qhë
d¯]^Í0:QÖQÖF(lbÎB_ã6·�ÄvÑãÅŽ•"b+‹'Œľl³œqZ3\°f¸ÌjúVmQ@Qúþ’¸§,Ô÷†7s
zKN߉rÒ¿®Šð•�D»½®1úwÓ¨Š–dl'ÕS'ä�ñP�ô®Ï½qr½®{.Ñ(Sf,V [íMÉhˆ®}ÁEŸ¯[P©ïàA]´ñÝi£81–�I»>®œ÷ó·â39Áãºä%PÚ†¤ÚJÆ,Rg¨Šp/v4*³l!_»£•|Ÿ"¾ô€Ÿ& ëÆX1þr3þ|ÄúÁGj÷’ÑúŽ@uÁ¤s£ÀNâ¡bƒ4°‰É1kuH¾1¾mþÄöý�ù±´¶7Á’#°�pü#=�ÀlJsíb}¤{Hîᛳë÷‹ðʜܟŠ6ãöA‡§mU©®Ó*<Ÿm«_~~_‚3î4<¦àz­ê´Ê»ÿN’�¤Í
+E’˜Y¯·—V¥øŒ˜—_nnï–ËÛ‹÷æ¼`Ô³ª2ÇLIØu^BÛ¤Rä%
å=À:¤©�ˆ+T©Teûf¼ANÌëBÿ˜„žc›ÀâêU� Xð�­Ngøör”ºè(+ö-9bÇ�ËÁ8+DlFß5.H†¥)Ö
+†WU®#¢9v‡¥�;`EŠ-ì1ýiÛdÏsÝ'J£DñûzÇÑ1Åk’‹´>J´0�‹Yd‹Q«æB%x˜l5\`±®tIá¡™}ˆ=Ý�„öž¦×¶¥e®C‘lMб7­–/­Bì
Xõ£À¡ËË3é‰÷‡»‡îU>Uv\¬iøV§,¶º·?Ï©§ûŽÐÃ|Ø…ªÊRbù]Ïô¬«¬‹š·”èBäaNˆ†ÆÇ?Þ;×j#Û\»+â<Ž-ð4l	¢.9¸âÃIöhåbKñV­µ%NºØ<’["°½�Â̤_�=†�õ©bM�’e¥ @BÔs౦U5²u�	 ›Bf¾e‘óŸQ D¨Ò†þðNgÐzÁÈÌŒG±HjþŸšÛ/o~þºº;ÿ¸cDp¢ŽÔ1ðÛlp¹D‘�Y‘5™Ì³?$UH„Ñü¾‰èË}VU¶ÖåOèøu§M²`:[Û,ñŸ§¶vH•¾?Y±�ëF88
Ltuvóå]û|Õ—r
c¥v4ŒkÜ«õ,3…â"§°Me΀nÆOt¥ƒíäXœ`s{è�&âP‡EMŽJu„Ëœ)j•C¨ð-yd3¾|�òø¡ïËÃkjÕtÝTo˜Ìp¾c“BWç¿Olt
þØÜâtgê-|þûÙÕÕ1¨³Ã=|f®ßSDÁ¤“Õ5#–;zKÑäÓ‘Ú
“~Z>êo/´…i»ú9I]2_™-œWM8‡I?ï³”›ÐÌòSÍzo^Ñ)T_âЂa9eoŽ£gG90צ€€ç·WWg«åÇs9ÄwÅa?rEþLA}ôIË<ç’€ð²Zë†
+K~ؾ)»øªÁ¡èo"´R5†š Ç*žnì	{YàCÞð\~„I<S˜[).¸qc§­çLgeµÐÞi	¼+~%9!‰Ô·6{^L[8…ž%ᒘ沮'öŒutòéÛÚ·÷Ôô‹¹¨û
¬G*êë#«H¿Ç=ÞЪbj£�lÌ\ýD‰ÿçqØÜ+l±Ç;°c‚ÿz‘u‡ÂïÒúßiöò‰Qžx˜6à>¼.p¤9ÎdòqƑ昗!G?�ï	þi8äDBã(N�¸‡^gÇpqÍÉ#Br4ê‡ÄÄ1nÆ·sŸŸŒÝ‡¸�ûMrܸOCÇ.Cþì2D‚ËS™ŒÅßîÅëåýýÙ—åýÇïæäMoò^Ž�¡7¡Ê™ç‘`\ÙCåQô”´�•5¤¬ËØ.¾µec(é¾É¬!,Ž,Ukzýc2¾�’e¦#jg†‰NuïKÿüfk’Ì&ºÇµ=;`]ÖñpÖ¯ó”×yÊ·¢£ŽréÊ4öÔÍ×ëåÝåùg<O	£ñ{\àGƒíÛ-HËInÌ°â­‹£à],‡ŸŠÁË›åÍíç>r~LЇGúðHòáýàÝOìi¥¯îˆ4¢wOå l[jæàù$çRßõå—•™-Wÿø?Ñ›8
+endstream
+endobj
+302 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+300 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 302 0 R
+>>
+endobj
+305 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2429
+>>
+stream
+xÚ�YÛrÛÈ}ÏW°*©2T°ÀÌà–—”,k×J$‹%r㸬­,LŒHÔ‚ƒ‹dåëÓ==ƒ
É|ÂpîÓ}ºûtsá:®»Ø.Ôç—ÅûõO?³…ç:±·X?.¼háq'‹õ‡¯Öå.94²:³9g–ÿ·3[ßZídžc·þu1+©²ä[.ë3›….̼³ßÖÿøégÞojÃYÞ±©}o®?]­hÖàh?tüxᪿÖ2Å
…õ팅Öµ›�œìíÇŽËõªZærÓL6æ¡Ã}=å[›åMVÐ~›r¿O
+u�o5%u¦ž¼Ï
+©»wÒLÎÛ}A�¹,¶ÍŽúËŠ:ì—ml¼ÁÂŽ‡GÄé‘8³bKr£{feA?ó¬nj‡¤{Ñ6å>i²M’ç/fvC�öE–YVÉ�ÌjLXå#u&
±€9
ÓÏ_]ÿòùúÓåljŒ„ïDžžäLȃÀq<&véðöâòãúËòêM5^à…}«n*õv Ϥ¡Öc«žˆÍTÖ›*û¦ž§�¤&J½ú¥nä^w*4 BKRŠ¿Ï»lƒ£;Zõ>©w4�é
åw¹iA÷ÛsøûVVô¡Â\Ò•OPjI•Ò󢑠|ƒ·mÑÒ¸ˆ[ Öi|shmÀØ!
\DÖ‹­_r,1ÏeNd4pýϨ€±Ø‰ý±
+®o.?^]þóžó±DÑ<F\°ÒHÄ�ˬ%lÕrSiýpF?IMÔ’z†6|Õ,Û<¥6	]nð‰Ð
Ê$plŸdz…9¦Ûí�ù¡òj?B¶ÜdØ-Ó©>ÔzκîõˆC™,/Ö3�éIp½ã=à$á
ö˜¬g�ã›õOg¾ßù=4\ø¹Vƒ¦ò1ió†~ öð¸ø�Œ”ÕšÀú¼“úYÙÑü&Û(m�yŽE�ŽŠÇñDðqD‚®«0ž¶#œoôÍ´ìLM�”´êÙì"©#ÍêCž(›#çgtû�¿Û'ÕÍ<T€s€­f]?HίÙáÛ„ ô„‘öø�„V[€¯Ãk3ߢ—„äýpYSRGBÒAÞJ=ªðŠ昢lF”on÷(-ýN}¶’IC?Ô>uHÆ(”ÿmû”àû?Y•çº‹  :ICHPGGü¥í
¦Œ”²�1xcÄ�½ßÝ|X~þð¦ÃÕ(ä ù”•­>÷O+«?º”f=š²Ò!&©G¡¦�ºøçLŽyaï²6éÔ¥ùŽ�CîœK‹]GŒŸ¸\_Ýß¿ùÄkŒt±¹k,´=L¡
¦ �=D”눀°®iŽ¬*å³`p/ë:Ù’ik+Y
<RúÙÉ%æ󮈇¹leSšzò[Ï«£%¨MKN‚ÄꔬT«c°Ò>…ÛîwÜRûaxqOVtøŶ!ÌÌ4bª¶(º©eñö�cu¡åõòjµ¾Xÿºz+n‘׸Àíƒ
WUbˆ ìB°ç
ð iîÊp+æGVà„ÔûõÂlQÿ† dÖ
ÔLƒ¡À¸‡-pÏŠÃ%=KN¤iÔB²…_ù=kè öÔ]4­¢¼wVú÷#xKji–ƒK>yð£iB3”Á¤}Y76ò>¸$øªüÅ&R£È2pqôÜÛªl§ÅM3­Ðùìä~CÒ„¦¾O:»çCQÐhYJšh?"Êå´g§Àvy·ºþ÷Í—ÿ\ÞÝß_]®Ì_”Ñ®Ž"ØC€û1A2ðˆ*¨¹’$­§¬*‹½TT¬¡Ï'®Í�ñTí»ð3T &åh’ª©1&ÔÂLЇƒeUO¨¤-nHÇ¡¬³ï3®B@1´ˆ½JSÀ„á#x‡{hö¸‡�ãyÔúª™04•Ø©yKhK¥2¸²6
+#eÐÒ„œøv@¤LÉ,„A¥à$HN¦ø"Ž‡Ò

¨~¤/I¿Otº½ÿ²íyÑ·1ïôÎJÖO¨a’Ò&ÑY–@ßÖ·wIJ
ýB©ûëöpÈ3™"?BîÛè¯~
…h€ù䆧ÁÅ‚pdý&èÀ‘Û<Ÿ¼<ŽzH¼¾.ÿ�q‹c`ñÈaâM\
eîr½�Âù˜(=qѿäËûö›ðu˜§3q��4Î.éû
+¼Yä„1-dj!i†ó‘fà§ñs'y—åõÉ,©wº)@NŒ³ŠÃ�Ð›ì{¬òwZ�‡¤Ò›üèðT•ö¸!CŒršnFÐø”Ç>#t†#9ÜßÝ.×àdoo/>}8ÑÉúžE$œû¡~�φlg¨+ùL87 ›Ä‘`0у	}º"þP\
¾Z�ôc”v¨YæØ®¤BÃÇÜu†•'ÃÖ¥%ZÁ{S"y°¦YßÐ×ÿe¹ò¦æƃšÙÐæE±ˆ‘ÔWüð…Áˆ¦†>a(MˆÃc(„TÊÀ‘V•Ç°¥„šÐÝ‹¡Myx8Ÿ5³�÷TõµÊYäˆÀ°|ÃJÁà„Iñlî�'‰¦‰
+ÿʽûS¹™N8Î{/3MÊ=‡Ç?,îÅñøŠCÕ›(kvÔš��ç6¯üóßgs™¸43¥1æ„lDpWâñȪ‚Hk·#.q¯KÕ6Æ–RÇ(8cG·¬üPÌOmKü(¶$YEH³Û3•"ô6“ì}*5Þ—]í©cT¿Ί4+§]Ñf©uGߣ!}-ápêýª„Fô^¯yO9±yÞ±ùÈò=4U[x±Õ­B*RÕš­“’*Ù`ÞOá[`yhàTÈÑ
ʼnŒçtÌ<ô
:`h»¬$Š�N Á÷ª
+
÷>›ÆR�¢HQoÍ…ÄØ€^H½£úî�©Ú�fN÷ËåöÉ\ïUKŽŽKjTÈ0mÓQHš±«aõ©Þï³ö…úÅ�È#v¸1«ws®¸N4ª)Ÿ\ÝØ´U¥‰59ýg¯}�ƒÍ8D_Kÿq�ƒ9œ¿]àˆ\àˆ|õÏGÿÄ{ˆÄw·o¾òªg^D•@hÅƱBE²—ôÏÓ†
Ý•|” –�L2Œ"0öƒ3À|Û¹U‹½È¸‘†êÃå‚—v'OK9ƒp¦2«K–]¥DD/ê:ÛšÚ@D)ã¨lǹ5ï‚Ì;
z†´î«¿ªÑ=	VÌöô�f’r¼dY�Â#ﯖ7_NäÀ`øqjʙĜ¿åü¾4�$o–ó‹°-®Öú?¢&i
+endstream
+endobj
+306 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F4 26 0 R
+>>
+endobj
+304 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 306 0 R
+>>
+endobj
+309 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2561
+>>
+stream
+xÚÅÛrÛºñ½_¡‡zLO-„/"§OIŽÓºŸdbå¼Ø™)-A§Éò÷뻀„DÆN§3í‹,€Åbï»ZøÂ÷�úüeñnýæƒZH_¤r±Þ-d²��HÃÅú—;/VK•¨$òÞeíþb�÷Eït£Ë�ÆièÝdå…Zy}V\|[ÿí͇`Dµ„äb¦"!l·Wï?ýúË-ïs®ŒV"J>íYïóöb†‘÷ý"
+½¬É³‡B3Dÿ^gå––c¯«Øí5˜Œþ>Õ±§^¨vümõ¦Ž·9½€0Yí^ŸMf(i»¬éôV á@æø#™?oÛ6,šîî`wl‹aÊ/
ÈÉKÒèVw­Ý§y°©úy<fÐD^VôGFwëíåÅ2ò}83îw�ˆPf�†-A‚N‘]‰Ü9è!!߉çNÜiïäźèO÷BH늄€(üB 		aB,cìu–½bª`¬9K™Åö׫�_Ñ/Ä
äíz”5Žê¬Û—Ù�à)±�¾v£Ñ
+„¡@ô¤G×Ïò’¿,pÜÇÏ›Š‰O<³•ÙÉš P¹”w½3¸-6ƒ£¬º)g@kXO{]ž°ÞÒ‰CTØ#”¾µ\3;­È*þÒ½.ÔïÈG‚fcàmú¦Á×�ªN-£ousÞ²‹ê‘xC"òeAÊQ’Ÿ>¯ä-\#dG´©Šª\¶ºÎš¬#`‘·ø¾ bò
¢Kd¾Y¶<ÃõºË«²%©$ÞU¶A—GÞ jÌ!~‹eµ—„,<øf¼`¬'ßN%™5�ýè7{»
+ME&¯\yŸð)‰ÅÊjò²š°FJFfùœqð³âj¼àóJ	_™£¨e§¨•/âЬ?ôyÑ$z­Ã�|b¾‡³†ø[½oEÀƒ»µñNK™j—#·¤Û2ôÞ1úo—|¤Î	eäEòþå$ÆŒa³oÈêš]˜XùÈ€ÎÓ·ª@‰ØòéEE›]YcîëöUk†�æÛ*ü(•¬D,�äLæÍÈRÆ"úª|U–€ã
míÇá>ŠxåH�4wFIàñÊî;'u—Æ	Ń‹Ž<Cì
+»»Ø:ÈÈc0ñv¡uR°h|�2±´eh__2Û’P¬”kÒz0¿0�C\†÷XuE„ Œ$Øô”ó
ecƒÛwVÀìÌñFg[RÜÊYÍ3¯Ñ}Í“{­
+ÝŠ©Msî‚l?á@ì
+^R•ÅóE¢¼Ÿ
+h{9 ]—›F[O‚oS”1ñ
+Õ³Ô<™Š³.?xÆŸR?á"Q	ï¥ìˆŽïøË"T&
+"dH‹(Ìð㕉`Šã"ª‰¦¼cä+fÈ  
+øüq2!œ²ë¼}…À'žlµ®‹g?“îž�©*)Ža<[0øæR·6™{™÷ë뛫Ÿ¾Ü¼]¿ƒ"'­Ò£„)Hé©5,ax:èŽò¢À¤¡�ñrË�ÌlÌøúyÈ:·�ñk86®n“ïž Ã!G7ˆz9«:dŽyÉw°aù’#êÜ\Rä%¦†¸»n4ZÀïdF°ç)ïö<š+ /"LŒª’ÊMËJ(»
Óâæ;zÆî;‘gí¾ês¯Õö»ÆØ}Ý6oë"c3 |‚íšå«ºŠEb=îÙTäb8î(Ø zïAœ–&€rVÛ¦¢ÜwÛo(¡†Û²’7èv“ÕƒÆÃB«ÿÙ›b
+fÝžD
£Ütw\¯ŒÃT"J\‡‰Ê’Z£ÆÑQâŽ,dpB2CGìÀ›´‡yKÇTÀRÙò”ã}J*–ºÔ;謕jçR�!�çï®*
+VÔöÏ2þà¦n­…ClŒ–ý~VðÊw9c;¤ïñÙÙ¬ñZ�{k2ÔDh±O5#„P�ü”f̸é§">ÊmÏîxW:íë	ŽX¤ÖÝ»+¾}™ÆôÁ­p0ÚYm¼J`5cH_[‰ýÀ&.ÿKz¿þ½³<	ßøÿ÷Ÿ¿‘nrøšMS‰L
oÄ*„wŒIêÿÁ{oÿoïmŸ!¶þ£•üü¢™4$÷ÐlLæ
Iú¥
Þ‡ºï¬ÞY›¿÷ξNSà4©eëŸ&¤"°ù÷Ùíý#zß³/¸þX‰ä(l#­}á
qcÈ©gnU–$ÊdfH18¤ü«e„L¢/;¾9À¹É[¸üE�³í\ ,Pì0šO‡sº’}êJ´(8r¬;<ILþ?Aaoòù1˜/™ÛîÉ2ö#rxÉQ/	�“Æ
ØçÏ&Ãiy\V¯¢68^³OàYgŽ›çN£CÕw .@]ëo­NÇ>è/UÕ1&
U•0„˜Îñ
Æöù±4ñ#•À<6”*/]¬&' É˜{ÂÑQ¤˜ßè-†¦U4rª�69€m§º%•Õu¾��P
+˜4�¿é*Géj`³Œò‘-J
‰s ¸;y=CDYWðSTغÛMìBNØpy¡ÝÞ!P¸�r¸[k˜¾Äû–2q2Zf”F'–é¦`¾ˆ¬ÉSº¡rzÇd¶Œ8ÃOì°«á1'9ðŠ8F?¹)z.òpíÀ
+Þª¥
’
W:&•�Oø‹ù×ê(ÿº¹™&¶RHëe¦(RáÛÅÛÛ¹—JûR19Œâûðaz6—±�%¥2©]p?â÷N(óÇXUÏQYʶXƸ4@dPïsz‰UæKŠY�dzÜx7	^Y×'(+·í>(ÒõÎ*¥Sp‡nÁ­N;ÏÝåi�„ØŽ�ÙžÔ¹9µÏ¶?4€I±“`wŽè\�<¿¿/ÁÌ‹ûûî,(¾À3ž}…ÄkžÜžO8½tÐ�Ï}SØ…~êÚ"Âéÿ³R6€{pC
+hj¾ô´æK‡³suS¼ò1nŽ&Ë‹
K©Ÿ°20Ld¶ÝÚDÀ4ƒ\NŽ¥m蔶c¯ÄÒ�´¼Þ8^ß|úº~¹c‚±–þÂ`r_T…+
+óáQlÄmƒŸÆ5öÓ8ú—nªËiF¥c50OJ Ǿ%øݱ5d´ö.̓­Þe}Ñ($ò3yB•:=a¦ö^ÊT
+ÿ¨*ÆîÓÔQAí<míFjèæÂpìæÂ$ŠwÆ’`hš¶-um£Øvm#ˆS)umñ?ªõ\‡ì>�Cß²€‹¦,ÃÜŽwØv3ùŒL’5GᆴtЦÄe"VîÞC6�%,°oÀ]ç�~Ø-}J=a{;TË+ä+$F•ºï´­8,Í”ÁC„Íš&ÿNÿ ±§â<f¦!_Q$‡ñÀ¸¡BpMÍRæDh`à`h»¦:8Xö…üÍâjý‡Y7ÄÔ
+endstream
+endobj
+310 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+308 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 310 0 R
+>>
+endobj
+313 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 546
+>>
+stream
+xÚ�TMoÛ0½ïWè6˜])±wì²0`X½]ÖÔX©ø’Ü ÿ~¤('Á6;‰¦H¾ÇGZ,MÒ”=3|b·ÍÍ]β4©3ÖYV±¬Hê’5»ŸüC'g§LEÎÅû(.KÁï;Õ÷è*ø�¨Ê¹4Z>õÊFq¾M!nSD�Íg&¶‰¨X\ÖIåkíGÈÉ—áÔc”o8T—N¿DyÅúKn±ü;´kî:ïÜð—H@f¿¨�k/5¶Xc6Ê©6„Ës²ZÄxB’ÜwÓ‘¬:Lc»¦Mä<a–ÔÎ7“²TÉH•ã„ù¢øyqh–\I'0µµ‹ŸéƒH€1=Hóº~LÃ2O�‹µAa_,œgµ«\I‹Tð[i»kŽÂs„ÈA�ÒáXpR+?0]'Y¾æÂÀ…΋0Pεk0[Ð
+©�qr*�A’[$	ÔnîŠË‚Ÿ5p­“,÷\›/_wûoxµ‰—Òòv	»e•ƒÕ(EEmƒ¯à‹E|´´³ëR†uÁOÜ^`å¬éH§¤£ÕFÜ„sòGJ<uú€ZyÄì
+û`”×ø/ú³—t24uPå!Û~ÕŠ–È�CѵŸúÛp
Mý�tß÷»êÖPñbý”�FüßÄ{¨@E·×ã_Û\ŒQô¯�陟ƒ tàLªÓk@ ë
€µÓØ¿âsáÛb›7¿Ö0›
+endstream
+endobj
+314 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+312 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 314 0 R
+>>
+endobj
+317 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 98
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.Ñf&šºFF¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kÁ
+endstream
+endobj
+318 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+316 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 318 0 R
+>>
+endobj
+321 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1941
+>>
+stream
+xÚÅXK�䶾çWô!Àª�ˆ#Š¢¹ywvlÄs›Øì»[Yµ¤Õc½ãƒ»«X¤¤ni&“5ŒœÄ‡T¬ÇW_µ	XlŽóøÇæíÝ͇pÖñÍÝaÃÓ
,‹6w·÷Þ»“jzÝn}!B/þûÖ�"é½UÝ	W„÷a›†žVýÐên뇉"/–ÛÇ»Ý|àž°Ðˆôá$¾ñ£Œ¥Fj¼õe:9‰9™嘯ç
+E¨�¦L&æó»SÑÑù�Þ÷E]á$òrÝíÛb‡zxº£µÃ¨¾>TŧAÓ¸¯é
T‚�GLDFc{¨à,´:3NZ[mEà}Þ
+îÕ‹êˆ�’"&ÍAå�Y˜;c°#ﾬ«£_7ý#Î¥wïí8T;}8}<WM?|þ’¿}wûÏƽšÉæ‡LÊM`N‰è�kE„dqh_y´øß/D	0ßIêN ë§gäÅË’¹<Pm!
ÂX¢—Tëã>`@$,NÀ¿‚qi¶ŽÃYWý∈c(èkÆØ£ýܬξ~É¥ÿ£#ˆÓÿÙ�‘çïWÌbáÄõ-Bî%g-!Y.âs–
+òdô§ÆÁï¾2±`"ýï
áW8|& ñWd×ÉŸaÀ¢ì+q}Aw¾”€CŸ�¬ñ-ò[z*ÏËv¡å/XíOš:F©
?@'Õª=ñvÈÁd]–ôÒ¾>ŸU•ûeQiúž<ÑÑä
ÕŠûq¤VXÿÑêýÝÉ~÷£îÉrË”“áo‡¢ì‹êñoÀÄPuÔÈÉ�'ùÃÖ.‚Ö­]UfgpôgÔ]·ª¤…3N�…F¥3£psÔeô'ÕÓò~S4Ù«ŠC§Ô.'èßéK	h¨É†38t=Õ
+Õ4TUTKEƒJŽ°Î£_i×:–±¥ž>Ô­¾ú`ŠV<�–˜dV¥lU£I«÷õ±*~Õ9[ÀË–Zž!âÑßÏõn8Aü5ÒdÂäd¿i[Ua´Ô9PNgŒ‚̬ië‡P&¥Ý4šÆ£É4Ñ_ô~èu>m%£7æ’BqØ«¶ï ZÌ¿Ãþbh]�æºb"‘Á½®r<g¤¢©ÊQxçÚh“kÚµðÆ�Þ¸±�Vï©%Á5‹âaű…1¾$2zÃ8ÔR;êE{„H𙓯c–qÆ‹�9Ɔe°vE†F.ºý9¹IÀx8§½…P!¦‚¶#ƒ¶$Ø %ÛØàð0T{Ç›Ð×DÀ¾r^BzÀ1uDi<rIšÌ¸&Ä%0°\bö{̨#
+¸õ9nHNO%=.üŒèg|®ùPÍRǽTq6¾]œÅÎX	–èeäÄü„‡íJ
+r²$6Ih›GHÂáÜøMíS
ï^‘‹`G–
— 	EA@‚§2Ñïäõ°
+ù4Ô&ÃpÏI7“xBçnk‡ÄøDB^vª€éLûëR;–¸ä
‰+ÆCŠ
+%S’ƒlÌ  Ü&�JªÍ-h0ÓE}3 y'Ü+�®“p
+^:+ÍP]Su¬†˜p:ußC"-̈œŒ¾§3¼ÆpDÝöjWjR Þa¯ïýp‹ù€KŽëp(<«ÞV”÷Ÿ†âóVJŒ&W�`ÌL|yÅÙÐÑñÌáðvyáá,’£»	¥	\D.Úfýe¯[Ÿ(+æåÅyÕÜ�¬¶œ:Ì]ÃôÕ½2=õz*a®jý¼FIIôJË×2Г¤—*=5ϨJ‚n‹®)•ƒ?¨§ìm°#z
EϺs1÷¸TòG�
+ÏVz¬o…ur7ìAÆa(˧m*¼—½�YÕ‹ªèýCQêE�Ç1ã•:/ù̧·fìûí~U\½GÇ^Ê›9-E1óðRõFîç®ÃÁ´—�
m}¦ï£YôB‰¶Ñ)”/«çDÐ1:ã é»^«œN¡2ÉW�#3–:Ù¿Ý0¼o´ûeÜ9“#SQ)#ZA¥•}:Æ®ðkÚ"§”ãUkæSü^—:e
}Ç‹@üƒéRþ¡tq˜«j�׈êøRzšn�^±WÕFÑÛh¬tM–ŽÎï×ùþîºäjÜ®Uí‰vmg?Ÿ/¥Çý»©ÓN¼ï¬ŒÄ{OFAç`"™Á�ùË͘Þi‚¸˜šk
ý´²I>kã…iãmþËIÛŸLSo[VögÓ
+®^ÇU
Íô”·/ǤzÓ[·Õ¤v씊½î	réìÿRän
»é¡¡ÉØ®Ãx‰5ž	ü#@
ºÑýþæ9¥â”%|j„� S.4Ovñp¥UZÝvu¥J›rÐ~É‹H!)ª,~UÔÕ…Yj5ÇËÞj÷’&,I.¹á§ç”O%K]#ýúLÈ5g„,
+¯$®'8À>Š®ä¡7Ö5†Œ&±/D=Œ'£©€.†_´ÓÿX÷_”�h®ÓõGÄÜ–>û‚²7UcÒ„ç×1]U¯1ï¼â:�ÎskÌœš‹'ä½ÌíÑvb�\›Pn2Òìg3ôÂzó{Ûý^ŽFwº‡ÆM\¸~7k+r}PCií.¯å£Æ<J£´dœM•Íýj~¦˜(nÞßýåw&•$Ü
+endstream
+endobj
+322 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F8 61 0 R
+/F4 26 0 R
+>>
+endobj
+320 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 322 0 R
+>>
+endobj
+325 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2514
+>>
+stream
+xÚÕY[�Û¸~ï¯ðC�•±‘–©ú´ÉnŠ
²ÈГ «±9cµ²ä•äÌæß÷ܨ‹åzóÚ'R‡ô!y.ß¹x£"¥6Ïþºy}ÿÃÛx£UTèÍýÓFçm¢ÂnîzÒtÆyœ'Áë²?lCcLðÑ=¹Î5;‡Ÿ6x_6Û8Îe½ý|ÿ·Þš‰U'èMh‹('naxjûêwÞ7;2É¢¤Ø(ÚóæP6ÏÀ:N“`8Ð$
aÈw(·q|©ÚÉ6hŸx™ï†¿x9ÀÕ˜(?N‚½{*ÏõÀÔö„
+\WUÛȆêSœ¤®ëyËSקóé®ùtWcÓÈÈ]¯¿&ä-!HQ³µR&ŠA\:	ú¡löe·Ç/¸dËã±v(Åo¢»ÏwGÛК"¸?T=ÿ€Ç$¨Éàš½#–vÆò?ÈQ‰úô¥,·(|<‰nœÐ�K`oc”8h¸FWí&õg/ÂÞ
¼ŒzÀq8”~ÓtïLeÁ�sL¿s;–;nO#­yöÀ×ÿ|¸{÷O¦¾oé ½ûüj}ÃSùìسüOžÐ.pR²eî]¿ëªˆt¼'Ž,^ØAÇ^jXçÍö–Š�ŽRoÇ–ºwÑÚþã,Žb4…"Ò±¸@çXš ¯ë~0{äûQ‡I¦ùÚIf‚þàê§1>)3¦Dw˜àSÐ;ÇÔQúHé+&?Ü{Æ/ØÜ!›¥ôíJúŸ¶W^îŸ7òð/®{l{wëÕÌüçßÎÕ—m’eí4Ð
�ŠÙ²Ak¿®ŽËT”YÑGøeu‚Ö‘Mdù;t%kƒ_ºŠpKx‹À�}ÕœÎ?®®׋Mõ¼
+Jøú]'�ï\¹¿òxmŠ(ËW¯ïQöøú»C‹÷z�9hÈO‰P5`æGA/¾ÅV“�Á
fUƒþG
_dõ0
+ ¥ñ¿�-3PÂåóÀ€9Ð×¾ç~¯D@ýy·s}ÿt®ë¯ÛÜ$@ü8J“¹Ùß3.]¥ŸôîB@1
+^çA_5ϵË®;ìx¥%'îùwŒ28;†}å=�ŒJÂû|:ÕC")ûYã$RtÚ4Øy9ð¼ª	‚sº&½E[†³×7íàa†4Iƒ²ªËÇÚ±)½TÃa´••qh•E¹7FDÐKƒˆU”Dzþx®ê¡j®™XœGi¶@–ï*fg%‘òq»y^�šJæ�û
¢±i>ŒÚv»óàøc×�°Òó…Jbig§¦&JâÛÇ€*¿¥|"=㙧Ž!m
+F‡p ‡U±‚W¨:2ÞÆ_°Äðta£d¡­Iç`#V)ð×cY5ÄÙ*Ïîù|tð”fë¤	Üà¹AÂ�=H¥» �c ¼0®žÀh�^ƒw´h†CÙ
òþ%€’‘\j5¶QîaìÏê&Œ]1‰ÂDùtª›™Ö[tضC˜ˆãBÄ�B¢¡:ÈíÜ0Á§èœ'èø6@TUEðn½Ž?Ì™iÏÜHÆÈ�´8î~<�6�±
+‰�O­EøðŽ5·<=�ÂVÿù{á«Òâ›"U}SlSL6ÖxÐ…€â#LKÌ•h"kB°…lMèt2œÈÛÑ’ñs_uðìú«üÊß¹çCŤq^·Ï¡Í²àψ‘}¼ÕJvxi«•1‰Î@Ó%s÷Ш·Ë:QçäZOÆN_%ÿ˜®'ë, œ2Dâú:–È•3Ÿ~!ö°îšÇÇ1e›é'¯7S€'(0iÅ(ð≽x¦°‚d=Æï0¹b민ÒÝLø+N$Ì’‘¥EV;áýRù=S´² ,§ËP{E>‘2+é<ŽÕÙë]H- ×æ×ħ(µüC~ôå!€>:]¯Åc:wªK$3†uwîºÉ’²ypM,ˆ¥ {žFE:�T}°EÔ{è :ª:�8aI†X£ì•/:hƒ×~¼­@_q¡<èw™�(áŠéf4ÌËŒ•£]”`R=íªÒ[4° ˤ¸�+¥¤¢bjÆú7~’u߈dÿÿÕEó¥ï°Q�y´ÆY{òÁž�ã	Þ)öˆªÎ“€5m¿qlZ/‡˜d„©…,KFsqÎEv#gP³Á”gaM/9sBϸKqµYÀ¿¡2æ¢o�Œ÷!®uÝ"ĽК™]&7WŠoŸèˆu·SKwÛëã.��BYøbuÏÍ·¼äÀ?Ý4ƒ�]
pQõçƒÔ¸€±¬%ƒÛ·gÈãÃßÎíÀ©Ÿ’¶ç0‘�Ûû¥1Ó+Hj Î|:·¾X”ÍAYI ¥C¼$öÌ›&Jùìsj¯04ÆPnš¹z¸€ݧE‚¥W�?Ó™$·ZzcH™§3ß¾™6ÂúT
+οÝN–8ÚgA]6ÏgòSbØ•M_K5…Ë/VÍ“ØèWoìe-;X–Âñª†ŠõÑÞ¬ód…°À«m·þµE'ãeî6­ª“YŒ€Ã«LÍ+ø€7EP;ñÇÃß/¯¿Íã`Š \¨³<ÊÍÿÀ:„:êMˆ»b/âˆelC~½"‘4Ê|m6·; _	þÂ�´Vf°TIW–Žm—éÊEYZ€Y/�ù!üþófò°*PMc�z€ý«ãè‚1dî…w¥Ï«Š3LTd²¹T‰‰üçû�Šl¶y�íqdSD
‹Ý‰#È=¡ÞÜm^ß5�lÁÔœûÖóKÍÍ$‰’\.EæŠõTCÉMÂÐ’[ŸíØ)¹±S;7–»�;1Úäv„äu­}k0 l.²kÖ[èe�y³)sr
+Š³¹k¾9”'î·€¢-Eðp'I-Ì_{NøñFÌ„J,ø#†™1bŃb;sÍk:2Ø�€"6ɳ(AÑå©ÿ
a=�‘˜£ŸÞÒ•Ä“†ðmË(�w^»Sb#o–á‡?p&–g¦/ä	ÑOzèl
0‘âé,ŸÜ5W³®ùè’6½ÖåÔ`æÖ?çû?ºq<7Ó=°If*¹¦¸þÔ”º¦CeA˜*…Ý0PÄœD�„Q3ŠÄ�*éÛ¾c—šÁRå%1P÷N@3.
+¤—q
+Å �4„šž–ûUH1[3-ÄÒÿô5±š*uef�Eä0z".=roqå€	Ô!æ¶j‰4·:¹é2¨ãÑ
�âåðÌœ\{ŽbSB—STOr."ò£Rß™áÔŠþ�{›i1e}gH»’°(˜âí}'Ëå|`;6�ñ.=ÓöUu#š´x *§.—>}QØöš©—;Ü>èùÙ±ô閤̤Î�{b>öé�OÙŒÿô_çkw
+endstream
+endobj
+326 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+324 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 326 0 R
+>>
+endobj
+331 0 obj
+<<
+/Encoding 14 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F10
+/FontDescriptor 330 0 R
+/BaseFont/KOAATN+CMTT12
+/FirstChar 33
+/LastChar 196
+/Widths[514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 0 0 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6 514.6
+514.6 514.6]
+>>
+endobj
+332 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2527
+>>
+stream
+xÚ­YK�㸾çWø`d Íz%§Ùd'˜\»�º‰Ú-·…µ%C’g·÷�ßžzQ¤mõ$äb‘ÅW±ê«½JUš®^WôùÛ꧇�ŸÍJ§ªÒ«‡ÝJ—+mUåV}Lþ²¯OS3¬7Öš$ÿÓzã\–üT�{¤Øäóº4ISOç¡×SØÔ%y±þúð÷�ŸmØr'éÕÆUª¤]7ž�š*«V)
ºÙ@U8]X¬s•Û×®>7N—É´o°Q%M÷Â�~Ç#ýijûndbíG_Ú±~>4BÞ�Ø`ˆðÀièá¶e²mƱí^ÕzS¤iò©[›"yCîV0ªŠ|µ
Ij–d=¼ž�
M™F–g½ÑZbôúÒU¡òâ;—ÎTê%V
o9
 �æ;.©GÞüÉdÅ¡éêc#º/͈™R̹Î2å@[”æb}ÑÙZ9+gúu¦“׶»áÐäÊ–^-ûæp¡UEÒ"T*�h×0á×}?6LCV‡qâÎùÚ×C½%9áTT~gÆó„&çÉï
)–ùýÿu#Q“•e^¤·T…¿Ô‡;€¹.x…ÍIXßÖ ýþüEaÓ%ÚiÏSD—«�1¥–A�Ѷ·,Yœáu|è—Äè@^ŒX�F5CMpJŽ6BúênV(ãÏi;'èäÚ~knÅ`U–_©­°,Ö‰( 1Nõ@XÃ^¿?OÜéúnãíû0»CÓÉ’sv&[.hªpªòèÞŒ·àfA&1ã‰l³Ù¶¦æåN”QÓ¬Œ™eW¤ÑªÝ˜4Ù}@ã–A
Íf—´]d0º¼¥Áõ³4—[ø±Ùv'ÏŽëÄA&>¯=»Û¾ëš-©‚¸îÅ�M; Pú±e×hœIžÈ=§“—†‡H•0ò<»±Ë[ìüä4½=%öi}‹­2?ïi�êÎS6$8ŒÑ§ô@GŒZ$rœ¸ rC‘·ÿ°›·ðÚ6¹oäè{c:ࣼµ–ª,c€<~aÈ6Y
+Y;Ûß=šÅøõŽ{§úUèyuÇŽu׋c?öƒŒµ�u0\í0ÊFvûc“)®C…3Y24Ǻíd˜Ã6ç ~ð*(
#.ó@‚á®i%˜á¶lh,8¤4SÚ|Ø‘”iëþrÛ|aÛÙÿlϸ‡Ü�uSYœéfOÁ
¬Šm¡
qQw<ŸN‡­,^F1œ)3pZ=Ž0òÂÓÀ�â#„¸—ÆSnaP¢ÅÜåpËm0M:”G^…X$ŸŠ÷â´(\jÛ� 0ä=%#"Öš* Ö#V•Üx¼gïŒíûíО&�dê!‰³ÍÓ
ÀÙäûF¶�ÎÈÅ
ǵü:®!mÇ,L{?u‹É‘½“æ…ûü1]ÊZ*7;4L
ל¸�§/§mFdŒ$ÎÛ¢!–2¢Üz”kã‡uÂî¼[”[}"äGôvr0;ÔÀ�¹æ@‹á¡î$9b›]Në+K×ü {¹I,b£ù­Ùž§FÈAå¦(’ÝЙÎâÆÖ|QSú:¿M+ætà‡1йv:�‹@£½K
³©R¿ªÒ~Q9ÛJôC=Ê4áÛ¯¦+Is±j$l*VÕ—oÐõ<	 ’o)Ñûúl…àU™qt¹žqòµòMP£³µ
È;Y£lE;åÊ@DÎ�·‰"Kî14�OÜùÜb=pcðÝ�Ù¨hx›‡=£›·UŒ9/
^þY†ö=âäWîðyØ
+ˆÀ%íä7òl¸£Âs(¹(Rµ&«}‹Md¶
Ÿ÷�þ�v�?CBÁhv3šÅ
Õ]×|2òzEÒp�LÌgt#Q¬l˜$÷ª;i†¡ÄÚÃKãÇÙ¯ùíJ÷Éc+˼礒Ë$ײZ„ÉÞøEÆ$š³òfðg8LªXâ‡!ó3r1²cÅ:I.øÙáÂ4ȇ$HœWÛ°ú«ý�è�®òö"È¿—SPXðšO®¯Ì‰ñh)�a¿pUt}€¹HZÜEÒ¬ÄbM‰®\ �µ…ö|ƒõ~[ÃF ¬fv
+©2Q[š8Ÿ�3qÀ&\Ýкë·)S‚/ç€Ø’ìA§�SeªÌ—
+¥ˆiW WöIĵÉbìRi-Dgfc4šƒP=œPË„º“W
+%›q&õ÷Źþ¾ÎqIy±w±fj—T‡[I†ÓILËÖ+ÉÎRV©ó�–™E*[B†011dRБg}€CZpgØ‹r˜Ä
é3³sºT,–ì•O?›iûòÜøäþóR:”ï$"ð?ª¼¨À[ÌÕRŒ|õÄ­ù|�²“¤¨jóä“<ÏÀ¼&çoa©NCh¶Ú±|`øÀixÿËÈ}. ±ôá•òï�ê øÏ÷.WfX›DoÚ-VH*ÓW;.+Êkç¾#,InH¥z)Ÿ7N¥Y8ê=¾³B™ì‚ïŠý—Îf9Bª?€w–ÑùL-�Z- GЂ1�´Z:‹ Š‡tMt.ݸÔê¬~ΠùLH|[! ?ø8(Éôg ‹o6ÅÿfÓõïBÖ¨*69SÍî|¬¹§�P„@ç<r0ÀçƒFfó­�¯/ˆæyŸ‹mÊäýû@U"bãèöí3çSÖ'ü*$Ø×T"´ÙëWv§eêЧ•éìñ‘"L!•2WÐv^�ý.NuÓj=ÏôêFrP7Ž±º‘NdžXò²süîÓ[d,='G—Ö—*�Ç(Æ(¼“¯¤ŸÞuÜDÒX¨þ¿‘cÅu4]LQÝm´CWN”E²opÀC¨,¼•–R*—2DÚ†?ž“x]˜-ÐÃà—z}#Ý›wé#GEŽkº«òØä&_r„`ئ¼Ôí°ýîCª+0T+îÎ×ÆÝç¤4wQ|ìrÊ�“gCÅÎl¨Ø‹¢l5wþi�†Î#E>¬yï&&×*¯"_²pµMç=èËKÌ—"üÏOaYžŠó*ÌÂ�y¦¬žÏ¶ÁqUQ®P…ð±èÙ <è<N&Lðl…†$†`TˆŽ[áÅ`\…ã1Â-I.æZ‰;qnaĈ‹²>mË«§£à&®þ÷B;õOäãÄgãc»Xú£yñc0󲤅*³ØyÞ÷âX&ÂÈ©ÝÖ‡ÃÛº´É§ïoh«ýYª˜[fªè?²J'øØè¥jÿIQãÐv·ÿN
ëŽÿâ‚+„Ü*3.yÄO–lvü
’¡î×?ó—Ÿ2°¥®æÉ„Ýí/zÑ2–ZôÚW!^
´š§µüÑÕùP
+²#‡µ¹üŸ`ëk«vjëCû;½ÓÊ_b??üá?@Ž
+endstream
+endobj
+333 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F7 41 0 R
+/F1 10 0 R
+/F10 331 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+328 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 333 0 R
+>>
+endobj
+336 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2410
+>>
+stream
+xÚ•YK�ãƾçWFs€U/ûE6“Ó.bÇ#ˆÉÁ1ŽD­ˆH䀤vf/ùí©W“”ÈÏžTìW=ºê«ªÖ&Uiºù´¡Ÿ?o>Þ¿ÿÞltª
+½¹?ltØh«
+·¹ÿÓ/Iî¶&˜à“�e¼ÛZk“¿W‡ª«š]…Ÿ.ùkÙÜ™<¹”§»_ïÿòþ{�ÛÓ�Ú½ÙºB:íÇæΦÉç;k’ö¿wV'ÕÎÈ]ҴͶ¦É¡êÊÝP¦ÙÓ>r.�CѶ֨ÌЙÿ<V
Ș‘Ðä:©{釲�
+uä
4ò.y‡jÚdhycwixS)«ÓIÈ]W?²þÐv<Z=—çÇSEÃ.©=Ñq «È#Ëu2+Ôl³uÀbÚ“:Ÿï¼OÊ®.N+o'å�VNoRZøñÃÏ?üû»Ÿþ±°X»0²ôûæĈ�Td€Ïu×6g¤C‚ªØ3Ï�e³ïy}=
⸤<]h{–Ô>Äéòñ5Nª²ëGN]EG	œÇƒ—¾š¦YñB+kçŠ3rp*6ó—+{þe=`¾)ÏBµYŸÿ2>?É.¼MëªRŽe‰`ªz®v—¡Rw[ç²™o?°:Ç’Ì„ö©ú¹ŽM0åОàžaùSÝ|"åØë'Õvíù,œMòtg²lÄ_"Çþ‹»6AåœR(ÇÁƒŒ½qÉ/øã“mÿßü>zÂ7<ðëùw À@J-VÊ’C½ðP‚uÆöá2Ü(|u7F.ÀÅ«½R¢Jgâ‹ûpÿÂ�É”w²àÊõéèZlß´óGÚÏïÖ&=¸ÞMzä-bWâÎ=ÝFI䥅ʳ¹¦€›3Ä
¹ Y²?´“7¼C�ñt´ nYb,ÆÉ<p]-,x-
!.ÝóÚ§z8ò’‰ÿ,¬jÓ\y1Úv{j?Áq'²æ[>¨}ê¶ÈåÉ63Ê›¹¿–ÃP�‡~=Šì"Šx^¼\vºö|s,(ß›„HÄèËãü®zµÈ$RÖ*?e�P–ÀLbÆL´¹gˆàsÒé mrUˆ]Ø×QEÎ	Æ2+ôoˆ;
	 È-å3ö‹éqB„0N”7v&Íì"u–ªÜ¼,�¼��˜
+!KÈ‹w5!’-ÿžës½cnÂÖͬ×àVS¤ _ˆ‚ǺÚ®Þq"S„\i}�œ0cv=¸‘\3ì½UÊ[•‡Wtò“cFXß�Ú1c´rfiû¾~ ÄŠcOÇ:†ò®m Öψ¹?íänÄ3ÌPÆXáøØöõóB&«ñ²Eä
œ¸ìö׉‡Qûtð°iPÞÏÁƒËŸ™õØö™¦³pAI#Ü.”@Áµ( |fÒï‹öÇsø˜±�’@Ãå씸ãåêckTj¿jœžAMÆÅbpw½|Lƒ_xyøËCó�#ÆàÇ„1øŃԊÜ:WiÌ,ï«a÷þ±ku,ªfâg�hõ(>ÙÅaÌØ0\³8Ú¬p2^Åíÿ{¯^ââseb(‹†
äÂKÆ3‡c90Õvûªƒt�…4¹§°ÊRåŠñZšöEÝÌæW£ãÕðÉgB‚/<!èÀ3œhI¸–§ëæX?ÔC”0�Le¼Wá*{,Pô	E&â°<nÆ|:Ë~�CŸ~¯Þ¦Ô0æ\#3xɘÁ­c­…X
îÍXë�ÄÇ©�\Èã7UHŒ¡d
CLñ5•|�­ˆïÕa’m>èE,Ћìª@/¸.áyù•eû
+£¯©ötXLá0!¥y{ f•ø’Ay»:{³õ\9Ž1ÓR�¤¹FÒcæÊÈ©Ìï&ƻѳÊ<OóäçšúÌÙ1c5•®ç_œ(ûe”æ)&³—¯?›àbÏ·]õ|UŸ$
c¬«À12t‚«æ&‚ØU¡„_bÔœÄhÄÄŠ���9ÜY+$¼F_ˆËÚXýk»ív«èà tgà€ÍT �¥HØ´ü‹.”U»
¯Æåɇ˜
+óxí¬ë‹ùÈêl,ütXG
\#Õ“ŽN¦óõˆ6²é+µf7½¼R:�
+ Æ+%v-ÿJ¥‹ÓñJP.¹�WÂ×m®Rż†�ÏX'³:
KŠÕ:
[˜ï
N…âíu"œ>µ´E	ÜE¿¨‹2¯r÷æÊè̯ûØ“2‡�Uîu1o£!¤ªëd	wYßo
TT™¿-ñW‹b	PïÂãöÜ(k–ŠÌX¯|1SÎÛ/#b[ÜVÿ’µÒ³AZp#ãó
6ójc17¾j_3ÝÜh_n (þàdÉpÀ�Æ–á^xt´ðëÌn58q|šÀ�SÝTLMõ›¡úmŒtsõf3=}àWV‹oèÂo:™Éå7žÇfE19~ŒFHùcyӳ̟9ØÉ�6ÍÖËÜBh$›8ë1½ö”aM¡2ýJʆ¼ê°’œAÁÍ‹Æø$VÌ+Y[¤@ôàP#D|"â/é«�’œN@?¡“bRžÈ€ªû›c†_{­¡3Jøô8æ’Ÿ¤±Šð7ÏH7anc˜»—Â|êã‹×ƒü
Ç¿0ÝUç–^ «�	È}	ãÍo¿æÅüa¾îáw_�kœÉ÷ñó‰(*¢‚ؾ(>+n9aœ^‰yB²DâSk1“º˜¤.Dêwì—þRžâ+·�?CÜvf]Ü/_ÏÌ”á°kȽV8(œ"Zå“z'·ci.(–Çz�´ÂyÒŠ'¤ÁA`OpàÇýxÃr„ H}U8Í
+˜#Ï•„‰b¿µí„¦ê
”évËžJO�‡ÔSá›Ì�yKOÔXw]=×ý ҉Й"#…0RÉ’€+²ÿ©¦z(.�Àj‚™Ä½‘íMQ“sIšúµ¤nm¦‚}[V'™õ„Ü¡¦Fÿ­{Ó®Ð:e³)! 4Ä
+½slqblÙo+Á1
+"ĘØÒà‘!G/›A¼¦ÔM8(˜´Ö›\+¾®ˆ}“
+œÍ¼S>Ÿ£5+e·'øé»$ËFð?¢KMkuDWÂÿ‚ЗaÙ¿C™
¼ÓW"Òy6¯]sª]ñlòB$>U
¤4„ú\Ö“¸Mz\ÿÄ’K
+Ÿ‡¥Ê_åw¶d|êð/cÎçjŽ?_¿ÀMž‚¡üA´«Ñhç„Íw÷¿û?[O6
+endstream
+endobj
+337 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F10 331 0 R
+/F8 61 0 R
+>>
+endobj
+335 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 337 0 R
+>>
+endobj
+340 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1974
+>>
+stream
+xÚ¥X[¯Ü4~çW¬*¤fQ“&vœ}@(!¨´‹xè©TŸ]ŸÝ”=É'=~=s±“œMÚ‚úäË8ãñø›oÆYÅQ¯+j~\=ß>}!VI•Éj{³JŠU"£2]m¿|wÔçδëPJd_¯Ã4UÁsm�8#ƒëBFw}kì:¹ŒÓ +×o¶??}‘ š¸D•!씬´Œ
+Òú²^Ë8x¿�ÍŸk™fúò4¸«:Ôœ« ¯Í_½>ñÀ\	•™]W½Çï¯Õõž¥­�u´%XžD¥Â-…*"•®bÚ¯¯öOÕ~fW*£\¹5–¥G„¢È#©°�ò„
¿�S–¥÷@•åÛé¶ÃcàÀÄÝÑðÔä"h²zK®…uWÁ¡múóÕšWWNQÝt,wÎÀ¹®q-ªF�Ÿ¦Xö&úÈÊý<Þ*LR¼Ù<�(:yQ”©#ÈѲŒ
ìŸð<s(˼¸9wUS³*öIÆÖcÇöçó©2`Dˆ©7�>ëÏ<ÿä'ã¾Ô­áœÍe�ætâÙ›¾Þáv—«‡
«úhÚ
+ïƒN­dTdÓSß´Í-j•Þ‹205^Ìûªmê[îw´q±è™DäQ‘»³o~úá—_~{µÝÌ<¤Ò¨�nÕûµR`j¥¯OÆi®nøhUÇ6è3:à¡[ë$õ'Ì,3+Ë+ªCÝ´f¸ðBDùìÂe¬¼J5‡&nì¡©‹ÔZn­éœ‚æB{Ó¯# 
©(tüêKoŠ`)?
+´ühäo’Ã�´³|'2p;ø¨!·î4~ê#ò£š<Ã\ÇçVp)e\ó�5)«Ç…´µô묾¥k…¹ë¾»Î]*œ“@L.†õ^)‡=€VM
¼•F2E0�
+ˆÎ’,Ï"¹U&ˆX“[3Y&ž,7<öCÄ,ä9§)JX×GrdînZ]sËôý¡]¾Yº>$¤QA»|‹D‘tCù¨Ècž±ž3¬±mjÃ�‘isfÚÝ�’º©Ã�‡`¬ÛCïcÙÂ݈(²’q*ßÎ	/U#¥…ó”é%õ	ãñCû,†n˜]…L6ÄŸÌE?ÀÁd©.¿º¯êÎ{rWK6&Ie‰·q·hc6ÚˆJØ)ˆÎÌçMØãîØX·KUŸÙ¢Ò‹Á¦¶%°Ã˜{öÙâä5YÞP¦ƒù]S×€pO¹	ܶ?·¯Æ…io«ZŸ,Cü*Ðõ{Ã"ã¢á#î~~~•D±¿„Êê®»¿
+$dºù&cpµ~ÂA׸�#8
Áî·t‰ä¼]äþÒ{8¬>TÂ9HÀ÷1¦#©|ˆŠÿ¥x@«]<àšƒ©A~:Ý{†Ð{ç?—Ô ÇwÒ;L‚ž©œÿ5‹�}Û‡WÂÆl—j[òƒ~*’ò?Ç
+êàóÍ™…±CÿVóÝà q@sf€Ù{îÑy å|„lª8‰6¶B…”’pR·ÀÐpRË«ïŽÆm¦ë©u°"tUC‚|5AðÃ[‘Ó[ñÌíÐ͘ÖQ¶ŠD2­p¤íèµ;z¢Ý8Å@©\»L°rJ°[¬ËÑ?*Ã
+‡‚ NU…b(ÀÔ˜ïp°k«sÇrð8µe
“�ON0áŠ`å’!ˆÚ¾®…‰%0h‹4ÀHTPpÛÍŠÒI&N&o„uêi¨‚憧�<_e‘EjˆÍ9% ƒH¢ª‘€(83
+—"�èxŽ¤«ÚÎ9!ã¾”G¾XdÜMN‘yá�Г8ué<°�Ì¡'—Ä»à"&SÈq“ìbþÖ·ç“ùz­<¾&œ³ÓHþJ¤Á£/ÃGØ£ŠÉÀ ð«ê+|EàB³;6¼pKPÅž³�¾¶^‹·Ûðijgjÿ§RBÝÐÎ2VÏ#Ê‹‡¼{]µžÂS"<Þø8É–HN9’“Èbò7ÅJøµ�i­¿Pí&ã«àÕ&™£%Ÿ]ÏžüB@Å•³¡¯‰öhªæ«ŸØ8 ”Æ“ Û'	ƒÉ”SÑ�’²�cJ²ÿØqßÞ~vøäÁkÍ—þÃí£/Á…ožqÛa¤ õP”0þ�!oÌž¬ùœ�>²
ãñ¦š—ÞìÌCB˜Tñ®¯9E<Ç	þD©˜>^pÿÁÉîÁ{ež¼Fú–é
ñA ”âã¨ë×(°¾~#f=j~±rå5"ËŽº–24|x‡š4îto]©TF±˜V#	à-ƒÚsãƒ3MâñÏ
¨<ÅFnªvó·ÙõTëÑ4~—�1º�±N†6b»1;.Jp�aÂÆÎkÎ|´`04½¨ÀŒ7\ø'ô�˜@ମlÈrw:¿f8žpÇû¹
s$„ýw
‡_Û �ÀùWà6ÃÝñ×,̹y½ôå¼±Ry@XHú1T¸4´¦FªÚóàÚñî²77º?Á4TeîqkÞÁF‹çôi’MÎJ÷zdŸÊ<ÞÂhUû*Ð�·šq
+Ëÿ$�Üó3¼Ñí>ä
+˜kvXùŽŽ+g;[ШOód-³	Án^þ¸Ý¾üuC)Tl~Í“™
+¸ï<þ)‘¢ß~ÿ„¢�ngD9ý¡ª6ÛWUÅúaûÅ¿õá¤	
+endstream
+endobj
+341 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+>>
+endobj
+339 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 341 0 R
+>>
+endobj
+344 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2601
+>>
+stream
+xÚ­YÝ�Û¸ï_á‡âbžDR”Ô—"Ém.Ûf/‹¬¯-°9´Š­]«•%W’ó�¢ÿ{g8CŠ¶´›铆EÎ×o>¨E$¢hñ°°�Ÿ/×?¾–‹8y¼Xß/âl+‘ëÅú§»e]¬d&³dù²èw+¥Ôò}y_ve³)q¨—×Es!Ó屨/~[ÿq‘à6+�‹Ìn ÄÅÊ$9®aaùåP4Ûf	Ín«þP¸Ñ×÷ùñµ
+XJbaä"²;ÞÜÆ´ àYÆ"Süþ#p§Ü·]I[we±­š:pØñ왤]?Ðl]5<ÝÞ3c4Ü´û=ðøFIä¸5 ÃÊ
+»Š“T¤)<•ˆIc,œR)-W*{Z¸\©½lr*[$23'áeÃc¬lHô妥³&úãǾü×±´Öè%ÊÝÓkÜ®§áÞÚ´ª•Õ
	'"&YËkG8]“Á#ql_ëÛË,½•›ã€GâÈò‹Ä§‹$YõÑÉîýÄL,´w…÷ï®oÖ{õîúúÅ/?M4—)!s^JGtUñ±æS
+梠ËBïPÏ™Ó3¾=té
•m¥•2‘
+-ÏêW¸x_t_ݠ݆çSA")jÄݳNmDâãØ”w¿-7CÕ64H„$Þ�øüóE&�¨ýoÏqR‚[>ð÷IòáÂYLk¡C‹%l±÷àV„	%¸ÔËW»â0”
2zܽrªÃÅoù3½¼ÜV¨.Ë
`†9ÀïÒ´¸êiæØ—[¢†–žèØ´†
c�³p>æ]ðÔKryõÃfݳž'Ën_5Eý˜‹šUy¾¬šþ@(Û=MÑιõSÍ~ªròSœž÷S#2ç|ÕCžTÂús'‰Èœ´¶+nÙNvÔ™0)/íË�ä[µ“-•&v7ý@ŠÌ3ÏnùÅÚ…ÅÝïKŽe2—B¥¡r·U1”5:rž,?ïJËœYV=»rSVŸ6ˆÀHE(-"Ç÷å»×s±[;Eµþ„žˆ~ÓÝ–§›Ãq8çf�¹
Ûøð`Æ
¹/Û?‰	A{‚&-wë�GÛ@{y¬ 6„'â)ñtî^)»—GˆÎôrWõC‹áAgÊaç=+8Ÿ‹˜fØ8÷füP/_[”oªŒI0OdÄláâ8Vˆ2\Ê'+ò,’l^î-�c2ÉFÆp�£Ž�¸óìàò+�áVصÈ�Lcæ—Cò@~�,:ž+ŒQ[|´ù‘vÛ–÷$ОŽœÈsòû¹ªk\-{›ZÉi†2cTOâQñ8À@cŸ´4¶AÍtS쉭Ù2˯·–:
+Â÷›«Ûõë«·—S|CrwÉ›\·/Ú»
+•ügŽÿ~WÖµC%Ähº,â·Ìã2ö¸uUôä¹�aÑ_çS‰†PhØùí·.uŒ®®—©u)œ«8¾(Qv�)­ÆpŽ5fÓŽ7¤3Ÿg4gF¯P&e;€0”)¶¸Ä�-p²qÞa’åЇ,‹\m
K(ÈNë+	”œ·W?¯/ß_O줥ȳÓ\‹{Žž%RT’w·pZQ[!ìæ¸hŒ2Ém¹äE†Ó™!ˆ‘Ì7½Ì¹&™)˜²Ì0É2O+c(ÉÌ(ÜÕ/ëiBHEâäG»áv›âø°³Î‡cE!Ý
E�Ì1ñ;]À`Ô|ït
ó�.È%S(ÖO+b*½rΛN¿)BîráÞ:!•de×ù[ßîÙW	Bä�º=f"PH~b˜Ø¡£¯–ãÎLX´Ž—uûPñ>À’%54@Seùؼ€|o~½™Ê—�Á“ÝÉíþ�ö#oÞòÑ
˜Ñ{zΖ 2á-wÇCûÅ~4‰OF(·*:
+xŽdm}qúܽCºEÉó>œ£þ«XÙslÍ è4§†(ŠE¬NŒ%ÙX”£Aø¿O]ÊŒ�_5©ÁÞÚIý÷ˆÙâÖÔ˜ „(˜gÔûa¤mäç
7Ø*Í)÷™ò§@ÉIá6åJÉ1W<£CHÓ°mÓÒD	YÊ€:iätä¨cXMuÌÚ:†Ôˆù*=­|˜•ÿ¥²™Zá´±W�Õ˜˜u1²ìÊ
f´Ò$"öEUÓz—;ªÖÖÛÛj.ÿËä*ímÉK.ðàs+¢KÛHøÞ±ç÷ã‚sS¨DŠÔáìúÅÕÛi1
+y€ßOƒ­ñïðÛ›ë7Ó<õ|n°Xi7Ò„XBg™f)!ã`÷Wo._ýi®]ðÑ>pasÛ?•å¿·aÌ!ržx�kñ/ƒÀ›v]ÛõDom»„míàÙ¹û#»@ùù£… ]q´G(ãÃ,’çb¨¤î©5sQÜA¨SàÉåêøMà< øÆ¥l80âõƒ:)›Ç §‚ÜÔ´Œ.È´=§$ß¡¦³ÂÛ"­ž®Ï¾·9	 L¶KÂ8š(¯j$I¤¬ H‡H!G4ã�n‡lôDÅ$õ–æÃ
+ZŸg#VØ´³ÍáÙå—
¸ï±±FµuÌ,ÝZÕÄD5íF¡bÉ1üáß´*ŸÏŸW')Krzÿû?<ùù綛
»ÆXLþ3‘:,'²×ð7P­DBÞ�Iut®TGÑA3C(

y ’¯èÀWâ|Ĺ9A¹ñ×BÛªÏõ8Gn6íÑÕMyÒÌTdôå÷¡f¦·ˆ]ßýj¹r:Ǧ±žƒçYx§ñΛÔ~hûêË4LÄc‘¶çœU¢£È^"ÂÆ='¬MUÔ4Ã’2åpìŠÚÀœ�ÃÅpì‰æ7g"AjáËX�5ñÜýãDQʇ—Çë2Ê›d†›w·W%òºµ¢mË©ã¤Ùu‚oHam
+u¤ÿrŠ£ð;çôP9Ì\†z󰿘œý¶uþ’rï�„SCJÍ>N±€rjrT4Þ» q÷²[¹%n«È…Zßî˜âIPŪ'ôâú_ÆhOã}%_5!Äþï@‘®#½­ö{ù¡Œwâº&OUxÛyÜã[Í!Añ€.UFð‡ã¾¤[
ôbEº¸r®“Y*”«©6Ûi�®±áèï�¤èÞ7/�`ÒÅ<•ïXùY$dBÅݺE\H"±-ûMWq¥¯#I¿‚¢ùJ2†` =ãý�;§ÓZP�¹«õû’3âþsû‚7IÉ»ƒ¯¦QH‰(>×	nëžã5"œ¡±ÜÃÙ;‰q+=K��OŸ7bùã.,ã°€Ð&ó-±IÙUqrƒî<6ÚÝõ \¨k¾íÁOf}%Ê„r‚¯¯ßýºžSMªfÿ÷hã~5šÌuÏp|Åç4ô—…8‡.†“ˆ4þácÏ	ÔÆÿ(TÒ»ÊR×™1&¼Z,y©Çq�Úà‚¦£ô.æŸw=
\}äù/¨Sí¤ùØñ>ú7)>ÿ›‡9 vÍAz‹Š¦½<Ð.¨GÛ´—ëßýJ�Õ#
+endstream
+endobj
+345 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F8 61 0 R
+>>
+endobj
+343 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 345 0 R
+>>
+endobj
+348 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1587
+>>
+stream
+xÚåYI�Û6¾÷W½T*Ž¸hë1i&HQ4‡:§L�Ê=&F–ŠÎÌä×—�¤¬u&š´@#äd™Ë[¾÷ññ‘\(V·+óóvõjsuMV8@)^mö+œ¬0E)[m~ýè½>d'ÅåÚ§”xÑ/kŸ±Ð{•Õh¡Þõ:!ÏÔYòz퓘Ì‹ñú¯ÍoW×x…¢DúZ^ù,E‰‘!¶öÈ4’âÐ{]•¹P¢*³Â6¼y8i¡µn©­¼®‰ìóI‚ÒØšÙ�Íöxg¶iÈ$·çšçök»&±÷ß�§Üj¡-iŠ²
+Œ†�ÇVD(`®{WO€W�K'^7³æÏåcR‹Pˆ�$Åk5REbÄR7D
%‚pÔX:š­GÐïë¸âÐÚžE¡Di£è,­ÌlÀÅ!J¨Û�„OuÔŽÙšD€�E�Ûžs™ÉGûY
i"êm…iK¨‡tÌ)ö>´cx_2µQ2³÷Š—¶ÍUÕLËŽ¢ä¶Û
ª
vv_|¬•&&Ð2	µ<û›ÙŸÆG’ÔÛ8¨5ÝÍG­¤(oÝÜ“uQfª’Nž‰'|”ÅùÈ¥ØA3LȤ¨«ò™Ùî÷È‹Â’xŽ°6†v�svaZÆœL:D‘·Ú°t¨>€Uy�¹Ñ4œ¤8j빋‡¨»ãH3ŽzûJmÓßc2Ò±Äq•óOWûüÊŽJÛQLóË�ùcäF„ÒÆ‹Ÿ~=)¨v„p®í9¯wRœ4´#ÄpÀ‹ŸT¡¡¤Íšµ¥#…a—C;@ïÀõOâÝ™hå&Xñ³ÁŠ	ŠûŸ
+TŒ¢p¨$‚@ò”Ü6Tmæ£(èuoBCx6ž€ 4솧V¹NCѨ’NIÃÑ�¬ê<N`‘Ö™´ÂÚ&ÅtÐ69C'¤	5¢é@—rRO�9´ÃýÝá‹ù˜1ÌÃnlÓN\»NO6¯ó�Ÿ`­óB'3æ¹ñf�@
+�â‰ñ2Ò,ì¥Óe¡sž&Qx•Ž§¼5ìMIêÕ.WìØÌs­$Ô	ªk¥™rÓÛÜâ$@Ö�ë³›°¯Š¢£î�šÇ#üÛÚ
«€Ìs
+QÞ¹n�™Hª}•2·‹ØÜ 1SšÏ\¹Îý ”8ì´ˆ—MVºÙ'F:�UÍ‹=‘ÂåÄ6O°ÍÏFYFÃ4¼Û‹‰uÈjÖÂ6)yæ¶ØûѲÖy-N¾°¬„›!üAÔª›ícŒmši-ßNZžþ¯–[ðÍN×¥zfã´-LŽ²Ì¿³š[þš*î²öæa°[vÕg2Û]j䯄€XòÅA�©ScÕTxsâÌ¿A'çY¾_\x$¿=™|9oàjÓRsåßÊê|òEî’“P}8ô�y!>,.Ä»y³}Îsùn¡ºéCsSzþ8®^QÜÝk%ì&õ8®…uþ´ŒѦžI(B§½…tZ¡ÊìÈ]ÏIœ.Ç{H Þõ»k€òýÍz·är¼—<˳íÜb¥þö;dƒD!>»8Þj_Õ¸ôþÌe5owPÏ{Ÿ¿Èw£û‰CÚÔ¡þ²('ôèƒ
+‹ÚS½=ƒ8—|$ßsY»SGÕ�JcÂåQ”Y1…F"Ö?vœ¶Wžk.ÿƒ­ò~9kû^
+5cm;v?,Ç1þÀwg5?m½_Žkܶܗv+"—ÛúÎm‚v_+‰ÜÕLì9»€Þ–Û"Ÿ‡ÊÛïS Ï„Å­ƒß¿¿ZøÏå¹Ü»†�}nfúþcAŒ{dâ®P9V&À¹»&mÊ›rÇ›ÝÎ¥}X,VñŠ¬Vm¥‡FÞO¬
�À¤´=xøå¸Òg€w`$#Ç)"a÷1§“DÓ`2DhL<~#ÔâH§ô
Q%·OLÒþ½ñ²Ý®’¹}ÚrB$¢}@w¼¤ÚŽ\׉7k7
+Å¡epâÁ=ËÆîâ´½¼‡‡„82÷ì ÂW}&K¢øê˜c®«)Ó“I÷¾úòZÚÕ€ù’ÍZCÒØœ[t¸#cY©)öæѧ³Âf°§úwì	¿v)âgý½ì5EÞ;$åFÅ/Œ}÷�eÊÒ }qŸ™aÖÊ1¢äžç6™#½z³ùᦠ/ 
+endstream
+endobj
+349 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+347 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 349 0 R
+>>
+endobj
+352 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1882
+>>
+stream
+xÚÍXI�Û6¾÷W8§ØIĈ¤V S i“Š�o™ÕÈ´,T#:’<3É¡¿½ïñ‘’l)öL‘CO¢¸||ûÂ…Ï|Q,Ìç—Å›õëwbÁ}–òÅz»àÉ‚K–‹õÏ–±Xy"I¸|“µ»•'¥\þ©¶ªQu®ð7Xþ–Õ+/Yµú¸þõõ»t€òà¾ð‚”%m[VŠÓ.9ì’’…rᛞÚNP„Ïn×AÐŽÉ’‰pá
Õœ¨^¯¹l†@±,-d0:²8±�×"Œ{²F B²$µ{²z3Áœ	~„!Îb4(6’`§íw§hÐf·VšuWævo5ƒ²Ö¨X¤x´<Ü®`êâ¥jZ6‘«Ç#Ádß”IŒ§'Òå!ó‰zßÕHÉ)�`_‘oùšo»SUEC*u=YŠ†p᪈šÝS¶„¦êì¦R¶ò_,×;{oU¶�½ÎP íµöT¶ß¡©¬±3eMÛPìp/p·…–³Ð\¹QmÞ”D½'Aãר
+MäœD,èíWO8✎£çtt
Ú‚=QGÈQÌ’ÈmU7…NYäLðæPV]i@ùò¶+Â}¯òá²€I|X;~Þ®Ùø†>¾²²IB&�d³Ï
+k!¿^ÍØ[³0%s“$�/gÍ­íš².ÎX[8ïÍÆQzß©T]t64é©«sßgòü…’³TŽl‘¾¨FϹT&,Žx¬É#2ó#ξBÉÑÿVÌóËÜ‹îk]{#	¤g%@¸Ó¸,uî~uõ)Mã§'X�|Å¢„Ä¥V0 œ–~²ÆΪO�œ z„áœûò fÂ	àjªËÁ{ñÖÛÃïgú±ñ~byhÕ†®DGÄï¾ÊrK…¶ÄÎP ’!Ã]]]Š ²ÕÍÀqn#C2¢ZÂÝë¶|˜ŠVBð“㨞ëÛ}Uf�ØgÔ>òíàÑZöíµ>çƒÖ1i66“Öº£«þs,=Þ�¿Ÿà¤˜cÏ34Ô'áÓë“#ªÆ ñȵuÓYþo(é��¨	l˜°4¼D+À:o¨ÔC™ë¢Éö»2Ϫê³+GNÊ—üÐ@AˆU yEõ
+œ™³%!"¤ã‰’ÿáÿ.ùlÛA�7‘9„×ô2çÿQæÉ\\’9;MÆ2Ïš�‹xˆD¿ÿ1ë½N:p^ÌS�åí0ÄFÈÇù&†‚¨Vv€¾Ë™ 	Q:Jû.áÓ6fÜ‘öü $|.Ôƒ°(µú(U÷ñ”¨G™§%~JÑ=Š#“<f¥ú÷ƒíM˜R#Žy«0kÊnw«º2'uÞ”uÖ|¦êG`¾ã„£÷¶yÉ:�5ºL9tIÝ¡©iÜ‘£ÂhÆQ9�Ò+a°åqó®�

€L.°è¤ø¡M³‹¸ck�v»¬ž�¤‘n\O!MÓ;ø€ƒõ‚•<X�Ê:Óâ,!㼶S£õÔ]#·ÜC¦Ø?L:Si²ô©›Š£–:rU�¹‚¢jm¿ýÂÆr±¢%›àG)ãN°?ÎJ~TÀεΞ¡Íc!Í“2îÈĪ+6UÄ:›ä(Ñ“A‘c莖6¸kÛlתÈG},ÅT¥Š¡mæ¹°²
âahƒº˜ÌzD4th•¨Á•ql÷†>q‘O<‘² ¥œcBv⻇Ø5qo`zì8°®ö �–ºYœ0Oð8Ç]w«0¬ØÊõ˜rk}¼¶›LHE„2àš¬¦[¬ñÚµ8!Þ¸’WŠÙNkè´Ï`ÝœÁ%bdǹl&Úƒ¹ý^y±"–²ï©OßWN‘cЮ=¹Qy•53o
ਭ&;ÁÒ%`>>©D®~:IÔfc¸jñ+–£™Æ¾øPô 6Þ}¹Á¶Í.õÖHÇïK·fÞ}`&GñïTŽ/>Ó”ép�±£;\Q͵ˆ|�ÃûW¸ˆ¡C
+¶)ïÊÖÒˆ.dÜi^í>î‰,@\Ó?¦lhÅèxcV4ë£uúª¦Ñ
䉴AO0©-–‹û#ÀuV64.�«
¾4¢mû`ém«�³ç%ºtÙ‘U&�	b¾tÁfោ`ÐQ„:RÆ9Û$$®‡€�}�KBë@
U\ã-?Ñz•ÕÅ!+f? wí–·Úù4vÙ0%í"'&¬›‹ì·hôa�²%
ë;MZ˜
+¬ŸÙ0�"L$=UÁ)“¼Ax4{œlQ%p©VO±Œ€Ì°`”k%b š
¦&3ÜÒ~p%ÈX­áç‡Û§µ¨åâ#ñQnf:b»ñå˳MäÜéQtð¼iðH°>¶Ž#0¾2Rˆ#5è¶óÊ»=jnúø5ì2ì÷».?ŒÍñDGgxŠð5tžewú‰,7ê<³°þT6=:úòì×Á”ˆfã-ÅÂCK$Ù»ÁšªC{ö:2¤g„òÏÙë*]`_uÂÝ
ÆtÝV�«÷†}–Ë/Î^9–
+”Ú
+®ì�o×ßýÝir
+endstream
+endobj
+353 0 obj
+<<
+/F2 13 0 R
+/F9 84 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F8 61 0 R
+/F1 10 0 R
+>>
+endobj
+351 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 353 0 R
+>>
+endobj
+356 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1988
+>>
+stream
+xÚ�X[�ã¶~ï¯pQ$‘“µF"uMwÒnšlÐ>t�f€H“–¶9¶PYšŠÒî,°?¾çFKy<NŸ(’‡çòñܨEFÑb· á‡Å·w7oÕ"ŽÂ2^ÜÝ/âbë°LwßýüiozÛ-WZ« ûz¹J’4øÖ¸=®èàí²P�5ýÐY·\©\GI�ëåÏw¹y«G–+�/VIÄõK>}ƒC|ÆôÒ<LËED´‡¥Êƒ¡î«‡ºÚ˜¾j›W¬Í¶z_9?ÕAg¦j¶ ëL:³[Å >%ž_ñ‘ÕEÁf»­ú‘¿Ö}g6¸rQBF‡_¿æSß|sQFmï{&4ÍVì¨v{4YÖ×U�³•³l¶ÛW÷½»F…[Qá–aö]ThÓLW¹ŒdoEÂoo/ò´ÿLÍf|dŽÆVÍq3ƒÍ—�úü¢¤XoþúÝLùuLíã¦\õW-ÛñîoWÀõé׉y�§àq�ºÝAÐÔ¬äu`|út=ǫ̶�“ÿ�q\øšZ8/t©(NÅ5H/½}€”S¶3}Û]a™xë—72ÿLƯd}%ó×Çòô¹,ü"ã§Û—µ6ÎU»æ`ŽéëàŠ™ÿ«/u
>‡ƒA2H´*ÌÒÅJE¡R´÷ãÞÖ€Z¢’àý2Mq³®1g'
+rOgyÏÔuKN¸D\·²ëxs„»ÙºßÃZV�+ÌÁR�@ÐÔ4˜“yZÉIð¾ížëš×`Id÷{ËÊÇ	Ÿ‰ah¿užm$l£À‚)¨ó`z»
—«<ÒÁß«~_	�‘q<ÿ
+ë¦PA#
+˜ÅˆF\"g*œ˜ÚµL)
+ó¤³÷¶³Í†­ÁM:‚ús©µo ¾Ç [;P^OH ÍŽ?Ñrú˜ ‰Ó	š8uÌ’½yÑŒ"x#ël
~N­a™ýÞˆ@D
džëiÍû­Èg{Æ4€[ËC0#D:ú–Ç|ØÛ†Np��µ‡RGÑ{ ðˆ�ë®MÝŠîèV°;ââw„g™Þ?dÚÞã¦à��D°3µxË[ÆÉÙ†Ià\¿«
¯O}ç	RV=¯TÂa„½1ŽÎ]SÜÙa�&ððDáT	È„÷<Ý“–@)¾êÏï¤V5L&‘vó6³‰Š åK%ÇWœ¬ìÎÎÓ²ÎÃèØ!õ}W­‡Þ²ïÒ âß³D—a,ǶvSSÊÁ*·ªæ™-
ãLh¿`Ö^ª%›Â¥b:OB=uUºÙ<ð×g!P2pò7¼<ñüãõ‹sd'ÉDn
+½ÏEÄ&õl|¼�.”�e�
imÏK{ƒÞú~ÉÙƒ]Â1Íhv«#¢çÚì†ØnœVRë1=ádpöØ`1ù­”ZöSŽL¶a97ümãzÃza´§1…+~)ćښ--L"Ù¢<žê£M¢ðATC€ª%-7=–pœó•4|´s€vňöLÖÜ­t–†:g‰g¾Ça’Ž¾D:tÏ1S)–Máõ�xI¡-°»˜ÜÑÖÂÅ“iˆKûhÀÛ«ƒ©1g§yð‚¯Ã�j{q>Û›ÿ ßÐ�f¾Fä
ÖPþúiÄyF>rÖÆÙ¹…q¨<Z¿›^˜+ÙüyÆ\‡‘–Ífvr"WƒìÕÍÓŒ.B=ÓoÂG%“,$@Gùpíå4ôÏ	CYúÀèǾó *‹@ñ@�¤Ì;‹1"ù’Ñ
ý$õ“÷eÄjfr”„Yò,re¨ÕÄ`À|Ÿµ¨j¼FXÛ½
+¡ ƒo÷�üóýL§X…Qòÿû	|$ÅDé´=T}Ï5-£Óð:±‡¯<ˆ#^á9%)ìÚ íÞqáÏàM¿£äˆû»Îi
Ðÿ©›ƒå’8ßÀü䶸ïH±ï�÷$Ĩó“F™c)Ëlv3qŠnCŠB>�”–tï4OGêáÁ÷±ž4{Bz&£@~M<�¼p_~ë3¹.	skÿ:ÇKŸðJ8ùg™o³rßÖvzšès~QªP'ã3ý‚â“0pî(§ññY átj4‹˜à§âÒK:C}K}ö>ŠH 
ÂÙ
Êß[w<6VD “Š4Çú´A9 ñÎBùþÈ›^¥§zR‹�ù¦8—¸?íG[¨ñ‚š�0ùד:}¦
+¿›>m1JÿJƒ^ôI{Š{ôä�‘î—©°ÛÅ%0zMl8áÞK•?ëÕظ)ƒ;o±zöO$?ó4{Ò)ƒqÿTiÞ¹§µ†#’{À
Q×U[iZ¤ÄM5–?bCm[×:a²�ƈ!ø.ø(ß”Va“ŽY˜�Ãg*xSWmšeCF_ÃA~-Ÿžö¾ÇÆt|*ƒ(~SÀÌAûF=0"Øò8ú! à†µë«~`¸Õsþ�)\#“Ë@É3¶(êTî:¦`ü`a¼�?z‘0ºÏT…'NíªÃ¿-"þ�Ð`†N 1å7,ûî>ñ+¹
+ŒŽ—uEâá‹b(�Ò¢ä#báÝ")'@¡+$ìBÀ‚Ÿ¨´Æ)³š¯§m3Éž_¦
+Õñ2}Ý~Re{hγÀÊâiÖCU÷•tÙ‚�ãèþþî7ÿ©
ý,
+endstream
+endobj
+357 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+355 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 357 0 R
+>>
+endobj
+360 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2635
+>>
+stream
+xÚ­ˎܸñž¯h,D¸åI½ìÁFâ 
ö’�›md5Ýìi"zôŠ’g¼_ŸzQR«eû’K‹,‹Åz{wˆ‡ÝóŽ>ÿؽ|ûAí’C\&»Çó.)v‰ŽK³{üÛÇ(7{U¨"�ÞWþò°×ZGÿ¶gÛÛöhqj¢_ªöAåÑXÕŸÿµKL\êÝÞ”qA/ˆ§Òè“JóÞ81Ñ˃ʢ®?áLGÝ™QluDRÆñ®¹Ö²ùØ5MÕžÞà,�Ü™1Æö÷±ìö‚LD,|Šè¿øcOŒ?tŒà­�
„ÜÀóK%$àNü­]åcºØofà£ã„…óOØ­òCä»7(%
—j`в@÷SYIŒ!´·×º:"78{B|eŒ
¥„ÀÁ¾
+‰N¨OKÂËÞ€ÄðˆD.U_Û{&öòûöƒžuª“<VÅî@l¿åå…ÊÓ8ײøºŠÚ ‘¨8ÉëÏ[$Ô
	ý
�‹ß~LâG\üüÝ‹°,ÀhPPIÄV*âÙ’JužÅ9«4¥],ìtz±uÍÃÆb—1 Òó:Ú kŸy²…X;?�Òa½z›E¢}ÁË8M؃IÛ
‚}½º­ä,×ÊBø¢Mð°­Ë–
+~�,/ÅÆbT°¿Æ’,ŠÅ½äA�Ç1REG` I€õÔàá'^Ò‚¡k¯ã€êËëñIJ
ú–Þ�)v†Mª™/ÁÎ6‡�R/ÜK—ŠÃ|Iy¸|wOZ¥{â2Å	ø–õ‚«gÔ&I¢ÖÃ
Ì¡ˆžFÙS1Ú"n•‰øû’¤;É™îñ�ÏíøòÛRŽhPk8ŒuMòÒºŒìëÌ—8„U:B‹q¬—Kb>Þ‚â48´ˆ½
M<^ÂöÆV­…}u­•Õ`x"³¶ö@sÈãCð²Úßù`’âÕxî¾Þá\¸\Šà§ÚsfÙø鎜Îã²rçËLtU@ØnýPA"8ùº†È#¹
+0Nzd=OYv0ú¯ŒJÚ
@o�cï»dM‹J$,;ȸŠ[ãÊȸ
+6®8Ädx•&´)„ƃŠì@7.€ œ�Ù”
»˜†âu£eT'àŠwøku”=$ <Ã
®Ý„âJÑzm{ÃYµì#¸�î¦É¾`Ne'¥�»º¦pö"†QëÙ¸�˜/‚|Ç#N]ë4­ƒ/j3o׬
+ïº6^V�Ö
+.3Þ±Ûò
|¡ÇóÁ}�½­ØÅ’
+â1_ÜpaèÀ‘ç6Ûi¬BºY¸ÃÒ>CÎZ”(ǦÃzÛtxÑ/Ó
ùtj¹}jZÆ™PÛíc1þÄÅ�Z„�Y@f) ¬(#ÁÊ@Dj;ž7VÌ£u¾á%R
FOZE´ªCH
+˜Lˆ¼f+ò‰¼ –T[ya¡½¯Qò26I&8ð]`Éçê
ÂZ©ºùœI’8Õ7auÅì!e«0‡¬Üž¨h4Xá1LrÏc{ÀÒÂB7Ö'K€æÉè­€?qA‰Ã_íb«Ž5>þ:SÿðáBNðŸß¬Œ#Ƶz¶ì
+‰ùôðC‹OƒÅ§!;¤7Ù
f/ìëiˆ+inŒ0çW›Îb¼�˜ˆv�aÉ][ïgRwZÔPQ…xÍ<üGRê†
§	lµ¦Àã»+Kr<¼xÀfyç8�{tpWPÜuØp×Xß½!½Io81±âc?ÎMÏûÑÕPå¡ÆhTd"]Á=Tœ•+¯µë$êÇueô
+«£í[ö+�ˆóÀàd±Èi�X�N8Šà06†`z • }\e˨ïûBYgpЙÞ’ëŒÓ⺕	U•T©¯HRÄαÌT[J]¢’Áp¦€6m°®]+#âÔ”\2Hü‚‹ìµ¯�v¹x6\Õrõ�ka?‹KkŽo~ÓeHb™‘šÆd)q/ �™\á,,Ì‚ÙC�?!Ò„BffH&8Ê‚�×ÂNn#gìT®g%$ï7êòž„�3ME½ÑyH{8\›D¶l	Ä‚r¾<|Å’òÈC/À#ÑR’0~Áj©Í—ÄÃ:¦,ˆxÁ­ô?Tœ­1Ñ�
+�Á¼‡g#E}8	……:„Â")…!„Q¥“L‚ îà$f¬\¡"}$&õÓl]u,eoä·ÙW ìTY„Þ½"C™
+‚¸!CˆÜ–Ú¹Kv鉠üäÞ-þvèØ!’sÎ{HÊ*µ¿8j#K®æðËmoÊ…4ÛŽB–òÛ]q5âl‚�$³Ù”	׃Áì	8“3õ˜"ÎnM!Nè‰s(°|Ø‚˜¨ç†Ü¦Sð[ÉÌ8½LB;V	¡âÏ‚¹|í/	ôÜàm}¾ÙŠ‘‹»ñ‘_	ò¹†‚Ú¤åWø­·¿�–:Žoör”’ó4°B¦X*é<£b¦3Û8ãô
«œ�Â5c
+\]=Ñ;€Gé.Ñ¿r(�ÏÜ7äYhæV¤3v©|‹öi
!–!S	eͦøêLñÉèû$
Ʊ]%SÐZ9�çUŠPˆÅo¯Ð‹P΀:¡$á
c~9ÊÂõ~_l¤q–|¿<×±
+:U«Izç¦-+âBoTÓþå4•qܧ×uÓy©L,—KÔ_b�0ör–·R:,jœÙ‰¹ß饹öøÆÚ[i±¯EÓ‰di1ß7Aþ´¡šJ8É(V Ôc òLEïú¾z€jáëFÏ.›’ø h“>²Â§»6Ð�Ì¿?9(®±£WÌ]H\ž,­Ú¡åbÄÚÿ]+ž:HŒÀ[šåþ©ÒÆ	WÚtŠ—o»:õ¯ß¨k¶›º8
EâÉk”úZ FÇ&T±O\úa’Q�nHw	u¤µ;º�`HIû'_bo]˜(æ¼*�.“sÂ;1ü6Õ«kè5½áãj×ÐÛ4¬uB’Ó¼ûC|6Sñ![^›ÞŽÅ¤XjØÀˆJÝ_?!I+ð‰ð÷ÑõË'Â"¼sárc¼ª'‹ø�È?ñ#Od’WÊ%â!t†÷î¹e¨žÞÝóØ�¾ž„°w�Óí2O<DEؾÛ?�œ¾ÕI1¿4L­§Nb~@œq蚊ÞìH›Øqœe©]l^Z5³á‚çN÷C¼¡[v)„0=‰ø¯ò®úzo˜:.²åðI÷#£•3š*â,„4?>ùcïB£³ –ª84ËŸ¾£
ý²	�t_èEé®9KTgùº™!4³`&™Û½3KwÊæÖžr
A8©HK	Ñ
—Æ‚JxÎÖCß)Y=›þiI#vO3ƒÑ—ŸÈ(¹ dè„"olÅ»T¬¶çõgb§‡*buF*1§ð4nRÕ·ÚF“D+6)fWuÓËÕ'ô2Nh‰ù'ÕôÌ©ÕfÆÝK•LÄRe¢}u§gˆe0´¦{5— Àâ®e�,5Û´ÔÿK‚&NB[~oñ‹¿u¾kð“%~&5þýñOÿ�¢
+endstream
+endobj
+361 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+359 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 361 0 R
+>>
+endobj
+364 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3055
+>>
+stream
+xÚ­ZY�ãÆ~ϯæ+š}�M&0àõ±Æ&oöyØ5ŽÄ1+‘2Iízc俧®&›"ç�'‘ÝÍêªê:¾ªÖ&‰“dó°¡ŸŸ6ßÝ~ýFoTjs{¿QùF™¸°›ÛÞEßÊóPu7[ct”ýåfkm}Wö1Ñ››\GU9\ºª¿Ùjg¹ôæ×Û¿m¶@]m¶¶ˆs¢TãuTûVžv»
+ˆïÿŠ¯Y4*üðë7vâ¥(âÄn"Ð_îú]WŸ^pl³¸Ð²ÊoS?4mWícä8‰^ßàCWß]†ŠV¨èTÞh}æ—;à>�*þ¶?£,Qµ«ßëÔU{½o;á»Á_•]’øx“¦0V—wÇŠ5 lüšX±:/}Ý< K�¸&¤ˆ�AöÕîXvÕRX‹gÃkÊf¿ ¡ul�ÌwU¹o›ãç‘4‰3¿ÑÝ¥>uÓƒª\žD?–;TÖ
¹´Qé•ÆL—çó±F¢­�<pªNø)ê2‹ª®çéöžgAm¬•ÌŹb­¤,ƨÈÜD1­R$åV¥±ã5¯ýšžmUÀaßÃYÓ!�A"Oø+ŠÆ»öt¦Óm/�¬âoNUƒ¡ˆ|âz<Z~Z¨¸Î³�±¦<Uß¼�>–Ç‹V1­Ît\ä¢gµ¤¥c§d6ŽAÿ©N!”ª8õ§Ú,�ý2ùþfqØ qC¾81ýéP¡þ¬JÀ{w¨…ÃÂ÷R‡«™*ÛöÈX@\q¦ß³IÁ'¤I“ø°ªI§bíuóîÝBb¥b›®»~@$Õ±§ñë7¿.dP.VÞÎ{°d°‰….6™?„›mæLôvÆ?
+tê¶)�<<qC¯^êþrÞ²…k°p«CG¯Ù¿‚u`àáÄ/SÕ;ú]{þ�¬߆bcªLÔ+ݧº¯düP]Q°¬ôp®:VÞÂq@_Ñö;Žë�eOúÝpàž‚–lbœ�Íåìl0z‡^�QÐeâ=0Ùå0€ëÎÇKÏ“mS¡¹ÃÓ[$ξ
++à£n�5åÀ¿ÿ®ºVßj™ì?3áRãqÇÙ%H?A�‘lƒë0ÞKàvÉj$Γçð2óŠL¦JT¬÷4Ü*L°›?–ŒŒœÂé;N=òi n%êVcláÖ·Jo�ì£Þ-œCçqfžõ0kb«F[zXà¦OD‰<v>BÑÑårtm˜N²kIòýeçcyÉI¹Åé�øIŹa[€ËΓCã5˜es»Ç

+ì™ã¼�¿Á�Àô)|™p,ìª{“
3ï¬øEµ*ö²}ñǺª-Xcþ"U{Mÿg¡CÔt¨RÈηáô®+w„kH<�’†ËCOîªß.uÇ€Fì	ñ̨ඖ©]Û¼×YRï
KŸêáÀ«ÙÁa¨?TÇã—2�@éX¡ð¼ªúý\6=Mžn9W]9´]O LQ˜%>V€ørœ½ùهĶ`þišÿ?š†|è-ÿÛ%8Š�Ÿü9L"F~É
+!@[#bûêIJ¯fêK¢OÚ®
+Ö×¾ç)>˜„�AUVÎdžN–‘]ëd:‘É°®nðyø€‡´pÐtrc<S qõþ¨ý
ÈÎ{ÆY%Zñ_ab3‹º4L�Ê'S…‚;Ü&	"J6�’ðb¦VËGûö‚hšž»´€Ý1E[Ç)úqªu~¿¥O!ÿ.ÌÀÙ)Šï~µâz[Y6˜ÆHŽ±°[ɯ&�k|žøÂìFøDŒã‚)hÒ8*�°Œ	O!_¯ì�ûê\‚U{&p¬7C7í ÍÓ(ã|øf‡ÞZæg —®¦£'ÐùöÍ/K‹R¸
K#DA&]-]6©|~ß®œF¦¦d2²9éŒÞføG‘jÙK2~Â1ÀqR¿<ŠŽÙªlT8z–eŒCxXÌ?ÈLJU/ðÈeh§iýÀ”œ”]{þÒ†•Ó±~‘Ò”¾VšI¥b"Ðí0³$ì_Â*?Ì<I¼Ý€·ë…SpÔÇ3nɳw»¹¶I'×ƺM†Dmhi!þãפîù«q~´d|Ás8UÔ§À×Z¶ûW[3Ü5ÞóðIŒyaì¢ã‡ºi¸HÏ5µ¹ÄoèjXJ5
{7…x½ ëž/åɵ�óè}ÓP(L�00,¬b[Éι?¯<z8Ä2à%Œi‘
dÀi/š@á<؆eü‹>[Û‡ö"Ãd9ážaÒÏ­l—NÛõêw5l9?)“¼è¸„ïe¾M\ûÂÌ�h>|XÁI¬õ‹Rw¼tºd
+A_üñçG@_çÿ¼^
}v*Â'·yHù‰Çðèë�¬ Ñc¤9VylÌÿ
¦ª§qê%’åÜ5�ííJ,N°Yö,âs‹d—Æ­œ-¨-yÒLt`&Æ1À3ùÀ3“Á}õ$¥WLBÚGùÌŒ™ç)5]Nˆ»§DŽ܈ra“oëæŠÆUçBhý,U‹Ô* õ$‹³Y*¢JÈø&×îFÏ;˜´K{d5ÿíl—±\à ´,3U_F�¹.`‹>œ×i°’ýÕîßí
+	¡÷¥é«¥­DÉô¼Fljþ^z.íÁáȾê±õa€¼ú•(�éØæKì:ëÀ;›,ué�A�ò„K„þ¸CDe“	špJ1Oâ³sqF1¾ÙtÍbn§¸ò$�c#ó0ò=c L]ãå+§ƒÜAn)? '„œœ“³cÉê¤d…©±L9¬äC%3}½j•-\ÔÂë®î�(íâY
V·Ö=T
–²àÛk©
J…âi£0SçóÙjŒ€Q"Û•€�>ƒ^ݬ;ŠFçG!f±w±8é©UK}~_=X>´ŠšZÇHé*ú8m£×N“½²
+¾Û¾Œ¸àT:{Q^–¾}÷%÷/f¼šZ�rÒÝ-ø‹�P|áÃ(€Iy¹ŠsólSØ©x¦Ñää%úOã»ձÝ1¬ºî¼�î+¼˜)Öo�²øÙK#›Çéõ¥PÄVóT¬b›:­òÌ?+’Rê<ÛòÉn×—L„»ðüL7üN�òk], dÅÊ¥`#‹÷‰�g?r*cbAe¬¹g^\ç�a‰$ïå….DWDÏÍtê�Hž’»@rǨ›ÈSo8ØÊFÇšJ{ÇÐ=¤çËY–†žî»ö$ô¨7ý†QR§Þêæ|ü5&$±,Ô…á‚C‰)f¡ÄR(QJ�7LîxU&»ãàK=ô¬"np†}¬p
78ÌÜÈ#9_ëß‚f{‘ÍÊçbÖæü½¨úAcëqVèdÄõ«®•vñœS›xéIJöu>Ž5‡hjêõüΈP36Ó\M—´d=_6qp;RHûÔû™êÞ™êàê�àåF
�y<¿Ké}ëŽER BÔf,JÇ:Ö‚c\žÅ9¦|-ýj—F?@ìÜ
m÷™_ €OÖêŸÂ(D±b<. Œ-È‘‚.š… <‹¹KžÇ(¸gŠ#ð±ØÅñóöcÝ×Ü7Ë‹‘pM½F\­šH‘ÇÎÉùÒ–Q¨ÑL¦ �<íÉ�	ÚJî
T‹vÖ¬g0d3îÑ™¤ åÍ4þÖÿJk¯y`júpwé:¹~â™I‘¹¦á¸97î·@‡—ìÜžWã£Ë¢Ãæx�L!\þmÁúP_òŒFöÌ•�J¤3x5;ð¿>`,m\ÀéIôaüÕ.͈>íª™aév¶…šÏ'"R&H�þob²U“¹nv¡~­HÍ¢d
WÃ5ÙµÌÅ°·
V°,dÜØÉ‚$7BÚÉ®ñ
+ÄP»F¾ò…'ËBò…

—1ÖÇÆX°½ŽÍÂrD	É�)_åÏ…]ïDƒëŒùÃÛŸ¹}ýýß×þòâ‘0Ý\Igæ³YùÁSh$Y¡�°£„¶Xqp{4¦Q­ñ�ó‹ëZ!é#œ7‹Í�·ú/½±­
+endstream
+endobj
+365 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F1 10 0 R
+>>
+endobj
+363 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 365 0 R
+>>
+endobj
+368 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2058
+>>
+stream
+xÚåY]¯ã¶}ï¯ð[ed͈_’ˆ¾mÓ(�¢H.�‡ÝªµtïV–\YÞ»	úã;Ã!%Ò’½N²
ôɇ¢fægÎЛ”¥éæicþ¾yýðõ·bÃSføæáqË
—̨ÍÃ7o’<ÛîD!
+�¼.OÏÛ�”2ù¾~¬‡ºÛ×ø¨’ïÊn+òä\¶Ûwÿøú[9oUdLæ›�2¬°»UÍpÚî´ÐÉ›¯h±™+P§Ø¤vá?[qÁrî¤ÿ¥=v‹-xÎøõ-2fŒ¾ÃTòf·o�ßÑÊÀ;žj–køÕLäö�ošÓ±-ÑПÀìÌ$ã3ÚŸ§IÛœFšêifÀ?[‘%cëVõ¡>àÛïÁŸyþ«h-¸¤Þ�ýÐÔ'Ji_šfhI9¸/•Uå_{T¬Ù
V\[I£´ðÁ襴”Ô½tHn˜ÎœGŽçÓsµp„ä³ÏöýáPvÕ_`?ž­ïÇYªü~ýq¹�ȘÈâíHOpO�þú¸EbíNóÐ5dÃãЬÙ;‘¬ÐKã!:Ñx¶P
•3ÅíÚeì
Ú"Ž›@kÍYáµ”2Ÿ¡‚HK™0W÷3LúíÜÄ›ú=¾ïœ)€šî	ç22F™ŠËÚúq¤)Œ<¯‰l è84ö|ŽuE¾ËË"×½§¨^œ8�Òùà® ©=Ü/ÏðÖÿô5dÿÁÂY‘c±?�ôÐǦïNo·¯èù4–ÙŠ)Å…-Ìÿ\ýÍ�1x.Hw_
+R�^�B÷^D5Dt€(>^"ŠŸ!Dµ;œvÙÐ<=[°èaÅ_'7«E1×xvCœ!Řk°¢éæ&¬š™,‚w›`ÍXQ0Á*Š4‚UÀŠR‚GW`åR3%#\÷Kìr¦}’ÿk[—XR0T¦¸ƒ	tØ£ÚðQ [2›Ãa\Õmí£N&eÛÒ6�‡;²CMÞ=­¨M…Z·7µþ×У’ê¼·©M©¤Ä�´}÷T4…Xƒn˜ouêt�%UýXžÛ1ZC’Ç~8”Np>ÑÎÚï<6mU“l­vTu×�õ…ÙÏýÁÕøÙ¥…LîòÀñ6n¥Uðr™1UÜ›rÀ"~–ŒôxgøhweBxpÁq´Y4$zº«×"V¤,‹ÿø«ârûPæLD†› ³Ó#n¢Ôƒ�dxf
7¹7d¸1‘á°"0ÜÖðW®r(:�AΩß
+�šŽPM>~^uèìòf<ùbQÕŸ¦ºae~`knÇâÏ7,ç,ˆ¹³äE:»Ï0NÒû{ˉ\)Ųž¹£i=¢”©ÐÇ8ïXB¦æ¥!·È‚s€):Ïä`—J¥æxÜ/yWLÊ ÕTÒÕ/:ÙCPö§¦µ?…Ð:ézú-‡§ó”wýTMƒ§ÆÖ¢º{µB\îࡹ‡Œ¨gA¥Í&Míƒ>cm�:‹Ì“Ÿí
+Zš	ÆÈóœ"<-Äv•œ&ì)ÿ/ÈôL8ÖГԦåÓ¶rP¢?’è€�Êuò@Ëçâ–‘“•pNÆ�lcw@÷D}ˆf.n8S¡™é¢ôÃÖ%ü¥(�
æ�áäfÃ…G¬j–^ÀØ&�E|¦œq~3_
+æãhª“†Õl+XPÌgBeJ
R~“&õÎ}&e‹Ž+’‘æ©°Æ(ª9ƒL)
+Â…3iÂàÿ*]B~õü{5¢Øf@ñ[»š8Õ •B¬³`Îrywc›„È
+9ÑàÜ76°Ä¥,áS\cBÛØD"jl`´hl°ýŒœú«›9xV”²k
Šf™üB
Êe® “³Œß‹ŽŠÏ�2Ktp	¡ƒR
~:hRð!òÙAФ@õ˯6)
_4)’¥¿7D\J¦cŒº›Üí‡óω˜µðE"±CâÝÒ$ñŸh<Él/!TT?`ÚõË <º¤¹˜²õnÉÒÝUˆôu>`ëqaGמzO¨Jßtwö:jõ%z§9Ñô¡ìšã¹-
§[ìË �n�Vè—ÿºI¿Àì"‚
+˜ZIsHÀò›NL[,Þ
’ìî6
|çŒX§o*§ä3ÙýC’7É}Ç£ûAºØ
+ƒƒsÀ‰~ÝÜr”<F[ñË7C8a1Ú©[6Â0SÜdyEÐs\fËÔ\b'"ù”pé“�¢E”~œnz,éÃ.<$}Ë‚mSŸ¹³ó%cýi>�§‹þ�œŠ—¼Ø«¸s´w²+yƒcD}™ûÄ×�ŸP3.WSº¬¸»àâ&Q@ÈŽ“ä¾àJî3÷§(Â|†àÊ_&ó•‚›	ìîºIÌîek˜¼Š,Ìåyæs9°VÌåo·4k‰oî¸�8Ò]Äg^¢½0õÞ_áÃìÐ�¥ÿˆöî‡(…΄‡fÝêD—7¿=„^¯ï°VßM¾tL¾ô
+ùÒùr´Ë‚òŽó–�…rÇÀôZ@¤hÌ]ìÿ( ~
«ðwÁ8˜XŒíŽgîbø²pÀ£c0*«Šì5tñtñ§Qqé7]E4BN4B-i„Œî˜&!Wh„¹å©µ*ºê»òÃÔ¤¾<ÂÀ×Sº
+ƒ‰{M=| q™„Ç÷Ԁヘ·¡h)(䃈˜Z
vw&‹¿ßÜ_ õ§zëÓ×rm£ÛFKËÜuó¿WΉ
+þ0«–%X¦+<ˆ$ÿó2Vip½þÜÈÛ²¤
–ô_Bþöð§ÿ
•À
+endstream
+endobj
+369 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+367 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 369 0 R
+>>
+endobj
+372 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1635
+>>
+stream
+xÚ½XßoÛ6~ß_á­
*a1+RÔ¯ìeiÒ.à%XŒõa6Z¦#µ²äQrÒbØÿ¾#�²åÈsÕ¢Û“DŠ¼ûîxüîN#�xÞè~d?Œ^N_¼f#ê‘„Ž¦Ë�GÔ'	M/u.2±n¤rǾϜðÌs8/E�éßyíÆÌ‘¢Ù(Y»cùw¢Èýmúã‹×tD9ñ¹9Mt4æ	‰�Ô�$î8™sQ•®ï9�ªŠ"/ïAhÄ�&“ú%pnUµZ7(­�ktc–?4â¦z}çÁ
¸#Š�2§ZâtÓù8Båb^HëwÄ‚À˜Ž<#òöç›Éíô÷‹›Éäü§Ë„8 ¬]š×(\¾«¼”½ÝÔ
¾ÍÁ1±#—•²(Ð}úm­òÒe‘ÓÔXŠÔe¡“i}` JÂÑNƒF¬_	õ
!´wˆ;Ž©ï\/ûöxŒ0°=ÔïÚòkÙà‹(ø’	ó)rŽËªü›¢Ð3ÁîNa‡Úó%®Å3€—îÁÐfŒ¥q¤�³c¬|/ÓM£ý©#
ýéû°·Æ™|iŸv>v©u¸Ö¬‡�Føa­ÃÓi¥U%îÁPƒ‰´Z­Œ�z¡(‰�eC�†„1êZo¤b±È›¼*Oõ0¶r`~	�\i…�Îp4�‰6óu!ëTå_�sÛ­µ…˜æ¢À¡D
+W°Fi�YžjùSÑZ¯Q¬P8‘—;ùèakK'šÌõ2&ã©àͨÏz±„÷—&„áÖÙLôb(ˆHÛ:ß;	Æɸµ‡ô”Œµ„ÕP«fqPMbÕLÛã[ˆF‡œ	‡²'8d„··õ›¾@1ûñ�Ã=–ïÂÄ²Þ¤Â;šáðT¸k@uÑ¿ª0L…�VÂ:}æHrONá�ø¼SM¿iqvA³°'55›�:sœ�y½Ã¹ü×%GD„Æû¦>å$lUýÝÃÁI”tƒtšYoóÝƈÇ(a{J|Þ!4–$ÎZÔµ&ýÞT}ÿD$n9°nÔ²ÉW²/Ø则ãÏ\-.FŠ4ruDêHˆ›¢Á÷@^ÖR5-KýJØn\o“žæJ<†îà-0 –ïtº€ûª¹•yŽÔÌÙ?õðzÌ>â©�„mX è¥æF:5dâ2—9…×–kÒ|Æ‚(ÅÆ_f‡’k�$Ñ>¡i²Täía‚Ap„<îžóXAZfÊ^k%ÿÜäJ.†q…<Êç6ÿ³Y)ÆJYU7¥XµÌ´YÛ„T=I>Ú‰ª¶¤ðy>ÄÕ§�&ôí0¡˜õW.xqŽYKÙĺDÛÞVs{˜éF)
+Åœ‚L+îå6[ïXËzraIcâbâ¹€€+Ù…é?QøÜB†8€JNجµ�yj—
wdy<­åã¶Öø¨D5Db*$ñûíý�ʼ&¾þ¸Gà›ö!ƒn i?B¬³�µ“AÇïvO/uÆ\sª9ñUûtǸ[ex…+¥ÙgléÚÒ‹q‡Bß0s g
øÁ$Ç“÷üÒ‹/Í~»
+Ä<gÕFaä\]�M&gwwø	¹xØÁL?e_À÷_€X½X¯>]ûùôÿ§kßÓ¾�Ä~„]:ˆD§×ð0ÀƒkH¸Î±³a["Þõêmµ‰¾�ÖŠ—!~†@ÉBÂ]ß÷€Ö~Š@º{àCó×Ö^ß+Ÿ×¢IuÖÉ
+‰4·g9hƒ:�Åûö=³¯w†�šk*õ=˜X@©’6ôçP•ŸÚEy“õÍ� ZÊ»º™¼êWeл·6‹ù\AÛ^ØÅ;Õ±8”EXÈÉkß|fº|*X{Ûí�ܾéÿR€
+¯•zÚ�Ýë(	èÿá
+“˜ïûâë�T^›Sݯ|"Sù„¶òá�KŸ×{ÿ†Ýóg£°ûŸâ¿ÂrrËõ>»AE
Ù5„ÈÏñFZFÌ-È�×ïs)”ÿÛÞãÙ¡–Ôß� 
+tªÇ¼î7à�¸·ÿºNŽ5·‡BØ'ñ÷]Ðkl;`Êò@qGIö«ÛYX>€rÜ&…ó»‹kS;_Û$�
ÖBîûm›D*³8m°.åög¦þ‘Öë�yHht-�w]ú¡^ŸQüUÔqHë’ãåç\›ß™¡½š~õr,–
+endstream
+endobj
+373 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+371 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 373 0 R
+>>
+endobj
+376 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2429
+>>
+stream
+xÚ­Ym�Û¸þÞ_áOw2zâI$õv(ì¶I“â®d}×»A£µéµ
+Yòée“ýñ�á�ei7»H¾Ø9Î<œ7ŽV
‚ÕÝJÿý}u¹ùñ_…
ËÂÕf¿
+ÓU(X&W›¿]{IºöyÊÓÈ»ÌÛÃÚBxïÔ^5ªÚ*|”Þ/yµæ‰×çåúýæ?¾#+vW¾ÌXª¹ÝÜ\�³]”°([zýRÝÕÚ—�ôrü‹¼VýÑÓV8Yïi¶ª+ÿÔzß®¨îhu‹�‡¼É·�jZ¶öã(ñ6‡¢¥—¶u_îˆò•òÍ÷­2Ó]M3ꈜ�(ñìZŽ‚ƒ˜>`6°Ë±¨@m�ʶ&qšZOpGtDÉ[ÓZw0Ó§¦>ž:6GŽ`ñÃŒ…»÷�b÷²Ú‘ 9ý¹Û�î7GÅ
äb9TÕ—œÅI�é6(4OPõxÌq;ž¦> –ZÄ¢(:ûEW7Ÿ¿ô^£ˆ¢oÁ¦ÊÏ4»+nx£ÝiÑ‚Sáá"ëYÇ笵J¡D»ÖGi•žˆþ9ŠeÚ
N�œ´ÕÔmÑpÖDSÑÉ
ƒQx(áá¦ÞÇCA “jÇEµ-û�šˆ`¶l²Cħ=™¡v«Q
½½ÎöR„–”ÊŒÁÍ•Ú’8‡Kƒkòo¾v™¼Z§ÜË·E	Z«ö=¨##0ÛüÎ0Cq³Ö³*i÷3…¤ÿQnò E�I¤±Çbƒ“^°×4Õ�++’È
ŸÔ'µí;íÔð´ëŠ##}£­,ö:œO:¨²\ĽUmò�àq	X�­¿\ì;ÔG¤Òø{
+¼:Ú'QIüß©m­Mk§v€¤Èb°¹)‰útPldr_ä4}—=ªaM….ƒ9ãbÛ߶]áÏÁIJ¾£÷d€Xtà&|ø„¯^×<aá�¾î
u¬ñ4ï×`y©)cÜtíÃÄÁæˆNGÀLD`¼ÐëÇ�UFò<(ŠD²X˜xG‘ó>oÚYXô
¡{Rú)žÈ†0·ÀéÁ-ðA2N×cÚ»ì‹B¦ö
|&@"‘ݬMÑ„D)ÈXD¨÷£‰˜S`pïÃV#>_Y3›fc²*ž1!4§7:d	“�9@E�
+m+o:ŠÂûGH#›„W�­Ì0
£ˆ%¡Á´¹E¦ç"ðtDu¯nÎx˜1–
‹ÍK¾ßŒºžs�ÓqÿïI!Ë}Δs&–k3+d2:ãeNù
@õ§SY(”$:>qëmUr“³ïñ*7^"¤	Hfm†¦°ÇS-ÍŒš3Œ&¡wq>Æ„ÄÄ)*Lp¤�‰”‘¬?i^Ñ3eÅû¢�ô¾©ŽH‘bDãIâk�c“Ì­ZJm:°Ú�-Olæ†
˜VµË›�yBYQ€ä‚ø¸ê$44˜r&Œ[ڨؙl^lM¢Ç=ëSJYf�}ÑD}M’º�u(¶Ô§­:�Nzvg{€A‡±�Cm¤Ë\ÛmnWµ;"@k¥ÒÊp£:A5ûº9ªÝO$l4
+’Fnž¸á1Ÿ›²®¾Hå¿Â�Ü�ÈÑ@¨ª›B›˜gšÎ\F,²î»�û_±ÀÖ�·âØLd?Lã	I?Mê+ÕuƒÐ’ðúªu§à‡,кõê¥!6d\½~ùóÏ_Yçb[kz{±y=›³ì±—m\{ùÏßç$X°�Á’tŸÅ1ðO+ßåÅÕëÿ,±‚k“”†ˆðiŠü¶TíÂù@@bò™çC5•ÚûÏæ@¤S2Jíôv“Õpxm	®¸(Mh®_)Œ¹ÉP«³×ƒ²äŽHf¦5LŒ·çÍ]4ñÆØVý°�‰€³Ôž3›‰Ù8žúŒ¹H|KÄ%K¿ö€ÂD+
+L„0‰LÂØ’ZLðåÖüWæŠ	¼£1	ã˜0ø°�À’Ä$áÓbŽÇ$Œ\‡’+L&;œ³NB–YÏ;,Æy‘&LL⼃¿xÿç›ä›£¹t4Ý`‘û¾rªÄ�Âc¨ô�Äø‰¾¢iRÚ„[z:iÚ5EîÙD¤K¸þôMä‹ü¡<2Ù iKnL`ûÙAdP”¹
ö×·›«y÷!‹1«·ÓÚøFzÇ1‹ø³§(EŽÉ§ïN½Ù©oçÉçÃBÒ”cì}1ל%Ö
¾7A~�g	·,þ÷¸›ü@p<Îä///xŸ&Éwß@’ïž&É�H‚ˆC^¼øR!�<{ªÖûj[gåP-æÄîNϲœß¦Æ1«C�„Œ�„yá¶*çyaL5�:•¹íÉ-yÊXËåPOT3IËJ¦)ÝtŸ®äÅnGM™ê²ÿwªTÝ0;ˆ.eæöO`‰äÃõK€`á–&œ¾¤¿ÿR†�Ò´–¹�©XLýÝSxQ¶i‰ŸîéqÏ9§œÖ¤!—BiµÔJˆ¨­3\¥)’Ÿ£ŸcpËÔY¶dr“JÎÚŸa2ÜgnKµ›e)Ãf±° pM¿¾²RÑü¸É8¼º8‹µ{§«Ç
fœùØipÚ’Óš[Œ44%Kä³`جSH>M5dãûÙ$ì¤Jm;pUuª
¤Ô€7þ<o�Ž÷·)nÍCgÀ¢Ó!†=ØËÉâa61Ÿ ÖÃË;~Gàö3B«¦¬lý$ím-®Ï[‹HnZ©Tσ9}6ßX¨npï	猕SÜÔobû9å_UQcÔôR'ÍRÓp:°ûºkú¾"9\¬ápÛ§Y׶ŸñÉva8váA°”×COpáÛÅ•æ¯Û‘<	L;’GÂ;ò³`1ùñ>Ÿ‡@Û�¥¶ÄÍØ)�èq~zv¸¬?†Dƹ‘Ä6�`®=é/+Ý Š¨¥…‘É›»yOÕÃ¥uÚª!µUMŸ6‰¼·¿^½ù7
Á“âèHKmUé¶U¯Ð’´sr8TÓ\å6áሄƒÁ‚BTŠÓ¡ÛyªÛâÓ<´èÐ96'�“±9¿,*Ã{hWrJÎøO
²-lŸl|ã®ËÂÄrl
+iaóõ†>ý!.;Æfà�2å(öš¾2Á,Âv™¶zmó^{7PŒïh�‰ô-›b´LMH=]Ö­ÂþßH�<u¯ž)^Ì€EÅÀˆS‹2d+¡ùÀnì`â&·dȨìËÍŸþ’ûo
+endstream
+endobj
+377 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F5 30 0 R
+/F8 61 0 R
+>>
+endobj
+375 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 377 0 R
+>>
+endobj
+380 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2977
+>>
+stream
+xÚ•YYoãÈ~ϯÐ
XÍkß²;3»›Al$
2A¦Mµ$Æ©eSc{òÛSÕUÅC”íÍ‹Ôì£XõÕÝ\~¬v+÷÷Óê‡Ûw£UøE¸ºÝ®Â|Æ~¡V·ïÿéý¸×ÇÞtWë8Ž¼ôû«µR‰÷ƒ¶{œ‰½�WyäÝŸ:c¯ÖQÊËŠ«Ýþiµêáj­
+?w”Ê«(óöºÙUÍÈÀÆ~ohpGsÏì5nùVµNÇ^ßââtO‡yz¯{Z°G|§gÊêK”dfC³w¸÷	yx÷1ÅŠ”òU¸
+3ÇÖV�´e"yùŠ7T
±¦;£-
ö¦3ôŠ�sBG³Õ§º'Ñ£,õsp	Ç
²˜šÎúnG¨àu˜úqáÖÿ¾7
A
+oF𧽿B\6„>ðáŽG†såçsŒœË†¾Jxùš¨�ªƒ÷E©ºµ¨ÒÄÏÔËH…~óŽCë´°1DWoÙ^”Ømœ¶qÞa†Ûë®?i*®6ŒÊ:,b?	²š[9µmëºEPŠue{ÆÌÒÿ˜Æ[K”{übå}]G�ŒHþ"¿�¿¿â§ì²ÿžÍA¥~¢¦b…þÕ:M
+Q{˜xšþÊöpÐ
r*"²¹áÄž´‡Sú®64lZZ¬[�µ£9óØXÔy˜‹Îaú¡ªkÚÜ™µ5º+Ñö»ŠÓÈOYÖï>ÿñöçK®ÈŽž@]ëNä8Ëý"'Hh—h²1¬¿Öù}©ûªm|-
+ô]±þS]Û–GÈì·«$õtU³ü¨×ªßÏô:$
+3ô0ñ�öȳ#Ù›òÞ¡z.`‘ûyÎß²yÆ`Eâô¥n%b=:3Ui䌵zÇÇŽœ¹w¡)
%4¹1Åü§½£íeK»»¶¦•’ÚðFg¸ñîTÕ}ÕXz"»Æ‘>#VÐË&’£B
(ñÓ™zš¶YÿfºvðÑþdçÆýõ}Û˜/¼ôåJ@J&ñO0Qç˜ÀÄ€	Œ	�Š1I5ÇÖ	xÉ5`¢b‡ÉH�¤Á	Û·Ç#åf¤²çÈPèþzÃ[!Ól¾xd)j´pîX¢¬­v�>˜¥»€5IDè®%\aFYÐK|•¿BOA¦Ê$UÙk	‘‡öG}8Öæzá�–”°qóé§Û›ÛÏKÒ�·åõb÷c5Õ±šèx<2?“Ðp·[&%åg+
¸"ïd±†À…
+Hõ�ùõTu.€Ã4ÈwÀÔsm€scˮ₦Œ–j
Ÿœâqp¬uI”8N�/#Ô.ÞïºöÔl®YlHâñÔGöÕ@âꆲ€ã:,ÀƒzTMYŸ\:„ÝÈ䦢HGÏí–þÁ€‹Ž8ÐÌ5³³ˆ–§®ãÔM-Ÿ=vJ'ç´0žóÏ„u÷WcM÷
)9ˆSï
ÚncéQ‹ƒèŽj¶8§ºþÑ­âlpOóØ3	.’`KÇô3¦Ÿ!ýl Ÿam%;Ëv×T¿Ñ>ÿÑ‹Á
+tdº�¤…ºÒVÿ¨ë²ÉeÙÓs»�Ôqá‡Ùkõ¡lƒ ö£¥í‹e¾	Ç£pL)šå<YE~”ç£Ï’:,CgN
+’á2f‘ŸWo4¡Ò‹$Ë%WuÇ‹a2rßvO4ëb÷é€uéYGˆaû’ƒ"šäà7o.V©é‚òÀ"òótŒ—�ûAü;Å‹óœŒ.Î�ñKðu(ß™}\?ê.•°¸Kp¦U玸‹£Ã�ä‚
+l•=äª0€RêºúänØ.™W!Úô‹634-mlâ“

ºpê;�Ùén57ûŒD³úÜô=×Øj¶ºÔkî§CÑܵ‡cÿMK;1a"
ÆÚ*°Ñ=£(AÇœøgö’æ~øj…ÍýóÙ†ƒCGg$p˜òÔS§{¼¥¬)Jâ¿üm©©h0ò/WDµÓÚ€º™
­ ¼A>«Ïû²yG%
+ƒÂ¢\ ªj—cÐ'F±‘ÂÛÔO8Ê–æêViM[,2œSÜÑ“	$K²‚ÈE{ü›xÀºäš†,çÅP=ÊÝ6¯Yæù›©˜ÇêÒ¸©Œ˜™,´®ó\„/¦Õ'¢,�¹;9IJéy·q)zA„‘°ÿßw¾Ýÿ[¨œ›@¦|OÂ
¾¸®f…´嘱ÑB¹hA@\!f(ñöï~þtsûñÓŸ?,c^è'ñ`‰Œ“�¤3Wƒý¤¢p>õÇS�cò{œ[â
!9/»¯D—ëz鎙_#Hm(þ-=;SÀA/<¸‚—'ÑÂx#š²¥eW³«ùØa”¹0z;7ÆÍÒYD	ØÕª?Ë…]ŒÍ)¥l�ÚSfgKá¡/Â1ÐË\–�5[¸Ú£lȇ("|¡˜ã²·C{vÜÕÂy9
´¡FÉX	6,�.K#m° í6Ú®/áŽÚuOÏ5ÖÊ�ÓW�È_D"Ü�Ê	i§�fTÚÄN—}Ee$‡ˆ½©ë¡à«zvàí¢‘
+èºÄTÉÙ/7Sñx³o]¸]4þâ%ÅÃï}ó>hd‹=‡Äû²ÜÜOã×@Q¡@QaÊ ¨0APÜŒ¦?ûDÇõ#-›®sw­¸³á�
=CÉßï¡‚†‡i)¡¶‡ÀegQ(IÂYÛ$7šxqSW|�ȤV—c£àjhT6ЖÔ;E)DÉg°¥9gî)£ŠƒiΣ™‰~ÜóD&G•ÿ)Á@Ú|Šœ”³ånÂÖE¹OÍXe�Õ*jžΕ
+\/1!’ar	—$Ï0q©¯=³´9&ÎÕ¹åc×:ÖÕPüIâ�$¬Ü]�/O!
‚™>¥ùr
N�0ŸeCìÉ
+ïàw±›
=-q=í,ÖÉ…·©Jڹ苓B
ª¬u’y5¿�.SŠ…zbŽ4ç\'(³|¸¬Óœ ûfT"ß©ã}6äÀtj-W„i •Œj¨¸á¾9ͼMµ«zy rö¸–×–mgK#ƒ‰ÜBÀ¬«zqJ<‡IMî({”xïMYSƒ/˜ÕŸF]Í“C3µß™Sò¦Q©ùfgÌ'[ÝKá;�I.¢SLoÓcw5YÉ׊ÑG¦ÙàÙ’ùË»~·é•Fbhä‡F"Èè{SŽß›÷03Þ:Æ�ô–0í":ÍñÕx¯I€5
–�oNtÏ‚»ÆRø¢¼½?YÐ$Â;© Ò|†
j!½�ZÍâÕï_Á¢�Jós¹�úXid
¸}êœ)ßwÁ¿èË2wc|Mn¢éLs!™‘NÓ|€Éàö(ô¬h£fˆ%lN*gó±4¦û¥ƒokyˆßŒÜ5SNö…Çé¦&>ÿåæÓ?Ph|®›
tÊ×è&
ßo¸S|»G”AcVHßSB^øÑ;Ôl„¦
'Æ(‰�7ĈNT³œâ–I\ÍnºŠ¾} ±I•y=Í	8vWÂHg¾Ñ^àqÒñMóÕhˆìÔ×äÂÃœ|�y!‘£m..@"?“ûñýåOMùô®›†5=ò‘/& Š¥ö,7ËÒ4ñ“lQ2g™|Ä$a¾:@J,«¾æø¯åK@ÃYˆ€ÊÆ‹Y§‡8K=Ò$u›¸±eŠ½táø‘8aƒ¦Ö?™hçP‘¢ÏÝ‹¿áð}î’€jì¼X& ¹ÕUM$±,Ä÷åþ§‰6N�”Dò#yCSã};<@&´}w*éú&¶]{ ÚEí'z Žvµ†�S?&}’Æï_•K*¾T�§©Ÿ
=ð33ý„�f¢ ~¥b¹aº[úç7»¾ÿ¦’Ã#§:¥F-�¡Xð°�m—boWÑ{#Í_:ÜgrŠµÓ\Š1kwÝÙyb»lÁ?Í^´ï î‰ñCð<ŸŽ¾=û–€=ã ?„E2Ó·øڃݤ
+endstream
+endobj
+381 0 obj
+<<
+/F2 13 0 R
+/F8 61 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+379 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 381 0 R
+>>
+endobj
+384 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2792
+>>
+stream
+xÚ�Y_�¤6¿OÑ‘ÂHÛƒáq£\r9é¤Õe¤<Ü�tL·{-
;3ß>U®2èéÉÆ6årÕ¯þ²Kâ$Ù=ïÜã—Ý��?ü,w"‰K±{<íD±i\ªÝãOÿ‰Šäa/YdÑ�•=?ìÓ4�þmN¦7íÁà«ŠþUµRGcÕ<üïñŸ@T廽*ãÂ�Iü°Ï³2ú»Uµ]»¯Ýƒé«ÃP{�EäH•‘=›¦¡}æµ,
_êáLëp-ö}×ÓÐÕ0òÆúDÏŠv{ÈTTõuõÔ0ýÊÚú¹½:Ÿæ<-vx×èp{ë®"E,Òݤ!H/gøt¯R¼=ÝåRµGž¬.†F§®i:<äXS²Œ†³[pï`ü”yiëg¢—ÈæKàÌŠ‚“91™9&§¥á…>ÑÌÉ/™×êrmÌ'Ò!]ç‡þ­nŸyÜÑ*�Hs=H¶Íè+y'¯ª¨7Õ±k›·iït…Øñ»÷’Íæ&b†‰Òâ}˜(�x˜à�a‚ŸLp„0Á'KÂ}Â0Ái„	>I'°XãCÝñg+‘ã^©�û~NgcQBÅR�ð(\·!°¦}Z‚fD¨ …ºI~^+Ž%” 5�9KkÒL=écÍ’(ÀöRf‰èl¸Ju\~Ëš nÊÕ©nªSè0œ>%éS²>¿ôBc™¨ŸìP£¿�šŽk»ÁŸ¼Ð9u3Ÿ“,“zĬ�š½ÂlQ4wíÍÁÜNE(1§^b×ÎÖ¯[�‰Xó‘$i,‘¦ˆì.§#s¨«†fžÆºêÖÒ/÷¶¶Í8½)Ÿ#ø¼vOò¥ŠË2ßê¾k—�©N€Újøpš×>û®Í©÷$¨‹­µ$¯³·†Ý§±õh…·CÕ4–ö\�ò'
ÀbÍ›ˆé%:nyÙ•#&yl/Ÿ†<8ÌcßÚOÞƒ1°O«	1�CàÒa Ÿìj©x È^Ía
WΞH†7™Wssœô°Z*(c=Â7žGÅ™`nÌëµëoX9XeÆ[�›5	0R‘óúdãk"È…÷LWTRø+Zz;ÖöÚ€ÙæÑN$¨–º§µn®£u2ò_“ï…
øÌKÅ‹½ñøOU\,à�±îÍ$F�üÛFƒàƒŠ¿¬?2b–¼HDœå÷•ß“|g^¬C_]7Á×ÙFfh³�”,Í áyaú`9C,ëÆa…ðt4ù¯P�àεçè·_Ù0$t,<¶ùÎ)€+´éÐVÞ½³Ž³b‹“":’ÿ7¶ý~ ™
+àlÑ¿Òáˆþ+3Ý[΋ªþy3¥‚Ò·D²ÂüÅjL¦X¢nÌîçP#ÝÅxwýLĉZx²Ö@øíÁùì�ÞYú:PpÛΓ4g?ÚoÍ!œ×Ï5oÖNëŽ@¥wPš]QÉ¿“¯‚Dºm8V"ÅŠ—²Øä|‡®E‹_	)]c\´†q‡Ç„Þsí×é®0Yû	z¥ˆÛÔn5™/K”â_PeOÓbLGuô+0ZðòDî7WS4
RNB°ÒkÚO‚9'KÓ‡—RS:8-{ Íçš4ÓÒìĦ×?Q€7Ö€öp’v>ê�6X°¶æHc¸
þ¿5´2‹¥wºû­«Œµ÷/ß3çvÅׄït…ïÉ,eœè…+*œƒ@¼á§ˆSyÏý'³û·ÝØÌÖeæs™3™²YÃÓål8°¦êx•3¾³1àTýdÄÒÙäC׿ѺS3¦/PH�¡jJ†ØÏûû"�bÅöz•ÁrJ©à”±]ÆJF'®o9V
n/÷"úòùñ[·'ãréXEQÄy¹Ð`Éü
2_Lvœ!Ç¿ºPðÒb`“\oÉ91À—lN%Ü'AîÌTêölúz aæMy4D½Nóºº�í’àÄße¿…‚±Êft;ª×Ù¡¦ZÅjQæœúîB.¼©ÃàZõ^�ðι/'+eô;• °‹tV¸g“¦é<Öò~˜²šKçÌþèêÜrjbÀ!¦Î_éÌßV*ê»$¿/•<°y ÂRq㚟v¤ Ç²‚ôF…èµÛT� ”N]”¦ö¹,$}xýuU5ä~È9Ë[‚øx䀙ÝhPHÞª¸uÄõ}ÈÝ¢
+K}ÝNêSš¤¹#€Cû¤rWØh-�õ6r>g¢Û(-™-ô­sê?³¤p.À­ùă^ªV‰0|¡%ßBà
üŒŽ•AíS0'²-\T2§IïÜSÆR€
2sÀr½-m(Pô{®Ùg:ÛçÂ!Úñzmê©èyŽW¡&—UÉ{MÔÔdØÖáRoô™–Ž÷¤Z3Šî«ƒšë¢sî‹GÓPµ*§\	¿
U¯¤ZؽT-%îÁÚTº{ûEšà”|§ÑT¸-Ðõ®i¦y¥eq[^)~wW^™ÜÔ¥&Å•®n2É«pòÂ
s­»y	EÑfWuG©×
¥i"†]’%q¥È] ®?Æn0xŒÔsÆ*sÅ9Ž 'uޤ›È<õÊÀµ‹*
+»úÓ{R³oÂ/0ª3Q@þ86ƾ¥íà®=Éiàp¾J“G¾«QµÔh‘ÝÖ¨Œo
‡ãÖ³8Ï6
+-ØQÍ•
°Bq‡=KÀø}œiºçú@Ýö¥kQxƒ[�¯`LÊǺbñp¦ß°€úäÂû\ô^_y/¡jN¡ë»/¿ÿt³ÏeŤXôsÓ¼k¢ùŠ;®™‹ï«b0Yx
Éi~Ñãÿ	>´ã�¹í`^¡JòÐØ;6xÌœARðiëÜ‹8Kï*|ÊŸ^ꆋúSU7>ÐÚÁøV�+Ë0-­šfŠ'Od_§îû&_Ïob

+ƒt
�wj¥^ñl
x)oñ¼œë‰ëË

”q.ÖˆGbˆx|Î
+öG¸Á�¬+ÉcÒþˇ©¨ôI:Ea	»jÓn¨	fªÉøfqê-Ûåäˆ |¨Àjð€ÀÍ *E¼HZþ7bß. ê¯ï»�ü~ÿEfwdÿNø("nf¸ˆwíÜU(}]ê¶Mõ‚:¼Nî”;ÀA0š¾³äAÊ’JÝpiQ÷áÇ�yI2¯Ý¬…?	“S¹*ëný)°_ÑÝSkpþEŽÞÌæ$çÌŠªKþÍò6y¡yÿ›1è§ßèä:Öê/CsÎÂ|}Ž<•µëU´QÃN*,žT¨vTÞ4R‘«©"=nF%±�J‚œ©vÎ4¨ÁðÅ¡�ÌB5•5Çš»inÞy3x¾œ
ðÔsÔsŠ™�ß(–1,þ/ù›QuBñ›^%Dk{£yž’WÃÌÆ
ûøÞ?Ž4ìžpRwª\áZðÇzðÿÞF4˜sß`E›‰Xß—íj{éťáæx9S+¡Œå¢•�–÷}ÄDax»š[aY©þx'âÛ›À¢6Âø+rŽyJhŽÄ{©Üøìy¢¢ÖšÔäà¬0çÍ	TLòL?�-(‘ ù¸P¹lŽ­+s´Žn|ÆfTéÈ2›rÐR1¿8Y
à®oíhrn”ŠêwjmÁ[EÏ1îv™*>™Šy¥o¸Àý?u,t{Œ Ç‘Mªô«|>¸ü1…âïn7¦ŠùgÁéï�ûhÁÛþ
+endstream
+endobj
+385 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F4 26 0 R
+>>
+endobj
+383 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 385 0 R
+>>
+endobj
+388 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1173
+>>
+stream
+xÚ…VËŽÛ6Ý÷+¼Pˆñ!‘Ê®IfŠv 1ÐE&h9m#[®$Oâ¿ï½¼¤­±ìÉÆ4:÷uî!g˲Ùzæ‡ßgïîÅŒg¬ä³ÅjÆÍŒKVªÙâÓ×äãÆî×ÍS)ER¼Ÿ§JåÉÛopE&÷s#g‡Cçúy*´ÌTbøüÛâOWÅ,U%3Helžy™,6÷ßÝ˳I%™1³Ì|®i{ìQÎÛ®ª‡z·ó…L¶-5Iåpª’ïuÓÐF½›�<ãOû4‡#þ„H†+Æ9¸¦^7.FÆÛŽLTuç–Cs¤Ù÷�Û‘hÂ/ý;µ$3E45±”3
ýJËv»µ»Š€ëž»Ãî­Ïp*
/‡$C¹8•«Þõƒ³§]ѸÄ4lœž0w—~•Pn,¿¹ÿx÷é�ÅÄ9(ÑÉ;téCp·ß À翦À·XeF‘1
1ÅMþö	UyvµfZ1=þ±_ÿã–›všÏŒéH›v?ÔmÄDâèvö±qÕ[˜é2�Zå<©�U:q=Mwí@çí0¸í>L†6€y¦A‹ì;‡[ª„ôÌE‘äK)Tž
Éóq±Ö‡­£¯±²Z#æe ¹f1Ϋ1
+ͲH^ëaLˆµ‡Dæ†'w–êO{¶;[¥O+ˆ¿ªû}cqãèó"
°¢þ‡#®_Ú½ï8G„l;»„3}´à(`£˜Voîý[¶±+
 \HP°I\2.ü9PÀH•Ì©T0¶@‚Ž‚7/X cðû¶¯LÒ#Ó2œàT@ žJ)Š��÷¹ÆžÆåac2ØÿÆl€)±
]ÛîwN%¡úìùÿ•[ÙCÎ:¯Dp–˜m›ñqf‚zH/\—QBKþz”œ±ùN’È�*ù
+¶¬D®—¶iŽïCÚü|Ô{ü…–æÜ»«å5‘Ì"OuMWÆY{LòÔO`ÃÌÏTCž:À\òÄö¾k×�ÝÒûG”hú·©{ëcX¦:uµõj*ÏF`‡’­2(5+£Çu€:ìz7DIÖD4jòÎzêúâ½B™;è"“/.¤áTx!˜:)A5-g*këK¹<_¯7Š·½›VIx¢Þ¶
ß—1'Ó´–¬Œ»7JŒI-_$URRã-Q¦Í˜ª"Põ7<-2ìJ‡·½¢ÞnO‡B&x|µÀ‘Îýw¨ý‹¿½ú&*pñ³7¢¼¸`ßs�I9hn:±ò¯ˆ[Æ¥WÄ×T¿`²¼h·@¿�©“´P_Ȩx4Yâ>1vàÌÖRÜPdJ�ÆãÈ`ð|lš@P]Öð¬hÍê‘ÙKQãEyVŒëª&"'Ó‘�µVCCG­Åÿ¡› ÎÆ›<ïô'õ[}³yß6á†üRˆ§o6ɲx�¤)Õ0íAG–CêÝN£ÐOºô5ËÏï9#ĵƖٹÖg�Iœ€‹PtW 4V¾òQ!“‡¤wŽÌ|
-ñdÄ	`˜. 5§¯Ÿ=km3}Í{DÖ®©üaN¹[üò?òY
+endstream
+endobj
+389 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+387 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 389 0 R
+>>
+endobj
+392 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 98
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.ÑFšºFF¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kÃ
+endstream
+endobj
+393 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+391 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 393 0 R
+>>
+endobj
+396 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3105
+>>
+stream
+xÚ�Ërã6ò¾_¡‹kèŠÅ�øPö4“ÝIMª’Ö[[Iœ­ÐlqF"µ„8ÿýö$(ÊÎ\,°
4ýî†WIœ$«Çýü°zwûí{µJ“x“®nVi¹Ju¼1«Ûü}¿«Ž'Û_¯µVQñÝõÚ˜,ú±»G€Ž¾ïÚkUD§¾Û_¯U©
+•úú�Û¿}Ÿ®Ò"V„p
礫µÙÄ%á,®×Y®K‘�0Úc�’µÊãDÓæÛ]ã`[YF5=’€mãêÁ9+óO»êÄ£�tR¹‰ê�^]QãnàJ‰Švݵʣ'�ʾ'\ÜõŸü¢ªÝò®.üêw•Û1új¿ç	Ç3Ï´à=§/·ZË�€ÅiF7ªêÚ:ÇmN40ÑCU7ûæÔX�ü4±6Èf§ÚÄ9˨ˆÓKMý=A*@cS»‹ÜÕ€ªŒK
c0š9•{FE½}°=g^…�v–
Õ=‹·}–YáìÞÖ§æ3NÙ½LºSwä}w‘Œq¶ÝÞ]zF«#ûÅÖé
RÞ=ðï±ïh²ÍºW™)$+U¨Qæ
ü”Ñ`šÂɽuÃÁâ™ø
g6=oNÅOT"\Qñç¾"}Ã!^F]ÃøcÐ¥£·¼zp~³åØÔ Ï<iGV”gçOod$rGÞ?ÓÍXØ“¶|n*6ƪeM‘ãm_1£ËÈò‚†%h{À) 7�ûÆnYÙ>v²„Ó÷^‚0f!~÷ìNöðFК¶Úó׶ÇóÈ;6˜@› Åõ*–fqá
E�—‘ÛÙ=º�¼ˆ*ç:bfÝ{ÏW¬®&P×DÇEºJõBŸKäÏ?5§c·»
+þ:6,7»oZKBSчù‰ôÔ��Å?§ê~/4£
+"¨úÞNÌSyîÕ¦}ä•@¸
ÖM�Çy*çÓ®ñ$é|*ÏxØxÏÔñ̾
æ#O‹D.„P”
]]‡¦lâ2àÍÒØÁ‡‚$xAÝ ,¸~–©è?;ÛòâËàwªzrF­Än•{nk¼ü®ïÚnpÀ‚ÒD7¸¸DçÉ·.Ò¸˜9ºc/º*ºTñÊA”‹=6(Ýž-¼û$îpß°h¾[Ü}«—¢C~Oÿ€K)©,7Å‚	ëi=«cÓnÁ4Yn:Ï<
4¢H#¹x-tŸá€Qnb	0‘òÄZ’m>scLg\kSÆÚ‹³Ù^òÜÉF¦É/N˜3ðQNã3ÊH"^¡�“œtªâ¹˜B
ûÀkÌìsË@ÖG7aNÏ#œÂ)’¨Yi’è-š;‘`ã	6gdZA…„ââŠ?Hhï—ŸS«z{æ.ÙÒö€.ñžcL/šGÓ>ÒÀUë�â}ÌYŽØÀÎ)´ž,/ôJ›<6›×½('ÏW÷îDžš‚ºLwFÊ=„j9í¡ëyò£O¸‚†ÝëZ%I¬f}{]ªù	–-ᄆßr
+Aö`[%Ñ6�ƒJ Ëôy<ÁÕ§Ž}8è»a?8"êDf½¢äØòB?Tâ.àr)
+ƒƒ¶’KÖ&„Uüé]3lD€	BNÏ-÷=öÝp\`‘ÄékLS)£ŸìèD×=“ç�!ç$ä	èŸ@ž*´Ç»…y(Ên;gyxŽ¯|áJi–ÄYþÊ•t¬2?-˜ìÿæ\ÉÂ.½D1
Ÿsº˜qúëÉR`Æ|§)]L½­­d•âÅ6*ÖyÈ6Ï,�®ê·ëGÛ¢ö¡ÿR
+"\ó´"iP|¸aÌ€äÊ-ãkžMVü¯?|øùvA©6Häɳœ·�"ÀÐm11U³eJˆÍóü@gˆ¿Ì{X®Á";1†�~ )C¼ã´ç/rÒdéhÓ”iÀÁ‰U
+‡OÓp.F„¼ Æ<}]Œ&μ—Ü6wÈD�ª‡¾;x<-¢JoÜß
�âÛTÞbÁ]¨‡˜»9¸®YæÐÒwÊ<øë:DGÈÀÓè—–“=°Ÿ×-O×þt5•…”œo/¦õT0XfU[1St
ѪgÈSß G�_ÎQ£˜òò˜+ÁsÙãÚs	%%¢9%¢XãœÀOó3<IšI"þŸ“7‡A²£J.jó²�8CµÅè>(^0:+=Ýí퇟Šeôd˜wч‰•	1üòï%2�ÉÃPF@’—�<ÖEú¥+M•Ð
_fLñ¥Pà|UjìÐîǺ¿®†Ç…×_©9‰—íÖ��
+r*²L˜|x�¦í)7‹è‹“}iLé¬+ûÞFù®K?´­`ØP=ÉE0×
+/ôZ¨}’È|w�"ûå®ÈÔ�-	G�˜�0 ¡Š[ç�ïp�MDÁŠ‹9TGïšÃžÃR j)|•Ä&Ì×(¯OrP0®ÍÇz�.”²÷ÒcùïoK_®ÒGÚ7(ñT…½´õo¤…pÇ^î[1dæŽY³6Eœd¡fùl|”fÈ bcnÍÕˆY4×ñï(û>u"iŸýSeƒx{{úV6Ïl!6nPÊËL•ÈL^çþek÷zÏçkOäQ¡�,X\š‰Å5îšäˆ{ïÎû22Å¥ÓDa+‚üõ/™©YStý+
+Ϲï³X³H
&‰ÏLÌ/ϘÏÖú•g!ƒž¸„On^&£/weóI½3Çuíq�¥jpù‹dŠ¿7¬u\Ç‚yuDœm:uÂnçg‹pa·»ËåW&¥È†`ª¡h›ã°çÆ�I�O°‘H…
©¤Lµ/ES*änø°Á±®¥úbçDå9r‘…xÿ¸”q6¹é›‰Ó³ì0â,Ê
�¤:V¨–_Åé,ÿŸEëN6.‘
+;µ§ôá"¥e¶ 4á†-þ^ 4ÑLib˜ÒÄó7	³œî“a&âW,Øhò)VjöË^¾*¦–F@ž[ãzÑ2"<àá”w÷)5Xá{i«¦ˆ�þJŸ‹8€ÅÕ'ŠÙŽ?-%¥õI<ìÛØÝÒÔÝ]æ¶2Lï*ÇNÉaPm·
V¥•Pìš­ÌÌSA¿è¸Þø^282„32jʼè†[,fPÜh5Þ‹q8«vlÝZ’7J]¼Yb’Ò¸’\»]d
Ê·f)3Ë
+IÑ2j¿à÷Øèšz)<A­”¬à·öÑŽw	0C/s� å\
àÔ”Ê
+q?0 Þ0æ²`8·xŽ³K‘WgYœz5¸Zh
eH£ÈÙìÐèZÛ¡öO
+ºÈ♪±Cļo«ƒ}�“òŽ’_lž“œ'qáL» x{­�ÚÄ&ˆx
+±¸'k„˦àÖ’É/†µÍdŠWíE[ñ½A»+•ˆ
кç ÍÑí_<¤€å³ê««¿²GÄÁZ}™NãÔW�Wß|
2¯v#Crÿ°$êõÆËY—g^Çw—´´oté÷b$»à@£7å<y6’2[¥/ É’Ï+„ø”†�¬fÛr‚µ=ÃÖ¢Dq±Â¤†>Õµn®â¯8¯ü,…®6[¯8¾ K…‰óô5ƒS¡×ÅÔKžf]ÛñoUC@8VÄÖgqŠÒM&
+ÄÁÕØ7(jêWR+·î� ‘'JÎ�Ê_KƒÔ‚”@y£Š3Aª|lýz]W˜mÛÏM78þb©ÁJ´Äœ,Q…–¨ÄÙÙ¶&i¢é³‹Çá’uØä;nWë×µZHûÐ2¶1 •â‘±ž�ƒ*Øz*=ÑÄ]dãÇø†ŸˆÇw‰s.ÚŸç—_œtùÏMåfíï®ÏÏšË`ùÔ‚âõ‘…ŸKun¢;•'Õã#ñ–ø‡1Vù%%U”WÒo^�
+R¯Þ_ÏÜ¿ÜŸFí˜â‚öôÀ‰^âÝ”ª­_5éï¥øÞ¯Ãó–óD~r�ÁŒJÄ*,áš?¦@A)¦,ñ	²¢Wnü�›¡¥}á/J®•ïÎÁ ¥çÞ:G–°ŸaPƒÝc¸ƒµ8èrÝï|!a-ž!åñ~²ò¯8ä	§šÐSRÉO†ü¼kLôž^Dä�Ú~©ðíãæ%Ñ`z>ªÊUm—VYÄiÄÀ2þsD�y‰ìÏ‹·y›‚»¯./�”M})rNȲÞþíÿ‹ßD/
+endstream
+endobj
+397 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+395 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 397 0 R
+>>
+endobj
+400 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2450
+>>
+stream
+xڥYߓܶ
~ï_±/Íñf¼ŒH‘¢”—N7i2iâË“í™êv¹wj´ÒVÒúìþõP?våóuò´E‚ ðá Ý$2I6›ðóãæõÝ·?è�Jd¡6w‡�Ê7*•…Ùܽy'rs»Õ¹Î­x]ö�·Û4Můþà;ßì<>ñ�²¹ÕNœËúöÃÝÏ›-HU›­)d$üÖWÍ)´ø.øö‡t:+M¥¶›$,üó_@bX0SFkYðû›Wp^’ˆ¶!iãÇA*Zu4÷X6û°L‰µìyiK¿¨i&>ãƒÿnïiv׆顬VUEáZôCÇ“éŠþ:7²ÈYÁõ•’&Þï†V¬~5ô$u×� 6/µZÚ|³(ò@]5^Þn�1â§Y<(‡ž8uþ½¶î=µ½îÏ÷Qkœ>–Ãôè{žh;Þ?€½xoÃÞ«¼¢©Éá�?!
+à€�EÐ6#|×µ�ª+ƒ˜ÙªL¦Aï·ÕñTƒ©S“ˆ¦<’:0.ñ‡­�Ï» ÷áOçÞïi„¾Ã
÷Ý(¢ø7�$là~]{nöß�Ýl¾†;UÈLE੯ù-ÖÏôODÿ¹!Ø|>¢)
+<•]h2òŸ
ÛW—Iʲì£t&­™Cßäd6ƒ�&´BáO&]{¤	6…÷epýïdœ3Áj[ÍLK'«!ÚòXÕe>̵
+¸ÕÎdQL–×ùæú6‰ÌÕÜ PÕŸ�€I2Zîdê渧Û�0EP«šˆYo¸[ï@«…ÿϹúxk­(kOè ùpÝt-„U^Èıj÷/ô)­“Dfn†ù;2&„࣯k¦¢öe×ôlúãÑï«rð©xzô�ÿˆ×@K�&x™è[#(tËæ!D¯AB‚ýè"—‰¶Ý±¬ÑC)y(‹Q‹²Qlh÷�ɳtקTÚ©€sü-1�hÏ<8~O]
«]šm�'^É�|4ƒkfüA\
+‹÷ÂE�ñ\ú
Ü°&xã3¯êY‹²_jÕ´Q}RˆéúàU)MÀÂ$�‡$à¦Ü�Ãóp:hYMT«‡¾]
ŽÊe�³½ÿ*÷㧡
+é%·4‡'\Šv sŒ©ÞkѤ²ÙsUd¼”�—
+ß”÷µÇ ÐyÄÎ/™gú3yŸ´Å^!ˆÃQY¾ÀÉÃZ‰÷ "Â^kñÖïè‚8odJƒw0zëZøš”þ€ Õ�ÇÊ–`ÕûÛ�íñ×àI>dèÊ�@ü5YYD{¼ýéÇïÿþË›+›™TÚhÓÀå:þ“ß�s¯+¤µó»(¥‚=‰k‰LÈbU½§GÀ~0êÎ÷}LÐåÀ?A®'È�Í‹ŒriáD9>Ä>¾‚—¸Ÿf8°a.h3Çrïiæ	”ñ4	qӳ܎§ú¡=‘Û"ŒâÚ)¼c¢‚õc`Çý|
+Ü
+ÝsÉLO¸Žâ°FW§‘�³*:_ªB¯PßsE`Ï« +ri"톻­ðr¢cÆ¥T�|,?¬LC£±Ì@}¨ÌZú­šžÜ
´¶V]Œ#—Ù�¸	.�©œ=ªÈrÀ[*Ë=OMÎUì\5:W±KÕèR-žªá1poØÝð²Hn‘Â<Y=-’xqôn2æØ°'dr4OLHÊÒ$sQ@�eôˆžyøU,þö©xéV.#c©8›¾ƒ*ˆc/ɉ
+C"5èDnR%5u
NêÛ­Í´ø9$BgÅ÷ø)Ty]‹xeé¯0C²t!Ó,&u¼}žQ…‘I­ÇdoµïHB±ÚuàEN~wuˆqSÕ ¥üp…Ë- ×etž
+Ë~
˜)3D(D»VìtÍ>2£ê.È4³h€~)usÍBŽŽêÍNOáð˜|BrÈb.Ë.«BL.§Œ
+/«ÿ´ë±d…8pBÁ# ¿©S9-•žcñ‹…G±Ú5É$*w]*Zéb<ß 3@‹�ui
+p‘Õ/²D�	lÆû 
ýùtª«@‹©‹áBìÎ]çÇ�€Ê›ê1›Œ"�9X;JoëœáÜ5,™Š–`�Âb¡0Ï¡(“ÿzL©qMMÙf)À­*DwnèÅS 1œbuò±w¥¨°nÜDW´ù¬HÁkmǃI‹/¢Ël±V›Q}8ÊÅ£ÌB2Ø®ät}…Y(’óâÿõÔ\¹p—ÅÎŽº†ÌŒvŽl]a'ŠdKMüp]Ä„SDgý褆M"­»Ä0q0Ð×Ø�Ìì ¯ ½µËŒ-ô—Ìd‡‰}ò9ûþû(™ÆZ£h1Íü°H=&–´8Xc˜\O>xÖY ÁØÅ"Á,$O½$=—qp,GÛ…eiºqvÚÃ.t¸T€ Ë3·F
[¥SéÔEÓøŒÊ	2ñŒ	Š­bÁFź(–*¥Ed‚‚Ã&˜	2£˜	àÝÈÅȳ=#aÔ}¤Ü|¤�›¾…¤wªË�çñ¬‘wé´~2>Ffn)T`}Ó6[fÜ} åþ0ÁŒàbó‰þ˜±ËŒf$Ó¾êà“#‚1‰Šâ`
�ï˜`rÇ'À`I*°x$•+Â7Ž’ù9‰��à8r7¢#m>ÓLÉ%^¾gÌ0ÅŸ*®ö™Œ ï=m._š“ÌØß]VMÒ™w�…‹ŒÞ¬Ð•ù
+])k‘¨_‹"ûš±¨¦œµ­›S×øƒåö‚ò¿@afNaÏPö¥—ñL‡l?]�bìôMiöõªL‹�ᵞPjD+»`Èf¸.'­–®ø2תšñ…�îbYŒízv„å‘FuÕýÅ—Üç�L�쾞¿úŽâèë
ï|Ý
õ
Õø¡­ëß>ñ7`
M\‰|ÿÝu±<ÏUÛúºsø=šnÿK/³hyÖ|Ú’%SyWí¯¿‹€½"öIZÅ_“Ëý¾âïxŸvq/ä/üÚ· =K\½†j’Kç¨Þ6ÏÞìMÕ³Æ~Ñ-äÓ皶©Ã+{ñaÌ2FécQè}Ý¥wpfúÞµç/ãW-¨ÿ«†þ<XV\£G!ÅLÝXÆѯE]F¯}pûÕFÛUÝH¡S]­X°=½d“…�ž†J4¶D_F¤óH	³ŒåM¿‚¾0ƒùîÄÑ塇îÖ@áæ…9Ü»g/
+EÓÐU»xÙðypMƒ™­ÿg¡�}�yû?xêe·=;zó·»?ýö.
+endstream
+endobj
+401 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F8 61 0 R
+>>
+endobj
+399 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 401 0 R
+>>
+endobj
+404 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2630
+>>
+stream
+xÚ­ZK�㸾çWø5Ðâ’%JÙ[&»›Y d:Èag�¨Ýr[»²dHòôL~}ªX$E=Üí
rMQÅb=¿*zÇç»ç�yü´ûãÃw?Ê�଻‡ÃNä;‘°BíþôKôîXžÇª¿‹“DFúw±Riôs÷ˆIô®k癩ƾkîb™K­¢<½ûôðó.Õ,Íw±*Xnè¼?àôw?ª`Ø>ßqóú×îq8	U{Z0”ä,së
V¥:z®?ãÎU{�_ɨ»Œçˈïr»&�újûz?VOô{ììûöÐõ§r¬�{3Q>š­;G`<–v|18³ä[�gI²8A¾uVÁx±‹A°Bùƒ Ûn¤Áp9Ÿ›ºzº§Ÿã±Â�Š†±/vqw gÙ4ôw¥)G¯©803Jà°¡fR9
ĉ’–°J¢ÿ›I hÉ
+iÏY�B¦2ûú÷D¬;“‘žá@…YÒ/r&q­6�ËR» ¯ÎM¹¯Ú§4vöu¥‚L¢XoÐÈ?s{ºKûDtëvER%,uJÝw§S	k—ÔRΤ£Öõ+q’)–jRwjV•ýóåT‘·¬ž*–8©Ç#˜ÏISŠÀF¶LgëÚ§º}¦ùsß™9Ó@3Ï}w9ù<ôèŒyZŸÂ�æ­]GxhC°úRí/c5¬Î¨!D¼%&•1žzÂh‘q¢“3ÉœËa0'2V<®õQ0g“¡×›¥LÙuƒõ¡¾/}k‰+ n}¤úR;§3ÎÅV–‹T2
+º8ý­§Ã3€0AY�g™7q*Óè—Ø
+ªt+&{êçáì¬3ØNÁ.ŽùOŽT»"•€™d©örZ»p:Ù¹§´"$%¾…§%Œièx[4ãzá%!	Í„{}vfê á’é<´•IÒ±“ø«òFEÿÛÐ%ypQ™ÎÏFl¡¬{5¨Z“H²¨¤„*(;v‘§þ?)ãèèq;j	°*ŸÑŒü¯¦¾lRçF rf[àyäŒbNE¹(II0£à‚<΃δåiqóů˜õ×g�ɱ%×,¡²ö”a—<C’òÆ´ŸÓÙaU>gvæ *‹e˜…erïÂÞÂ0˜"çôž­ãËôBcù�å*+Àu!½²'(é±/‡*®Û¡j‡z´XßV¥£	¯( ÞÎÄpÙãWG‚fåÚÀ�_'Þÿôþ¯kfƒ%mæ18£§'ÎT„á-f¹‡à‚årÚd�Ò9Ë�
Ÿû
+
æËÇ»p…"1±ØÜ ¢;™¡%ƒŒ	›Uý÷
+ŒÏÍ_oš?X¦œTBy(ËX‘Í24"‚tâÆŽ`À¢Á|
y‹›| ±‹â>k†°2¼¯ŸÊGಯ,ÇMÂd=ØL¹Æa:0‹‡þñ—u.MXžFœ(]„•æôGk•‰Pè£�7@夣¸ÙÄ”i€)u€)5¡Ù�†„[u`'0F�ô§™$€s+b2dVXzªôëåXÙM7Î�˜‚è[Ná
-…H‡Ž–.‰â�s:

Ð÷ï’Âھ݃fu·øjyú$w¦Âm¡pïðõ“¯¼.‰Ï,Ž¢±/G`lLƒëè¿Uß±Í,çQ­�\¸ÃPv*½{
;��Ä¡8nx‚ß¹‘”�hv 2…Y@îŠfª%Ä.g‰%)B£å©qj`pÑíi|*;|%1òÌ}äí¦® ¤Œ0!CXI/—mæÉ$;˜5†¹’ó,Œ ê>ÕmiªW\áR1¾+éA¢ù‰qJ³ÐkWøm}OÔÖZÙµµ¸Ò5U9Øa×V4˜b£Œ^��Ò$ä"düpiš¯v©>T'ö4Ývmlö7¿hO�kžUß»…VûK?؉ޯ
x·µ´ÙëóB³¦~¢ŒèÃ"üÛ=Ô~†±ª·UòsbßÂÂ~¢ýRZÃ]Á~óæ
+E¤þ€Çù+ðX*&\aŒmAX„ÂiÈò¿îÐâ�m™R$IÔ
ý$D˜C¹ipEÝ<Ñü ‚
°³+Â7UéÀɊµÉ4(F¶a›Ì^ƒm9Ó2„‰À
+AÕ§W)¬˜Ò˜z˜B$â"ˆkƯ8ÕÌ8˜Ð…â\ø(ÀŸ´q>\Ö�×åÜÕæy[mƒ
�"‘4O)ëá·À¯�(L(ð�u
fÙ¨HmkÉG$m”V¹ÒÒst±ÆROlZ�ÁœSé8-”å;^î“°%Bq­¯Ö‘iž/]óB
‡Þ&7
+; …½
ÓYd“ÜÇdÊøÅêLJº„(çœÃbàüž OéÚE6UËIÅê|:ZDT);Æ*Ël2½­––1&Knª�
+,Nia»UÂû×|¦`ÒcU·	9ó†d/PT{�ò™@mœž!ϱjÛýPtÏ«U‚¬•$³–'…n	©o	×Oõн´Û
Û¾³M‘²÷ý‘ã§kq\pˆ.Å7ò+‘L6�ľ²û¢TeºV*ˆ�+¥b£NÝh™\à÷¾:uè
ŸÄ��«èÐw'*¬¾ Ì+�.Ó…P×-*Ô÷‡ésR±*˜În/	Žo�iŹÏåŠs|†aA	íº¥œbR¸ÒE8 èI¸œD€¯=#CàÞe©ñèTö¿™ƒ", ÅtîàLåsÓ.ÇuÖ†BBOÕןÿù÷­¾‡¿U0ÊË”­ë²Ôã*ü•àÏœò2eã1Ìh¾1nHs}µ¯¬ð,ùrͧî6®1€ŒñP]lÝ’líµ}Ø9¹R¦Û
+WÍ+\˜É\˜V>¼’=;Ã^Û¡P.�Çå›5Òíúk¤d1É"îo!6]�(ï£á�Òë.Ó‘â•Ë»ô¥ïÉYýaëõLqrR0Õ¶[i'ÍÑ[ùM Ç_yv‹<dW	gk°ÏZ<¹˜¾¾AÖ@Û‹è�ª²µ[‹‡©¹+ÛOz»=ÔŒJÛ²ñ̬„÷=z|
û¬ùVYp#ö¦Z‘†ãǾ}†?Êu¶Ï§æî[áÜß”zÔ”G†°òלƒc€¬/'FLÓžý¥5×!$H�<[`Åáõ$›ØÖ#äAÛ1²l:{isëa#J“TÃÖúÅÞ¸p¢¦ëOº€ò•Ý€â{\`ƒaPÐØË$3½ˆwxºöß4e*hd¾ûÛF»T%S©áko‘çÁq»¶ ŒO­þøð†­®ÈH<S)›x_Hlô77Ç.¨:éU65R%\–WÊNdÓµqIošî¹v 1[UH_¤dÊ—£#N‘(
4þ'ˆ´t7Ü"ç÷4±ÙQÖ|ºÓpwnË[âT.û§³Ô…7w|V½_%ðx©›±&‰Šè©[±¼¯ÎãÆ_4Ë““š
+]7veš^Ôi¾2&¥Ð¤¾Z�›ÞÓ`o,mûÉ*rê`&Éëe¶ÈõTG_¹v¦Íl§îwÿ
6¢ý
+endstream
+endobj
+405 0 obj
+<<
+/F2 13 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F9 84 0 R
+>>
+endobj
+403 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 405 0 R
+>>
+endobj
+408 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1087
+>>
+stream
+xÚ�VA¯Û6¾ïWø2TÕ’,ÙÆÚ­Ã
+ì²»ô­ã(‰Ç,»}ïß�¥<¿&v²HQÔGò#å¬àE‘³ðù-{»}ó^f¢à�ȶ‡LÔ™P¼)³í/Ymò�¬e­ÙÛÖŸò�RŠýiv²CgQ,Ùí�ËŠ-mŸÚ~xó^d¢äªDW¸Ad›²áuðVq•o´‘ìøƒÃ•fïÆ!W›§±GEÉþÎÅÚɵ»Þzr¨ž±‘?ÙpIÛe?OÖ/gK¶«8tÅu�m A±lOÎÃ%eɾæZ§KHÓ�!ÄmN#*¾¡ Ø|
+všù“í{2ptÂNm7Ç3ßÜ|¢ÕõÀâíDªvØ“êŸ|ºÔ„Ky¾)+Ã~?`YA°u€=l!v¹‚
ûèüwáÊ
WŠy7ÉBArœödãÝù’vºñ|L>Ú
ôq™I˜ìÞM¶›Ý8Dçídï ›l;[t­k=};ðéö �òaœhÊtAŸ$�‡x0È1@NZHæ²´=
ÛHé¢ÏaŒGÏÝÎ7ç²fO·Û¾�…„}»ÿ	†9¸[6¡Lè[çÐ7ªÎ#ip¡áj¢Q(jðþŽndÔQõ£[²÷ótÝžÆÓ„
+€¼F ©hhŠgV色çÑcI$–¤³D¸þ	5P’®³Þ‡ôˈLID
+ªˆ‘o{(¨Ý‡¤
+L*é‡öW¡ðmÉ�ŸÇKK¸QK�Ô¦�š7)O½dçeCu+RWeâ	½¢z¡p
+Íæ‘4~n§™–nFìJc“DoÉïwýŒÆqÇÛx:9¼B fê—;¼þr3w/Øà¦}„~¿6²æ&Y¼Â¨M¯‚i—XÖËåÒ»&H�¿K¨±ìÜÎ*N$^ÏÇÁ*Ô¶Úä˜jT³ä�h`$ÁìŸ�ïUà;F	­Ì�YŒò#bÂ…¹»Â¡K¡ùeƒ¹™¶‚ë	Mœ^€ëç€4XKÈ\¬³ÀÚtl·ö�‡Ò!G!ƺäº\—mK’†Ÿ—IC
ÍS5Ô¨ºMƒ†ëæå¡Ly@_ÅŠiA¼L#Ný¯n�#5‡e³¶í
‰ˆãq\<‰�ŸŸ05êå\Ë;¨¥ä¦Žp~üù­¼Ôk´4H‚Y½òbx�¼¸ý­—’›Ä� ”%OÑBBÅ->†·Wïžß\‚¿®óŸ^c›+vi�ÑQ­r,P­Bï£*ðÈüÒO=›Js#_P=>º&Î
+¨’´L$-«51ËeagÕ¥°³£¡H[-}.“}�ºz$‹@δi¾ïRØ€¿ò´‰¼Å&Õ·Ó”:4Ð¥JtÁ‡ò]ð·lEC;©ôëÿiw(ÝH®ebÇ-•y¥ž¹�¾îrC#ÒÿæFÁEâÑýºýá_ ½¾°
+endstream
+endobj
+409 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+407 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 409 0 R
+>>
+endobj
+414 0 obj
+<<
+/Encoding 27 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F11
+/FontDescriptor 413 0 R
+/BaseFont/DCVQUL+CMSY9
+/FirstChar 33
+/LastChar 196
+/Widths[1027.8 513.9 513.9 1027.8 1027.8 1027.8 799.4 1027.8 1027.8 628.1 628.1 1027.8
+1027.8 1027.8 799.4 279.3 1027.8 685.2 685.2 913.6 913.6 0 0 571 571 685.2 513.9
+742.3 742.3 799.4 799.4 628.1 821.1 673.6 542.6 793.8 542.4 736.3 610.9 871 562.7
+696.6 782.2 707.9 1229.2 842.1 816.3 716.8 839.3 873.9 622.4 563.2 642.3 632.1 1017.5
+732.4 685 742 685.2 685.2 685.2 685.2 685.2 628.1 628.1 456.8 456.8 456.8 456.8 513.9
+513.9 399.7 399.7 285.5 513.9 513.9 628.1 513.9 285.5 856.5 770.7 856.5 428.2 685.2
+685.2 799.4 799.4 456.8 456.8 456.8 628.1 799.4 799.4 799.4 799.4 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 799.4 285.5 799.4 513.9 799.4 513.9
+799.4 799.4 799.4 799.4 0 0 799.4 799.4 799.4 1027.8 513.9 513.9 799.4 799.4 799.4
+799.4 799.4 799.4 799.4 799.4 799.4 799.4 799.4 799.4 1027.8 1027.8 799.4 799.4 1027.8
+799.4]
+>>
+endobj
+417 0 obj
+<<
+/Encoding 7 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F12
+/FontDescriptor 416 0 R
+/BaseFont/PGNXGT+CMR8
+/FirstChar 33
+/LastChar 196
+/Widths[295.1 531.3 885.4 531.3 885.4 826.4 295.1 413.2 413.2 531.3 826.4 295.1 354.2
+295.1 531.3 531.3 531.3 531.3 531.3 531.3 531.3 531.3 531.3 531.3 531.3 295.1 295.1
+295.1 826.4 501.7 501.7 826.4 795.8 752.1 767.4 811.1 722.6 693.1 833.5 795.8 382.6
+545.5 825.4 663.6 972.9 795.8 826.4 722.6 826.4 781.6 590.3 767.4 795.8 795.8 1091
+795.8 795.8 649.3 295.1 531.3 295.1 531.3 295.1 295.1 531.3 590.3 472.2 590.3 472.2
+324.7 531.3 590.3 295.1 324.7 560.8 295.1 885.4 590.3 531.3 590.3 560.8 414.1 419.1
+413.2 590.3 560.8 767.4 560.8 560.8 472.2 531.3 1062.5 531.3 531.3 531.3 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 663.6 885.4 826.4 736.8
+708.3 795.8 767.4 826.4 767.4 826.4 0 0 767.4 619.8 590.3 590.3 885.4 885.4 295.1
+324.7 531.3 531.3 531.3 531.3 531.3 795.8 472.2 531.3 767.4 826.4 531.3 958.7 1076.8
+826.4 295.1 531.3]
+>>
+endobj
+418 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3679
+>>
+stream
+xÚµZK“㶾çWèfNÕŠ&^‘œ¼ãÙÔ&ërÊ;9¤<®2WâÌÐ#‘*’òxÿ½û
€”Djí¤r5šè�~
«,ͲÕÓŠ~þ¾z{ÿõ;¹YêÄêþq%Š•P©Ó«ûoLnŸËÃPu7k¥dRüõf­µInÛý¾l¶8¨’uSqën[uót³–J")ìÍO÷ÿøú�X	›Jb½†/ŠÕZ»´ îÅÍÚärÂÏšÀZ�q™.PãêÖ²H­!6÷Ïu+S.ÙÜH›„%kU$Ûªßtõ'XS‘Tžhx®¸ñ©ìë
7«r8v�¢})éëÅøu©Š4Ó«Œ¾üÔ/–'M*rÿÿ&H†kÙ‘dÈ·
+Ha§npÑ°âÇrS¥Èd³E*@FØá7"p’…òœd!GN8Œ(àà¡kodžüZo+š ’Oø‰Ïü/‰�ä?Tåvä´«?ue÷ùšo`ÄÉäõ¹f<™sWɱ¯ü2¦\ûêWìU]¹còmý M^uUƒkH.Þ~Š7úÔ•ûþ
ëWÝlvÇ-‰£”NÞ–ýsuH§JOtH‰T+V¢T°½onT– ü~·ÇÍP·
«ÒÐþYåriÐ-¯Ý�ín×¢ˆ¯~�*9”]	ë?<÷Ü?Q6xºNšv(ýzTÀ�Zþ¿« ~ëÃñB€~îA"nö¬@˜§*Ÿ¬/„«ß–Æ�Òh“ÖëâíúåRWE*Âÿ¸¿È¨µàVI#6ùù¶åuuínýϯüŸ�§:?b´^•
²+7lErCÚ‰´°AP½>WÍ8‘w\¬ŠÔå¸H¥\ªáD¥|ž	„»{x]i-S¥‘J»ÚÃ@æ%ôw«�dà„\ÙÔY%ÎÕqÄóe‰'X*5åIýÈs\#H‡6µÌ³¾@{­Áf):ÆøïÒ³*Ô^�P¢~À!Üy‚*N¶#jJîÙÈÈf[yF¬5^±Qs¦šm²EÍ1^1¾›Sh¸©â¯8Ú±âÀÈÏßUCÉ=ÖhŒcYcpa5çìÎ5¨¼Æh7NÄo±õ,È6Lì̳ÉCR?rë3·Gî<—Ø#ÆgFÚ¦z¸á&‰(äˆ)Z,
Ìé­ÌLš©%½•à'¬Rfàl%è˜TøGèÏèmœ
»Pè9½)dª‹	OîÏè­CW8æ©õ‚Þæ©+Ðîês0³LT5piÖ«ÀB{B'[À³D²+½ÙØÁ¾žÃ'
+G:¶pìaá6ŸÀç�è2|qÆß7nŠ"¹_à@œA‡ÿ*ˆ—‡��,l~Ï/9Ò<ŧ£-»m� J—|OäÅ
³y­‡g¦ÈM¡&·‘'Ú‡ž{WQ—V"^KJë:�Ô¦YØ(”/öç”6Ì�
+w3 îÎQéLš«	gîÏ ŽÊ1gãU×ÊQuÀñËÝî3#6´ŒWÈ¡­Á±‚&naHhòÑƘÀ¥ Ù$(벡ÒKv7h´�5Ö`ØB+žÁÕ’N+Êû•U£(„f`
l*Ô²**ˆ”‹¶40ƒ)R é”
+€[Òd‹‘Ø:ŠB1�î	»êqàƒ‰-:ñ�:<U
†ˆ¸DPyJ
+ƒà÷5µí^°§Ø�ÀhÉ?Þš@+8¼B'x:,›œ]. ñ(A×3�]Ëuô
+ìã”ëÀ�tú‘õôH¡‹?}0ª¤žZN&n¯mN¢1íê§gŽÆ)Û—>€ÇN¹ë[¦XèlÚâxûÉ‘ÖOöJÞ“¶
+§ûȯd"¿Uy>1ü@Õv<ˆ_Îׯ~/�œûv_Íf-Ÿ^Œ}ö>PÀÜÃVÝŽ„úã?÷Ì4¥��JŽª ±:°)í}œ5	Ê$„ý��¾«ƒþ�Ífã£õª�D.ýu©iÔõ­
+d}1ö�˜¥¶<I<>!Á‘’W¤…u]xL–Ð.ê;F¯xúÁÂh»E‘£»
+3êg8TÚEmdwMóÀœ�)| œÕ²í†èüRÙáÌc‚j,iBQ6^°wá
+:êËm~„ÓMàŒÜUàÎy2Ђã¶Þ@rKgMX�çÿ2ÄôÉo›u.ÑkƒOðÑ.wØ
+’â ѧàþÁ@NÔìb{-„rÉ5&I è9žˆý`q¹‹sÛ¦8‰»�Lï>Þ.°uuk–æbJD¥`¶FM7×N7’³Ñ1à]?\fãEZŸfà¶äšCnDm ἂY¡ÒÌ,A¦¤F@GÈ„h×!‹SFÈ^˜À"ÓEÀ�b°	p´'A8z=a’»¹
+œ%AÊ
‘8�Ôþ÷¥áÂEÃÊ«`¬�*/œ
+úœž ¯ÒPäÚÃ!yü<W,1"-¤§šz`ûìb/2MÑ	FUdŽÀg*æô•g¨v§˜Ã>XûF–~`ÎeÚ> €0³XôºR^æ?{p¾I@ž§Ö˜ùÔÚ¦FÇÜz®,v\ç“ìZké³kí£"üåìzZ›yùŠi¹ä¨ÕeùSû’6Ø)ÆL'ò™6Ryãt®kŒ-õT‰ÎÔÄ�ª‰ºR…‚ä
Ô?óŠM��fvZçzg]ggl±p×6o0)R§eG�EçÝsï4©Ç�¾î˜U84Þ”{¬¯­sã’�lCaĆÂU*‹^˜¨ªzѼ(M‰3Ľi†ê¨D×.Ì™—0 óøoï>,°5d&ly`ÎÀ ;ÏÖè?d`.…µi¾,jž“—E-$ž§k¢†)£¨Îg¤	¢¶Ë¢…°_Õý×¢ºÓø(©ÜIýŒQÐï¾�gäŒLåDŠÌþ·TK0{S95{�e9ÃŒQÎ�ÿº�gåL—å
+™ÿ�ûIµ4ó�Þú;£ó”)Ø©±3WÓ`âÜ7ôÃÝý,;P_«;î̪,ß\cœp}'},ÖÏEvþ¢Z.Ðq/¤A’?rBH"ä5QÄQÖ{L¾y;Ï7ø.Êì ˆ_�™2åQf0ØêC"8°ƒ¬Ÿ²3l€Yß÷ÕŽ�AÏt\#Æû*´ê&Ðמ
+]´‡30DeœTÜB€åxœø€l} ÓWø±
+wO.OŠTaÃ&?Žn8þž¸bë]½«~B‡†…ÔòÉÿﲇtH�{bÒˆC>iì¸wQäá]I‰è¦¹楆àåÖb¡üâÞY‘*
+ŠsKñ«˜3pqJ‘Jµ`á"�K‹â„-
Ì�‹œâ °?,Åfn&4£$Nc]~950‹¶KÖO,�(ø"ð2ãŒÂíú—%®„Èu	ƒPZ¾ŠÁeiùµÆéÈIDÇ#\
‚‡5WYäY0ˆÙ…ÎfkjÂ	ܶ¥ú0X4Å
+ODî/ òq`Θ†)ÀX-™ÓH£ØE¶<0—„)�Ë0ôYRŒ../6�±6&Õ˜¼#lWËçΗyBƒuÅ•ªq,£§LЩ†c×,pE΋©<@ø‡
š-9¥r9¿†ÄÈåy!ÐF'~MÞ0e”÷ò‡ï#˜‘#óE‘‘"SNä†5 ‰=e{祟“›óWã£é-H~´0ñ	ÖÐ�²–ì@æ^'(~� ˆÏ÷�UAÀm�—¹lNžK²'ã·%È/–áC}Õ÷ä¡�j¬EÚX€Šå*àV{º’»»6|Æ¿�]– _eoJ÷'
ݳXÏDM;Ô?ax.‡ÐòȆêl¨
+A|bB)oË=Úøõ·¿Æ/[|�'ûºï½»]Mp÷aÂxšÎ¯_¨ó„PåþjZO®‰
_Es¾¸À…<ò¯éÓsï‘�ʤTÍê$õá¸+ùÍŽ’¡6/ýû
hY.PËɶ(IÛ’ó¶älˆ`s=}�É°‚½-O_¨ÈüŒEËô¿{?
þ-Ræ>´�§JÐît×
T¥Æ9 åÆ{Öð,gܼñÓYÁŸ†ß®:—#7øð/Ø\8É/mWÁúÂ0Aœ�ÎÑ^ÓMsžü»gY™MïÅWQ8v†®ìUÿ³x_Àõ
¶î™?²9výÅ.²há5Ó‚
+v|õÿmªŠÔÁâ¥F×qHˆ‹(¬Ç-x‘Á~ºi ãÖWÝؾ¬þ¨Mþ2îXÀ0V¢’7oη…50<œ ÀÕ—]ÔɤÝìéödËd|­Œ-Á'	ÿ7|Cw¤¯÷¾Ùü à²`Ng9èÂûtZK¨TkvŽ¢?0=„)J„·<—ÑC¤‘xñ?aËsуãäÃ@aÝ®Èæ.ùŸˆ {üåÈ�=2AP=Éx	�Ò“�WÏà0ÕIɶ"
rŠÕÁ…—fNKèüÛ2§öBà�ýâM¿P1 `ÑgíWÂäTpðsåÙ0E³×›Û‹‘Æ ž°å�¹­1©É‘"¾JýÒ^ü�‹ƒ•ø‹ºš”ÜÉ‘¿—
+¼Í;ðMôºê	ÜøŽ
+éóûR{xÒCSïÎÄY àM
+¿ë‚cU7g»Ø°…Ø
Â7ÆÒâ“4;„'�§ÑÃ[>Åøº±Ç§„JÔå®ÿr�ÕUi0ÞÒu‚‘ì´MÄ.Ÿ^rò˜�2Z?‘îÍŒ
+fBæE´8|`ÂlO7þéÐÙ–ÇÎÞ†á×ʃ/Ö–]FD“G¸˜`3¡·Âäüæ $ÿ�ÇWjÖß/-Ί®Ã¿z„¡¶ñtá]ÎmÏxð<°§€Drno¦®šc—3˜p´œõF\BÅßx�Ì”ä;Hÿê”nRG€ÿ!:œ?¾S2>PýäË
+<z<øKt~®GG6>zU^ŒÑßog¾’zñ—ß
á@@1
+endstream
+endobj
+419 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F9 84 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F7 41 0 R
+/F4 26 0 R
+>>
+endobj
+411 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 419 0 R
+>>
+endobj
+422 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2124
+>>
+stream
+xÚ­X[oä¶~ï¯Ð[5€‡R%=f7Ùv‹lQ$.‚ [´òˆöÖH†¤‰ãßs£.3¯·É“(^Î�ß9‡ÁNívÁC@Ÿ¿ïn¿ù`½S¹nï�:RyÜ~÷¯0Ë6[“™,	ßýa³�¢(üÑÝ»Î5{‡¿qø©h6&
OE½ù÷íß«<
+¶q®2¢ðS{tCut=îÎÂÜÛžð'
�þ½ÈOÕc×'`iCÇûþìqåPtÅ~pÝ�,5%švÕ^¸®k;žHÒ¡ª™ãB–ÉòëÆdÌöÍ¥)I¹-jÃ'Rš
Ô»_ñœë
+$ªmØcd§S:…îÕfƒ^ÅÀ'öEïP%³C‰,K¤˜÷[ÉJ(0B9¾ù�Oþ2qªìHœ÷Û;Þ0s¨Ù)ÉúÐ2Ïc+Ú¦¤-pc{¡Ô§®oEÞžN‹µ»DV4?ÙÄØLéœ�’0—ƒk8Vöm×¹ýÀ‘"ö&gòwñH iâ8üöìôŒ3EWö7¼m2	ü°I€.ÊogÞ2ÞßÑ$?p$ùan\쪇žøÐs5.å‘Š’Ñ ÷Õ©‚KÂëŠmå‰JйŠ4-üÌ6Hæa–Ø°(1hˆO÷ÛÀë•ìc!¼	eY˸½çoÁŸºj(Vl¼$û\Õ5ïï@2ÆX’.ïOÏgÈ8s¾lŒ·óXg·’,:öÑ�ÌB%—ÉäŸNýÁ•<;sS÷gœŠ$¦¸ü�cøÅa×Rx·G^¼÷dG^b/šâ›“ÌLtñÏBfª¦wÝàJºyyøCÅŸ+¼o¨" ž+øL>‹µž(ãOéj78GwˆŒ¡;TC´t�=l–äjÎ@€	¢	'&ËÓ:z…"�ÉÐ8C×µ¦IÆ¥»‚?‚ÑMœGçág“¤)8ƸÃ/qÁÁ]]4�<쟊½Ìî;WèOÚ"€M4ý¹Îy8Á¯yuXPGË¡'E¾å-5">­]l¾#-qäúÞ	lu¿ê6°µ+«¡jäîû;/‘#
+`Xò(R5O'Y‹ŋ÷m]“:ϽºÀ±³‰T–_Ü$E,`|øÔ.ÓŠ=#"5¶æq²Â˜‰n�QÑU`z�1˜Éƒëxkd*·ÞZ±Ò„™Á÷·à‰8xÆCЗ(«ƒce*ÖãüD†6AªòTRÛ•p°~÷ýkÍ.F )ÊÿHq’0J=E	ÿêÂ6©2ÝÇë1çZB<E6ðÎT´ZEÙLÇ<ÿ‚Žr`¦ä;ô{>òÕZ£>ê+Ô¯ë›g_Ôc42tM¼•Æ	qázY;Oš˜ôùnðŠÎ“í›Âµ|5\ß*Ü©)]×"®KrÉý]%Âè�Ã2ž’C®|¤üñe™„v»(DâR¢°X‰¿ÆlÿY«ç2#fóq<£!q,ÇcÎï·§K:Çð¨ï?›u°VµPoÑ8š°~öíñõÀy'á/›Ìp¶VJ4œ„Õ&6�È2!6½ðfEK h6%l„÷ñ‰k`†ÿyžC#Ÿ9}ÄæÏUOœ¥›’eOõð;–èÃTƒF
æƇSWUÛ`�•±Ã.p"ËÕ.¿f—«¤€v¿G(Ï3J2±
+‡r$NÈ3¯cÅ´›ÊþžXAê˜~¢¯Â£M&xäBé…
u'�Y¯wÈGðõÅÍ‘S³,7ÙÀ~¿˜ýe´�ÇŸàŒ5Œ3Öß%;@8æ¾OV/¼c’k®Ñ †–K6��¶pÆÿÏL'Àåv=U�{ìN¥3¢ô»âm�ÐÌ”µW½‘DkÞ°Z€Ú·ü°°×JÁÁr^Ú–ºŠîÓㆺïhÒ`¦8šûk
Óç½Ñ�ô\…´Ä„€\{Åtú¼‘P@üƒëI“,°KyÍPFÀ,PúGW”Ði‚ÅR´ƒb)Ò€5Pn—Â<ß3Òõ—Šrw�QØ‹·T»fP
sg°è°ñe(îj¦à³~ßUr±zžüùcKe1LÝ}µçI‰�~èZöB”š!Ü16Ê8Ý8ªØ3î.q¹íJ4/©@)Zþ÷Ð~½ë3ÙNäKs_5ã£ï6Î(	t¼eêôMš!¶N­YSáÓÑ
žÏ¡l|C
§äé	ï½Ùia|›a[Ii¾\ÃÛ¡«&}SéjxªB$?ëbÿ²’6
¯¿¢,ûü´Uù^?ûå•Äþåe‰ñÛ˜”¢Õ
+]Ãòð=†i°ÂDÔ‚dá'ְϱ±2W oܘ̩òÄúÁ>YúZ.Odˆ~¢Xnÿ:zaH´<5$»°o�25ÅþqC¤/åÜOÿžFW<UeýÂÓþÆR3‹cŽÒÑNÙÅmë�…/»ÂbµÚÍ®6gy3X쇢;k['8\b¥xt_Ù"^Hášò÷Éðé÷·©hPL²Êó�ãa±�`ŽÉT½�<r
ØöîLÈ›ò†D¼¦eõP
ý›Tû[ÿ¹~æ\ü79¶~•óûÚÝYž„„péS²{¢ŽÈŽÑò
µsÍì•ô¼‘™¿­´OR}dž*Èéü]"Mºü r¡Yx‘¾œÐêhßêgæļÅÊ"Tp¢`v‹’‚R�†x©ê˪FƒÙbÏáÓ$
|&g‚aLøq`Áªž¿²«n}dÎ^ÒÓy¢¢ÔéyJK
Œ_wMæwAmPóÒ²Z`qq¾•vJ2ÇG™XvñL‰»Ùd´|t†)ö$_Czõ‘O�iøŠA6ùÓÿ_²¦

+endstream
+endobj
+423 0 obj
+<<
+/F2 13 0 R
+/F9 84 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F1 10 0 R
+>>
+endobj
+421 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 423 0 R
+>>
+endobj
+426 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2560
+>>
+stream
+xÚ�YY�ÛF~ß_¡·¡€!Í>H6wŸ²Ž½Gb,�ëÌ‘8#îH¤@Ržèߧ®&›’Æð‹Øguu_W•Vi’¦«ç}þ±úûû�z¥Ò¤T«‡§•r+e’Ò®~üoô~WǺ_ÇÆèÈýu[›Eï»Ã¡j·8h¢Ÿ›¶æÖ‡m36íó:ÖF9¹rý¿‡¿û¨�\Z"éNT«Ø–‰#ê.щYÇY®£_êj»gREýÔì÷D
+;rÜÀälÀ©E6c£’²$z~-®dŠ$Ó«”ÖŒõ#\#-£C]µ7Ǿ*�¶õ¾kÛÕ<8ïx껃Œídò|M]F�§qIm¨Öºˆ¾®µ‹du#+hâ*œ=㨋žºž7î+’9®<
@3�Ø|ƒ0UF79
§j¿?£�lôˆÄÎW"ÊLbr¹ù™Îk_nIÈêD;Y÷9êë¸i‡ºGu~^ã
†X§ƒª
Òy‘Ñv­sº0öH*¸¥’ bs öåýi¼ãq¶h|9VÃXûÑ^¶:ßêëMÝâ9#_¾Ì’܆—ÿÕ?w-ÉÍ úpǃ“�~9#‹pï»î‚ÔÄn”Kû×8óoØÁ°é›ãØðÚ¡A_´`3»€=ŸžwÕÈ-Ì[Ã�œ
Öt?×òJb±;a'�6•ú®D¦ƒK†Ɇ¶UB˜4
+ÛHDþV“ˆ„Ž‰žë‘å#÷3bÒØ"uæ¤N ØÈŽŠ×o›Ï:ËëÞ«‚Ö|ŽX^Ý°n¨5Ù	÷ÕFN!3Nn‹ü7º»Î²éбhî<Zñ%Ç-‘8ˆNâ8Ì7ÁV3ðwòº"ª·Lµiù[]ù‡¶Y¢¼áãaqÿ€èRV%è£.ú¡e�#ÂÔ>ЗQiprÏÌtOž{ð§Íil˜/Ö˜.‹Ä*V™�8@3²—àa€ŠH—°ü¡�Ûê-OŠjqºÅïê­Í‚
u~W%^ÅþÊYSü…{�,ö~ÏÝÅ60e‹'VQL¹�v|YFþÙ8Y±d×3ЋñÛv#7äA@¥Y¬´Èbó7la
LV@-¾]hWxÈ$!ÔIËߊ?ǾþÚt§��)�^å¼í%#Ì#šxÍ×uÈÒì«Ç½¨ôòš„Œèf³+›ÈéV0$€Uï9÷ÜöZ2!Jh
MôB=YŠ8
âÛÕâ¢Ä7=🵧@w
+áaßdj0µñop¸†Ä*[RB®SήãqI›DsH¿\ùW´÷¯ŸØ2f|	áŠ_à³›S
žÁ#ɽåfRÉ„^µ)ø²ÁÌ$½å�˜ÛX«Ä±Û~Š·ßq%íœð¯�„ØðìÒ`·˜tÌŽ�\l›¯�K)œèzBÈ[Òhd§˜à(¡4	�ygŽ;Ú‘/¸ ß
!ê-i™¨-Ù‰Äk¢ßÖNc7|ÕºS»­ú¦Ó›­ÙSÃ7Eæ?Õ
2	ÏÄ–'ø'ЀP¢|È÷)~ºR�*ULˆ~¥bvn©c	gÕÊ%eN4FdiÂv$«4ðº2Úf@ ÈS®+zó©¿_ýJq7ðX$eA,Ë!›"Š?~øù6Mg‘ƒ™&÷'š3‡°€7hºÐl®$¡óDD.»p¿lòµÌ+%\+ƪ¹É6±Ü@VšG¦q/zi4²óÂJ¶Òpçp/@~œ_Z)ƒ›ðdµ"žðË!;4<àcO‡¶Z¤E`«V§×¶Š;ÈVÙVinðSd«Ød[ÅÖ#!õ•±-ÿ?Þ´U÷¶­6)ŠÐTßǯ߃°V{[ïw04©Ø
+T†“³èpøu׌õp„x½ÐðØ72Å_½ˆ Ù,EÈíM��R•7œ-{ËÙ ýÂ-6Úb¦žasÈ1}ÿ†·M;ѽénóJ`gªÜ¿åo°ÀSM³7œ4)8LÈø:4nªÓP_<oÞ>¿
ž^ÈüЃ©%y<¸üÐ[UP+øÝuì^ÐÉPÉ—QqáЗYã5n8ÄIªwr‚äÊ@vN,°×ðKÕÉ‘¼<óy¢S&ú}íŒÏNiΧçY.ûrˆBŽtTrH‡1–$¼À.² 9“ÜŸã9P¾T/ÿË„<žá.ý–b½ ®9ßô:ï¹þ‚‹TÓó|RÈé^]³{•²‰dd=Û’Ï�÷c/ÿvlcÄÏß“_º±)k/}þ_Ιbu©|Þ¿È-
+'ë]
+¡Ã«PèŽX7þ�€øÄ9•…ù®%ÙÀ–mçÏ$¬�=!°äØ7€dWoÃ&,_5Õòý'}S©:Mœ’y¦¿Ø®LˆcçïAó°D¦ò’4€o½™ªdöV•ì‡þùt“1�Ô
×ç\VÇf‰ªR$Š¯a5Ü’$¶î›
¯©„>"÷ÀCdg°6`DOÕ��â½4úµ;Ôcs¨….ë^Ó‰‡ê8²aÆoT/è%búšCùM6‚D	«o�JÒƒSr¶•„”¾Ò—`áÝÇ"T	¶¢‘¡yn¯5ng{§pÂøò MRòSÕűH•3׊™Æh²c,<Ù ›æ²€Öè|�,DGyA9kîÀ_ž«©–ÀKÙæR”ƒµ/˜­Æàå¦tsÇKÛ®?H)7lF9�ÊA3	Hû¸fI¯lÀ,̬ÐÍ‹œ/~+ÛŸwyôÊØêè$lÈAŽ‚®O†)MáÓ\p/Oóè#‡jL´þ£:÷TŠM߶¼LG	|ĹçW
+h¸)š…±îé2©·ókç³k‰FƒzˆŽÍó.HH)J²�™À
+
r‹rÂ�˜×ÝJ–M�Íïï>£¿ ½ &S,δu_í¹³¨9©UãWLZKHÝ´ò»*þÌêÅ÷°¤,õ	¸}	K²sÛ<7£l�Ðÿ	‹À·1Aïü�TcJ¥|ëŸp@ô´žŸU}¡3îdIÈŒT̸üÁÆÝ¿¨äš‚
�©ÞК´öÐ_¿“Ia¼¢>¯ï¥@7Uݦëø3œ$PÁÔ¯Š,Qx`‡²ªœËLØ	A‚²›4úO»‘É©–„µÌÝò�
+宊`¸¥ke/«[$ZnòŸR¤��,_BR'«1´V-Àï
+8è™RÙ•)ï²*‡·áP5í–‚U°U>ϳ‘ÝË“CvÊÛÛ‹…�Y�f|�óg|A"dÛ@ãyÆ`•Í�K
X0âb
+&®ËD1-XÀËäMøWÞß*u)Ä”+B8£Rùÿi‚ ÜÏã^H\ÀÝ0d]ÌQͧX1ü¤…®·Åþß	ü¬äø¬ ‡Þ.ƒÿÕ”šÿWãzÿÃÖ¶½ø“‹Ÿ©ª‡§¢î¥4Uò<7íñ4^”ì �ûËŸ­+^�
+endstream
+endobj
+427 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F7 41 0 R
+/F3 17 0 R
+>>
+endobj
+425 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 427 0 R
+>>
+endobj
+430 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2836
+>>
+stream
+xÚ�YK�ܸ¾çW4�«
¦e‰=r³;ñb³ìrX/N·fZ°ZšHêOùí©%JÝcïId‘,‹Åª¯J›$N’ÍÆ>ݼٽz¯6i—éfw¿I‹MªãÒlvù%*“›­*Ta£7n8ÞlµÖÑÇê¾ê«v_a×Dwí�Ê£³kn~Ýýøê}ŠË“Yma‡t³5e\·"V±½ÙÚLEŸ*×ïotëö
å&ºïzlØèmw:¹ö0p¯nù;+nü­Æ®æÝBÁ
J½U°›¢í>VîÐÔ-,S6�ûåü­>TR’h?íƒ=Ú'$LeÑpl<öÝùáÈã$H°ž©G‘Š:Ÿ�‰lû©Ú�u×òŠ2NQìÍVdM¥–dý…õk3��:ïo
+¹}ÝÔc]
¿ÞUÁYÜCÅãiª?ßp“€
<ó€M"Ò匮né0&Ñ‘ãYÃ#^mTíëÏÊæÕA¨cã›mfóhw„‹fºã\ò{º�•…¯x>ˆh¯ˆÄZNl“G ô?ó�™ùÆò4NÌ&¡uu»ï«SÕâÒÑÛRp»¶Œ­–¹¨ô5/•Æ*•ñ¶k·ßã—gq–Ëü˜/EÁ)¬‚ÃÀ쇉INL@a¡}�!
åŽ5ù€¦ôáB*z>b2Ð8UÏsŽn`j¿­‡#ÞÍEÖÏ�l{…7·yß5«Šd¾*›½Q*'S®›Ëíz·Q]äQw�ßRÞWQç“>íÃízà¯IW[Ð*¼7äw¨‡ÇÆѼ�wšvh«¯#OÕ¢µãŒû¾;­¤9ί=°5öN'7²©±²2-Ê‚†šˆa‘vÞñؽëc~S¯[¦Ì†“É�ƒ»
+u‚ý¾úϹîéþ�Y×6ϼ˜.¾'GëŸyöBëÃ4“®hý~Úª: �:…í;üZ6O#Å@^Hpà“÷Á‘Y©…ŽðtºˆvØv‹†þ�£ÞzÕ®–äwç
W{°³††ãÁG×�õþܸþºW ë;ÑÊ,ïƒf<ô"ÖVæÛméæóB”¸[c8ꚞ̚›±±*'nÃ7•ÄÞ,ßµV
+ù„Ö‰RsÐJl
^1¢mÈñcœo™<‚ÝÈùWš¢ouo¼îM
+QëÆÚÈ5çŠéøfý8�HÏ'*ml”wªt¦ã6?Õ­)/5$ÖÞ³ò>}íîÚÊŠãÀud׎)ž«åZ&×+§É¾5)âÜ^	 nŒ6€0>СÀ<ŽnäHcBi4{Mj»‘)âk«–énꇖ%5ê˜k•6³ÚÒtSÄeF†PB
SˆùØ�¾Ûái£S§9ˆ_$q¦6§�Vp3šÍ'ÂQ©Úäq™#ÃyI[fúîÓÛ—Ø–hÔ!["Llg9q†ÒÌÖ[ËÅ�qŠžÅ,£eð,”BˆæŸÅ�—Ï"�3?Î.v¶aÔúSÝÈÅêŽ Â‹
Í"³lYva@4#X˘f%žÙùp)¤Š•÷$ïwGŽ¥ëGÞ—÷·×ö_ºB”‡àÀ)|#±8d©e/µëkûÈNƒécô#‡[Fÿ:V-Å�æ+¿›s0
ßÑ�d2¯\n¾ˆ•ðÜÚe3´|õz«Ì‡Ãk®™ÕU
˜%·§½cƒÆþÜ÷‘ ä|È‘…¡Ò�*8û¯ÀvÀ­ç&‡ëÌC~=‡ÿš·.9è¯
Àj¤6ÐAõ�
vrë×bxý›w×_ZžŽ�ùvÐ(|B‡„²¹GH0ÁW�d
`B;�]ÞˆÖq±p~l®ªXÞ”*²+Á©”›Ù2"!�!gîQbä!ˆ§x]0ÌÐI�9á_Δô™_³Ñ~˘F”:€Zè}‡Ž¿µ2àüš¶~fW"‚3¾ ¹ú‹³Lb7ß�[aÊ1H{?COìM‰vÄ3àš0^™ùU¯aåâ¼�¢rŽ§
\­ög\ŽSØ’íðÚÓ„36Ò;,­Ûatpˆ[Ìÿ ‘»;Ü88¹X—×âŽ4”€å(HW(@Pc&\‰;Ó’Äyð»Ý\ƒA9àÊ„+aGå6Î0».Tœ§/„`BqGÎ"Fj4Ϫ“Æ‹švû}õ(ðˆs¶°2†Wì�<¨Ä\õNì
+�(_»¥æ5“qhý’p„ã³Ç�qô8„é ?àáWÐΧô’çŒÕ /^Ȭ
+ô¨âkÃHxË#'ÇÏaå“7ŒÒâTKcæOïâû¾û–ÇXJm¼ï§ÄûÕ¡)§¼êâÃüS SuB	…	Á[ŸëbC$…ÖEèÕEºJ3Ó9�µeBXPûdx®6,¼´NLlŠïd
+¸g~„fu¡.rB¤=Õã±;�Þgg±-ÛsÞké’ª¶êÙ$ÃÀ:×3I©'ù\�I¸“€/~âÆ…$Éœ-!œ^l{¡t®Û¼Ä‚Û†Ön
ý7ýó¢€"—fSµÊ‘�ÒƒQ`KL²¦î«õ"é‹lVà{îK%HÙ�Ó0ºy¢®XÜsÔ¾RáXÆ1“ 
+;T#+LÁY—(0Ÿ•—ÀÏÇ*‚’lðÈÚ„på�dý5ÒD.úà0Uè€ðÉ)uf2¥uY>E¦µï È‹Û¸FœßÛ¨:kbm‚ê¬Hk¤<«¹8<ôò²¶¹õ¾nªo•]5±yÝà3Â,Ù”R¶ÅF¢¡×Ôw½£K)ÊöD:¾An9þÕÈ
R|ß�Ü~Ø6õ< q›€Ã]Ýàâ&Rìmšêpa)F€¯\¬Åbʽ;7.
V¹pKË¿\)í µäDH„?,eÅÜpü9`55«zŸàw>ƒåZ~Wò¢=Bª=Ã"X#F“÷”Á`ã†|ªÿ{Ý8~>ôî„Fa­ ÍŒ¸ܪͦÓãäÇó(�ÒfAU{,eQ×`²�Ê·ÀÑÚ:t‰˜€ç l(e©¯LÿFš`{®;H¤‘Éo<ƒhÈ•mžøfƒé�
­÷Õžk0Š+^¹Ô`°Tàxš¼B~œz‰Ûž6Jàmy‘@
ŒÔàºUc–le|8VM3M�*ëR�. Û÷ìÃÏÿøçîãÛ
¸èbY¨6ªˆ‹,´å“ k׫�ÉÐù`äÜ‚=Þ®|†<žQ‹gù÷…Ä)H<•ìÿ÷*~éÚm+ŸºÿàËë�aÆa†
¢äÈŠ;‚8±a¦=ë	ÀØñÀÕB—‚&—‚CFdþù‘0b6/¬Ù¥);Rf„!�Vä‚”dÏëndJZPc³"œÕ‹vAás¤5Ë?à[ÀY¹B¯®Å}uµ°—ƒNg¸ó•/õî1iœNÅ›éU‰ÛâÙîñ+P¥WÒæ'JBÐ�=šDuñ®OØ;ö$ùTé.µG?íC%¯6…Ô×,
°˜¨†5°°;Ü­Žâ2±{t8ÈàÊãáƒÀ]*‹ÃúzŒ/~9²WT�ù_Ž°ñïˆjôòÓs‹¿$G÷õj”Óa”“c:+åšóDþ‰	÷ˆð°ç0fj‚ã|qÞ“uÂpyÝ„r	ŠfRÉüo˜OÃ$|VÊ…!j¶:zÓ¸öÏ—€^¼ëX©~h
waâš—*úI~Ú$ø¡% Õ”>2›’C]rÍ;dyl}Døã¥Sˆs_˜þA8Q…Í”d¦2‡•80ú
q,£i \Š£’SQÞñO×ÄÑKqðñî15ãlùÿl$
+endstream
+endobj
+431 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F3 17 0 R
+/F11 414 0 R
+/F12 417 0 R
+>>
+endobj
+429 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 431 0 R
+>>
+endobj
+434 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2157
+>>
+stream
+xÚ•X[¯Û6~ß_a´‘�#V¤¨[úÔ¤i·‹
+4§
9
ªcÓ6Q]\QΉ÷×ï\HYŽÜœì“Éáhȹ}3ãU"’dµ_ÑÏÏ«W÷ßý¤V2•\ÝïV²\ÉTTzuÿãûèõ¡>ŽfXÇiª¢òå:Ö:‹^÷m[w[$¦Ñ¿mgxõfkGÛí×±Je)£J®?ÜÿkÃ-rëJ”$qÓwÈ×wuÒ2�7§Íèxÿ9cp™EoÍ9™^ŠT(^¾ý¹�_:;òêõ$îÃPÊ,:Ö{ÃgUö°ë¸LŠè×ñjáù} ²d•PȱÂ[Óõ#i§£�kxP=Øú±1|ê̈ú:>ŸòçZ‘9óæÑÂC�GÌm¡¡ºëݺT×Bß¡ÈŸ"«ømñÿg]¦QB7¨hS£e´ŽÚl^F[»;#!�@7^§.mk˜ïØài‡z­òè£í–Óï˜ù7Soò&3ï™9êb€\;“LÒœÐ\^tn͹ÙÐRyÙËÙ}i^E'Gà
^‚¾û)�Ee¦„,@6
+Ë3Ã,l•²òç›)@AÚ“áJz:.,ÅÞû ²¢1™®¢ûpîÎi¬?±ãd‘Š4Ÿ»Â:ö°³í±1/V¥(Ðw¹ÈÊëGW3&%›?Na�k	;0ëBÇ8“"÷B+úêŸf0æi’E;ô§ªªÈ|ªñIDÎé�ª*£C�
+=ᦈƞY7èäCÝa‚ Ónè[>!Kábkvõ©ùüM[o\ÜØ?Q–aY¼>óÆÇ»—Ñ/ãáänø¶¥f°­e&’`¥fBÐ7Þáné†8ÛgC7ęʂ€¸í·†)7îŽn|‡)xIYØtuK¡](ç©�n¨Àð7Æ3�C	#ù¬V‡£Álú}gÿk¼ŒÝþ4†Ã}=lç&åHDg’j‡qŒ™ù{w%é&|…g#v
Þ¨vßõƒÙŠé’IíW=�GßDUdŸg¶*ºá¹Îðf<Ô#snø ’â¨äbì™Ð{ÁÇ@ï!5óu\”ÑÚ)ôÎÙ·™ÿVOßÚ]¸ÜÌ_‰ÉDtë–öë0	N
T•ûÛá×´Ç#û¼Óßq`èK`ä¥P™J¸|³Zhé�È3±íœéÄÜG*ë;|R5](ÑwJE?t|-A/*S°ÌQ4
öÁ8HKÇÄ7äaµ'fïnB°R‰ü
+À|5ð9¤Ù¦!žÈþ7Báþ<+€Ç /bKˆß-£•ÈÔç0­e™í¨€%™G›Ó0rw©ç%Jf×JÒ¹�iüv|IE_„óL”éÜo�ÿ©ßÀ�Ænï_ÕîÀ6zu²
€µxÄ­®Òꆥ~à³ý`joÛ­ÁŽ…¬»c‘—Mýg–è—hÌUëõ‚×—<FŒàS®n e×7M�¬OB^e«Xø/¡®$Qì@Ó4±ÏͲaGRÎmíùgè4<ô}O”÷¸‚ÞñÈútt¦;>›yé(PxG/£}ß
L¸0Ckãemán0)ƒ›R*‡ÿËŽéâ:©X8þX¢‚@µ¨ë»¥f%û6˜�«3]@vg8Á±»‚Fsà‘n%ž_*g,!–”žÛ{ùâT$éT<�}¼á5
®-g�ƾgÞ}),ËÔ�ɨfBE›é½¼E�Åß>|m§oAdŸm0Ò°­R¬ò1ÄÀ"è§A/ùÕêÕ§íóêaÒKªD†—¾�!¼Õir…!ðäqD¤w¼£¸�SÐÉä"†‚"ì…[<]Oxê�ºlB8mf)�ã9vG³±uoõàžO7Šh'8R|'‡¿KÃÁÄ•ë/T()t6‹‰,-æ¦�;f¦™.Ê=ºåà7=7Ë€
HȦrÈþ¡Þ€Õ¼½r‰]ܼmATäF§ŠÜ‘«Ú¢93-L iw òt5tÁGÞ1¼ÛvJ?:íù;`^NZ.Äüu²¾\F_ãL¬c¦ãG³·Ýó>ä!CÉæTÆg•ð;�†]Â0òšŠ†ò1ˆbpK7}HuÎ&&ŸÔJz´
%»È/
Â×2¦Æþdöd¯á2óRQ,ª95’~:2ŸÌæ4bGI})«¥jš*|m
+��/v‹·&%â _ôÍ·ß,£¹2@À
—¥*LJ^ûf$¬ö17½16i_ržž0Me‰w\"o%`*”üræsPNæ•Eûâ9Àd×:&ñ´ŠmßÚÖ#÷ÓÐÅ.€£‹†ìÕL‹¼¸š`}£S_Ƈ«&•&<tÈúóú�ÈK«(@ëlÂ¥Ýî‹®|qË—0¦ãÊ¿Nf8ÇpË}eª²ˆ½N-&¼oŠ>ÀÜÂ_vDï|IT€+—Kóøq!È0$Âi¨Š!	Êí°„2Lµc”ÛNiÌSžù4WÔ/ó9#€š¿Ò6àBãÅ9!›-¯§	?ÜZwljž6�ÊYšpŒ{Hù›iéscUš�àÏH~1Öƒ+cUÚÿ)¡¹3f
ØöÓœXa#¦°ºã ¾…Ýü®'K\•�ù`!Ã’ÍMg“-‘Ü{b×�L`~à²î@Þ«¤ÿ«$�†È<MbÛïù?Ï€ÛÜÝËô§HîÇ{…ÿ*áEžˆþc‹«B‘òõLƒ£\KGgãùe„†
�Á9W9º©ã½å¦Üì—Ãã"ê.>(Tð
¬zO�šˆµ•iØN£„^­q¼Argöu˜j‘"¯FUض¦&Çïàpç#sc—Á*øŸçû0á\aOc[ú7/Õ·j‡Ô¥8+“äùÒ±zsÿ�ÿ
ÿ/
+endstream
+endobj
+435 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+433 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 435 0 R
+>>
+endobj
+438 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2367
+>>
+stream
+xÚ¥Y[�Û¸~ï¯ÐÛj€ˆER—Çnš] (Р›ÊØôXˆ.®$ÏÄýõ{.¤,[žÌd÷I¼’ß¹*JEšF�}þýüðþSÉTT2zØE²Œ¤•Žþök\ewIVf¥‰¶ãþ.QJÅÿv;7¸nã°«ãÚî.+â£mî~{øåý'ufe
+aÊ(Ñ•(‰Û¦ïžÜ0%­›,g+bØ[òÞÿØÁÞ:‹G7qcêùûßÕFZ
+%£”–õÝŠµ”B?ýÓ;`’§p
+»mêÎ1Ëçºi¸2âqžî²2Yý íí`7“F“°dÚ{¹öž‹«÷HÉ2þROç#€PQb2Qä|HCâЙT[/uy–:ËEVz©í¸©�0‹ëÕá2¸7Oõ7w'ä(aÏÿù•2x´/8f¦¡>êX|ÄÏY|Ä
+Ûm™â0¸Ï™)¾ÍkƒØRF¥¨r”'1Jø�pT>ãžÎþñ
§£g@W.Ò"JòR¨"j#	—’ëÐo¢{B¤Ì¢BT=Ÿ_P¡ˆáÇû·Y9÷Ì’û3˳�H ‘@‹ŠX®ïµ¹ŠäOÐ]" ¤Êt
•¡B—¢Š/´Å#¿?2FÜ'áÝ–çæGCŠðh‚áÈåR'öŽ•pëvöØLÜyº3:¶Í‘æ##kæZOd*EfÞ¨(bµ<‘EŠ˜„¯0üÛz´_—lúöи©¾Át¡ØfVl�zÅÆ^~o(v.ŒöýëuÅÖ²Z(6²dÅÆVÝíkB4
#Îûa‹=Ÿ…wInÒøÃÅiÒÅjy„•AémH™ƒ²%h=¸Sw#€_›{d z^ªÃÞAËŽžpÇ_ 9qko·gö×q·µ‡o¸%iÓ%``§”PÊ_Úèš]®.7ÏðÐL÷¢µ~
~/ã­LQÿ<Üv»õûB–ßÁØ‘fK¼¹m�Š–´ýÖ½Ž4”÷ši–‰,ó{~—[A&‚	AÃLl‡±‡•:(ÿ4ôÍÈ#Ïûzƒ°Ús÷|EÐ!¨+iàøû)Ië%çºÛ&Œ´Juá @<DDaèš³BÇÇÑmñ=2pÊ'žò{¡k+‹¥kòq²ÃäYžUÇß�­Ýx®þ*x¼%|ÛwkD=ïÁû£ÜÃÞ†�cé¹IWRÂ�y‚¶'n�u[7vðzþ’„±ÞŒð£lÖΗ^Æö7A ¾¡YÛ‹|ÑèÕz¥7í[´¨„Ìè2VîµD?à!ÊlúÙeJ¤�ÝSýã浂H鼺Ž¬ëWw:ØíëxÿÏžŒ‚É}Р%SkaA¿óü‚&pOd
Koðp“áÄCa7–Û�‘‘Cý9šzcɬҌ‡�?yc)—çyæóT`½ñ8•d%€þÆ6
«
*÷}ëxzºÖÓtŽ¬n…ZXGá,`â7hØaèQ¤g¦	¨k%øQCX(ŒOþ¸!”º¥º@Æ·„eÉT7o1„èrUp¹*õêqÛå*‘Uo‡…J˘… ¾$ÖH/ŒìéF`øÀ.kØõCK�Œñãbë+\c'xÂÃ4z׫E¡/0�¯B®c�×­µùá—‘9¤AæOù(-J¹|ÛÔ'ŒôÀ±>¹äÐ×Ýô¶„Ge^w±A�§½ñHúlhÞòH` ÙX£bñ¸³	–ž»óÝ_ìhìÆp¤Ñû0Ç@¯ƒ¸¼C�¶uþõŒ0Ýð~Á
+¨<�Ã×YŽª°gRæ!<ÂÖà yqOä=·LI‰ØÊècxˆ§º?ŽI`z}_•ómë'Vi~ÿuîÛô"7Hd
+ùzà¤=*Õ�ÓŸe¦…¾œöýPÿ¿ï&Û$ã‚–æÕ*X:’²R×pÇSg\…X§ò6¾³®n+`%Lñ},ç\y\ÝtÀ>½ùÞ’<Óñ½›|î,ë‰å²ß^s›gqI	 Äù|ZF’ƒµi�êÃ-ç.nõ»«)T¿Ðg
³A8Î2Š9
U¤·æ¶‡i.¸ÏÓ:”"UÔ%å«szkF”q`Û«#Px®KŸ§ÐâÁ/iúî‘Þ]Ó1Ï„Üx®·XiÀ&EŚϹòµ¼3F F®àà92þzÀ6Ô3J²'sŠ¥ñ(8عg¦
çÀ6žƒ"éŠ#éò"’®Ç
«[ºJf÷r#ú¼¡Ùæ\ÕùC‘ú+½Ôìº;_¯©-â€PSS¾¦¦n×Ô4®}»‹
+·ðãsM
[!ØRËYBɸҒÀ³ŸY
/Vw½Ú4ÎÞ¯ä"Uy.¢J+sQƒÓðœò+Îyð;S^çðHˆ8ÉøùK
+y
+½G;l7Ž<‹¸Ãï3én`ºÂ	°mëÎbýA�Ëkl݃ÊoÃù5Æ£ÏáûaDyÊ.çf—��E©G«‚€‡oXÂ<Zþ€),Lòeð¥æÒãyŸ~¹I%Òàd©¸µkìã…æœdM±^aNªkŸZŽçv!¹â�uh©n7Ccy×#àd³Oüýƒ�ßâçàJM^PuM	¶ñ¡ñ{
cÃM+öý±ÙúQ¿§g†ï‹ßº³Óº`{×X!‘}øƒ™5=jEV€¶¿pa�–7'&qßÜærö�ÅT¬Îga™”ŠJ\‡$Š¾m±¦»’â3È�È“|ï6¢a§™0Üüõž%Å8²{ü
5¤0ñÁ>Òº*®ÒÏwˆ¦²ä:Ÿ®üSââKË©5^êÈD¨å/¥öìcLüXs­µcscytV‰wg'BW¯v]¨– !`IC…÷ªJ
™ˆ€ÈÕ”�’c•ZÉRäå<p£LVT¹ÿݱ*SÏ¥ÐzÉ“nÔ©‘BÌT¿X¨Væ\¨öïúþSµ†Ï¿É/ëÇ¢Lì®YB»¾ôBùN~a{¯ÁMŠ<Î0¹¡³Aûf•ýêN­=¼ ¥,„i#W½‚›ù‰úy\o�åæ,ØxLoŽÃàB®‚3>§ÇͨOö)ç2¼Î4äH±ˆGß&kh¢aɪ‚üõ¯›�;Lê[wŒß§T‹ˆÍ,+ÁÚdÕzs½êÝ:úÀ2‹åÉ8Á9À¹­ø@2íwÆù9Ø9*
+endstream
+endobj
+439 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F9 84 0 R
+>>
+endobj
+437 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 439 0 R
+>>
+endobj
+442 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2160
+>>
+stream
+xÚ¥YËrì¸
Ýç+zg95∽’]&3©¤²Jy§êò¶ØnÆj©GRÛã|ýÙ’,ݶ|³q“ ’ÀÁ
Hï–$»§�ûùÛî/?þ"v<a%ß=v¼ØqÉJµ{øë¿£ŸŽú<˜î>–RDÅŸîc¥Òè§ötÒM…BýÓ6†Z?Wv°ÍÓ},$/xTÊûÿ<üãÇ_äD5OÏv±*YáÔ›“Þ÷ñÉšæN¶‘æLd»ÄMûa©	å~””ì‡ú·U%é&%/vñ1çLmý8>µ/f¡A�…‹­öÞª·
sÎEt�7Q‹ÜVìbðWA«mzÓ
K¥œ¥Ò+eË�Aã–a2ƹ¶=`Bä‘ùõb_îSéÚ4÷¢ˆ’íB{^2^n;w0ÿŸJ
+&øÔÿ‹Ï¥d¢üx“ðX.ÍXš’åR÷Åʶa0�-÷ì[wË­	Â<Xà.¢‡#FIšD•9èK
Ö‘ªŒüf.8¦
+ÜçÒ9“âæIEÁ29]MúÕ–´G³‚Q²LL­`(¢
ÜÕܹ`2ø–I#ÝYýµ6ĺî[¢ýæ5û¡Ç®rK;ùhè<ß‹,2o'}^¢1æ°±RÂoŽ ÅõNº{Ž+Û�Ú¶³¦_O:…¿ÃÉ/£ÞÔ»ß/‹õT΂ŸÛæ&+Üý€„˜DásmS‘Ê°±7ê6údzj5žó¡gPRDÚo«Öý‘šú|
+…	Me*FM‹wø|Xµ¢õ6^ž)—,Éo*önÍJ`È¿÷଩â’ÀM'„]»@	—4b’G¯GˆI7è|$Kå|„‚/+Á¨ÆÛ⥤ˆöúÒ¿þ¿Œ®jÊ\“u*ÛŸkpQ½‘@ûé>&Gp•²ŒO�ÙÑöÏ0-O¢Ç•�Êœåa'\šˆå!tïïAKHE
+4€g:/s
sÀ�0’õ]óõh÷¸ÿ£Ÿæó‚PWVD_	[ÎÔ0ÿÔº~e!Hó+Ü”djÍqrî8Šô0òe�è‹pºöpX:	-¤Ç;Rò5{h¯Á1U,-pìßN`ŠgÀãFjHGj(¹§†2!jÁ
+5”L©í¨Kåœ@g ƒ2ø*C_©ÜÞ¿�·Z
=•Gm
“œ�ÖÏ7XYË,aE9Eåxü8è_qàx%š~<ï8É”wHôõØpûAʈ7qÌ¡Äý.Å`·=,¬&Š‚%!;Où´Kò‰+nù-¬Jï1Ñ)õi,ÒrB’­åH±HEÃþmU™&>Øz;
+Øÿ4q`DÆ=â ¤PÒÙ+<(2–|‘¸@àAÔ8ò öÂ:x&Ï"¸<rCM_HØ^ÛO†Àmj»€îB¢y²
õ_íà€žº”W¬&ÉÆZ‡ÝäJRñ‘Ý}�¶‰4ê<Ò@y\w‡¶;¹Ê87ìÃKf9ÖG®mL E]P�ÇŸ9ø«4‹j° )éʙ҉ƒ><¨°~�þr>×ÖѬxQ¥j\ÜØù�’øºN‘q–çÓÓLÎëbdhãÆÄ
+0W²º†×÷ð¾Àš5ßÊ÷¼/oð¾È3¦¦Á×^†óeøærÉó²(|yQ•¡`…ç³O•€‰˜ ñÕÖ5­1/)Š<"Ê×�ÞCåГŒbÃméè5ûtįhò¶õw<V:�9_-…²³F”$IÔiÐÕQ{8R!I¦'‰¦..>wÁñ›ÃŒ™~¯ÏWT”X3ÿz1ÍÞ(2Ϲ¸•dÆÜKþ]ƒFš°,û€ó[…¨H™š¢gýdâ1T7æ{™o¸œ@°‚ƒ�½²àS €J_qÂ"Î �PE·š®ÑõJY›"£úLÙvË[æŸM(»Ÿ}JÇÐ-N4E¥\žºº¢�€l³ï &<\jêº23
ÌÙö½¥°ÑÔÔ È¨\MÓ i°'JÊ“À |ÇÐ	#+s"˜�ï*t*	çÉf…Ķ:2@cSg›aŠ¦øÅÈÿÚfÐuý¶
Z"óЙÏÜÙZ$(Ž�5ÛwžM“5¨$ŽÁÕ‚—3<±ËðSÑ\äœK©Èås˜Û·§Ä-P÷Ë):üéb�bûpÙ&Ï¡è;µÏƒÝž�¸í*ÓaõËÅÈByîY[U‹_RGùÄB¶$—ÿë¶ûUW9Þ\&Àè�íkˆí!Ö§¯öéÒ^¶_xoíé^øÒ…ãq Cõ¾ñO¶ÅPÆÀ�†¯�Î%m‡K³w®v9[½	zé˜XR…w­X&kWuÊ'ržÄ;î¼�ÇJæwOèÎ︨#4×ò		ZmãEï©&áó“&¾põ<–#	Lìˆ`Ákíê
+QØ »,ùû=»@§†û³Ëw槓©¬ŒÃ7
+Ô~í�¿ÀOT繬lfJëz3j§/r×*j½æãèw¡8w.ýŠ/Mx½ùøñŒ`¬„ºÂÛÞj<v¼E¼÷Œ•�ÞŒ“�¦ÎÅþÆÔµ^¬—v=À•Õ}&r@¹=ÙZw¸hr}µU“Ÿ+l8¾ã�1�œß
+fy¨“wUÀ’ãwXˆø=§«•Žà³ò;“xy1‰'‚¼*™˜=Ͼ‹0™‡“Eˆ0hQ„Áàûƒ±Y„ÉÂå	¨©i>( ”"e¶öñYwñÒ;ƒuy’ÎÌÃÞÖÈùÐ|§m>»§9UÛÜ
Ôì�ô8Ó4IðŸdÕ9¿…ZÖ½¥Axe@“‡‡g1g7ÒÒÀä*įá‚tÊN;Ž¡ábÅ Ž4Ü�+ðÁ„4ÜÿÓ>A«o¡™_â·Åîç‡?üï´.C
+endstream
+endobj
+443 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+441 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 443 0 R
+>>
+endobj
+446 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2680
+>>
+stream
+xÚÅYKsÛ8¾ï¯Pùª*ÄøÊaªâŒ½5»I&;µ‡xª†–(‹‰ô�TÍa~ûv£$(ÒJn{ñh4ýü-‹‡…ùüsqyûÓu¸��Èäâv³�éB*‘éÅí/Ÿ½L/ý0
ÓÈ»ÌÛíÒWJy‹MÑÕªÀ®öÞåÕ2L¼C¾[þ~û¯Ÿ®ÕÀ*JD”.|�‰ÔpûZ¶åý®ðÛ.ïZ¢'Ô°¹¤ÍÝÀQàµE
�y]MLvÒZ¤j˜eu5a-¥ÐO¿x‰L´—ÏÕ2Œ½mÞä«®hp(õÖEUweõ@›åô¹£dW¼h©×á‘�� œÄ+ˆQÉSù#§^Q­‹5S³Üݶ@Ñ~‹��¡ˆ{•ïÒñÓ¶¨¨µ+[–tMœëÖ¨‘æWõþqWte]µbék­½Û-[f]lòî#:#|§ºûŠØj§Þl¦ÚK8kOÐ	4îËTdÙGbYVk×X×X4s-jDÓ1˜ôhœ¦Ë¿QS7ÔX�õÀ ]SïvæØ:ʼ/H‹; ŽÝ
zÒ++íˆ3”
‘Ny”ÉÛµŠJa“ë²i™öˆ›Ö#uà¦*ŒEF„/²­ì˜Q54ØrЪ7£)�Úç¼£ÖÏ;B'ôžp{Œ£ÔëhÄî¶B²m^= ÐZYëÂÌ4Tãìêi"x[¬ŒSq¦H­¨oÔt9xO‘3Í"j+2ŒâÑ dt�Z׳€ú
+_Ù.†4ñJæIÉá¸L•÷Ò’ü�6
·ÉéÓnë†ýu]´«¦|Ä3�7)MhäLÒYGäÅ…5…_+úý"‡f¿ß(keª78� "E²jì)Ù¨™>ÕP¿£9lF^u¤™Ç]¾²«*Ö
}ÀŸy¢¬Nا�hÇ:°Š3&…-#T?•C˜¨8uü:O¥IÞ	§"X„Ö:á<hÑÐašLR#¼™ÜÕ•r–VSÏ#†�îXÔH’¨œÍï…>�ÅìÓçW‡ƒÑU^QãžlM$ŷǦh[›u�–ax]‚"c,Y&¦?áxŽÁwlñˆ*ïë“8'_åYGpбrò´÷uÛõér›‰¶‘?JªpÆ"/_¯KötèÁ×	ÃȨ¥ÓRzM‘¯­7Áb›Z곦Zö1f6hªïÔËÜO�½¶kfsJןÜV“²j‹¦+Öãªe=[)ÇlΪÁL¨7ØÕT픤 :æ’³ÏWM=)Ja&bKq·äªªHÈÐÕð-•ÜqÁxcÁÇ
Èá?NöÐprKØC'èR-ĹÉl-�|ìM¢“ÐÛªÙ{ÆtDÆB·ŠA¯dÊœŽ'"ˆ]ŃíQõ:ˆØ:ˆ)
+°ñxà‘uÙ@ÚÇT„½’JiMë,1æš2ß•å,!ŒQ¦�hŒãл)
+½)V‰!5>$8IV—‡r@¥ýý%Û8`P™˜8pÁûˆ	þ‰	B!%›àÕ„M"RL¬ÊýY6I(´ePã”CMÜmá')Çg%�DdyG—‡�Œlb“1%6I¡Ý!>`¬e@¹Û™à@j´,N™dWÕ ­
©w½LC<LiH9‚›W÷e,’Ø�Š7u…Ë?¼ZúQ¨½CU~-š6ßùyópØÕL–|Wt¹ÿñp"ñªû|õå)oÖþ—r·óŸêf=u»SÍk.~Æo„¯½˜hò’HÝ’�)R‡œQ°‘sòBÅ}]RNÃq>þKb™¹à_!Ú&˼ñÓT"Eꙹ	Òì^ŸHÑGø©²e¨…²ì½r~Š2Ìk.rô}êN©õØ陑Ø=Þù¿\½�,WÆnΡä8ëcßÊz)6ÎJ
‘6oöñ�!P"H\éà¢JÄ™ëQ˜O†"Ô½­êY[鑱’c%l¬Ôk5Øj	ǶsÀvMšÃµD
+‹Ë‡-á3¾eaáæ£1o¹H»\¶”¹ò%—ÂÚ-•'ȵ+¾uÏÝËd$E–ñYfbÂf®P%¡½¡Ùí–¬
+Ä3}=ÆÕ—K™E"‘nbxMµÂŽÃ£ëžRRC˜½°´Çý’5hW®¸"ÑmÅ^¦
+.~X�.,P¤ê‡ªüË(úOÛÒ\Ԁ汩ýiîY�¥#´&>tï…8Ì•f†ûå´hÈ|Ìêu.vÀ£dzÎrˆKXW7oæ´/%ß[üúÃÕÔ”Nú8»þíõ/s’‡?$ùû«ÿØ””ƸÆIIo}?+ŒÏ+°ØÇ«Ûéb(¯êÜâdXüéãû©NtÓY�ûéò·OS4ÔòøGxÜ|ÀËêkäôfª˜Iô#z¸ùð=ß ‹¯Í�.úXc¥¹5Â\ÎYº§ÓŠ¯Ð�Bd]̸CŸ3ì•¡øsÂJIZ²i¹vxü?ÐY¢fÐY
+×lz€üö>ˆMÞ¦©÷SݤBëA9éЗZäœ
1wZ`¢TFÐM¶6hÉ÷+Þßym„^ÎÄEÅñ)
>ËÑ#ZW6s~8ö�_e{CNÜ2\Ø[¾Õ®PI±6úhÌ�!Á÷’&	†·
~ã™Û©œyX×z •÷ç¡î
+z›”ÞMm•˜ºh
.+ñ¡:Ì¥›®¯Àþ-ñmé
–¶	]@§hW9•©IŒìèÍqoK:@š·¬oÈtÚ=KY¹º€;ÜøáÍÌõØÓW)¨Ü€vwÉ ÷|ÇöWJâJ‰Í¼á…àSíåSÌ<æZøLýâî ïÅá|=¬ø†?�]Ö>>9øxuô7X«'2Áªâ³”Û%×ýá¾yƆ<ù‡W‘$à—©$HO!¿1_$g ?19ùuïR&p·üÁ<Žâ~. 4‚Ô'=”}m*q53¯ó¸œˆäÎûïÁ<KC`戜À£JîÓKUKz4`©°�1M/Úiï’wKpÊ.ŽL•”Aj�z%}c<�e"8Âù¿ð‘>$4ß�è%Û|�˜Qxæ–
—–Ô&úYŸÉ�%Bé¡šêÔ>¯À|Z)©Èb¾á}J�“ÓÆÕ­xZh¨“!ÜË¢4C¤²@mþP²»Å�ù›L†PÔ²Äd~»$‹Q‹œa¢¦™Ë–z¶ƒ˜H¡…AkÆA	ŸŠ^G®È:Æ0:#±]1HüùžÀíð¤þœ¸@ž;·¿îÉQy>9€T1Þý²?Äê~!u Tߟ9À°"c3ÊgXJIò[–ÔŸ‘«k’–ƒ®ã‰¨:YèŠi<Õ9Yû%ÏÉj	zY-Ïç…�à­O„�8†Œá28Òk"daÝÀë—Xaÿ~†g/¬åù¼°1´RWØ	&3Úˆ|1~"½P+5s‹v™ÏÞ¢ÁÂ6É
5	iù?KM–Òeÿ㩤QŸ�ÔÉðo¦`4ù+no@J~Þ¨S|�ñMÜCÆ.I�˜œ 6FÐ*w9ðȾÍãBf³*7GûÌïgæÝe
+¦éù ßëûÅ?þR@K
+endstream
+endobj
+447 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F8 61 0 R
+/F11 414 0 R
+/F12 417 0 R
+>>
+endobj
+445 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 447 0 R
+>>
+endobj
+450 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2097
+>>
+stream
+xÚ�XK�㸾çWƒ#k®DRµA.Û™Én�½l:È!`ÕÝVF�$Owçק¤,µÜ^Ÿ(ñQU¬×WÅM(Âpó´¡á¯›ï¿ÿ,7Q(²hs¿ßDf)‘éÍý_þÜòãhûíN)˜¶;­ãà®kš¼-qR¯ZË_ŸÊj¬Ú§íNªÈDAoÿsÿ·ï?ggÒq*b³ÙéL¢þðp·ãMòí¦�6]»•i0ö]Í"{û ãôeEzçhG©0‘#þËuâ�s–ü&ªÒQµW‰æ-“´C‘A&pÚ)ð"‡¼ÏÔç-Œ®rz̉䗡·ÃMúàMjFN¤ÒQûÀ‹Q´1"Kh1&
aG ›O÷4ñ’ˆ0òa(ä¦ÙD:iæÿëÍ?È«f¬ÎRÉ3ËK$�HÓMšðDg"âI;¼	­V:S¤�ïØÎðewz¬��¾žº1«Ž¨ƒ&￬µšdÌpf¦�kͱ•~Gs‘!©N¡å41]SnR‘¥ÝIíãòã;De‚¬gDyâ’îTŠ—"¢±~_wÙÝIÖ�ˆõ¹îÜg×ó²óþn€à=(h@}±Èä\}?£¶C Ybò ݇*;7\°™³H&Z;§}jO+‘¥IêÖ?5y10ƒaÜÊ$x%�ÃèMx«Á~=Ù¶°^2Ìè’4
)¨ôß#t{WˆFŒD„ZU"b¥yN)|±fªÁû L~ÛÆq�Wu~øÃ*@Ã¥«å×SOmû‘I?�|¹º~Ø®¨^J6�·åšc^Ø«ô|®)¯Ò+mmG{“`û«„ö]ßð•÷Ö–7l¯lís�ˆvËûëØ•÷}•?¹°èíxêÛ›¯’=t}õ?‹¹CÅ1¼‰ò·«”¿!Mp¡ª¸•îX²‹ÀÒ¶ÎÐBëã;•‚¯VOºÕî±yj‰™0•χn ™�úäÎSXÁ8ì(
+ÖÒb?É£g9#ÎD–]XJ¡ÜòCеŽ
¤)
+zi$£}ì.Õ[gø²zªÆáÆ(\W �OtìXÿôÓJ0�ˆHÍ5©Uä4™xMj¾Õ$îršÔ`ç™&q5‰£#(ƒƒ}ÉK[T
ªWà€¾¬J€JÞxç6Ì2¤×è�øQüç­$#*–€“ç\�Tø¯ƒÑQXÛSIª!¥óu`i´/#a&×Q„Ù
.ú@Ël‚7ÚÖóèË<B�7¸sÈê4ŒÌçÑã
+.�HKÌ•½%œûIÕ–m�RÅ($–T—¶�ÉÈàŸ-q.y_Eª„ŒFD†áÔLËŽÎ$îtlö§¶`ÈÅ¿6o¬ãðs;TŸ}K‚e&á´#ÊQV¾n�ÄAÆÒoÖo’ÎÏ€wàM%Lõ•“°ä¹ÜÓ&„ô¢döŽ²}9BbKÁÆøq…Ä5?W59®ñ…
+~B¥Ž
þ¤A2S\dëPIÁL¼äÂx-ÐX]&
`o‹úT²¿ÁÊo«�—Y&Tº¬¸å"kúXþèe,ùcMKÁí²i÷R>
¥I|Þ
+0
+¥µ£¹Ž Ä›cmÑ„™7!˜tßÕuGÑÈ­4v�èµü#�j¥AÏøB›~[g²Ìã+·»ÝËZ;!"J¸À”wµƒ¼«v Š¿sÂG-N­u–¦ç4þû"´;¦ÑŽÿ&�`�°®Õ ÄËD‚Õm,4÷·°Á}ÁNî´Î±Œq~\Ç€}v˜ÑY“‰|EG�PB™DB»ÝrqÌ@C€2@b'ÞB}}*Æau›ˆz�W$LñW›—57ëÐ�ݸ$‰ÈiRªyaiŸU]�.:pa¨¨P{w²åq8V=ÉaìÆc/|™i¢9
Wã#›CEdW7³´gw¤{Žæw<@«~ì²Ûa À€éçCU À®rrZ¨þgÏ|å½Î]¹ÀðÁ %w„0ÿxÞHwÄãSÛ€âðO�u¨u„r¾S8Ø,…"–Á¥OõÈpF×DÀ³Ã8`2Ó:¸‡Td]Õ;`Üw'�ǼlïÁ°·�ùp˜:ŽX;§“fÊ?V—kŸRî몠ØGÈ¥óÀ™<¿Ü°gn1×,
¢åÜ°JªÕŒ(”Að§�’ÃMç¢JCþj݉ƒ[³þÑ	WF˜Å”N|ÿ¸�ŠUÔ¼@³}S‘sê(õ&åÌ¥¤Ãï8‰3ô_<€k�5b692®œ†éœ10d’Ò!Íû‚ø‚#õä~
·°ß¶¥ëI;Jyå··™÷ødþ'^k»ïN¾ó짮äë	|¨œ3µ«sßÏW£¸Þ–6]yýIì¢+EBNïp@àÏ맇߉æ]ž„ªoŒãx�f¬Dœ^qÏ(;¿,"Irÿ€#WlĤs#Úˆ¾ž–ü™*g0‹d‘¨!‘
+æêúà�^K�«ëK$Ã;º~E¸H¿ü­º˜üÓI½.((½D`/XC/˜¥œ¥5Xa8ái„xþïT0âÄs5økŠ2£àg¸PµˆÐg~N
ûb_¨	W.‹(=ã1¾ÚüðLO4½‚ßv ó¶°nž_�¤¯Y$ÚÍãx1Ãi%sÃìÎ-Þ²kA–eÞ¯ß9´9—1.Êœxɢ뗙$ÒoûB%0j	}4…ÀoëWüŠƒjÏãÝivà„ìÝ›<ž:�ÞW3¬
+�ÈÚÅä¹z×G'ÉËRò2~™üÃÿ
Q±+
+endstream
+endobj
+451 0 obj
+<<
+/F2 13 0 R
+/F9 84 0 R
+/F3 17 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F8 61 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+449 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 451 0 R
+>>
+endobj
+454 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1462
+>>
+stream
+xÚ…WßoÜ6~ß_at
êbÅ–dÙ.°—vÍ~{X—·eÀŸîbÔg_-»Iÿû‘¢tçDiöd‰¢(ê#ùQNr–çÉ>qŸ_’÷7W×<)rÖÉÍ.)꤬‘ÉÍϧ�Úd¼æu™¾×ö~“	!ÒOfg&3´§2ýC^¥‹î7ÿÜü~u-Φʊ•u’ɆÕÎÚl¦)ñçJ¹S¸¹7‘ÎY^øu4ðSdA¬.½Æn„#2Þ”éA£[ßp"Ó;¼Fjhe±f‹#•Î#Iº¡í—­ñB8¤tŸÙ#ªÔ´Ý-/«–V?£UÌvÃ6C’¬¬VIÐ]7ìíå&“O�tút¯�@óã
à¨Jç{C¢Ó
³æË‚P[R—ù¸Ì~«¿ž36ßßZçUN•Í2´s7àŒâáËÀEž;ä�ü
åã„©"
ÚsXžºý=jÌ´n»­_wÏ4ÿ}!’
+…TÆ’UÜ/¾%�õ6��]È`¬÷ºìL sQ2^®/I�gÌUÞx``°[úžFƒ>xºüD) G3íB³^§8Ž¡øº‰ü”þ\U;
{HU/ Ý0À<›ìL“À"¯˜R£ìU!¬¥¬ ¬ˆ!ZÓ}?bàld¶ÊY¬Úeˆìò‚M¨@L\UAuÍ-š»§éöȸ`\ü�ñPþˆøóýPg
B¸Š1˜ÉÚÃ62%�Ђ©Kâ*À˜˜3
+‰Å4Ô¬€c8¹q<ö]«]”_f«•3'Ê’Oî$e½j¬dBz½v§¥ÅÂ’9¥¾,WÁÈq|Ï\j+ëDWõš®@ÛšÙT¥Xõ¤Tfd(Wþ"ý¨!š
+£Éäù4î'�<Z¡ GCªm|2zÛwƒŸõÝݤ'¤Ä*ÇíY;BFÉ—q�8+•K”,%“å9Âxž«R^J B$®…&­h€Ô�£’R
EšæG
uÜ.½öâ¯\ëƒ�¡tœ±qé·´É—.M|lð”ÑßÁù·¦#âw•¯h½lžÐ:¬QQå'†öb°´å—\"Ã@Ó'
+6
+}Ü°öy™^oj
d7‚PX#*p—Âb	á".€ßÛñp DêÝn-ijœï„­À߉4æ{=“Ò—e„ Ä^бPší2ÁsÂ7„š=Næk7.–f˜ ®1	
­a )>KÞÅ�¦fX¤ŠÂ�uÑíI¯˜È•iñOô”°sÎလ›i‚Žá÷ìÎЩÈæ›ÛÛÙã—7ïÈ6LÍÝí-~vðy÷‡3lÁM—G…„XEœ$ž­FtÔàC®ðdäèðñ�»¤™öZc†5~ü…5Ø<5�úpì�gQßÔfãWõ!.rÉ$O²“+/xËsËIûø#‹š³ºxzýÞšïÝÞi| k6н÷Ü"R ¨!pÞÁun§?9‹²f<þÞEÁo»É@Õ~Ý18|&ÿ66�¦]ÜÓÅ9µ:Ò-9¹>¥»Þ¾€Š©fÝœ.ÿ¿å�¬ªçÞÉ
+Þˆú3â`,M5)"Ë÷†ÆH)½¡‹¬j—>(GRußi¿°d–¬3‚�KtK»Ú‘¨6HÚÒ#v!œÉt7�{ ¹ŒV
+�»"”|�¢Rúç3nð$¦<‰¡æå0Qp3œ¹?¾ËÅ9y¯ÌÜ^u¼Æ§6
+…ªYU¬jámÌPp4kʧ;’Jl¿Àß²¼q›kÅD�-“Õ�Û\3Áì¾ýËÁiU•éoC7Óèºëã”)$þçÁ‹qúAûÕ„Ì¥²‘.äB”
mRíȬ|
¿k<ôøïá#€žÃCí`)Õ‰¿à�¬ïxΑ«^#NysIºÐ¹KÈÉNßõžÌ´µÝ~)zéI^@¹Šòе ìaçuo8Í~£†¤]Q&o~ø@öÈ
+endstream
+endobj
+455 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+453 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 455 0 R
+>>
+endobj
+458 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 669
+>>
+stream
+xÚ½T]oÚ0}߯ˆÚI
RòEK*í
ÒRµZ»iÍ&؃I±šØÈv
+üû%¶2
+ƒ¶Òžr0÷Ü�ãsmØ–msC~n�aÔ¹†c[�cD3ÃéŽg¾]�Í0…�Xxžkö¯:À÷{fHó’¤:ô̯˜ …n,0™w€ë9}Ç.;¿£ûîÈÛ¤vûÖe`€·NÚ
=×7£ó
+õÌÎ�B1%‚ÑLŸ‹TOQ
+_0-˜úIgê›É.*„É¢
+¢º!™™²ªÃ6@9žÓk×_0:g0ojA� àh«üíãO~ ˜lŠfxÊ [[àØ=Û¼Ya.+W“8+�j}?Whyª¡T[Ö¿Zí¬µŒû
+ý¢…–¬ì}k.©‹·/a‰EªPV5`ÖÞr•x}QsLH#ÿ&ÓÙ陊5W�çˆþ¦ÉF˜qq¾C@HÖ
+ð5(_âú�)&IÙß’ô2§åÄû*AÎñœÈµ>Œæ
+u‘ˆ»wZ»WüÏ­¾ü�±î…å}BbÓ(-ø®a*s+Ëç0Ög9M�õºWéüz;@×&ožžb¦Uà—í�õ
	Bµ² ½ªöÀÌ)ŒŸ—�%àgXR¦%�ÐJÏgòuùË‹³‚ÄSíWóÚ£õºÌ	e(y‹†ÆèR±ŸÑºY»ædQ/„cG–×Æ<™LÀ·ë“êMt‚Ö¬q
+w½4*>lâË+;>hÂUÏåS)([ï¥
+)UÞîD¬ÁãÓÝ¥’}��VJ…+”Š>N§v;‡eê}D¦~½¥âÛLBí3ïâÒ?Îg’6œc¼&)ƒ†rXÇmØÐþ‹˜ïðà¦Ùñ;¤ÿCÊ›èÓítvÑ
+endstream
+endobj
+459 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+457 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 459 0 R
+>>
+endobj
+462 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 919
+>>
+stream
+xÚ…VËnã6Ý÷+M€ÊÀPãçÄ.0'�iQ @[x7ê‚–®"62©�”£è¿—OI–Í0,Räå=çÜMÓé4zŽÌã—èa÷éÛ<šMÓÍ,Ú•ÑlÍéfí~þžlÖ4_Ï׫ä
‹j‚‹Eò'”À�æ §Ëä	ÓÉü>iq=ùk÷Û§o‹þ¨ù:½ßDh¹I×æ´q–=¡,{Dß·ñOÊüóý2i8	kªˆ�ŒŸõ)Ñ4B
+Äl96{èÌ(¼É±Éüsº0�èUí[Í—ÉkË$ˆP
\öÍ7fãЂ”×ï?Xë-ÕÏUÂê	y®ÁN÷DYÑçt‚fÓÕ4Ù)v¡ÂMÔM$s»�•¬Ü €·µL‡LWÆínûàpçìÐÔ áŠšCö„sμ£
+K;ÂܹÈ=%@ÝBɸˆ
+êÚ	•Àq.	£×šß)UŒ#÷+ DŽÈ5XÞØëè½5±cÿ¾Ýýúåîýø7Ë@¯š?¬&¥”ñ�<°Æ*ašŽ¨Yž÷Û‡
¼Ÿw#„‚\\ŠØx«(ºÓ¨³Ìk&|üX»÷©`܈à¡�ù�Gˆÿn…�Z©1’±G`<„Ͳ¸ÓT�ÍïíÃâ
Y:¥ö8µ)o=ÍEHªô¾¹
+"ÇÍ;„‰C-àµÕ=BŒd<˜¼Í&aBŠCÏHM‚Tþ0Â\Ê–·œwIïsÞw˜A2¼¿\ÃÞ¨©Ó1Žƒ|·Eq)¦m
—¡æPrð
+vXkBá£ÃT‘Ü-ûVÒÒ=kiqÍÞ"å)‡‚ãrÄ‘>4ökW®GÌ	î’˜Ñêé“Ò›BÙ^|he
+÷½Üéÿ³ß
ÝÂùË
ÿ§÷¶â² �D�ñ¾ïb¥ç—â#&µáxåY€´>ô1ÃÆî}„0Œþèä’“ÆÉVaÝG��ÿ½O	éS¯òEÍ
›4	C#´i%:€Ä]ŒB¨p]³“'ÏP�UõÎÞ‡æï$Û|Ÿäªw«NJuÏÐÁõÒÛùSU¡•ämºïa¢î¬!Õ2œM�Ï·Ù�ˆ�çÊ¿Üûìw¾U''rYŸƒ”�"þšõ—‚ó§!#KÚK1€tU¹eÖÊw‚{qÏûôÖ0`tÉXwvÐf«©‹ƒzqŸêªýAðÒêåGOøe¤«ªN~Y€~å„©e›ÝW-ëiÞª‡�T"ñ3"¢gª-¿î~ø�kì
+endstream
+endobj
+463 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+461 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 463 0 R
+>>
+endobj
+466 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1559
+>>
+stream
+xÚ�W[oÛ6~߯0²>P@ÄŠuëË°xM›¡i‹ÔÀ0Ì} mÚ"KžDÇÍ¿ß9¼XR”"^^lÞÎáÇï\5	hL6ý÷ar5{{NX@s6™­',›°ˆæ|2ûã2ÝŠ½’�çGQH²wžÏyL¦õn'ª.FäSQI3z¿*TQm<?ŒXÆHž{ßg¾½Ž:ÕaFÓ|âóœfZû¯ž‡œ\×
br=ûŠ2“`âf ¼)Öö˜Ú÷wc½{1ŸOý›‹wæÌÅF*£k>¿õ»ø™€:	ì?àNàÖ§îü£¨îýR´ÊÍf¬ý�¬V€W?œM§LJûðòLÿ&FiF9èKBrUT+±(‘Â4&wR¬JChzâ¹5êú&âhTu³mÑ‚LÎH+—ª¨+œ„d%ÛeS,À"‘ö@ï
+˜-Ýú¼Ú
+eÖwÂòˆ“€XfÇLꃶ?ÌUmdï½0%òÑ¡ø÷ «¥l©ç',#{Y2š/ߢï^
+ÄËbR­2£GÔVÐñïé†É7kÍÁ…Ã	;ò‡\´>u<–å4``*¼�õ¿Ž¨åŒòЬ›KTœ‘uݘۄùÛÕ�4#ˆ�ÖáÐN(-‘“öP(kV³eå+s!ï.„h	(�úNTTà”Ír„-‚ð±Ðæaœ–òra +¿s?Ö•Ò<·ÁH<ÊÈœ|“Ò<øÛÉ‹`Âihÿ\‰vk†W‡¢¦ÛïøÞ�‘½ØXÑ(§sóDÐË°^‰�vA–’c¡¶5„�ö†<¥,é¿^;€KpÎ=ÌÐÀ:¯`ê\
&ÎÍpƉhl":Tx5uŽ
+«'O‰00ÖâP*ª!8Œi”k7úx
+á q€ö/ËuM~ËZ{d©½•
©s£½‰˜B£R#K@‡îh#×àPööz€"%ËCÓH«Ä-´èY8¶—´"£„yB�û²œÓÔyÈN4÷Ïቒ!m($C=K!B¤
+üëààÒŽYjuJyð0•¬pIoŠ&Ám|æ(l“”F.l[©üg
Çàó±=dóxtF�¥�¦äe®±¹Likj,²êô±;{™'*!ZYJÓ¤Ÿ½4&ía:ƒ#jÖiýN'Hôg»{zhß*aLƒŽô
’6²KN;E¬«0
r�FXÌ)K
 §Iâje¦ÊL»4uåÚƒ|­SRÊÉmíEŒ<<—5mï®Ê,XUÁI¿^û¶†@0ÍÉÔó#»¤4ÎúLÝê2`D
7†MR«D£Ì°^?Ùø?J#:Bíã½Ðe€¡l±…šÜGiÄò'ˆóÿ‰Xºü2Â{.<¨GѬüåV4¾õëð¡2\…Öí,y¸ˆ%”¬sP-ÄòþX‹×Ám¸tÿZLÑ€©cí^7'·/1?‰=eÊv2hâ­mMZÓžv©t>Á¥#&5€ƒ5”Gä//‹pÚšs¶$…˜—\J”O”–R)�ôqâòÌ ©\›Bµçt2Ú�¡Å+JҾђÌЃÿš„$?Å*¬é·ô÷†±
+ºtº��}#ŠúКóÚ†½˜çö`×°ƒ!{#~“QŸÉˆœ>PÎgoYJÑøP×uMp_žCÞE±êZ'Á�S„c�PaŠÌYwÚ1–èê;˜>°»
+x˜y0ÝÇ‹RöJõ�ª÷ã¯Ç]—�5êsèÒO9ú‚¤×s(»“ëFê~²ý“$ï²('W�Ö¢¦{»tù¶hûõ×ô¦Ò'ºÿ{¦ZZ4Ãb¾\,EUì¥0ß¹¸­[Üúß.uóøb…¶VîÕ |~–G7åæ*xÄ�T‡¦:§¬þ®5ÂkcÛÄàÀú
Œ �€ŒPÊûÊ8ÕÇõãV6r Õë(a±À�7ß27kwªh‡ÊSâVªºòån¯LCQŒ-h
+	pµ²ÚÔ8nM‡›tîÖr¨WÍÇ .ã—@³²­w:ƒÎP�sý<Û6�¾ŽàS+ŒlõñæÛlúåóìî˧ÇIÒõZ§.zø™•öÔÜ|øüåî½~àûÙ/ÿ
â£xô
+endstream
+endobj
+467 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+>>
+endobj
+465 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 467 0 R
+>>
+endobj
+470 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1577
+>>
+stream
+xÚíXYoã6~ï¯pŸB‘Vu
E�î¶[l� @7@š¢alÚâH†(¥É¿ï¤Ë›z X O"g†Ã™o’Z~,¶úü¼x}ýêm´¿×›E˜/ÂØ/äâúÇ?DK/ʲ<¯•Ù-½8ŽÅoz£]­4N¥¸RÕ2ÊD§öË?¯Y$™ŸäO~N*—I"TSª»½6þÒ“I,Þmpi*Ú]ip”‰}Yi¦1%Š5�‹uy%™^3–µuó<,½äa»ÓK4%tOž­Kû-�_“åÁÂÏCö¼l
{[7嶬À9š™VµÚGñWoã
4½.`=|bZhôcYwÆí‹ñÆ;Ü,yýt·¶OhùU�˜>.Áu22·wj…´ûVÕÛîÜDó`´›M{Éô�niõ®¬¶GKœ¥<[ÕªZŸãb¥ŸÚ¹{Õ'º·©›¿‘¨šõ—ö
ýï"2ñNCØ+PæÕ›c/¯¼ï>ÍKÈ4²»7
³º1Ö:—‘R”Õ¼Î#qNhtµ>iö÷_ÈlÐo«csÄ)«C×Îl¾d=¥¯ýË£ÎiN×@[Á½Û½µùŽŠ_÷!µlh?ge(d¶nŒöŒVÍj7ÏÕæe8¸¼ÇÅ”Y°PÂÕ¡ËV¦BchZ¶SFB!2´^ÂÀù=�å­Û(KX‚Ìãn•„â¶;\85®@¾×	îxãÆÅÑ<TÆ¥ÿJ£\öxRÆâÚv^iû-HW.€«F?X û¶×cpìXÊÌa7çdáö(£þÀ„âQ̈G.¯¢I6±¼Ee	qž "·k"ü]]ð|À}¬3Ø'NþÈsÓªêÊsj@…÷r
\�w}�PHC‘ŒÂ@ÓÎð(aF°
èߌ]‡9$!¯P–ß6VW"Lw8ìKº¢ÀìWY;N&LgtsÖ){Ò—‹ëêßÎ_ùUWTDUüŽ¢±‹*IX�ITSŽjT„“¨¢ Eµ_÷QEÒUœÝ¡žgÖòYQµ¹(Ú º(~lñN=	¡L䀯„8á‹ÔJ¤’ã,«™â\Ç1žíÈä]T£Vpð¦Ùƒ¹¥ˆÒM
oÞNÕJ'ð.g­øåˆÃ`šK¹t¹,Î¥<„´o]²<´Ô¤(\K¶û*þœ®k`Œ»*©xý<7z­7ªÛ»û¥{«ô—HÛ´m3ïh„%uwÞú(	 ¯ÞNÄùÉÞÔ¡Ôr×>a0´Ž<´�m`‡Co"-š¥m9M…ŒS�·ý?ÎL…gUÝ{U»óT³zùïùœ$xWA×
Äd`á‘A6¼,�
+Z»‡Y’«YÌʧ£g ’{ÇH´5xÞã¥|²…Ñ«šeRŒ|
+oåõ»³A6pI0~p&|'iÌ·†bZ	]ù÷²ÝY±Ê~Ç^Jr@)’‘Ç`
+¢3S?H-£šàõ‹QDÍ6s'
+“Ô—á9úœ™T5ß�
+±iêÇ‹aQžN®,®$GÐäãìÖ�“Š{ņ9ôX*7~I‹-Ö-¯
U*pzkg¿B‚›%„ “©ø
"
	^é­jËGªu¦åWìÐ4Ì>g˜Ç¾ÌÎŵxâ„g¯�ô*Å
�\cN� ̬»Qúÿ^âWþ·•:Haðbª…IèGÉ]	Ë¢
Ê`7x$ë5&^šŸØ„/ÉiЯÐO-õܵ´ärcJÉ€YF
L·³æ…~îòø[æ£,÷³—Š¦È-óâÄßýtP•)kûžÙ©õä¯-Ýpyë•ý§w¢?‘†³þ¸W¦�6HŸ7¦³HWÞ_ç<h\¿¤F;šæ0Rè·Gî.§¹œ–V2”çXeß©Öø¸;¥nVr#X÷Ó£y¦:”ÐYl+Œûvœ6øKfYÔwjú7ô=A*í­ò}y�Fêyš¤±¸¤žO³¬È}WÇd_(Þw+¸›{¶ÝÅ¡ŸM’Óô½#Îr±‚“Í
+û#vbFøq1¶¢O‚c3²ÜOœøöÈÅxw1âÙp!ÊÜÁƒ
u˜¸_‹pÓç^Æ—!+�žýtýÍ?u7œ
+endstream
+endobj
+471 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+469 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 471 0 R
+>>
+endobj
+474 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1756
+>>
+stream
+xÚÍXK�Û6¾÷W8@�ÒÀJ©woÉ&)R¤=.zè(×¢m!²èHò:Û_ß©§“¸·žD‘ÃáÌ7ßÌPZ~¬ö+óøiõzóò�XñÀÏùj³[ñlÅC?�V›7²ûƒ<uªY{a(XöãÚ‹¢˜ÝëãQÖN†ìCY+½-Ê®¬÷kOˆ$ãŒ|ý×æçUœúq¶ò¢ÜÏŒÊJ¶nH™lö磪×"ef&azG+Jn×"aš­ì)+kzvç¦öÁ˜8e›ƒ];”m§›g«àóIÖm©­üNnË
+¬S-¾gp²ÝtnUaUjcm°òÀ{NÞ«Ï]#·¹×¬ŸÎ�pp aÝa$[Z*�'Ñ°ëoTÿò]8:
ý4…ñ¨ßÓú8Ü�b»ü)ùN}ŒØAÚˆ<B2¦TM¯í‰Þ·åƒˆSUøtÇ(9ä‰Hø‡gê
+RæG~¸öâD¸h£_iÌÞ­sÁ4"��õÞ„—6ë�êŽÏPyQ^¨JuÊÛ¤%Ö»÷Š‡õ
KHlv¾1;!ðˆøÁˆ*#…L�DÌd‡Ï”‘ëº$Ž
cR²÷;Ú7]¤¹²¥§SÐbAokã0.êÝÄ’ÔõiàplÄ(rÀ/
+Vkznñpg<ĆåQà’^/z†y‡sâ¡£Õ5
Tu¨þ=…œ°;/8'[g‡ÝLês¯_/ã8ödÄyÜáç™eî]Ÿ=–��Âì¥=ÙhOäg¹Ý£ÙE6d~–Øuaš' ¬�eÜ=ÊíÇ‹l
+oF·èöÛùQŸ»/0.¿Æ¸0\.ó9СÈ?%ÕE>>7­n°ZE{Es†rP:šrKªç¥0`GÉmUiz~,«jP¾¨Vs*af•uÛ)W´­IJ[ŠÌñ
+ ‰aEõ;Ý8¿†ë×�¦9Ìs—9ÁÔvZ&R:[àqŽ°ÄTˆTªm犌�K»HÉBÊ�&ƒíöE®Ú¬!›M߉2v9”d)¾BÂÉVÑE;J玠Ԕak,ŽÑX\$TäK–°×Ï´Z¨�<W¦ÉÄ~�^Ø[ÚÖcRzh”Ò&Òšâ/éõ#šªž×YȾʧOg
vyÀ(Õt.à÷Þ'Ò©-[ÒêUQPÓ ,R(DØ9Ìhaº,c(f¼I“Aƒ½&ÀèÉxÖ<Ê®jƒ+®	ž”J<>¥.ö«¬÷ÆŸЭútVõVY¼«’$Éë|TÒrßõoÄiQÑRŸ§Ó*¹s0ªÏòxªÔ•¸ð(òE2L«ªÝ,,òŽ¢òhõ¾²Onç_Øwß÷o‰Öû‘ògôUqáÔ[h7¨º=é–
+E;ç¶òÛÈ=¥ …9–Ö_@O¹qÂ.Ã`ŒÌ´¾¦ 	Cà
+lµŠì>~í¬"#Cx_Œü8’bª°™Ë÷,¬�1Y“Xk@ÊÜaÁبª
+ˆ›pan+8Ý+¡HÓµ^ç·Te(ždòx¯)|80­ ®7[øDœÙ¶-"[s`؈ұ­r“xè:bvP~¡L„ù´m¶4‡†Œöss8?²_Õ2˜’™¤ÆmòJ<È!¢Ôÿj[òÜ}µínitc/º)zÆþò-ÆFƺ«SD5±.œ“5fTÖLA:Ñ7Fì
+$¨k�¾#b.ö›‘&Žƒ¨pNÐáASe·„st"ˆŸœ�ùÁÇ™á'w)ƒ1?áuq0§ÆŒk†Ÿã½ÄOè¹V׌yl™hVçLt[–½¼ÿf›°'œ—öƤëÉç^d	ùíBw>áuÀpf Ìù–"÷ûÉv¶Æ^(f¬Q=5 =P¯™�®*jbf8ÈÈ;w0<yÌþ(»IKZ¯]R%&G°°�’êŽøp>Ù�ÆÆ»rÏ$#ǟħF=•úÜöˆ&h‚ý$~<[蛌ý娧ù:ÒènÍßN×B_ê+ÈW· ÿA÷lpà‹Ðæ&à0�ÀÀûø(?¨Hࣴ¤G=­h°c¾ð+gTψE¾|ÚÎ�ïo†Ñx1Ðývà·òTv²*ÿ™C¿½¥NÞ÷»á0瘋óðæbŠyÐcæáóp‰¹ù²¬ÿ°õ“j.M	ß[G]¨ÿò½µÁ¾Þï+Ü•ðÉ­Çh¤é£6_`ó�C‡#®H¬ˆ‰ÀÿMU¹-;zse·°Eáé—-îžU—$cí¥ìè‚¥®4ñÎÜÒkvâôØÎîG.Þ™±Ÿƒ�(_ëÚ»b«YÛj²tú?O@sµ¶&ÆV#d¾Ý|÷/1F”ö
+endstream
+endobj
+475 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F9 84 0 R
+>>
+endobj
+473 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 475 0 R
+>>
+endobj
+478 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1668
+>>
+stream
+xÚ­XK�Û6¾÷Wè(‘"R”(¡§æUô‘Kj (º=pmz-¬,-$9Îö×g8Cê½Ùu�ÓrùÎ|ßp擽(Œ"ïÎÃ?¿zo¶¯?p�EaμíÁc™Çâ0ÞöÝ¿>‹ø&àRf‰ÿFµÇMDZÿIt£«�6ÿ
+ÿ£ª6\úgUnþÛþî%2L2/y˜¡‰¢juÓ™­‰ªÁZæïu¸	DÂüí±hÍJêïêÓIU{Ú¦nx’ê]g×êª|4¦_ˆGnæi(¸áú¤v-mEó�çvÞ,á柖`›Hì¶ÏÅÂ
+KBÆÆVŒÿäçžþÕÎOÃç�™i.MÑiÄ®MC.½Pe„ê¾À
Cs¢ƒè2áH„ðß«�™D¨¹¿SeI(wõp-µž5ZíË¢Ò7þÍfB
+»¯íTC¸r`†LÅc†ÐyÎ'ðnâhà7sˆG+Á1ˇó¯Ì¶Ø§`T£v�nZ:z‹TÔg¤›³ÕÐrÊØù¬ËC`�\„Y {J…Y	—tG7Ð_:©Žî{ û!|žú�%)ÉBN%dL�…Ƥ)ì9BŠãèáÜ‹êÎMk;À+D"M(Ó¥¦¸;"É@oƸÿv„…9p‹px°^ÉOJã­ÚÝ_T³Èm»6Î-]êN;¸g
¬”/ÀÖ	¬xFe	y¨ucßû>Üt):[mjÀ¸Í!ºv”Coiï^Ô¹ì^9'¨ÄãbÙi'ÏøX†Ü	)<fªU”›ðSzrÃeY(B±	’”ûe‰ÌÅ2ñAã0øg“s_U÷feŽ;”GƲP¦hì,æ�QÈ7þÛà~å±Ùú7d’¹y³ÍIšú4Àš¬ÒÁjÒitPøšP‰ýú0[1Ž…‹$,CŒÆ	4	'Æp¾�©OçÛúÜ=Z>N¶!´[*[÷SÀ¼õ®žn“鮨*"£E›^ʹ*¾`Á¾hwý¥&’ó·½O^ä½ãfü>ÎM[7}EþŽàÀ‚«û×E‹|]Žu©'¬½œ&A	¤
[Ôe³XW´FÅ&œ¯ôÌó}…×*XæW5m>©K…_ bÚ£ól6sEE0ß¿Ùß¿S&¢15C-xæù¿²zHŒ�ÁþŠ´æÜ¥ŒÏ“®Ù^Ãíó„
Ò>¬Ìi‡³3×°O
+“
+ö Í¥Îì¬ԺšlíÉU'€ÎêEìW}	º‚Á 
+�Øÿ{“qßbÆGýI5…¶\(×
+zk­:Ù‘jÄpЂ¹kæÐG°ü -‹ÅÖi­‚c£¤â§«Ù”jÛ˜—…yŠ¢‚Ça–A]'–�ˆÒû-N\<&¶RPr!hà“ÇRÐ�Y?Qz¡TfÜ“a.Ñ ;"g´ùîýŸOX5ÅØ*MôVGn¦Ì�ÞNz©	0c]$+9dy(³•¤fVœÄLö©DÓ6å@ß؉iÊ›ôˆ³qzØ3r’`–ÒýE6=àÀZz€’Ïâ¹¾YÍ	í\<�šu–.Z„14ØÔ†q¹¢CŠ˜`&æ˜Áò3óD“È?·ÔÌñ#Ie¢D2ÃÌ ‚Sêé;ãGƒ¾a>ȶÎ%“ûzåÍ*ÃÑVYÕ.}mx]Í„¾¤þv…Í|E©+`x†ñ白zÌ(x˜žËSõ‰ÍHôÃ
0luÃP¹ãý5mIß³pdgL�Do.‰»}�ëÈÃe…´ŸqÛ1œz?—}DˆÉf„ŒjëU„Xù¬›âÿºêT8^ÌÉ;4a«¹SHhÅ•'Í;uÛwû9ãeÙ<Ö$¿ø‘m¾
ÝårùªÜ[×åEõœn£_Þè‹f ÿºX‰ß]ýðhc
T‹mßÖæNã­´B/–}ÜÒÆ-ù°Ôã*­œ/Úëat{¦Ÿ4LäP¢ÚÚš³fwÊÚµï™f�/ðõÕ§?lè?˜é_Õ EŽã/%‹'ù#¿(ŸÇÚ¤¾~á~¢ Ø†‚"@àM>¸…ý½b¢¥­ôNõ™
Q�ç-�š’ET‰æ·DKag¶¨Ff Sä‰(”üÅM<î›ø“Ïg O¬=¢�ºcú}Lr#²Fµù›hÐ+¾£F¯'v­DD½€¦éC]–øãØÅ6ýh哜ޒ`ƒû–`4"P¤©ëóó{–ʶ�ô²f¿ŸÀgEú}â¼>Î?}-qÑÜ
+endstream
+endobj
+479 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F11 414 0 R
+/F12 417 0 R
+>>
+endobj
+477 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 479 0 R
+>>
+endobj
+482 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2410
+>>
+stream
+xÚ�YK“Û¸¾çWè�ª¥RC,	€¯ä�Œ�ujSöÖsIeRµ	1¦Hë’ßž~$Djv|"�F£ñõÜD"Š6ÏúücóîáÇrG¢ˆ7‡Mœob%
+½yøû¿ƒ÷Çò<˜n*%ƒüÏÛPë$xßžNe³ÇA|¬íŸöÕP5ÏÛPÊ4�ƒ8RÛÿ<üóÇjæ–ñ&ԅȉý¥l¾ðâÇà}xyÜò
+Oš$I±	A¢˜%ú×6W�]&ƒáH›ë`hĮ̈=ðwšùRÕ5u$¶ªf+SXsÅDOã£LR>®Ê�G�±Ìƒ×dÁ Ö‡r2f¢Pӱ³“è1øôÖÑZök;”Š’V&h ø!J~ý"Xñ0qAqXYnéó(hÌ‹åОÅ6Lr‰*“A;2á®lx¾mê/Ù·nϪçVuð¥’sWµž`ù—±ó‘‹—ªI#‘&°dºë¥d*m	xƒ«õ°“J½õ¤Ô%�š˜Æ^NŒ£‚.GFæP&"&š\h‘€bR|Æ’�ÙU‡c#K‚_Æ“éªwî»gè6[ÃúxŒf™‹´ Öûê¹Â’×®Ç€—ó²¼Il%þFëSg"v'º[­.f•|
+ã7ÓÅ!V\T$âlbþ.›Ø
c©| Üï
²ÐC²HXÜDC£/Â	©¬ŠÈq,ºîL¹¿0]¹Û�'„÷X—ƒ…~$ 4Ýe7XF<B §•Žñl©Þ¡#ßÚ¦SûpŒDîn†véYƒ%óò|E±
ßî�ý|Ï�
Ø|Ç06ÕWÓõe}tßãX·hŸø³,›tÚqç…Â|Õ…©Hí0ѳ#˜»uLáß8-“àç“Ø‹„ÖdäØqƒ‡¶®[Üð74{æ÷„#v÷âÂÊaà*©ƒSÛ¡¥…I�7KÛóPµMY“g‚É—j8r«äO
 aK…Ή]òØ3Ͼzn,ŸáØöWümÛ€Ï;ÃÎ
yw¡/)+Û¿×P«œ£dd—Å…çü$ë}½d¤ç“^�Â;0¸žof7RÔ\bGf±‹^ÃÍÊ"íïåsY¡³×pAÍÔÎ¥Cƒuç|ÐøXFñ	
qà¹Ê®&¸½T½å
‡‹Ü£† 4Ý÷–Oΰ+kÙ•½¹[ƒ‚¢Mê ‡­Yµ©UmÕédöDHBGzƒ8:é:)Hd‡?–]¹ã\&A5Px÷Ø7¦b[ÂA»�}Ø
+„â(½`”LŒ]J
$¾Ryd׎s7�CXfÓ’Æ|£¹ÌS“œ¸);Æ¡:ו±sÓ™‰á؉µÌÈ^GÅB"åV¢Ôuq#$¬ÈçØu¡=ß¡‹Èƒ¾e‚¼DÀׇ‡±Ù¡!s�†h|]?ØÑêdÖRžÊ/d7„¤Ì�5[ñÕ]<5�6fø�”f×’î M›QëöùòžÖôÕ·p
ÝÁ˜ÆFÙ)ê[›‰6‚óåwØ›C	wg3VF;'N^Ú�§žÐƒBÆƵMT§0ô…Ðe›ë[	�
WùNÊùÎG3Sžó+¸Òš“wè=lU\0Š;ôa[pÌU™‚² ò­ {®Í`®“Ÿ8Þä¢H)ª�\�¿Öß‘TúÓ
¼l²TDÙn1:Þœ6…Âxìúõæ3+±Ü@DÍ�›[�B¢È¶yÜ¿»Í7Õ¢È=¾ÜŸøÎR�Âyé
+¡jur%’ýjŽ$cq�$œs:cö‚èkùke¾à„#¹S#ÙöÝ—3(l�“ÀƒÅ(¢âÀ²^
ÛKØüq|àˆþx±ËÊÏÌ–d"7ˆàòæ|ϮąáìåѼwXr¤yð®ì�––lWúçÂþYŸƒ¤vEO§[‰TöìJþ|Ý&»«ò©FÒ>R(Á9ö9ÒéIËÂéé¹j,N.°õÛ:ýÍsDGß?®S3‘I;ùÃãÝ"ø�±7]Sžo÷;²ð�å+YðÀa\h‘ù¨ùíò"—üïmÑéÐÀ¢)ØŒESN45‰¦–¢©IM궚²B…Ýîo·dQYr›^¥O$R³«G—ÛÁ×$V$›”£3.Ôô`€P©Æ
e<ðÆ®¡ú×fn0Ô´äí ÕÚ8o‡ÎeËÁ~ÜѶ9øœÊa‡¦t¤
+\R«�U'Ì_a*m®ƒÐe+ÀTéíçƒsÛ÷€:œ9÷óSÂ_¿ç•äcÕWï Ó3³æ¡½|<QSL²nØA´•«Þ>@ÊtÃíSýé{
+ Ÿ‰
.ÃçW�dyˆÄÂå÷*�‘8p»C$_ésiÉ)‡oÇzÏÝc‰ý¯”lÎJ�Ži˜àÙ4¦ƒu¿€ÍÐV” Aôúµ/uÇz~<¸¡ô8Ï„LXë’S*ÓŒ¡–¿·Üü\�ªºÄâsóvµ—.0æF×aÿÖãL<?GHpîTTHȸ;s®K²6ìqhƒk½ÛOÓ¨ÅwÜv{»‚\¶JþôàGjK;™/»�‚4î{�®=qŒ´‰*T™d=ØB,áwa<8äÝø™´ˆ £²±� @D6E¦T˜Ù­ê¼¢¹{й¾«uBÁ´ž�÷ƒ9cѨ¿®Ÿ�®ƒRjéŽ-:
+L-�¢}†u©NkªœÚ�)¹„Â^äi”&ÑãÒžäqWÈ¿Ÿ*
[éHa=Š
ö880ÍX�½©…t2ž‰­ý¡+À.×*èFx<ýD�(ü×ì,ß¡]lÙÛ´x]çn½H:8?Á¾a?\jsË–d2¿žAØHl}P¸BFÚʈŠã"q^ª°•Œt¦ly�*(¯Ëèº*ô$§ö`•èù�°Y»‘H(÷üwjg·Ö¯)Eùú+| EÎ…Ôëıí+ç’!D‚Ã}AyK´j|Ož¢ôÑQ¾v?6O(3ý_øâl<^¼ÂásÖuñ–#D]EœG%¼²´½Ý»]×s¾.Ðd!m,IŠ/ôÆ@òãèlleD‡€ËÊ@V~«ÃÁ)ÏÑö™—Ø€f`Ç–)&aç‚Øw^Ø«TP|)²äf9µÔ()Üa†UOJDܽULYr‰Tºb*[SŽL
+™zl¹«˜¢œ”øJéWSòµjêÎý�ü
+Y\‘_—Çj~ý˜klaEþÃÿ
{ ÷À
+endstream
+endobj
+483 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F9 84 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F4 26 0 R
+>>
+endobj
+481 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 483 0 R
+>>
+endobj
+486 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1515
+>>
+stream
+xÚÕXK�Û6¾÷W(@4PiEQ2©[²y}(ß²9pez-D–¢¼ÙE�üör8¤žÎÖÎ¥èIÔ�3œoøÍðÄQw�ýü\o®Þ'
�£œ›]@E@Y”§Áæí'Bãt&œ‹Œ\K½_…Œ1ò—Ú©VÕ…‚ß”|�õ*áä(«ÕçÍoWïÙ`+4SÐ LóHXs[U©N…Å^¶aÓ†U©;4yCnV¨=ò$ãQ–¡ñ†¢7o­º6å)éö
+Å*YcQ�jAÄȱÞb3
;¶ºqÂr‡²ºé°!»Ùè[óDÝ•u]Öw؉Ú)QõÖ	vW2R•µAŒngÖí#ÿ!R‹%i3zœE(ÖI”ûq7«h¦,'¿šéY[çÍÑ
hX¡
NzÀÁŸA+ñ÷<{°îi$H¹UvE»²�Uõ„®Y:ϲˆSçÕ}£uy[©Ðâ‡"ÎÇQ(šÃ½
X6µ~€KS²Ù—¹aÒ"2dó£õ0pÒ±—™Cp˜%&œ;y¬ºhIJšÄQ¾åãcßT¸++U˃ò¬ü^�CÌ×6\�:Üw8ùM’ñ±¥
<ÂÀ/s
õØabR»¦uùuoª)qMNàñîôpúµðpÂqð´7á#Úÿ„¸z`ªRï²i8¿p*M§¡©#`¯”zœ”yþ9œƒ=‡XJÍ·U²³CJ§+�y‰¿C´Ï‰N¿ØG­Úéb;'‹Åž..#~‘‹;ÍN�†ñhæ@3š!hÈçýE„ðJÏâÛù„H¸[Û„§sB@ßdcK&÷%“ûØ€ho�clÖ66‰HG±�!¥Ó•­Iü½$6=d[J¤²£ÃËÊýÿ†z¯ª
+›«ÌˆÌEìðx–/ÏgGºŽ54fìÑdštM-;FJÔ…
+D“P�ì
¡Js:
+h—NW:ó1T‹mÚ„-»$l=qö�î¦uäÕÿˆ8Þû‹˜â•žeÊ«êÈ:÷%!öy?Ô‘S`0Ö‘xPruÄtÍêH|ªŽŒ™:XGbWGb[GŒø’Øôt�W�
/~`Wá36â¿Ž
¢gƒ˜³AœbC>aƒplŽ
٠Ƈ-AzèÓDyãÇdf»	ÿ1høËàÔh¥Ùá1~Ý–‘õÇ
)ïdYëΩJ©•6Žg&_[eÊ9žP·co0�¾BGÓnat'}!Ìc²;Ö…åŒíj¤0$9–•	ö˜	-d#‡£DíN½Æ‚zTűs»‚ëÆ“†×,kìéö澕ñKµe–[€gëʼn%¸ËÓ˜oЂÏKL¬±’K,1£ÙÈÞ@3{…K Í`¨tæe?­¥Ðb5ÏͶí“YáP„
ܦ}²�Pˆ(_Û‹m&¢„™[/Ë­‰½�ýÝÆHÒàk@yQf.«\Dë,84_G‚÷‚*øh¯Ê4	x”skÑ«ˆ.`t³2 __Ç´àQ’ŒM£ 7=rÖŒ`k4Mñò\.ÂÂlPz@'Xaî:)„ì»…&Ég…†ºBûBCûBÏ
=Uh°X›}+ÍI;}²ƒî¤z™:»¶9Ì.I“5ö�)ÙÁÅ|´	ö7’/,Dœì•¾¨¨—uׄ·­,”(ö÷9yø§-\­qÒÀI21¹&“SþÛZ
"ÕvØÆtÌrD6S—+4Û.M«‹ªÑ'ËgÙím
ã¦(z|¦­übð¹ŸZö.`“´/ٚȲr54æš¾ìšæ
ÑÊI?ªÂ-‹1e˜Q”º/°ýî1\ã^ÖÚ(~v‡œ{yçÖšrxÁ´‡7¬8/jÂ}žˆ(�8l-	ù]=ÝB�F¶°ðŒ|�EÛè7ð%+É#›îdÛ…_n·á
Æ»[ÿP¢¿û %ÆP®á�É�ß1š.kOzû¼Åûç-í:Aö„çå_F0›‰:ƒg¯VáÉ{ð%êÉ=� l3Έ\Ýúéh [
+endstream
+endobj
+487 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F1 10 0 R
+>>
+endobj
+485 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 487 0 R
+>>
+endobj
+490 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1824
+>>
+stream
+xÚ�XK“Û6¾÷WèÔÈ3¡"ê­žšn“N;Ý™NÖ=u3--Ó¶º²äRò®÷ß  ‡-'õô$Av|Ï÷�­c??9?,ß}é{¹t–GfŽ½<r–?þáÞíÔ¡Óf!Â0p³ï"Šb÷®ÙïU½FbèþZÖšVÖeWÖÛ…‚$“®ôãÅçå/ï>†£l
WJGD¹—Yñº^‹§ÕZìUa’òèÞ‰.#÷qñ¸ õâÔ‹sG€Š’T|èšÜ™çn«Aê>“yæv;ÔÌ÷Ýé;eT
¶´¼‰´W<™ºzM|e�Ä®¹<~4FÓí<áZ¿®ìáF™5Ýß[
G¬{&:Ù£X0ÊñɈرÖ�AœÖàÀ¦öænc£ŸýV¨ª•j»¯xOÝytï'-ôIÇMÍb¶9K\N«+Æ"g)p°òzý~ƒÍ+ëÚžíÉâ�|,<žá�4ðýÀ4sÏÄBu@Ì2W+Ä–¾å†ìž
‹<}I`šÅN—û~>uzè{
i‘y‘—-DœîC³GIiìÞ—m¡«JÕº9¶Dâühg8Rôƒ@Z�F£ÕZ”¼Ø”•¦<›€x'Ì`̦9ð	¤€)anÝD>YŠ‹¢¡ÈåÆè3·ÙŒlVz4)Aê¥à\Ö‡cgŠ™aêeó ø•ìƒ8ãÀ�0—ŠÆT�Qk£jŽ
ÔuUÖkŽ–~5†Xžqä*SªUE‘ d{q4�Õ¶å¶Þ�6¡Û6ͱ/J`–Ñ_Ï#I‚V�éÆÔÙÞRpÞsÔ[
$»u‡ðë+"îöUwx!]3ìb 'öe­ª7-ñ®(Þ«Š¶Ýö¸Â(tÿÖ_D%K^OžVw¤Z	À_z%ʼ d,Wp�h»×J_óä
C¾¸â\™@ê¤Sï®q<´)T«Å3¤:T·ÞÙ÷B½¥¿«·D½$5Ÿ¾F�u’¯=Í.�½4àM–áyÞÁÉCãÏX/ü¾&Àb¯;…±L¯Ax^¥®d‰?ºí4»0Gpµ$¯jPàËÁ´.A�ýÜ5ÇúB“!Tˆj«¬HPärüQ´Ãï®ÏSÂ@‰ñÏrÑè–Šbc³Ž|<p¡´
+íÌî[’è`ô¦<	ô_�.WSéd^žà©4ðBˆ�|¿³z~XZ‹“‡^aaŒœ=\¾èWå<ØöDNêå©u,ó¢>TE?<Ü]'/N§‰0µCŽP’Ô˜¤–3ÃC[t{®TE”2ÆØ=¸dÕ.’œß‘ÜZŸ:Z�Gq�½^ÞB$iî.w=žè¿›ÆÐbö�µ$ç¥ìvÍ‘ïQô!€pN%pj‘E®7/KÒ�ƒ$pÿš¡ù_@SÊÜóÁS!Daˆîc/‰ûßW @‰	®c:òd^–œIµ„k ‡´	ÂT¸QŽ næUÏKû$Ã}÷úŸcIoU…E;Jë-›�c‚^œ5™/콘_*SOöûW0€B›§“v*Á¤ÿû“îo¸?â^Ç[ZŸëÂèþiU…7p�mõAáƒ^½Ò=ȼGæW’¾éÚôhU`¼íHTÃ-UÅhx1:Q
ó¾æ–úwrG}>š¸àL«·уn¯Öš¶,^	àe“)¤¡ˆÁ¸å@7Ÿ¸™Ç_Ô<S¦$áØNMˆ/½0c4-R—Ÿ=Ü}é·u<2|s'àèº9nwÜä”{ͱØ1ü[Ý(+e-~ºÉ»’[ŠmY× û-hteµÆYá0~Ç··Àñ›õ—�pس:(‹Cöm
Äl}Ö§‡CK•ôÙõ²°­×ú�¡ñ�ÙÈ<�©ñýM¥ubœ³‰ï²$5D¡- p‡Ë“#FMRk
›Š˜íÞq¯MY0Ýl�û¡SDŠ�.ø¶ð W%MRI2ÓV'h9«Ü}pÏ+Ö¯½a²$§éSaóDÀ¨NÜ>&“ÓMδ€)P#Œø
£àÂm´‰Oílx3ø4J}ÈDKÏ»l<„Ö–šQ.™K$ë0ø¶Öˆ³azË0£g80ÎœÊ]ÉäžUM&
n¬«5·O½:—Þ?>ðÒd¸ÔÆv?ÉS*™ÿߘ}!Z‹‹ÝÖç›4pÖ� 	•
ÒÐ54_…—4œ!8²lÍø§‡e—4¡¤l.¨BîÆJ*ׂ·í€šÉH™·¥ç0½'«k½U]Ùÿá‚n- SžTë"+Kƒ£!C#û\Ò�ˆžëÕþ$â§úÓ„kæí D85Ú—sl�d{À<`PpeAÁÅ%(#{8‚B
‡[
+£ÖÏÀ²)0È‚Àà¦fÂH"‚„½&9†òØ6_&ĉ·…~ëì%¸
+4ŒßüB‰V
+endstream
+endobj
+491 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+/F9 84 0 R
+/F11 414 0 R
+/F12 417 0 R
+>>
+endobj
+489 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 491 0 R
+>>
+endobj
+494 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1973
+>>
+stream
+xÚíXͯã6¿ï_`uŠ±ëÙ’÷Øé´h�Eû€:-Vc+‰QÇÎÚÎ{óþû’"%Ûq:Íö¸Ø“$š¢(òÇyGq¼;îìðÍî˧/¾NwI•Éîé°KÔ.É¢Rìž¾ú%Hâb¦Rª<øR�§}˜eYð£9˜Át•Á¥¾×Ý>•ÁU·û_Ÿ¾ûâël–ÂÉ.e¤¬¸¦Í0…U>›n"iïƒïþßÓÞ…¹Œòr‚.	éòs3�ú+î*ã@ã�tòÙMÅôáK ÁôfŠXÓÉóó>ÏÝ^
±ö"ã÷[ÅÓ´Œdº‹íÁ¬nøÁ›n£§T‘dF:`hô‡–ÏhF:£éBܸ³XE"¥kåvZÄÔÀ&d 'Ie˜|@ëxn×tG¢Y½…š™ªë0k	»½Ú¦3\^Á·–LÃÚ^Àêíå7[•�u¼^.mcê7Vñx©òtB&ÇÖ4º«q‘ºšFž¹‘†©?[ó¯}˜+0É�‰¨>N*<ü¤Øn–‹†X1¡!ÔÂHëo%á½—Únê�–]oWg=Ñ™„_²#ÐÁ}Âáè þI*£X=	ÁœoH�åAˆ@·2EZÜ.{à^šÑÌ»-„Ò8‰ò„6ÌÊÀ©´Ð¾(¢²|Lù2J�òz@ëŠ8¨Mk,R…H‚ÃП‰LÖw\$(Æð›gbhÊ ÙÑ}QDi¶¼�iðêèÓ"¨ôh0�ÓÜù™ð�3
ÆUe.¤P5S	j’`X�y™wž43sˆAØ儶|½±U‹BOîäÚôµ�¶ [º‚èvD©òÑŒ’&ŽS_G3º¬@±YÌagÉ=�gý;êÎ|:;¬’Âx2m˾HÊ(YAËjjwcF
cFI)§ª\g$¬3Jª”¿~µjáö…`æZ‚˜™{Y´̹GÖç=Òî§'C¥…o
+³—nhg^†¸ùhª+e_û	]�óÔÉdœh[Ù\yRS6Í\Ï—ðpíª©é»ÑÕ¶O6Ò÷‡¡YB£ª)(½ÍÒ­
lÔf Aà•íÖt5„"³[kzqðùG£k2‘=í:]°ºâ|œ£ÏÑæ«r¢nˉܔÉåD-ÊI˜å‰ƒ§òÇâÜñú
r´¯Š`áÓö¬Â’4báÕE‰ž¶˜h¸Û¨t·ÁA¡S³»/z`N[faÔ bYŠ(.8B›ôª�›3)Çó>ÍekK²ÀdÒ0<æ0†EpµÖ£¬Ô_»
63—„î€2MÓ(O6¨|æžäo£‚PIeÆŒa„b¦‰:\-{ ‘8	§´ÅâÔ³A¾dÎ¥Ô8ñPN`ù?8ÿ§ÀyÖÕÐÿ]dfEIÈÌ$7ô’NfáʧF\Œæ?W|ÂŒ´$ƒó�$åJ½r’ÓíJ> ‘Ò+S_·®%EØúRéÌTjÑ¡n/@¸
¨â÷ìX´ä(Aº(ìv¼K€"¹s"<@VïMø¬Áš*+ÌJ(ŒдtM- 0c€ÂÌúÆ{•I”Éšl
š9€¢2 ¨!ïÔªk
Jí3œ
oÜ…�þ²›"lûø|½`+¾ôC=?b��`×v’Yœ£µ¡M´ûaÅö×ÙÏ2 ´oè%KLöŽÐ„bþ#÷bçËDMÃ=?t´qžzêôÙÐÊ|¼èn„>Ñ”$ÐM'Òma¡GØŒ¿ƒB¤;¸zS5SûJk}¹P®êjÛ-‹4eáW¯�Ýj‰*€f°&ŠMú0Mg¸‹¤¡mƉ6ØŠSÈù݆ϋM¤JÈxWN)d˜�žý86ô:‡lÆŽÄŽêaç[ãÕ+׿
?’¼ÏF€9Å›ƒ‰—S>!@@›~‹d²ÏØꀌš‰š÷9›#ÍÞ'3�g‰!©Bßo£”~òÎìsÆ•',ÅYçl}œZ…±~ÌO[‘Kèá/­®üf’3	¾á±ø-§Yî"_naºÎ�|6:h™;ÁIš¨ÿÞ>î÷²ÿ|ëÅùoÐgËŠ˜­€NX³­Û>ü`‡7þÌ%
+rc²
z ôûÆ
ðþ‹Ô¯YògV”¥‹<X‰.r—ùÒk[ÓÖ“žŸ^Ä°x>ãÒ…rí¾x_·¿×Tî1¼	«Û›„̾올¢*¨›�D‡ðsŠ±äZ]ð{'Ü\*
+|HÖƒ½ÎK‡õ9'¼ÙŽ‚†u}†Ó–?‰âd-1&•°ÅØ$Êŧ`–y˜ÑÿB(–©\ýO�—­sˆÍyoûœµ–}
íû7|6nÜïmøüô¾b7ùçõ³íÅ2›ŽÚOЮ%ãŽ×?êÝÿŒÂÇy7NšÿF»ÎXØßÕ�Ü“îÇð›`AšG.÷ÎîŶÊý¸UÒÁMÑϨÕ'úÝb§uOñ?Ô_nn”äje´
+“tÛ8Yþ<àŸúá•Þ¿Û\®9^l8Óñ…ôTê ¹Ò.¢Fy]ÝVªz…¼É%Øk4¼ç'S±a‘E9M~ùiõÎoþõÍ6“_ô‘��È÷ûG|ÈV¸ïÅßzRÑÚªÙ°ËÀáÃÝ_A’þrâÍÞ=ýã-ѹÊ
+endstream
+endobj
+495 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+493 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 495 0 R
+>>
+endobj
+498 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2454
+>>
+stream
+xÚ�YI“Û¸¾çWè�*³«š4
pÍÍÆ5®q's螊i	j2C‰
+IÙî?o	‰r»+ëÃ[>¼ZÅQ¯VôùûêõíË·z¥â¨T«ÛíJ+e¢2YÝþtÜÔÕa´ýUhŒŠ¿]…I’7ÝnWí78h‚Ÿ›½åÖ›M36û‡«Pë¬P�Šó«ßoÿùò­™i‡p¤Z…ID~W=4ëp8Tk¡qÜ_ñ.�£4�ÒrWŠ¹úp¥óÀöÛ®ßÁi©êf»þ;&°ßÕ~hº=wÝw¬-7ÖǾ·{$1òî–DÀ)’
+Í~°ý(ƒü.±yVšízœŽ*#ƒÌ¯bf6%fïþá˜C
ßñÁ¶¯hßï׬ÚCõ@H¥Òû«h©9§ø¢[µM5„$ì&l'+üHƒéRƒFÅL
›Ê×vù«Y8p¢?Ü+‡ÃQ®šƒ�,ʸq÷
+ϱÉ­2'7Ìäæyb‹©C”úÿTÁ¡
jßN‚ïdRŒ9
vù›ˆbÌ°pYzŽLŒ¶°­†1¬ú‡ãÎîG'Êû0âcºž‡Þ‡ÿyŽ…_ñêáqßK�"%È»à(O"£µ¸ï±Úÿ1q²8V&‰¬¼ ™Ž³È$¾hÝ
 >Z2׃ýý6‰vvÏ’d½¶‡]�è}Љ®q†Í�-”�ÖØov}db—LŠ�­׸³Æ®™i2oØrÄÒ ·m56_+²¼ãÜæ]vÕœoAy·}·;Ì	â¶là$°ìG#–æ[OPÉàðè7ojö]o7ÏAÒ'{°~l¸öý9šåÛMhŸcvf œ"èþÀ_”+-AÓüÅ“Hª,æÛc,<œª
+ff6 ƒzC‘era‡ð˦+{;Û‘é¦ÂØPÛ¶]ºb9aÕ¥
+^WB ½Ž£ÝÆ
{š-\`8p®]U@(KåBüõßï>þëÕϽ%õ
+Ys½ QD¹Ûÿæ§w·¿üúƒýaªJÒÉ9!£Ð¼Ìîªõ° dLT”²¢rÂ
+ŒC“$‘2>˜Ù|׌‹F¼ÞXWr�»~c{
œZ©o¾8]DIItŠ(®3üj«�\ˆ<
¾4ü}ê$oì‚_ 	yQâ|á·ºi)ð
+Ž4Ø|&ª	7ŸûŠ2
˜ÚeDåÀsûnäñºšKÛ
+Šñ0±=lhí`em·](Z'ET:ƒ€ØÖnÚNIÝ÷ЩÎáÒŽù\³Ç+Ð9™FçE¤} Û}w|¨Q}ì�LŽ�ªípÛWìê`hv‡ÖòÔÄ®�x_-³¥À@IpëÆ&¥.dV”zBö4JµLïP¬
K4?³�¾òæ•®-¬¼dÝÜë4·ftÒBi¢Ìøjì¾|[ø72ÊÆÝÐ|[Þ…dx…Šciv¥Ã·ªêÙ‡Â}Hu!dçíBS
+î¹Iº/�ñ¯ÍRL©ÅsH–ÇÁ£}ä)ÑÂȦ¦Ý/ÝJ™GYöô]ÖQé}ÉhÙ“vÊ“sŒ¢H“ѤI\ÇÁŠ°µ4>-ùUYä¼ Ýôa'Š,Ë(Ó'Žå¢DpÍ'»¼&L!ù84–GÂêÂ\8’¾NòȤ>õ|
+|„Kê¡9'õ¦À¯ñèÝž¹ñúØ´ :Ìf
°’ÍâDª0›
e‚i—§@qÊGóÆn+Ždèn‡…Ä Af~„	��_>�s¾4õáü[mк„äBgAwÄÀÑA—ç*þ¸4&–Ûxj}­#•?‰µ8=gëšÉ=âi|6Ö[i´=(ë‘—Z(¼6<ÁQ(>qÊFzÁ;v¡]ÎÙ�Ýí$#�úO�áÌGd]!Њ" {ùx &-�å”ÎàÜ„Å8–l)7\±	Ïàïd+Þ5Žš
+¢™ÑZ¥`ºÈpȬ‰Ñ7·0’¬¾BD�»‘Cá«(1«ÝJei¤Ói ]}¤2^éU•9!·¥@à#Ñ7o¾CVÅ>MèMg \Ìiä¢ÈY”k¬òEŒÙ/Rl+²kØA7™‘ÅÞ'¹�/XÛ¾Eu™_k‹ðÀ©	4h�5›''7&Ft9�µ&ùIÈàú#W]"	.3Q
p]ŸMºà°®/yüDvÝú(�/(÷…s8½|DŸkòr^HU‡ÉJ‰ò*8ôöKÓîÍDÎeøà	À(tŸÍ%Š
®`ÿxÄ'¥1Ô–ÇσýßqQòJ¹,Z4†
­¹4â¿—u±íÅõù©W<P/�õ…ôS¥@¥ô³Æ_0ÿüÐw} ûÜJzÓa–DÎþ‰ä³ô¦.ÆíÓìÅF
èsI†«¤¨`/¢¸¾£q¡rZÌ!%¾	Š²Q 4D'Û¿Ö�K5pOÅ£ÌD(FgÖ=Ô3s’A\§Xëjž¹R¤ƒdÖA™F…Ã6ž0í^†×,J\è�ÒÒÚœêÀ¤%ç±rÒÆâÙ{RL†	'ÈrÝ–P�ªÅã
T½¬À‘å.Ä|æ ÌÄ]TâsT‡qX/Ù‰N°‚óbÁÝ)LtzêKܧg,$-�fT\Þ_Ѩr/Ž	\Ús‚ë3‚ÛjÝ´�…q	�R$¤ò•ÞKgC6ä4ü’TÒU4¹ñÃûÛ¦Æk~àdFŒò�}µ£aA,Œ4�£äß”ÁÄÁ»-OW‘Ô©3
¶4Ìù–†®oiã0l´‘G×ß.½Íð]ðMò�T°� nüÂ]vO¯Ns…K�¼%·Ð÷#	&ØAH&˸ƒØ2BžŸ“|:îúã3BQ’züJz¶Yâ¿:ðÅì:°G¯7i?\~âÄ¡k´=�nþL	´Å½¯È»ÊLDMD¸çÎlÕKL.„†
+ÐX€Éϱ‡rš$‡2š¿çÜÀ�
ßmw$�“BˆÃ3ˆ“Ì`’ŸH™²cÄaqœ§$wÕ‘@q”ó	ZÙò]–ä½sq“äN;ôãô°»í¨”†”ƒ«"£ç';:´j9
m5Ôß¹¿ì×R÷Vü9ç
†j.|SÿÚà8©•Rð
Ž5²”ÑŽ#®ðŸÑŽó^Y?ÈVÎtP¡$cò�Lh¨þÏÐÄç÷�¥AÊb!_¥<®à€c>QŽ™²ðjèð»nòÝ /Ö}#ÚØðXÅÝβÁq÷_CéÕkØ�x
ñþ’Éïn¦‚múö
+=�ü·5{xþK&™þ’1àÓ
†4)Ëx’ã ý{à\ð›Û¿ü	4ˆ
+endstream
+endobj
+499 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F4 26 0 R
+>>
+endobj
+497 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 499 0 R
+>>
+endobj
+502 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3118
+>>
+stream
+xÚ�]sÛ¸ñ½¿Â}ié‹G ANž’\œI'—dOÓNrÓ£%ÊâEêH*Nþ}w±üpì'�Àb�ýþ€.¢0Š.î.ÌÏë‹7¿\‹‹8
+óøâfg±suqóë— Ž²Ë�Ð:K‚E¸ÜH)ƒ�å¾ìÊf[â§
+~+šK¡ƒsQ_þ~ó¯‹X…¹¼Ø¨<ÌŠëªë‡+Mƒá`ö$A±ª¶éi¶?ÁYPn«¯"ÑåŽ@né»}Ûöxrà´»èxíÜ—»ðr£’8xßÔ?hõX[Dt({ºíý¡‚‰48ЧÛ}êJ<ý;�Tl�?2Œ‰ö>B3BgÁ=N¶ÝŽ¦oébUsg˜fn[—C¹£Osºr8w
Ý®òùP6´Àxuð^â—k9Šî¦ÙEdî²ÙÓº/¶8T	/ÿ“�´ÝƒÈâ0“×îI¸N(0W=ý"Ãi´·G!ë²)Ž%qQF"T1±11øRÊ8ØU]¹Úî}š-0–ipÚ-±ðã ?”uM@ß.P¢®*nërI�a”óý¯ß¼~÷þã«�J†©…©z:€2g¶ôkèÊnrákÊP‰àSÉ�„:ó)þTn‰wh;I(Hñ¾ŒöôïËLXbú߯èˆSqWò–䊶ì‰w2(ègWöÛ®:Yä*h÷K^èð/ÀXÕ
+­àâ0I€Ø.ÍÂóƤˆ=!!ë„ Ö†Ù[oKASž†˜ïòû©hz"
 NÅìnhÍH
¼Ôdë0O­*¿~L•ñ«Êˆ�ÌweSv¦]©P&¾‹�(=-¿FäQpC·Š�0¬ˆÕ¸cäAd	™�
N‡½hàl¶oô78íûO*èX��jì{0¼ðÒVÂL1^¿}ÿâ

IE(ƒ±ªT¢*g†fMI¥Š(Á
ÙŽPš*M<›2³‡’žM�¾«Üéya–Š�‡òQÅN�vÿÚFÀ
+RáxâOŒq‘O�Ul`SdÄÏw hš™ÕP-ƒ~èHZ¬Å5˜-z‚ä-¨ƒwçci¬k £÷ÚúâÁÁ%V"›Ï�ê=`sz¯™:�ÎloÑcQ’
+Vj¼<B>-Í­§JfBþÂ;}ô§º2Ã¸F\H8¦á€¤[tûËÎìOƒª!ø5	Ç9HÉJøÍõ§�Å"m¥ëx]ÔtÜL¤p˜á<¶+ëêXá%�è8
>q`�]�ÛÁ]¨$ú�›éħÚ¦%¦¥à<^ÎXsáÛ(|NåF–Hk.ÉãíŒ:äÒq
+@n�5¥ÓST0±ªw,�€£Çíijóì¹´¾\ÌM5D	h:x�#ƒƒŸoû¡ÎøîÖËp€#!‘‚oµ@„|F8ŠOì¤8­šû¤‚–[äÙ·KDª ð}i†bŒŸø
ZOƒ/,4¿²0ÑS�g¤è‰k±þz‰bJØaã\WöçzèéÄ°úâ�…¢"6S³éÑy•Ç#�: O®Wé’�ë1]2æ°t…šæ¿|¾Ì¤uò†×B�4™
€rfKBÚ”’6é‘6ü€„ÀüvuŒ¶3i°¶˜pç.ÞŒ^¯gAqWT�±ø8c¼ïé<LO⬺¸tÅ©@³£·ßÃ{²IPe”˜^´Çrܺä(iû¾r®ÜKVB¿D=ùó=åxjûù¥L퇂ũ�8GJËfú¯8½p9ì¶é+÷çÆÉ>¢”~�
èeð�{°¼E}B²s2^M÷µ
›ëÇs$ÍZE&£P»„ëåS�Qàa•¬ìoãxÙþiÄ”C*ærh¢¶#g„fvé	§xS29‹÷jĶ Fè0³×}ùþ·ÿã!’¡H}½zûæÝ2¿I˜ØÄï·`|
+åcÿðþÍ»›š$G}Œ™ÖYŠkT3­¾kLÑ¥öèõÙ�ñïÌíØ5w„°ìŽĹ#ü0e
+¨L!�‹T#Oå–…‹Š­{‚9IÈ=AÎ÷fO‹­XS€¡'EX7RT³Ì¾W´…�[Í
sHW3ŸïŸßüu™@¤0Ð?_Š	š—ˆg�ò%¦ò¡|ãFEg°åP÷-�úk	­4ë<ÎQ¼ÁjÏ1¿PéñwÒða’mümœ\‘;š¸£8¯2 .Q37˜dœŠ²Ý5gJ˜j[ž§…”Ôº~Œ¶	÷‡¶çyÿ�ž°PxI�7'ñŽ1@Ø>.ôàñ-îYžœŽùÙ<ŒÑö,õÃR¦¦J«“SóŒ�^fÛTö�ªŽçf§Ã¢ÑÕ,Y?Í4”¶åŽ{ÊãÄZjáu�°›E…¾å¶ç®/%SO°ZWMi:bIð®¥)[|ѽ$§>J¿|•é¬Ò‡u›¬¦sÐõ$!г„`ÒÃÏŠƒ<÷º}ÛËÝ3tÛrDéy
+€5Q öCCŒÕc²ðÎ*ìöȇ5«œf²™/¶ö’jÚëYÏ\”WÙÄŸekQ\åÅÍh^c™�1å	Á!§™ÏÝy`ãGUÈmßBM²…ÙŽGÅÙX±Ê¼F±í+›¶!ycM§
+�©§ûb[AêZQ=µeÕlë3Y„âfð‚ú8	•mË¡A,˪^�=‹ÛsU•q’É"òá)üU›ÐwOp¶¸€å±¸€�Sp|ùеwPVmé‹B9ññ/�eÀà>^ÐU(F)B\‰£üë%Ïbm�sÖÌè‹¿y>ï,‚"¾ähšì=�ÎÃl'išK|q�¬`³ªï΢ár½Í’d¡^üøêÃÛÿ.˜$Œ] íº•ï%ß~$äÞbž…*õ[‹ÜH*5ú–š6»ð*R!’SÂY2%#„Z³©Lz	ð£9+bsýnAaçVRKh à
%
V]Û˜�‘¡w6�+bHmç¹Á¡ÕøâA5Ñ^¼zZ”›·ƒ„´àúC{®ìÔÑMÍ’Àœ!êªgX4cÆm];r¢QÛ”´Ä¼î!Æ‘º{ñK6¼àzE·[ÍÚóŠÊ%ê‹Â<¼üÙ×ÜùžÏ
MáPHºh[ñ’[ñ2Û.øZ^\MyÏ÷3m»=ý6|û¾è~`ŠúóªO¥È[	InxƒÜ–Œæf…0“�hvwì×*�Gï‰Ûü¾g´Ò0ÇYRçÉ–ê¬ðQÅšÛæ?�¨3Õ3"³tòc»�Ü´•)ä…§S]¾s»9#†8P
+!°è½�¤Šñ�dàslr§Ô’®Œ3ôœAp›`zý-Œÿ:·ÈVØ €[6ýcé“B-f·1Ññ›&=^gMzmZ*§ºØÁ,‹Èß5€ÿ¢)£>þҘᗟ)¡ý†ýFÃÊsš®±9‰}LDµR�£ÕO#Üà³fÆ¥­
+'½ï[kT
+'keÔɦ[?ôsKÝN²ãg¾¶ÎqŠ²;\êÊ£Wîh‘]`(€ã‰ò0w¨æ¸˜ìååÚå\?Iš¹Ù�©\1PÛ{ÚÑñ;죮ÂÇ}eªS-GÞ 0�Žàä¾3‰åØЗÎP@™ŸóLYp%°ÚÌ—Ÿ\âï�mÊ;ð2\ýÈ,“|™…KGÕ3ò”¿ABUÃ�Û¢g;æy“'Xv±æYJÊy›ÎO“GJÇ@é3`fðÀ³ÊuÕ€;6Ž�zO“PÛš´ù)çÔýù«Hãïü±|�œ¤Ý.�ýcõñ8qoãž’»;¬=O†Â!ûôdc³RÁŒƒÝÎ&óÆ/ÃTiÜ{íĵK“0rPEO«Nàm1ªÒ©¤a
U÷jB•N¸µL©æHÜ_´�áÿŠ�Ñ™¦ç§m[£»rý颟©e0¨U-GùYp~Z³{QÂ>Lá4ê[ÕžûúÇÆE@�ïEöO*´ké×ؼ>ñóÖ$�=e
+ÍoïÐtMWd2>Ão8ëÙU†Æ~­w•å^Î
+(ÛÓf|ßœ¾×1Ï#ÓWç—°HƒÑ¸ˆÍšß	"�Ž½rÌÔÔ‹z,³ÿ{jÞF¶¡å‹ÿìDÜܧK øÑHjÃÄròÏXæÌ òó.Û×a6y–³~�ƒˆu1¯nþöœB°
+endstream
+endobj
+503 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+501 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 503 0 R
+>>
+endobj
+506 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2465
+>>
+stream
+xÚ•YK�Û8¾ï¯ð-j Å‘HQ”ö¶ÉN‚Yìa°ÓÀ,�40j‹nk"[†$§“¿U,R¤íí9Y$‹Åb=¿¢w	K’ÝóÎü|Ú½øé#ߥ	+ÓÝÃa—»T°2Û=üósôáX]FÝßÅBð¨øû]œe2úÐ�NÕ¹ÆIý»9kúú¹nÆæü|sži”&åÝãÿviÆJ±‹³’†å/ ÏD45}ü�d?}^ÁñüÄ�Çq¿´×¡nú�ˆyó„¥%~G»ËØtgú~¹ã*ª×Ë¥mtm%èV'§iÁdj¹í»Ó¥Õ£^	w‘Ò½õyq!Ü7\@E¤÷+)xTë/\ª³®ï�‚b®rV€Š@í)©.ª÷c×ÿ€
E�«².”‰n+Í@¿Õ8êXª&2²Οñà4{ªÆ=�z°d½¶duí¶ŽMÑmà£×õíŽîàWQvp¡”—Fð¬·T{s`¡¤9+•!|�2e9èâP
û{•Qs ÙŠ~VŠÌéÂð{è®çÚîz9V£þ†73gƒ‡6#Q=ë³îaq˜oîõxíÏä9ÝÉ~2T²±
+Ÿ…æÙwF¦Z£¯Æ®økp^F‡kÛÒÔ Gú@ÅáÞÔ8ÍSk©ýq ¬8KÊèÁ1²Ú!ï«áH_Á¢3†Ä•sg‰'‡¸ß´“qQJ2<ú�®êÖÄ2ŽüÁ00²-zm«Éq>tF£zÍæf¨àv5Þ.ûË�¦§£6>U,Kÿ÷ur,#P,Q>èQ:ôÆb¢”,+ÃO
Èe¤
.Ë­4 2Ÿ€^ÏËù, oº¥,—΋k Dn…Pa—ÈüF¯{9]–£K2:ù'Læ3óútÀ¥0a…¿ö±–M„¡ÂeŽDÓAÎ@s¦Öœ!³µ9y.}N&sz—ZªQJ–æ�)¥ÏßøŽÏ·™¿cÁS–Èy°¾žÅ1·_éÌPÊ•Ž`ÊË„¡ýD"¦z7±7c)ç¡‚œ“!àë‰N �=®?tý	ni¬KbÆ5IR¸z#2/©¢4	S_0Âï‰ÎÑ)ÁÐØýÂKŠr8ÇÖ:Ü—;ZtNB£sG„3qÙ>³ýï¤^‘`fç"])VšsÝì­Âp„¤N´A1Ä›,“I©ÈÁn­õ[L\I—á€üÒwÏ}Ð3ïk‰=(¯p£Ãõ¼·'8�~¯iŧK™‚±}±w2õ�…~†–´ÊmµáS%×–o5Ðç˱!uâPÚ"�L~œâÍdþD5¥…m€Ï’äú:àgjNÃ)§ÃF –,nWØ&óèO˜'¢µ
+ÉowŽo¯vˆeÀÐm,eaÄs¦\Æ<Uý×88qyg¹y¯Hdß �,:‚ŠŒµ!¸o¯Ÿ«¾nõ0�P:4T]B¢ËÕ¥Ø)æð2”Œê3`¢¾y‰Pª’«[à‘á-mL1(DfrT+–e˜«X™›íShýúh,”
ÛÞ%aüþÚ´p¹
yÈ™EÂÒÔ0}0éÊfß'ÚFòí	À¨õVì
+éIö¦µò!\†-ÍåÚNá?©û2ZÌ‘
Rª}ÓÆ« ³ùlll☥ròrž0¡¦Ø„üc˜9Îb‚‘r¶Kˆ˜ÏÄ«jLʤKõ'Ì!ˆôÕüùd|¦¤v¼t}½®|™'x\™(N¥b¼ÿ4eTÄ0”=<:,IÆ3��”Ö~]†ÊòtÂò0hYሪýH¨}+Èæ.™+àÍ7”p'ä.¬0áð’i�ÂZäŒÏÂúT¹^%I}Y	ºLÍ.ì÷Úv=P�Ÿ‚ý“àas——eÞ‚ŽÆ
œõÒŒGú"LJõw<~’Ædšd¥YÊœÿÅ—uèB>ðˆÔ£RÆÕ
+²‹<ÙÂ[“S¿Üo²wv~‡Å?wbžF/}c:·‰?æ�bN¥! H¢a�„iº»Ž—ëÈ0j”­õ8}(	‡¬·š}�ݯ•þãmé_SN‡�_Rl©>Ç|h¹ø?ªÊ:º­H]–ƒ¦Ì%õî:ÝpÔâðXXË\Âw«Øùáš÷J×TÃÇ"e&ŪéäŠIb“CM®´¸ª}-sßS&˜IXm¤2x´´6º`é:hhXÃÊ%ß"¹$ÌU¦-jù� rwŽ*‚¸:kšHRN01л†*,²F¡~GóV¼©Ý³Òœ2H*ž„�<"¨?95ìÊ4ìB€ÜUMó¡€Â¼œè‹
+ûƒF‡¾³ó1˜×·<šÐwƒ=
 X»¢(k¬„£Û¤¥Ó|}áyR=›&K”Ød-Ón
*ó)]m§t…�ADæµ#-¢	gáþsÈVgs=8z<vƒ•bÖdâÄdjåêÃz(ÿŠLÆQ(†¡
+±†±¶§©›áÒÚ‚€Âׯù#W‰}ÏÁï4­¸dzø{š�¬t&䈳•ÝÔœ}µ
¶—yé»P$°\Š5­&íà²é–a™´•Ûâ<^èUJ‡.@á<¹ÞùÄ ‰¯¥Ã‡a±2à§X‚³Jè'®žöÐÒ=ÿùu¸~{t“ÝÌä9KÂWŽøh”gŒË4Šÿ±â'àz8ñf�ºÉé¹ížb2–Ï Ã¥×	¿@p½8ã÷›g ”k›aÍ+Sþ™é‘„dUÌÞZ>Ç¿®˜s@övۥׇæûÛ4ñÛM)‡ëáÍœþ{“Ó
`�î·”'9+–¼>Þæe[ä·èŽ—0—‡QðÙ•ämåÙFeÍ;õ<®;@æµ`…—Jÿ<µÑ,0Åߺ›1öèÚÀ$¡_Ì£2¾ô¯5'EâÀÞ|ࢯ+²0'ü6U¤ƒ©¨Pø;ÌE/8ÀžïùzÒ&뙧}%ãÁ¯®(…­›
+)|Ãë�ÃþÔ!¹áØ]ÛšX @ø‡Ä‹¹¤ÿƒ”Z è6|–ê6~–
ˆSbþ­Æì1ØTFðí ›S¼èÅÅ`ø5ï[ðk
áì9F.7ëï�@ïr¹xH’›!`¸F/=•$M2Uì”ACVÑÏ/e…{.3mK–Ü
+‚šÌ6u83™'{
ø¯¶[í–æLp¾(Y\ÜBîv³oë;ˆóÜ,i³¿½z}ê<:l�GMÕL£0~rÁÊ�š�žÌå[ŽMOæÒ‹~O½ëï©hl›wîVŒ3u“iŽÙφñ oJxàM¤›$Ç×¢°ýsH~ù¶2‡wÖµ-ýüð·ÿ
¦ÍÔ
+endstream
+endobj
+507 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F1 10 0 R
+/F9 84 0 R
+>>
+endobj
+505 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 507 0 R
+>>
+endobj
+510 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1729
+>>
+stream
+xÚ½ÙŽÛ6ð½_¡·È@ĈÔ�·M€m�‹È(-Ñk!:\IÞ­ÿ¾3J¢-¯wSy19ÃáhîÚñ™ï;wŽ^>:oׯ>‡û,ãÎzëðÔá
ËBgýþ³Ë¹¿òD’¤‘ûVö»•�û›ÚªN5¹B0t–ÍJ$îAV«/럜(aQêxaÆRÍb½C:ºû®^©›«¾GLä¶[Zå~_Ë掠a§zEÛ¼­÷•ʶA8vû=J㪼¼Q’K<1¼vª1»P¶]A_µX t¾ã�vœ´+ñ.¨&‡AÕûAá•4žÐ…êó®Üh¡éH	lQã{üAIÓнu{¥èú'•‰�>e1a?ßtí]'ëZn*Egï&Ѿ¼´…‹´p{y§ÈÞÜOnWl¢ˆXšhŠ_ÁRÝÊ#�g¯Mñ Œ»å±Ù™¹TaŽwÒHŸ¢ôx}Ø)º±m«Jëö Ý�gµ’
=[y©àäN$•ÝÝ¡›ƒ±‡Q‰;´Kë�»áÙ«ÁiB°,j$ó>Ò±ˆœ…‘9~�¢ÇÙ&<d‚�Lþx“Ô•M�"‰Ü‚˜E“H^çFjËÃ[ämDÕN‚FaÀËî¸J…k$¸b,%¸¹(A|*�Qç³ `b¤ö>}ƒ:·+íIÈ „ÅÜË~×*LPפ
ZÊ 0À@Ð8Hù
²Á wª&ô¶kk©ö²é)[f†Û¶3LÑP‹°É@«Ql“Þj¡ÔŸ(4D›CY
ecT
+K2[%�ï�ge3åEûUgGÁ_ÇàN1H´M[:Ï,›FÌÏ,á<²èR>ÁÂÌN”õ¨jx’!>³XÌa›·Z�¡k+ÐKd!T¦{ÌRÕA…Ö©è—š„*1®:0qƒ_›¨^hªX»Ê	Ö�ؽ÷ÈžiÈâk¶RóÑ™G”¦Å™?~€»}‰Ž£ý�j@8*š“4ܪÝ=[Ú&Ožiœ1\j]úŽ$9¨ÄaË>4„CÛŒ›íëÇ€ZÜZc¡¶òP
‹¯c;<‰¶Ý5:ˆñµÌÈ$�ÏÝNõítc„ÕùîÈ]cM'öODˆÒº¸è(“O±%�jÆòª§VÞ´„®å�£˜Ð‰—à�*Mú_×�,ÿ;ötD0=È¢*¥ƒ*ˆgÕÀ>U©FÖŠ`{@õÕÂÈxKUÿg5)Û‹²CÉú«zž¸7òC¼yÖBý0vI7ÜÙº!Œºáªu‹ü³\êx¢Tð_}·-ÉÞýÓ‘»^¥P±+("!äÿèG‚†�p—˜Þ›³pC”%2‚³·ûP�
+ñÔ-Zs‰]‚g®1‰±1Ñz$`æê�Í‹æº5‡ÒЉ—ܪüJóÜb„‘Ea†Sh¶¸·¯(
£{ ,?#H6Õ[,ˆHÙöûnú(�,«ÑK³Ç
N‚”8üy	ÄzWjËù¦MÓ~Ä•4‹©¦À6Œ×Q4<™Ê‡^Ãî¡v̾Ó.ÆPÚš|,.N±hÆIÂj.zwi8X’ŽȇëÈ…h\°TØ9Ø´Ú&WSЊÓÀ·ã4€i¬h£m+¼=H+=EÚøÐgôöÖÄ4lM±‚ñhd²ˆ–ÝïºBMLŠ±f	– ªì€Ðߥ.sv‚B?§,í«CÁw½,½ÙJ‡¡�,XÕ‚…Bç6Z^7SšÖdv ²³ÂDL;s¦SüBLCÖãdŒ	hg
+OLEÄÝÉs`=˜Áj¿ÏxL¯Æ7$ݧZ�H<´Q�+BJÜ ˜
¹	¾5=‚Üa�¶ôÚÂ3™Û3‰íã%öˆøæêˆH¬®M‡ÑãÓ!ÇAö*ŸÈôlö�ŠÎ%A$M:z³¥•Ú+lÎÞƒx͆Gc-'HÒR•8Â̬b—*pUß½zîŠ|ÁZî²Æ˜××nY•ò‰@×Ô±3|×àŸcÐcT½ñýÉÀw¹¾Iª[³LŒÕM~{u‹"–Å'êu�<ÞË@4)#à½�ù»Òü¯0ëýtåØ”�îl×¾6—OÌ8j‘GÊÃñú”ÅýØKé¿ÀÎÿ…�²�>¿…›rŒ‡“̵>š¼kë²½ÿò’àù?‘,3‰<¥âüô{TÅ_Ht!(ë…ˆÆ&ˆÛ‘ƒr#F•ŸÎQ…w)ªô•)¹½ˆªeiìíŸ1§Û|s€¥þY`YÈÿ˜5ð±‰dÆìß'‹ Ç;Þôi/LË‘âb&¥œùáÙ¬nzÌ“cí{«}}ý„eã»Õ+žáTçÇõÿ‰«�I
+endstream
+endobj
+511 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+509 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 511 0 R
+>>
+endobj
+514 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1543
+>>
+stream
+xÚ½X˲Û6Ý÷+¼‹<S1I½ºLš›Ç¤íâºí"ÉLe›¶•È’G”o’¿/@P2m)Š}3“•øIà85X̶3óy9{¶xzÇgaÀ²p¶ØÌÂt
+–ÉÙâ÷wÞó]~hU3÷…à^úÛÜ—2òž×û}^­qPxo‹JQëźh‹j;÷9�ÓÐÃpþañæé�pö#Æ3_f,5û¯�/Kµ&IG‹(aQ6ŒÐŸù^i:£Þз_gzz§Ê›Ò[‹´Ðlp¶O[úaÆ‚Ø쫪G�Ý-û¡£¿ꦽêä8¤“á«ÝÔƒ¥æü˜÷çÃìÃ<’^Þ¨(áG ùG>ç‰÷•òR×ÔZšmu4mªV…�
+Áñ>8@-Þó(élÍ-ÿ
	¸ÕÛW³Â�ÉÈN?�'bÆÁgS”j�;0ÚTˆCÏ”Ž¹¨.™­“¹xc½¹CÛäˆma
+­N{s³qœ=³—Ÿ�qÇjÕuu«ãõ¾&ú-®r¶mS“‡½4?ÎL0ÑûÊöv8cÎÄ™¯*‡¶>«o˜èxó+Ó‚Ð34¶¹QÇòÕJLdáèÒÚn¤wjhH$N~�:Žç	ã©°ä@Û½÷´RtʽZQÔùa2.\m��8%ãÔx÷,×;j>³tóáW‚ú�o핈ìýü¿ØÕºÅëžt�WVHÃ1YL`¥"ñÚü¤*ìÆÞ¦©÷v°2
ô‡Ò¶‡^‚£â
éŒÁÍC–Ä�NÝ/î^¿}1Tœ3)¬��–8ˆÏ˜‘Fì
ÄA‚7@@c'B ±A@›‹I$­QRügžŠžh	~ÞÃ/½(úüDëå$òo`Þ2ö:øExr�LÌbÓX�ê€bÛÔ%Iš&r0ëÁ\FsêF3HÙh–‰ÍÒÞS2Èò±¹àãåÂé“úú¹n¦Óôý‰¥UC†¯éj>cv¡5ÞÓš¼žÖƬ†š‡‰NÿÓí´–EèºNt6ǪÂrêÆ$Ñ-3ðmé¡ØôCÔ0ŽwŽHv'×q¾O"v±šæ�{+ó“LÌ¢Žv}ýˆ±˜»¨d‹éb�(¡,P»(rØ÷ŠðÕ4´©±ŠŽâGecªÉñ>vêQÕ;|B›€b”% ÝÖö;BŸ‰`©ì˜Q
��“ËTeÈ�C3hœX€¨/¡§NÊQÂæ¨ÅÎ2á=äæ*âJárexWêÝ÷nÀ2€i�‰y:[@i†œ4½>ÍÃÂÑ4ŸAòíSʘB0É»Ëü./ò»¸)¿[Њm•—Ó¨‘ˆ˜W„<„Ãáöw“YF±¼¾ 'aéI^ÐSŸ×PâQôt~šTôoMÏÛŸñ��,ê£ûx;1AÁ�eƇ®¦¹æ&Ò”n"…0¹Ý‹š—¯Ç8
+±A
[ÒÌ �²À©zð=,FJtÕšÿp{¥À3G.þK’ÊÜ*�Û²^òaK¨Ï
+<C`HTšú	>ÀóJ[rI!$ÛV5ö'ÝC³“êß<58´…vö_5¥†Ïñ»U•jòVYV	ÆÃËr™(‚þh],»×ñªÞJ5õTLÝpñÿ�D밲ГF=„—°`	Ÿt;Ùšl|7HF©
O0ÚʢŦ„˜¦ßL0jLDZî·Ë`ÕØ%øܹQZ��\úúî~˜üSey¿÷qäJÜ¢%òœèÃg>DwâB`˜ ‹¼µ*‹}�j
×I+úw3*'µ±'±p=–mN´GCJÔ+ì†�—`”òŒ¼Çϯðªr\
ä9>a5È� ±W{ŒxðØ38⨡
.Ob—šrî™{4“Ÿwð‡å;šØçmo$tí]œ3ƒc¦àÉöE¬Õí�r`K
Ï'xe]^ºæ€Î]f
N/Ì}DîC­ŽôGzEEßœ>ú¸ìXE
fESW¦>„ 7»Ø:®oí¶õ±=[;H|êÓñÎ¥B~»x›´]õuÌ^,~ùÁ�y
+endstream
+endobj
+515 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+513 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 515 0 R
+>>
+endobj
+518 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1154
+>>
+stream
+xÚ•V[¯ã4~çW„§u¥�7v.NÄ{ˆGK%@,ÞÔm-µN”Ëáì¿gÆã´iSΖ'ÛãñÜçG	O’hùå‡èíú̓ŒDÂ+­·‘(#‘ò*‹ÖßÿÉ„�«X*Uæì­î÷«8MSöÁlMg\mð˜±÷Ú­¤b£>¬þZÿôæ!=ËÊÏË(Î*^zqñ±T3u9Oª(ñ×ÛÑÕƒm1ÍlÊ$Ϫ(»ÙµÞƒr	Võ{s8à6»z��_—%Ïò;TˆÉÛ“Dólêq0Re­Ã¤»;ú>ÿɘœýÉv�‹QŸð"#'r¯æóUœÉœý¶7¨AUÌ´~”¹r¤ö¯�P%Aµ*Y‹ZXÓ÷öÓÁsÝÛƒAßz"è.Ütfè¬yB]Þx¿íš£7+™äÅc†ŸVyÆôaôGÉš-‘ñþ:Ūä¢qûî—÷�Þ=þüÇ"ºyÎ…
+\ºë4Úò™„ƒ®hVƒ'|!>•ßÂÊ…¤"úýå"²‡Át­u0«"òã{Á<¯ÁÓ‹zP	Ó¸ìðÈZOı§Ø&lÛtDòâ�ÓGCæ¹Õ®‡ù„gìÇ�è'ñm{°$E°¡¡²!;f¥OI’’l?àNP~€rUxuQȳ3ÎtÚ5?M™Þ“ä¶3µÙX·â[z¿¨íPJ¥ÒíF_Í°VÓ¤š.¡t�JöÄz6ˆÎG=Ôøn�ê®3&e†’Ü“-¥fÙBÉ�96¾	WðׇSOó¹¾ ó©üsYÌQV±oÅè8ü½¨R
Õy²óëeõs•†ËW„™v‰R "“÷¸*ϵîÌRÙ_™êó:!lѵí•/弦jÝ›×ÔãæŸép‘,8»f Í‹Y¸"ît¥œg
à€²VLY»�Ä'Š!%Dx| œ·öù%8È&>´öyag*x)æv*Éôfã{HAÈZ)

+›
+ûÐì¬sT4pé{î|7¾J®:V]Åm!z”8²cÞ€8n0
èî¶�ºêl¯Ï@×hÌ
ãˆ!`Î�0‡Ù=ÃÝ__Œr?n¿å<ð}”…XY–ç¢ñˆ(½ud®óÁ–0%
ýÕUðDlçyŒó8zY>Ž´õSxBØ�6¹˜l™ý¿âx#vþ¿’VJÈ£÷ó)[¥TY@:¢ältÓªvD³ô±Xå<µº$ãi?‰éG2	ú:Ix?g�Ü¿ñ
ðÌ™¸�t™|÷q»H¢ç¯Ö+’�Ó0Íä-Y)—.ÆÝ=²¼o kò�¨ÿØaߌôŽ`WNzü4^”^ÅUuú�„QV²
!1KÙ
„Õc;\šrÔC”ibKèŠô¢z.'Úéáîaë	LmŠj=ÝHúVà憇eÅ+õ‹	iƒ ˆÛÞž&3]CòÿË
Œ0߃› 3ŸãgÓ�Fˆ_M×M¤Æ‹¬áÇ€	à3ÌÓ”Bq=l2²C]ÚAýõnýÕ¿&EO
+endstream
+endobj
+519 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+517 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 519 0 R
+>>
+endobj
+522 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2797
+>>
+stream
+xÚ�YI�ÛȾçWè`(À¢Éªâ–ÛØqÏt`�
»Ä6¶Tj1�H�¤ÜöòÛó¶"K$»�‹jÕ«ª·|oá*
+£hõ°¢æ—Õ«»—7jGa¯îö«8_Å:,ÌêîׇòÜÛv½ÑZÅßÖc’à÷®ªpJ¿V]ß´ßyp[¯UÀörÛW_×*ì–Të$€Ÿõ—»¼¼‰Wq*:j7ˆWS„9�V¬7IªúYâч
Ð×ÑH_ÇDŸˆú÷7xù�ŽÃ$&ªw‡ª©¶x¿áEpÒÎvÛ¶º‡;Â]eÓ¡Y«,xäAßp{é,vLÐ,Ÿ˜ûKCS¬":í¡¾Ì®¤L¨�¬�/²o«û¶tƒªÆƒ§ìËuðŸû¶9ñÎ’ï—jêð´ÕF©$̲ÕD'tP×—õîLOk„t¸Þä ÇÛädºCs9î¸�<È˃mSwÕζVKnä<ê?\`ÑÓÁ
^²iqAÁ+öM{*ûª©y§k/,Uì.1ÑÄ 0õ7²Ã{â•ö�¼ÔyI“
Õr÷Ü6myê^ðŽÎZž_ºŒŠÒ0×ÏJT?Ørw¬j;»ƒÞ•d—òšOŠ€�Q:Â`c˜iVþ0fõUv‡í¿Y*(·Õ±ê+Û=©öQh˜Þ‹œ�bz!uþÍÿÒã¿’$Œå%›†¯}�C§àÖLöþ„ô¢ 9‹˜ñ�f<lzJ–„i*íl?ç&6‘õûKuì«š@ÃE¢¶.ï�¤�0ø̲ÃîG»o¼åΧ»Ã°Þ;óP¡¹Ò�W|ÎTc‚sù€24*HâÏk™$Æiƒ¥Øã‘—A�Ж¾‚úw¼Xn·¶ëx•ð[ÇãëŒÂÃù™Ûætûd
+O±<Waîp…®¤Ý•Tp„ÿp¯Ùs+$4BdøÅŒåçÖ~­šK‡˜¬“<èñßÏlø;°å$Îb®~]'&(�f|þiA¼q=wÏ_o?Þ}¼ýç›Ùcå3§kŽŸ@˜Ïi+0ÏZÃQ7;î•Ýx8uÎ.'ÄH
®–Ü5�'ù(¼ÂEæÑFK«Èƒ®$‘äò
+á´%7‡Áa7r¸•êT¸s½ýÖóVº
ÒvKDzëg,SI�banüõIž�ÍåÙµÆÐÕS0‚�Ý——cχ$Qôy-‚�òªã‹ÙŠ=3•g¢¼ÓD^`¢Ä‰„öÁ[mÇÓ¶Ü"o8Ò£Öâ©qð’Œ\ÂYÖOì�ÛŠœì`�@k$¶ä†qZHT†•�e
ï`UÄ~;—à¢ÐòuRfô¢(ûÞiÂ(2Lö;
cïh[ôXv÷‚½jw¹GþØ"j×\©_!×Ûè|ã(Fýdf’8¢‰0Üñ1ÝL/L®µâö—ßÞ˜ëE�À€Ì›©W*�Êë÷¿Ý}xÿvNF�vòucÀj�cªÜó#Z9ìQf0_ìöeÛw¼~9#1ä�Úl­d[Uƒ+�ÕŸdÞ° ��Âg•dG!RƒªÈÎ{‚¬qïôÝ:‹G³Â—ßܾ�so£!`‹ò§¤J¡®LÁ¡s×	àœ¸£þû2¼¯ý¯'�ì8w¾óó:Dm¬EâîµØ—×b×½b;æŒR™�Ë8ª7ƒã$EÙý€	&•ƒ”ÒîÛK½-{4†’$óM°M7 éµEŸ‡¡N®Ð5™¼`ã†5ˆ)Ú,	 ­eá°Â½þPÖ®'S‹�Ž�‰QVÇÝNw[!ç(.@vgª†Mձˈ0O¸±©¥:Ö-"3(ZêLÌW­ŠÅhT
+�D-y”ir„©3&Ük¿U=Ƨ*�DàéSþâÆüÿð&4.âþá]ÊÖrgÛœ+»aƒK*®B$g—ùTátîBÅ¢¿Ú7Úo>Úï ¢™ÆE%þkU6�0Qp©(¤2ûñà9„Ʊï]žÏÖaåKÍ$.ÁœIb[ì3r.v^�õä©o”*í¥
+r-*žýÄa=v%ôì0öT‰’ØWtA±'N²üaÎÉ
º,7 
+Oa©wš#OÜ3üo®²<ˆtÌIÑcÕÙ‰—e©K„i<YCÎ?Ô�Ã\3FMíc[õ½­Q,YŽb™£RÆú‡¨T„Iê¡s©�ïþf”eâ\µçöG—M<*”ÖÃ5ÑL…œ¨
D‰Qv%Ž±L,i´uÓsgIe&ø™c·Œ)廑9XpT4�Å@f{} {€øÎ2l¸½F[ºä¢X|±ŒCà;KU˜™©.#_F™�)dŠfIæ&Íúyšj,��À %fcG¤OSœ»+Ø>aÞýå:ž]@žŽ"šŒN ÐHÔ2hDCBŒ7¾»}÷ææý‡w?ßÍ}úÕ…�œÜ3q±?žP�¤ðs:s÷ªB‚e×5tómÅòÅÉǪ?poÁqä…ð&UI‹Ù²6¸„㌘§T<ö:å§
ë3OŠ
+c0(!‹Ót¸´`fó‘SǦýv^³ÐcXt*‡hGR‘cêœb�0Zv<ØC<ÀÖî*™¡\;­ÝØov{é…LÉ�TÄZ�h¤±êîm×,Ö*4©ÏbÉÿŒä3¥7c\øT<hôèšNj	.è(¹ 
C$Ž$�vWuçã¸?gpD"¬M»j/,èÈwßÑྣœy†ë Åê|9‚òãó,,rß͉ÊøéœÊPÄ%ù‚.\Åwˆ†l\©,'‰ÁòÞÚÙ²åê,Ž3?Ù…½e+؅쬬Ž’jÉÖ‘f)4–P„K³(ƒ‡è4Ëž{^y‡£ZWÝ¡m�Ûn™ÌÚEì2^˜vªÂ¯PÁ )À-Ÿ^/ÄWB]L¥øEPPJU`ÀE�¹ÄÓ†šè¡t…ÝòxäÚv‡ãÑu´Í‘'|‡Î3�‡Ê‰%Q…'–Ä…#t†«Ÿ`!IHÕÜöî«;|ÈmhãÞ3(Þ³ilšç’áIuêéœ:Í"zÔÁXy–{ø¤cCQ!tW¡Ý–ü¹ vë!²¶™iÕ	È65Õæ`­”]36äx=½ à*pÚŽ¬ûž@!Š
a,±É9Âö´C9-áÕ�,º|NàÕ2Š)$ãc©V+³Ä‹nrO�A:´%¸§ÓÙ=µˆÃì*¡mfÊ3e´çqÄø‚;‰9†8‰'*ÅÐnÜ5V³pù2Wóå£NÒ#iÃ\MÉÁæƒ8•‚!ìv„,ô7{ª¶Í±©;?B¬½h�9ôF‰#3,Óv¶ecâZ_÷]B<€’-oÞ6mÈÑWG¥H³([¥s,æ¸X­_–­	§éœ9¤?Ðw2ôÊš©¿·o$ÒÊ!ˆ,|«�ˆ+quŒ$ó˜hÎÁöìi­2W
ØqvÓµ}tyŒ wêm)K$hhGÆ£¶ÇÅ"G5ñ3™{nsžóCÇøeâ›ñê•œNž˜Ó@@ž™šJÈ:„X�YÌQ-´‚ჃÀ=ä°#Ù"nð³Eþ5d‹ò-kßÈ7®’þ¬é$¨ÍR•HQ¨Õ³œ€À9Õ~yðú–‰ó°H®?a©g?a¹§üøã•{¾ž~oÁð•¿ÏbÇc¥õUä ÅqðC/¾¾ýM#`Wº&~R`4]÷"äE¯¥¨¢0Ƽ«7wùÁñ<6
+endstream
+endobj
+523 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+/F4 26 0 R
+>>
+endobj
+521 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 523 0 R
+>>
+endobj
+526 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2692
+>>
+stream
+xÚ�ÉŽÛFö>_¡CSƒf…¬…‹�¼Îx0N9¸
„–J-")�R·� ÿ>ïÕ«*EÊmäÒ¬õÕÛ7õ*aI²º_™Ï¿V/o~ËWiÂÊtu»[¥Å*¬”«Ûן¢4•ë˜çy¡¢—Õ°_ÇBˆè£Þé^·�S½¯Ú5Ï£sÕ¬?ßþçç·b„UdLä«X–¬0àv›u¬¸Š>ŚΖãY	è«ÄœÓmuÐ3hÀ”öÄg¨mz7ž�T9㙽°«ûáô4H¹&ÍYšÛCMµEŽ>ãî*NË‚É¾‚¥rB{<\C7äÀ±š?“Hi÷™Ëra7{}\¼,.˜·H©Ã`ÓU»�
’)2$v¢=qš•¬,á«X–šCoë¯ëXŠ2zEÙ:Î3½kiõ´×4¸ã*GÅR&Ñ®ë70ÌTTÑv_µ÷š6»-Yšíúî@øÈ‘dL9ºÝ—HsÐw{äÔÍ@¤’Éb&þð:g‰²ê�ä/²Œ•VþÊìºÑ›“Þ‚ÑQY32ôÃñh_§®ÿF«
L€Q
+¨}Ù�ös¤rÉ„zš®Ôñ’`ð”)õ]ÂRÆÝ�C…Fn°“Ñp
+E¤	ÕáH³M�x�YT
´[ÙC§¾nï‰7༹C¾ƒŸ‘QÓ`›ê¤iÁ°‡ç*:t¨8êõF—cæÂkªÙ´¨Ý×m‹�5pÐìžö•BÝ­éD×Ó*bm¾´LŽí€néÞ��L‘sUDu»Õ_ÝÐ ˆÔ¨Ü
Ë^Æ8Aß	�{𨴊O«2jõ}uªŠ& ™Â “#2ôÖ@ßó€Ì70ì
+!VFH&ô‰V�¡82È?Ž%°óÜ÷#Kðva#»ÀânÍÐÓèÝn®§™@?ð=%KÐQzë¡Gº
溅«µÝulj²R.Z/�JŸ0pŽ…sàß¡¥`ü)HàÄ“®À�'D¾d:¢0äá.’‡sCP�Ì׸8qìõCÝ�í9/'œìP¥q ·õÉX^ðn@….pé’錨bt€iF€<xTbÏ,­p'/CZ��p.q8óè÷YDœeŽûq3NʤóBÏØÏ’Ê�”Z.ñèÞK{3y0
¢ΪÞ.#âÄñ4êZú'8Xõ[‚Ø�OÇ3za)EtëÀ-à�±Î�¸]$ óŸrp­yh~ž$hœ� ÙaЈ³â–X"N,q ûàMZ:㥫$µ4¨%ð¼ƒXÜ?)xeĘƒK&æ÷çÔàLÞ¾LØÄÙwý=ÆäAT!¾ù>ÀzÿXE
+^Ò“F§�Â#wðÌ­M&LÍbä Þxƒô2 QHV�#BàäÆ�ÇÝø—›$�Úoã.$K&6°éÈ�V5Å$a"Q7 5yæ©Îù¢çQb4Á+Ø+–¤!öðùxabEf	k%£ª9kº`ä‘û»®�ˆW}ôNpò0¢¯«/
^“ðÐ×cÕµa’¤…_PÏç™)Ø¿S­Ÿþ|ûêÍëw·ÏãŸþÄï‡�Ïã‡ú¯¿æú(r&yಋÔÛ=4T¨ßÂƸMzž£nb²ÊC3$Zˆ!™eH–»¼³ pÖs¡c’vÁ%H‘ê}Á¿ßXþ÷ãsf+”Ï褙B¹ÐcÄ»¿‰�I’ÈMAhÈ&ÆK†!=Î)â<+çÐê¹ìÔXŠÐ›ñu�Æn­n|mÂÍo{gßc8ƒ‰;tlô‰üŸú	g±>Ê@x¶aA@,FußwäQ·´h£*ì~Õ›3€d>òeÖ3Û4ØýÖÙ–3—f�5bºTnÌRà='^	 õ:vˆÐBµ;ÞÁPWD)TÝbHÛXŒºÏ’g£×óEç4=KœVÕ­ó]Ö~Húj•#D˜‘¨V§Mµ¡#WýuªJï|9;Õ!_©ÚÜK¢¬Eò‚R°ûݹÁq	¶T›ÊÏŽ¾ä`@e‚K°fö%%sjù%„ä…,
TJ/=Gîì£ÿåv�1ñðl–¯ùQ»!*oªeÌÈððh³¼b!¼‰¯p{+šÍ’¨þTžÒŸ[ä_éœTYPZoF#áe>«Äð€añŒ³%=×f‘µyÔ±Ò„æ2[ 5ÈsynWc»äá;ZÕ`Ÿ˜H
#hŽ“بøè¿õ#¿‚P„IÆ2ÒöO/Pÿôðù†6ŽÕ½=Ÿ,£.i€„€)tT¶†ð=WA":Ø^›(¼//¯ôÃÒ±Òεû6“&–*˜â!±øñf^DNlgdœ•Îl»Ý+›ÉtæÚ«Ÿâªí¯v°Ê|ìNíêf¹‘(s–dý:°ny�Ôã0'¥`¹ï®ô÷óN ¢BáüF]ˆ2÷Ž¾ÝUd¸¡2{[àMâ‚Û©­ÈáÜØ5((¥§‘mkÖZ{t¡I€y¥„ùáÐ@§ ºÀŒõ«)¨¤YcsÛb©àI!+pLþçS–ö•Ï¢5­Xß`‚:LÔõÙÚ2ƒ~QF/Ì.Gîž¾#!Šd1�A™á›°5X¸ómÈÁ�îÚæ�ÈØ‘¿¾I@‡œ7á?¸l(¨ö-x/Ó|,÷ºÁ¸ÄK›èÙllf™ÀRÿýî×ÛÛwïß¼ýðñý‹yÆY–‡Ý„mû‰už°b‰U—¦±5sm—ÝMê(™«ƒýÒó}|ÐÚK!^©tÒövùá$éÓP¸½;Õ�äcóÑ„êRx¡Fdé*B I¬áGZ¬†Á¶ëŠrX´QN©Ò…ù¹B¯äCH™d;V)a»�‘)²³èˆ+ÓvuoK/ŠTJD_šªýÞè{ìÝé­=Cöa‚ÜãÚ›Š’® ­ì
é F BQB95kÛAÃY�YÈj?xeR¸}±AÑÔzk—÷†mÞ¾…ËÀ…¼( ÍÞAWÈŒa^	&a ‹ç‰C=^5º2ýOç'atWS×A—inC®ÓÅ&ÿ
+ë é8ÄqÓæ6liÛº×ð�Žj3$Æ,ôQ»IšKÏ�ž›Ä‰eSÀ€7q%(&ì™W�šOÕÃà:5ªiíþZã³H’rdª��Êèxft¦ R'Z¦Îe7Ô&Ë™·}sæÜ�o>ÏòM5¶dØ„I|ž‚P0îbÍ°ïÎÍ–�ô¿O ¦³&+erp7¡à*[ŸÔV&ÕÑ^¬L_
„gûj£<'6$}…º)ãJ~H Õwõý…Ã}¸Ll�)¥ó#­x\pÒP´ÇáÝÕí|”Þ¬¡6Åb?sÌŒçždLí�ènw¡ê“ßÐðÝ/ÈXØØÂ__Ì•î{VB½µbaûã,YéJõ$üé­tüÁuŠ“–�½®¶ßh‡´lÅË]·–FPyâÚ‚t¢»ö›K^^üæ’`pâ\GW¦{Ç´,8dCa³6’hÜXNe.žòoM@�ˉh­"Lt}VÐ	y)uq)uü߀•:E™7·ÿø?œØNž
+endstream
+endobj
+527 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F5 30 0 R
+>>
+endobj
+525 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 527 0 R
+>>
+endobj
+530 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2613
+>>
+stream
+xÚ�Ë’Û¸ñž¯PN¡ªF\	2·8kg�Úª¤âIö°Þª`$hĘ"e>f<ŸntƒEΔ““ðh6úýÒfï÷›Ç�ûùËæÝýÄ&ÙÇE²¹?m’|“ȸP›û�þ|6×Þ¶Û�”"*þ¸Ý)•FÿìÊú�dôSÙõMûB›�õVd€›C_>mEÙ
+®D’È4J’tûÛý_ø §§R§ùf§Š8w¯íZ· {wýkŽ€.×Q¶´8mkáY8¢ƒ³'7ŸEª+†45k®W\DÖ”}‡‹<:4„	æ�?ÍìÍ||HÂv ¬„„UÁE¼`rÇ\&Eœ&Äæó›lþ²ÍeÔ–½%©6COG.<ÓYÔ“bΡ�^)Õ>»%‘|•×7©ü;ŠÊ¶§¦½ æ,|&‹ºá¡ëË~èK�)œèˆ~3G–ë“Ó2NFlÚÇÅÃI'	ßw„ÇéDz»V¥áÞN=ã:jm7T=AÁó¨¯]’±•FÐ{u= 4-bÝç(õëÐßÁ&ÑsÙŸI
®iÉþ
lüšÞêè´¬ép¼�d·ßm&Ý›
+¸_¤±ÿ‹%€±™˜ãÑÙtš‹³5ß4§››@ëÊqÆÈ<vºÀ€Q�¸œ“Á7`æ1i¥pt¼ÿr°�ÈÐo:ËÜó"c±ãí¿rÌe¬5³¸âhI«”¯ÿp‡½_A’ˆ8ñP+Aéÿ@b¾IӾƖP±ö²«ßFF8š+:_G›²#Á
�=ò[åia>Å>–Š±P ¨ÍÅ.SVò�ð! ÔŒ½G:ÝJ ­HÈåRú�DQø‹DÑÊð	™—ÊóRzŒ];aùã‰ëÆyišÐ“áç:zÚ¦*2Õà¶d>þ~!`�ÅÂKø§�Ÿî?|üùý’õb
+T€<÷)ÍCeG†ˆe‘ÆyFd‘}>Ù$
+Åì}¾@Å9Á±ÜîÒL‰U§ÑûoWSwe³¢w…™z'Š8ÓcTØÉ"	À¦*ZC]ÛUõT-Š»Ø;/¨sø‰ßt�¬é‡–q÷gÓÓÊ©~»òRV¦å놾é=-aÆÜ1É“9/	•„äa‚Vûè�"À¿ö:μѺóR8:N|´D«I$ˆÇ,<ÓÙC?¾	’8´åÕ@1!_(b™oD™«iè÷bêò:T¦·7ŸÎÎehe�éÓ ½l²8dˆaxÕѾäHŠTèè8,�?ãqÓ9ŸÚæ2+	ÔzÔΣ?_†èúÖšËm.æ&Âu­–œ	¬é^æY¥µ\€94�à±»£mYw¶íoŠÈfÃ…SG:œc$Ø�}*›�eÃ8=Ɖ/1ñ�®˜‹÷ó8åù £Ú2×M;URߘǶmÚI)r&	æëPðÙ/U�Q‚rU÷\4tØöæ‹·®F-"(€PùxSz¼ÆB¶aÓöº�ÜS”@(d¢Eõ»O;þ”¿8Z¨å/À9?Ÿ‘j(ô¨®Æ20÷%Ö™9�©Pê-VÔU•+¹TÄîGœ`u|¹•ÎÊJÇJÊ
ï,ÔïŒÊ…%8s*ww¸;­Éøš–³#¹¼°W>®9
+k»j'—¢s
r>T+Äm½‰áŽ{qÛŸ¨C]ƒÒ
¨Ÿ	—D¦‹.¹÷Û�»Aê‚é*úF¬V×2¨Šƒ–Ó´ëpòVâ!1‘CG'r*Uû<Þ¡,ˆ,ðŽ‘
+™P¥æœ
E*Ø…nÏ\ñ‰à†Ù†³�±Õ3áÙ\”¼©Œ³Œiž"ß‚3=A¹\°�þµÍ½sÒ[¬Ê%p¿p|-ÑYl»Ä­²XNÝ‹çÈ%1W"@fÄ�JjuÂmTËY‘Ú‡)¸˜¬w#‹1
+dÿÚËAœõÃïCÛ|am;ˆ Â.Ìtyó,–~nu2Ý™
+
ÍÊ[óŒw  ÓcÉ#f
Í ¾˜�î•#Kd†­©è $
ܦjjHrå+w÷uhzW¸À95/è`xP0´þƒ¦¶sÄ(­B�1Õéâ–ƒY~Õlz�à‚D{¤‹‘.�xÁ	0w¦5õ�]ˆ™Äöì°	‹-غäp68G±-
+1ŸE_|�K͉2¦eã ã½ï¿ì'c-§®
ÕÈxÜÑž4µ1M}þVW<CX>RˆØ÷\Ÿ?Ç+cf^¡#ð
+&1Çt1#Á2È °áLD È3¬š·F$¡2°J•ûR.�s&ëO¡E+ÀÒ�må–jêÄpÓÙ¾§Ž
w8Y ÕZO’IìƒdÊë2`KKñ0”U�nŒè>ÃCüÆ'_éâFÅ‚¿’¿âò}ØývGÜ	Yij@5�ÜáÈâó–V—qä�Õ$øY;ç�¿]Ù¤ò©7ãoÎ(KºŸz´Yç7ªÄ5zlþÖ„&±Gó±±<Ù¶<½,D—%ñ^�ÂEeQš€L„Ü“ú0g.´â/4Æ Cl¥tÎœñ'”‡Cà²9WÅàž›p4pžÏªþÔ… \@›ËH/{,!KT/«aøjºÃO§Š—�—PvhÏ@F}¬»H¿»
wb§Bœ` ä:¶µUcÆû’F’·ÝÃ$ühïǦá6z=�b3Ëö‰*m�†°ñf–�ÆW‚ œQÜ<(GZÙÜÆÉ5+
¯Æh´jNI:M^P]­E–æ4Å­QÊÒÛ§þ,Îf~E‰ZÖ$óÔõ3ÐôŸÀi(Ï„ý\Ì’†÷˜h€
+t£g��öqOÏD¥'ݲIHLÓ®ZÛ¡�úöÀJÐWµ*MÖ&s Hï—+Ãå›â=/¥^[Ñ”g�Yë8Oq†Ÿié"L¶±MÄ͘Kpóà…J‡´�Š®°xöõÐNˆýX “=:N>Ë.¸%íá
+«&üå‡Aâ–†Ž#3&ã,—,æD®N
+%ƒö¯Í�o圈 ÂQÌp¿krΦ�Ê«rVSô�D�L™š}aš�‘%Æ;æn­ÆêØù 褵¼µh?©Ö<©Ör²õÀ‡¤ï@µ
+fûøÊ¡ Íxa·üfƒ÷‡ér·ê�“YÆ.­¬Ó·ö<[ià˜<Ë
bô·_‡±[ÄKð- uµ+Í®”~3ˆ…]O' °ÓPÑ)	\cMüŸ¡ö¹.\±±x}xe
+u¿’?€.7§{.¾Hö¡ït3t¢alEÂʪ›Wm®æÏ|a·>¸º)Ô.–î^IÕew!|TvÉWÊ®¬ˆµ
+Ìü4®ü½²^Oc^‰áǼ8ùÃ85¡<ç�jàÞ?må{4hÙ&´]ùX›¾Yyv1ñýœ¦Î^ûÿ�#žy.4~w‚Ž‰Z” L6³‘m|>UÁß7~«”ÿêÚ¼¿ÿÝ
Ü

+
+endstream
+endobj
+531 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+529 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 531 0 R
+>>
+endobj
+534 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2129
+>>
+stream
+xÚ�Ym�ã¶þÞ_áE¯ˆD<‰")iƒbqArm
+ôC›îC.‡È^z­V–\I¾½í¯ï‡”©•¬õõ“Þèá¼<óÌ½ŠX­Wæò—Õ÷oßóU±<^ÝïVq¶Š–‹Õý�¿q¬Ö!OÓL?Ý~&IüSït«ë­ÆGü½¨×<
NEµþíþooß'gY!l¯B‘³Ìˆ»¡Þn2e2_Eæë/}Ñö S© ÀKìË®oÚgzèN›®/ûS_6õwð*•�þ²ÕGû“§½®iᮩªUzZó,Ðô}ƒožGâ»c±ÕVT_lÜÝ^Óg]ÛŸ6;Ô´Á31y†V¥*¨ÊÚÈȲà÷‰„bÒZ÷ç©í,MìÇoHVÓâ5�Ä…]ù1˜“Ã}9),²Þ™¨èKi2?{]é«f3‘*(Кn¯«ŠD7Gô?‰.;z§ëbS?Ãé+ëÇË[Ç°w.¹ n²s˜ÉTJÞ–fáæTV}Y\³)ÆBaœ1•û(Ëg=]OݳLÙ¯Ú„ò¾¡ë¶9
+ƒxÀ`“á™s&Ó‹ò‹œøíãT1ÎI}›$áDÿ8fB]Ü@'—
 ¤z–Lõ�XzY|Ž~¥�h~GÂ6Åêß³&e,£ˆ,'þ’ÒÇV.›SG\cM`ëPÜïKû¾´ZtéžëÆ�Òó�^ì+&³TÆœ"7a<Q4NYì‚ûÍŒµ‰H˜R£.á¯ë[Ì�¯áàŽCÓõdr«·ÚØhž¹�S
»•RÂ�žÊ~?‰:O$rY+ž²d
»	�Ø8Îw‹Ðõwñä€"*¶K~½ûm�ˆIî³�sp´q�ÊigÎAðiä x>;–m	}QÖƒJ¾s¸dR}�sB)R¤-}[”ù_ÍÕ…4aŽÐï^ãsw(Ö\¹âµ�ŠeÍ”$Œ<åÚP˜šCÙ÷ÚòU¹;ãç¥�*gIºlb³Ü
×¥ØLuÅ�ýP½®ž-?¸rÐ,”µ~B™c™±lÄáŸ^Ï¡xZmc–8·^!€_#`T— šKß×ÿ8•Ä‚` „ÿ¯CAŠÊr€ê‘ÂU 
+…ªÈƒªèì+Ll"$Ø«b;ÊT²<›ó�²”	Õù¼—Ø“ÍøÁÂYûy¶§1㣚üÓNåçµ”AQažeŽˆ %_úU¥,uònnn»·“àpˆüׄ÷í\xùá•c
ói7Q.2¬ã>Ùýq±¨Ý;ʶ$T¶z†¨MCA)jÑ’YÕ5´jW´V¥›ó(÷
Db¶„„f˜HñàÃ:çÐNšžL?ê®|¬襻)»
+löCž³(5R>¬³á§yðàýšÜ((ŒY�žQ^†k§+½íé+þ®užÐ6iEìÚæ`iœ7ú32œÅ²i&‚w$iÊž‰€;òÛ×új£Ø±h�œºó®j35bOÔ#
<¬¥6&Ûò#—鶠þW$ÒÚ�kŒxã,¥§³óÀ¤âg+	ÝÐ#>lH>Éè¿ }¿¯œøÄO󉶼¦™ä>–uG00|`î�‘Ó¹n²|ðì§ÅÊdf1#àŽ¥Þ,LjH.ˆpZ|ûÿ‹pZ„×B³×œAPè#'êO‹Ú p•2¨#/SÆ€hš“ˆ-ÊødS"n°^øj;Q	œDÇ‹hú4`Ž�eÇ}ÅQe
$„pÛõô0«í+Ì^øõA×�E¢Ê9.Œ¬¨à¿ºmp$hç¾Ñ¸È�Ë}ºä”D†Í×2ØžÚvhÖ„ãÅ9P»T~ 2ݸÆîqð¬,›šÑ¾£Ú…—`“a"2Þ“ªô+ý¥8+râ‹®„˜ñê1Æ¥£¡™Ü5í¹ÀfÝ‘	bî1
+”ÿ@“:¼6É}ÂŽå@Q9P�Óø`Q¾$:œžUœçW×ĵç¶dèàjª5}Ó7WMÙ7·o®vƒxC�Þíãé0Ä�8ê¼Ø3½
0–vÄ÷C‡ŒB\‡l¾tûàWëß/„¥™N>&.�o¦öá4#/7	Ç–Úwå-¿4<¶‘…›NÃŒò@÷c?áCþr;÷À��{-�¼~¥žCx²�ó¡$ŽüSi(E®eðë/L/®�Û•³NRãî1³Ô4 ç¯ºµ™JìèÈÀŒ«-a~z
ÈíbŽ’Ç#’áÈéÕmBöœ	W¢¥ºÑïÇÚÚ3	à–$p§
:ucÐñX•Ô?`“Í.#ÝÕzAŒÏ�Λ¼l{ÃÌ ϵõu6‹y›ϯÈf>´!s) °�ôòéº.y(L„‰3Þ¿w~)zç©ï§¨3NâkHëÍuÊØÙì…&Ëd—úƒ¹
Æ?ýmÙ{Um@Íwô“¼8ú™í~²üœƒwמG]8“¹{­ÃÆz«‹ÖŒÂûˆò\°x”þ_¦GÒg‘ᒾϋǟffiŠúÑzºÙ�ÁÒ}On�ú,‡é0^R�_TA±<û£ØlðàÒòúlŒ ]S®–Dóg¾òªg§U˜¸}‡»ˆËwæt?²ÞŠGg šœƒÆcøÇ%Jæ�÷Ád²ÄŸÉÀ%ŒZ={ŠYŒh:�Ëø7âö7š:`
+ŽªâðÍkǸfçŸ{çö…~—)jz¡ÛÖÎVÐP<îóÿ
©—Kœƒéæ÷¹,ŠøUsI0ÇuÜ´J­jtƒë¿NTßaB4'€f�D¸ þ�»¿¯àf4R#ê‘0†�‡cïH†ÇF¬Û±Õý©­
%qÓ¸?Àè�ÊQ5ó¶èèpoõÓýþàe	z
+endstream
+endobj
+535 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+/F1 10 0 R
+>>
+endobj
+533 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 535 0 R
+>>
+endobj
+538 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1572
+>>
+stream
+xÚÅXY�Û6~ï¯ðC‘ÈEÍI�yÛ¦MšzlžšåÊôZ�,yE)»ûï;áK¶×MôI�™o>ÎE-|æû‹»…}¼]|wsõF,¸ÏR¾¸Ù,x²à’¥Áâæûß½×[µot½\I)¼ôÕr¡÷ÁäåIïÇÜ4UýDïÊ¥ˆ<X®²&ÿ¼‰§˜œËÐã<^þqóþêM:¨Z
¾X)K¬¶GZ!‡KÓ…o'¿¡ÉÒÐg‘›¼¾½­õç\5Ú–?gÊ"Ébî–Ï…,nrõõLç,èT½œ›Áe‚ž)ãâ´Ù)˜[ÂYò¿˜bϵÈ?áÁiúš«)‹’“êÎÑ`õËoɜ۶¡—j—7ÎÄfk•^¡Œ›}XŠØ«ê5C™@m¢OŽ(~·�…±ð=ºõøŽµ6ù]©À7i674nÚý¾ÈõÚíÉ›meá œ’žú3JÒ%úoãvíÁ‹Á›³ü£ãL5yU¢5	wÈaÛ­j
}eÕn§ÊµÃtÉxh¡çÎìÖX$`·:$BZQ‡‚¯ÓO‘W
+±$µS&™\®ÂHx?U 
°Xumæp$lN™ °»ÞØ`¶Õ/@sµG#UAù87�$ˆ ñžkÕâlèeH$nRëµ{¡‡Ñ÷­.³NÁ†F«R»aWÕ“%Tìmª¢¨Ê& ãÜî*{V½ùÎë´Êpã–¾à°2½&òÁ#qÆå0usrÌZÌd8¯Ž9zt/ÙlóŠ‡prb;³°‹¤_õÎJY”S‘«4µÊ‹>
ïU³-ÕÎy
¸¹*°ZâþÆ™_heŹ}O“ØÛjµ>�`YäÒbkþ9ò¢pá
*.†nNa
&Î#&®ëÿ†kÓ~tÙkã–t`6U½;é<qÌx§�Íì(Kšv³ÉgxeÈ">I¤^FÉãV�ÌáFIJ2"Gùqö©|8‘aAGØ%G´?‹âç:'Ÿ˜8@©HS—o+̺¢Ù²rúQgmã6çÍ%Þ~Ø/mÕ‰ëA™öÖ4yzÖ})‹0{’CC…1™Ú÷§¶ikØZwŒ¹½�|Í%¼=^/è8‚	¼`¨´†ÚR„ÃPéíˆ?'œÅ±Sr6¢ÍÐ3Ò™€0hnÔ'zugZ‡áÖ›½Ê´qRu¯”ø“˜é8ó÷ç^
>¨/âÏ\Í¢qÜ!UÅúˆñ,ÜüÕ±XîlGï¼`ó8ÌY(Ç&ýÖŸ-
Fz  SE#QBccÛ 0qNÆÇÚ¶Z0J3ËÚº¦úŒ+ ¿MUrè7|1eæàêÀ’Î+ò’ä8•É¨¯¢8#O‰A×ÂcïÚÞžh|­‹šC]ÓQÁYèŠ<]KvÊ•lûP¾W”›4^ÔRáÀç¾P¶ç€>Î6±8æÐ<d2=y.ã6Bz7[§qk?GÐø!´{Æ5M¸»‘`Á9rcìtüÞÕ§û…�ÎsÆ!ÄÐÅSl#ECb`Q<v=¼ãxt~õÄ6OŸ´ç[´îs¶ýöÓ#\¦&)zq–J’®öXøÁ5TmHæv„¥áëÀõâÎ:Ló»“fHO­­+¬iÔ5}S=IÈyî†}!·L\“À“„9'ŽSÛv?䶎&>y½R¸ÀËœ×Xðâ™t&!¹(ÊÂh·½<ÞXFþŠs–x
¿ÝÐbËáhUÏ]Ô`	õÕ
+/ýVfœBG6ƒÉQ46¹¯‘y¹ïŠ4%�ç3õ‹gú”ΉšI_6º˜�‹3{‰VºfÐukTjŽbéü﵂,DY"ì¶Uå^æq«] ‚!3à‡ê.¥ø1j·j·gëÖ¹ä™×NúÁ%‘†\J�!¥~0�HL…ø̪ò¯¶ÌÐv2ëЛí©þUÄCb7Ï_ò]!ƒ>’åA+Ûuw¬úB§œü›ê+¿¸úŽBȵضnʾƒæÜÀ½0½0*çÝx0íÆßžõòkp”§I»yx)>u
ñýÁ?ÍY˜$br�vtPw€ÑUͯբotéËvãæÁŸú¯óÃÍWiL
+endstream
+endobj
+539 0 obj
+<<
+/F2 13 0 R
+/F9 84 0 R
+/F3 17 0 R
+/F1 10 0 R
+/F4 26 0 R
+>>
+endobj
+537 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 539 0 R
+>>
+endobj
+542 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.ц†šºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kw>
+endstream
+endobj
+543 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+541 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 543 0 R
+>>
+endobj
+546 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2877
+>>
+stream
+xÚ�Y[�Û¸~ï¯ðC�ÈÀX)ê¶Omڦ؋Ýi‹¦ÀjlÚVÇ–QJ2ÿ¾çF],e’öII‘çú�‹6QE›Ó†ݼ{|û^oTjóxܨ|£â°0›Ç?ÿ+øÓ¹¼u¶ÝîâX*úa»3&	~¬]W^.U}Â…8xWºóv§“"J¥Ší¿ÿöö½Ú¨,ÔtänR›�)ÂœNUÑv—¤z~N–ð9ôñ”ƒÄìtÆŠ¾~<W鈂ýV§�§ÐÄEpk›­Î‚OÕÁ:žy*]µÇÝ*¨à¶¶ßwUSË÷Ǧ—<!¸ÀᨩyGw¶<ñi›$AÙVM/‡¸þvæó i;{@ò7;¡ä¨¢ùv);¸íêÂí.…�ñ¸¸ÈƒCDUO=R…3…?/ÃóOáå$–|‹ŽâИMDÇŸê~!7mÂLÉzÃ'Ú¶ìXØxÏ‹ëìÕ=*	j[¶—¦É~ÚÒfy•7'aGæRƒN€¿	›ÿ¨«/x`”e}ÀÝqàüqå'TP7õ7Ê2“�/xßãÞ3¿•2ûÎ~øYfü¡?Ö¸ô^}A‰j|!µ¼«ª–UbaÄ;ùêAQŽ8`³É·_@lëh÷"7:LD W·;4n!ó8	‹B¶<,¾OÃ4õ
+qoõRcàvùð5y3›à`Šlû³c'åÝÍ„±!wSQ*°¿X…Q&*ö¹wìènâ~%ÙÞ×Ü®ãDÜÎ:+Tµ–©ª¦'ÐÒÜÉp†œ7£S…,w 1
µöçòFW]oË
+0Ágd¶Ü‚º^˜á®á…}s½U;EºØýÀVY„‘æó.”(žð–„©ôþ°d=
#¯h¼ÕèHü_kpØÖî»�ÀÙí¶¯²ª=´Ç
+¸¦o÷Öo$Û;È1¤XÚŒŸ¿ˆòÔo‚u
+ìxÃ
+ßÂ¥ÇêÔ·vAzªGz#4¥u’ùÏÀ:LÆzjÿ"Í\�/±ÀZŒÇð¸$Oƒ�ÃÀ„þ
¼÷%±�y¾‘y¡¯à¼VH�¸GÍG•ôTAs9ðÄ‹`¢"~&ÊxüÏþJãÉku:30vEJ”˜çPW[@oÀ´Œ$Øv¯\Zª$ž{Í°-êW5”åa”ŽÂCÑgly�Kåò[+¸Yo‰”û{*ýŠ8U1¢Í±m®ÂZûBf:Þ7|±û¾³K�E౿â«íâ$³tjGUçìå8õuÅ0ô÷¾®×ŒÃ˜
Y¿~Q’Œ>ЕÏ$ÄÐÑ\Ñø 5骫û4Yürf˜0&hù^´òîxï­­ØyïºZçÊ“•·Îú̶~>W™cŠ0+¦mÙ
Íyt
a?9O±{Ôä³dMbBI�HNœ ijI<â‡d�i �»´@“†¹÷ùkù¼œÖ8Lî;Àt;O}E®sC2ÒC(
©Öù©?-®7q˜yKÅu:­µC’#1�Û·Õ­™è4=5žX„òá†ÑÂÎË6×(5úê·%jK§‚â/!ä¸5cSéTf±È,FcâºóBpÝ¿\_uvЯax1ë
+6Ñú›,LÕݱ�½Ëi†ž„€(âÏÙ'“€¼"�hqiA–»Ñ6ñIa²ð
3€lË›)eÁÆgòÀôç
+È"Ë‹»£–Y ˜
+ƒ+ÄV_^ÄN +Ëg©¶¸ðhƘ.Ey/^/”�í)µR‘Ö†°ô
+6™ÕÝÙ"Õ:VbÑ8b:P7Ä-ˆÏS ÃÃ}ÓbjÁ/\f\zëø$
+Ȳ`†úƒî È·;ˆCIÊ›ú@WDwAÞ0åÓ…Š$ë½ÃЇ£Cßr“±�r;ÐWžƒ»a¿|Ù�L
+MÍ(¦¥†Ÿû°Qö”<µ4ñ´èå÷˜øAiaAI˜OpOªj~Úr
+Ïqž‡FMƒû$kÓ™¢¬Agš­
+'n%aôó6I°œŒ‚�~Õuã�ãAŒ=:�ÇSV7�ŒU‚) �[eÌóEg®�—‚€ïÃß¡Ù/~†à2?…`�²X�¨Œ%'ñ«.ûfÎe݃;‹Ã4›•QåPÅ�ÝOD�¸Øƒ}¶_h
ù”ãR=­293x9Uš©¯4a¢ÁšÐ}ÜbB`R2_ú€ †3Ù¦“é¯R…>dfž¿e�#ØøH;+Xt�9éYæ4sæ»ú88X<²®¨¼B®ò$x_Íb¡)$¿É&Ü™Œ¸ƒ‡€
œp\—W»„uà
U;c0¹ëÝZZ«½9uçRÀÇ(…ÙñÄÇœðOù=ðÅ!ò¬JžZapì1¯â]€aìI0e¶uß~ŽÒJ&�I'gA$£n`¼âqÆÅœó}¹?¯T\ùèào$sù� �˜é·¤þ&‚¤˜´ú
n }ì/”‹fR×À³êü6JShŽäO'F‚à�[ú›?hä\²^€Hv“Œ@ƒ`¼"•�p#¸4˨ž@f�LØÏ¢uKÏìVM$!™gËøÚôÝ­ïxüã˱¿0à\á˜Ë¯p„ÁÁB†qZ«$4äXw¾º¯U˜xœa|І
+Z¼²B¸ªÀ‘ô�*o]ë�
+%™Îÿw›aKÑy˜§s

bt>gö/£#ARphê7³¾‰�³¼•+&{“ŒY*{~¹’]¾ø{®Íh¦¼Á7qìa(n$S÷½Î¡áòˆPD9\AFF�¥PÇ<¸6èÑF�)>±`ý
+gy°ÐÜ|›fKBÙžú«j6¼€|møva
H:ÿ¶5¤cãQ© XµN¡æ‹§PHXœ4êæõÇ‚Ž<̧=/Ì‘w:ŒÌï·»,oÚ0€‰$Øí§oËZ{<ˆe]vcq64ÙxêEÿÍëJ*1éçû½fhTÍã5¨ñ+*FOIŠh4Â$/¤�‚#´8\>ȳ'•õ“vÞpßu¼è7¥(n@Ò°D2ÁíbKÌ1i/fÓ�†Ž}Ev„Ógn•.ô°lÌ¿bYhFÓé±N0fQjcéñŒSqðùl¹ùœ@,iäY7ˆTxä	[¯H¦ôÈq@î"»*`)uó³æMU¤]ðÆOx#+CüD�D觺›ö´ÒëU“ò¥‘ºøl%eã0
¦ÁÞ*v’sø‡•V�ôyã±,®í
¥Ö’}9¬Sì]M!ƒ3èbJ:Ë×
+aÈ&
©°ª¿”ñ4¬4ñɵŽ–g$™¸¿,O°‘ü…_â3¤'éVã¡%?À	Omyå÷�§ùËÿØóõt4ÅŸ,øuÅDÓûþG‚Íû‰:Šƒ,X/ô¥ŒýȈ`â8Ä–14
…óªióˆ\¡¬O#*Ѷ7„Öžl�ÿœìzJ�~OËo¨i¸­Ìu½ÃgÎ÷=BK=? ô¬[¬Ó”ë¾4_‘~ÌÑ?ÍFLÃtZ|`9ª©°
ñ¼ån
žè|ß•~V¨Æ¡\šÓ¥<uG`è0‰xD©<‰IÜ´€b%¿R´E])-žªf!œz׸È~©âÑ(ñå	ʬæðÍ×R0Ý€¯C=ÿjHà
+{¦ãUn(ãh8t!ÊLÿuàÒ´Ä9Õ¸ÿQÊ*“ž»4^W×lĪ±¶€©_ïâQ[8Ò“ØøfSlôR`þŸ/FÞ�²û»F¨óà×[؃ÕìøÐ�»FM|^¤@RCpdhÀ¬&^ùq3ýÛVúhŽñÄN
+#Ì+_27GæWÈ¿mûq+EõÝ¿ÜóÛz²½ìLâ?íu}àÏ�lÔró—Çßý6­q&
+endstream
+endobj
+547 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+>>
+endobj
+545 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 547 0 R
+>>
+endobj
+550 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2598
+>>
+stream
+xÚ•YYoÜ8~ß_Ño‘�´,RÔµ@|L2^ÌL‚‰g�Áî‘Õl7×j©W‡ÿû­ƒ”Ô-Ùñ¼´È"Y,¿ºØ«À‚ÕýŠ>ŸV—·çåJ~&V·Û•HW"ô3µº½þ—'dp¶–I’FÞeÞîÎÖaz¿ë­ntUhì*ï×¼:“‰×çåÙnÿqþQ¬„òC…¼Ö°…X­Uæ§Ì.ðåÙ:Š¥wUï¦ÔM<’ÈË«
7>:SW-sšJ¥P¤u(|™«¯õöWaæµÏm§÷-wý¿Þ44’z={}‹¢¡¶Ü©³­^S�,91Á
”¦z0Õ=wº]Þ¹–fùÂQ¾0Ž|%W
ÉVÔÕÖÜ÷�žc¦�Æ«5¨XD4¹-sèP•‘·©AÛ©§Q+aìUµ¥?T5ªø‰{ùÞ‰W÷�EÂûó,•Ðåë(à:hõ½yÄEsYe¢?’5Š|‘ÙY¦2�A-âþ�gQö,fÄŠ“ß•nìExfÉZÝu¨NØhµ–QêG+‚±jÝÃÁàÆL…ß„M
M{4M]í±�ztô õþhé‚pUÎs/뾩ô/®$áÑv§Ëò=´U
+ò�úx€ô…Iù@à‹FJ]9Š•˜îªx†öx�2	­Ä�íu;Óþ}~©Ÿd°<õEH˯®>iÆ!•wõñ—‹O_?¬?£±ÈÈûåæzå¡nÍw¦øç¯`dJcæ-‰÷çŠ
w°¼
>&’w9iÕª™²„p!c_
+‹]=Îö•�ŸºñCSß7ùþ=³ô�‹Ï�ô�_Ó±@¤¶äuµÁÙ@áñTq(
+kíË«·›ó¾mÎ˺ÈËsSe¿ÑV‘×vFû×ÔÈ;Ýî¬z`Ñ¿e”À2ë4P|82™e¡[«á¾e+½OWWV±5Ýõ¦Ü0iô«f˃ÆÞ‹±«sDØ@Ü ÚŸ;Zç#?�œ«
§®–Ì=ìdzL’‡ðÝ}Ù™Úö.šâ,¼�étÑ�N^uÃìÑG×döj…°¹ŠÀÈì( ±¯;(´kj2h€ËÝð`½Ùõ�n˜J°*Y%6Ú|︙½F̉xt< ס̋ÁñØ#Œ†K|”½úæýϼdòd
+àÅá¨:/�÷Ž{yÃ=§3¦¢Ã/ð6vY�·øDtém F]Ý<£úÀ•%By·g)΢ɛڭ7-H©x4"¤ï)â¶s ±Œù‰gbÇÊ–Ý´ÕX ^O
+‚E©5Þ}þ07°þTÙ	Öu§¶?85¢5–‹¾#MQ$^üÏ/·?Ï؇Ò�;cFð6ãöq:Ç]ó–¿Ÿ~ûc@ÏúÚI$6x‚?u\]læø�üÐ
“-LJÐ/•€F1Nž íi§ 2š¸D	ñû	¡‘s\c
+Gœè“2’#&q”Ò&¤êïºè;wq…Ãï}ÍìÌÐkúŠ)‹YLý83PhþÁQú‚,·M½·Û3ó"Âã|â3¦Ž2=2ƒÍ@�Rþ$3@ͤà(È÷=c'ð*­7¼ŽN_„_ùli;ËôÛ<ØBhŠœÀëuÛ°ñ‡E&ÊWæïX†¼¹ï÷œ�tLqÛw�RÌ
¡OþK‰ š¢C¹³`Ã)Û£7"¡ô»"Ìüo
°Lœ2ò¾«÷Ä R¢q64] ìnìû^¬àÀ·±]ò}©1 ²Ø‡ªb‚�ñÞmº
þäô0Ið&(F˜Ø$ÕÆKc.*0 ZÂ7ßç[™°I¦Ñý‚�„è7I³15¢¼)t÷ð%Ÿ‹óó™ä™Às¾æ� VG¾M’ìRò��‹¤åü¸F¯;Y�X[t²Rexòx89§Å°×˱C±œówôéÙ¿ÝãÄFò8]ˆ�asü†i9O˜Íº¦8q5@†Ä‚µ³±ÝÓ©È»ØrŽO2|Üðø‘bª¶Ä£;AféNsz[ÙH{$€Òé‘Þó8¡
Ç¿-Ü‹ð³p
+Î~MÛ¥-Ï\(6]N¾cdl9m~ÈA9³¢•„ììHá<Aq~*82€‹ÔW�3`M•ä”CÆ;ˆ4Ø‹l=�íÄ¡4P
+%×3¥)¶Z-MÁ3±ªn‰ï$©Áùr±³-We®Ö*¨À©7‡}Ï÷E‰WuªR8kš
*¥ó+XŸ.âkŽÃE£óNÛÊ$›ºÓ¬FÛ±§�q	
+ÎÙå-7–TIV�e‡Ùdì=`/°ûÊIŽ‰sØósÛLÂ75†x‰S«XJ† óݺB‰ß²‡|OE€R®.D2¾erÎ4{z¤Lœ8Ž�Û§õ–QÑ7�¦˜Ž·;YÀÙÂÀ[¹“ÐõœZâIĘãAe£÷£òï¾êÏ!ÒŸß�q¯¥Ìs9È
+¤Cл¥ZSAE›NMäŽJ,6·8?Å!™®Ø\–ŠëÐy~€ðœÖð·._NÞq^‚¾R~ŸäjJeTÜ°_§: [3i¬7`ö¤ÞÙɃ
Rò°²yæb¤ùr‹Sœj‡À÷µ¶iå^­c°i9½ö…bÝa2ºC5}`�î�A
ÆKKÆ‚ÛAÉh[§[¿	YçË^³�×ÜQ¬¸cWq+®¸o8¼¸Ç
(ºƒu¹š§�š—o(Ï7z›CeŽ7$`�Ř€�!ÅFµÙ6qìÇbP`ƒ'S–Ür‹l‡²\,l2±°ošøÉ‘‘ñË�™G1Ho‡ÄìÝ‹�›ŽÂ9Ã}þ†±§»Â†3@â~Tg/X!&°pn9HéÂlŸmÍ\¹’}ziH94=ïwžgÁÁU¹[´Pk¨x”s<Ò<qM|�—‚ÌÜ“
+|oí‹Åq™žø"yK†?$ C®äýj
+ø5Ÿ�ƒ¥›ŽÞq½]lÍ÷<+›l%Æ\Ì9¥%¦kKR~_‡M‡Cò9½~s�檊œ±ëî£ÒàDŽéÓõO_o¯o~_rŠ™³Ÿ…“�‰Å‹“›ädš)PÌUã3@vË ¯†¤m!’…£Ç~›q»ÿ\q“Q	:‰[ƒ-$PÌ‘-$é©-$XÕéCÞ�ÏÄñc‹@Š³ôœ8ŸnNÝåºå’xã‚‚g
,®uïèó¹3Sm´å-W‰+8ŽPÄàe±„SBLBW�½ö7È$Ñ~Õ˜11&Úw0±d:`¥ÃAë5¾Í¼h?S¯öû±¹+�pjÊ?ñÛA×!°…Ù8-P“¦£‡ù‚uÂþ,•œ©;ñ1)N6[hȉƒÅ}L�pR’‰ð4ú3¡åQªê±Qš»&Ç(î*8…J¦@ºæš±žo†çz9>L‚þ&ïrn
HÅ6Xâ(ÝÐ*¾n7Ôd÷}™[Vîh,ÛO·û?Ž¥©Ð
+endstream
+endobj
+551 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+549 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 551 0 R
+>>
+endobj
+554 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2482
+>>
+stream
+xÚ•YQoã6~¿_á·Ê@ÄH%Qú°ÍnŠ®Ýà⺸zŒMÛBlÉ¥¤é¯¿)É‘6IŸD‘gæãÌ7Cj±(ZìöñÓâÇÕå5_Ä+âÅj»ˆå"NX!«�ÿ	®öêÔêf&	âèûe(DÜT¦U‡CYíp 	~Tf¿yZDYóxùßÕ?/¯ãE,X"pÉ$Å‹PLÚUAVºÓŒw'X�z]nŸi¹<
Ú½¦ÆݳiõÛ"X-“(xÆéQ IÂXi�‡\2É­ˆÕ^7¸JGµäyðŒ/QpzÊÀ�˜úèZ[­Ú®Ñ†NÆÇLä‹È.º®«m¹ƒyùi
+¦¹Iª"QUÝÒâ¿ñ4·_Ù·ºsݪkë£jË5@ù¼”<¸t#Üû	•Öjµ5JûbÎ8 	Óm4lϱ¬ìâ9˜çM͌ذ�<\W½¥ç¾6V˜t{ˆ}Oåá@­¦«ÜôŠ-Ã,É‚/¦³Ú¾„‰Ë˜ñw¡”�ÔŸ¡ƒJ«ÖÉìÚ²:Ireduj?&ˆ²8(·îéÞOMY¡µ­Á÷(PÔ}Ôƨ�¦þ�ÎÝ`Žÿ–4‚m4v|GM1ìÃz�}2Ø•�K‡òhåþãÿM€K2ÀÄûWâê?¬¾Þ~š`—qVnÞw„‹@w?Ã¥>µ¥Ý+ÁÓa"Ö˜ÂAH/ì
+6t	V4Ôîƒ_=̾nZjVêèƶµûÂ"`§¹�¶�/ä2L·Æ^¤“<	”¡™SSx’8]MW‰Wmq‹{mTo[]aø97Ks–ð1œd2ÜX�-´¤Ñ®=W6Ʋ✒qŽë•¼ºý^}þùöÃ/_û¯w«O?OY,JÐÑû
°BÍvì‚„Ïù+üe"³°«ªú©
+· æ½ÙƧb’˜e=6¿-™³?O€ÄÂ8eYn‡î¼¡ä¿ ->¸Î©.©d¹ì·ät‡¸$2`¦»—µÖaF"“àd}­6¦¼÷’—)ìá
‚“ò’%3ÐN+ï;Øëv‡M³Qœg¨hÈ–ú|”¹|´WMŸ‡>ê­ê­y;ÛÜ ™—#qÑ˾@ø€ú-õ�ۧѮcCðE¢Yiox+b1ñ¨¼0{•hs?ˬ›òdùp¬
Ø©m¾‰ÇJgŽA›u)QÓlå>*[íò¤òüŒyÌ^cÖH9w©�¹
’ØK3
+Î’ó¤Êüâç¤'Ñie\Ô“¬Á×xÇÆ â u(7NÓ”
+ÜÈ�Ê"ë	¹ÄC:¿ºšn?”Ý‹©mŒ'}Ž[ïõï.ºŠ	k”º·åAϲVܯ
+ØUM
L"&½†§FoË?'+%àï©›Âf¨‰Éâm?ÊXêµ9Ô–¨ë@O¤äž¶1CK<·ÿþt}óë¥u¸Ë×ö:†,/â�piLïöÙÒSÿYšÖ8\€"*‡­š“cwœ!Ê�‰�Jº]¿®OY‘�Ò¡¤zÃ>[z’B6áæÁçóLÁ‡ˆâ2rÊ;õørÛd?RÐÝWPWŸ¹¾ùé÷»›ÕL�±Èo«¶µÎcÙÔÕQ{¢A	Mz|$‹ó1>Ê’©šDFžp±Ãî3Ä¿ÂR‚º�`í\š“Ø.
+v qð�F‰øš
+ˆRc&âáC[eN�ªÚü=ÎÈÓ9g5È¡¡F
+º¬.Yz–ÕIåÊ%TIBò ¢z€±&Êœé{X7Î'¬Knê¹,$ìŽc…OC9¥¡ÏîXÔ¸MÀlt� lêÃÜ1åEFzŸ–�^×»ªüK›Yw[bŽ‡
È£ÚÒO¬é	b°˜F¥(ëîé+-[ÿ)Œ`Ž6S.
+¡–‹ñT#ñpC…°¥Î)òš_ósÁ„pÌ’hgL¦ã=ÿbl*–LmÃØSáãÒ�¥7†àhÓ¾}±Å…Ã(˜@ciPV$ZŒ6¢H˜÷W-MxÊ$¯~	'i­6ç¢fU°ØÓ=ó¤e!š¬.
˾¨‚¸L‹
+¹v¢(��»'¤oëÛ÷û>Sëf,ñr/7úñ²ê| ��/ªöïÎ]iSåJ<,Í©”ï» Çê+Ã�¾ïv;tË©
+¶€3LG:Ì8c'­ô…7Bqsš®	ݧÐ[î$e©jºãQ5ÏdU©£”p'ü‰92û[æ8R#'‡¤§vÆDp!ÉDgá]IN² »š!tÂÐ@ŒU4£ä3á¯âòÑmnÏ®§1P‰?˜;V¡˜|î)çi_Ž+zjkûxpµ¿jšîLÚ{T=c:)w¶¹¦YoÊfJ3¬�S˜0ÍĘˆGPüËç$P õ›úÓ?ô¸+h™ºkÖš†×”o7nRYQ7HÔë¶nž'‘Ë£bµ9Å@¥~K“B~óÞƒø=‰m(וWož|�Á!7��ÆÝHYwW­po9éËë¯×wËmÖ£n¦Äy§i0ŽHîJ—„‹€Ž´t$—0ð¡k]å8ÐPgìDRðÜéÊf1Ÿ+ä8¤õâ=ˆFç4]žºÐIßÝDÀÙýŒ�^Òׯê`°Ð‹à8±^k[™àÝ€ŠÜ¯w°²æ®ÂΧr£asìTã‚n–(Öj …æt°hàÇgxS˜Í^U€ßŠÙ*
+Ì‚´•dgÄ2Oºxªyqgpvçç«T›Dêãé [爨ÔgÊ0Zðì.@ú"íQ*¿®—PØŸÝ¿qýLEÅlÁç£ì]>’ûØÜ+[rPf�Áܱz¹§û³†äQ
1— e:ÃPW˜lÃYÒóÙÄ]ŠOLÄhdŸËЉ‹x[ûÏF¼…WÄo-
g@9ÔFŽ]D\`M3
+î
°Fk³Rät°û½'…ב¶K=¸–³þïŒRÁel„`ËhGv-QÌ^?
+Œ?�&^N±�,ûCºZ?à
ô–éËÞ‹eú-,qˆebŒÉ‰J¦{ô›“
g˜¡‹¤
ÿvO93*èB$³õ0κP|÷€fxî®×³wÕrd,m“a4%<îÔ5åöùÕ«¬iE[ˆ)£&MÁ•*'jØŒšDÐ.Ùà¥3®×z<=,zYðú®¬?1
¤È~YDKˆÙÛX‘
7 äu×ÎY>œd_s1²9yo³ “×ðçD$©«.P/'—ºõù€³/”“q´4ÔCt°¡—{û„€ˆ…ÍýãØ#8]©Ix΂‘
•d=®¼Ÿ#û;ŒC×ÕŸVÿø?éIOö
+endstream
+endobj
+555 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+553 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 555 0 R
+>>
+endobj
+558 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2378
+>>
+stream
+xÚ­XÛŽä¶}ÏWô[4À6G¢.”äÁ†wpbìŽ
^ÃáHìiaÕRGÏv¾>U¬¢ÄnÉ;³@^Zl^Š¬Û©CîB†»§�ýüm÷íÃý;¹‹BQD»‡Ã.ÊwQ,Šd÷ðÝ/A$åÝ^*•§Á·z8Þíã8Þ›ƒéM[ü›?èöNª`ÒÍݯÿØE‰(âÝ>)DnEüæ‚Yõ@_MŸ²;�3ò`S#µº}Ç#ýåÞ¿‹½3Æ™ˆ‹]h7ØïM«³§iž*i$Ò˜gý™÷n+läBe.29Ë|®ÇãZb6˯%vç±îÚÁ�Y�7§·v[)æÂÉ)»öP?M`¥ÛÝöqŠ8ÛíÁ!9¤7e÷ÔÖÿ5ƒX	…³E»½ŒP
O	}Ö–Q"ÍInjç~g>ÊTµ†<\è{AÇvýÑ=�NCÝ>QÓj‰AðM[õæ™:ßÕ
ÏüpFs¢‡¾;QïÃ].ƒ^·ƒî˵{<[
z„Bå¾�`ÈýI7MWnêSøúü4Ø#¤î„Ù¿Yð;jeú
ÜFs âVŠ2‘ºhøƒMã\„nJÝÞlWÕ઱ë/ôwny$BœMýxÿÇšÉÔEœ¸Û'©Ž˜J¸}³ íFjàþ˜…{YH‘Kß$ƒ>™uÐ+‘/ªe<…â;Nò@ŸÏßy`t�gH
+4�]š/K>á¥Oí´-©Å5AùÄ¥qð8�$W·´c×T¦§®kâX_?Õ-œÿB`fM“*2G”)^eÇcê|–ª r¥Bft™ú8TkJ̺/0±s!x0�؃·¢âX(õ¢/fƒZßÃñAÏŒq¡=ŒhÁ,b¦YðŒ3 ßðŠ¡;κäfײ¥Š#ΣK4%fOx0ëùR#ðaH…É4b<¤6õÉ€º¢ÎGv¡vezjÆYˆ¡î
pVRdÎÎÿü×ÃÛë`üöÐå ¦5,`7uÝòI5)‡ÕS˜jQZd€/ØÉ®Upèzê}>Ö³eBŒ#«/N?vSSQû‘Ò„þŒSßèàtº*ŠlYZ©œE"~¹H¤‰È]ÔTõ€†¼ó�Š€fΧý³—ا±;�3KÎè"qŒÀ›*üé4¡,5<n
Ø@_†ó‡órê3¼É!ˆ8MeÀ+mP£×û¡+Â{2ÙhúS©Ï×ë aJ†áÁrñ´ïáÀt>75CJè›ó¦`ZãH6
+訶([àª2ÿ™ôÈÔY¼nbdKì|l˜TéQC4_agÀÝWWÍohËáÒR²\N¤†Ãí†
+P-º¦K_ªÐQ#;\_JÙFÙG§‚HSí{ðmS·æ—¿Òò“Yà„ÿøþí»ï^£kºÈ¯kªÅyÓ&%’ªàä–yŒ}Oú“­04Nôûሟ¨…秖æ!‡œ�h‹b4vUÓP¢åÁ0ðžÕ¦Þ^C@÷~¦®2úD2'Kdâ
+IÄ‘º¥�
BB«ð؈³õÊPY.Täñ¥œ:(ÙVš®ÿ4І]‹€b¬)°µ¨ƒÿRÒTF@¬Ô…P~n5�"¸ž�¬À€¾gî–\1«x#|ä.]ÊèÚ"sÀ{ÙÀ(ˆÑ™ºZ@ªƒ‰7ëŒ
¾˜~žO„s •PÌš M O†K
qWä{‘(ÔuD`ÈdÊÔÌ	èk*·g,àÂÏœ¶l¦Ê“]GA¸·ÍÚ.´ÂiK„ÏŠÞp¾Øzša=Å“Ú*0LÃŽSר<l÷xA‚soõç�kU\à׳ÕÌI€K2'±44±ÙŽ´ÇbAEm.)aà¥0ÓÒìš–hÞóv÷ÖLp©î„BV¬¿Ì€]ÚJ÷Õ:íç£rç/úc/ºØX*¤º² –=À“�ü‘¡qòB)/N62(‰óBÛ­‹
{¾�s‡Ÿtàñ›„ØZî5@ÝÕ•ðá
+8“0'˜·Þ
 ·æc}ÊeJnZ*‘|ÑP™ò;p0àè$¢R‚'¥”�vàí8äjj“}
&‘ÌD½â	
.(ê@ëÑÖ2eC¿ÚþÏ©N)ÿòŠ½g¨9-Þi®}B�W³î/¶¤yò<¸*qê¦ÄåŠKœZòcß6T¼

±J(ÅàË7Shù7oøûÑÏ‹„¯¼Ø]Y}—&€Å>�…óúý:Æ–Ðv¯Ö'Ë�šó4^"<Ž�–]À9ƒ-=\9�Kaüÿ91^ÂWɪDäªáÇ»
ê©Hdéõ<O}}¸¼L;=¦e	»eZ@á-ÓJñÁÉpÇ‘?’d;ÿdN©Ðs9¥Nº£™o/ŸðÓWÒNyo§ë†þ}è#®yÆÉP…^÷Hů�§º­�ï)'_Vþ�Õ…4ëéìÕTîÂ|L
ÿ�¦i¨‡9%tòFÔ}€œ†ü°’B`—MG6ËÙˆîA:`?L ’–òvx)¥1»‘ 8L$yu~O„ë9UäÄ•æ Œ“ÚJ˶¸ežáækÞjïeD-/«™ËoÜR7–bç±#7Ù?ÌÀ¡e
+3ñ"Uúà™-nA·%èömÈZKùœz¥R䉟~Ĭ1÷ˆœèö‰ß?eÐOí~¬O|UsNxÍÓ,Û¡Ñý�”ƼüDûÖ®¸Ûç1‘Lß~Ä_lX‰Ôœ±Îþ	Ö5DÅÂAÝqϹ¿~~ƒ˜îÞ±ŽáÞÊü�
dyçÂÓßþ­;›VÈðÝ™8Ž§f
$lI4#	òלÈPX8‚ñ»"8…̌ӱ˜ØÃ¥~àž]Ö€ØÃNwî¤=W/X‰ó”
+pž�S�7~lB>õúÄ<Jšä�Wö’³t	9:P›-ŽM¶80†"ŒÜ½úÝw~³›RÑ_Õ<�€zoñü²¯
4?¿Ð8Âþ½®¬‘ Jù€8q~Ãk¾D¯{Pà …Àé¸ùÐ-ñÐ-NØĶ­ì«|˜óá`ÝR…KÔüƬn
‘»¬
+¤9¬¬[ˆü£½]ÞÑwy¹I²Y:ÍlÐèÅ×	’â~¿F­×·)¤7ï�Œ¾À‚åùqÂ�õq`>›rME8ûöáOÿâ‰0†
+endstream
+endobj
+559 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+557 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 559 0 R
+>>
+endobj
+562 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2168
+>>
+stream
+xÚ­Y[�ë¶~ï¯pŸ¢VŒxÑ­@Î9IÚSH€ìC
Ÿ¥eÚV–]6»-Úßž)É–º'údrH
‡3ßÜèMÄ¢hsÜØŸ¿l>>}ûƒØðˆå|ótØðlÃ%ËÕæé»mðé¤/½iB)EÀ£?=„JÅÁçºëuU•õdðQw§‡PÄy”\ȇ_žþöírbÂI|ªœe–kšZï*›¾,BàôLÍäˆSç›dá$ËÓ©ìà|΃B�qc:[qô
Qv J"ZÖ"
ÌçQ@'‚ðo™�(£ <,Dœ³<ÝDöäcQ,Äœ%~ÝËåN¶zÁ9H¹ga’æ£ð"(š¡Ú_K
+¼7¡�’%Š.[¶ø9)¯†¿»¡¬Iã�
+^ìåÚ®lj2mUø±ÛØÑoÛØÓšþGèN¦ª®Kb8;cŠ;eÛÏãàŸKÕÄLeîæç².Ϻ
+‹¦>”Ç…’²ïB[¿!~Í¥w²&`Çšˆ£Épâ¯�¸»ÄÁ¾ì.DÛ9N·Ë‹zhªªA}üê�éOëiçnè‰\ötm."§s�•N9§®Ât£¾ˆ8m»þ‘Ü9›”õ¾|)÷ƒ®hMg�ò¼‘if·”
yÀÞkô¥}ç¹Ó¢sÚ”O›¸˜7ÊÁè~hÍŠ3©¼5œáe¢XŠˆYJÎù
õ«"aõ‹¿V¿8púMœ~UħËâºy-Ì¥÷{[,ïÃs�J'9œi÷!B»/�Õ­Ôy:“šNÕõþ1—‚ùͯ—chŠSîÍAU¿ä.ÌGÎÎ2–%s'Ô H0›š&2,™{€…ÈÁ”u�¡«9ÜÞ\Èô-T.vo]oδ¾'°÷]ÝôDGÂA/ËHNkƒÈÔ­“¡.tDÓöl¡
+¿èÜ×áWW¥îVo6WÁïV-〾‚!ž×‹®)öà”ìŽVÖE5 ÌHE™—ˆv¤ûu1 J�zd¼p1áb¨×y(Å2¿g˜•ðKÐ'ßϦ]έ‡Ì®îc•–Ð`û
�2Ý/�.Rè£!/Nå—‡¥òCŸÈ–êoËþ‚§@ø<ŸÇ;®ç@’ç³W¬PüÊèD±^'”óY¤è
+Òw­{CtØp¦ôn¿s¡Ú(grŒ&ÀóV.™Ü{Ž—ÝríOº'¾ì '�
²”C·Š %?#ÍÐÌ�Ê9ãW—ýD
+®t}PÉ·bÆ	Ëãw¤„àž	·ŽyßœM�‚ô.œp˜,-ÄÆɦۿ7ö"ÍÅEh|‚€×·CÑ/  ƒ|
\ÆL&ëhõ[øHÀiwd"o¡œ€KMmÂ}	Fï´©	Vñ4Ÿ�WÐðå!Æe'…%yõ$sõ“„¥DÝ~hÉo¢¹€î§1ÓMªîs�Ø=„²©o Êý~Ũ(ºQRF|È«Ì’züPE.Pž2î½ ´¨¥²Øy±l:ê†]×—ý@:Âe]`qÔÒÁ­ˆºýëœÁçÚ ÎËåU‚œa,±Æy|§B�•	§˜ý»uºH²9K’¯(.½R\j
ÂÊ€Cq•<`ú%Xf	ž`ærñûßúq÷WˆÇW1ÒS©Ý•þqÉJ‰=ˆÛ²Ó…«¦w˲
+á1²¡vÃ4�À†Núɘ °d1D	Š]iÂÄUÎÜ~¤‹â9ßû‹®Ø0uÕ$9®¯ë%FÕKez—Yö¦+ÚÒÖZ÷Ü…æ°/Ͻîð¡4»õ! PMƒÖͱ.ÿ52½Ò¶­ "—>ÏË2J,îò-$€£öŒ;Ó¾ŒýP~ÅIÓÚ™/0&Qr¬/…'
*Cv�ÆϾóŒ:@ð×¢£9iÔGÀàRºr
šGã7Í[‹e¾L¦L³~ç”	_ˆøÀ
+l§À
+Ì;‚†ÛŸæ"`,u-¢bQ2oWI"N‚Ì¢Uñ̵šHÓ¾^·óØ],u\Ýû›’¢m>À�Ú­º�é~²ŸÙŒƒÃP®À)¶lv·ïu,T²¸ü¹Ûû«"™ÞÆ~¤�…S¾^‰BxÈ=^·Ûe,ƒn7KèõzŸP�³“ƒ
+½amÄð†…c© 4Ù~B&>ÞKÎT<7èÈbÀ{…�¾û×4Úš#DÝ{
+õñ�B¥wœu_ nN®8JƒŸ~üùó?h*ÝŽçî|gœM-¯w<¬µs1ó)úÏÿ]Ǫoö¾�»²ÖT/l°çÇ
+q¦ÞÆ94b¶TNrèUèw
©œêà5l¨©E¹Â†H²6”«)<hÄî±�+„�‰IŽpPÉRêÓGýÿ ±7»áx4íןàf¸XTŸ@“˜³¨‚\‹¯sHqµ7î¾-wCïß@:sÑ`S½Ý+~	ù‹)|N,žï
+‹[¤>Ã@/ƒzÅï*måƒ�bs”WŸiÕÆS¤¯Æ(Ml/CwÚ¯%ÕDº�K3áÓÓ¥¹¬|-X>~ÊL­wÜ�Ù§w›vÙ­„2æè3ÄLYã½–Ò§k·Ü»£¾›©·[u%ÁóJ_ß
˜¯½9- 3Üߊ\Û9:V2½Buz…"lÅg[ËP±'F/¥¦í+Ï~�y’ë·ºïëëëBàZÝ|öHgª£jšéCo–|&<œ×Ø
+Ž¯‚´~¢÷4r†Às#SPų¤Rã›Îâ1ÐÃÂÊ[`4{!&óÐ%Ãw.›‚ÔñôŽi+C[¢ã®`BY„ØÒßHûèŒn�¤R$X‘¹«³8œpõ4¶½éuY94Ó´\uÙLLeƒ·Þ¢×�,ï½pq&®U³x#KYž¯aÄc’^y¿úÃo^tÂñ
+endstream
+endobj
+563 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F5 30 0 R
+>>
+endobj
+561 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 563 0 R
+>>
+endobj
+566 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1792
+>>
+stream
+xÚ¥XKsã6¾÷WøЃ<1âC¯ë¦»ívÚ™�MnÉd‰ŽÕÊ’*ÊIóïÔÖ“¬»ãƒù�À'�«€Áêqeÿ~]}¸»þ$V<`)_ÝmW<YqÉRµºûåÞãB­}ÇIè}ÈÌníK)½¯z«;]ç»Êû3«×"öYµþv÷ûõ'9Éòá¾òUÊ+Î÷u�m*ímü¬+ûÝ^÷eN[gj„1Ó•ªpRås�W‡ÎTQì™CÛ‚b‰×t=Ž$Þ¶é¨ÑïôB.&V�•ó?ÆØÃúa½8T…Œ§n]Þì÷Y]ÐyžÑšäßê¼/›š:’	¦˜ ÎýMS%N }2鬭TXbúî�÷æÛ¡Ùf�šZ<xX³%†	‹Ä1Šúß^×….üǪټ…`x‚ §*é„)DÐŽòi¸Íú^w5Mí³>G¯ïÊú‘¦·:ë�64_h“wåƒÇ#
ÒË6t î{ZCË:
+àžéx€ó:‚c;’…,aœ:÷_Ö"òu¤ƒ“:K`…¼Ö�®Zs(«¾¬/@UÄülð…!b
+%/$
+°,rÜ©W”ôžw�`é…^Qš¶ÊÐÌC#Vž=q1¸†*r²õl(cãi*Mub(ºmÄ&œÅÑܼ#/ØP·˜Øàƒ;†`W3Øeza<ïJÓ7ݢK¡¦D••
�Ðs£áyNˆSÊá¾]Es(åt³àŒóÁ©¯h­$‹ä±_�6¤›£T°öÉ
B)D<3yrB:¦Áä„ßF³ÁŸÖ;Y^VÀEúÏpy¡cþj6~ÞÔ}×Tï;çÁƒ�vÛ¥†m€0š‰ÝV*ØŸÎ(×
À@óf—µ=ñBàÅ4vÿ;ÉáÈ©˜(‡Œ
Fc¹—€­WÔ,·K¾qZI¯!6Ô]Ö[JÃ1óbz½wí_‚½û‹`Ü 6/½þn
”	D賶ÅY{ûÆ,Cô6¦�h1ë²44@Ø-Îø€Œ�çÆ“ñ°°íˆ´K õ9†êÃZçÚ˜Œâð²·q’Ç8Õº÷;]”q�ù^¸„œÁ…«6Œón^f�ì +k,öš-ý?ˆ0®@Ä~�0LŒ’ïý’¢„Å\úéºÏÛkZ–ÎÔæ,aט~)²>Ä,·³x(bZôÿ)*¾ÆåÜ5¯pWÍu=ÿW×è-]å[ºŠ˜EÁ>ï4RO½ƒÑ–±�¸2ðŽÂÀ®ù2˜}› lK�û¯´ÇQ)—(•ž¡E¾ÇŠ'a
+Y�ñî›ÃÆôe°º¼[ÇR¨†!ŸB;˜b¢(G°B›‰µkœéØMÇ•XE4~ÿe!çv&¬^Pà

5±mY† Š£oÊ{ôxÄó­?À
+b
÷#|:Û÷Ùà£ÝDZS#°öØeðåuS	~‡ÛJ»‚þvüfRˆ´`Vôc'±‘
{’¹öf”®Ö�1Ú .½ÏÛá^•!%¹ôU^Ýô4@0W¼Ã‚¦�jƒ]æЯšÔÀh()Òû¶÷ᢾö�7:ý}ÆÂã€5y‰j£òÑzJúÜë®ítŸ¹ðå‰åX\˜ÑÝ&÷xAp÷‡Ž&†u›Ì~Ôþ6Ô?>\4²v¼gàüé'Ï J~ùí_T…)‹^úùË-_—«ù«Åî˜%ñ´YüÈfùöfºP�aw`»@MbÔ9æ$?ƒ,Á=r¶��Œ92+^
…˜ÝvaMÄR…À/©æ¢ëÌeÃ�—#óÏPþbYf@»!ª` V3ê»´tË*¨l]œoGª±Z[2±Z»Pw�€÷JšÔÿð™Â\üÝ�…ÜBøé}ZòÁ.˜rõ¾ïr¦4>X½¹t·X7Ý]`ô¹ìwÔ"ƒyWîÃÐÓÚ¦…¡¼‡©fûFYvÌ+U¹éF2kl5¯±¥—¸ÆÍx·‚Œ2>’þ§NU^_ø
…j\‰Z\ò~&§ï¡«„q*#Qj–ÕÐʳىvݘO�9C
9‘­ Mãb^<ˆþÓ3«4°nrMªlpIžUÙˆ0p&�Ë4³$"Å¡Úë6èùE"'ÓýÏ‹(b“Ò²ž’fþ™,coO%B¡1ÛCå²&¦l‡NÄx@­û;û"’¾žHºEð\Q
詳•Eœ'»¤dWî�hö²|®3.œé|Ax]�I<.Êäüb˜05Ðæ+Be‚BOßqTÀçï82‰=[,=êS¢ÂÁ�º¶–Å"¡ËŽ›‘Ú{òñÁí�=ݤ12ÿkO7ãK¥Ëëé¥ÒŽœ¾Kªsï’«�w?ý‚ØâÓ
+endstream
+endobj
+567 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F9 84 0 R
+/F4 26 0 R
+>>
+endobj
+565 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 567 0 R
+>>
+endobj
+570 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1411
+>>
+stream
+xÚ•W[�ÛD~çWXâ
Gª§¾Ïžh¡¨H›J Á¬3Y[ulãq¶»üzÎef㬣]xIÎÜÎõ;±ˆãà& ¿Ÿ‚WÛ—oÒ ‰E•Û}�¨ ÉD•Û>†¯=ÎfÚDY–†Iüí&Êó"|ÛÛYw]ÛßàA¾Ò¶ÙDiQÅe˜¤Åæ�íÏ/ßd'–HJ‚(¯„"®Qdz}ݙȚQOz6QcºqßvÆòÛ…:…ED RÂ*}°¤qhî@³^w¸JÂOi!ñ=-öÃÄÄܸ˻
Ta}<˜~“ÊpÖs;ôc§q÷ÌŽ·¯y‡häóتT*‘æALZ¡
+ÝÓRÈÌ]¸>¶ÝÜö¬V4z‡‚(‹sQI6± »Ãžýjçazp2›‚ŽTlÈòBw¿QY(Ö¾÷¬D’>ò>ðîØ÷‘�QÒ“îgÝ®@'P$ÏkDi„Ô™+¹2Ï$º²DW"}É•I¡Dž>éJ)JõØ•(Q[÷Ïl“£göÒ„$Œ®Q™†•ñ²ÀBUŠdiè<Œm-6à?n›‘”nwD©�b	ÿó¤{Û
œ(PRº@Iï¢>ÚµÓÒLƒ¼Ùéþæ¨oŒuÂ~ߨ4Ž|xÐ…°è�aÌÄË„ æ€ð=†Õ£…4ªÝ3XÛÃÑår=FÈ·‰ÏjÝ÷ÃÌ÷Ýï<—[t•™îùM7x,zÏâÛ®êÎ>
½ìô€A=Gã`Û»hgöúØÍϧþ;ý™R¹T\uè�Z¼)DR:œ÷KHª*w#ª‡�qÐ>È×ç}ZV¡W�ŸBk“W¦æú�N”ŒÃ�®Âæû_®ÞþÆä;®=;óÇÆš"�-°6BøÙ³R}Úü¯$>Ú›ÈÔÍð_¼È¾w1¼ï2ûþÀáÅy,Xæ"K¼³¼È»ñ‘IN!ãg¬Ie!âü¢9Ïò^™³Eu±ºäP†}Ä‘÷…Pùãâ‚ñ4w#dÓ×X8dørÝ6‘±µñ€jJæ²í¬†|°¼w
J/iø¥�›á83d*ÊliÓdþ>¶®xù.†Ä_ëÅ—ÅȬ‘ˆ¼pÇß0‹aDàB©‘Uåên[3•ž„=`·›"uw¤³˜:”¿¼ê‹)´{/âùçEŸñ©7Z(Ã�k†E&âl™ô¬0z-ÆRw!¸ pë’|9@ÏWqø¥i)�
³<8ø`Ä$ãö“EuYö)PKeÏ@©ò¯�FdÜR?d!j¡(¥kÀ»~K›“eÃáÄŽTBL�
Dº.ù#EvVH¨+¥¢¯|?„Í=”CÞ=cWÓ,îÉ•<�¯2ÀŠJr(yž¥¯}¸ÈEÊ×\éýWœBÖ•»ør¥ËªLð°„憲ƒÜšZuÜ÷ã�›€òÐ'9”jä‹ékcýE=¯aYf"-ŸŒ])
+_&S7}û�á¾`…Ä\ZÔ¬-E«”nôdz�¡y"
+é¸b»io"-D³_*!“S²"·zpÃ*xwÊð5¼ŸÌ8
„/°Ú¢/K‡q\d^ü×�Òm¿.9$¬:—þlü¬ìdï½NIË‹S>‘Ÿ ÅDy6Íj{5�G  ØÌnT�Õ~k½ãòÔÈÙmÇi­y
ÎÍM_ áÕp Æ7ŠŠ”u²ÖºÌCóÏ óh˜‚íëxÁ‚íƒ1Í쾈ÃWŽKí/˜ÙŽg‚ò8-¡G•g=Š‘«*´d‰U¥x<ƒ7žñæncÊ$	ůÚZ°8,â‚GÀ_7-ÍÝÇÃŒöõŽX„kߺô‚sÎ?8¢²DKŸk§Üò�ä3ÜÈîÁÆ3&©‚™Ióm=sÒü¸ýê_™NÈv
+endstream
+endobj
+571 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+569 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 571 0 R
+>>
+endobj
+574 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.цFfšºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kD=
+endstream
+endobj
+575 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+573 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 575 0 R
+>>
+endobj
+578 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1122
+>>
+stream
+xÚ­VK�Ü6¾÷W¸§x€ŽÆ’üÜS6m¶h/
Ò	zh
+DckgŒú1°ììî¿/)Òo&[´@.–DIÔGò#é Q?ü¼ÙïîT #QÈ`È<�Zq°ÿéÏðö|ÞlUÚ®ª7[­ux{Cã{‹[yØcÝQ‡o¦£a¢ò4”*Ûüµÿuw'™	åuoáIlãBäõZ.ê³$¼Ýls�“vØY´Ã–×îU®áƈ€ˆˆt¾k¬qoÄápÁH*LÓÐÎÁ#EÑÓìë'TIÖU4¯;~Ö¸“Øl“4ãåÜàÆ`•{)«Ð¡;õSSÑÕÖü�Ú-ïLƒ%ùx2¨g¤í	­¶lDA&Þ¤¡:44vx8ŽòÐx¬ b…0«y4g2Ýš�o{{üYK“ÆŒÖññÏçàêÞŸRaOl}ªt¸ábúâE~ØG- Ø_¬2ÍÃü<9"•AŸ7Išº1‡Æ’ø¾hr·Ç’¡o‰zÍ…\¨4ˆ¼úûñ|³ÛÁW»IôÃqwž» Ú]“(‰ERðEAQPy&
+€S!µßø­+
OœÈgpqbÐèl’Tv´C[w¶¢5Eg…äu9N>ð~ek7:Œm.ÃÉÙù¶½²TK)T΀Ñ&Ôø¥UqÂʾm=U¼ºžìÓ¨P뀸éÐ"}T#P•kŠëU&
b˜ýrO;‹/ðüs_ ÄÐ)L˜G°L
–tQ¹
+Í`é„íÊ~Ì�†kÀéǘ@ªÈ��£ñÁ³¶i¾GHYøût<1�Š/0} t~:Ÿê¦w=¥i^¡P²­0YÙêHÒz³žèò�òjÞ©�XÏž}'¥
+¡gFÂ[ŒÕk&äUÀŠ©F‡‘ñ¨”¡¸qõ
+�'†ðÁÙÎŽT¥EB&S
ïìƒ;ýt¾‚”�?†€™ø�Ò\dòynÈ(YA¹Á�ÂVÍŒÁ^@^ÌØ‹(Y*£ÆbT6SeoèµäòÚ6E±Îº�*U×	«D:³›Ê’þ²†ivH´©E6¨�qñ5JÏÅí
+i_Y÷ß1œÌPyVz^#ªÑ`~Ï­t0—†éž °í¿Cø¿n€l?)ÙT(#ìr$¾ÉûßØ·¤¯²®êóÈ1¸¸šºŽŽg‚è9�¸dÔ�üßÄÈæ›>N="†3ŠOƒ-kî�¯hë
Š
B9QÜì£ÊÚY&ï8»wÁ¿v©xm©kçÇì|�Y1øÂVSɧêQ\eçVI‘‚ÝÅl÷‹E^‹xnuç,e›Œ°”ó¿
+.HËò˜çhj¦±o�–%õ"¿Û¡QöZÜ9cûŸU�V´É±²ü:ul~½!¾ãCT?ôªL-N}Ögðìü3´0qù¿ÃÈÚ9f®?Ï‹7åôí¡ãœC&Önœ7:0Åîk\ç"�«_y²ãës/~üãýñ¶š®¸¼&øo÷ßýô
+endstream
+endobj
+579 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F3 17 0 R
+/F5 30 0 R
+>>
+endobj
+577 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 579 0 R
+>>
+endobj
+582 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.цFšºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚k¬?
+endstream
+endobj
+583 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+581 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 583 0 R
+>>
+endobj
+586 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2888
+>>
+stream
+xÚ­k�ÛÆñ{…0˜w—Ïæ“qã"nÜœ¸Pž´:±¦H…KÅö¿ïÌÎì’i»1ú }ÌÎÎû±\ÅQ¯Vöïï«ç›ï^É•ˆ£R¬6û•(VBEe²Ú¼¼
ž�NëPæ�nwõ‡u¨”
+žÿ�þßTë0Í‚ÿv=Í_Öw2Ít¯Û­6¸”¯Ö…
+úîH›ƒfݹoy|sÐM³…*^ÈrýÛæß½+‘GÒ’•bª8*ò‘$%<Iy<_‡EQXŠ2ÉÁò5E°ôj]:Šò„)BDܽ¢ˆ„\…ðW*{!‘h隈)±Š@V �(O-àóÊPZiPO�>êv-³`0¸–Ú\ȃ¡®šæ#
H
LuäÑC_�UÿfEœ*˜êA÷¸™U»#¨?ÖiT}]Ý7šñ8U­©»–OözW‡–¥P$¨Or$ˆÒ^o‚T±b¤eü~} IeèŸH,½�ìØÊ$Z‡	(‚نճѓCVbÅ(1™eQ.W±¥àÔÐÞµP•@­„ˆAÀÑ%�€Æªß}‚2ƒFZzËüÊ2GåY†ÉŽÑòm…LÏIt{ú?t¨’÷8É¡Ñ´¾×Õpî­ÙÀFÕóòÐÑÿ=]H“QÛ w(–—;å�›îȣݕmÂ%Œs ‚Ðé%òC0jÏò­@_íjä©jhÁ{Œ
y–%l÷AUßÃ0•€¤6HÆ@ ¿Ÿë-Þý-wwz¨ê†AùælN~ÊtõC[ïYפ×Û
+N€„RÏÐùâÀÊí|\ó÷lzÚ°sáÕK×÷Â.	öÀ
šªnõŽ¦uKû=¨Ò¡ÜéÓp¸Ü?õú�º;Zea˜hQò+´$ÎG¡%qÁv�#+ $.Á?-#†a¬ÁYkW“H›æQæÌ|èÚD•¼[·Ûæ¼CÖð–šï½ùõ—]Çwîî"h*3Ðh‰
+Kž‡††®µ4*r¥rê:ÓhmmênMѽ2´8¸¸~_ÝÔ›@ŒÙ“ž"b,ƒÐšÂYSH¿“™œs/£,eö)Ä(y ÿ븢Š(ûlT�]:A†Û®Ýwý±"oŘ‚Ó‘ Zºã={.—â˜HâH_Šc…£ÉpÝ^Æ 4õÆlè®=å%¼uâ××FJà·PS«\6�رÌNu¨�G0u›¯%ŒÑ¬ª
@‹Y$�nYìñöç›×ÿæ¼ßÙ8µÓ¿=¥…SõÀxòân=׶Í�ÉWè[B=Ø`_¤ÁÑF‰f¨Ã-FŠäÅ-¥E€ª­6­‘º,pbÆ“ÝÉz4M˜kz®pM«·¯'¸ÞQ6„*)B†1ÝÃœ¥‹+_aàà¡–až¹í hw!{¬h4
+$áœú`ýÅ¡:Q„ƒIAÛ·/è8-þäqü@8¬î„×(rëׂ§lð›F
ïÓøUD¹óƒûšN]:^¥‰8× ¼vAZËü+¤•Æ‚wGV½ÃŒ+X•BMTHÙúWlJí°†@0�.$mÒ?îµM{‡ª­Í‘@X¸ëM'nàömß…SQ‘;Nî•R/üMÖ~o?°'b�:¯R&!žr
PX[(MØ,ÌÓ™:diã*‰ˆùÓ39&E$UNgS,ñÃU — ):­?¥¤
™%’ÙE‰ÒQlRëÓ¹�Lózø¼»d.>¼\hBYí#�x——S——AI./\œÃµǃÛ°§mÝ€ËhCÞ/¼÷‹@…>ƒ þæ%?¹°GÚL¬
+ƒägô¥±Ûßo—¾�—®fÓsƪȮT‘YU„Iêû²Ì!yùᤩ±œ 5µ4c‡Š°>j¨Î�'²„"Ž.ë=J¶cv¡�ª™&õC‚=
¸Asf[±åïÏC�ˆ2Çï�¯o6›×o~xõó/ožmf¢)@².Ò®mÂ4HâI (Ñõ>ÒÆ¢©Ê¼@#ýŠ`%ËË>ÁÌx*ʱ¬Ø.åôûM.cšúÝš:Äìõ•ªxliÏ…1ØÃLà6Üz£Gð×ÜÆ`z¥˜Eua±<›f—öøÁ#§Ahâ)
 ku¸#³Ù>'+ê{¯*€™j•�¹ô˜Mœ'ЂŠÛg‡õl••Ž#€Ê–±! ƒÍ¼^zsu‚Ds‚›Ñ«æe_žLÕa¨]¶íÀ`«äì�€ÍGšUhŽÖ‰°g£iTÁosÕ?W­=J�mqO0sJY´I9
)ÜP½³XhÏ×Jv«£°Pá�â7BJåëóø*!#ÊŠ6–»¼”»<ø·d…¶+ÃSöŠ,ø8/E.´ý(f·Yˆ0REÒ˜oŸDQôd^åc`ñO'¶9ôZ#J$vØUC\ÅýŒLbghòìŸ7¯Ãtð¾²`ï´p‡P›mu²å,5~y@H¸ôåó5=„™\z&�„kýa 7¡«'†Â>1
íÀEÑ)mlÞ˱ó²‹æ|¢ç–®ôŽù›OSl-‘ŒÚ¹uœâä_$//–:–ìKaåO•9˜Í”xCK‹é%N¢Ä5pß~Úÿfž°e”δoï˜ø°½ Ãÿ,Øu4o¨�‚–[‡þ劚C>ÐCÀh8iâIz;Àw¼<ŠÓ™Žs‘\½zËÀµemãCšÎ6Pᘴ
-R(s6ä?s×È
+,÷8½œ‹^D‰ý°žBˆ,�ÎJWЄáî|<…fèAŠfžÁ¡ªÈ®º.‚t†?¿KE±º¼êÔ}ò¶2�”ƒ~‚Ñ(þt©1‰™ÉÅŒø­LxurÍ
[îf»½ïÎô<ÇORð_ÑŽÙöõipù7ŽÔE‰íûwuÙ¿“Ï¥ÜÂÿ4Õ9û&ï
캉WAþ¨N—äÅuÝkù'¼®‹º¿Î‘Ç£ÁPÎúH]ötgG÷µú�òqîº`±×ùoiLIÚšxÎæMX®èïT³SRç�K,kÞøWf!J_±7r™ƒ$>Ì©º‹·S|\l¾Ø�}4�Ú+~ņCÛº;-1çïÏ
Á¼?ØÇ©í~î�©ˆ„)Ü/õÊmC­>è±æ@Z[­w††6ãã%6ãàkí;0ŒjŽAøŠŸ5æ!(¤5½:Ê`�ÆÀR–rÁE6-„ P:»	¹u5hÄ4c'‹ý³èÄè<�ÉèfèÓ,¹ã_óg
+�z¤ý÷5>š#¢mEE½)àßµaÐmöß[~NaA¥**.…Üœ{÷”
+Š8sTï]sD%�í?|C‹;,ÒGsK•+.±ódѧßj°Ç[zÛ)]7Òk£{*Fw„{|lQ9wÇxÓÈ^[é5à]0˧�‘0q~ s?²b.¡»[¨àVö«ÌçSWMÀÐ'׃â`BªÂy½54?NOŽ_€`gÛ‘Cõ]Óhfú}=F䳌”NrÒgš×�
'NëßGìº ŠÌ"µLãODjÈ1î1Â}¾ƒA–S>½³BÕÛ‹¹ ì÷‚ø~v¼Ä¤7—‹ÇÕÿ{\}öö»õÝz.§Ä3
+"G
ö@²Œã€­ëdì¦>ºÏ�yŒ%âô3dS±°Ü™ÿxò‚ÒsSµgŸ‹—s<¹E‰Ëß�ÈrÔ#CÞ”nàĘßËÇíÕUâ>N¹¡{)rüzï"p¬,4S“wGÛ r](G
㌚©<àÛ«¦¡o¸—ÏIið [è��Ðø%0ÖÊ9‡Ë)›x[?…fù
HÖÈ{ò!ö
+1k`õÃæ/ÿª_¶
+endstream
+endobj
+587 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F8 61 0 R
+/F3 17 0 R
+/F5 30 0 R
+/F9 84 0 R
+>>
+endobj
+585 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 587 0 R
+>>
+endobj
+590 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2777
+>>
+stream
+xÚÅZë�Û¸ÿÞ¿ÂE.ˆÜƌć(è‡$—\R d÷®(¼A£µµkádÉ�ä<pÈÿÞ)Q+Å‹‹+öƒIŠçñ›áp!ÃÅõÂüü²xrþè9_D!K£ÅùÕ"J‘`©\œÿ¼".W\ëDO²v·\	!‚wùUÞäÕ&Ç®^eÕ’ëà˜•Ë÷çÿzô\
´¤³’)KµsšãïÇY¬¡™@{H‘Eµ)�Û¼…žƒn—Ó:1¬K#&"»n½ž’�—öó¦ÞàIP«-ч¡}VmB/ÖÁ§]±Á3ØÍ÷ÙïØ3»›¹Õ¶èŠº‚;yÛÕ5uYÓѼú
+¹X¬¢P3¥àW°ˆÄˆü¯$�ƒv——%5¯›Xh°£ƒ‹ Í픳|ƒ{Ѹ`œIÆéËúéˆøm×7]ûO¢�›kK'
+/–v�„‰#!q¦gõÁÑCÍ6ùõ±Dž°“>4yÛ^°¿Ï:R쀛¨zEz\‘Ü¿CÛHúÐÔ(ð�…Ѹ|Ä—6Y›¯ŠªÍ«ÎÿÑ(‡æSÚ0E´®jËÿœÑp
û#Õ	ƒ<fÊÙ
È”BÄø)³S,Lz³sÚ™—�šEâäÅSß;°wÙdÆÃu–U¤2übÍ
+¿ôf…ã‚)Ñøú	­Æágn5Z“ckM8-ÒKš„B1C]Qnó©Ey, ÐìYÀ²ÀI»ësCÉ�Y@Ó `Z”\,ïÐîx,‚b(ó}nð«kiÌ"u²²#1_dÐ�ÎZV~êv0Ë&<ˆˆ©S–2龫y’³Ô͹<%À�eÛÊ›ƒª�é˜Å„J ;T‘§©õc:ÝMQ‹@‹;µ@`»8ŒX,*
+²¦èvû¼+6ÈŠR³ŽtÈ´°„/àoÎùx2Æ|m1wé5‹»;»„ñÁ.¡Ó#.NBÄ]YPObF>¨P,D|Š…н8{(ÆAÚƆ#Ó‡‘ÛăÛľÛÄ NEó×gV|0øi­¦®hÈÏh—ß‘v[&’]–F©Õœ·ÖŸh @ÆyD!ŒÚ´4ZT D#Bèк�ESWÆ'G#krš‘»¿ØdeùÅ.úlÕÜtùÖnUÓ¯
åv*´F\µ�—<¯d”çÈ"W"xR›Ê´¥³RÞÖ&‰0pݪîhJU7{b¨Ÿ£Ý®°�ˆ§u£v��K0óAv8dŽ‰
8SYlŠHzœ“R e ädK
ðØö‘oÎiÀj#ç3@¤4…%ÍÒtðt‘9ë1ÓúGpV§A{<ج10›„VÐø0—Ù¥Žç¿ÿsºE4à䢟Ašr]í{ÃñšvÌ›¬«›‡»"?Ï3Ë,Wyµu\Õ7¸#5•Çܽš~—N�.ûL$¾±UÙž´%ýÈ QæW…·�…´€‘w‰¾©ô‘zèšx†IºË{u[|žÚ	gN+‡¬ëò¦"ÚM¾'h'QÑàT«‰`›ïOh«
Ù`ÒÍÙHTÅvÖ½[I„é-$îß¿Í´ð ¤Ú”¤¿bÜ»7K,ëAÞ)¢¦ßA„h�C¼ŽµoGežmÉÙ5Xf¹¥ÉŠÒŽ*p´KˆBÐméëUSï©åã
Q ÓÓn©ïBLBt0SÔ샴ß"Ã\br0…)Â~3‘A”ÞQü1€­@ÑCð¼©#cƒ¦ÿôǽϟ¿NíZ2á(¯
+ØÃ	& žBK{unÓ2¯®»µéê765ÅY¨û­çvæ	‹ùxçÂîâ#&‚ŽYa´rfaJè_6G9¶ æ�.Ô\<hÎD‘Si÷�j)žÐ¢—ØǬùÍ�ce9§ª/¸ŠÛ¼›fÒŠIç˜ë)
ßË­'À÷\L|ÿõ$N�)ßdú3n[ê7Ê¡¾ç¦Ô�³Í{Q€ ¦ÀíÑ—I¦€Ì«Œe€“2�.û½¤G‡öä"¦åŒ\øX.‰g±¡
+.M"•_UE5
yZ7!Ì$jVq|¤8ßBiü
)ŽòJ<ƒ«˜hïj‹­Í㸳yž¢Õ*Ò	“úÿ‚Y\„§¼ d‰ðÝàÑúÑû‰@Ü&oÆãI„Rƒ•¬�t„&?”Ù¦¿OH)=lw»Gp¸<‘GÄ&ÙâéP©ÉÛ©qJÏeœ¥ö–Gq�¡eºµˆ«¤¯Ðs+ðOÅŒ¹‹ÁØfïmƒFƒæB4É™
‹½ÇgœYG,ä·8³çU"âÆî‘x6dVEicw¨‡ÂNâÅê0íÆ{ćá9ëOà–›úqãO³~¡n‰
Š÷ÖÿWúžÎPáÊeªb>¢�ðÅ¿M™
˜êy4E‰tñtK³¯,Ä»û60é·ßv…ɵJªnô•�!-sU±Xø&ìîÖ)†˜ºEêiÜS‡æ€¿ÔŸµõH…LEƒÔ€õ4Ãçz0BLÁ»Åœ?Ρ9!LwFÍÞaÎ8í°¬‘­?‚í½T€&³)I9]Qm‹Ž6E£´ÇŽqbÍÇ¥ìÒ
}à�á4ìüSÝl§°
+!Y¤}É‹*|@r¨ð	íÄͽ¢¶gÄÍeÊ¢;syõ½UþMVõ/ýe×f¹má×ûŽï–&]Ò5ýÚa=W:…¼Dö ‘ÎVå�çÕ
©x_öÿé�)èxá­:î§ÚL†ŒóëÜÕÔ17÷ÀÍKÖ÷ÂèÍ<Fïþ.Fåç>«¸.–S÷ûúôUÝà½1^�ˆ
ÅSè˜üµèŽ.ðH¯ä¸¢nªáp³ý›eH7KIÍõÓzo1@:®xÑ£]œyÛÒƒ—{¢À¯<²^qЯÀ‘7Mn»ˆÒ®;ô®Ò‡mW˜œ^ó5N¹>̽4Fq§D‚P$ž•mm³	Ç%)‘
‡ý+Öef’¨ß?ai k¶ö}ËÛYW\ÂÝ¿Ã…_î¶`#6ö�sè~SÄ4ª±úÁaO½òÄö•ç­Ws¥¡›ú#çwz¦î*7êÇqÛÒaK¿š×Ò’n—Ó2/±yÁ �¢B7Éè´†Ö¥}qè¨oÌ›#Øà�[Ž+%ÇoáRòþIã.¹süúòç“÷À‡ÓšÛ`™ÏæVf¤^È�ÓÙ‡)<üòîͯoÏNÖPȵ-’â¹üã›
Hdºo9
+C;({ñæìüü?oŸM#£bItêàŽ 0·~\õ9!¸W�Ÿ¾ø&·o% ÑV±hx¦×�_�¤h„ã“B™Šmf‰�¢j»Ìü÷öŸñ—Œœ&¢Åš™-ý6G{7ÇÎœ‘ÁU¨/w<y|öâ´¡Lêõƒ&pñ{öîìå›×Ó[TÂô ²þt3ãØô\d ûúù›	]-™ìß—ø˜#1ÐØjÓ�웳Öèäøk
+CJ=ýc�¶yyðÜ£~¢ñõÿ‡"¹¯ÉBg}/ŸŸÍ)£/,�³O™PQ&aeK-õà·=`°0ͺBü3�“&XÆo�eg›JQ"GW ú2o^øÁÜe°ñ	1±6q	w§@`�Œñ"çiqÐÜ-02hlFÁúߨ
 A_Î�Müÿ£‹H9]ÀL
+	P5Τ0¸)kóD�k3*ëê�Ä–Ë£¨¿rÁœ6<²Q“FvuI.‹gçù§Âx9
+endstream
+endobj
+591 0 obj
+<<
+/F2 13 0 R
+/F5 30 0 R
+/F3 17 0 R
+/F8 61 0 R
+/F4 26 0 R
+/F9 84 0 R
+>>
+endobj
+589 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 591 0 R
+>>
+endobj
+594 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2608
+>>
+stream
+xÚÍÙŽãÆñ=_¡'/¬ÚìƒW²X ïÀˆy™YÀ‰1K‘
+IÍøã]ÕUM6EͱΠÈû¬®®»ª¹E.nöó—ŧËï/ÔB†"“‹ËíB¦©Ef—?\>–+•E½)–+­uðé�ôý{¾\Eq𦵫þ嵊â¢-êuÑá�	.–©ÚfO.wChŽmÍíŸwEU-WR§°^j¹ürù×ï/¢�QY™L¤¡k+Z㣬D-B»àSÞít¬ƒr¨Š}Q/
ÿ¾£±Þâ�í�Õ±	º¢§¡fK€Spd„Îò¡é€§gk)2w¶C-Ab$UQçû‚Ž)yÝ•M͇!]Ó hó¾i»÷0˜È ¬×ÕqSÖ·tŠOYÉ4
¬‘Äš5Þk—·ùº/€J«`]å]Ä?Å1ID,Ç÷3Ø‘HÜ‹Ë»ey…l|jšˆ( ®T¤‚¼ÞÌÀ«H8ð릪òï€uÐ=îñ7VšêÌ	FHÅ{¯�QŒÐÏź·„D ZD"¥æÕEÉ@ /ÀIˆd‘…ñÙñàË{’¾C~Ër¨ôõRÌ„oE’µ’‰å7É_*=ù‹Iþ`¬xèA•Š
ößïjêìóžXj郋·EÞ[«L0¿+x%
+±EAûb
+íx§ÜVÍÍOc„rxv¤xxNs°ä´DÓ ñQì­ìˆB@Ù›Êbæ†Õ`Ç
ÔxË
!iæê'¼ÏpGk3Æ;ÔÀóv<ø4ZiQWŽ°ºÖt]	7 ¡¾¡ï.G|î–¨‹´)§	Rƒ¶Ìy‹´Âm§xÅöX;9„Þ}ÙïôŽ7tVùq…òOgxfD¢~̯dDèTgÓ�æÕMO�®8€	èYäµJEª|îõÎèöxÏ{¼gClšP9˜ìç)¯¾IúÕH�Žºy‹‡)8»·/A.64‰ÌÀ¹)3p¦jìòu^Q¸bW,d;R¥Ï*†ÊR;#R5ifÂÚTZqs,+°P(›ÊË	2bvì˜Ì:IìãcW€G!r¶ÅúØv`G‘_$ã>1@Ð÷öž�4wC¡½÷-’…•é¼’éÀX®˜ÜèS	ïîÔ²�Jf/iÕ+yûOôæ£FDY~¡¼­=‹ƒ¸±!#‡`ó÷{ cG½ÜÆëžzM]=R«ßåýd=:”$
+
+¢bM ™99ÀÎc„Oé,H˜e	¡£E"5¯>[ôïʶ¡«¤A�T4Ò8*↩¸ŠA­¬çB–Ħ<­ÉRÏU‰¶"ÈSCƒHŸ’•½YŠ¡ˆ§Ú¡‘ã#¡±Gú
tV{@Ž5h
/±!î�µßrgÆ]Þ°ýxìúbÿ†ÞÓ¤aÀqg»mÚ}GC~H…}/¤2èÆêÓe¼¯c›³Æ5ÁKáhγc$f‰‡Ch�ð[Ö‡cÏ«§ÂFhŽ½]@Z¿)[_K§Þ‰Û4S�Ö"f—ù�ë²ñ£”èm£�ÃuCb–[½—Ä<†©_fržI!ñáã³bþŽ`Lɲàe†ºÐX÷DÂ8äø‰G)ƒ�ÖIÀw´—´ÚŠ*lm:2,kú�Ã#߬H“d¨Ð#ø!Ž‹¸H �vF¿L�ÃDhÌI#!Ο@—ÿî<mb�6 SSÚØ@ì„6p6]&y-¡
+Ž¿¬ò–$‘/AÕ‰P“‹z›PÉÛÖ%o}3±
+†c—SMÿ?“_2C9“�‹PŒmì�9ƒ ]Ñ©“Ýæà!Ó‘Ad 8e�2)oÌ« •Óâ®oy(¥p“sŠ4m8�R‹­|Š~:2Š%v”׃áq¬Ë'æüM­D:Ï¥aŒíDzNÂXt]Õ_>|GK2ÏeBXæbßû¦ÝÌQf´5ïè Òó'BD%ã�ç�ñôÀë•�IÛ!½ß•”ÕЦ}ãE±ä»�Q:ñõí)^·å¡Ÿ*%F¡`ÆŠö-'
[&ÑÆl	å<ð±ì=îóv¿4Ñlñ«¦®'F×
+jðHc”¨Ú#v�Ùp,ó«äES%Kä©ãœyݧÂâ·3Bß–ìD1ä'ˆC4îÖ…K»`ªýÊ‹›º.† VY>Ã7ooʾÍÛGêîs—+ÛTv’üÃTW´w%•Ù¢„SOɪdD–k5�Ž_ Ìòú§ië'oFÛËs©œÚ•ºYC`{z
+%ŠDèì8W6l.gC[¡6i'ÝeÅA·be§‘a%'Ö¼“>·Èâ¡ì\/båèhŠyÃkV‘Ç–U	ÈyÖ@šëØ |6À¸šF¯¨˜jç{šãÐòŽbžÀD$mêb uvýr&…Ñc!óã¯/ÆvxjKTÂEC.Õå&r—&Uf+ÃÙIçò
çÒš�ª”›¹DdFÄæe‰�"r–ÿœpF\4y½%:B~jMÀ)Vø"Wñœ»‰Èá<ÔK}FH;Ov¸?㦤Pñ´ZÑ2Nj 9J
tŒ-ÈAãj¨¼ã.â-üâA;Ù�­¯—Ô*عˆ$=©­öùW¯àqF¾b;´W{Q¼´‹ºµ>ïí]alõÓk`‘!è¦~µ%÷X‰+eEÁ¦²jnKªAùxvh;7¥Ðõ#ˆÍÙjZ´’¿ËYë1ÈìÈyZ‡mü$ôl�	_/þ µ!4É"C.Z&œôaƒ‹–ÐB7�1nqéÆ-Ã’"nÄd½¶5F`æ­©²ƒ/ |ò»Žº÷¼*{KGzA”Êš–ðkMä݇ïÊœ†ÏÖûbƒÚ<Ñ�s…ð0~^uõ‘ç`zHåÁÄ“¾&dáJž+yæÉJž~E%OþÎU£o~ñÊú”´`0¼Þ¾U@úRTxÍ¡
+C›²gËékf#Jüúõ:èºGŽÌ+KA‡ËÀÍ×ã�J&uœ¯b\óÊFÅæ[G}íëD½)A�Žh4`í¤ª9:LšÒÅØ{€ÁúWüYiT¹Z¸ŠŸ¨…ÇñøDàæÅp[38á1Âvp±GEì IìC-ÌÄ'¼‚®o,Õ+•…ç�²IÇ•XÝœûÕX„ÉìâÎy6dÊúfS’Ý¢éÁµØµTÇÎ䨴‚›Ö­ih…«¼µMEkzw
73­ƒUI&Õ«C‰‹ú›vL*Ù0…èÐ;
+®*EØï°k¬õBo¬¿[ŶgÜ“÷÷ý§h©¼í¼½=GÎ}@ótÍYsÍÙ«&"OUœÌðÈ8þM`†˜æyE~«gFwÚüµk|àQÒ»ÌüÙòë—Ë<?è—Õ¦µ6v’£SŽp¸}þVA¤ù³8Igã"
§5VÛy”¬DOÛI«3%ÂÈçæIÒ­™í/–)`TûI¢ÿÎ+
3`ñùò¿
âõ=
+endstream
+endobj
+595 0 obj
+<<
+/F2 13 0 R
+/F5 30 0 R
+/F8 61 0 R
+/F4 26 0 R
+/F3 17 0 R
+/F9 84 0 R
+>>
+endobj
+593 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 595 0 R
+>>
+endobj
+598 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3218
+>>
+stream
+xÚÅZY�ÛÈ~ϯ˜‡‘
«—}°IÈCœõn6H€…w$ð,°‰æ�
+I­íŸºšl
©/à Oê£Xì:ºê«¢n•$77ôóýÍ›Ûo¾37:Q…¾¹=ÜèüF[U¸›Ûoßo´5¯¶&Ëòt󦎯¶ÖÚÍ»êPõU»«pê6ÿ(ÛW&ÛœËæÕÏ·ûæ»tæ•#Ÿ­+TNÜîŒ7L¿Ï(ŸÞ$Dp{ž.)øeDigÊT+(«O§®̬SÖÉëƒLe²×Wå¾k›Ï.…³†ç·Î䛲Ý/™BeNÈöÕ®)ûjÉÉ©4œöþ\7cÝ,ÜFƒ±ü€š™Kþùeñ¶"W�Ñö°ÔŸV.lÿ�Yt§±îð:ÙŒ�pß�²Ù"‹›­5VÙôfÆÖlìáX5
˜;7›Ã¹Ý!�
”`
+ƒg3¹]9[žªT‡Ã�^:²‡C~x8\Û×é)QŸyá×Wiº)ûº¼oª�—>ÖãqÚt¸Ù�iKoÊqìëûóH‡jdþuËrüC×?–#‹_xUx–>¥ã�Ç’žJÙ>&÷›{üAóàä<T{•ÿNúòð¢Óy$]y~™_Ñ•öZåÁ·íËÊJ#eyQ–ß}ìPU¿Šï ]З¨$�t„
+ä•YItÎ486è O0±.–g·*±r´¶|¬þôkÙœ—>ŸfÊøYkAõýÃù±‚
¼„‚`!3a‰­-OEE
+<+=äðîAxÔ�|š±l+�®4Z-"Ñ63‹´WÎþ–`”%W‚‘Qiˆlj beòYerÿ™]Ù4d¿�ƒÌùÕÊ#º²™&÷ãè“rÈþ›]]Žè‰HÉw‚˜´BÖß×c_öŸyùΤYS!ë×lë<Q^Ǧ®Ø�àq«ýæã‘G¹\«³ˆïÀõh;Ù›nnº3™‰Öù.ãx¨Ê~‡ócÝ>ðÒx¬–15×*1¢°ßÿøçÛ¿®©Ô›9:[£áVNLWœ6S…�mD.³¦�°ˆü¥†sW)1Èù8RþTíø^"?§4Þ¿éÎ}[ñä'è¼o$úÿüš·NåƒY{÷jÅWÙÉWÝ—ù*'gS8ˆD»æ¼§H³r™½ÊÃSpÄ¥.ŒWZ?õ[SPôd¦ÿ9×dÏ<íg8€S
+Sð¢#å®n걧bÝÒpÒ$Nœ2<x®(!1Oõ3ê,^Rço¸úÿPœïÔ×í¸LŶP®X^y½©¹�·1„Õ
G»øÂ_¤AÜà„%×]oºói†Ç¢CN:t™aâj¤Co•Óÿ’-W£§Ëg…XlÕÍÒ¯ùN|'¹ùÕ±˜‰1‘Ådš�5{iÊç�[CMÝÊ›ªv�a†”™9•_ø#ƒŒ5à¦SeBŽ¸»[fK•™8Ý
ã	EHü²ƒóàeÛ~EøK¶Œ"(í3ž%ÎAò¡
®ÅemeÂûÞ½ýñïÿ^ú½VY ¸ÌåÈ”áRÁZM/JH×<©üÛvLÓvíV0)ÛXò¸(ôNx"c<á0çU<ΧSSW{Å7€\×W]Pû\åù>èœ^Ø`.¶pÊnW�ø„2ñçÔw�§‘ÇÀÊO.X‰šA¬‚àó—"¯—
¶�6Ž7
"bcãï@fvq+Pœž¾K’׎BÈL°ùPÏÈ
0¸Ð®Õ€
TðÈmõå"€ÓB¯cP#”W6ÖÜ5fù„!É„©G`Àƒr¿¯ñµeÃs>„l’zà¹]ÇP¶ïˆÊ1òÿ#8\¸´HµÔ�
Œ²^ÔA:C|»XÏ
CŽ¸Ì@�À›\(£bÀÕ±óAQÒð7ããâp‘”=T†U?0é¢ €ö™©ørÁêKbü6W付© _´ð³ ÀP…×M(yY¥ý³÷ª�peÈn(PýÐ\–ªä¢îíH#iAÑÈúdR,ítS¹á1NÉzÙ÷u(ÀpŽ—›|ˠǥáÄ�îjDИÉ•+P´ä
ß÷LÞɡ
+|l�Ešõ^Tí×ò€u‰úòj’^4í%ú³B ”Ñiì=³î!8¤dv¤0vM`ÄbŠ˜É51ñùìðEÞG/*A\¡ƒú£½xÏáL®
�(£gß’~’U=A�Í'—Ü¿ (R‰K¨��T2©ÎN±Fptæ°P7R¿\Õ�õîÜ”=WWŽ)'™a[d†Ûê#Jù¿³&Æ_TI=ǦÀÓÐéÍæ±DQ?ód.½•	ŽèÚÁoÉûت£yõ©Ú�ƒZñy¨v}Íit¢	œ$kz»
+N¬)fÛª……ò
—tý2‰¸$™
+;6óÜ®z¶>œ{yh(�£Tñ­…îJQhŸ@p÷rQ˜BåþÛ„]f£¢ÐenU‘T]°öpo_ê`N`¢8yš\"_¼ÿm%J”™$J<Ú7¤.Ä!_ªRf»òTÞOu"1œkp
™Ü\ô¨fu{ÍèýQÐ?/4ì‹ aØAô/‹@`-îÊ GPÒ ä3ðÒ¼ò:v|i8—ÀîÜÎkÜqL.ülv„º•f\Š”»rv£É½Ü¥{ù©çð~üGiˆ*¨…§Å�Ûøô+wRb9AO8à6ÜÏA[éæ±Cè`\Ù)EsG.†kê*¸4v)�qU*"w­gäP£â¶Õ
+Ü(æŽë\FßPFÂyæ2Þ┕¬˜8lGE6{ÏõÝôñâ/5�ê¯YF[·
+)Ó¹¹ýôbþIï6Ë*H#bªO#$¦jõ›J ÁªO3¥Càu-ÞÝu��pÞï$ÁÁ†$8XêÇ5{a|I.P°è·Òº4S)ÈÁîˆx¼Ý„Ìg˜²Hd“ë¡ÚJ¨~ÁÀq�þª^ÉÎ&dç±Ƶ²Æ.ÜzîZR7v–Qg’Ž`uNG°Ò¬_K“IaÓ�°‹E
ݦ~8Ò]m¤Å»Gìç±HËÒkvù“^3ÇŠtS�|óÈ¢bÞ�‹ˆ>ò(9eJO?uC½tvÉ1(¤lºÂÆ#6<A¹])a‰ðj6áU	_Üo¹�îKþüƒ¾ß>yd
ëJÒÊ°Ù—ñÖ¸‹ñ;ÀÖÅÉgka3Ïñ<üÜ_Õ¯¡?½Èöx)#mb+#\~/—߇7‡€^}’f	ïèª
+€¤Ê8RØ19ß÷P�aÃaNü.ö"<1w‹îBOiúWL_.yƒÌ7÷žgòÒ3¹wÞ–½ßLeÙU˜5’V`&XiÚ¾Ž/Ó'ê0¾l�M BÔÒAÃþVÀÓƒ4Èàn$.v±1±ûé‹Ç¾º??<TýWq´+½ñ)ÍBÄ=­•äŲ3îýÔÆöQv^®N
W%`áz°Ò$,$ 4_Úp¾^?ȹ¾}ûæŸß/NŽÍ-å/¾þœ†ê¼ï¶CýÀØU›'A…6KøeM Ò
z\¸Gžªpßþë‡Û¥îŒ*&×Ûú\oþ2%ÌéÝ8®Ê§AmV¤Ö™s÷¬Ø€ö§þ{°(è¢HžÔÅÔrVG×ÉÙ©,<t¼mÂgFú.	Ô!ýã–¤ÿåß5ŒŽJÐC·R&ê„_å’ºáì Š¯ùæôUñ‹¸U®ºâ)YŠßãPØ�¹X6ÀIª!ž.dS•éç%Ÿþ
+sù®@ x’TÄ&°RöÑݤFžÈÓ<#<«¥	¯Óù¿Ò„Ç´ŸNUCØ¥˜U¬	ü’7	uÅëŒJ.âñfÜá¥ù†- Êš[ÚG›Ý|$?ÿ‡…:·M5'VEtl n–Çäæ0dqh‚¦…¾h~_É…SE$ËZÔ7³ûNx`†˜·ð=«Ù;™R3•w:ÿ�iî¯&A})O‚`ɵç=þ¦ÎéÅ[•=ù›ÌŠeó¹Ô¸Ò<Ðó—x‰ÿä)nÕS¼ž+@”¾–ÿ¯*æïÔÁêIôõ#±"-.Zû0¯®î¨ã„Ïýªl`Çé{Ú¯�„C¯UáoÔ‡ŽŠ�ÕÔ	²>›9Ó¹13W°vúl!̬՜9q0eNœHæÄaœ9M:}>œ9‘†3§§Ìi¶I–©3Éfż}÷n­öžºo’2CžàBÜ‘Tj�»–J­ñs*µ&]M¥ÎáŸ|žË¥„säÊ­ý±OÏNµnìø?(èÂ.NÇÓù/ûáÆ…6¦I×T‰ùx:Öš*M2GÎ)¿½ýÝ
¥Bµý
+endstream
+endobj
+599 0 obj
+<<
+/F2 13 0 R
+/F5 30 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+597 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 599 0 R
+>>
+endobj
+602 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2977
+>>
+stream
+xÚ­ZYsÛ8~ß_¡·¥ª"I€×ìSâ±3™­ì¤lej«ìT-EAש!H;ù÷Û�HH¤��”Ÿ„‹@£�¯há3ß_Ü/ôÏûÅ»õOWá"ðY,Ö»E�.Î2±Xÿrë½=—«0ñd½-¿.WœsïÝÏôû1_®¢ØûoÓRÿ—ò.ŒbÙʺ�
+‡„wµL¹×6Z°ÞK³CÓ·µißìeU-W
Oa}ÀùòËú·E°([¬DÆRMEÞÂjÁO~•EßÉ-öB/ßu²¥‰œFTy8V’ÚEs8äõ–æwyY©7ÐŽï©ìö'_íä5ä×B»²©[®ži’� Ÿ®øÈÅŒ‹…¯)»¼¾¦�ú45ó]›é¬Ré«­x’²0\À�Y@<®›–„Â+ë½lKºt7K`ü7lsO›px××…¦»‘×וTŠ¦ºrCh‰Ì�³j�ëpѶÊ
+9¡=ŽX˜Å�f…Ù¹yþ„8c~h¾Q²›å‡™ÞôeÕ•fÏ�#qÌRÑH/“u¾©ä–éyf"r=3'��3!\~OHXO)ˆ½; µø|#{ÛÄ, Æ­UU\}ce�xïhõE«Tàó{³ˆó»%­É«ªYÂÈ“T>Õ¤P°Œ®/ן¯ÿ5¡ô%ÂEwŽJöÛf¥Êû:zxy
+­4õd�6˜9^HãYŠ&QVyKë@ŒçD©À��:ÿûÃzŽ}V%О¦
+Æ’ÄÌÿrùîóûé)‹í5Á°bß÷.È8Õù¨ÿ8JvÊÓŽ�œº
+ã€Å‘Ë—g8È3ŠSs‰�h8�"R°9MÈ®¡éÔL“fÀêVªþ€ð†s°IÓÖLaÄš)õšÖK]ZGÚ¯Ésà@myìPx¡CÏ81d"??d<¸{~{høƒA·Ó¯Å8­@×g �;Òkeö€è‡á¬1‚-gâe•Æ
O‚W-]R£!64Äù
ÚÒ7l.ûÂÄg‘pÕÀÅG`õ€�ÐFô‚Fv&œ}®hxC¾NÖÔ½/—Ú÷‘ìfÑUpFãeæøÇYdá1ﺶ܀D]­HgwN–YØÖäÎn¾âQʒؽ¿…mô®úfØ0z-͸
XòÒ½*ë{Ÿ#$‘øªö°ýôŠ!ÏÖhbäZl0¹h~ÆáTcC´k€{ Ì÷ÞåjªúDƒ"};N¹Æ£7€Ÿ“3Ö¿mç\G�¬•8�©ƒœ³z h|ü¨¬
(¹å7Äç¦ï¨ßíÍÊ:GÔЛÄÌ?Á­²#æ#ö$b‡\“‘¬kBa	Òè­f	ÅSŽ7Â5ä�p†gwËI‹ÿº ’t^‘�ñ­ì¹z˜Ó�dâ‚q?ƒüí¡ìðæI†‰?ÿ™ZDÊ"D«©—í–Ü¿Óæƒ)À~Áào‘÷Jš¡½i€¼ŽZdÎ:ƒÔÙ–êXå„@Hî–ö/ki�rÆO|4m
N„œX³3ÎlŠ™)ãÉ÷Ø—ZMâZíÐ÷yGÛr.â°1wši%ÜxkWô[Ötát‚°9jtt„
ÑUý€…�{UM‘»ŠÈ_I�Ö'‘§Cý \›tg.ÆÊ¢1ö+¬êº{Cpc£ÓUU>XûO½~4-ò4‰=ÕåÎ>¼!“àÐcÛàøc¹•†ŒYMÁ3Z){µß¾'½™l�Œa̱9Î|²løx pâ°ÒaÜOÍ8”4a<ulìUk'û€_ÐÁòØWy'©¯Q,�+u�:ãSã–°$ÅŒqd0.·Öê“EV}`*‰P}VQ&¬À`^©fÈjùÃÖ¡E`~"MÀÈAš´ì±T妒4g�æðíã2‚Ѫ—´X[ò3Þ2ŒäL8üáúfýöâŸ.ƒçr\ê`?tN[¢sž±·ù�˜‹Ÿ!V¡¡ÈöA^ÐO�¸['°jc¸¢*øp%U‘›üKóbà>‡Xv2»h(÷-œBâ #Xh+xê{\øÞÓ^ÖgÔ¬¦„½?>ë
+ÁžŒ+üÔšý†@&§ŸOš’s8^’¼¦_Œ @+À
î\èÀû‡F3y+©‹¡
·fÐy×WÔ6wÅæpWìÄ,ðé [sdà]Ÿ¤�øË›)CGNÒ»å?Δûæ�kTWÝk`ß¹®,­�ÐpC½
+’ÍÎ$î¯ÁÚ‰u…£Ý€Onžê¹ìb¨F81_Žß4ZyЉùãÒøH4yüÁbÖ†;SµŠ,ŸâQe)놩�[Ñøa—‰F½u+Œ�“/�}&NB÷Ûßô61‡ü˜Nk›ŠN\kb+<^*°â€kt%FT#ǤGé8ŒE<m Ð
›ºÐ2˺›ïýüiŽ»Ü.Ñž &[ƒ‰Ð0V	È
+œsUGÓäWŠýÐlO‘Wè|»2ñ±…Ý©“¸`IúÊ&'iò‰~B¾•¤?‚­SÕ¢êÉû�ØS£ŽõT2K¶§÷Øɲi[+íŒ	¡ðȤÚîd?%�€»�aÌVnúû{»åÎa¶
+SGP¯þn`
HdÏ‚&å™ÐèPkŸ–´/(ËJÞËU+1X0~ĉ)à«;o&±iƒ¡Cµ=4Ûi~É·ˆ_*MAÃ^
	y)fÒF´PýAS.•ÔBì?GÊÌc–œ(3jÂkF·®®Z�"ªtF¯cMÇ=Λp¦oo¦ºæ8›‹êB�ÐXÎÖòé¾�îÀ“±@aÅ9—õûFµš⵸@)Ÿ¯G~ÊKÙͯo/.Ö/QWd£.àk²É©IâNí+/Š¦ÂŽ9ñGZ… Þ18åI¦ŽÕ¦¹dÆ‘:°H=‡—X¯±¶µþðñò÷Ïë9ÛJÂg9ädJ˜÷
Ó§Nµ1s—õǹÓNKÄdf� ÊV‚.'>šÂË9töuùg/ÇxÄ%I8‰1�ÄX£f_›Xi
+cûüØYT�iΩ´\-ÓÐ3gST:ÑU-°®Ê^L—_áL$¤Û˜UGqè}°é+–‰l		²Îóg4H'¯–YhžÑ`�)ň‹aÉ�­ˆžêƒ~_ÀÓyFÖžJ?�Ù<J˜PNðˆ^ÃÖ€²NVߨ_ÓëØYÂmŸD”êÔhk¥Ô»ô®…ž¨§+Q�B+¡%S›¢®0nQŒ&
‚XJv*ã:ºÌMmwô¤b.–5¦Ê°ÀÑC¤µjÀ©.>ü<1ÙÝÅ •ˆÝ»c—�J$è™h(§Õo,ˆ@ÏÄJ«4”¡R„&(ÞŒIŸášx¥Ò¢0å$gÛqÏ¢¡/)v„o!�ïÔY750�
½Î÷ö¤Ê6üšyo‰ø˜Ö–»YäIÿ?wò´‡x`¶„œ­h©×ÍúUp^?"§ :ñ(�ÑQlÐkÆ.ºKÀ¾É+TĈ@xöM'ñíC˜—a½rŒˆF!øxe[
+®KA‹Â�@
ekÏ¥/k)·r;•OQ5¦:ïÇD5ónZJG�½üýj
+±þø
¸§Av*€”œRxè”mÑÈ<è¦1ÜTçz8››e#ŠBǤýÉPYõ�r¯jfdŸ·[ÊõWÙù‹E׬¨ömò�¶mÚïÄ­â/øS‘Ń”°mé IN[~J¼%CÖG�-bÑ
`
Ø[Ä1/•DäAR“ëb+.×ïKY¬¹Ž(Ås‘�ˆò–›Ë÷L±?š>¼	ßû°£·]b}–
ŠMzGÃÂKޚdzԦ³U×3]¢Ñ×,(M„‘ÙÇÅ0ˆÇºý³Š1RßTf_dÊÃP+î<ÉîzŒ þÚÀ�ÁôüD.‹ËÉy}ZI“=õM
TÜaôþR�í–'6mN@î¼
¢)î–¦Pd_d¥2ªî†Ý¦²¸É·`ÐP¼r¹þÛÿÅ®
+endstream
+endobj
+603 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+/F5 30 0 R
+/F1 10 0 R
+>>
+endobj
+601 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 603 0 R
+>>
+endobj
+606 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1273
+>>
+stream
+xÚ½WYoÛ8~ß_á·¥�˜I‰’Ч4͵›Elôe½Å*2«+K®ŽÀþø�á�¶9i,öÅ"gÈáß<Fw#û9}˜½;“#ðTŒfË‘HFBñ4Í>þÁ„
+ÇÇIÄ>díj<QJ±³4�©rƒÛ�]gÕXƬÏÊñŸ³ßÞ�E;Y	Ê™„)O¬´¹Ô’Îì¿'¹ŽF�=pYÁkiÂ2ü¤ì[oÚ®¨«ì¶4Dɺά7�;Õ±5yß*ñ4N;½‚ˆu+wiúù&ä’î´+S–ö€f+SщÂZp?–	«ÿÆ_³ ãE·ª{÷ÎVà_d„Ú¡Òˆ'ÂY1Ù�<ôFþŠ\ðJs©Gp¶ g×4”E/—%¨‰6—�ip™°¢k‰Ö˜Ìs«-Ì\FÚä]q�¶R!Ù�kÌÓÄéЋ�ŽR "ÄG©Ï?UŽwø~èïKR
+\öäôlÙPš¶õL@Ž]µõÚÐj�Ý99HF’‡)9(²R»UcÚU].‡÷ã(ïôæˆöy½^×UùD;\†l¶*Z‚jnfi2'¤«‰ÕWæqƒXgàC³ "<×—]ËÀžj'Bs¡~Û³•¡=qmáHË(‚ÈsªVuGô¬,kŒèn%ë[Ó¸#¤:˜Ðd›
"¥T<öáš^žOOÏ?ô¡xH
Dh®õNÀñÕÍõXmêf¨œ’;I'W_•tÀß*Q\‘¿Ã·ø;Þ¥¿JÄÖßI@þŽÉß°%Âü­­¿cJúçöˆDpûšu6ês¿èט+_*®�/¯N.NO~ˆˆ�Ôk"ïÓñìb˜Š’§?sw*ª¾ÑTŒ¨Øøi*Õå#NiÚXÅ[çÔšR\E!O¢ý¿¥ øœlM÷¿$_µsi5¬îÍõNù2�嶶SÎúõÏö•Kï¼_Ûl\�‘Ì|ë¡dG!9	ëˆ^/_T'NyèôÏ«êÊ$r�¼)•¨õ‡�Ø£÷
[c¦@‰,6Ø¡‘BMÌ�nîÈ\Í:w�z.2¡aÃW²¢u{߃㽌Wæl¿4àÊצÉ#ùxr?„¡æ‘oIóñ{�烂/{,àë„%x&ÝïËûF«H3×c"*ãÎj\o­Žm(£ø�B‡<Þ�÷¯æá|�,±��ð‰e–w˜œ:ô­ˆÔ÷›ié]!à£d‹xà-úõ†ˆyݲëZò]ǵ}óÃf­ºr­s?¼„Ù[jaw…ÕŽàü俈f¨ì¡¯H“ChV¯ Y¯·7¨kÛZ�Ê­g€lݘ%­ÒÈÌ›‡NäÒd¬ŠæMK¼íÈ�Š6ˬ([Äš~h†ó[©â�T) zù-d-mp‚}Dn›Òþ|—rá
µ©ÛâqàœwLGÊÚ®!¦
+[^Ø¡(Ξ–vÖ „[,ܸ	D§1²ë†¹iºÌz
p‰—z˜Ÿì½€*"œ!¸lšŒ* –˜ù~Ðòýý¼whŒåqò#3µzn&B·å³fqEZÑËÿ]Cq™°Ê¶E�;É…ÔW!ü¸J…WÏþŒÄÌw
+ðá jÁ}±ÿ
+PÀ`÷·dnK®Íæ¾ñ	j‹äå×úÖѤWS—Xv00§³_þA=†
+endstream
+endobj
+607 0 obj
+<<
+/F2 13 0 R
+/F5 30 0 R
+/F3 17 0 R
+/F8 61 0 R
+>>
+endobj
+605 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 607 0 R
+>>
+endobj
+610 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2564
+>>
+stream
+xÚ�YKsÛ8¾ï¯På2T•Åð
¾vOvìLy+ɤ֞™šZí�&!ŠÔdÿûíHÊÒTÍE
4ÐèÇ×Ð*ðƒ`õ¼¢ÏÏ«›Ç÷£UøE¸zÜ­Â|Æ~¡V�·ÿö®�Çõ&Ê<ÝÖæÇzDZ÷áïòíŽë(õ^MûŒ„È{ÜËCŸË‡Æ²�ÉQš¥^'ëÿ<þóýÇpf~D‚6 ?\mTá糬8œde‰÷a½Éñ¢âÀ‰Ê”C(
+æ (·¾òc…ëËò©_$´þ?\o’4ò~þò+Oþ¸.b¯×š½íH|5t‹â†r0]ËcŸL¥[«YÆRY°û$^m¢Ô�
+’òÛ:�=Ý[ž
+j	ýè
+[ÊûÒ­A•ß×Qîéþ>±n{Ž‚ B
«M~¦à›ù�ì•�{¯½yÞã"1&Ê�8gSÅÛKæímb?ˆQѱ�ÒàÂüV!ØCp?áí†ðq�G¢%è=t»
/÷÷SözÁÓ�mM:»bâ}[ù| 4ñ³Îû!Ÿ')ØRI[‡c£¹ÿµ)+}Åí‡ÑBŽã@txÓÙA€�]¯7išyA†!¬d2ðëÃ5	–7sÇšï_Q�]+;w6‹vŽ£3ºfÚбÐ
+µŸy¯<£lk&×ƽyÝ.¿¯é6Ÿ@¦ÀD£­ÛÊ|ün'&—iÄÀ¨Sw´¶D¼m9ˆ’u‘º/ÛçÉùÌÀ{rëµ�°–MÓM÷¥k¹�(òó|i`�ªL
+ïë¿î®?ß|º#¶0ñSäJý„Uø¸‡ª óŽcÏ
+ë¬PðH*ÈåHHq>CdGD•bÿP~#ma/õJG¤ã‚3Ã�U”xƒþ1<±þýF©×õ"uØëž'ïƶBãàƒCxMgŠ­Þ�
j&8×2{†š=#}UˆgìÐÞºNúI$¦åe‡=ÝbèYw¡¡Üw@‹ÔÝ
"¨RμB¯´vì…S‹½âu‰‘NkžÞFIªáœßñN‘nU‰ALqo>3‰Q'V=¶b•€gŸØ1²7•{/fØ3ê‡�Ò‘ñÀ
+¬ÍN"ór®6|5ÈXu‡ƒî+¶(Ò;i»vs~K'ü À6ø<誃Ó¦¢ "t>”³ÁÅyà{muÏÚ”ñIÍ�:�RŽp!²BpæøÔË›G¦¾àJ%+p±a5«¸H½g=p£B­R;±@±Fš/k2b2ç0ô^ö†" Œ°ãÂ4I¬YèÃÙ­©uOÁ	á|â‚@âéaÓå€Åd…å�èPÖsžŽ¼ÊúûÂÿQ×QϺŽ’Äc¢BUáç›AUbí¿Û­3¾Fï†wpê(-ðÔÈxɃ.[YhØ—·àÀ`ë¸6Ù|îif¦ëÊvœ ºYšwɹߜ�b�Eugd«ö+Ë4=d+h…ìé@3Š<[\•‚æ
+¡ô~`X3ä7·ËkÈÜÐ�@%ºÕ=/ì|E¬Î÷,j—|°PàœÊè$ùL*¿”d´5Ï­Kul70YŽ	$K™>›2ý{ø�Ò7F¡ÒÑŒn˜²�M¹.R?…)†»¾&�y�Ɖgà/oFæDa™ #Óö#·ý¨\1ƒÜiUŽçNõËÓ€ÄÅé3Æ9*
½"-f²4žX/¤kò6òYQj;á>öÝs_¸c!š65K;Ž»ØZô,êÀJ¤rSs�1+hˆI†©Ë–{ìY܆·÷ÌÈ¡4„��Š>‰0²Ö|�ÐqDŽ_Ðh@)º|Ö�ëú‚Ü8YžøHIÚ@L-[nÌn	¸Æš[b€&Ú)–1„ BGaÇzý\öu£­åaNÓ ‘ñ	+ï¿�i™r(
Êò æì,/{íÒ�˜«â°«tJ(’pK+_þ{ÃVÃãÎB;
+ÿÝ7T?¤Ÿß`K~î5%H—ÀåB 5_ˆ¬[™£Ë¹	éç|ãsÅò²ï\|8…xHqñÅ´€ÆJª£8ælc)µƒüÔV*6gø1”yýõë§û×7÷ŸîÿàE¯¿Üò"·wï¿Ü?ÞÿòåáÏ@(�É8_ Lè”Çcƒ`›:3‘èLAÅ›–”¥Ø'	LDBÓ©órÊÁé|Híã�8ñ'ä�üÌÎoZˌ幺Á;`Ï0Yóˆµú~’NÙW¹†DÀ¹èƒCñ¼}×P¨Dˈ„üçšA¦¢¯ðÂ�ÙЙ�žˆ…‚�WJf©`ç‡?)Yª¾‡–h¯4Ë¡Zs©H…
E=`™ŽmzSľ°ˆÆ›zóèµ
+0—aನòÝH…Å›)	*,ýÛ)Òàzpeg�²{W—&±Ô EÊùE
h’Kd\F÷/¢žB¢¥bÈŽÐ
Xˆö$ÆÀŒ¯�BŠXI­ÛííÛ
èLÁrS
ý劃-yEÖ�Ó"*n
+o ‹jO	
@ožÜ'Çœ•LÁ"Øõr…¾E°¡¤üJÁ:˜FÃ*&ÙPɹ-[¾XwBÌ ­kÀ­²£LQ(ÄïvËEùøwYúÝ(“ªJæd€�	Ë`Çì˜ó•â»L›ê�\a­å'ODáwYáÜIÌdgFe$ø	ÚZÖJ{ý¿ÑôR /߬�§Øò�aáì¸JS†Yb¯”_Ë`0ôvûy	ô)‡ù7Jô
+õ)9ßhæj`93J&
+ÇælhÖ'ÏÀÞ"Øñ	ÓÜAÚàòÊù›¼ÉJ”  ‰¦ç”¢ÀÞ8ÜD\O¢›»z‰ô¬Rs{ùè"Ñ£6�QкXÑXë{æc‡eqg”Í»¿]ÊVr¡ê²}ËçKøøÅ¢y»Òõ•	š²ç;î‘sä\>�‘¶Ýj¡ÅløIId±Žñ®ÜÄÆA¤Z-Ù™fìøË6�«÷sv@)À¨L ��Mý£jFkXãˆ*�ÈJŽbç31ⓆU¼7G¢-,Y¦[–¦S¡3QAn™éͬø/m¼sÏPô´tÁ̲̱xŒ…²«aâ)òÃù[ykL
:ÙtXëv»æ.="`ã
€éh2œ§a˜ô{á݃‹
Õ&oIÁÀ{ªé¨nB%ø~Äi¨ôÂwržœÂjeå²W½_
+
+œ¼”æÆ-ãNQWJ˜CqÈÇa
é ì¦”^CäÕ.›^í°&/¤H'�A±
&Rá6(ÂóÀÒK¸+VL“$EIÎERõ@Q¦e*Ã;aYñév‚Rò™ÒßXkQ¸kˆƒ`†OØ)ù39ZÁGB€¢¡ëMEÿxÐmëv�ãò’HüE–SS£Åú·ÌÎÔpÓw�û?Š;áÖ
+endstream
+endobj
+611 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F5 30 0 R
+/F4 26 0 R
+>>
+endobj
+609 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 611 0 R
+>>
+endobj
+614 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 3031
+>>
+stream
+xÚ•ْܶñ=_1µ/æVi)ÞGÞäHŠ•²+®x«ì$›ì;ƒˆWÒ«Íק/�œ!Wª<h4�Fß<~NúüùðýýÛ�Ñ!ü2<Ü?ÂâÆ~™îßÿÓãìö.Êó"õ¾Wö|{DZ÷7ý¤Ý5Nï'ÕÞF¹7©úö_÷9D¡Ÿ–‡»¤ô"ѨqÔƒ}s{—±×
°©(½î‰¿µ>©ZÖŽ]Óèáhf@6ug;øg˜i»Ë`¦Ö“…×Õf”µf
Öµà°¡2í‰
wpÑ�/:žuãÏàŒd
àû³F2�÷ðð	n™y¿ß¦™§ƒw.¼‘ÑG<ÄÞà4„e̓£FeZžR×Vjx™§´‡gÏçÎʦьµ¶”¯ÒÖœZ5ê
+Ä•‘§ìö�øTžÆûÎ(DaˆâÆï'z*¸Dzy‰raˆƒÀ#¶‰ˆ�h;®v@5òÈ*$øb™Æ—m¡÷¾£w8N�¦³å4coеVVWëÛ¤t›©­4>/¼9<¹ÅQâý,´Vû  yŸžªøcù¼§âsµlîþ¥ùÈ0â‘ö³ä:~`Ü%44b·f¡Úɉ«ÇJ‚`„¶±Û1I驺îPÏtVÅÀ±ãï#óÍ“åÝažøìßUF”
+ˆ”t‘vD�à†Ÿ'°Ø%VSüWŸ5ëÊ…Âo´Îé
žÅô&QˆÀ`O
²rý>ˆE²Á�©Í<½0¦"e²Ïí\YŸßΣAxQnÐv­~ÍÜ“ sÿÓJÞßྌhç8'jI-vŽ{‡½²V�ðŠ8CÝÁï$dDæ‚£™Tm,y–ôÚüˆËå9+fÎ6ï1s‰7e‡åè¾�¸ýó²=§‹!l‰h:põdûyâÞ0]lŸ€dã0BÛÏØöóxŸ·í==`’íÃòlû´‹í}c4lûÜieû@ô?"ë$šb#BpwÃY´è>.‰¿Ä	ø€‘�MgG†¤xÆÝP‘pÊÔ±âÅh[Á~ëðÍgF0œ"#e™E)¯Ìœ\h.QxÇ
îá�NTk{P)–Ê
®¡¥÷ÎîWñ—}`¹k¦¸«Ñ
+-
+1ïhð¾™w6­¾´ªÔc­¯N€›¿aÍt?h«ÙÇìyyr;�8ø®§nhH0–˜ˆCËÁ\
:䣇,q1ÔâM-,a@êxY®y'Ýê�Ó‡Ðë§ÇÚ‰Õ\ôqM;™q!¬mÙôïÆRÀ�“\N
'ZíyÞܳã ÌéL Gî’ú…—ŸÍxæýÄ¥9ò„ý"èÊŒÝ`L¹|ˆ3š†½
âB2u·u=:6º,ä¼¾½ù¢kûp‹³`9ž–г9¿xýÐ�ÕXÙ?0T˜@P5�š?ƒTf‚¶k4¯>ƒ¯_ª–\Ľ‚W¶g`Ž…lŠqXº·ƒ½|Wo3–.·ýD˜«îeñ2–$«<w›æÝj;À ‡Á�hgµSÆ�Bø†aôe2§\zt¨Œ%+Kä`ʈÒç²Ä`áaÈ9}Ù³ÀâÂ9eF!yG€/6�Ç5ªÒŽSP-Ï;Œ‘ÏÌm?œ\:N%RÈeƳÙ"\ÌÁ�>O=ÚWÌ�×Õ£åÚ
1(&^bFÞ™â^»T9NÕ|œPu‘Ξ°ÇóœV©�dÃ5fš•±ÇnÀB8µ0òŸé"+mØn«7ƒ�³C�éÈ:�åü¥½L«ôÞIFMVºå}v}yÆZœç’1Â`‡ª`>1ÂD&�#ÖVpYöÂxxÛ‘3©Ñ�ÿ jºiöO0ï„*0�BŒ~Ç�Uð<17€¿žæ‹S4ºPžœ£Q,>p \«‰sˆoí¼ÈÍ6¾}ø¢šžÊ¢´`­Áïb*i±²"\")¤._KàJÆ4í±ž*Í“¾F�¼ýX,eqœDÀY´=xI¸#­jç8ôãXÐЛw'Ì «WVRZ4\žä	¦}긲kOâL®Eˆ¡÷£º'‚!ÒËw‘³™~ pæÙa†ýö*­ë˱¸ëÙSSo/øI./ö‡É²üeg{”úa!ëÇË$NÑ7"W†ëUùi¶vAjIù%N\ŸŸ$~éίÆj{~àný
ÇJŽ	X˜TrÕ”B(‰æ°`På¶wÍ?K…ØyÜ»mæÅú´Òû™R7;þrLOÑ<Ý“#¼jîô§¯ž¶”A4îšTrñ˜ÎÉ	n‘_¬õŒ<âÔ(ò¡Åž‡KÏ¡šYL,‰qÌãëe"ìÁh}6º„¢+›ÑÖvB¿ݽ8¬_öœJ?_Þg#¿pBùrvwÜ˜ƒ3϶ÚPÀtÎÏõ\þÝï°‘ûŽJV–;¤ÍU‹Åcà
+äD=†vêàê…T¤ÊðѽÂ\ãã:Æ“NⳎs�…´Î2ˆ½‹~»dø—,ÄKÙ2/sFª­í°·Ñê´ôÃì[. ùºH¾áœî’sÆHÿ|6T<�yŠùó5ݬôËèk¦�øy±<ý[Gz}c—IBÒûEy‘1tœ×�J.Äq Q¬t%éˆp]h¼8ù“ØUTIÀ…RÎ…‘
+èâ~�3øaù¹“`ëNââw’_q'X×øiº–‹-÷ªéè²S3ÛœÈǬ_ëW|%m®Pb‰Á8€0Èi7Pë§Áufµà‘†C܆}neAÆ
©¶EyB·tÃS*QQ0ÅœüdTOÂl‚gG™Xž<úgÙÅO†‰ÏrHO.ŽR¬ÑêúIPûz’ÜÌNNuã°ëéí–-½fAÌ-<üÒ}lµ®ˆ=ìtv;wuE�Xê�›G�@¤o‰Y3¤üœÍQÒié”ðd€$×®ÊÀé½”Ôj�†eëz­;¹©Èó[¼	
÷^8½�¿ùl9ëvíãUiŠ¹g(3Ä¡*y�;Ÿ%ÒKW{í*ñ¾âbn„K:Ϥ©KS.
+ƒk‹ÂlÊ×߀l„Åg®"„QËâA˜[tmÔ­’…¥ÀÇ„f‘ª’ÿ#’U¯é‹é|þβIнÈ�€~
�s9öµvÑÉ´­ &rHì‰WŠÑþEí)‘D¯™¥«vz„øAÚ²#çë€ðÛßÿqÃ#'ň
>­j”SK}ñH„9yF»=B»æÕ+l”ÕÕ�.’h7JªØZÚòÀ R®äƒ”»Ý9u»ÅTfÖ Á¹qh�Í^Z7+Ià¢HÃ5œ±­‰o-UÝÜ­¡°�IJ"¨„¼¤g-D‡UË@näÜ„ÄVìeƒL6¸D|;AÃ÷^çB[îø†›Î¢¶FÃ.¬¥xǽϖ7‚fœt#U–½A•ÆFÁÃ{ÐhÎ5˜�>U)´ãFVäa€üƒ±c7¼ÜøØFÂB�Ê$r`9,ÿŒ�ÅA¼ÅN+u&+<ò7<&íËʵïÎrRYX\ô0žù�€_ȱM<™Ógü9�€ù˜==Ζþ)¡*
’1d˜ù5¢‰TÛ;,Q5}e�vűk|<vƒóGâùÏ ¬ÿe½hAÓ÷®A‘Æ%
ÁªZFÿK|êÌ0zT0Zä½7ö¥tÃý4
+t³ÉtàâùWI!.�ÚÏE"|åAœ‡«À—GèŒkªðq…NÌ]#ï9�‹fÔ¥IÓ%ÁB¼Z䮆m×	®®–ËÿÜÆš
+Œ·’󺯴û±©%¬\ÇKRú{çóovœé‚ñmq$·•®Ù#ù¡¤SÜ0Dþïm™N%¼sJ¥°¼ ˆì�;&ï1ýÄgÇ• gƒšÑ¸NÜ?­”(“­$&•\JwÍš†«sBÀÅÿW%42ûÎTåÂ	ÀÜ:¤ÿ½;½c°€LÊe�WMu'žºNÕüû	é~¸ÿÃÿ¦‚î
+endstream
+endobj
+615 0 obj
+<<
+/F2 13 0 R
+/F8 61 0 R
+>>
+endobj
+613 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 615 0 R
+>>
+endobj
+618 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2676
+>>
+stream
+xÚ}ÙnãÈñ=_¡·P€¥�lŠÇ¾Í±³q�™Éá0ˆóÐ&[³<´Mr=þûÔÕ<D:€aöUÕuWuiç}÷¼£Ï/»÷úîÿ˜»‡ó.Hw�:fÑîá㿽w×ëþ&žiŠòÇþ ”ò>ü$ßöºcïµlžq!ô.eÇ[Ÿuƒ[ƒ®8Œ“ØT²ÿÏÃ_v'¼äeǔЇÇý!>eÞ·ŸÿñþÝ>÷ŸÙ‡¯û~ÿå
+NÇ8Ý‚äx
+	ìû>U^;ìQ�xµÞ�¯<É‘¨q¦›‚EÙõ¶|zƒóÔë/2øØ…©—µi°çóeã‹8‰½ÚåPßÁDež)
‡e$y[×Æ楮ªW^i-îÑ꜈è¦m�Ä•eÞÕ¶xÍïea�Þ8ú4RA$TýµÌMÓ€9ù¾pOÛòù²VzÆд=œïèt ‚ tV1¶-2”�…^Ç¢e
g�ƒ;BOôõZ•FvúV¾ÙÝ1âÒVö­AþñH1ä(\Dêªâ
°Y;‘Ïz]Î2
õ+^ƒæ�]<hðÀÔ²âp)oÁ¬û²m:Þz
]Ëÿ;ª„úÄTHLµÈ4¶g·Tv¼"29¢�“�âÖh£LˆÐ9,åÏ×›Ï^š2G÷QàµÑÝ`IÀqÀŽ}¯}›òžWÁâhX"!Û¶âÖ¬Ñkrvü<X.:S’S>ñ8ÈֲŸ$§Àì¯85<ÛÂÄŸ¹ 
+(TÞŸ[<õ‚6‹Â†ÿöÍ€ôÏ°9ÑÁDç¹¹öŒœÉŦN£y-'ŒÁA°uó,”œ)ÌÅqÍÆ=ò{R;ê.bnjþTÚ>ÓJ´8-“ô‡ùybê,o�,á°ˆp}OM�]/·Thˆ8:·U%¢¢s¬ؘYïÊŠÈ w&gÑàDM,C(UËP†³P
+A[(�‘Ê`øÀÑè…a”zCS�„OC§kãŽÎ|æ]¯{Sð)ýDþN\±ê¥vM” Y±#ë:<Aì‚ø¹Ò(êZ90‡Ìõ|˜%æ\Iîq™@"ïþ‹êïÿz÷åáþáûmþQ£�„Éif¨0!ºN€J[²Ë°ëÔŽ›�âñb•7á4£y(!�ÖuÛ`zÁÙE‹äØËðòõ}“pm÷¸çU0Â�¸‰ömäÂ;´³Àã\¾0iŽS·Æ£imx-ðý;1bT'.ÉÙúŽ?v|¢
+LÆÖü6”ÖlØø‡9‹pø{ÀÂüèÑDUÏ6kâƒf¦É+
+æŠMƒdòNQˆ"ÙOÒ¶C³fhW[ûŠ×Ê•ye´EEá&ðVæ¹|“>žÃ̶¥$)
+³[îpiä*°XÅÞ'Dg%à ]
(à)Æ�H¹Ú
Θ§›ÁTëTˆ@ï5ÅÓ_߸'ïIñž7¬,ȼ'ÁóŕG.­ÞC††Ýп1b†˜…I˜I˜DL£Ü
�å'w:õ³[žee²ÄÕ1ÌHªx´±kÛ£hΆãlÈE›Ã)‰ –Uqì‰Õå·6Ï¢À
Ç:‰,MLó<P-„—–}%è_J’lk·ûB<ÙB¬xF)dè•‚À͸~U*ÁŠ´.3R®¤–V
+4_v RÊâ§óGÈT³üA…HÁ…Ãr€-©®Qd'ôeÒTºÖ·J$“¥ˆŽÒÉFÚþ°¨[²Q*øóXt¼U•uÙs•™H­š¸Zõ–t� d»€SUËø“qà^�Ôf]DÆ‹g2j†¤¹oÅÅG.<O_BHäC…"§CÃÅ
+Ø
+?™%Z¤7Ã@Œ;œeåXõ1NtÇ_	jO€ºvØf²ÄûKAÆZ\9ð-UXÞwõ—Té¼¥x^piÛsÔÀ!•g8pO+ßú`⇶REÐŒXi«
ì¶:¹TöÃSÒópÄ°ãÓ¼!_Ú¡Ú®CÿV>§%¯ÅB¹áêT‹ÄTË�l(°ZëÆyÌܪ#‹‹ó®m4P†©š*ôæ¦~×yOj®Ã—‘ZÅ.׸'F‰÷'­-›íõ\ðH"h¹rÒÅu>sÿлêgó–~Ã,ž¿¹âY)„Foyq^Gãú׫þm0¼7ÖAâ$¡sJÜÜx@âòF¥MF‹°\–„ä†è
¸FeÉÊ~'íû‹P³ÑÉòj(P”è=ü©9“] PðqÚ3|šò¡ÕMwcmäUŽS{gZ"
+à’ˆ##Xùˆi¥¸Q‘‹œUzâB›‡;áë¶äÍn
N¸3#v´[¬ÁŒ=4¦—W^ˆI*ŒJ$¯0€´WË�—R®Úö¥\ðÙ4ÆR³;Ë+CÇj�¥ÄÎy|A/Âóø&ìdL!
¾?˜šªÕ±¸Ä
äÔÚ··¦ÄØÊP %ö¡ÛŠ
+2„ˆêke¨·¾¡|ܘõ¦BÎË,ÅXrÿc*¿£‹4c– �
+)�Ó‹�*dã$ŒÐß~›cn:Á%×BBÔ}Ïu\pE
ʽ¸É3pÖ�/|œM±‹±\íPL),D‹4×N°¾\LÃÇÆÇ~.›Íw²®
+3|�ÝFTIr‰B_Úw™%�|ýž•Òs‹¸£ƒGàÑ1XÃ`Òu2×u²7´IM¿ëØLÁ³–å¼KŽµæú{g,Bœùb´%GØ¥×�’÷\ÆØ[‰e8ÿ‚íAB|%èjàN†�’x@z„ÚX.:÷ÆÞÜU�@P˜ÿgAþ²ù‘ÇÅÆC"_Íe�c¡< û€“�ðÛ_,÷MDî°<ƒdÊëxî@¬éuYɃ–6ΗÞHÖ†#ÎpœÛ”c[IØÊiTz§5;~‚Lëwܺæyƒ:yî5tÀ_‡óF’Ž½9�ËR“ÃÓcè/­•ë¸bϦݭ*@S„4[ÏHñ¦3?ΔÛäD”rRœÄù`êfÁúv6ˆ® šš@*�Š
ŸKn˜âŒzTµÜ"0R‡Ó«>P#µ¾j}ó†ØÊ—$w)E‡ßáÊ]cç(j|£�:'’ç:_‰ò­îP$Ý¡Ï_?Þºÿ ?N|ýòÏíŽÐÔF}Mm´$›E}œqƒ‹j(õQNøù,�ðkC#g¿ÑóZØ
+ÅBð4'ÐmÁeס�¦þ]ÃÓøª
!œH×°ãYÈ&‚„’ùfïäÏuZðQécÁhÖ×C¯Áxe+¨¶D‹K„k
+ï3yÙ™­– ü`

zúõD…�3&÷KV×âââZ4wܬ*ñ¡´m+±—dÓÖV^ç6Ø÷{"^Yþ2ÿ©$rm¥ê\ÂÍD�ù�}t@bH´Á,~£þ�c/·L°h»ýwù¡×v�Á?>©Ó¬jLÔf›±ì±cA�"¾éôwÜy�"¥ZôÂád1Eîθ!ˆªcH×ë�|Í+,ÎTùQ÷óÃþôrÎU
+endstream
+endobj
+619 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+617 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 619 0 R
+>>
+endobj
+622 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2489
+>>
+stream
+xÚ…YKsãÈ
¾çW¨æªÊÒòý8ά=»ÞÌl¶2ΦRQ´HYÌP¤–¤Æñ¿€M6%Nåb5Ñh4
|Ú+w뺫—•üü´úðôÃGå¹ÛÌ[=V^ºò‚m®žîÿåxAºÞøI’F·¼?®7A8+eW6û’?CçsÞ¬ýĹäõúßO¿¬üp›¤«M˜mSñ~»ÞÄQæü½g~T
~‡£Rç©j�û�%å/:±sò¦À°�/Êœ}ˬßÖ~ê”]GÄ8tª&¡ÑÛn�Å9~†iŸ¢ê‡ªÙø:tíɈÏÝð0mÈÇòÒm¸Ú�e<Xæ¾%äÎþr*e³�UH2Õ8ñ�ÐÄ#­œ�†"•~Ï]ù­j/=¾è1Ÿ¢j¡¸tò×cµg¹Gúc{©Þ#õpLL÷€á+D”àÖó¯ÓÀ¹í]¨‰êÏ¢9³†�S“%JV9q3Dƒ‘‰ð3M¶Ý¨}¹*¹š‘ƒØ¬7öØ­éâÃ$tþÉj´ðŸrh&—¾¼’Òç'CÒË"bÞßž!‡+Zv¤/ËŽLða¨ÀÈ'_m»ê¥jÈS±úòLÇ'#âSÎDLê˜X祩‡ü3,Ù�ªžy¶¢çÆK¶YD?Ñ6öDÙ±ë|"sª"/2ŠEcÐÐÄÀXóäüB~O§¯¶O©ít½Qª‡7Y<z3ÕP•:Ó•=؉·z6h�ø¼d²:t8V²(‹ñ¯ƒ'xAQíü(Ùç<šgØ·f¬ŸmVö@&þ¾N}58ÔÏè2Ú—r�+âù×j8òˆ4€R—y¯C„ë±ýá*šÆ¾n³çPüWgv¦ëÉ0wÃ,Î�ç¦C0Ùc|ªu=–N5ô ÌäÖíùI,~	n0sÝùP¾Âån=ž¼R�p:çn}Ò¥©Ë¾�ý
£®d먣¼ñ
+	Ã`'qöª7Ü\ª®4ñkœ9Ýz¶/ÿ¨pþeÈ‘¬Ø$Æ™'@'Ú`nÏ6ˆq"!àR3•ÌR1xZšÜúsýÎø2úS2‰�ÝžmÊq›éŒQlò^ö7Š�²SŸ#É…[�P":¤²Åp°pÓվ쯑EÝ %4‘léñ z¼/¡s…ßü|îZr1Ü
æZ¤¢¡(´ËA` O Ð½tŠÈ‹!+›ÿÉ÷ªŸ‚r‹™¯[	MÅŠx†KF£~‚Ê ´OüQÝë±Ù×—B0У„w:•¶fÏvc'?â$®JàFØ0žoè†fC‘äKÞ ÞšH�DI�Dcøªy
“JŽá/{sÌ œùÒ<p§b'þ•'„£nQ/NmÔcÕRM!ˆ7­¤B„öèAؤ»<ú„ó0¼p}Ðè³+]ýéQ¨¦àz5ɲ¹rRòº²).'|iÕPcÍ9\ìM÷÷“Þß91GŽ¦P*r5»òh¼þ0—.‚¯ÂÛ²†NO¤G�âoëˆÜ�"¡Ñ;g–/(Uz0JIÆE8ýúÑ® 
NÈiF=	´üwèçÙÿ{»‰ê?k�0¹[`r2àÌÿžû¿–�Aù¼&7ðMÈccL`
º:v
+·þl£ÇÅ‹
+ŒõƒÈ·
+>úx@âcd/À·ÛiyøŽc+J®Ñ2ò�
yµdeÓšžb±Ð�ÀŠ°ë„îY
%ÜÖ·^<s]Ê>§©”ü«¥@àšŒájÍ/±÷ʼSPi(×býTYÔ#²�Œ\MFn:‰¾MFî,Ý!¹«íG„ª¦¦Qõiª}M1(µtì<FÖN9*Ú(6ÏÊôSñáÖh³éÖìš?\(ä7·ˆa÷:9`W"
æ  %›®&õT*QÇ{ÈT"z™]É—˜ŸVØæOµsJ}#Ñ»
¶…&�M“Å3{Óg«¿ðÎ,íM4«ø=Ñ¿
œ•8òquyÂTQöû®zÆ¡3“‘²…—¹m�À…ö†�h¼j®š˜yÓÓëñ¹!7 mÓÀö_–ë™Èä8‚ЦØÛî+fkµ±TÒckOÅó“f¼™™i1úüxÚâöÆ„uI4¦YHßïQв€  §šÂ‰Öc�ö�.oúsÞ•ÍXüx6>†ê@¡qÉÐ_îàC_=0dÔþ*çy­Ð§Žk=X+¶­ºskõ�1uÉÌ…½MíƦnKí{»7íÁ(ðI|ÒBäJ|¦ �ÔMH�ÒÓ±ìuO«O$ÅÃ3x·šŠ¿‰© žéo#ŠŸŒÄ{ùwÿ¾´~buÿÌמ¤ý¡QÎ?Ñ­ò’™QÁ'×…xûh}aèÒY%S¯_,ÀÛ-óÇüAÃÊc°¨ðLt@·�<ÊüÅÛË$–õ�á„ÒR«B%†ìÅÖ»D6‡¾L3»rß䔫'
+^ ­ý¡ìLKØZLüÿž/¨
+šu!Qôø(9R—NOLTJeSÎá™y¥ÀÓ»Ý{yËúJ9Š6|¥‰ô™«ý;,3‚w»{ªõ5ˆÞÝáÊçÀåGcmë*x›òmÖçI¥˜iØò@õ”§}ªcòy.=sQ¬.¬Ä,ºþÙôå™ [žDùs”<HZätqÉ•ölž#¾u1°ö-‰rËeÀ¡“,_¶¤r4Åà)5�¦\(aÔ•õpåΊÄOËE"?¿Hœšrˆ�
ÊiBt»gæ©gFdrk凮7+wS4º®êtHµ9FlqíÏÜY&«²p\ÅCö˜ž�æ�ºaÙ'þË�.�‰˜Aäš|In%pØzJ:DÏ;e 2ƒ=¿­zú¦4¥3ìp9°§:.F•åš|wëû¸&_X?ë5Ý—u9èSÉŸAÛ²’ëš�¦w»‡¦ l|ûéß1zG¡óåb¼Už !`&mJ A¬gë‰9àì!½.È(?žóª¼	–yB»jºéœ`„_�Z-ïEt¥yKö[±¨ëfÔÙÉ¿
^À7‹?•2Äs¯-ç¹K–Äø‹%‡œ`GhUíU)-®ÿ«`4%3à©SÞœF�)º¿f4õÅ$Þk‡�þú�G-¾Á?8aç]gDÓ�¹¯ú}�W'ºã‰Û4•�ÜM%;tl¢$^ª€ãxþÜÁìê =¦Ñ—ÑàÐ)nNù€÷bî'0‰cØ™~óóÅKSè³[›‡|ýqÉëêðö�Á�ØvmSäò¿|šMøµ	-a4"r.NKiºè—,é6êñ%ªBC›—Öé9)Z.<Égô]ÏVS\ÑŠÍÍÃÓŸþÈo¥
+endstream
+endobj
+623 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+621 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 623 0 R
+>>
+endobj
+626 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2597
+>>
+stream
+xÚ}YIs㺾çW¨æªÊv¸/y§7¶çůÆ3‡Q’JÅ9À",!¦H…ËxœÊ�Oo AQš�F£
ôú
\ù7¾¿Ú­èóÛêãæOŸÂUàßÁjó²
+òUÝñjs÷Oï×ãq}fž®Kóc}E‘wûgù6Çu˜zï¦Þ!!ô6{ÓñУªqhPLÓ,õ‚¨Xÿkóû*n’bu79É_ƒðfha^{ͱ7M�íÄ+ugvµê5w»æ ­¦å¯ª*!¼ð·ßëÎrë-JÂí$©§:¦šWû¾FRkõú›õuâçÞf�‡^ÃÛ(+ÐtWÐLO•å¸ˆié(þêô°žzÓW—És¯oä»ÇÝä…W™®gm¾v'‰Ý	°óзiëÐ3õ‰¬Ç†ìQš§0ÉtÉÄ¿­óÈÓmóþ(+³Õ5©:uÓCNš>˜	Õäœ ™ŸìwÀÝ
´i°ë3¬˜{š‡J8‹©·4{/ms`:kó�;
l·å¦X‚;¼Æ͸xr“±üÐëë8�½ƒQØ!ÅÇ)è‰?£<ìܳ	QjÉìOO÷uÙ´�>hrÁ¾ûŒ‹Ì;¶
éÜ”–×ô,eÛ°ePë8úÚ“[ãðóÐ/í­�U`*ê-ŒÙ¼“W‡	›,wM,ŽÉ˜ëÙêÚÖ1š¡cÂQµ½ÑÝÿ^Èùaºþ¡ÇJ£w´®‡8™í…¢bac‰e´MXä^«¿ý†í‚¢
+iý^õ¶¥¥¡ôÌ´ÇHB’¸¬H]u´ÚEGÆ#2Ÿ(í+álÚ�ªÍÛeZ‘ãrjè÷MkàHæ;J8ã«¥FUÖfò,Ò<º¡x]¯êRµåÌÕ²¹«E£«E~!1$�ªëÔNs‡€±áÈ}
+rèãFd›$ä
½®iËNdvÌ®˜û.ÞŠ¿]ß6¨.ÖYË|r‹=6ï¯/n)�-ù¸¥e4£Ï©&¬g[Hf¥g(?Õwôzº#d¥Ä(;ò#œYsQeàng6ÂiϺµN’¹âéÀ²1SŸ9
žÅI�@ÂFÞ׺B‹`æZscÒ[!Q
+ÄŸ£Ç£s�m1I�]RŽÙó±ô·”ü­˜òê"¹€#RšðŒ!æ‡ö—>?í´Í°ÛsGµ­ªw³ðæƒ*5�s>­…{ÌÓÀÄ'
ª¶‰·þŽ[]ÆH/vEá¼c{l»KRU«Uù¾4ÔŠj(©°d!¹1|¶s?ˆ²@’rŽË"Y(�:èibjŒ™�Ø!�A¦$£ã¢=�0æTX@r2óð¡Ã°Ðãò(¢Ò<�¦å‰­Ì©Ýež�j“ØÞ)î¨Væ((fŸ M©f?s’Þ«ê…	ÍžRåt`ŸR„‚%)‡å˜p©ÿfÂÓ–¸Ø‹O?‰ƒN«�•Úê™ÀÝ+Q+¸
é>â=gèàG¦çÞ‘»=˜Nê*€�–“Þðƒ�-«úË¡Ù}aû:ƒ-6”J²B
+Ë“×a,�R4Æ¥�AÊYðííô3žf9�E&`Æ,ö‰‘úÙâ1ììle#¦Su�MæĆN�G7-Ójð:Am8‘h­aY0�Ù¯•	‰Q·ý|Ì´xçáœÃıØÖÎ
+?IÔñ2Qã(Ú(Í]S%˜Á“»ýúøñáË×ßeÞ}½ýëãý—Í7š¶˜5�ÇÐ�ÐÙ6„dŸ
æ9$�1c@Gw£Å˜)žÇßL¿ç–@Xä-O
ß1K«+­:B“À5Ô%OˆÅêH«_-µaÙñ0j€tÜ„ÃÂ}*‹HžÐ/tbSœ0œÌˆÃ9›§W$JòEkà'ŽýS„X0ˆì6W\Êï¸BÆÕ;³Õ“
,â"]Ü°Á!æ°_¸…p�œ®E2væeQ€ w°jå©cîîjy”¡>ÑÔ•Ô6F8ÑhÈ�Lã`£ãï¥3@ÁwÎPDŠ"ç²€<¤±”\¶dÊ�·¯Üc€1ÚwvSœXÆ—¾+ªcÖTíSE‚�†Ty`²‘l–l"ïNò©¤¼ÁÈ�鶕2ð¨K)“ÄütQä[`úʽZ3rLmS�s=c!ŒZhäè$ ÎJ¡D¶ÆèãLW‹h¾ÝV½�O�—’½�Y8ÆÃâÝ€oë‰ë–Ø›Šh’Ú:Ž�ÌVÔ’‡8ÍÐÓw€h3@OÅ(,�òM(,!ïn…KÙÆÉi€òpî™césoä-aK w,€Iµ´bÔ Ia;c-,&SÙ<I
„·¬W[î&ùòÀÒl,hDÒ©·gqÝ@¸Zöesß™¸5ÿôèRo‚®°ÝÏÀLÄ×3/ü5½`#€îÜr|0¡³äá$ P:I‡¦Üƒ=†#î\^Ê'Üf¢
+BIt‡Ö˜ô±cdøµ¦dýV_aqâW±0K<]1Ȉén«lÓq†ú¯xg{Ã…êq2‘=	-͆¹ªü÷Ðõ—Á1ÝS›€ÓÜÙ5tìãrK³œ’VSIë)×�tp8äxmš‹¬Ì•eaVjŸ½æ¢GNœ
+6éžIfX~Q6NŠVSp”]ÇIè<¨Í'h�v¦·Kä½çzeŸ¸`üéé/ °¦}ÿÀæt?¶ö\/­Ä`;	]…K„sÅ	0Ä�cçPÞMÜ7=ÙàôÍ6ø>ž†`”W<„~3ü>;«L°XÂyÉ�óÓÅ€òôô+_¾kº{¿Á€Üáryü‹›û��¦1AÄÙLv±���ì;]BI ¦)E0¢ÍåõpöhZ8ìç¥4vŒšÊüõípóáTNG¨üùóýíæáë—o¼Æ×OR‘/�æÓg0ÐÊT·@S¶&…1qÛTÕhuê×½ï¸O90,‹�sïqa
QŒOÄÐ<‡¯qé_ŸÉøžÓk§Ö3å¼’Ç»,v8FR|g*
]úCÁoÀG£Ež…™ODsÇÔ3Yó×ÚåSåyÊå!µ N3~Øž NÀ{‚Â1uvòeÐ]Ú³0U6”9ƺŸdïÈLG¸ˆ¼�Â5ýTÄC£(—Ç>ÃnüŠª 5©ÊÏä
+â�O=ÏJb�ÈÏì@°¢´²EߥÊâÙù˘/JðùF°L{ÓÿÀ¹rßÞö?ýű1>ⵊ~|Ä1‡E2á¶øÌ5Éã»2�pÆ‘0³&‰�„þ´´—È7²´uÝ3éÿÎ F"$Êm„`ËÁÃEÊN‘Z§ÀIÎû–yÈùU=�Ùfœ=sy8'Ÿ;ü³�ÿ…Yl”�Z<Ws¡BÿÞìÝ…ªÑä‘teåÄñº(‘fIff£ù	‡;æ·¤�j)&§®Š”™«âºç~­L÷ª…°—ÝoþðÆ*ên
+endstream
+endobj
+627 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+625 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 627 0 R
+>>
+endobj
+630 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2745
+>>
+stream
+xÚ…YKsÛ8¾ï¯På²TU,‹orož±’x'ãLÙʤ¶Ö{ IHB…"µ Eÿ~ûÅ—HÏ^h4€~~
-Ö«õz±_PóqñËööƒ³°×«Ø^lw;ZØî*öÛû[¶·^Þ8aùÖ/IuXÞ¸®k=©�2ªHv=ë÷¤X:¡Õ$ùò?Û.|äsãÅ«ˆ8„«åMàÇÖÝÒ	¬�Ÿ6ï–‘gm¾<2·oÛOüõðx¿ùc?�[™B¾_ž~{&ƶ¿
+¢Å
4¾K¬ï€jZiy<é<©uYð@¹Ã6²êƒâ�û.YisTtÔZè·º®xA¦Œþ±ô}˜ýXÂ
+U1ÅY×YL
SWꔘ¤–=’"nE¦N´Ÿ‚/ÙÏ¿†³»+Û§³gx¤pp$Ü)ðùLОq°4ß«÷Ðà:ž/¥ŸpóƒÈsà†}�EítU—&Ù«1‹LWµÑ¯�FŽ*ÓÍ‘vt--'J“<WÙô	.rbëå%Ùï�Úƒ$Þ¡ÚÖ–ÞqËò‡�´<¡ö/Fï(ÖšWU5y­‹=SíLyœ,ªYWÜeÍM¥2YTr›ë£®{>ƒs³IçpÔ„ÛŸ‡…�}”¶´¿;Ãýÿ.4°¡‘ÏWÖò…d�êÇÁó!©¯¸€Eè:kÚmÏ(Ô-v×–‹�cƒ¯xpîo0Š‰ÀÅœ]6çÎv6g‡eÓºHó&#±@�Ô„m«$T¯�²ié?ëT•ðÎØU”̱œqùé”_ø“�-ŸÇë}ÂíÍvz|²`·]æNÄÝóA§x
+2Ž•U{¸ðX©œL�ÎTâ±^ï±<ÞŸƒx�;÷žD„Uw`/l(h
^,z„�_K<ocp(²¶ËȱÔÏš{Fý·ÑFõjÁA2*
á"e;FV.�¡
+°‹ÒÕiòš+GËÖ•l>¤ñÖ8]ŽN“뼟Ú}�FË|òOlåbÁ\|$ºŠÛ\UÖ‡Dx”…¬=$¹°ãS-[ßfÚHh‚Nà^í?4hr6Ï#‰‡Ü@â“é»(}q¤c‚„—Þ9CKqç”'©%�ooÔ¦p¨;ç}5IŠóßiïº�~sƒyLºy¿=v¼õšÂoK0¹‘ÊÁJLY€+ܸ�&Ñ 8#帇ÎHâ;´éP@hì -slì�¹çâE$
èÈ1�ìzï]iŽ�ü8²¾ ‡Ÿ5	æ|™Ø‘P@U‹ÿž$®%F|Püÿd4Ÿ‚÷Tì¨IÍ_Eà’Î�χ2ÒÉ™]ùfø|‘ ‘íÓÝãóç;ô\B!WØÂëMË$EÕfÏ
Ibž‹¾XTBÞÀs#̲Ø|×Eƨ9²�dúÅñÔ8�x� «’)9y4Ì¿3`\Û¥gÅýº?ÍLt¥#q>/šÅ<8ß&1LÑ‘Ö�{*þd6a¬°ã�à⵸ýˆò5?¬7´N£“Ö<q—g^.L	=MãÑð>€»ðI½ØªÄ~R�yGúDYU|8dÔ€_pmø“G8¸
Ü!•ï�‹75S÷:šV3ù‹Ò*†®+eÐE¿Ž]…†F?ñÀs‚p 0\A1$Y¦%gàž%Ïrd¡
ô^„*`¸
oÛ‡ëymFq!wÇ	Úã02öÜî8ˆGÂØú:
+9tFŠ�N(ØI˜o=tWïM!Fr`D„ÉР¤\ÉLSàÖâÏ·@MÅgpŒ-[4|ÌäC°D›wB¾í…y}ÃP�Ój~dæ^Wižè#�d'ÃÑJÀBUÈ´µ£)TÎ[wïä…>.†‹N‘ØÛû\c­…��V‡¡%aâW‡ß°“´!è
æ?0ô¶VBqÎ@Í’¬$ôzAc‡5Y/L
E˜Ár¡]IjÙ,xIz€Ž°Ê]ã5Ï”TÁ3ãaáØž`<żÁä‘ü0ËqæZc„ðÔã_ZÍmÂ
ß~8îŽöDZu0Úú¬ó|*ë“Qtþum"4]\ÆŽ––÷·ç½-‰è6‚ÇêœR/Œ¼¼Üqr-J”ý&ö¬ ðƒê•
+!PÝCaÈéK9ºáž//Ÿtu3cB¥¹ ­K¦q¢9€ò|@c ñ^–øs¼ƒ�? %(ÃÒäT°ãÔïÂÔW\ì–	�†ÈÆ.'�íetž©5‘Tìî¥:@Ž$­©’£’÷oÄ-ÞØ<ýþðøðFbáš}ˆu©P­’Ô�ò=Yá™Þ]�½ŒVÍkÞXGtEt=¤À>ßÉ™ AqÿLÕI¾“ŠIÕO0تÊ/s–<Ž�!BHüˆ;Øáw�Ëïˆ)rlë®ÉQ[R"UR×êxªeqÉí•,<Pt‡µvÃÑ^¼°4Se��ÖZ »·vf1ÌÓùaš]t†[Ù’ÆpžM)’¦.�à7br8„`bD-[HÎ0¼rø �}ÛLxæÚ݈Ðs}ëS)aÔ$xšŠ€N‰©5õ>‚fþ8$=òf~F¥JsÌÌx„ëNy4à3pN™�· ¿ÐãFÃÏ
¢v\BgžÜ¤Ï] ‹VnRóãÇø„$?Ay0)Š­¸×	6ã>¥\X�—Xñ
C(«†Ý›ç;ÑàĦ„н£0Á®‡m‰åjö¤H[ÿwì•í]Ú^Køðuûõi#o§›?ž!
+<sùò�‡·Ÿžùëóï›Çç
ñœ°Ü2À	¬Tž(é=—»>�ÒÃIGS‚
+Ú
+ÆD2Î	}ƒ€¸j¡Îï®C>Ò{pp�|N 8#`+´>>~í6tèP5ß_¿v¶ÙðSŸ~
B‰!–Óô–‰«ìGVŒØŸ›î©È_ãÑ™b�i-›Îuï
Ø©ôQçT˜
+z¤Á“6ºžA¸´€$ÄŒ]
@Ìd¼gŒ@µÒö¡è¨È#Â�÷…6S5ä~þæ½BDþ†^]°Ã÷£�Ë×\e¸>P�¦Ê XŸÈý™•qûÁ¼ïÇ+72œ?Ôõé··çóyµ/šUiö·àï—\íê[^8üc X¯\GV¶I/ŒW¡=4ÑMÒ:—A}Œ�~bu�Ý9Ã×GG�
+´{‰A´È!ð
ÆiÈÇ
Ø,§e ã; âÿ"è-UŽ»£Ñ@½÷p½õ4¼OtOEhˆE(VðJ
+U�ü€l ’6dR8<sr( úXJnIZØ÷A1FðE94Ž5KX€‡•™p|7S{àÓ"E~ôÙ’[�‘ô%ŒNÒ�//„.øxyj6`B»+óœk£§Ú'\Ê5Œ��r9+‡QZÞ�<I²“;\i
%i_A{Ïæ?6p‚$
+m/0˜lf_
sœ}ÚøšYñ‡„UpWBe»õ‹d(›qµÜd&ÙÕˆ=™ÉõS°V
˜ÓELêMÃxGÓ…q¬¶œ5۲ߖð1‡à`ñð9¨Kúñ@¢»�$ÜŒý	8PœCSŽZ™ž˜¯ɃÃhXáGñŒCb$@›ÓƒÔœKGòq	ÚÈ1€v ìŠfˆ…oÝN3Øy¥ÿ£$ædÛ·ó׌f $¸Ö.Ûlÿö?èSða
+endstream
+endobj
+631 0 obj
+<<
+/F2 13 0 R
+/F3 17 0 R
+>>
+endobj
+629 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 631 0 R
+>>
+endobj
+636 0 obj
+<<
+/Encoding 14 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F13
+/FontDescriptor 635 0 R
+/BaseFont/GUQBES+CMTT9
+/FirstChar 33
+/LastChar 196
+/Widths[525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 525 525 525 525 525 525 525 525 525 525 0 0 525
+525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525 525
+525 525]
+>>
+endobj
+637 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1269
+>>
+stream
+xÚ�VKsÛ6¾÷Wpz	4cÁ$Hñ‘ž;v“i2™©ÒKÝ™Ð"d¡¡JÖ¿ï.¤IÎôD<öñí~‹]!Ãà9pŸ‡àÝòú^QÈ‹(X®ƒ(¢˜I°¼û›Ý´íl.2&›J½Ìæq³Û·þ«Û™HÙA5Ïx Ør£:ºúT6xÕ—5(‹4KY”D³–¯ï#4èhþ£`ž<w¾nyÄ£Ù|‘
+vsw÷þóÝ×Oè*[°ßõ,Ù7	³šûNÒÂ’_Xý¡V²Ž×ÚÐâ€Êº7¤^¡zÄVýV6xa;6Í@‚áÏEÁ![ÎrÁ@O9¹EáÝâêè6™jè°¤º¹w‰´då€ùÑ=m6%Þìf 'édo”µ²¹B“˜\Õ}%°»Âìg`ÇÉë59·y	7$¼…Xƒ¹˜ˆˆæ(‘Ѳ©p‘°¶·Ä¬s€‹µ®k�AìGþHF=o0¯â�ĬÓ›F[Øvdþß¾„×Vš\
áÊÖ^«-Ÿå[_Hq�ó"E¾âœ‹È…“,¨’tëP€Ñ…HØ#»}œ‘V1*e!_Aè䲧Q”B±¸BYˆkÊ­<s•E<�½’)¸ð
y’º‹/ÒlU×)Ý�¬´ølÊÆÊŠ6XÆø…¬®hY©ÎõÔ[I{Èܵöh¶ºRëƒWÝ+í(³I8ÅÐ7•4äÞ%Òé
.¯ˆC¦üÝÃ篴¸7ÒÝyã¥õ‘ŒÌãýKšn¼Š¸˜¢ "´‡P6z]Zé#ÚMµÛþ©VÝfHÎÓáÞÕŸzm÷¥Î5êþvžƒ½²òßødhv¥QÀ‚·%W¨Úùx©{£;¿Õ»
êR¾ØAÈ•óTú]¹ú~&ÌÏÑÜäûÆ‚›�bÿø«aw¢ÓQ´
²ð­xÙoß�Ô3C*“Ÿüæ
?ëŠss‘¹æ‘EÎÒ ‰]3Ë\3KâÔ5³tlfIœAÒ©½-Ræ’ï{^MHÒ„ÝÏò˜Aò]‚œ¢$Y2$¿D
Ì/mˆ8@�ï¯èæ	L`¶ÙÖåJ’âë-ññˇs>êó_A'Á>ÖøvDæz<ÉóÆ”d<ÓÆ4Tä„ÀWJÒ¿‰Ýõ¤sEiè;<;šS¾þ\	tgXr7mIïŠøwh\ô"¡Y|¬’ÉË»ô~/Žx–MžB‰rž‹)”É«º�¡‹̳¶p]|Òq.B0 ’ÿ‹èBågÏ’ÓÊ�óô8Æã|q2Æñú¼òi´æSžQ£ÖnÆæÃÎŽ5ŒÒÓŽa’»_ÐëôÖ»Ò�.Cú+½EOªñ-h�øRÁ/<ãЮ¨°·Ò<Ów£‡™mÑìqi?­kèæèe‡74Íý �f׫ӿ†NÙÞ�¢þ8`H9p1äU¤Ñ�Wƒ»ðâ?­|£(¦ObÔN¹OP–/å¶Å
;áÒ€’­Ñ0�·t¸"ûF/àguï¢!u#!�à·"Q#kYv¾Ä.&Qb¶’,ž8Æ6nü¶¥)ëZÖ´óS—¾‰º@ÂÝF+ק2Â�Rk×¼qÕÁtÿ_ȇ›‡(Wt˜d‡îJű�‹q<ÐÛƒx��4˜?dóNæ1zÿŽU_­ËþóéV†4ú¡v0~÷ßèpåáÈƨ$Þ/ù™<\!
+endstream
+endobj
+638 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F9 84 0 R
+>>
+endobj
+633 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 638 0 R
+>>
+endobj
+641 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.ц&FšºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kÞ;
+endstream
+endobj
+642 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+640 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 642 0 R
+>>
+endobj
+647 0 obj
+<<
+/Encoding 35 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F14
+/FontDescriptor 646 0 R
+/BaseFont/IKZWFZ+CMTI9
+/FirstChar 33
+/LastChar 196
+/Widths[314.8 527.8 839.5 786.1 839.5 787 314.8 419.8 419.8 524.7 787 314.8 367.3
+314.8 524.7 524.7 524.7 524.7 524.7 524.7 524.7 524.7 524.7 524.7 524.7 314.8 314.8
+314.8 787 524.7 524.7 787 763 722.5 734.6 775 696.3 670.1 794.1 763 395.7 538.9 789.2
+643.8 920.4 763 787 696.3 787 748.8 577.2 734.6 763 763 1025.3 763 763 629.6 314.8
+527.8 314.8 524.7 314.8 314.8 524.7 472.2 472.2 524.7 472.2 314.8 472.2 524.7 314.8
+314.8 472.2 262.3 839.5 577.2 524.7 524.7 472.2 432.9 419.8 341.1 550.9 472.2 682.1
+473.8 498.5 419.8 524.7 1049.4 524.7 524.7 524.7 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 643.8 839.5 787 710.5 682.1 763 734.6 787 734.6
+787 0 0 734.6 629.6 577.2 603.4 905.1 918.2 314.8 341.1 524.7 524.7 524.7 524.7 524.7
+850.9 472.2 550.9 734.6 734.6 524.7 906.2 1011.1 787 262.3 524.7]
+>>
+endobj
+650 0 obj
+<<
+/Encoding 7 0 R
+/Type/Font
+/Subtype/Type1
+/Name/F15
+/FontDescriptor 649 0 R
+/BaseFont/DEBDVY+CMR9
+/FirstChar 33
+/LastChar 196
+/Widths[285.5 513.9 856.5 513.9 856.5 799.4 285.5 399.7 399.7 513.9 799.4 285.5 342.6
+285.5 513.9 513.9 513.9 513.9 513.9 513.9 513.9 513.9 513.9 513.9 513.9 285.5 285.5
+285.5 799.4 485.3 485.3 799.4 770.7 727.9 742.3 785 699.4 670.8 806.5 770.7 371 528.1
+799.2 642.3 942 770.7 799.4 699.4 799.4 756.5 571 742.3 770.7 770.7 1056.2 770.7
+770.7 628.1 285.5 513.9 285.5 513.9 285.5 285.5 513.9 571 456.8 571 457.2 314 513.9
+571 285.5 314 542.4 285.5 856.5 571 513.9 571 542.4 402 405.4 399.7 571 542.4 742.3
+542.4 542.4 456.8 513.9 1027.8 513.9 513.9 513.9 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
+0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 642.3 856.5 799.4 713.6 685.2 770.7 742.3 799.4
+742.3 799.4 0 0 742.3 599.5 571 571 856.5 856.5 285.5 314 513.9 513.9 513.9 513.9
+513.9 770.7 456.8 513.9 742.3 799.4 513.9 927.8 1042 799.4 285.5 513.9]
+>>
+endobj
+651 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1202
+>>
+stream
+xÚí\MsÛ6½÷Wð(„H�¹ÅIœ6í¡Ó¨ÓC¦Z„$ÖÉáGmÿûR‚>,!	vjkOú‚¡™÷vßÛ]@v\äºÎÔY>|q®Gïn<»(ÂÎhâàÐÁEÔ}ú>ø%KøÃÕ�o�O�tðmÆ…X<%ƒë&ušÉóù<Î’êjèÊÜ
¦äêïÑ×w7ØÁy˽‡íWbgH#îlÏ|¹}û¸Þ¾}ºÝ¾}±Ù~½'E„.ö”[Œ[î‰V+ˆ¢(xò­ØGï,¡›%
b¡ã®>b†åƒ·ó
+÷fçþO»üLBèo ÄQAk	éð4ÄC,XPµ\ò¾ÃÓ>MïU41 é…hò–õ]Ô·³˜z6¦˜Ž©å’½	‹4®:TyE
+ªÞ4Öovè`
+ý5Q¯¾]÷Òq;íp�[ÃOÉp/.
Ìßì0ˆÒz!íÖ
k†Z”]_R�fI7!\DÂÓ2âõ‚yNb°-^›Ä8»,+oKß)…ƒ©DÄ(ÎW¥ô>䤭ôŸÏ§_Spw@bk_¤n¯Üì•ûq,/»Q!JG½wqÚÓe"Dm‰³Ç„V_ƉÒY=pVÎJŒœu,ûuPœÅy>/¦\)ëƒxÅ
—UÓô£mi�]e™BÞ�áBðšwð¥.òƒ×�ï™ý©ï¡ÀÐu¼fmÒt
%!ò�ûž·9DP¬çïkîáäSo
’ð±ˆK®”ä$ù\I–š‘¤e¥ÅŽ’ù&N˜¤U~Ÿ)‹k
+ŵaqú½*ó¹Weøx–+€Aœ”Ô3ўŷ‚Cœ×]­áÿÆ$ÞæÐШ£ä|°¿ ì«hHk€ýD{‘—5èùYz®m›òd„ßôÖ4“±jžˆÃ#‰¸¼ƒîî oÇ“)Ìd
+ÃÜç?&=�!’‚/½2åu^ÔÌN›-�nçå1Ô®0A’ƒŸ»´´ðÊÛ³¸š�hÓp°ª´iÝÜÁE4�°sQì6»]¢‡]^I›¥U�—�6>ÞlA´sð�•z/-—¸GËe_õZóO~[AÐ[z­»H¢þ«ž”»T Å&)šihkΑ´åßô¬ÞíáÚªiW¤ÜKmÞŽâfÑ:`C—�æ,ò±jRgùšÙ›5Ž§×ÌÌlYäÓ¼±3´¸°^àéZo+‹þ]¯;E^$à6�!“(Ê4«'�v@+îESÍwâÞÛ+Àï(eì—2$0¨ýÿЫ}ÉcP{«S#	ZÀžgâQy�ÍtèyA·Ù‚ý�×ziÉë¦ÌÀKÏòR�ºl›Øozy© ‰}å÷±‰ÈT³tRC�c£Î!�ày
€Û™ø&B_åM9æ ôç5M‘Ql7UÁ�øUÎ%hôÇ´Ú²ëZ}¤7ÓšW5Ôê6j™Iä×éœW êVl44¼ŒádÜjœ‡&fZ?`·9
+02Öìª6	ŒÕì·U‘�±þ©7ÖF¤óŸÎ+#}×$Ú›y\Ý�™¾œ™6™ú7�¼ÉK_T³È*‡¨>%ª#“±ã_zA¿�Sè”ìßhr>�~úX¹{j
+endstream
+endobj
+652 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+>>
+endobj
+644 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 652 0 R
+>>
+endobj
+655 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.ц&&šºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚kF=
+endstream
+endobj
+656 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+654 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 656 0 R
+>>
+endobj
+659 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 691
+>>
+stream
+xÚí™Mo›0ÇïûÞ
¸~Åöuk3mÇ•©‡(‡*�‰)I·IS¿û†4‰ �ò¢Å'GðÈ�ôÿåy ˆøêãø�ÜŒÀ*’`	0…Š�äv|.géï0¢”‹¬:Yp?O‹¢úIƒ¯é*]þ‰Ò™yòJ,–³U&�0ãá$ùr3ÂHj‘vŒAÄ”;N7NôÙ:Ñ?''‚i'Š'íÍRVÝl.¦R^ßü¾± @Boùƪ]¶1‰+!Pý†¸ã ÿöðL·Ë­Q’o”ÄŠC7ZJ‹VD�Th`ú	©�Æ°}^ã±cHwˆ¡Ë“übÀYŒdkÔÃĆ„•€"Ö�8Dqm5é…4™xHLJ„\”$¢6ûÓA)Þ±ØN}B8Rßeg�óBµsž.¤²EE¡zî
¨g�êT¨Ü¤°áð±—Ôôq•Z°ªê\_Oq
-°¾Aènw€¡-˜Û^0³…«&1ú6,W[¶œAÔŠ¨ì~»íñ*­[¥3Bøa¾Í®ßÙm
†Rìiÿ&„@Î%RZ›ÜÙA¢ÁЊ_õ:-òÌ™º¤‡Þ–º�mêÒó6�ì*†—ý¨²¯§^öjb6=£î”åýc#öcãëÆFþª¨ÈK›
‡’Ý}»Uœ7‹Ä>ñMxdOåt�/J‹•Îîè‘nÀ-–º\AÒ®1ëÈ<*eÖÌÝÉÇÑûøäsªäcþÿyé
$÷ÝA²J‹tº¶Û&õ²žô5ÁE"–Õ'ŽÁ�RÒ�a=OKß»ž|dXç?Ž·¹¸®xØÞ\t|lÂá[w8<•ë¼°Ápˆè…—Ž3F£3ØÁeÒ>’‡n$¿æyáˆ6äÛº_ìé§/#—ÉMà.y÷ƒÅ�ß
+endstream
+endobj
+660 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+/F10 331 0 R
+>>
+endobj
+658 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 660 0 R
+>>
+endobj
+663 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 100
+>>
+stream
+xÚS0Ð30PHWSî
+N!únF
+†z–†
+!i
+†
+†Æz–&
+!.ц&fšºFææ¦N‰ÅšºÆÆÆA©i©E©yÉ© ®‰†obž¦‘¹FibŽflˆ—‚k®?
+endstream
+endobj
+664 0 obj
+<<
+/F2 13 0 R
+>>
+endobj
+662 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 664 0 R
+>>
+endobj
+667 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1390
+>>
+stream
+xÚí\[sâ6}ï¯pgûvFZK–-ûiŒ!î‚ÍØ&½M'C‚›xÊ­àl—þúÚ(ˆlIÑ1œsô]Žd$ʲt#-šR-øÔÀ’¡�¤à/	éR A¤ þÇY§‚õ³Þ´7ãpZ
Š¢œõF}ö䢢ãäZÔ»„é;øÌõÃ®+gˆÐÊŸÁÏŸHBâÅÜ ùJ$
b@ý~zE^Ÿž.§§j2½±>=%÷Ó/ç$P!éœlJ…BE]ÌùãýEÒ¡¡­}kò	YÙB†h�ê’¼¸+QÄðÆ+”í08¦Yž¼Æ T DF¢ %ˆHãxÈ �jÀ:ÄÚbÔŽªÇL}ÈbŠ
+¦^ˆ)ÆÃO[˜"#S¯Á”"CD£>殩�‚©£ˆ~ wM�'˜J‡	²ö&<™G«,>çöY,­W^ZŒ©/¹L}L½S’$ØkDú7¹
+N+uœr1”pÒeЇ×É_t"kœ%�Pt
*,³]
+ÊŽbqɹ‹KLSÕ\¦zwñørÎî†!Ç™J Î"íT¾“Ù(�,qÖ·wG
+³1j¹8תþ90–ÓжÀGŠåAgሡ4œá¥ª¼Í³$ÉPÅ°_V½¦ÉaOTˆñ:öò;ˆ:¢*†*Y"ª•AôB zHDM·Ý®:u>ëPGO‡ˆ78ü”ä™Z?Ëá™L¥¢—ä±)˜—§‘ÖåáýÕ2»�í:—~àÙN“ÃÉ葃~4`?ÆÀPWeT	Z¶c9nf‘¤¿ó"©ŠžÕ®湈se✲ÂÏw»ži	î§B¿[óÏ­V‹oS•´È/'Ã7‘NxýHpyä.,Ï·�†+�Û	9בo#òÑ"ø]…ƒ
˜Åó
ïQR57ð�ŠAÄÇ?=õØÏ7‡%¦0­j¶Ïq�ú Žç`6	¯£Þ\ßö¦³ŒjNƒ
+:®^Ž+ã$ê㟞½3ª±jò.
³hv¹Þ©&�
	9áõ¹Öt¨à‚¶sÃL·Õm;>ß±-vN0‰ì5“üJ�‚Q“™¿×ãá0Åà*¼‰FÏ—¯�Þ6_Ï×12SžíÎ¥ù‹ëÕóó�|’{EòM1.°L{çýü“Íà~!-¬ÎŽk;�PçAÔ™.ôšgU¿ò	‰â´r:	‘C«é‰Ù�Ðò…òvWYfçÉ Œ£ñüsNç ŠÃá	Uâ¹Bò¬Në7‘ò“‚^LN£oá4Ã0NТY³¼õ¤„š¿úöÞ°n{~P5¿fî1=×òŽ¶˜´RâíG³ô&°Š‰κöÜ-ø³‡I„Pú»óU¹r,¬íªûQ�nÀpÜÅ¢Ï\ô[Ó�Õ®š|)ƒIz#ÔÉï¥ì¯ç¤8ÖÕ‚�
Žëüïp>éõ…%QHª,DZ]»žy~L7æ÷�Ï�ì÷I/uÌ£�ˆ°Å˪UklO`
ÓªÛ�°Ü÷³ÜÕX
»é¸ž%,÷-÷Bá¢ÑuL§Ú¶D›°c›ðD�ÆNY7·“fË­=!ráN­Ü©BBnzn·ã‹À|˜À¼UÕçÛU}ÍâìMza••µÊ˜¶Ïm?0Ûu‘	wÌ„Fa�]'ðÜÖ!+¾éƒO‡�"E[ŠbÃn‰z¢l=QX£)º¾ý»%š»�cy…Õ)
+®Ü‚«�Ó4?žÎÁdÎÂé·LÆÑ(~ûÛ�¸èBÌ\„"ÌíæVË4°ÛVÃõÚUÞlÑ(ÔŸïÖì×`…?é`@½dùâf4ñÂn}¾Ûu™ToÇÓè¿ñ(î
Àìz:²·¶N4
+º¢ØÛ%
+jòýÿŒüð?›�—
+endstream
+endobj
+668 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+>>
+endobj
+666 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 668 0 R
+>>
+endobj
+671 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1319
+>>
+stream
+xÚí›Ùn£H†ïç)¸Œ¥¡šZ à’¶IÂ4垎F£�àÅKdãõÛ·³¶‹xIb×YÊX|uÖ¿Š4M¹Uæ—å3ûtŽ¨
*¬¯@S�XDa�Î 1[*¢ÔÔÏ>'Ó»–Š1>‹Ò~:IG×iù+9ó“QѳY2hýËþút±bË(ï¥_
•XÀœßî2ˆY×ö�ÅB²\ˆM CE›/-R­º êŸ]jÿ÷þ�=ߥB¢/‘@ÝH_014ž-´( FqÕ€
—xÙU(ñ¾¯	Àä^dŠæ«\n*ó.>ƒ+ÎcŽ=Ô�I¶bÿžøîëk¹í1a�*lº.býîE7ˆ'8綀èåÔüßþ.¼Á# “Fñ$=Ìru˜æ	�ÔTŠ	¶Úÿq,‰Yz~õø²ÎnØcQ›ÍE®¥5 OÁé7@60 V3ƒ�¦ÉäúNÍÓÉ0%ùx2å€[ÐñÞ€ïGE£á—¦·"oáùª/óÖ}úk˜<p¨�^í䧗¬x5
F›�µÒËËUÞÆÍðìî¿Àtc¼=½ ±*ÙQ
+°Ù(vxíï¶çÕú‘> è¨Û�çÙÌ‘uÅêºBœ¥ìùöÐR£ßx}'Ží‡ïìttô¡bòk›1LÍ’þÙR1AõüLZWÏͳÛó�ÈmKWßÚÕÝ®Ó
d†:D†*Pó�È£&qĦºƒê
sg¡ˆ¶æo,‹}»}¹2ÑÉ<·:ÏAƒ÷m׫m:LÙt¼ªéÓ,KìíK§ýEj–›5K(R°•DC›]Êz¸aœ3Øa2¹W‡ã›¬Ÿ¥7ê ¥G®°aa*Ó_ÂÇ}�å&›¤×ùx’ÕÀ�EAðáß—OI1ÀM2¿¾Sï²››t¤ö³AÍÙFÃ:ôí=„Û}Ëçn&͵?HneßÄÅDÒ`c5x�ðïŽT¬·ë…„Jà dvt!ÛέP‹e×µEõa¬Úív$êCXu\Û·KÔ[Z5¢ XM�1_3žå+6ô"už@/Ïˬóe9W_| jæ1ä‹�bVušþ�ܦêõxø0Hól<â‹`j”Ó“;׵߶†C0‘XULª®¶	S”¤�ú
+E‰T#¶¡:1³Y/Þ|àrÔ“ˆë\ �	±ûÍ»úÞ¢Èi3ÞÓ G")ñ¯¬7£ºéð»œ[Ã~È
+õ}»¦ 5(0�k¾�7U˜V3f1¬�ÓÖ?¢Vó¶…Aƒ9í%|$áþ¢<ˆ±„¿{ø¢a‡Høo¿F.–ðw¿n¼ƒËš¯ŠVõÔUË•KàïD!:±W$ÄuÏ…DNè]í}²éh%9ñɦù’x½–;í Û‰…_
+:…hÓä¥ $bññ¥S7×/-þ�DjÌ9ð dñvçáG;ùûl¨IЄ½¯Ò„bÂðéÝø?5Ô¬¯&ÃÙíl<«™åÑ  ÂâÊAi½d`ée)ÖD¿Š`6ú=òUÃÀ¾¯š{xˆ.p´HÚl}ÒfÎ7VT«¶Û­SØMúáF v>Uˆ–Ù”·4¤¡òUÆ'–ö´ãòÃEÂ'ôœZîe›â'1|su}ç<ˆ|›ÉŸ5'>BqŸùA�ÉD{¸DËü°ÎéeçߨóÇ"Lo½Ós¥>¶}Lho¾®ß›ŸÙ4û1HÕižäÓº‰�r�ªî=T²œB™kéŠÃþø¿‘$½
+endstream
+endobj
+672 0 obj
+<<
+/F2 13 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+/F1 10 0 R
+>>
+endobj
+670 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 672 0 R
+>>
+endobj
+675 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2086
+>>
+stream
+xÚí\Ysã4çS˜�‡–AZë°lÏ0lw—3<@ßX`GM<uìŒíl»0ÃgGò}(®œ¤mÚò”8µdÿÿûP
š¦±4ò�ïŒ×—¯Þa™ÐEÆå•�èRãòÍïgïÎr¶�ü,ˆ£s@>û!Zð[ñQÛ:CÔ=ÿãòÇWï��lˆóõ@l‹@]è”[¸í-lZnQ­£�P¹®XFlH¬|Ý·åÄp ËZ;#™›ßâÍã${Rröþì,ߟ—kh½ÆB1ÃÌo‡çÙHõ�§þ
ŸØ.ÙVM6¢¸$™ÖHä	@:¸€Ò÷ù&añ
+Ð_øMu‰Ïâ¤øùWžm“H
´x"¤#HNŸ:Ë‚¤|’모³¡Ý¥.¼ðÛ�-:4*q)Dx"*}4\š´æ¶=P¬šÛR·
+<^@«UËÎo˜{þõ�—,€¿ò’B¤†Íx9.´Q/ó4UdzÈtøô¤©gÁCžñ#)P¿nçñ6Sé‡@ßtï´D{a1ÐM»–¤£ÿ5M×AvTäÜ°›4*ô‘(H;Š)£6tHMžNÌMœ,*bf \�Z€ à,ÞJþÝx{™ÿpc Œ…�`’ykAª)LOu¿åÞSغv¾[±›šÅ˼yû³rOlRÈX³gy]ïÙzCâ0dÅžÁ-G:È‚
+“lˆ¨.‹ŽÂ7fB¦Í7Ôå[—e»¬~YV‡/ƒ(
+¢%ˆ¯À*H³8ùØ`ô•J/1�Ô=†+Û“JæBÖØ!SKuÛTvÍ�§"ÑÖ�žŽ·V¡ DÕÅ}VwÜsÁêÆ=_Üåž}Oi/ÍÀõ|
ÖžŸÄ�“.Í5WJ„%ÍÒ½8!-,˜™™úÞ&ÈD÷7ï™_¼9Ò†jš…Gµ"Ì´¦¹hfx~Æ�r/ñW�fü¡Ô±Þ=ÈBO%v¸©¶®4 % ò�\ìÀC$
íï
ûï.´Õµ&Jr(^¤~ÂyÔ0/Ty7Š4üH
Õ£%&a•Lqr~¼ÞȘº‚g­‰P“’]Ñc2KËÈÊ¡2®®ÑZµÀBòE厗çŽ{öíkõ¾�˜´ö-®›#Â1Vì‹œ}#6&‹0'åÙ»�’-u)e
ˆ/k‘¸7þé³°wtWAÈ#oÍ^툇lü@õ®©�°j”îIþ*N³.ùß¼$òƒ(‹Á\x>ž6üsú1ÿ4*·)OºLþ÷%1ùƒ—Þ<l‘ÿù‹ ó(3ÿçßcm ®âD‡§]¤ÖÇ#áË Ž€—æµ¼DžžÿÇã•ú"ßysW) Wƒ.JUNaBë!Sÿû) Èœ¢UVÔJœ[�8
a�fÏJ�èVqüG™‚t#‰1 N+”в‹`dÀK–Û5�²né6µpÒl<ú¤PHT•
+¾,†¶S¯Eʵ¸^›k$„°¿	¦òKµÝE™’¼à ”á´m3ÑÃ9Ý„ÞG�®x‚<I‹î~·ct
><r»ˆiƒífÃßKyŸ–ðJ.ÎÀüËâת‰ävŠK•ÀÜI›i#
+`€lôØ–ø4!µN0Æ9±š‚Pc4­·ˆo¢œËÝJr¨n0YîýŒ3Ü/*Â}Y›¿‹íz®Ê�tÄ%È‚<·‚iC”7ZÆðaºä©ÖìîèXb&‹�ÓA«²ÚÿåJ	ÑÇÈ[>h
+]ýÎîp`�˜y/ÇÄ‚… IÀÂÚ@Ì‘
Ky­šX¨P³/¸<wœA¼¹CÌÚ;?¨ÄØ.¶Æ{O.XÐuöЩA”Cd{µ37ÉAÒ÷Z̆´H½ÞS/Á9q{1|È2ÒŒ€ßr;,S‹(èðƒ;Qá[§e�H�YæŒ\¼u§q܉ÚÞŸ«
+ý>»y*&mPi°Ú|¶Fá(çH%ª¡Š¯ï³òr_Öl¼òbjŠÇ`ú‚«Í6³ž@Œ¤Ý¢ª³¾Ñne#7·þÊ‹–lâ *ŒÁÚK®yЭÒPx€J)²8›
ä^U\B�âr4{ÔÂUµÈ±yGe~Ç ²ö+PßM¦ÈïL¤ÞVâ\‘Ñ~íp5¡í~ÚIÖþm÷>BåHEÏ^€T9ÏŠe�û>Kñª‰BMCƺÜM÷^ëU³f"„,xÿÝP„cË0ž7±iFÕqùøhº´	¼ül‹N\^KNNxy` MvmÓ¿PR�òé”ÇuˆêE`K4©·âe™¼@ mWj”ìÇnÏ( *{0Ò²
lÜùáý÷£‚_ÚÀܧO9=‚,!B‡’�×Ã�:“büŠÅkÏÀŸJáuššôªnŸT›B<MW+RwL«µqÌjŠþdtŸŸ%‘¥g£ñùiêh棚D)O²<Ûnµxfà³ç—¬iIƒ‡tÒmS=_<QM4¢¤;Ÿ‚ï7üfv�-ÎÀ_Jc� =‰�­FíDÌÖIÄ~OÄg²®UG|�úæã“8ÈŠšZ=àJ.r°Š±‘‡¨Ô?>ŽwT걎)Ê­â�ßàˆDÉ|BªU¯Ðtyêf>‹­|*KV§“³Qß½ö–�çàÉËÑM[G7…cÛ‚þÁ•žæ`ä^�4»ù¯
M40êBw¡¿Í†…­è¹8�Ì"Š#D~Âeå…`¼8S‚†Mh–ƒ+ì‰�Zz¤Á4­’ÙgRÂå ßɤÍÿL:>“Œ·—Ÿüí+)
+endstream
+endobj
+676 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+/F11 414 0 R
+/F12 417 0 R
+/F9 84 0 R
+>>
+endobj
+674 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 676 0 R
+>>
+endobj
+679 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1238
+>>
+stream
+xÚåY]oÛ6}߯P�a°�’á§>ž¶Õk¶6îðc3±PYr))N^öÛGJ²$[´¬¤‰ã¶O²lŠº÷ððžsiA„œk§¸üž½!F0ÀÎôÊÁ¾ƒ)˜3ýíŸæhˆçù|ôJ¤‹1 ”ŽÞÉ+©d<“æ–�ÎE<&Þ(Ñøßégo°ƒ¤ÌÌô+°Xýbº?«ÔñaàšåÌ!.G$+©D&�ˆçàZf –·™~
#££	H>Œ«X=&2ßAÅãp°‡·.dð—(àun]¯z?F^'E€
+±«¯"¯ÌòFªµ
+užËdn`dTçgIÎG�Óý¹=4Sò´³ì"„1�.­!Â]žl ¢â ö×Aª¬’4
/#	fÉriø¢¯«Hfa§
enË�/lÌq=cÎnFDGѬ9²æípÛaš•??ïcvp2̦ýYî,ÊUÉX,­éÖ«rfËÚ#�KÖ}Ë� Ë†.ÇN ‹$ÍúË	š§Rô¿ôF¨Pìazè�Ϩ’Wá-XÊLlªÃõc<€œë’SÊàÂü_¬MUfLϨ÷"ÎÒ	<sÝÜGÎE¡©˜8º¾xU/ð8x1ã닉}Nσ<hÍYÞ×s6.东“—s†�ä)ä¾á2â^?Ø'!15A"·^r>¨ø*y&y
+aš%ꮡãÊÆCD�µ AÏ“~
+~`¸µ

õHªZ{{PR?çI&ç Œu©iÙ®ÏåÇD•°MÀ�
4ÜR‹{&ÿ%ìÚÆkÙÁ~¯Qóî 0J%…A&Ì
+iëŒ	PV	çfÏÀu$܇˜Þo¯(9Wb
f¹Ò&?Q÷9T³W(¾§I9N5ÙÅ"`�ñ*Ò °AáAoK)tÕ�*• •BÍÝâa]ría¹ûEÅ㾉¹Z;¥ W‹Ä¶×öÜšÍ7Ù€ðNQ zÜ!>†..]tK‚Æ�nä;•ÑU«LüÄ˲\¾,¿ùµºÇÕý‹ê
+!´±†HØ#KÎ.\÷ø¤SmDA¦†–‰f`)Ô§†ó6+ìº0 GlTž�yê’aTƒVVÐt!£ÈÛ•éJ·÷ØH«vŸ¤��Ùðy6üpñ#ºŽ|ºœk–ÌTÒ±ù{4CóåøÙ‚À×Ëívú	‹} Úì—¾zÚ_+²0šËŠ

~²[ÞÛ#:¨Ç*/i³1t§”ôÉ”ˆSÝ8ê^q!T«KÌ,ð>tùI6,§ÁñÐBëí ±NÔ¼u2ô-"asã’’ïû·SÏ[eæãnkRÛñ܆ëuãäÙ·[¾bv¿-•Ç¡1­"B]çKmá{Üû×J$:‰ÛæRå—Ižõv2Úþ“ñºYâæxh“>œ¾q`¦3¡æͮɿ—ôM-ÝYù	X?Í‘ÏÓƒ°uä3„ÕLT’Ò(J>¤ÏC'ÖÒ
s ÃÿhÒrS
+ïßûäÆ-~¾q«ù¹³@ÇÜâ�æÄèˆä9¡s¬Ðä
5ë³WC"‘fF©zÂmI?÷�6úǯVý§�hÈž,ÒŽ³ÅvÖvniÕÃ_›aAì
x¬’UƒÅÝw}Ä@«?†~øûT4Ÿ
+endstream
+endobj
+680 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F13 636 0 R
+/F14 647 0 R
+/F15 650 0 R
+/F11 414 0 R
+/F12 417 0 R
+>>
+endobj
+678 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 680 0 R
+>>
+endobj
+683 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 2153
+>>
+stream
+xÚå\M—›6Ý÷WxiŸ“QÐ’–M&“�¦]MWmŒMÆ4|§i}%@€-	ã™ñÄ0+gbñ¯ß{÷½û®<ó€çÍîgåÃûÙ›Û×7h= àìöËòÄ@�Ùíõó·i²·Åâ
+c4ÿ˜¬ÂïòŸ�A8‡.þºýôúÎ ¨¼ôJÞήˆüàjFë«õ%`¢.©¯ð€/ÊK~®_Ag¿sSõžPù’ Ž‚\Þ“àyø}$y”&õU¤¹ÊÇâ™W^Wò-ï= Áÿyòg¾Ë!<àëOÊ°z^‚%`¾|ôñ+в¨XoÂ"ZÖÈ}[P_B¹
+|œ»ðygÿÄ��ÈÅÀ£d‚Âì 8ÉSÀÄP<.&ÆX ‚Õ¡ã±òªÂ%_‡ql¦S8>AŠ]LÞ™¹å
$zÂHã•ÄæÿæFˆÂÇ“GÏvi†Ò@1bÐDƒ:@ÐòUoŒ›Å]°\ 1ÿzŸ¥»de|7’¦è3׸xqÂ
"õÇçNÞxäëª,ÓäODÙý.³Sc
+þ‘2®Y)}5�@(4<²«Øc�ž(É‹ ŽíØøðS»‘
.)$s÷!URºË’°�O(äQéxI0>´q¡^ËдÂy`ÖÅò.–áÑXæ£pÇÙèÙ×`AæêòîvQ\D&@ˆ«¾”úÿnÆÀו›Ô¬ã1MÍo�Ró2ÝlÉÉ2†Ñ<\Eòû¹7ª‘ôX�“_dcÈöe.öíÀ¤R=\îìÓ]N'þxêm$BãÜ btCŠ‰	¨ܸ«Òía²Žò"Íþµf•¶Qöy"ÈL'PÓƒ`W²‡O™œø|mk×0›L+bL,NK²|w—Qa/A
+ë f
+Eø:”XE´±±•/ìýÖè§z³íÂí¬Î]=j
YþJO�›íâJf›uàãëUmòZ£öˆÁÀ$ªýI“Àœˆ„ì±è¹ÇÆ'ˆ,3«0 º@ïHVi$”L³µe§ûƒ!e
e èJñ‘Š«1‰%‰›ª¢OÔ~æ\¥æÇßŬ8|bbÅiUoì!åµô7�™Bvv=åÇštÛ¨*Ëa%anM½I‰zMë;”¸»àh'®S׋ˆžŠY´ÙÆ¡9yø£‡%ÝÅoa‘ß.y_î…‰ZTÐ^ä`Ýø
+<mÖ?=Q&ê?Ê0«…½ÜVÝ­«4®.JýíÂ1CåˆC¦±|8ŸðVëÙÝHÜÊTÌÒ¸ÊÅTQ¡˜‡Ç4³ééTŒ ‚­·¬>|€Þ+´Kèú¨Þ»Š²pYÊQ¥â›A)½|5QF­Ö<*Qþô(¥ê´dtÈÆûÝQ˜µ’^‚¼§±ÛÛ;™eä<`’v pËç×~‹²4)yWÌÛÖòI¹XN’ø-ñb社ï{U…TÇ=e°ŒYqás¯}LÀŽú~$*2¼t`•˜¬Â<ºOä6á�á	Îœ¤ÝþSW�Ò}M¢ª›˜Ü’˜ò”�`Oa«MME±IëuJ}�ŠzZ*‚bg†‘%nÊ"�³"áVGÇu©ÁZ™ç²	Ãû�åÚü™nhŠýÚCÖTŽ§¤Ç)qf=Ç÷WxDÆC›f’vf„ÜIºHe¼9º.„Ó3yuÖ…ÃãG�¥q˜›Ð6¢3>)a±)ù•¶�˜Þ©O€g�¥m�I`Š0³äÖ3ÓY:óŽ«
+šìÇ}ÅÚ'~ëÀA'Ùc¼o¼òE¥ˆâUhì.FHe¶EsSX¡ézáT£–…¹‚-?Î[‚´D8*�ÙÃm;cIÚ:À¢w¿,/§—œ\&
+e—A·h‚ð*IäÆMäˈ³|úús
Ôûß~¯šÍ›§ó,«¿®ÓR\îô è1Í?GË0ÉÍ…2EáIZáá{D¼µ
ClŽUõ×­6ŒM?€’I˜ÎQߌè⨵éccÑÁÜÑÔ¨]™?ý‘í]íMá	qw2Ö«_Žs}�¼vð·õ
+ë}I³Ðu°‰ªÓ´c뙞|äEªóvžoªcíË.Yºtìcea˜ä1>Ûî§ù¤�!Øý«mÈý[¿ãoù)§R*Z�£Í£\ä^JaæZa6Q£¼×�3!fV+IÚ#3[ÁsÓ:Áß=‰Æk=#C!RöB+}Œ?¨i„
ê÷¥iE¿jå¨PkÔëTåê?ÕEZ
¼Ë­Ò†£;€aó³ò6%‘�**ÐZªøè¢
+\>­ê+*çSÃìsÀè­x'ñ¶rŒùîƺ
+Ú(‰Š(ˆ£ÿ‚vW5Ûuga°RN
s ô0àè"; C(nÍÑÂsõ}½Çµ‰¯í	òêÀèÖcŸj,s5Ì‚eÇàŒ 
¿8§ÉC‚´c$fîë Tur½¦Ïñmܧ8@ZKñY¾Ž&Ž”ei¯4ÕX%A%Vê"eaO>võÛê¢Ø³¿ÚwØÓLú©ŸIÿNïÌNO7:½�j 4ÈZE×)\)صè^†³²–ZÚk�Œµ>b>!¨=‰­}Üb/ÕÕ6ÂòÕ¿ôû×(Ž+Ø3ÛQuZ‘¾PÈ‘-›Ææ�¸sW«ð­M¥XVèï…­_òèxvÖgÚñRØþf^…¦[:«ûs`ÇõêÉM†rXõØKûÍ'þ`ç’:–ãô>Jú”^Y¥à…opžM
+‘€6gã}6$ íèMPT¿¸ ËIÍÛ PMŸ)ÑáöW¥¦&1¡ŽyÝmÙ„õ!‰u ‹B…}Ý81.³9D–ˆïnúÈɽh
+endstream
+endobj
+684 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F15 650 0 R
+/F14 647 0 R
+>>
+endobj
+682 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 684 0 R
+>>
+endobj
+687 0 obj
+<<
+/Filter[/FlateDecode]
+/Length 1484
+>>
+stream
+xÚíšÙrÛ6†ïû¼”f,„Ø�ËfÒtÜ™,µ5]¦í-ÑšTI(Iß¾‰JŽ­X¢{¥‘
Ë£�gùÿs„ ƒEP½ü¼œ¾x�	ƒémE1�$˜¾úc)Oç‚Ž^Får<Á�®âÛ¸ˆ³YlÞ’Ñ›(#>ZGéø¯éO/^À‰ù¬‰þ0˜	Dõqo›4@2s¢> ÿ¡êDÝÅÍ!²9„ˆ9VÀx9t½ ƒxï?8¥O±·Ër
0mxaóë`‚B0פCÀZÒ*ùhœyŒŽÒ([¬£E\Zø™þ8ÖÅž•~h�Ã�@ã68XƒË•F—g†q4O“ÌŽZŽß´gu'DAØF„àvÚCÉ
gÁ‡€ãêÔ»žÌ¯Oä+SiFq©¼hØ–Ë8M-°TŠ‡_,ê
�»iý%ô6R·Ðßï…¾Š
+]pU\Þh^EY©cÛb.h/stšÂB‘i4õ×€²Îð6X·¾¡b×B¶¥uÀ-eF
+
ië$¤6F´ƒ±Ig“áb”—‰)Ÿ‘�Ø2”}]bŸDY9@=T ›JYc‰g‰‰·•ö|òÎòMK„ÌH-+XÑé-I_ªÂ𤇫$ñ¶¢ ìÏ%¥C&«™ÜEj6Ö!³L²…Kv„ìAXN7~´îà=¨šøILBÉQìTe›&yöâáñþ­™ÉVÙùðûw×—¿Ù.M»<ò­q`~ζgh«¥¼ö¬f\¥û›¼js;˜©VeòìJà½?Å¥„a›Ä\xA‘W…`—e­oE¾^Ù€ðÄýíã='&ˆùñŸe —¯ì.
%'™Gä¦}–À÷çV®oJ•¨µrj˜Ëf�Eë±¥�N¬öÛ ä•6E¾Ð’ø.ºIÍ7ËïViìCä‰ø¯Ýï+:‰¤½@û}1€»eén¥\ÒÍü�H·‡ëbJ6š4búyï´ãŸuî䎑[¹<‡áña’…I@[kË|’¥ÁÛØÚïß^_ºFw‚ÛÎ>ý§¸íâÛ7¹»ÚËWÍØù¢î*ËÜÂOõ•×¯ë2vòøÙu—k†¢õ)ÞQBÏ“"ž9;	¡_=l:ß0µ«,ÚŒ¬P=²Bè˜@d±Œ‹�&¼âyWŸÌ›¼˜Ûé-™ÌŸ=Z;½ñ¶�ØR�°–£*’™ª)ú–L'ºp…´e4Lø½á
<µnÇ_¥ŠÔÚÍkÁÀå8î…‘hŒ|ÿrHg·¬‰^Û-FÇ@Öý¥ŽÎŠwT$jy§õøÌŽVÏf~€«a¼ÓräÓµÛuæn<”‚ž§Âm‘„Ä&Èv	–³"Y)Wãô¹©u×
+N¶™‡‰Ç�cÊM*W6ÛQ;ÿ¶Îó4‰„Ò¿²ëRllM’ñ£â"šU÷gäȦÉøŽ�‡ƒëÚHnÜ9“^nɵæEˆÇ¼Î5°½Œ½/à[§B|ê²a]Åè2ÊŒ7´ûø+šo=zĤ³c�Þm6…Õê½²67ë$UIær6=¥[<þÝ�Ò›K¤+жOnxvÑ©¨PíàODyê¸9HûÍֶʩÉۯϸWñ¬Û0Ìæ&i+ðç7¥KmSþ<.bb7khìŸþš6TÇã´ßΨ$�ï½Q¢Ë#„ƒêÛ=呵zM·Ê?TcŸÌÕ‘b$)ž¹ØêLGop:.ÓîÝâ掶¨ïh£ž;Úf×&ÑÑ\ÑcÚñÒîµjÏlBVçõ¡_ú“Y[ÖZ™‹úöºç¦0’¡f7¸UØ~[ÓÅX6ý·Ù=÷¦†°ÝÒÕ·Ù)á!Ýæ×þõÈQ¸�ÿ{žCʧ€Û‘™×
m ××,Vi¢œÛ^-å>�gp|zXî^ÃØÞ¿÷‡÷¿†t”}بU¶çtJ‡8>üZU[ƒE="ùaúÝag9ï
+endstream
+endobj
+688 0 obj
+<<
+/F2 13 0 R
+/F1 10 0 R
+/F15 650 0 R
+/F14 647 0 R
+>>
+endobj
+686 0 obj
+<<
+/ProcSet[/PDF/Text/ImageC]
+/Font 688 0 R
+>>
+endobj
+9 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-53 -251 1139 750]
+/FontName/NMFXFQ+CMBX12
+/ItalicAngle 0
+/StemV 109
+/FontFile 8 0 R
+/Flags 4
+>>
+endobj
+8 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 716
+/Length2 12688
+/Length3 533
+/Length 13242
+>>
+stream
+xÚí·Stn_·æ›ÛæÛ¶mÛycÛY±mcÅvVlÛZY±m'õÿ¾]»ªÕÞusÚ¹;íÌy3{ïÏ|úoô1çÅ 'VR¥6s0
J8Ø»Ò330óDåE´˜YÌL°ää¢Î@cW+{1cW €™›› ìf
`a0sð°²ñ°³ÁÂ’D½œ­,,]
T¢ÔÿRq„í€ÎV¦ÆöycWK Ý?&¦Æ¶US+ « lkPù×+. ÐÙhÆËÌ0³2u˜-¬ìaÿ%moîàü�´™›ã–Ü�Î.ÿp
¨þá¤üCiæ`oë0šÃ2*8üÓ
øËÿc¬ÿÕ5—p³µU0¶û—ý¿õßêÆvV¶^ÿSá`çèæ
+tÈ;˜
�íÿ«Tøp"¶ÿ­�´«±­•©°½…-Àô)+	+O ™’•«©%ÀÜØÖøï<ÐÞì¿"ü3¶0*ÈKhI(ÓþÏ-ý�ª’±•½«š—ãÿòý—üß1óÿŽÿ�³•'@—‰�‰‰ùá?÷>éÿ—nâö¦fVöUWc{3cg³ÿ•øïT""ž>ôì¬zvf33+7€“�ÉïÿªÛ[9¹
¥ÅìLLLœÜÿΚº9;í]ÿýü³âÿŒÍ­þ™è	4…ÍÎÁ°úaHG@ûhôзL¢Ù1½¢Û]r™ÁþT€9;vgÁ°jj£ô°†ðv®“þBE$Ñà/Ï›Ð÷d0èå…[ý“Æ|²Kw&ö˜~­E”±÷
+Ón¨ÛD[Àîc�´ugVàêØs;LŒÓú¾<êß³nV­CÛ3¾ÖtuØ	Âcº,î!›D›køTi?#j¦ƒ†íUÏ‚ægÄú¥~/D¯°Ø,esœ€2ÿØ[«G$itcа0qN‘©Õ�¢‚’Þ„ú1³Àß
·Š±ö½A0-.‹¥à�›Þ’ìxä
ªœ››Mº‚ÛB¶¬NFS#]{’¢ŸÙžY–s,^kóyDú Áê$Æ$-yšÁã.ƒî#Gc I›ª9Ðøyˆã9÷€`˜jÀÎíØ”4«
+k9¥Q¦¿Ý°erí9‡âþÓUä\zDýî}F§[Öqï#W’ºí	€g§N¿84Û&ÉïTsy<™j˜ú¡zZ¶—Y~V”m5ßJÒp3û¡E�*å–µŽ¢4	©Œ
+ãø'ß•÷üZì©6émfØ]+3'ú†ÈÈÜۤÏÊï·"ÒF0¨	ˆ2‡;­½Ž:4túÝåÎ-ïEmq€·Êkß¾|(§ÚKÛɪ›bæÒ,ÅÚíÎÿr0zdùýM^Ù[Œï*›A¶2Hæä2¥o~ÛõRb-Ø,q¦å³ÖÃDî®2³Ãnu¹½FÅ«³€�þ³†l-#v¬p_@�ï`(>ïˆxxF ê”é%áž)´ùx„‘‘åú)iÚù#^Ó&@âƒfÉw¬P>©ó‹²Û¥É´<Žµü´Tg�ˆø˜˜–•71ÕqXÊ¥8�„×|‡µÇŽ."5*Þ±,
Ýþ†àP•nagõƒÄþR	UŸc€¸'`æ*"&‹vÃb™_h€ŽŽ’-þ
+xæ”v°ÛÙÃ.Ä&ô“.¡2ÍåtMéùÀFé*þ }wöz£æzËÞûëÎXräSØ
u
+dxÏÿ!NÕV�}pCDò7‰ÞÖ|õé;­8‰µ‘Û.ç·.ã#0’g±�`3âÀêƒàb™PW°æ“P@)QŠûïáòB«`ðIY*ëõž4
³"Ë^w–[<Mw9²;öÕKØ-7ÄÕõ~
E@	d™³ÓXŠRë¤(à„�Ž‹µ
‘™!\+ïçœ9UÓp¾¹žáÌv´{2+[ yìúx¼º=…X0Î㣟6»,›žŠÔÅ’-�ÉîئÁS¸_¹ÐfšVü¶�‘Ë·Oðì°Éa=íM�OŽÉ5$BÜ>QÙTÖð�°§Œçª%¿iŽ|µ§Å´á5UÛÙñg–ï]Ô„7¡²õÎ"ÇÒ&‹;IõdƒGLˆå¢Ì¦=lƒ¿Iშñàgm±mO°ìuŒóRÖÂñ^_ìý£K¿™ÿž:µ‚*jÅdÆ�hØ=»Þ0¨Utm¸/”Bm„b
æÀJZ…œü4�6r=}s×÷ˆdô]ž)0ûÖô»¦GmóÐv•*�õÜTõ ㊫{ZÉÈÊ’yýÛóÈ*„<!Žwó­5MYôÇ›XµW‹¥û8£Ñ{ÕäNIÎ衾䱑¢Ìzc°¢Ü¶ÞY\
+$ë³³½²ÀÞÏ_¯’ȬÀ_;$ªG¢rÀ©ý‘Û¤+I7sh£»ÂõŸÁ¥ü¨0éÎ2ˆ7”^”ºv~ìd�éP‚¼¬TÀ~vªlÕAVÈ™_Fs£‹šÚ,:i/³êf°Ê·Ø¨¡P§ˆ¢×<'¬óâkßÆt{´<Ùo6v¢‘h$ŽaXZ?J§	:Â˽NY„Á’œd¦‡<ÃP(‘®€0~´•%éBL:n
¢¿¤”S9}ﺒë9»ß@MôŠ>IV�þ`Úµ0Øj"æGúçÅU¡x©;…Ð.ò”¹V¥ŽF³›=â0Zå^{±Š¬7Г¦rÝkIÖ(±Ýß7~&êdTJ
+”KàŸ¶ÇÐkÓC´mâΓ©… Z Ó	åf[ø×æ A.¢a,I¼ó¹/ˆÂÓhq¶g¤ójlu
W/^ß–=Q²°5"Œ-ãÁ«�)•ü<i¾âÛšˆéÔ¥QÐ,˜´Ð™élª¡DyNDUy#c6ëmÕ hœd\r°y¥æÁŠ9m?*x—û©ÿVfeQÿÒÚ‚ÇQ¾	åšéh
^Aj™ÌåbkÎ/Dƒ¥ïÏ•–KK[¦|+À Í¬m¢3ÀõΟ(Op-
+s§7øn€La½u3©Côi$Vxç…Ëš‡Äšv‘WÚ›1û'¼i¼ÙŸ-“EçW7þmÛ>œ(PYa_.¿ê„-!@zú�†ÀuQ§#ŠJ:ÂK?6;b‘hÉ>‹W½U×””A
”‚ê¤ãL‚H&[ó*£ÀTl-ÕMDZUS¨Àªñå1‘8!dùçuj±B+´•,Bê£Îþô�q¥Qf+{‰ªÅÍcè8qŒñß�:lé¬ÊüjСéK�"ªÀǽú «¥B´[1e�ØKW*¸WBð­ON+"jPáϵt#áözÄ}tgj¿EßôTkÿ~[·~R”Çp9BöiÔBnÞÑÚÓÚ¡΢�X|TÈàîvIŸÿÈ8RPÝÚ¬úÊß}ÜÀÈÕ–3‰Y¸^Ú_ŠV–’_dÛìŎʵù€šÔoÀÕÍm]h#:ÀP×qÔgR^VYY<yQV‡
+C‚­@ŸÓ>KýYW¿À¹üâѲÅqNJ,n:Ô£¯{@–(Þ*†»ð‰XÅiÌÂ)ØiÕ¾ºyžD(jÃÖøôÿ‡MlVáüÌ‚µ*d�}–,m4¬µ<8¤xsÚˤ†ò¹áíå	Äqm«¸”;:üCk<îï¼èa’øûçC¥Táâpˆûf8Ù“iÆÒ3�Ü)»U°P=l–¯Ÿ’‡d—eOÀ:—ÉŽÔøê­êò­Éô(6Ù
+­ï—,Šn˜U{I©�ïí¡âòyiúvµ¤�üÓëí�usOÈÐ0æèpªÉK!i‚ì²½Ò½l`	{¡c¹ž¿TX“6È„@Ý‹„Y’ÇÀCC:
+Šp‚år‰•*ï9Ã:ØÓ—]U†ý­W¬V[LÙà%:iù�±¢b¾¶emMÐN,…²sü _—ú…ìLª•þIÉ+ÊHùö3S¼þ¹¦§Z”&¿ÕJ¸<¼‚÷Kœ¥+£km¤#•Àõ4Ëï�áì†Í9ïÆmÁè›$e’~õò ±ë•­P?®mëyŸ�h¼éõæN q†ê-Èá/º|ÿª®îÙH¨‘�¿ëüi.@˜ýÃÓL«F`jDö’=Eïg~?Jö§3É…„èc	¥/Â&ö}É>ewþ4gvyÃÖ”c_hÔ³h•Ã˜‰|h­ª-x;ˆ)ÿü}"æúƒv³Žœ
+½^ë7†ÛUH½w^lx…;
+Ǹv\{R¼Îr9Æb'×	Ý
+&òròD!O~þ(^˜v«V¿jÖwÍP H'Ód)“¬e¦Â¾¶dûEó6¨ˆÄ	h¥È¨Ã§˜¿üK3:yû·}—Á«)«2úcºQPTôUFëÜ„i<sCÉÏ?»_ÓC	ì Ç¼Kí‚ý°Ë;ÍÆÙ¸Ot€²/7h:ïà/¿ƒ".…âôz£N#ý:̨ƒIìQ Èe*N�ÀѼÅÔq¿%
+šãR,ËJ‡âá ¢“­í}!iþ§ûcJÒèS
h¸¨œzJ{½Ø
H‰sü<„qM#%c)|9b
zÕ[žÀâ`ÏæÞÆ®�"ÉêŒõÌô±y»s äÞ†TÛ׸/iyb¹dˆ0ÅÒCzí�ÔT­�3®-„¥£Âuïæcô'ºÉƒivóì’»l²'¢ÉØš^“äÊ}¤Ž3RÁWPcBÉœFÉQ…U“›Î	ùº@‰ÌO㤨Â%‹ëœÑa­gFÙñà½NÊ3îíú”–›g�ð{ò
¾”È›CC0qgŒ
7#õ4 A²…´ž‘ææ
+fÉL·Ý“ér}®ß¸§<JÄìp°Á¤²vd•½â¡ßó‘ÏubQÎ*˜;u
ù,Oeè¾h<‹á‡;reÉþÃz¶táƒ`wlD•0ú4”‘E€±ŒÓ5»ô^ß=T›öŽ;™äh�ðHGžA6/³Èº
+à
r£é
¾ÐÒÅŠ�áoÔñ6�çvÀ¥¯W`
+j«%X_âzºgºK(ÿÛ£{ÇÝ\P¸Z¿ôئĀãW�;æU)ÜI^ßWSÙ(¥i&Y`9ï‰ûÅ°0¤	÷õ·6+Rª}Ë•*ªK`V Ö»§|
™ÊgÚ]½CÚHÉ¿¢¦Û‹ßœ'b.
Xdz«Iªsû§FÈý�z5ZØ
+f1#šŒ´Sè'ý îøb´`½r0£YHï3ˆ?Ía­J³.€åv™˜Ž,äÉj1mô&!ÇûÄ~TY0¡~ZMc~’*€Gw=V{ø*{OS³S¾½—’…ùt‚ýFð…Üòêvz©Í«Wl B’?Öøô£®îÜO@¶ƒ¼ué”Ó	õ5¾jÈ_³Àb	íÜ‹~Z21<"i‚®ï”�yŽ\yYv¾÷®-®ë–’fξj/ì\°s`K4¶šÌw¿Ç53xƒ÷ñ‘Ðú­×0ÔŸÔI£¦ÞTm-Å}•9'wN°7¹c6“ŠÊçC›#†¿H…çÂâ1j½¸»š/Z@í+ô7‘4¬…ÇXêù^Ù™ðk˜–ºf䪒†@`.¾$M%Ù<èS[Ÿôý2¼^Â\œ—5G ¤/0`²
+ˆz
æCeýH+òSé*Iüpú瞨¯\+½&ý
+Å�õÀ�nÒ›ò?•&Á\rÚo'͉K“¤i…&ÍV©ö‰}ÀŠ€ÈC Ѻ]µþð­s•¶ªE,zØEo
+ãçNë(ÅèûÖOHb“çê.-OŠm†ÉoO´hˆ–ø3£miØÏœAÓyŒ@Ÿu ޜ첉Ýlg‘êúÂÏÖ4ì£8OAÜÆë!�Nž³'ÛA;ábA›i@:“:Ü0dfRN-çWíôä�ušw8¶Oì->s·|&æö=†Tpõ Ú,¿½Iw¨¼Rò`m@]ÿÂܬ9§Rðb–Ñ¡‹ÎØ®
+eÉy-ŒÅ¯â�.Šð›…Wº`Ëìê�©ï �ÜvÙûfê1‚âìfw�õ@�ÏúŽÖ:UŠdÆÙõf×h‡›ë5T—ß(¨k>žž£Ft‚«ÿŒH0M
+¦C*º<¹YºÑðj�÷¦ˆ-˜/X™*×2ª…3.Ã	¥}ì	ás¨û¸—1i&¨
×îñ7a¦Ò›òߺæ,š]ê8JnÔµhëU¶iÓó¿²ò_JÂÎZ…g¿]ôZ„AÁé:f	Ì¡Žïâ“�øí̓÷>mÆ”¶¥
+¶›œ>©wp„&ÔJJKâ².­Ÿ™X´LúíÅN8›)F…ùbzí}Ö"3»Ñ"|ÆÉã<¿ÁðyÜ}7¯˜óuÈþ²¸à²Ù:—ü!ÏnáF²fi:
ŸŒéä?4«�¿OΠÉt-kµ=)
çúœ¯­êˆ³»Ò¸°0ã?îׇÆ&#j!>#X?Fv«Êõ)æu1°…�ðBw4J(§¼Æ±°ŸäË)§»ýI¨©>¦k=¦ÿ$7èMÆòÒ÷»H|äO)·a1š²�Ž�•¼#x^€ªÎ½ÍëÏtiFaT$ŸZÄHïóSuCMù+£°¨ŠÑznÕ{—a‡ROe[õ¦×#шycñÖrBøS,j\õ´~�÷}˜
+Z*Cº¤¸«4]½ÖMÍ"oQ}Ý;¤Æe¯¢kÜÙ„nÁët%ÆË\ÂÈ´w_�ËÿþËÚA¬‚ò S3<Fó˜®70-u×B>7fÁÐL¿†5\²uü�š£U
P±�Rá©jÊ´Zå(T#1îøs?:&¾V›ïÔ¼I%Vs‚�A¤ì‡¢ˆô``múM6ÎÔbÀ0‚c–?õã:‡h#Šâï½ä§>’‰²Bå º‘EPƒ•G ×*Õïf•UÒÕÑ•Î7±ýÚWBœs¯0óýM?õ-l\�øíQ„óvÎ�új/Ü"¢[x¾ä™‹LFåô³‰
Pœ5#ÖtúLk.¦nq
¼ÉB•
+ê|Kc!B)¿8s^äF+�`Ë›2à¹+âI�C®“Õad)7¼÷¯ó3E-ÎeHÂÖ8ˆ^%¿¶£�îžÖÝÈ'ü¨ç¬
vT‘ØðÖw6"ÖÙö ¼…Ðn½î¥zšÞèë¢mƒ6„°ŸPЊA¦ˆ�ª¤Ê¾Y8η&Ô¦Êe÷5¯ä°õzuÜ*WÕJì ÈÚè—½štžXkNï‡q8Æ~6’Ú—ygäõ|Ì®-G¥¢aíšØ#ÈÈ�~Àcã‘*È0´þ"@»-h“b<4ŠßÇζÆØòcw§aŠ%«
+0­Þ
ëì¹øëÈtyÒz«¾±þÆ.„±‘½Ëž·øEÙ9±\	¿tñ…Ä¡oS2CÚºBs°ƒ2–¦êl-¡Ã`ÀÉz–î>~ ¤}•�X¡zRY,ÜTñgzXƒ³ÿÖkñù¹«£2�šÞꢥ^øº]½¨
+l?­â÷j‹®ts³
Xtp‹Ào:Ýb[u³^tƒ¨k;bBòâÙ²Ñ=�³ž~Þø]ß?ìþÈå�Úµ¥­Îpa‘h¿¹Ç„„6ª©?õîgת�N}ÐcÀÓ<*‘õû¥˜~Òbr¦•kÂV¨j»LÌEY<7½l ]&(ÇfŽLªžÑÒ[5�ü.·ç9ƒ�Õ)/Ô!§ÆRêèï‘í‹•7ëÆgÅ’-
+íΧ9\ûbˆ³uqÞþL'
äø�¬Ca£ºžÓàÎ~!͹Ÿÿò"4P�À·¾^±Àê@e©G
+6!oÍê)ǺÒD›D_×ÞÃ1ªs­ ÿÑ¿„´›'.X)¡6;´pBV˜zçvÞà †­\ƒð{,8eö½	«Îzi]~h{š²nÃÄý=ž ‡4ݤœÙòEínñi]ƒü5»ÙB'ÔVøËBLsI�B�Sl‹Tˆµ}ЇË£·´Í–%ÿ‡�ˆÈÏîšœ%ÿ¸©ðëàx�ËÍõ•VªHKoŠ‘h±Gã!fžß©ÙìX”�¦öBPIC‡î³[�öã›lÝf(mV�=)Äcó
Š)
+‚Ñ^·j²÷4&V¯70x˜Ð#€ºF¸J¡IÙû~iôj!"5cT¯=½7�„­‡ªžâ£§ä'iEëö—¦Qn÷b¤îü˼ÓÅÌÀf�Ä•Eà^/'Éô•#nq,I²µ‰ÒV£üػݹêõ¡¯“^UDAç¹?¸÷ù–Ä’°Ò #o9rø´zBù%êvHZÝXu¹Hì÷àc³‡VÁɲ�ª8<pTBÖ[þl�ö÷=Nq†‹Î~г¨ðËjìøpq¶ÞÔZçUðÍ]zµ~€$d�œü'~5ÅÁ˜æ'±zN6¥çÝ.Ùn@$áÊB\·,RÞ„L}	qXÉùû2LWÐ>I±rEG]Òî9f#µ&ûÍíhVZe‚¥ý¡ã&[¼ÜÌ„õ…‰ôiÍ´äd�U³O† \�O~?LB‡¹mŒŒï܃bŒÌʧA™eER*hm@L°'¨uv‹q›ü.®L(”«+ÞÁðhÛæ.‘>¨Wtš¸¼ýoú�b'
+­Ò�(Ïs[=yQêO„cA¤³xáÙA‘vž?
€§Lª±æTÄ(áðç ®¿�@}]¥ïweܬ…4Hà ûõ·é’É�­U8÷(o=Êì�8®ˆ](ÍLôqÊú#&EÑñ¹R(ã–>8
5:ê ðħT#‹ 7ð=”*%·4˜»(E
KPDãÂ[“8“øs¹ðh‘ðþyjÐFÊ7é=½¼¬nSÞæ)ÊØIй“cº=GöuÆí©
émÕ�‹~iBòżn‘ϯb<t£óèãÚÄ÷
\‰©•b¾è+‡‰Ç؇�ÖÜ›Ìpkµ’	E¹ˆ$3„bä•*û�N„ä–Ç´Þ
+†ŒH”³²8þRÔòÏæôP]ÃÒþî¨Â2¬§k/6Ý‘Æ®Â}7¤÷“%�>A&åÜÂ)U«8›ß¬GýÐf'i
+ðã>#ùé,šµ²‘ùp¦
kçV¬8êNp–¯)ûr>åH-ÑÃ�,Õ$Е6
áŸÍ´Ë“çaÓè‚¥F¸Â?¾œ|k�%Ãkˆõ~gö$Žºs²â‰r˹™à¶=ÇX.v¡Íª	wÚuôòcˆšMå×~£Õ¡Mº5co0šÀV::åxv,IÔïš{	ÎP›'?(<´iB^©¦¦ÃêÈ�Ÿëпy¡GK’åFK‡¸¸i²h_Ôµ…qTŽaÏ)Íì$£ÆJŸæeî†ÆÞ†O”¡J{´
Ëxª?쬢­ŒÐ%§æ—<$ÇÜ�%UÌÄÅtýµP£í(,N$[RäD˜�ˆbq:¼5‰¹­’q„&³¹ä,uJ
+Ü::ÜÅðà%<Ó›ìîy¾ÞO“k
nrBc;Œ$ÂFýŠì“Tqãñ˜»Üâ0þJF¨ZcYý"ÜÍê[•[%.ëgþñfXÔpo3ÖŽˆ&ôö®ŒWr>ð5T˜—©`JA¶c�¥:ï쌋\µv=4÷NeVÆñ42c¼‰•×¼ŒÙm2lÆZcNLÂá‹aRMJkUIĹÅ!jY}À
jCdœ!
+*:úü¨ƒBŽƒ[`àƒ«RG^9IëôK®©oìÈ,’—ëf)Á¡yÞ2§p,KÊDéçÊÀß©¼"ÛÀä€m¿åLf­‡‹ðÈv…=!¥…*OYÍ*¿j츴h}FÞø—¬Êr|yø)_vÑé…5Îi9J­`À~®£UÑF˜£u0äù™/‰-øPpéS	Wqù—m²,Ó(M3Q¥mU\Ÿç7ò8Î6.kÌSþ’š&ﶶnhIG¦%yÈœœO|عc]W]Ü^xF*V °BýàîØåÑjÅq¾×Õb@=ýóî—oÈ%î$îªË_s–�D¦'âJÉá¯å4„úåm{˜õÓ Ë\
X)ß¾3ß­4��CØ——sôÅÐ*Ÿ&§F�Ö8£·ÚÄàx„ö*PIhC¿A¦ÑÏ• ør‰
k>ñîÄù’ójü„Eê·M>†SC	Éž½m�I Ù|5·fÿÚÚû„Én�ŽtOw ÂuM”Z‡VåÊ
+Â`~vi¹F+ÜÕËv–
+ß#¯^‚/﹉þPtÜöÙÏo»%eîL4>H°"úâ©îw™_w¢?­Lyñ\#‰-|0~×þºGÀ½Ec¦âåËËMÒŒåƒ�4ªƒ€Œˆá
£)|Ëy`;½Õ„.‚HíN¶Š^í,‡
…�øhª²P‘ǵªºþ~#Üx_ž›Í$®‰Â
_³ê½Aí,Y<��7) IÝ�_,›
âz,JZÇ7g0òégÛ„$âÌ*Øv„ÚÖ»õb)H¼+û:+9]ù8H4˜&½(
¾Ç‚BÁ2/»ö_3m{¼Enè@ŽòzèÙ?1f"“È(´ÒC¸Þ�
º>ͬ˜œäFªM%—´ÊbèG`Ò�ù&º[{ä�àÚT•t¾ISßÝZÜjšY¦²¼þ"¬bÖ†zs|<˜+°Õ±¶qú¼@Ô³Çúè±`ZK'„Š?ñ—åit¬­õ7=Ae®Ñ»tÍ0óªÇˆéeiÌì‰ÿj
×Â_jDRn.U¿Pá»T8�ÞXh‚>�µméÈíæ‚xß4ÛüÖÅ‹HÆj¯þI�t¶ðÞ_°J¼îáK`0Á­™uµ7¢	LòJ^Ž³º·
ÐH“@–7­ÉpνàrjÊÝ�K°Eéœ_~Ì«¶wM
éé®ëh¼z–ï	•Ë¡ÖªŒRÁU­Ž®lø"k¾ÿIÚü˜‘ÑŒ'8Ï_ü'`Ÿ¹‚›�º�®×
+›¿µ1þ>ÿúøÖ“$I³qÇž[}€¢¦*�Û'‹‚ßžoÚ€íY#³lmÁ‡ð³ý^ìû �bz¦½{;�6´:ÙZü¼åø¡Ï³Åûf©²5)ÅqÙ96
+­@X† "o=>Ï£dá.x_ë%ëŒå/EýöõKÛ¤ê¼RD:cÑ€B‚¹	yX–Š!´¶ªü@}k.ß øÃþu=?ü+Hwœ®U:€ßè‹Lh
+cpjÁ$Žfų1}©¬”À ZÍnž¤ëckáP+ûýrhP™bî\ÄÍÜj$áìCjyûÑã¥14¤:� È°œ5\ˆzv4‰Œø'KkÂø)§N	¿"¾´,¼ù YwwàP£Eâ-ö¨¬HžàAAO–Ž€Ÿ˜¦ZzNF\ˆ’µÑ/ßPh"™;ï™d³²ðÇzþUC«ÊîJQš�µ¶±+�'„øæÈÊ¡@ÁY�
37jÜ&^Ñåõ‘©¨K݉’:¹¦S!¬“ns–iyHp%×%X7!œ‘`óú•¯Aò´(uûg‹ƒE#³ ³wxQGnØUB:l]�~´³½LÊ¥áïƯ jΓÙ×tL›‹â–©KÅ¡­”‹ýצu•èlž$ª¢úº	1Þ*Èæ~áê´&§†æ6Vý˜Ï7`î*zF6Ý�„§àvÿœ’¬ô˜Nª^ð;^ê„¢)~ŒnˆÉ·M› $VŸš'	÷ËÁšúýe,äxÄÞÛýS¨z‚zƒØ¤>˽q—ªI›“rRÑÍ®€>Ìñ.>V‚Øñœ‹“ÈKhqó\ô¨ÂÇ$Íôût}5ºö¸9ÈVþá	,Œ¥“Žyò\¯—¦å©KWëé%{ÐÃ
ïœë½†s<bÜG±Ë¢›‡5�_Õš¿ö±å=(±³Êó�õªÙÎÖ"û¡öêI•ƒÜe	YôE{¿
Û…µnìzSÏ$ìÆd‡­(ÖtHªŸÊõÑ/n¡¶½Ë)”÷ùÈáÒ	Ÿx
z	¬×¥î.¼ºŽÊµÔ*w§¦¥@ùCéò¤<ÌËÿ×ÇvlOÍ{¹œVí~"¬lÙËtû÷ªý
TiÔ\üÏqOJÄ>Þ^`Q`§`h„ÊÕòqB¼gê§úz„¶Lï8Óï²Y­ÄZ‹ è�7,Wì¨{q»¾º`úVÐò´AÜ•SŽˆãÑÖ6ÿì–Œ†U�ñ”¨�Së½wvÔãwEl ^¾ŒÄ­Ø¶#cKZÒ-ÈŒ×0µ.
+LòÝÏè'&RRmbƒi!Ë]yÛ;ÏVXŽB#bÞq‹†c(Ÿà¯ê·‘VIúzÌU‡»‘ÓÐ߯�´i‹É±üçìUG]+!B£´&ß	b¢a DHðÒåþ»Â
+{�éÄÇÅúä+Òep÷£„Þ¢êp‡nø„uªbê£�ég¤çÐ8ÎÇke›µUÖæ°}<‰»ÛÉ9%!ûØn�›ñ‘€”kïsM[(]ÝBðd©ÒûSg¬
VÚïÕm¹`»NÇs¥š¼7Ç'‘Š«Ýw¦¦’¸%!ov½ùUdJ™ãívhö
+«h¤ÊË]ÂQùy[ÄË$sk×h¸` Wgº˜­×M¦	r¥ïC´ ìÔáú
æBÃLýV!¥ˆÛ«U—ˆX,ñ]gwóy·U&æ-6–Zêù~–™#ÂQÙn(ÝíÅ1
üxQ¹¼w‰¨K<ó3&´Ä¥ÕÇÊ uÿfÅæNüje¿Ü®>Äì%¶å¬*~%voÉß:£©ŸØÆ�ùÝ,(�ž~ÐâÀÈæW›‘]â±SA�ØP>¯‡1X¾�j–¢á}q‚Ì|`²>=;QnŠw£ªu Â6™)EOé_¹h ˜ë¡gaÊÒ÷¸¢}UìžÏÙn-²??�‰w
j&õ“ŸT>cŸæ‹J¯sqà±69‡ëh…Œ5–Œ*àƒ6œ7Ž˜T/vs�–ëbš7
†Xxý'îÏ
ûN¶5Y¤pW4Åg:.Û¾‰i"!›ËGÀþ#­L%K“0FáòµGˆ�	‘×<8°}M‡Ú¬ß¿ZâgžÃ¥œ.Û>'§ÐÌŽŠÆ}±Ø/©?c¤ÇáÆa=Jêzì‘6ÈëfÊÿF…<Óp©Œ”øÍ7 I+öc“—3Ð}Ÿ¤kQI ‚qaXàâr7GňüâË¢®¶øØ]á¶"Øê°€ÑíEØQ¤±
I5éW47•ŒÛ›pú6½•S!RBÍÜØnpuH5â6Ì^"»½ÁPÇõ{¸ÝxE$ G@néåÏzÖìžµ…Ë’Î/U¤“*ßN3ÓÞÈt­	S“S¯noëâ7˜Æùi&ÈÐ\š)<¿hßD¬ëˆ 1w©¨Z›ÔD‰j(èÍ"x¾Ûsç¢>¥Zg@Áœ×ji죕^\J_Æ}"?Õˆµœ&_�%—ÎE·«|ÃÉsõCìà@êà’ØŸú»“É�êáv]oÉ9Ïr…p4ŠeXHÒðÜγw�Aù�ïÌLá=(XµKbÿ¾wwûW!:PPiƒŸÕPar:M¼ûŠïŽJ¢ˆI
[ÉIxû¼zG¢*:Jøªíl È1[*4ÔNb•¯äÎ(f_	~d”Ïøc�Ž×:5zÖ8Á§ Wš·mù�^Úá›ÃÄl6¡ÄLóûîÚˆvXTûÚ°*i„jPÆ4¼^ŒH°ÝÙ�ðË£i(ÐÒ’±d�›‰½}ÞËu÷à{EYZ
+€A9B4|â¾%×%‰¼q–\„³ÑˆõGãSø;
+È¥!=Aš”AO¡·\ñ„;vZéAú•Æö
‚$2¦)LJpt¬Ú°Ñ27åë`Åx’ïgšáÉŒ‡\$uèÜú¬ö’Úƒ72Ëú—È©fl‰ ³ZèühHÖˆŽ^—nPã°šOÈßá|²µûÐL�<áá<ôø4ే³@2d•æµE&ϲ](0¥\æÅWÒÆ-½Ø¿£œÃ£¡P\§øIᆕ9�k ÄÃÁß¡8>!ˆ¾¿_Ë€¢Ž]zì„“ü‰Ë34Ú‘xS²|;×N‚B;SegJÑŠùSzø==Ÿþ..s1£�/”ŽÝÎΟ䮋=ŽP9Æ“BTCóFuÃape…ÖÌ�“»Õ�P_ÑtœV–
sN<„<�ÙJÔƹÔ.yÛ锤Ë,ÚKN•�+ñtï4e¾žpŒ`¡0«.â«©Ú»îp)%ò…ÊYQ‡H'»b¨ExÝëç•Éâµm¡€!‚2ìwð
'hz)r>„ãö«e¨Yõý"Àßye4Õ�}Àn•¼ÆùÓ!H“mpíßàþ­DÀ—|Þ"Í0ÅCŒ©Ç:D먩ƒŸ§à–—8Øø¼§ŠËDu1N™äÂ誕„V^¬_èÓ…Ž#ÐËQ¿ßûÇ×Ƈ4™�ì(ö—¤@‰àyP]glËû=‡œ+DoFG¯¿(amƒ/Ĉݮ­Jn&n„
	
³¦vÿJ¨Â‚Ï
+�ÚÉv+ý‰ÑV$+�;€4+ïsË_;ð¯Á¡Çø‹«/ƒ6*æ¬ÇÔÃñ]ë–Ú.nt'Fɸ¯]{äý]Ë5,Å¿¼u ÉÑMáÇ£šD0–ðDy·ÿÚù²Åøkc$ß/æÄv¦†:¬€ý	
‰lþ¯EÁ—Dµ‹â$G©91ˆ]JeÉÞ:ײðî›ct¢cNV±ÍöVGåg�e0TUç<~{ÍðoVuê™æîm!KuÐQz­zoâÞ“Y÷¶ÔY¡‡*3Æ}…Ê1ÙuݳsüÔF?©’®ÐLº€ò›%$—öF³ÖæýÎ_?¹åÇvª ™�áÄŽVÛšµHƒq™ëÛ=Çf‹ñ_QŽu$Ý—ºÒV©/¤ÔÁ‡•âϳX“rÓc ¸Ò§Ñïø—àÄhqÅšõ®õP'—üøõ¯3̨§ÒOŒH@C`ní9÷I‰Ob¢hr»}òÎÈŠ5…R½nÌêµðêCÕËhÒéÇÂgÚîÀ
ÑIneÁ€â|
¾7ow1ÏêÈ8TC�¦z	É
ôäžU^“�à÷E¤I1*_K[�""Ïv¬OIÇø……èG	ZÈTy�ãy`c]‹ôËq¾GÔ|õù0æÁ™%Ëïqûö—q®úýÔàÞ,óK°ß�ä~škK¡³@j6ÐPùÿÒAd÷�5ü!Å:p³FN"ç`»žåæä‰M %êN<ØË`aS¬mh7Nx‘/:‹A2l_ùK'Õå1€Ö	ñ�<­{G�¸D¤\,áþ\÷OG
+h"Åõb\ïù—ºjÌ0á ­pTð>jKÛî%’XмPO(çmh™/Qdz
+
�†Ræ³6š!‰åÎøXšÿTõ$š£Í;Ž§Ý¢�6ýq¨‘pfÐÊH£º§škX×hô�£¦ì(×6wÛî÷¨dä5]#Znñ�e�ˆ1ÙLÈ)I"ñG”„ëä¾�ŠÏ+â“h“ˆÆŽx”“�˜^“Öx ñ1““\Šìy�´9ÐÜÇÈmèÊʉ¥,›ýü™¦^³ÎœHIÕÙ
›,bßàgš>Œ×ȸÔlpuŸÓX-ï•-a5p#X͸²/ß@rº›n‘�¼TÀ�kÈw�ç¢�J7`jω5Ø6ÈÎPý
+Þ™eb®hfŒßy9Fð­ËØ)©ýTÅžnòªws9SÑûä=\�¼\Û%Ì[õW&��bCÎNý�^Í„]
èN‚Ò£6½îöƒž�Ý$Bø|#Ú›çêuNö}T5°äD¢Vέ߬IwÕÊ|ʇɬ9˜Û’¥ÜëKGåBHÖ#ƒ‘â~8€ñŽüYZ瀙 ‚—ŽÍâà¿9CF…“*Ÿ­B7@—-5Ai=ä�\MtþZÕ8<zSfÊ!šì©L›6B^‰ðåELãÇЫÃ�÷Ôþ¨Û~¡2wGØ€Ú¢ŒU¼ù+*{$h„ë*™âõÝyÒYþ|;Í
+†åÌŒsýXZu‡7E@+!²‰úÖ›Y¹Bšdž9¹û5¦gkx9ª¼ºKQ£Þž8ëé¬rçÃkG<~®*½Ïå%‡¯>U{�§;ÝÀŠ»NF|
êé¦$êOÐŒ–K¯ÅúAoÁ6�;å1Xw&*ÄÐѹ’†“%c÷}K6¡Êˆû‘aWaèÈ݉,+´D!h=²ÊíºØ~A�Ì…¦³üs½:•c!1Ë?
·E3M…œñ÷.ÃœEþñƒàÙ·™2öh�p˜Ò‡’¥1k$Bãõ•k ï-åB5QñÇ.“ÿ‰XÄVhÌÆÎ*4Ax£+Ô(VE…l�ÚoMæúmŽòcþÕ§úZ­8™x¡–?#¦Ï1ÌÁ¢*ìVÀ'${¹ñý˜?i Ðã¼äêZšX*ÇÛ…bJ@†‚i¾!À‹#ëÇ#¥­è¦­æð«\¡"ûáMäV
ÚšDXääS-1ƒ虎¬ÜX�±%ùä·¶4ÜMƒ˜.¬æ<ü1[ed6ò‹d†tȾÂÅ«D±ì È$)æ}îñw×6Ð<Ú?SÓxT0‡ØŒNùvÔ'6ÃèâeUNg«:Çá«çÙ‚Sܬß~�±ñÒ.ú0ý¢ò¬‘—øEÞýäòÅC×�]ùª*KOÕm|�âŽçS{™R¶âAÂMZòÜí§tI¥1›¸âbGÛ0±¡ú3–$œ
+giÁ7çÒ°pP·‡„ °¢�èU´(fÈâÒdQIµ0Œ<�ãh|õÓ¯äjŒtfÆ:îC�.Ö®n².å
+¤ófÀÀó%UÊ^Ú‡¾+¸EÞ6\×ýÈ'Œ¾�'*ªâ{õþ�É?é׸�
+±µ&o™
GiÒ±ÊëY-v¸Ü
&A‡qä}¿SÑ�šüZ!K¦_>w¨;ÊÓƶR<¤ÇFó³�ºIq÷q±¸ZÊÆÞú_=îmxM
+6÷“Ë{pŸ{dsž!z×-�:qû‰œ)ˆ1ÿ¾Í<Ø]ä,Õì6œ£ñ¿#ZUÌsç“:K­×V·
+û^&4µ£ÃàWÑZ#`¸ûÜ£ž¼�®¶2Í×\cÄvy�n¿)x½éiÆ Þ`WÁ
*šõñòX;ÊöÏ&Ɇêíñ=¥ò¼&�̦`敵ÙÓVeªZÓJ8õ�îßà§�à/FCüŠŸgâ9÷Í7
vó5b®÷`]|úŠ‡ ­>ÙZI“ž¥EsÅ
Þ3-$«x´o<¿¬)ÐОýl=£76q¤ÿùÍe¬MJ©ï½Q¥`yùi‰ÕáJ¿ŸŽâþrtqS D(î‡b¤%üvLÏ-¼!Ñ�ÝÀu0ÏÄXÓËú61O\ØÿèW½æ_‚^(PâJÎvïV$ÎPû9@ÐsF \ª|Â…øÄn�»�Î/q‹=G:Ûð»ûÝÓÙ­•}Ž‹Êª-"É.»‰§J­ j¥à872~§™»••Æ¹\ÿÉ„)•<L¹Rñˆ3Ú<„_MåX‘CÞölå…UÍB÷‹ÿWu¯óãÞ9® ”«PW¦XpÇ˵%Kü…/vQ&7ŒÃv%ŽÚ/‡M|¼ËòFp¿óMšør<A·G�.`}vwÚG¡Zÿæ—9ýê™49ü\©á×ñP|m	yLs[9õK'�³£‰Ž‘f"ÌKÞàa\‘ÔsmQ“°ÆꯠgÑ=ÓÿËöÿ7øÿ„�©-ÐØÙÕÁÎØÙöÒý	
+endstream
+endobj
+12 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-251 -250 1009 969]
+/FontName/MHIHUQ+CMR10
+/ItalicAngle 0
+/StemV 69
+/FontFile 11 0 R
+/Flags 4
+>>
+endobj
+11 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 720
+/Length2 16299
+/Length3 533
+/Length 16863
+>>
+stream
+xÚ”·c°(A³®¹l›{Ù¶í½lÛ¶mÛ¶mÛ¶mÛžý�3÷N̹óg¢;:ª2ßÎz:++ºŠ„@N‘FÀÈÖÀXÔÖƉ†�–�_HZ��Ÿ�–ž^Š„DÈÁXßÉÜÖFXßɘŸ�ƒƒ_ÔØà_ãßÍÉÂÌÉÂE‚/dkçî`njæ„O.Dñ¾€µ±ƒ¹¡¾
¾´¾“™±õ¿ †úVøŠ¶†æÆNî´øøVVø
+ÿyÅ_ÁØÑØÁÅ؈
+Š�
ßÈÜÐ	ßÀØÔÜŠî?T6&¶ølÿm6r¶û_.cÇ\øäÿEJ�ÿ�ÓÈÖÆÊßÈØŠNÆößxÆÿhþƒýpýÏà¢ÎVV2úÖÿ	ÿŸ\ýn}ks+÷ÿ[`kmçìdì€/mkdì`ó?¥ªÆÿÍ&mldîlý?½NúVæ†6¦VÆøôÿm2w5w36’3w24Ã7Ñ·r4þ/»±�Ñÿ„ø—¹ÿB “—W–§úïiýo§œ¾¹�“’»ÝÿûõõþŸþ¿ô8˜»ákÒÿË/Ã?á¿ëµ´ÿÇ`"6†¶Fæ6¦øŠNú6FúFÿÛðB	
+ÚºyÒ0²0àÿ{ü«3zz|Vïÿ·RÙÆÜÞÙXBŸ…žžž�ƒé¿¬†ÎÆ6NÿU	ÿ¾øõMÌÿåÇØØÍØÊOQ^šüŠ|�M·’”<`ñ«4Ì?€[™íÇŠg#æ¸-uß«Žìy”o³ÙÊ‹ä‹©Y÷ì±êówÊ÷/;M@úTì¢7÷…ÄF÷DB�Ç�
+4¿Ì+"sÝãz:óW6´Œ>bûl›Ê_r,·]Ü›š7žªSh£ŒüWyX«,1ªÜ*ÿŸö¸¥ÇÒZCù4AÂÀ‰þ–iaëÍÉuÔÍÌß° 7)ËWö4àuhg@G0/ƒþóG°nf “�/.ïˆh:Í»ëmþ9Çø]Ùê¿z[T±æT@œ^p&;1kZ(÷o¦,¾ò¥gRÃë´ð7Òþ³¾]ÑÇ4´žÍö‚À‰ï}Q;Ñ]iƒö{ŽQUãá�¦#
+½D2t,}ÌŸãÜ*{Dò±†¢¡
´Icúb¤rt|¯S-TäÖ³e…3³ò¥dÆUí“3o_0ÒÛ.Àêû��OŽX÷Ê?U­Âé+yÆàµZ²¶ß~¥«>²”z–+x‹ë)~RzÉ…Ú[ºâ[PÕ°Ò´›-ÿNèݘO$ÌjA\�Ðn,±0‡òÃC›ÔÇRÛÌÅF ¨b€d:V"•Í¢LXÙßqSŠ¼¯šÔ¢þ5tþՃͬâ�aF¡13-MöfB·lxDtd5ýC+l‘ŠæC[n$Ãp�6PMwÁ4̸7†jc}Vi!Í_ŠìYàü˜þSp° Rݼò>ìÇVä»d>ü¡Ã�Úýw†‘0ç×ûÏZe]•jssÁ”|²gÊ�âuëÆqíw|‘ubì^>“!n�ôµÑý�5= åfq±ƒ2¨¢VðiÇâÈa8c$?
+—…´¡sXáAƒ“^ÎFƒ"¥›Ä’%
„¸�œlç1˜‹ ~ÉõÎ8¾¬áÐwpUª@¥âA4�ŸHª¢C&?ÆW½&¬8ó˜ÆÇȨZ�š”bµ»HýšÑÑMòðNÏt?˜ßÍüŒqøD!Ïýí¯»®bSh%®áRœPÒ¹~�îv[˜×‰
+†d@¯2TLTjh�·?ö^`ñ-œ.ç
Š3¤$­ˆ“žïÙDWTÍW·mý…M„Õúž<EK)ÁßÂSù?:¨hœ�ûꢀ+Ü>i~¸®¢bB®3‰o( �ªPŸË›?®ª! ñíæ†i>6_4|é*W5F„ªi
+*¾qSqG·Ö¶öóÁ
vøJ®€lZeܪT|©Ôòþó!B3“ qÙA³.öN�}cWæ½rw»àG¯S¯L×Ü.¤7Æ&Š	¿Gi^	Ú°ÞØ*UšÅ–Ü`Mâcg#D12ÜV#ª½šDiB�®çƒÀ�“Ç¥ ÿ0M3?¬ÓÙ¾Ë&á~«eßRŸÆ-O¨·+2E9Mšõ£»#A™õ@§óD
#§ù´[ÐVP#ή±ŸTˆ—åXï<~ìç×¹õ¤†¢Ù)[¤8hDÝW‹~*$†8*ÕŒÀ+IñHÜ»°ë?KŠ¶£6ÙôÈÑU^„3åÌP‘�K`D;æùÀ±›ÜfÔ”§|$T
+sC|FÁ^“v˜�K
p÷¿¤DÂsûÄÊö
O̽2ž¾+“{Ì+fyÓyP¬Õ@Åq^X.�êw³è“æVŒ|kãý¾àE?à§KW[#h$,»K=T(X�¢B4§¾¤¯Ó;N‚YªdV½kçI
+uƒfDw/^G”Ÿe’…=Ö¹•a){Ž
+õSþ
ø¾ý†
¦õßaÌë»ÞïÊV1âïºԣк˜^–œ;еÌ^ûÂášrDwÝ?©ªe+C�FìÁ¾^1Ã@}\¾‰&†ö:¯—�­]!°%Ý"'û„×W°i��\Õ·éüIt³#ž²‘GÖ�ÏÉPÎ{ã׋H/¤­>"Á#û
¹òe”of^EÖ¡¸Â¶N\ÝŒO‘ßã£/xØ-R]¿w•W¤\…3¤)áÎ/ÿ²xg í
$[3wj"}
+ÿ5(æÆù‰X5RZ¢Ú·ÐÓC@â¨gï45²©{}Ûf bë�XbGrøºívjm¸‚Œ24V³$#ÈC䢺_Süˆ£º)Ъ�L›•foÊà“œd#HËO¿´~˜<ÎPŽ8@ÆÉXýl<;?ÙÙšPÀã|Ô'§óäk¬�Åh7�é¤CìÃÉúf`.ܵ´•r¾JS2z
òEqÿ£XÒë,ζ
ô~fv	»j3´ˆùg�¥jÂq2S ¡*˜/É�|L&6�3žéf|˜ÚÀ†Â,{Y¶ˆ©ÝŽ”õsÍKÛèÁ
-4P.[WPeÔ#X+µ(cÇfÉˋ鼚Ðg蟞�¡§äTÛ…_ôfÑlTM¹œBJÕ-¢=x§tÚÅË
*þ”ÿd/l2q‰S<^ˆ`›¦'Yæ	¥]%–G‘âù«çœ¬‚ˆ>c�á�9Óªú4/n>3I�_k§-ó^ß“šÂãÙ I�H;*ù¹K˜æ²Qºx
ñÜDo&Gk>#¨Bé‰
+ÁvÌË´n²‹8]n±tPq%~Õ3�aŒ쉓æË)ëPŠ,~ÛÀ+ÏÉ™Ãpá85IÂZ¹fÜö[üâ»!7¢+:>‘f¹ÏørXò–Û
s/ÕŒ4Ä`¸ó£œc§7='×ìxèDªÜ©<?äT€Y8D÷¶.¬VÉYdÖÕpÌ(%Íе9ôvB+g—ð
+y¾ÂVœû/Ôö‡n ¢´ç1¹Ž¾·bY¹Þuøy7Yídw
MšKÙÚìEzÜ2ÁžËl`è2Š*„=›�\fòêÔ—ƒ[0ÊN D+-"FâSPX×õÜÃÛÅ�#ioê ƒ“úUøNJ‘Oý�X4”uñóI û-Nv<<I™ÓáÄù}\vÁM/Y›”Pcî�XÛ~2»Q,±5£¢j�(«f&ò–Ùôê‘túš•‰qý›5­"€xƒ‡—p‹?:&¨4çxV糉Ʃ-â�v¼£ˆähR½­§ZgÛä-³6ƒÛØ®%i¯¯¸†×¢õGó1kå–	ã%?û×ÄžopcÏÚà’
eÁF7Ì:}ÜyÛ¹ÑPü`Í‘¦:­L=>+�ŽÈwõëÀ}´é•ØúUS»² æŽdˆsL«9¢½Rwó«8	/ì	æj¸m|æüÈŽ4Ð>F`	dN’§!ÞˆúyW`�Îñ×L%P#™V`HuߤªÖ˧ÄgPÓ·òpJ÷òŽ«Þ�czK­´G¨æsçð!ü=¼lI�y�6ôU Ю½T®íkÿ:JÝNçæs멯¤,4“[5üî°�§Â)ŸË=³v@œ'I DÎ2HÀ~RJõð•ÁP'½?è×s–ÒÉŒÇâ¦!˜Ü~SpLL½Ò*ï¢ôGÇJ�/¦Q̵µ»ÑéMä^7ÛTyÔò«3cú¶‡ßȸ¤Ý1‘@ÙË›]ÓšòdKÕ¸&KÜÂ`ðGX„¬5*ëЃý.ìý�ì´èlšä@/½~é˜QvÆCP°¥3:Ú=“�¤¶+¸³9¦#NÎ<<bÿGß~rUû¡!È =ä‰öH¸�i�Ä
+s/ý‡`V}£IC}
1éì’·–U˜q<b›%2º:_B·êÎoAîõÊB	Ê€·hžÁÒ•¶‹¿^jâµåó®�¢»rÁÿA¡íãÒïtGRV[ò—%Ø¡¸ÏŽ�-ïAÃÐûþî»H”Äçg°.ø(ØIÒ'—$�¸ÊÉ/ËUhá¥2M>zc½g9M6=Y“PVf¯&¨ìÿÃéKÈ­Q~Ô�—>ÝkεwÌ"qÊlÝ\âÙ[(‡ÅwˆDNNÊ
^ì‹(!ô„þ쳓Ÿm- ™ã8@«-æOÍKìÚ=®6Æ×ê|j=ÜSð‰ë¤:þÎÕ¬ïõb™ø"iÏ—A	ìfn¬ ~à.”h8:îok‚×_LXõf}…
ÅÞܨϼ'Ë^tEÃõUJ2Œé£ÜY4¿åæ®ZCÁ	*äËi™¦Z¡çQ650úàðº*^9O`!zé~§ž¾W*éœÄ¹Φ¬ív¦Ê¹^©Î=Ž:ðÚ¶;ùŽÊ[0­éb„	Uû®0$:$]«�¢ÞgôN#(é	mH}`O÷�¨zÅß‘™Õ¯	ñË—O¼SáÔòÀµm¶ñ­m#*»ó0ý¹°ž©²ës^Ðb²ƒ|F¾Áð«êƒÂ½Ðn3œæ…›“„Jµ3¾éå¼™´Y86:À¨Æ»äèÿ¼ÛÏز+Ðê£f]04@Þfà(ÃŽ’û‹Ê€(ú`þ$�z =Y$?Êé%{9
±v8Ñs[2(ì¿‘u´|•(ØMÜôÕ¿…–•£~+³ç”úqœœpxµ›Ý‡å»-§î*íHÕ­�T_¦hÒÝ3êE×$ifãˆk9dë|¢Ký”íè…ÕݨÅZ©xµ‚YÏCFà>,6ÄÁ�ûË?;Æ�H$QŒBVª§ñu̵–êFAÆóÀ�áõ’Î�L­=ŠÙÜ!V• �˜lÊ�ÜlG`«ç:O_‰J^Áæç0Ö�>ÂŽXõÕ�¯Ùa¦^CŸêÓÝ” _ßÐt%Ìü°Nsû䙵³A­2JȦ¡YærF�?‹·Ö1ÊG-~5ÌÈåøR*éltÁµáé³Ä¾5ªþíß‘R<>®œ"spüC/7«<5N“£ÏÿÀ�¹8^�ºß\U³žÜ^QÆq�ðW©u�&™º4èœ3�]¦ð´9Å›ºÜû2€–¥£)ÙC²áÆÈålS'ʧ"\~›È^(ôO(_ÔC”_Â�>ôð²æ,C©N@û ‡†î$S'y·£¯(¬¶×L�ð#MÞ_
ô•‘1�Woò4²ÐFWo	�^TmÏK)íÚö öÄXÁìÜ"¢*Û
ÜíÔ³Bá2Ê/·/	Ñ1hÔœä]² å=àhÖ
ƒ˜:n¶$0NYŸL£»A¨ïZp5N¾±ÛUB;ãØ"û\‹žºXÇ‹’W)ˆà!¼µn§ªÖlFÐw0ÛŸ&I®’„9ëp‚­ÖúDü;G•E4¤nòuW@œ¹Üm7…ÒméMCá×êFVטqJ<¾™žW±Mq¼´» £gó­yP°=Û‹¾¯Oê>Wܨ§,2bœ ™XYIž?Z*óÕâS
‡ÖRwì%u[¼û­ÐHJ×w]û¥­ù{-gCð�ÊIY»;!
ùVëڨʕ¦Û0•Øn¾+þ¬Ê¢E"e(~N-øi`|ø~‚š$·áïvpDÎ-+CpÆç9ß>g ÑÉÒ¸êxxCÒ,³âé½gÌ¡´çÀí«WzëÁûmH-€º%ïd�×õ-�žq*ß-qìe®ÊbÐ4°‰ÞÌ7[0“V½`AkM>åvôÁqÐ×S½Zö…^+
™ÆJ<C
+8T÷¥2B¢ªZ´SŒ¼{1Êû�ð™»v÷`8N©ÿBJ�›(¿Ø8°B‡.jª¹ÿynæžePÈnéÜÆ…«–¡—dv=ê$Ë'G—÷Š}ž�el‡‘úöi•0D,#ž(
+YêíÛ‹Î�O{Éš¾ªŠ¦™¡ºó¥†Ož?â|· £P¼R't}h8ÓÌŽŽN-«‚
+áR
íZî…3r›E騌‚‹B4¯lõ4
+êæN§2Ò	™†²^ÅßÙÇ©R¦°X¼É0¾zÛ
uƒ·ÜDcÜKî�ó;ô}SL×b¡'Ò�˜ý¥¿ãñØ´�·¿¿yXÎ3¨Þ®1[ᓾA=_ðµF›½mÃÝ4Xð  ÖNÎœµ -´«×Úëó‡ìL9õ«œ/%16âíê#J‘	Ê‚ªÀ
Z3ªy9±F'õÏÖóò]M&ýöÞÁÕ öFTålíÔ9C@ü°}m§Ôƒc×rÝú2·²’Qu¶e÷?Ò?†ÄðPûe<tè+jcË´»ÀžzsÈJSÊ‚Ef1&Ì·N“‚æéâÙu„Tqц©Ý’ð¦p>ÐÞËÔ-Ï´t§4E^ÖáüSÈÑä‚‘
+ÌZš;$“ê0&í:5F�Tx¼nV^\Æ¢
+Å÷+ð7¡ñƒ=É|ËÈ‡òƒ�_�Ápо7ÅÛÛ™ºòÖN_kd!ƒ÷[ôþkDß”‚/X–®ccBL�X¢è�gEzr”0…Q/‰H;úß,TÛöwÞ"qcsèuÖZk‚{
¸&@Iq‡ç³oö±¶$u�Å{ë÷6BÂ+˜I5»[Âçwš¼ú‡â5zŒ°v¢›KO>–¹ß‹?ÂÒŠ´.FãÈÚv¤ùÈ™}�ÀÓ¬ø/Ç,œø×$YòÝõ'þϳ!Kvœ<‚ ©A«õÈEšÛÙw°7¥}
(ÞÁDò¶­™¶ÂãÀø�.ÔZÍ“Š•Pœ=ã]�Ç¥�šN4઄E-ÇGÝûÝ£Œ‹YÌ
�¤.9<*¦38mêùmÕ|q¤˜âBÉ×tFå>"_ÈÐê¥I>kmCËH϶ujâ—ŽNN§!^"æ+™É¸Vºœí7ót_šïÈ=:¯¥¾Y
`àŽ:L¤£Ðu¢läT›Üû(v0`8ßÓF•»í	ßnÅ	D¯SЊwÄ‘œ‹µ¤,�Íö‡Ñ…»¶>�ûhÎ*Ü4ˆ‚kH¬ÎýË—ž„æëÓբŒT
6)˜HcëivIs_zÁ)FÝÚHüýû…1&ÒÑ\+ƒ�îÍ|†gã;ø†›�3Ü!`w–;™®ô‡™*� àÆO¯*)äûø{¼v¼ƒª=ö¢[h·KXÈk¿2×ñ}2‚ÌáQH£í§ð•Ê�žŠGûÑÒc‹3´‘bäh4ô•žºŸ×a”̉³`üoÖÞ,£7ÑØ%b"ì¾Ü´ÊjÊÉ„Næè2«@–K׊þÜ÷š¤³Œ‘ØHßñh$ä¬å_°KYÕ£lsÞ
"<b8žxR•;;79‚.Ðip¼Ý‰„Šb¾
r6š•“°T^„«ßS.îA®\=56Øñ:õ ÍVËç¯ô– ó˜	>‹?*7M¢R‡±\1¿ÞëqÀ‘S«?Éžpžêø¶P—Ó(pö±rÉÙ“šmŒîzÝÙ*½>Ûåmý;jlP8³®'hÑ#:SÛ¥¯ÖÛ¤I:A"ÊÈ,ÚÍhñ€÷+ãÚ'ÊQ# é"xþt
+ïÒ“§äÀýÅ~à°ðŸž–„Ó¿§´«!Ðsêx""ésÄš@×=‹·�@~ûfëÓx™¬½9)EXÛwë›2ØŽw†œB[²¦• n·µZªMQN2éa/DJ3~ɦ›¿‡�BñÔú컓É<^…ÁÞAE»þk¹aÇg›�u%Ö¨_¶©oSßñ”D œô†�üøaÚõÀªÔ*Jk®:�|Íðè×$UGñÕS	Ô€ø�¨ä�©»ÊHæ5·:ùØ­….S“˜K#éR/bkÆ:YtI¥:ï�Fe$A*ÙḃjÑCìäeQm…îï¸~’Öèò¤$§°»AcXÉaU<òtããÈL8/,'o}<¸?Ø„ç]ÛÊ×ÕÙ&BÁÆ•	$©—•¯*+œIÛ°.±HÖ¸T»XÇäºW€2ql&ÏÕ�Ê¥‚lôl²íè‘5=ñð†ê$_éÈRîÙœSQ=b’Ѧlµš�ONbäúØ`ð|-FL.>¿-]•÷\g�)0!V	Í"ªdYLQÂì1ÁŽ.Š˜þ~ô•”Wø³JOhâ¬é>‰µ’„Tn•`\´²…‘Ok«3·nAg�áúí²JiîY6Îs*4IU1Û0[²Ã‰£C{A÷cúFŒ{o�ÐúîAŸf—X°\ó•XtÑ
`2oò|7ÀIb ȧ�·µwíâ¾F®ˆò4 S–g½�º€ï‚Û	÷‹¼×Å
+âÕÓ•e’Î0CÉLo873°ÐT–.g•V…a†Y@¸„W‡i~R
+½ÒÒ‰„ñ ³D!àÏ—I7Áxš:¿Ðîw©ËDÇ`3D»Aןk­2ªQ�ÃmåÕ‹®+¦Ïí�ì§|÷aŒËŸØXUÐoŽ.ÃèÄþÁÂ""Rÿ'W_^ñwŽ„ñg+"FËZÖýé\´†å,OVåð¯dA:]‰“Ú̺A¤c2%þj:/ÝE—p¸Š3ÃGË
Á7õÏüÒ±qó¥êŒ/è:Æ°?t1¸UW'ÙÆ�VÑ°Xæš©æ’¦þö*	¿ÏuÏô¼é{j¨ïÁà#ÙKC;Á&âÅëy
+tËÛ_=4‡È”åëUÛsíT çØdÉç=4Rs¦ÄÂ�Gì÷¡–Uf‹Ê'š¨Gh`¶Ð/R,7‰ÍÀ~°/§©·£qý?�†ï“ÜS‘ݼ£ÎÉ¿
³6
+º€hj–-„3Á¨¯’õ¡½I�wg%¥ð9¢ñ²ƒ(S6>Á“,o•€ø«©_Ô
ùa0O’ŸÄ0‹ùÂl9É?f‰$yî¢H<-ej“Ì>–žÀôI}¦½U×®ØnS×›¦[g1ÌWþ²ÖD5›Ï:d缆mÄñµ›öoÕØ!Âî3&SÔaÎ;~–;	kŸŠÃ2¹a&²Cƒ/p’ðOã¹<BŇ*EÒ
ZsÄ"W*â«·ë.\û«¹?˜7tx¡ÎÃþÆ¿˜!Gòé>ÐqŠ;`ê.yb’P�&’.Cš\¤—cZI2¤Ù¤\/w±p,Œ9ôÔ&š£%œ@&Öùagµdeñ©FeÞJ“‚gaþAD›cå+RsÒŠÁ([ö7´/F
—¦Ï¿¸
°‰@…Ä‚¦:g”à–¬Yõg^Ðmuù
+áGÓ+Ù‡ ïôÛìeüÁ¢I¶I©g  M&ú¤cͤw_Ä€¾ð!�äs†ïÔ¹#©,¯ ¦¥ÒuUxBªð¾AS,–¶Å‡«J–UÍXky¤\¢¶¤É‰S'?JÊ÷÷iTC1•Å¸=‘I$¿xY¿ù{’më”D¬7xÞ!³ç’#€D³®Båöæë+
+Mò÷q_ŒzvbdA™PµÈ
ù'
+ !ÈÈìªÀªÚqœlÞå–JfSRÌ5/T†
¼­Ûþ
+h
+ŽH»�ý(Û74¨õc8ø �$(â¹5™š¬Ú?-Ieäd’}­÷æ³|+”³ÿî„Jè·²ŒäJíÁÖ™Ž=w¯Ñõûœ¶?Ô;ËÊŽà#Dï"%#ne­^E73¢R=|ã%…,5Ѧn¤ªCuÖ�±¢hŒÜ­Ú}
+_0@ò;é‘
+7ˆìTXè`5¬Kµ~>õ¶E+BÎÙr6!¾:—>i²• 3"”¡$bΈ®ÔåèÈÌèj±rào1¤®TEò
¾gž¸syçHÖžŽ»^(�—,«;ƒ„–ºÓ˜@‡‰aê.Á _˜ÓSƒØŠ1öXÉÄÞI›ãñƹ€(ËEËÆG s©Ò�ZŒ=¥â‡¡tÀ¥†)‹çk
+yfmŠâÖ#°¯Pî~èáù»—ÄWÕÜ£†ÊÞ(ò¿òm–:¹Áœªýˆ)Dû®ž36ͧ"Îx[VaU4 =Áñ÷­VðÐç[YÉv�3í®†‡qþFº‚Ó]Þ&¶SB*üÑéühpuÌÝ÷Ñ®�xŽ#LBÀ)ÉŒgý�Ÿx
+@\oˆÞüÙlÿcJÌq)„@*¼®¹~ÏS¡ã$3)¾|rI\?û�Älz/¦âÖaRÀ'Õ�å!$A‡¿•®Â�~.Ô¢�»SÂäË
¿%ï4çœ�3xñUlä�ê²Í·•\³»Y„≲¸biX—»
+0˜Å�Ǥ'àŠ ShÇóB?!]m
+åŸí`ÄFu_Éc;`8Éd+‡Ð,¡„u8êÀ‰Æ
Úi¼áí?Áp¶ViB­ÄJÿ­2¹å‡ûáPÑ™'²[#,ç¶
�ÃçécæÝXKGÑñ
‘U2ÛZu½Á휞çè‡ãÖdÄ…2ÿáocÒ#ßÜüZ?�é[䔎YA8¤-ÝY[§Älô~\Õ¥ê䉜 IT™ÎrÈ£O½ˆ³…é�Ü«äq`€ña*¶Ý·½µ»8ú
+7Ôš·P
+åÏت3Ú2Ow²÷,Éûë~K•šc¿ÕÝ´Á—Ä!Ò{±×/U�£x¡æ7ïð:£Ùtü¥Ó£L®Ï«Ql†æôïO0ÓÖ}Ï[·€ºsý}ìçcÏU~üý\ÍÜ™©°ð69´}G›x©�n:Ñ Ò+¶
WÎe`ˆª¿%Bxý)¶ Ãì^oP±2¢¤èGd­¢PTýå�=¹
kæ=/¯Þ†�$WEJfû|G1¾ÿæûeºßÕŠp.xˆyôÞerqæ*7•
+T0l�
©UúW£#Ⳙ…Í©(_�[½ôfß±e‘ÞÕïíR÷E¼±&¶@ z�‚mÏ{ÅNV.»ÒÌô=$HÂÒ]¨ÂM}dX«ÊSNá=y“ÿ¹:¥–Œß!ùîcWás6 é}Ø`ü@Á‹7q’Åö4çŸ	®î_r½¢
±¢
�¯Ò7bDD‰…î8“[HÊÞYÊu´–ÆUõ7ùæü}˜®’ÎVz,GdßÙñ^%Õ™ÿE&¹º W–÷ƒf·RX"—ØÊÃ4�ÒËVyŠæOiYS'i°‹²‚¦=hüê¢Ï]Þà1ÜÙ(8F´âát«ò¢=a'¨œä¬–}¹…P“Kðf®˜�a”]ž´.Œäoš
+:‰�§Ks=Ò_ýÏ�Ù¬bÉÖ�7ò×ɸ
mÂÿ†7éxáêTí‹Pø±þÎùÃG'1ú–Œ]æOü”�E¥®VÌ7U4°{”‡5¹æI‹#7“¯#ïl·%x¢-B¥·ÞíïðÛB '�5ÿ1‹ìÐERDKwÑ°úƤ
;Fù9í/¼ï"Yž®-·NvÝÛë.Œ¸ÔÿIoÜV‘÷kD&oÔ8¬Jèr&Ò&çÊâ&)Äã£ðñÍì¥2\ñA-{Uì~9ŽF«îB#ï(Æ�ÅIÌ/ÏúòAÔ±`vÍ ÷8νŒè+˜$Íp
ý@†R•\$A‘6ú™ýùä­ñ'¦J/ý×%—Âä·£#¾`Þ{‡ÙUcúIx[áÙ¶ �íÒì=°3šiP°ÊSŒÔ¨xB�Á†6¤Wó
+ìu½£ÊæDÈ•ï—¶lŽxïлaë6,5¹¥­²°ÄûÀ$7ÛŽôåýUõk®%,ÒO§÷†û×Z ÝôÔÖOøføž~´ç�gü®Øg!Nï
oæ'Ujñ»éª¶b©ºó'k¿Ó¼DDùˆ0u3]ÔS}-°ÊœâºHóª~
1½8¯[ÈZŠF(%÷‚áXXÐiîb"DõrQ>ÉhúÞOòÉúû‡Éq/aFy»ý ›ÀqŒAŠð¾À0§w‰M†9Š²cŒ´ý0e†SØUÃv
t<w#í^µ�4e,?¼ßu¨2iÿÜQçæö?¢zévÅÔ6['“•XYé£ôµ	lªN[îˆ.`¨Æì�ûëû–vî4™Z@
Œvqõu„ÀáúðÚœçü×àý÷zþãÛe=¬WÔÚÁp²#¶Œxu–'¡ûÏg«’œÆPšè0�MàsT!×RˆAä‘Q~�]š-n‘˜p+ù/=«‚¾‡Ê²o›s�¸ùº^цҡ:K)85úX°&_B:7{?¼ÛÈÞ‰©¢GûR”Ad£¨Ô)úÌ0˜èÉ•�KÍvº|;qe®Zíªö6®Eùä
+S™²q{÷Þ;yu¾ÁêÊ’î™ÅuáÔ�ýüã—M`"sp
+nÏô/›+G¹@¥,KhÑ*‰S0§BŽ
HàÏßO¼Š\•ê¶ìýÉ�%x²OZK1)ˆ<&D/:¯Ððy]dD+�=ÎÐÈ}›-}³Ë°»«qˆÌÂHä2çšÎ P7ÄP{ÏÄ”g')l¸Oa‰¬Éyf’ƒÌìd­š
ëÓi´ü®ŒµÃ¶þÕª[œÉW)ðVm™î¾3ß½ö‘DY’-·A‚`©ج­Ñ+åáADèSŽíË8zBâ¾nò8áIqtõ[ª‰ud¼üF¸
Y!¯�Öqš_ͦì7­J�ϱ³ñESÌt7#b¬@Ê¢‰ZøAGTØí¤„h¸ì Þw*ÞʽÕvŸC­Tk®˜Æ~æ+Û9ÓØ#jfì	ãk¤©0ø( @Í>ã²L(¡ÚîŒ~Ö•–R°«"]3Ð×߃ÊÈ\|‡®àü{ŽñÜzŠŽ±[<ÅA§XÖÞâ—Kîë‚Ã8×c–¸ÈØÍöF#
à¯Æ?J'6	D—ñd�à¡îz…/÷þÁ”b�÷ur¢KQßÄÞoè–JV²¼ISÖî%ÈdWâUåÎ5ÛºVpðiÀöcÎfиT¸F¦5aâË•O\òØóå<ûYà3E6aAÏ1_Ûa&LM=±µ±P&xn
é;}‚®\€Go8Ê•†•9€*¨B£°u‰³Ùèe[áZ…År rCˆXyø0g·# ú%7ì«É3¿zQäõXªn‡S”èjæ†Ýñ×.û]0˜ê�¼ür	ö/ÒÂÊtDt�‘¤úFê,	Š�øŠpÕ¥Rïöæ‚7è—BÈ�ATC¡w1fÑVÒ]CJ¤©wæ¾`ò’±©6ºê‹ML€_mdâȹp‘CÝíVÂÆW4¼~IêP‘dIZ›*9‰ÚQkä³.uŸÔgÅ­Ì"âg¿w2’1—wišñ0?»�z
+‘s=}@~ùŒo¯ûu1–õG54ë�”¾ê”è@²ä¶ìÛÊÆmDœS6Ñ(ñ:b>+÷[}ÞÏáMÃ^–È“Ä�i´Ÿ[wr×:/dš\ß³$�u	*rû™dŠ
‚X,ºÚïÝÂ;‘XÁB…ªk�\3A
+p¬þ4‡HàѺ
mYô‹Õ
„Ò’Éö߉åhô%Qìi8*R8ØåÞîåjLàÜÜ”S wù%ðªß¥Ó}«Á5ããÁË°EÈX­6~]V	_Ú程ˆ]âËvhÇ•„Ûäšõ�d¬œG­ËMÍ
FÏq\”¼Íû>‚õŸ–Ü·‡½cÂ' Ê�Hu7Je~Ø.Ï¢Á¼'ãÛ&‚^~Ó°E¦hµí)Zk±²i8¡ÁêVÌ�¿DÎÄ‘úÖ–{‹
θD€iOê­¿ý–¶B>ÇœðM®Æi¿û
‚wN�øVpf±p®Φ¾).=…�¤!]ùo©›¦~Í{�¸ÅÄ­rË
+ þÏ$C�ŒÀ*´Î‘MM'å—ÐØö�‚2ßPã_�4H˜Ñq×Üñ_À¾»Ò¼
+)2¯öâǤz�¶HTJP÷7XÿÅrR[ÛÉÕu}Ÿ$[¼Pՙ€ù,Åhy×Á}ò
+ÄY_ÓšwUã_’8ÊW]‚+N´¼wÌ»ì›?³bœ³´ò`ÏwX÷@î‚9œ€°}É9 0Ç�ü·Á1Óè£6jøjjf�ð䬇ïë¬Úîõ$Ðl>„Ãá2ŽWuRŠ¢â£?¨GiøÐâBÒԨˢÊI™~û,‰Áu“Ý^ÃÿS[J²Gw´Ûø�9Ì%U˜ÖSĦñî‰�vU¸æV½ò9_÷=¥‰aß4€Ø°â$
+“}Au2Š‹šìŽ¬16=¼%€AÁ�âÔ„
+Ü$Yv5€HTS=_À'À‹o]ë¼…hM’Ù6öU­µtõYåEÖ„
E¼e3¹�Š7¶ì\áþ*kGéñ}¸w::ŠýÞ*ŸŠõâV×nqöEß뜨¼ïúÜÎÀì/i^Ù4eÜÁÿáö“8t&©=�L>‰gÕ¨o³}“ŠGÏ¥œ¬é^áöûëJšk4´&þ,î?o„W�Ú!éíÞ‚•ßO¿i9…i—9?�uº‰Î^ú¨ë´4ÜMk�ïÓ¿ìÈ(UÄ7�*òÜ;ž}Î?ûS'uš°ß·á‰?À5£r?ƒ±‹²X¿á¿ùÕ}ƒ_6η'¸#6q/Õ%¼(‰~õ<0†Mp‹³w§•!nM�›b.²0tÅ_ÏêŽÀöf9��yÅ
+¨í¢¼�Žs`VdJ¨C:V îfήØN:”óÅ�Ò;vùõLËÇ,ÛÁÅrþ¾ïûo¡ªÒê>¶×›äÌE¼*d#Ü“�VH‘}t�÷î‹ZÐ`}tu9E±2NJýõØå¼Î
+\›TÞ{+ *ÍX/|k]`WÖâ¶" ÅI–Š¹ŠªY(¤.üðåql'�ã2ÿé«š‹¹g¤…|ºýé.büäRGH4{œƒg¾ŒµÑ‹2kÉö,dÐm;‡ËMÖÝ>+'=Þd*¨”øòÒûKºa´è‡¨›AËQü;CÃÌ?n*¾öÅ°�OÿT¼Ó"ÊÑ´ž`é”çÆeÔ³_‹×Uò×’iŸæ³\(Ž®v3š¼|sâ4³ ‰vêôÏ
ñóoi¦·aó�kþ“BL£�Ì°I‚T¸Â*á_—¨êŽ­’�h-©®¬t4S¯º¦ŠÍK„`4ˉ[öÇGš;ÒùrÜ~ÏË8\
·ö¼G2èU0¿
†Y�èˆ÷ÈQæj)^
(~¸÷ÎÂÎk„¿ S~Ï<M�AÇ8A	—˜l‡%Ÿ¬æ@ǧ»»…•î¼«µ¥AÔµâTiBÂ$”|Ï€Ô­Î"X~?=E2ñŸ¿m�w$6ñp›õøöþ¿ËŽFžCgmHE<mØ*réß9‰H}3bKÚVb®}S^PÊ
+8(<¯¨ÓnèS¾$wáTkO‰%ýঞ2¸]‚ÂÈ÷Ê@}Ôìf–ÆLÃbó@Ü*•’é‰$³àsKà�yÀ¡à<æ»uòº�áŒ	Ófù"Us¹p¨ëàE+°7Û?%¶9~sŠ àÔÔ縶WsÐ�÷®¼PpÁHÌ*®B¤ïö$Ín9¸ Â]HHM5½¨ŠÏÒJ¤×(Ç©°t±$^GæjN܇­z¥yé§�ôÄpéN-ʨkÝÁƒŸ‰K#ª4%£_-‹òäÚlÌUÙÂ…é ði:J|QX€ìEˆYZÁÆ@ý<;/¹Çò‘>ã]îŒ;Ç­‘Fº`«}jT€¡Kù&óÂë׶\i6yÛa…S5=>ç)8~ó¤¢me:Â,øìPQ-û‘É$_Rù�ŇN'åxU4wÈÌ‘G:x¦Qwzü~ˆ"6¡í±2[rõp¬ew6cæwjB+e~UꬶaBÏ7Uú�#/½Š¶"ƒkO½�²¨Úì2:kgCý·æŸPƃ7È›²|Ý…‘6[Äm Kƒ S½©;‡!kк0Ö˜ò奀½ZôÞ
ÃþƒãlJ'M
+Ë%bF0ñ áÍ~­Ë}ŸkB~§ðQóî–äx/} Ôä°™f	›nîç³ë·¤Û†4
ªŠ/3�‚ó!1ò‘žâÓl‹ cÁê¨s�1W>®àËH=ö2L¦1q�wØ…§Ø‰¾‚Í�jv+z“ªyý5�}’mÔŽBx"[ŽP艚ž7I9ŠNrã+átYC
ÍÎ%dåp½nÌ%ÌóÅÿ@¤PbBžÙ#ñ",GÍÍ­�ÁtþnÍ­+lÙ|¡6ý.Ç\¢3æ'Ϊ±3¢0„ñv'â3IìÛö§Ã
�ýDQÙnpBøU³T‘Ž$¥Ÿ½[Wò#Ø:ç$//{ûs6¢¯ººX»ýz)JÚä‹ü,+ÿ،ʦõ½{WewòÎÆÚ÷aØK¹»§W6?câYUDÝð	QqÍPÀ)W*q¾S}êHî#£6xñÒ‹©âüg›3òF¥&$~C°`ÊÈ=Cµ $7øÌ~û§•ˆeºe›3|'ÏÐ1¤LSóØÌÂ~êl+›È驹3“ýõF·hÈÅW+o¼#&Î~�Ù¢%‰X¯ÏoÄÞ¶ îqZÀœ¢Š¬-i8Y¶&ðÕ·tì3ðƒ¥	4Ï�¨ž‹l2%kQ7t¥vÁûa¾½¦n²Ÿ
+eôˆSXÆk<à‹¡Ê^5ln&—"§ý>8Uw*L%Ð’ŒÄ—`óB;5SFÄTŽ÷ÁÕðr%V*ý{“Q’3ÕOL¯œæÀ²†Ø*»ä‹º¾[ð6)BËúÛÝp_Ò‹Û&›áSòà±aÉõÞËëBnrà’n<p{Ë»#0WŠqÜ·l 0¼ÁÈó
‡*ªF«µi¯z7ÉÏÜÙŽ¦n…×Mm
AJ�Cßl„7[µBë%
”«Ø×E»:^:
HD¯}$Ddäf¤Óä—²Äg¸xÂ-ŒiÚs=X×kß,'…lÓ	Û«o5 r$ 4öh˜·óU(ƒ[ð’©øimägÍ™S¹–n}”kK×~/¿[eF¥'Ÿ^iTM=BiÍ®²l–dWg)F±Ø¹ye´�…ÑÌNŠWlEïîÌ·9­†ö(·ž¾KMY»2ªó!vkÿ¿¢<²­Âi->2ÚÓI¤¥Ÿ\nT¬ìuîòNž(mãqÉ\ËN¢“�fÞŒB”½l•b:*:ymkëÃ÷ÄÊZAPiXå'uÎÒ‡ÍRuŽ²´(ùC¶†×jŒâu�½ÐÆ
Šl±éU•ÎR)NßàR[X'?1矅Bƒq'í8k~džô—Q$kªé=†àS,êa"¯Á5™î;.'.nÈf\e
c< �vÉ—rÿær>Q‹g‘måûaOB§{&ÒZF5ÿ"ë;ÿwוÇÓ?ï¶j/Mö�ÊÅ+þ-rhʳáÀôqi…5ú…²$,?W‚CŠ$ãxÚÔóîUó®nÜËŸ›apÀ4f™tÈr.7§ÙÂr®9ÖYn¯„tW~
{R4¡ä6sÙ9{–¨7‘y#d<—ë:JâYô>yo[Á†€®N’ÈG0¢C^Ίݗ`{ú@v½�´N�ú›»îÔŽn4§?r¼;ݼ›_Û2¾¿‹–¸‡‘ŽÑ�Jv[pj§o’
$Öî|F)°ÈËS†9âÒ÷×��Nuå¦vÆ/
“fÇD›õ'
{8aqbö”w¿­Þ#Þ*I®�žXÀkþãýbdCñø:�Z룒ÒÙ¿ëpMÊì0ÃìŽÜâc[ßüøå4;µRÅ1è”ò3xq¬!9þ{�‹¢áZÞxóA>.%ºl‰Ñ-é{i~꼸½Ù÷›B	¨Z‚»¿/vûŽYb ºj5sŽò™¨èÔ±ø¾Î;|=í2«`Ⱥ/6kð¾ñsØÓ°VtÉè87ΙU^$²Ì—<º„ï•Ñœâ.;¢ôù­
.ÍÅ;±{Þ
SeíŽùL3é}TFÚŒì|,9÷cÞ.ZLoV¥Äáï»’t³ÿZ§Kâ2îOj•fù'£ÿØž6¢¡·ÞwÍú¼ 6¯Ý´¿‰ÕêSN„ªÆx#ü¶JG««nÒvðáÖòOÜ÷¨ÃÖ(Ïà¸Ø\�L¸Ý/‹Ÿ‘cñË�°^ B�÷\|ºËB%wj�ÝAêD—,j�ÄZºÃ|RKL¢6aez¸§èøvÉþ//Rç.�TR™ý’¤s=žÖ|¸Ó@ÑUÙîo
¥
ò­\6�ì ç®êñ_ÐëÅêÚ5p•ï»ÖÒÆ�1‚ÕíDÍr.µy-ÔtB¼°gÔ4»µ¹X�¥÷U”d1/ñÙKªDÊDÉ#ó¾"â_û|֔ݦÃ+`Pû:œ‹Pq�Äp¶?)˜üJY“ñl/õU¶£�Àv ·z>4
‹©l9°úŠ“`c_OXÚö¹©b›¯úó¸K/j·¨­AA-*h}EñS§;Ñd0É _|®\&èk£ŽîTœÚ2ZCÐZd�É•±lÍ
$ÂÖì
ž»•H’‰UtbÅ&Iµ„<÷ÀÒ5‰÷Эž–Š—L™ƒ`2‹×^¤EE¿?ËÏÁö'â
¸°Ê†ýý8+ÑBÄóØñÁÑ­í/WFŒÕ[L%ØmÚÁÛ[AªtQLý׸si.øfF#•2}7Á%
+ÿ¤¯�š9!èÅààRÍ�Ãè	FßÕÄÌÜU‚hr¨‰ÑÞÓI“¡6óÄ\×xøY"ó›ñkåœ*?–Ï"Ê.Þœ<î¢ÏÁKYôUÎ�wº¢6ŽP“´¶.˜¥=ôï¦Îc¼§ý½™ÚZ�õÑk›ê"ar/O?;;u7V`h÷¿¸ù¥ã4©«¦'Ü`[“‡_F8ì~u#-ÊSsãuЙò‚ìÈF-1Á!VlµÝš�Î$‹N?ÒXǘåVI¶ÎêIÂøÉäøÝNÀc(õ~{â²vÝÕé÷âUN0y_ŽÛ8a]£j
é:°&Šoífœ­'Øn+r¶0Áiž÷ê_zKKC¬åMxõ÷5O}Ϫ°c¸URX
)¼„…XŽ©!¾ýÂó}L`“{ÞR
ÕÚ`ð@{=5T|v;T“{L¹T£c8« ÂÑ�M¢´¶®µ|sœ
™,À¿¡S�!A+ÑKð!¼…µ%¤kê}Óà{�ÅYÞ5�~]
4%2¤ŽdôÓVÌIk½
+dïþôR»9M#îп‚¸ðæ?ˆ»ŸlDø&\J�x‹,ù¬¨zÏóvœ‡îÎ,ð5y°9ùÕ¯8l6•�>\¦uóm9³#rb–,Ü—©Ê<ßw
oêfG³¶pëG’‘Ê°`‚¡NT�0EP½Háu¢Þ—uW OðWð³Ù&#FùÖÞ9^ZÐí{¹|=åÂ
œt%³hÅ–3€
ïŠ3(¥k4ºñÞv†™¢˜�›íø.=Ûx`	ñ Ä¡R/Ëoò¹Aê§CÜîcº°àùE©!ø¡–´—BgSM�±«ýïTPE�5�×Ø2R;`d‘Â_.çc²&²34ä 3ŒÈyö”¦T1m™ìFWC\ª P•œ
Hé9óI/–\A�Ï“Ì“¶óö[{kå˜uô—€eÁ¯û-™*9Sc—&4i¹ý£óð•a¦Žy'…ktÆ¥;§l�‹N¿ä�­ÿ1~éäû'=ýv¿…WB–ߤ“¼ú'¦¬¢q#	 ž×@ǬJÌAÛÖˆØ�9²<‘¾_+Ë°s=zuüep	É
íÂ�±óýž§á·.ò÷*Ñ—ûêPâ«c™N@Ÿ ãÛŽ¢™ëµc*{Æy¢ªã­Íð-Dµ"j¹'"¥£Gß*Ä_…ŠEɃ՛o|ø“Iߌj�ƒÈ1,4\� :)¼šs?±ž‹»
+#é@ËåÂX\‡%7ñB1óEC¦Ö$ÉJx\1“)°(ÝÒ™a¶E�]�wöñ-^__
“#œ�C¨Nd³Þ;Xqæ�åAqšUá2†k…•„ðå[E
+Ê»ÇZXyádm
+"(œ_H\=†
a´�n21ÜVbA·µŒ˜‰È>·<úko滉0ÒªÙ!ë^zj
¬§ûF}Æ–ð1:œ¤º’¥ÜR/"t@ã±Çëàù�SU3@÷4¯­õ$³øhòt)�‚ö��¹ûçŒ&ûÞ5¤R,Ó¸A ù€X FåÄK
Š«÷°=�.^è)ż$'ÉLkŽcß^
£Ñø¡{«æ|÷ƒ,š’ð¸emuô âº< ü‹ŸNú vé½nHÔvé‹ÝlF¶E	Ã÷DËš†[.ÌÎæëÇ 8
,&•U¸Ø¡ºýB,™rŸq´^Ô¿¸cH%qÖ¯³›G(è«-¹[r±ýÚ<unÈyèƒøv ›æâù“f,Ê“õB]¥õ«ßÉ·RªÝËL(ÀÓp¥Ùü¢4äm„Á^Íï%ä2?ô¨gèšt5Êó­,O?•lÅ£¾û=ÌÔÜ
iózð@¨pçº/­ðkƒVú1}Ò‘Ê×™ô—ЯÍÉËBea·:ê¾f}dµ¡9 l¬L¶C1¶À÷U./¡fdûY,(#J쀥x–8kœ%ˆ?9NL‡Õ(ÑRKYÕ×¢9¼Íöô `ìC8õ‡èþ[2)I°à*([“W}õÜëOÑv¯¤~Îú;úÖéÜù$ÕµN)ÐîÇ�UÔWÚcâå°¤k'€ÆågòÎê,èá®Ãy̹`ÂuË6{áŒIºZŸ’Aå$
+˜0-�®P¿1D„7=¦O¸ì4N«Gﺄ‡uB‹Ê!hF¡†qP³TŒÄ³L€ÄÖ)ïgã–’…"bŸ{J,Þ¿<O#D
Z?�°]‡’`*qëøøG	aêcÕVGÖÒÚÞ:
³Ü3¶¶ꨎws‰3Q7#ÐÂd&`ƒK	:¥K¬@ê´§úFª`5Q¿IĶFÙIq›Ó"¥ãêoQGáÌúëcNÝŒ|ò!Oÿé†Pø�M—o½#ç#Ј�w�&&£ÃÔ	Ùß‹¦
ŒèJ«�¢
lñíÈ)ñ�Å�Ú©�|¿#­•[Àö¤¢—_$œüU	`E?¬¬É
+ÍÙ-Np¬ã…'¯Jóë°lC†‹x.œƒBpùSK”$·ÕuŽ7+Àg÷ë{GˆL
+N¾ÉöE-4s|SÞùØ#N+fÒ ±ûñe¦;”ü\_ªVéJuºÔˆ!‹Ú6‚€Z0”8v	²‡›Ð$\-ÙÐHô_/˜‹Ìp]cá¼ó fq™ý´
©2ßtž¡—Ë,Ð,:µ:I6œ4zVþ¾‘}dÌ,KÔpðe3ôU6Z—6ðµ…ÂõqôWó\bM³kë/‹"Áa9ÔÅ�ì£ØŒûdž¥azáN>µØUæß)šÿbÍ›è<ýð(šò¡ ú_6ë�9�r*ZáØõBTI_
�)ðGï >oÕ©±”ßL>úØ7l7sÊBg¨v-ÂŒ”Ú=á?áÅo[Ö«EÁþ¯Mù+²"=ñDîO�Ïåb+ή·fpwºØ.Ö´kCì¤]^y\íæÇg›Ûm;y*ò}÷Gý²Ä”ý‘5ëêw¼‰Ý\|ü
‡ÕħV;¯Í�×t1[Äf�ËßMVùcŸûÿÛªþxë#Å Y‚ÿm¯8οùâÁ”ŒY%úö×íÙ7W-(æÒœQÖ{8ô¶©tñµs>nó\ø)÷{%‹RVbÀÄž:ë{ŸÆMÕpY³ö�ð×ã½á·ÓίXóÕyS~ed<óB?ƒÅû­ØUJÞšÕ­�%½dI”öêó…7E›´=óÍTر”QøñWÆ´ß1ì¡ê+�G/Z¶uï—Žð¢ýfÏÄü~»õ¯¬¨´šÊøë›çǾŽ�Œwf	´fõŒøa­Qhx?öÿ*Ñ3.•¥®Q†…
É9©‰E%ù¹‰EÙ\\É+X
+endstream
+endobj
+16 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-4 -235 731 800]
+/FontName/XMGLQP+CMTT10
+/ItalicAngle 0
+/StemV 69
+/FontFile 15 0 R
+/Flags 4
+>>
+endobj
+15 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 719
+/Length2 15361
+/Length3 533
+/Length 15915
+>>
+stream
+xÚí·S”/ÝÖæ™væNÛ¶mÛ¶ÿi;s§Í�¶mî´mÛ¶mô{Ω¯zÔWuÓ£ïztD\Äœó‰gýbÆŠ±ÈˆUè„Lí�
âöv.tLôLÜ„"rªªLŒ„LôŒŒÂ0dd"N#K{;Q#7!3¡�ƒ!3;!#7+ó?¡ˆ½ƒ§“¥¹…!¥Õ¿T„B¶'K#;B9#€í?&&F6„*ö&–OzBB!Bå]âL¨p8¹
Léa`˜˜M-M\�
æ–v0ÿÂ’²3³'äøOÚÔÕá¿Jn'ç¸)ÿMJEø§©½��'¡)À†AÞþŸñÿÐü?û?pýwsqWy#ÛÙÿ»Yÿ[ÝÈÖÒÆó(ìm\]N„rö¦'»ÿ.ÕüN`jéjûß«R.F6–&Bvæ6BÆÿ¤,�Å-=¦Š–.&„.N®€§
v¦ÿ�áŸÎý›€ASNBVI‘æ<×ÿT�,í\T=þ§í¿äÿŽ™þïøŸþ8Yzê0þÓ`¦„ÿìÿu¦÷ßF³3±7µ´3'Tq1²35r2ýŸ‰ÿ�JXØÞã7+!3!!'#£Ïÿ*S³³ttH‰²122r²0ÿ;kâêä°sù÷<øç~ÿ+6³ü§9€ÀÆ_EIŽò’r�Ý ’œ2pá³4< �W�ãÛ†oýÏQkêžwÅÓˆÀF“5Œ7Ù'r“ÁéCÕÇϤŸ4']`údì‚ï¹Ôz×xB°×­:¬ ükÝÃZ:ëg6¬¼!!RÛL«z¿@r,¯6C7«¦�†KX³¼Ògex‹)šâŠ ~[ÜâCi­‰Rš0qÐx_ó”¨íÆÄÚFæOx°¼‡¬õgèš,‘«°3„8­:ŸÒåMÅd*ó-“¾L
+I±+­=^€Xh2|<,¹h¸÷¹/c½º[9G6wüP`e¹Œ`:làv˜¯¿>\´ä3~.ýz¯N’üá*”|ßÒ¤’WÍ¥¡ç0þ…˜ìe%÷¼(o¸·&E„›ºóhí7hÒ§Ï_¼ÓÃ'RP^Ÿ{r]uQýan<õä0üü6QȽ©–!uТ/0_»Íš†Ùu›„Ä”%liÍÓ¯>�0Æ·5Ã’ý…wÐk�§“ˆª`‡N#Ë`7úˆæÍŒ�ßj€á¾fF�-GÁ••Ð€a�ù5ëêÒ8ÏsL™‘\¢õ¡{Àãâ%õðo”âjt
ðŒ­ßú|q’L¸„½bâ識åÜli9€~`W‹ðŠ6_”±0„1;ÙK.àsÐâQWÑ�“9ËŽ±¨W§YO;Ìl‘äd8ŽP2Ÿ¨]«f(ØìÄ&æ4fW©²"\ ‚éBKXi~±ŠmÓ÷ñ½þFqÁPبаÚî¯.iUl'%ù“…]Wê‡3«ð1=¦wô™‚[†
 ðz@°ˆ®³ôÆ$!G�Ávéiç&
+œÃ‡Ó‹ûjçÖ£^[ðäêJ-M�ÞÍ€$ìú_ä¼›û×ÚÆÝ^-ïÄÜ¢ÚPì=G,æï»Ìo†L¯
Ëå?ÚçrØ|:«ÊLõ–‰Ïúye$·ªÑ$‚yΛ8‡e¬~ÙŒ%"º«Qðõþ9‘of²´i™¹èa¼@IRÍ”2!ër×HcVàíATk´Ï.ËUØof?¾á%†’ÛWàl€&ýç®Öþûgæ×ÄfQúb”YP)9Å‚Pa¯xòò~+P,èo•÷`“V8�/›½ù¬PÔ˜NÒ^Pîk§­9­ûÓ’O$
a‡öimÎRú¥®¤UìÆõÛ?]£G�–êĻԗ‹@ò¶²ßN*²ÅÆñ?Aì8Sm’éfÌÍ[R¤é[(ÄNˆ¯‰	‘ë@!ûµ~*‡Ór62ÑK÷»èàÔ`ý05ÓQ
µ9¹,¦¼¿J2tÊLçó�‰Ë
o©ðN‰›ÛÑÏ0¡EŠƒª‚›óŒNFûÏï…×hVšÙožcMç…äC…Öv¿zYø~Š/³‹ãÜ8˜Fs”«¼Ù×,“Û��P¨\Äu'öN¶`2ÉåÚ©RÈú‹—
Mú^“õhå	¨‚;óÏ£N$!äŸ×²‚TÏT¦
ˆºZ&J©IT’º‹òæš}§Ž"J´_OŠßeÂÌ©—4V‚†m÷æðaÐ;È-IüGç(Yݽ†]… à¹×=ñ›±�/tüÉS}‡ÒíœåU0hØ';¦Ý£�ödÐñ%Ÿ¯ˆ5öw`É15IÃO69êcÈå"(•2Â/÷Ð&ü(eù¡öH˜3%²Y¤ÕœlÅZÞ/®a|ÇÜN¯NÃ"1”õÌD/OõüœÈGu�í	@?Õhü·�`–€â†ˆgŒO�z‹} ú�Gd@æ~6Fk5ëÇ î’÷ë�zˆà¨Ó†K½‰íoY¦UEn˹wWõcù} ñ+ñSm‡š#©dñì×ê_C¼…³o29‡,Êei³�
ÞuSx.'Ë®œ‰l„SiŸß‰å>CÄùÖ–€–¥OFVü	~ÿ4ÇbôLN”O]¼‹ý58‘v=ÚKžT:æ
+ìDWx›QV.ç�¶Tº`s˜¡ñ¡Ù¦Ý]¢·¤Äiªš¸Î¼	Wð¨º"Ÿ÷ãÑYW0ž/çˆøþ¼Vؽ Ð•’÷×Ü‹ÁjTj„óðà‹÷°_â~b¸æY™á­&!JytA ÊëWRË:–y êôß'sÛÝ(3<{(N¤@6‡MrÐï
ì.ÙüN½,é^ªÀÀD·�øÊ'–[DØ{Ò~Ï%%·�%f>/þoØ›Wa–¦Òkr2�W9WÐï8h±�¥M­FëÓ`‚î-ÏìA:`É`¼ýWôפê¥Zœ»\eµÈW¹£æÄPøWÔm7‰/!d­e�´:»¡9æª_˜8ûHÆò©¯Ð60ÄÇ
èPqÙ@å˜g°"ºÑas ü‚MÖ
+h®tÚ‘½XAn`9Ø/Ðçì
+rýX·G�îÓy Ös
|nˆ´Æh6`ýZ?ò¯Ü«;G)ÈÞ‘� ¾ß/¤WÀX”ýÓ—�eEMEþZÚÔµ‰ÄœÀI);'-”Å{øs¿‚uóô¾¤@NDƒŒm.Ol<ª­R8èj$žÌ‰í‡`”�ÐòºÈkD¦ì|�¨decÊѹç8Á±–3©øDGFi*ÑÇDàRÓØ7��et¾jÛâ�ðÙ=²Ñk´ÙÝE:`�oM">Mì’SSyï
0μ4¹0Ì¡>—i]ÅÁµŒûù|ïåOã7ÅdÒÉG|æòï]ná
{m?Ía ‹³àèå;]á�û×ÂoßÈÑÛL^¨Ú¤0µù¥¡Ý"0 3§‘‹óöè™åÜLº
ùù•Ê¯lÜ—çÈïø²onJV^Mâ–+î?wsV,T³-ã2ÁM…`>œu>7Çp@ѧjmϺô1å�Æ“É|yyÍnY¹½6+FkPÕó“mÀgI�˜«Š#ÝÚߨÊΈâ#KÕ“ÙêqŽ KH¡9ìC>_/EDÖt(OôEXpÍõ^»êuýÅÜîÁó+ÝÛâEVˆ1@OéÃá1e9{çFt]ÙLtkO{ÜãO'1}yÌa@Ø·Gé�a*p€$­šÆ•¹¥¾¢§ÚÚžèüF§«¨9æž�(5¨\E¶y¨Í@A\ÕŒ¬êòd™>‰k(çÎ\Ç$ŒÒ*�ïÒ’ÀZmÅÕ£„<k9�«ìtæØ€§/ÊŻߛûmû-&I6ßRþwýÛ/ð]ˆ(ÑèE8ÓAúo›Jj„¾·?%¾v±› ¦'{PÞ]nÝnÞO°ÜÞ�Ï9�o\]Oæ¶$ü•0«®Öw¶lš²Õ�»õoã'BqbØûNòî
+W� ç¾t0–5	°ŽÂräÏŸdÄ�Ò½Ô/ðŒ�Ž�ý˜?mÇcÂÍìûý¾Õ¼´)¤«nµèu©ýtT?ñuÆÞ±M+Ãw¡õ™·â&ù¦Y�ŒÝ£ªãBÃÓ¹]ä¶*.�ˆÇŽ´aL¥5-ƒÞÌ¥åVQùÐ�Íyßþ2Ŷ�èA¡_Õ+zU®›’c?‚ <tâTö°­XŠ³ÜUøöQ~�^67\lö‰ 6Z*ú½,ÅèЗ3ÕVoÄßéçu~ËzN�¡ž;®´‘"YÑ«Pôª¡{Ø
ès t14F[£W<8aלJÌèÚÜFŠ¼`‡Šþ]ikƒ»ݯð¬wZÌqÄÔѽ͂ÓÔBRU&ÕŠÈ‘Êìü‡Ü­?úØ;“EÑ
a.Æ�ïé¸cm˜«¾§~Z»vB�7—ÞKÇ'Àš¬vý¨Üó³èa
¬Æ¼†³`çÀÖÉý;ûÒ/Šb—‡œ¸»¿9Ó> ´úüŠu¤; Úøâ!ì=�t~X	RÆ
+î'À¸èwyâ¾ÿ‚åìÏ*ºy|óÐ~¼É‚ŒVr
€P'–2ÔAš3Ì“OT61 &¡$~&RuXò¥QÏšJ”õtñ©š’™XÒ1ý‘ÏYÅߪH<BÁãžk§(Ã1Âù¹ö9Ø[]Æôp§ÀÊ
'Í¼LÞ>îvÊð¦›ân @H�‹_]?P×Ã[UÁ6:ÎBåÁ˜H^¸ï`oÉLnM‰UФ6§ï«µrÖ±œ½øÔUV´YÆG]ÎLþñ![dŒçêHcw2æ^gÀ]KUÒuB_©'ÖGYífB¶'$ƒÔgî¤#ÅN_\VÀw«Ù6�Æ”Õõõr‡=Ô€Q‚�•¡Ÿ5(\éÆç¿âï;j…ÌnÚm
QíÔl¨7h5Üuë4Ù¸ßeŽ�Úƒekýý…‡�S1WÇ~ò+jQ¶“x·‡„¿|/¾ä£(åžë›µSa
Ÿ!/sjÀê|±s–�e°}1*ØŒïäyÓÁÜ‹�³Ud`à^Xc¤¤olT}•ü2Š§/fò¿ßŽOfìïW�në´þ{Ô=5­km•ÞÌvr¨^À¹4¿¹øø¼~ˆ]pž[Dœ­
o DzX|}„¨¿æö`4iÚwréíŸÓ­ÕÌÓ$äC_,Ç®<<gÙzÂ,‹H›¡NáÆאַ>J«ÔôgÏ4Ë£M¾§Ñ�¿§)�ª®òu0äê8ÂÛ»¸e0ŽÛŒ!ù.mš¸ÌXk9«Ýž~ìÀ�Ècê
?PöCR°³vè½Îa–n¿´”Ñ­2yØu
+Âv1Èi8çŒX­ ë€ÉqÉ%ä:•úa`˜)5ŒÆ:”U‡Æ¨†‘å°Ó|å³w"¹í)Ä?1†¿/Þ8+®i‰îv¯E.ŠRN_è£oÜvdtkõWÉ• e*´o1Áy‘–�±„g—Ð¥ ÷šÁ­o\@+<…ó-ˆ·:Y¸qÒ‡U£	Ôþ˜ÚòR¢v€ª
+Ú›o2Ðz¸‹tÓ’KFÈäÃs»
Ù¢%æ<ƒ$Ú˜ã"Èø}L'ìönÑCD˜ü
C»²>H 
+8�øé–ÄœA=j‰YÒ‡_¡?¶×÷aºPÝ͘…@Çl°ìÕ­Gq£¹Š	>)Ä’+ž
˜æm¯Lí=UUÍé¤]%ÙSÜr‡ñ<X\²:ïb¼™ìád9ô·Ëv
éä7nÙs,RcÕÔ×›¿¥¤ú*"
³!®�…s6pöÒÆ‚¦nöP4DÏÅagÑ*cÓ!#ä¿Ha”=ø•±ŸT�Ëå+S9…‰Ž9Iû:qö‚·á Ç%P`D*|¸ç®<ŠÚ2¥œ tjØÙë¢Í»Ù;C"#민
+04Å[Þ.Òk¢1ü]²[”ÎkÆT3ÆsŽe1cŸ»îëÔ�`·
+×àêv)Ýû{ˆèKËÉ’…”ú”4IŒ¹�ÈíGÜ~uóŒÊ¹Öó¥Kg]tðr‰Êч]J øxþ“ë›8÷|`a&Ûì’	>Åî_}7Z 1ŽËPhiê{¿¶¡<	Â/W�ÎAˆVVìYäÌx§ý12.¢…ƒ	'
+eN�tI	Ô5¨€7FÁ5\¶›Ò¯Xú÷½bMo ;DP‡,L–
+“2ÙE—Ò)¸kÉB!ïQfÍcfŠum¹àÑ=ÕÍWéؽÂÓì÷ý,ðú«ÿЕX}=|+‚?ó¢ÏxM9;<2Ó(®UÑOF@ô¹ÖE¦ì2ñüæðêð"{_ ¹1W :é*Ñcä£Øþ<°öˆ_Þè,ß¾˜…kÔ
Ü¥+z]Œ2¤*I5iÙŒ�ê³Pl‘‰IÔBüLϱ7ËÃCÅxjŒÕè)—–S,Ljcy´©	/â°´„^EH¡…CG(Ž•ÕmÝêž®[”«!ëë¥Ù/Ýb˜N7Øù(¹Ñ8ž½–°4¬hÈn`V„¹ÛŠ¼7¹g3êßÁO¥ÊÓ[å©F^Ê*%÷çV&fRAˆS‡ðàÅÊ=Ñ—¼ú`›÷8?üÆõõÅa†¦¿F0û£ ù™B—�)®h(Ed•6Ü'éÏKŽ½"0JúE±�u›yu�¤=¦Ô±¸œ†!6|gÂaùôí¡�•/B�fZйøíÐg‚ÐæÜ«wÕ»µ»u‘©ìB>yÞiñ’Įʇ›ß?€ùN·úXvûñìhï^³?ƒo8ñÛ-e›(ΨgÇŸËý»ûÒ22üœš4£±À…Ý<�_]VÇ!Û
+—5Þìéî*œeÁÐÛºHÊ˃Πñ
ÀD�Àì½è"ö¬uv)"CAµÏîïæIôH™èŠi·ÝmáGGíÉï?Ú†ïçôE?7éÓ4ÓßÐ48óNÚ•Âs!`Bö ?Z|@`+Ã@<g‚ÊÏ,�_7"à?o·õ�ÇüµáxfY
Š]FñØBT‚†Þ´¢™!z‰ˆ\ò¬m„v-‡"É>rù‘¯†¡ÿ*“Ø
î#ã©öE�£X•\cýÝC8¤w&#C	sa–·Mܲþ
<²Žé£OB²PRË
|˜X
+2Þ
ŒŽ‘±ÅèÈZK†Ö=„JÉ<ïiªW_±=*	œ1OõåÕÒ´5	�¥3YÚW�αC#u0YÒ+ÖNÛ€ù9
‚v¤�²ñ¬·'×»w÷Ëæ\îL±ê¶*u¤,Á�� HMØådÁ--¦Ä£â	dµ@4�qCöP§ˆ
%äcëWÕ“‹ë•ºÒ€UrÄDn�–žÈGË_ù;gŠlUÄ»CöÂŽøD#òÃÝ�0ÄNi`–IN8KšZTÇÏ-ogsïd^±m‡Èž5/ÌÍd½UzzJ@êü~Ä)I‹šÇa‡ãï"o7¸¶¯T
ÒfkÐ>Õôs\û‡�5m„
xŽÍSÒlŠ³¦Èþ0ÇÿÔÜÈÁœÉ­qê[s’¸KIò(Ï×Æ#'BwÍ6þ§O”,^Eˆ†*ª˜¹QÒûvè•�k¼ó¿™Ur扔"ùXÖST5j› l]CÃÆEJ�ûͲ³ê÷…®D¨Fq*moCâBJˆô³€õ¸ÌÉó¨OåÕbƒù
+¹¾ºš¬áý	ñ5ú?Kè±HU˜@¹e¿™ûT¶V>³ªþt/zß ¿JáLà5¹‡è
¹�Jy­!òD3KAãÇ�\�)÷ÀU%
ƒž«ÎÕ?×"싦ãe( ÒíÁ{$…ú&xö¥uÁúœúÄáט ¦ºÀY­P…êÆæG!î	��Î4ja	<†Ðn…Í°zšd3¯ñ—™£ì4añõl±`à«Ýzòò’lß¹ŽyM´w« k&ÿ]»,Š?šƒæ¹ƒæ¢'¯Ÿëá¢Ù®Ã— O<ÿõk8÷å°¼l=2×äÖ Ï8„ªŠÛèù`#
¹—1D±Y£™ͱyD>RïTäÝ͈—Ú„]&¿'b–Ç|t3§bÀ2)yZàB§¶Ñ[äI%P?ç•r…™ˆš ù‘n™õ§l„OqT®«XiЄ«*Þ¦-êV(j–Ó˜¨¿(©mY)v꡹ßï+¿,
8½ßÎÆ£vt²„^º‚žk÷¢ªKO+D™ƒVž-H;…äsÜaÿbi®pJ
b“}â‰Nõ‘ÉœãÚ<-Äï`îA™cÊ�Ñøæ4žÚ°ÃkSzà)«/[(žQå±;a¼
âËÕãÜob­3!†”ßq fóú0Ë¢ì®#ã©Cµ)ÜI
+^Íý.AÑ^"�úkÔÿÏôÞt&
ùY”l83Ú“h/ô8ý‚ªÀ)+Ô#NÇ0NÂíw¿óO‰CÉbžî&)îÕ�ÄŠ1«;ñ/1
+u£5Ž}¹áè¼
ÆÜšë1E4T ÃHl8µ‚?ïJ
+ƒ�z¦n}îíñ(+Ž5ëIâòA-�¥Ðf{“N
à×/¾ËØ($†.{ˆÈgŒž6Œ0+`wÂG4\Êô(Aów¯=Ò 3oàór̓eàkq�Âô±ü<FwÑ$ÈiNŠ)eêo+W°ãÁå¼)«­{õŸ[9ôVb«~bß<qE&Ï¥®–“u¤D›: QɈ
@Ú?»š3_âÛQ�½G3\~ÆÀƒ£6ò©°ÖÑ4WƒŽ4ÔcD£¥ÿ”žéŠ\	Ý»¨»ORk¼êâ<LÈ(½SÑÇ93Ê×ˉ�b£:¨è(…GSÈ8Ó¢™tš<µ#�vŠanÀž8L/¿ÚŸÔû®A”åp~•MÉlûàtýŠÓ›#:é?„^ŒÛì›ä%ÜpÒĶ!Y’p™¨>2Ÿ÷5ñj1¯}•uýKÒ?¼8b}¬wï”BWÓy'–Ü…,ߎG;Qíò½œòâŽí‡WxÃdb€Ó²U‘ÌÐ	'Ò«KÔ”šÎ¹½µÆÄ¢€Î†DÎNØÓÍ�£iÍö}àÊY½Aho<ÉÇOC6›FI.šdçóÔgß"1ß;ƒÍ§YA½W*„—Ó]HP¨þþÞî\žn,[ó~–&$C‘óÇ/$xÂèï81tøùqô_®ªë?×—_@.ê2°¿áÃw£÷ǽƒÿ²‹‚Íõ?ôëqžëól‘æI§÷ÿ邹mù‘•¾ÃZ›8—ŠU™“‘äm‡ú8”É—*»ŽRx^í©GdëÑè,°·‰Mü:ž.NÆ**)	t'¬Þ04äMWFh÷þa1‹à'‡@^êÄX�iÈš­êÝ à!¿5…Åwlþ°ÛCå3£¥)ÞçR‡smô5æ—×Q™°­á�ËnºÙm0"ȲÔÈR°mw¬ÎÂj ûÔ*v€™LrÈLMû�—`jÕ®$¡�¡¨t9eìí1Îÿ"s½:²A4ÏNé�,�°!ùjÅ^›ÒæÃ8’·3Axìµrf¼‘åˆöjzé$ºVkxðÛ©¡&‘fo´³DÀ.ž“uØï
+4ݾ­VKVí:Õc¥mœUHÜî²>íCn‡_‹	aϲÆ&Û9	Nöy·XH»6´Îñu…
+蘄>T8M¹@>´§+•6_:9|°�S Eáà�ègâìølç3<
«ßþ*5%�Q‘k€Ú#�©÷ò&Lo37‹}dJ'w&Yý=â¯z7Q¸ø	%¸ñzz€ë~%eæÚ],(µGßóE�ÞCóÒœ¨AÕTÂ
+OA^¿üPMA¶¶Tr}—IT¨
+!Ë’E´õ–·©‡92â…EÓåâ–‚c¨ª7ª†pgg9ËDìn-à¤t
+z_Ø­ÔÚ˜_âËî^¤ë¶|´GëQ%[€À¶	“:3X²õ.¦�§ãÇÀÏÕú”û²é?¬f†éFõ¾­ò2ê»5¢Æb%ºâhDD>ßüUÙ3ú‰^´Œ¥<&%-$@Kˆ+ ÙÍ—¡ze}ö©ö½[·{ƽåÖº:ýå<ƒI¥{
1Ëû¥��/´ìã�ô6Ó;[«ÄYáï!°¡JIû¨íéèIìÂ4}vÁpYå­hc¥š—Ž›ú~P¦õ£–•ñé{Å1ìÊçôI\&š%€9‘ãI°SÊ$Ù!øy2ZEñòý¤Ýûx‹‚L6•}
 ’:…pÓÁÎÿ²ß2Ë‘9ÚD/ýÊ›ºF°WŸ™`¤Q£ê°.íç†ìræž©û¦Hl£ˆ>1üÆ
t*}й[ºkyK7)ÿ%
+`Î0|5wô@ÿ‰Ïï†7Â#Ï»ÅÕ|ÐêkÐÞê›r½‘†¬BºÖŽ†å\bªôГÎàÒŠÔò[Š¯³ßQÔ+.	')í”n]ô¬ø¸H3Ë/#`ýš†'îŒñšÐ$W~žKê•2@‘Bj«c“n?Y']ÿ4·”Fj”àÂ;éåÎjÜ

"ï”}Í2ž¬{ÈE+o¨MÄ—yF,/É^²q?fJÛPë’µ¥2‹3’ƒÀüŒµf­vª%�à:êÎcÀa÷«AmžÓ+Îi/…šCàÛd™Ž´:?²4£=yj%|Ÿ;=cŸP¤@ùáµÇ|È#H·�áЬIøÆ;šÞ�…f%¹î(4„²,%P©ÍÎÁ×s¥ºý®‚ü\˜ÊˆWÿ¸,#VÏÌóý“M�Ø\�¸“âSI_<r~U°±ú¥h+›_zàÉ�ÓjÑ$=}öõ=+½B“—ÞKoà¹ÌzšÚÎÒWÙ„»-¹ÿc‘;ébͻ٨&¸hÉ�göŠ[�$ÒÖ3’hˆ|ùȲØ!Ü�Œåûˆ33ûäç©Y•É¿oàÍ:GÁ]Ø;”ÈwšÈÇ?ýQü‚<2á<
+¦½ŒPê¼/V
+¼‘gV7ÌVˆ[Ç‚ƒÀ	dt…6aÝ‘Í@VDδqUC�\‘�J ±úEY>©±ŠâlkÁ²uÕÇ–=²�µ”„ÔÍ⹦_±j…lÏr©!«‹�K¾‹pYzƈxcû2çµlJ„,Ô­nþkB¥g;ÒäZƒ¦BRoæzicZ€5®M,‰!:5#øWQ>ÇXÕ¢BŽGˆ¬§´ú§È^wñéŸMÃ8ž{-X
+ج³,ž�ö¼W–sfD?üµ”Íí6hà[žš>æ¤'‹¶§±y�cË+„oGàñ⛺ÇýŽjåçú~ŒÁmß?ïá
¥Ó4.öbêá<%M”ñ)ÑkC×£z»Ì *£¡†eC¼
+À¸ÁÓjO“0¼�à:t#ß߶¦ÄsÞ<Tè
cuåâÈÝ
,
ƒ‡Dà´T=z8@iaS¦C¹½?B±­õóœë³I�Â*Qáu7ÕíL‹côdm~±/…üÞäŽë­9Þ¥®pHšºLÎu„¾á
ÔlŒíoû©†µ§Ö•ŠŒqeBhxM·š]««/O¤KÜòOÞÕ€þ~œ‘çN#Ñ 3/bÚn<€Æ‘#QÜ
½'‰°!Z… ºÛº¯¶§kkKì4jÚV ¦�¢_§ŽqÛë+pv.÷@F™#%ñÐ*c£Ó²¶à-Ô¦y‘X’êdÀ:iþÜ·Œ­DzR²®4ëîWÿÌïö�ktŽ«†^ÛZ¡þk2‚D¾öPa—`$ÀY<Àwåú濦6ï}y²ÌCÓ·M}„7.ß@áHø‚$‰�?fj8WK»nB¾æ†óŽ”ÌåÅþ†ç�Í-rzÁ¡ìƆ—ÆŠ©rŒŠú˜Þü˜P?�µÅøÔêŒ6(„˜°¿L;Éþ²ÓkÞ_âÊ�\Ë,šÖ?ô¢¬—s×¥S¡‚jÊ®³&ª{cˆ†½Œ*’ø�¤ÈøeV+ÔÝ°¸*Ç Py¥�:ñ³ê)ùú�P¯žûå˜ó|¢Ê¿)š A(g5j/Ýü-¦¶-<wU&HŸ>93	 i<0ÞéØ”NŠ?ü3í¢ÒbØ 81Ê4îxËHºsâK)ª£2Šä•ÞÝkc;œê\éÏvX•¡˜�ÈŠã+
i¸%Ù˜Ø:qëç�Â32|ûŠª�"W¿È$½0÷Ön@LØ!©hêÙo
U˪¯b¢v|!|œo9Öqù72)f
rðGËÎ<E�ˆ“t©>
+¦4?Ãã+-UGš$—Sr…bt#4W–/šðÐù›‹ò×Ò}RýóûŸ(M¡OÚ	�&»â ±{¨¾¯R+Øé€@º­[
+Gåf TûæHÕˆ¥š‡6Rp9»têÎ.m¦�½==ãçÙ0
:se½]È¡h­/Îc®c½å‰ûègî„NâeK�Hß÷3ÞhÜB
+7Èü!Ò¯b‚c˜á€Œ©áO%¥f‘¢¼uadžºRSSã1RçÈ‹
NeÞ%4a–Üaîw_‘îí©¯þûä4Ö�Ï=wº	÷ƒ{GþÂÀŸ$ض�‹EÓ…×b­ËÛøä SÞév?µ¶Î§�D*ð¢|”	gN®í([º²E5uÊ[~¼Ï«é�_ŸWªª-|a/üÙQZiȱ4õ!âcih–ªÅ
B>ý¯4¾6`S‹²äÀ'ÖÉmºÞÒyü7†h]QÜè	6w-²[ÃuŠbrt ~ÈfShnÆ›
+œHö9·¦:ÎW4_äéâ¡ËKCß®M˜?¨–‡Û'Úž×2†—yù˜¼Æ2"[T.Š+éqýUÁŒÑåµë𻪂¨j°èhwŽð|¡ls™(>
+­E@ï`3Å‹(Ü›îû‚—h
+­qB0cúST:ߣ1à;‰ÝAy�$"¨¢žq0Ð~W5
ãEŠF¥uöžÚEN>8~Ÿú®–ÚˆØÀJ/Ù nöKÉç¶zìzZµ=jkùð“'}õÌǼ{Œ¨1Í�0üˆÊ+ú®/kÜÑ‹™®µ·%€É«Ú'|q!ßVÇ¢ÍM—Ò6TöîÞÔ+G™Q®i×sÔµö¦¯älBKP=ºÕf£CJ± Õ¸O"FÎC¬¢D~f_éTÕzÆudéǹê÷Dl?°¡;­8Ú‚Z$D<Ø[-ò;š
�Oœ )›‰(v,È;Ö,…¯ÔçÔºh?EÁÖ`†îv…�Æ
+I™È�í+4gv?›ÃO_
+.Ìljø‘x«€{MíŒfĘçÜPÚÔ‘6‹^T¢uì:Ø€§¾\%äÊ5Á€±ÚΣµJW(‰Ô„××¹>aê%1ä“4(ŠZª¬,Š¢ÕÁ§‹•óÉBÆ¥ãÃ*'—†‰ÕÔÉ„f4Ò©9Rù6ŠdøeYóЩ:TÔ›èŽLÀÙ[¼MjÈ¿™ì

¨²Í¡Åž|pZ6E	fb{@�©kû?Š-?D“vvEõ}=²'	뜹„�-*ï†�´,™«¤v‹~ûõ¿eb¬=:ið[…Ò¦�<ûq%¦¬‚Íbz}õ´÷Ã*ò`$X@·L4ÉIJ\h’Ý‘uUVÊP)�-¤ B«ÜdR�àÊTY¤Ñôsg!šqé“lÒeˆ³±®Åeï$Š.$O¢iÛc/È;�½—áøCtÍ›–t>µ¼`[x|Ûxó„Á½#‘U0ˆ[QÙx´Õö‚¦qéSñ,<jæ�Ä® ûÂ$Iâ}…ìlã£›‡±Ô°¸Á÷[Œõ)ƒö¢>}$‘�Wé æÄRvä¼Ò­ÍÑqΟΦMC¸P¡ûç&’Ðlü­êÇO½¤ì"jd¸^Ñp¶\&UyrÍÚŽ5ôq/Í"Ôίw

¸0[ãPy¶šüi|ÀÜÂå‡rÅÑïk#*¥æ^-“ã�~tŽÆ!swàjÊoyè¤õt®’Ï´y/¼ÞIÊ}‚„ñŸ)iyè¼òÕ“uUv×ïPóÑ&4²(�ÅKAÑ.Ëêʆn:~æ&¼áXH/�$·©FÕóÞ ùíªIÕŽSÆç}�GÇy€8›UdþD×ýÀ*ë.³JêeŸ?o‡=,¥=Mü1·s(YjKå'¼«ß3ϨeföŒ”•øtÕX[x*,לä§W>™fûõ‡$VL‡l¼›�
+7Ý%2›4¶ÄÊaѾª=â—&+Ø”½›i*9¯Fû~�Ç“�ÚM—é¯Ú¯:¾\ÕæL’×øuÞScnÅýÕÜ‘
+eg·�@uŒé…Ôô5àþ 0'˜îÊsÄR±¹®¿¡E%-ЈÃf:ï”r®6¯ð×ÔÊà'À�­ñ½Z,gÝëMß:cÏ�t®K¿|Aíq%×siŒ†‹Hι¢}SC–c;Ä3ônö˜G!h D·’^¦6e)¾wB«‰“¬7ìÉÌOüöˤ-Kœûr_gÞÛâ˜ÆÑ!äO
+”òÌ N‚–­e3’ê>4’'ós‡ú¾—q߉�¶¢7¯ïtoHÅüòˆo
�‚Ä…U\6@m€Ž÷}H<µâjÓZ¿W�ß±¥÷èj·Î|l^÷iç4®hÏ
+¯æâÀ2[8_8ðJá~Ù»šBOÝ
±·7p=�J€/A‡�y©Vʺ)§¿¿•�õIøºÇâß9s¶û›\
¢vÊp{º)Ü’Ÿì«ŽJ®,è*÷WÇ$C?Ç�§w
+/¥�m7œ@'›B¹ô†“ÌäÅ ¼øÅð¹ÑäSk\çùÕ"ÉÅ�“„	Gn„¼ð†rË°µ±8åÕ±=ŸìwĘ�yÂíÁÆJe\æûqòk#u²‰^úÂ
1Y¿J%&Â¥ª^Õz&½ªÝ	”±ÔÊ·qnÒKFƒ‰A9U7*×›]2ÛÉš®J«V"$P»¬a<v¬k|Qá�¨C¥Ðª¶%Ù€'ÚǾ¿·²ñ‘nG�6B»Áª—
`
ÑWÌV�ìÖpEšÑå µÈî\•®ÔcP·š+>âH$j›ò õîÂxSònàÒš�«Aõ‰†
Ê BÌY+/P༠4¢¶(ãØ\P0‰üûM"áÁÔd‚@÷ôëˆsUÀó·dQz´Ó½?13€ßäñ§²	j´§¾Ÿ]Ã�Á¹¤ÚÞOQl�FxïX	Z>nƒÀÝ- ÅIé08EV'Ô	²jŒ®Ð¦Þ\„c!B¥¦vº�] ~$´{¿ƒÎ[}i¨—åÏëòÏÐg;Z‚³“øÝTOü1J
å(FBZQœ+
+Ñš½Ê°K*¡tj±‡~¼¨"öœrbçKØrvµf)6ÆL”•,:ï�æ*×'nâ>Ȳ�Ç}·ñÑqÐìr �­Y
j'¬ÃA¶ú
+«¸õ£ìMI÷Avwî•XÖ	»I|01N±‰-º<[ˆÓÙçL­Ô9gc˜꙾m4méÚÓ¨âQǯÍb¸Ú§£SïsùÜ·
+!vŽ°»)ë¾É#ó½ÒK‘[þnv]$¾ë–^+ÃÇêÃuç·ëappßt�¹E›RuЦ€ÚÐè×Ò©¬”j`úw¢vpÜæjn²Õcõ„Æ5ÜØgë¥J¾
+Œ®àÛ
Ov%¹Ä›8¢ñ
+ èu]?¾à+°ø5ÅQ
+^bï?_Õ`ðlðb˜Ã~^�ÀÜô–~YŠÞ€�lëâAæûÎ!„MdÇßýȬ¼×$'Ñ(¸õF€Ù¿Kª©zº=p´6$¿½¯eU}$–;¨^KC•!�UšÎ é
} %dö]s{+O©ìœktŽ¾!§wžôõÍ®S$ÂOÏP
+Lç8œJb<ÛÄq?t…Þ;`�!ãØ­R3A2P©N§™Ô®ñ³+º"ô7¯³¦¬†¨ôÖ¥\Ê*à'êNJܦ\äÌ”Ol$‰\¶Ò5ç%[2EεVC¨¤(Œf<ñÔ×ë
ü5Àϲ‘$H0K?Ô?æ}�h§„ÜŸuƒ<€ë¤Íûá.„ÜFKé`uƒ‰4—.“¯ð1Ž“ã?+žãÇx@§ÐXè
~©'þé°š¤Å˘m…ƯVÞù²»:öZ‰ã€9ú"›¼ð
+´;!j9%w@Cáù‘g³tþ:ÀóÁ¨æÐ4móËcÇ}ÔÉUL@Š­�z“8Št3P¼{ÿ-Ûy¤Þ_Ógéœ(䀾o`÷Ò—sÃiÞSþ½,eâü	±Ïò³ýkRâ#�� ü´B3
+KˆÎ´úgÖxƒ¯ÙA&ºÏLjL
+ŽN…wP
+F^ü…û¾¿ž‰°·x;+wº,àÏ(¼°ÍðÅVáš«)Þ·†M‘õÊ|’“ìO¢E�,!°¾öqø¹Åç
ÓãºÁÞæ%½ä”Qékn’§—š>ºÐ!™H&e%ƒ]£ä^éÛ�ˆî$h4]¸/®¡1³ÅÊõÅò®›ÂLðÁüpÒ9ÿ×þV]*ì!jTÏuì£Ï6õFBîO«Œ2D>ì±�Âшï,Õ?ŸÈn㶉�‘‰¾îô­&ÈÈ·ÄÓØý
+~šzz›}‡ºìÐ×z2*Ñóì¿Ðñ
+µR‹ŒKk(źJ
ÃÒŽ��¡?Ì0„ž,
+Ñï8Cy£5²-çB›¹ÏB©…?ƒvïw)ÞJÄc‚Ë-mÁ†ÚTÑÇ�>_� MØ£¡Su•ö�ÓkÔ"#í\ÞâtÖ "±{y”ˆøR£ï\¢RPþ
¹½íkžýCø�~&�ÒSe¾D¯’!>Ö�Ò¥îIºCÅâ@ú¯Z3UùËË*(J¢/Q6�d–pwèRÙoÓÁ©°FÞ¤³™˜’_ÊÚ�nÓµƒõ%/õíh­¢P\¼~|½$�·È6F¥Š‚z8ÃŒÉMê`ÆÌX¶Tó„±1GsŸõû¼À¢[÷褋F2ĉÉûöBÆòÛÞ¾Z«ôºj�ߤÐnX¸Ze¦íç
+Z\›{„›èÅÆGŠ²™›‚gn”·�%X={±Ò5‹Bú"ÂN´MŽôË{F	è�æÍ‚Ó È¤ó–C»Zò£¾Ïêy‰	ø²øU^]¿y…^­­:?èÛÎLQ9è÷LUža«º&±l²ÔA!lçé®2è+É)¬]ˆ'ì‚î)WÛ4Kµ¹˜2-Ž–ïúÂUW|ÉX¨´	Õo°姂õ"�+Ìx*üúæ-¿kcþ>ˆŒÌÑì	ß�HÇæL|˜vjUPȸÈt±Ñ?‘L•!:îgGÜÉ„Ä	•½Ñ5E©þHžU…Dz(#
º²Ì_xN—fP¸D9+W~ tÛP¿$108K
‹Ë¦�3Y`
åwO­ü²Î·ã:9R„>5j&$èD³ûDÈîKºšAQ2ÔFÄ*ŒÉP æ,CÔÌ%Aö®^ÿ¡·¡òâ¨G>©uÚ×�K\ÙQgÙ[C�èÕU�‡,)—*¼˜…ÌAQ¸T‹_¶5¸iNŒÀa÷Ój·\qD+œ¸¿G�ƒ*_×<”ÂÞÂU«Lì—×�0nm»4b:B–±ú®Œ.Ç¢'îÔ)½¦M�‚›…mÍÔ‰E¢õ¸PàØS¤<ô<Ç„—É0tlêždî-HaéØ�XOGáçòDuß$]YC¶xí乘§³YVq\Í=X\�74RبDý~ÃNòÌHx-ñ³ôWëÈ™g”¬˜È%çk?‡Qµ‚”a¨nšÒêe
¥Ø�ù,`êCí
òóbå�l¸¢ùÄ@¼´™Z–«Z„ôkC4‰œ8¾|+®ª—<eV–¦*8,ßåW3®Ì�}C*wü!¦£âØÈXӴ䢨d�ζ �sŠˆÕ^WUVž•ý']E2¡Óa¦n×M·ù‚/ÈcWŸ¦¢™ —(ÑM²û¥üöæoÑ_I{pà±ñFÃn"ï‚kæ;pù§VM+CEƒ:ËK>Mx'A× õ‚æ·?fñÈÚÖÄØQNÁª*XÔb¨Ìœ.�q;<a›ö’ ½t¸óÁ��êhCìŸ�,vUÁãIÎÛ¶©têf�ì|}	†ÚÔ÷¦òøØ
+¿ãcûpÚÌ<)Òálã«úuŒ˜µ [ÊS
‡¶a7èÖ9SïÔåÍ	b—=lˆUl�[²ƒmbÒ3]Ó:µ8›ßz̆—d(B
+v_áÓØæ•’6]ÝH%ö¿@¬È
,�
Õõã&}}³'¨~;…±Ïñ`&©X¿Ä½µ’2Hø«5¥pÓçŒcÝä{�nyA»ü~µ;4‘»|â}j]ŽæHÃé0Rýn&(EþØù±z�ç3Cü»
'»$Pöq� œú”NèÒö!CšçªfË1°�¸T놽Åe©º‘•=n™çÜé.”ø9+lèƒ<�ªQvP\«b?š‰ä¥ÅlH3ùž³³ØÊ#U¹xë¬f|7ÇO3¢¾ÄƸ	¼Æ"F˜Ÿ0fi›"“Gù-{awÝìs¬šu`”,
ÔLN(t«›XyÙÿœ>”×’®�Qa{³nÔ4þ£l˜OH¢{Ø%¨
[È^HÝzŒ–
+>¸ªwœõÐÔv»ž¾,‚±+.ë�T`~es~ÎUtóÇúwøRô¬žÞ¡sŠƒ{yÏÉì–ÉÕ�EÒþ(ÑNˆ«¥°	m‹{4ÿUðš<%½²ÉA'T�ö–²(cIMÒZÄŒX7]”»M<R!ô]³`ýâÙ{:;ŒJXèÄ0Wžzg3Í ×m¨¨®ÞœÅXo#3’o5Õ�Aò^zÖ:30‘àw�_a�6Ôû©	ˆ~¾Í¦N\WTÄRï9XÊ,¡›r~(¦t“ }]FûJšF-ÄjÌytêŠ\3²RÁÇ7¶%¶á>í;¯$/{™ýŸ÷¢&àÕº~¯’lؘ?çW_´õO$(atC®bov/?ì8F‘BͶ%©¡
¸¡I™¥ÐybÖi«5T’ÿø6oÇ‚Ë�ш
?ü´WÒ§ƒL²™LxvW&Y¼Œ{f4X›]K;ÍÛü|½)½¡„´í †9HÀCï S[ �‰RY¯z‚扱®£³ƒ�urB+pÙ7ͳöJ²ËN�bFîî|»rý[›‚›^‚×—ë�9¸gïœ^3½Ü3·ßÁ…ôo‚!âËI=ä­�•¼ÜµR)6[181lxȯAÏbIŒ–ñÜ¥5xÃc;ý”.�€HÔM1dvUvlyš×ßÀ¥%ø\ci¥å‚šÌN„¾8·ÕÏÿfˆ¸C<7è.[ÒEc¼9Æ>ÀÓC^
‰%X—"J¸¦sôÓ·›Ê�*ÞP'–FIú±•Â—#v5Gà	³5n´;bºè$Cr=óù(‘Ÿ›EÒ[·¯„á¹�Í“Oÿ¸T«p ìïBÓß=žˆi¨#ñ>mê)6?WRSÃ;ÿ‹^³¼Öª‘ØJwÝN×»Ý]ð]…_Å»ÅòÕœìøОþÑñ¶8Œû¡‡"­Ò¢‹zýõe
O°j¼¡m÷þDÀ[­’Ï6ç¼èWækvœ–ê¬Tݼ„šü[sÃÿøè;ÄoGˆd º)	çœiÎÂV�y	ùÒ}z%8
5¶Ú¬
+ímãˆçpEÍ3BѪæ³è�‚`©ü7Üš-²¡©ÔÀ²Ç¾µº )bœóVÐ?˾¬éƒœÊÙ}ž~P97`k˜ˆºŸÏ
Þ¼%áHþV
+GÝš.oª!Ží_(IN],­èEI’³»¤æ<²jø‘ûyYÁ}2ÝÉGä"V�uÚå�™w«åád±nãDWk“H!¦–�Qà›Ç&ß,Åó¾ŽÓ£Û]`Swq#Å´ñ—`âQ£<. Ÿ”2Ö¾”Qtîj�ºÊço:–E‹›ÞÐf^@Q¸Ò–¨ã¤¥åÑS±´—>p¤JT‘ÒòNÁÜV˜p¹š¨‘pÈXjƒNŽ\¿n4�\âÇ’¦‡¡³BsòV–R²ˆ‹¤Ó“ïGBFñ(B<Ö•òU„N»•ÚŸ‰õ–
+ÁGXoá÷|Ñ»Ðu\÷ñL:³¨Üdµ÷)ØÄ]rš¤8�=ó•Ý~vƒ§Ô(¿	w©[G†Éy‡|¼ÇÆF‘<ªW)�n˜q•ü×)þLÄ `DݹJUUËU©NFoÆE±$æª[�‡ÛfÓeXW§AŒ7щJ�äúh#Õ6œÛ²sª¿�^A̶żIÁëí”ôµG¼9ûU å÷�Fªë9QU¡Zö¶@õK¼¬>¹J3ªá”ÌZ"a‹Ž~‡e/®·væqQ¾D]>‡Ú@£UÆr]‘Û,&i¬°’(Æ\á4eãN£Ti"û³$›@%>¢nP
+uü›övà©fcM5+ÝößÛ6fŽÔØUB5÷IʘGÎÔá8´ê�§Fy2ý:‹3ÎEÐ`$•R•0íé~~¡_Üz‚ò'ÛL§NÃÅ_r‡"ª3çT¦+D:&û6süœî¬Å¿Ž¬–ìÛ{ÕÊ«OWDgÈ
Õ,õSÍõˆ×Þ[˜Ètò‡k²ºÅëx«l&î«tK.³iEùP�Yg�ºDÖšÇT|¥Ž§ÁlÛ³Š(Ñ/Q¾˜�[Œ¢‘—pœ’�4áÌm|à ¡õ
+É‹°äO>*Àµ6~ý–Ý)Ýνh.Î/tÀ8�Aë‡~@ëV"¢ÖßÜ«ÿ~
+­’ þ5Ø”‹ωãE¶/ëˆ!hùtD¢í^‚SÒz·Ö.{_µö[iJÜíDø#ªŒC‘éÈD‡Ô¨ÚoTíM"U]½v
ðÛ)ÀZÕÇW+V©Õ™
+×<'‚ï~Ò÷å¢'ð^&�j^ê÷äÑ×NA®[ÎÝ1	9Ñô&³š<kÓ²Öà^
+ä’VøE³IlBËXFoMX5ßL!7kƒõºUdõ±²àÚPIõGOçpbñd–Âí¢Œ±NèÑÝÀ*?òƒÓîTÞƉÛÑö¤¦§ò®×y[øJÞë±VyC1
œÈ[Þ¯˜è/$|=O³Nðfç¶éx24̬¾U=çL+bfˆP5¥ã%ª»„ÙÛa¶%¿ú´1ŒS¸‰;ÅùÛ{P’|ðæEB·ËDïK
~ñÆ'.kÏñÊU§]ó—9 qû�]Mg±	ˆñ”ŸCQ·Ì!ømÆ�Þ1Æÿ—Ìÿoðÿ	€‘“‹½­‘“5ÌÿK#
+endstream
+endobj
+25 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-62 -250 1123 750]
+/FontName/VHLKDR+CMSL10
+/ItalicAngle -9.46
+/StemV 79
+/FontFile 24 0 R
+/Flags 68
+>>
+endobj
+24 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 722
+/Length2 11718
+/Length3 533
+/Length 12280
+>>
+stream
+xÚí·S”&_·æ›¶�YY™oÚ¶mVÚ|Ó¬´mÛ¶í¬´mÛ¶YýßßÞ»{ô×}sƹ;ãDÜÄœÏsýÖ\+ÆAF¤¨L'´32·³u¢c¢gâˆÈ)Ë21˜èáÈÈDL�,ìlE
�L¸
L\\L!g3ó?:;7+#73#@ÄÎÞÝÁÂÌÜ	@)Bõ.€��‰ƒ…±¡-@ÎÐÉÜÄæŸ"ƆÖe;c'wz@ÈÚ ô¯8”LM\L€ôppLL …±ÀÈÄÌÂŽá? ¤lMíÿ™:Ûÿ·äbâàø€òN*À?”@;[kwÐÄŽAÞîŸÑLþaùŒõ¡ú÷ââÎÖÖò†6ÿQþ_�ú?tCk÷ÿrØÙØ;;™8äì€&¶ÿnU7ùO89 …³Í¿«RN†ÖÆB¶fÖ&:.zVöÿL[8Š[¸™-œŒÍ
¦†ÖŽ&ÿÊ›ØÿäŸæýƒAMRVFT‰æ¿ö?UEC['w{ãÿ²ÿ+fú_ñ?Mr°ph3Ò322ýcüçþï'ÝMÌÖØhakPv2´:ÿgâÿ¤¶só¤cgÐ1³ý³‘˜˜YlŒÞÿ»QÕÖâ·³‰”(€�‘‘‘ƒ‹ó_Ycg[§m†füß±©Å?=21q31†ËÌ´էýIódðØ»D¬Þ1}X<ÆÅÅJ
Ýäƒ@XäM)M°™
Z”ºâð§lH„3Ʀwn0IBP	ãY.øM)zy<û¬wÉŸf*@{sη†++˜¯ž‰iÅó·ÝŸé9!7°jÿe7gr>«®<™?χ¡È×Õw�¼Z.¦([¨5%ÒV(žð"¹a‘Q	Ì��/Zþ·äK¤‘9À¬U�?�dâQî«Ú§Ùï¯<[t‡ïèY¶lÄZИÒÒaz_)äÓseÄkettËIÌyS�«Ž@Bãu
¢+Dx8»ýTf7áªäFéHt	f»9l
+B'r¢]~k�óWˈaT§€áJäf*`ße‹ZN‘ɹ
‹éŠdš¨­
Âo51ú_Ë5ZˆçéÈŽ¤pä&ùêA<á«¢ïTâãÅz
¶g]8ü¸Ù~p¬—A5t�é]Tz¶«¨ò	œ­'A|û
ð8ÍâÀ$dÑIÜ¿WÌIȧæ„=ðùÊ©|Ç�àt­ë´iB“ó%ý6øÞ�Ü|„'ÜôaÖ]]¿Ò�Cž®ìóÏ„c
CÈQ
+oË”Ÿ°äØÃbbðÞ�7¥0AÏ Þ™àLþ²/`wd‘�ý—ÛáZ¾F:’Ì}ù"ùÒÝ­iû<š¯1]%&-ÙXÝ•bÉÒå‚÷”ÛtíÞ�™øúü‹ß(äåÙ¤
(<�FnœŒyp`-
Á/bûfÇ'+Û¿úÏD.�_ññ<�¶Æ0"Å먕T¹†¤}t/qüœÕ[ΓlêÆP‰°�
»8fáêñ¦[õ1¬üa×/\ýøb5�ãBþˆ#餼ûÈäÙ¿›seûx•Ië [žƒ0ÐGÏ[›ŽZ©Ïçòȹá%&n`Öš÷ÂrØ(ó	Nky“
+Û?Üfþ$U$þNk®¦í
+	™¤Àš‡ÿJc0‹�2.Zµq`‹UÚ#Ñ¢10õ!öë(Ï¡¿=)ìîá[#E­9Š#¡}ãwA.ø½’“C2ozä1C»º�†�<9êf4ÁޯⒻ�^O¦G±êheŽ²+1Ê…º�Ï"rÒ—°§Wšþ·wÞr4dQý‘`{OÓ·«´Âߧ¢Ùlß,iňâI­ßÕ
­l|£ÆyãógEÐ@Ž -’ã¿ç1fDÆ¡%Í
Žç×…—ñB¦¤Ni2�–Ü“Ÿyq·¼YûNý~ÁeÄk;Ú¾ÜDI¼ÁÇÓæ©„£šÊåñJ@í¡ý2™þË
+«âdU�/xI]njÓQ‰ÑØÇ»»¦
+:[‘�
+"Gê„è�(ƒ{=›™~fHòaCêŸÌ”¦][Wu“w2
ÒÇØ%4¢se·ËÚ:Y˜†X\MWFtC@¡ÍgŒüf�r›_2ƒþl¬¢â;Òöï7ÄaWWWjŠhë'=�"kÇ~d”ôepùʯ`�’7l¢ê\ÈkÊQˆS´�¡r³CóΣ[àÃÑî(nUE�~gø¯Ÿ8e‘ÉÅ
+VIfRr0[Ýí†öÃ7ÿ†�ÎÜ‘Á¢}¨o£»èÙ££žõ¨zJûÛˆƒ„¥üîA™
%Úwƒ*GmjúS¡¶¼MOù8£Ñ¨*‚bÞ!Û•U‹�.ÎM¼‘϶û±›g»xxÊÝ’U!ŽyõÕéäã߶?Yß•éÆrœbQÆ¥*÷+w�ŠÐlj„•$ƒËÚDS‰}
*�*•õ¯ZÔs çz«®Þ58fmˆ$þr§!¶› J9ê�¹ØÏ×ye¦³Ày›—ÛüpâŠ=ãu’iÚ‹÷Ì£4ˆh“ÛH+@ñ!ž,ÂõI%(�–ð$RßÎ+:ÞE–¬ÀZã,B�\¯Ñ_î2Hæ;nað6!
+1%þ±ûäXЈA—èPBi‚lö0UŸ]UÌ\Pm§ñ<ÑêÓŒ¤rVX&SåYh.]µc²ºÐ™†®}¹?üÖòÀMI{Mr-ôÈ�g¶s¶§=LÒ%u{Þs!ÝÈ}A´uy®/X}ñ¾—›îž¤û-î³3´ÜtêÆù(¬6O„óW¤Ý=†–}ã§=u*„ÓÕJðÏ4Ü®ý�—Y{Ćš+˜h>sÛkUÄ[q~SëKÇ'Ð"N'
(ÿr6P•M^QÔÛ}¸¼>æ¡ÆDÁDÍ3êS¦%K
5¯u“òRûF>ž1 Òí+­ŽNdå×QJ53„A?°rÉ´Ÿå‹
ËæyK¸ôþÀÆŽ*W'ãk±Zåik9��–WHƒÊmÃo­¦²Ù¨3ÃLrƒL( ©[ÙÞÀ¼5T¥=GhÁT8¸UCQ¾N"­QP[lZžsåG7V
]ä5Ò!£«Ømµ.&ùí'õrªJu9dBjíÄq¹2¥¹}‘\àLÒöDíd®Ã3îýg#%bŒŠÞ­Myáä{“jÜ
€¦ÍÖÝ›¡Ž“Î2H—2ðjÆþ~nR*­Áz}uÿbÔ²y¬Û¶Îfû–£ˆ ŸyòƒïãICˆo¹ÖP_t”ƒm%^?Ít©eVKj{†Ãôè	qr„\>�XëÎ3.æ0T2N8w­%^y¥Œ^JMžùDäÇZ„pÂwÅ0?4¡óž;½ïP UžV–Õr0³rß‹æ”Î.ÑÝf|šG®T8ÓïŽöÎãrê)­GU–ÍC¤Q7WRIk�N;4XðȨž«œg(ùfÌ_…
/¨ç¡ý˜’p½ çÈX‡<»NØ�²‡¹KŠšÆ1�	EÛ¾eÅAG¢ÁnîBI�Â6®8aõꯎ2~ÆA£ù·ÛKÑàoÁ™Ò~¡cp¬‘Òzç—�ÅÂpФDÚ�_-J²†éOѶI6ðÉScáÔqì¹çìrÆÛèW‹r;ô…ÓýâÃQßú6=ÐdãÓ@i`E“!×yÊj™UVàž|>HÏÚv%Êi:Zå†ZB½��s­á/AlfžK³v07}©±¡˜Mbüßf$Ýä(±¤´´¢äË»·W]ò¿ zCEäÆ=¤@ÈXÍ­Ã[¶”œ+ä|‡–¢£h²
+BŸª³e�KÒÎQãí�5´6ñ0J?íï®DïZësãiú^ƒ�ÍÕJ%§Þ³5Ç‚¢Aä?Œ|Dfgpɧ‰ï±ÏVÔVàáÁé˜ïk(ÀøõaT.BM|ÎZ:„ÞL+;×Vm×åYVûY�68ù½ï9õg÷˜+€Q§Ñ-t|Ë™å«)x·0Ûó-£zûTÍ1UË3TnNýñv~£Ô#Ÿ'fÌ1‚<ÚFL=ÊÓ¾Áð°ŠÍ|ÛiU6�›l�š”.¸¨Ru°L£’–‘»È‰ Éé«{íjð�Å=
Œ…
+d]DýžäAÀÄšÑQ
+Xg!µ0"!q,ŽòLdç�œßÇëX!XñÉÌÿŠ—hXP͹¾åÀϪØ$+Z·m`Ö:Ñíx§‘­Û¹ëUÿQ0ºTXíž¼]<efÂÉ0v�”Om˜s[¾õäTW¨ËcKV•—´ÒÄPY`øÎ(,J’ó›Ó,?Z@M<¸'"}¡2u!j(§µýÎ4¯¢GÖ
ý~‘¥,y÷}i@"vÅ?T֨ƂK7†#IÑ縓báR5¿û©‰ÙY0»ÆNÜ©â,iß!ýÁý“¨4Ç�±OM€ìg€æÍ0w	‹â�’Ë$Ræ¶R$8êàˆÿcí;›±ø–ò�ºô*ÛÃìPT6åÉü˜«Ew¦©-xô[8
+
+õö*y²zhÂV¶µ£•0º$Šƒá�”Ï*¾¦s˜ØgH.•Wf*VeR~Šþfã]볘?�+1íðU"&‘y“Æú³!¦›·9lÈ–¨8²6»ü"TÁžeJ�[ÄAœ}`õÏ[´¶Uÿîd;;nùk‹žYw3“ƒ‡LÑ3ÊRöëÔèx!‡˜Ê­yË[{=Œ:ÛçæéŸ;×µy¯Ã†‡è{pð®^A³ÈºS”a‹iõK�·@´G‰Ì³
²iGnJÄÒízåÛS…j'0Ói×N°̳ü`ñ›XÐo}è×=D"×Ñ îi^ïÄÊSUÌ#Ùæ[|ܱ¼"�=`(<øú™…(4€‰[õszöFVyLÅÚÖj‘÷¥ìb^–ýÅ“ÈbR™Ý&!Q>·ÉFÒÇ^…®Fƒ²R©¥”/æ¨xO jþá'5§ÃíûÉt`ïÎó_߉‚áÓ
+.y»‡ŸW-ˆèŠ—>ë”J"HŠä8AË}AÏÑÛ*>¢"Ï8Öa¶‘[ŸØáÊ0„Â%¼¬žÏÌÀŸëB¼=2ÑÐuªõ<_]Ncîªê}HÅBk•Ôxn�_èTŽàQ¹¶˜ÃC§¦ÉåÀu¯¹æ76îÛ¤,qeWrüTlã¨Ù?¹«Ýb‰¦q~äYûô`c
_9È«Ò(:†Òa}%ç¥ï"°A‹MhºãQîìKO×!N§’’…ˆ…Ü¢5C›½6,ú*	ï€Ñµ¨>½Ïÿ†u|,$µ‘0‘rTŸÅRÍd ]d]_Y<}/8ŒŽªáÉ� bíÚô¯Iê«X]ÊæŠ;õklQ¸I†G]ÓIº MrÈý#¼2´4é»·¸”¨€q¦¨Âªç™üÛõ�O°äZÚ:ìy/Ƶ´·®îP>¸)“ó]P–/Ãoq:عÜYq¬Kõ¬T³Ëv"OÄ\2ÎÂðxš¦/²&µ,×�Š6ଔò¤èÓU�äÜChê3õ/ãů<7p§u8'lËÀH�*û
�¾ºÉM;íB£6W‡Z½,ûÊÍñµQ
q±
+íot÷e(¨ôÁ£µ,øˆJ/0Ÿ˜”!™‹(=�#LõVîj¹§ûkUaÙ–HpðÇ[ˆÿ¼Þ¨ÖÉIñlº˜Ä—•^“Êè‚=œãeÃÍþ±xžúm/jˆßq·g4e{–º4Ð?Ã挪!…œØ>#_à{Ì, )<.�ÜؽÎøð1ô:÷êÔO™ôÃepÇoTC ÿhÐi3ÜEë±B0ÅäSF‡w8œ‹«ÙU°±ƒF�¸5õ¢½#÷‡ƒÙ�5!*kT�‚™Ví·ê¤°
Fø=Nö~±e�D@?e	…·N\Åœ%”Øšn£ÄÃlNÜœhîÎc³î.<–ÃJ»~¶¹�þT�8-ªb׸^"��Êö/êI•Äå$4á%Š€dÐúçnÉ•Št_ØhÖMå
�ÐNØ9ÙIï°Ó?àÔš€Å;•RÛ	´CWÌŠsá·��•ÆC¸ˆ�
ë—ÚZsž?ê&>÷ðèÍœ3Ñï3*=äM
ꘂª=c¾ºÑ
f{.FŸúè)C1z‚Ê{Ü¢pÕ[ý
+ö3ŸMì⦔Çb~c_Ü¿©ƒ¥!ö]Át65¨ÎÄÏŽö©·ùcÙmñ—Ⱥ+}\øȤˆï	]z‚ëdõ Vm`¹3c{¬<=9¸,Õ —ÜiP~ì\w[ Å93=¬hÞãž=ö+Ë?¿ÇYG6ÎEM÷0(3¼¾5@îûRÄ ^¿YúÎvo‹m^¡//Â3j:õ—U±ÔüfÕÂe M쎠ÆnƒE[g•TÄ|<¿†Ì8\âìÊý›üj¹PU•§`hÁªòìwù¾>ÄYdÑ·ŽüF0ÏœaÕçum
+ÐH\ßp#ƒža ²Ó¡D›ëZS‚s�KçˆGZC‹çdü|á¦úÁ’KÍiA¢9ÃÅ°°Žbèõ¸Q–äC•ÇEš®0ÜÐë6ûçTV8ª2®)T?3}i›@ïÛ�Žõ'„~÷`ŸÞ|›èµo¯œ<I½àMyä'Kì†7ÄK5ر†uÕ�0ƒ€ˆ¬¥ÝÞ†¹ØÊs
iüFd0'$ÇÅ9õÖÜ×mÜ•!,·•ÀèíLFÁýº<Ñ7Cø9±ÜêT}£°
+ˆ,Ÿvºñe˜Ù+
+ æõÓkž±Ú0@@§Ð&Ël!3`E*º/¥'‚K ƒvw<föj÷jÚ{(öY£Ú´E‹øñŒÞ¯¬®8Ûk‚mY()h³ŠaïZœz)“|ãqRC*IOJ¯Í!úÜ¿uÔBç3!z�ÚdýúÊʆá–ÎçÙh3¼>™tšþ–hÍ–ã)"Œ�@�Ÿ’¦xß1Pbþ©Rñ\Äzh8 ߌ›dKfO^Bø€ŸŠdŸì[ÏûV"=h|ºõ“‰ÎxX9%jy8tÚ:æu‰w:Ͳƒ”ÅQ>1T5UU¤¸j¬•{†¼¤LúÔ3ú‹Ëë±S�qó¼EÇàÞdݘ¨Á
+²Ä5Ÿ„J*ÈA‡d¨¾‰Ä‡b!Ù<â#�ÓFC¤/€ŸwΉ·R‰5~Ó¨‰Î1”­q­Ý>Üztâ@Ƙ÷Ãôù¡!ŸòEDJ)}ôՙ̷-I¸Åµ*¹+{YÕ`&/]
cRYªâ>T÷uÆ3v:$¦œ°;¨ŒAIÕh¾\1«æÚ ã|�À\FŒ•`Gžœë§—ÍШ›´AûTÍÕ|5ðk6³I�®ƒÝ=kŠ
¹™¼…šœ
C9Æ")ƒs”Þ»Q¿|�œ)žÝÛ¸Òíßrõp–©Ö-E"W�Ž&#NY~ ÂP–¢éSíŒÇO¶\²
'¥Ê%"µt{×ûå͸"ƒFÓz½}Ð[-‚¿š€Óª›Ã+Ëb4I£ÑÝG×Wæ
«‚V¿ÐDÌ¢w~ɉBýìÑRœNeâuXýA)¡~Œ¢Ð9ƒ/h×÷ܽŠîNU!´ö·æÔý!ÈŸ~Ò¡zYÞ¾ÙÿìS^QQt7ÆÐ&€sN»tÆ5d<é¤RÐ\©ßç…‡p#|4w– ¢ÇMƒaJžÊ+JæíËÐÆ^eè﻾F¼`R3yÉ–àMãÛÞgÖÞÒ#!×pß‘4þ
…�§Ú¡DX�Ó�ø*û©˜¨p¿yŠ²‚³#nx –äþN÷œÒ=#µØ�´¦pQ­»N •aÃjLƒˆg/�+äµy˜i‡Ëæ#2Þô3½!š>Q‘	AÓ”Ìö¼íTΖs’V«ß51q°lþ”ÌÎÕy½•32Rr;¬”õë_c'¼¹qNƒýGUÞ«‚=W|º_[
�è…ÊÚhD0ø5Ÿý9rÁõ¸Y~�M/k·ßÅìa»ƒFmœÛ×Ñõ~·×�èü®:Aõ¤¯-~‚@;“3mßãLM¨_¦(ä|Ì×í›ñ‹X0y/ÂaZ8?šöxÖòzç­,åj¯q͇¢Íp°ÆlÆÒ.EUâ¼/·jTÍìnº¦(˜„NñFÔ'
+ö£~i<ägcŸ?�cP[Ø4Õ®•a$ÏîâÅ#ÅíUku®Âºnª¦ËUzŸJÑ9Þ‹ûHîJÿåz&öD¶ç&º³Wî­2ðЛÍqV#f¹Xu
+ué!-y›ö�ôrRKÕ'¶?÷ÔÓ1/îBéÏ`ä2©OHZhš�
C�ªê:YøW’M¾+bÞ4$4MëÄ…½Y.*(q+öµ]9ßw9!ïíýÊør+ÏÄ»Ÿªœ Ä0w[.�–¨~Štù¨ØÅþµL”¼ÿv˜WWœXË4íUéз??Êâð�›,EÓ…
ÆüÜþpÅ
a� X:©•¹1Nçc˜l�€øÞç?OýQºŽ46‰*H:ų
ÕÇtO‹+útá6±ä,¥^®™}ÍŒf„]³ÉÊýâµMaêæ)
T
)‹ZèêÀ@ŸHVnsl~ŸÕ=ˆ½µ9§øuú’Bÿé¯fN�ÛÛq€T³U7wß<²¦ÊËâj
Þ.Fçz¯”}$á1ÀÞ‹Û¡ß#³þÎ’€n…Êq¤’KXòdlÞGŽ†é6ï–BpÈót¶ÃÀ?VWݸ�¯CO$­ùBŒm0†ÁV�Ñ£û,lÈö¦,Þ†©lê}¿™�&ñãü€gbÈ�¿¾òH	ö8Iri¿½¯þÖ÷¯H	~9q´~’’ÐDû
êêõyÒî}Ž×pò,´áXf\}q‹™šn›Ä†ÙÖ¸<ñNÅó¦=cÉfa8V<O`\ÍÞñÎhLpE‰&, ,Š›ÓØ¥ª+s²OB©Sü œ¡X4†jØyKŒ�§Ö{·öTCŒ½üŸß
+É<ÔŽvsoQn>oC=äÚLÝ�&æw¿¹ÍÞd3f‹‰\Û{®2ôO×ÑP…c…ý�Bôcg�I?£

+GÖ•M‰¥ÀŠìÍ„›Úã}¢Õ#$/ÅgÉb¢¶_@��ß¾AqÇ¢'6épZ˜„1žþ‘6�Ç¥++}§”|SÈl>²H
wC(Jíþù^²˜€(”ðøûË”L;ÎûIŒŸ–ż.ê»jãtVkãÏ_4èl
ãò˜Ô#TK1Æ2
­¼îŒú0ÙYâ}
¿õKB‘Þù¿y1Ž¾È<Å9¯.TÚâÒn~'<µu¥\c5-÷åPm<Œ±”¯d8/‡ë­™î¨ˆü¼wwxäàXˆRiä˜ë"ë"í£ pEšB§ŸŽ^r«½ù3\ñ8HF«Ê"œÀÒ]'x—@XaÍ¿^ñ¼Œèà1Å5ÆAçͳr¦òzûÍ(vk^� Ãåþ±x¯bÍ”†jœ¢ýR{¬½Œ›õë»Ë€‚ó÷®ÝBVîÏ®?Í™jÀ²r¿wÒÆÍ\4<!ÝŸ50|\¬KA	x�)ÌÁ�«ŸiÛ²EôJѳ.‘MÏl¬ˆðâ¸âWôã¦Ou<ÒŠB˜&üÝØò|1ßÓ_”¦ú›ÅŒþ¨šu§á•3ÊÁf—îhÿýÄ/õÓ ÿ4
+çü&(Hl¬Ž9®Â!)É*…bÊ¡jÝ‹dìEãWŸÜãT»ÃTC–RJEç�jEHX1<‡Ðgj"wOWùÃØBÒSçb :@Äûµèý‹û÷÷ÆÌg
=[4‡ÂßN½>J�<‚r­LTi 4M-ªu<¥ýH=›è-Ãœ�@^žÂŠ1�c€‰dÊ&5î®Ä÷âÈ/9/(g±rÁ8ñg’£ñÆ“C˜ZPkÝp9xôÚBsú5NÔƒÆíú¸&
ÌÌCXå$bÖšf#{8’´˜¦’ˆ Ýõ,3xÁ’¿œÇ:ñDÚvV#ÜÛs-Tï¦î!L†òyb§
ÞÕì¿Y†˜×tÇ­…žã\I8˜Ñg	ŽVó�Xýc³3ö­@n[jºL,˜Õö¨¦‰ª/ˆ¹AÂ+q—§ã^ýAó5ò»#à”sà´2†&y4öqæ,špûT(ÎÔ�½ÅŸauµ“H…zå¤^Ñ’xoúÖ‹žîr«
+‹S:í²‡«ÜŸˆA’ƒ¼œ-×3üm“µFž±ý
ˆÊ«°e»ª~ø¦3@v?ëÀYÐbü}XõbþèkŠLTù�ó½¬{•¹”ÒIs.úW7ÆÔ›ô"è‰?c+ëkwס1™ß¥h@ôÏ*/ƒ$»÷¢ÎßFizOmõ¤HÕÓ/(é°ü,Œ½R¥Íá,­–}óeŸöG¬/‘M
+À
d+*d“EP�¶ß¿¦júu³³ë’[®ªŠvT‚ ñûf™^Œÿ'ƒ1™�
+´øÍ‚‹Q(+�dzôuº9¿$ŽÝe‹ˆá…뉼iÄ�K–X6
+þáÌ˽*‹s1
3eu¨Oô�Á7f…ø
û÷°~îë‡ä§çèúòâ[¬õpÓ\å#Jµ#ž¢ÎóxL‡Æ‘„Åï·H¨[.ÇgüÒ~‘ãNÎÓ£ˆ6NA"õ
+D‰�Ø®÷€bï×â ßñ9¤Û'Ý,Õ-“À|•<AÌ—p¾&É©
¬•£`@KîN÷eW’÷ˆégÇÑßᓵµüƒ'àÁÏÓʇÊ«ô¡h­L�[Ma—ä-—¯›˜�Ý
+po
¶e°“�H¡
+÷”/V"-èä©oôÜ,1-sÃ]]¯KTW‘XAí˜
úŸ5õ-êÈ6tëiFÐ|K”M
r¦Ú�£6!Ææ•ÄiIB7¼[¼ü½:¦†¬ù�9Þâ;ñ¡âW“F'&úüü<PÍÌ.2HûPàKivXBðk}+oy
­¶ÞâSÙ‰\XäDú-Ja–0âGbâP¤˜€:%ÔG"ŽBIPÈÇV˜ùF‘«�Eæò«Ñp8Q·²Ý�ÉÄ›>æ€ÄM':©Ëi…ÑÛÜ ÿн6ˆ	ÑlŽ‡ÃhûÚ}Ž$œêÆ#ÁÃè%“2?Sö¹„bv܇EÎW{zé…OKSÄ7À“éb¥é¶ûë	Kæ^N)çV­ÏC{QÿøÙŠABºG4u+oQ#ªì¥¥û×òÏ#ûùGÞ�üÂiAôŠŸø¥ÃwëH²xœn‚ù¥N–91-MèSrçd`"
+ãŒk[±_öBÀëb‡2÷™CiÛ[û-Q°Ž…J-£ƒl§ÍýwhUTÿ¶¨W㹃Ðîz‰b+±~Š”b\~ «›š„UWÂ%><—åžòB×L7þ�ˆ,:}bCLn"F%yšHš´rÄâq6¦n/ÂŽø›UïR&´�l¾ýEØÉfd²"LšrdrÂ’›^ÐnÂ1ګֹŜTÂ~û*V¸ËqÝë¶K+÷&¶CèfÕ�éÞJôbiÀcÿ6ÄkA5“КZ}‰ç¾Ç©
‹˜k
z‚Ãeô(u|úýWø
oFèЃ�µÙm†¹®ü˃{Doè`ú�+÷²ÅÎÖÍN�â¨ð"Ë VÈcŒ›–Vt¯±ÁcôÑù³÷¥7g)PfͧÁÃßq°
ú0ѱgûtKEýåù§øk¹�æÑ~8C/½»éÃÜût–<]ø¥•ä˜½>oK|…Ÿ¿ÌN÷¸Ï{ïÀ,8³ê‹Jûu¿ÍËx
UË6î“¥¹æJ¦Ò�R=(î–µS½èP;Ëy+R
r½E2«Ÿ¼ÁÖ<šûP už›¶øA·_Ðí8gS”^,€p÷
éÊ÷Ńp÷8sq÷é÷è5IÁ£¡s`Mo˜dÒ·´Š˜öþO’îð�ûÇI¥“ÒÛƒ‚·©ØÖ
;|ä8gÇ]×äJ�}‚D^9ΠOÐP£ð´ª´–Ïwļ_.‘Èøoúi¡ؘâœGX¾¯«±øµ>ÝL¡KdáY•T{O×»liÆ¢vw8#lÜU¹ÙH¹1|ßA²›’•ù‚Ø'�ZÁ¿Z 9¾UõÅ÷áh¸ß�ÿüÅÜç’ëá„Hì?2Û~|^m/ÚS»ÂážïâXæ¤E£,dçn+}4Õá;gVëégIÒCn\¶j�r
8ÌÆÀÎ/Ð…íw±È¤Ú,NÓmaœÿœ
Úa:ôV†'cÐýîÙE\LÍ–¦Ódõ«ß;. 	Ãð"¯×ˆ/¥ÊŽŽø«²žÀAu´¯Î®±òKÎ�ÛrÎ}41øÙb÷¬½XnÅðÅöÌäš,ÈÅC¨¯6½N€91�èÖ5[\j±ªüÂúùf%5`íoPò¹5É*öÀøëé�ìYEqÓ]ÿF†“þ[@D²C3n·�ò=æ5,›x»Ûo�hWªEîÓ!áÝZî²$Q¨ÅrR0Z8ÿE T´E† £ÉÇ[öËÏ
+Wˆ‰«X+9±—O"æ·‹=ŠyüØ+ÿ6eÀÍÍŒ¯+:½9´Iò‹g?á½>bE?‡X×l‡°!Bj¤Ì×*t6͇¯aWΘžYh7a¹ýêÁ¹®bk!Zµ5äyÊœD8ÚÆ©N>Æ/ú8E<Q™"ã�þ“u¯’éâ2¦Ä±ôŒ¨5Í�lì‹e–ˆ¼‚â{$E
ýÖ=	Ê䯩¸+>î¹\s
í)?œ’AЈMËQo@ÿ%yØ×™½»WŠçÎ\/çÖMe—14¶–šÁŠ¡H´ÔÆ)&}€2·yž‚sjná’’èòy†L·¡¢•±¬y|áòð¶‰ÁÁ„“hþ9®ÿxR†XK©Æ쪫@I…è+ì7!Y”f1W.ðg{"FÖ>+P<,l¤Óì\©÷�Fš‡pò»ÒÞÚ+\Kçòá6#è±j�(¾9Š¤é˜±ùAdÏ;£æ#þGú­@ävÖÃlõ*°|)�eT2å»ôwÐj‘ÃV{ÖÁG¿j˜ö}`8WÙ›.¹žkÝý@§lG¯d§Q¼§|@Œ™éd¡bÎMfiðجBÕid%jðUO6HýÚ,éÃG	Q <’š,M…ÚÎ?‹6¼Õ�
Öî!ƒbšSÿ‹ô£²­ý2”týQÁË<£oÉF‹¶X"Æ㶥
+ÜU=ÜË#sß
ç&eF…
D`§‹êA‹/ƒL“Ìž0ÃÀ·î¦K"­”½6£S‰T:tËùp|̞ͿÇÛ2»$ÉÃ&$ò˜Zak4Qk¸Ë©ÙȽÐwù»¹kâÞ׺õûìQ
+«Gý¸ˆäÙY6jÞòUüG˜.à’ÓAд�sË6¨‡wÇ]$¡§;$TÒªš46†Ã•�}HwèÃE–²ýHúz²Í(n†%‡z_š
ô~¢¡ëÕîx2ñE[þCõôi¬QŒþ¼dfùüMÍ)ìõ&øÆÞë|ÀRü÷ËÔÝ<ðžåºÈ&¡:rOMhZ�+ÿ¥{ò�]¡j†[¬´Á‡i=Üþù€äŸsܽ�H�”�Žëat«å’“P
„
9ø>Ù+x�eõ˜	ëô»F¿ÓBûv€…û'×HÚ,`»¨cý—;	­ðaÔ
+dJm,,'À=âNˆ’O�¿8êz>_œ¯6*ºtLŽ±t©þ‡V¯cçˆùrÊŽaç'ÛšÞÏÐõ€!ðµ½.ÈÓË5ƒî×*téþðè¥ïx£sÒ‡µE(N2”c½Ç͹iæV24eF¸RϹþkÛ\€T–bè7
+Ä/…Ÿd>],¯ˆRç&Ú|Øp�¿(î}Ãà„–ŒPÜi™ï¼Sy5åý#\ÌM�ŒK“nº@âÙüÚ«…äÉD€…nA|Nꉨ°Iû±7o;>�ϵ‡qvÊÓ¶RÛâÁ$=)Su¾x¡}ô5!è<qÅщ 
Ç�S|趽Ñ]Ž@²·Þ,]…¥Sžž2·Ë¢5§ÊOvl‘:E¬X×2:(�
Ébf]¨¢é.€…ë‘xWůœ¾Gõů›Õjx’ Þ'¢hÍ5½oæH6âÛ“‚[æ]/9Ái¨xJÂLKïz)[œ�H›ýIÂ�ÿVY~á§"«-›®`lý1È=xÍ9_ó@£Ê´!D@uj�ð³ºH=ö¼?†�ybÕÒuÊݸžbf?cÞ6ÊW¾ºÏ4ãpŸo™8o�:cÆ€jì¤9Ïðªe¸¹ÂV|ŽVMäE@´Îþk'�AWѶÕ/}Î.k[Âß¼n+xn�<.+/´sÆ*ç©·|œ˜¬uV*�¹¤,5-0Y_¹=bEàºk­ì˜1’‡]Ð�"äg>-¾ùH¥YnÌ�|­¾s÷ó°¡L³ª×cí #ª^Üb„N?HnCµò£Oþw¦ÒÚ­8òõY™@“œ8GH°õO<aBŒæ`á<I%j»¿
{{e%#Ñ:§·f5ÆíJÎ�bª�óûFùg@K»(êÐ —´¬ø1ÃXD£S&•—�•£!Ì%~º…ÃÅ��6ÜÝ�øfmŠ¯¸Mzõ¯‡Ð¦ì¹Æè¹–?^d:%ôÿpY7Y_«xÚ|‚â )°kG-FŠöšý¹`º÷J’�£·a[ý8ŠeUnd©Q�ö©2CÊoeóa@ïOa>­§
CMÞtÛ
â)‡‡¥Å‡c3ÌØÌým¤ÿ„©RÜq&Éš~Î~ªI¬«çÄ!Åd#Z	ùÔúábqÍ"svú§Ä[3!ä‰â‡Ö4²vÙ}Qw…›üR$¬bÉ3n¦
Yc'Éß'“N,¿®_–V¯I=ø™bã†lÌÙâSbݽ¬0A£ÂhƒÑH
¿ïs¥ÔCÐ{UßhØûšö«cÅ35O!àŽpÿ¯XÃU–D¹àÔXȸöÉPee³WŽÑ¸íœwHÂúGÃ¥FH;!oécåã£Ô‡†Um|
pkk°K¦ Ze3ð"¸ŠÂ…Õ§6þzÆy‹Ùå³Dçlr½¶ò´dÞ,úãêc0XØ¡FͱÛ^@íÿV˜è›ZD4‰8˘Fp
+’œ¸e¥bHŒ—Æíýp~ŽË*þhÐJê”eŽà¾²5^|}IbáU$Ó%ä6yû¢øÒI»ÂÍDMÇ6bic˜ÕPƒôNôãË�ýlÃÅ
œPì·é¬©äP/ðBÁFéÊ×ò¯¬R´e92™Y}^K¸œE®8ž–\
ã£æÖš7ϯ;7à¡òûR;KžúANìÎ…`-‡Zï½É?¾2ºìÃhR£XèÒÔ¡¹V]*îõ(8}~¢Uì‰Û_÷ŠÕˆîÜÅ­ß_˜v­0nùùE¸uB\þ~’š@ˆ“Fù]�Û»BBví»-E‡bþêùMÚºèÖ! ½ LÝ,�Œ*ìÁŸü¤VÓ;ÚÌÉ‡àtÿç~íª7‡ú]ó
+ÃN—œf/ï¨PÖ2˜UÌi°ŠTDâ:½TòµÎ
¼­—êØe	tE¶ðµÃÈ“RkDÊ
+JæzJ¨ ~»_Ý‹ýžg‡AröF•†3ÈÌHãzVž·cVºpÕ@Ÿ¬ÆwƧ~1°<#¼$9âÐqè-¢¸Tª Øç¥ÜZ8l~vÊPØšŠÈJ¯.Ë™ÒÜwé7~±ÀäÑ#ovaàÚ¼Q}a]W)
â2.ñrð
ÂQ¿*žÝ.'¹í*Õ¶�Çœû3	ÑÈ·@ì€Õ¤•?%F0NLoü×(ÒMßyy?j«Ù�©uO„óL2‘ܪP{|øÆ,B¢%ýXèq!õMQF©‹kÍ×¥ã¶~Þ€XŒÌ^0ñzòĦ��s¯íÝB
,eNôàÓ
KutL êŒÑæöï¢�؃¯�£šŒˆè¿£Jºè%ñg³÷#G,ùj§Æ÷…•É4§D	ÀïÿËÁwþ-vÓÆ´ÝKJÓÔ½³I›üÖô—¼Ü°?|˱}¤?æiUsöÞR©¦ö8ñ£Àí8.Á>íCÏ1ClïiwV8*gš§û¾*~’Émü¬¬+ùÉAÅœîŽRësx¦jN¦ÔÇf%.ÅÑ�žâÕ*g%ÚìT»oµ‹ïžÊHCýDM#G'è�Ô«\ÙX¨ûu¼¢‚¤F€Š|º©)*MÆ.À7ß&ÆkZñ—î�ÞžE
+ªo÷±�›g­�P`ìV¬×eÕ[#·ªLæÅ[wE›·µ(FMüúçOŒ–’êo´)˺ûSHÅð»
+9¼Æÿ—Üÿ_àÿŒ­Mœìl¬ààþ‰5--
+endstream
+endobj
+29 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-29 -960 1116 775]
+/FontName/PJOEOU+CMSY10
+/ItalicAngle -14.035
+/StemV 85
+/FontFile 28 0 R
+/Flags 68
+>>
+endobj
+28 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 724
+/Length2 1003
+/Length3 533
+/Length 1530
+>>
+stream
+xÚí’iTW†AJÅXêQQ®ZDâL ÄCXŠH@aSaL†00™	“	›+‹K
­ŠŠŠ÷JÝQ-²ZQPYô ÁJA+� õû§§ÿz:óg¾ï}ç½Ïýî5�îíkÉ—’ËQW’ -a&lž¾�0`&Ä05P(Bc$áŒÐ¨-€¹\ðU2³
ıeA¶lƒa
+¤"ŽÂdá4˜-˜óÞÅ
|9Ja„žŽÊÕ!¾¤Cé8&|>ïQT‰RѨ”É`À0�b,GeÁ˜÷Ê�#
g¸-U)>JÑ(¥Ts�ÙjÎ9@M)%	<HÑ0Æ<!©^
U³üc¬¿¡îªÂq!"?4¨ÏtDŽáq¤\¡¢Q
+x’R”"FZýÑa8OTŠ©ä#UwÁ1	Ÿ�á(°„­™�{XÀ”®X,*õÆhI8Cp%:ÔG	éHõø†@æy/ôrñò3ÿp´Ãª7‚´(N�è“}¨†?Õê1QX,†˜«�ê÷ã×Ò«¹RŠ2àK#„¡¤6>§rr"cWX²¸À’k£¾j0l8öª¿ý,J…º;6AóYÔE¡=tÔ;þX‡aê)¡h,*adî�€i†XL5Ú[R7ÿèfUÃÉ=fA?Á“…Õ‰é>Ú‰¤0ciUÕ
s‹žýwW4™4°k²xcð²B»f¯™çótO›ìŽ>fÅ’ü¬ó°³òÒ¢äQ/4ô‰§Nö� Þƒ)â¾oì�íQ+ºš²ßÄ'‡^v’M:yÃÎßÀ¥fÖ*ÚW:ð¦³ìæk…Oìf™Ö…e­;¬6Œ-71°­çx×e:Õ7àN¼ýfö�¬žÜ…[ç:;V:÷•æ½ãŠO™»ðDÙÛ–M'¾Š¾ŸÅp(ò?Ÿ²Üª¡­«´k\E¤EDæ
Ûžïž6
+ß•6iß5Ã#[
vOt8kLwêõ¾H:�©Y¨ìÉãViôˆgdJcö%¤;vò
+õ̳óûüdžÊ̘y›dB±Êºìú…îjÄ—*ÉTß‘€â´éòKÍ	Œõgëá´¼ï[¤tóD÷üÉÖò ø~�e¹Âq%GÃ6{ux¬	úáLWkÉÆÊ„Í^í:RoïšòÒ*”>»H myã÷kdÊcë€*CÈþà­ÊJY@È$�±6¿‡Än—–0»Ï¥]YgäÀm�º)áEî»’ŒCúÚvD>hÄšÞ¾V¯ô²KËúúúöÕ¢’G©3„z«‹§†ÿ–âßÇ
ˆ”³Ë·�k©=âJEçGÕè¾²­1ÞÂeëg9ç‡úw-˜mµò¬ýÀ•É¢¬©ÁQȳcÍ9‚/YK;uÜI¿(ŒJöù%?S’Ô|“‹ZžuÉ	µ‰Á¹+";6gE:¶8R-nWÛXòu‹›Óë˜�3öÜ­KÀ�:&Í„>–0þxªhÁ~³Þwµgì‚ÛûçRÛß
+L»\/ê÷—§‡D�Ô™­U›§o9¬ŽÅŠ«~]ç¾Úgƒö¶TNo·Müq§¹Sn“²JœÔºÀ«ï»ÿª 3þÁ ¤œFcÆè«’*>JƒÅx©ï×M†Æ§¼U^~Z;ŠÌ
Êî^å;?5Ôâ}“è"Êc"©Ý³—p×òÒ&Ì7(1N
+ªÖ<D}«2Ä·˜?Öª1¸VsëJÚè,ï˜g±‰¢ì­�.�¥£�lD-+_ÀusöôI¶mŸÆÉMóË~tÃàÎòŽªÅÌSQ+[é_Y��]ÎÙwϬ »~é1,,å÷å�é}â–’ðfz„!ßš't0jvŠcïç9xtb8ÅŸçÛ÷æ¸çÙûκ•+Òž8ßYl\ïQ _sñ¼Ã…/”	[ãÊ·ÝêªÃ÷ŠŒõ5ó/½<”ѶWÇzOk|¸ÝøÝîs\¯ôˆ¹º*�ÜÞÄ5è^ט
ôYí[îg¼˜ÿJ~ïŽ;ú—ãÿ€ÿD€GŠ&åÉ`ü
ÝJ>–
+endstream
+endobj
+37 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-29 -250 1274 754]
+/FontName/NWDCVP+CMBXTI10
+/ItalicAngle -14.04
+/StemV 107
+/FontFile 36 0 R
+/Flags 68
+>>
+endobj
+36 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 727
+/Length2 1052
+/Length3 533
+/Length 1583
+>>
+stream
+xÚí’iTSGÇQ4âB\08x@LÌÃ@Ø1„E( Š ‹@žy/áax/¼,‚ˆ‚ZQq´Z�Eeq©‚Õˆ„¸Ñb¬²«Ô
,(ZE�#Š
ârªýÒÓo=�ù2÷Îþ÷7wÆÔØÏŸÆFˆ•¨;�Kh²— ež@tÅÔ”C¢°#pWX‚Ú
ÈÖl©@6bÙ1­í0(SÀ!Dq$&ˆ”3ÎÜ!°£QãÁ8ð�%‘h´Ú„�?ÁÃPI¶P–ƒ¥¨%e(B§P  OV¢§ÌÂòÄù`
§©èã–%Åj.`¦æœÔ”�ã‚ò)ó}	u5TÍò�±þ†êKsw©PèGÙhÕW
+8Æ}ÐÑ"©%�� $þ¥t9:ŒçB¿*ä)�…��„( AL:ƒ9œÇÄîX,Šøa^$àÃB1ú>�âÈ—ê˜ï»Ü•ègñém‡÷ý`—,‹¡€ñùÀûú«ûDb± ”Ag0 µP=?®Â¾¨ç†óÃÀ_ãL"Ÿ_s¹¸±ñ4K[@³´Rÿ5K°¬˜	àXŒõtVƒÅ¦âIIÅ%ïÿƒúÎc>¦nŠÆ¢<Jæ
}L#bÕ¢—ûRÙ8k¹âzûÆüj[['�9ÚgÖéÌÌK0ó2jÉÒÈÛw“,?r…c³3ZY{ÿò�…ÆNîÐfghQ¨w4wœuMBA¹|.(•g­fj®qGùÇê-‰òëµìXÍ
æöIMSc¥³W�Ïý¶¼ïaòħ'¸ÏµÊBdüI­º'¼VMŠ§ÅÉ9´%eû¥4˲�¯°EÒ³uMR²‘wŽ¦zŸkº)nŠ{sÉÝ)³w²2~[pÙ²D‹ÞÒ—³¶§¤D¥÷ªpï'Ý=ÝÞ†n
Ö…Y£G;<˜æ×46ž&ïÖ
+Y’tè×1Vskï2·—äU#
yQû¹.Æf¿\¬ŸB¿d²«Ú¦òê
àä¾Çžù¬Ç¿ÀoQÞ�
Äd瀤FvPL6TÓP?ð$´Èµ¢ôùê6Z¢Cö»ÂÊ­ÓÏ‹œCNÊp>æ|¢¤®ølL¸«©Õ盕1{‰´G[³"©ósøm”êkWÅKº±˜Ý²(¸¿î`™^уÆÎ}K¸2YA‡uBAEmütV�+q»,£äÛVÊ#""Ge¿›VbaóM1.ëQÿ¾dnC–ÒaX¶f’»s;į«&œXîºvµkdO±¸Æ�©aíÞÙ¶ðlŽG@j°6eÑæçûåqùÓ]�_š	fÜÏ€§Ê[h¤È[o�_€ÊG†ÕœÆRSšMvˆ(mq¿�QÜÑ´(V˜²»w__¿Aoå[®¨bEM³oùÉ2Åi/Ö6}e@pzϼñcÍZ«Þ¨xǧ‡¼Ð2ŸS$êki©¤^wÍê1Zè�6ñ™cÅô#Ám
›èÔºêBÃuU·23n…+UÏŽŽ£•¨"Må«ïѤW,·µfö9œÂ}¾7SxûB’ÕWÍΖös)ÌþÂ{cô¼<‰’>�sá"“j7ÏäÛGÞÝ]¼8mj£Nö•Ó¬)kü¾Q±w¼ŽËócv%dŠî�„Ëæ2Ï«ŽÇUåœäªQ£ôU»‚iÛÓÓý©º‹;šeQ�õ‹™�µcÜï\L¸`R{ÁŽ¥GshÍOŽ}V³»Ý´KØg̼íxö|s†ï¯ãŽHe®Aß‹Né){§cFØã–ZÎ9ráV;×Õ³«`åëÉk6ŸÛ4^¡}.¬½H³dSÈN£.ª¡=œát¯2là�æé“­¿ìò˜¦©æ_3j©/R�0Š¢&žÉ‹½’~¢u)´¸8%WGò;ŒÌ·´ëk¹½m•+»èÂÑ&/î]pÓÈÎiì¿Ö¥Z«ñÆ+ÙÖû�ï&ßÒà<«âÆÓõëKmTö~^�ËF®¸�,4È*yuw‘Û›Ù½9õ�­u^?µ6l~ѶSzI¸³S×8¯&_ä|rýnÑÌ‚�ú¶žgüËAùßà?aÀ¢0)!¢ar…ò'Z];
+endstream
+endobj
+40 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-163 -250 1146 969]
+/FontName/AYERYB+CMTI10
+/ItalicAngle -14.04
+/StemV 68
+/FontFile 39 0 R
+/Flags 68
+>>
+endobj
+39 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 728
+/Length2 4981
+/Length3 533
+/Length 5542
+>>
+stream
+xÚí—g4\m»Ç-j"ƒè½wÑ{¯Qc˜!ƒ™aŒÞ¢E�`¢Aô.	Ñ¢×(Ñ£‰Þ»ãyž÷=ï:Ï{¾œu¾�uöÞîëºþûºû¿ïµîu³0êòȃà¶`8É#À+ 	PÔ6Ràðòó+°°("À@$S"Á’
		A€
+Øönp÷HŠˆJ
+ˆ°á.ÞˆÃK$€]‘ã•@
+F@ì€0€6ù½kbtÂí `¤7/ ïì0øã7€
Ø
Œðƒx	 ˆ`v€ÀøþÀR‡ÙÃ
b¥Aî.ÿ,y€nw\ö?I9wœ 8ÌÙÛðéÀïæßÑü�Áþ®¿7WqwvÖ
Bÿhÿ§YÿVB!ÎÞÿPÀ¡.îH0 
�°¿KMÁÁiƒAwèß«êH 3ÄNæàðóòÿ•‡¸©@¼À =Òî%Àèìþ3†�þNrçߟ|òfÊf
+\ÿø»Uõ€ÒÈÛàÿ—üÏXà_ñ�KˆÀ‚ÿÎf�;áÝýÏ‘ÕßfS†ÙÁA˜À	„�€Ð&þ�JA
îåË# *à¹[n¢	Q	ÿÿª4†A\ÝÁêJ~~~qAñ?³vî†üsAÜ}ò?c{È�K`°ØŽà•¡¾6ûû?Õ‹Vöà±ÛÑ{¬É¾À tCٺ͕¢¨ð›4oê÷áoYOT¿/¢öµÓd¿�õÑóM‡�+ñ~¤:®ßÆM-õZZq”:²ÓZ}A%þ µ{?V<R먔Rü÷cµ‡d£º+_|½Ëw#A©	ܘ}ŸâU!s²ÍðÍ;’íÏ;’j³-Èñì£e~Çy=ÔqÔ`ae·ØkÕk`ê
�}çP–ñéÈw�ÔÛýÕÀöËК÷q.½º¯®1¶$~½š“ô¨@”¥+ʇ».”ßhµ¬uo÷U<Mľvá'Kâ5—fû¢‚ò/�ÌäÆ|®2oœ¿îÂK¡óÃzÎfw�›©h"•ë‰�…VV¸ªÊ8�Ö_ ù:¥�Ul+ß~q+‰_I×TéòI-éT�§;è툌P€
‰ô”Tc©Ï­ö¡ƒþÑ>ç‡_\P„Më[ÖÍð^lY<fÿ¦¯E«–c,Ùrc}Ç–HîÏreÄUØZ€wûLïŸù=I¶¸€Ø3Fiã'ƒFMŸlÛÔUÊSLŒ[§~a+ð¡ÔIä,PÏ„Y×ÑÆ�Æp4	yCm°Ìñ<¾Á·?F¼“á
u°½œà”mD³±ÕúÙ
½×ÖÌAVSòè¤[\1¶äL,�רo[�æuF&uúð2
?S\ä³¥úo¶�µí)SN²Èác3g!N¼ñAÁâ
+øUé§}@AÏß‚û8ö—o×ÛùˆÄ�H£W.aYé6u4æµÊº“Ýç||Éb”)á%f¤"U
+”
+Ý2!‹û—jUAtÁÛ5�èšõqnÀñäl”1Ÿ®â\ “($ˆúzTôaNML&0a6û&b3¸Ÿ®“Dœ2C+æG»)‘W¬ƒK„:ä˜ZQ·Òux.âRsGÒ÷`!–y%-]™Ù¶{Ü‹¯O¤jI±@W†»IÒ`j¤VcÆçq±’ãª	F½oÓ‘´m}÷¹¡ÆXy3’þÙÞ)G9Ã=À㪟¬¯¯-ÖâχŸÎP“R…Tôa8ïZ™¶«14ÑN1éDüø짜’'¶¦gÞ¦H}ߤ�ÁFvËe°6_–N+©ƒŸLôÓkY%)”c1+ôxš”�‰�âÃ¥ÓÉÛ¥í§>QòÐï�¹Š¯ŸnuºÑÐ�5É<žâ…”‹§Ìm�¦OEjaæ(ø}#óYVÑ—<¼üpr“®uäêiip‘…}PT¹Ùv{%ó*¨Ñ^$¸1)�ËÏÏdÍ]†yŽo×Rr7ÍqªJÐ<‡Þºúª•lb€™›uuëœÖÜàè�qþêົ¬)õmŠz…œõMwôdb7Î)xís.8vCÙ˜Hݼ)7çÊ3›*"ZÔî¡Q~3Â\¸—Ÿ´&zj‚æç{CŒáE”²‹±Ÿ&;vöL³R8}rÄìêÚ>S쀷<S¾ÇR4Aô˜Ó£Ûu!Ë{wøÞ&7IݺcîXNƒœWfV‹¼òö“bÓâaÄ2EX­àfSX™‰¼ä®ä×x‘áÎ1šO_=ð­cp�ÐìN=ràKÀêèVÛ¢9Uq¨x±½��ÒÜçÀ‰|cÞšª~›ƒF‰™rÎW{Á/ȘããÖ‚D®Ú”q21�͇©Ówý´ÑX-g%²mÄø(ho]¶_ÃR½½r´«×
îâ3Lù>|Q5ù.IBùÒÓ€�Fû ä}­“‹ôp]TŽÿ4êa7'X¶–°eš+¯ùPð‹ìœÉ÷£áä¶É¤â/‹ gÈWŠm¦øòÒnç´9#M[oœH)¯8.|õÚ‰ZVp³_+f�*«´2RË�7æÛñE…�rµ Ç—ÏŽ7ÆA½ÃO/ÍòŽG¢×!�Ð}\u*ö’àgBÖ2÷,½ÂjJVi«
϶ýïc—sDËŠGO¸¹ÜXHÀ‰}tÍë¬@dÀPEfÈ==ÊÔO´‘bœï°
Ït×ípÕÞû\,fÔ�4ûšÄ{4½ý�fÛs�§Vx†,¡L,2B-¨}"¾«rár92Å¥#‰¶Ú&´Ý\ˆ…|HÖcémtO‹øãçlÏË·h‚¤6ßà�ä_šgâ·¼ÙóTìQz_¹éÌé¼,i½=¬ø`§�#Þ~°ç…×ÙYãÝb?=à¿?2ï´Þž	^
¿Èy¼{˜¥J_*K``7CE±�õN¦ƒhÙÄRù°©N‚¥[LbÕçc¡Ö½w¤VP»¥ÇÝ
+7”DÂVõ‚£™ZØÿ|ªÝò‡!DeôuCØ&�ô›{„I#ã.QÕáP#b¼O�ŠéI~”iBhNžP) QjsÊÉ*-›ÚŸ7ùì	”AÓãV¨ÕÙCìv™›‡`m£g5!i¨�s\ÓSȼæñ{„A¬+×OÁ$ŠŽ”Y©šÁ3èØüw¨m•—“=qÏs*áÕº·)œ,Ú!¢}RsÏì(‹/må¸TcúÞµ˜Aǘ¥Ü°G4ê%®�efÛ5ÄãÓóCr–N6xé
�îuJDžFún…œ7$9 ö@ò±�rßâ34Û`ûÇUI–ò¼1¯FËP±{ëDqt@q	ÅG+mCb{9¡+¬MæD~«¸ŠÒ™_35±¬`>ÌfôVpÍÃ4ÝàñvN§6j3®L=ÇyÄJªþ¡¾¥J)\¨=i¼^:õ‰S!«þú´Ìbëï)AKÓ©¥zÒeºvuý (Þ÷ÍtȪÍO·ÁÓ‰²N}ê>8¨¦× ØŒ’yþ}$ͧ!‰%Oµò£Óäœñe_RoÉoÉfK6²¥½‰ œ©‚HZ1	O²v;TÛ¼86ù´ð°k2ÛÞµÚ§®SßAe_Æ™�^
k�}JüÀ"áÃÁ'1£,¡ÀëâfÙU1]æ«9|ڀĠ\ƒ�§I+YÁì¸æz‚7ÈYG-»á–û1ÙŒýŠ„œìwÅÿú1T�Øž *ð& ÷g§¥¹e
+�c­6¢œè%ªò	Pvš 'bÈ^Øù)?P+Y² ‹iÑÿø(äi3þ¤*͘&šÈLpaŠ	,aîqU-]|ò*Vç9ö[hõ¨Ú‘Æ»©=ü¤«“†¬Á÷;cl”Ëåu•J+ú›}…?4¹õnG6´Ú”IÑ0®�ûî|8ó|\†LÿæÐܤ!�íðBß
+Kñà>ʈco£ä[SÿJ?c'ó#:�;*;á:<[šyÓySÎò,R�[uW�¼œYgR¿U>ÜëFú}~ÊÏ…?!Þ¦¦ÄAÙRz€ÀTUïÂÄ­×Ðfè¥üyR‰¬ãJÃNKžØ¾œI>67ZÜ|´nòõ‹ŸÉ!qmðˆÊcù¼§‡âÕû»h2]
ŒÁŠzÜÌÍ�d
¾Ï…ø½ñåÚ¦…yi/f“g8Cù:äb›¥•Ë†Í[‡bA“¢NE¿•›ë2q¸.¿YŠb3Œ”m<°#æ�}¸À5Â3ªÇ»'Ø
ÌÕ·ŸcDPÝê^	²e!jïF�OUÓ�'eÞÛ[ã_§¥Ý(|°øè¬~<=�ÇÞ§;ên“^–ézSxûÊHMµÉƒg¨Z”¶ó8GYè	KØCM·:¯ñ×Ð(‰§‹Ÿ›mÈl¾s•é›ÊaYw’
‡�mh	ªâkØL1=¹O67_V>p#IûUåf1…ÐD”]K,´›DWŠ/§uýxÀÝbï�ÍÔ‹Î̤™ÏåNøÌúÜ´m̲Mâ±1„wkï{=¹l#ëþcJ¯H¶*®^�òÙ<u涭÷tÎ(ñgÚÇõ{E'r‡+HS�S‹šk+\�†"/Ï ¸KæÊ#C±!“õž+�Œùý<Ķ¼ÞË­PG”­ØáÙ[©&ÍÄXØ´«ƒ¼<p7]úËïãÓJØ™
+š+dA´áy™‚>L^ï6­T¬³�#íN%ÖûûöKʥ‰j–jšòÑÕãE*8ûùÉÞ-fº½X&a]KyG…¥‰ëIuJ;ê1bïŒÑžxØš^†…YÞr7ÈqÎ(䲦Ä;Ô‹T�˜¤h˜Q¯Y”êS­�¯:þŽ?˜vÿNA¡dðŠjSà´<›†<nÉÏ_:Ô
(*0�È·oX <ôÃQ½¤qq¨•ò9ok•WüÈd«Ö‚²¨ä^&/V;xü2€{ò—³Z`=©[•o©c»±+öb	–zC¯EÌveÛ"ÁÖPŸL(C)u¸ÖÒiÝq¶Lžôñ7=VšL 8zgÐ-ñŒË븼 kͧV§®Û²aIL…2¶Ä·•¹Ãí{eßDR©L§¶¬ËæÄŽ|»!›ú®{m�ªÿÍ€ÖåYî‚

ÁÃ<‡N‡ÅÊ�AOEe–sm­,¯çüØÌp/Á}^>¥¨£1&Š¸8Ñ%ÿ_lôØ®¡à@_‘éfzVv³åy"Kÿ©ògA.£�Óºó ÀÛR¶)…{q±ã;laÕÊtØP¬½Mî«WäT¦ï¦ÄR2•õùԱŵ3¤Ù?
ýêŒz4F9TMó
+Õ>¬úÉ÷AÃçÆÄʤ*ÐÒG‰]6î¢zwøeÛÀ`hñ›}¤j‚½ÙDl“×Fù�•
+ÛvŒ³éœjŽH·ƒ{Õøbƒ¯Äã¦*m(ùÒêˆìŒ"¬lÕ¿}K†¥©‹Æ&�ƒ‘ÒJúùôíʯôaŠÒÏpþ®Nºêb7ìÁpÝ6Ï›EOaÕ“¨ëÏ÷^¸ÆWMçw§¹Ö8>Þ…ÑIÜ'’°Ðöª+	µÞƒ.[÷½W�S%»¨‚S­ÊJœù®’@Ü’FN�¼AéÄ/ö™9šüJ=É",¼AºÞøÅ
+ê[¶ŸÙ¨ŠF+ŽÝuˆk µóUŸ·>JÞjðDjuטà™ªt>·žf˜@Óûq1àùÔúNÞçrÄySßQÜ@G4ïß|}åþ»-°W+>š’Üo¹Ejm;¥"™¨æ6Kæ%MhÑ3Ï6ÚâÙf™üé^}N–;Ò]ò}ÍÖŽ«Š��#“òöñÙxý
Iè·©�[.ŽRÔüÊ%IK¡ð8D€ÃEÌ1ñ´c‡IA–Y¹ƒ=
ÖÛû.ejíóËò2·Ã£LÚ
+¿qýŸŒ-í­ç¼^ãMfãëû7ju©AÍiO…'¿öL°µ·1DNï²´ø#(·v$~Ë9ò1ƒÑ*¨®r¢+F4ñkÒìà­núPfœÓ¹$̦{#W‘WWev5Ú/qœ6Ói9?asù¾£$¿E$vÜȾª»®›ãa®[–ÏB¨{PFpP íu™bû)ßþЂ¯ß¾öÍž�Ô~¶!}SîÃÄ{;ðÒÍÁjñ{
ž]žEž™D5?Ü;ËÖå´¢ÎÆ?§Î‚Ÿ¸Ÿ,]aû�3âó‹tXѾ‘qQ¿_vèE0GÀN@|�”mœêÄÕI8¥”ü’ú¹’áé2uBødD^'t~ŠWål]9ÙùBÉíÒ|g©°wiž�Wa­DiÌóZ#W·A‘�Aè~ÞZÅç­•SÊé4ÂÏ@‹„@_á››�;ê]B|›‹k'FÕoz	ÚÙÄ9{— °©YRK‰Õ“ìäÜSý‚B)Ʊž|'³zÒÕöõ]V:˜ÖîNÕ5‰îzùõ߀4î.»öÝ×u#æqª°M¦k®…å’ò"ZuE}^gk{Îõe±g�„WðÈR¦ 7{}dMM*ôQUÍÖ\Ÿ°ß)sSƒ->,7Œ¤îž£+)v0ßÙ!¯
†B$	Uš¯Jj|*4Ù1ŒKnK~¶˜®Cj…´öÈÂÒmŒ
+^‚÷‹£:+¶¦FkO4”ëeÌZí «Å´GBª†íppIôÈû_á€Xî6®H#M%©›˜õCÙM˜ƒ‘Y{e0™^™5/l�àÁ	ÞØ-�þë¢>¼S}7$äÊù0ÆÉD w�›)	á‡4cî
LHi«UnqÜpfÇÖj+Ka:8:„ö,ÎÇ.„"­”‘ºÅÓ‘ˆN,A£U6¶PXÚHf2A„xŠÅ…7·ö“å²µ’~aßuübAkRxŸÌéæÕ€~5y=úïkö£Ìû‚¿±®&]™íݶë>‰TH‹	à‰S%l¿[t³3$zÒjÑS–áÅJTJçÎP)�z›GfØÆ~?le5ˆÕð–+”àıòCä QA§ÃÅÞêzCi¿u·Q„ðëå>À€á[kÿÈãF¡m«Y•“ŒkÕgÖÏG*÷ é¤y¥N\¿Ìó
�æJ¿R:–¼gcüD`Ö6}âWºËYW(ƒA—9˺è$W€÷*?›†}x2i9Jï¶Á¡Ò¶¾3n•¥Èª�Ò\A˜ƒ8ããÔ˦)ä'é§@„ÿX‹Ý
v[Åëœá”Ïëh‹�I'„hÆ>½pe¶üd�ïÝú»òYVèÊO/Š�C`£*ç²L8<¡Uû‰fY—ÊÑ
kˆÎ–ŸÒºa®
²UW.ö¦è'BxžBëˆ4¦ nŠ¸ ²>uçÿ_^ÿßàÿD;g0�„C�'‚ÿY\ÿZ
+endstream
+endobj
+60 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[14 -250 1077 750]
+/FontName/PPGNWN+CMCSC10
+/ItalicAngle 0
+/StemV 72
+/FontFile 59 0 R
+/Flags 4
+>>
+endobj
+59 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 720
+/Length2 4488
+/Length3 533
+/Length 5041
+>>
+stream
+xÚí–WXSë—ÆiÒ;‚H(A¤·@@zï½I/’¡$zéˆÒ«€€(½7E¤„Þ©"JG�"çœ9ÿyæÌÜÌ3wóÌÞ7{½ëÝï÷Ûk'»¡‰ åWG!½E„D¤�*z*&*"  ˆˆ”“S
‡x#PHUˆ7\("%%TòqŠHE$¤ÅH‹I‘’rUP
h„“³7�G…÷—PÉŽF@!H ÄÛî~…¸
MPPÜ;@TrsÿñŠÐîGûÂaB¤¤""@ê
t€;!�¤ÂPi!Q@‰¿d˜�Çß-_8Úë†ÈsÃɼ¡„¡�n
@Ü‘TXu³ü†åŒõßPý3\ÝÇÍMâþGü_“ú/ˆ;Â-àß-(wo8¨‡‚ÁÑÈZÍáÑéÁa÷vµ¼!n¨ÒÉ
ý%!¼Ôþp˜!Âêt„¸yÁÿÔáHØ?!n&÷'‚°¡¡†¾¹>ÿß¿õ¯¶!�ô~àñ¯à?üÖ"ÿQߌ�ðZƒ„@ ‘ãÍý÷“í?–SCBQ0Ò	hâ
A hØ¿„ÿŠ¥¬Œò
+ŠŠßì2�„PBòŸ}¦H„§\K(Ý8DÿT¡>h4éýçN¸ùâ¿kGÄÍ|àp8”4;‡�ûH€…ÿ§ýq÷ô=óÖ‘¯OJ¤¤äq¹‰êCÉÙJBx´Y?çâ–d΢ÛËûT$Ý»Ç×Þ§k(jP’Ü>±» ’x	à/£«( {0ò²½�ØÒ�weá'†(kw|5)z…jWòÇ‹à“	Ÿaô÷á’sí(Ði?Y�¦Ú­¶? h“µòu¤^¤yýRÛ•:ˆŒ@%¿(&>á]ªhÛ“S„Ukø>ùôýø<XÎN{§zBÀuU$QHKˆ0÷��	»6˜k‰œ	]~#Š&–àxHmô}ëÁÞ>“vckfûûÐ6w‘;uáÎOáX�mMÕÇûnOØϼ«¡¼Ú·ÐuõoXkk)3>¸þ›YsH+.‚ï‚»ÔV¬žÑRψ‹ïüû"èÔbšJzlßÌìå|'›NGÆ
+ØTuîgûMÂ2ܽd¶™!÷î‰Ëþ<ñuþÑÖ(:æÓ÷øšëª‡.TŸ¢_'’�ù䫯Šß?ö_²x6Ç0D:‘¬ì9ô#¢tÐpß2¯^ìÇ'5‘ú—Fá
u5Cp‚·Fæ^�%’(¦0ZãÁÃê›p‡.BÜA
còý¶ÕÚü-:}ÛmáU‹+â2Uì<N››}„ÚÞc¹<–žÉbº'Äf"ô:Da½1»Ò
+;ÜŽ0P‹øðL2ûEó³I�fëZîß2G/¯Íù÷=aÔÁ�ÌDÔ¥ý£�舳^IjªBÉ&S¹à΃Ð{©ÅÀÉ9ê�/…_“ßRT!ïx¤O/2È5rÌÖ©jDŸÍN×�§n´£?£Þ©Lœ©§˜|×µrweÉ)åÕhŠÒ=¹ë‚—)}MFâþ5Cß]ˆviúÂ,‘XéGOõŠgø«xÍ—×æÏJ™;—>¨‡�ùÓ-ƒŽÇï@ÌŸùªf­—RŸøa'™+h©zí]’9'‡I¦cÌ*Ú.î8æ{ ~õï}	|`6PKH2<dQGr+cÐÌñ‰WŒvóŒèåF¶>eÑJ‘uŽž¥¨‰îÞ¼(�ååþâÑ}åQV‡§,òÕ‹¸Ï]&+œ¨»=¼>p5P?W€€Ò-•V¶Ï:“owF›ÐkŽ8pœ¶®�ÞþÞŒ!¹pÏ5`“Ò¯úQ0ù.2î?%L3Wvf‚ÖÑÔÃÑü˜nJ Û›ŸÕ@NoT÷ðS…`M5”)+O{Qæì8³õô’üPëŒr2
ËhµÛú–gO¡ÖâÞÀâX³´Et¼qÚ—ƒQ–ìʾµü¤Öa_?ˆÓfI
V.î˜ÚèÖ“¼hUÏ3Öÿì†Ë(9ƒFö	wëä[À‘ê±é^¸éaW�oí<;
XœæDQ�‘’AëÜ�°+¹#·ü±¨3SÞJW^èr‚ÉèPSðñNFáí컘¬Ôû.d¨¡(/G·ùŽÝ]ÓafŠÓ·qTI©G
í3ö>&Ã0�
eC-¼ÅÐzj\=îÒ¤’½oŸ{¿/�rËÙ4€ßìˆGÅI¼Ðš�|ç:Ç6�¾K£!;çë€ve…±táRÙêpanó’G4¶'ê³.ÀýÝ÷Ê«ÒÙ=×YR–ë­”Í:ú
»4h¬73CtÛ•€"RHζoÊþ@ÂûçÝŸKì5\Oo£?3E[¹b"Õd£•®ËžÖïÅó9sŽúc‹Š#UuéW[6™%°÷b©ùùÆš ÔùBYe]oÕì¿Fá²]éè�ç­îż»ž_ÈÒÓwÞKÆWÏ�’~lÉ~—|Ë9çÃZé
“ÂüÉÂÞloŽ
Iñs0
“†¨þû¥…ñ­iÁ7¬$¯Åö8ß\’- 3¸4Ûéö=½û6ñ–“1Î~ 1…bvæ!­È-å’ì8Í*}˜d«’ð.®íäªÖD†¹±jýD“oC\gjÚ)R@&'q†oOŒ6¿øÉòtï�9*MWõø’
+œij]ÔÌé]`å5):vB�êj$€‚ʬ`J³}ûkx½P¬Ö€ø–`[Ãïš9N½‚†‡ÌÂ^j«‘’ÔÅŸ¶¨ó÷´üB—|¯®W„_®üÚoÁ9[F"­l>ìc´;	rö‚›“hƒ5Ô<=(jR(âh{iÁ+C¯†QžÛ¿ˆø]·ýXÚ>R2¦µ°A)Ø0�ºkç:‡¶ˆÇPD/€%ÆÆgtû}³Ý’/L¯ÞÏU7²Oçö©š/•ð¬Ëý¾Kç¥È€L'«4åÑ´±|�-ö2ô¨M°VË»`åNžä+‡ç#Ú[Q¦óÖ´ߦ2±RïBY²'÷ØËô4ˆIÏb/¾ï�—r“„jsÖ
¾±fõ’§ÇõÉ�ÍF°,â3œ„Q	ÏÆmåà?
+-‘vj�SKK;ÌJ� CŠ}Íì~Äñè…�Nƒ·8¡1¤è�ühL¯4ÎUâÌŸ+±Ò.{Sí@˜V»Ôêéš�UsWytᇽŒÆ�Û^Ž�Ò£ê‹;›äw6Hs˜‚çà1ÒgûYG`!ê¹Àï;?/ºŒI#œò2ç"muLúÙÅŸËà]™†ß#9–•›½j®/嶢"ðšnNÚ:R°çRšå.
Í2�¯Õ3úpaP³h‡à3ðtþ°¤Ù5,È�2°w/´ÊÝ~Ýìàѽa}œ`¥4^Nj§Ô¬8î*
cùöÀ/Òù«ÎÓ_ýèd¹½þ<�+J†ß˘ï	<5‹>[ÔžJO�¦8ЋBûUäÝ­µKzåÃç’x°ŸPÞ³p5Ѥgý�†5ô5®aÉǯ”®�Ùýg]kÙ\DI¶°ï{r‹-SªÑ½#ÛÌY‚ºNÖ†Ðî	“jz¡úìÞ�·ä� »ýŠ$ÆXÊ"k©™Ä:ोt‡ ´8Ö–7
¶ê?æºZPNàZÕµ>ÛÄÆÁþQrÃ7¹cƤxÏQZ6¬ðzê1p·‚¬À¢¡¬²6þrÁFd[ÕBwH*Û9®Ë¿K€’IÂk¼u9…Á>ݪ�×ƈ‘ I¢1/Æy»£ÁÄ9ÇÓ¹îc‘ßLÇ2gÉœo‰ä	´$¬¬½Ÿat¡Õ±É�ÊÞ^b!�¶m:Ì^I/™Å²«° üŸŠ(ÊóS‚åN¬1ì5ó#Ìt&,ZaAÓž»{àê]M–aÈ=+ÕßÏËXµŒšÊóÈ©NšÓëö|P~¥Tù5Z¿FƒÚœ•Ïˆz ºýIU Ýž*m¹v2U“è.?¦ÁÜG!ºÏÏzN>¾{9v¦ûAx…º'±PW¤xKYŸÏz'üÆÃ_k9‰‡.¼®êõ£j±ø_ÛÖx…+‡€<%¶Ýˆ‰ÔÜÒÕP1 š¡`~ÊYfÕ'ëšT5Ôba°#TyH€M?¡^¥�[t{]£Ÿèž•n$©GƒÊ¨e¿1J›	Þ^ñ¹…}œ/ΕC™»¹Ø~!e¹"7åÉA´4¬à­}`¼-†£cZ×7„	p4˜ˆ(¾×DG�hØí^æ8uøe"´Ó›¬Ha½íæG'¨ŽXÝ‘UÚÔœ!Ø4xÇE�,tÛ蛞°4P¹É؉mä�šÛݹ˜Ó)GÔ2ü0^±“*
˜£Z:ÿù
†‘6§rp©ðÛ—Ý>piõ£±—D{ËÆ•G•H¯D"—VAçLâM´r²I¾”A�½}MNËܘ?Q¤±£uºD*Ó12i´×L�kŒ”†d;Ó†";€I<¢S®Ýµ ¡)ÄSÀ‘ùo_­¾xûMÕ%%]Àô‚c½ðz=–¯¼UÕ´ù°–pDeB‚rêÀ(•	Xç]™¾‚Á
øã�Ã!N…ue“_R¯‚f¸ñÅRløã
+®�íôííÆ{ï/>—É1‹ñß°°wi6M=YºÛt'ÐB9’v�9›\Šÿ +“P€€ÓÁÿƒTj.ªš—³DXÒ$0¤ŒI	Ç(d'#½v:Åywtß.ãAÈ´
†"!{öóÓtÎêšTô s;®'D²’š»^?`ØܾÅÐXƪxý•Ý Æc"›“µÞÉžµô¬5
+%ž“�Å)$>‹›“Ë[n2z¹""l!A*üTž
a.,ìz¨XŒtîWó}Îû°U}ôˆlyÕí¶ýˆÿ}¤¸³ÓŒŠ’vRäí§ìÉ–x2ÒÝTôá­a‡ @µRl¥u&çð�ÉÈ¿ŠÊ¾Ê`‰õØ7{vcvTYJ=‚Ú¤¸‰›ˆo~»ØT¢ñª'G¼nX‡Lh¨‹¤­TÙp±o—ÍH’ý„)‡æåáL&¨7Õ…Ï[ÒûΦ€¨hš‰Ù8œŸåN«ù†Ur8ÖøûžÊ®pË+á˜\æ÷xžŒ:8	ô¶¶¶©
͹Tü×ÙOÆÆØ!v¼ÑïèïX„ºÉjzL/.¤üľ¡Tfª.?Ýž� OÎd¨;«SÈ
+½’�Ñ2VZú2•†i¯:,{Yyˆ`Õв'�ÍX“R´½Ÿ±Š'i¼Š#krÎ!4¥,?Ö2ólóg_#¬#Þ-\®
,ʦºSã’bª~§ÞÞ “íÎÿ…¥Fv³x4…æì%*ˆ¹­ÞèQŒ›=°º²Æ Gn_R>ÆAÁƒo´Ÿ§|–
+VŽœµÌ&Rßuituëw¯oðíàÃÙÅoΣ$§ƒlt?”V+xƒ–컽—ÑüýñV<Ží™8D˜v-§d$^¦4·{ý•Å›c’þ"!̘¨óKœÈ4§Î~æå¶KäycI`˹}îDõð·¥µm1íã¤TÀ–AȨϭӸ‡óëü™®eNÙ¸$\�ÇîdØj—?é÷i’Þæy7n‚_«w´êó®Ô±ß·t…´ÎˆNÙ{èR¾á)8bsá³¥"ujúa•ùSÂBÕÙãLð«¨Ék�J×J¿6°$t~Þ�uGç/¿žÚ·&;Û£÷ùF¶¯yyÏ(ܘ\³|¦qÿùSô²nÉK	¼¯œ!ÂU2ÉŸÕ}ìèóÝç,¼�©uϵå6;$‡u[ñð†³­æôh<'¤ö Œ÷ð´à¨´(þõ>ñu°Ö‡Î,S'`™µßKz'“�_´�€µ1D
+7wã‰`u¿£hÄb{[‰R³‘’3Hr“þþ³ëÄ|ÎwL
×C§äw1)Ö³Ó½;cD/Εƒ
ôÉCÒøb�'�q9°•ßÔÄî(œîöƒ8ú•l¹¨›¶NñB/ŒÄ‰«ÀÊS#C¼3•@þ§ù˜»H.·ã±çIÞg¤=1¿½Èž
+1µÜ=qè”HžTK_}¦)¬šÚ'dü¶=U—wM¹.úc=¤\Ž|Böª}i©gm+¯nòJk6Ƕ•�Gð§[SÙföG%ÎÓd*Ó™·ÕûßÞKŒêü±‡´í`
Úä
+Ï
+\rX;{˜}ЈUÿÝió|íéÀž¼ðÀK_A.[Ò÷­Äk�LªA²™ßv($J¬V¶ûžo:³†AÛVd¸ÌP¨FþJÞ;ʽ\”?ÂC¤?fÇú{ì—µOøC1ŸßpFœ/RÄ9L Ï°¡èÝÎÝq©/`
Í£õ]¼¡¼Ž„œXG‘/î)WåwÀS‘É÷y›‡•9ýp;°Áº
CwŽŠ"ZÛKÁ8‘…äc¯–*ËÛhhÊŒ›êº’ªea&FÍŠN·ƒ}÷—uxuM/[]Ó„9†¶P^åÚQQt)¨¬D
bt	à@�ã4]{Ïè´{8™ÿ=Ÿ®[!çÍA¶
M¬:oš­¹P�¥U`¦Œ(±`ü!”µþ&»‹•íà˜%Ó›œN«@̯ƒ½+HâgEÿËÍU4Ó?¹ð|¨¨›’$¤ý%‘¦ÀêÂA�Í:x"ü3¥³‚íÔ³Ž7Ú%'¹z¤m’Ûwp,¼ú^?ɼæ	'ÉÊs	“—Áôà½GYtÏøÔ�"ß't2kÛÞµ‰¡$ý//Òÿø?uƒCÐÞ(wÚ•”ôßûFþŠ
+endstream
+endobj
+83 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-20 -233 617 696]
+/FontName/UQXTFS+CMSLTT10
+/ItalicAngle -9.46
+/StemV 69
+/FontFile 82 0 R
+/Flags 68
+>>
+endobj
+82 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 726
+/Length2 8430
+/Length3 533
+/Length 8987
+>>
+stream
+xÚí“UTœÁÖ¦� 
„wwww
î‡nœÆÝÝÝÝÝ	îw	î$¸‚NÎ9¿¬937³ænÖÔwS{ï·ÞzjW}”¤ÊjŒ¢ ;°”Ä™‘•‰•(® &¯®ÎÊdeb
PRŠ;‚��-í ÆÎ`> +//+PÔÅÈö·ÎÅÇÁÊÇÁPÅíì=-Í-œ�4â´ÿPqEmÁŽ–¦Æ ‚±³Øö¯‰©±
PÍÎÔììÁŠÚØUÿ±Ä	¨
+v;º‚AL++diê4
›[BÌÿÀ’…˜Ù
¹ÿ•¹ØÿgÉìèô—Hó—“ø—d±ñ‚ÀffE»¿»�ÿ²ücýo¨þÝ\ÊÅÆFÑØööÿѪÿEalkiãñ;[{g°#PÁv„ü»Tü/<0ÈÒÅöß«²ÎÆ6–¦¢s0�‘—‰ƒë_iK')Kw0HÙÒÙÔèìèþg
ý;Çßîý“‚YCE[]J�þ¿îö_uecKˆ³º‡=Èòßþ³þwü·OŽ–î@]&ֿ¿ßÎôÿm?Iˆ©ÈbTs6†€ŒAÿ•ø_¹ÄÄìܽÿ>#F6vv +7�‹—ËçÖi@,\À²@N–Ašº8:‚!Îÿ|�üŸ±™åß�Áî`S@V6–%´!ý½Ñ]ß"™VÇÌ7õ$ô>œŽp§Rª`ZûùrÉŒ1F‚�áÂ+J\ÇåÇG¤hˆÅðæúKb¾¼¥}³m™Ý`
+ZHÕ¡~ºè=L+#qJmEÜû¡k€¶”%1§\˜F0Ýë.QCⱤW ËôJÝÒŸ®e#,
H+A¦lbÌ„ÿÉÈÜÚiߺñ	@6t§IÕÑ&£
�Ù<KF•RcðÏÍR,˜{þæ°°J‹‚¦lãã_‚
údJŒU¬q(Žå¯Zò
•CW¢¸±à(LBb†³oŸgdœý1ˆG¯¿¹¶—"°FíFî˜7Ñ�Çî#ñX_	cÔ±ƒí€�x�Á�úBQ‡œE:¶]o¯b>µ¢<¡Ô›ab¬¡uÃ{–'Šmw–aQÝpê˜JâO¼LÔž¾T`š_•m‰$¶þÞ	´H8ð•ØÎ	Fy	“ÏgÑaQ?}kЉ&ÿØv¹ûeRõýÃw6j`߃ô;ø¦à»&c¡ÿÊüùÕI�ÛV1Ýžyò²­,þFŠ3~æ¦/e¤€B¥£Š
+%m?é‰ÜK�4`MÆŠDé­
^oÉÙþ–€÷U¿þ-i Y#Š‹±ƒ4ÄíâÓ7š»é{�ŽUT¬ï@ÎB4ô¡N»²[Z©�mê™÷»ëêEk9ê`XÉQæÜŽ‘Kb
ȸ�›O� æŠOj)ˆ‘ÉÝϾo:¦HŒL`Ë«#2üefˆ: —Ì€˜Á’4=?þ–ë:ìcA�-ž§°aŽ`•¼t­	0^5’³^ZÖ^„,${þ3V
+±­D[[PÙZzçN�ÑÚÑPÜW;Wpà1ïý¦ÃëŠ*psQ/-Á�óÑA±·Cí׋æˆT‘Ømk,"sžÃÅ)ÂçåéÑëÂ6g×+JŒ9Aýãô•¦/«“˜]ÎÅ�¡¾Ã¿;px^ÄÇí¼>g„û6�ü�ø¤§¿²ÔJÞsvÂÑÙ|Ÿß60¼æ.r36ì/”¼
+DÊ–‹qc“eÒrEýtd(±‚â\G 5ÑÅaå')‰èÛ´)O‹Ó!÷Öè\S±ß—¯¢C"ŒÓZ}>/¦Õk«ØG•+ƒ$Š {ŠánÎNr§™èD¨;¯MÕÄ–a7y‚ÎærüN7vW
+?8¿C±©Tz“œŠ‰j™È�>,úçhçð!I’±+¨‰â­ì„rò|‡Jc2|ò81¬ùôE}!Eñ¶='ž¢_äñÛa“g©ÍÊ*ˆó¡¡Ú(†8ÑÄÎó�/$Î;Ñ=µØyŠÒÓŧæ]\ö³®"žpC2Vq³¬Îѽ—ÖñŠ™S´ìŸ}(5¦é ËQ¥€ÙYAIÊ‚^1¤³U§�K(Å÷ZÍÂÚ]Saþ�8(ÖÏäslf~Õµ|Ü=+2ݯzd5ܤžAºFé” ,çé…¾)�ÉîM'Žµ[<Æäqê¨d­Š6ß³P¤YQJÁF- 
EoXª—í¤¯eyIng±T·)§µÇjâ¢W©MòýÝñ[:Ûéi©q¢¬Uè@«²îÓxw2%×ÇY¶D¥cVXU:Ž?ŠoÒæ€»gì¸*9Ô”Üú‘tB¤)•%
+¦Ô¥Æ�ù•.oƒO£ßrX«Ã¾îCÙNþ^»³öKàЗuuIæåCŽßËå´SÜEÂ}�úüþÇ¡ôþ`¢Ø½SÄàî÷T¬ž…¾÷Af@5këCfßé^h„î¼¼«”힢×á)¡*ëðpô§€‡\Ƽ-²™‚Ùl¶ú?&��ÂôA?ÜKÂãL”�7J4$<(©o]
+Öý½bžIä<ò§Üýã"mA¡‘Ù£B©
+®Ñ~*¸«ýñ©Ÿ\ê2Þ‚ï³:¦�ý]>‘�͸‹³:�ŸÓá=9I×	¶˜�uÏqØV›~ä(vðù.LÒ†
ü çø¸@ä3Wñ¶mÑS!\;g¨FBûÒy`td‹í€Øô¼]œUà±ççDüý(f0‰hN×WòVI±ËÓ‡?‚*ýÉ<ÈDC�
Xí7Ž ^Q Ÿÿ@­¥¶ZS!¿p¬ú£J¯’ÿç¾Æþ{õÁ¦ûøn&ÜOCÇÒ»‡kjš¥x6|ù&¬�L†–ЬTÿ掹awn9éO„½ZIËÎiÿ
£Tñd³—’Œµßý	;x{Ê(¸EÞ(êÇÞ¦F§¡í|Ó˜Þ´]Læ/)g“y�†Ï%Ú1UEt„Wág ÷PoÕìCÀ¡(s8?TÈZŠ°aOc«úL½%Ç„…„ËÖ.ÄÓhÅ�öH]6Qb˜5D,
:ÌŠG8¢±GWž—ÅNúCË™­zïJ]­ÔãÁÃn\3ÏR@ªsgu|Ïñ±=—¨6 ]'UìŠRÑGê�ŠôAIÅÌŒIÔí©Œ¬~£6é«ü&´%	‹>Ú�0Ç‚^—MÄ¢É_W|QW´¤!«¥Å_H±²®ÉñÛÛêUCÑy$‘‰Ö0TÃi`iÙ–kÅÅwéïÿHš¢‡('+™<üÝ+œ‰|8;zVÃ6ŒË�¹o¡=îýHiJŃâM"j–òT-#aüýœÇða­+å¤r¾)+z3*%îž™7ó„‡Ú‹ëåÌýªF¦ê¡rõ>±½ØÝ[b\Ï9±z�oMn'(zÞ¹½UÄÅ‘°¿gõ’vöVŸi4ígZ@½ó6ÿ@’g¿Aé)\
õuDct7|£®8®VßW¦ž;8�òA§±ïþ}œÀÈ-9ll1–Êî–Äw(ŸE¾fX§ã�1Ôhœé˜K
�ŠÖ‹á»ù�{ÔîGh
+“„6}#òŽé\Øᬞ2ÜO|Á´‚3º=œÒ%µ‘¸äœXT¢Ã;0g2U˜h?dÀ]óË}XØ»Y/ �ôØ	VÌ¿ÐržXCë•©j��®m‘ ªã^¯ÇhÊNêFwášD_ˆ
+㎴'KOS¹wƒ=DM£å¸:’š3Èplš5w­H2$½*„Çéí;f8NMúè"ü¨•�$)^þc�ûÇ“¼AšΰXþ2É?‰Áí»>&öžkÑ…yr	FŽjÞTŠ¨¦)ªXGûº=[žháí‰E÷tï”|�¿|ÿøà„ïT+­ýp�A¶å©Ð½ÊéÏJåùËüPËsßùÜåWAkÜG	Ñ>íê�ƒdíçÄøŒúkQ‡7T.}ÊœTj¸ùYVbýD®YîC/2²‹'H`-þSlŸ«§ì²n&ᇆ‘¯[]?ä€&O·n(+VÝ
žaé%î¡Åõ¹
åkq±» qGû*×Üßæò�Ó|N%{j”Í�Ý°»;œ±ÍvQ:T¤)}Ȉ9·w)!úO&ÇA;!¸Bì;…â´hòˆyÛÛª#F

Z'ÉèK†$­½@¹‰™¤†!nÎý¸šÏöŽíÕ0Ï•Rd£þhu˜›j
 k¡wÉÕëWS`ùKÕ(wõ¾Q—‰!¤Ë-n¸KNŠ¾®°Âù–^'Lfê+ˆŸ|
§ô˜å
cÔgZ'ipíÕ±YS’MÈ„
+*s(´’‰<oNhùgu—d"¨Œ6ܢeúrx·?ô�Û&.±²æ�.B´9oìõa�ïÇyk³ì^A�ûƒ~
+"ÉÙ1{ò±»ØbŸpWð×ð“äX„
nÒŒÙ\Óˆ›ÒWâ™O¼:m™¢b•-´º‚Ê÷txñ·öj¬ê,±ÈÈ+[¥Öõ²‚ZžjõKÅ~1ë…ŒŒ•ø1wZZú'.™Åjai8U(Çãru3ÌÒCF�Ñ�/…±ÆÑõþÈõÇ´¦P‚ΖTPMØÏ÷TÀáÁ¼»ÝD3ÿϱa¬üåÇáîÅjP(ešõošÚ|>vMiÛ.8›‹&FÖ|	Ÿòž
+Èý‹{Ïú½@Y“
³ñ7JÁÖ"£9éæðê+q8Õ‹ø´Û¬‰«ý’U<dùˆj#:\ÕÇÕùd§P%".“ìû¿ÜSc™(¿ÌmÿèèÝ ´åƒÎ
S‚‚üì0Ö…/±„ß‹Ûn©ZTDôBÐJ¥–%ãƒK="憫­_SÅ•5¿ÙìÓ�«b¿¸•ñAÆdÍk;¯N×K>ïŒ[ÁÑ�z!ZÊ]„¢Œs¨(CøÂÏúídKÄCJ8¬�uòÐr²ÑŒpj>ùÝp{Ýz]½]oPh¢§UÚÛ&lÞ82ø⚟
·Ì–dïÑ?Æ~ôòÉ•|U�kó¼ÞUÆ€‹’®_é;‘=j´Æú·Æg›�9kâ¦aBÙl±çß›)ç†
<ú½OÎ/8,h¼ Œp÷ÇxL5®ÍÌ…z\æסi’œ[rüç-ô.aù�ÚÓàwE­t¥4Á*õÚVñè%ß®¨ÜŸ×ÏB1o†ÁY÷ ½Jýü)æ{ËX�Ø÷³4¿l÷Ì«Cêe¸'¥AÖŠdÁ/ê3‡ÚÕùLŠ¡Ãør¬¤ØfÓ$¶w¤·—Äë·¿Ö¹ÍùÚ./Þüf5¦ïWØÍt¬ésE³Í•î~OÝé­J„WЕGåumËû¹—�§©pf7v‰rÒ3)À¦ÊUäùsû
 ËÛ6L%Ê § ïèð{VA×¾°"ùü©”•ÌÃ2|¨ÕS²‹A4ºÍ¸ˆ®!-óòkO̧:ë¤'²öT÷2‡lŒö$+ãq¾Ô ëxhð>”ÒB½ÀÁ_ÞŽ©7Ü �U¥R\\�Ì£sXÉKW
+òÒa<êܤ$Y…mËÁÚ:Á×–8>bu½ª`ýwñL&n„vðéÚ‘iê[ãF~ö8C)6ú0]³ÕNž®�ɳ:ŠÖòˆåg]9„pá*Åóv¤‹ÈÿÇ“-Ý7Ûø
w ¶m]=N9<;Ì
užÛÀâ¬Õ8Æq�´r¿ØÄÂZf�¥Vn?ç?õäåç0
èDþÃM\ë�¼µø«�BJÚÁþ}}ùBÙŸ
+aðVk·nÊ�ê‹SÊk`J«y—m27|_Û3W¬Þ¾TTGS¾~ºÌL<蕦R\dÌSdÀ,£g.F´
å�%œ1>ƒHÞ9«Ãír:nÞ?¬•øˆãÝ5¥ü2÷
OqÏMv_‰Ó¢Û~³¨,ì#EôHÊ?„NÔ[�Pù9½æ2¿·RøMÃ¥¸DʤV“F§m�‘¦X•hˆ=®7ɨxMh0ê°	ra™è µÄ[˜§N¨ïš÷ó«Fõ‰«Hu°®¨Lp›A HVWwé4E…ÝæFYu43ž˜š�µ„kÊbÊÕT¶HÈ™~ZÃW„ÿ:–|OÓŸYÆê]šåG%ð‘�ßæÛÆÐQ¹Õ#=áç\W^ò”ž
+Ö[·)mK[6,ÁÒð1“=QfûØ +ø{)‚\_ú<÷ožPzÔñ„‘këlfàý#>æöbK1fgE—WÍ6¶_„P¬O!ªvû{Hû¸É#�
¦Ð©˜›†<á3	òXŽ¼÷:W&ù8ý¦¶Ö¦H�Œ¶ƒ¡æë¼ï¤|X
ms;,dAi*Z»G`‚�Õ·™k—Xa�Ç�
™XîÚêÝ=Ž²ß…R³~w2†/>šp	é™QÙ¨½L�Ôû.õùÇŠÓxÃÔ—Sè�17±wÇXEHTkxˆ!Ƀú‚ªõ ‘†rFþÞ…]rþh€kevgI~ˆö^³Ò陡�-2µõú+Â8O§DíŽwº/ƒ`ðK>šuQy8ØXA²¿½œNZ£Ê”Sz’ÝYX0úŠŽ–’¾¶eêÜ&`ÅBô²`õ6ír†�<6l*êp¤
|%ºuUl�ÕA­1%§»ˆÖNè¯
+†¡š’¢f¬&˜“©bIñ˜˜9H‘eKeku¹4AÌz(I³r2šfÈ9Eœ“OP�¼9›yÕ~É°nÞ	®äýò­EóIFÿ[Š%;âÝÉSžu7Ãé—LqÃÊõϾÊKøÔûÊ»nDkÞ¯h+ãÂR�æáR±6^$ä~?3÷˜ãm^…6ÂäËíipÚ&e³.é	óo½2/¼¡`‡žh8U7ÜÆã„O;î_æ^Q~_�†Fx8-‚‹�˜û"þû{¦˜ñ׌„½˜çBêù¡âKÝêmÉVC¸hLç»!—²Ü9ÚO›)‹%>¤#8д®3h†u¦RŠh‰˜$V<ø<:^AÉ'˜µ²º�¨š¿•rNU…§áƒn‘DèF
Œ,¿Ôü&)®¼Šk[ჷÖZXaÉ®*®£ØµÝÏÛUC˜š½•›²î9g¾%ʾl.�±û¤×§(�N­[a—ùj¤¾Ü#iP$˜p…¾$ºÓIŒqÂzØHióüœùPƒ“‡<»ýݘ¤…û„pÏÊe�¦ µ;Æë¶;º¯Ž`kdô5ÉÍ}�Ì]s<–2f�ƒ²“ˆñ*ÞhÑvUUs–û~IUŸpäQ³Ä1äDcq‘]oj°JÖU]ý; ¤°’Ïå%œ¶	4z»n\öÈ´ïõ«ƒ€¢�1š^òŒ�„¦@ˆÀ�RÏGlí“<ÂãäDC¹q¹Àº¥Öðäv¿ÎŸ	«@|NžE»jîÆeYg;&¼|nße‹â8¡9cñnZLôyUÐjØ1FaVúÂ|
6x°¼þž6¦û8*[GŽ<Q‡úúØ÷„ì©d
(TTå•N}#|·ù{öJì}¶bX»Ç÷‡	T}K¶¥»"ßXOê}Š¶Ã¨£½5¢„Z¢P,ˆ^;16É’Vªy¶„„{tµÜظb——q?æ ê-z@v»+"2Ú½§§p]Ü­E±Or’ŸàY}¬	õí€c†+'Ûå�^q�)z
Àí•ÑJ¢­pq²w±“VaÚ òeu)42Z_ÂEÉþx'çg!å°�["?fÖ¼qMÅëô°qPÅ‘•­·.°¼I)£?žqS�#�?,}¨ùdsd6•üPtä…ÏOí¼¿HsüɧØÔ}ßÎH}õÆH/²å£ùÓ°6Þ
¤Lo¸ÝÌ1uÊ%LùDD=§.ñûˆMhgë
ãZXapºj¬WHŸvP$‰_ÀùvÇÖNÂ=®�Èe!q}Ü•mK®Êú"¿ñ5¨G®Ï#ʼµJS8+s”Áí*†ZŽÀäðºf!Ãß…n“��æk	 „AäèuQ˜ÀÀ+Ñ9Î÷lMs­\ûÝ1€¦%P*7X¶®ì©W$6-E=Ä-Bh“'»n3dqÂÝ:gm»
΋Z›Ðrû®s&$}ãfzւDZò¨;"?ôHœ¿*Tz½¯d#Ž>a±7øHÊåZ>r–CÅNÏŒ£¬*Gæü¤Œ“lÔümŠðª.70ßb®Ê~(è£okÄÛÿÃÕñüŠÔV&VV`vXŽ¤æÓ»(�‘±¾WçLlÓÄ®±¾y@?ù„8Q÷U}‹:9¢atÜéÀ˜qVŠ“K«J•‡Åå·A…‚}<\ñÛ÷š°é9€wP	H>J°«9wˆn’_ðÛKîØ,x¦(’ìP`Üi
+h^Ü)/vØ$Ëé¹Úë>`e¶®cW\\»´ˆG";’�€.'é¼|Sá[E\íZ}ÃÆ°îašÔDž�Û~ç¶}¦Ø¯(Ôå…~�jêG¿ÆâžËdm	8{DþŠ3õØ—amz•«ÈPf²°‹W.ª+D¼ó1Â?ž…:]wäœÕ‹{ãË8½�„a�zi˜ã˜QjsÞpŒ‚.crN¦e–ÊR÷\®™2óÂ9:´é–rŽS^L9,SÝr
Ak÷ƒÌa|ôzÄKµÌꀓ+äú.^ƒ
�nÀ¢¤‡×㯮2	-KzêóÔÌ»VŠ):îN2Êï]”h.pâöš.¿º^”«ÀÑ®e™P/ =Û£IFà„‡ÔØÝT€î¤3ù{¸öÞ( =3œðï튘>îØóÑòêÜŽŠŸøêŒÆðY*†öþ	>÷]çNIwÖgŒÍ‰6òÛìÁŠ/mÅô½Oj“4“¶)Å…$é=Q’ŠÛìÁ
° hüÂ((RWQ=”[1çýbùÃÑ£±šI�@ �äOwjûgó„tÜï+ä½çLõÕê¼
+xÈÓÍmH™$ã¯Å™à�ˆÐ&C|ìҕ袡›ßÌÊ Á>½X¢³üÒ‘¾Œo7Òû[T:ò³¢KÆp‡ãgB"(¸µôPu„âÉ­{>N¯‡ƒ„@.æyù+AÝ��ð¹‰O,Ç>Á¯ç„÷'ƒoî÷ª›ùBeÅ‹ŸÂÇE,œeÏ=ïÉ&“8E°Röð#ÜæU‰hÒ§õét®6'Vˆc´­Èчû–1”/¦œ�…ã¡Ð]\C±Ù¨�­Y>QC›(–s^Y&a‚v©{ó¶äðf{’7¤l‚ÈÕ.�‘ǸsÚk+^½W{YŽp®±§ŸÉ_@”cÀº¤Ófÿ2ßp¢¢ü±=¹óËx©S›i¸ÉÜ«.Mdz�ÆWs£‰ÞþjXØ-Y‡õkÐ$ËaŽòñ1â€üí}€Ž™4í¹àµ
+.òÇCóe
+åO×´úOXU×2˜(ð/	èM·îM!	Dx�?%¼kO€>õ‰lú¥wµŸF�Ûl÷ü–Ô`&ùƒÏÏEÙn_ËÒÿ®*‹8Ø×ÉŠàľ[mþ@‰¥ûs$'…Ñì‹e
¨ÿR-cT6a•~­WólÛk—=Ûa|(0¸Åº€GRÇYI›Dà|ðœÎ@0š*Q^¤€Q— W
+GHç]€ÐÃqê?§_2k¬|8Û`(°µ2L]$�ôá�/÷Ù^عâ´ù)ˆûl`ÖfUvĈ¥�,s\\Œç8•ÞÇ:ò؈Ñlu¿øSÀZï�­~_óòYEâ”î�­ÒÁËÓÒbæD*ŒhÍñqo–BÙ+˜8FR-}ÏÐk‹Ðb–pŸžÛÖÃ;«ÛÐz�DJ…^OW“±Ð‚Vª‘Uâ¤Nì¢K¥�×F«+!Çv§ÂžßTÇ
É#E2ƒ¬:*IO=D[}ÜýtÐsвÒ·Ýï{9 öÄ~‰a¤GöFت
+4|ÉöÄý`ëÁêY\宀uGÿ,Ênì`�Å®Q‡A´f?«æVy=^\€SߟcqËRÎÉ9�uVB ¥™zÓ3Ü3û¢»gnµðËŠ<öå
>¢²¥‡ŠÄë'3^ÛPÉÎqÂ"§P_›Ñq$¾Ü/ü¤e‘«/MøXVû‰èƒü(*;mÙS7*?ê½j”µ™˜$d0`ŒV:Íîï!�q#á›È¿˜‡YëÓâš7Ì”®f:’µUõyÓF@ËÑ…qº@ù—#D=y³Êö1–ð¯CÈNôŽ@*í°Âö¯0©#»Ïeüõ¿(,k²*4à#$âè‰mcëIh¥+Ø:ÝžŠ¡—ë\Ë)ìSš¿¢|UÑ	O“.HE#cÁö²ÇŸ¬WPr'Üæ´à!†ro[»m?Ëù×O†(&ûÿþ„;nnZ¦ u†�ð:ëª_ÅZ-ˆ@üÏW3aúœ7o²ZhÓ­x?
+‰�q�0bÁ¡j­Íla�\Ä“ê¡+·‘m—é:„
éé‘úçs$PåŠÂ§L‚žë™#šä{Ýb™TÇS¦ºiýï½R žþ´ýh²~ûÇæT,Éü|½ðF|[¿)a80<S $Ñwh|Z›Æof9ö8“,'
T¾~8
mˆs¼Èýõ s›HQ‰
+ÿÓ¡fH6kéëöaµ^ËHÔïp7‰ýŒK\¤E7”{è$i¢DôПs%:Ñ↚Òpèå„ØÕÉFUŸ1Øïõ•Ç»”oD�R¥f0¦ˆÁ«~'ßg9oÓy£´ø—ÒˆЕzÖ’?ÉR¤/ñÁlår°¢W›Œ(€¼Ùí¸Xež
+Å+ߺâ7Mƒ'�Æ=gèh±‰[ë&=�ß/ïÜ‘žáÄðDª‹BB8_hB±u[l¨˜Ôï[S±œ¦ë_]qû ö~"Ú8e	¨[Å_°ÀÍ÷cýº4Q7·m Ú·Ç<xõGÔNQ¡rË$ÚÓ´¢u˜
xÆl”ã†
+t¡ÊobÞ8lm�¼°¡$‹÷6qû"³qíz.\[.Ò-Áðn—QÁïb¦Ý’s/sBU+<?Ð{_è#ÚêP$ø
+®é;÷ÄÄ«B«›ª{Á´Ù^?ë–�¢YI-„棛7Ñ2ºkò¹03
ݼB·ß”nfÿaw\iJp½'4x§]5 çc¢ÿ0K߈‘á�8Ó;¬°‚WæÍçG{þ“MÃd¿¶‘»€	‘Ìï¤bòPAÊ>šøGQWa­…•fÞysã
ʾ¡?MEDžâ$†áÍÓî2;‹']fØoQ¸¯²¡Ø¬a½–^«‰%í½ù}‘jÝ?åGžÅwK8f'îc¯¾gê 'ÿéÚÀÏ׺dÚMtŒ†µNžóúbú4¾~"š†·my€Iø
�fúÆV›’qb€O5½ß ðç%q®¯ÔçM-f<£5CŠ[Z�šÆCOIœ-±beÖœJ?=ÇÙì‡È=}=�¯ùaß¾ò%ä‰>xP?Jܵ§U“ ¾šÈðë¸9}K®Ýšyqeƒ€÷ês•:Ëx´pkcékJ åî¢aá¼n7R=ó{íç­éDý­bFg*‹‡
+¤fªõ	ji®NáÛAöï± 
%õØ�ej²€ÛÔÝž2ZÖ'úÌò:0x.ã‚&EŽìŽdÃ]¥i_\Âôºsÿµ÷ùÛ'5Èý=õŠ¥òx×^±Äæ`¬­Oä·	§ˆ8Id0Ÿ°3‚mì}Â^‘º9ŸÇH•z¨V!¬ä­qÝŸ÷Æwh•�3“³bèêu(9�Hp1ØÞØNÄóbcý­ÔŒ¤Û{(î·h¤+ñÆó Ï®ñu¹ü�4V…«wœªU„úù¸mèFÕ9=tF$RãB žJó�$¿‚ ž¸�×,«Ç/i
YƒÜö(æ¯Ï|èÄ°FŸü%¼?‹´2|³õ�>VùþÌò9ÿßàÿ	S°±£³�­±£5ð?z« þ
+endstream
+endobj
+330 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-1 -234 524 695]
+/FontName/KOAATN+CMTT12
+/ItalicAngle 0
+/StemV 65
+/FontFile 329 0 R
+/Flags 4
+>>
+endobj
+329 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 715
+/Length2 2510
+/Length3 533
+/Length 3047
+>>
+stream
+xÚí’y<”ûÇ£l“å”%Dž¨ˆ†™Á`D&‘ÝaÆÌ`˜…1ÃH('LvÙN–È–�”J&É.â û%ÉZ"\Õ9ç¾nçþs_÷¿ûºÏïŸçûù~~Ÿßû÷}ž£‡Q–`$ŽâŒ×§�i`¨"
èšZYAaT:zT—ŠÇÐò
� PIw`
+G¨¨"Tà ÐQ@—âéG%¸ºÑ9Ýãß\j’„§°2`Š¡¹áI;!X°¤`	xšŸ" ‰DàÜ·-ÞÀ9¼7žêƒÇ)‚@P(€#`i€3Þ•@)}ƒ2$»Pµ2ŽîùgËOõÞáäv8�;”8
+™èàð. %3ÊÎiø–ÿëßPý®O'Í0¤oñßõ·>†D úýá �<é4<0¥àðTòÏVü8S<Ž@'ýÜ5¤aˆ,’ìJÄ�Á[ŸÀÀãPÖ
 Qéøï2žŒû™agnß	”ŒÍ‘H+3…?¾é�.
+C Ó¬ü<ÿŠýfÿ^CÿYï̇J`öEºcÜY¾9ütšKÁÈ®€%
CÆa¨¸¿„¿S�>Maøƒ¡¦¬¨ÂT¸†jÀ¿Ú¬É/:Þð 
+�@Ô••¿«X:•Š'Ó¾ÿ;÷ý³v!ì�gà± Ô4a›Ó	I…UôJm¯´Íã}(ГÜ¿©~ÊélYØKäPìwñ@­ð­¿GE&¯ÉI�bÞ
4ÕŒ­ýäXïç'^<""ïÒƲ½Š(‰š
w	VÚ±+=�ÇGV9ÙßSÈTõwä]ÂeÒ<k‹=Øèm¬ÄÛ)Ô´Ü›
+S½�íÕó5¾¡�îô©œ“Ü¡‹³õ+‡	�‚•C¶¬—uÀÖA=÷
<fb÷u­>p�p*™UÌ™I(™Ï :S(œ-—äÛëΘZ¶»u±ñA9òRù
SœïÖÜMÒvÊxì'´Vj±d²;7‚¢5.û‰J�Ñ´:¼…êš–ëÆÄ?Œ¬GÈ%õE±Æ”ë2>ç%øÄNÁ[1¯DJºKôînôiÏ9×Q$ïrwqçabƒGÞHÆ|îÅ�¶d-:Mêødâ(ï»VFÔ¸JÇxß–‰l‹6À<V�ŸÛÏHÈE,+õǹ–ðán+V9OÕ)X!iS‘æ…|gs�PhŠ™Rc5i¹‚¯6+÷Ì&/œ°ÞÍb2El»åˆ|f/To);°¦ö”ÅØå!•É�óOBË’mïå$­H¦Ðdo-7ÁÀ�†z_PÎ�Ë—Yt–é-ÝÃØæ4�Ç,Û»ˆ¼€ãIŸš
+LŒâ1Ï2NºfEÅS¾^§W*RWuÎ6.®Lûì»cž£¢|m�=‡+U®Jÿê„X¯È�1û§§q:%¿È ˆ�¸`cM¦±˜Ð´{¦ïŽtבuŒž¤¾±Oãµ›ä¹(ÜÍ(©6ÜÿJèÚ°÷þh‡4)qÍ”g·N¼�“pæöZÚ³¶i¥Ã¶”ÁG+¯`sqü©4•Þê7�»¯+–«ÇžX}´¯,sÈñFºžû2}c:½S —ã¶ÊI!­È
ˆ�zµƒÒ<sèZ˜ìù¤lYÅ]k¡üè²»°#þž/�æRé¿šÞ¦¼{Е@\²8Ý4Q
“‰ÄŒK•‡Ø�Œvfr­ÏP®QÉÖËW©]õüØ0}U $uSõÔ‘ƒkIÓ»öI(•eÍt°ÖâȘ J¤,Gð�LoFŒÚ¤p¥•×š†.“°c·÷•V¤ß\íìÍÛìxF <÷uË’ò%wm™âGä*El�FÙŽ÷\ãg3”ô98mg³5île/Op3jߤݩ]Ö“e=ª‹n•‡1Z³U¤èJ"�
+J\­ÞrÖ®J+ˆ¥y
 1Ó!ĈF¼-­:¹¶]3ÞS{p&ü…Ö­Òâ4~¤l�dl‹·Q6TÞÁÀîò‡cs ð!8æŒ|¹Zîá›|2Šܶ°Ëo»ÍÎËrí¥èHЄŸW*´…ïZX8º§ûª~¾
�[rÖ‰¼&¸AÊÆžW‹da˜.—‚Â!ÎÔýµð�ͬý‹÷œA³£Ž&~³K�V/ùOÄ”9ø…êŒ[4'\¢óeñÕEt™rZI—JÛ�üEB&¯ËF$zU>(˜ÉšX¼‚FiIæŠl>·ÈPÏÁ_Z"Ÿ<9ÚœÕvÝ`Fr�P¨úvë!á{ãRÕm[‹.Æ�¥ö¬"r£"´à}®5.–'ÛEÏöjˆ„ó«/#vÏùúi`?ët³Ü?¢TØÒó
+s_¾´n—O´
t£UY—ëÜF§;ÏóvM&¢gÀ
+—É»5sì_Ë·¶ôHkxNª1çŒÔŸ=g…;ëx—›4²eÕÍ-ZŒ«û
+jD„™ˆ¼`ÄaF}äþ¼fV‘†Y§š@1¿¶K›ûe<åÀ�ÂàwJÊU-ýnê–ðí‘ÙV$M¹BÓE’§8T²ëô	üøµ©”sŽ,ë
ã>'-üÊ”£ö!£³zelæ<xŸJêöO~›ù»-Ö>0ÁG#Bó,/þªÎþnn\H]3ý�ó7Ï|΋&>oNA—¸Nw{F?T2D/ÔûIÌðœ_꾚�ëñ¹"°"V©êz÷þ�ÈþbŠ±ƒ-UØpŠPæ›W¶Ší4\49íY!X©ì?ôÊ+îí‘Ëû^pµ™@'FN^àía>½Û´d8l)È,뮄§Ë_l©´KÊee'¾!”ò:½ýäà5ÜZÞÛÓ
ç\a”ø×ÞwûÚ~¦è6µKºÎ7S=nZÒÐǺ×agŽ„buB–\—éz£•Ï o�bK5ýt­µmŽN—£™GgÛãj37œÊÑ1¨]>«I-vžlˆø>ÑÏ{Š²âRG×$¸
+µ„1S+y½ø8{Íy}ÙdAû9�â>öÝ„Ñ]±—núK�Ì2��“zŸ
�y»:ÒLÌ>÷å¸Ò_±àÏ%O7»iLC·ìôJ|ž-í:$ïàqÛ
+z6ˆ2÷à„VYPbUS‚\2·If3ƒ¯°‡„“ÃV¬˜‚©bÈ®œ›Ç’Ò&1—E¿þ®;|ºló#Oš)ð÷=Éb]ú|�síâ÷ ¡å,#< ½>ºñ�®ä¼î_ƒ�Yš­Ž±T9VŽŽ–îתi“aÞÙËÉ8Ö]
ÅYå	Ëß2�fEÛv9(m°ºó0ž‡¶Ÿ)™(|î6lÊíÝ’ßèÎk6öÅJ×€moöí·â®~Áù4Z‡]Û Á÷%Õš;_ºÄB«®ØHYì‹yr³²9¾²´Jïœ?ÌWšª+�›o<Ϫ&?}«Ø}êÚ”ŸZe°WÊYWÆá�”g6iejüã±»ËâWØMV\´Åó^ÕÌ�î
“yà!É“PÇý|Sr$ª§+óQÌ8Ø5Cn,ðî¼»ØdÛ:ˆþ~Ñè—�¤º?·è¬2wwu)wMlŸ–Ó0v+ºS;&Ñá)›~¥{FeQ:³¹JI,ã÷U�rT�˜Ðd6'*m]·ÄÝ$$¶¼¼´?b»^9à¢
+/zt…±Ù@l±Í=Éo%Ž
ßá=k_íÕ³]Qü8Ò«tðŠñ¯#b�Wß}V˜ýbì�
+ ó�7Ý{ü#N�ÓÆʃ�Sð%b$@všý`6vÞæ+6>°rQÁ–Ç!‘µéšÙuw#¾9Ž%%O
+{æ0<Ó8â‹q�ÖM_wœu©<»íÁ?fx,cUâ{¾çYÈ—�tgÐjè�
t›joa„dKA¼{Ì„
U¼þ¾î̶ýЩSêàÄf¶L‘m”á§ÛŠUª7 CĨ¾é²I~á+©©GbŽ‰�¿óM�†%‚Åšµ  wÈÑ»šn#-írî·ŠyÞo1!¹eÊêÛ({·‡ÄXO—‡!bÜѹ*KŽ™¨ÍNûž¯©qr B»º1nb¡_„?ä¿|@ÿøŸÀñ*�BÂP=@ Ëá.€
+endstream
+endobj
+413 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-30 -958 1146 777]
+/FontName/DCVQUL+CMSY9
+/ItalicAngle -14.035
+/StemV 87
+/FontFile 412 0 R
+/Flags 68
+>>
+endobj
+412 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 721
+/Length2 784
+/Length3 533
+/Length 1307
+>>
+stream
+xÚSUÖuLÉOJuËÏ+Ñ5Ô3´Rpö
Ž´T0Ô3àRUu.JM,ÉÌÏsI,IµR0´´4Tp,MW04U00·22²22çâRUpÎ/¨,ÊLÏ(QÐpÖ©2WpÌM-ÊLNÌSðM,ÉHÍ’œ˜£œŸœ™ZR©§ à˜“£ÒR¬”ZœZT–š¢ÇÅeh¨�’™\¢�”šž™Ç¥r“g^Z¾‚9D8¥´&U–ZTt—‚Ð�š
+@W¦äçåT*¤¤¦qéûåmKº…dgaqºán¥99~‰¹ ãAá„!�˜›™S	U�Ÿ[PZ’Z¤à›Ÿ’Z”‡®4<â6ßÔ”ÌÒ\tYÏ’ÄœÌdǼôœT]C=cSˆDf±[fEjJ@fIr†BZbNq*X<5/Ý)ÀÐ;DßÅ9,0ÔG±É€Ä̼’�Ê‚T„j0ßÁRQf…B´�ž��!P!ÂX±h–¹æ%ç§dæ¥+—$æ¥$¥À0åä”_Q­kl  kij¡`hhb¦`nn^‹ª04/³°4ÕÓEÁÔÀÀÀÂÐ,š\ZT”šWN@Ãøi™À@JM­HMæš=G4“1^GVûk—W•Âw�8wsÃ,õ¨M†’~ç›&±6åûM�=wÎç…3ÏÜ“¿izan£5gα6÷ý•w.ãÝ"?³l�±QòIŽ;ïÏîõiazË°8¯¤=Ù—cþ•¨/‹»Â–8êXs¯ÿõº°úýù¿«Zö»G¥Kl8n.èzAmjQY0«Á¢ßï��øVTїμ;îÉTãvîSò‚V7Ì®NßátãfŽ“õBuÛ;ɯ�?û¯ä[n¥ìõ9þæ&¿íþ’IyUîW�ž”4çDµÎ¯ÎM%î
¹›�'ßýà ñèÖ;nïÏ¢?Wq©\z(÷¨óÿº“Ö‹ñ?ÿ4Eðà‘ˆÌ‹k¬Ï?Zç»\E)dÂÔ�æ¿IHê4ÌÈ+œåõè¯ë»¶þ»ª^.SÛí|ö調gº;þÎ\¯°©~nvÌ­,û½QçÏuǽÞÜbÞóæðþ[GÕý¥_þÖX—Ô)±kŠ–ëö«ÿ
=_Ä–¾eܧÁd¸=ªêOÚ†�éÂû¾m>}°ã™ê®†‰–þ=8ùf榌è½fZç¿Ú©	oõ«}¿ö÷dí€Xéyõ«¾}“ªð?atV$ö‰ë$½×*«Ýÿ'ªŸÁ½6ŸùB~Cþû´–|e7io•Gü"IÛ¶»<ÙñÕdÝÙéËíK%‹�êØÆøwÊqWéÓªž{gnúTÄ-,qÿì�Ï!ÍÕ>—6Ø�6�nXÄ7ïØ!ù¹”¦“öÆ‹†A�kÍom>ÿñã«>¬·ðŸÉ$uuz�¶Ø� Ñ ‰7‹OĥȽ;8W{fÒ©¯žGïÝz*ôxγu·NÞ¹Ÿ§—Þ·õïÑÓŽËÝØ.¶uÝÆ æž×™ÆÏÿrë+Û\û£_8÷…Í».5+M2ØÄ4�Mf¯¾Æ~ØùÎá¡j÷VêÛ)GLqü•Ä³v²íÿ¤“óý2´Ns¿^sÿÅí*þ“ê'7ÝÏ”[x-ÄWË8ìÂĘkßÒœÍeY6^䓹ûÎó¯¾`F&‹ÐÏý�ôfµ	ý.øe1ËäÈÑÄ•Q5fEÎLRoÏÊ‹xì`©-|c
ë›k9Œ;»f­/3 p�0,HÎIM,*ÉÏM,ÊæâûaØ·
+endstream
+endobj
+416 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-36 -250 1070 750]
+/FontName/PGNXGT+CMR8
+/ItalicAngle 0
+/StemV 76
+/FontFile 415 0 R
+/Flags 4
+>>
+endobj
+415 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 712
+/Length2 4818
+/Length3 533
+/Length 5364
+>>
+stream
+xÚí’gX“Ûš†EDº€„j�€´@(R¥„P¥÷Ž tBh"½7éEš€tÒ»H•Þ¥ƒ (HUªtŽ{ï9g®ÙgþÌ5ÿæšïûó½ïó|Ϻ׻+³†6Šp²@Ê;9bÀ|<|b@˜ª–��BÄÊ
+C#ᔓ£,ƒò‰Šò
¡nÖ@~�OHL@TLBDÄ
+„99{¡QÖ6 ;Œã—0ê€D£,áŽ@U8Æéð;ÄnÔv²D!1^<@ ÔÞ¨õÇ/®@-¤+íŽDðññ
(KÐi�r$âýIÉÑÊ	(üWáæüOɉvýÍdÿÍÉ
üM‰pr´÷"�VD¼jN¿WCþfùcý7T—w³·Wƒ;üÿ{Lÿ¦ÂPö^ÿ¡;98»a�h ª‰vü»Uùš*�rsø»ª„�Û£,¡ŽÖöH ä¯ÊUå‰Dh 0–6@+¸½+òÏ>Òñwˆßcû�WCAÍ@A‡ëÏýKÓ€£1:^ÎÿJýÃügÍ÷Ÿõïá Qž@cÂ÷Ûøûýç—éßÖ’s´tB ­�Ú¸#ŽFü«ñïL22NžÞ`
! ˜ÿÉŸ@|þ«Q×åâ†T’>�@ ¢QYº¡ÑHGÌŸ—à÷~ÿY[¡~O‰ôDZedR¡pžs3r›µO=ÒožÖ z_°›öä$‡z´ï'±=ÏŒmXˆ�ÆÑ,éù¶Ftê)ûC©ð*_Uñ¸ö³.//ºòEjN«ÁVãÕc1lÌxœ²Îè6ï‡=dtÓs㮜'ÞfxdKˆŒsÛ~3mýÅT¯oۢ܈«­¶ækä·–[b–SrÊ	\YÏO*ï:ŽÀF”¯J~J‡@��kÝCi°®ßd­¢�Au~]ÎýÑj~Ά¢âSñQÓ¯/{؈ÄR^–;½5¯ƒQÑ2Þa©½kòÆ–m·‹Gc-;ã£�€4r¾¤j­@eB9è¡ÜŽÐ‹ï&%ïAz‘8“M§„Ï1Àõn–î5‹#ù1ã}ézcž+c«¹BÒ94_ÕÖBí].®—�Ä=8äh�ÔïgØ|DÔ\\ÜÀï×Å:2jkn3lšÕ][‹V¨fš¹Sˆ�›ŽÐ”Ï¥t¯°ôË�nÛé"ôcqž¦¡ÛPST2ë=×Â�õ‹Œ|há&Ÿas+ÌVÎׇÉø»uoÕ…áŒÎ šƒ)räc‰v¥›·Q9,âX¡Ú
0¸ˆŸC¯×m\ùäVõ
˜³þ5	ö38WY‰æ—¦¢U"僇–Á¥O…šL~ýü«¥�gþ$‘ؾ3Å�oÌÂ+&¸Ö~¦¶�çòs—~zÓ<&æFôži�ãÒÜåt8�òúŠJWRðzs2^Š&µEà=ЊiðXHƒÜÀyiÕÌÝÅÀÞ[)êýÙvŒÙ•Í—¢mé%Ëç¼o٪󭘬Ùèkúd7œ)Ë´%¿Ø
*X}Ö½]ÿʱcN~Ìw”á:ŸVŸþ6¤Ì¿%ÒÈžÃdQ)>ª`Ëß)È°Ó˜sÎ)%%�H5uXêqG:ÖŠfd‘c`�¡¾ÕÓ’jo'¶F#ÌZÕš³F
+°j—¯šÀ‚lêÔ‹‡]›zšî@G7©ì]‰£x6Y6™«Kf·üH±  |?~‚®HÓ³å)¿‹×â´ÅÕK2JaÓ”÷â=oŠ}&	¹eU
&U™ˆ‹ç×ƻڧ"’f_¢Š#¥viY/Ø{&‹³Í•Ä?3°€×æɆüŠâ”’ûçÓxmÖŠŒçØÍC²üµÞYûEŸ	Ë+—¶¿ÅéQÄgý˜rõý–VÇ»VÒZõ†žÜ{²<+–�aÜ.'¿Ý
žA©.Âôî_T	÷ŸB:Ò‚_´oª¶Åá=ͨa¿\ÞdxI©Y@<Ìq{<VKÕ>‘!dÝKT{·(Mä	¢ÀèD‘tC·ßYè6ëÙJ�íRj!l¹”Õ¶£éÔçYÖ ÷s‘\Éô|xh*DŠ_
+•ŒÃI1!ÞqmI´.—g—­mêdÔùAmóriUä<CÁÌ�:[çácع&lâš«›y%éÚ÷ž©:²ò“‡U@ÐDn¿Úå
+cUÃqû<®ÛŠÖû¶~¬ÕÄ7\Û<tn±¾Ð78w ¹W"v�’î?þPoaüö`ïÛ’ºx³�ÎòÛá%Ë6b2ÇråY2Já’BUPÓí¡Io0‘‡oá5¡©E¬.}xyÞÙ*ç.Tã
ˆ^eì«3iÿ§Ž9SfHfž¥×nË•øjï•èg­ô‰ÊŠM©{`Sìe·)ŠQDçR°äºOk)#Ò�¹XÕÓ§´Q,ÕÁ.Ká'ãXÏ>ì\¹Ì7$%a%ñc@-ÙŽ±‡hr‡ÌNXß韯ì™T
h
φžÐÎM(îDc#·ëo®\ÏDDO
SU(O¹ŸWú\Øâ³OLbƒE‰Õ2öðôö<Ó¹�½[‚´wIÉ%÷Z9莂)|–vðƒTTâØâ.Ï^”‡—¬iûÖuQ,
û%�€³�múÎ�_[·‰U!v°c§J9Vhí0s��ÜØZÇ(f,
+¢Öéßrw–ŒÄ%H‚Û¿/šÕj@<Üj›Œ)HúFB†K×Ô¢é%ûNðgBUi$­Dök”ÿÖC<"¡1’	u]Ü»N$kÓ}K6éÇ­pƒ‡õ?žóáKÙ““çÜú,3ß?XGZ“qEÀAØ›— ã‰2;è{³‰JÂb÷Ò³ç
öºÍ…±:/ó�m­S‘{Z„nÙ€0ª•8º³éÊ�Ëø˜«NÚ[
+£¤�1ëâ&i~
0óÅGžøøj„½·Ó='#c°_G™øzµoŽYÎí
+U4¥ÊÀºž»,·?F»êU½‘P¾�M¼×ª’pZr>£ŠxÄä®öcr�¸e›IÙ/8$?ŸbM²ý~–ìÔ˜~®¶áÙ ¯´ø®;_¯ìš5ëJ¡ÌqJ^óäÀ5ãÙØËS%ä0PkÛ²ŸÒ{¡£�­öÕX™ôø¶pà‚àz±ŸnËÒ—¬ßÙ»:‚$Áf2[Ã+˜Ë9]V(
s32Ncƒ:l±]éÎv¥GG=ë…®kM^ÃüÑJ	RœOûqks…�IAã˜éŠ]kÁW(´Ý&<ãX÷®¡äU~D‹IÀÝèºe8žÏ÷Fæ£à·û7튓°&6WÀ3
*]áËNýÆ®ä!ÿ|Š!z¶ä“�‡|1âÑŒƒæ4κù©øoà|ôépN£_£9
+ÐTãdOô•OØÏJ¿íÛòÙD„.¯�L	xUk+µ!º¸|PÚÌÕÑÃ⬌�Žs‚{iƒ�i÷bIçý«dɼ)Ô-í¸^
+k2E”gòW¥UHyˆx”i•ˆŽéªi­ÏŽæ­¡C*g6›ü5S’‹±H4¨«¦`s”|vKMA­ÜËãKê°ÍÁü0¹¶é»$@2UIY`æ�VçË<ï¸;N
z(ÞÖ;\¸¬ïý”ÆÓÊ�M±Rœ ÊÑŒö†R÷\6BÇû/Ÿ…'”O>zÁ_†§ìi¼¡vbKÿ>�*èYY…ûðÕ�TC“ª¢�*¥]#ô“qðÈ7¯W%`Ζ%ðVúu6Ë…øÄîhÝmkÒ:î©/Äð›@á;ïRm‰ÔgZöI¾r#'ž×è&wKƒ¯s}Dst*YŽp[Îòáâ¬$tg=çï3'&\Â6i?z
+^ôÁ…w¸‰ètáÆBÔ
úÙÔ¡o}UýúÈë’+®EÔ<ø³Ø•xBg>ú,óq�jÈèbKEÞ'¼N¥[[+Aÿ€~è¶mÕÞˆ†.YÁ–¶PÓ	cÁÕ˜½í†˜œ“ /ûfÇ7Ky,ESzqâ]Laü˜Åt·^>¬}ŒMôRo…~1†H¸0⽩h0óNÖØçêî‡	+ö�t&2v¬•D„qVžhÖÑ‹“µPÙ¡AsÏŸ(q.ñ„
ðíŠn/Tª—Ï«BsÍ’<ö˜íÚ…)!0™²
+0¾áv®HÓéÖ*`KÇ3ÙŒQ×kG†cv{Dä\y.ñÞºFÞ�Qâ»À=†L1VéHýÚý”BÛ^ÍtZzk<]çX‰1<Vîsp´™öN0ÅÙbÿç9íìr#:s›Õ}UECJRR³lúMœË'7×´u¾pÁ‘ŸTÑÝRnó…WÒ´“Ç3|�Ç^'éÍ~.rÐ\ìR°bùÍñP®VI²ÉŸpËÌüøËè@O©L“G•W°TªzªG+N£=1«¢á¨$ØñóÎñøA.Ù›Ñ)\};´V/º;Þ0�:�œ0™ÐèƈßíkøI×ËË‘.èú�âlí½ülÄ»�üËè¼-_ÚK1tÚ\x=Žü~êL¿3LWúÍÔž‰òÇë±’šDÓRÛÄ!zTóíXP:B@Þ+…TmÚNÅ¢Fз¾ë EÖÇœ¥Ž®ú?<Œ¼»Dq·TÈ1Š˜[#„öqµg[ñß°\ê¿0Œºˆïh¼¤Þ*U&þ.øQùêD\QÁZ¿›¹Ç"Pä¬dŒ‹&+l®nIý‚mÜL7ÂÕ¯ÈLæfÂHàFÃlQQf•ÿX)Çv7ðËZï½Ár�}ëak×Aw™GO×Í�šÂ*sWöekØè„ûÎpÈW|•
+œÐ
ÓQ—ðÕQ†siBÙO£pÙ0Þ<~bâŸÒŠ½Ówd´ÖÙB¿Ö&Wã÷Ô”8Η/w-þ*Y�zÆ3UJöÒ~«µ
+ñjq�Ž’òcäQC|&«
ÕìA£reuƒ¹¦¼øø,Œ‡ô=ô½*ÈнHZy¢#†íÃ=á‘cŸ†<vrîÉèn19•»þœÓuLTÅ»¢î‘Z5øÔžM+¸BÈ$%|ÚÎ+Ü‘ß=ò”Ä|ÅÊÕ§/ýÉÜ´³Dâõ}x¯»§¿Ì‹R�°�—8&®eUãÏNõ�Ò×öÌýçµÙÐ…zÁ5-ªƒl2+™ªÚ<½V}ý*:ºg=÷éíƒÃÚRnhÎäÖk",îw/¼A
]\û’�‰êÐ
›È%ÝuáXÐ…RÌr§™†µ�É:0¥û»+ß™Hjmå
Ö½4ç¼;ï½EùícìÀseýA*1eëbñÌ‚‘:ƒd¦\×­HIŸe˜Ü5(	/�ëu ôG:Qú'x_ŽÜ6”z™—yÑlu�J£mÁƒ�>-sïSRNäçê}ÍEýý~j³éM±“§x_�m&h¨N�ÌÁÁœ0/²9!Y¨˜$™>æÒÄ™‰–2fwH—øyRÎON¨�ˆ%·Ý˜GÞŽ)—qQJ'ˆ¢Í‡Xzc°‰ã\ÿe[)@Èé½:ÂÄÆýi…:†³ —%­?>žT"yWý'›¦wŠJQŘ
VË}äÑÛÈ°駴zƒ¨Âû\�“h�\~r¾·VRø*Ç›Å_)º2Gïß<ö®L €š>[чÖ¸mhôIc¥¾,¤y‡(™]&â5 §aÎ× ù‚¸Ç+Õ?t†¼a`á2}ÅâF÷]Ô8í�És6wLïøpÒI-7Úâ�X‚UÕ‹ù|¹žqX¹úÆnø"P°¥f
+ô–UvÄ�äŒyFeûp´ò”cíŒ<7¬_‡ñáß 8±–¢Í˜5�§n½ãW’6„\ØuçJغmÚ²ÄEß�žk¯Ií*ÆèAS"["·Pi7´6í�¸õICÖŒ»­h¤æg?
J{)¨êGÊ6{ø¿’-)WljõŠ³8‰çTåµVñC½Ã03 ÛCa�ô£ˆƸS2â…•-2Þ©°R­- ó«%¥CÜ£›àѦâ‘ú0C>D¾	·éŸž%õ“Í|M>ÍîþL�«×{ÁV™™kÎé‡p³E±†›_£Ið=AA²èróa«Ò2�dÑdoë‚cUý¥P…8³ê¸¾ŒJVÂMÙ–S¼æLcÆÙn†¯®ÊLÛ7‡å=$±ñÝKK¬ÔT¤®%gS‘>µñNÍ
+QÇ Žáç)xåÇd_ˆ·g%é5|eûALÒef’
8[
++ëÍ’ÿ©>G€Äc¢»‘÷(ÜnëݪےÚŠÍP£Ï³Î¹HÙ—:p|Þ�Ž9\q!·&Ç"x$gäN-¬ËªƒxÒ,3š©=à~:¼¸YŽ¯ï}°}�¦ü¹l2‡•öívˆSZÕ7ÅO �Š÷üáú´‹dÞo¶%‰“eñîNýU¹†³]°í&wO»Šö#K“/¯`‡#ñhÑùk¯YèóRyÃ*f�L#Ph5§¡í~­@ߺ�ó©øŠö@^¶„›�ÌhÈHUé9¿ÎjÄs¹éýM’Ñ�àqýÖ.¹<ù½GŸnÆyw¿¦ÞbÉ%7yݺeÑ”Ž^¹áõÍ]çG|•è¼ÒpÆ»ÑTn|º„
+‹2õ}À_ÀòÁþCé:ÇÑ�ÉûŠ£Ñw=%êâò¡%
뻲¡D§ÚÙ¯º‘Uåa,~åÕÅ ¸1ÁÖIªµ"�§
ŠZÓˆqIñþ´²�ÑÛd¾?4kOžôÝ_åÖ!ÝãíöéÖ%ŸüǸû¹Âæ!’	7Ì…×zãbF‹úü½”Rͯ
+ÃK`I\AM!:ºiŒ™ô%Š
Uv1 ¨ÌW屶
+’Ûtè#awSfóõÐr•@H˜|ŒôÏ0øA’g®gì#¯ð€ág–�¬ ý{|]úãÐp͵ɫ‡�'-äè%ˆé�ßá„]Þ
î®»¬C�nûÁPp§ºoñ5]	³·"�fŽN†±’â…D1/À¥ù¾q»IaçÇ`Ûˆ8)á¨Ëì/ÀúÈ>(:
+Ù'”S@úu]ØðÉלVjÉ{Ùøý�»æ~.ÛÂÄ\v¶ÜmšØÓø<�õ½>{ÃhÈ:ʧ’ðzò®¼ÈÒÛ´·;êÄþîö‹­
ÉÉØEÆÆòù‘²QJí.³p&Â�o뛽9Ñv‚²Õ:Ó3­´ÏÓ´)éÇAyº~R�ÿåCôÿ
ÿ',í‘p4ÆÉ
Ž¶#"ún,Œ
+endstream
+endobj
+635 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-6 -233 542 698]
+/FontName/GUQBES+CMTT9
+/ItalicAngle 0
+/StemV 74
+/FontFile 634 0 R
+/Flags 4
+>>
+endobj
+634 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 712
+/Length2 12562
+/Length3 533
+/Length 13109
+>>
+stream
+xÚí²S”.̶¦™¶íü’+mÛ¶mÛXi®´­•¶mÛ¶m›õï³ûT�ÞÕ75ê®GGÜÄœó�7ž˜dD
+Ê´‚&öF¦böv.´ŒtŒ\aYN#™°“©¡‹¥½�ˆ¡‹)€‘““ èj`b0²q±°q1±ÀÀ�
„í<�,Í-\”ÿR±mM�,�
í²†.¦¶ÿ˜Ú”í�-M]<éA€Ò¿¶8”L�M�ÜLMè``
&–Æ.#SsK;ú1IÚ™ÙØÿ�6quøï’›©“ó?\Š8)
ÿPšØÛÙxLLÍ`èåìÿ9Íô–ÿm¬ÿªÿ4sµ±‘3´ý—ý¿úô¿”
m-m<ÿ/�½­ƒ«‹©@ÖÞÄÔÉî?¥ê¦ÿf“55±tµýϪ¤‹¡�¥± �¹�)€áß)Kg1KSKc€‹“«é¥MíLþ“៶ý
½¸ª¢�¨2õ¿_ôßECK;O‡ÿéú/õÅŒÿwüOwœ,=ÚtŒÿÿ™ÿ½Òý�ÃDíŒíM,íÌ
Ê.†v&†N&ÿ3ñ¿B		Ù{xѲ
h™˜™
¬,L6NŸÿ§LÕÎÒÑÕTRÀÊÀÀÀÁüo&cW''S;—ÿúÿ\÷¿c3Ëzcjêaj“™…n	¬OƒOýdðØ»D¬Þ>µ¬ÓUt•Æúœ‹13zkN·bõ'ÄZáqþýB!*õ•‚�?¬ÎW–;®÷YoÀÓ§rƒÊl¢S{ÿ‰«*ú„vµI„¾çÚ4ªM_»�:—ÕKqëÞ$×Å¡ûnˆ»ùciÄ·{ͤR‹º{lµá0⨈ËxIÔ]:�:[ÿ¹ÂnZØD˳–	ÕÇ6�9ä[õA€VÕo¡QÂúÐ499ìÅö%PU˯!pp~çT­ùATi\¢_Z}+Xâ½_}p�¿Žx�(vÁ:½~%»ªµØõ4óÄ£$Ùƒpw9ërÀˆ©úOžSÍn²2U”ß#ì–”þLóäW¬ó�	&Ë®A–¹ð520¢©g ,›·$DFߢºAïttß±/õ…S·-…'’Š/®t©i‹¦ø<iz É/-<´^aŠIJÖ!¾}'~ücÖß”h¡ü6hÈâ^|¹.àÔ…}7 L²æA�{ #å?e°Î©ÊmÛ�ÏåÍä†ÝþÃ[°Ô‡%�7ùxýl�=¾dj}^š$+µŸ ¶úç.<ª÷/t†éÚ˼Ž`¹!­[ZAk�În…Õ±p`¡9ÁÃC´0É
º35ËË«Q((
Qe|†â%Þ"Öž´ IjBÀRºªí©o>SK­œÏD¹JsPZf
†• ¿FB�I¯Nƒ429�æ”< '´ .̱egq
Å„­7êѧy)êvF¨×„^'˜Ý÷h~”K×XYl.¨>Y(¦Q‡/±‘Éh°·YÐÕÒ3j\0ËBÖôNP•¿úGVùú·×+êZ3Ó'”ѳzµ(죭*¶7'6/j,“êüpw}�náÚÅï?žm
b)Èa›:y:ºZ:;®²˜HØòïßTru%<ÖÜö�ƒ#6CZŒTN�}qÒÓ†+wbÕᜣøN6…#âÐ㨌e¦mΟL�²×ã]j—pÊ-ÏÖO\:/7lèòÛ¿„ü0CIaµó
‹e:dÓA0J$ËXÅ,�Ž/ìDÒ`ËuÑ¡Þ3s–rè¡šZýC+7Ÿ‹î¼]­B2
.h·°äÊš!ŽOkŽäŽ¹§MªŸ£o5CþY#׆ŒÇFvX¼°æÈya�äB™"J8÷üE,Œ(hÀúþu®‰Å&C}>™«—”#Qëšœ;ñP m-÷“Wçµí•ž&G¶ô%…ZÂ<SCÂR΄9÷ôÿ¨³jà.$õoáðÖ$àS$§‚EçøçNEyë‹Q¬E$!:¯t4:�_1°
+iY·~Ü î—#ò;Wö*œØ“¶rÚqüØQ‰ä¯Ý4Ôð­ž
+߬tl1x�q,Šxlm=!ÛXåÖÿµ 
+ö8vØaçáP>g
¼“…ËØ%ÍHÚ©!Ü_Ÿÿª“=×ç¢wU˜ºÜwÏÁ‹ÿö—æÊ’ù\$dXÎ×(ùBÕÑ«äh×,ŽÆÛ#b¥•K)ìZóèÎØßsÈk¬#+2© –ifþrÄÓÿ,“+	Ô‰Ihy: ™Ž2¢ÏË
+é§M�xö“Ѽ·B?Ž�Y'×Xßïó„>_1ÐðsG?#Š’S]¢²Nh\øXS¶¦~wPj �å$“6^OÏoý™·yiœ½Q«e£ßþ¼§	
'ª
H>NkÙ`�ô6Áœ¾GYžb}gÝ’3ѵëbN	R£–&ÅO¿CÊ8RJÉ
Ζ0îB¡»SU‰
höZ ™Ê럓¾P€¸#TX¶Ž¦ÅŽäZ#n…Ãsœ¨ÿ\}º¢ë
ΆCWSÃvÎËÐö¼„‰úfÄL¦u¦‡€åKÏ:€÷¯¿™¡î7p¬˜‹@¥v\¶>�ƒÆÞž·ceÆ»ð̳XG)åt£f+Îï7^z›»¿0Žµ�ÚÞ0tŒÏù`ossb†)_°ÊJJa%ôi·ÿA~—^Y•˜y˜s`®ÜÞ`J1V7ÉÃô�ÓÄLê5�׺¡9&òF¾–i2Ãá¿ò‹[ýú´â†O¸æG”R-%õñ\ÕórBx d÷1š_�7 z$€ùP”–*Sz�ØÄÁÙjRˆz75�вŸJ	i½nËxüê†ÇZèE 
 ü
¥(–³åäìg[KÌ�0)_'ÎC.W_Vm¯Óv=Þq0Oa¢š™ÿKGæžgæ°»IîãíήA”–1Ì©*`è¥�;E¬A}by§™«…éÙ¶•ûmé¤iƒ]ÖeRF#½Ä»€�Ø‹wð*DŽúEý¨–u±õWˆ° j”÷�z‡	Šƒqà“XrZ#ëç.ßPÁ1ŽA©nI{ráÁ+Ø
üµdSsâ%™™ô;`ìcÔ·7J�ƒaØIHÖ:,'³ãõÔ¥V‚$ì•à
/Yeÿ]Ìär–·‘\�¢&žý™GÏqnÑô$þ6øNÿÆÁÎ0\÷J(ç@‹H�l-bQ{éÑ°ÁÍÉž�=^o¸íxôÓFÚÓRO·Ë:Ãã殡ÍÜ<è¯see_‘�¨x5TíFªßgÎ.r3.ríÇ篯ðÂ%*¶ð—Æ7Ž©[mqh½+ËRàS†}Nc¨{/ª)W&¤·8V
,g¸ãô%“ù»W(Ù<ÍÐlñžþïœ�t~f.Õ­U'¤sL­é@i}tîsIÁA̸Sû½«)t܉Ÿ¤.ô¦Ôº‹/åÙO)
ÃÒðP°ÎRоæe<|ñÑžhÍGÃÓîžÜù8&ÓnÁr7q»ÊÃãÅ6¶Äçø¼×f7êf{”�Ê0:‡[e-8¢«�iTRp1Þ×[JPâZ¹Ì„ª‡¢E7Σ#Šß¼åuM5xüÏëÄ<"7…®šd.(† Û70}í›GÏ)ÍÌ54ÉÁ´ pÞ‘Ô–{çWÂ7Ümª	Æ¥
ƒpïTG9­™Ø¥mƒÜiÚ�«%®FSúë9ŒÎÊÝ/XÝتDKé
+‘Ò6¸�OÿuûÚLr
éj¢kì—	,ørl™L8±ƒ[�8ã<3¸3ñÜ -òŠÞ�> ¨ÿfëjñ�‰D1L©&Q“ç"¢í=`âE·ã8q¯‹b	’Xÿµá³¥àÂéêÚî~N7OÀoÈÿÈRòÅŽ�MùèTäÙT?“0<
ƒiLíý
wƒ>ªSÆ«Z‘¡aGÏÍHxæÝš¬	Æ'IPÙøzYÄM>í£Ý…²h?s¥RéeÊ+�bc¿Êfª'.¹mܘÆ,¶fV#œo¹´Ž.eñ%eñ¡Íd®¤œ|Z¼‡C×E ¯5Sš’Ž¨Tµ’ØÁšÂ	Í¿F¢[5¶ìNÑuÜJˆÍ±:—÷L‘™Æÿ}èOã"cl§#ó&¬‡�Æ;/4+lZ‡Ð\tŸb˜Ï`臋½’ßâékŸ/ó¤è#Þ0g}Š{$ù$£PÒ<ûIœF÷÷?[’ø°o-ä8Ñn˜]þ±�o5úw¯Q.T¨DëuP©ãØb­cÚ–V¹5ÞU‰6q
#û­k‡JMª•"Yû·r¬ÛýD‘:è~}WÝÅ]8¾±¿ÂNÕÐYˆX¯}
+Rw:<jTlG¿²ÔNxžd?ïß Y¼ª'­3ÞÆê‚?èZ)
ÅìM^P|°©¢þD@Zù¸2XH÷êÆN‹
©b4éøÍ0^�é¥J=¸Œ×‡+¾ñÌc�oaf*ÐÌœ1ûî>©E¯¼÷“^Ô›jhµ³;¯P÷ô…½^¬#�‚3#!7ÅÖ�¤ÅeƒLÊL`g×Rǧƒã“¨4×�ÒO>€O¡çà§�
+Ë_îË)â$u¿Þ•[+¯ë
+Åh ætðzòijÈU‡¹&|Á¦D-‰�tX#äRJ‘kýâ-ÙÜ^a;`…ºy©w¿ƒš“Ú®¶=v=*œsUê(è/o·Ùä0hQÏ !„j£[Á‹{󀹓/^ííÝš’‚æ”›Š¶Ûw•c…ÝOÔ;ØËEVLC3©BFø¨%d;Á33RgÕ]VAȯº6[½4¤£©¸†fOcølŽÜö"_
×êÙÆ:y´Þ¸-øyã@
xªP™‚­ˆd~ˆ•PÉ;ãÆ1_]`Åmlë
+9îX˜AU°OæoÁA}KȈ•›;DœI
•ḇ¾û“/×)™|0WíAoϬõ¬?áÿNÝPTÇÎK¥eŒc6­eAoà¡{ÜDlËŠ›´êE©?1~Vøß-4IŽþâÜpšc7l!ÖY@¿ÀâÚˆM!1r?åoøæý†2r¬ikÌš6AÿÕ©®ì‹-Ÿ*åòÅ·Ýÿ�,FËÆì“oʳ9RžÑ"ð5âØ­ç;í˶Cy¦’’ü‰¡ÀWÁmÀ
PŠ HN)må;|évW+û‹û¾©i3û²÷²4JŒiÜh\B¸�l2Y£¥¼�œÝ›ˆ>=šCFÇ'òûž¸þ¯N~ù5\n‘¬¦ $D�æv•Òo#¦ý”Ó–ðÄk£¢u‰ÍÑó_l‹
+Dˆœ/ä–�1á
+ÉyÜk,}‹dp²ÊýœÓëSR0³ŽW?ÓŽËu‹Êº)ò¨(ð�Ú�õ¿lÖu-^ÎùLaöŠ}r&깫†tÝvŸ¤;‘ù»™íèµä'c,®þÆí<4amVD¿õ±›ƒì0’œ£ü.r#¾mËæÃÂÊh¨(ùð
+ü¨ÄC²öá qžõ¶¿ðOcÉ¥­†Z‚Íáh:u뢵\°XRIÜÔ(l,'ŒÔÍD¶Îpï–yž¥ˆ¼2(‚7us{]|ºÂõ¾_õ
+è+P¤ü°Pª¼×¾†üï‹�%’ Ôl×
vbð1ÚL~¾�5>‰sõznóEŠ@b‹dj4b;R¾sÓÒ;B¿:1iÈ°Éùýˆ‹îÁqïwÞt`.Ì>�†‘Z{­Ä�ðç
+Ü�ñy.$Õ2·
Ú:MGJKÍ…wC‚Ù©ŒdU*ƒ£—ÓÆNÜ!´tÃ+•ÜdØ<¿FLÎ]‚F%—f¾Ú55¦ï'pOÙíÊ9¡Î
¤Û êçÒ<™XÐ(/ ÚN¯ä]Ûõû±X[pmõñºZ€ Šn$i¹–û§®/SGd¥Ø§%ŠAQ¤Ž
	t„ÏÕ¯r{›†5ïÜ&^½ù‚‘ur|(mZ*ªÒžsê°0}õ'ËÀ-Ýt´øqýu\°Ôæ?LCÈÎ¥“#vø½çAVè\ƒÙÀs˜�’ƒµ=òTŽQ„AI¡¨òª0rÖ*†ñ¿	ÆSC<o÷°–”sÒm[çJ˜Ó¥¨„:�cywp‘qT[|õk ‰³8|‹ÿÎÐ^ÐÊv¡!n2²€mÒ«nq¨‰‚ÍÏ“h""¥çµŠÕ«%1?À´.fצóH¼iû®7=ñm"!ûG±f9ÏËä|[†x
KP
+_¾û>~«çÚÇ}Lé­Ëêܺ{ünò
+þ»�ì%	sšæ¯ùDlß«J'H••ùK>äÝ»Ñdóz» ÔªxóÍ¿hyõ®(ˆQr)ˆiZ®Üðý„)ìnTõäÙtŸÏ¿3$_F±.O·M5Þ§™³0Þ°+¥CµÃÒ&Å¡82÷f.MdìÉÊQÝVP7?h|—ê—C©†ÚzÞŠZG¯«9ôd¾îvsG¢:‹›“¶‚öã.‰XË8FÓ"䚉«,4	¬âƒHëG›ïT3'Ül+%G‹¨ß*€`±�×¢¨{%ÄH”õ¶Žz@džD»è­ïÞ+~#\¥¢Öù
_†À³
+iËGèøj7ËšyἋ=_Zs#;°_¡:±m±´…ŸÑ,7_Äü¡­¤0Uf>ÝýÚ[¤‰+žùüŒ²¨E$òpO0ÒfŸe-2ñKŽé�´|Û>»Äq²>ÔØ¿®³£¯ìñcâD°B¯¸w{–š$¿Ùå¢-Ÿ]¥l?Ò,^9ƒ»±k~0HSU1¹é܈Êɽ¢ýc×âoƒšdN–{Qŵµî[ÓyŒYì¡ÙÌ6þ¾à»õKð°ä³ÚL?…˜X;m“aJê¬ÑL£¸ò!Þ(,jÉD}Y5Üñw¶6¨ð5g»Gýôé¼0s5pµ–I\†©j[¥8gO°õ¸jÀ�IYÜ„îùû/?¥9-ÆHláˆs3ô�!el5<#½†^‘ì(}Œ4

•üçíÊ�þÀÇ®	K¹™†í"_ë.äŸÛ
¢"Æözë*
÷û©¶³Þfr�X1Ÿ%Œ¯›Â¼K׋7´Ž‹!°Ki/Aã½$qp`Ðïu²³ëª¦þ¦Ø§N#©úS$)H)pô}ö¼“g¬]Pg€këD§n—:uÚy•üíYblK�Ðì•�ò‡úžw«x®
:s©ôḟSä€8ÖïTœ©š´‰	rÔa#m ÎŸFÜMÜ0ƒï’kBò‘½^Ä<j.mFÓ.vìàHýŸëiÆõ)µœ
–HNžÖ{yáX½i»AAœ©ôãÈXJŠg7ÿ÷™9øóDõµõn£Hí
UÜá]ø*©õël™‘‡Í2áOÉ/Ý­V¼VM‹PøB
+i§¨|·KøÑÄqÚט¹*Á_H­.öqólä¬U+02	E)4°jKãc<e„Ù¿Ðc¿øq&ÈWÔõì éúœ6:(”¡¼[‘áK3}¤“™Ö
%kËœ¢¢©#ÞÙÁ¿LMÇ¿Pð?Ž”ƒ"<?æþ•“À9¾Äן!¦y]}[§Íü
Ÿ½”Þ¥’+Ý—Õö•¹#É%‡»'ôú¡E±QL“ˆÇÕ––ûɧ§¼Î|NS_öGP`Ý'iC=Ìõ< ¥N¹ä’4p¹/)S›4K/c=R€“QŒ¿Š=çÿÛ}°¶ˆðõ}`¶j]ý
í¨îØ”©â.@n£ÕÊ'!¾ê”+ΰù>¼ŸáÛu
+,#Ë·öüxQ+ßwšúdgæd'vGÇ\f5ó²È¨‡�ˆ„ Uxìý-/ú8�ÄP¿“r"©_­W”mÇ°“$λë&±€�P6v½ÈS„ëpœâ˜�HPM´‚ñ	~M6¥·„v3¡›ZRÓf»‰LÛ€ ×]zŽ�¬=Éâ|TÝ5UCñçä”®ÝÒ%D·½ã=V,Oc·5×ÄöjDk�Ù*y�ˆ9ä‹F9üé-û#…Qo`Ï·ùÎØQ½Lðw\Ÿçå3’6Â’
+§mL
+ÉP 
YÑ)H6TÜ9§t˲á£n“"°«Ëžo­™´®‹¤ãí­Žû”Cä‚ô‡‰2Ñr/´NcÅMñyÞ¡¡Zg=šðVO(ñ«‹éè!•ÒKöÓ(�£VVv[t\¨LëJÅŠ|g�oá6_LŸÖÞSÍ:.5áPï[Øß±ö3mÄäýõìGŽj™Ù$ZØ«œ‹oJC?M2–˜ãˆÃ3ewäë³VuѪÃÏä0Ê›J
j;ÍùHÚ…x0l–ù*Ðg²í"•H•â¢Ðä!ê*êèïmK8x=åûp6IíXÍö,kRûD©\ NšZ¶�Wgò¼5h,“º“¥»[;âFLX¶¨TçœôC&â¸â"éú¾0ÿHHÏöû¾AÙ_îˆ_ÛNÇtk[Èê}'9²;aSé\Œ½%{žÌ"jFYÕÎ^S\Ä"f$Œ5‰§°•
+Wó."a`‘j*yú=·ýl”&Jzq§:f·
Ü1ßÜÉQ5ñÕZ¿�zÝʲÃat?Bå¶>ÿtͽÓÝß½o_kô!‘cï[ƒÌá�Køu›z)3:Ï»D±
±ïYÚ*1P¥�«‹§±MìEím’à¥l
+Ðí"]Oâ©hõûõv•ì`Fµ'ƒ�:2>;j‚u̾5„T½Œõ0aLæ˜Èoc>F_†Üks›è|JZÒOç6šÕ×f‡ÞV^ÏWŽñÊ�Ê„Å>ÔV½BÒ’Ò¦E…?ÕWG™!ÎäõÅ�n{L�ég‰ÐdÌD¯@_IfQÐrúfuð´7gÒ_?«Á­µÞ1a>ÛÚU‹ÅYmÙ¾SÆõ*\SåëÔÙ¬Rý¹ø#„w÷êK.ѺWÔW1êjàá­7ù”lÔ׈Ĺö°*–Ì̓r_^óiµ¾ÿõ*�ãFéäݸu€¶&•��ã–ô¥ˆm±\‹¾eÕ>&úFõ+-$xçø2¸^ÜŸ=ª	N“h2‘æL”íÖêôËœºz]Ì>Ä`ä|®èŽ6Q¿¸ûO´Rȼü}OøGžôeȼãg@DÇ©>,5„Ì	¾”Èä6
¶²Hø#Jƒ“Lß÷QØL-¿£—óMÔœt¼ÙŸr3	ޣ̃CX¥êí�Þ\¿Ÿ³cÖzË­ÇMÀÕšZŒqµMÑ
šÕoLM‚¯ñÁÀêña맧ßcÓ€ãYú’48,Ú\ÛG�3×Ö¢v¯—H$y¥Äø€
ÕP¹:|ðÌí ’wU§·ÏmçÕ_oÈ\£\8#}ŽCö4)®Ô
Lf‰2êy¸ß.ƒ ›õ}^Q\ÌrØ™¹ÀéÔd7Cœg(v²='¢ü“´6RQV`ÝŠ¨â³É8b°¾¼dU�uåŠBh<B
|É(c‰“@‹Ôù¼p+ˆ�æv²–âu˜ïin)ð@heærSB1þ0ís·¨¹˜û… ê.$
kÄËó¥<0
+(¢à_½2R/ˆå´kKœj2ðì5ês®¤)ãŽqD°PÈp™9KŸt‰k÷sHU
0`¸jPg
�ÞÕlµÈÝ-úS Y`}Î$R×9gÇÊÑ&>é.—”½´z=¢o²Ð^_Súý®Ñ»"#Ç�RéŸM@]iò€cÃÜßCWø|»Y¤ÉZ¯/f3vC…³'LÐëIYë`ºÞ=ïâw
€PyÌkcf
+—†Tæãð`~ÜKäÓu·=6¼¬íL=àÜ
Y©–È·$¶B{øß.‚"›Ã²;"]Ì"~Ïq‡Ôýƒ–Ì–Xî5AU—�T.+©Ïlo[¸¦Ðç’yã›%÷­{5(¿×/6ã,!ª
C�[÷µVà 쀱*NéB—Ç~÷2±Ÿ R§üV\~¸\ô6ì²®Óe×Ù¤šò+ôìá&±y¨«À5Pˆ›hœls —ÈOnVP	¯¡„À)º)î®›Ò÷ûÛÇ“Y0k3ªw
Ù+E’ÛVösø»H»tÎ
|ο¤;Tz@Š?“ÌÇÖ¥Ö—m—Z‚”öÆ°¬]éƒóó¯÷{–ûŸèvV]'$kä¹”ÿÔuöižÜ“cLëÔü¢%Ê�Oí¦
¯=¡†é˜tìñÐ@T9±òn¼Nö�З;E%<<G3ª5æÁ¬ts/�g'ó„¬ß–`Wß9>¨ÔHmdþÀ—™¡nbTÀŸS
SH:\y�]IQ×FßÂãAphnU°ßÈ
ÚjfÇT–ßûu¶wW°*al²6Lƒ‘¢Øßø³JO$ÁóÖ2�?$¥Âç1â ¨‘4r£UlÃsñƒ#¯ëZf•ÔŒˆDÆæë5»^lÙk%Ù×mÍ�Ç£3¨ð—3ðY9}™]Ú‰úà�ˆä¥Ö‘ãegP]?�ƒØ¤"ëcbpVŒ?¬
ŸLÎKô¦¹4ýí/O3Ðr’û”†%·±”)`¨í�#ð×èÊ+mœ‡»½_ŸÎ¼Öª´vWYFr7ù¡BͲw¨Q9"ù}eìvÊC>)»6gH@>YÚ`$#ªRTÆšTÂÛ̹d雈‚`„ø1ΈSÉ«zØHUW#…
+ßÈŸ-Ã`ÁØgðž� Z§ÞpÊAèAða“ÙÅöN'ò¨œì·2rúD±~Žê…HžF.fº´ªu–ÔEXëÝ¡�/lµûy-19òÃR]«æ`yEïU{ÛµRt“ú<¨Í-6W€‹•ËˆUæ@Ls,LáÅ„k«j[jF;ޚ݆›~ï5€$“Ùð¯“JöKÏÚh÷îÊv`8þ-ÉçP•)NÖÀ1X´zt>6GÐó迸Ւ˜ÔÞ˜¸1îZôîZ*>P�ú
+)µµdÿBgvb©ñýõœŠ±ýk¶H+…ú
wÆš|Å¢:™·âÃ|láÉ^c°oËQŠ*dÅš-{,VSXÖÄ\¹þ
pª[ÞâYÏ]hP,oZ
ÏüF¸žÐºa€�<–»Ÿ·í�9½¤ŠwRì@TȺùùùi�:ÇNþáZ¾
Ö7‡ŽçFü².P²ŸR¦@HreNóä¯"Ô&ûÝ››„L™4/Ò÷u‚ËßͯΫYÖ^Ë_‰ëXóz"ÑèŸo¶n�hͬµhÅ152÷K¶÷ûÚ«8¯G3ü¸ê㑺OÅ2kZÔüuP?÷›®á”sϪˆSñovOª–«÷xÊ'íÖ—~†RÃêÓÕ]Žl¶Êu'-†&pâœHjKMÐ8¯Jü,_ƒ
X(eŒQsXÜ’˜YŒPAÎ
+Ž9ø”s€YtD
.µ\¿.=HÈMÒùy·ß²ð
+!kÓsœ‡¹}t­Áfä
+ó�­FlI·7‰î¹êv�(TÇFXRgN5¹
>‹†9º…T)Ë˨ôEš(Þ¡þExP«×ÞuöÑ´ž!;†UÒ1ˆ„‰»‹.ÐÍ›Rê¯
ÈÇäÞ!–_蔡âOCO@B×üc­PØ­gs#
+âlÌ5õõ9™Ss°Ó߃z¥Ö”ûÈ3m÷R P–6â›òÀ7Âæj»ÖTêÏ<–îÕ†gw»×vŒ>ú:»r‡¦rÕl\Þîd°pÒÀ¢�X‚ö
´¨Ljs4mµû¤+º�_"�l6þ8¹UP{1oGŸE«�SÊþpHP<@ÝHùkà»o¬KtéýLú°5ß.@!¾j¦/\)>©‹—píù[š¬9âø°�œ›4®)Ê	àdp‚÷뉿vw†ÃIÏ-H‘éGõ-O’½¹D2´6¥…8
F��¼¯
+û%áAõ0ÝQÀИêãCð[dŸRý®Q©†J[mÚ;ãÏ怊?�…
FÜbc+És8
q|¥ºî<LtÁWj®s-i¨áŽ®xë¶ð÷(.f?N�¸ºŒWAœ%©¸ HxÀwê…õ
+R–™iýJLós¿zêUéï'Mâ›	J¶ˆ(É)ƒ5cÿèl›"Îà°mà˜pë.æmŠ%Á8U#Ýì 5ÌJ‚[ƒªã�ÄŒg—O£q¼ÖN4ÿÊàV‰+?jëhgO—çÛ iLê£MôxÚ6W�Žº,@ÎýÞüæOXÁAÔ‰öÔxI‰Üg@–è�ú4’
Qp�v}-$©RœA+Ò
+Ù2�®9•JH¨ÕÀ-D
sªÌï¢yÀ$ýÖù	Ve`¤ÉŽFňz¯eº çœbI%.ïågö-
ÁÕ|½{²iÞ¡Þa�,�-Óã2ÜWžøú]ÍØD@»Ð;7)tl
+`Ž0hv¢]oɽñ&xþËœö˜ìÐBªõã]…g=mO‡É¥—sM!Y‹®ïqŽ‹+¢ÔYÍþ®áwáêpÊËòñÅgüRZ¦-Fâ%»1ágW
ø<ÚO½UZBP	7 e”Š¬ÓíFþŽ.ï;Ö¥jŸ¥ÿŠ*ö°µt�&gê„Õ“ÇÕBPpsïóÑ0‚Ò&Okë1‰ž­¾)¼oŠ!ö׈%$*E3‘9í®]£ø±bÂëÐURHPK«3o?#Yw«3(AqÉIQ9æ‹Ý¨ELô]39ž¹(Ãt�y%,±à'×O„<«V¶¥ûÕ&Iö"õû¾
f>*Ò¼Ëð R
�…ó°Pœõ}×7í½;7"AýÀ¼j“ZL¸2ÔCÐÄ`ùƒ½
Æé*³ùõ™Œh£ÿÚE„�ÚÇ@S%ã¸Ïît)zÀÆAUBÝ–jãXëºß&µþþðççÿ|,ÙÖ!Ãsræ_aŽ
+‰ŽöU“Æ‚é-Š�l¹©[.8s¯ûa.©x'¨	¹ûÄʾÀ»å4:úج`cV'µH‘ÇEdÝ“çt”�U‡3»ð’ÑœOämP$×�âm9ß4«§‡å
+w
–Œ©Óá°
#wì�†Õ쇼2-±ÃîÖC¸÷wÊw`¼":U‡Ýi˜»Â–âBŸJ¥•\hü.Ž�0ž?£.V
+S§_Ã	¦00Ež(H@͆�ë
E3ÂÜ2¨ô	ôÞÁÑ!|ô‡
4ª
+à6s1Âì›}h$/1N†P9¸KúÈÆÍ:YÄíl!UúÝ›ÒW”ä|Õ4ŽÊÚ×z@aG—,Ëš†Xß¹<©lœ8R~Ø~œ:í[Êá%á1%«
+·5Ò�ꊲ‘¦Ñˆ2¬4¹Ã¹PÚ°†[¢We©Oø™ŠÏÍ<_ÙüF�Î'P ø{lÆ�¼®¢oÏŽ²8Š{€)
å%ÑòºXõ¥vì­ˆKíØF¬©ùªëprKÊj¡œÔ¥Óë…çyhh$çN5_íÎ@f˜ÛCÊíŠÒª}ѽœ<ȺaúÈ•ñ¿ÿÕXìØϬƒk'vrA`|¡we/k8÷�¿Öh¹ðG·ñKдŸøÕEëGÚ#Qƒ­%ÀÝâþ™W€€�UÜ?£;ókI,ÑvˆÿI_ê3Ÿ]IOSnpðòOTLªÖTéÀv½'h.Ëþ¬àãq×C~Jž4*XÒ²J;9 ýí9Q¢P¸:5ቪØJ»ùº)ä ÃÎ
+ºéOŽç8µ³yµC’ÒÔ6åÒàè°ç—üçZ,sNsìh‰…
+Gñ{‡Â
l¸œ�_T³H›`º\¢Žµ>¼Õ4aŠæ©¬%ÅV¥Û¼f� ÈìĨ�Ð#`p°ØU¹õŠ*¿J=öÌQ#dß›ÍÎ/�¼uv_Ièsˆ¥ÎkQGb_®eÄ89Nëô’Á݆�ïhð]ÝR³Y©­d˜qï�¸'‡ZžŽÄN=Îqç1o}K3š&–ô²AÐ
ô%kÞ=Ìóž@	~Lö01'gJEIUÝÍŠ²kÎ]¢^u}a?‰àL;òNG�b`b"l0j‡3CZÛ&×@ù5,|Nü)oÂõÃVê‚SäYÏC­jÅQí~:r„6ȆûñZe$&™‘õOñ6’Äxó*wpLMºå7¡#—œkÓÇD­Ï§á®…\`PàËë·&4Á%ŽSu;6Tò†…4ƒ�&ÝÚq<}³×mŸ [�6ª¢c;p‡MY®|9»»K´ÜT—Îíc¿ËÇ8]ÄÄ.æSšq;‹Ó/èߧ#¢rú:y˜Æó½jú)f:XÊV“ö37ù3·îañk€±Dòˆ±ôRÂÎ1ø¬Ô9ÐYŸ×SÙ"gV×؇ µ¬V¡¯Ü¼¦³¹ÁäC½“5ºöÏœ™ðØHÞÄä�f�;5‘£^b$Ù—›Jê8ßuñÁNúœÒ¡MW‹{“îËÇt§P°Ôì•þTе+\W,òä¾,œ·‰ôÉ!P c çc;WU­™d\B6a/Wuh0 —
+ÔO2a@*æKëÇKxªÍ36In!ÌNÃém#ø~Îx›clCx}»ôŽw-í¡¤¶Z;éÓÀMþkôM¨óBEÆ+bAv¸Ä!•ëãÇpø4€Þ[Uä£Ù¶×ŠöB
:¡¹˜[þ‡IMx�ÜŒ;›�ÃI‹»Oƒx~ÞŽÒŠ#VÙwoò*|4è’[g™@1(½îU€w¯Ø€Ýö”™ŠWè÷Á%/Øã‘ÇÅä�ï‚Ÿ$Ö­·
µ`vŠ�‡”ÛsSxÁlõ	ÛÉþg5³®Ñ½…/ù0&kÝÖ5í©s³p¤ìãû¦;¹gˆò�ª…sdÌpï5M­ËƒƒÔñ©—ˆÂ›^ê(3Öpö4ÂÈwrvÜv½F½X]ŽŸ·Œ"Ö4ý{ “ì˜hoýG`²×ç�høHF©ÏÁÂ`­°¯¿Jð×@»<m”º•s¹žŒMÈuïÏrRøZÝ�p�ÙÙÄ‹@Çï´ Ç#Zöä6’ «MjŸëw
+Ñù3}g¹„Ò z@©S™˜4º+”j«µd¿ÎI+‡ÍãÅÖZK}rà®(e?i"MZ K6 ¨ÇêÁ`2²ð±°ký˜x·e‰_â)ζô‰ˆÕ¿Àº
+öª/5ªÎƆ£îŒ9¯,SI”Û¬&�‘uf�¼¤÷ίõËœÊú¶
+!¢´Mù¢GƒíŒüꊬžA!ãÍ%@
ÚémÃiÆáš'>œ‰69Ö8œ¨È¯H÷5n_©¶Â2á´·óêêÐ
+Ù€Ñà!„Á·21D,­+°ú¨¹JÜ-Ùì\‡)œèméK{8s°BŒÀða`¡N×<«5›rÜø÷öµ„†V¥
/—åo óÅ�Ñ¿FR€ªjµÀ&!66ÆwÊÒS4göÇ…û2k (Ñ3,º&ÓÄ×îš9�üì@¡ˆsfá9fóñ*SÁ÷I9}ba;>‚»ÃnMj".$BªõÀRv#:ª\†lË7­ÏØ>20t£ˆ�%ŦЋڲýR	?éõ.¬¼u
§ï�ÊÈ„“»h–YÏ}wûµÆƒÐÂMf‹ˆܲÁ�ÌúBQk)$§îýµTÜb‡ðyQÕ¸	ª‚C1Ò¿úAŠ±©¡Ù,PJE|ë6 .åÇeœê�wʶT‰C…�vM«w	?lg™EÌ	b#
{ÀáaPj¶êÂ66¶Æàø;Ž€/±¥b­qˆ®Jâ/H�ä#1Æt�L`"ŸtÆÆœGH¶Ý‹Ò
[i·ÁµýmªÅ+3âø¼N
(tœ<mÈÂ�bÐ!t&s¨îà*æ÷+$ÈÚÑ�g�~®?‚åЃ†Ö³ž”·Áû«„ôo:@y̧,c=eÚðºÔß}:çUöÆ/Å®ŒÜwwøFÝ=2uø”�ËÂé×ïÐ[ø?’sVs=†ùÿ|¼Äx\¢®9-SáBðÚk™`>wFq‹îõH$àJàâv†·•Ñu¤±¥±—L
^ÅdŸSIÊõ†¹à¦�Ô¦ sªhwù?S#þF>Šy7”Õ¹ô	¤•Ðö´>bFÒ-&›šL:—LR¨Ô\ó…ŒéÒÚ$ÁB)ÖG?ª-Z?p-Þ±”§ã}§Ÿ/Öè0ÈBÁQù'±7¡^fHi½#'¬),K¼6Pµ¾‘`©"�ò–%I¸¥cgi¿ZèøSmä
›DÑm…w:#Ëêrkr‚êP}2±
CŽ¯=Võß�£¬U9éÛ£™¯
+¡(»êÐOùئ\Õ½xµÓRi�õžö&–Üæ]œ&¶"—ñªÅê#*Ë�»¦^ÃE\
+8Èn8ÌìÖ@Øu¹ƒ@qøÛ&šæ·š~-±xµ¨¸~ã30³®>ݸ«R¡¡‘CºÅ‰~às§DëpqukYÒ`‹zéæƒI¬DÈÅ‚Ýì¥DŠ‚$[|êj`Àƒ’ÜIøËqà\ºCÊðëmÃÒ,�P Ä<SÊ2‹BÓ>+Ðå kŽˆª–ZæÁ&�º5ãÌt²¸¦$#G8O¼
.ýhñö_ƒÏLu*l´þfk ÛòêI½Ä(õ(]’Ðid9!±;•ò}ïL€WÙg³¿5D—Vb
+‘	û•T÷]í ì4p¹$^c¤Š‘Ì„ºé\kÐ�Ö9ú$K¶–3—ÉǠ¨ÔW¤…3U¸n«tC
+�óغA[#2y8aWY�ÆŸ4Mx™Ç
+Á(è€;�IÂßîF×l{»cêâ‘éVŠœPôĹu¤TvâCb¬½Û“ÃÄ–Ð@`†S9L¥ U`uÜÝoszFZ“j�Ô,÷>ÌsÖ}ö*›)²—Al§¦Nš,�¹
+Ê/¼ˆ%å¯ÌXF¡`ððîie½æªÓãúQC˜ÊDÓñiæ‘$Ñ3Ô¸åEôÎ…'Ž…#àÈq`hÜ©µþMLÅÝ[Ê5	¨2?û8ièHqqžŽ91ÂlѺÅÒî´û6k2Ë.¿{ä‚Í+œ!�0•Ü™€üý#ÚŸg+üø?u§mžlË�ˆŸn!Åâ|-ä{!£t	�líèà^¨tk­z
+ š¨#Y·{¦ ê?—Qu26Ããë*OKæ1åŸú³&°,ãµÂ«X¶Á³ÛAWà
ûÈ
Ê´gÄP"‘›OÖ¢X\QŸíÅõvÒJEåg°5P
¬Äø°Æ’ˆ
+8öææ¬Q¨”4 ˆf£)²Å¹A1‰#D¢¢•ûaÙJ®”„®L¶°	wtÄÎ])d�7óúæô&ÏÀI\WxkdåfqàEÝ�¡l½m„ßB€ãÎõè+ö&¨ë©Zês†ÿÃ
óÿüÂÀØÆÔÐÉÅÞÖÐÉæ{H¾$
+endstream
+endobj
+646 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-35 -250 1148 750]
+/FontName/IKZWFZ+CMTI9
+/ItalicAngle -14.04
+/StemV 70
+/FontFile 645 0 R
+/Flags 68
+>>
+endobj
+645 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 720
+/Length2 1051
+/Length3 533
+/Length 1582
+>>
+stream
+xÚí’{8TiÇQQCT(t™·Â’Lg0æ‚eŒF£ˆ(’bÌ98Ìœ©cfÌ(Y)×–î­$*‹.K*ždRé~1i[’\v‹M.=¹n‰ì`ÛžÕþ³Ïþ·Ïž÷Ÿóûþ¾ï÷ý¼¿sLzz[2aa0Âb"K2‰Ì,w�IÁÄ„…#\*Ä\¸"„
Èt:0Å¡€LVdDc@TÁ°„›e8&f,óQ0Žò¸pçŠÂ�2„Çåo!ED2L>¬Ý	Ö ‘.A`�@&å‰@0Šb„e£L,D¨ã2,Þü©%AðH%0Srš%%,Äø2#!„eBåiˆ’åcý
ÕÄp¶˜Ï÷à
+FãGçôE›+@ù²?BÁf±Á�»Fpl¢ÕgsG`T,˜Ø券|”ÇÄBù°$Û� ›q�d£RöDE¼0ÂåG"c:‚ÁI”ÃãXÆYéïËö·ÿ®ãMO.Š‰|d›}v�ÕäϵrF8* ‘•Fåúô¶qÂaË1žF±Pà-âb0‡ÿ¾„rvJ·ZZS€¥d²

P)PÌ_�k1t‹á¸
+A4+ê˜Êã8‚‰Æþå…?Õ!¨rF"Ex„Ì£ú¨jàÒùýA}×jù^V´Æ�NÿZõ+�‹Ûµˆ¹1fn²Ts?Åå·X´4ÁµÇ/npurÕž¦7°éƒõÜ®¹ùº§r4m«còä%æ ¬äØG¿(µhûMHÈé'V…rÅc¦TmÇ»¸Z©ØÔ!âJÎJù@K¢Î›‚º'—ÛûKBf4Î,Ìs‹˜±Us2+ûDRêîû¬ÊãCý/ǽ5Õª1N=­S‘_0aï–�œ-«‚l{º¶–n|˜Äù–çYÛVdtt¾elU굫¶StŒ�Ÿ�õb{æŠmÏç–Ó|Jæ]z?C³‡™œYñ.Æ·[w“ßwº
î	Š½Ï-¨¾Òm½*s{-w"GÒª¥U
ÛexX7 T!ñéiZ½¨_wæiiŸSëÐR¿�æ=Äê-çkìL_UÈY—Oݑ꺮£‚øõ®Y^Ìàå.ÒmT"hï^3¬*O…IA‹T3Ò$¥Ç÷e—gç±4‡]àG±F`ÈÓ¡I±•öo�ÌI
+Ú“UמÕ.»þ‚øÀ?<ÃÃ?-àv­¹ÁÞfÉÁç~'šÙÝ;.Mª<¸^‘Nm¤\+¤4õ¶ÕçÕÕˆú|ÏÑ6
ÏžymE™BBw¼š£>¼ø©ó£WªA”À×ÞjÅæÆwdnY-ÛÙŒØça¼¬ÞñÌ�_7î1I¹w½óŠ­Oñ¤Ü¤-�Ç´áL_½iøÉŒÛ#ôÞà8žúñŸÏÆçÞµ™1iºH[öºø6ÖÀAY§�ñ
”Òå:åÐ2Î*'=Èn½º^k}Aƒ÷pýTÇ»>­”¡ñ…”\‡7ZMDÑ)ÓÇbk3)²ð4ãxªï¯oT¹`àŸj�SºÚ,Ûº¿»³C¯ö€ÿ¢ê¦žõü²âùÉû
v
ïg»mÍ—®]E<¢¶AvnS8äz9)²USÐs%^(fè^³*'¸�ا~?1jOóンÁf»GÞq~:îü`žÑ­ÁœÂ)oé/«:±¦µé';Î=yS×ÊnKÎÚè1RÇ%,,~“1}Z¼@|?6¥y�‚¦V¾|ðˆö
·Ã]†Ö½aèâafjÞ«ÆgççV¶2ú1³Ê†”"
Í'.‰¾˜H\¸z�ÞV`[ÿ´?ªTe@g
+MŽeÞ¬{µ%*è#Zâ5ç;2z¶dCUÕÅ îñ¼n¨úÒ�²ä˜ˆdƒºp�ov¸Daj©¯…«h¿ÏÿF3~ž¸ºD¹2‹”7{Eœ¾~Fn¸£
+Y^ë“ø6•æ}çîÔáš…ZaF섇æ7<{+VÏäŒR_ð¾"èÇ’‡Žæ;ÙÕ×µÍÖØEVW¨w4†kL£O3öS¬ž\ú�Äâổ-NiM7“¬©¯×=˜Ë2í
Ê»¬+Fƒ_Üö¼®Ó�¿~ÿ!ώп|ÿü'x|„‹‹„.A ü�çQ^
+endstream
+endobj
+649 0 obj
+<<
+/Type/FontDescriptor
+/CapHeight 850
+/Ascent 850
+/Descent -200
+/FontBBox[-39 -250 1036 750]
+/FontName/DEBDVY+CMR9
+/ItalicAngle 0
+/StemV 74
+/FontFile 648 0 R
+/Flags 4
+>>
+endobj
+648 0 obj
+<<
+/Filter[/FlateDecode]
+/Length1 712
+/Length2 9906
+/Length3 533
+/Length 10459
+>>
+stream
+xÚí—UTѶ¦qww6îîînwgãîîÜ‚Kp‡àîîNp‚;MpnÎ9}o�>·_zô[�®z©ùÏ¿þõÕ¬õ²¨È€êLbNf i'Gw&6f6~€„’€�™�ŠJÂdênãä(iêâ°ññ±
Ä<¬ì¬6n~>~.>*€„“³�«�•µ;€V‚î.€˜ÈÕÆÜÔ dên
røbnjPw2·
¹û0bööµ¼âP¹�\=AÌllsw€ÈÊÆ�åHrŽ–NžÉÎÿÙò¹ºýåÐþå¤ü¥´pr´÷
X€,X”�þ®úËòŒõ¿¡ú÷pi{{eS‡ÄÿÓëš:ØØûü�¾“ƒ³‡;È äd
ruüw«6è_hJ ‡ïʹ›ÚÛ˜‹9ZÙƒ¬ÿ’lܤm¼A@wsk€¥©½èŸ:ÈÑâß!þŽíŸ,’Râ’Zºÿü¡ÿê
MmÝ5|œÿ+õæÖlÿ³þ;Wo€>+3++Û_ãßû?Ÿÿm-)Gs'G+€º»©£…©«Å	ÿ�I\ÜÉÛ�‰ƒÀÄÎõw±rpx¸XþW£¦£�‹HNÀÅÊÊÊÃÇþOÕÜÃÕäèþÏMð÷{ÿ³¶´ù;ÈdŽ�“‹mnÌHÌðhòпB®Ý9óˆÐSz•Éõ»gnüÑšyÕ6*Âø°†ür
ŒËx¢%ùÒ¨$�ÔÿÛhÈLJ f‡Þrª[ÿ‘¿6þ„i
³E‚¥ï×a¬ßÄPÀåg�º}gQàîÜ{;B†ßúº2Ø»nQ£ÇÐ;±ÖtsÔÆo¾"å¥�Â�gü»ÆqVÂBϧž3À!”#âCó^”I3h©YÖZp
½r2ˆaÊ~À¯[Ž¿õE`!˜ÿÀa¶~·Z"ÚeÓâ°@3Æy˜¿á
+}®¹‚žö”ÍÁ9x‰‘4ùºÆ[ï8}UdswÞ±��5öÌ÷¬‘°×“òŧAd€'~Ót“N¨ö•g‚¢M^3RÀC�šbM^FÑŸÍ­µ¶i©êê•y@²öÉL]dðTKÛ;Î稂Š
\�-	ž�L¾¿xúñ‘Íç™”NÝ¡7òYý¹ž{M^2̯ÈhÁ`¨BÌ
验Sj@‹z$OO¡Ï-[–!§#!¦ÞFÕÏù¡iJô·¡F7¤V°‡pä?–®¹•Jƒ€¸t£%C?8Ÿc˜Ùg<¸ú½I¡j"ŽJ­Éò Ã䞉~çe�
œŸ¿8û–•ŸÕÒÇ\×…±îÚГÜXø›ÞSŒJ¶V½[ŒX®ÿÆepÏ|½¶MOš,Xx*|°‹BßÞ¸¶;lH‹Þ�ˆeÍõ}\l¯q}P`“Š˜U�Ãûå)%v>=²
+Rô©aKv"ýW²:ê�·¥S-¹/Wô#¢‰š?èb<;á2–¯ÂG†|h€ŠCƒD­c¿s÷R@Ö€
+/\p¶ÞªÔ6ÐbÙÒ#ó4É©Íf¤2·• *ycUkbáúÓ5QÄ4f%ç0yaéOùÚ°˜kD_ý‰ºWácTy“2.Õ
$‡r©v!,Û‹“ßG¿EÀe4aCBûÈ{>'ú˜,ýØ}ÀI”½³Ñ|þ–p“×ç�=vÍMt"K«ƒ«6�“ÛÃ
›¥õuD5ÔV=(ÑÍž	ÍV¼ô+.WJ
ùZ˜Ÿ&Žó™“wV¤¸7ç#Û�ÔGõ!6ÿœ:ìÌhÏë£ö—î›PkŒs!r„=&Q
—ˆ¡­�EôÛ�“nŒ²zèËøÏü’û/y¶Ö“p­ï=ìdýhdËšÙ|âŠX�8iར¿¬º%³dVØÜH ·”u¾Õ–¹Fc¬‡ …蓦Îø,Jå…¦a†d0’9fÅš+!ë½akVJ\†»Ùåh¸�.²_;ro0—P–«Swïh6Ò)D1zëûŸ¾šñ¬ÿNŸ Æ_sjIxÇ}´ñ`Žõ#”UÕËtIôݵ9Så_‰bÚ’I·FCÉ11úHéˆåž)pà9ðÒ
:èÈÍukbä9ÏG”¼¤®�L„QôÎIIþ#AJ÷ÍÆï-êàØÉ)¨½L‡>{NfÑýHìZ—ºL;£¦
œáås€äš,¯°²=9ø5÷}q;õÌÏŽr˜¥MÌ�ü'”Y¡`e¤I¡LmÎï2œõ왺§àM;)¯í™XzdÍ?(.þšØ\]ðŒŠ°1ú1´ú�ÆZÈòhzi“¾vk^1e6,û>³¼ HÚÜOò»f´ÁRñbé…ðÐp#~}Y_Ê®L0Þ芪6
+ÀFïÇ7¸["Í°…1
ÇÏ èƒí2¼~“Ϭóï,’«^ÅGcÉ·™:RÛ©$~IF€ÅÓXH¡¦5#o}wÕ²¸µèúÚ‡Y¶ŽäVâ�ó½%‘ô­F,1¹–ñûó•0”ªlR£E`;$ðçù’¶xØ£­RÑ¢¶V¨Îœ+<™ƒ÷´Ð~ÇójêhS�“|fœQíØýÛHÒ
Ô†AŒ¹ÈÞTuï/äv^÷‡à B�ªýÙŒeÆ�Ÿ}ÇÖ‚Ü«Êæb}Ú°
MŽ¿/ ‰¼ãBˆxÅýQËB—Ä–íêWëæ×è“"�È®fÖ�Pæ#Fp´øĪp¦í¦áìÙo¹bÙ�(KCÊhó]ßbxYµ5"(ºÎ–oh¤0Á•kPü!Äš€cUºîVLµ±ŽÉJ˜F«©Î@D(?!™–u•¸š¢mí¶ÏUïh‡Ý[)…¼,ÁÒKÅ�ÔS0Vr£F‡šô„¯…*‰¨`«V?ž¢b–\
ô›y-DU)*²ÍÄL}ó·zÀòJ)‘€zF¹é-žÐH¼J÷P…¡tç¼(õ
3‰�#<žá`iMBŸ5GÔhn‡é®x¥Ö{®	’àk§ÃýÔ¸¿[DÐ*Óå8
ó¦�™‘¹mîHßßz+cõ`øD¿µ8³±X_þ&–ÿe$æ¾¥:ÝpÄ–ÄÛ4Ë©Ò6/²®>Ã@M•"­[æ¢1n¼³¾cŒúüž½a�¨7±™ñ¯â1Ò�W¾üþ÷SÖ>°\㌳ŸûÙé|¢Þw°Ù€SR¶sÌ䀸.,8¦XðÆS^PíO:Y‹ê>ùÆKaÁ_}7YM)sI>ÎOmqë¦+ó¸—hiÔž9
<Û™­ÝH¡IÅ$6:úU_;Ñ–[¹¡¯v]šf†àÌyŸ‚3ЛÑÆ_@q6 °í‰­üGVM{u½}éï§Ü�Ø�‹¯‰C¿Ÿ/†½û¾$H¥òûêA[!P!涎E’žT%42–Ôû=
¶âõ¹qâé(¯E~®gSPã~òØVQMP΃?YýVUÆÿpç�¢ÐÃ'|¦„U~ÇJi„IÅÿ|Y�[Ú„»DV†¾÷é¨ËuÝ�¤Ȩ�g±?,3—%å÷>"k‚EüÞ†Y(€-¢Í-ýÎ1³á½]˜bnHâIBþC<wŽ�–¤æ™>Žw!|�¶1ÒUN9ù­§†îJUO‚yM²ö× àÅŸçQb•Û~D½ˆf¬ÞÞ\š$Ü·Ô¶³ÖäR#57�lCõW–¤·ŽÅ]ZZU¶¸Ú&ÔN
q¾³d3a.H´kôx)lÚÑø‡ÄÛ«$qï„(y–j:ÊW½
«™«‹^„Om3,1Ü"Óƒ—©þ4^¢ªÎÛõzˆblpzK´8ž–�T9®M>¸ù“nÕ+MøâÁ¹QÏMë^z€„æô”ÿÇ|Œ–"ÌÍ>²w“ÈkJ‚‡ùì.a‹˜Š!4&¼_RÆ	Æ}é‡O⧞ûÝ“X…ˆÊxN™Š‚É­€”¿çG–t•�Jn{¯”_§â
sµäök­š¨} Ï{ÉÈéRWOuµzØÙÚVt™Ü.�çŸc*;šå:½]»M`§#gT‘K®iŪQQ·}ꚮǵ.Çù6­äb›·HÅæ\¼øBY¸z¹MÈaäwkÃ=Áž‡éòw�x–ü|êä1#œ�} ÜñnãˆÜ(©øV�ÉöM0†6;ñ‰ïÝ=\n"KôGÅêm‚,éªÃ©Íd‚X‚gÛÄÊÞÏÙ‡û~}¨ÅRNú_6VÑEã³êǪ½ávÔ­u”úªv·Í	�ÙÊ>ÌAz3ŽÍrÙ;„fM§ì�<7SkVäÊŽ)…µ?Û$‰öóA�|´ØJrקòŠ{3�ø¹ni²!žâÆÕùg»5óz8Þ>Äê"HÛ5ÃÃ$PéÆЧ�çRLFÔ‰CsþPªNtéUþ¨ÍY
µÀxO…ZåŸu¶´þûª¢¬4r;ÕÊU‚Â�æc¤oŸÂéj6I—aÛ˜K.áÜ„G®H½•ÅÉo¼K’^	$—1Až‡6Ó$"`y´¯4’?LñR´¿îá&¯ þÀ×�ì“:¿FòÜ7ÒþQŒå“'g´6ÝñVºN¹ÉÒùWÑjþøöRj åO<�-LŸÀIAâÇWÍSÌÇxÎܧ’û6”‹¬ÀÎj…$N×KBñÝêÌfß¿
+L†ƒ2[ƒ�§‡Y#Ÿæô¢c„ûÄ4Ï‚à�ŽþL€^sÆGªþ—ºâe=¡;ßòüp§Âìí	nd_ÝÚå'ÝÖ@!X�–’œ.…ŠÐ¯`k_.ŠñìvD=	Ï#yEÃçNkçÄ'èLÏ?½)/Øøò3Ñ
I5šÈ’ÁAùOUL%"Æ^ûD´#-×H]¢jÖ¹¬¿£ÓæÊ_<|d[kᥜ÷†o‰y¾eC5œaòÝq(Rñ„9<m‘-ËÜç(yÁ>vé(ÎÓoº÷îgð¼ôöz-G²4‰ü¼æÒšý>N:Ê’ÛT9»óL-WY<
ÆNÅå~›Néé]Ì"Uú@Ý#ˆþŒüré§£Ñ `�Þy¥`´Š‚™%Òpi
+nÅ
7wÁÌõR
j¢åõ‚ªÝõS&éØñ×äÅ¿ÙbìÒ½š>›ÓRÂóÍñ³çãœ*jŸÍ†•2b©”0à$	‰¢€
+––_¢ÊO8³½ÈWøk›Í‘µ,¼üS‹Cÿø¤a¸îÌ(øg$ƒvŠk�/c‡Ha>)Lço/OÉUý³yu¦þLXGVЛÏ)α—¶W³‰}Å ÝP¸Ç,è÷öú!盧½û#:B¶«lÅ,sœxv‡½dV&ªA^òäv¿¡ä1Ÿ�¤5L@Øþy¶cm—b¼.)©_¯mýªoÅÖᯱK_Oc|Z7ó�âšhíl…ÎfNù¾)ï¦Ý.¤
Â/
+P!æ.b‡ãB_Y}K´ÒkÙƒ—-læ5ºø${ù‘ˆ%¯ëµŒ Ä¦Â¼¹D_´?¿¬CFÛIÂñ.¾4ÀâÏÄëcùë¡0ajh­7¥—zÄ0U'FhgJbAã´ö9XÃ�'A¥JCe%mË‹tîwZï^ŠŸµÐ=®0®\#”ꆭ9¸Œ–ãIM9:~
+¡yxúõª‚a®Õ…Ê °øÚµgeËÝg`‘Ü;FHœfI'÷DÏÞø£Ü e[]GÚ$;RJLÄ-c°Iª†.NÚ’6™mÅ®¶œ«}ë:GÄøš²£t 4¿”¥\�/¡¥‹›Ÿâ|Üâãé$/Õ+ÕµÞ1J¢2}§7…Ô¹¹tîH„Å秠Y£•–"ác¿A(:”MÃçUöù@^µk7«\¢/àËËÖÏ�Öˆ+ìV—Ö|9n¥¹Bg
1GóaX*öÀ@„üðؼpÍᨺçRm÷�`”‰”f�úBfç?/[�s£ñhý~ÏŒY‰šÉ0Üß;ìQ¨DV+e!œ�ß‘rÒË#E^o§Á°íöG�†nÊ_}-}àÅ)SŸ£}ÈpÜü~�Y€8îòÉ{)_uz&±o3>c§'rÅ0q¬¶Ïím>[6h'Oéi¥OÑR¨ónÅ>¤²¬e8S,œ—ZÏÆë÷sĆé®÷Ý}$òOB‚šÏ?fJNã/‚@EŠ…
+(ÿ&Š9J³ÖúÃ<·H
+MV»€�„)¹y:·´HÏÕ&2�qÂŒráÃŒ‚’–Ò\ž‰@6«…ÁM¡`z„×ʺ�¾�i»úöºð(5B‘ÜžÏ-:´(“ýŽc_¿óY4ݽú1ªÎ{Ԧы‡{`p°›�D¨C…Ý_Àßn¦þýžKÌÄ-
w ÕtJÏØ^Ärc^Žu¹ˆGSc›«—v¤n»×ÛÏyèÇÌu¼)¯:6Ïv÷ÄîÀ6”ÓhCßf�ÚµÏæX"‡™Þ’MBr:.©?Q3‰0ë^J¯Y3WçV[“É¢!Ë÷ã…ybíubÛ±boEÐG¿öh®|\KC{)iÛxNõoSGpOœ>iÃ!:Kš�ö	Þ7Ê;|Šü’J‘û¥ûÆVY“5€ª2ñPW0hâ�^“ðÜÍ)±˜#J©(WA_)¨Føýs:²‚õ¸¿×{JÐDPºÀF†ó¤J9µŠÆŠ?oÑ|¶¾pË0XBÞ«gÕ†^ò¦«éš)�»E1yKY–D9M)êì èÎÈÏ3à: FõB«]ÓÏ‘Oî•c:}µúaʶ‚(²mè%ø3F8¹ÅqUCúú=Ìá
+¸Jö5Q‹Ž5›ú¹½g“B°l%sog~4‡,¾É€~B$6fšìm¿ãœÝ, ©®Iÿ¬Wáø�Ê„¬p›>©¼3Ô0B«KãÞáا&-`Ý_ÿ奯.¨ßÅJd…þ:\Àè°“Ö¡ðÎj‡	Qr"ÍÈ"‹f/iêA
+ÙTC¸
0È*ÆýôÒuÛŸ Îb¥^Ü�Š�W´†Ñ™Ur‚H_^’öÓ¼æŲäRi¡¤s¥F¹}Ò¶¨_+£2IXr%àŽŠnÑ[$ë)ß©jÒ¢9g‰¥SŒf¨€+5æ¦
kÒÀ´ð¡�¤Õ£¸^�»iÉrp@?°/Ï]”›5…—'umtX̾OgBÕŽàÊ°žàæa6ù“‘ÊeéåÄŒ)�oêz‰ðì0L—áÙ6¢7îÊ ^j¦´£Uˆ™½löÝAü’΋¿’Ä*Ò¯¢¼È¯ºGÐ5þmVF°gµ\¾õ´wT2#ŽSïÀCItÅD«#È<m™¡¶ØñöVø‚Ö\íV#K¬B´X²ã€¡ø)
+² 1ÂDwóŒýe‹.*
,áÏ£lé×m.%ì
úr©0¶t§»ß×ò÷(X*ƼØT›M>%PKíÓùÍ¥³™÷–ŠG±…bÑ	°ÇÆ¿¤Y‘©{Á²%N)õR¦8<\(â°Â¾'4W 1o±Õ²F)ŒˆH²ôc8³zuò~Üß:XÅŽÁ»wdMÛ•I¤D†öÀï¬2çÐÊK¯ëƧ‹1f¤ÙIŠÁ^Ó›19Ï*“néöè¨,*tTWƒÕ#­šx§:¼®wß&U|©�Ž£‚¸Pò9o�˜kÚþܪ„e¬RšÖ7¶üt:�&çÈE}Þg)ùQÊ.ä}cø˜F?ÿ®óÉCÍ ÄD‡tÄæ.g&Ïn�?Ž¿½¾}vä|Äv�7é¾G¹Ù²ýJ1Ç®Âi5…ÎÆY‹RAðËq©¶Màú²^"¡�«g�°ÜΞv¶ØîþP¢QfXGçFôš_±Ò‚Zú;ñÒ>¦™Eð¬›ÐÕü,Q·ü♢õS²_×\¼5Qá=ú·ƒ0x®í^ÂÁå�
ø
+éöàbò�ÉN8åqΨ—0Óg��
+fáCf·
+™â;ȹÒQaM+Desñ†o°ˆ‹JÚx?M$­ÔƒèÛwÁZ\~|ƒ‘¹ô`Xº¬f*þh=ÑþÌÖ¶�ñ{ï.:ä¿g¸1
¼Î±í‘U“ÂÅWÂè’¥+ì‡RðeoŒ_æä��¹Gò<’ETJÑï.wä��§§ì“�ò}B0xÔŒ~€;~ÄÝûóÇ{6üIÜæ*
+NY!µVÁÚÝ9Š³×ÃîÅ�]”;zÔ”o‹KOdን5úxy�ªÃõý¸„9©#æÏ1D˜ghÔÌp¨‘j·ŠòedAíîyE*'­f,Ã\÷Q1Â�œ¥ºÒcJ@?P¦Rï�ƒqG=‡â:tÝÖè!4º§Tˆ)„2ÕQüðÊ¥I‘Ê»�Àöµò9g˜�«�™/)Ld©Ü7åñ•ËnД1´¦\Æ}{ñø³ïªYŠË÷Òf°}m«ž/3­äCY=æi€PD
+2…µTD§¯¤h“çÕw©ԇ‘5A…ÊïJ‚
+F|>fMACx臜ÍScIÏg~üsx*ÕÁJ`ù;›ØÍ
+/¦X”A-Šy#}uí£Â‹<ÑÏ-ª •g5ÎDø^¤*îSšÉ:’þRJNq|Ÿò!È£T%!’5®6…Ò6`Œ—´qÛ‡~«š›êѸÀkJ'*Ž´¤zÄo튀…@‚ŒËêïsßZOß°±=«²\Ÿ…©ãœ:$;æ"”$E݃Éfˆæ#Ó/FóÅ&]6£¯J+¯]>Â�Øz(-¨›W8‰Œ­ýeĸ8Ðé[[êyÒ¯GƒlÐ/J 2È¼—o�¼#ÙËÉþíæT®|–ÎB´K÷7j ‚H$Pà+AuëÊh	Èc_þÏU…!N…ÛO^zWÖx“H§‘B~úźÄ2GÊ“c³Ç§1…ÝOOÝ…`á_PMÖ\“0zõ¨k@ܾxÇÉS¬…[²¡¡Wþ¢\8@°ì´&åð)’[g9Ôód·á�”WåkìÀ3Ü€€�KÉ÷dûb9kN,`§;•°
+­(Cë�K®ýÊâ´eã#+°`)ß ªÙ~>ü†ò'ÀϧݼùªEKâ°e³é¶ô‹õìi£&bGobÛ&�Û
q$êwÝ›°�,Šcok£âRÉ|5„`¼zºS¶Ž�í_Ë(y¬¨uîB_êä</bÌ×?!˜šÆ™�ºº®ýä…l“6‚‰Rü�Jp‹«ê6j+/7�b‹šÌ>gR“”UëU6&',o:Ê”ˆl.>ßÂ.~ÓËbåÃd”|M`µd¬œLf�}M‹VwqªëοmÞgùå38¼ÅGfÂ�GTvìH{ö˜Cc^ÓàtÆ¥â.BŒ’öÖ—Ÿ�ÉaF°¬º“J§u—ÒŠo]Ì$âg.l_æ*&…à�éàÛ·¼Î#%GFp«†œøÉz3¨0ëÃ/)\ÿ”º¯—J{ë`È¢HÓ­¹ì]­‘þåGþQôj™nº>¾
M=b™V·³ŒŽ[á>™ @†˜>Ùö; •ØïÚyâgpúY¦\3¿
jÍdfJD|<há�õ
é¢(ŠøÑÝ>!TWE¦výTé¶,ðJÇ`Þr0WŸ®?%ûËè­müQJ[•J_
Êu€î+f³Çw+˜xèOD…~é¯�ö€1Döà€2
+Ô/¯lѼŽçctö`èXhþ×Ðt·°Eâ²MeŒS_�òƒµöDä`Ò½µéF¸ÿ<\–——†ÄKô `ûÔì¿Çf+3ž†5SŸñ¥§­¹ ‰÷òŒ¢æ÷Ümzáæñ͸ʈðn÷²a;8�ÔÂÁå¢d?åÈܬ´Éj=b¥|VöÈ1Õ^i…±™~=s?Hö­ý{‚%¥|LÈMÂ7Ú=²³Ì�ÑÒ�:S’€+OW¨‡xˆA|¨¨ÚÜ„÷¶$QØ¥+?Œ0s°>F´¢ÒԶ骅Øi|ÿ}a©ìÇ¡yŒ€a+�3÷v™ŒùR((Û¹žH<Ìô~ùLu‰ïúx¶¹ÆÉ	v’uWÿ“Æic†ÞnÏl½�Í–D’FçСrþ{¿$ÉëÑ|UÞr~×]fRíjSbÕô¸»X¬~xå"«iÒw�å)Òl¶<£ÅS–¢í~‰ßx³fä±}(«Ø`+wú̬8ùŠ‚ÿœºðª?dr¾Éfr:—ÅÌDø¤k$Y õíÉÞ§Éø”6$tàëI2(�.·-@@èd³4³i@Ñ$,¤b­é*„.˜î?óyñDì–}›þ=–éßµ£ûÞòÊï껨vPàeN'(üp~*(MiRK-LÛf“WÔ!':ÎûškÕÔYx^#›’·ênÌmNÛJ_“A¬þ�áúµyÃñZÜ�¹l'†˜ß,^À•è[W=5OOWééŽo¦"©�‡þªzœñ�圡Z}(V|
+?ÿ"¯×7íPóÙf$«œÝÏy­�/tüc¥·º�×;ë¸Ú{Þì¤m'SV	Í;ý«�‡a‘e�®5Í|dåV²?ñ&ìÒË·›o•ÖÀ‹PBd>cQØj[zÅ,Ô¿[Jw3m*LŸ£Ð`I›|OCœi�dÁ¨ÜPk£Þ|¦A¾£5�°Ož¨%h4³…çW¾ã ÓêŠÿô4:Z'^#˜o6Y¡¼ìÁØßêê:ð¶Jßõ«HJG~æ,¬—“Ý€wE›:6'ô6*OkP««x\àPØå»iÚêÆr>1
Y
+Aú÷Y�#úy�‘8é7šçÑ»]ÝUúÙ�]©7¼‘ñL‘ÅŸm´]�‹µÁ,›5êJ
¨]îÕ*,›¥
Ž�MAéݾO­³;4ºôóÖrŠÃ"8Ȭ=XÃ’ðÖmÎHpÓˆ¥²‘ÖÞÕD¶g»Ýcßh$Û„íuƤ•�²uµZ�±@
[ä2»Sƒ$�Áðr+‘“ºÖ@˜þJÌ´˜þKlxhÿÊBX˜^6ꤣa¡¸e| _²7¹‡\¯ðn¡ë8pÒÆ’OšÀïă?ÁaLb+ ¾i«W^œo§BÏf1ètr‘)Ja2ÍÙ‹­.[ÂOÉc]ËÑvç‘?\yIk€¿(t3eB€À®+g§ØÔÁbê	¢¹œ¢Ë‡?Ö‰”ÖéâAƒ‚ÝÖ„å›?úÒ@¼ã5v‰Aªq@Lš s{»™Ó�¤Àsð’ƒKüCé.ƒ¬'*W×/™Gú�Ðþ‘ö£Ç<Œ‹îæJ‡Žö­Õqßù]/’Lûoœ·Ú¿ÍÚaØtåP…Ü‘c{L´l7ÎI°/#µLÁÿ` *(ÇÏÁåütS_t$wÐëSæl	])çP&áœ�Œ^\’æ‹×ûÆðØV7Iu JµÚ„}­L÷òjUødIeeeš>»µ“ífB',$Î&=.à¨e#«gDÓf#zº.ÑV�±Ò5/¿ÃxEé¹�y–>’…±NôèÚ×´EÝþÎf€äâQI�Ys4C¸èÂ`úÅ2AÂÚÏoÄz8ЕøÚa|"¦ÄÁp�ÀŠTg1g�YúÔC
ÚwªA«>N³+³ãø¢±ôÝ«�E:ÀKºU‚"ø…—K¯ ÐÍŒ9Þ!3F„Ì&,AÁ÷,ó‹—ÓVÑÉ|HKAnIcHk’ØÀ¯ö¢Ô·Ñ¦Âm½Êbƒ|l%“Á9Oy¢!r«³Ç1#D™´p¿EZ€DN¶ÝH9$žv‚2V¾Þ¯QsDM<Õ£TUÄ}¢_`³&ÙMf@´ÀªõâAW�¥ã•¼3‘ãËÈ%`àÊ;W£ç#æ­ã4
[ç‡È’¯N	8®ÎAº„[j–,ëÖ]%„eÛ *²Nå£Q:5a¿ÛwոפÒËÊ^/]^â›À»†ÃH=‰˜Û:Ã�sŒ-“‘�ŠÒùq"Ú�ÎÞ4nZM°>6ò^-CcêȦë˜èj:¹J"
™>¥Qð±ÞÓèB h¦€LèqP§a=”û¥`°Ü¡¤Rç2)·°´–Ÿøõ+Ú#î²={®qÓ©^2ˆÊb¹¥B…è]ô<xò),Fu¯ZèE^ÀÞm¹´Ð^ÄÍÂ…qLñÖõ z³R¯j<1ç.ŸÊ—,L®Œ\ï¥WhL?gÍÚ°|ÿ£¬Ÿ’)r+iß®G�Év›�g¿MìÛuQóÜž™:'>0vD,BãÇÔÒ3ßê4]½E$e¥p†ãlfW{Ä~ÿ ™w,[e^¾˜yâz	óð=sY«NÒΑR³];Uç@$®0ŠOR[U+�ß…Ê�€4p;*os	¦æ·4�
cuº“Ï'$™�7[¤,´¼�þ<}M�­åò�9+ckÛZ¡\­QúÑx& ¸æí�:Ètð^2Ñ‹îvð’sN®f6"<jöy#Gl-ò„n¦åËòƒïPl;øÅ~¼`ÃÌÇ°sϤ‘ð]Ö/ÝH1Þص�:dŽ•�y�T9µ& ë¶›xÒC7
3JÚ2ŠOñŒöÆhZdÚ÷•¨T„±6²™à Õ1¼Ø�Á©b÷0'מwæ�$�“þÌo¸Lšf´v£"qÐXóà&ܾP¢=EB$�ûGŠÁ2�©;$ÖËBï~¬&,Ïg²Qª�/‹íDÓ€)¸ ²L{-ñDÌÑM¡(æWußI»�#Ù VRàÙ•2¾Ê"uœ3Üä(¾+Áh¼ØO<’Ðœm�/׶`kx›E2ò·a=/¼d
0N½â'}R>îný†#1�6nºªòâ!¡W²ÉÚšz¢¹éѵ÷�½‡[V“ž¹b%Âfê�¹áW5h§ZÓA[-HHu•­§b(¼æLRÉœ¤55K?Ò+Ø„–�‡Ú¡Fk“±„SOÒYže‹’çQBËX1ÄÂ�cº¶³ïL4å‘òƒ<u]ɗѸ#ŽBÜ$4Jn-ö¦<R(܈vŒ†¨íñiTáû�z�¿rͲ¾ÁÖn÷•ò浇œúRt`Ño°,ûšQ]ýb¢Ì! 
+B‘ùAw—ñ>¨ïîöœkv²MŒµõjÏ�N¬J•@ê¥ÊÌ–«Þõ;0+ûÜh'ÀÀÀ;JFª¼Çɤ�˜£%<ç(­­má“Èì:·/\ÒÅ{-Âq¦¢Ò,S†•eJðn;ÜÌx´àVÝ•-YY„J(™‡kc~
+ë²qÕ`¾
ÔWG]ÑûË
+¸Vªíûæ™C�2«œzXÛÌ«ž¢ÓHdt­�`Ç©¾˜
+™í>;"„ã
çÀÔzÎ_güktçÞ?ÇMê]+Ê!õá¯ÏGç(ا¹ѧ­ú°Di’<{
Ó"[*׆‚´—ïGÃeGIퟦ6‡¯ãU‚íÑ�Ī<nÎcŒ\þ¿‡¬wl¦±O,±ÎEó\µCp`´æ¤$ƒÙÕ”¾�>º�Õ¤n1�-)’@ÞÊ|eåªB›.Ð\‹ÒŸãq�0L2rFÜVTÒñyð¯z]RV‰ëcÜ‹
+ÓÓÁìm°¨”ÉZ0Ëí�ÜZ–eUN£›‹Ó.¤Ô–û�…i2wKÅ,…¬!”Mˆa®Pß4ƒG:{¾`Ÿ‰ˆ;L#h–~MÀN¢št’º¾ Rð’�Ø	ÿz‡õch‡ž+yGHö
çÊ(Ä®‹ù‘«u´*¥8ÕÝ�¡£‡<ôFJ-½`ÇÃteºéM�OL­ãÿ‹=[‚öÖ£NÍGç-¼ù’…ǵ9Ë Šî÷§,ÅžÛ�)Îü�Œ˜ŽÞ¨ì'áD†Ð¥Ï€&…¤±#µÚNJ¾�¢é°ÊOtlœY7‡¤)!ëÿå…ðÿþŸ0·™ºº;9˜ºÚ! üÛwaª
+endstream
+endobj
+1 0 obj
+<<
+/Creator( TeX output 2005.10.03:1507)
+/Producer(dvipdfm 0.13.2c, Copyright \251 1998, by Mark A. Wicks)
+/CreationDate(D:20051019165629+00'00')
+>>
+endobj
+5 0 obj
+<<
+/Type/Page
+/Resources 6 0 R
+/Contents[18 0 R 4 0 R 19 0 R 20 0 R]
+/Parent 691 0 R
+>>
+endobj
+22 0 obj
+<<
+/Type/Page
+/Resources 23 0 R
+/Contents[18 0 R 4 0 R 31 0 R 20 0 R]
+/Parent 691 0 R
+>>
+endobj
+691 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[5 0 R 22 0 R]
+/Parent 690 0 R
+>>
+endobj
+33 0 obj
+<<
+/Type/Page
+/Resources 34 0 R
+/Contents[18 0 R 4 0 R 42 0 R 20 0 R]
+/Parent 692 0 R
+>>
+endobj
+44 0 obj
+<<
+/Type/Page
+/Resources 45 0 R
+/Contents[18 0 R 4 0 R 46 0 R 20 0 R]
+/Parent 692 0 R
+>>
+endobj
+692 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[33 0 R 44 0 R]
+/Parent 690 0 R
+>>
+endobj
+48 0 obj
+<<
+/Type/Page
+/Resources 49 0 R
+/Contents[18 0 R 4 0 R 50 0 R 20 0 R]
+/Parent 693 0 R
+>>
+endobj
+52 0 obj
+<<
+/Type/Page
+/Resources 53 0 R
+/Contents[18 0 R 4 0 R 54 0 R 20 0 R]
+/Parent 693 0 R
+>>
+endobj
+693 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[48 0 R 52 0 R]
+/Parent 690 0 R
+>>
+endobj
+56 0 obj
+<<
+/Type/Page
+/Resources 57 0 R
+/Contents[18 0 R 4 0 R 62 0 R 20 0 R]
+/Parent 694 0 R
+>>
+endobj
+64 0 obj
+<<
+/Type/Page
+/Resources 65 0 R
+/Contents[18 0 R 4 0 R 66 0 R 20 0 R]
+/Parent 694 0 R
+>>
+endobj
+68 0 obj
+<<
+/Type/Page
+/Resources 69 0 R
+/Contents[18 0 R 4 0 R 70 0 R 20 0 R]
+/Parent 694 0 R
+>>
+endobj
+694 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[56 0 R 64 0 R 68 0 R]
+/Parent 690 0 R
+>>
+endobj
+690 0 obj
+<<
+/Type/Pages
+/Count 9
+/Kids[691 0 R 692 0 R 693 0 R 694 0 R]
+/Parent 689 0 R
+>>
+endobj
+72 0 obj
+<<
+/Type/Page
+/Resources 73 0 R
+/Contents[18 0 R 4 0 R 74 0 R 20 0 R]
+/Parent 696 0 R
+>>
+endobj
+76 0 obj
+<<
+/Type/Page
+/Resources 77 0 R
+/Contents[18 0 R 4 0 R 78 0 R 20 0 R]
+/Parent 696 0 R
+>>
+endobj
+696 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[72 0 R 76 0 R]
+/Parent 695 0 R
+>>
+endobj
+80 0 obj
+<<
+/Type/Page
+/Resources 81 0 R
+/Contents[18 0 R 4 0 R 85 0 R 20 0 R]
+/Parent 697 0 R
+>>
+endobj
+87 0 obj
+<<
+/Type/Page
+/Resources 88 0 R
+/Contents[18 0 R 4 0 R 89 0 R 20 0 R]
+/Parent 697 0 R
+>>
+endobj
+91 0 obj
+<<
+/Type/Page
+/Resources 92 0 R
+/Contents[18 0 R 4 0 R 93 0 R 20 0 R]
+/Parent 697 0 R
+>>
+endobj
+697 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[80 0 R 87 0 R 91 0 R]
+/Parent 695 0 R
+>>
+endobj
+95 0 obj
+<<
+/Type/Page
+/Resources 96 0 R
+/Contents[18 0 R 4 0 R 97 0 R 20 0 R]
+/Parent 698 0 R
+>>
+endobj
+99 0 obj
+<<
+/Type/Page
+/Resources 100 0 R
+/Contents[18 0 R 4 0 R 101 0 R 20 0 R]
+/Parent 698 0 R
+>>
+endobj
+698 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[95 0 R 99 0 R]
+/Parent 695 0 R
+>>
+endobj
+103 0 obj
+<<
+/Type/Page
+/Resources 104 0 R
+/Contents[18 0 R 4 0 R 105 0 R 20 0 R]
+/Parent 699 0 R
+>>
+endobj
+107 0 obj
+<<
+/Type/Page
+/Resources 108 0 R
+/Contents[18 0 R 4 0 R 109 0 R 20 0 R]
+/Parent 699 0 R
+>>
+endobj
+111 0 obj
+<<
+/Type/Page
+/Resources 112 0 R
+/Contents[18 0 R 4 0 R 113 0 R 20 0 R]
+/Parent 699 0 R
+>>
+endobj
+699 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[103 0 R 107 0 R 111 0 R]
+/Parent 695 0 R
+>>
+endobj
+695 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[696 0 R 697 0 R 698 0 R 699 0 R]
+/Parent 689 0 R
+>>
+endobj
+115 0 obj
+<<
+/Type/Page
+/Resources 116 0 R
+/Contents[18 0 R 4 0 R 117 0 R 20 0 R]
+/Parent 701 0 R
+>>
+endobj
+119 0 obj
+<<
+/Type/Page
+/Resources 120 0 R
+/Contents[18 0 R 4 0 R 121 0 R 20 0 R]
+/Parent 701 0 R
+>>
+endobj
+701 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[115 0 R 119 0 R]
+/Parent 700 0 R
+>>
+endobj
+123 0 obj
+<<
+/Type/Page
+/Resources 124 0 R
+/Contents[18 0 R 4 0 R 125 0 R 20 0 R]
+/Parent 702 0 R
+>>
+endobj
+127 0 obj
+<<
+/Type/Page
+/Resources 128 0 R
+/Contents[18 0 R 4 0 R 129 0 R 20 0 R]
+/Parent 702 0 R
+>>
+endobj
+131 0 obj
+<<
+/Type/Page
+/Resources 132 0 R
+/Contents[18 0 R 4 0 R 133 0 R 20 0 R]
+/Parent 702 0 R
+>>
+endobj
+702 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[123 0 R 127 0 R 131 0 R]
+/Parent 700 0 R
+>>
+endobj
+135 0 obj
+<<
+/Type/Page
+/Resources 136 0 R
+/Contents[18 0 R 4 0 R 137 0 R 20 0 R]
+/Parent 703 0 R
+>>
+endobj
+139 0 obj
+<<
+/Type/Page
+/Resources 140 0 R
+/Contents[18 0 R 4 0 R 141 0 R 20 0 R]
+/Parent 703 0 R
+>>
+endobj
+703 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[135 0 R 139 0 R]
+/Parent 700 0 R
+>>
+endobj
+143 0 obj
+<<
+/Type/Page
+/Resources 144 0 R
+/Contents[18 0 R 4 0 R 145 0 R 20 0 R]
+/Parent 704 0 R
+>>
+endobj
+147 0 obj
+<<
+/Type/Page
+/Resources 148 0 R
+/Contents[18 0 R 4 0 R 149 0 R 20 0 R]
+/Parent 704 0 R
+>>
+endobj
+151 0 obj
+<<
+/Type/Page
+/Resources 152 0 R
+/Contents[18 0 R 4 0 R 153 0 R 20 0 R]
+/Parent 704 0 R
+>>
+endobj
+704 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[143 0 R 147 0 R 151 0 R]
+/Parent 700 0 R
+>>
+endobj
+700 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[701 0 R 702 0 R 703 0 R 704 0 R]
+/Parent 689 0 R
+>>
+endobj
+155 0 obj
+<<
+/Type/Page
+/Resources 156 0 R
+/Contents[18 0 R 4 0 R 157 0 R 20 0 R]
+/Parent 706 0 R
+>>
+endobj
+159 0 obj
+<<
+/Type/Page
+/Resources 160 0 R
+/Contents[18 0 R 4 0 R 161 0 R 20 0 R]
+/Parent 706 0 R
+>>
+endobj
+706 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[155 0 R 159 0 R]
+/Parent 705 0 R
+>>
+endobj
+163 0 obj
+<<
+/Type/Page
+/Resources 164 0 R
+/Contents[18 0 R 4 0 R 165 0 R 20 0 R]
+/Parent 707 0 R
+>>
+endobj
+167 0 obj
+<<
+/Type/Page
+/Resources 168 0 R
+/Contents[18 0 R 4 0 R 169 0 R 20 0 R]
+/Parent 707 0 R
+>>
+endobj
+171 0 obj
+<<
+/Type/Page
+/Resources 172 0 R
+/Contents[18 0 R 4 0 R 173 0 R 20 0 R]
+/Parent 707 0 R
+>>
+endobj
+707 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[163 0 R 167 0 R 171 0 R]
+/Parent 705 0 R
+>>
+endobj
+175 0 obj
+<<
+/Type/Page
+/Resources 176 0 R
+/Contents[18 0 R 4 0 R 177 0 R 20 0 R]
+/Parent 708 0 R
+>>
+endobj
+179 0 obj
+<<
+/Type/Page
+/Resources 180 0 R
+/Contents[18 0 R 4 0 R 181 0 R 20 0 R]
+/Parent 708 0 R
+>>
+endobj
+708 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[175 0 R 179 0 R]
+/Parent 705 0 R
+>>
+endobj
+183 0 obj
+<<
+/Type/Page
+/Resources 184 0 R
+/Contents[18 0 R 4 0 R 185 0 R 20 0 R]
+/Parent 709 0 R
+>>
+endobj
+187 0 obj
+<<
+/Type/Page
+/Resources 188 0 R
+/Contents[18 0 R 4 0 R 189 0 R 20 0 R]
+/Parent 709 0 R
+>>
+endobj
+191 0 obj
+<<
+/Type/Page
+/Resources 192 0 R
+/Contents[18 0 R 4 0 R 193 0 R 20 0 R]
+/Parent 709 0 R
+>>
+endobj
+709 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[183 0 R 187 0 R 191 0 R]
+/Parent 705 0 R
+>>
+endobj
+705 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[706 0 R 707 0 R 708 0 R 709 0 R]
+/Parent 689 0 R
+>>
+endobj
+689 0 obj
+<<
+/Type/Pages
+/Count 39
+/Kids[690 0 R 695 0 R 700 0 R 705 0 R]
+/Parent 3 0 R
+>>
+endobj
+195 0 obj
+<<
+/Type/Page
+/Resources 196 0 R
+/Contents[18 0 R 4 0 R 197 0 R 20 0 R]
+/Parent 712 0 R
+>>
+endobj
+199 0 obj
+<<
+/Type/Page
+/Resources 200 0 R
+/Contents[18 0 R 4 0 R 201 0 R 20 0 R]
+/Parent 712 0 R
+>>
+endobj
+712 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[195 0 R 199 0 R]
+/Parent 711 0 R
+>>
+endobj
+203 0 obj
+<<
+/Type/Page
+/Resources 204 0 R
+/Contents[18 0 R 4 0 R 205 0 R 20 0 R]
+/Parent 713 0 R
+>>
+endobj
+207 0 obj
+<<
+/Type/Page
+/Resources 208 0 R
+/Contents[18 0 R 4 0 R 209 0 R 20 0 R]
+/Parent 713 0 R
+>>
+endobj
+211 0 obj
+<<
+/Type/Page
+/Resources 212 0 R
+/Contents[18 0 R 4 0 R 213 0 R 20 0 R]
+/Parent 713 0 R
+>>
+endobj
+713 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[203 0 R 207 0 R 211 0 R]
+/Parent 711 0 R
+>>
+endobj
+215 0 obj
+<<
+/Type/Page
+/Resources 216 0 R
+/Contents[18 0 R 4 0 R 217 0 R 20 0 R]
+/Parent 714 0 R
+>>
+endobj
+219 0 obj
+<<
+/Type/Page
+/Resources 220 0 R
+/Contents[18 0 R 4 0 R 221 0 R 20 0 R]
+/Parent 714 0 R
+>>
+endobj
+714 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[215 0 R 219 0 R]
+/Parent 711 0 R
+>>
+endobj
+223 0 obj
+<<
+/Type/Page
+/Resources 224 0 R
+/Contents[18 0 R 4 0 R 225 0 R 20 0 R]
+/Parent 715 0 R
+>>
+endobj
+227 0 obj
+<<
+/Type/Page
+/Resources 228 0 R
+/Contents[18 0 R 4 0 R 229 0 R 20 0 R]
+/Parent 715 0 R
+>>
+endobj
+231 0 obj
+<<
+/Type/Page
+/Resources 232 0 R
+/Contents[18 0 R 4 0 R 233 0 R 20 0 R]
+/Parent 715 0 R
+>>
+endobj
+715 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[223 0 R 227 0 R 231 0 R]
+/Parent 711 0 R
+>>
+endobj
+711 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[712 0 R 713 0 R 714 0 R 715 0 R]
+/Parent 710 0 R
+>>
+endobj
+235 0 obj
+<<
+/Type/Page
+/Resources 236 0 R
+/Contents[18 0 R 4 0 R 237 0 R 20 0 R]
+/Parent 717 0 R
+>>
+endobj
+239 0 obj
+<<
+/Type/Page
+/Resources 240 0 R
+/Contents[18 0 R 4 0 R 241 0 R 20 0 R]
+/Parent 717 0 R
+>>
+endobj
+717 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[235 0 R 239 0 R]
+/Parent 716 0 R
+>>
+endobj
+243 0 obj
+<<
+/Type/Page
+/Resources 244 0 R
+/Contents[18 0 R 4 0 R 245 0 R 20 0 R]
+/Parent 718 0 R
+>>
+endobj
+247 0 obj
+<<
+/Type/Page
+/Resources 248 0 R
+/Contents[18 0 R 4 0 R 249 0 R 20 0 R]
+/Parent 718 0 R
+>>
+endobj
+251 0 obj
+<<
+/Type/Page
+/Resources 252 0 R
+/Contents[18 0 R 4 0 R 253 0 R 20 0 R]
+/Parent 718 0 R
+>>
+endobj
+718 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[243 0 R 247 0 R 251 0 R]
+/Parent 716 0 R
+>>
+endobj
+255 0 obj
+<<
+/Type/Page
+/Resources 256 0 R
+/Contents[18 0 R 4 0 R 257 0 R 20 0 R]
+/Parent 719 0 R
+>>
+endobj
+259 0 obj
+<<
+/Type/Page
+/Resources 260 0 R
+/Contents[18 0 R 4 0 R 261 0 R 20 0 R]
+/Parent 719 0 R
+>>
+endobj
+719 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[255 0 R 259 0 R]
+/Parent 716 0 R
+>>
+endobj
+263 0 obj
+<<
+/Type/Page
+/Resources 264 0 R
+/Contents[18 0 R 4 0 R 265 0 R 20 0 R]
+/Parent 720 0 R
+>>
+endobj
+267 0 obj
+<<
+/Type/Page
+/Resources 268 0 R
+/Contents[18 0 R 4 0 R 269 0 R 20 0 R]
+/Parent 720 0 R
+>>
+endobj
+271 0 obj
+<<
+/Type/Page
+/Resources 272 0 R
+/Contents[18 0 R 4 0 R 273 0 R 20 0 R]
+/Parent 720 0 R
+>>
+endobj
+720 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[263 0 R 267 0 R 271 0 R]
+/Parent 716 0 R
+>>
+endobj
+716 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[717 0 R 718 0 R 719 0 R 720 0 R]
+/Parent 710 0 R
+>>
+endobj
+275 0 obj
+<<
+/Type/Page
+/Resources 276 0 R
+/Contents[18 0 R 4 0 R 277 0 R 20 0 R]
+/Parent 722 0 R
+>>
+endobj
+279 0 obj
+<<
+/Type/Page
+/Resources 280 0 R
+/Contents[18 0 R 4 0 R 281 0 R 20 0 R]
+/Parent 722 0 R
+>>
+endobj
+722 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[275 0 R 279 0 R]
+/Parent 721 0 R
+>>
+endobj
+283 0 obj
+<<
+/Type/Page
+/Resources 284 0 R
+/Contents[18 0 R 4 0 R 285 0 R 20 0 R]
+/Parent 723 0 R
+>>
+endobj
+287 0 obj
+<<
+/Type/Page
+/Resources 288 0 R
+/Contents[18 0 R 4 0 R 289 0 R 20 0 R]
+/Parent 723 0 R
+>>
+endobj
+291 0 obj
+<<
+/Type/Page
+/Resources 292 0 R
+/Contents[18 0 R 4 0 R 293 0 R 20 0 R]
+/Parent 723 0 R
+>>
+endobj
+723 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[283 0 R 287 0 R 291 0 R]
+/Parent 721 0 R
+>>
+endobj
+295 0 obj
+<<
+/Type/Page
+/Resources 296 0 R
+/Contents[18 0 R 4 0 R 297 0 R 20 0 R]
+/Parent 724 0 R
+>>
+endobj
+299 0 obj
+<<
+/Type/Page
+/Resources 300 0 R
+/Contents[18 0 R 4 0 R 301 0 R 20 0 R]
+/Parent 724 0 R
+>>
+endobj
+724 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[295 0 R 299 0 R]
+/Parent 721 0 R
+>>
+endobj
+303 0 obj
+<<
+/Type/Page
+/Resources 304 0 R
+/Contents[18 0 R 4 0 R 305 0 R 20 0 R]
+/Parent 725 0 R
+>>
+endobj
+307 0 obj
+<<
+/Type/Page
+/Resources 308 0 R
+/Contents[18 0 R 4 0 R 309 0 R 20 0 R]
+/Parent 725 0 R
+>>
+endobj
+311 0 obj
+<<
+/Type/Page
+/Resources 312 0 R
+/Contents[18 0 R 4 0 R 313 0 R 20 0 R]
+/Parent 725 0 R
+>>
+endobj
+725 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[303 0 R 307 0 R 311 0 R]
+/Parent 721 0 R
+>>
+endobj
+721 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[722 0 R 723 0 R 724 0 R 725 0 R]
+/Parent 710 0 R
+>>
+endobj
+315 0 obj
+<<
+/Type/Page
+/Resources 316 0 R
+/Contents[18 0 R 4 0 R 317 0 R 20 0 R]
+/Parent 727 0 R
+>>
+endobj
+319 0 obj
+<<
+/Type/Page
+/Resources 320 0 R
+/Contents[18 0 R 4 0 R 321 0 R 20 0 R]
+/Parent 727 0 R
+>>
+endobj
+727 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[315 0 R 319 0 R]
+/Parent 726 0 R
+>>
+endobj
+323 0 obj
+<<
+/Type/Page
+/Resources 324 0 R
+/Contents[18 0 R 4 0 R 325 0 R 20 0 R]
+/Parent 728 0 R
+>>
+endobj
+327 0 obj
+<<
+/Type/Page
+/Resources 328 0 R
+/Contents[18 0 R 4 0 R 332 0 R 20 0 R]
+/Parent 728 0 R
+>>
+endobj
+334 0 obj
+<<
+/Type/Page
+/Resources 335 0 R
+/Contents[18 0 R 4 0 R 336 0 R 20 0 R]
+/Parent 728 0 R
+>>
+endobj
+728 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[323 0 R 327 0 R 334 0 R]
+/Parent 726 0 R
+>>
+endobj
+338 0 obj
+<<
+/Type/Page
+/Resources 339 0 R
+/Contents[18 0 R 4 0 R 340 0 R 20 0 R]
+/Parent 729 0 R
+>>
+endobj
+342 0 obj
+<<
+/Type/Page
+/Resources 343 0 R
+/Contents[18 0 R 4 0 R 344 0 R 20 0 R]
+/Parent 729 0 R
+>>
+endobj
+729 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[338 0 R 342 0 R]
+/Parent 726 0 R
+>>
+endobj
+346 0 obj
+<<
+/Type/Page
+/Resources 347 0 R
+/Contents[18 0 R 4 0 R 348 0 R 20 0 R]
+/Parent 730 0 R
+>>
+endobj
+350 0 obj
+<<
+/Type/Page
+/Resources 351 0 R
+/Contents[18 0 R 4 0 R 352 0 R 20 0 R]
+/Parent 730 0 R
+>>
+endobj
+354 0 obj
+<<
+/Type/Page
+/Resources 355 0 R
+/Contents[18 0 R 4 0 R 356 0 R 20 0 R]
+/Parent 730 0 R
+>>
+endobj
+730 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[346 0 R 350 0 R 354 0 R]
+/Parent 726 0 R
+>>
+endobj
+726 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[727 0 R 728 0 R 729 0 R 730 0 R]
+/Parent 710 0 R
+>>
+endobj
+710 0 obj
+<<
+/Type/Pages
+/Count 40
+/Kids[711 0 R 716 0 R 721 0 R 726 0 R]
+/Parent 3 0 R
+>>
+endobj
+358 0 obj
+<<
+/Type/Page
+/Resources 359 0 R
+/Contents[18 0 R 4 0 R 360 0 R 20 0 R]
+/Parent 733 0 R
+>>
+endobj
+362 0 obj
+<<
+/Type/Page
+/Resources 363 0 R
+/Contents[18 0 R 4 0 R 364 0 R 20 0 R]
+/Parent 733 0 R
+>>
+endobj
+733 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[358 0 R 362 0 R]
+/Parent 732 0 R
+>>
+endobj
+366 0 obj
+<<
+/Type/Page
+/Resources 367 0 R
+/Contents[18 0 R 4 0 R 368 0 R 20 0 R]
+/Parent 734 0 R
+>>
+endobj
+370 0 obj
+<<
+/Type/Page
+/Resources 371 0 R
+/Contents[18 0 R 4 0 R 372 0 R 20 0 R]
+/Parent 734 0 R
+>>
+endobj
+734 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[366 0 R 370 0 R]
+/Parent 732 0 R
+>>
+endobj
+374 0 obj
+<<
+/Type/Page
+/Resources 375 0 R
+/Contents[18 0 R 4 0 R 376 0 R 20 0 R]
+/Parent 735 0 R
+>>
+endobj
+378 0 obj
+<<
+/Type/Page
+/Resources 379 0 R
+/Contents[18 0 R 4 0 R 380 0 R 20 0 R]
+/Parent 735 0 R
+>>
+endobj
+735 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[374 0 R 378 0 R]
+/Parent 732 0 R
+>>
+endobj
+382 0 obj
+<<
+/Type/Page
+/Resources 383 0 R
+/Contents[18 0 R 4 0 R 384 0 R 20 0 R]
+/Parent 736 0 R
+>>
+endobj
+386 0 obj
+<<
+/Type/Page
+/Resources 387 0 R
+/Contents[18 0 R 4 0 R 388 0 R 20 0 R]
+/Parent 736 0 R
+>>
+endobj
+390 0 obj
+<<
+/Type/Page
+/Resources 391 0 R
+/Contents[18 0 R 4 0 R 392 0 R 20 0 R]
+/Parent 736 0 R
+>>
+endobj
+736 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[382 0 R 386 0 R 390 0 R]
+/Parent 732 0 R
+>>
+endobj
+732 0 obj
+<<
+/Type/Pages
+/Count 9
+/Kids[733 0 R 734 0 R 735 0 R 736 0 R]
+/Parent 731 0 R
+>>
+endobj
+394 0 obj
+<<
+/Type/Page
+/Resources 395 0 R
+/Contents[18 0 R 4 0 R 396 0 R 20 0 R]
+/Parent 738 0 R
+>>
+endobj
+398 0 obj
+<<
+/Type/Page
+/Resources 399 0 R
+/Contents[18 0 R 4 0 R 400 0 R 20 0 R]
+/Parent 738 0 R
+>>
+endobj
+738 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[394 0 R 398 0 R]
+/Parent 737 0 R
+>>
+endobj
+402 0 obj
+<<
+/Type/Page
+/Resources 403 0 R
+/Contents[18 0 R 4 0 R 404 0 R 20 0 R]
+/Parent 739 0 R
+>>
+endobj
+406 0 obj
+<<
+/Type/Page
+/Resources 407 0 R
+/Contents[18 0 R 4 0 R 408 0 R 20 0 R]
+/Parent 739 0 R
+>>
+endobj
+410 0 obj
+<<
+/Type/Page
+/Resources 411 0 R
+/Contents[18 0 R 4 0 R 418 0 R 20 0 R]
+/Parent 739 0 R
+>>
+endobj
+739 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[402 0 R 406 0 R 410 0 R]
+/Parent 737 0 R
+>>
+endobj
+420 0 obj
+<<
+/Type/Page
+/Resources 421 0 R
+/Contents[18 0 R 4 0 R 422 0 R 20 0 R]
+/Parent 740 0 R
+>>
+endobj
+424 0 obj
+<<
+/Type/Page
+/Resources 425 0 R
+/Contents[18 0 R 4 0 R 426 0 R 20 0 R]
+/Parent 740 0 R
+>>
+endobj
+740 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[420 0 R 424 0 R]
+/Parent 737 0 R
+>>
+endobj
+428 0 obj
+<<
+/Type/Page
+/Resources 429 0 R
+/Contents[18 0 R 4 0 R 430 0 R 20 0 R]
+/Parent 741 0 R
+>>
+endobj
+432 0 obj
+<<
+/Type/Page
+/Resources 433 0 R
+/Contents[18 0 R 4 0 R 434 0 R 20 0 R]
+/Parent 741 0 R
+>>
+endobj
+436 0 obj
+<<
+/Type/Page
+/Resources 437 0 R
+/Contents[18 0 R 4 0 R 438 0 R 20 0 R]
+/Parent 741 0 R
+>>
+endobj
+741 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[428 0 R 432 0 R 436 0 R]
+/Parent 737 0 R
+>>
+endobj
+737 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[738 0 R 739 0 R 740 0 R 741 0 R]
+/Parent 731 0 R
+>>
+endobj
+440 0 obj
+<<
+/Type/Page
+/Resources 441 0 R
+/Contents[18 0 R 4 0 R 442 0 R 20 0 R]
+/Parent 743 0 R
+>>
+endobj
+444 0 obj
+<<
+/Type/Page
+/Resources 445 0 R
+/Contents[18 0 R 4 0 R 446 0 R 20 0 R]
+/Parent 743 0 R
+>>
+endobj
+743 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[440 0 R 444 0 R]
+/Parent 742 0 R
+>>
+endobj
+448 0 obj
+<<
+/Type/Page
+/Resources 449 0 R
+/Contents[18 0 R 4 0 R 450 0 R 20 0 R]
+/Parent 744 0 R
+>>
+endobj
+452 0 obj
+<<
+/Type/Page
+/Resources 453 0 R
+/Contents[18 0 R 4 0 R 454 0 R 20 0 R]
+/Parent 744 0 R
+>>
+endobj
+456 0 obj
+<<
+/Type/Page
+/Resources 457 0 R
+/Contents[18 0 R 4 0 R 458 0 R 20 0 R]
+/Parent 744 0 R
+>>
+endobj
+744 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[448 0 R 452 0 R 456 0 R]
+/Parent 742 0 R
+>>
+endobj
+460 0 obj
+<<
+/Type/Page
+/Resources 461 0 R
+/Contents[18 0 R 4 0 R 462 0 R 20 0 R]
+/Parent 745 0 R
+>>
+endobj
+464 0 obj
+<<
+/Type/Page
+/Resources 465 0 R
+/Contents[18 0 R 4 0 R 466 0 R 20 0 R]
+/Parent 745 0 R
+>>
+endobj
+745 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[460 0 R 464 0 R]
+/Parent 742 0 R
+>>
+endobj
+468 0 obj
+<<
+/Type/Page
+/Resources 469 0 R
+/Contents[18 0 R 4 0 R 470 0 R 20 0 R]
+/Parent 746 0 R
+>>
+endobj
+472 0 obj
+<<
+/Type/Page
+/Resources 473 0 R
+/Contents[18 0 R 4 0 R 474 0 R 20 0 R]
+/Parent 746 0 R
+>>
+endobj
+476 0 obj
+<<
+/Type/Page
+/Resources 477 0 R
+/Contents[18 0 R 4 0 R 478 0 R 20 0 R]
+/Parent 746 0 R
+>>
+endobj
+746 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[468 0 R 472 0 R 476 0 R]
+/Parent 742 0 R
+>>
+endobj
+742 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[743 0 R 744 0 R 745 0 R 746 0 R]
+/Parent 731 0 R
+>>
+endobj
+480 0 obj
+<<
+/Type/Page
+/Resources 481 0 R
+/Contents[18 0 R 4 0 R 482 0 R 20 0 R]
+/Parent 748 0 R
+>>
+endobj
+484 0 obj
+<<
+/Type/Page
+/Resources 485 0 R
+/Contents[18 0 R 4 0 R 486 0 R 20 0 R]
+/Parent 748 0 R
+>>
+endobj
+748 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[480 0 R 484 0 R]
+/Parent 747 0 R
+>>
+endobj
+488 0 obj
+<<
+/Type/Page
+/Resources 489 0 R
+/Contents[18 0 R 4 0 R 490 0 R 20 0 R]
+/Parent 749 0 R
+>>
+endobj
+492 0 obj
+<<
+/Type/Page
+/Resources 493 0 R
+/Contents[18 0 R 4 0 R 494 0 R 20 0 R]
+/Parent 749 0 R
+>>
+endobj
+496 0 obj
+<<
+/Type/Page
+/Resources 497 0 R
+/Contents[18 0 R 4 0 R 498 0 R 20 0 R]
+/Parent 749 0 R
+>>
+endobj
+749 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[488 0 R 492 0 R 496 0 R]
+/Parent 747 0 R
+>>
+endobj
+500 0 obj
+<<
+/Type/Page
+/Resources 501 0 R
+/Contents[18 0 R 4 0 R 502 0 R 20 0 R]
+/Parent 750 0 R
+>>
+endobj
+504 0 obj
+<<
+/Type/Page
+/Resources 505 0 R
+/Contents[18 0 R 4 0 R 506 0 R 20 0 R]
+/Parent 750 0 R
+>>
+endobj
+750 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[500 0 R 504 0 R]
+/Parent 747 0 R
+>>
+endobj
+508 0 obj
+<<
+/Type/Page
+/Resources 509 0 R
+/Contents[18 0 R 4 0 R 510 0 R 20 0 R]
+/Parent 751 0 R
+>>
+endobj
+512 0 obj
+<<
+/Type/Page
+/Resources 513 0 R
+/Contents[18 0 R 4 0 R 514 0 R 20 0 R]
+/Parent 751 0 R
+>>
+endobj
+516 0 obj
+<<
+/Type/Page
+/Resources 517 0 R
+/Contents[18 0 R 4 0 R 518 0 R 20 0 R]
+/Parent 751 0 R
+>>
+endobj
+751 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[508 0 R 512 0 R 516 0 R]
+/Parent 747 0 R
+>>
+endobj
+747 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[748 0 R 749 0 R 750 0 R 751 0 R]
+/Parent 731 0 R
+>>
+endobj
+731 0 obj
+<<
+/Type/Pages
+/Count 39
+/Kids[732 0 R 737 0 R 742 0 R 747 0 R]
+/Parent 3 0 R
+>>
+endobj
+520 0 obj
+<<
+/Type/Page
+/Resources 521 0 R
+/Contents[18 0 R 4 0 R 522 0 R 20 0 R]
+/Parent 754 0 R
+>>
+endobj
+524 0 obj
+<<
+/Type/Page
+/Resources 525 0 R
+/Contents[18 0 R 4 0 R 526 0 R 20 0 R]
+/Parent 754 0 R
+>>
+endobj
+754 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[520 0 R 524 0 R]
+/Parent 753 0 R
+>>
+endobj
+528 0 obj
+<<
+/Type/Page
+/Resources 529 0 R
+/Contents[18 0 R 4 0 R 530 0 R 20 0 R]
+/Parent 755 0 R
+>>
+endobj
+532 0 obj
+<<
+/Type/Page
+/Resources 533 0 R
+/Contents[18 0 R 4 0 R 534 0 R 20 0 R]
+/Parent 755 0 R
+>>
+endobj
+536 0 obj
+<<
+/Type/Page
+/Resources 537 0 R
+/Contents[18 0 R 4 0 R 538 0 R 20 0 R]
+/Parent 755 0 R
+>>
+endobj
+755 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[528 0 R 532 0 R 536 0 R]
+/Parent 753 0 R
+>>
+endobj
+540 0 obj
+<<
+/Type/Page
+/Resources 541 0 R
+/Contents[18 0 R 4 0 R 542 0 R 20 0 R]
+/Parent 756 0 R
+>>
+endobj
+544 0 obj
+<<
+/Type/Page
+/Resources 545 0 R
+/Contents[18 0 R 4 0 R 546 0 R 20 0 R]
+/Parent 756 0 R
+>>
+endobj
+756 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[540 0 R 544 0 R]
+/Parent 753 0 R
+>>
+endobj
+548 0 obj
+<<
+/Type/Page
+/Resources 549 0 R
+/Contents[18 0 R 4 0 R 550 0 R 20 0 R]
+/Parent 757 0 R
+>>
+endobj
+552 0 obj
+<<
+/Type/Page
+/Resources 553 0 R
+/Contents[18 0 R 4 0 R 554 0 R 20 0 R]
+/Parent 757 0 R
+>>
+endobj
+556 0 obj
+<<
+/Type/Page
+/Resources 557 0 R
+/Contents[18 0 R 4 0 R 558 0 R 20 0 R]
+/Parent 757 0 R
+>>
+endobj
+757 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[548 0 R 552 0 R 556 0 R]
+/Parent 753 0 R
+>>
+endobj
+753 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[754 0 R 755 0 R 756 0 R 757 0 R]
+/Parent 752 0 R
+>>
+endobj
+560 0 obj
+<<
+/Type/Page
+/Resources 561 0 R
+/Contents[18 0 R 4 0 R 562 0 R 20 0 R]
+/Parent 759 0 R
+>>
+endobj
+564 0 obj
+<<
+/Type/Page
+/Resources 565 0 R
+/Contents[18 0 R 4 0 R 566 0 R 20 0 R]
+/Parent 759 0 R
+>>
+endobj
+759 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[560 0 R 564 0 R]
+/Parent 758 0 R
+>>
+endobj
+568 0 obj
+<<
+/Type/Page
+/Resources 569 0 R
+/Contents[18 0 R 4 0 R 570 0 R 20 0 R]
+/Parent 760 0 R
+>>
+endobj
+572 0 obj
+<<
+/Type/Page
+/Resources 573 0 R
+/Contents[18 0 R 4 0 R 574 0 R 20 0 R]
+/Parent 760 0 R
+>>
+endobj
+576 0 obj
+<<
+/Type/Page
+/Resources 577 0 R
+/Contents[18 0 R 4 0 R 578 0 R 20 0 R]
+/Parent 760 0 R
+>>
+endobj
+760 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[568 0 R 572 0 R 576 0 R]
+/Parent 758 0 R
+>>
+endobj
+580 0 obj
+<<
+/Type/Page
+/Resources 581 0 R
+/Contents[18 0 R 4 0 R 582 0 R 20 0 R]
+/Parent 761 0 R
+>>
+endobj
+584 0 obj
+<<
+/Type/Page
+/Resources 585 0 R
+/Contents[18 0 R 4 0 R 586 0 R 20 0 R]
+/Parent 761 0 R
+>>
+endobj
+761 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[580 0 R 584 0 R]
+/Parent 758 0 R
+>>
+endobj
+588 0 obj
+<<
+/Type/Page
+/Resources 589 0 R
+/Contents[18 0 R 4 0 R 590 0 R 20 0 R]
+/Parent 762 0 R
+>>
+endobj
+592 0 obj
+<<
+/Type/Page
+/Resources 593 0 R
+/Contents[18 0 R 4 0 R 594 0 R 20 0 R]
+/Parent 762 0 R
+>>
+endobj
+596 0 obj
+<<
+/Type/Page
+/Resources 597 0 R
+/Contents[18 0 R 4 0 R 598 0 R 20 0 R]
+/Parent 762 0 R
+>>
+endobj
+762 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[588 0 R 592 0 R 596 0 R]
+/Parent 758 0 R
+>>
+endobj
+758 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[759 0 R 760 0 R 761 0 R 762 0 R]
+/Parent 752 0 R
+>>
+endobj
+600 0 obj
+<<
+/Type/Page
+/Resources 601 0 R
+/Contents[18 0 R 4 0 R 602 0 R 20 0 R]
+/Parent 764 0 R
+>>
+endobj
+604 0 obj
+<<
+/Type/Page
+/Resources 605 0 R
+/Contents[18 0 R 4 0 R 606 0 R 20 0 R]
+/Parent 764 0 R
+>>
+endobj
+764 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[600 0 R 604 0 R]
+/Parent 763 0 R
+>>
+endobj
+608 0 obj
+<<
+/Type/Page
+/Resources 609 0 R
+/Contents[18 0 R 4 0 R 610 0 R 20 0 R]
+/Parent 765 0 R
+>>
+endobj
+612 0 obj
+<<
+/Type/Page
+/Resources 613 0 R
+/Contents[18 0 R 4 0 R 614 0 R 20 0 R]
+/Parent 765 0 R
+>>
+endobj
+616 0 obj
+<<
+/Type/Page
+/Resources 617 0 R
+/Contents[18 0 R 4 0 R 618 0 R 20 0 R]
+/Parent 765 0 R
+>>
+endobj
+765 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[608 0 R 612 0 R 616 0 R]
+/Parent 763 0 R
+>>
+endobj
+620 0 obj
+<<
+/Type/Page
+/Resources 621 0 R
+/Contents[18 0 R 4 0 R 622 0 R 20 0 R]
+/Parent 766 0 R
+>>
+endobj
+624 0 obj
+<<
+/Type/Page
+/Resources 625 0 R
+/Contents[18 0 R 4 0 R 626 0 R 20 0 R]
+/Parent 766 0 R
+>>
+endobj
+766 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[620 0 R 624 0 R]
+/Parent 763 0 R
+>>
+endobj
+628 0 obj
+<<
+/Type/Page
+/Resources 629 0 R
+/Contents[18 0 R 4 0 R 630 0 R 20 0 R]
+/Parent 767 0 R
+>>
+endobj
+632 0 obj
+<<
+/Type/Page
+/Resources 633 0 R
+/Contents[18 0 R 4 0 R 637 0 R 20 0 R]
+/Parent 767 0 R
+>>
+endobj
+639 0 obj
+<<
+/Type/Page
+/Resources 640 0 R
+/Contents[18 0 R 4 0 R 641 0 R 20 0 R]
+/Parent 767 0 R
+>>
+endobj
+767 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[628 0 R 632 0 R 639 0 R]
+/Parent 763 0 R
+>>
+endobj
+763 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[764 0 R 765 0 R 766 0 R 767 0 R]
+/Parent 752 0 R
+>>
+endobj
+643 0 obj
+<<
+/Type/Page
+/Resources 644 0 R
+/Contents[18 0 R 4 0 R 651 0 R 20 0 R]
+/Parent 769 0 R
+>>
+endobj
+653 0 obj
+<<
+/Type/Page
+/Resources 654 0 R
+/Contents[18 0 R 4 0 R 655 0 R 20 0 R]
+/Parent 769 0 R
+>>
+endobj
+769 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[643 0 R 653 0 R]
+/Parent 768 0 R
+>>
+endobj
+657 0 obj
+<<
+/Type/Page
+/Resources 658 0 R
+/Contents[18 0 R 4 0 R 659 0 R 20 0 R]
+/Parent 770 0 R
+>>
+endobj
+661 0 obj
+<<
+/Type/Page
+/Resources 662 0 R
+/Contents[18 0 R 4 0 R 663 0 R 20 0 R]
+/Parent 770 0 R
+>>
+endobj
+665 0 obj
+<<
+/Type/Page
+/Resources 666 0 R
+/Contents[18 0 R 4 0 R 667 0 R 20 0 R]
+/Parent 770 0 R
+>>
+endobj
+770 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[657 0 R 661 0 R 665 0 R]
+/Parent 768 0 R
+>>
+endobj
+669 0 obj
+<<
+/Type/Page
+/Resources 670 0 R
+/Contents[18 0 R 4 0 R 671 0 R 20 0 R]
+/Parent 771 0 R
+>>
+endobj
+673 0 obj
+<<
+/Type/Page
+/Resources 674 0 R
+/Contents[18 0 R 4 0 R 675 0 R 20 0 R]
+/Parent 771 0 R
+>>
+endobj
+771 0 obj
+<<
+/Type/Pages
+/Count 2
+/Kids[669 0 R 673 0 R]
+/Parent 768 0 R
+>>
+endobj
+677 0 obj
+<<
+/Type/Page
+/Resources 678 0 R
+/Contents[18 0 R 4 0 R 679 0 R 20 0 R]
+/Parent 772 0 R
+>>
+endobj
+681 0 obj
+<<
+/Type/Page
+/Resources 682 0 R
+/Contents[18 0 R 4 0 R 683 0 R 20 0 R]
+/Parent 772 0 R
+>>
+endobj
+685 0 obj
+<<
+/Type/Page
+/Resources 686 0 R
+/Contents[18 0 R 4 0 R 687 0 R 20 0 R]
+/Parent 772 0 R
+>>
+endobj
+772 0 obj
+<<
+/Type/Pages
+/Count 3
+/Kids[677 0 R 681 0 R 685 0 R]
+/Parent 768 0 R
+>>
+endobj
+768 0 obj
+<<
+/Type/Pages
+/Count 10
+/Kids[769 0 R 770 0 R 771 0 R 772 0 R]
+/Parent 752 0 R
+>>
+endobj
+752 0 obj
+<<
+/Type/Pages
+/Count 40
+/Kids[753 0 R 758 0 R 763 0 R 768 0 R]
+/Parent 3 0 R
+>>
+endobj
+3 0 obj
+<<
+/Type/Pages
+/Count 158
+/Kids[689 0 R 710 0 R 731 0 R 752 0 R]
+/MediaBox[0 0 612 792]
+>>
+endobj
+18 0 obj
+<<
+/Length 1
+>>
+stream
+
+endstream
+endobj
+20 0 obj
+<<
+/Length 1
+>>
+stream
+
+endstream
+endobj
+4 0 obj
+<<
+/Length 30
+>>
+stream
+1.00028 0 0 1.00028 72 720 cm
+endstream
+endobj
+773 0 obj
+<<
+>>
+endobj
+774 0 obj
+null
+endobj
+775 0 obj
+<<
+>>
+endobj
+2 0 obj
+<<
+/Type/Catalog
+/Pages 3 0 R
+/Outlines 773 0 R
+/Threads 774 0 R
+/Names 775 0 R
+>>
+endobj
+xref
+0 776
+0000000000 65535 f 
+0000498387 00000 n 
+0000523445 00000 n 
+0000523092 00000 n 
+0000523298 00000 n 
+0000498551 00000 n 
+0000005005 00000 n 
+0000000009 00000 n 
+0000378133 00000 n 
+0000377946 00000 n 
+0000000913 00000 n 
+0000391678 00000 n 
+0000391490 00000 n 
+0000001858 00000 n 
+0000002775 00000 n 
+0000408843 00000 n 
+0000408657 00000 n 
+0000003752 00000 n 
+0000523198 00000 n 
+0000004496 00000 n 
+0000523248 00000 n 
+0000004950 00000 n 
+0000498654 00000 n 
+0000009884 00000 n 
+0000425067 00000 n 
+0000424874 00000 n 
+0000005066 00000 n 
+0000005986 00000 n 
+0000437658 00000 n 
+0000437463 00000 n 
+0000007602 00000 n 
+0000008553 00000 n 
+0000009818 00000 n 
+0000498839 00000 n 
+0000014435 00000 n 
+0000009946 00000 n 
+0000439499 00000 n 
+0000439302 00000 n 
+0000010853 00000 n 
+0000441391 00000 n 
+0000441196 00000 n 
+0000011844 00000 n 
+0000012825 00000 n 
+0000014369 00000 n 
+0000498944 00000 n 
+0000016174 00000 n 
+0000014497 00000 n 
+0000016108 00000 n 
+0000499130 00000 n 
+0000018098 00000 n 
+0000016236 00000 n 
+0000018032 00000 n 
+0000499235 00000 n 
+0000019049 00000 n 
+0000018160 00000 n 
+0000018983 00000 n 
+0000499421 00000 n 
+0000024076 00000 n 
+0000019111 00000 n 
+0000447235 00000 n 
+0000447047 00000 n 
+0000020079 00000 n 
+0000021077 00000 n 
+0000023988 00000 n 
+0000499526 00000 n 
+0000024827 00000 n 
+0000024138 00000 n 
+0000024794 00000 n 
+0000499631 00000 n 
+0000027083 00000 n 
+0000024889 00000 n 
+0000027017 00000 n 
+0000499923 00000 n 
+0000027814 00000 n 
+0000027145 00000 n 
+0000027759 00000 n 
+0000500028 00000 n 
+0000030400 00000 n 
+0000027876 00000 n 
+0000030323 00000 n 
+0000500214 00000 n 
+0000033864 00000 n 
+0000452584 00000 n 
+0000452390 00000 n 
+0000030462 00000 n 
+0000031208 00000 n 
+0000033787 00000 n 
+0000500319 00000 n 
+0000035989 00000 n 
+0000033926 00000 n 
+0000035912 00000 n 
+0000500424 00000 n 
+0000038821 00000 n 
+0000036051 00000 n 
+0000038733 00000 n 
+0000500617 00000 n 
+0000041228 00000 n 
+0000038883 00000 n 
+0000041140 00000 n 
+0000500722 00000 n 
+0000043721 00000 n 
+0000041290 00000 n 
+0000043643 00000 n 
+0000500910 00000 n 
+0000046655 00000 n 
+0000043785 00000 n 
+0000046588 00000 n 
+0000501018 00000 n 
+0000049408 00000 n 
+0000046719 00000 n 
+0000049330 00000 n 
+0000501126 00000 n 
+0000051711 00000 n 
+0000049472 00000 n 
+0000051633 00000 n 
+0000501425 00000 n 
+0000055037 00000 n 
+0000051775 00000 n 
+0000054959 00000 n 
+0000501533 00000 n 
+0000058533 00000 n 
+0000055101 00000 n 
+0000058455 00000 n 
+0000501724 00000 n 
+0000061298 00000 n 
+0000058597 00000 n 
+0000061209 00000 n 
+0000501832 00000 n 
+0000063757 00000 n 
+0000061362 00000 n 
+0000063668 00000 n 
+0000501940 00000 n 
+0000066767 00000 n 
+0000063821 00000 n 
+0000066700 00000 n 
+0000502139 00000 n 
+0000069459 00000 n 
+0000066831 00000 n 
+0000069370 00000 n 
+0000502247 00000 n 
+0000072279 00000 n 
+0000069523 00000 n 
+0000072212 00000 n 
+0000502438 00000 n 
+0000075226 00000 n 
+0000072343 00000 n 
+0000075148 00000 n 
+0000502546 00000 n 
+0000077884 00000 n 
+0000075290 00000 n 
+0000077795 00000 n 
+0000502654 00000 n 
+0000081032 00000 n 
+0000077948 00000 n 
+0000080954 00000 n 
+0000502953 00000 n 
+0000083897 00000 n 
+0000081096 00000 n 
+0000083797 00000 n 
+0000503061 00000 n 
+0000086138 00000 n 
+0000083961 00000 n 
+0000086060 00000 n 
+0000503252 00000 n 
+0000088003 00000 n 
+0000086202 00000 n 
+0000087925 00000 n 
+0000503360 00000 n 
+0000090354 00000 n 
+0000088067 00000 n 
+0000090265 00000 n 
+0000503468 00000 n 
+0000092490 00000 n 
+0000090418 00000 n 
+0000092412 00000 n 
+0000503667 00000 n 
+0000095074 00000 n 
+0000092554 00000 n 
+0000094996 00000 n 
+0000503775 00000 n 
+0000097707 00000 n 
+0000095138 00000 n 
+0000097618 00000 n 
+0000503966 00000 n 
+0000100752 00000 n 
+0000097771 00000 n 
+0000100685 00000 n 
+0000504074 00000 n 
+0000103919 00000 n 
+0000100816 00000 n 
+0000103852 00000 n 
+0000504182 00000 n 
+0000106637 00000 n 
+0000103983 00000 n 
+0000106548 00000 n 
+0000504579 00000 n 
+0000109363 00000 n 
+0000106701 00000 n 
+0000109296 00000 n 
+0000504687 00000 n 
+0000112578 00000 n 
+0000109427 00000 n 
+0000112511 00000 n 
+0000504878 00000 n 
+0000115732 00000 n 
+0000112642 00000 n 
+0000115665 00000 n 
+0000504986 00000 n 
+0000117951 00000 n 
+0000115796 00000 n 
+0000117884 00000 n 
+0000505094 00000 n 
+0000120924 00000 n 
+0000118015 00000 n 
+0000120857 00000 n 
+0000505293 00000 n 
+0000123606 00000 n 
+0000120988 00000 n 
+0000123517 00000 n 
+0000505401 00000 n 
+0000125520 00000 n 
+0000123670 00000 n 
+0000125453 00000 n 
+0000505592 00000 n 
+0000128438 00000 n 
+0000125584 00000 n 
+0000128371 00000 n 
+0000505700 00000 n 
+0000130779 00000 n 
+0000128502 00000 n 
+0000130712 00000 n 
+0000505808 00000 n 
+0000133441 00000 n 
+0000130843 00000 n 
+0000133363 00000 n 
+0000506107 00000 n 
+0000136555 00000 n 
+0000133505 00000 n 
+0000136488 00000 n 
+0000506215 00000 n 
+0000138873 00000 n 
+0000136619 00000 n 
+0000138806 00000 n 
+0000506406 00000 n 
+0000141292 00000 n 
+0000138937 00000 n 
+0000141236 00000 n 
+0000506514 00000 n 
+0000143576 00000 n 
+0000141356 00000 n 
+0000143509 00000 n 
+0000506622 00000 n 
+0000145652 00000 n 
+0000143640 00000 n 
+0000145596 00000 n 
+0000506821 00000 n 
+0000148105 00000 n 
+0000145716 00000 n 
+0000148038 00000 n 
+0000506929 00000 n 
+0000150296 00000 n 
+0000148169 00000 n 
+0000150229 00000 n 
+0000507120 00000 n 
+0000152586 00000 n 
+0000150360 00000 n 
+0000152497 00000 n 
+0000507228 00000 n 
+0000153875 00000 n 
+0000152650 00000 n 
+0000153819 00000 n 
+0000507336 00000 n 
+0000156256 00000 n 
+0000153939 00000 n 
+0000156211 00000 n 
+0000507635 00000 n 
+0000158465 00000 n 
+0000156320 00000 n 
+0000158376 00000 n 
+0000507743 00000 n 
+0000160778 00000 n 
+0000158529 00000 n 
+0000160722 00000 n 
+0000507934 00000 n 
+0000163262 00000 n 
+0000160842 00000 n 
+0000163206 00000 n 
+0000508042 00000 n 
+0000165177 00000 n 
+0000163326 00000 n 
+0000165121 00000 n 
+0000508150 00000 n 
+0000167947 00000 n 
+0000165241 00000 n 
+0000167891 00000 n 
+0000508349 00000 n 
+0000170753 00000 n 
+0000168011 00000 n 
+0000170708 00000 n 
+0000508457 00000 n 
+0000173278 00000 n 
+0000170817 00000 n 
+0000173222 00000 n 
+0000508648 00000 n 
+0000175913 00000 n 
+0000173342 00000 n 
+0000175846 00000 n 
+0000508756 00000 n 
+0000178680 00000 n 
+0000175977 00000 n 
+0000178613 00000 n 
+0000508864 00000 n 
+0000179409 00000 n 
+0000178744 00000 n 
+0000179364 00000 n 
+0000509163 00000 n 
+0000179678 00000 n 
+0000179473 00000 n 
+0000179644 00000 n 
+0000509271 00000 n 
+0000181847 00000 n 
+0000179742 00000 n 
+0000181758 00000 n 
+0000509462 00000 n 
+0000184578 00000 n 
+0000181911 00000 n 
+0000184500 00000 n 
+0000509570 00000 n 
+0000188351 00000 n 
+0000461873 00000 n 
+0000461685 00000 n 
+0000184642 00000 n 
+0000185647 00000 n 
+0000188249 00000 n 
+0000509678 00000 n 
+0000190980 00000 n 
+0000188415 00000 n 
+0000190900 00000 n 
+0000509877 00000 n 
+0000193160 00000 n 
+0000191044 00000 n 
+0000193093 00000 n 
+0000509985 00000 n 
+0000195978 00000 n 
+0000193224 00000 n 
+0000195900 00000 n 
+0000510176 00000 n 
+0000197782 00000 n 
+0000196042 00000 n 
+0000197704 00000 n 
+0000510284 00000 n 
+0000199892 00000 n 
+0000197846 00000 n 
+0000199803 00000 n 
+0000510392 00000 n 
+0000202086 00000 n 
+0000199956 00000 n 
+0000202019 00000 n 
+0000510789 00000 n 
+0000204938 00000 n 
+0000202150 00000 n 
+0000204860 00000 n 
+0000510897 00000 n 
+0000208210 00000 n 
+0000205002 00000 n 
+0000208132 00000 n 
+0000511088 00000 n 
+0000210474 00000 n 
+0000208274 00000 n 
+0000210407 00000 n 
+0000511196 00000 n 
+0000212326 00000 n 
+0000210538 00000 n 
+0000212248 00000 n 
+0000511387 00000 n 
+0000214972 00000 n 
+0000212390 00000 n 
+0000214894 00000 n 
+0000511495 00000 n 
+0000218155 00000 n 
+0000215036 00000 n 
+0000218088 00000 n 
+0000511686 00000 n 
+0000221153 00000 n 
+0000218219 00000 n 
+0000221086 00000 n 
+0000511794 00000 n 
+0000222521 00000 n 
+0000221217 00000 n 
+0000222465 00000 n 
+0000511902 00000 n 
+0000222790 00000 n 
+0000222585 00000 n 
+0000222756 00000 n 
+0000512200 00000 n 
+0000226112 00000 n 
+0000222854 00000 n 
+0000226034 00000 n 
+0000512308 00000 n 
+0000228790 00000 n 
+0000226176 00000 n 
+0000228701 00000 n 
+0000512499 00000 n 
+0000231637 00000 n 
+0000228854 00000 n 
+0000231559 00000 n 
+0000512607 00000 n 
+0000232930 00000 n 
+0000231701 00000 n 
+0000232863 00000 n 
+0000512715 00000 n 
+0000238868 00000 n 
+0000465231 00000 n 
+0000465035 00000 n 
+0000232994 00000 n 
+0000466840 00000 n 
+0000466652 00000 n 
+0000233996 00000 n 
+0000234999 00000 n 
+0000238753 00000 n 
+0000512914 00000 n 
+0000241213 00000 n 
+0000238932 00000 n 
+0000241131 00000 n 
+0000513022 00000 n 
+0000244027 00000 n 
+0000241277 00000 n 
+0000243912 00000 n 
+0000513213 00000 n 
+0000247106 00000 n 
+0000244091 00000 n 
+0000247002 00000 n 
+0000513321 00000 n 
+0000249469 00000 n 
+0000247170 00000 n 
+0000249402 00000 n 
+0000513429 00000 n 
+0000252068 00000 n 
+0000249533 00000 n 
+0000251975 00000 n 
+0000513728 00000 n 
+0000254423 00000 n 
+0000252132 00000 n 
+0000254367 00000 n 
+0000513836 00000 n 
+0000257346 00000 n 
+0000254487 00000 n 
+0000257242 00000 n 
+0000514027 00000 n 
+0000259697 00000 n 
+0000257410 00000 n 
+0000259582 00000 n 
+0000514135 00000 n 
+0000261365 00000 n 
+0000259761 00000 n 
+0000261298 00000 n 
+0000514243 00000 n 
+0000262217 00000 n 
+0000261429 00000 n 
+0000262172 00000 n 
+0000514442 00000 n 
+0000263319 00000 n 
+0000262281 00000 n 
+0000263274 00000 n 
+0000514550 00000 n 
+0000265084 00000 n 
+0000263383 00000 n 
+0000265017 00000 n 
+0000514741 00000 n 
+0000266867 00000 n 
+0000265148 00000 n 
+0000266800 00000 n 
+0000514849 00000 n 
+0000268840 00000 n 
+0000266931 00000 n 
+0000268762 00000 n 
+0000514957 00000 n 
+0000270729 00000 n 
+0000268904 00000 n 
+0000270647 00000 n 
+0000515256 00000 n 
+0000273382 00000 n 
+0000270793 00000 n 
+0000273278 00000 n 
+0000515364 00000 n 
+0000275118 00000 n 
+0000273446 00000 n 
+0000275036 00000 n 
+0000515555 00000 n 
+0000277185 00000 n 
+0000275182 00000 n 
+0000277081 00000 n 
+0000515663 00000 n 
+0000279353 00000 n 
+0000277249 00000 n 
+0000279297 00000 n 
+0000515771 00000 n 
+0000282050 00000 n 
+0000279417 00000 n 
+0000281946 00000 n 
+0000515970 00000 n 
+0000285352 00000 n 
+0000282114 00000 n 
+0000285307 00000 n 
+0000516078 00000 n 
+0000288034 00000 n 
+0000285416 00000 n 
+0000287956 00000 n 
+0000516269 00000 n 
+0000289969 00000 n 
+0000288098 00000 n 
+0000289902 00000 n 
+0000516377 00000 n 
+0000291718 00000 n 
+0000290033 00000 n 
+0000291651 00000 n 
+0000516485 00000 n 
+0000293078 00000 n 
+0000291782 00000 n 
+0000293011 00000 n 
+0000516882 00000 n 
+0000296092 00000 n 
+0000293142 00000 n 
+0000296014 00000 n 
+0000516990 00000 n 
+0000299001 00000 n 
+0000296156 00000 n 
+0000298923 00000 n 
+0000517181 00000 n 
+0000301820 00000 n 
+0000299065 00000 n 
+0000301753 00000 n 
+0000517289 00000 n 
+0000304166 00000 n 
+0000301884 00000 n 
+0000304088 00000 n 
+0000517397 00000 n 
+0000305955 00000 n 
+0000304230 00000 n 
+0000305877 00000 n 
+0000517596 00000 n 
+0000306227 00000 n 
+0000306019 00000 n 
+0000306193 00000 n 
+0000517704 00000 n 
+0000309310 00000 n 
+0000306291 00000 n 
+0000309243 00000 n 
+0000517895 00000 n 
+0000312125 00000 n 
+0000309374 00000 n 
+0000312047 00000 n 
+0000518003 00000 n 
+0000314824 00000 n 
+0000312189 00000 n 
+0000314746 00000 n 
+0000518111 00000 n 
+0000317419 00000 n 
+0000314888 00000 n 
+0000317341 00000 n 
+0000518410 00000 n 
+0000319793 00000 n 
+0000317483 00000 n 
+0000319726 00000 n 
+0000518518 00000 n 
+0000321791 00000 n 
+0000319857 00000 n 
+0000321724 00000 n 
+0000518709 00000 n 
+0000323397 00000 n 
+0000321855 00000 n 
+0000323341 00000 n 
+0000518817 00000 n 
+0000323669 00000 n 
+0000323461 00000 n 
+0000323635 00000 n 
+0000518925 00000 n 
+0000324997 00000 n 
+0000323733 00000 n 
+0000324930 00000 n 
+0000519124 00000 n 
+0000325269 00000 n 
+0000325061 00000 n 
+0000325235 00000 n 
+0000519232 00000 n 
+0000328385 00000 n 
+0000325333 00000 n 
+0000328296 00000 n 
+0000519423 00000 n 
+0000331390 00000 n 
+0000328449 00000 n 
+0000331301 00000 n 
+0000519531 00000 n 
+0000334226 00000 n 
+0000331454 00000 n 
+0000334137 00000 n 
+0000519639 00000 n 
+0000337650 00000 n 
+0000334290 00000 n 
+0000337583 00000 n 
+0000519938 00000 n 
+0000340833 00000 n 
+0000337714 00000 n 
+0000340766 00000 n 
+0000520046 00000 n 
+0000342312 00000 n 
+0000340897 00000 n 
+0000342245 00000 n 
+0000520237 00000 n 
+0000345082 00000 n 
+0000342376 00000 n 
+0000345015 00000 n 
+0000520345 00000 n 
+0000348297 00000 n 
+0000345146 00000 n 
+0000348252 00000 n 
+0000520453 00000 n 
+0000351146 00000 n 
+0000348361 00000 n 
+0000351112 00000 n 
+0000520652 00000 n 
+0000353808 00000 n 
+0000351210 00000 n 
+0000353774 00000 n 
+0000520760 00000 n 
+0000356578 00000 n 
+0000353872 00000 n 
+0000356544 00000 n 
+0000520951 00000 n 
+0000359507 00000 n 
+0000356642 00000 n 
+0000359462 00000 n 
+0000521059 00000 n 
+0000361730 00000 n 
+0000472506 00000 n 
+0000472319 00000 n 
+0000359571 00000 n 
+0000360317 00000 n 
+0000361661 00000 n 
+0000521167 00000 n 
+0000362002 00000 n 
+0000361794 00000 n 
+0000361968 00000 n 
+0000521466 00000 n 
+0000365367 00000 n 
+0000485927 00000 n 
+0000485732 00000 n 
+0000362066 00000 n 
+0000487812 00000 n 
+0000487624 00000 n 
+0000363035 00000 n 
+0000364006 00000 n 
+0000365283 00000 n 
+0000521574 00000 n 
+0000365639 00000 n 
+0000365431 00000 n 
+0000365605 00000 n 
+0000521765 00000 n 
+0000366565 00000 n 
+0000365703 00000 n 
+0000366468 00000 n 
+0000521873 00000 n 
+0000366837 00000 n 
+0000366629 00000 n 
+0000366803 00000 n 
+0000521981 00000 n 
+0000368450 00000 n 
+0000366901 00000 n 
+0000368366 00000 n 
+0000522180 00000 n 
+0000369992 00000 n 
+0000368514 00000 n 
+0000369908 00000 n 
+0000522288 00000 n 
+0000372338 00000 n 
+0000370056 00000 n 
+0000372217 00000 n 
+0000522479 00000 n 
+0000373825 00000 n 
+0000372402 00000 n 
+0000373715 00000 n 
+0000522587 00000 n 
+0000376188 00000 n 
+0000373889 00000 n 
+0000376117 00000 n 
+0000522695 00000 n 
+0000377882 00000 n 
+0000376252 00000 n 
+0000377811 00000 n 
+0000504481 00000 n 
+0000499824 00000 n 
+0000498759 00000 n 
+0000499049 00000 n 
+0000499340 00000 n 
+0000499736 00000 n 
+0000501325 00000 n 
+0000500133 00000 n 
+0000500529 00000 n 
+0000500829 00000 n 
+0000501234 00000 n 
+0000502853 00000 n 
+0000501641 00000 n 
+0000502048 00000 n 
+0000502355 00000 n 
+0000502762 00000 n 
+0000504381 00000 n 
+0000503169 00000 n 
+0000503576 00000 n 
+0000503883 00000 n 
+0000504290 00000 n 
+0000510691 00000 n 
+0000506007 00000 n 
+0000504795 00000 n 
+0000505202 00000 n 
+0000505509 00000 n 
+0000505916 00000 n 
+0000507535 00000 n 
+0000506323 00000 n 
+0000506730 00000 n 
+0000507037 00000 n 
+0000507444 00000 n 
+0000509063 00000 n 
+0000507851 00000 n 
+0000508258 00000 n 
+0000508565 00000 n 
+0000508972 00000 n 
+0000510591 00000 n 
+0000509379 00000 n 
+0000509786 00000 n 
+0000510093 00000 n 
+0000510500 00000 n 
+0000516784 00000 n 
+0000512101 00000 n 
+0000511005 00000 n 
+0000511304 00000 n 
+0000511603 00000 n 
+0000512010 00000 n 
+0000513628 00000 n 
+0000512416 00000 n 
+0000512823 00000 n 
+0000513130 00000 n 
+0000513537 00000 n 
+0000515156 00000 n 
+0000513944 00000 n 
+0000514351 00000 n 
+0000514658 00000 n 
+0000515065 00000 n 
+0000516684 00000 n 
+0000515472 00000 n 
+0000515879 00000 n 
+0000516186 00000 n 
+0000516593 00000 n 
+0000522994 00000 n 
+0000518310 00000 n 
+0000517098 00000 n 
+0000517505 00000 n 
+0000517812 00000 n 
+0000518219 00000 n 
+0000519838 00000 n 
+0000518626 00000 n 
+0000519033 00000 n 
+0000519340 00000 n 
+0000519747 00000 n 
+0000521366 00000 n 
+0000520154 00000 n 
+0000520561 00000 n 
+0000520868 00000 n 
+0000521275 00000 n 
+0000522894 00000 n 
+0000521682 00000 n 
+0000522089 00000 n 
+0000522396 00000 n 
+0000522803 00000 n 
+0000523377 00000 n 
+0000523400 00000 n 
+0000523422 00000 n 
+trailer
+<<
+/Size 776
+/Root 2 0 R
+/Info 1 0 R
+>>
+startxref
+523543
+%%EOF

data/incoming/man-lpstat.html

@@ -0,0 +1,133 @@
+<!DOCTYPE HTML>
+<html>
+<!-- SECTION: Man Pages -->
+<head>
+	<link rel="stylesheet" type="text/css" href="../cups-printable.css">
+	<title>lpstat(1)</title>
+</head>
+<body>
+<h1 class="title">lpstat(1)</h1>
+<h2 class="title"><a name="NAME">Name</a></h2>
+lpstat - print cups status information
+<h2 class="title"><a name="SYNOPSIS">Synopsis</a></h2>
+<b>lpstat</b>
+[
+<b>-E</b>
+] [
+<b>-H</b>
+] [
+<b>-U</b>
+<i>username</i>
+] [
+<b>-h </b><i>hostname</i>[<b>:</b><i>port</i>]
+] [
+<b>-l</b>
+] [
+<b>-W</b>
+<i>which-jobs</i>
+] [
+<b>-a</b>
+[
+<i>destination(s)</i>
+] ] [
+<b>-c</b>
+[
+<i>class(es)</i>
+] ] [
+<b>-d</b>
+] [
+<b>-e</b>
+] [
+<b>-o</b>
+[
+<i>destination(s)</i>
+] ] [
+<b>-p</b>
+[
+<i>printer(s)</i>
+] ] [
+<b>-r</b>
+] [
+<b>-R</b>
+] [
+<b>-s</b>
+] [
+<b>-t</b>
+] [
+<b>-u</b>
+[
+<i>user(s)</i>
+] ] [
+<b>-v</b>
+[
+<i>printer(s)</i>
+] ]
+<h2 class="title"><a name="DESCRIPTION">Description</a></h2>
+<b>lpstat</b> displays status information about the current classes, jobs, and printers.
+When run with no arguments, <b>lpstat</b> will list active jobs queued by the current user.
+<h2 class="title"><a name="OPTIONS">Options</a></h2>
+The <b>lpstat</b> command supports the following options:
+<dl class="man">
+<dt><b>-E</b>
+<dd style="margin-left: 5.0em">Forces encryption when connecting to the server.
+<dt><b>-H</b>
+<dd style="margin-left: 5.0em">Shows the server hostname and port.
+<dt><b>-R</b>
+<dd style="margin-left: 5.0em">Shows the ranking of print jobs.
+<dt><b>-U </b><i>username</i>
+<dd style="margin-left: 5.0em">Specifies an alternate username.
+<dt><b>-W </b><i>which-jobs</i>
+<dd style="margin-left: 5.0em">Specifies which jobs to show, "completed" or "not-completed" (the default).
+This option <i>must</i> appear before the <i>-o</i> option and/or any printer names, otherwise the default ("not-completed") value will be used in the request to the scheduler.
+<dt><b>-a </b>[<i>printer(s)</i>]
+<dd style="margin-left: 5.0em">Shows the accepting state of printer queues.
+If no printers are specified then all printers are listed.
+<dt><b>-c </b>[<i>class(es)</i>]
+<dd style="margin-left: 5.0em">Shows the printer classes and the printers that belong to them.
+If no classes are specified then all classes are listed.
+<dt><b>-d</b>
+<dd style="margin-left: 5.0em">Shows the current default destination.
+<dt><b>-e</b>
+<dd style="margin-left: 5.0em">Shows all available destinations on the local network.
+<dt><b>-h </b><i>server</i>[<b>:</b><i>port</i>]
+<dd style="margin-left: 5.0em">Specifies an alternate server.
+<dt><b>-l</b>
+<dd style="margin-left: 5.0em">Shows a long listing of printers, classes, or jobs.
+<dt><b>-o </b>[<i>destination(s)</i>]
+<dd style="margin-left: 5.0em">Shows the jobs queued on the specified destinations.
+If no destinations are specified all jobs are shown.
+<dt><b>-p </b>[<i>printer(s)</i>]
+<dd style="margin-left: 5.0em">Shows the printers and whether they are enabled for printing.
+If no printers are specified then all printers are listed.
+<dt><b>-r</b>
+<dd style="margin-left: 5.0em">Shows whether the CUPS server is running.
+<dt><b>-s</b>
+<dd style="margin-left: 5.0em">Shows a status summary, including the default destination, a list of classes and their member printers, and a list of printers and their associated devices.
+This is equivalent to using the <i>-d</i>, <i>-c</i>, and <i>-v</i> options.
+<dt><b>-t</b>
+<dd style="margin-left: 5.0em">Shows all status information.
+This is equivalent to using the <i>-r</i>, <i>-d</i>, <i>-c</i>, <i>-v</i>, <i>-a</i>, <i>-p</i>, and <i>-o</i> options.
+<dt><b>-u </b>[<i>user(s)</i>]
+<dd style="margin-left: 5.0em">Shows a list of print jobs queued by the specified users.
+If no users are specified, lists the jobs queued by the current user.
+<dt><b>-v </b>[<i>printer(s)</i>]
+<dd style="margin-left: 5.0em">Shows the printers and what device they are attached to.
+If no printers are specified then all printers are listed.
+</dl>
+<h2 class="title"><a name="CONFORMING_TO">Conforming To</a></h2>
+Unlike the System V printing system, CUPS allows printer names to contain any printable character except SPACE, TAB, "/", and "#".
+Also, printer and class names are <i>not</i> case-sensitive.
+<p>The <i>-h</i>, <i>-e</i>, <i>-E</i>, <i>-U</i>, and <i>-W</i> options are unique to CUPS.
+<p>The Solaris <i>-f</i>, <i>-P</i>, and <i>-S</i> options are silently ignored.
+<h2 class="title"><a name="SEE_ALSO">See Also</a></h2>
+<b>cancel</b>(1),
+<b>lp</b>(1),
+<b>lpq</b>(1),
+<b>lpr</b>(1),
+<b>lprm</b>(1),
+CUPS Online Help (<a href="http://localhost:631/help">http://localhost:631/help</a>)
+<h2 class="title"><a name="COPYRIGHT">Copyright</a></h2>
+Copyright &copy; 2007-2019 by Apple Inc.
+
+</body>
+</html>

data/incoming/man-ppdi.html

@@ -0,0 +1,56 @@
+<!DOCTYPE HTML>
+<html>
+<!-- SECTION: Man Pages -->
+<head>
+	<link rel="stylesheet" type="text/css" href="../cups-printable.css">
+	<title>ppdi(1)</title>
+</head>
+<body>
+<h1 class="title">ppdi(1)</h1>
+<h2 class="title"><a name="NAME">Name</a></h2>
+ppdi - import ppd files (deprecated)
+<h2 class="title"><a name="SYNOPSIS">Synopsis</a></h2>
+<b>ppdi</b>
+[
+<b>-I</b>
+<i>include-directory</i>
+] [
+<b>-o</b>
+<i>source-file</i>
+]
+<i>ppd-file</i>
+[ ...
+<i>ppd-file</i>
+]
+<h2 class="title"><a name="DESCRIPTION">Description</a></h2>
+<b>ppdi</b> imports one or more PPD files into a PPD compiler source file.
+Multiple languages of the same PPD file are merged into a single printer definition to facilitate accurate changes for all localizations.
+<b>This program is deprecated and will be removed in a future release of CUPS.</b>
+<h2 class="title"><a name="OPTIONS">Options</a></h2>
+<b>ppdi</b> supports the following options:
+<dl class="man">
+<dt><b>-I </b><i>include-directory</i>
+<dd style="margin-left: 5.0em">Specifies an alternate include directory.
+Multiple <i>-I</i> options can be supplied to add additional directories.
+<dt><b>-o </b><i>source-file</i>
+<dd style="margin-left: 5.0em">Specifies the PPD source file to update.
+If the source file does not exist, a new source file is created.
+Otherwise the existing file is merged with the new PPD file(s) on the command-line.
+If no source file is specified, the filename <i>ppdi.drv</i> is used.
+</dl>
+<h2 class="title"><a name="NOTES">Notes</a></h2>
+PPD files are deprecated and will no longer be supported in a future feature release of CUPS.
+Printers that do not support IPP can be supported using applications such as
+<b>ippeveprinter</b>(1).
+<h2 class="title"><a name="SEE_ALSO">See Also</a></h2>
+<b>ppdc</b>(1),
+<b>ppdhtml</b>(1),
+<b>ppdmerge</b>(1),
+<b>ppdpo</b>(1),
+<b>ppdcfile</b>(5),
+CUPS Online Help (<a href="http://localhost:631/help">http://localhost:631/help</a>)
+<h2 class="title"><a name="COPYRIGHT">Copyright</a></h2>
+Copyright &copy; 2007-2019 by Apple Inc.
+
+</body>
+</html>

data/incoming/postconf.5.html

@@ -0,0 +1,19673 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+        "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+
+<head>
+
+<title>Postfix Configuration Parameters </title>
+
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+
+</head>
+
+<body>
+
+<h1><img src="postfix-logo.jpg" width="203" height="98" alt="">Postfix Configuration Parameters </h1>
+
+<hr>
+
+<h2> Postfix main.cf file format </h2>
+
+<p> The Postfix main.cf configuration file specifies a very small
+subset of all the parameters that control the operation of the
+Postfix mail system. Parameters not explicitly specified are left
+at their default values. </p>
+
+<p> The general format of the main.cf file is as follows: </p>
+
+<ul>
+
+<li> <p> Each logical line is in the form "parameter = value".
+Whitespace around the "=" is ignored, as is whitespace at the end
+of a logical line. </p>
+
+<li> <p> Empty lines and whitespace-only lines are ignored, as are
+lines whose first non-whitespace character is a `#'. </p>
+
+<li> <p> A logical line starts with non-whitespace text. A line
+that starts with whitespace continues a logical line. </p>
+
+<li> <p> A parameter value may refer to other parameters. </p>
+
+<ul>
+
+<li> <p> The expressions "$name" and "${name}" are recursively
+replaced with the value of the named parameter. The parameter name
+must contain only characters from the set [a-zA-Z0-9_].
+An undefined parameter value is replaced with the empty value.  </p>
+
+<li> <p> The expressions "${name?value}" and "${name?{value}}" are
+replaced with "value" when "$name" is non-empty. The parameter name
+must contain only characters from the set [a-zA-Z0-9_]. These forms are
+supported with Postfix versions &ge; 2.2 and &ge; 3.0, respectively.
+</p>
+
+<li> <p> The expressions "${name:value}" and "${name:{value}}" are
+replaced with "value" when "$name" is empty. The parameter name must
+contain only characters from the set [a-zA-Z0-9_]. These forms are
+supported with Postfix versions &ge; 2.2 and &ge; 3.0, respectively.
+</p>
+
+<li> <p> The expression "${name?{value1}:{value2}}" is replaced
+with "value1" when "$name" is non-empty, and with "value2" when
+"$name" is empty.  The "{}" is required for "value1", optional for
+"value2".  The parameter name must contain only characters from the
+set [a-zA-Z0-9_].  This form is supported with Postfix versions
+&ge; 3.0.  </p>
+
+<li> <p> The first item inside "${...}" may be a relational expression
+of the form: "{value3} == {value4}". Besides the "==" (equality)
+operator Postfix supports "!=" (inequality), "&lt;", "&le;", "&ge;",
+and "&gt;". The comparison is numerical when both operands are all
+digits, otherwise the comparison is lexicographical. These forms
+are supported with Postfix versions &ge; 3.0. </p>
+
+<li> <p> Each "value" is subject to recursive named parameter and
+relational expression evaluation, except where noted.  </p>
+
+<li> <p> Whitespace before or after each "{value}" is ignored. </p>
+
+<li> <p> Specify "$$" to produce a single "$" character. </p>
+
+<li> <p> The legacy form "$(...)" is equivalent to the preferred
+form "${...}". </p>
+
+</ul>
+
+<li> <p> When the same parameter is defined multiple times, only
+the last instance is remembered. </p>
+
+<li> <p> Otherwise, the order of main.cf parameter definitions does
+not matter. </p>
+
+</ul>
+
+<p> The remainder of this document is a description of all Postfix
+configuration parameters. Default values are shown after the
+parameter name in parentheses, and can be looked up with the
+"<b>postconf -d</b>" command. </p>
+
+<p> Note: this is not an invitation to make changes to Postfix
+configuration parameters. Unnecessary changes are likely to impair
+the operation of the mail system.  </p>
+
+<dl>
+<DT><b><a name="2bounce_notice_recipient">2bounce_notice_recipient</a>
+(default: postmaster)</b></DT><DD>
+
+<p> The recipient of undeliverable mail that cannot be returned to
+the sender.  This feature is enabled with the <a href="postconf.5.html#notify_classes">notify_classes</a>
+parameter.  </p>
+
+
+</DD>
+
+<DT><b><a name="access_map_defer_code">access_map_defer_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code for
+an <a href="access.5.html">access(5)</a> map "defer" action, including "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>"
+or "<a href="postconf.5.html#defer_if_reject">defer_if_reject</a>". Prior to Postfix 2.6, the response
+is hard-coded as "450".
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.6 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="access_map_reject_code">access_map_reject_code</a>
+(default: 554)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code for
+an <a href="access.5.html">access(5)</a> map "reject" action.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_cache_cleanup_interval">address_verify_cache_cleanup_interval</a>
+(default: 12h)</b></DT><DD>
+
+<p> The amount of time between <a href="verify.8.html">verify(8)</a> address verification
+database cleanup runs. This feature requires that the database
+supports the "delete" and "sequence" operators.  Specify a zero
+interval to disable database cleanup. </p>
+
+<p> After each database cleanup run, the <a href="verify.8.html">verify(8)</a> daemon logs the
+number of entries that were retained and dropped. A cleanup run is
+logged as "partial" when the daemon terminates early after "<b>postfix
+reload</b>", "<b>postfix stop</b>", or no requests for $<a href="postconf.5.html#max_idle">max_idle</a>
+seconds. </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). </p>
+
+<p> This feature is available in Postfix 2.7. </p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_default_transport">address_verify_default_transport</a>
+(default: $<a href="postconf.5.html#default_transport">default_transport</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting for address
+verification probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_local_transport">address_verify_local_transport</a>
+(default: $<a href="postconf.5.html#local_transport">local_transport</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for address
+verification probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_map">address_verify_map</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Lookup table for persistent address verification status
+storage.  The table is maintained by the <a href="verify.8.html">verify(8)</a> service, and
+is opened before the process releases privileges.
+</p>
+
+<p>
+The lookup table is persistent by default (Postfix 2.7 and later).
+Specify an empty table name to keep the information in volatile
+memory which is lost after "<b>postfix reload</b>" or "<b>postfix
+stop</b>". This is the default with Postfix version 2.6 and earlier.
+</p>
+
+<p>
+Specify a location in a file system that will not fill up. If the
+database becomes corrupted, the world comes to an end. To recover
+delete (NOT: truncate) the file and do "<b>postfix reload</b>".
+</p>
+
+<p> Postfix daemon processes do not use root privileges when opening
+this file (Postfix 2.5 and later).  The file must therefore be
+stored under a Postfix-owned directory such as the <a href="postconf.5.html#data_directory">data_directory</a>.
+As a migration aid, an attempt to open the file under a non-Postfix
+directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a
+warning is logged. </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#address_verify_map">address_verify_map</a> = <a href="DATABASE_README.html#types">hash</a>:/var/lib/postfix/verify
+<a href="postconf.5.html#address_verify_map">address_verify_map</a> = <a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/verify
+</pre>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_negative_cache">address_verify_negative_cache</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Enable caching of failed address verification probe results.  When
+this feature is enabled, the cache may pollute quickly with garbage.
+When this feature is disabled, Postfix will generate an address
+probe for every lookup.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_negative_expire_time">address_verify_negative_expire_time</a>
+(default: 3d)</b></DT><DD>
+
+<p>
+The time after which a failed probe expires from the address
+verification cache.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_negative_refresh_time">address_verify_negative_refresh_time</a>
+(default: 3h)</b></DT><DD>
+
+<p>
+The time after which a failed address verification probe needs to
+be refreshed.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_pending_request_limit">address_verify_pending_request_limit</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> A safety limit that prevents address verification requests from
+overwhelming the Postfix queue. By default, the number of pending
+requests is limited to 1/4 of the <a href="QSHAPE_README.html#active_queue">active queue</a> maximum size
+(<a href="postconf.5.html#qmgr_message_active_limit">qmgr_message_active_limit</a>). The queue manager enforces the limit
+by tempfailing requests that exceed the limit. This affects only
+unknown addresses and inactive addresses that have expired, because
+the <a href="verify.8.html">verify(8)</a> daemon automatically refreshes an active address
+before it expires. </p>
+
+<p> This feature is available in Postfix 3.1 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_poll_count">address_verify_poll_count</a>
+(default: normal: 3, overload: 1)</b></DT><DD>
+
+<p>
+How many times to query the <a href="verify.8.html">verify(8)</a> service for the completion
+of an address verification request in progress.
+</p>
+
+<p> By default, the Postfix SMTP server polls the <a href="verify.8.html">verify(8)</a> service
+up to three times under non-overload conditions, and only once when
+under overload.  With Postfix version 2.5 and earlier, the SMTP
+server always polls the <a href="verify.8.html">verify(8)</a> service up to three times by
+default.  </p>
+
+<p>
+Specify 1 to implement a crude form of greylisting, that is, always
+defer the first delivery request for a new address.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+# Postfix &le; 2.6 default
+<a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = 3
+# Poor man's greylisting
+<a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = 1
+</pre>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_poll_delay">address_verify_poll_delay</a>
+(default: 3s)</b></DT><DD>
+
+<p>
+The delay between queries for the completion of an address
+verification request in progress.
+</p>
+
+<p>
+The default polling delay is 3 seconds.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_positive_expire_time">address_verify_positive_expire_time</a>
+(default: 31d)</b></DT><DD>
+
+<p>
+The time after which a successful probe expires from the address
+verification cache.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_positive_refresh_time">address_verify_positive_refresh_time</a>
+(default: 7d)</b></DT><DD>
+
+<p>
+The time after which a successful address verification probe needs
+to be refreshed.  The address verification status is not updated
+when the probe fails (optimistic caching).
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_relay_transport">address_verify_relay_transport</a>
+(default: $<a href="postconf.5.html#relay_transport">relay_transport</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter setting for address
+verification probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_relayhost">address_verify_relayhost</a>
+(default: $<a href="postconf.5.html#relayhost">relayhost</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for address verification
+probes. This information can be overruled with the <a href="transport.5.html">transport(5)</a> table.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_sender">address_verify_sender</a>
+(default: $<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b></DT><DD>
+
+<p> The sender address to use in address verification probes; prior
+to Postfix 2.5 the default was "postmaster". To
+avoid problems with address probes that are sent in response to
+address probes, the Postfix SMTP server excludes the probe sender
+address from all SMTPD access blocks. </p>
+
+<p>
+Specify an empty value (<a href="postconf.5.html#address_verify_sender">address_verify_sender</a> =) or &lt;&gt; if you want
+to use the null sender address. Beware, some sites reject mail from
+&lt;&gt;, even though RFCs require that such addresses be accepted.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#address_verify_sender">address_verify_sender</a> = &lt;&gt;
+<a href="postconf.5.html#address_verify_sender">address_verify_sender</a> = postmaster@my.domain
+</pre>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_sender_dependent_default_transport_maps">address_verify_sender_dependent_default_transport_maps</a>
+(default: $<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>)</b></DT><DD>
+
+<p> Overrides the <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter
+setting for address verification probes.  </p>
+
+<p> This feature is available in Postfix 2.7 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_sender_dependent_relayhost_maps">address_verify_sender_dependent_relayhost_maps</a>
+(default: $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> parameter setting for address
+verification probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.3 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_sender_ttl">address_verify_sender_ttl</a>
+(default: 0s)</b></DT><DD>
+
+<p> The time between changes in the time-dependent portion of address
+verification probe sender addresses. The time-dependent portion is
+appended to the localpart of the address specified with the
+<a href="postconf.5.html#address_verify_sender">address_verify_sender</a> parameter. This feature is ignored when the
+probe sender addresses is the null sender, i.e. the <a href="postconf.5.html#address_verify_sender">address_verify_sender</a>
+value is empty or &lt;&gt;. </p>
+
+<p> Historically, the probe sender address was fixed. This has
+caused such addresses to end up on spammer mailing lists, and has
+resulted in wasted network and processing resources.  </p>
+
+<p> To enable time-dependent probe sender addresses, specify a
+non-zero time value (an integral value plus an optional one-letter
+suffix that specifies the time unit).  Specify a value of at least
+several hours, to avoid problems with senders that use greylisting.
+Avoid nice TTL values, to make the result less predictable.  Time
+units are: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+</p>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_service_name">address_verify_service_name</a>
+(default: verify)</b></DT><DD>
+
+<p>
+The name of the <a href="verify.8.html">verify(8)</a> address verification service. This service
+maintains the status of sender and/or recipient address verification
+probes, and generates probes on request by other Postfix processes.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_transport_maps">address_verify_transport_maps</a>
+(default: $<a href="postconf.5.html#transport_maps">transport_maps</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for address verification
+probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="address_verify_virtual_transport">address_verify_virtual_transport</a>
+(default: $<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b></DT><DD>
+
+<p>
+Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting for address
+verification probes.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="alias_database">alias_database</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The alias databases for <a href="local.8.html">local(8)</a> delivery that are updated with
+"<b>newaliases</b>" or with "<b>sendmail -bi</b>".
+</p>
+
+<p>
+This is a separate configuration parameter because not all the
+tables specified with $<a href="postconf.5.html#alias_maps">alias_maps</a> have to be local files.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#alias_database">alias_database</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/aliases
+<a href="postconf.5.html#alias_database">alias_database</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/mail/aliases
+</pre>
+
+
+</DD>
+
+<DT><b><a name="alias_maps">alias_maps</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The alias databases that are used for <a href="local.8.html">local(8)</a> delivery. See
+<a href="aliases.5.html">aliases(5)</a> for syntax details.
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+Note: these lookups are recursive.
+</p>
+
+<p>
+The default list is system dependent.  On systems with NIS, the
+default is to search the local alias database, then the NIS alias
+database.
+</p>
+
+<p>
+If you change the alias database, run "<b>postalias /etc/aliases</b>"
+(or wherever your system stores the mail alias file), or simply
+run "<b>newaliases</b>" to build the necessary DBM or DB file.
+</p>
+
+<p>
+The <a href="local.8.html">local(8)</a> delivery agent disallows regular expression substitution
+of $1 etc. in <a href="postconf.5.html#alias_maps">alias_maps</a>, because that would open a security hole.
+</p>
+
+<p>
+The <a href="local.8.html">local(8)</a> delivery agent will silently ignore requests to use
+the <a href="proxymap.8.html">proxymap(8)</a> server within <a href="postconf.5.html#alias_maps">alias_maps</a>. Instead it will open the
+table directly. Before Postfix version 2.2, the <a href="local.8.html">local(8)</a> delivery
+agent will terminate with a fatal error.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#alias_maps">alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/aliases, nis:mail.aliases
+<a href="postconf.5.html#alias_maps">alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/aliases
+</pre>
+
+
+</DD>
+
+<DT><b><a name="allow_mail_to_commands">allow_mail_to_commands</a>
+(default: alias, forward)</b></DT><DD>
+
+<p>
+Restrict <a href="local.8.html">local(8)</a> mail delivery to external commands.  The default
+is to disallow delivery to "|command" in :include:  files (see
+<a href="aliases.5.html">aliases(5)</a> for the text that defines this terminology).
+</p>
+
+<p>
+Specify zero or more of: <b>alias</b>, <b>forward</b> or <b>include</b>,
+in order to allow commands in <a href="aliases.5.html">aliases(5)</a>, .forward files or in
+:include:  files, respectively.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#allow_mail_to_commands">allow_mail_to_commands</a> = alias,forward,include
+</pre>
+
+
+</DD>
+
+<DT><b><a name="allow_mail_to_files">allow_mail_to_files</a>
+(default: alias, forward)</b></DT><DD>
+
+<p>
+Restrict <a href="local.8.html">local(8)</a> mail delivery to external files. The default is
+to disallow "/file/name" destinations in :include:  files (see
+<a href="aliases.5.html">aliases(5)</a> for the text that defines this terminology).
+</p>
+
+<p>
+Specify zero or more of: <b>alias</b>, <b>forward</b> or <b>include</b>,
+in order to allow "/file/name" destinations in <a href="aliases.5.html">aliases(5)</a>, .forward
+files and in :include:  files, respectively.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#allow_mail_to_files">allow_mail_to_files</a> = alias,forward,include
+</pre>
+
+
+</DD>
+
+<DT><b><a name="allow_min_user">allow_min_user</a>
+(default: no)</b></DT><DD>
+
+<p>
+Allow a sender or recipient address to have `-' as the first
+character.  By
+default, this is not allowed, to avoid accidents with software that
+passes email addresses via the command line. Such software
+would not be able to distinguish a malicious address from a
+bona fide command-line option. Although this can be prevented by
+inserting a "--" option terminator into the command line, this is
+difficult to enforce consistently and globally.  </p>
+
+<p> As of Postfix version 2.5, this feature is implemented by
+<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>.  With earlier versions this feature was implemented
+by <a href="qmgr.8.html">qmgr(8)</a> and was limited to recipient addresses only. </p>
+
+
+</DD>
+
+<DT><b><a name="allow_percent_hack">allow_percent_hack</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Enable the rewriting of the form "user%domain" to "user@domain".
+This is enabled by default.
+</p>
+
+<p> Note: as of Postfix version 2.2, message header address rewriting
+happens only when one of the following conditions is true: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a> = no
+</pre>
+
+
+</DD>
+
+<DT><b><a name="allow_untrusted_routing">allow_untrusted_routing</a>
+(default: no)</b></DT><DD>
+
+<p>
+Forward mail with sender-specified routing (user[@%!]remote[@%!]site)
+from untrusted clients to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
+</p>
+
+<p>
+By default, this feature is turned off.  This closes a nasty open
+relay loophole where a backup MX host can be tricked into forwarding
+junk mail to a primary MX host which then spams it out to the world.
+</p>
+
+<p>
+This parameter also controls if non-local addresses with sender-specified
+routing can match Postfix access tables. By default, such addresses
+cannot match Postfix access tables, because the address is ambiguous.
+</p>
+
+
+</DD>
+
+<DT><b><a name="alternate_config_directories">alternate_config_directories</a>
+(default: empty)</b></DT><DD>
+
+<p>
+A list of non-default Postfix configuration directories that may
+be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in the
+case of <a href="sendmail.1.html">sendmail(1)</a>, with the "-C" option), or via the MAIL_CONFIG
+environment parameter.
+</p>
+
+<p>
+This list must be specified in the default Postfix <a href="postconf.5.html">main.cf</a> file,
+and will be used by set-gid Postfix commands such as <a href="postqueue.1.html">postqueue(1)</a>
+and <a href="postdrop.1.html">postdrop(1)</a>.
+</p>
+
+<p>
+Specify absolute pathnames, separated by comma or space. Note: $name
+expansion is not supported.
+</p>
+
+
+</DD>
+
+<DT><b><a name="always_add_missing_headers">always_add_missing_headers</a>
+(default: no)</b></DT><DD>
+
+<p> Always add (Resent-) From:, To:, Date: or Message-ID: headers
+when not present.  Postfix 2.6 and later add these headers only
+when clients match the <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter
+setting.  Earlier Postfix versions always add these headers; this
+may break DKIM signatures that cover non-existent headers.
+The <a href="postconf.5.html#undisclosed_recipients_header">undisclosed_recipients_header</a> parameter setting determines
+whether a To: header will be added. </p>
+
+
+</DD>
+
+<DT><b><a name="always_bcc">always_bcc</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional address that receives a "blind carbon copy" of each message
+that is received by the Postfix mail system.
+</p>
+
+<p>
+Note: with Postfix 2.3 and later the BCC address is added as if it
+was specified with NOTIFY=NONE. The sender will not be notified
+when the BCC address is undeliverable, as long as all down-stream
+software implements <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a>.
+</p>
+
+<p>
+Note: with Postfix 2.2 and earlier the sender will be notified
+when the BCC address is undeliverable.
+</p>
+
+<p> Note: automatic BCC recipients are produced only for new mail.
+To avoid mailer loops, automatic BCC recipients are not generated
+after Postfix forwards mail internally, or after Postfix generates
+mail itself. </p>
+
+
+</DD>
+
+<DT><b><a name="anvil_rate_time_unit">anvil_rate_time_unit</a>
+(default: 60s)</b></DT><DD>
+
+<p>
+The time unit over which client connection rates and other rates
+are calculated.
+</p>
+
+<p>
+This feature is implemented by the <a href="anvil.8.html">anvil(8)</a> service which is available
+in Postfix version 2.2 and later.
+</p>
+
+<p>
+The default interval is relatively short. Because of the high
+frequency of updates, the <a href="anvil.8.html">anvil(8)</a> server uses volatile memory
+only. Thus, information is lost whenever the process terminates.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="anvil_status_update_time">anvil_status_update_time</a>
+(default: 600s)</b></DT><DD>
+
+<p>
+How frequently the <a href="anvil.8.html">anvil(8)</a> connection and rate limiting server
+logs peak usage information.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="append_at_myorigin">append_at_myorigin</a>
+(default: yes)</b></DT><DD>
+
+<p>
+With locally submitted mail, append the string "@$<a href="postconf.5.html#myorigin">myorigin</a>" to mail
+addresses without domain information. With remotely submitted mail,
+append the string "@$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a>" instead.
+</p>
+
+<p>
+Note 1: this feature is enabled by default and must not be turned off.
+Postfix does not support domain-less addresses.
+</p>
+
+<p> Note 2: with Postfix version 2.2, message header address rewriting
+happens only when one of the following conditions is true: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+
+</DD>
+
+<DT><b><a name="append_dot_mydomain">append_dot_mydomain</a>
+(default: Postfix &ge; 3.0: no, Postfix &lt; 3.0: yes)</b></DT><DD>
+
+<p>
+With locally submitted mail, append the string ".$<a href="postconf.5.html#mydomain">mydomain</a>" to
+addresses that have no ".domain" information. With remotely submitted
+mail, append the string ".$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a>"
+instead.
+</p>
+
+<p>
+Note 1: this feature is enabled by default. If disabled, users will not be
+able to send mail to "user@partialdomainname" but will have to
+specify full domain names instead.
+</p>
+
+<p> Note 2: with Postfix version 2.2, message header address rewriting
+happens only when one of the following conditions is true: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+
+</DD>
+
+<DT><b><a name="application_event_drain_time">application_event_drain_time</a>
+(default: 100s)</b></DT><DD>
+
+<p>
+How long the <a href="postkick.1.html">postkick(1)</a> command waits for a request to enter the
+Postfix daemon process input buffer before giving up.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="authorized_flush_users">authorized_flush_users</a>
+(default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
+
+<p>
+List of users who are authorized to flush the queue.
+</p>
+
+<p>
+By default, all users are allowed to flush the queue.  Access is
+always granted if the invoking user is the super-user or the
+$<a href="postconf.5.html#mail_owner">mail_owner</a> user.  Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list.  The username
+"unknown" is used for processes whose real UID is not found in the
+password file.  </p>
+
+<p>
+Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
+separated by commas and/or whitespace. The list is matched left to
+right, and the search stops on the first match. A "/file/name"
+pattern is replaced
+by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name
+matches a lookup key (the lookup result is ignored).  Continue long
+lines by starting the next line with whitespace. Specify "!pattern"
+to exclude a name from the list. The form "!/file/name" is supported
+only in Postfix version 2.4 and later.  </p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="authorized_mailq_users">authorized_mailq_users</a>
+(default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
+
+<p>
+List of users who are authorized to view the queue.
+</p>
+
+<p>
+By default, all users are allowed to view the queue.  Access is
+always granted if the invoking user is the super-user or the
+$<a href="postconf.5.html#mail_owner">mail_owner</a> user.  Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list.  The username
+"unknown" is used for processes whose real UID is not found in the
+password file.  </p>
+
+<p>
+Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
+separated by commas and/or whitespace. The list is matched left to
+right, and the search stops on the first match. A "/file/name"
+pattern is replaced
+by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name
+matches a lookup key (the lookup result is ignored).  Continue long
+lines by starting the next line with whitespace. Specify "!pattern"
+to exclude a user name from the list. The form "!/file/name" is
+supported only in Postfix version 2.4 and later.  </p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="authorized_submit_users">authorized_submit_users</a>
+(default: <a href="DATABASE_README.html#types">static</a>:anyone)</b></DT><DD>
+
+<p>
+List of users who are authorized to submit mail with the <a href="sendmail.1.html">sendmail(1)</a>
+command (and with the privileged <a href="postdrop.1.html">postdrop(1)</a> helper command).
+</p>
+
+<p>
+By default, all users are allowed to submit mail.  Otherwise, the
+real UID of the process is looked up in the system password file,
+and access is granted only if the corresponding login name is on
+the access list.  The username "unknown" is used for processes
+whose real UID is not found in the password file. To deny mail
+submission access to all users specify an empty list.  </p>
+
+<p>
+Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
+separated by commas and/or whitespace. The list is matched left to right,
+and the search stops on the first match. A "/file/name" pattern is
+replaced by its contents;
+a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name matches a lookup key
+(the lookup result is ignored).  Continue long lines by starting the
+next line with whitespace. Specify "!pattern" to exclude a user
+name from the list. The form "!/file/name" is supported only in
+Postfix version 2.4 and later.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> = !www, <a href="DATABASE_README.html#types">static</a>:all
+</pre>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="authorized_verp_clients">authorized_verp_clients</a>
+(default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
+
+<p> What remote SMTP clients are allowed to specify the XVERP command.
+This command requests that mail be delivered one recipient at a
+time with a per recipient return address.  </p>
+
+<p> By default, only trusted clients are allowed to specify XVERP.
+</p>
+
+<p> This parameter was introduced with Postfix version 1.1.  Postfix
+version 2.1 renamed this parameter to <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a>
+and changed the default to none. </p>
+
+<p> Specify a list of network/netmask patterns, separated by commas
+and/or whitespace. The mask specifies the number of bits in the
+network part of a host address. You can also specify hostnames or
+.domain names (the initial dot causes the domain to match any name
+below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
+pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
+is matched when a table entry matches a lookup string (the lookup
+result is ignored).  Continue long lines by starting the next line
+with whitespace. Specify "!pattern" to exclude an address or network
+block from the list. The form "!/file/name" is supported only in
+Postfix version 2.4 and later. </p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> value, and in files
+specified with "/file/name".  IP version 6 addresses contain the
+":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern.  </p>
+
+
+</DD>
+
+<DT><b><a name="backwards_bounce_logfile_compatibility">backwards_bounce_logfile_compatibility</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Produce additional <a href="bounce.8.html">bounce(8)</a> logfile records that can be read by
+Postfix versions before 2.0. The current and more extensible "name =
+value" format is needed in order to implement more sophisticated
+functionality.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="berkeley_db_create_buffer_size">berkeley_db_create_buffer_size</a>
+(default: 16777216)</b></DT><DD>
+
+<p>
+The per-table I/O buffer size for programs that create Berkeley DB
+hash or btree tables.  Specify a byte count.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="berkeley_db_read_buffer_size">berkeley_db_read_buffer_size</a>
+(default: 131072)</b></DT><DD>
+
+<p>
+The per-table I/O buffer size for programs that read Berkeley DB
+hash or btree tables.  Specify a byte count.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="best_mx_transport">best_mx_transport</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Where the Postfix SMTP client should deliver mail when it detects
+a "mail loops back to myself" error condition. This happens when
+the local MTA is the best SMTP mail exchanger for a destination
+not listed in $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
+$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.  By default,
+the Postfix SMTP client returns such mail as undeliverable.
+</p>
+
+<p>
+Specify, for example, "<a href="postconf.5.html#best_mx_transport">best_mx_transport</a> = local" to pass the mail
+from the Postfix SMTP client to the <a href="local.8.html">local(8)</a> delivery agent. You
+can specify
+any message delivery "transport" or "transport:nexthop" that is
+defined in the <a href="master.5.html">master.cf</a> file. See the <a href="transport.5.html">transport(5)</a> manual page
+for the syntax and meaning of "transport" or "transport:nexthop".
+</p>
+
+<p>
+However, this feature is expensive because it ties up a Postfix
+SMTP client process while the <a href="local.8.html">local(8)</a> delivery agent is doing its
+work. It is more efficient (for Postfix) to list all <a href="VIRTUAL_README.html#canonical">hosted domains</a>
+in a table or database.
+</p>
+
+
+</DD>
+
+<DT><b><a name="biff">biff</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Whether or not to use the local <a href="postconf.5.html#biff">biff</a> service.  This service sends
+"new mail" notifications to users who have requested new mail
+notification with the UNIX command "<a href="postconf.5.html#biff">biff</a> y".
+</p>
+
+<p>
+For compatibility reasons this feature is on by default.  On systems
+with lots of interactive users, the <a href="postconf.5.html#biff">biff</a> service can be a performance
+drain.  Specify "<a href="postconf.5.html#biff">biff</a> = no" in <a href="postconf.5.html">main.cf</a> to disable.
+</p>
+
+
+</DD>
+
+<DT><b><a name="body_checks">body_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables for content inspection as specified in
+the <a href="header_checks.5.html">body_checks(5)</a> manual page.  </p>
+
+<p> Note: with Postfix versions before 2.0, these rules inspect
+all content after the primary message headers. </p>
+
+
+</DD>
+
+<DT><b><a name="body_checks_size_limit">body_checks_size_limit</a>
+(default: 51200)</b></DT><DD>
+
+<p>
+How much text in a message body segment (or attachment, if you
+prefer to use that term) is subjected to <a href="postconf.5.html#body_checks">body_checks</a> inspection.
+The amount of text is limited to avoid scanning huge attachments.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="bounce_notice_recipient">bounce_notice_recipient</a>
+(default: postmaster)</b></DT><DD>
+
+<p>
+The recipient of postmaster notifications with the message headers
+of mail that Postfix did not deliver and of SMTP conversation
+transcripts of mail that Postfix did not receive.  This feature is
+enabled with the <a href="postconf.5.html#notify_classes">notify_classes</a> parameter.  </p>
+
+
+</DD>
+
+<DT><b><a name="bounce_queue_lifetime">bounce_queue_lifetime</a>
+(default: 5d)</b></DT><DD>
+
+<p>
+Consider a bounce message as undeliverable, when delivery fails
+with a temporary error, and the time in the queue has reached the
+<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a> limit.  By default, this limit is the same
+as for regular mail.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is d (days).
+</p>
+
+<p>
+Specify 0 when mail delivery should be tried only once.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="bounce_service_name">bounce_service_name</a>
+(default: bounce)</b></DT><DD>
+
+<p>
+The name of the <a href="bounce.8.html">bounce(8)</a> service. This service maintains a record
+of failed delivery attempts and generates non-delivery notifications.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="bounce_size_limit">bounce_size_limit</a>
+(default: 50000)</b></DT><DD>
+
+<p> The maximal amount of original message text that is sent in a
+non-delivery notification. Specify a byte count.  A message is
+returned as either message/rfc822 (the complete original) or as
+text/rfc822-headers (the headers only).  With Postfix version 2.4
+and earlier, a message is always returned as message/rfc822 and is
+truncated when it exceeds the size limit.
+</p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> If you increase this limit, then you should increase the
+<a href="postconf.5.html#mime_nesting_limit">mime_nesting_limit</a> value proportionally.  </p>
+
+<li> <p> Be careful when making changes.  Excessively large values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds a local or remote MTA's message size limit.
+</p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="bounce_template_file">bounce_template_file</a>
+(default: empty)</b></DT><DD>
+
+<p> Pathname of a configuration file with bounce message templates.
+These override the built-in templates of delivery status notification
+(DSN) messages for undeliverable mail, for delayed mail, successful
+delivery, or delivery verification. The <a href="bounce.5.html">bounce(5)</a> manual page
+describes how to edit and test template files.  </p>
+
+<p> Template message body text may contain $name references to
+Postfix configuration parameters. The result of $name expansion can
+be previewed with "<b>postconf -b <i>file_name</i></b>" before the file
+is placed into the Postfix configuration directory.  </p>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="broken_sasl_auth_clients">broken_sasl_auth_clients</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable interoperability with remote SMTP clients that implement an obsolete
+version of the AUTH command (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>). Examples of such clients
+are MicroSoft Outlook Express version 4 and MicroSoft Exchange
+version 5.0.
+</p>
+
+<p>
+Specify "<a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> = yes" to have Postfix advertise
+AUTH support in a non-standard way.
+</p>
+
+
+</DD>
+
+<DT><b><a name="canonical_classes">canonical_classes</a>
+(default: envelope_sender, envelope_recipient, header_sender, header_recipient)</b></DT><DD>
+
+<p> What addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a> address mapping.
+By default, <a href="postconf.5.html#canonical_maps">canonical_maps</a> address mapping is applied to envelope
+sender and recipient addresses, and to header sender and header
+recipient addresses.  </p>
+
+<p> Specify one or more of: envelope_sender, envelope_recipient,
+header_sender, header_recipient </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="canonical_maps">canonical_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional address mapping lookup tables for message headers and
+envelopes. The mapping is applied to both sender and recipient
+addresses, in both envelopes and in headers, as controlled
+with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> parameter. This is typically used
+to clean up dirty addresses from legacy mail systems, or to replace
+login names by Firstname.Lastname.  The table format and lookups
+are documented in <a href="canonical.5.html">canonical(5)</a>. For an overview of Postfix address
+manipulations see the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+Note: these lookups are recursive.
+</p>
+
+<p>
+If you use this feature, run "<b>postmap /etc/postfix/canonical</b>" to
+build the necessary DBM or DB file after every change. The changes
+will become visible after a minute or so.  Use "<b>postfix reload</b>"
+to eliminate the delay.
+</p>
+
+<p> Note: with Postfix version 2.2, message header address mapping
+happens only when message header address rewriting is enabled: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#canonical_maps">canonical_maps</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/postfix/canonical
+<a href="postconf.5.html#canonical_maps">canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/canonical
+</pre>
+
+
+</DD>
+
+<DT><b><a name="cleanup_service_name">cleanup_service_name</a>
+(default: cleanup)</b></DT><DD>
+
+<p>
+The name of the <a href="cleanup.8.html">cleanup(8)</a> service. This service rewrites addresses
+into the standard form, and performs <a href="canonical.5.html">canonical(5)</a> address mapping
+and <a href="virtual.5.html">virtual(5)</a> aliasing.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="command_directory">command_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The location of all postfix administrative commands.
+</p>
+
+
+</DD>
+
+<DT><b><a name="command_execution_directory">command_execution_directory</a>
+(default: empty)</b></DT><DD>
+
+<p> The <a href="local.8.html">local(8)</a> delivery agent working directory for delivery to
+external command.  Failure to change directory causes the delivery
+to be deferred. </p>
+
+<p> The following $name expansions are done on <a href="postconf.5.html#command_execution_directory">command_execution_directory</a>
+before the directory is changed. Expansion happens in the context
+of the delivery request.  The result of $name expansion is filtered
+with the character set that is specified with the
+<a href="postconf.5.html#execution_directory_expansion_filter">execution_directory_expansion_filter</a> parameter.  </p>
+
+<dl>
+
+<dt><b>$user</b></dt>
+
+<dd>The recipient's username. </dd>
+
+<dt><b>$shell</b></dt>
+
+<dd>The recipient's login shell pathname. </dd>
+
+<dt><b>$home</b></dt>
+
+<dd>The recipient's home directory. </dd>
+
+<dt><b>$recipient</b></dt>
+
+<dd>The full recipient address. </dd>
+
+<dt><b>$extension</b></dt>
+
+<dd>The optional recipient address extension. </dd>
+
+<dt><b>$domain</b></dt>
+
+<dd>The recipient domain. </dd>
+
+<dt><b>$local</b></dt>
+
+<dd>The entire recipient localpart. </dd>
+
+<dt><b>$<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a></b></dt>
+
+<dd>The address extension delimiter that was found in the recipient
+address (Postfix 2.11 and later), or the system-wide recipient
+address extension delimiter (Postfix 2.10 and earlier). </dd>
+
+<dt><b>${name?value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> is non-empty. </dd>
+
+<dt><b>${name:value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> is empty. </dd>
+
+</dl>
+
+<p>
+Instead of $name you can also specify ${name} or $(name).
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="command_expansion_filter">command_expansion_filter</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Restrict the characters that the <a href="local.8.html">local(8)</a> delivery agent allows in
+$name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a> and $<a href="postconf.5.html#command_execution_directory">command_execution_directory</a>.
+Characters outside the
+allowed set are replaced by underscores.
+</p>
+
+
+</DD>
+
+<DT><b><a name="command_time_limit">command_time_limit</a>
+(default: 1000s)</b></DT><DD>
+
+<p>
+Time limit for delivery to external commands. This limit is used
+by the <a href="local.8.html">local(8)</a> delivery agent, and is the default time limit for
+delivery by the <a href="pipe.8.html">pipe(8)</a> delivery agent.
+</p>
+
+<p>
+Note: if you set this time limit to a large value you must update the
+global <a href="postconf.5.html#ipc_timeout">ipc_timeout</a> parameter as well.
+</p>
+
+
+</DD>
+
+<DT><b><a name="compatibility_level">compatibility_level</a>
+(default: 0)</b></DT><DD>
+
+<p> A safety net that causes Postfix to run with backwards-compatible
+default settings after an upgrade to a newer Postfix version. </p>
+
+<p> With backwards compatibility turned on (the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#compatibility_level">compatibility_level</a>
+value is less than the Postfix built-in value), Postfix looks for
+settings that are left at their implicit default value, and logs a
+message when a backwards-compatible default setting is required.
+</p>
+
+<blockquote>
+<pre>
+using backwards-compatible default setting <i>name=value</i>
+    to [accept a specific client request]
+
+using backwards-compatible default setting <i>name=value</i>
+    to [enable specific Postfix behavior]
+</pre>
+</blockquote>
+
+<p> See <a href="COMPATIBILITY_README.html">COMPATIBILITY_README</a> for specific message details. If such
+a message is logged in the context of a legitimate request, the
+system administrator should make the backwards-compatible setting
+permanent in <a href="postconf.5.html">main.cf</a> or <a href="master.5.html">master.cf</a>, for example: </p>
+
+<blockquote>
+<pre>
+# <b>postconf</b> <i>name=value</i>
+# <b>postfix reload</b>
+</pre>
+</blockquote>
+
+<p> When no more backwards-compatible settings need to be made
+permanent, the administrator should turn off backwards compatibility
+by updating the <a href="postconf.5.html#compatibility_level">compatibility_level</a> setting in <a href="postconf.5.html">main.cf</a>:</p>
+
+<blockquote>
+<pre>
+# <b>postconf <a href="postconf.5.html#compatibility_level">compatibility_level</a>=<i>N</i></b>
+# <b>postfix reload</b>
+</pre>
+</blockquote>
+
+<p> For <i>N</i> specify the number that is logged in your <a href="postfix.1.html">postfix(1)</a>
+warning message: </p>
+
+<blockquote>
+<pre>
+warning: To disable backwards compatibility use "postconf
+    <a href="postconf.5.html#compatibility_level">compatibility_level</a>=<i>N</i>" and "postfix reload"
+</pre>
+</blockquote>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="config_directory">config_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a>
+configuration files. This can be overruled via the following
+mechanisms: </p>
+
+<ul>
+
+<li> <p> The MAIL_CONFIG environment variable (daemon processes
+and commands). </p>
+
+<li> <p> The "-c" command-line option (commands only). </p>
+
+</ul>
+
+<p> With Postfix command that run with set-gid privileges, a
+<a href="postconf.5.html#config_directory">config_directory</a> override requires either root privileges, or it
+requires that the directory is listed with the <a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a>
+parameter in the default <a href="postconf.5.html">main.cf</a> file.  </p>
+
+
+</DD>
+
+<DT><b><a name="confirm_delay_cleared">confirm_delay_cleared</a>
+(default: no)</b></DT><DD>
+
+<p> After sending a "your message is delayed" notification, inform
+the sender when the delay clears up. This can result in a sudden
+burst of notifications at the end of a prolonged network outage,
+and is therefore disabled by default. </p>
+
+<p> See also: <a href="postconf.5.html#delay_warning_time">delay_warning_time</a>. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_protocol_timeout">connection_cache_protocol_timeout</a>
+(default: 5s)</b></DT><DD>
+
+<p> Time limit for connection cache connect, send or receive
+operations.  The time limit is enforced in the client. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_service_name">connection_cache_service_name</a>
+(default: scache)</b></DT><DD>
+
+<p> The name of the <a href="scache.8.html">scache(8)</a> connection cache service.  This service
+maintains a limited pool of cached sessions.  </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_status_update_time">connection_cache_status_update_time</a>
+(default: 600s)</b></DT><DD>
+
+<p> How frequently the <a href="scache.8.html">scache(8)</a> server logs usage statistics with
+connection cache hit and miss rates for logical destinations and for
+physical endpoints. </p>
+
+
+</DD>
+
+<DT><b><a name="connection_cache_ttl_limit">connection_cache_ttl_limit</a>
+(default: 2s)</b></DT><DD>
+
+<p> The maximal time-to-live value that the <a href="scache.8.html">scache(8)</a> connection
+cache server
+allows. Requests that specify a larger TTL will be stored with the
+maximum allowed TTL. The purpose of this additional control is to
+protect the infrastructure against careless people. The cache TTL
+is already bounded by $<a href="postconf.5.html#max_idle">max_idle</a>.  </p>
+
+
+</DD>
+
+<DT><b><a name="content_filter">content_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> After the message is queued, send the entire message to the
+specified <i>transport:destination</i>. The <i>transport</i> name
+specifies the first field of a mail delivery agent definition in
+<a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>destination</i> is described
+in the manual page of the corresponding delivery agent.  More
+information about external content filters is in the Postfix
+<a href="FILTER_README.html">FILTER_README</a> file.  </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> This setting has lower precedence than a FILTER action
+that is specified in an <a href="access.5.html">access(5)</a>, <a href="header_checks.5.html">header_checks(5)</a> or <a href="header_checks.5.html">body_checks(5)</a>
+table. </p>
+
+<li> <p> The meaning of an empty next-hop filter <i>destination</i>
+is version dependent.  Postfix 2.7 and later will use the recipient
+domain; earlier versions will use $<a href="postconf.5.html#myhostname">myhostname</a>.  Specify
+"<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> = $<a href="postconf.5.html#myhostname">myhostname</a>" for compatibility with Postfix
+2.6 or earlier, or specify a <a href="postconf.5.html#content_filter">content_filter</a> value with an explicit
+next-hop <i>destination</i>.  </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="cyrus_sasl_config_path">cyrus_sasl_config_path</a>
+(default: empty)</b></DT><DD>
+
+<p> Search path for Cyrus SASL application configuration files,
+currently used only to locate the $<a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.conf file.
+Specify zero or more directories separated by a colon character,
+or an empty value to use Cyrus SASL's built-in search path.  </p>
+
+<p> This feature is available in Postfix 2.5 and later when compiled
+with Cyrus SASL 2.1.22 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="daemon_directory">daemon_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The directory with Postfix support programs and daemon programs.
+These should not be invoked directly by humans. The directory must
+be owned by root.
+</p>
+
+
+</DD>
+
+<DT><b><a name="daemon_table_open_error_is_fatal">daemon_table_open_error_is_fatal</a>
+(default: no)</b></DT><DD>
+
+<p> How a Postfix daemon process handles errors while opening lookup
+tables: gradual degradation or immediate termination. </p>
+
+<dl>
+
+<dt> <b> no </b> (default) </dt> <dd> <p> Gradual degradation: a
+daemon process logs a message of type "error" and continues execution
+with reduced functionality. Features that do not depend on the
+unavailable table will work normally, while features that depend
+on the table will result in a type "warning" message.  <br> When
+the <a href="postconf.5.html#notify_classes">notify_classes</a> parameter value contains the "data" class, the
+Postfix SMTP server and client will report transcripts of sessions
+with an error because a table is unavailable.  </p> </dd>
+
+<dt> <b> yes </b> (historical behavior) </dt> <dd> <p> Immediate
+termination: a daemon process logs a type "fatal" message and
+terminates immediately.  This option reduces the number of possible
+code paths through Postfix, and may therefore be slightly more
+secure than the default.  </p> </dd>
+
+</dl>
+
+<p> For the sake of sanity, the number of type "error" messages is
+limited to 13 over the lifetime of a daemon process. </p>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="daemon_timeout">daemon_timeout</a>
+(default: 18000s)</b></DT><DD>
+
+<p> How much time a Postfix daemon process may take to handle a
+request before it is terminated by a built-in watchdog timer.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="data_directory">data_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The directory with Postfix-writable data files (for example:
+caches, pseudo-random numbers).  This directory must be owned by
+the <a href="postconf.5.html#mail_owner">mail_owner</a> account, and must not be shared with non-Postfix
+software.  </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="debug_peer_level">debug_peer_level</a>
+(default: 2)</b></DT><DD>
+
+<p> The increment in verbose logging level when a remote client or
+server matches a pattern in the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.  </p>
+
+
+</DD>
+
+<DT><b><a name="debug_peer_list">debug_peer_list</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional list of remote client or server hostname or network
+address patterns that cause the verbose logging level to increase
+by the amount specified in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.  </p>
+
+<p> Specify domain names, network/netmask patterns, "/file/name"
+patterns or "<a href="DATABASE_README.html">type:table</a>" lookup tables. The right-hand side result
+from "<a href="DATABASE_README.html">type:table</a>" lookups is ignored.  </p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#debug_peer_list">debug_peer_list</a>" in the <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+parameter value.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = 127.0.0.1
+<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> = example.com
+</pre>
+
+
+</DD>
+
+<DT><b><a name="debugger_command">debugger_command</a>
+(default: empty)</b></DT><DD>
+
+<p>
+The external command to execute when a Postfix daemon program is
+invoked with the -D option.
+</p>
+
+<p>
+Use "command .. &amp; sleep 5" so that the debugger can attach before
+the process marches on. If you use an X-based debugger, be sure to
+set up your XAUTHORITY environment variable before starting Postfix.
+</p>
+
+<p>
+Note: the command is subject to $name expansion, before it is
+passed to the default command interpreter. Specify "$$" to
+produce a single "$" character.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#debugger_command">debugger_command</a> =
+    PATH=/usr/bin:/usr/X11R6/bin
+    ddd $<a href="postconf.5.html#daemon_directory">daemon_directory</a>/$<a href="postconf.5.html#process_name">process_name</a> $<a href="postconf.5.html#process_id">process_id</a> &amp; sleep 5
+</pre>
+
+
+</DD>
+
+<DT><b><a name="default_database_type">default_database_type</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The default database type for use in <a href="newaliases.1.html">newaliases(1)</a>, <a href="postalias.1.html">postalias(1)</a>
+and <a href="postmap.1.html">postmap(1)</a> commands. On many UNIX systems the default type is
+either <b>dbm</b> or <b>hash</b>. The default setting is frozen
+when the Postfix system is built.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#default_database_type">default_database_type</a> = hash
+<a href="postconf.5.html#default_database_type">default_database_type</a> = dbm
+</pre>
+
+
+</DD>
+
+<DT><b><a name="default_delivery_slot_cost">default_delivery_slot_cost</a>
+(default: 5)</b></DT><DD>
+
+<p>
+How often the Postfix queue manager's scheduler is allowed to
+preempt delivery of one message with another.
+</p>
+
+<p>
+Each transport maintains a so-called "available delivery slot counter"
+for each message. One message can be preempted by another one when
+the other message can be delivered using no more delivery slots
+(i.e., invocations of delivery agents) than the current message
+counter has accumulated (or will eventually accumulate - see about
+slot loans below). This parameter controls how often is the counter
+incremented - it happens after each <a href="postconf.5.html#default_delivery_slot_cost">default_delivery_slot_cost</a>
+recipients have been delivered.
+</p>
+
+<p>
+The cost of 0 is used to disable the preempting scheduling completely.
+The minimum value the scheduling algorithm can use is 2 - use it
+if you want to maximize the message throughput rate. Although there
+is no maximum, it doesn't make much sense to use values above say
+50.
+</p>
+
+<p>
+The only reason why the value of 2 is not the default is the way
+this parameter affects the delivery of mailing-list mail. In the
+worst case, their delivery can take somewhere between (cost+1/cost)
+and (cost/cost-1) times more than if the preemptive scheduler was
+disabled. The default value of 5 turns out to provide reasonable
+message response times while making sure the mailing-list deliveries
+are not extended by more than 20-25 percent even in the worst case.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_delivery_slot_cost"><i>transport</i>_delivery_slot_cost</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#default_delivery_slot_cost">default_delivery_slot_cost</a> = 0
+<a href="postconf.5.html#default_delivery_slot_cost">default_delivery_slot_cost</a> = 2
+</pre>
+
+
+</DD>
+
+<DT><b><a name="default_delivery_slot_discount">default_delivery_slot_discount</a>
+(default: 50)</b></DT><DD>
+
+<p>
+The default value for transport-specific _delivery_slot_discount
+settings.
+</p>
+
+<p>
+This parameter speeds up the moment when a message preemption can
+happen. Instead of waiting until the full amount of delivery slots
+required is available, the preemption can happen when
+transport_delivery_slot_discount percent of the required amount
+plus transport_delivery_slot_loan still remains to be accumulated.
+Note that the full amount will still have to be accumulated before
+another preemption can take place later.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_delivery_slot_discount"><i>transport</i>_delivery_slot_discount</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_delivery_slot_loan">default_delivery_slot_loan</a>
+(default: 3)</b></DT><DD>
+
+<p>
+The default value for transport-specific _delivery_slot_loan
+settings.
+</p>
+
+<p>
+This parameter speeds up the moment when a message preemption can
+happen. Instead of waiting until the full amount of delivery slots
+required is available, the preemption can happen when
+transport_delivery_slot_discount percent of the required amount
+plus transport_delivery_slot_loan still remains to be accumulated.
+Note that the full amount will still have to be accumulated before
+another preemption can take place later.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_delivery_slot_loan"><i>transport</i>_delivery_slot_loan</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_delivery_status_filter">default_delivery_status_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional filter to replace the delivery status code or explanatory
+text of successful or unsuccessful deliveries.  This does not allow
+the replacement of a successful status code (2.X.X) with an
+unsuccessful status code (4.X.X or 5.X.X) or vice versa.  </p>
+
+<p> Note: the (smtp|lmtp)_delivery_status_filter is applied only
+once per recipient: when delivery is successful, when delivery is
+rejected with 5XX, or when there are no more alternate MX or A
+destinations. Use <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> or <a href="postconf.5.html#lmtp_reply_filter">lmtp_reply_filter</a> to inspect
+responses for all delivery attempts. </p>
+
+<p> The following parameters can be used to implement a filter for
+specific delivery agents: <a href="postconf.5.html#lmtp_delivery_status_filter">lmtp_delivery_status_filter</a>,
+<a href="postconf.5.html#local_delivery_status_filter">local_delivery_status_filter</a>, <a href="postconf.5.html#pipe_delivery_status_filter">pipe_delivery_status_filter</a>,
+<a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> or <a href="postconf.5.html#virtual_delivery_status_filter">virtual_delivery_status_filter</a>. These
+parameters support the same filter syntax as described here. </p>
+
+<p> Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup table names, separated
+by comma or whitespace. For each successful or unsuccessful delivery
+to a recipient, the tables are queried in the specified order with
+one line of text that is structured as follows: </p>
+
+<blockquote>
+enhanced-status-code SPACE explanatory-text
+</blockquote>
+
+<p> The first table match wins. The lookup result must have the
+same structure as the query, a successful status code (2.X.X) must
+be replaced with a successful status code, an unsuccessful status
+code (4.X.X or 5.X.X) must be replaced with an unsuccessful status
+code, and the explanatory text field must be non-empty. Other results
+will result in a warning.  </p>
+
+<p> Example 1: convert specific soft TLS errors into hard errors,
+by overriding the first number in the enhanced status code.  </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_dsn_filter
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+/etc/postfix/smtp_dsn_filter:
+    /^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
+        5$1
+    /^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
+        5$1
+    # Do not change the following into hard bounces. They may
+    # result from a local configuration problem.
+    # 4.\d+.\d+ TLS is required, but our TLS engine is unavailable
+    # 4.\d+.\d+ TLS is required, but unavailable
+    # 4.\d+.\d+ Cannot start TLS: handshake failure
+</pre>
+</blockquote>
+
+<p> Example 2: censor the per-recipient delivery status text so
+that it does not reveal the destination command or filename
+when a remote sender requests confirmation of successful delivery.
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#local_delivery_status_filter">local_delivery_status_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/local_dsn_filter
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+/etc/postfix/local_dsn_filter:
+    /^(2\S+ delivered to file).+/    $1
+    /^(2\S+ delivered to command).+/ $1
+</pre>
+</blockquote>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> This feature will NOT override the <a href="postconf.5.html#soft_bounce">soft_bounce</a> safety net. </p>
+
+<li> <p> This feature will change the enhanced status code and text
+that is logged to the maillog file, and that is reported to the
+sender in delivery confirmation or non-delivery notifications.
+</p>
+
+</ul>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_concurrency_failed_cohort_limit">default_destination_concurrency_failed_cohort_limit</a>
+(default: 1)</b></DT><DD>
+
+<p> How many pseudo-cohorts must suffer connection or handshake
+failure before a specific destination is considered unavailable
+(and further delivery is suspended). Specify zero to disable this
+feature. A destination's pseudo-cohort failure count is reset each
+time a delivery completes without connection or handshake failure
+for that specific destination. </p>
+
+<p> A pseudo-cohort is the number of deliveries equal to a destination's
+delivery concurrency. </p>
+
+<p> Use <a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a> to specify
+a transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport. </p>
+
+<p> This feature is available in Postfix 2.5. The default setting
+is compatible with earlier Postfix versions. </p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_concurrency_limit">default_destination_concurrency_limit</a>
+(default: 20)</b></DT><DD>
+
+<p>
+The default maximal number of parallel deliveries to the same
+destination.  This is the default limit for delivery via the <a href="lmtp.8.html">lmtp(8)</a>,
+<a href="pipe.8.html">pipe(8)</a>, <a href="smtp.8.html">smtp(8)</a> and <a href="virtual.8.html">virtual(8)</a> delivery agents.
+With per-destination recipient limit &gt; 1, a destination is a domain,
+otherwise it is a recipient.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_destination_concurrency_limit"><i>transport</i>_destination_concurrency_limit</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_concurrency_negative_feedback">default_destination_concurrency_negative_feedback</a>
+(default: 1)</b></DT><DD>
+
+<p> The per-destination amount of delivery concurrency negative
+feedback, after a delivery completes with a connection or handshake
+failure. Feedback values are in the range 0..1 inclusive. With
+negative feedback, concurrency is decremented at the beginning of
+a sequence of length 1/feedback. This is unlike positive feedback,
+where concurrency is incremented at the end of a sequence of length
+1/feedback. </p>
+
+<p> As of Postfix version 2.5, negative feedback cannot reduce
+delivery concurrency to zero.  Instead, a destination is marked
+dead (further delivery suspended) after the failed pseudo-cohort
+count reaches $<a href="postconf.5.html#default_destination_concurrency_failed_cohort_limit">default_destination_concurrency_failed_cohort_limit</a>
+(or $<a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a>).
+To make the scheduler completely immune to connection or handshake
+failures, specify a zero feedback value and a zero failed pseudo-cohort
+limit.  </p>
+
+<p> Specify one of the following forms: </p>
+
+<dl>
+
+<dt> <b><i>number</i> </b> </dt>
+
+<dt> <b><i>number</i> / <i>number</i> </b> </dt>
+
+<dd> Constant feedback. The value must be in the range 0..1 inclusive.
+The default setting of "1" is compatible with Postfix versions
+before 2.5, where a destination's delivery concurrency is throttled
+down to zero (and further delivery suspended) after a single failed
+pseudo-cohort. </dd>
+
+<dt> <b><i>number</i> / concurrency </b> </dt>
+
+<dd> Variable feedback of "<i>number</i> / (delivery concurrency)".
+The <i>number</i> must be in the range 0..1 inclusive. With
+<i>number</i> equal to "1", a destination's delivery concurrency
+is decremented by 1 after each failed pseudo-cohort.  </dd>
+
+</dl>
+
+<p> A pseudo-cohort is the number of deliveries equal to a destination's
+delivery concurrency. </p>
+
+<p> Use <a href="postconf.5.html#transport_destination_concurrency_negative_feedback"><i>transport</i>_destination_concurrency_negative_feedback</a>
+to specify a transport-specific override, where <i>transport</i>
+is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport. </p>
+
+<p> This feature is available in Postfix 2.5. The default setting
+is compatible with earlier Postfix versions. </p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_concurrency_positive_feedback">default_destination_concurrency_positive_feedback</a>
+(default: 1)</b></DT><DD>
+
+<p> The per-destination amount of delivery concurrency positive
+feedback, after a delivery completes without connection or handshake
+failure. Feedback values are in the range 0..1 inclusive.  The
+concurrency increases until it reaches the per-destination maximal
+concurrency limit. With positive feedback, concurrency is incremented
+at the end of a sequence with length 1/feedback. This is unlike
+negative feedback, where concurrency is decremented at the start
+of a sequence of length 1/feedback. </p>
+
+<p> Specify one of the following forms:  </p>
+
+<dl>
+
+<dt> <b><i>number</i> </b> </dt>
+
+<dt> <b><i>number</i> / <i>number</i> </b> </dt>
+
+<dd> Constant feedback.  The value must be in the range 0..1
+inclusive. The default setting of "1" is compatible with Postfix
+versions before 2.5, where a destination's delivery concurrency
+doubles after each successful pseudo-cohort.  </dd>
+
+<dt> <b><i>number</i> / concurrency </b> </dt>
+
+<dd> Variable feedback of "<i>number</i> / (delivery concurrency)".
+The <i>number</i> must be in the range 0..1 inclusive. With
+<i>number</i> equal to "1", a destination's delivery concurrency
+is incremented by 1 after each successful pseudo-cohort.  </dd>
+
+</dl>
+
+<p> A pseudo-cohort is the number of deliveries equal to a destination's
+delivery concurrency. </p>
+
+<p> Use <a href="postconf.5.html#transport_destination_concurrency_positive_feedback"><i>transport</i>_destination_concurrency_positive_feedback</a>
+to specify a transport-specific override, where <i>transport</i>
+is the <a href="master.5.html">master.cf</a> name of the message delivery transport. </p>
+
+<p> This feature is available in Postfix 2.5 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_rate_delay">default_destination_rate_delay</a>
+(default: 0s)</b></DT><DD>
+
+<p> The default amount of delay that is inserted between individual
+deliveries to the same destination; the resulting behavior depends
+on the value of the corresponding per-destination recipient limit.
+</p>
+
+<ul>
+
+<li> <p> With a corresponding per-destination recipient limit &gt;
+1, the rate delay specifies the time between deliveries to the
+<i>same domain</i>.  Different domains are delivered in parallel,
+subject to the process limits specified in <a href="master.5.html">master.cf</a>. </p>
+
+<li> <p> With a corresponding per-destination recipient limit equal
+to 1, the rate delay specifies the time between deliveries to the
+<i>same recipient</i>. Different recipients are delivered in
+parallel, subject to the process limits specified in <a href="master.5.html">master.cf</a>.
+</p>
+
+</ul>
+
+<p> To enable the delay, specify a non-zero time value (an integral
+value plus an optional one-letter suffix that specifies the time
+unit). </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds). </p>
+
+<p> NOTE: the delay is enforced by the queue manager. The delay
+timer state does not survive "<b>postfix reload</b>" or "<b>postfix
+stop</b>".
+</p>
+
+<p> Use <a href="postconf.5.html#transport_destination_rate_delay"><i>transport</i>_destination_rate_delay</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+<p> NOTE: with a non-zero _destination_rate_delay, specify a
+<a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a> of 10
+or more to prevent Postfix from deferring all mail for the same
+destination after only one connection or handshake error. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="default_destination_recipient_limit">default_destination_recipient_limit</a>
+(default: 50)</b></DT><DD>
+
+<p>
+The default maximal number of recipients per message delivery.
+This is the default limit for delivery via the <a href="lmtp.8.html">lmtp(8)</a>, <a href="pipe.8.html">pipe(8)</a>,
+<a href="smtp.8.html">smtp(8)</a> and <a href="virtual.8.html">virtual(8)</a> delivery agents.
+</p>
+
+<p> Setting this parameter to a value of 1 affects email deliveries
+as follows:</p>
+
+<ul>
+
+<li> <p> It changes the meaning of the corresponding per-destination
+concurrency limit, from concurrency of deliveries to the <i>same
+domain</i> into concurrency of deliveries to the <i>same recipient</i>.
+Different recipients are delivered in parallel, subject to the
+process limits specified in <a href="master.5.html">master.cf</a>. </p>
+
+<li> <p> It changes the meaning of the corresponding per-destination
+rate delay, from the delay between deliveries to the <i>same
+domain</i> into the delay between deliveries to the <i>same
+recipient</i>.  Again, different recipients are delivered in parallel,
+subject to the process limits specified in <a href="master.5.html">master.cf</a>.  </p>
+
+<li> <p> It changes the meaning of other corresponding per-destination
+settings in a similar manner, from settings for delivery to the
+<i>same domain</i> into settings for delivery to the <i>same
+recipient</i>.
+
+</ul>
+
+<p> Use <a href="postconf.5.html#transport_destination_recipient_limit"><i>transport</i>_destination_recipient_limit</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_extra_recipient_limit">default_extra_recipient_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p>
+The default value for the extra per-transport limit imposed on the
+number of in-memory recipients.  This extra recipient space is
+reserved for the cases when the Postfix queue manager's scheduler
+preempts one message with another and suddenly needs some extra
+recipients slots for the chosen message in order to avoid performance
+degradation.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_extra_recipient_limit"><i>transport</i>_extra_recipient_limit</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_filter_nexthop">default_filter_nexthop</a>
+(default: empty)</b></DT><DD>
+
+<p> When a <a href="postconf.5.html#content_filter">content_filter</a> or FILTER request specifies no explicit
+next-hop destination, use $<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> instead; when
+that value is empty, use the domain in the recipient address.
+Specify "<a href="postconf.5.html#default_filter_nexthop">default_filter_nexthop</a> = $<a href="postconf.5.html#myhostname">myhostname</a>" for compatibility
+with Postfix version 2.6 and earlier, or specify an explicit next-hop
+destination with each <a href="postconf.5.html#content_filter">content_filter</a> value or FILTER action. </p>
+
+<p> This feature is available in Postfix 2.7 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="default_minimum_delivery_slots">default_minimum_delivery_slots</a>
+(default: 3)</b></DT><DD>
+
+<p>
+How many recipients a message must have in order to invoke the
+Postfix queue manager's scheduling algorithm at all.  Messages
+which would never accumulate at least this many delivery slots
+(subject to slot cost parameter as well) are never preempted.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_minimum_delivery_slots"><i>transport</i>_minimum_delivery_slots</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_privs">default_privs</a>
+(default: nobody)</b></DT><DD>
+
+<p>
+The default rights used by the <a href="local.8.html">local(8)</a> delivery agent for delivery
+to external file or command.  These rights are used when delivery
+is requested from an <a href="aliases.5.html">aliases(5)</a> file that is owned by <b>root</b>, or
+when delivery is done on behalf of <b>root</b>. <b>DO NOT SPECIFY A
+PRIVILEGED USER OR THE POSTFIX OWNER</b>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_process_limit">default_process_limit</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The default maximal number of Postfix child processes that provide
+a given service. This limit can be overruled for specific services
+in the <a href="master.5.html">master.cf</a> file.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_rbl_reply">default_rbl_reply</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The default Postfix SMTP server response template for a request that is
+rejected by an RBL-based restriction. This template can be overruled
+by specific entries in the optional <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> lookup table.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+<p>
+The template is subject to exactly one level of $name substitution:
+</p>
+
+<dl>
+
+<dt><b>$client</b></dt>
+
+<dd>The client hostname and IP address, formatted as name[address]. </dd>
+
+<dt><b>$client_address</b></dt>
+
+<dd>The client IP address. </dd>
+
+<dt><b>$client_name</b></dt>
+
+<dd>The client hostname or "unknown". See <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a>
+for more details. </dd>
+
+<dt><b>$reverse_client_name</b></dt>
+
+<dd>The client hostname from address-&gt;name lookup, or "unknown".
+See <a href="postconf.5.html#reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a> for more details. </dd>
+
+<dt><b>$helo_name</b></dt>
+
+<dd>The hostname given in HELO or EHLO command or empty string. </dd>
+
+<dt><b>$rbl_class</b></dt>
+
+<dd>The blacklisted entity type: Client host, Helo command, Sender
+address, or Recipient address. </dd>
+
+<dt><b>$rbl_code</b></dt>
+
+<dd>The numerical SMTP response code, as specified with the
+<a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> configuration parameter. Note: The numerical
+SMTP response code is required, and must appear at the start of the
+reply. With Postfix version 2.3 and later this information may be followed
+by an <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> enhanced status code. </dd>
+
+<dt><b>$rbl_domain</b></dt>
+
+<dd>The RBL domain where $rbl_what is blacklisted. </dd>
+
+<dt><b>$rbl_reason</b></dt>
+
+<dd>The reason why $rbl_what is blacklisted, or an empty string. </dd>
+
+<dt><b>$rbl_what</b></dt>
+
+<dd>The entity that is blacklisted (an IP address, a hostname, a domain
+name, or an email address whose domain was blacklisted). </dd>
+
+<dt><b>$recipient</b></dt>
+
+<dd>The recipient address or &lt;&gt; in case of the null address. </dd>
+
+<dt><b>$recipient_domain</b></dt>
+
+<dd>The recipient domain or empty string. </dd>
+
+<dt><b>$recipient_name</b></dt>
+
+<dd>The recipient address localpart or &lt;&gt; in case of null address. </dd>
+
+<dt><b>$sender</b></dt>
+
+<dd>The sender address or &lt;&gt; in case of the null address. </dd>
+
+<dt><b>$sender_domain</b></dt>
+
+<dd>The sender domain or empty string. </dd>
+
+<dt><b>$sender_name</b></dt>
+
+<dd>The sender address localpart or &lt;&gt; in case of the null address. </dd>
+
+<dt><b>${name?text}</b></dt>
+
+<dd>Expands to `text' if $name is not empty. </dd>
+
+<dt><b>${name:text}</b></dt>
+
+<dd>Expands to `text' if $name is empty. </dd>
+
+</dl>
+
+<p>
+Instead of $name you can also specify ${name} or $(name).
+</p>
+
+<p> Note: when an enhanced status code is specified in an RBL reply
+template, it is subject to modification.  The following transformations
+are needed when the same RBL reply template is used for client,
+helo, sender, or recipient access restrictions.  </p>
+
+<ul>
+
+<li> <p> When rejecting a sender address, the Postfix SMTP server
+will transform a recipient DSN status (e.g., 4.1.1-4.1.6) into the
+corresponding sender DSN status, and vice versa. </p>
+
+<li> <p> When rejecting non-address information (such as the HELO
+command argument or the client hostname/address), the Postfix SMTP
+server will transform a sender or recipient DSN status into a generic
+non-address DSN status (e.g., 4.0.0).  </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="default_recipient_limit">default_recipient_limit</a>
+(default: 20000)</b></DT><DD>
+
+<p>
+The default per-transport upper limit on the number of in-memory
+recipients.  These limits take priority over the global
+<a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a> after the message has been assigned
+to the respective transports.  See also <a href="postconf.5.html#default_extra_recipient_limit">default_extra_recipient_limit</a>
+and <a href="postconf.5.html#qmgr_message_recipient_minimum">qmgr_message_recipient_minimum</a>.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_recipient_limit"><i>transport</i>_recipient_limit</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+
+</DD>
+
+<DT><b><a name="default_recipient_refill_delay">default_recipient_refill_delay</a>
+(default: 5s)</b></DT><DD>
+
+<p>
+The default per-transport maximum delay between recipients refills.
+When not all message recipients fit into the memory at once, keep loading
+more of them at least once every this many seconds.  This is used to
+make sure the recipients are refilled in timely manner even when
+$<a href="postconf.5.html#default_recipient_refill_limit">default_recipient_refill_limit</a> is too high for too slow deliveries.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_recipient_refill_delay"><i>transport</i>_recipient_refill_delay</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="default_recipient_refill_limit">default_recipient_refill_limit</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The default per-transport limit on the number of recipients refilled at
+once.  When not all message recipients fit into the memory at once, keep
+loading more of them in batches of at least this many at a time.  See also
+$<a href="postconf.5.html#default_recipient_refill_delay">default_recipient_refill_delay</a>, which may result in recipient batches
+lower than this when this limit is too high for too slow deliveries.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_recipient_refill_limit"><i>transport</i>_recipient_refill_limit</a> to specify a
+transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport.
+</p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="default_transport">default_transport</a>
+(default: smtp)</b></DT><DD>
+
+<p>
+The default mail delivery transport and next-hop destination for
+destinations that do not match $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>,
+$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>,
+or $<a href="postconf.5.html#relay_domains">relay_domains</a>.  This information can be overruled with the
+<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> parameter and with the
+<a href="transport.5.html">transport(5)</a> table. </p>
+
+<p>
+In order of decreasing precedence, the nexthop destination is taken
+from $<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>, $<a href="postconf.5.html#default_transport">default_transport</a>,
+$<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or from the recipient
+domain.
+</p>
+
+<p>
+Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
+The <i>:nexthop</i> destination is optional; its syntax is documented
+in the manual page of the corresponding delivery agent.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#default_transport">default_transport</a> = uucp:relayhostname
+</pre>
+
+
+</DD>
+
+<DT><b><a name="default_transport_rate_delay">default_transport_rate_delay</a>
+(default: 0s)</b></DT><DD>
+
+<p> The default amount of delay that is inserted between individual
+deliveries over the same message delivery transport, regardless of
+destination. If non-zero, all deliveries over the same message
+delivery transport will happen one at a time. </p>
+
+<p>Use <a href="postconf.5.html#transport_transport_rate_delay"><i>transport</i>_transport_rate_delay</a> to specify a
+transport-specific override, where the initial <i>transport</i> is
+the <a href="master.5.html">master.cf</a> name of the message delivery transport. </p>
+
+<p> Example: throttle outbound SMTP mail to at most 3 deliveries
+per minute. </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    smtp_transport_rate_delay = 20s
+</pre>
+
+<p> To enable the delay, specify a non-zero time value (an integral
+value plus an optional one-letter suffix that specifies the time
+unit). </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds). </p>
+
+<p> NOTE: the delay is enforced by the queue manager. </p>
+
+<p> This feature is available in Postfix 3.1 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="default_verp_delimiters">default_verp_delimiters</a>
+(default: +=)</b></DT><DD>
+
+<p> The two default VERP delimiter characters. These are used when
+no explicit delimiters are specified with the SMTP XVERP command
+or with the "<b>sendmail -V</b>" command-line option. Specify
+characters that are allowed by the <a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> setting.
+</p>
+
+<p>
+This feature is available in Postfix 1.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="defer_code">defer_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a remote SMTP
+client request is rejected by the "defer" restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="defer_service_name">defer_service_name</a>
+(default: defer)</b></DT><DD>
+
+<p>
+The name of the defer service. This service is implemented by the
+<a href="bounce.8.html">bounce(8)</a> daemon and maintains a record
+of failed delivery attempts and generates non-delivery notifications.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="defer_transports">defer_transports</a>
+(default: empty)</b></DT><DD>
+
+<p>
+The names of message delivery transports that should not deliver mail
+unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
+or more names of mail delivery transports names that appear in the
+first field of <a href="master.5.html">master.cf</a>.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#defer_transports">defer_transports</a> = smtp
+</pre>
+
+
+</DD>
+
+<DT><b><a name="delay_logging_resolution_limit">delay_logging_resolution_limit</a>
+(default: 2)</b></DT><DD>
+
+<p> The maximal number of digits after the decimal point when logging
+sub-second delay values.  Specify a number in the range 0..6.  </p>
+
+<p> Large delay values are rounded off to an integral number seconds;
+delay values below the <a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> are logged
+as "0", and delay values under 100s are logged with at most two-digit
+precision.  </p>
+
+<p> The format of the "delays=a/b/c/d" logging is as follows: </p>
+
+<ul>
+
+<li> a = time from message arrival to last <a href="QSHAPE_README.html#active_queue">active queue</a> entry
+
+<li> b = time from last <a href="QSHAPE_README.html#active_queue">active queue</a> entry to connection setup
+
+<li> c = time in connection setup, including DNS, EHLO and STARTTLS
+
+<li> d = time in message transmission
+
+</ul>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="delay_notice_recipient">delay_notice_recipient</a>
+(default: postmaster)</b></DT><DD>
+
+<p>
+The recipient of postmaster notifications with the message headers
+of mail that cannot be delivered within $<a href="postconf.5.html#delay_warning_time">delay_warning_time</a> time
+units.  </p>
+
+<p>
+See also: <a href="postconf.5.html#delay_warning_time">delay_warning_time</a>, <a href="postconf.5.html#notify_classes">notify_classes</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="delay_warning_time">delay_warning_time</a>
+(default: 0h)</b></DT><DD>
+
+<p>
+The time after which the sender receives a copy of the message
+headers of mail that is still queued. The <a href="postconf.5.html#confirm_delay_cleared">confirm_delay_cleared</a>
+parameter controls sender notification when the delay clears up.
+</p>
+
+<p>
+To enable this feature, specify a non-zero time value (an integral
+value plus an optional one-letter suffix that specifies the time
+unit).
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is h (hours).
+</p>
+
+<p>
+See also: <a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a>, <a href="postconf.5.html#notify_classes">notify_classes</a>, <a href="postconf.5.html#confirm_delay_cleared">confirm_delay_cleared</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="deliver_lock_attempts">deliver_lock_attempts</a>
+(default: 20)</b></DT><DD>
+
+<p>
+The maximal number of attempts to acquire an exclusive lock on a
+mailbox file or <a href="bounce.8.html">bounce(8)</a> logfile.
+</p>
+
+
+</DD>
+
+<DT><b><a name="deliver_lock_delay">deliver_lock_delay</a>
+(default: 1s)</b></DT><DD>
+
+<p>
+The time between attempts to acquire an exclusive lock on a mailbox
+file or <a href="bounce.8.html">bounce(8)</a> logfile.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="destination_concurrency_feedback_debug">destination_concurrency_feedback_debug</a>
+(default: no)</b></DT><DD>
+
+<p> Make the queue manager's feedback algorithm verbose for performance
+analysis purposes. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="detect_8bit_encoding_header">detect_8bit_encoding_header</a>
+(default: yes)</b></DT><DD>
+
+<p> Automatically detect 8BITMIME body content by looking at
+Content-Transfer-Encoding: message headers; historically, this
+behavior was hard-coded to be "always on".  </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="disable_dns_lookups">disable_dns_lookups</a>
+(default: no)</b></DT><DD>
+
+<p>
+Disable DNS lookups in the Postfix SMTP and LMTP clients. When
+disabled, hosts are looked up with the getaddrinfo() system
+library routine which normally also looks in /etc/hosts.  As of
+Postfix 2.11, this parameter is deprecated; use <a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a>
+instead.
+</p>
+
+<p>
+DNS lookups are enabled by default.
+</p>
+
+
+</DD>
+
+<DT><b><a name="disable_mime_input_processing">disable_mime_input_processing</a>
+(default: no)</b></DT><DD>
+
+<p>
+Turn off MIME processing while receiving mail. This means that no
+special treatment is given to Content-Type: message headers, and
+that all text after the initial message headers is considered to
+be part of the message body.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+<p>
+Mime input processing is enabled by default, and is needed in order
+to recognize MIME headers in message content.
+</p>
+
+
+</DD>
+
+<DT><b><a name="disable_mime_output_conversion">disable_mime_output_conversion</a>
+(default: no)</b></DT><DD>
+
+<p>
+Disable the conversion of 8BITMIME format to 7BIT format.  Mime
+output conversion is needed when the destination does not advertise
+8BITMIME support.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="disable_verp_bounces">disable_verp_bounces</a>
+(default: no)</b></DT><DD>
+
+<p>
+Disable sending one bounce report per recipient.
+</p>
+
+<p>
+The default, one per recipient, is what ezmlm needs.
+</p>
+
+<p>
+This feature is available in Postfix 1.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="disable_vrfy_command">disable_vrfy_command</a>
+(default: no)</b></DT><DD>
+
+<p>
+Disable the SMTP VRFY command. This stops some techniques used to
+harvest email addresses.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a> = no
+</pre>
+
+
+</DD>
+
+<DT><b><a name="dns_ncache_ttl_fix_enable">dns_ncache_ttl_fix_enable</a>
+(default: no)</b></DT><DD>
+
+<p> Enable a workaround for future libc incompatibility. The Postfix
+implementation of <a href="http://tools.ietf.org/html/rfc2308">RFC 2308</a> negative reply caching relies on the
+promise that res_query() and res_search() invoke res_send(), which
+returns the server response in an application buffer even if the
+requested record does not exist. If this promise is broken, specify
+"yes" to enable a  workaround for DNS reputation lookups. </p>
+
+<p>
+This feature is available in Postfix 3.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="dnsblog_reply_delay">dnsblog_reply_delay</a>
+(default: 0s)</b></DT><DD>
+
+<p> A debugging aid to artificially delay DNS responses. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="dnsblog_service_name">dnsblog_service_name</a>
+(default: dnsblog)</b></DT><DD>
+
+<p> The name of the <a href="dnsblog.8.html">dnsblog(8)</a> service entry in <a href="master.5.html">master.cf</a>. This
+service performs DNS white/blacklist lookups. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="dont_remove">dont_remove</a>
+(default: 0)</b></DT><DD>
+
+<p>
+Don't remove queue files and save them to the "saved" mail queue.
+This is a debugging aid.  To inspect the envelope information and
+content of a Postfix queue file, use the <a href="postcat.1.html">postcat(1)</a> command.
+</p>
+
+
+</DD>
+
+<DT><b><a name="double_bounce_sender">double_bounce_sender</a>
+(default: double-bounce)</b></DT><DD>
+
+<p> The sender address of postmaster notifications that are generated
+by the mail system. All mail to this address is silently discarded,
+in order to terminate mail bounce loops.  </p>
+
+
+</DD>
+
+<DT><b><a name="duplicate_filter_limit">duplicate_filter_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p> The maximal number of addresses remembered by the address
+duplicate filter for <a href="aliases.5.html">aliases(5)</a> or <a href="virtual.5.html">virtual(5)</a> alias expansion, or
+for <a href="showq.8.html">showq(8)</a> queue displays.  </p>
+
+
+</DD>
+
+<DT><b><a name="empty_address_default_transport_maps_lookup_key">empty_address_default_transport_maps_lookup_key</a>
+(default: &lt;&gt;)</b></DT><DD>
+
+<p> The <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a> search string that
+will be used instead of the null sender address. </p>
+
+<p> This feature is available in Postfix 2.7 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="empty_address_recipient">empty_address_recipient</a>
+(default: MAILER-DAEMON)</b></DT><DD>
+
+<p>
+The recipient of mail addressed to the null address.  Postfix does
+not accept such addresses in SMTP commands, but they may still be
+created locally as the result of configuration or software error.
+</p>
+
+
+</DD>
+
+<DT><b><a name="empty_address_relayhost_maps_lookup_key">empty_address_relayhost_maps_lookup_key</a>
+(default: &lt;&gt;)</b></DT><DD>
+
+<p> The <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> search string that will be
+used instead of the null sender address. </p>
+
+<p> This feature is available in Postfix 2.5 and later. With
+earlier versions, <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> lookups were
+skipped for the null sender address.  </p>
+
+
+</DD>
+
+<DT><b><a name="enable_errors_to">enable_errors_to</a>
+(default: no)</b></DT><DD>
+
+<p> Report mail delivery errors to the address specified with the
+non-standard Errors-To: message header, instead of the envelope
+sender address (this feature is removed with Postfix version 2.2, is
+turned off by default with Postfix version 2.1, and is always turned on
+with older Postfix versions).  </p>
+
+
+</DD>
+
+<DT><b><a name="enable_idna2003_compatibility">enable_idna2003_compatibility</a>
+(default: no)</b></DT><DD>
+
+<p> Enable 'transitional' compatibility between IDNA2003 and IDNA2008,
+when converting UTF-8 domain names to/from the ASCII form that is
+used for DNS lookups. Specify "yes" for compatibility with Postfix
+&le; 3.1 (not recommended). This affects the conversion of domain
+names that contain for example the German sz and the Greek zeta.
+See <a href="http://unicode.org/cldr/utility/idna.jsp">http://unicode.org/cldr/utility/idna.jsp</a> for more examples.
+</p>
+
+<p> This feature is available in Postfix 3.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="enable_long_queue_ids">enable_long_queue_ids</a>
+(default: no)</b></DT><DD>
+
+<p> Enable long, non-repeating, queue IDs (queue file names).  The
+benefit of non-repeating names is simpler logfile analysis and
+easier queue migration (there is no need to run "postsuper" to
+change queue file names that don't match their message file inode
+number).  </p>
+
+<p> Note: see below for how to convert long queue file names to
+Postfix &le; 2.8. </p>
+
+<p> Changing the parameter value to "yes" has the following effects:
+</p>
+
+<ul>
+
+<li> <p> Existing queue file names are not affected. </p>
+
+<li> <p> New queue files are created with names such as 3Pt2mN2VXxznjll.
+These are encoded in a 52-character alphabet that contains digits
+(0-9), upper-case letters (B-Z) and lower-case letters (b-z). For
+safety reasons the vowels (AEIOUaeiou) are excluded from the alphabet.
+The name format is: 6 or more characters for the time in seconds,
+4 characters for the time in microseconds, the 'z'; the remainder
+is the file inode number encoded in the first 51 characters of the
+52-character alphabet.  </p>
+
+<li> <p> New messages have a Message-ID header with
+<i>queueID</i>@<i><a href="postconf.5.html#myhostname">myhostname</a></i>.  </p>
+
+<li> <p> The mailq (postqueue -p) output has a wider Queue ID column.
+The number of whitespace-separated fields is not changed. <p>
+
+<li> <p> The <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> algorithm uses the first characters
+of the queue file creation time in microseconds, after conversion
+into hexadecimal representation. This produces the same queue hashing
+behavior as if the queue file name was created with "<a href="postconf.5.html#enable_long_queue_ids">enable_long_queue_ids</a>
+= no". </p>
+
+</ul>
+
+<p> Changing the parameter value to "no" has the following effects:
+</p>
+
+<ul>
+
+<li> <p> Existing long queue file names are renamed to the short
+form (while running "postfix reload" or "postsuper").  </p>
+
+<li> <p> New queue files are created with names such as C3CD21F3E90
+from a hexadecimal alphabet that contains digits (0-9) and upper-case
+letters (A-F). The name format is: 5 characters for the time in
+microseconds; the remainder is the file inode number. </p>
+
+<li> <p> New messages have a Message-ID header with
+<i>YYYYMMDDHHMMSS.queueid</i>@<i><a href="postconf.5.html#myhostname">myhostname</a></i>, where
+<i>YYYYMMDDHHMMSS</i> are the year, month, day, hour, minute and
+second.
+
+<li> <p> The mailq (postqueue -p) output has the same format as
+with Postfix &le; 2.8. <p>
+
+<li> <p> The <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> algorithm uses the first characters
+of the queue file name, with the hexadecimal representation of the
+file creation time in microseconds.  </p>
+
+</ul>
+
+<p> Before migration to Postfix &le; 2.8, the following commands
+are required to convert long queue file names into short names: </p>
+
+<pre>
+# postfix stop
+# postconf <a href="postconf.5.html#enable_long_queue_ids">enable_long_queue_ids</a>=no
+# postsuper
+</pre>
+
+<p> Repeat the postsuper command until it reports no more queue file
+name changes. </p>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="enable_original_recipient">enable_original_recipient</a>
+(default: yes)</b></DT><DD>
+
+<p> Enable support for the X-Original-To message header. This header
+is needed for multi-recipient mailboxes.  </p>
+
+<p> When this parameter is set to yes, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs
+duplicate elimination on distinct pairs of (original recipient,
+rewritten recipient), and generates non-empty original recipient
+queue file records.  </p>
+
+<p> When this parameter is set to no, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs
+duplicate elimination on the rewritten recipient address only, and
+generates empty original recipient queue file records.  </p>
+
+<p> This feature is available in Postfix 2.1 and later. With Postfix
+version 2.0, support for the X-Original-To message header is always turned
+on. Postfix versions before 2.0 have no support for the X-Original-To
+message header.  </p>
+
+
+</DD>
+
+<DT><b><a name="error_notice_recipient">error_notice_recipient</a>
+(default: postmaster)</b></DT><DD>
+
+<p> The recipient of postmaster notifications about mail delivery
+problems that are caused by policy, resource, software or protocol
+errors.  These notifications are enabled with the <a href="postconf.5.html#notify_classes">notify_classes</a>
+parameter.  </p>
+
+
+</DD>
+
+<DT><b><a name="error_service_name">error_service_name</a>
+(default: error)</b></DT><DD>
+
+<p>
+The name of the <a href="error.8.html">error(8)</a> pseudo delivery agent. This service always
+returns mail as undeliverable.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="execution_directory_expansion_filter">execution_directory_expansion_filter</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> Restrict the characters that the <a href="local.8.html">local(8)</a> delivery agent allows
+in $name expansions of $<a href="postconf.5.html#command_execution_directory">command_execution_directory</a>.  Characters
+outside the allowed set are replaced by underscores.  </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="expand_owner_alias">expand_owner_alias</a>
+(default: no)</b></DT><DD>
+
+<p>
+When delivering to an alias "aliasname" that has an "owner-aliasname"
+companion alias, set the envelope sender address to the expansion
+of the "owner-aliasname" alias. Normally, Postfix sets the envelope
+sender address to the name of the "owner-aliasname" alias.
+</p>
+
+
+</DD>
+
+<DT><b><a name="export_environment">export_environment</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The list of environment variables that a Postfix process will export
+to non-Postfix processes. The TZ variable is needed for sane
+time keeping on System-V-ish systems.
+</p>
+
+<p>
+Specify a list of names and/or name=value pairs, separated by
+whitespace or comma. Specify "{ name=value }" to protect whitespace
+or comma in parameter values (whitespace after "{" and before "}"
+is ignored). The form name=value is supported with Postfix version
+2.1 and later; the use of {} is supported with Postfix 3.0 and
+later.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#export_environment">export_environment</a> = TZ PATH=/bin:/usr/bin
+</pre>
+
+
+</DD>
+
+<DT><b><a name="extract_recipient_limit">extract_recipient_limit</a>
+(default: 10240)</b></DT><DD>
+
+<p>
+The maximal number of recipient addresses that Postfix will extract
+from message headers when mail is submitted with "<b>sendmail -t</b>".
+</p>
+
+<p>
+This feature was removed in Postfix version 2.1.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fallback_relay">fallback_relay</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional list of relay hosts for SMTP destinations that can't be
+found or that are unreachable. With Postfix 2.3 this parameter
+is renamed to <a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a>. </p>
+
+<p>
+By default, mail is returned to the sender when a destination is
+not found, and delivery is deferred when a destination is unreachable.
+</p>
+
+<p> The fallback relays must be SMTP destinations. Specify a domain,
+host, host:port, [host]:port, [address] or [address]:port; the form
+[host] turns off MX lookups.  If you specify multiple SMTP
+destinations, Postfix will try them in the specified order.  </p>
+
+<p> Note: before Postfix 2.2, do not use the <a href="postconf.5.html#fallback_relay">fallback_relay</a> feature
+when relaying mail
+for a backup or primary MX domain. Mail would loop between the
+Postfix MX host and the <a href="postconf.5.html#fallback_relay">fallback_relay</a> host when the final destination
+is unavailable. </p>
+
+<ul>
+
+<li> In <a href="postconf.5.html">main.cf</a> specify "<a href="postconf.5.html#relay_transport">relay_transport</a> = relay",
+
+<li> In <a href="master.5.html">master.cf</a> specify "-o <a href="postconf.5.html#fallback_relay">fallback_relay</a> =" (i.e., empty) at
+the end of the <tt>relay</tt> entry.
+
+<li> In transport maps, specify "relay:<i>nexthop...</i>"
+as the right-hand side for backup or primary MX domain entries.
+
+</ul>
+
+<p> Postfix version 2.2 and later will not use the <a href="postconf.5.html#fallback_relay">fallback_relay</a> feature
+for destinations that it is MX host for.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fallback_transport">fallback_transport</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional message delivery transport that the <a href="local.8.html">local(8)</a> delivery
+agent should use for names that are not found in the <a href="aliases.5.html">aliases(5)</a>
+or UNIX password database.
+</p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+
+</DD>
+
+<DT><b><a name="fallback_transport_maps">fallback_transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with per-recipient message delivery
+transports for recipients that the <a href="local.8.html">local(8)</a> delivery agent could
+not find in the <a href="aliases.5.html">aliases(5)</a> or UNIX password database. </p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="fast_flush_domains">fast_flush_domains</a>
+(default: $<a href="postconf.5.html#relay_domains">relay_domains</a>)</b></DT><DD>
+
+<p>
+Optional list of destinations that are eligible for per-destination
+logfiles with mail that is queued to those destinations.
+</p>
+
+<p>
+By default, Postfix maintains "fast flush" logfiles only for
+destinations that the Postfix SMTP server is willing to relay to
+(i.e. the default is: "<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> = $<a href="postconf.5.html#relay_domains">relay_domains</a>"; see
+the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter in the <a href="postconf.5.html">postconf(5)</a> manual).
+</p>
+
+<p> Specify a list of hosts or domains, "/file/name" patterns or
+"<a href="DATABASE_README.html">type:table</a>" lookup tables, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace. A
+"/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
+lookup table is matched when the domain or its parent domain appears
+as lookup key.  </p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a>" in the <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+parameter value.  </p>
+
+<p>
+Specify "<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> =" (i.e., empty) to disable the feature
+altogether.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fast_flush_purge_time">fast_flush_purge_time</a>
+(default: 7d)</b></DT><DD>
+
+<p>
+The time after which an empty per-destination "fast flush" logfile
+is deleted.
+</p>
+
+<p>
+You can specify the time as a number, or as a number followed by
+a letter that indicates the time unit: s=seconds, m=minutes, h=hours,
+d=days, w=weeks.  The default time unit is days.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fast_flush_refresh_time">fast_flush_refresh_time</a>
+(default: 12h)</b></DT><DD>
+
+<p>
+The time after which a non-empty but unread per-destination "fast
+flush" logfile needs to be refreshed.  The contents of a logfile
+are refreshed by requesting delivery of all messages listed in the
+logfile.
+</p>
+
+<p>
+You can specify the time as a number, or as a number followed by
+a letter that indicates the time unit: s=seconds, m=minutes, h=hours,
+d=days, w=weeks.  The default time unit is hours.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fault_injection_code">fault_injection_code</a>
+(default: 0)</b></DT><DD>
+
+<p>
+Force specific internal tests to fail, to test the handling of
+errors that are difficult to reproduce otherwise.
+</p>
+
+
+</DD>
+
+<DT><b><a name="flush_service_name">flush_service_name</a>
+(default: flush)</b></DT><DD>
+
+<p>
+The name of the <a href="flush.8.html">flush(8)</a> service. This service maintains per-destination
+logfiles with the queue file names of mail that is queued for those
+destinations.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="fork_attempts">fork_attempts</a>
+(default: 5)</b></DT><DD>
+
+<p> The maximal number of attempts to fork() a child process.  </p>
+
+
+</DD>
+
+<DT><b><a name="fork_delay">fork_delay</a>
+(default: 1s)</b></DT><DD>
+
+<p> The delay between attempts to fork() a child process.  </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks).  The default time unit is s (seconds).  </p>
+
+
+</DD>
+
+<DT><b><a name="forward_expansion_filter">forward_expansion_filter</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Restrict the characters that the <a href="local.8.html">local(8)</a> delivery agent allows in
+$name expansions of $<a href="postconf.5.html#forward_path">forward_path</a>.  Characters outside the
+allowed set are replaced by underscores.
+</p>
+
+
+</DD>
+
+<DT><b><a name="forward_path">forward_path</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The <a href="local.8.html">local(8)</a> delivery agent search list for finding a .forward
+file with user-specified delivery methods. The first file that is
+found is used.  </p>
+
+<p> The following $name expansions are done on <a href="postconf.5.html#forward_path">forward_path</a> before
+the search actually happens. The result of $name expansion is
+filtered with the character set that is specified with the
+<a href="postconf.5.html#forward_expansion_filter">forward_expansion_filter</a> parameter.  </p>
+
+<dl>
+
+<dt><b>$user</b></dt>
+
+<dd>The recipient's username. </dd>
+
+<dt><b>$shell</b></dt>
+
+<dd>The recipient's login shell pathname. </dd>
+
+<dt><b>$home</b></dt>
+
+<dd>The recipient's home directory. </dd>
+
+<dt><b>$recipient</b></dt>
+
+<dd>The full recipient address. </dd>
+
+<dt><b>$extension</b></dt>
+
+<dd>The optional recipient address extension. </dd>
+
+<dt><b>$domain</b></dt>
+
+<dd>The recipient domain. </dd>
+
+<dt><b>$local</b></dt>
+
+<dd>The entire recipient localpart. </dd>
+
+<dt><b>$<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a></b></dt>
+
+<dd>The address extension delimiter that was found in the recipient
+address (Postfix 2.11 and later), or the system-wide recipient
+address extension delimiter (Postfix 2.10 and earlier). </dd>
+
+<dt><b>${name?value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> is non-empty. </dd>
+
+<dt><b>${name:value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> is empty. </dd>
+
+</dl>
+
+<p>
+Instead of $name you can also specify ${name} or $(name).
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#forward_path">forward_path</a> = /var/forward/$user
+<a href="postconf.5.html#forward_path">forward_path</a> =
+    /var/forward/$user/.forward$<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>$extension,
+    /var/forward/$user/.forward
+</pre>
+
+
+</DD>
+
+<DT><b><a name="frozen_delivered_to">frozen_delivered_to</a>
+(default: yes)</b></DT><DD>
+
+<p> Update the <a href="local.8.html">local(8)</a> delivery agent's idea of the Delivered-To:
+address (see <a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a>) only once, at the start of
+a delivery attempt; do not update the Delivered-To: address while
+expanding aliases or .forward files. </p>
+
+<p> This feature is available in Postfix 2.3 and later. With older
+Postfix releases, the behavior is as if this parameter is set to
+"no". The old setting can be expensive with deeply nested aliases
+or .forward files. When an alias or .forward file changes the
+Delivered-To: address, it ties up one queue file and one cleanup
+process instance while mail is being forwarded.  </p>
+
+
+</DD>
+
+<DT><b><a name="hash_queue_depth">hash_queue_depth</a>
+(default: 1)</b></DT><DD>
+
+<p>
+The number of subdirectory levels for queue directories listed with
+the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter. Queue hashing is implemented by
+creating one or more levels of directories with one-character names.
+Originally, these directory names were equal to the first characters
+of the queue file name, with the hexadecimal representation of the
+file creation time in microseconds. </p>
+
+<p> With long queue file names, queue hashing produces the same
+results as with short names. The file creation time in microseconds
+is converted into hexadecimal form before the result is used for
+queue hashing.  The base 16 encoding gives finer control over the
+number of subdirectories than is possible with the base 52 encoding
+of long queue file names.  </p>
+
+<p>
+After changing the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> or <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> parameter,
+execute the command "<b>postfix reload</b>".
+</p>
+
+
+</DD>
+
+<DT><b><a name="hash_queue_names">hash_queue_names</a>
+(default: deferred, defer)</b></DT><DD>
+
+<p>
+The names of queue directories that are split across multiple
+subdirectory levels.
+</p>
+
+<p> Before Postfix version 2.2, the default list of hashed queues
+was significantly larger. Claims about improvements in file system
+technology suggest that hashing of the <a href="QSHAPE_README.html#incoming_queue">incoming</a> and <a href="QSHAPE_README.html#active_queue">active queues</a>
+is no longer needed. Fewer hashed directories speed up the time
+needed to restart Postfix. </p>
+
+<p>
+After changing the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> or <a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> parameter,
+execute the command "<b>postfix reload</b>".
+</p>
+
+
+</DD>
+
+<DT><b><a name="header_address_token_limit">header_address_token_limit</a>
+(default: 10240)</b></DT><DD>
+
+<p>
+The maximal number of address tokens are allowed in an address
+message header. Information that exceeds the limit is discarded.
+The limit is enforced by the <a href="cleanup.8.html">cleanup(8)</a> server.
+</p>
+
+
+</DD>
+
+<DT><b><a name="header_checks">header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables for content inspection of primary non-MIME
+message headers, as specified in the <a href="header_checks.5.html">header_checks(5)</a> manual page.
+</p>
+
+
+</DD>
+
+<DT><b><a name="header_size_limit">header_size_limit</a>
+(default: 102400)</b></DT><DD>
+
+<p>
+The maximal amount of memory in bytes for storing a message header.
+If a header is larger, the excess is discarded.  The limit is
+enforced by the <a href="cleanup.8.html">cleanup(8)</a> server.
+</p>
+
+
+</DD>
+
+<DT><b><a name="helpful_warnings">helpful_warnings</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Log warnings about problematic configuration settings, and provide
+helpful suggestions.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="home_mailbox">home_mailbox</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional pathname of a mailbox file relative to a <a href="local.8.html">local(8)</a> user's
+home directory.
+</p>
+
+<p>
+Specify a pathname ending in "/" for qmail-style delivery.
+</p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#home_mailbox">home_mailbox</a> = Mailbox
+<a href="postconf.5.html#home_mailbox">home_mailbox</a> = Maildir/
+</pre>
+
+
+</DD>
+
+<DT><b><a name="hopcount_limit">hopcount_limit</a>
+(default: 50)</b></DT><DD>
+
+<p>
+The maximal number of Received:  message headers that is allowed
+in the primary message headers. A message that exceeds the limit
+is bounced, in order to stop a mailer loop.
+</p>
+
+
+</DD>
+
+<DT><b><a name="html_directory">html_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The location of Postfix HTML files that describe how to build,
+configure or operate a specific Postfix subsystem or feature.
+</p>
+
+
+</DD>
+
+<DT><b><a name="ignore_mx_lookup_error">ignore_mx_lookup_error</a>
+(default: no)</b></DT><DD>
+
+<p> Ignore DNS MX lookups that produce no response.  By default,
+the Postfix SMTP client defers delivery and tries again after some
+delay.  This behavior is required by the SMTP standard.  </p>
+
+<p>
+Specify "<a href="postconf.5.html#ignore_mx_lookup_error">ignore_mx_lookup_error</a> = yes" to force a DNS A record
+lookup instead. This violates the SMTP standard and can result in
+mis-delivery of mail.
+</p>
+
+
+</DD>
+
+<DT><b><a name="import_environment">import_environment</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The list of environment parameters that a privileged Postfix
+process will import from a non-Postfix parent process, or name=value
+environment overrides.  Unprivileged utilities will enforce the
+name=value overrides, but otherwise will not change their process
+environment.  Examples of relevant parameters: </p>
+
+<dl>
+
+<dt><b>TZ</b></dt>
+
+<dd>May be needed for sane time keeping on most System-V-ish systems.
+</dd>
+
+<dt><b>DISPLAY</b></dt>
+
+<dd>Needed for debugging Postfix daemons with an X-windows debugger. </dd>
+
+<dt><b>XAUTHORITY</b></dt>
+
+<dd>Needed for debugging Postfix daemons with an X-windows debugger. </dd>
+
+<dt><b>MAIL_CONFIG</b></dt>
+
+<dd>Needed to make "<b>postfix -c</b>" work. </dd>
+
+</dl>
+
+<p> Specify a list of names and/or name=value pairs, separated by
+whitespace or comma. Specify "{ name=value }" to protect whitespace
+or comma in parameter values (whitespace after "{" and before "}"
+is ignored). The form name=value is supported with Postfix version
+2.1 and later; the use of {} is supported with Postfix 3.0 and
+later.  </p>
+
+
+</DD>
+
+<DT><b><a name="in_flow_delay">in_flow_delay</a>
+(default: 1s)</b></DT><DD>
+
+<p> Time to pause before accepting a new message, when the message
+arrival rate exceeds the message delivery rate. This feature is
+turned on by default (it's disabled on SCO UNIX due to an SCO bug).
+</p>
+
+<p>
+With the default 100 Postfix SMTP server process limit, "<a href="postconf.5.html#in_flow_delay">in_flow_delay</a>
+= 1s" limits the mail inflow to 100 messages per second above the
+number of messages delivered per second.
+</p>
+
+<p>
+Specify 0 to disable the feature. Valid delays are 0..10.
+</p>
+
+
+</DD>
+
+<DT><b><a name="inet_interfaces">inet_interfaces</a>
+(default: all)</b></DT><DD>
+
+<p> The network interface addresses that this mail system receives
+mail on. Specify "all" to receive mail on all network
+interfaces (default), and "loopback-only" to receive mail
+on loopback network interfaces only (Postfix version 2.2 and later).  The
+parameter also controls delivery of mail to <tt>user@[ip.address]</tt>.
+</p>
+
+<p>
+Note 1: you need to stop and start Postfix when this parameter changes.
+</p>
+
+<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
+but this form is not required here. </p>
+
+<p> When <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies just one IPv4 and/or IPv6 address
+that is not a loopback address, the Postfix SMTP client will use
+this address as the IP source address for outbound mail. Support
+for IPv6 is available in Postfix version 2.2 and later. </p>
+
+<p>
+On a multi-homed firewall with separate Postfix instances listening on the
+"inside" and "outside" interfaces, this can prevent each instance from
+being able to reach remote SMTP servers on the "other side" of the
+firewall. Setting
+<a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> to 0.0.0.0 avoids the potential problem for
+IPv4, and setting <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> to :: solves the problem
+for IPv6. </p>
+
+<p>
+A better solution for multi-homed firewalls is to leave <a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+at the default value and instead use explicit IP addresses in
+the <a href="master.5.html">master.cf</a> SMTP server definitions.  This preserves the Postfix
+SMTP client's
+loop detection, by ensuring that each side of the firewall knows that the
+other IP address is still the same host. Setting $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> to a
+single IPv4 and/or IPV6 address is primarily useful with virtual
+hosting of domains on
+secondary IP addresses, when each IP address serves a different domain
+(and has a different $<a href="postconf.5.html#myhostname">myhostname</a> setting). </p>
+
+<p>
+See also the <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameter, for network addresses that
+are forwarded to Postfix by way of a proxy or address translator.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = all (DEFAULT)
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only (Postfix version 2.2 and later)
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 127.0.0.1
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 127.0.0.1, [::1] (Postfix version 2.2 and later)
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = 192.168.1.2, 127.0.0.1
+</pre>
+
+
+</DD>
+
+<DT><b><a name="inet_protocols">inet_protocols</a>
+(default: all)</b></DT><DD>
+
+<p> The Internet protocols Postfix will attempt to use when making
+or accepting connections. Specify one or more of "ipv4"
+or "ipv6", separated by whitespace or commas. The form
+"all" is equivalent to "ipv4, ipv6" or "ipv4", depending
+on whether the operating system implements IPv6. </p>
+
+<p> With Postfix 2.8 and earlier the default is "ipv4". For backwards
+compatibility with these releases, the Postfix 2.9 and later upgrade
+procedure appends an explicit "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4" setting to
+<a href="postconf.5.html">main.cf</a> when no explicit setting is present. This compatibility
+workaround will be phased out as IPv6 deployment becomes more common.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p> Note: you MUST stop and start Postfix after changing this
+parameter. </p>
+
+<p> On systems that pre-date IPV6_V6ONLY support (<a href="http://tools.ietf.org/html/rfc3493">RFC 3493</a>), an
+IPv6 server will also accept IPv4 connections, even when IPv4 is
+turned off with the <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter.  On systems with
+IPV6_V6ONLY support, Postfix will use separate server sockets for
+IPv6 and IPv4, and each will accept only connections for the
+corresponding protocol.  </p>
+
+<p> When IPv4 support is enabled via the <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter,
+Postfix will look up DNS type A records, and will convert
+IPv4-in-IPv6 client IP addresses (::ffff:1.2.3.4) to their original
+IPv4 form (1.2.3.4).  The latter is needed on hosts that pre-date
+IPV6_V6ONLY support (<a href="http://tools.ietf.org/html/rfc3493">RFC 3493</a>). </p>
+
+<p> When IPv6 support is enabled via the <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter,
+Postfix will do DNS type AAAA record lookups. </p>
+
+<p> When both IPv4 and IPv6 support are enabled, the Postfix SMTP
+client will choose the protocol as specified with the
+<a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> parameter. Postfix versions before 2.8
+attempt to connect via IPv6 before attempting to use IPv4.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> = all (DEFAULT)
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv6
+<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4, ipv6
+</pre>
+
+
+</DD>
+
+<DT><b><a name="initial_destination_concurrency">initial_destination_concurrency</a>
+(default: 5)</b></DT><DD>
+
+<p>
+The initial per-destination concurrency level for parallel delivery
+to the same destination.
+With per-destination recipient limit &gt; 1, a destination is a domain,
+otherwise it is a recipient.
+</p>
+
+<p> Use <a href="postconf.5.html#transport_initial_destination_concurrency"><i>transport</i>_initial_destination_concurrency</a> to specify
+a transport-specific override, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+name of the message delivery transport (Postfix 2.5 and later). </p>
+
+<p>
+Warning: with concurrency of 1, one bad message can be enough to
+block all mail to a site.
+</p>
+
+
+</DD>
+
+<DT><b><a name="internal_mail_filter_classes">internal_mail_filter_classes</a>
+(default: empty)</b></DT><DD>
+
+<p> What categories of Postfix-generated mail are subject to
+before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>, <a href="postconf.5.html#header_checks">header_checks</a>
+and <a href="postconf.5.html#body_checks">body_checks</a>.  Specify zero or more of the following, separated
+by whitespace or comma.  </p>
+
+<dl>
+
+<dt><b>bounce</b></dt> <dd> Inspect the content of delivery
+status notifications. </dd>
+
+<dt><b>notify</b></dt> <dd> Inspect the content of postmaster
+notifications by the <a href="smtp.8.html">smtp(8)</a> and <a href="smtpd.8.html">smtpd(8)</a> processes. </dd>
+
+</dl>
+
+<p> NOTE: It's generally not safe to enable content inspection of
+Postfix-generated email messages. The user is warned. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="invalid_hostname_reject_code">invalid_hostname_reject_code</a>
+(default: 501)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when the client
+HELO or EHLO command parameter is rejected by the <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
+restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="ipc_idle">ipc_idle</a>
+(default: version dependent)</b></DT><DD>
+
+<p>
+The time after which a client closes an idle internal communication
+channel.  The purpose is to allow Postfix daemon processes to
+terminate voluntarily after they become idle. This is used, for
+example, by the Postfix address resolving and rewriting clients.
+</p>
+
+<p> With Postfix 2.4 the default value was reduced from 100s to 5s. </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="ipc_timeout">ipc_timeout</a>
+(default: 3600s)</b></DT><DD>
+
+<p>
+The time limit for sending or receiving information over an internal
+communication channel.  The purpose is to break out of deadlock
+situations. If the time limit is exceeded the software aborts with a
+fatal error.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="ipc_ttl">ipc_ttl</a>
+(default: 1000s)</b></DT><DD>
+
+<p>
+The time after which a client closes an active internal communication
+channel.  The purpose is to allow Postfix daemon processes to
+terminate voluntarily
+after reaching their client limit.  This is used, for example, by
+the Postfix address resolving and rewriting clients.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="line_length_limit">line_length_limit</a>
+(default: 2048)</b></DT><DD>
+
+<p> Upon input, long lines are chopped up into pieces of at most
+this length; upon delivery, long lines are reconstructed.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmdb_map_size">lmdb_map_size</a>
+(default: 16777216)</b></DT><DD>
+
+<p>
+The initial OpenLDAP LMDB database size limit in bytes.  Each time
+a database becomes full, its size limit is doubled.
+</p>
+
+<p>
+This feature is available in Postfix 2.11 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_address_preference">lmtp_address_preference</a>
+(default: ipv6)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_address_verify_target">lmtp_address_verify_target</a>
+(default: rcpt)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 3.0 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_assume_final">lmtp_assume_final</a>
+(default: no)</b></DT><DD>
+
+<p> When a remote LMTP server announces no DSN support, assume that
+the
+server performs final delivery, and send "delivered" delivery status
+notifications instead of "relayed". The default setting is backwards
+compatible to avoid the infinitesimal possibility of breaking
+existing LMTP-based content filters. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_bind_address">lmtp_bind_address</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_bind_address6">lmtp_bind_address6</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_body_checks">lmtp_body_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_body_checks">smtp_body_checks</a> configuration
+parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_cache_connection">lmtp_cache_connection</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Keep Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
+seconds. When the LMTP client receives a request for the same
+connection the connection is reused.
+</p>
+
+<p> This parameter is available in Postfix version 2.2 and earlier.
+With Postfix version 2.3 and later, see <a href="postconf.5.html#lmtp_connection_cache_on_demand">lmtp_connection_cache_on_demand</a>,
+<a href="postconf.5.html#lmtp_connection_cache_destinations">lmtp_connection_cache_destinations</a>, or <a href="postconf.5.html#lmtp_connection_reuse_time_limit">lmtp_connection_reuse_time_limit</a>.
+</p>
+
+<p>
+The effectiveness of cached connections will be determined by the
+number of remote LMTP servers in use, and the concurrency limit specified
+for the Postfix LMTP client. Cached connections are closed under any of
+the following conditions:
+</p>
+
+<ul>
+
+<li> The Postfix LMTP client idle time limit is reached.  This limit is
+specified with the Postfix <a href="postconf.5.html#max_idle">max_idle</a> configuration parameter.
+
+<li> A delivery request specifies a different destination than the
+one currently cached.
+
+<li> The per-process limit on the number of delivery requests is
+reached.  This limit is specified with the Postfix <a href="postconf.5.html#max_use">max_use</a>
+configuration parameter.
+
+<li> Upon the onset of another delivery request, the remote LMTP server
+associated with the current session does not respond to the RSET
+command.
+
+</ul>
+
+<p>
+Most of these limitations have been with the Postfix
+a connection cache that is shared among multiple LMTP client
+programs.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_cname_overrides_servername">lmtp_cname_overrides_servername</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_cname_overrides_servername">smtp_cname_overrides_servername</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connect_timeout">lmtp_connect_timeout</a>
+(default: 0s)</b></DT><DD>
+
+<p> The Postfix LMTP client time limit for completing a TCP connection, or
+zero (use the operating system built-in time limit).  When no
+connection can be made within the deadline, the LMTP client tries
+the next address on the mail exchanger list.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#lmtp_connect_timeout">lmtp_connect_timeout</a> = 30s
+</pre>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connection_cache_destinations">lmtp_connection_cache_destinations</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connection_cache_on_demand">lmtp_connection_cache_on_demand</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connection_cache_time_limit">lmtp_connection_cache_time_limit</a>
+(default: 2s)</b></DT><DD>
+
+<p> The LMTP-specific version of the
+<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> configuration parameter.
+See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connection_reuse_count_limit">lmtp_connection_reuse_count_limit</a>
+(default: 0)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.11 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_connection_reuse_time_limit">lmtp_connection_reuse_time_limit</a>
+(default: 300s)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_data_done_timeout">lmtp_data_done_timeout</a>
+(default: 600s)</b></DT><DD>
+
+<p> The Postfix LMTP client time limit for sending the LMTP ".",
+and for receiving the remote LMTP server response.  When no response
+is received within the deadline, a warning is logged that the mail
+may be delivered multiple times.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_data_init_timeout">lmtp_data_init_timeout</a>
+(default: 120s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the LMTP DATA command,
+and
+for receiving the remote LMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_data_xfer_timeout">lmtp_data_xfer_timeout</a>
+(default: 180s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the LMTP message
+content.
+When the connection stalls for more than $<a href="postconf.5.html#lmtp_data_xfer_timeout">lmtp_data_xfer_timeout</a>
+the LMTP client terminates the transfer.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_defer_if_no_mx_address_found">lmtp_defer_if_no_mx_address_found</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_defer_if_no_mx_address_found">smtp_defer_if_no_mx_address_found</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_delivery_status_filter">lmtp_delivery_status_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_destination_concurrency_limit">lmtp_destination_concurrency_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
+
+<p> The maximal number of parallel deliveries to the same destination
+via the lmtp message delivery transport. This limit is enforced by
+the queue manager. The message delivery transport name is the first
+field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_destination_recipient_limit">lmtp_destination_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
+
+<p> The maximal number of recipients per message for the lmtp
+message delivery transport. This limit is enforced by the queue
+manager. The message delivery transport name is the first field in
+the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+<p> Setting this parameter to a value of 1 changes the meaning of
+<a href="postconf.5.html#lmtp_destination_concurrency_limit">lmtp_destination_concurrency_limit</a> from concurrency per domain into
+concurrency per recipient.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_discard_lhlo_keyword_address_maps">lmtp_discard_lhlo_keyword_address_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables, indexed by the remote LMTP server address, with
+case insensitive lists of LHLO keywords (pipelining, starttls,
+auth, etc.) that the Postfix LMTP client will ignore in the LHLO
+response
+from a remote LMTP server. See <a href="postconf.5.html#lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a> for
+details. The table is not indexed by hostname for consistency with
+<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_discard_lhlo_keywords">lmtp_discard_lhlo_keywords</a>
+(default: empty)</b></DT><DD>
+
+<p> A case insensitive list of LHLO keywords (pipelining, starttls,
+auth, etc.) that the Postfix LMTP client will ignore in the LHLO
+response
+from a remote LMTP server. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the <a href="postconf.5.html#lmtp_discard_lhlo_keyword_address_maps">lmtp_discard_lhlo_keyword_address_maps</a> feature to
+discard LHLO keywords selectively. </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="lmtp_dns_reply_filter">lmtp_dns_reply_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional filter for Postfix LMTP client DNS lookup results.
+See <a href="postconf.5.html#smtp_dns_reply_filter">smtp_dns_reply_filter</a> for details including an example.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_dns_resolver_options">lmtp_dns_resolver_options</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_dns_resolver_options">smtp_dns_resolver_options</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_dns_support_level">lmtp_dns_support_level</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a>
+configuration parameter.  See there for details.  </p>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_enforce_tls">lmtp_enforce_tls</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_fallback_relay">lmtp_fallback_relay</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional list of relay hosts for LMTP destinations that can't be
+found or that are unreachable.  In <a href="postconf.5.html">main.cf</a> elements are separated by
+whitespace or commas.  </p>
+
+<p> By default, mail is returned to the sender when a destination is not
+found, and delivery is deferred when a destination is unreachable.  </p>
+
+<p> The fallback relays must be TCP destinations, specified without
+a leading "inet:" prefix.  Specify a host or host:port.  Since MX
+lookups do not apply with LMTP, there is no need to use the "[host]" or
+"[host]:port" forms.  If you specify multiple LMTP destinations, Postfix
+will try them in the specified order.  </p>
+
+<p>
+This feature is available in Postfix 3.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_generic_maps">lmtp_generic_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_header_checks">lmtp_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_header_checks">smtp_header_checks</a> configuration
+parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_host_lookup">lmtp_host_lookup</a>
+(default: dns)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_lhlo_name">lmtp_lhlo_name</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p>
+The hostname to send in the LMTP LHLO command.
+</p>
+
+<p>
+The default value is the machine hostname.  Specify a hostname or
+[ip.add.re.ss].
+</p>
+
+<p>
+This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all LMTP
+clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
+client, for example:
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    mylmtp ... lmtp -o <a href="postconf.5.html#lmtp_lhlo_name">lmtp_lhlo_name</a>=foo.bar.com
+</pre>
+</blockquote>
+
+<p>
+This feature is available in Postfix 2.3 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_lhlo_timeout">lmtp_lhlo_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p> The Postfix LMTP client time limit for sending the LHLO command,
+and for receiving the initial remote LMTP server response. </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks).  The default time unit is s (seconds).  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_line_length_limit">lmtp_line_length_limit</a>
+(default: 990)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_line_length_limit">smtp_line_length_limit</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_mail_timeout">lmtp_mail_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the MAIL FROM command,
+and for receiving the remote LMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_mime_header_checks">lmtp_mime_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_mime_header_checks">smtp_mime_header_checks</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_mx_address_limit">lmtp_mx_address_limit</a>
+(default: 5)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_mx_session_limit">lmtp_mx_session_limit</a>
+(default: 2)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_nested_header_checks">lmtp_nested_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_nested_header_checks">smtp_nested_header_checks</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_per_record_deadline">lmtp_per_record_deadline</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_pix_workaround_delay_time">lmtp_pix_workaround_delay_time</a>
+(default: 10s)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_pix_workaround_maps">lmtp_pix_workaround_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_pix_workaround_maps">smtp_pix_workaround_maps</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_pix_workaround_threshold_time">lmtp_pix_workaround_threshold_time</a>
+(default: 500s)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_pix_workarounds">lmtp_pix_workarounds</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the smtp_pix_workaround
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_quit_timeout">lmtp_quit_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the QUIT command,
+and for receiving the remote LMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_quote_rfc821_envelope">lmtp_quote_rfc821_envelope</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_randomize_addresses">lmtp_randomize_addresses</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_rcpt_timeout">lmtp_rcpt_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the RCPT TO command,
+and for receiving the remote LMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_reply_filter">lmtp_reply_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.7 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_rset_timeout">lmtp_rset_timeout</a>
+(default: 20s)</b></DT><DD>
+
+<p> The Postfix LMTP client time limit for sending the RSET command,
+and for receiving the remote LMTP server response. The LMTP client
+sends RSET in
+order to finish a recipient address probe, or to verify that a
+cached connection is still alive.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_auth_cache_name">lmtp_sasl_auth_cache_name</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_auth_cache_time">lmtp_sasl_auth_cache_time</a>
+(default: 90d)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_auth_enable">lmtp_sasl_auth_enable</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable SASL authentication in the Postfix LMTP client.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_auth_soft_bounce">lmtp_sasl_auth_soft_bounce</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_mechanism_filter">lmtp_sasl_mechanism_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_password_maps">lmtp_sasl_password_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional Postfix LMTP client lookup tables with one username:password entry
+per host or domain.  If a remote host or domain has no username:password
+entry, then the Postfix LMTP client will not attempt to authenticate
+to the remote host.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_path">lmtp_sasl_path</a>
+(default: empty)</b></DT><DD>
+
+<p> Implementation-specific information that is passed through to
+the SASL plug-in implementation that is selected with
+<b><a href="postconf.5.html#lmtp_sasl_type">lmtp_sasl_type</a></b>.  Typically this specifies the name of a
+configuration file or rendezvous point. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_security_options">lmtp_sasl_security_options</a>
+(default: noplaintext, noanonymous)</b></DT><DD>
+
+<p> SASL security options; as of Postfix 2.3 the list of available
+features depends on the SASL client implementation that is selected
+with <b><a href="postconf.5.html#lmtp_sasl_type">lmtp_sasl_type</a></b>.  </p>
+
+<p> The following security features are defined for the <b>cyrus</b>
+client SASL implementation: </p>
+
+<dl>
+
+<dt><b>noplaintext</b></dt>
+
+<dd>Disallow authentication methods that use plaintext passwords. </dd>
+
+<dt><b>noactive</b></dt>
+
+<dd>Disallow authentication methods that are vulnerable to non-dictionary
+active attacks. </dd>
+
+<dt><b>nodictionary</b></dt>
+
+<dd>Disallow authentication methods that are vulnerable to passive
+dictionary attack. </dd>
+
+<dt><b>noanonymous</b></dt>
+
+<dd>Disallow anonymous logins. </dd>
+
+</dl>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#lmtp_sasl_security_options">lmtp_sasl_security_options</a> = noplaintext
+</pre>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_tls_security_options">lmtp_sasl_tls_security_options</a>
+(default: $<a href="postconf.5.html#lmtp_sasl_security_options">lmtp_sasl_security_options</a>)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_tls_verified_security_options">lmtp_sasl_tls_verified_security_options</a>
+(default: $<a href="postconf.5.html#lmtp_sasl_tls_security_options">lmtp_sasl_tls_security_options</a>)</b></DT><DD>
+
+<p> The LMTP-specific version of the
+<a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> configuration parameter.
+See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sasl_type">lmtp_sasl_type</a>
+(default: cyrus)</b></DT><DD>
+
+<p> The SASL plug-in type that the Postfix LMTP client should use
+for authentication.  The available types are listed with the
+"<b>postconf -A</b>" command. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_send_dummy_mail_auth">lmtp_send_dummy_mail_auth</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_send_xforward_command">lmtp_send_xforward_command</a>
+(default: no)</b></DT><DD>
+
+<p>
+Send an XFORWARD command to the remote LMTP server when the LMTP LHLO
+server response announces XFORWARD support.  This allows an <a href="lmtp.8.html">lmtp(8)</a>
+delivery agent, used for content filter message injection, to
+forward the name, address, protocol and HELO name of the original
+client to the content filter and downstream queuing LMTP server.
+Before you change the value to yes, it is best to make sure that
+your content filter supports this command.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_sender_dependent_authentication">lmtp_sender_dependent_authentication</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_skip_5xx_greeting">lmtp_skip_5xx_greeting</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_skip_quit_response">lmtp_skip_quit_response</a>
+(default: no)</b></DT><DD>
+
+<p>
+Wait for the response to the LMTP QUIT command.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_starttls_timeout">lmtp_starttls_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tcp_port">lmtp_tcp_port</a>
+(default: 24)</b></DT><DD>
+
+<p>
+The default TCP port that the Postfix LMTP client connects to.
+Specify a symbolic name (see services(5)) or a numeric port.
+</p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_CAfile">lmtp_tls_CAfile</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_CApath">lmtp_tls_CApath</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_block_early_mail_reply">lmtp_tls_block_early_mail_reply</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.7 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_cert_file">lmtp_tls_cert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_ciphers">lmtp_tls_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> configuration
+parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_dcert_file">lmtp_tls_dcert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_dkey_file">lmtp_tls_dkey_file</a>
+(default: $<a href="postconf.5.html#lmtp_tls_dcert_file">lmtp_tls_dcert_file</a>)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_eccert_file">lmtp_tls_eccert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_eckey_file">lmtp_tls_eckey_file</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_enforce_peername">lmtp_tls_enforce_peername</a>
+(default: yes)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_exclude_ciphers">lmtp_tls_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_fingerprint_cert_match">lmtp_tls_fingerprint_cert_match</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_fingerprint_digest">lmtp_tls_fingerprint_digest</a>
+(default: md5)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_force_insecure_host_tlsa_lookup">lmtp_tls_force_insecure_host_tlsa_lookup</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">smtp_tls_force_insecure_host_tlsa_lookup</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.11 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_key_file">lmtp_tls_key_file</a>
+(default: $<a href="postconf.5.html#lmtp_tls_cert_file">lmtp_tls_cert_file</a>)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_loglevel">lmtp_tls_loglevel</a>
+(default: 0)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_mandatory_exclude_ciphers">lmtp_tls_mandatory_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_mandatory_protocols">lmtp_tls_mandatory_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_note_starttls_offer">lmtp_tls_note_starttls_offer</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_per_site">lmtp_tls_per_site</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_policy_maps">lmtp_tls_policy_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_protocols">lmtp_tls_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> configuration
+parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_scert_verifydepth">lmtp_tls_scert_verifydepth</a>
+(default: 9)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_secure_cert_match">lmtp_tls_secure_cert_match</a>
+(default: nexthop)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_security_level">lmtp_tls_security_level</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_session_cache_timeout">lmtp_tls_session_cache_timeout</a>
+(default: 3600s)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a>
+configuration parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_trust_anchor_file">lmtp_tls_trust_anchor_file</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_trust_anchor_file">smtp_tls_trust_anchor_file</a>
+configuration parameter.  See there for details.  </p>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_tls_verify_cert_match">lmtp_tls_verify_cert_match</a>
+(default: hostname)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_use_tls">lmtp_use_tls</a>
+(default: no)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> configuration
+parameter.  See there for details. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="lmtp_xforward_timeout">lmtp_xforward_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix LMTP client time limit for sending the XFORWARD command,
+and for receiving the remote LMTP server response.
+</p>
+
+<p>
+In case of problems the client does NOT try the next address on
+the mail exchanger list.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="local_command_shell">local_command_shell</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional shell program for <a href="local.8.html">local(8)</a> delivery to non-Postfix command.
+By default, non-Postfix commands are executed directly; commands
+are given to given to the default shell (typically, /bin/sh) only
+when they contain shell meta characters or shell built-in commands.
+</p>
+
+<p> "sendmail's restricted shell" (smrsh) is what most people will
+use in order to restrict what programs can be run from e.g. .forward
+files (smrsh is part of the Sendmail distribution).  </p>
+
+<p> Note: when a shell program is specified, it is invoked even
+when the command contains no shell built-in commands or meta
+characters.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#local_command_shell">local_command_shell</a> = /some/where/smrsh -c
+<a href="postconf.5.html#local_command_shell">local_command_shell</a> = /bin/bash -c
+</pre>
+
+
+</DD>
+
+<DT><b><a name="local_delivery_status_filter">local_delivery_status_filter</a>
+(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
+
+<p> Optional filter for the <a href="local.8.html">local(8)</a> delivery agent to change the
+status code or explanatory text of successful or unsuccessful
+deliveries.  See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="local_destination_concurrency_limit">local_destination_concurrency_limit</a>
+(default: 2)</b></DT><DD>
+
+<p> The maximal number of parallel deliveries via the local mail
+delivery transport to the same recipient (when
+"<a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> = 1") or the maximal number of
+parallel deliveries to the same <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> (when
+"<a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> &gt; 1"). This limit is enforced by
+the queue manager. The message delivery transport name is the first
+field in the entry in the <a href="master.5.html">master.cf</a> file. </p>
+
+<p> A low limit of 2 is recommended, just in case someone has an
+expensive shell command in a .forward file or in an alias (e.g.,
+a mailing list manager).  You don't want to run lots of those at
+the same time.  </p>
+
+
+</DD>
+
+<DT><b><a name="local_destination_recipient_limit">local_destination_recipient_limit</a>
+(default: 1)</b></DT><DD>
+
+<p> The maximal number of recipients per message delivery via the
+local mail delivery transport. This limit is enforced by the queue
+manager. The message delivery transport name is the first field in
+the entry in the <a href="master.5.html">master.cf</a> file. </p>
+
+<p> Setting this parameter to a value &gt; 1 changes the meaning of
+<a href="postconf.5.html#local_destination_concurrency_limit">local_destination_concurrency_limit</a> from concurrency per recipient
+into concurrency per domain.  </p>
+
+
+</DD>
+
+<DT><b><a name="local_header_rewrite_clients">local_header_rewrite_clients</a>
+(default: <a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>)</b></DT><DD>
+
+<p> Rewrite message header addresses in mail from these clients and
+update incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or
+$<a href="postconf.5.html#mydomain">mydomain</a>; either don't rewrite message headers from other clients
+at all, or rewrite message headers and update incomplete addresses
+with the domain specified in the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a>
+parameter.  </p>
+
+<p> See the <a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a> and <a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a> parameters
+for details of how domain names are appended to incomplete addresses.
+</p>
+
+<p> Specify a list of zero or more of the following:  </p>
+
+<dl>
+
+<dt><b><a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a></b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+client IP address matches $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>. This is enabled by
+default. </dd>
+
+<dt><b><a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a></b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+client IP address matches any network or network address listed in
+$<a href="postconf.5.html#mynetworks">mynetworks</a>. This setting will not prevent remote mail header
+address rewriting when mail from a remote client is forwarded by
+a neighboring system.  </dd>
+
+<dt><b><a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> </b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+client is successfully authenticated via the <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH)
+protocol. </dd>
+
+<dt><b><a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a> </b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+remote SMTP client TLS certificate fingerprint or public key fingerprint
+(Postfix 2.9 and later) is listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
+The fingerprint digest algorithm is configurable via the
+<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
+Postfix version 2.5).  </dd>
+
+<dt><b><a href="postconf.5.html#permit_tls_all_clientcerts">permit_tls_all_clientcerts</a> </b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+remote SMTP client TLS certificate is successfully verified, regardless of
+whether it is listed on the server, and regardless of the certifying
+authority. </dd>
+
+<dt><b><a name="check_address_map">check_address_map</a> <i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
+
+<dt><b><i><a href="DATABASE_README.html">type:table</a></i> </b></dt>
+
+<dd> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> when the
+client IP address matches the specified lookup table.
+The lookup result is ignored, and no subnet lookup is done. This
+is suitable for, e.g., pop-before-smtp lookup tables. </dd>
+
+</dl>
+
+<p> Examples:  </p>
+
+<p> The Postfix &lt; 2.2 backwards compatible setting: always rewrite
+message headers, and always append my own domain to incomplete
+header addresses.  </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all
+</pre>
+</blockquote>
+
+<p> The purist (and default) setting: rewrite headers only in mail
+from Postfix sendmail and in SMTP mail from this machine. </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>
+</pre>
+</blockquote>
+
+<p> The intermediate setting: rewrite header addresses and append
+$<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> information only with mail from Postfix
+sendmail, from local clients, or from authorized SMTP clients. </p>
+
+<p> Note: this setting will not prevent remote mail header address
+rewriting when mail from a remote client is forwarded by a neighboring
+system.  </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
+    <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
+    <a href="postconf.5.html#check_address_map">check_address_map</a> <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/pop-before-smtp
+</pre>
+</blockquote>
+
+
+</DD>
+
+<DT><b><a name="local_recipient_maps">local_recipient_maps</a>
+(default: <a href="proxymap.8.html">proxy</a>:unix:passwd.byname $<a href="postconf.5.html#alias_maps">alias_maps</a>)</b></DT><DD>
+
+<p> Lookup tables with all names or addresses of local recipients:
+a recipient address is local when its domain matches $<a href="postconf.5.html#mydestination">mydestination</a>,
+$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.  Specify @domain as a
+wild-card for domains that do not have a valid recipient list.
+Technically, tables listed with $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> are used as
+lists: Postfix needs to know only if a lookup string is found or
+not, but it does not use the result from table lookup.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+If this parameter is non-empty (the default), then the Postfix SMTP
+server will reject mail for unknown local users.
+</p>
+
+<p>
+To turn off local recipient checking in the Postfix SMTP server,
+specify "<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =" (i.e. empty).
+</p>
+
+<p>
+The default setting assumes that you use the default Postfix local
+delivery agent for local delivery. You need to update the
+<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> setting if:
+</p>
+
+<ul>
+
+<li>You redefine the local delivery agent in <a href="master.5.html">master.cf</a>.
+
+<li>You redefine the "<a href="postconf.5.html#local_transport">local_transport</a>" setting in <a href="postconf.5.html">main.cf</a>.
+
+<li>You use the "<a href="postconf.5.html#luser_relay">luser_relay</a>", "<a href="postconf.5.html#mailbox_transport">mailbox_transport</a>", or "<a href="postconf.5.html#fallback_transport">fallback_transport</a>"
+feature of the Postfix <a href="local.8.html">local(8)</a> delivery agent.
+
+</ul>
+
+<p>
+Details are described in the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> file.
+</p>
+
+<p>
+Beware: if the Postfix SMTP server runs chrooted, you need to access
+the passwd file via the <a href="proxymap.8.html">proxymap(8)</a> service, in order to overcome
+chroot access restrictions. The alternative, maintaining a copy of
+the system password file in the chroot jail is not practical.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =
+</pre>
+
+
+</DD>
+
+<DT><b><a name="local_transport">local_transport</a>
+(default: <a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p> The default mail delivery transport and next-hop destination
+for final delivery to domains listed with <a href="postconf.5.html#mydestination">mydestination</a>, and for
+[ipaddress] destinations that match $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
+This information can be overruled with the <a href="transport.5.html">transport(5)</a> table. </p>
+
+<p>
+By default, local mail is delivered to the transport called "local",
+which is just the name of a service that is defined the <a href="master.5.html">master.cf</a> file.
+</p>
+
+<p>
+Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
+The <i>:nexthop</i> destination is optional; its syntax is documented
+in the manual page of the corresponding delivery agent.
+</p>
+
+<p>
+Beware: if you override the default local delivery agent then you
+need to review the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> document, otherwise the
+SMTP server may reject mail for local recipients.
+</p>
+
+
+</DD>
+
+<DT><b><a name="luser_relay">luser_relay</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional catch-all destination for unknown <a href="local.8.html">local(8)</a> recipients.
+By default, mail for unknown recipients in domains that match
+$<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> is returned
+as undeliverable.
+</p>
+
+<p>
+The following $name expansions are done on <a href="postconf.5.html#luser_relay">luser_relay</a>:
+</p>
+
+<dl>
+
+<dt><b>$domain</b></dt>
+
+<dd>The recipient domain. </dd>
+
+<dt><b>$extension</b></dt>
+
+<dd>The recipient address extension. </dd>
+
+<dt><b>$home</b></dt>
+
+<dd>The recipient's home directory. </dd>
+
+<dt><b>$local</b></dt>
+
+<dd>The entire recipient address localpart. </dd>
+
+<dt><b>$recipient</b></dt>
+
+<dd>The full recipient address. </dd>
+
+<dt><b>$<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a></b></dt>
+
+<dd>The address extension delimiter that was found in the recipient
+address (Postfix 2.11 and later), or the system-wide recipient
+address extension delimiter (Postfix 2.10 and earlier). </dd>
+
+<dt><b>$shell</b></dt>
+
+<dd>The recipient's login shell. </dd>
+
+<dt><b>$user</b></dt>
+
+<dd>The recipient username. </dd>
+
+<dt><b>${name?value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> has a non-empty value. </dd>
+
+<dt><b>${name:value}</b></dt>
+
+<dd>Expands to <i>value</i> when <i>$name</i> has an empty value. </dd>
+
+</dl>
+
+<p>
+Instead of $name you can also specify ${name} or $(name).
+</p>
+
+<p>
+Note: <a href="postconf.5.html#luser_relay">luser_relay</a> works only for the Postfix <a href="local.8.html">local(8)</a> delivery agent.
+</p>
+
+<p>
+Note: if you use this feature for accounts not in the UNIX password
+file, then you must specify "<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> =" (i.e. empty)
+in the <a href="postconf.5.html">main.cf</a> file, otherwise the Postfix SMTP server will reject mail
+for non-UNIX accounts with "User unknown in local recipient table".
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#luser_relay">luser_relay</a> = $user@other.host
+<a href="postconf.5.html#luser_relay">luser_relay</a> = $local@other.host
+<a href="postconf.5.html#luser_relay">luser_relay</a> = admin+$local
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mail_name">mail_name</a>
+(default: Postfix)</b></DT><DD>
+
+<p>
+The mail system name that is displayed in Received: headers, in
+the SMTP greeting banner, and in bounced mail.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mail_owner">mail_owner</a>
+(default: postfix)</b></DT><DD>
+
+<p>
+The UNIX system account that owns the Postfix queue and most Postfix
+daemon processes.  Specify the name of an unprivileged user account
+that does not share a user or group ID with other accounts, and that
+owns no other files
+or processes on the system.  In particular, don't specify nobody
+or daemon.  PLEASE USE A DEDICATED USER ID AND GROUP ID.
+</p>
+
+<p>
+When this parameter value is changed you need to re-run "<b>postfix
+set-permissions</b>" (with Postfix version 2.0 and earlier:
+"<b>/etc/postfix/post-install set-permissions</b>".
+</p>
+
+
+</DD>
+
+<DT><b><a name="mail_release_date">mail_release_date</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The Postfix release date, in "YYYYMMDD" format.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mail_spool_directory">mail_spool_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The directory where <a href="local.8.html">local(8)</a> UNIX-style mailboxes are kept. The
+default setting depends on the system type. Specify a name ending
+in / for maildir-style delivery.
+</p>
+
+<p>
+Note: maildir delivery is done with the privileges of the recipient.
+If you use the <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> setting for maildir style
+delivery, then you must create the top-level maildir directory in
+advance. Postfix will not create it.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> = /var/mail
+<a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> = /var/spool/mail
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mail_version">mail_version</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The version of the mail system. Stable releases are named
+<i>major</i>.<i>minor</i>.<i>patchlevel</i>. Experimental releases
+also include the release date. The version string can be used in,
+for example, the SMTP greeting banner.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_command">mailbox_command</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional external command that the <a href="local.8.html">local(8)</a> delivery agent should
+use for mailbox delivery.  The command is run with the user ID and
+the primary group ID privileges of the recipient.  Exception:
+command delivery for root executes with $<a href="postconf.5.html#default_privs">default_privs</a> privileges.
+This is not a problem, because 1) mail for root should always be
+aliased to a real user and 2) don't log in as root, use "su" instead.
+</p>
+
+<p>
+The following environment variables are exported to the command:
+</p>
+
+<dl>
+
+<dt><b>CLIENT_ADDRESS</b></dt>
+
+<dd>Remote client network address. Available in Postfix version 2.2 and
+later. </dd>
+
+<dt><b>CLIENT_HELO</b></dt>
+
+<dd>Remote client EHLO command parameter. Available in Postfix version 2.2
+and later.</dd>
+
+<dt><b>CLIENT_HOSTNAME</b></dt>
+
+<dd>Remote client hostname. Available in Postfix version 2.2 and later.
+</dd>
+
+<dt><b>CLIENT_PROTOCOL</b></dt>
+
+<dd>Remote client protocol. Available in Postfix version 2.2 and later.
+</dd>
+
+<dt><b>DOMAIN</b></dt>
+
+<dd>The domain part of the recipient address. </dd>
+
+<dt><b>EXTENSION</b></dt>
+
+<dd>The optional address extension. </dd>
+
+<dt><b>HOME</b></dt>
+
+<dd>The recipient home directory. </dd>
+
+<dt><b>LOCAL</b></dt>
+
+<dd>The recipient address localpart. </dd>
+
+<dt><b>LOGNAME</b></dt>
+
+<dd>The recipient's username. </dd>
+
+<dt><b>ORIGINAL_RECIPIENT</b></dt>
+
+<dd>The entire recipient address, before any address rewriting or
+aliasing.  </dd>
+
+<dt><b>RECIPIENT</b></dt>
+
+<dd>The full recipient address. </dd>
+
+<dt><b>SASL_METHOD</b></dt>
+
+<dd>SASL authentication method specified in the remote client AUTH
+command. Available in Postfix version 2.2 and later. </dd>
+
+<dt><b>SASL_SENDER</b></dt>
+
+<dd>SASL sender address specified in the remote client MAIL FROM
+command. Available in Postfix version 2.2 and later. </dd>
+
+<dt><b>SASL_USER</b></dt>
+
+<dd>SASL username specified in the remote client AUTH command.
+Available in Postfix version 2.2 and later.  </dd>
+
+<dt><b>SENDER</b></dt>
+
+<dd>The full sender address. </dd>
+
+<dt><b>SHELL</b></dt>
+
+<dd>The recipient's login shell. </dd>
+
+<dt><b>USER</b></dt>
+
+<dd>The recipient username. </dd>
+
+</dl>
+
+<p>
+Unlike other Postfix configuration parameters, the <a href="postconf.5.html#mailbox_command">mailbox_command</a>
+parameter is not subjected to $name substitutions. This is to make
+it easier to specify shell syntax (see example below).
+</p>
+
+<p>
+If you can, avoid shell meta characters because they will force
+Postfix to run an expensive shell process. If you're delivering
+via Procmail then running a shell won't make a noticeable difference
+in the total cost.
+</p>
+
+<p>
+Note: if you use the <a href="postconf.5.html#mailbox_command">mailbox_command</a> feature to deliver mail
+system-wide, you must set up an alias that forwards mail for root
+to a real user.
+</p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#mailbox_command">mailbox_command</a> = /some/where/procmail
+<a href="postconf.5.html#mailbox_command">mailbox_command</a> = /some/where/procmail -a "$EXTENSION"
+<a href="postconf.5.html#mailbox_command">mailbox_command</a> = /some/where/maildrop -d "$USER"
+        -f "$SENDER" "$EXTENSION"
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mailbox_command_maps">mailbox_command_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables with per-recipient external commands to use
+for <a href="local.8.html">local(8)</a> mailbox delivery.  Behavior is as with <a href="postconf.5.html#mailbox_command">mailbox_command</a>.
+</p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_delivery_lock">mailbox_delivery_lock</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+How to lock a UNIX-style <a href="local.8.html">local(8)</a> mailbox before attempting delivery.
+For a list of available file locking methods, use the "<b>postconf
+-l</b>" command.
+</p>
+
+<p>
+This setting is ignored with <b>maildir</b> style delivery,
+because such deliveries are safe without explicit locks.
+</p>
+
+<p>
+Note: The <b>dotlock</b> method requires that the recipient UID or
+GID has write access to the parent directory of the mailbox file.
+</p>
+
+<p>
+Note: the default setting of this parameter is system dependent.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_size_limit">mailbox_size_limit</a>
+(default: 51200000)</b></DT><DD>
+
+<p> The maximal size of any <a href="local.8.html">local(8)</a> individual mailbox or maildir
+file, or zero (no limit).  In fact, this limits the size of any
+file that is written to upon local delivery, including files written
+by external commands that are executed by the <a href="local.8.html">local(8)</a> delivery
+agent.  </p>
+
+<p>
+This limit must not be smaller than the message size limit.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_transport">mailbox_transport</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional message delivery transport that the <a href="local.8.html">local(8)</a> delivery
+agent should use for mailbox delivery to all local recipients,
+whether or not they are found in the UNIX passwd database.
+</p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+
+</DD>
+
+<DT><b><a name="mailbox_transport_maps">mailbox_transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with per-recipient message delivery
+transports to use for <a href="local.8.html">local(8)</a> mailbox delivery, whether or not the
+recipients are found in the UNIX passwd database. </p>
+
+<p> The precedence of <a href="local.8.html">local(8)</a> delivery features from high to low
+is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
+<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
+<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="mailq_path">mailq_path</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Sendmail compatibility feature that specifies where the Postfix
+<a href="mailq.1.html">mailq(1)</a> command is installed. This command can be used to
+list the Postfix mail queue.
+</p>
+
+
+</DD>
+
+<DT><b><a name="manpage_directory">manpage_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Where the Postfix manual pages are installed.
+</p>
+
+
+</DD>
+
+<DT><b><a name="maps_rbl_domains">maps_rbl_domains</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Obsolete feature: use the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> feature instead.
+</p>
+
+
+</DD>
+
+<DT><b><a name="maps_rbl_reject_code">maps_rbl_reject_code</a>
+(default: 554)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a remote SMTP
+client request is blocked by the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
+<a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a>, <a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or
+<a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="masquerade_classes">masquerade_classes</a>
+(default: envelope_sender, header_sender, header_recipient)</b></DT><DD>
+
+<p>
+What addresses are subject to address masquerading.
+</p>
+
+<p>
+By default, address masquerading is limited to envelope sender
+addresses, and to header sender and header recipient addresses.
+This allows you to use address masquerading on a mail gateway while
+still being able to forward mail to users on individual machines.
+</p>
+
+<p>
+Specify zero or more of: envelope_sender, envelope_recipient,
+header_sender, header_recipient
+</p>
+
+
+</DD>
+
+<DT><b><a name="masquerade_domains">masquerade_domains</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional list of domains whose subdomain structure will be stripped
+off in email addresses.
+</p>
+
+<p>
+The list is processed left to right, and processing stops at the
+first match.  Thus,
+</p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#masquerade_domains">masquerade_domains</a> = foo.example.com example.com
+</pre>
+</blockquote>
+
+<p>
+strips "user@any.thing.foo.example.com" to "user@foo.example.com",
+but strips "user@any.thing.else.example.com" to "user@example.com".
+</p>
+
+<p>
+A domain name prefixed with ! means do not masquerade this domain
+or its subdomains. Thus,
+</p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#masquerade_domains">masquerade_domains</a> = !foo.example.com example.com
+</pre>
+</blockquote>
+
+<p>
+does not change "user@any.thing.foo.example.com" or "user@foo.example.com",
+but strips "user@any.thing.else.example.com" to "user@example.com".
+</p>
+
+<p> Note: with Postfix version 2.2, message header address masquerading
+happens only when message header address rewriting is enabled: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#masquerade_domains">masquerade_domains</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="masquerade_exceptions">masquerade_exceptions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional list of user names that are not subjected to address
+masquerading, even when their address matches $<a href="postconf.5.html#masquerade_domains">masquerade_domains</a>.
+</p>
+
+<p>
+By default, address masquerading makes no exceptions.
+</p>
+
+<p>
+Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
+separated by commas and/or whitespace. The list is matched left to
+right, and the search stops on the first match. A "/file/name"
+pattern is replaced
+by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name
+matches a lookup key (the lookup result is ignored).  Continue long
+lines by starting the next line with whitespace. Specify "!pattern"
+to exclude a name from the list. The form "!/file/name" is supported
+only in Postfix version 2.4 and later.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> = root, mailer-daemon
+<a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> = root
+</pre>
+
+
+</DD>
+
+<DT><b><a name="master_service_disable">master_service_disable</a>
+(default: empty)</b></DT><DD>
+
+<p> Selectively disable <a href="master.8.html">master(8)</a> listener ports by service type
+or by service name and type.  Specify a list of service types
+("inet", "unix", "fifo", or "pass") or "name/type" tuples, where
+"name" is the first field of a <a href="master.5.html">master.cf</a> entry and "type" is a
+service type. As with other Postfix matchlists, a search stops at
+the first match.  Specify "!pattern" to exclude a service from the
+list. By default, all <a href="master.8.html">master(8)</a> listener ports are enabled.  </p>
+
+<p> Note: this feature does not support "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
+patterns, nor does it support wildcards such as "*" or "all". This
+is intentional. </p>
+
+<p> Examples: </p>
+
+<pre>
+# With Postfix 2.6..2.10 use '.' instead of '/'.
+# Turn on all <a href="master.8.html">master(8)</a> listener ports (the default).
+<a href="postconf.5.html#master_service_disable">master_service_disable</a> =
+# Turn off only the main SMTP listener port.
+<a href="postconf.5.html#master_service_disable">master_service_disable</a> = smtp/inet
+# Turn off all TCP/IP listener ports.
+<a href="postconf.5.html#master_service_disable">master_service_disable</a> = inet
+# Turn off all TCP/IP listener ports except "foo".
+<a href="postconf.5.html#master_service_disable">master_service_disable</a> = !foo/inet, inet
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="max_idle">max_idle</a>
+(default: 100s)</b></DT><DD>
+
+<p>
+The maximum amount of time that an idle Postfix daemon process waits
+for an incoming connection before terminating voluntarily.  This
+parameter
+is ignored by the Postfix queue manager and by other long-lived
+Postfix daemon processes.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="max_use">max_use</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The maximal number of incoming connections that a Postfix daemon
+process will service before terminating voluntarily.  This parameter
+is ignored by the Postfix queue
+manager and by other long-lived Postfix daemon processes.
+</p>
+
+
+</DD>
+
+<DT><b><a name="maximal_backoff_time">maximal_backoff_time</a>
+(default: 4000s)</b></DT><DD>
+
+<p>
+The maximal time between attempts to deliver a deferred message.
+</p>
+
+<p> This parameter should be set to a value greater than or equal
+to $<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>. See also $<a href="postconf.5.html#queue_run_delay">queue_run_delay</a>.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="maximal_queue_lifetime">maximal_queue_lifetime</a>
+(default: 5d)</b></DT><DD>
+
+<p>
+Consider a message as undeliverable, when delivery fails with a
+temporary error, and the time in the queue has reached the
+<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a> limit.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is d (days).
+</p>
+
+<p>
+Specify 0 when mail delivery should be tried only once.
+</p>
+
+
+</DD>
+
+<DT><b><a name="message_drop_headers">message_drop_headers</a>
+(default: bcc, content-length, resent-bcc, return-path)</b></DT><DD>
+
+<p> Names of message headers that the <a href="cleanup.8.html">cleanup(8)</a> daemon will remove
+after applying <a href="header_checks.5.html">header_checks(5)</a> and before invoking Milter applications.
+The default setting is compatible with Postfix &lt; 3.0. </p>
+
+<p> Specify a list of header names, separated by comma or space.
+Names are matched in a case-insensitive manner.  The list of supported
+header names is limited only by available memory.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="message_reject_characters">message_reject_characters</a>
+(default: empty)</b></DT><DD>
+
+<p> The set of characters that Postfix will reject in message
+content.  The usual C-like escape sequences are recognized: <tt>\a
+\b \f \n \r \t \v \<i>ddd</i></tt> (up to three octal digits) and
+<tt>\\</tt>. </p>
+
+<p> Note 1: this feature does not recognize text that requires MIME
+decoding. It inspects raw message content, just like <a href="postconf.5.html#header_checks">header_checks</a>
+and <a href="postconf.5.html#body_checks">body_checks</a>.  </p>
+
+<p> Note 2: this feature is disabled with "<a href="postconf.5.html#receive_override_options">receive_override_options</a>
+= <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>".  </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#message_reject_characters">message_reject_characters</a> = \0
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="message_size_limit">message_size_limit</a>
+(default: 10240000)</b></DT><DD>
+
+<p>
+The maximal size in bytes of a message, including envelope information.
+</p>
+
+<p> Note: be careful when making changes.  Excessively small values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds the local or remote MTA's message size limit.
+</p>
+
+
+</DD>
+
+<DT><b><a name="message_strip_characters">message_strip_characters</a>
+(default: empty)</b></DT><DD>
+
+<p> The set of characters that Postfix will remove from message
+content.  The usual C-like escape sequences are recognized: <tt>\a
+\b \f \n \r \t \v \<i>ddd</i></tt> (up to three octal digits) and
+<tt>\\</tt>. </p>
+
+<p> Note 1: this feature does not recognize text that requires MIME
+decoding. It inspects raw message content, just like <a href="postconf.5.html#header_checks">header_checks</a>
+and <a href="postconf.5.html#body_checks">body_checks</a>.  </p>
+
+<p> Note 2: this feature is disabled with "<a href="postconf.5.html#receive_override_options">receive_override_options</a>
+= <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>".  </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#message_strip_characters">message_strip_characters</a> = \0
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="meta_directory">meta_directory</a>
+(default: see 'postconf -d' output)</b></DT><DD>
+
+<p> The location of non-executable files that are shared among
+multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
+and the multi-instance template files <a href="postconf.5.html">main.cf</a>.proto and <a href="master.5.html">master.cf</a>.proto.
+This directory should contain only Postfix-related files.  Typically,
+the <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default as the <a href="postconf.5.html#config_directory">config_directory</a>
+parameter (/etc/postfix or /usr/local/etc/postfix).  </p>
+
+<p> For backwards compatibility with Postfix versions 2.6..2.11,
+specify "<a href="postconf.5.html#meta_directory">meta_directory</a> = $<a href="postconf.5.html#daemon_directory">daemon_directory</a>" in <a href="postconf.5.html">main.cf</a> before
+installing or upgrading Postfix, or specify "<a href="postconf.5.html#meta_directory">meta_directory</a> =
+/path/name" on the "make makefiles", "make install" or "make upgrade"
+command line.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_command_timeout">milter_command_timeout</a>
+(default: 30s)</b></DT><DD>
+
+<p> The time limit for sending an SMTP command to a Milter (mail
+filter) application, and for receiving the response.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit). </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds). </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_connect_macros">milter_connect_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after completion of an SMTP connection. See <a href="MILTER_README.html">MILTER_README</a>
+for a list of available macro names and their meanings. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_connect_timeout">milter_connect_timeout</a>
+(default: 30s)</b></DT><DD>
+
+<p> The time limit for connecting to a Milter (mail filter)
+application, and for negotiating protocol options. </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit). </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds). </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_content_timeout">milter_content_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p> The time limit for sending message content to a Milter (mail
+filter) application, and for receiving the response.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit). </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks). The default time unit is s (seconds). </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_data_macros">milter_data_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to version 4 or higher Milter (mail
+filter) applications after the SMTP DATA command. See <a href="MILTER_README.html">MILTER_README</a>
+for a list of available macro names and their meanings.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_default_action">milter_default_action</a>
+(default: tempfail)</b></DT><DD>
+
+<p> The default action when a Milter (mail filter) application is
+unavailable or mis-configured. Specify one of the following: </p>
+
+<dl compact>
+
+<dt>accept</dt> <dd>Proceed as if the mail filter was not present.
+</dd>
+
+<dt>reject</dt> <dd>Reject all further commands in this session
+with a permanent status code.</dd>
+
+<dt>tempfail</dt> <dd>Reject all further commands in this session
+with a temporary status code. </dd>
+
+<dt>quarantine</dt> <dd>Like "accept", but freeze the message in
+the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>. Available with Postfix 2.6 and later. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_end_of_data_macros">milter_end_of_data_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after the message end-of-data. See <a href="MILTER_README.html">MILTER_README</a> for a list of
+available macro names and their meanings.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_end_of_header_macros">milter_end_of_header_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after the end of the message header. See <a href="MILTER_README.html">MILTER_README</a> for a list
+of available macro names and their meanings.  </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_header_checks">milter_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables for content inspection of message headers
+that are produced by Milter applications.  See the <a href="header_checks.5.html">header_checks(5)</a>
+manual page available actions. Currently, PREPEND is not implemented.
+</p>
+
+<p> The following example sends all mail that is marked as SPAM to
+a spam handling machine. Note that matches are case-insensitive
+by default. </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>
+</pre>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>:
+    /^X-SPAM-FLAG:\s+YES/ FILTER mysmtp:sanitizer.example.com:25
+</pre>
+
+<p> The <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> mechanism could also be used for
+whitelisting. For example it could be used to skip heavy content
+inspection for DKIM-signed mail from known friendly domains. </p>
+
+<p> This feature is available in Postfix 2.7, and as an optional
+patch for Postfix 2.6. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_helo_macros">milter_helo_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after the SMTP HELO or EHLO command. See
+<a href="MILTER_README.html">MILTER_README</a> for a list of available macro names and their meanings.
+</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_macro_daemon_name">milter_macro_daemon_name</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p> The {daemon_name} macro value for Milter (mail filter) applications.
+See <a href="MILTER_README.html">MILTER_README</a> for a list of available macro names and their
+meanings.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_macro_defaults">milter_macro_defaults</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional list of <i>name=value</i> pairs that specify default
+values for arbitrary macros that Postfix may send to Milter
+applications.  These defaults are used when there is no corresponding
+information from the message delivery context. </p>
+
+<p> Specify <i>name=value</i> or <i>{name}=value</i> pairs separated
+by comma or whitespace.  Enclose a pair in "{}" when a value contains
+comma or whitespace (this form ignores whitespace after the enclosing
+"{", around the "=", and before the enclosing "}"). </p>
+
+<p> This feature is available in Postfix 3.1 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="milter_macro_v">milter_macro_v</a>
+(default: $<a href="postconf.5.html#mail_name">mail_name</a> $<a href="postconf.5.html#mail_version">mail_version</a>)</b></DT><DD>
+
+<p> The {v} macro value for Milter (mail filter) applications.
+See <a href="MILTER_README.html">MILTER_README</a> for a list of available macro names and their
+meanings.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_mail_macros">milter_mail_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after the SMTP MAIL FROM command. See <a href="MILTER_README.html">MILTER_README</a>
+for a list of available macro names and their meanings. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_protocol">milter_protocol</a>
+(default: 6)</b></DT><DD>
+
+<p> The mail filter protocol version and optional protocol extensions
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2. Postfix
+sends this version number during the initial protocol handshake.
+It should match the version number that is expected by the mail
+filter application (or by its Milter library).  </p>
+
+<p>Protocol versions: </p>
+
+<dl compact>
+
+<dt>2</dt> <dd>Use Sendmail 8 mail filter protocol version 2 (default
+with Sendmail version 8.11 .. 8.13 and Postfix version 2.3 ..
+2.5).</dd>
+
+<dt>3</dt> <dd>Use Sendmail 8 mail filter protocol version 3.</dd>
+
+<dt>4</dt> <dd>Use Sendmail 8 mail filter protocol version 4.</dd>
+
+<dt>6</dt> <dd>Use Sendmail 8 mail filter protocol version 6 (default
+with Sendmail version 8.14 and Postfix version 2.6).</dd>
+
+</dl>
+
+<p>Protocol extensions: </p>
+
+<dl compact>
+
+<dt>no_header_reply</dt> <dd> Specify this when the Milter application
+will not reply for each individual message header.</dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_rcpt_macros">milter_rcpt_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to Milter (mail filter) applications
+after the SMTP RCPT TO command. See <a href="MILTER_README.html">MILTER_README</a>
+for a list of available macro names and their meanings. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="milter_unknown_command_macros">milter_unknown_command_macros</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The macros that are sent to version 3 or higher Milter (mail
+filter) applications after an unknown SMTP command.  See <a href="MILTER_README.html">MILTER_README</a>
+for a list of available macro names and their meanings.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="mime_boundary_length_limit">mime_boundary_length_limit</a>
+(default: 2048)</b></DT><DD>
+
+<p>
+The maximal length of MIME multipart boundary strings. The MIME
+processor is unable to distinguish between boundary strings that
+do not differ in the first $<a href="postconf.5.html#mime_boundary_length_limit">mime_boundary_length_limit</a> characters.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mime_header_checks">mime_header_checks</a>
+(default: $<a href="postconf.5.html#header_checks">header_checks</a>)</b></DT><DD>
+
+<p>
+Optional lookup tables for content inspection of MIME related
+message headers, as described in the <a href="header_checks.5.html">header_checks(5)</a> manual page.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mime_nesting_limit">mime_nesting_limit</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The maximal recursion level that the MIME processor will handle.
+Postfix refuses mail that is nested deeper than the specified limit.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="minimal_backoff_time">minimal_backoff_time</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The minimal time between attempts to deliver a deferred message;
+prior to Postfix 2.4 the default value was 1000s.
+</p>
+
+<p>
+This parameter also limits the time an unreachable destination is
+kept in the short-term, in-memory, destination status cache.
+</p>
+
+<p> This parameter should be set greater than or equal to
+$<a href="postconf.5.html#queue_run_delay">queue_run_delay</a>. See also $<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a>.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="multi_instance_directories">multi_instance_directories</a>
+(default: empty)</b></DT><DD>
+
+<p> An optional list of non-default Postfix configuration directories;
+these directories belong to additional Postfix instances that share
+the Postfix executable files and documentation with the default
+Postfix instance, and that are started, stopped, etc., together
+with the default Postfix instance.  Specify a list of pathnames
+separated by comma or whitespace.  </p>
+
+<p> When $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> is empty, the <a href="postfix.1.html">postfix(1)</a> command
+runs in single-instance mode and operates on a single Postfix
+instance only. Otherwise, the <a href="postfix.1.html">postfix(1)</a> command runs in multi-instance
+mode and invokes the multi-instance manager specified with the
+<a href="postconf.5.html#multi_instance_wrapper">multi_instance_wrapper</a> parameter. The multi-instance manager in
+turn executes <a href="postfix.1.html">postfix(1)</a> commands for the default instance and for
+all Postfix instances in $<a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>.  </p>
+
+<p> Currently, this parameter setting is ignored except for the
+default <a href="postconf.5.html">main.cf</a> file. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="multi_instance_enable">multi_instance_enable</a>
+(default: no)</b></DT><DD>
+
+<p> Allow this Postfix instance to be started, stopped, etc., by a
+multi-instance manager.  By default, new instances are created in
+a safe state that prevents them from being started inadvertently.
+This parameter is reserved for the multi-instance manager.  </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="multi_instance_group">multi_instance_group</a>
+(default: empty)</b></DT><DD>
+
+<p> The optional instance group name of this Postfix instance. A
+group identifies closely-related Postfix instances that the
+multi-instance manager can start, stop, etc., as a unit.  This
+parameter is reserved for the multi-instance manager. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="multi_instance_name">multi_instance_name</a>
+(default: empty)</b></DT><DD>
+
+<p> The optional instance name of this Postfix instance. This name
+becomes also the default value for the <a href="postconf.5.html#syslog_name">syslog_name</a> parameter. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="multi_instance_wrapper">multi_instance_wrapper</a>
+(default: empty)</b></DT><DD>
+
+<p> The pathname of a multi-instance manager command that the
+<a href="postfix.1.html">postfix(1)</a> command invokes when the <a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a>
+parameter value is non-empty. The pathname may be followed by
+initial command arguments separated by whitespace; shell
+metacharacters such as quotes are not supported in this context.
+</p>
+
+<p> The <a href="postfix.1.html">postfix(1)</a> command invokes the manager command with the
+<a href="postfix.1.html">postfix(1)</a> non-option command arguments on the manager command line,
+and with all installation configuration parameters exported into
+the manager command process environment. The manager command in
+turn invokes the <a href="postfix.1.html">postfix(1)</a> command for individual Postfix instances
+as "postfix -c <i><a href="postconf.5.html#config_directory">config_directory</a></i> <i>command</i>".  </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a>
+(default: 550)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a remote SMTP
+client request is blocked by the <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a>
+restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="mydestination">mydestination</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b></DT><DD>
+
+<p> The list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
+mail delivery transport. By default this is the Postfix <a href="local.8.html">local(8)</a>
+delivery agent which looks up all recipients in /etc/passwd and
+/etc/aliases. The SMTP server validates recipient addresses with
+$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> and rejects non-existent recipients. See also
+the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.
+</p>
+
+<p>
+The default <a href="postconf.5.html#mydestination">mydestination</a> value specifies names for the local
+machine only.  On a mail domain gateway, you should also include
+$<a href="postconf.5.html#mydomain">mydomain</a>.
+</p>
+
+<p>
+The $<a href="postconf.5.html#local_transport">local_transport</a> delivery method is also selected for mail
+addressed to user@[the.net.work.address] of the mail system (the
+IP addresses specified with the <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> and <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>
+parameters).
+</p>
+
+<p>
+Warnings:
+</p>
+
+<ul>
+
+<li><p>Do not specify the names of virtual domains - those domains
+are specified elsewhere. See <a href="VIRTUAL_README.html">VIRTUAL_README</a> for more information. </p>
+
+<li><p>Do not specify the names of domains that this machine is
+backup MX host for. See <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> for how to
+set up backup MX hosts. </p>
+
+<li><p>By default, the Postfix SMTP server rejects mail for recipients
+not listed with the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> parameter.  See the
+<a href="postconf.5.html">postconf(5)</a> manual for a description of the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>
+and <a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> parameters. </p>
+
+</ul>
+
+<p>
+Specify a list of host or domain names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
+patterns, separated by commas and/or whitespace. A "/file/name"
+pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
+is matched when a name matches a lookup key (the lookup result is
+ignored).  Continue long lines by starting the next line with
+whitespace.  </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a> $<a href="postconf.5.html#mydomain">mydomain</a>
+<a href="postconf.5.html#mydestination">mydestination</a> = $<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a> www.$<a href="postconf.5.html#mydomain">mydomain</a>, ftp.$<a href="postconf.5.html#mydomain">mydomain</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mydomain">mydomain</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The internet domain name of this mail system.  The default is to
+use $<a href="postconf.5.html#myhostname">myhostname</a> minus the first component, or "localdomain" (Postfix
+2.3 and later).  $<a href="postconf.5.html#mydomain">mydomain</a> is used as
+a default value for many other configuration parameters.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#mydomain">mydomain</a> = domain.tld
+</pre>
+
+
+</DD>
+
+<DT><b><a name="myhostname">myhostname</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The internet hostname of this mail system. The default is to use
+the fully-qualified domain name (FQDN) from gethostname(), or to
+use the non-FQDN result from gethostname() and append ".$<a href="postconf.5.html#mydomain">mydomain</a>".
+$<a href="postconf.5.html#myhostname">myhostname</a> is used as a default value for many other configuration
+parameters.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#myhostname">myhostname</a> = host.example.com
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mynetworks">mynetworks</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The list of "trusted" remote SMTP clients that have more privileges than
+"strangers".
+</p>
+
+<p>
+In particular, "trusted" SMTP clients are allowed to relay mail
+through Postfix.  See the <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> parameter
+description in the <a href="postconf.5.html">postconf(5)</a> manual.
+</p>
+
+<p>
+You can specify the list of "trusted" network addresses by hand
+or you can let Postfix do it for you (which is the default).
+See the description of the <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> parameter for more
+information.
+</p>
+
+<p>
+If you specify the <a href="postconf.5.html#mynetworks">mynetworks</a> list by hand,
+Postfix ignores the <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> setting.
+</p>
+
+<p> Specify a list of network addresses or network/netmask patterns,
+separated by commas and/or whitespace. Continue long lines by
+starting the next line with whitespace. </p>
+
+<p> The netmask specifies the number of bits in the network part
+of a host address.  You can also specify "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
+patterns.  A "/file/name" pattern is replaced by its contents; a
+"<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table entry matches a
+lookup string (the lookup result is ignored). </p>
+
+<p> The list is matched left to right, and the search stops on the
+first match.  Specify "!pattern" to exclude an address or network
+block from the list. The form "!/file/name" is supported only
+in Postfix version 2.4 and later. </p>
+
+<p> Note 1: Pattern matching of domain names is controlled by the
+or absence of "<a href="postconf.5.html#mynetworks">mynetworks</a>" in the <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+parameter value.  </p>
+
+<p> Note 2: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#mynetworks">mynetworks</a> value, and in files specified with
+"/file/name".  IP version 6 addresses contain the ":" character,
+and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>" pattern.  </p>
+
+<p> Examples:  </p>
+
+<pre>
+<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28
+<a href="postconf.5.html#mynetworks">mynetworks</a> = !192.168.0.1, 192.168.0.0/28
+<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
+<a href="postconf.5.html#mynetworks">mynetworks</a> = $<a href="postconf.5.html#config_directory">config_directory</a>/mynetworks
+<a href="postconf.5.html#mynetworks">mynetworks</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/network_table
+</pre>
+
+
+</DD>
+
+<DT><b><a name="mynetworks_style">mynetworks_style</a>
+(default: Postfix &ge; 3.0: host, Postfix &lt; 3.0: subnet)</b></DT><DD>
+
+<p>
+The method to generate the default value for the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter.
+This is the list of trusted networks for relay access control etc.
+</p>
+
+<ul>
+
+<li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host" when Postfix should
+"trust" only the local machine. </p>
+
+<li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" when Postfix
+should "trust" remote SMTP clients in the same IP subnetworks as the local
+machine.  On Linux, this works correctly only with interfaces
+specified with the "ifconfig" command. </p>
+
+<li><p>Specify "<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = class" when Postfix should
+"trust" remote SMTP clients in the same IP class A/B/C networks as the
+local machine.  Caution: this may cause
+Postfix to "trust" your entire provider's network.  Instead, specify
+an explicit <a href="postconf.5.html#mynetworks">mynetworks</a> list by hand, as described with the <a href="postconf.5.html#mynetworks">mynetworks</a>
+configuration parameter. </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="myorigin">myorigin</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p>
+The domain name that locally-posted mail appears to come
+from, and that locally posted mail is delivered to. The default,
+$<a href="postconf.5.html#myhostname">myhostname</a>, is adequate for small sites.  If you run a domain with
+multiple machines, you should (1) change this to $<a href="postconf.5.html#mydomain">mydomain</a> and (2)
+set up a domain-wide alias database that aliases each user to
+user@that.users.mailhost.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="nested_header_checks">nested_header_checks</a>
+(default: $<a href="postconf.5.html#header_checks">header_checks</a>)</b></DT><DD>
+
+<p>
+Optional lookup tables for content inspection of non-MIME message
+headers in attached messages, as described in the <a href="header_checks.5.html">header_checks(5)</a>
+manual page.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="newaliases_path">newaliases_path</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Sendmail compatibility feature that specifies the location of the
+<a href="newaliases.1.html">newaliases(1)</a> command. This command can be used to rebuild the
+<a href="local.8.html">local(8)</a> <a href="aliases.5.html">aliases(5)</a> database.
+</p>
+
+
+</DD>
+
+<DT><b><a name="non_fqdn_reject_code">non_fqdn_reject_code</a>
+(default: 504)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server reply code when a client request
+is rejected by the <a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>, <a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a>
+or <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction.
+</p>
+
+
+</DD>
+
+<DT><b><a name="non_smtpd_milters">non_smtpd_milters</a>
+(default: empty)</b></DT><DD>
+
+<p> A list of Milter (mail filter) applications for new mail that
+does not arrive via the Postfix <a href="smtpd.8.html">smtpd(8)</a> server. This includes local
+submission via the <a href="sendmail.1.html">sendmail(1)</a> command line, new mail that arrives
+via the Postfix <a href="qmqpd.8.html">qmqpd(8)</a> server, and old mail that is re-injected
+into the queue with "postsuper -r".  Specify space or comma as
+separator. See the <a href="MILTER_README.html">MILTER_README</a> document for details.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="notify_classes">notify_classes</a>
+(default: resource, software)</b></DT><DD>
+
+<p>
+The list of error classes that are reported to the postmaster. The
+default is to report only the most serious problems. The paranoid
+may wish to turn on the policy (UCE and mail relaying) and protocol
+error (broken mail software) reports.
+</p>
+
+<p> NOTE: postmaster notifications may contain confidential information
+such as SASL passwords or message content.  It is the system
+administrator's responsibility to treat such information with care.
+</p>
+
+<p>
+The error classes are:
+</p>
+
+<dl>
+
+<dt><b>bounce</b> (also implies <b>2bounce</b>)</dt>
+
+<dd>Send the postmaster copies of the headers of bounced mail, and
+send transcripts of SMTP sessions when Postfix rejects mail. The
+notification is sent to the address specified with the
+<a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter (default: postmaster).
+</dd>
+
+<dt><b>2bounce</b></dt>
+
+<dd>Send undeliverable bounced mail to the postmaster. The notification
+is sent to the address specified with the <a href="postconf.5.html#2bounce_notice_recipient">2bounce_notice_recipient</a>
+configuration parameter (default: postmaster). </dd>
+
+<dt><b>data</b></dt>
+
+<dd>Send the postmaster a transcript of the SMTP session with an
+error because a critical data file was unavailable. The notification
+is sent to the address specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a>
+configuration parameter (default: postmaster). <br> This feature
+is available in Postfix 2.9 and later.  </dd>
+
+<dt><b>delay</b></dt>
+
+<dd>Send the postmaster copies of the headers of delayed mail (see
+<a href="postconf.5.html#delay_warning_time">delay_warning_time</a>). The
+notification is sent to the address specified with the
+<a href="postconf.5.html#delay_notice_recipient">delay_notice_recipient</a> configuration parameter (default: postmaster).
+</dd>
+
+<dt><b>policy</b></dt>
+
+<dd>Send the postmaster a transcript of the SMTP session when a
+client request was rejected because of (UCE) policy. The notification
+is sent to the address specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a>
+configuration parameter (default: postmaster).  </dd>
+
+<dt><b>protocol</b></dt>
+
+<dd>Send the postmaster a transcript of the SMTP session in case
+of client or server protocol errors. The notification is sent to
+the address specified with the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration
+parameter (default: postmaster). </dd>
+
+<dt><b>resource</b></dt>
+
+<dd>Inform the postmaster of mail not delivered due to resource
+problems.  The notification is sent to the address specified with
+the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration parameter (default:
+postmaster). </dd>
+
+<dt><b>software</b></dt>
+
+<dd>Inform the postmaster of mail not delivered due to software
+problems.  The notification is sent to the address specified with
+the <a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> configuration parameter (default:
+postmaster). </dd>
+
+</dl>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#notify_classes">notify_classes</a> = bounce, delay, policy, protocol, resource, software
+<a href="postconf.5.html#notify_classes">notify_classes</a> = 2bounce, resource, software
+</pre>
+
+
+</DD>
+
+<DT><b><a name="nullmx_reject_code">nullmx_reject_code</a>
+(default: 556)</b></DT><DD>
+
+<p> The numerical reply code when the Postfix SMTP server rejects
+a sender or recipient address because its domain has a nullmx DNS
+record (an MX record with an empty hostname). This is one of the
+possible replies from the restrictions <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
+and <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a>. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="openssl_path">openssl_path</a>
+(default: openssl)</b></DT><DD>
+
+<p>
+The location of the OpenSSL command line program openssl(1).  This
+is used by the "<b><a href="postfix-tls.1.html">postfix tls</a></b>" command to create private keys,
+certificate signing requests, self-signed certificates, and to
+compute public key digests for DANE TLSA records.  In multi-instance
+environments, this parameter is always determined from the configuration
+of the default Postfix instance.
+</p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    # NetBSD pkgsrc:
+    <a href="postconf.5.html#openssl_path">openssl_path</a> = /usr/pkg/bin/openssl
+    # Local build:
+    <a href="postconf.5.html#openssl_path">openssl_path</a> = /usr/local/bin/openssl
+</pre>
+</blockquote>
+
+<p>
+This feature is available in Postfix 3.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="owner_request_special">owner_request_special</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Give special treatment to owner-listname and listname-request
+address localparts: don't split such addresses when the
+<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> is set to "-".  This feature is useful for
+mailing lists.
+</p>
+
+
+</DD>
+
+<DT><b><a name="parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+A list of Postfix features where the pattern "example.com" also
+matches subdomains of example.com,
+instead of requiring an explicit ".example.com" pattern.  This is
+planned backwards compatibility:  eventually, all Postfix features
+are expected to require explicit ".example.com" style patterns when
+you really want to match subdomains.
+</p>
+
+<p> The following Postfix feature names are supported. </p>
+
+<dl>
+
+<dt> Postfix version 1.0 and later</dt>
+
+<dd>
+<a href="postconf.5.html#debug_peer_list">debug_peer_list</a>,
+<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a>,
+<a href="postconf.5.html#mynetworks">mynetworks</a>,
+<a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>,
+<a href="postconf.5.html#relay_domains">relay_domains</a>,
+<a href="postconf.5.html#transport_maps">transport_maps</a>
+</dd>
+
+<dt> Postfix version 1.1 and later</dt>
+
+<dd>
+<a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a>,
+smtpd_access_maps,
+</dd>
+
+<dt> Postfix version 2.8 and later </dt>
+
+<dd>
+<a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a>
+</dd>
+
+<dt> Postfix version 3.0 and later </dt>
+
+<dd>
+<a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a>
+</dd>
+
+</dl>
+
+
+</DD>
+
+<DT><b><a name="permit_mx_backup_networks">permit_mx_backup_networks</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP access feature to
+only domains whose primary MX hosts match the listed networks.
+The parameter value syntax is the same as with the <a href="postconf.5.html#mynetworks">mynetworks</a>
+parameter; note, however, that the default value is empty.  </p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>" in the
+<a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter value.  </p>
+
+
+</DD>
+
+<DT><b><a name="pickup_service_name">pickup_service_name</a>
+(default: pickup)</b></DT><DD>
+
+<p>
+The name of the <a href="pickup.8.html">pickup(8)</a> service. This service picks up local mail
+submissions from the Postfix <a href="QSHAPE_README.html#maildrop_queue">maildrop queue</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="pipe_delivery_status_filter">pipe_delivery_status_filter</a>
+(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
+
+<p> Optional filter for the <a href="pipe.8.html">pipe(8)</a> delivery agent to change the
+delivery status code or explanatory text of successful or unsuccessful
+deliveries.  See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="plaintext_reject_code">plaintext_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a request
+is rejected by the <b><a href="postconf.5.html#reject_plaintext_session">reject_plaintext_session</a></b> restriction.
+</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postmulti_control_commands">postmulti_control_commands</a>
+(default: reload flush)</b></DT><DD>
+
+<p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager
+treats as "control" commands, that operate on running instances. For
+these commands, disabled instances are skipped. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postmulti_start_commands">postmulti_start_commands</a>
+(default: start)</b></DT><DD>
+
+<p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager treats
+as "start" commands. For these commands, disabled instances are "checked"
+rather than "started", and failure to "start" a member instance of an
+instance group will abort the start-up of later instances. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postmulti_stop_commands">postmulti_stop_commands</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The <a href="postfix.1.html">postfix(1)</a> commands that the <a href="postmulti.1.html">postmulti(1)</a> instance manager treats
+as "stop" commands. For these commands, disabled instances are skipped,
+and enabled instances are processed in reverse order. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_access_list">postscreen_access_list</a>
+(default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>)</b></DT><DD>
+
+<p> Permanent white/blacklist for remote SMTP client IP addresses.
+<a href="postscreen.8.html">postscreen(8)</a> searches this list immediately after a remote SMTP
+client connects.  Specify a comma- or whitespace-separated list of
+commands (in upper or lower case) or lookup tables. The search stops
+upon the first command that fires for the client IP address. </p>
+
+<dl>
+
+<dt> <b> <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a> </b> </dt> <dd> Whitelist the client and
+terminate the search if the client IP address matches $<a href="postconf.5.html#mynetworks">mynetworks</a>.
+Do not subject the client to any before/after 220 greeting tests.
+Pass the connection immediately to a Postfix SMTP server process.
+<br> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a>" in the
+<a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter value. </dd>
+
+<dt> <b> <a href="DATABASE_README.html">type:table</a> </b> </dt> <dd> Query the specified lookup
+table. Each table lookup result is an access list, except that
+access lists inside a table cannot specify <a href="DATABASE_README.html">type:table</a> entries.  <br>
+To discourage the use of hash, btree, etc. tables, there is no
+support for substring matching like <a href="smtpd.8.html">smtpd(8)</a>. Use CIDR tables
+instead.  </dd>
+
+<dt> <b> permit </b> </dt> <dd> Whitelist the client and terminate
+the search. Do not subject the client to any before/after 220
+greeting tests. Pass the connection immediately to a Postfix SMTP
+server process. </dd>
+
+<dt> <b> reject </b> </dt> <dd> Blacklist the client and terminate
+the search. Subject the client to the action configured with the
+<a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> configuration parameter. </dd>
+
+<dt> <b> dunno </b> </dt> <dd> All <a href="postscreen.8.html">postscreen(8)</a> access lists
+implicitly have this command at the end. <br> When <b> dunno </b>
+is executed inside a lookup table, return from the lookup table and
+evaluate the next command.  <br> When <b> dunno </b> is executed
+outside a lookup table, terminate the search, and subject the client
+to the configured before/after 220 greeting tests. </dd>
+
+</dl>
+
+<p> Example: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
+                <a href="cidr_table.5.html">cidr</a>:/etc/postfix/postscreen_access.cidr
+    <a href="postconf.5.html#postscreen_blacklist_action">postscreen_blacklist_action</a> = enforce
+</pre>
+
+<pre>
+/etc/postfix/postscreen_access.<a href="cidr_table.5.html">cidr</a>:
+    # Rules are evaluated in the order as specified.
+    # Blacklist 192.168.* except 192.168.0.1.
+    192.168.0.1         dunno
+    192.168.0.0/16      reject
+</pre>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_bare_newline_action">postscreen_bare_newline_action</a>
+(default: ignore)</b></DT><DD>
+
+<p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client sends
+a bare newline character, that is, a newline not preceded by carriage
+return.  Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> </dt>
+
+<dd> Ignore the failure of this test. Allow other tests to complete.
+Do <i>not</i> repeat this test before some the result from some
+other test expires.
+This option is useful for testing and collecting statistics
+without blocking mail permanently. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects.  </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_bare_newline_enable">postscreen_bare_newline_enable</a>
+(default: no)</b></DT><DD>
+
+<p> Enable "bare newline" SMTP protocol tests in the <a href="postscreen.8.html">postscreen(8)</a>
+server. These tests are expensive: a remote SMTP client must
+disconnect after
+it passes the test, before it can talk to a real Postfix SMTP server.
+</p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_bare_newline_ttl">postscreen_bare_newline_ttl</a>
+(default: 30d)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
+a successful "bare newline" SMTP protocol test. During this
+time, the client IP address is excluded from this test. The default
+is long because a remote SMTP client must disconnect after it passes
+the test,
+before it can talk to a real Postfix SMTP server. </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_blacklist_action">postscreen_blacklist_action</a>
+(default: ignore)</b></DT><DD>
+
+<p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client is
+permanently blacklisted with the <a href="postconf.5.html#postscreen_access_list">postscreen_access_list</a> parameter.
+Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> (default) </dt>
+
+<dd> Ignore  this result. Allow other tests to complete.  Repeat
+this test the next time the client connects.
+This option is useful for testing and collecting statistics
+without blocking mail. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_cache_cleanup_interval">postscreen_cache_cleanup_interval</a>
+(default: 12h)</b></DT><DD>
+
+<p> The amount of time between <a href="postscreen.8.html">postscreen(8)</a> cache cleanup runs.
+Cache cleanup increases the load on the cache database and should
+therefore not be run frequently. This feature requires that the
+cache database supports the "delete" and "sequence" operators.
+Specify a zero interval to disable cache cleanup. </p>
+
+<p> After each cache cleanup run, the <a href="postscreen.8.html">postscreen(8)</a> daemon logs the
+number of entries that were retained and dropped. A cleanup run is
+logged as "partial" when the daemon terminates early after "<b>postfix
+reload</b>", "<b>postfix stop</b>", or no requests for $<a href="postconf.5.html#max_idle">max_idle</a>
+seconds. </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks).  </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_cache_map">postscreen_cache_map</a>
+(default: <a href="DATABASE_README.html#types">btree</a>:$<a href="postconf.5.html#data_directory">data_directory</a>/postscreen_cache)</b></DT><DD>
+
+<p> Persistent storage for the <a href="postscreen.8.html">postscreen(8)</a> server decisions. </p>
+
+<p> To share a <a href="postscreen.8.html">postscreen(8)</a> cache between multiple <a href="postscreen.8.html">postscreen(8)</a>
+instances, use "<a href="postconf.5.html#postscreen_cache_map">postscreen_cache_map</a> = <a href="proxymap.8.html">proxy</a>:<a href="DATABASE_README.html#types">btree</a>:/path/to/file".
+This requires Postfix version 2.9 or later; earlier <a href="proxymap.8.html">proxymap(8)</a>
+implementations don't support cache cleanup. For an alternative
+approach see the <a href="memcache_table.5.html">memcache_table(5)</a> manpage. </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_cache_retention_time">postscreen_cache_retention_time</a>
+(default: 7d)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will cache an expired
+temporary whitelist entry before it is removed. This prevents clients
+from being logged as "NEW" just because their cache entry expired
+an hour ago. It also prevents the cache from filling up with clients
+that passed some deep protocol test once and never came back. </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks).  </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_client_connection_count_limit">postscreen_client_connection_count_limit</a>
+(default: $<a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>)</b></DT><DD>
+
+<p> How many simultaneous connections any remote SMTP client is
+allowed to have
+with the <a href="postscreen.8.html">postscreen(8)</a> daemon. By default, this limit is the same
+as with the Postfix SMTP server. Note that the triage process can
+take several seconds, with the time spent in <a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a>
+delay, and with the time spent talking to the <a href="postscreen.8.html">postscreen(8)</a> built-in
+dummy SMTP protocol engine. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_command_count_limit">postscreen_command_count_limit</a>
+(default: 20)</b></DT><DD>
+
+<p> The limit on the total number of commands per SMTP session for
+<a href="postscreen.8.html">postscreen(8)</a>'s built-in SMTP protocol engine.  This SMTP engine
+defers or rejects all attempts to deliver mail, therefore there is
+no need to enforce separate limits on the number of junk commands
+and error commands.  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_command_filter">postscreen_command_filter</a>
+(default: $<a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>)</b></DT><DD>
+
+<p> A mechanism to transform commands from remote SMTP clients.
+See <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_command_time_limit">postscreen_command_time_limit</a>
+(default: normal: 300s, overload: 10s)</b></DT><DD>
+
+<p> The time limit to read an entire command line with <a href="postscreen.8.html">postscreen(8)</a>'s
+built-in SMTP protocol engine. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_disable_vrfy_command">postscreen_disable_vrfy_command</a>
+(default: $<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a>)</b></DT><DD>
+
+<p> Disable the SMTP VRFY command in the <a href="postscreen.8.html">postscreen(8)</a> daemon.  See
+<a href="postconf.5.html#disable_vrfy_command">disable_vrfy_command</a> for details.  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_discard_ehlo_keyword_address_maps">postscreen_discard_ehlo_keyword_address_maps</a>
+(default: $<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>)</b></DT><DD>
+
+<p> Lookup tables, indexed by the remote SMTP client address, with
+case insensitive lists of EHLO keywords (pipelining, starttls, auth,
+etc.) that the <a href="postscreen.8.html">postscreen(8)</a> server will not send in the EHLO response
+to a remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> for details.
+The table is not searched by hostname for robustness reasons.  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_discard_ehlo_keywords">postscreen_discard_ehlo_keywords</a>
+(default: $<a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>)</b></DT><DD>
+
+<p> A case insensitive list of EHLO keywords (pipelining, starttls,
+auth, etc.) that the <a href="postscreen.8.html">postscreen(8)</a> server will not send in the EHLO
+response to a remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>
+for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_action">postscreen_dnsbl_action</a>
+(default: ignore)</b></DT><DD>
+
+<p>The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client's combined
+DNSBL score is equal to or greater than a threshold (as defined
+with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> and <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>
+parameters).  Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> (default) </dt>
+
+<dd> Ignore the failure of this test. Allow other tests to complete.
+Repeat this test the next time the client connects.
+This option is useful for testing and collecting statistics
+without blocking mail. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_max_ttl">postscreen_dnsbl_max_ttl</a>
+(default: ${<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>?{$<a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>}:{1}}h)</b></DT><DD>
+
+<p> The maximum amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the
+result from a successful DNS-based reputation test before a
+client IP address is required to pass that test again. If the DNS
+reply specifies a shorter TTL value, that value will be used unless
+it would be smaller than <a href="postconf.5.html#postscreen_dnsbl_min_ttl">postscreen_dnsbl_min_ttl</a>.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 3.1. The default setting
+is backwards-compatible with older Postfix versions. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_min_ttl">postscreen_dnsbl_min_ttl</a>
+(default: 60s)</b></DT><DD>
+
+<p> The minimum amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the
+result from a successful DNS-based reputation test before a
+client IP address is required to pass that test again. If the DNS
+reply specifies a larger TTL value, that value will be used unless
+it would be larger than <a href="postconf.5.html#postscreen_dnsbl_max_ttl">postscreen_dnsbl_max_ttl</a>.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 3.1. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a>
+(default: empty)</b></DT><DD>
+
+<p> A mapping from actual DNSBL domain name which includes a secret
+password, to the DNSBL domain name that postscreen will reply with
+when it rejects mail.  When no mapping is found, the actual DNSBL
+domain will be used. </p>
+
+<p> For maximal stability it is best to use a file that is read
+into memory such as <a href="pcre_table.5.html">pcre</a>:, <a href="regexp_table.5.html">regexp</a>: or <a href="DATABASE_README.html#types">texthash</a>: (<a href="DATABASE_README.html#types">texthash</a>: is similar
+to <a href="DATABASE_README.html#types">hash</a>:, except a) there is no need to run <a href="postmap.1.html">postmap(1)</a> before the
+file can be used, and b) <a href="DATABASE_README.html#types">texthash</a>: does not detect changes after
+the file is read). </p>
+
+<p> Example: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> = <a href="DATABASE_README.html#types">texthash</a>:/etc/postfix/dnsbl_reply
+</pre>
+
+<pre>
+/etc/postfix/dnsbl_reply:
+   secret.zen.spamhaus.org      zen.spamhaus.org
+</pre>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_sites">postscreen_dnsbl_sites</a>
+(default: empty)</b></DT><DD>
+
+<p>Optional list of DNS white/blacklist domains, filters and weight
+factors. When the list is non-empty, the <a href="dnsblog.8.html">dnsblog(8)</a> daemon will
+query these domains with the IP addresses of remote SMTP clients,
+and <a href="postscreen.8.html">postscreen(8)</a> will update an SMTP client's DNSBL score with
+each non-error reply. </p>
+
+<p> Caution: when postscreen rejects mail, it replies with the DNSBL
+domain name. Use the <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> feature to hide
+"password" information in DNSBL domain names. </p>
+
+<p> When a client's score is equal to or greater than the threshold
+specified with <a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>, <a href="postscreen.8.html">postscreen(8)</a> can drop
+the connection with the remote SMTP client. </p>
+
+<p> Specify a list of domain=filter*weight entries, separated by
+comma or whitespace.  </p>
+
+<ul>
+
+<li> <p> When no "=filter" is specified, <a href="postscreen.8.html">postscreen(8)</a> will use any
+non-error DNSBL reply.  Otherwise, <a href="postscreen.8.html">postscreen(8)</a> uses only DNSBL
+replies that match the filter. The filter has the form d.d.d.d,
+where each d is a number, or a pattern inside [] that contains one
+or more ";"-separated numbers or number..number ranges.  </p>
+
+<li> <p> When no "*weight" is specified, <a href="postscreen.8.html">postscreen(8)</a> increments
+the remote SMTP client's DNSBL score by 1.  Otherwise, the weight must be
+an integral number, and <a href="postscreen.8.html">postscreen(8)</a> adds the specified weight to
+the remote SMTP client's DNSBL score.  Specify a negative number for
+whitelisting.  </p>
+
+<li> <p> When one <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> entry produces multiple
+DNSBL responses, <a href="postscreen.8.html">postscreen(8)</a> applies the weight at most once.
+</p>
+
+</ul>
+
+<p> Examples: </p>
+
+<p> To use example.com as a high-confidence blocklist, and to
+block mail with example.net and example.org only when both agree:
+</p>
+
+<pre>
+<a href="postconf.5.html#postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a> = 2
+<a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> = example.com*2, example.net, example.org
+</pre>
+
+<p> To filter only DNSBL replies containing 127.0.0.4: </p>
+
+<pre>
+<a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> = example.com=127.0.0.4
+</pre>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_threshold">postscreen_dnsbl_threshold</a>
+(default: 1)</b></DT><DD>
+
+<p> The inclusive lower bound for blocking a remote SMTP client, based on
+its combined DNSBL score as defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a>
+parameter. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_timeout">postscreen_dnsbl_timeout</a>
+(default: 10s)</b></DT><DD>
+
+<p> The time limit for DNSBL or DNSWL lookups. This is separate from
+the timeouts in the <a href="dnsblog.8.html">dnsblog(8)</a> daemon which are defined by system
+resolver(3) routines. </p>
+
+<p> This feature is available in Postfix 3.0.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>
+(default: 1h)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
+a successful DNS-based reputation test before a client
+IP address is required to pass that test again.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8-3.0. It was
+replaced by <a href="postconf.5.html#postscreen_dnsbl_max_ttl">postscreen_dnsbl_max_ttl</a> in Postfix 3.1.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_dnsbl_whitelist_threshold">postscreen_dnsbl_whitelist_threshold</a>
+(default: 0)</b></DT><DD>
+
+<p> Allow a remote SMTP client to skip "before" and "after 220
+greeting" protocol tests, based on its combined DNSBL score as
+defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.  </p>
+
+<p> Specify a negative value to enable this feature. When a client
+passes the <a href="postconf.5.html#postscreen_dnsbl_whitelist_threshold">postscreen_dnsbl_whitelist_threshold</a> without having
+failed other tests, all pending or disabled tests are flagged as
+completed with a time-to-live value equal to <a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>.
+When a test was already completed, its time-to-live value is updated
+if it was less than <a href="postconf.5.html#postscreen_dnsbl_ttl">postscreen_dnsbl_ttl</a>. </p>
+
+<p> This feature is available in Postfix 2.11.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_enforce_tls">postscreen_enforce_tls</a>
+(default: $<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b></DT><DD>
+
+<p> Mandatory TLS: announce STARTTLS support to remote SMTP clients, and
+require that clients use TLS encryption.  See smtpd_postscreen_enforce_tls
+for details.  </p>
+
+<p> This feature is available in Postfix 2.8 and later.
+Preferably, use <a href="postconf.5.html#postscreen_tls_security_level">postscreen_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_expansion_filter">postscreen_expansion_filter</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> List of characters that are permitted in <a href="postconf.5.html#postscreen_reject_footer">postscreen_reject_footer</a>
+attribute expansions.  See <a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> for further
+details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_forbidden_commands">postscreen_forbidden_commands</a>
+(default: $<a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a>)</b></DT><DD>
+
+<p> List of commands that the <a href="postscreen.8.html">postscreen(8)</a> server considers in
+violation of the SMTP protocol. See <a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> for
+syntax, and <a href="postconf.5.html#postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a> for possible actions.
+</p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_greet_action">postscreen_greet_action</a>
+(default: ignore)</b></DT><DD>
+
+<p>The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client speaks
+before its turn within the time specified with the <a href="postconf.5.html#postscreen_greet_wait">postscreen_greet_wait</a>
+parameter.  Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> (default) </dt>
+
+<dd> Ignore the failure of this test. Allow other tests to complete.
+Repeat this test the next time the client connects.
+This option is useful for testing and collecting statistics
+without blocking mail. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects. </dd>
+
+</dl>
+
+<p> In either case, <a href="postscreen.8.html">postscreen(8)</a> will not whitelist the remote SMTP client
+IP address. </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_greet_banner">postscreen_greet_banner</a>
+(default: $<a href="postconf.5.html#smtpd_banner">smtpd_banner</a>)</b></DT><DD>
+
+<p> The <i>text</i> in the optional "220-<i>text</i>..." server
+response that
+<a href="postscreen.8.html">postscreen(8)</a> sends ahead of the real Postfix SMTP server's "220
+text..." response, in an attempt to confuse bad SMTP clients so
+that they speak before their turn (pre-greet).  Specify an empty
+value to disable this feature.  </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_greet_ttl">postscreen_greet_ttl</a>
+(default: 1d)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
+a successful PREGREET test. During this time, the client IP address
+is excluded from this test. The default is relatively short, because
+a good client can immediately talk to a real Postfix SMTP server. </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_greet_wait">postscreen_greet_wait</a>
+(default: normal: 6s, overload: 2s)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will wait for an SMTP
+client to send a command before its turn, and for DNS blocklist
+lookup results to arrive (default: up to 2 seconds under stress,
+up to 6 seconds otherwise).  <p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  </p>
+
+<p> Time units: s (seconds), m (minutes), h (hours), d (days), w
+(weeks).  </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_helo_required">postscreen_helo_required</a>
+(default: $<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a>)</b></DT><DD>
+
+<p> Require that a remote SMTP client sends HELO or EHLO before
+commencing a MAIL transaction. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_non_smtp_command_action">postscreen_non_smtp_command_action</a>
+(default: drop)</b></DT><DD>
+
+<p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client sends
+non-SMTP commands as specified with the <a href="postconf.5.html#postscreen_forbidden_commands">postscreen_forbidden_commands</a>
+parameter.  Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> </dt>
+
+<dd> Ignore the failure of this test. Allow other tests to complete.
+Do <i>not</i> repeat this test before some the result from some
+other test expires.
+This option is useful for testing and collecting statistics
+without blocking mail permanently. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects. This action is the
+same as with the Postfix SMTP server's <a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a>
+feature.  </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_non_smtp_command_enable">postscreen_non_smtp_command_enable</a>
+(default: no)</b></DT><DD>
+
+<p> Enable "non-SMTP command" tests in the <a href="postscreen.8.html">postscreen(8)</a> server. These
+tests are expensive: a client must disconnect after it passes the
+test, before it can talk to a real Postfix SMTP server. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_non_smtp_command_ttl">postscreen_non_smtp_command_ttl</a>
+(default: 30d)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
+a successful "non_smtp_command" SMTP protocol test. During this
+time, the client IP address is excluded from this test. The default
+is long because a client must disconnect after it passes the test,
+before it can talk to a real Postfix SMTP server. </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_pipelining_action">postscreen_pipelining_action</a>
+(default: enforce)</b></DT><DD>
+
+<p> The action that <a href="postscreen.8.html">postscreen(8)</a> takes when a remote SMTP client
+sends
+multiple commands instead of sending one command and waiting for
+the server to respond.  Specify one of the following: </p>
+
+<dl>
+
+<dt> <b>ignore</b> </dt>
+
+<dd> Ignore the failure of this test. Allow other tests to complete.
+Do <i>not</i> repeat this test before some the result from some
+other test expires.
+This option is useful for testing and collecting statistics
+without blocking mail permanently. </dd>
+
+<dt> <b>enforce</b> </dt>
+
+<dd> Allow other tests to complete. Reject attempts to deliver mail
+with a 550 SMTP reply, and log the helo/sender/recipient information.
+Repeat this test the next time the client connects. </dd>
+
+<dt> <b>drop</b> </dt>
+
+<dd> Drop the connection immediately with a 521 SMTP reply. Repeat
+this test the next time the client connects. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_pipelining_enable">postscreen_pipelining_enable</a>
+(default: no)</b></DT><DD>
+
+<p> Enable "pipelining" SMTP protocol tests in the <a href="postscreen.8.html">postscreen(8)</a>
+server. These tests are expensive: a good client must disconnect
+after it passes the test, before it can talk to a real Postfix SMTP
+server. </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_pipelining_ttl">postscreen_pipelining_ttl</a>
+(default: 30d)</b></DT><DD>
+
+<p> The amount of time that <a href="postscreen.8.html">postscreen(8)</a> will use the result from
+a successful "pipelining" SMTP protocol test. During this time, the
+client IP address is excluded from this test. The default is
+long because a good client must disconnect after it passes the test,
+before it can talk to a real Postfix SMTP server. </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_post_queue_limit">postscreen_post_queue_limit</a>
+(default: $<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b></DT><DD>
+
+<p> The number of clients that can be waiting for service from a
+real Postfix SMTP server process. When this queue is full, all
+clients will
+receive a 421 response. </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_pre_queue_limit">postscreen_pre_queue_limit</a>
+(default: $<a href="postconf.5.html#default_process_limit">default_process_limit</a>)</b></DT><DD>
+
+<p> The number of non-whitelisted clients that can be waiting for
+a decision whether they will receive service from a real Postfix
+SMTP server
+process. When this queue is full, all non-whitelisted clients will
+receive a 421 response. </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_reject_footer">postscreen_reject_footer</a>
+(default: $<a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a>)</b></DT><DD>
+
+<p> Optional information that is appended after a 4XX or 5XX
+<a href="postscreen.8.html">postscreen(8)</a> server
+response. See <a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> for further details.  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_tls_security_level">postscreen_tls_security_level</a>
+(default: $<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>)</b></DT><DD>
+
+<p> The SMTP TLS security level for the <a href="postscreen.8.html">postscreen(8)</a> server; when
+a non-empty value is specified, this overrides the obsolete parameters
+<a href="postconf.5.html#postscreen_use_tls">postscreen_use_tls</a> and <a href="postconf.5.html#postscreen_enforce_tls">postscreen_enforce_tls</a>. See <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>
+for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a>
+(default: empty)</b></DT><DD>
+
+<p> The name of the proxy protocol used by an optional before-postscreen
+proxy agent. When a proxy agent is used, this protocol conveys local
+and remote address and port information. Specify
+"<a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> = haproxy" to enable the haproxy
+protocol. <p>
+
+<p> This feature is available in Postfix 2.10 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_upstream_proxy_timeout">postscreen_upstream_proxy_timeout</a>
+(default: 5s)</b></DT><DD>
+
+<p> The time limit for the proxy protocol specified with the
+<a href="postconf.5.html#postscreen_upstream_proxy_protocol">postscreen_upstream_proxy_protocol</a> parameter. </p>
+
+<p> This feature is available in Postfix 2.10 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_use_tls">postscreen_use_tls</a>
+(default: $<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b></DT><DD>
+
+<p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
+but do not require that clients use TLS encryption. </p>
+
+<p> This feature is available in Postfix 2.8 and later.
+Preferably, use <a href="postconf.5.html#postscreen_tls_security_level">postscreen_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_watchdog_timeout">postscreen_watchdog_timeout</a>
+(default: 10s)</b></DT><DD>
+
+<p> How much time a <a href="postscreen.8.html">postscreen(8)</a> process may take to respond to
+a remote SMTP client command or to perform a cache operation before it
+is terminated by a built-in watchdog timer.  This is a safety
+mechanism that prevents <a href="postscreen.8.html">postscreen(8)</a> from becoming non-responsive
+due to a bug in Postfix itself or in system software.  To avoid
+false alarms and unnecessary cache corruption this limit cannot be
+set under 10s.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a>
+(default: <a href="DATABASE_README.html#types">static</a>:all)</b></DT><DD>
+
+<p> A list of local <a href="postscreen.8.html">postscreen(8)</a> server IP addresses where a
+non-whitelisted remote SMTP client can obtain <a href="postscreen.8.html">postscreen(8)</a>'s temporary
+whitelist status. This status is required before the client can
+talk to a Postfix SMTP server process.  By default, a client can
+obtain <a href="postscreen.8.html">postscreen(8)</a>'s whitelist status on any local <a href="postscreen.8.html">postscreen(8)</a>
+server IP address. </p>
+
+<p> When <a href="postscreen.8.html">postscreen(8)</a> listens on both primary and backup MX
+addresses, the <a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> parameter can be
+configured to give the temporary whitelist status only when a client
+connects to a primary MX address. Once a client is whitelisted it
+can talk to a Postfix SMTP server on any address. Thus, clients
+that connect only to backup MX addresses will never become whitelisted,
+and will never be allowed to talk to a Postfix SMTP server process.
+</p>
+
+<p> Specify a list of network addresses or network/netmask patterns,
+separated by commas and/or whitespace. The netmask specifies the
+number of bits in the network part of a host address. Continue long
+lines by starting the next line with whitespace. </p>
+
+<p> You can also specify "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A
+"/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
+lookup table is matched when a table entry matches a lookup string
+(the lookup result is ignored). </p>
+
+<p> The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list.  </p>
+
+<p> Note: IP version 6 address information must be specified inside
+[] in the <a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> value, and in files
+specified with "/file/name".  IP version 6 addresses contain the
+":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern. </p>
+
+<p> Example: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    # Don't whitelist connections to the backup IP address.
+    <a href="postconf.5.html#postscreen_whitelist_interfaces">postscreen_whitelist_interfaces</a> = !168.100.189.8, <a href="DATABASE_README.html#types">static</a>:all
+</pre>
+
+<p> This feature is available in Postfix 2.9 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="prepend_delivered_header">prepend_delivered_header</a>
+(default: command, file, forward)</b></DT><DD>
+
+<p> The message delivery contexts where the Postfix <a href="local.8.html">local(8)</a> delivery
+agent prepends a Delivered-To:  message header with the address
+that the mail was delivered to. This information is used for mail
+delivery loop detection.  </p>
+
+<p>
+By default, the Postfix local delivery agent prepends a Delivered-To:
+header when forwarding mail and when delivering to file (mailbox)
+and command. Turning off the Delivered-To: header when forwarding
+mail is not recommended.
+</p>
+
+<p>
+Specify zero or more of <b>forward</b>, <b>file</b>, or <b>command</b>.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> = forward
+</pre>
+
+
+</DD>
+
+<DT><b><a name="process_id">process_id</a>
+(read-only)</b></DT><DD>
+
+<p>
+The process ID of a Postfix command or daemon process.
+</p>
+
+
+</DD>
+
+<DT><b><a name="process_id_directory">process_id_directory</a>
+(default: pid)</b></DT><DD>
+
+<p>
+The location of Postfix PID files relative to $<a href="postconf.5.html#queue_directory">queue_directory</a>.
+This is a read-only parameter.
+</p>
+
+
+</DD>
+
+<DT><b><a name="process_name">process_name</a>
+(read-only)</b></DT><DD>
+
+<p>
+The process name of a Postfix command or daemon process.
+</p>
+
+
+</DD>
+
+<DT><b><a name="propagate_unmatched_extensions">propagate_unmatched_extensions</a>
+(default: canonical, virtual)</b></DT><DD>
+
+<p>
+What address lookup tables copy an address extension from the lookup
+key to the lookup result.
+</p>
+
+<p>
+For example, with a <a href="virtual.5.html">virtual(5)</a> mapping of "<i>joe@example.com =&gt;
+joe.user@example.net</i>", the address "<i>joe+foo@example.com</i>"
+would rewrite to "<i>joe.user+foo@example.net</i>".
+</p>
+
+<p>
+Specify zero or more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>,
+<b>forward</b>, <b>include</b> or <b>generic</b>. These cause
+address extension
+propagation with <a href="canonical.5.html">canonical(5)</a>, <a href="virtual.5.html">virtual(5)</a>, and <a href="aliases.5.html">aliases(5)</a> maps,
+with <a href="local.8.html">local(8)</a> .forward and :include: file lookups, and with <a href="smtp.8.html">smtp(8)</a>
+generic maps, respectively.  </p>
+
+<p>
+Note: enabling this feature for types other than <b>canonical</b>
+and <b>virtual</b> is likely to cause problems when mail is forwarded
+to other sites, especially with mail that is sent to a mailing list
+exploder address.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual, alias,
+        forward, include
+<a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> = canonical, virtual
+</pre>
+
+
+</DD>
+
+<DT><b><a name="proxy_interfaces">proxy_interfaces</a>
+(default: empty)</b></DT><DD>
+
+<p>
+The network interface addresses that this mail system receives mail
+on by way of a proxy or network address translation unit.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+<p> You must specify your "outside" proxy/NAT addresses when your
+system is a backup MX host for other domains, otherwise mail delivery
+loops will happen when the primary MX host is down.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
+</pre>
+
+
+</DD>
+
+<DT><b><a name="proxy_read_maps">proxy_read_maps</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
+access for the read-only service.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma.
+Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="proxy_write_maps">proxy_write_maps</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is allowed to
+access for the read-write service. Postfix-owned local database
+files should be stored under the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>.
+Table references that don't begin with <a href="proxymap.8.html">proxy</a>: are ignored.  </p>
+
+<p>
+This feature is available in Postfix 2.5 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="proxymap_service_name">proxymap_service_name</a>
+(default: proxymap)</b></DT><DD>
+
+<p> The name of the proxymap read-only table lookup service.  This
+service is normally implemented by the <a href="proxymap.8.html">proxymap(8)</a> daemon. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="proxywrite_service_name">proxywrite_service_name</a>
+(default: proxywrite)</b></DT><DD>
+
+<p> The name of the proxywrite read-write table lookup service.
+This service is normally implemented by the <a href="proxymap.8.html">proxymap(8)</a> daemon.
+</p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_clog_warn_time">qmgr_clog_warn_time</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The minimal delay between warnings that a specific destination is
+clogging up the Postfix <a href="QSHAPE_README.html#active_queue">active queue</a>. Specify 0 to disable.
+</p>
+
+<p>
+This feature is enabled with the <a href="postconf.5.html#helpful_warnings">helpful_warnings</a> parameter.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_daemon_timeout">qmgr_daemon_timeout</a>
+(default: 1000s)</b></DT><DD>
+
+<p> How much time a Postfix queue manager process may take to handle
+a request before it is terminated by a built-in watchdog timer.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_fudge_factor">qmgr_fudge_factor</a>
+(default: 100)</b></DT><DD>
+
+<p>
+Obsolete feature: the percentage of delivery resources that a busy
+mail system will use up for delivery of a large mailing  list
+message.
+</p>
+
+<p>
+This feature exists only in the <a href="qmgr.8.html">oqmgr(8)</a> old queue manager. The
+current queue manager solves the problem in a better way.
+</p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_ipc_timeout">qmgr_ipc_timeout</a>
+(default: 60s)</b></DT><DD>
+
+<p> The time limit for the queue manager to send or receive information
+over an internal communication channel.  The purpose is to break
+out of deadlock situations. If the time limit is exceeded the
+software either retries or aborts the operation. </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_message_active_limit">qmgr_message_active_limit</a>
+(default: 20000)</b></DT><DD>
+
+<p>
+The maximal number of messages in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_message_recipient_limit">qmgr_message_recipient_limit</a>
+(default: 20000)</b></DT><DD>
+
+<p> The maximal number of recipients held in memory by the Postfix
+queue manager, and the maximal size of the short-term,
+in-memory "dead" destination status cache.  </p>
+
+
+</DD>
+
+<DT><b><a name="qmgr_message_recipient_minimum">qmgr_message_recipient_minimum</a>
+(default: 10)</b></DT><DD>
+
+<p>
+The minimal number of in-memory recipients for any message. This
+takes priority over any other in-memory recipient limits (i.e.,
+the global <a href="postconf.5.html#qmgr_message_recipient_limit">qmgr_message_recipient_limit</a> and the per transport
+_recipient_limit) if necessary. The minimum value allowed for this
+parameter is 1.
+</p>
+
+
+</DD>
+
+<DT><b><a name="qmqpd_authorized_clients">qmqpd_authorized_clients</a>
+(default: empty)</b></DT><DD>
+
+<p>
+What remote QMQP clients are allowed to connect to the Postfix QMQP
+server port.
+</p>
+
+<p>
+By default, no client is allowed to use the service. This is
+because the QMQP server will relay mail to any destination.
+</p>
+
+<p>
+Specify a list of client patterns. A list pattern specifies a host
+name, a domain name, an internet address, or a network/mask pattern,
+where the mask specifies the number of bits in the network part.
+When a pattern specifies a file name, its contents are substituted
+for the file name; when a pattern is a "<a href="DATABASE_README.html">type:table</a>" table specification,
+table lookup is used instead.  </p>
+
+<p>
+Patterns are separated by whitespace and/or commas. In order to
+reverse the result, precede a pattern with an
+exclamation point (!). The form "!/file/name" is supported only
+in Postfix version 2.4 and later.
+</p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a>" in the
+<a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter value.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#qmqpd_authorized_clients">qmqpd_authorized_clients</a> = !192.168.0.1, 192.168.0.0/24
+</pre>
+
+
+</DD>
+
+<DT><b><a name="qmqpd_client_port_logging">qmqpd_client_port_logging</a>
+(default: no)</b></DT><DD>
+
+<p> Enable logging of the remote QMQP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="qmqpd_error_delay">qmqpd_error_delay</a>
+(default: 1s)</b></DT><DD>
+
+<p>
+How long the Postfix QMQP server will pause before sending a negative
+reply to the remote QMQP client. The purpose is to slow down confused
+or malicious clients.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="qmqpd_timeout">qmqpd_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The time limit for sending or receiving information over the network.
+If a read or write operation blocks for more than $<a href="postconf.5.html#qmqpd_timeout">qmqpd_timeout</a>
+seconds the Postfix QMQP server gives up and disconnects.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="queue_directory">queue_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The location of the Postfix top-level queue directory. This is the
+root directory of Postfix daemon processes that run chrooted.
+</p>
+
+
+</DD>
+
+<DT><b><a name="queue_file_attribute_count_limit">queue_file_attribute_count_limit</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The maximal number of (name=value) attributes that may be stored
+in a Postfix queue file. The limit is enforced by the <a href="cleanup.8.html">cleanup(8)</a>
+server.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="queue_minfree">queue_minfree</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The minimal amount of free space in bytes in the queue file system
+that is needed to receive mail.  This is currently used by the
+Postfix SMTP server to decide if it will accept any mail at all.
+</p>
+
+<p>
+By default, the Postfix SMTP server rejects MAIL FROM commands when
+the amount of free space is less than 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>
+(Postfix version 2.1 and later).
+To specify a higher minimum free space limit, specify a <a href="postconf.5.html#queue_minfree">queue_minfree</a>
+value that is at least 1.5*$<a href="postconf.5.html#message_size_limit">message_size_limit</a>.
+</p>
+
+<p>
+With Postfix versions 2.0 and earlier, a <a href="postconf.5.html#queue_minfree">queue_minfree</a> value of
+zero means there is no minimum required amount of free space.
+</p>
+
+
+</DD>
+
+<DT><b><a name="queue_run_delay">queue_run_delay</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
+prior to Postfix 2.4 the default value was 1000s.
+</p>
+
+<p> This parameter should be set less than or equal to
+$<a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a>. See also $<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a>.  </p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="queue_service_name">queue_service_name</a>
+(default: qmgr)</b></DT><DD>
+
+<p>
+The name of the <a href="qmgr.8.html">qmgr(8)</a> service. This service manages the Postfix
+queue and schedules delivery requests.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="rbl_reply_maps">rbl_reply_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables with RBL response templates. The tables are
+indexed by the RBL domain name. By default, Postfix uses the default
+template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration
+parameter. See there for a discussion of the syntax of RBL reply
+templates.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="readme_directory">readme_directory</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+The location of Postfix README files that describe how to build,
+configure or operate a specific Postfix subsystem or feature.
+</p>
+
+
+</DD>
+
+<DT><b><a name="receive_override_options">receive_override_options</a>
+(default: empty)</b></DT><DD>
+
+<p> Enable or disable recipient validation, built-in content
+filtering, or address mapping. Typically, these are specified in
+<a href="master.5.html">master.cf</a> as command-line arguments for the <a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a> or
+<a href="pickup.8.html">pickup(8)</a> daemons. </p>
+
+<p> Specify zero or more of the following options.  The options
+override <a href="postconf.5.html">main.cf</a> settings and are either implemented by <a href="smtpd.8.html">smtpd(8)</a>,
+<a href="qmqpd.8.html">qmqpd(8)</a>, or <a href="pickup.8.html">pickup(8)</a> themselves, or they are forwarded to the
+cleanup server.  </p>
+
+<dl>
+
+<dt><b><a name="no_unknown_recipient_checks">no_unknown_recipient_checks</a></b></dt>
+
+<dd>Do not try to reject unknown recipients (SMTP server only).
+This is typically specified AFTER an external content filter.
+</dd>
+
+<dt><b><a name="no_address_mappings">no_address_mappings</a></b></dt>
+
+<dd>Disable canonical address mapping, virtual alias map expansion,
+address masquerading, and automatic BCC (blind carbon-copy)
+recipients. This is typically specified BEFORE an external content
+filter. </dd>
+
+<dt><b><a name="no_header_body_checks">no_header_body_checks</a></b></dt>
+
+<dd>Disable header/body_checks. This is typically specified AFTER
+an external content filter. </dd>
+
+<dt><b><a name="no_milters">no_milters</a></b></dt>
+
+<dd>Disable Milter (mail filter) applications. This is typically
+specified AFTER an external content filter. </dd>
+
+</dl>
+
+<p>
+Note: when the "BEFORE content filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a>
+setting is specified in the <a href="postconf.5.html">main.cf</a> file, specify the "AFTER content
+filter" <a href="postconf.5.html#receive_override_options">receive_override_options</a> setting in <a href="master.5.html">master.cf</a> (and vice
+versa).
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#receive_override_options">receive_override_options</a> =
+    <a href="postconf.5.html#no_unknown_recipient_checks">no_unknown_recipient_checks</a>, <a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>
+<a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="recipient_bcc_maps">recipient_bcc_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional BCC (blind carbon-copy) address lookup tables, indexed by
+recipient address.  The BCC address (multiple results are not
+supported) is added when mail enters from outside of Postfix.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+The table search order is as follows:
+</p>
+
+<ul>
+
+<li> Look up the "user+extension@domain.tld" address including the
+optional address extension.
+
+<li> Look up the "user@domain.tld" address without the optional
+address extension.
+
+<li> Look up the "user+extension" address local part when the
+recipient domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
+
+<li> Look up the "user" address local part when the recipient domain
+equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
+
+<li> Look up the "@domain.tld" part.
+
+</ul>
+
+<p>
+Note: with Postfix 2.3 and later the BCC address is added as if it
+was specified with NOTIFY=NONE. The sender will not be notified
+when the BCC address is undeliverable, as long as all down-stream
+software implements <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a>.
+</p>
+
+<p>
+Note: with Postfix 2.2 and earlier the sender will unconditionally
+be notified when the BCC address is undeliverable.
+</p>
+
+<p> Note: automatic BCC recipients are produced only for new mail.
+To avoid mailer loops, automatic BCC recipients are not generated
+after Postfix forwards mail internally, or after Postfix generates
+mail itself. </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/recipient_bcc
+</pre>
+
+<p>
+After a change, run "<b>postmap /etc/postfix/recipient_bcc</b>".
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="recipient_canonical_classes">recipient_canonical_classes</a>
+(default: envelope_recipient, header_recipient)</b></DT><DD>
+
+<p> What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
+mapping.  By default, <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address mapping is
+applied to envelope recipient addresses, and to header recipient
+addresses.  </p>
+
+<p> Specify one or more of: envelope_recipient, header_recipient
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="recipient_canonical_maps">recipient_canonical_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional address mapping lookup tables for envelope and header
+recipient addresses.
+The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
+</p>
+
+<p>
+Note: $<a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/recipient_canonical
+</pre>
+
+
+</DD>
+
+<DT><b><a name="recipient_delimiter">recipient_delimiter</a>
+(default: empty)</b></DT><DD>
+
+<p> The set of characters that can separate a user name from its
+extension (example: user+foo), or a .forward file name from its
+extension (example: .forward+foo).  Basically, the software tries
+user+foo and .forward+foo before trying user and .forward.  This
+implementation recognizes one delimiter character and one extension
+per email address or .forward file name. </p>
+
+<p> When the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> set contains multiple characters
+(Postfix 2.11 and later), a user name or .forward file name is
+separated from its extension by the first character that matches
+the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> set. </p>
+
+<p> See <a href="canonical.5.html">canonical(5)</a>, <a href="local.8.html">local(8)</a>, <a href="relocated.5.html">relocated(5)</a> and <a href="virtual.5.html">virtual(5)</a> for the
+effects of <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> on lookups in aliases, canonical,
+virtual, and relocated maps, and see the <a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a>
+parameter for propagating an extension from one email address to
+another.  </p>
+
+<p> When used in <a href="postconf.5.html#command_execution_directory">command_execution_directory</a>, <a href="postconf.5.html#forward_path">forward_path</a>, or
+<a href="postconf.5.html#luser_relay">luser_relay</a>, ${<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>} is replaced with the actual
+recipient delimiter that was found in the recipient email address
+(Postfix 2.11 and later), or it is replaced with the <a href="postconf.5.html">main.cf</a>
+<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> parameter value (Postfix 2.10 and earlier).
+</p>
+
+<p> The <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> is not applied to the mailer-daemon
+address, the postmaster address, or the double-bounce address. With
+the default "<a href="postconf.5.html#owner_request_special">owner_request_special</a> = yes" setting, the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>
+is also not applied to addresses with the special "owner-" prefix
+or the special "-request" suffix. </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+# Handle Postfix-style extensions.
+<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> = +
+</pre>
+
+<pre>
+# Handle both Postfix and qmail extensions (Postfix 2.11 and later).
+<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> = +-
+</pre>
+
+<pre>
+# Use .forward for mail without address extension, and for mail with
+# an unrecognized address extension.
+<a href="postconf.5.html#forward_path">forward_path</a> = $home/.forward${<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>}${extension},
+    $home/.forward
+</pre>
+
+
+</DD>
+
+<DT><b><a name="reject_code">reject_code</a>
+(default: 554)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a remote SMTP
+client request is rejected by the "reject" restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="reject_tempfail_action">reject_tempfail_action</a>
+(default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>)</b></DT><DD>
+
+<p> The Postfix SMTP server's action when a reject-type restriction
+fails due to a temporary error condition. Specify "defer" to defer
+the remote SMTP client request immediately. With the default
+"<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
+for opportunities to reject mail, and defers the client request
+only if it would otherwise be accepted. </p>
+
+<p> For finer control, see: <a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a>,
+<a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a>, <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a>,
+and <a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a>.  </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="relay_clientcerts">relay_clientcerts</a>
+(default: empty)</b></DT><DD>
+
+<p> List of tables with remote SMTP client-certificate fingerprints or
+public key fingerprints (Postfix 2.9 and later) for which the Postfix
+SMTP server will allow access with the <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
+feature.  The fingerprint digest algorithm is configurable via the
+<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
+Postfix version 2.5).  </p>
+
+<p> Postfix lookup tables are in the form of (key, value) pairs.
+Since we only need the key, the value can be chosen freely, e.g.
+the name of the user or host:
+D7:04:2F:A7:0B:8C:A5:21:FA:31:77:E1:41:8A:EE:80 lutzpc.at.home </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relay_clientcerts
+</pre>
+
+<p>For more fine-grained control, use <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> to select
+an appropriate <a href="access.5.html">access(5)</a> policy for each client.
+See <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a>.</p>
+
+<p> <b>Note:</b> Postfix 2.9.0&ndash;2.9.5 computed the public key
+fingerprint incorrectly. To use public-key fingerprints, upgrade
+to Postfix 2.9.6 or later. </p>
+
+<p>This feature is available with Postfix version 2.2.</p>
+
+
+</DD>
+
+<DT><b><a name="relay_destination_concurrency_limit">relay_destination_concurrency_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
+
+<p> The maximal number of parallel deliveries to the same destination
+via the relay message delivery transport. This limit is enforced
+by the queue manager. The message delivery transport name is the
+first field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+<p> This feature is available in Postfix 2.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="relay_destination_recipient_limit">relay_destination_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
+
+<p> The maximal number of recipients per message for the relay
+message delivery transport. This limit is enforced by the queue
+manager. The message delivery transport name is the first field in
+the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+<p> Setting this parameter to a value of 1 changes the meaning of
+<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> from concurrency per domain
+into concurrency per recipient.  </p>
+
+<p> This feature is available in Postfix 2.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="relay_domains">relay_domains</a>
+(default: Postfix &ge; 3.0: empty, Postfix &lt; 3.0: $<a href="postconf.5.html#mydestination">mydestination</a>)</b></DT><DD>
+
+<p> What destination domains (and subdomains thereof) this system
+will relay mail to. For details about how
+the <a href="postconf.5.html#relay_domains">relay_domains</a> value is used, see the description of the
+<a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> and <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> SMTP recipient
+restrictions.  </p>
+
+<p> Domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a> are delivered with the
+$<a href="postconf.5.html#relay_transport">relay_transport</a> mail delivery transport. The SMTP server validates
+recipient addresses with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> and rejects non-existent
+recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
+<a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
+
+<p> Note: Postfix will not automatically forward mail for domains
+that list this system as their primary or backup MX host. See the
+<a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page.  </p>
+
+<p> Specify a list of host or domain names, "/file/name" patterns
+or "<a href="DATABASE_README.html">type:table</a>" lookup tables, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace. A
+"/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
+lookup table is matched when a (parent) domain appears as lookup
+key. Specify "!pattern" to exclude a domain from the list. The form
+"!/file/name" is supported only in Postfix version 2.4 and later.
+</p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#relay_domains">relay_domains</a>" in the <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+parameter value. </p>
+
+
+</DD>
+
+<DT><b><a name="relay_domains_reject_code">relay_domains_reject_code</a>
+(default: 554)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a client
+request is rejected by the <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient
+restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="relay_recipient_maps">relay_recipient_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with all valid addresses in the domains
+that match $<a href="postconf.5.html#relay_domains">relay_domains</a>. Specify @domain as a wild-card for
+domains that have no valid recipient list, and become a source of
+backscatter mail: Postfix accepts spam for non-existent recipients
+and then floods innocent people with undeliverable mail.  Technically,
+tables
+listed with $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> are used as lists: Postfix needs
+to know only if a lookup string is found or not, but it does not
+use the result from table lookup.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+If this parameter is non-empty, then the Postfix SMTP server will reject
+mail to unknown relay users. This feature is off by default.
+</p>
+
+<p>
+See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
+file.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relay_recipients
+</pre>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="relay_transport">relay_transport</a>
+(default: relay)</b></DT><DD>
+
+<p>
+The default mail delivery transport and next-hop destination for
+remote delivery to domains listed with $<a href="postconf.5.html#relay_domains">relay_domains</a>. In order of
+decreasing precedence, the nexthop destination is taken from
+$<a href="postconf.5.html#relay_transport">relay_transport</a>, $<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>, $<a href="postconf.5.html#relayhost">relayhost</a>, or
+from the recipient domain. This information can be overruled with
+the <a href="transport.5.html">transport(5)</a> table.
+</p>
+
+<p>
+Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
+The <i>:nexthop</i> destination is optional; its syntax is documented
+in the manual page of the corresponding delivery agent.
+</p>
+
+<p>
+See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a>
+file.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="relayhost">relayhost</a>
+(default: empty)</b></DT><DD>
+
+<p>
+The next-hop destination of non-local mail; overrides non-local
+domains in recipient addresses. This information is overruled with
+<a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>,
+<a href="postconf.5.html#default_transport">default_transport</a>, <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
+and with the <a href="transport.5.html">transport(5)</a> table.
+</p>
+
+<p>
+On an intranet, specify the organizational domain name. If your
+internal DNS uses no MX records, specify the name of the intranet
+gateway host instead.
+</p>
+
+<p>
+In the case of SMTP, specify a domain name, hostname, hostname:port,
+[hostname]:port, [hostaddress] or [hostaddress]:port. The form
+[hostname] turns off MX lookups.
+</p>
+
+<p>
+If you're connected via UUCP, see the <a href="UUCP_README.html">UUCP_README</a> file for useful
+information.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#relayhost">relayhost</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
+<a href="postconf.5.html#relayhost">relayhost</a> = [gateway.example.com]
+<a href="postconf.5.html#relayhost">relayhost</a> = uucphost
+<a href="postconf.5.html#relayhost">relayhost</a> = [an.ip.add.ress]
+</pre>
+
+
+</DD>
+
+<DT><b><a name="relocated_maps">relocated_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables with new contact information for users or
+domains that no longer exist.  The table format and lookups are
+documented in <a href="relocated.5.html">relocated(5)</a>.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+If you use this feature, run "<b>postmap /etc/postfix/relocated</b>" to
+build the necessary DBM or DB file after change, then "<b>postfix
+reload</b>" to make the changes visible.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#relocated_maps">relocated_maps</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/postfix/relocated
+<a href="postconf.5.html#relocated_maps">relocated_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated
+</pre>
+
+
+</DD>
+
+<DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
+(default: empty)</b></DT><DD>
+
+<p> Don't rewrite message headers from remote clients at all when
+this parameter is empty; otherwise, rewrite message headers and
+append the specified domain name to incomplete addresses.  The
+<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls what clients Postfix
+considers local. </p>
+
+<p> Examples:  </p>
+
+<p> The safe setting: append "domain.invalid" to incomplete header
+addresses from remote SMTP clients, so that those addresses cannot
+be confused with local addresses. </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> = domain.invalid
+</pre>
+</blockquote>
+
+<p> The default, purist, setting: don't rewrite headers from remote
+clients at all. </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> =
+</pre>
+</blockquote>
+
+
+</DD>
+
+<DT><b><a name="require_home_directory">require_home_directory</a>
+(default: no)</b></DT><DD>
+
+<p>
+Require that a <a href="local.8.html">local(8)</a> recipient's home directory exists
+before mail delivery is attempted. By default this test is disabled.
+It can be useful for environments that import home directories to
+the mail server (IMPORTING HOME DIRECTORIES IS NOT RECOMMENDED).
+</p>
+
+
+</DD>
+
+<DT><b><a name="reset_owner_alias">reset_owner_alias</a>
+(default: no)</b></DT><DD>
+
+<p> Reset the <a href="local.8.html">local(8)</a> delivery agent's idea of the owner-alias
+attribute, when delivering mail to a child alias that does not have
+its own owner alias. </p>
+
+<p> This feature is available in Postfix 2.8 and later. With older
+Postfix releases, the behavior is as if this parameter is set to
+"yes". </p>
+
+<p> As documented in <a href="aliases.5.html">aliases(5)</a>, when an alias <i>name</i> has a
+companion alias named owner-<i>name</i>, delivery errors will be
+reported to the owner alias instead of the sender. This configuration
+is recommended for mailing lists. <p>
+
+<p> A less known property of the owner alias is that it also forces
+the <a href="local.8.html">local(8)</a> delivery agent to write local and remote addresses
+from alias expansion to a new queue file, instead of attempting to
+deliver mail to local addresses as soon as they come out of alias
+expansion.  </p>
+
+<p> Writing local addresses from alias expansion to a new queue
+file allows for robust handling of temporary delivery errors: errors
+with one local member have no effect on deliveries to other members
+of the list.  On the other hand, delivery to local addresses as
+soon as they come out of alias expansion is fragile: a temporary
+error with one local address from alias expansion will cause the
+entire alias to be expanded repeatedly until the error goes away,
+or until the message expires in the queue.  In that case, a problem
+with one list member results in multiple message deliveries to other
+list members. </p>
+
+<p> The default behavior of Postfix 2.8 and later is to keep the
+owner-alias attribute of the parent alias, when delivering mail to
+a child alias that does not have its own owner alias. Then, local
+addresses from that child alias will be written to a new queue file,
+and a temporary error with one local address will not affect delivery
+to other mailing list members. </p>
+
+<p> Unfortunately, older Postfix releases reset the owner-alias
+attribute when delivering mail to a child alias that does not have
+its own owner alias.  The <a href="local.8.html">local(8)</a> delivery agent then attempts to
+deliver local addresses as soon as they come out of child alias
+expansion.  If delivery to any address from child alias expansion
+fails with a temporary error condition, the entire mailing list may
+be expanded repeatedly until the mail expires in the queue, resulting
+in multiple deliveries of the same message to mailing list members.
+</p>
+
+
+</DD>
+
+<DT><b><a name="resolve_dequoted_address">resolve_dequoted_address</a>
+(default: yes)</b></DT><DD>
+
+<p> Resolve a recipient address safely instead of correctly, by
+looking inside quotes.  </p>
+
+<p> By default, the Postfix address resolver does not quote the
+address localpart as per <a href="http://tools.ietf.org/html/rfc822">RFC 822</a>, so that additional @ or % or !
+operators remain visible. This behavior is safe but it is also
+technically incorrect.  </p>
+
+<p> If you specify "<a href="postconf.5.html#resolve_dequoted_address">resolve_dequoted_address</a> = no", then
+the Postfix
+resolver will not know about additional @ etc. operators in the
+address localpart. This opens opportunities for obscure mail relay
+attacks with user@domain@domain addresses when Postfix provides
+backup MX service for Sendmail systems.  </p>
+
+
+</DD>
+
+<DT><b><a name="resolve_null_domain">resolve_null_domain</a>
+(default: no)</b></DT><DD>
+
+<p> Resolve an address that ends in the "@" null domain as if the
+local hostname were specified, instead of rejecting the address as
+invalid.  </p>
+
+<p> This feature is available in Postfix 2.1 and later.
+Earlier versions always resolve the null domain as the local
+hostname.  </p>
+
+<p> The Postfix SMTP server uses this feature to reject mail from
+or to addresses that end in the "@" null domain, and from addresses
+that rewrite into a form that ends in the "@" null domain.  </p>
+
+
+</DD>
+
+<DT><b><a name="resolve_numeric_domain">resolve_numeric_domain</a>
+(default: no)</b></DT><DD>
+
+<p> Resolve "user@ipaddress" as "user@[ipaddress]", instead of
+rejecting the address as invalid.  </p>
+
+<p> This feature is available in Postfix 2.3 and later.
+
+
+</DD>
+
+<DT><b><a name="rewrite_service_name">rewrite_service_name</a>
+(default: rewrite)</b></DT><DD>
+
+<p>
+The name of the address rewriting service. This service rewrites
+addresses to standard form and resolves them to a (delivery method,
+next-hop host, recipient) triple.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="sample_directory">sample_directory</a>
+(default: /etc/postfix)</b></DT><DD>
+
+<p>
+The name of the directory with example Postfix configuration files.
+Starting with Postfix 2.1, these files have been replaced with the
+<a href="postconf.5.html">postconf(5)</a> manual page.
+</p>
+
+
+</DD>
+
+<DT><b><a name="send_cyrus_sasl_authzid">send_cyrus_sasl_authzid</a>
+(default: no)</b></DT><DD>
+
+<p> When authenticating to a remote SMTP or LMTP server with the
+default setting "no", send no SASL authoriZation ID (authzid); send
+only the SASL authentiCation ID (authcid) plus the authcid's password.
+</p>
+
+<p> The non-default setting "yes" enables the behavior of older
+Postfix versions.  These always send a SASL authzid that is equal
+to the SASL authcid, but this causes interoperability problems
+with some SMTP servers. </p>
+
+<p> This feature is available in Postfix 2.4.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="sender_based_routing">sender_based_routing</a>
+(default: no)</b></DT><DD>
+
+<p>
+This parameter should not be used. It was replaced by <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
+in Postfix version 2.3.
+</p>
+
+
+</DD>
+
+<DT><b><a name="sender_bcc_maps">sender_bcc_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional BCC (blind carbon-copy) address lookup tables, indexed
+by sender address.  The BCC address (multiple results are not
+supported) is added when mail enters from outside of Postfix.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+The table search order is as follows:
+</p>
+
+<ul>
+
+<li> Look up the "user+extension@domain.tld" address including the
+optional address extension.
+
+<li> Look up the "user@domain.tld" address without the optional
+address extension.
+
+<li> Look up the "user+extension" address local part when the
+sender domain equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
+
+<li> Look up the "user" address local part when the sender domain
+equals $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
+
+<li> Look up the "@domain.tld" part.
+
+</ul>
+
+<p>
+Note: with Postfix 2.3 and later the BCC address is added as if it
+was specified with NOTIFY=NONE. The sender will not be notified
+when the BCC address is undeliverable, as long as all down-stream
+software implements <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a>.
+</p>
+
+<p>
+Note: with Postfix 2.2 and earlier the sender will be notified
+when the BCC address is undeliverable.
+</p>
+
+<p> Note: automatic BCC recipients are produced only for new mail.
+To avoid mailer loops, automatic BCC recipients are not generated
+after Postfix forwards mail internally, or after Postfix generates
+mail itself. </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/sender_bcc
+</pre>
+
+<p>
+After a change, run "<b>postmap /etc/postfix/sender_bcc</b>".
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="sender_canonical_classes">sender_canonical_classes</a>
+(default: envelope_sender, header_sender)</b></DT><DD>
+
+<p> What addresses are subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address
+mapping.  By default, <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address mapping is
+applied to envelope sender addresses, and to header sender addresses.
+</p>
+
+<p> Specify one or more of: envelope_sender, header_sender </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="sender_canonical_maps">sender_canonical_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional address mapping lookup tables for envelope and header
+sender addresses.
+The table format and lookups are documented in <a href="canonical.5.html">canonical(5)</a>.
+</p>
+
+<p>
+Example: you want to rewrite the SENDER address "user@ugly.domain"
+to "user@pretty.domain", while still being able to send mail to
+the RECIPIENT address "user@ugly.domain".
+</p>
+
+<p>
+Note: $<a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> is processed before $<a href="postconf.5.html#canonical_maps">canonical_maps</a>.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/sender_canonical
+</pre>
+
+
+</DD>
+
+<DT><b><a name="sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> A sender-dependent override for the global <a href="postconf.5.html#default_transport">default_transport</a>
+parameter setting. The tables are searched by the envelope sender
+address and @domain. A lookup result of DUNNO terminates the search
+without overriding the global <a href="postconf.5.html#default_transport">default_transport</a> parameter setting.
+This information is overruled with the <a href="transport.5.html">transport(5)</a> table. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> Note: this overrides <a href="postconf.5.html#default_transport">default_transport</a>, not <a href="postconf.5.html#transport_maps">transport_maps</a>, and
+therefore the expected syntax is that of <a href="postconf.5.html#default_transport">default_transport</a>, not the
+syntax of <a href="postconf.5.html#transport_maps">transport_maps</a>.  Specifically, this does not support the
+<a href="postconf.5.html#transport_maps">transport_maps</a> syntax for null transport, null nexthop, or null
+email addresses. </p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
+<p> This feature is available in Postfix 2.7 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> A sender-dependent override for the global <a href="postconf.5.html#relayhost">relayhost</a> parameter
+setting. The tables are searched by the envelope sender address and
+@domain. A lookup result of DUNNO terminates the search without
+overriding the global <a href="postconf.5.html#relayhost">relayhost</a> parameter setting (Postfix 2.6 and
+later). This information is overruled with <a href="postconf.5.html#relay_transport">relay_transport</a>,
+<a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default_transport_maps</a>, <a href="postconf.5.html#default_transport">default_transport</a> and with
+the <a href="transport.5.html">transport(5)</a> table. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
+<p>
+This feature is available in Postfix 2.3 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="sendmail_fix_line_endings">sendmail_fix_line_endings</a>
+(default: always)</b></DT><DD>
+
+<p> Controls how the Postfix sendmail command converts email message
+line endings from &lt;CR&gt;&lt;LF&gt; into UNIX format (&lt;LF&gt;).
+</p>
+
+<dl>
+
+<dt> <b>always</b> </dt> <dd> Always convert message lines ending
+in &lt;CR&gt;&lt;LF&gt;. This setting is the default with Postfix
+2.9 and later. </dd>
+
+<dt> <b>strict</b> </dt> <dd> Convert message lines ending in
+&lt;CR&gt;&lt;LF&gt; only if the first input line ends in
+&lt;CR&gt;&lt;LF&gt;. This setting is backwards-compatible with
+Postfix 2.8 and earlier. </dd>
+
+<dt> <b>never</b> </dt> <dd> Never convert message lines ending in
+&lt;CR&gt;&lt;LF&gt;. This setting exists for completeness only.
+</dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.9 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="sendmail_path">sendmail_path</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+A Sendmail compatibility feature that specifies the location of
+the Postfix <a href="sendmail.1.html">sendmail(1)</a> command. This command can be used to
+submit mail into the Postfix queue.
+</p>
+
+
+</DD>
+
+<DT><b><a name="service_throttle_time">service_throttle_time</a>
+(default: 60s)</b></DT><DD>
+
+<p>
+How long the Postfix <a href="master.8.html">master(8)</a> waits before forking a server that
+appears to be malfunctioning.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="setgid_group">setgid_group</a>
+(default: postdrop)</b></DT><DD>
+
+<p>
+The group ownership of set-gid Postfix commands and of group-writable
+Postfix directories. When this parameter value is changed you need
+to re-run "<b>postfix set-permissions</b>" (with Postfix version 2.0 and
+earlier: "<b>/etc/postfix/post-install set-permissions</b>".
+</p>
+
+
+</DD>
+
+<DT><b><a name="shlib_directory">shlib_directory</a>
+(default: see 'postconf -d' output)</b></DT><DD>
+
+<p> The location of Postfix dynamically-linked libraries
+(libpostfix-*.so), and the default location of Postfix database
+plugins (postfix-*.so) that have a relative pathname in the
+dynamicmaps.cf file.  The <a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter defaults to
+"no" when Postfix dynamically-linked libraries and database plugins
+are disabled at compile time, otherwise it typically defaults to
+/usr/lib/postfix or /usr/local/lib/postfix.  </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> The directory specified with <a href="postconf.5.html#shlib_directory">shlib_directory</a> should contain
+only Postfix-related files. Postfix dynamically-linked libraries
+and database plugins should not be installed in a "public" system
+directory such as /usr/lib or /usr/local/lib. Linking Postfix
+dynamically-linked library files or database plugins into non-Postfix
+programs is not supported.  Postfix dynamically-linked libraries
+and database plugins implement a Postfix-internal API that changes
+without maintaining compatibility.  </p>
+
+<li> <p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> value after Postfix is
+built. However, you may have to run ldconfig or equivalent to prevent
+Postfix programs from failing because the libpostfix-*.so files are
+not found.  No ldconfig command is needed if you keep the libpostfix-*.so
+files in the compiled-in default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
+
+</ul>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="show_user_unknown_table_name">show_user_unknown_table_name</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Display the name of the recipient table in the "User unknown"
+responses.  The extra detail makes trouble shooting easier but also
+reveals information that is nobody elses business.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="showq_service_name">showq_service_name</a>
+(default: showq)</b></DT><DD>
+
+<p>
+The name of the <a href="showq.8.html">showq(8)</a> service. This service produces mail queue
+status reports.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_address_preference">smtp_address_preference</a>
+(default: any)</b></DT><DD>
+
+<p> The address type ("ipv6", "ipv4" or "any") that the Postfix
+SMTP client will try first, when a destination has IPv6 and IPv4
+addresses with equal MX preference. This feature has no effect
+unless the <a href="postconf.5.html#inet_protocols">inet_protocols</a> setting enables both IPv4 and IPv6. </p>
+
+<p> Postfix SMTP client address preference has evolved. With Postfix
+2.8 the default is "ipv6"; earlier implementations are hard-coded
+to prefer IPv6 over IPv4. </p>
+
+<p> Notes for mail delivery between sites that have both IPv4 and
+IPv6 connectivity: </p>
+
+<ul>
+
+<li> <p> The setting "<a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> = ipv6" is unsafe.
+It can fail to deliver mail when there is an outage that affects
+IPv6, while the destination is still reachable over IPv4. </p>
+
+<li> <p> The setting "<a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> = any" is safe. With
+this, mail will eventually be delivered even if there is an outage
+that affects IPv6 or IPv4, as long as it does not affect both. </p>
+
+</ul>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_address_verify_target">smtp_address_verify_target</a>
+(default: rcpt)</b></DT><DD>
+
+<p> In the context of email address verification, the SMTP protocol
+stage that determines whether an email address is deliverable.
+Specify one of "rcpt" or "data".  The latter is needed with remote
+SMTP servers that reject recipients after the DATA command. Use
+<a href="postconf.5.html#transport_maps">transport_maps</a> to apply this feature selectively:  </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+/etc/postfix/transport:
+    smtp-domain-that-verifies-after-data    smtp-data-target:
+    lmtp-domain-that-verifies-after-data    lmtp-data-target:
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    smtp-data-target    unix    -    -    n    -    -    smtp
+        -o <a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a>=data
+    lmtp-data-target    unix    -    -    n    -    -    lmtp
+        -o <a href="postconf.5.html#lmtp_address_verify_target">lmtp_address_verify_target</a>=data
+</pre>
+</blockquote>
+
+<p> Unselective use of the "data" target does no harm, but will
+result in unnecessary "lost connection after DATA" events at remote
+SMTP/LMTP servers. </p>
+
+<p> This feature is available in Postfix 3.0 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_always_send_ehlo">smtp_always_send_ehlo</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Always send EHLO at the start of an SMTP session.
+</p>
+
+<p>
+With "<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> = no", the Postfix SMTP client sends
+EHLO only when
+the word "ESMTP" appears in the server greeting banner (example:
+220 spike.porcupine.org ESMTP Postfix).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_bind_address">smtp_bind_address</a>
+(default: empty)</b></DT><DD>
+
+<p>
+An optional numerical network address that the Postfix SMTP client
+should bind to when making an IPv4 connection.
+</p>
+
+<p>
+This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
+it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
+for example:
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>=11.22.33.44
+</pre>
+</blockquote>
+
+<p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv4
+address, and that address is a non-loopback address, it is
+automatically used as the <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>.  This supports virtual
+IP hosting, but can be a problem on multi-homed firewalls. See the
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
+
+<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
+but this form is not required here. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_bind_address6">smtp_bind_address6</a>
+(default: empty)</b></DT><DD>
+
+<p>
+An optional numerical network address that the Postfix SMTP client
+should bind to when making an IPv6 connection.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p>
+This can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP clients, or
+it can be specified in the <a href="master.5.html">master.cf</a> file for a specific client,
+for example:
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>=1:2:3:4:5:6:7:8
+</pre>
+</blockquote>
+
+<p> Note 1: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies no more than one IPv6
+address, and that address is a non-loopback address, it is
+automatically used as the <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a>.  This supports virtual
+IP hosting, but can be a problem on multi-homed firewalls. See the
+<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> documentation for more detail. </p>
+
+<p> Note 2: address information may be enclosed inside <tt>[]</tt>,
+but this form is not recommended here. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_body_checks">smtp_body_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Restricted <a href="header_checks.5.html">body_checks(5)</a> tables for the Postfix SMTP client.
+These tables are searched while mail is being delivered.  Actions
+that change the delivery time or destination are not available.
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_cname_overrides_servername">smtp_cname_overrides_servername</a>
+(default: version dependent)</b></DT><DD>
+
+<p> When the remote SMTP servername is a DNS CNAME, replace the
+servername with the result from CNAME expansion for the purpose of
+logging, SASL password lookup, TLS
+policy decisions, or TLS certificate verification. The value "no"
+hardens Postfix <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> hostname-based policies against
+false hostname information in DNS CNAME records, and makes SASL
+password file lookups more predictable. This is the default setting
+as of Postfix 2.3. </p>
+
+<p> When DNS CNAME records are validated with secure DNS lookups
+(<a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a> = dnssec), they are always allowed to
+override the above servername (Postfix 2.11 and later). </p>
+
+<p> This feature is available in Postfix 2.2.9 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connect_timeout">smtp_connect_timeout</a>
+(default: 30s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for completing a TCP connection, or
+zero (use the operating system built-in time limit).
+</p>
+
+<p>
+When no connection can be made within the deadline, the Postfix
+SMTP client
+tries the next address on the mail exchanger list. Specify 0 to
+disable the time limit (i.e. use whatever timeout is implemented by
+the operating system).
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connection_cache_destinations">smtp_connection_cache_destinations</a>
+(default: empty)</b></DT><DD>
+
+<p> Permanently enable SMTP connection caching for the specified
+destinations.  With SMTP connection caching, a connection is not
+closed immediately after completion of a mail transaction.  Instead,
+the connection is kept open for up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
+seconds.  This allows connections to be reused for other deliveries,
+and can improve mail delivery performance. </p>
+
+<p> Specify a comma or white space separated list of destinations
+or pseudo-destinations: </p>
+
+<ul>
+
+<li> if mail is sent without a <a href="postconf.5.html#relayhost">relay host</a>: a domain name (the
+right-hand side of an email address, without the [] around a numeric
+IP address),
+
+<li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
+[] or non-default TCP port), as specified in <a href="postconf.5.html">main.cf</a> or in the
+transport map,
+
+<li> if mail is sent via a UNIX-domain socket: a pathname (without
+the unix: prefix),
+
+<li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
+defined above,
+
+<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names on
+the left-hand side.  The right-hand side result from "<a href="DATABASE_README.html">type:table</a>"
+lookups is ignored.
+
+</ul>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a>
+(default: yes)</b></DT><DD>
+
+<p> Temporarily enable SMTP connection caching while a destination
+has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.  With SMTP connection
+caching, a connection is not closed immediately after completion
+of a mail transaction.  Instead, the connection is kept open for
+up to $<a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> seconds.  This allows
+connections to be reused for other deliveries, and can improve mail
+delivery performance. </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a>
+(default: 2s)</b></DT><DD>
+
+<p> When SMTP connection caching is enabled, the amount of time that
+an unused SMTP client socket is kept open before it is closed.  Do
+not specify larger values without permission from the remote sites.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a>
+(default: 0)</b></DT><DD>
+
+<p> When SMTP connection caching is enabled, the number of times
+that an SMTP session may be reused before it is closed, or zero (no
+limit).  With a reuse count limit of N, a connection is used up to
+N+1 times.  </p>
+
+<p> NOTE: This feature is unsafe. When a high-volume destination
+has multiple inbound MTAs, then the slowest inbound MTA will attract
+the most connections to that destination.  This limitation does not
+exist with the <a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> feature. </p>
+
+<p> This feature is available in Postfix 2.11. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a>
+(default: 300s)</b></DT><DD>
+
+<p> The amount of time during which Postfix will use an SMTP
+connection repeatedly.  The timer starts when the connection is
+initiated (i.e. it includes the connect, greeting and helo latency,
+in addition to the latencies of subsequent mail delivery transactions).
+</p>
+
+<p> This feature addresses a performance stability problem with
+remote SMTP servers. This problem is not specific to Postfix: it
+can happen when any MTA sends large amounts of SMTP email to a site
+that has multiple MX hosts. </p>
+
+<p> The problem starts when one of a set of MX hosts becomes slower
+than the rest.  Even though SMTP clients connect to fast and slow
+MX hosts with equal probability, the slow MX host ends up with more
+simultaneous inbound connections than the faster MX hosts, because
+the slow MX host needs more time to serve each client request. </p>
+
+<p> The slow MX host becomes a connection attractor.  If one MX
+host becomes N times slower than the rest, it dominates mail delivery
+latency unless there are more than N fast MX hosts to counter the
+effect. And if the number of MX hosts is smaller than N, the mail
+delivery latency becomes effectively that of the slowest MX host
+divided by the total number of MX hosts. </p>
+
+<p> The solution uses connection caching in a way that differs from
+Postfix version 2.2.  By limiting the amount of time during which a connection
+can be used repeatedly (instead of limiting the number of deliveries
+over that connection), Postfix not only restores fairness in the
+distribution of simultaneous connections across a set of MX hosts,
+it also favors deliveries over connections that perform well, which
+is exactly what we want.  </p>
+
+<p> The default reuse time limit, 300s, is comparable to the various
+smtp transaction timeouts which are fair estimates of maximum excess
+latency for a slow delivery.  Note that hosts may accept thousands
+of messages over a single connection within the default connection
+reuse time limit. This number is much larger than the default Postfix
+version 2.2 limit of 10 messages per cached connection. It may prove necessary
+to lower the limit to avoid interoperability issues with MTAs that
+exhibit bugs when many messages are delivered via a single connection.
+A lower reuse time limit risks losing the benefit of connection
+reuse when the average connection and mail delivery latency exceeds
+the reuse time limit.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_data_done_timeout">smtp_data_done_timeout</a>
+(default: 600s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the SMTP ".", and
+for receiving the remote SMTP server response.
+</p>
+
+<p>
+When no response is received within the deadline, a warning is
+logged that the mail may be delivered multiple times.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_data_init_timeout">smtp_data_init_timeout</a>
+(default: 120s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the SMTP DATA command,
+and for receiving the remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
+(default: 180s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the SMTP message content.
+When the connection makes no progress for more than $<a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a>
+seconds the Postfix SMTP client terminates the transfer.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_defer_if_no_mx_address_found">smtp_defer_if_no_mx_address_found</a>
+(default: no)</b></DT><DD>
+
+<p>
+Defer mail delivery when no MX record resolves to an IP address.
+</p>
+
+<p>
+The default (no) is to return the mail as undeliverable. With older
+Postfix versions the default was to keep trying to deliver the mail
+until someone fixed the MX record or until the mail was too old.
+</p>
+
+<p>
+Note: the Postfix SMTP client always ignores MX records with equal
+or worse preference
+than the local MTA itself.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_delivery_status_filter">smtp_delivery_status_filter</a>
+(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
+
+<p> Optional filter for the <a href="smtp.8.html">smtp(8)</a> delivery agent to change the
+delivery status code or explanatory text of successful or unsuccessful
+deliveries.  See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details.  </p>
+
+<p> NOTE: This feature modifies Postfix SMTP client error or non-error
+messages that may or may not be derived from remote SMTP server
+responses.  In contrast, the <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> feature modifies
+remote SMTP server responses only.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
+
+<p> The maximal number of parallel deliveries to the same destination
+via the smtp message delivery transport. This limit is enforced by
+the queue manager. The message delivery transport name is the first
+field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_destination_recipient_limit">smtp_destination_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
+
+<p> The maximal number of recipients per message for the smtp
+message delivery transport. This limit is enforced by the queue
+manager. The message delivery transport name is the first field in
+the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+<p> Setting this parameter to a value of 1 changes the meaning of
+<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> from concurrency per domain
+into concurrency per recipient.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables, indexed by the remote SMTP server address, with
+case insensitive lists of EHLO keywords (pipelining, starttls, auth,
+etc.) that the Postfix SMTP client will ignore in the EHLO response from a
+remote SMTP server. See <a href="postconf.5.html#smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a> for details. The
+table is not indexed by hostname for consistency with
+<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_discard_ehlo_keywords">smtp_discard_ehlo_keywords</a>
+(default: empty)</b></DT><DD>
+
+<p> A case insensitive list of EHLO keywords (pipelining, starttls,
+auth, etc.) that the Postfix SMTP client will ignore in the EHLO
+response from a remote SMTP server. </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> feature to
+discard EHLO keywords selectively. </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="smtp_dns_reply_filter">smtp_dns_reply_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional filter for Postfix SMTP client DNS lookup results.
+Specify zero or more lookup tables.  The lookup tables are searched
+in the given order for a match with the DNS lookup result, converted
+to the following form: </p>
+
+<pre>
+    <i>name ttl class type preference value</i>
+</pre>
+
+<p> The <i>class</i> field is always "IN", the <i>preference</i>
+field exists only for MX records, the names of hosts, domains, etc.
+end in ".", and those names are in ASCII form (xn--mumble form in
+the case of UTF8 names).  </p>
+
+<p> When a match is found, the table lookup result specifies an
+action.  By default, the table query and the action name are
+case-insensitive.  Currently, only the <b>IGNORE</b> action is
+implemented.  </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Postfix DNS reply filters have no effect on implicit DNS
+lookups through nsswitch.conf or equivalent mechanisms.  </p>
+
+<li> <p> The Postfix SMTP/LMTP client uses <a href="postconf.5.html#smtp_dns_reply_filter">smtp_dns_reply_filter</a>
+and <a href="postconf.5.html#lmtp_dns_reply_filter">lmtp_dns_reply_filter</a> only to discover a remote SMTP or LMTP
+service (record types MX, A, AAAAA, and TLSA).  These lookups are
+also made to implement the features <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> and
+<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>.  </p>
+
+<li> <p> The Postfix SMTP/LMTP client defers mail delivery when
+a filter removes all lookup results from a successful query.  </p>
+
+<li> <p> Postfix SMTP server uses <a href="postconf.5.html#smtpd_dns_reply_filter">smtpd_dns_reply_filter</a> only to
+look up MX, A, AAAAA, and TXT records to implement the features
+<a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>, <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>,
+<a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a>, reject_rbl_*, and reject_rhsbl_*.
+</p>
+
+<li> <p> The Postfix SMTP server logs a warning or defers mail
+delivery when a filter removes all lookup results from a successful
+query.  </p>
+
+</ul>
+
+<p> Example: ignore Google AAAA records in Postfix SMTP client DNS
+lookups, because Google sometimes hard-rejects mail from IPv6 clients
+with valid PTR etc. records. </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_dns_reply_filter">smtp_dns_reply_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_dns_reply_filter
+</pre>
+
+<pre>
+/etc/postfix/smtp_dns_reply_filter:
+    # /domain ttl IN AAAA address/ action, all case-insensitive.
+    # Note: the domain name ends in ".".
+    /^\S+\.google\.com\.\s+\S+\s+\S+\s+AAAA\s+/ IGNORE
+</pre>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_dns_resolver_options">smtp_dns_resolver_options</a>
+(default: empty)</b></DT><DD>
+
+<p> DNS Resolver options for the Postfix SMTP client.  Specify zero
+or more of the following options, separated by comma or whitespace.
+Option names are case-sensitive. Some options refer to domain names
+that are specified in the file /etc/resolv.conf or equivalent. </p>
+
+<dl>
+
+<dt><b>res_defnames</b></dt>
+
+<dd> Append the current domain name to single-component names (those
+that do not contain a "." character). This can produce incorrect
+results, and is the hard-coded behavior prior to Postfix 2.8. </dd>
+
+<dt><b>res_dnsrch</b></dt>
+
+<dd> Search for host names in the current domain and in parent
+domains. This can produce incorrect results and is therefore not
+recommended. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_dns_support_level">smtp_dns_support_level</a>
+(default: empty)</b></DT><DD>
+
+<p> Level of DNS support in the Postfix SMTP client.  With
+"<a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a>" left at its empty default value, the legacy
+"<a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a>" parameter controls whether DNS is enabled in
+the Postfix SMTP client, otherwise the legacy parameter is ignored.
+</p>
+
+<p> Specify one of the following: </p>
+
+<dl>
+
+<dt><b>disabled</b></dt>
+
+<dd>Disable DNS lookups.  No MX lookups are performed and hostname
+to address lookups are unconditionally "native".  This setting is
+not appropriate for hosts that deliver mail to the public Internet.
+Some obsolete how-to documents recommend disabling DNS lookups in
+some configurations with content_filters.  This is no longer required
+and strongly discouraged.  </dd>
+
+<dt><b>enabled</b></dt>
+
+<dd>Enable DNS lookups.  Nexthop destination domains not enclosed
+in "[]" will be subject to MX lookups.  If "dns" and "native" are
+included in the "<a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a>" parameter value, DNS will be
+queried first to resolve MX-host A records, followed by "native"
+lookups if no answer is found in DNS.  </dd>
+
+<dt><b>dnssec</b></dt>
+
+<dd>Enable <a href="https://tools.ietf.org/html/rfc4033">DNSSEC</a>
+lookups.  The "dnssec" setting differs from the "enabled" setting
+above in the following ways: <ul> <li>Any MX lookups will set
+RES_USE_DNSSEC and RES_USE_EDNS0 to request DNSSEC-validated
+responses. If the MX response is DNSSEC-validated the corresponding
+hostnames are considered validated.  <li> The address lookups of
+validated hostnames are also validated, (provided of course
+"<a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a>" includes "dns", see below).  <li>Temporary
+failures in DNSSEC-enabled hostname-to-address resolution block any
+"native" lookups.  Additional "native" lookups only happen when
+DNSSEC lookups hard-fail (NODATA or NXDOMAIN).  </ul> </dd>
+
+</dl>
+
+<p> The Postfix SMTP client considers non-MX "[nexthop]" and
+"[nexthop]:port" destinations equivalent to statically-validated
+MX records of the form "nexthop.  IN MX 0 nexthop."  Therefore,
+with "dnssec" support turned on, validated hostname-to-address
+lookups apply to the nexthop domain of any "[nexthop]" or
+"[nexthop]:port" destination.  This is also true for LMTP "inet:host"
+and "inet:host:port" destinations, as LMTP hostnames are never
+subject to MX lookups.  </p>
+
+<p>The "dnssec" setting is recommended only if you plan to use the
+<a href="TLS_README.html#client_tls_dane">dane</a> or <a
+href="TLS_README.html#client_tls_dane">dane-only</a> TLS security
+level, otherwise enabling DNSSEC support in Postfix offers no
+additional security.  Postfix DNSSEC support relies on an upstream
+recursive nameserver that validates DNSSEC signatures.  Such a DNS
+server will always filter out forged DNS responses, even when Postfix
+itself is not configured to use DNSSEC. </p>
+
+<p> When using Postfix DANE support the "<a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a>" parameter
+should include "dns", as <a
+href="https://tools.ietf.org/html/rfc7672">DANE</a> is not applicable
+to hosts resolved via "native" lookups.  </p>
+
+<p> As mentioned above, Postfix is not a validating <a
+href="https://tools.ietf.org/html/rfc4035#section-4.9">stub
+resolver</a>; it relies on the system's configured DNSSEC-validating
+<a href="https://tools.ietf.org/html/rfc4035#section-3.2">recursive
+nameserver</a> to perform all DNSSEC validation.  Since this
+nameserver's DNSSEC-validated responses will be fully trusted, it
+is strongly recommended that the MTA host have a local DNSSEC-validating
+recursive caching nameserver listening on a loopback address, and
+be configured to use only this nameserver for all lookups.  Otherwise,
+Postfix may remain subject to man-in-the-middle attacks that forge
+responses from the recursive nameserver</p>
+
+<p>DNSSEC support requires a version of Postfix compiled against a
+reasonably-modern DNS resolver(3) library that implements the
+RES_USE_DNSSEC and RES_USE_EDNS0 resolver options. </p>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_enforce_tls">smtp_enforce_tls</a>
+(default: no)</b></DT><DD>
+
+<p> Enforcement mode: require that remote SMTP servers use TLS
+encryption, and never send mail in the clear.  This also requires
+that the remote SMTP server hostname matches the information in
+the remote server certificate, and that the remote SMTP server
+certificate was issued by a CA that is trusted by the Postfix SMTP
+client. If the certificate doesn't verify or the hostname doesn't
+match, delivery is deferred and mail stays in the queue.  </p>
+
+<p> The server hostname is matched against all names provided as
+dNSNames in the SubjectAlternativeName.  If no dNSNames are specified,
+the CommonName is checked.  The behavior may be changed with the
+<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> option.  </p>
+
+<p> This option is useful only if you are definitely sure that you
+will only connect to servers that support <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> _and_ that
+provide valid server certificates.  Typical use is for clients that
+send all their email to a dedicated mailhub.  </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_fallback_relay">smtp_fallback_relay</a>
+(default: $<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b></DT><DD>
+
+<p>
+Optional list of relay hosts for SMTP destinations that can't be
+found or that are unreachable. With Postfix 2.2 and earlier this
+parameter is called <a href="postconf.5.html#fallback_relay">fallback_relay</a>.  </p>
+
+<p>
+By default, mail is returned to the sender when a destination is
+not found, and delivery is deferred when a destination is unreachable.
+</p>
+
+<p> With bulk email deliveries, it can be beneficial to run the
+fallback relay MTA on the same host, so that it can reuse the sender
+IP address.  This speeds up deliveries that are delayed by IP-based
+reputation systems (greylist, etc.). </p>
+
+<p> The fallback relays must be SMTP destinations. Specify a domain,
+host, host:port, [host]:port, [address] or [address]:port; the form
+[host] turns off MX lookups.  If you specify multiple SMTP
+destinations, Postfix will try them in the specified order.  </p>
+
+<p> To prevent mailer loops between MX hosts and fall-back hosts,
+Postfix version 2.2 and later will not use the fallback relays for
+destinations that it is MX host for (assuming DNS lookup is turned on).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_generic_maps">smtp_generic_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables that perform address rewriting in the
+Postfix SMTP client, typically to transform a locally valid address into
+a globally valid address when sending mail across the Internet.
+This is needed when the local machine does not have its own Internet
+domain name, but uses something like <i>localdomain.local</i>
+instead.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> The table format and lookups are documented in <a href="generic.5.html">generic(5)</a>;
+examples are shown in the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> and
+<a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> documents. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_header_checks">smtp_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Restricted <a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP client.
+These tables are searched while mail is being delivered.  Actions
+that change the delivery time or destination are not available.
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_helo_name">smtp_helo_name</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p>
+The hostname to send in the SMTP HELO or EHLO command.
+</p>
+
+<p>
+The default value is the machine hostname.  Specify a hostname or
+[ip.add.re.ss].
+</p>
+
+<p>
+This information can be specified in the <a href="postconf.5.html">main.cf</a> file for all SMTP
+clients, or it can be specified in the <a href="master.5.html">master.cf</a> file for a specific
+client, for example:
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    mysmtp ... smtp -o <a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a>=foo.bar.com
+</pre>
+</blockquote>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_helo_timeout">smtp_helo_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the HELO or EHLO command,
+and for receiving the initial remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_host_lookup">smtp_host_lookup</a>
+(default: dns)</b></DT><DD>
+
+<p>
+What mechanisms the Postfix SMTP client uses to look up a host's
+IP address.  This parameter is ignored when DNS lookups are disabled
+(see: <a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> and <a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a>).  The "dns"
+mechanism is always tried before "native" if both are listed.
+</p>
+
+<p>
+Specify one of the following:
+</p>
+
+<dl>
+
+<dt><b>dns</b></dt>
+
+<dd>Hosts can be found in the DNS (preferred).  </dd>
+
+<dt><b>native</b></dt>
+
+<dd>Use the native naming service only (nsswitch.conf, or equivalent
+mechanism).  </dd>
+
+<dt><b>dns, native</b></dt>
+
+<dd>Use the native service for hosts not found in the DNS.  </dd>
+
+</dl>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_line_length_limit">smtp_line_length_limit</a>
+(default: 998)</b></DT><DD>
+
+<p>
+The maximal length of message header and body lines that Postfix
+will send via SMTP. This limit does not include the &lt;CR&gt;&lt;LF&gt;
+at the end of each line.  Longer lines are broken by inserting
+"&lt;CR&gt;&lt;LF&gt;&lt;SPACE&gt;", to minimize the damage to MIME
+formatted mail.
+</p>
+
+<p>
+The Postfix limit of 998 characters not including &lt;CR&gt;&lt;LF&gt;
+is consistent with the SMTP limit of 1000 characters including
+&lt;CR&gt;&lt;LF&gt;.  The Postfix limit was 990 with Postfix 2.8
+and earlier.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_mail_timeout">smtp_mail_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the MAIL FROM command,
+and for receiving the remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_mime_header_checks">smtp_mime_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Restricted mime_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
+client. These tables are searched while mail is being delivered.
+Actions that change the delivery time or destination are not
+available.  </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_mx_address_limit">smtp_mx_address_limit</a>
+(default: 5)</b></DT><DD>
+
+<p>
+The maximal number of MX (mail exchanger) IP addresses that can
+result from Postfix SMTP client mail exchanger lookups, or zero (no
+limit). Prior to
+Postfix version 2.3, this limit was disabled by default.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_mx_session_limit">smtp_mx_session_limit</a>
+(default: 2)</b></DT><DD>
+
+<p> The maximal number of SMTP sessions per delivery request before
+the Postfix SMTP client
+gives up or delivers to a fall-back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no
+limit). This restriction ignores sessions that fail to complete the
+SMTP initial handshake (Postfix version 2.2 and earlier) or that fail to
+complete the EHLO and TLS handshake (Postfix version 2.3 and later).  </p>
+
+<p> This feature is available in Postfix 2.1 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_nested_header_checks">smtp_nested_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p> Restricted nested_<a href="header_checks.5.html">header_checks(5)</a> tables for the Postfix SMTP
+client. These tables are searched while mail is being delivered.
+Actions that change the delivery time or destination are not
+available.  </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_never_send_ehlo">smtp_never_send_ehlo</a>
+(default: no)</b></DT><DD>
+
+<p> Never send EHLO at the start of an SMTP session. See also the
+<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_per_record_deadline">smtp_per_record_deadline</a>
+(default: no)</b></DT><DD>
+
+<p> Change the behavior of the smtp_*_timeout time limits, from a
+time limit per read or write system call, to a time limit to send
+or receive a complete record (an SMTP command line, SMTP response
+line, SMTP message content line, or TLS protocol message).  This
+limits the impact from hostile peers that trickle data one byte at
+a time.  </p>
+
+<p> Note: when per-record deadlines are enabled, a short timeout
+may cause problems with TLS over very slow network connections.
+The reasons are that a TLS protocol message can be up to 16 kbytes
+long (with TLSv1), and that an entire TLS protocol message must be
+sent or received within the per-record deadline.  </p>
+
+<p> This feature is available in Postfix 2.9 and later. With older
+Postfix releases, the behavior is as if this parameter is set to
+"no". </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
+(default: 10s)</b></DT><DD>
+
+<p>
+How long the Postfix SMTP client pauses before sending
+".&lt;CR&gt;&lt;LF&gt;" in order to work around the PIX firewall
+"&lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt;" bug.
+</p>
+
+<p>
+Choosing a too short time makes this workaround ineffective when
+sending large messages over slow network connections.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_pix_workaround_maps">smtp_pix_workaround_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables, indexed by the remote SMTP server address, with
+per-destination workarounds for CISCO PIX firewall bugs.  The table
+is not indexed by hostname for consistency with
+<a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a>. </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a>
+(default: 500s)</b></DT><DD>
+
+<p> How long a message must be queued before the Postfix SMTP client
+turns on the PIX firewall "&lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt;"
+bug workaround for delivery through firewalls with "smtp fixup"
+mode turned on.  </p>
+
+<p>
+By default, the workaround is turned off for mail that is queued
+for less than 500 seconds. In other words, the workaround is normally
+turned off for the first delivery attempt.
+</p>
+
+<p>
+Specify 0 to enable the PIX firewall
+"&lt;CR&gt;&lt;LF&gt;.&lt;CR&gt;&lt;LF&gt;" bug workaround upon the
+first delivery attempt.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_pix_workarounds">smtp_pix_workarounds</a>
+(default: disable_esmtp, delay_dotcrlf)</b></DT><DD>
+
+<p> A list that specifies zero or more workarounds for CISCO PIX
+firewall bugs. These workarounds are implemented by the Postfix
+SMTP client. Workaround names are separated by comma or space, and
+are case insensitive.  This parameter setting can be overruled with
+per-destination <a href="postconf.5.html#smtp_pix_workaround_maps">smtp_pix_workaround_maps</a> settings. </p>
+
+<dl>
+
+<dt><b>delay_dotcrlf</b><dd> Insert a delay before sending
+".&lt;CR&gt;&lt;LF&gt;" after the end of the message content.  The
+delay is subject to the <a href="postconf.5.html#smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a> and
+<a href="postconf.5.html#smtp_pix_workaround_threshold_time">smtp_pix_workaround_threshold_time</a> parameter settings. </dd>
+
+<dt><b>disable_esmtp</b><dd> Disable all extended SMTP commands:
+send HELO instead of EHLO. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.4 and later. The default
+settings are backwards compatible with earlier Postfix versions.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_quit_timeout">smtp_quit_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the QUIT command,
+and for receiving the remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
+as required
+by <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>. This includes putting quotes around an address localpart
+that ends in ".".
+</p>
+
+<p>
+The default is to comply with <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>. If you have to send mail to
+a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>:
+</p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="master.5.html">master.cf</a>:
+    broken-smtp . . . smtp -o <a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a>=no
+</pre>
+</blockquote>
+
+<p>
+and route mail for the destination in question to the "broken-smtp"
+message delivery with a <a href="transport.5.html">transport(5)</a> table.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_randomize_addresses">smtp_randomize_addresses</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Randomize the order of equal-preference MX host addresses.  This
+is a performance feature of the Postfix SMTP client.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_rcpt_timeout">smtp_rcpt_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the SMTP RCPT TO
+command, and for receiving the remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_reply_filter">smtp_reply_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> A mechanism to transform replies from remote SMTP servers one
+line at a time.  This is a last-resort tool to work around server
+replies that break interoperability with the Postfix SMTP client.
+Other uses involve fault injection to test Postfix's handling of
+invalid responses. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> In the case of a multi-line reply, the Postfix SMTP client
+uses the final reply line's numerical SMTP reply code and enhanced
+status code.  </p>
+
+<li> <p> The numerical SMTP reply code (XYZ) takes precedence over
+the enhanced status code (X.Y.Z).  When the enhanced status code
+initial digit differs from the SMTP reply code initial digit, or
+when no enhanced status code is present, the Postfix SMTP client
+uses a generic enhanced status code (X.0.0) instead. </p>
+
+</ul>
+
+<p> Specify the name of a "<a href="DATABASE_README.html">type:table</a>" lookup table. The search
+string is a single SMTP reply line as received from the remote SMTP
+server, except that the trailing &lt;CR&gt;&lt;LF&gt; are removed.
+When the lookup succeeds, the result replaces the single SMTP reply
+line. </p>
+
+<p> Examples: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/reply_filter
+</pre>
+
+<pre>
+/etc/postfix/reply_filter:
+    # Transform garbage into "250-filler..." so that it looks like
+    # one line from a multi-line reply. It does not matter what we
+    # substitute here as long it has the right syntax.  The Postfix
+    # SMTP client will use the final line's numerical SMTP reply
+    # code and enhanced status code.
+    !/^([2-5][0-9][0-9]($|[- ]))/ 250-filler for garbage
+</pre>
+
+<p> This feature is available in Postfix 2.7. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_rset_timeout">smtp_rset_timeout</a>
+(default: 20s)</b></DT><DD>
+
+<p> The Postfix SMTP client time limit for sending the RSET command,
+and for receiving the remote SMTP server response. The SMTP client
+sends RSET in
+order to finish a recipient address probe, or to verify that a
+cached session is still usable.  </p>
+
+<p> This feature is available in Postfix 2.1 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
+(default: empty)</b></DT><DD>
+
+<p> An optional table to prevent repeated SASL authentication
+failures with the same remote SMTP server hostname, username and
+password. Each table (key, value) pair contains a server name, a
+username and password, and the full server response. This information
+is stored when a remote SMTP server rejects an authentication attempt
+with a 535 reply code.  As long as the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a>
+information does no change, and as long as the <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a>
+information does not expire (see <a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>) the
+Postfix SMTP client avoids SASL authentication attempts with the
+same server, username and password, and instead bounces or defers
+mail as controlled with the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> configuration
+parameter.  </p>
+
+<p> Use a per-destination delivery concurrency of 1 (for example,
+"<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> = 1",
+"<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> = 1", etc.), otherwise multiple
+delivery agents may experience a login failure at the same time.
+</p>
+
+<p> The table must be accessed via the proxywrite service, i.e. the
+map name must start with "<a href="proxymap.8.html">proxy</a>:". The table should be stored under
+the directory specified with the <a href="postconf.5.html#data_directory">data_directory</a> parameter. </p>
+
+<p> This feature uses cryptographic hashing to protect plain-text
+passwords, and requires that Postfix is compiled with TLS support.
+</p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> = <a href="proxymap.8.html">proxy</a>:<a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/sasl_auth_cache
+</pre>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a>
+(default: 90d)</b></DT><DD>
+
+<p> The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
+is removed. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_auth_enable">smtp_sasl_auth_enable</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable SASL authentication in the Postfix SMTP client.  By default,
+the Postfix SMTP client uses no authentication.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a>
+(default: yes)</b></DT><DD>
+
+<p> When a remote SMTP server rejects a SASL authentication request
+with a 535 reply code, defer mail delivery instead of returning
+mail as undeliverable. The latter behavior was hard-coded prior to
+Postfix version 2.5. </p>
+
+<p> Note: the setting "yes" overrides the global <a href="postconf.5.html#soft_bounce">soft_bounce</a>
+parameter, but the setting "no" does not. </p>
+
+<p> Example: </p>
+
+<pre>
+# Default as of Postfix 2.5
+<a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = yes
+# The old hard-coded default
+<a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> = no
+</pre>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
+(default: empty)</b></DT><DD>
+
+<p>
+If non-empty, a Postfix SMTP client filter for the remote SMTP
+server's list of offered SASL mechanisms.  Different client and
+server implementations may support different mechanism lists; by
+default, the Postfix SMTP client will use the intersection of the
+two. <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> specifies an optional third mechanism
+list to intersect with. </p>
+
+<p> Specify mechanism names, "/file/name" patterns or "<a href="DATABASE_README.html">type:table</a>"
+lookup tables. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups
+is ignored. Specify "!pattern" to exclude a mechanism name from the
+list. The form "!/file/name" is supported only in Postfix version
+2.4 and later. </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = plain, login
+<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = /etc/postfix/smtp_mechs
+<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !login, <a href="DATABASE_README.html#types">static</a>:rest
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_password_maps">smtp_sasl_password_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional Postfix SMTP client lookup tables with one username:password
+entry per sender, remote hostname or next-hop domain. Per-sender
+lookup is done only when sender-dependent authentication is enabled.
+If no username:password entry is found, then the Postfix SMTP client
+will not attempt to authenticate to the remote host.
+</p>
+
+<p>
+The Postfix SMTP client opens the lookup table before going to
+chroot jail, so you can leave the password file in /etc/postfix.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_path">smtp_sasl_path</a>
+(default: empty)</b></DT><DD>
+
+<p> Implementation-specific information that the Postfix SMTP client
+passes through to
+the SASL plug-in implementation that is selected with
+<b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  Typically this specifies the name of a
+configuration file or rendezvous point. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_security_options">smtp_sasl_security_options</a>
+(default: noplaintext, noanonymous)</b></DT><DD>
+
+<p> Postfix SMTP client SASL security options; as of Postfix 2.3
+the list of available
+features depends on the SASL client implementation that is selected
+with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.  </p>
+
+<p> The following security features are defined for the <b>cyrus</b>
+client SASL implementation: </p>
+
+<p>
+Specify zero or more of the following:
+</p>
+
+<dl>
+
+<dt><b>noplaintext</b></dt>
+
+<dd>Disallow methods that use plaintext passwords. </dd>
+
+<dt><b>noactive</b></dt>
+
+<dd>Disallow methods subject to active (non-dictionary) attack.
+</dd>
+
+<dt><b>nodictionary</b></dt>
+
+<dd>Disallow methods subject to passive (dictionary) attack. </dd>
+
+<dt><b>noanonymous</b></dt>
+
+<dd>Disallow methods that allow anonymous authentication. </dd>
+
+<dt><b>mutual_auth</b></dt>
+
+<dd>Only allow methods that provide mutual authentication (not
+available with SASL version 1). </dd>
+
+</dl>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> = noplaintext
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>
+(default: $<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b></DT><DD>
+
+<p> The SASL authentication security options that the Postfix SMTP
+client uses for TLS encrypted SMTP sessions. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a>
+(default: $<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>)</b></DT><DD>
+
+<p> The SASL authentication security options that the Postfix SMTP
+client uses for TLS encrypted SMTP sessions with a verified server
+certificate. </p>
+
+<p> When mail is sent to the public MX host for the recipient's
+domain, server certificates are by default optional, and delivery
+proceeds even if certificate verification fails. For delivery via
+a submission service that requires SASL authentication, it may be
+appropriate to send plaintext passwords only when the connection
+to the server is strongly encrypted <b>and</b> the server identity
+is verified. </p>
+
+<p> The <a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> parameter makes it
+possible to only enable plaintext mechanisms when a secure connection
+to the server is available. Submission servers subject to this
+policy must either have verifiable certificates or offer suitable
+non-plaintext SASL mechanisms. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sasl_type">smtp_sasl_type</a>
+(default: cyrus)</b></DT><DD>
+
+<p> The SASL plug-in type that the Postfix SMTP client should use
+for authentication.  The available types are listed with the
+"<b>postconf -A</b>" command. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
+(default: no)</b></DT><DD>
+
+<p> Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL
+FROM command in SASL-authenticated SMTP sessions. The default is
+not to send this, to avoid problems with broken remote SMTP servers.
+Before Postfix 2.9 the behavior is as if "<a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a>
+= yes".
+
+<p> This feature is available in Postfix 2.9 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_send_xforward_command">smtp_send_xforward_command</a>
+(default: no)</b></DT><DD>
+
+<p>
+Send the non-standard XFORWARD command when the Postfix SMTP server
+EHLO response announces XFORWARD support.
+</p>
+
+<p>
+This allows a Postfix SMTP delivery agent, used for injecting mail
+into
+a content filter, to forward the name, address, protocol and HELO
+name of the original client to the content filter and downstream
+queuing SMTP server. This can produce more useful logging than
+localhost[127.0.0.1] etc.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable sender-dependent authentication in the Postfix SMTP client; this is
+available only with SASL authentication, and disables SMTP connection
+caching to ensure that mail from different senders will use the
+appropriate credentials.  </p>
+
+<p>
+This feature is available in Postfix 2.3 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Skip SMTP servers that greet with a 4XX status code (go away, try
+again later).
+</p>
+
+<p>
+By default, the Postfix SMTP client moves on the next mail exchanger.
+Specify
+"<a href="postconf.5.html#smtp_skip_4xx_greeting">smtp_skip_4xx_greeting</a> = no" if Postfix should defer delivery
+immediately.
+</p>
+
+<p> This feature is available in Postfix 2.0 and earlier.
+Later Postfix versions always skip remote SMTP servers that greet
+with a
+4XX status code. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Skip remote SMTP servers that greet with a 5XX status code.
+</p>
+
+<p> By default, the Postfix SMTP client moves on the next mail
+exchanger. Specify "<a href="postconf.5.html#smtp_skip_5xx_greeting">smtp_skip_5xx_greeting</a> = no" if Postfix should
+bounce the mail immediately. Caution: the latter behavior appears
+to contradict <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_skip_quit_response">smtp_skip_quit_response</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Do not wait for the response to the SMTP QUIT command.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_starttls_timeout">smtp_starttls_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p> Time limit for Postfix SMTP client write and read operations
+during TLS startup and shutdown handshake procedures. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tcp_port">smtp_tcp_port</a>
+(default: smtp)</b></DT><DD>
+
+<p>
+The default TCP port that the Postfix SMTP client connects to.
+Specify a symbolic name (see services(5)) or a numeric port.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_CAfile">smtp_tls_CAfile</a>
+(default: empty)</b></DT><DD>
+
+<p> A file containing CA certificates of root CAs trusted to sign
+either remote SMTP server certificates or intermediate CA certificates.
+These are loaded into memory before the <a href="smtp.8.html">smtp(8)</a> client enters the
+chroot jail. If the number of trusted roots is large, consider using
+<a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> instead, but note that the latter directory must be
+present in the chroot jail if the <a href="smtp.8.html">smtp(8)</a> client is chrooted. This
+file may also be used to augment the client certificate trust chain,
+but it is best to include all the required certificates directly in
+$<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>. </p>
+
+<p> Specify "<a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> = /path/to/system_CA_file" to use
+ONLY the system-supplied default Certification Authority certificates.
+</p>
+
+<p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> = /etc/postfix/CAcert.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_CApath">smtp_tls_CApath</a>
+(default: empty)</b></DT><DD>
+
+<p> Directory with PEM format Certification Authority certificates
+that the Postfix SMTP client uses to verify a remote SMTP server
+certificate.  Don't forget to create the necessary "hash" links
+with, for example, "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs".
+</p>
+
+<p> To use this option in chroot mode, this directory (or a copy)
+must be inside the chroot jail. </p>
+
+<p> Specify "<a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> = /path/to/system_CA_directory" to
+use ONLY the system-supplied default Certification Authority certificates.
+</p>
+
+<p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> = /etc/postfix/certs
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a>
+(default: no)</b></DT><DD>
+
+<p> Try to detect a mail hijacking attack based on a TLS protocol
+vulnerability (CVE-2009-3555), where an attacker prepends malicious
+HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client TLS session.
+The attack would succeed with non-Postfix SMTP servers that reply
+to the malicious HELO, MAIL, RCPT, DATA commands after negotiating
+the Postfix SMTP client TLS session.  </p>
+
+<p> This feature is available in Postfix 2.7. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_cert_file">smtp_tls_cert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP client RSA certificate in PEM format.
+This file may also contain the Postfix SMTP client private RSA key,
+and these may be the same as the Postfix SMTP server RSA certificate and key
+file. </p>
+
+<p> Do not configure client certificates unless you <b>must</b> present
+client TLS certificates to one or more servers. Client certificates are
+not usually needed, and can cause problems in configurations that work
+well without them. The recommended setting is to let the defaults stand: </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> =
+<a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> =
+<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> =
+<a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> =
+<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> =
+<a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> =
+</pre>
+</blockquote>
+
+<p> The best way to use the default settings is to comment out the above
+parameters in <a href="postconf.5.html">main.cf</a> if present. </p>
+
+<p> To enable remote SMTP servers to verify the Postfix SMTP client
+certificate, the issuing CA certificates must be made available to the
+server. You should include the required certificates in the client
+certificate file, the client certificate first, then the issuing
+CA(s) (bottom-up order). </p>
+
+<p> Example: the certificate for "client.example.com" was issued by
+"intermediate CA" which itself has a certificate issued by "root CA".
+Create the client.pem file with "cat client_cert.pem intermediate_CA.pem
+root_CA.pem &gt; client.pem". </p>
+
+<p> If you also want to verify remote SMTP server certificates issued by
+these CAs, you can add the CA certificates to the <a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a>, in
+which case it is not necessary to have them in the <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>,
+<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> or <a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>. </p>
+
+<p> A certificate supplied here must be usable as an SSL client certificate
+and hence pass the "openssl verify -purpose sslclient ..." test. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> = /etc/postfix/client.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_cipherlist">smtp_tls_cipherlist</a>
+(default: empty)</b></DT><DD>
+
+<p> Obsolete Postfix &lt; 2.3 control for the Postfix SMTP client TLS
+cipher list. As this feature applies to all TLS security levels, it is easy
+to create interoperability problems by choosing a non-default cipher
+list. Do not use a non-default TLS cipher list on hosts that deliver email
+to the public Internet: you will be unable to send email to servers that
+only support the ciphers you exclude. Using a restricted cipher list
+may be more appropriate for an internal MTA, where one can exert some
+control over the TLS software and settings of the peer servers. </p>
+
+<p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
+
+<p> This feature is available in Postfix version 2.2. It is not used with
+Postfix 2.3 and later; use <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_ciphers">smtp_tls_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix SMTP client
+will use with opportunistic TLS encryption. Cipher types listed in
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> are excluded from the base definition of
+the selected cipher grade.   The default value is "medium" for
+Postfix releases after the middle of 2015, "export" for older
+releases.  </p>
+
+<p> When TLS is mandatory the cipher grade is chosen via the
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> configuration parameter, see there for syntax
+details. See <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for information on how to configure
+ciphers on a per-destination basis. </p>
+
+<p> This feature is available in Postfix 2.6 and later. With earlier Postfix
+releases only the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter is implemented,
+and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a>
+(default: dane)</b></DT><DD>
+
+<p> The TLS policy for MX hosts with "secure" TLSA records when the
+nexthop destination security level is <b>dane</b>, but the MX
+record was found via an "insecure" MX lookup.  The choices are:
+</p>
+
+<dl>
+<dt><b>may</b></dt>
+<dd> The TLSA records will be ignored and TLS will be optional.  If
+the MX host does not appear to support STARTTLS, or the STARTTLS
+handshake fails, mail may be sent in the clear. </dd>
+<dt><b>encrypt</b></dt>
+<dd> The TLSA records will signal a requirement to use TLS.  While
+TLS encryption will be required, authentication will not be performed.
+</dd>
+<dt><b>dane</b> (default)</dt>
+<dd>The TLSA records will be used just as with "secure" MX records.
+TLS encryption will be required, and, if at least one of the TLSA
+records is "usable", authentication will be required.  When
+authentication succeeds, it will be logged only as "Trusted", not
+"Verified", because the MX host name could have been forged.  </dd>
+</dl>
+
+<p> Though with "insecure" MX records an active attacker can
+compromise SMTP transport security by returning forged MX records,
+such attacks are "tamper-evident" since any forged MX hostnames
+will be recorded in the mail logs.  Attackers who place a high value
+staying hidden may be deterred from forging MX records. </p>
+
+<p>
+This feature is available in Postfix 3.1 and later. The <b>may</b>
+policy is backwards-compatible with earlier Postfix versions.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_dcert_file">smtp_tls_dcert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP client DSA certificate in PEM format.
+This file may also contain the Postfix SMTP client private DSA key. </p>
+
+<p> See the discussion under <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> for more details.
+</p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> = /etc/postfix/client-dsa.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_dkey_file">smtp_tls_dkey_file</a>
+(default: $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP client DSA private key in PEM format.
+This file may be combined with the Postfix SMTP client DSA certificate
+file specified with $<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_eccert_file">smtp_tls_eccert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP client ECDSA certificate in PEM format.
+This file may also contain the Postfix SMTP client ECDSA private key. </p>
+
+<p> See the discussion under <a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> for more details.
+</p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> = /etc/postfix/ecdsa-ccert.pem
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_eckey_file">smtp_tls_eckey_file</a>
+(default: $<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP client ECDSA private key in PEM format.
+This file may be combined with the Postfix SMTP client ECDSA
+certificate file specified with $<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
+(default: yes)</b></DT><DD>
+
+<p> With mandatory TLS encryption, require that the remote SMTP
+server hostname matches the information in the remote SMTP server
+certificate.  As of <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> the requirements for hostname checking
+for MTA clients are not specified. </p>
+
+<p> This option can be set to "no" to disable strict peer name
+checking. This setting has no effect on sessions that are controlled
+via the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table.  </p>
+
+<p> Disabling the hostname verification can make sense in closed
+environment where special CAs are created.  If not used carefully,
+this option opens the danger of a "man-in-the-middle" attack (the
+CommonName of this attacker will be logged). </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> List of ciphers or cipher types to exclude from the Postfix
+SMTP client cipher
+list at all TLS security levels. This is not an OpenSSL cipherlist, it is
+a simple list separated by whitespace and/or commas. The elements are a
+single cipher, or one or more "+" separated cipher properties, in which
+case only ciphers matching <b>all</b> the properties are excluded. </p>
+
+<p> Examples (some of these will cause problems): </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = MD5, DES
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = DES+MD5
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
+<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = kEDH+aRSA
+</pre>
+</blockquote>
+
+<p> The first setting, disables anonymous ciphers. The next setting
+disables ciphers that use the MD5 digest algorithm or the (single) DES
+encryption algorithm. The next setting disables ciphers that use MD5 and
+DES together.  The next setting disables the two ciphers "AES256-SHA"
+and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
+key exchange with RSA authentication. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a>
+(default: empty)</b></DT><DD>
+
+<p> List of acceptable remote SMTP server certificate fingerprints for
+the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> =
+fingerprint). At this security level, Certification Authorities are not
+used, and certificate expiration times are ignored. Instead, server
+certificates are verified directly via their certificate fingerprint
+or public key fingerprint (Postfix 2.9 and later). The fingerprint
+is a message digest of the server certificate (or public key). The
+digest algorithm is selected via the <b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b>
+parameter. </p>
+
+<p> When an <b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a></b> table entry specifies the
+"fingerprint" security level, any "match" attributes in that entry specify
+the list of valid fingerprints for the corresponding destination. Multiple
+fingerprints can be combined with a "|" delimiter in a single match
+attribute, or multiple match attributes can be employed. </p>
+
+<p> Example: Certificate fingerprint verification with internal mailhub.
+Two matching fingerprints are listed. The <a href="postconf.5.html#relayhost">relayhost</a> may be multiple
+physical hosts behind a load-balancer, each with its own private/public
+key and self-signed certificate. Alternatively, a single <a href="postconf.5.html#relayhost">relayhost</a> may
+be in the process of switching from one set of private/public keys to
+another, and both keys are trusted just prior to the transition. </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
+<a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
+<a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
+    3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
+    EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
+</pre>
+</blockquote>
+
+<p> Example: Certificate fingerprint verification with selected destinations.
+As in the example above, we show two matching fingerprints: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/tls_policy
+    <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+/etc/postfix/tls_policy:
+    example.com fingerprint
+        match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
+        match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
+</pre>
+</blockquote>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a>
+(default: md5)</b></DT><DD>
+
+<p> The message digest algorithm used to construct remote SMTP server
+certificate fingerprints. At the "fingerprint" TLS security level
+(<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a></b> = fingerprint), the server certificate is
+verified by directly matching its certificate fingerprint or its public
+key fingerprint (Postfix 2.9 and later). The fingerprint is the
+message digest of the server certificate (or its public key)
+using the selected
+algorithm. With a digest algorithm resistant to "second pre-image"
+attacks, it is not feasible to create a new public key and a matching
+certificate (or public/private key-pair) that has the same fingerprint. </p>
+
+<p> The default algorithm is <b>md5</b>; this is consistent with
+the backwards compatible setting of the digest used to verify client
+certificates in the SMTP server. </p>
+
+<p> The best practice algorithm is now <b>sha1</b>. Recent advances in hash
+function cryptanalysis have led to md5 being deprecated in favor of sha1.
+However, as long as there are no known "second pre-image" attacks
+against md5, its use in this context can still be considered safe.
+</p>
+
+<p> While additional digest algorithms are often available with OpenSSL's
+libcrypto, only those used by libssl in SSL cipher suites are available to
+Postfix. For now this means just md5 or sha1. </p>
+
+<p> To find the fingerprint of a specific certificate file, with a
+specific digest algorithm, run:
+</p>
+
+<blockquote>
+<pre>
+$ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
+</pre>
+</blockquote>
+
+<p> The text to the right of "=" sign is the desired fingerprint.
+For example: </p>
+
+<blockquote>
+<pre>
+$ openssl x509 -noout -fingerprint -sha1 -in cert.pem
+SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
+</pre>
+</blockquote>
+
+<p> To extract the public key fingerprint from an X.509 certificate,
+you need to extract the public key from the certificate and compute
+the appropriate digest of its DER (ASN.1) encoding. With OpenSSL
+the "-pubkey" option of the "x509" command extracts the public
+key always in "PEM" format. We pipe the result to another OpenSSL
+command that converts the key to DER and then to the "dgst" command
+to compute the fingerprint. </p>
+
+<p> The actual command to transform the key to DER format depends
+on the version of OpenSSL used. With OpenSSL 1.0.0 and later, the
+"pkey" command supports all key types. With OpenSSL 0.9.8 and
+earlier, the key type is always RSA (nobody uses DSA, and EC
+keys are not fully supported by 0.9.8), so the "rsa" command is
+used. </p>
+<blockquote>
+<pre>
+# OpenSSL 1.0 with all certificates and SHA-1 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+    openssl pkey -pubin -outform DER |
+    openssl dgst -sha1 -c
+(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+    openssl rsa -pubin -outform DER |
+    openssl dgst -md5 -c
+(stdin)= f4:62:60:f6:12:8f:d5:8d:28:4d:13:a7:db:b2:ff:50
+</pre>
+</blockquote>
+
+<p> The Postfix SMTP server and client log the peer (leaf) certificate
+fingerprint and public key fingerprint when the TLS loglevel is 2 or
+higher. </p>
+
+<p> <b>Note:</b> Postfix 2.9.0&ndash;2.9.5 computed the public key
+fingerprint incorrectly. To use public-key fingerprints, upgrade
+to Postfix 2.9.6 or later. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_force_insecure_host_tlsa_lookup">smtp_tls_force_insecure_host_tlsa_lookup</a>
+(default: no)</b></DT><DD>
+
+<p> Lookup the associated DANE TLSA RRset even when a hostname is
+not an alias and its address records lie in an unsigned zone.  This
+is unlikely to ever yield DNSSEC validated results, since child
+zones of unsigned zones are also unsigned in the absence of DLV or
+locally configured non-root trust-anchors.  We anticipate that such
+mechanisms will not be used for just the "_tcp" subdomain of a host.
+Suppressing the TLSA RRset lookup reduces latency and avoids potential
+interoperability problems with nameservers for unsigned zones that
+are not prepared to handle the new TLSA RRset.  </p>
+
+<p> This feature is available in Postfix 2.11. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_key_file">smtp_tls_key_file</a>
+(default: $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP client RSA private key in PEM format.
+This file may be combined with the Postfix SMTP client RSA certificate
+file specified with $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> = $<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_loglevel">smtp_tls_loglevel</a>
+(default: 0)</b></DT><DD>
+
+<p> Enable additional Postfix SMTP client logging of TLS activity.
+Each logging level also includes the information that is logged at
+a lower logging level.  </p>
+
+<dl compact>
+
+<dt> </dt> <dd> 0 Disable logging of TLS activity. </dd>
+
+<dt> </dt> <dd> 1 Log only a summary message on TLS handshake completion
+&mdash; no logging of remote SMTP server certificate trust-chain
+verification errors if server certificate verification is not required.
+With Postfix 2.8 and earlier, log the summary message and unconditionally
+log trust-chain verification errors.  </dd>
+
+<dt> </dt> <dd> 2 Also log levels during TLS negotiation.  </dd>
+
+<dt> </dt> <dd> 3 Also log hexadecimal and ASCII dump of TLS negotiation
+process.  </dd>
+
+<dt> </dt> <dd> 4 Also log hexadecimal and ASCII dump of complete
+transmission after STARTTLS. </dd>
+
+</dl>
+
+<p> Do not use "<a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> = 2" or higher except in case of
+problems. Use of loglevel 4 is strongly discouraged. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix SMTP client will
+use with
+mandatory TLS encryption.  The default value "medium" is suitable
+for most destinations with which you may want to enforce TLS, and
+is beyond the reach of today's cryptanalytic methods. See
+<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for information on how to configure ciphers
+on a per-destination basis. </p>
+
+<p> The following cipher grades are supported: </p>
+
+<dl>
+<dt><b>export</b></dt>
+<dd> Enable "EXPORT" grade or better OpenSSL ciphers.  The underlying
+cipherlist is specified via the <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> configuration
+parameter, which you are strongly encouraged to not change.  This
+choice is insecure and SHOULD NOT be used.  </dd>
+
+<dt><b>low</b></dt>
+<dd> Enable "LOW" grade or better OpenSSL ciphers.  The underlying
+cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> configuration
+parameter, which you are strongly encouraged to not change.  This
+choice is insecure and SHOULD NOT be used.  </dd>
+
+<dt><b>medium</b></dt>
+<dd> Enable "MEDIUM" grade or better OpenSSL ciphers.
+The underlying cipherlist is specified via the <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a>
+configuration parameter, which you are strongly encouraged to not change.
+</dd>
+
+<dt><b>high</b></dt>
+<dd> Enable only "HIGH" grade OpenSSL ciphers.  This setting may
+be appropriate when all mandatory TLS destinations (e.g. when all
+mail is routed to a suitably capable <a href="postconf.5.html#relayhost">relayhost</a>) support at least one
+"HIGH" grade cipher. The underlying cipherlist is specified via the
+<a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> configuration parameter, which you are strongly
+encouraged to not change. </dd>
+
+<dt><b>null</b></dt>
+<dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
+without encryption.  This setting is only appropriate in the rare case
+that all servers are prepared to use NULL ciphers (not normally enabled
+in TLS servers). A plausible use-case is an LMTP server listening on a
+UNIX-domain socket that is configured to support "NULL" ciphers. The
+underlying cipherlist is specified via the <a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a>
+configuration parameter, which you are strongly encouraged to not
+change. </dd>
+
+</dl>
+
+<p> The underlying cipherlists for grades other than "null" include
+anonymous ciphers, but these are automatically filtered out if the
+Postfix SMTP client is configured to verify server certificates.
+You are very unlikely to need to take any steps to exclude anonymous
+ciphers, they are excluded automatically as necessary.  If you must
+exclude anonymous ciphers at the "may" or "encrypt" security levels,
+when the Postfix SMTP client does not need or use peer certificates, set
+"<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL". To exclude anonymous ciphers only when
+TLS is enforced, set "<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = aNULL". </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> Additional list of ciphers or cipher types to exclude from the
+Postfix SMTP client cipher list at mandatory TLS security levels. This list
+works in addition to the exclusions listed with <a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>
+(see there for syntax details).  </p>
+
+<p> Starting with Postfix 2.6, the mandatory cipher exclusions can be
+specified on a per-destination basis via the TLS policy "exclude"
+attribute. See <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> for notes and examples. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> List of SSL/TLS protocols that the Postfix SMTP client will use with
+mandatory TLS encryption.  In <a href="postconf.5.html">main.cf</a> the values are separated by
+whitespace, commas or colons. In the policy table "protocols" attribute
+(see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid separator is colon. An
+empty value means allow all protocols. The valid protocol names, (see
+<b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3" and "TLSv1". The
+default value is "!SSLv2, !SSLv3" for Postfix releases after the
+middle of 2015, "!SSLv2" for older releases. </p>
+
+<p> With Postfix &ge; 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
+the protocols to include, rather than protocols to exclude, is
+supported, but not recommended. The exclusion form more closely
+matches the underlying OpenSSL interface semantics.
+</p>
+
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous.  When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version.  Thus, for example: </p>
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled.  </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix &le; 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled except by also disabling "TLSv1" (typically leaving just
+"SSLv3").  The latest patch levels of Postfix &ge; 2.6, and all
+versions of Postfix &ge; 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2". </p>
+
+<p> At the <a href="TLS_README.html#client_tls_dane">dane</a> and
+<a href="TLS_README.html#client_tls_dane">dane-only</a> security
+levels, when usable TLSA records are obtained for the remote SMTP
+server, the Postfix SMTP client is obligated to include the SNI TLS
+extension in its SSL client hello message.  This may help the remote
+SMTP server live up to its promise to provide a certificate that
+matches its TLSA records.  Since TLS extensions require TLS 1.0 or
+later, the Postfix SMTP client must disable "SSLv2" and "SSLv3" when
+SNI is required.  If you use "dane" or "dane-only" do not disable
+TLSv1, except perhaps via the policy table for destinations which
+you are sure will support "TLSv1.1" or "TLSv1.2".  </p>
+
+<p> See the documentation of the <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> parameter and
+<a href="TLS_README.html">TLS_README</a> for more information about security levels. </p>
+
+<p> Example: </p>
+
+<pre>
+# Preferred syntax with Postfix &ge; 2.5:
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
+# Legacy syntax:
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a>
+(default: no)</b></DT><DD>
+
+<p> Log the hostname of a remote SMTP server that offers STARTTLS,
+when TLS is not already enabled for that server. </p>
+
+<p> The logfile record looks like:  </p>
+
+<pre>
+postfix/smtp[pid]:  Host offered STARTTLS: [name.of.host]
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_per_site">smtp_tls_per_site</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with the Postfix SMTP client TLS usage
+policy by next-hop destination and by remote SMTP server hostname.
+When both lookups succeed, the more specific per-site policy (NONE,
+MUST, etc) overrides the less specific one (MAY), and the more secure
+per-site policy (MUST, etc) overrides the less secure one (NONE).
+With Postfix 2.3 and later <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> is strongly discouraged:
+use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
+
+<p> Use of the bare hostname as the per-site table lookup key is
+discouraged. Always use the full destination nexthop (enclosed in
+[] with a possible ":port" suffix). A recipient domain or MX-enabled
+transport next-hop with no port suffix may look like a bare hostname,
+but is still a suitable <i>destination</i>. </p>
+
+<p> Specify a next-hop destination or server hostname on the left-hand
+side; no wildcards are allowed. The next-hop destination is either
+the recipient domain, or the destination specified with a <a href="transport.5.html">transport(5)</a>
+table, the <a href="postconf.5.html#relayhost">relayhost</a> parameter, or the <a href="postconf.5.html#relay_transport">relay_transport</a> parameter.
+On the right hand side specify one of the following keywords:  </p>
+
+<dl>
+
+<dt> NONE </dt> <dd> Don't use TLS at all. This overrides a less
+specific <b>MAY</b> lookup result from the alternate host or next-hop
+lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>,
+and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings. </dd>
+
+<dt> MAY </dt> <dd> Try to use TLS if the server announces support,
+otherwise use the unencrypted connection. This has less precedence
+than a more specific result (including <b>NONE</b>) from the alternate
+host or next-hop lookup key, and has less precedence than the more
+specific global "<a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> = yes" or "<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
+= yes".  </dd>
+
+<dt> MUST_NOPEERMATCH </dt> <dd> Require TLS encryption, but do not
+require that the remote SMTP server hostname matches the information
+in the remote SMTP server certificate, or that the server certificate
+was issued by a trusted CA. This overrides a less secure <b>NONE</b>
+or a less specific <b>MAY</b> lookup result from the alternate host
+or next-hop lookup key, and overrides the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>,
+<a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> settings.  </dd>
+
+<dt> MUST </dt> <dd> Require TLS encryption, require that the remote
+SMTP server hostname matches the information in the remote SMTP
+server certificate, and require that the remote SMTP server certificate
+was issued by a trusted CA. This overrides a less secure <b>NONE</b>
+and <b>MUST_NOPEERMATCH</b> or a less specific <b>MAY</b> lookup
+result from the alternate host or next-hop lookup key, and overrides
+the global <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>
+settings.  </dd>
+
+</dl>
+
+<p> The above keywords correspond to the "none", "may", "encrypt" and
+"verify" security levels for the new <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> parameter
+introduced in Postfix 2.3. Starting with Postfix 2.3, and independently
+of how the policy is specified, the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters apply when TLS encryption
+is mandatory. Connections for which encryption is optional typically
+enable all "export" grade and better ciphers (see <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>
+and <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>). </p>
+
+<p> As long as no secure DNS lookup mechanism is available, false
+hostnames in MX or CNAME responses can change the server hostname
+that Postfix uses for TLS policy lookup and server certificate
+verification. Even with a perfect match between the server hostname and
+the server certificate, there is no guarantee that Postfix is connected
+to the right server.  See <a href="TLS_README.html">TLS_README</a> (Closing a DNS loophole with obsolete
+per-site TLS policies) for a possible work-around. </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_policy_maps">smtp_tls_policy_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with the Postfix SMTP client TLS security
+policy by next-hop destination; when a non-empty value is specified,
+this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.  See
+<a href="TLS_README.html">TLS_README</a> for a more detailed discussion of TLS security levels.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> The TLS policy table is indexed by the full next-hop destination,
+which is either the recipient domain, or the verbatim next-hop
+specified in the transport table, $<a href="postconf.5.html#local_transport">local_transport</a>, $<a href="postconf.5.html#virtual_transport">virtual_transport</a>,
+$<a href="postconf.5.html#relay_transport">relay_transport</a> or $<a href="postconf.5.html#default_transport">default_transport</a>. This includes any enclosing
+square brackets and any non-default destination server port suffix. The
+LMTP socket type prefix (inet: or unix:) is not included in the lookup
+key. </p>
+
+<p> Only the next-hop domain, or $<a href="postconf.5.html#myhostname">myhostname</a> with LMTP over UNIX-domain
+sockets, is used as the nexthop name for certificate verification. The
+port and any enclosing square brackets are used in the table lookup key,
+but are not used for server name verification. </p>
+
+<p> When the lookup key is a domain name without enclosing square brackets
+or any <i>:port</i> suffix (typically the recipient domain), and the full
+domain is not found in the table, just as with the <a href="transport.5.html">transport(5)</a> table,
+the parent domain starting with a leading "." is matched recursively. This
+allows one to specify a security policy for a recipient domain and all
+its sub-domains. </p>
+
+<p> The lookup result is a security level, followed by an optional list
+of whitespace and/or comma separated name=value attributes that override
+related <a href="postconf.5.html">main.cf</a> settings. The TLS security levels in order of increasing
+security are: </p>
+
+<dl>
+
+<dt><b><a href="TLS_README.html#client_tls_none">none</a></b></dt>
+<dd>No TLS. No additional attributes are supported at this level. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_may">may</a></b></dt>
+<dd>Opportunistic TLS. Since sending in the clear is acceptable,
+demanding stronger than default TLS security merely reduces
+interoperability. The optional "ciphers", "exclude" and "protocols"
+attributes (available for opportunistic TLS with Postfix &ge; 2.6)
+override the "<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>", "<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a>" and
+"<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>" configuration parameters. When opportunistic TLS
+handshakes fail, Postfix retries the connection with TLS disabled.
+This allows mail delivery to sites with non-interoperable TLS
+implementations.</dd>
+
+<dt><b><a href="TLS_README.html#client_tls_encrypt">encrypt</a></b></dt>
+<dd>Mandatory TLS encryption. At this level
+and higher, the optional "protocols" attribute overrides the <a href="postconf.5.html">main.cf</a>
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameter, the optional "ciphers" attribute
+overrides the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter, and the
+optional "exclude" attribute (Postfix &ge; 2.6) overrides the <a href="postconf.5.html">main.cf</a>
+<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> parameter. In the policy table,
+multiple protocols or excluded ciphers must be separated by colons,
+as attribute values may not contain whitespace or commas. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_dane">dane</a></b></dt>
+<dd>Opportunistic DANE TLS.  The TLS policy for the destination is
+obtained via TLSA records in DNSSEC.  If no TLSA records are found,
+the effective security level used is <a
+href="TLS_README.html#client_tls_may">may</a>.  If TLSA records are
+found, but none are usable, the effective security level is <a
+href="TLS_README.html#client_tls_encrypt">encrypt</a>.  When usable
+TLSA records are obtained for the remote SMTP server, the
+server certificate must match the TLSA records.  <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a> (DANE)
+TLS authentication and DNSSEC support is available with Postfix
+2.11 and later.  </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_dane">dane-only</a></b></dt>
+<dd>Mandatory DANE TLS.  The TLS policy for the destination is
+obtained via TLSA records in DNSSEC.  If no TLSA records are found,
+or none are usable, no connection is made to the server.  When
+usable TLSA records are obtained for the remote SMTP server, the
+server certificate must match the TLSA records.  <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a> (DANE) TLS
+authentication and DNSSEC support is available with Postfix 2.11
+and later.  </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_fingerprint">fingerprint</a></b></dt>
+<dd>Certificate fingerprint
+verification. Available with Postfix 2.5 and later. At this security
+level, there are no trusted Certification Authorities. The certificate
+trust chain, expiration date, ... are not checked. Instead,
+the optional <b>match</b> attribute, or else the <a href="postconf.5.html">main.cf</a>
+<b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b> parameter, lists the certificate
+fingerprints or the public key fingerprint (Postfix 2.9 and later)
+of the valid server certificate. The digest
+algorithm used to calculate the fingerprint is selected by the
+<b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. Multiple fingerprints can
+be combined with a "|" delimiter in a single match attribute, or multiple
+match attributes can be employed. The ":" character is not used as a
+delimiter as it occurs between each pair of fingerprint (hexadecimal)
+digits. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_verify">verify</a></b></dt>
+<dd>Mandatory TLS verification.  At this security
+level, DNS MX lookups are trusted to be secure enough, and the name
+verified in the server certificate is usually obtained indirectly via
+unauthenticated DNS MX lookups.  The optional "match" attribute overrides
+the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. In the policy table,
+multiple match patterns and strategies must be separated by colons.
+In practice explicit control over matching is more common with the
+"secure" policy, described below. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_secure">secure</a></b></dt>
+<dd>Secure-channel TLS. At this security level, DNS
+MX lookups, though potentially used to determine the candidate next-hop
+gateway IP addresses, are <b>not</b> trusted to be secure enough for TLS
+peername verification. Instead, the default name verified in the server
+certificate is obtained directly from the next-hop, or is explicitly
+specified via the optional <b>match</b> attribute which overrides the
+<a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> parameter. In the policy table,
+multiple match patterns and strategies must be separated by colons.
+The match attribute is most useful when multiple domains are supported by
+common server, the policy entries for additional domains specify matching
+rules for the primary domain certificate. While transport table overrides
+routing the secondary domains to the primary nexthop also allow secure
+verification, they risk delivery to the wrong destination when domains
+change hands or are re-assigned to new gateways. With the "match"
+attribute approach, routing is not perturbed, and mail is deferred if
+verification of a new MX host fails. </dd>
+
+</dl>
+
+<p>
+Example:
+</p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/tls_policy
+    # Postfix 2.5 and later
+    <a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> = md5
+</pre>
+
+<pre>
+/etc/postfix/tls_policy:
+    example.edu                 none
+    example.mil                 may
+    example.gov                 encrypt protocols=TLSv1
+    example.com                 verify ciphers=high
+    example.net                 secure
+    .example.net                secure match=.example.net:example.net
+    [mail.example.org]:587      secure match=nexthop
+    # Postfix 2.5 and later
+    [thumb.example.org]          fingerprint
+        match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
+        match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
+</pre>
+
+<p> <b>Note:</b> The <b>hostname</b> strategy if listed in a non-default
+setting of <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> or in the <b>match</b> attribute
+in the policy table can render the <b>secure</b> level vulnerable to
+DNS forgery. Do not use the <b>hostname</b> strategy for secure-channel
+configurations in environments where DNS security is not assured. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_protocols">smtp_tls_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> List of TLS protocols that the Postfix SMTP client will exclude or
+include with opportunistic TLS encryption. The default value is
+"!SSLv2, !SSLv3" for Postfix releases after the middle of 2015,
+"!SSLv2" for older releases. Before Postfix 2.6, the Postfix SMTP
+client would use all protocols with opportunistic TLS. </p>
+
+<p> In <a href="postconf.5.html">main.cf</a> the values are separated by whitespace, commas or
+colons. In the policy table (see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid
+separator is colon. An empty value means allow all protocols. The valid
+protocol names, (see <b>SSL_get_version(3)</b>), are "SSLv2", "SSLv3"
+and "TLSv1". </p>
+
+<p> The range of protocols advertised by an SSL/TLS client must be
+contiguous.  When a protocol version is enabled, disabling any
+higher version implicitly disables all versions above that higher
+version.  Thus, for example: </p>
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !TLSv1
+</pre>
+</blockquote>
+<p> also disables any protocols version higher than TLSv1 leaving
+only "SSLv3" enabled.  </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
+versions of Postfix &ge; 2.10 can explicitly disable support for
+"TLSv1.1" or "TLSv1.2"</p>
+
+<p> To include a protocol list its name, to exclude it, prefix the name
+with a "!" character. To exclude SSLv2 for opportunistic TLS set
+"<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
+"<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
+include, rather than protocols to exclude, is supported, but not
+recommended.  The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
+
+<p> Example: </p>
+<pre>
+# TLSv1 or better:
+<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a>
+(default: 9)</b></DT><DD>
+
+<p> The verification depth for remote SMTP server certificates. A depth
+of 1 is sufficient if the issuing CA is listed in a local CA file. </p>
+
+<p> The default verification depth is 9 (the OpenSSL default) for
+compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
+the default value was 5, but the limit was not actually enforced. If
+you have set this to a lower non-default value, certificates with longer
+trust chains may now fail to verify. Certificate chains with 1 or 2
+CAs are common, deeper chains are more rare and any number between 5
+and 9 should suffice in practice. You can choose a lower number if,
+for example, you trust certificates directly signed by an issuing CA
+but not any CAs it delegates to. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a>
+(default: nexthop, dot-nexthop)</b></DT><DD>
+
+<p> How the Postfix SMTP client verifies the server certificate
+peername for the "secure" TLS security level. In a "secure" TLS policy table
+($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
+overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
+
+<p> This parameter specifies one or more patterns or strategies separated
+by commas, whitespace or colons.  In the policy table the only valid
+separator is the colon character. </p>
+
+<p> For a description of the pattern and strategy syntax see the
+<a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> parameter. The "hostname" strategy should
+be avoided in this context, as in the absence of a secure global DNS, using
+the results of MX lookups in certificate verification is not immune to active
+(man-in-the-middle) attacks on DNS. </p>
+
+<p>
+Sample <a href="postconf.5.html">main.cf</a> setting:
+</p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
+</pre>
+</blockquote>
+
+<p>
+Sample policy table override:
+</p>
+
+<blockquote>
+<pre>
+example.net     secure match=example.com:.example.com
+.example.net    secure match=example.com:.example.com
+</pre>
+</blockquote>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_security_level">smtp_tls_security_level</a>
+(default: empty)</b></DT><DD>
+
+<p> The default SMTP TLS security level for the Postfix SMTP client;
+when a non-empty value is specified, this overrides the obsolete
+parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
+</p>
+
+<p> Specify one of the following security levels: </p>
+
+<dl>
+
+<dt><b><a href="TLS_README.html#client_tls_none">none</a></b></dt>
+<dd> No TLS. TLS will not be used unless enabled for specific
+destinations via <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_may">may</a></b></dt>
+<dd> Opportunistic TLS. Use TLS if this is supported by the remote
+SMTP server, otherwise use plaintext. Since
+sending in the clear is acceptable, demanding stronger than default TLS
+security merely reduces interoperability.
+The "<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>" and "<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>" (Postfix &ge; 2.6)
+configuration parameters provide control over the protocols and
+cipher grade used with opportunistic TLS.  With earlier releases the
+opportunistic TLS cipher grade is always "export" and no protocols
+are disabled.
+When TLS handshakes fail, the connection is retried with TLS disabled.
+This allows mail delivery to sites with non-interoperable TLS
+implementations. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_encrypt">encrypt</a></b></dt>
+<dd>Mandatory TLS encryption. Since a minimum
+level of security is intended, it is reasonable to be specific about
+sufficiently secure protocol versions and ciphers. At this security level
+and higher, the <a href="postconf.5.html">main.cf</a> parameters <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> and
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> specify the TLS protocols and minimum
+cipher grade which the administrator considers secure enough for
+mandatory encrypted sessions. This security level is not an appropriate
+default for systems delivering mail to the Internet. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_dane">dane</a></b></dt>
+<dd>Opportunistic DANE TLS.  At this security level, the TLS policy
+for the destination is obtained via DNSSEC.  For TLSA policy to be
+in effect, the destination domain's containing DNS zone must be
+signed and the Postfix SMTP client's operating system must be
+configured to send its DNS queries to a recursive DNS nameserver
+that is able to validate the signed records.  Each MX host's DNS
+zone should also be signed, and should publish DANE TLSA (<a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a>)
+records that specify how that MX host's TLS certificate is to be
+verified.  TLSA records do not preempt the normal SMTP MX host
+selection algorithm, if some MX hosts support TLSA and others do
+not, TLS security will vary from delivery to delivery.  It is up
+to the domain owner to configure their MX hosts and their DNS
+sensibly.  To configure the Postfix SMTP client for DNSSEC lookups
+see the documentation for the <a href="postconf.5.html#smtp_dns_support_level">smtp_dns_support_level</a> <a href="postconf.5.html">main.cf</a>
+parameter.  When DNSSEC-validated TLSA records are not found the
+effective tls security level is "may".  When TLSA records are found,
+but are all unusable the effective security level is "encrypt".  For
+purposes of protocol and cipher selection, the "dane" security level
+is treated like a "mandatory" TLS security level, and weak ciphers
+and protocols are disabled.  Since DANE authenticates server
+certificates the "aNULL" cipher-suites are transparently excluded
+at this level, no need to configure this manually.  <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a> (DANE)
+TLS authentication is available with Postfix 2.11 and later.  </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_dane">dane-only</a></b></dt>
+<dd>Mandatory DANE TLS.  This is just like "dane" above, but DANE
+TLSA authentication is required.  There is no fallback to "may" or
+"encrypt" when TLSA records are missing or unusable.  <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a>
+(DANE) TLS authentication is available with Postfix 2.11 and later.
+</dd>
+
+<dt><b><a href="TLS_README.html#client_tls_fingerprint">fingerprint</a></b></dt>
+<dd>Certificate fingerprint verification.
+At this security level, there are no trusted Certification Authorities.
+The certificate trust chain, expiration date, etc., are
+not checked. Instead, the <b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a></b>
+parameter lists the certificate fingerprint or public key fingerprint
+(Postfix 2.9 and later) of the valid server certificate. The digest
+algorithm used to calculate the fingerprint is selected by the
+<b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a></b> parameter. Available with Postfix
+2.5 and later.  </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_verify">verify</a></b></dt>
+<dd>Mandatory TLS verification. At this security
+level, DNS MX lookups are trusted to be secure enough, and the name
+verified in the server certificate is usually obtained indirectly
+via unauthenticated DNS MX lookups. The <a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
+parameter controls how the server name is verified. In practice explicit
+control over matching is more common at the "secure" level, described
+below. This security level is not an appropriate default for systems
+delivering mail to the Internet. </dd>
+
+<dt><b><a href="TLS_README.html#client_tls_secure">secure</a></b></dt>
+<dd>Secure-channel TLS.  At this security level,
+DNS MX lookups, though potentially used to determine the candidate
+next-hop gateway IP addresses, are <b>not</b> trusted to be secure enough
+for TLS peername verification. Instead, the default name verified in
+the server certificate is obtained from the next-hop domain as specified
+in the <a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> configuration parameter. The default
+matching rule is that a server certificate matches when its name is equal
+to or is a sub-domain of the nexthop domain. This security level is not
+an appropriate default for systems delivering mail to the Internet. </dd>
+
+</dl>
+
+<p>
+Examples:
+</p>
+
+<pre>
+# No TLS. Formerly: <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>=no and <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>=no.
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = none
+</pre>
+
+<pre>
+# Opportunistic TLS.
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may
+# Postfix &ge; 2.6:
+# Do not tweak opportunistic ciphers or protocol unless it is essential
+# to do so (if a security vulnerability is found in the SSL library that
+# can be mitigated by disabling a particular protocol or raising the
+# cipher grade from "export" to "low" or "medium").
+<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
+<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3
+</pre>
+
+<pre>
+# Mandatory (high-grade) TLS encryption.
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
+</pre>
+
+<pre>
+# Mandatory TLS verification of hostname or nexthop domain.
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = verify
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
+<a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
+</pre>
+
+<pre>
+# Secure channel TLS with exact nexthop name match.
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = secure
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
+<a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> = nexthop
+</pre>
+
+<pre>
+# Certificate fingerprint verification (Postfix &ge; 2.5).
+# The CA-less "fingerprint" security level only scales to a limited
+# number of destinations. As a global default rather than a per-site
+# setting, this is practical when mail for all recipients is sent
+# to a central mail hub.
+<a href="postconf.5.html#relayhost">relayhost</a> = [mailhub.example.com]
+<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = fingerprint
+<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
+<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = high
+<a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> =
+    3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
+    EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
+(default: empty)</b></DT><DD>
+
+<p> Name of the file containing the optional Postfix SMTP client
+TLS session cache. Specify a database type that supports enumeration,
+such as <b>btree</b> or <b>sdbm</b>; there is no need to support
+concurrent access.  The file is created if it does not exist. The <a href="smtp.8.html">smtp(8)</a>
+daemon does not use this parameter directly, rather the cache is
+implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
+per-smtp-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not effective.
+Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon:
+$<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
+(and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to
+be stored separately. It is not at this time possible to store multiple
+caches in a single database. </p>
+
+<p> Note: <b>dbm</b> databases are not suitable. TLS
+session objects are too large. </p>
+
+<p> As of version 2.5, Postfix no longer uses root privileges when
+opening this file. The file should now be stored under the Postfix-owned
+<a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
+under a non-Postfix directory is redirected to the Postfix-owned
+<a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> = <a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/smtp_scache
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a>
+(default: 3600s)</b></DT><DD>
+
+<p> The expiration time of Postfix SMTP client TLS session cache
+information.  A cache cleanup is performed periodically
+every $<a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> seconds. As with
+$<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>, this parameter is implemented in the
+<a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtp-instance <a href="master.5.html">master.cf</a> overrides
+are not possible. </p>
+
+<p> As of Postfix 2.11 this setting cannot exceed 100 days.  If set
+&le; 0, session caching is disabled.  If set to a positive value
+less than 2 minutes, the minimum value of 2 minutes is used instead.  </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_trust_anchor_file">smtp_tls_trust_anchor_file</a>
+(default: empty)</b></DT><DD>
+
+<p> Zero or more PEM-format files with trust-anchor certificates
+and/or public keys.  If the parameter is not empty the root CAs in
+CAfile and CApath are no longer trusted.  Rather, the Postfix SMTP
+client will only trust certificate-chains signed by one of the
+trust-anchors contained in the chosen files.  The specified
+trust-anchor certificates and public keys are not subject to
+expiration, and need not be (self-signed) root CAs.  They may, if
+desired, be intermediate certificates. Therefore, these certificates
+also may be found "in the middle" of the trust chain presented by
+the remote SMTP server, and any untrusted issuing parent certificates
+will be ignored.  Specify a list of pathnames separated by comma
+or whitespace.  </p>
+
+<p>  Whether specified in <a href="postconf.5.html">main.cf</a>, or on a per-destination basis,
+the trust-anchor PEM file must be accessible to the Postfix SMTP
+client in the chroot jail if applicable.  The trust-anchor file
+should contain only certificates and public keys, no private key
+material, and must be readable by the non-privileged $<a href="postconf.5.html#mail_owner">mail_owner</a>
+user.  This allows destinations to be bound to a set of specific
+CAs or public keys without trusting the same CAs for all destinations.
+</p>
+
+<p> The <a href="postconf.5.html">main.cf</a> parameter supports single-purpose Postfix installations
+that send mail to a fixed set of SMTP peers.  At most sites, if
+trust-anchor files are used at all, they will be specified on a
+per-destination basis via the "tafile" attribute of the "verify"
+and "secure" levels in <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>.  </p>
+
+<p> The underlying mechanism is in support of <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a> (DANE TLSA),
+which defines mechanisms for an SMTP client MTA to securely determine
+server TLS certificates via DNS.  </p>
+
+<p> If you want your trust anchors to be public keys, with OpenSSL
+you can extract a single PEM public key from a PEM X.509 file
+containing a single certificate, as follows: </p>
+
+<blockquote>
+<pre>
+$ openssl x509 -in cert.pem -out ta-key.pem -noout -pubkey
+</pre>
+</blockquote>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a>
+(default: hostname)</b></DT><DD>
+
+<p> How the Postfix SMTP client verifies the server certificate
+peername for the
+"verify" TLS security level. In a "verify" TLS policy table
+($<a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) entry the optional "match" attribute
+overrides this <a href="postconf.5.html">main.cf</a> setting. </p>
+
+<p> This parameter specifies one or more patterns or strategies separated
+by commas, whitespace or colons.  In the policy table the only valid
+separator is the colon character. </p>
+
+<p> Patterns specify domain names, or domain name suffixes: </p>
+
+<dl>
+
+<dt><i>example.com</i></dt> <dd> Match the <i>example.com</i> domain,
+i.e. one of the names the server certificate must be <i>example.com</i>,
+upper and lower case distinctions are ignored. </dd>
+
+<dt><i>.example.com</i></dt>
+<dd> Match subdomains of the <i>example.com</i> domain, i.e. match
+a name in the server certificate that consists of a non-zero number of
+labels followed by a <i>.example.com</i> suffix. Case distinctions are
+ignored.</dd>
+
+</dl>
+
+<p> Strategies specify a transformation from the next-hop domain
+to the expected name in the server certificate: </p>
+
+<dl>
+
+<dt>nexthop</dt>
+<dd> Match against the next-hop domain, which is either the recipient
+domain, or the transport next-hop configured for the domain stripped of
+any optional socket type prefix, enclosing square brackets and trailing
+port. When MX lookups are not suppressed, this is the original nexthop
+domain prior to the MX lookup, not the result of the MX lookup. For
+LMTP delivery via UNIX-domain sockets, the verified next-hop name is
+$<a href="postconf.5.html#myhostname">myhostname</a>.  This strategy is suitable for use with the "secure"
+policy. Case is ignored.</dd>
+
+<dt>dot-nexthop</dt>
+<dd> As above, but match server certificate names that are subdomains
+of the next-hop domain. Case is ignored.</dd>
+
+<dt>hostname</dt> <dd> Match against the hostname of the server, often
+obtained via an unauthenticated DNS MX lookup. For LMTP delivery via
+UNIX-domain sockets, the verified name is $<a href="postconf.5.html#myhostname">myhostname</a>. This matches
+the verification strategy of the "MUST" keyword in the obsolete
+<a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> table, and is suitable for use with the "verify"
+security level. When the next-hop name is enclosed in square brackets
+to suppress MX lookups, the "hostname" strategy is the same as the
+"nexthop" strategy. Case is ignored.</dd>
+
+</dl>
+
+<p>
+Sample <a href="postconf.5.html">main.cf</a> setting:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> = hostname, nexthop, dot-nexthop
+</pre>
+
+<p>
+Sample policy table override:
+</p>
+
+<pre>
+example.com     verify  match=hostname:nexthop
+.example.com    verify  match=example.com:.example.com:hostname
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_tls_wrappermode">smtp_tls_wrappermode</a>
+(default: no)</b></DT><DD>
+
+<p> Request that the Postfix SMTP client connects using the
+legacy SMTPS protocol instead of using the STARTTLS command. </p>
+
+<p> This mode requires "<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt" or
+stronger. </p>
+
+<p> Example: deliver all remote mail via a provider's server
+"mail.example.com".  </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    # Client-side SMTPS requires "encrypt" or stronger.
+    <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
+    <a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> = yes
+    # The [] suppress MX lookups.
+    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:465
+</pre>
+
+<p> More examples are in <a href="TLS_README.html">TLS_README</a>, including examples for older
+Postfix versions. </p>
+
+<p> This feature is available in Postfix 3.0 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_use_tls">smtp_use_tls</a>
+(default: no)</b></DT><DD>
+
+<p> Opportunistic mode: use TLS when a remote SMTP server announces
+STARTTLS support, otherwise send the mail in the clear. Beware:
+some SMTP servers offer STARTTLS even if it is not configured.  With
+Postfix &lt; 2.3, if the TLS handshake fails, and no other server is
+available, delivery is deferred and mail stays in the queue. If this
+is a concern for you, use the <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> feature instead.  </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtp_xforward_timeout">smtp_xforward_timeout</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The Postfix SMTP client time limit for sending the XFORWARD command,
+and for receiving the remote SMTP server response.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a>
+(default: $<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b></DT><DD>
+
+<p> What remote SMTP clients are allowed to specify the XVERP command.
+This command requests that mail be delivered one recipient at a
+time with a per recipient return address.  </p>
+
+<p> By default, no clients are allowed to specify XVERP.  </p>
+
+<p> This parameter was renamed with Postfix version 2.1. The default value
+is backwards compatible with Postfix version 2.0.  </p>
+
+<p> Specify a list of network/netmask patterns, separated by commas
+and/or whitespace. The mask specifies the number of bits in the
+network part of a host address. You can also specify hostnames or
+.domain names (the initial dot causes the domain to match any name
+below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
+pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
+is matched when a table entry matches a lookup string (the lookup
+result is ignored).  Continue long lines by starting the next line
+with whitespace. Specify "!pattern" to exclude an address or network
+block from the list. The form "!/file/name" is supported only in
+Postfix version 2.4 and later.  </p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> value, and in
+files specified with "/file/name".  IP version 6 addresses contain
+the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a>
+(default: empty)</b></DT><DD>
+
+<p>
+What remote SMTP clients are allowed to use the XCLIENT feature.  This
+command overrides remote SMTP client information that is used for access
+control. Typical use is for SMTP-based content filters, fetchmail-like
+programs, or SMTP server access rule testing. See the <a href="XCLIENT_README.html">XCLIENT_README</a>
+document for details.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+<p>
+By default, no clients are allowed to specify XCLIENT.
+</p>
+
+<p>
+Specify a list of network/netmask patterns, separated by commas
+and/or whitespace. The mask specifies the number of bits in the
+network part of a host address. You can also specify hostnames or
+.domain names (the initial dot causes the domain to match any name
+below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
+pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
+is matched when a table entry matches a lookup string (the lookup
+result is ignored).  Continue long lines by starting the next line
+with whitespace. Specify "!pattern" to exclude an address or network
+block from the list. The form "!/file/name" is supported only in
+Postfix version 2.4 and later.  </p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> value, and in
+files specified with "/file/name".  IP version 6 addresses contain
+the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a>
+(default: empty)</b></DT><DD>
+
+<p>
+What remote SMTP clients are allowed to use the XFORWARD feature.  This
+command forwards information that is used to improve logging after
+SMTP-based content filters. See the <a href="XFORWARD_README.html">XFORWARD_README</a> document for
+details.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+<p>
+By default, no clients are allowed to specify XFORWARD.
+</p>
+
+<p>
+Specify a list of network/netmask patterns, separated by commas
+and/or whitespace. The mask specifies the number of bits in the
+network part of a host address. You can also specify hostnames or
+.domain names (the initial dot causes the domain to match any name
+below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name"
+pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
+is matched when a table entry matches a lookup string (the lookup
+result is ignored).  Continue long lines by starting the next line
+with whitespace. Specify "!pattern" to exclude an address or network
+block from the list. The form "!/file/name" is supported only in
+Postfix version 2.4 and later.  </p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> value, and in
+files specified with "/file/name".  IP version 6 addresses contain
+the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_banner">smtpd_banner</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b></DT><DD>
+
+<p>
+The text that follows the 220 status code in the SMTP greeting
+banner. Some people like to see the mail version advertised. By
+default, Postfix shows no version.
+</p>
+
+<p>
+You MUST specify $<a href="postconf.5.html#myhostname">myhostname</a> at the start of the text. This is
+required by the SMTP protocol.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_banner">smtpd_banner</a> = $<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a> ($<a href="postconf.5.html#mail_version">mail_version</a>)
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_auth_rate_limit">smtpd_client_auth_rate_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of AUTH commands that any client is allowed to
+send to this service per time unit, regardless of whether or not
+Postfix actually accepts those commands.  The time unit is specified
+with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
+</p>
+
+<p>
+By default, there is no limit on the number AUTH commands that a
+client may send.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 3.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>
+(default: 50)</b></DT><DD>
+
+<p>
+How many simultaneous connections any client is allowed to
+make to this service.  By default, the limit is set to half
+the default process limit value.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of connection attempts any client is allowed to
+make to this service per time unit.  The time unit is specified
+with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
+</p>
+
+<p>
+By default, a client can make as many connections per time unit as
+Postfix can accept.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> = 1000
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a>
+(default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
+
+<p>
+Clients that are excluded from smtpd_client_*_count/rate_limit
+restrictions. See the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter
+description for the parameter value syntax.
+</p>
+
+<p>
+By default, clients in trusted networks are excluded. Specify a
+list of network blocks, hostnames or .domain names (the initial
+dot causes the domain to match any name below it).
+</p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> value, and
+in files specified with "/file/name".  IP version 6 addresses
+contain the ":" character, and would otherwise be confused with a
+"<a href="DATABASE_README.html">type:table</a>" pattern.  </p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a>" in the
+<a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> parameter value (postfix 3.0 and
+later).  </p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of message delivery requests that any client is
+allowed to make to this service per time unit, regardless of whether
+or not Postfix actually accepts those messages.  The time unit is
+specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
+</p>
+
+<p>
+By default, a client can send as many message delivery requests
+per time unit as Postfix can accept.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> = 1000
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of new (i.e., uncached) TLS sessions that a
+remote SMTP client is allowed to negotiate with this service per
+time unit.  The time unit is specified with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a>
+configuration parameter.
+</p>
+
+<p>
+By default, a remote SMTP client can negotiate as many new TLS
+sessions per time unit as Postfix can accept.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0. Otherwise, specify
+a limit that is at least the per-client concurrent session limit,
+or else legitimate client sessions may be rejected.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 2.3 and later.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a> = 100
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_port_logging">smtpd_client_port_logging</a>
+(default: no)</b></DT><DD>
+
+<p> Enable logging of the remote SMTP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of recipient addresses that any client is allowed
+to send to this service per time unit, regardless of whether or not
+Postfix actually accepts those recipients.  The time unit is specified
+with the <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> configuration parameter.
+</p>
+
+<p>
+By default, a client can send as many recipient addresses per time
+unit as Postfix can accept.
+</p>
+
+<p>
+To disable this feature, specify a limit of 0.
+</p>
+
+<p>
+WARNING: The purpose of this feature is to limit abuse. It must
+not be used to regulate legitimate mail traffic.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> = 1000
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_client_restrictions">smtpd_client_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional restrictions that the Postfix SMTP server applies in the
+context of a client connection request.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p>
+The default is to allow all connection requests.
+</p>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are specific to client hostname or
+client network address information.
+</p>
+
+<dl>
+
+<dt><b><a name="check_ccert_access">check_ccert_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd> Use the remote SMTP client certificate fingerprint or the public key
+fingerprint (Postfix 2.9 and later) as lookup key for the specified
+<a href="access.5.html">access(5)</a> database; with Postfix version 2.2, also require that the
+remote SMTP client certificate is verified successfully.
+The fingerprint digest algorithm is configurable via the
+<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
+Postfix version 2.5).  This feature is available with Postfix version
+2.2 and later. </dd>
+
+<dt><b><a name="check_client_access">check_client_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified access database for the client hostname,
+parent domains, client IP address, or networks obtained by stripping
+least significant octets. See the <a href="access.5.html">access(5)</a> manual page for details. </dd>
+
+<dt><b><a name="check_client_a_access">check_client_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for the
+client hostname, and execute the corresponding action.  Note: a result
+of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
+to exclude specific hosts from blacklists.  This feature is available
+in Postfix 3.0 and later.  </dd>
+
+<dt><b><a name="check_client_mx_access">check_client_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
+client hostname, and execute the corresponding action.  Note: a result
+of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
+to exclude specific hosts from blacklists.  This feature is available
+in Postfix 2.7 and later.  </dd>
+
+<dt><b><a name="check_client_ns_access">check_client_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers for
+the client hostname, and execute the corresponding action.  Note: a
+result of "OK" is not allowed for safety reasons. Instead, use DUNNO
+in order to exclude specific hosts from blacklists.  This feature is
+available in Postfix 2.7 and later.  </dd>
+
+<dt><b><a name="check_reverse_client_hostname_access">check_reverse_client_hostname_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified access database for the unverified reverse
+client hostname, parent domains, client IP address, or networks
+obtained by stripping least significant octets. See the <a href="access.5.html">access(5)</a>
+manual page for details.  Note: a result of "OK" is not allowed for
+safety reasons.  Instead, use DUNNO in order to exclude specific
+hosts from blacklists.  This feature is available in Postfix 2.6
+and later.</dd>
+
+<dt><b><a name="check_reverse_client_hostname_a_access">check_reverse_client_hostname_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for the
+unverified reverse client hostname, and execute the corresponding
+action.  Note: a result of "OK" is not allowed for safety reasons.
+Instead, use DUNNO in order to exclude specific hosts from blacklists.
+This feature is available in Postfix 3.0 and later.  </dd>
+
+<dt><b><a name="check_reverse_client_hostname_mx_access">check_reverse_client_hostname_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
+unverified reverse client hostname, and execute the corresponding
+action.  Note: a result of "OK" is not allowed for safety reasons.
+Instead, use DUNNO in order to exclude specific hosts from blacklists.
+This feature is available in Postfix 2.7 and later.  </dd>
+
+<dt><b><a name="check_reverse_client_hostname_ns_access">check_reverse_client_hostname_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers for
+the unverified reverse client hostname, and execute the corresponding
+action.  Note: a result of "OK" is not allowed for safety reasons.
+Instead, use DUNNO in order to exclude specific hosts from blacklists.
+This feature is available in Postfix 2.7 and later.  </dd>
+
+<dt><b><a name="check_sasl_access">check_sasl_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd> Use the remote SMTP client SASL user name as lookup key for
+the specified <a href="access.5.html">access(5)</a> database. The lookup key has the form
+"username@domainname" when the <a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> parameter
+value is non-empty.  Unlike the <a href="postconf.5.html#check_client_access">check_client_access</a> feature,
+<a href="postconf.5.html#check_sasl_access">check_sasl_access</a> does not perform matches of parent domains or IP
+subnet ranges.  This feature is available with Postfix version 2.11
+and later. </dd>
+
+<dt><b><a name="permit_inet_interfaces">permit_inet_interfaces</a></b></dt>
+
+<dd>Permit the request when the client IP address matches
+$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>. </dd>
+
+<dt><b><a name="permit_mynetworks">permit_mynetworks</a></b></dt>
+
+<dd>Permit the request when the client IP address matches any
+network or network address listed in  $<a href="postconf.5.html#mynetworks">mynetworks</a>. </dd>
+
+<dt><b><a name="permit_sasl_authenticated">permit_sasl_authenticated</a></b></dt>
+
+<dd> Permit the request when the client is successfully
+authenticated via the <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH) protocol. </dd>
+
+<dt><b><a name="permit_tls_all_clientcerts">permit_tls_all_clientcerts</a></b></dt>
+
+<dd> Permit the request when the remote SMTP client certificate is
+verified successfully.  This option must be used only if a special
+CA issues the certificates and only this CA is listed as trusted
+CA. Otherwise, clients with a third-party certificate would also
+be allowed to relay.  Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" when the
+trusted CA is specified with <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> or <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>,
+to prevent Postfix from appending the system-supplied default CAs.
+This feature is available with Postfix version 2.2.</dd>
+
+<dt><b><a name="permit_tls_clientcerts">permit_tls_clientcerts</a></b></dt>
+
+<dd>Permit the request when the remote SMTP client certificate
+fingerprint or public key fingerprint (Postfix 2.9 and later) is
+listed in $<a href="postconf.5.html#relay_clientcerts">relay_clientcerts</a>.
+The fingerprint digest algorithm is configurable via the
+<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> parameter (hard-coded as md5 prior to
+Postfix version 2.5).  This feature is available with Postfix version
+2.2. </dd>
+
+<dt><b><a name="reject_rbl_client">reject_rbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the reversed client network address is
+listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
+(Postfix version 2.1 and later only).  Each "<i>d</i>" is a number,
+or a pattern inside "[]" that contains one or more ";"-separated
+numbers or number..number ranges (Postfix version 2.8 and later).
+If no "<i>=d.d.d.d</i>" is specified, reject the request when the
+reversed client network address is listed with any A record under
+<i>rbl_domain</i>. <br>
+The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
+rejected requests (default:  554), the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a>  parameter
+specifies the default server reply, and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a>  parameter
+specifies tables with server replies indexed by <i>rbl_domain</i>.
+This feature is available in Postfix 2.0 and later.  </dd>
+
+<dt><b><a name="permit_dnswl_client">permit_dnswl_client <i>dnswl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Accept the request when the reversed client network address is
+listed with the A record "<i>d.d.d.d</i>" under <i>dnswl_domain</i>.
+Each "<i>d</i>" is a number, or a pattern inside "[]" that contains
+one or more ";"-separated numbers or number..number ranges.
+If no "<i>=d.d.d.d</i>" is specified, accept the request when the
+reversed client network address is listed with any A record under
+<i>dnswl_domain</i>. <br> For safety, <a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a> is silently
+ignored when it would override <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>.  The
+result is DEFER_IF_REJECT when whitelist lookup fails.  This feature
+is available in Postfix 2.8 and later.  </dd>
+
+<dt><b><a name="reject_rhsbl_client">reject_rhsbl_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the client hostname is listed with the
+A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
+2.1 and later only).  Each "<i>d</i>" is a number, or a pattern
+inside "[]" that contains one or more ";"-separated numbers or
+number..number ranges (Postfix version 2.8 and later).  If no
+"<i>=d.d.d.d</i>" is specified, reject the request when the client
+hostname is listed with
+any A record under <i>rbl_domain</i>. See the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>
+description above for additional RBL related configuration parameters.
+This feature is available in Postfix 2.0 and later; with Postfix
+version 2.8 and later, <a href="postconf.5.html#reject_rhsbl_reverse_client">reject_rhsbl_reverse_client</a> will usually
+produce better results.  </dd>
+
+<dt><b><a name="permit_rhswl_client">permit_rhswl_client <i>rhswl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Accept the request when the client hostname is listed with the
+A record "<i>d.d.d.d</i>" under <i>rhswl_domain</i>.  Each "<i>d</i>"
+is a number, or a pattern inside "[]" that contains one or more
+";"-separated numbers or number..number ranges. If no
+"<i>=d.d.d.d</i>" is specified, accept the request when the client
+hostname is listed with any A record under <i>rhswl_domain</i>.
+<br> Caution: client name whitelisting is fragile, since the client
+name lookup can fail due to temporary outages.  Client name
+whitelisting should be used only to reduce false positives in e.g.
+DNS-based blocklists, and not for making access rule exceptions.
+<br> For safety, <a href="postconf.5.html#permit_rhswl_client">permit_rhswl_client</a> is silently ignored when it
+would override <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>.  The result is DEFER_IF_REJECT
+when whitelist lookup fails.  This feature is available in Postfix
+2.8 and later.  </dd>
+
+<dt><b><a name="reject_rhsbl_reverse_client">reject_rhsbl_reverse_client <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the unverified reverse client hostname
+is listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>.
+Each "<i>d</i>" is a number, or a pattern inside "[]" that contains
+one or more ";"-separated numbers or number..number ranges.
+If no "<i>=d.d.d.d</i>" is specified, reject the request when the
+unverified reverse client hostname is listed with any A record under
+<i>rbl_domain</i>. See the <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description above for
+additional RBL related configuration parameters.  This feature is
+available in Postfix 2.8 and later.  </dd>
+
+<dt><b><a name="reject_unknown_client_hostname">reject_unknown_client_hostname</a></b> (with Postfix &lt; 2.3: reject_unknown_client)</dt>
+
+<dd>Reject the request when 1) the client IP address-&gt;name mapping
+fails, 2) the name-&gt;address mapping fails, or 3) the name-&gt;address
+mapping does not match the client IP address.  <br> This is a
+stronger restriction than the <a href="postconf.5.html#reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a>
+feature, which triggers only under condition 1) above. <br> The
+<a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response code
+for rejected requests (default: 450). The reply is always 450 in
+case the address-&gt;name or name-&gt;address lookup failed due to
+a temporary problem. </dd>
+
+<dt><b><a name="reject_unknown_reverse_client_hostname">reject_unknown_reverse_client_hostname</a></b></dt>
+
+<dd>Reject the request when the client IP address has no address-&gt;name
+mapping. <br> This is a weaker restriction than the
+<a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> feature, which requires not only
+that the address-&gt;name and name-&gt;address mappings exist, but
+also that the two mappings reproduce the client IP address.  <br>
+The <a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> parameter specifies the response
+code for rejected requests (default: 450).  The reply is always 450
+in case the address-&gt;name lookup failed due to a temporary
+problem. <br> This feature is available in Postfix 2.3 and
+later.  </dd>
+
+</dl>
+
+<p>
+In addition, you can use any of the following <a name="generic">
+generic</a> restrictions.  These restrictions are applicable in
+any SMTP command context.
+</p>
+
+<dl>
+
+<dt><b><a name="check_policy_service">check_policy_service <i>servername</i></a></b></dt>
+
+<dd>Query the specified policy server. See the <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a>
+document for details. This feature is available in Postfix 2.1
+and later. </dd>
+
+<dt><b><a name="defer">defer</a></b></dt>
+
+<dd>Defer the request. The client is told to try again later. This
+restriction is useful at the end of a restriction list, to make
+the default policy explicit. <br> The <a href="postconf.5.html#defer_code">defer_code</a> parameter specifies
+the SMTP server reply code (default: 450).</dd>
+
+<dt><b><a name="defer_if_permit">defer_if_permit</a></b></dt>
+
+<dd>Defer the request if some later restriction would result in an
+explicit or implicit PERMIT action.  This is useful when a blacklisting
+feature fails due to a temporary problem.  This feature is available
+in Postfix version 2.1 and later.  </dd>
+
+<dt><b><a name="defer_if_reject">defer_if_reject</a></b></dt>
+
+<dd>Defer the request if some later restriction would result in a
+REJECT action.  This is useful when a whitelisting feature fails
+due to a temporary problem.  This feature is available in Postfix
+version 2.1 and later.  </dd>
+
+<dt><b><a name="permit">permit</a></b></dt>
+
+<dd>Permit the request. This restriction is useful at the end of
+a restriction list, to make the default policy explicit.</dd>
+
+<dt><b><a name="reject_multi_recipient_bounce">reject_multi_recipient_bounce</a></b></dt>
+
+<dd>Reject the request when the envelope sender is the null address,
+and the message has multiple envelope recipients. This usage has
+rare but legitimate applications: under certain conditions,
+multi-recipient mail that was posted with the DSN option NOTIFY=NEVER
+may be forwarded with the null sender address.
+<br> Note: this restriction can only work reliably
+when used in <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> or
+<a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>, because the total number of
+recipients is not known at an earlier stage of the SMTP conversation.
+Use at the RCPT stage will only reject the second etc.  recipient.
+<br>
+The <a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> parameter specifies the
+response code for rejected requests (default:  550).  This feature
+is available in Postfix 2.1 and later. </dd>
+
+<dt><b><a name="reject_plaintext_session">reject_plaintext_session</a></b></dt>
+
+<dd>Reject the request when the connection is not encrypted. This
+restriction should not be used before the client has had a chance
+to negotiate encryption with the AUTH or STARTTLS commands.
+<br>
+The <a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> parameter specifies the response
+code for rejected requests (default:  450).  This feature is available
+in Postfix 2.3 and later. </dd>
+
+<dt><b><a name="reject_unauth_pipelining">reject_unauth_pipelining</a></b></dt>
+
+<dd>Reject the request when the client sends SMTP commands ahead
+of time where it is not allowed, or when the client sends SMTP
+commands ahead of time without knowing that Postfix actually supports
+ESMTP command pipelining. This stops mail from bulk mail software
+that improperly uses ESMTP command pipelining in order to speed up
+deliveries.
+<br> With Postfix 2.6 and later, the SMTP server sets a per-session
+flag whenever it detects illegal pipelining, including pipelined
+HELO or EHLO commands. The <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> feature simply
+tests whether the flag was set at any point in time during the
+session.
+<br> With older Postfix versions, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a> checks
+the current status of the input read queue, and its usage is not
+recommended in contexts other than <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a>.  </dd>
+
+<dt><b><a name="reject">reject</a></b></dt>
+
+<dd>Reject the request. This restriction is useful at the end of
+a restriction list, to make the default policy explicit.  The
+<a href="postconf.5.html#reject_code">reject_code</a> configuration parameter specifies the response code for
+rejected requests (default: 554).</dd>
+
+<dt><b><a name="sleep">sleep <i>seconds</i></a></b></dt>
+
+<dd>Pause for the specified number of seconds and proceed with
+the next restriction in the list, if any. This may stop zombie
+mail when used as:
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
+        sleep 1, <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
+    <a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = no
+</pre>
+This feature is available in Postfix 2.3. </dd>
+
+<dt><b><a name="warn_if_reject">warn_if_reject</a></b></dt>
+
+<dd> A safety net for testing. When "<a href="postconf.5.html#warn_if_reject">warn_if_reject</a>" is placed
+before a reject-type restriction, access table query, or
+<a href="postconf.5.html#check_policy_service">check_policy_service</a> query, this logs a "reject_warning" message
+instead of rejecting a request (when a reject-type restriction fails
+due to a temporary error, this logs a "reject_warning" message for
+any implicit "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" actions that would normally prevent
+mail from being accepted by some later access restriction). This
+feature has no effect on <a href="postconf.5.html#defer_if_reject">defer_if_reject</a> restrictions.  </dd>
+
+</dl>
+
+<p>
+Other restrictions that are valid in this context:
+</p>
+
+<ul>
+
+<li> SMTP command specific restrictions that are described under
+the <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>, <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> parameters. When helo, sender or
+recipient restrictions are listed under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>,
+they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
+$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> is evaluated at the time of the RCPT TO
+command.
+
+</ul>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_command_filter">smtpd_command_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> A mechanism to transform commands from remote SMTP clients.
+This is a last-resort tool to work around client commands that break
+interoperability with the Postfix SMTP server.  Other uses involve
+fault injection to test Postfix's handling of invalid commands.
+</p>
+
+<p> Specify the name of a "<a href="DATABASE_README.html">type:table</a>" lookup table. The search
+string is the SMTP command as received from the remote SMTP client,
+except that initial whitespace and the trailing &lt;CR&gt;&lt;LF&gt;
+are removed.  The result value is executed by the Postfix SMTP
+server.  </p>
+
+<p> There is no need to use <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> for the following
+cases: </p>
+
+<ul>
+
+<li> <p> Use "<a href="postconf.5.html#resolve_numeric_domain">resolve_numeric_domain</a> = yes" to accept
+"<i>user@ipaddress</i>". </p>
+
+<li> <p> Postfix already accepts the correct form
+"<i>user@[ipaddress]</i>". Use <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> or <a href="postconf.5.html#canonical_maps">canonical_maps</a>
+to translate these into domain names if necessary.  </p>
+
+<li> <p> Use "<a href="postconf.5.html#strict_rfc821_envelopes">strict_rfc821_envelopes</a> = no" to accept "RCPT TO:&lt;<i>User
+Name &lt;user@example.com&gt;&gt;</i>". Postfix will ignore the "<i>User
+Name</i>" part and deliver to the <i>&lt;user@example.com&gt;</i> address.
+</p>
+
+</ul>
+
+<p> Examples of problems that can be solved with the <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a>
+feature: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtpd_command_filter">smtpd_command_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/command_filter
+</pre>
+
+<pre>
+/etc/postfix/command_filter:
+    # Work around clients that send malformed HELO commands.
+    /^HELO\s*$/ HELO domain.invalid
+</pre>
+
+<pre>
+    # Work around clients that send empty lines.
+    /^\s*$/     NOOP
+</pre>
+
+<pre>
+    # Work around clients that send RCPT TO:&lt;'user@domain'&gt;.
+    # WARNING: do not lose the parameters that follow the address.
+    /^(RCPT\s+TO:\s*&lt;)'([^[:space:]]+)'(&gt;.*)/     $1$2$3
+</pre>
+
+<pre>
+    # Append XVERP to MAIL FROM commands to request VERP-style delivery.
+    # See <a href="VERP_README.html">VERP_README</a> for more information on how to use Postfix VERP.
+    /^(MAIL FROM:\s*&lt;listname@example\.com&gt;.*)/   $1 XVERP
+</pre>
+
+<pre>
+    # Bounce-never mail sink. Use <a href="postconf.5.html#notify_classes">notify_classes</a>=bounce,resource,software
+    # to send bounced mail to the postmaster (with message body removed).
+    /^(RCPT\s+TO:\s*&lt;.*&gt;.*)\s+NOTIFY=\S+(.*)/     $1 NOTIFY=NEVER$2
+    /^(RCPT\s+TO:.*)/                             $1 NOTIFY=NEVER
+</pre>
+
+<p> This feature is available in Postfix 2.7. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_data_restrictions">smtpd_data_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional access restrictions that the Postfix SMTP server applies
+in the context of the SMTP DATA command.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are valid in this context:
+</p>
+
+<ul>
+
+<li><a href="#generic">Generic</a> restrictions that can be used
+in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li>SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
+<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
+
+<li>However, no recipient information is available in the case of
+multi-recipient mail. Acting on only one recipient would be misleading,
+because any decision will affect all recipients equally. Acting on
+all recipients would require a possibly very large amount of memory,
+and would also be misleading for the reasons mentioned before.
+
+</ul>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_unauth_pipelining">reject_unauth_pipelining</a>
+<a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> = <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a>
+(default: yes)</b></DT><DD>
+
+<p> Postpone the start of an SMTP mail transaction until a valid
+RCPT TO command is received. Specify "no" to create a mail transaction
+as soon as the Postfix SMTP server receives a valid MAIL FROM
+command. </p>
+
+<p> With sites that reject lots of mail, the default setting reduces
+the use of
+disk, CPU and memory resources. The downside is that rejected
+recipients are logged with NOQUEUE instead of a mail transaction
+ID. This complicates the logfile analysis of multi-recipient mail.
+</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_delay_reject">smtpd_delay_reject</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Wait until the RCPT TO command before evaluating
+$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
+$<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until the ETRN command before
+evaluating $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
+</p>
+
+<p>
+This feature is turned on by default because some clients apparently
+mis-behave when the Postfix SMTP server rejects commands before
+RCPT TO.
+</p>
+
+<p>
+The default setting has one major benefit: it allows Postfix to log
+recipient address information when rejecting a client name/address
+or sender address, so that it is possible to find out whose mail
+is being rejected.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables, indexed by the remote SMTP client address, with
+case insensitive lists of EHLO keywords (pipelining, starttls, auth,
+etc.) that the Postfix SMTP server will not send in the EHLO response
+to a
+remote SMTP client. See <a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> for details.
+The tables are not searched by hostname for robustness reasons.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a>
+(default: empty)</b></DT><DD>
+
+<p> A case insensitive list of EHLO keywords (pipelining, starttls,
+auth, etc.) that the Postfix SMTP server will not send in the EHLO
+response
+to a remote SMTP client. </p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> feature
+to discard EHLO keywords selectively.  </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="smtpd_dns_reply_filter">smtpd_dns_reply_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional filter for Postfix SMTP server DNS lookup results.
+See <a href="postconf.5.html#smtp_dns_reply_filter">smtp_dns_reply_filter</a> for details including an example.
+</p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional access restrictions that the Postfix SMTP server
+applies in the context of the SMTP END-OF-DATA command.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p> This feature is available in Postfix 2.2 and later. </p>
+
+<p> See <a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> for details and limitations. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_enforce_tls">smtpd_enforce_tls</a>
+(default: no)</b></DT><DD>
+
+<p> Mandatory TLS: announce STARTTLS support to remote SMTP clients,
+and require that clients use TLS encryption.  According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a>
+this MUST NOT be applied in case of a publicly-referenced SMTP
+server.  This option is therefore off by default. </p>
+
+<p> Note 1: "<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> = yes" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
+
+<p> Note 2: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
+STARTTLS due to insufficient privileges to access the server private
+key. This is intended behavior. </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_error_sleep_time">smtpd_error_sleep_time</a>
+(default: 1s)</b></DT><DD>
+
+<p>With Postfix version 2.1 and later: the SMTP server response delay after
+a client has made more than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and
+fewer than $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering mail.
+</p>
+
+<p>With Postfix version 2.0 and earlier: the SMTP server delay before
+sending a reject (4xx or 5xx) response, when the client has made
+fewer than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors without delivering
+mail. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_etrn_restrictions">smtpd_etrn_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional restrictions that the Postfix SMTP server applies in the
+context of a client ETRN command.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p>
+The Postfix ETRN implementation accepts only destinations that are
+eligible for the Postfix "fast flush" service. See the <a href="ETRN_README.html">ETRN_README</a>
+file for details.
+</p>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are specific to the domain name information
+received with the ETRN command.
+</p>
+
+<dl>
+
+<dt><b><a name="check_etrn_access">check_etrn_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified access database for the ETRN domain name
+or its parent domains. See the <a href="access.5.html">access(5)</a> manual page for details.
+</dd>
+
+</dl>
+
+<p>
+Other restrictions that are valid in this context:
+</p>
+
+<ul>
+
+<li><a href="#generic">Generic</a> restrictions that can be used
+in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li>SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
+
+</ul>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, reject
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_expansion_filter">smtpd_expansion_filter</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+What characters are allowed in $name expansions of RBL reply
+templates. Characters not in the allowed set are replaced by "_".
+Use C like escapes to specify special characters such as whitespace.
+</p>
+
+<p>
+This parameter is not subjected to $parameter expansion.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_forbidden_commands">smtpd_forbidden_commands</a>
+(default: CONNECT, GET, POST)</b></DT><DD>
+
+<p>
+List of commands that cause the Postfix SMTP server to immediately
+terminate the session with a 221 code. This can be used to disconnect
+clients that obviously attempt to abuse the system. In addition to the
+commands listed in this parameter, commands that follow the "Label:"
+format of message headers will also cause a disconnect.
+</p>
+
+<p>
+This feature is available in Postfix 2.2 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_hard_error_limit">smtpd_hard_error_limit</a>
+(default: normal: 20, overload: 1)</b></DT><DD>
+
+<p>
+The maximal number of errors a remote SMTP client is allowed to
+make without delivering mail. The Postfix SMTP server disconnects
+when the limit is exceeded. Normally the default limit is 20, but
+it changes under overload to just 1. With Postfix 2.5 and earlier,
+the SMTP server always allows up to 20 errors by default.
+
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_helo_required">smtpd_helo_required</a>
+(default: no)</b></DT><DD>
+
+<p>
+Require that a remote SMTP client introduces itself with the HELO
+or EHLO command before sending the MAIL command or other commands
+that require EHLO negotiation.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_helo_restrictions">smtpd_helo_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional restrictions that the Postfix SMTP server applies in the
+context of a client HELO command.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p>
+The default is to permit everything.
+</p>
+
+<p> Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> by not sending HELO or EHLO).
+</p>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are specific to the hostname information
+received with the HELO or EHLO command.
+</p>
+
+<dl>
+
+<dt><b><a name="check_helo_access">check_helo_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the HELO or EHLO
+hostname or parent domains, and execute the corresponding action.
+Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_access">check_helo_access</a> by not sending HELO or EHLO).  </dd>
+
+<dt><b><a name="check_helo_a_access">check_helo_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
+the HELO or EHLO hostname, and execute the corresponding action.
+Note 1: a result of "OK" is not allowed for safety reasons. Instead,
+use DUNNO in order to exclude specific hosts from blacklists.  Note
+2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip check_helo_a_access by not sending HELO or EHLO).  This
+feature is available in Postfix 3.0 and later.
+</dd>
+
+<dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
+the HELO or EHLO hostname, and execute the corresponding action.
+Note 1: a result of "OK" is not allowed for safety reasons. Instead,
+use DUNNO in order to exclude specific hosts from blacklists.  Note
+2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_mx_access">check_helo_mx_access</a> by not sending HELO or EHLO).  This
+feature is available in Postfix 2.1 and later.
+</dd>
+
+<dt><b><a name="check_helo_ns_access">check_helo_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
+for the HELO or EHLO hostname, and execute the corresponding action.
+Note 1: a result of "OK" is not allowed for safety reasons. Instead,
+use DUNNO in order to exclude specific hosts from blacklists.  Note
+2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_ns_access">check_helo_ns_access</a> by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
+</dd>
+
+<dt><b><a name="reject_invalid_helo_hostname">reject_invalid_helo_hostname</a></b> (with Postfix &lt; 2.3: reject_invalid_hostname)</dt>
+
+<dd>Reject the request when the HELO or EHLO hostname is malformed.
+Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce
+this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply
+skip <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a> by not sending HELO or EHLO).
+<br> The <a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> specifies the response code
+for rejected requests (default: 501).</dd>
+
+<dt><b><a name="reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a></b> (with Postfix &lt; 2.3: reject_non_fqdn_hostname)</dt>
+
+<dd>Reject the request when the HELO or EHLO hostname is not in
+fully-qualified domain or address literal form, as required by the
+RFC. Note: specify
+"<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this restriction
+(without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply skip
+<a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a> by not sending HELO or EHLO).  <br>
+The <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
+rejected requests (default: 504).</dd>
+
+<dt><b><a name="reject_rhsbl_helo">reject_rhsbl_helo <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the HELO or EHLO hostname is
+listed with the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i>
+(Postfix version 2.1 and later only).  Each "<i>d</i>" is a number,
+or a pattern inside "[]" that contains one or more ";"-separated
+numbers or number..number ranges (Postfix version 2.8 and later).
+If no "<i>=d.d.d.d</i>" is
+specified, reject the request when the HELO or EHLO hostname is
+listed with any A record under <i>rbl_domain</i>. See the
+<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description for additional RBL related configuration
+parameters.  Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
+enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
+client can simply skip <a href="postconf.5.html#reject_rhsbl_helo">reject_rhsbl_helo</a> by not sending HELO or
+EHLO). This feature is available in Postfix 2.0
+and later.  </dd>
+
+<dt><b><a name="reject_unknown_helo_hostname">reject_unknown_helo_hostname</a></b> (with Postfix &lt; 2.3: reject_unknown_hostname)</dt>
+
+<dd>Reject the request when the HELO or EHLO hostname has no DNS A
+or MX record. <br> The reply is specified with the
+<a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> parameter (default: 450) or
+<a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a> (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).
+See the respective parameter descriptions for details. <br>
+Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
+enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
+client can simply skip <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> by not sending
+HELO or EHLO). </dd>
+
+</dl>
+
+<p>
+Other restrictions that are valid in this context:
+</p>
+
+<ul>
+
+<li> <a href="#generic">Generic</a> restrictions that can be used
+in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li> Client hostname or network address specific restrictions
+described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li> SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> or <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.  When
+sender or recipient restrictions are listed under <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>,
+they have effect only with "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that
+$<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> is evaluated at the time of the RCPT TO
+command.
+
+</ul>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
+<a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_history_flush_threshold">smtpd_history_flush_threshold</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The maximal number of lines in the Postfix SMTP server command history
+before it is flushed upon receipt of EHLO, RSET, or end of DATA.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_junk_command_limit">smtpd_junk_command_limit</a>
+(default: normal: 100, overload: 1)</b></DT><DD>
+
+<p>
+The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
+SMTP client can send before the Postfix SMTP server starts to
+increment the error counter with each junk command.  The junk
+command count is reset after mail is delivered.  See also the
+<a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> and <a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> configuration
+parameters.  Normally the default limit is 100, but it changes under
+overload to just 1. With Postfix 2.5 and earlier, the SMTP server
+always allows up to 100 junk commands by default.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a>
+(default: empty)</b></DT><DD>
+
+<p> Enable logging of the named "permit" actions in SMTP server
+access lists (by default, the SMTP server logs "reject" actions but
+not "permit" actions).  This feature does not affect conditional
+actions such as "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>". </p>
+
+<p> Specify a list of "permit" action names, "/file/name" or
+"<a href="DATABASE_README.html">type:table</a>" patterns, separated by commas and/or whitespace. The
+list is matched left to right, and the search stops on the first
+match. A "/file/name" pattern is replaced by its contents; a
+"<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a name matches a lookup
+key (the lookup result is ignored).  Continue long lines by starting
+the next line with whitespace. Specify "!pattern" to exclude a name
+from the list. </p>
+
+<p> Examples: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    # Log all "permit" actions.
+    <a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> = <a href="DATABASE_README.html#types">static</a>:all
+</pre>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    # Log "<a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a>" only.
+    <a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> = <a href="postconf.5.html#permit_dnswl_client">permit_dnswl_client</a>
+</pre>
+
+<p> This feature is available in Postfix 2.10 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_milter_maps">smtpd_milter_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Lookup tables with Milter settings per remote SMTP client IP
+address.  The lookup result overrides the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> setting,
+and has the same syntax. </p>
+
+<p> Note: lookup tables cannot return empty responses. Specify a
+lookup result of DISABLE (case does not matter) to indicate that
+Milter support should be disabled. </p>
+
+<p> Example to disable Milters for local clients: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtpd_milter_maps">smtpd_milter_maps</a> = <a href="cidr_table.5.html">cidr</a>:/etc/postfix/smtpd_milter_map
+    <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> = inet:host:port, { inet:host:port, ... }, ...
+</pre>
+
+<pre>
+/etc/postfix/smtpd_milter_map:
+    # Disable Milters for local clients.
+    127.0.0.0/8    DISABLE
+    192.168.0.0/16 DISABLE
+    ::/64          DISABLE
+    2001:db8::/32  DISABLE
+</pre>
+
+<p> This feature is available in Postfix 3.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_milters">smtpd_milters</a>
+(default: empty)</b></DT><DD>
+
+<p> A list of Milter (mail filter) applications for new mail that
+arrives via the Postfix <a href="smtpd.8.html">smtpd(8)</a> server. Specify space or comma as
+separator. See the <a href="MILTER_README.html">MILTER_README</a> document for details.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_noop_commands">smtpd_noop_commands</a>
+(default: empty)</b></DT><DD>
+
+<p>
+List of commands that the Postfix SMTP server replies to with "250
+Ok", without doing any syntax checks and without changing state.
+This list overrides any commands built into the Postfix SMTP server.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a>
+(default: &lt;&gt;)</b></DT><DD>
+
+<p>
+The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables instead of the
+null sender address.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_peername_lookup">smtpd_peername_lookup</a>
+(default: yes)</b></DT><DD>
+
+<p> Attempt to look up the remote SMTP client hostname, and verify that
+the name matches the client IP address. A client name is set to
+"unknown" when it cannot be looked up or verified, or when name
+lookup is disabled.  Turning off name lookup reduces delays due to
+DNS lookup and increases the maximal inbound delivery rate. </p>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_per_record_deadline">smtpd_per_record_deadline</a>
+(default: normal: no, overload: yes)</b></DT><DD>
+
+<p> Change the behavior of the <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> and <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a>
+time limits, from a
+time limit per read or write system call, to a time limit to send
+or receive a complete record (an SMTP command line, SMTP response
+line, SMTP message content line, or TLS protocol message).  This
+limits the impact from hostile peers that trickle data one byte at
+a time.  </p>
+
+<p> Note: when per-record deadlines are enabled, a short timeout
+may cause problems with TLS over very slow network connections.
+The reasons are that a TLS protocol message can be up to 16 kbytes
+long (with TLSv1), and that an entire TLS protocol message must be
+sent or received within the per-record deadline.  </p>
+
+<p> This feature is available in Postfix 2.9 and later. With older
+Postfix releases, the behavior is as if this parameter is set to
+"no". </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_default_action">smtpd_policy_service_default_action</a>
+(default: 451 4.3.5 Server configuration problem)</b></DT><DD>
+
+<p> The default action when an SMTPD policy service request fails.
+Specify "DUNNO" to behave as if the failed  SMTPD policy service
+request was not sent, and to continue processing other access
+restrictions, if any. </p>
+
+<p> Limitations: </p>
+
+<ul>
+
+<li> <p>  This parameter may specify any value that would be a valid
+SMTPD policy server response (or <a href="access.5.html">access(5)</a> map lookup result).  An
+<a href="access.5.html">access(5)</a> map or policy server in this parameter value may need to
+be declared in advance with a restriction_class setting.  </p>
+
+<li> <p> If the specified action invokes another <a href="postconf.5.html#check_policy_service">check_policy_service</a>
+request, that request will have the built-in default action. </p>
+
+</ul>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a>
+(default: 300s)</b></DT><DD>
+
+<p>
+The time after which an idle SMTPD policy service connection is
+closed.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a>
+(default: 1000s)</b></DT><DD>
+
+<p>
+The time after which an active SMTPD policy service connection is
+closed.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_policy_context">smtpd_policy_service_policy_context</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional information that the Postfix SMTP server specifies in
+the "policy_context" attribute of a policy service request (originally,
+to share the same service endpoint among multiple <a href="postconf.5.html#check_policy_service">check_policy_service</a>
+clients).  </p>
+
+<p>
+This feature is available in Postfix 3.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_request_limit">smtpd_policy_service_request_limit</a>
+(default: 0)</b></DT><DD>
+
+<p>
+The maximal number of requests per SMTPD policy service connection,
+or zero (no limit). Once a connection reaches this limit, the
+connection is closed and the next request will be sent over a new
+connection. This is a workaround to avoid error-recovery delays
+with policy servers that cannot maintain a persistent connection.
+</p>
+
+<p>
+This feature is available in Postfix 3.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_retry_delay">smtpd_policy_service_retry_delay</a>
+(default: 1s)</b></DT><DD>
+
+<p> The delay between attempts to resend a failed SMTPD policy
+service request. Specify a value greater than zero. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_timeout">smtpd_policy_service_timeout</a>
+(default: 100s)</b></DT><DD>
+
+<p>
+The time limit for connecting to, writing to, or receiving from a
+delegated SMTPD policy server.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_policy_service_try_limit">smtpd_policy_service_try_limit</a>
+(default: 2)</b></DT><DD>
+
+<p> The maximal number of attempts to send an SMTPD policy service
+request before giving up. Specify a value greater than zero. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_proxy_ehlo">smtpd_proxy_ehlo</a>
+(default: $<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
+
+<p>
+How the Postfix SMTP server announces itself to the proxy filter.
+By default, the Postfix hostname is used.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_proxy_filter">smtpd_proxy_filter</a>
+(default: empty)</b></DT><DD>
+
+<p> The hostname and TCP port of the mail filtering proxy server.
+The proxy receives all mail from the Postfix SMTP server, and is
+supposed to give the result to another Postfix SMTP server process.
+</p>
+
+<p> Specify "host:port" or "inet:host:port" for a TCP endpoint, or
+"unix:pathname" for a UNIX-domain endpoint. The host can be specified
+as an IP address or as a symbolic name; no MX lookups are done.
+When no "host" or "host:"  are specified, the local machine is
+assumed.  Pathname interpretation is relative to the Postfix queue
+directory.  </p>
+
+<p> This feature is available in Postfix 2.1 and later.  </p>
+
+<p> The "inet:" and "unix:" prefixes are available in Postfix 2.3
+and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_proxy_options">smtpd_proxy_options</a>
+(default: empty)</b></DT><DD>
+
+<p>
+List of options that control how the Postfix SMTP server
+communicates with a before-queue content filter. Specify zero or
+more of the following, separated by comma or whitespace.  </p>
+
+<dl>
+
+<dt><b>speed_adjust</b></dt>
+
+<dd> <p> Do not connect to a before-queue content filter until an entire
+message has been received. This reduces the number of simultaneous
+before-queue content filter processes. </p>
+
+<p> NOTE 1: A filter must not <i>selectively</i> reject recipients
+of a multi-recipient message.  Rejecting all recipients is OK, as
+is accepting all recipients. </p>
+
+<p> NOTE 2: This feature increases the minimum amount of free queue
+space by $<a href="postconf.5.html#message_size_limit">message_size_limit</a>. The extra space is needed to save the
+message to a temporary file. </p> </dd>
+
+</dl>
+
+<p>
+This feature is available in Postfix 2.7 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_proxy_timeout">smtpd_proxy_timeout</a>
+(default: 100s)</b></DT><DD>
+
+<p>
+The time limit for connecting to a proxy filter and for sending or
+receiving information.  When a connection fails the client gets a
+generic error message while more detailed information is logged to
+the maillog file.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_recipient_limit">smtpd_recipient_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p>
+The maximal number of recipients that the Postfix SMTP server
+accepts per message delivery request.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p> The number of recipients that a remote SMTP client can send in
+excess of the limit specified with $<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before
+the Postfix SMTP server increments the per-session error count
+for each excess recipient.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Optional restrictions that the Postfix SMTP server applies in the
+context of a client RCPT TO command, after <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p> With Postfix versions before 2.10, the rules for relay permission
+and spam blocking were combined under <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>,
+resulting in error-prone configuration.  As of Postfix 2.10, relay
+permission rules are preferably implemented with <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>,
+so that a permissive spam blocking policy under
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> will no longer result in a permissive
+mail relay policy.  </p>
+
+<p> For backwards compatibility, sites that migrate from Postfix
+versions before 2.10 can set <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> to the empty
+value, and use <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> exactly as before. </p>
+
+<p>
+IMPORTANT: Either the <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> or the
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> parameter must specify
+at least one of the following restrictions. Otherwise Postfix will
+refuse to receive mail:
+</p>
+
+<blockquote>
+<pre>
+reject, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+defer, <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>, <a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>
+</pre>
+</blockquote>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are specific to the recipient address
+that is received with the RCPT TO command.
+</p>
+
+<dl>
+
+<dt><b><a name="check_recipient_access">check_recipient_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the resolved RCPT
+TO address, domain, parent domains, or localpart@, and execute the
+corresponding action.  </dd>
+
+<dt><b><a name="check_recipient_a_access">check_recipient_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
+the RCPT TO domain, and execute the corresponding action.  Note:
+a result of "OK" is not allowed for safety reasons. Instead, use
+DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 3.0 and later. </dd>
+
+<dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
+the RCPT TO domain, and execute the corresponding action.  Note:
+a result of "OK" is not allowed for safety reasons. Instead, use
+DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 2.1 and later. </dd>
+
+<dt><b><a name="check_recipient_ns_access">check_recipient_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
+for the RCPT TO domain, and execute the corresponding action.
+Note: a result of "OK" is not allowed for safety reasons. Instead,
+use DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 2.1 and later.  </dd>
+
+<dt><b><a name="permit_auth_destination">permit_auth_destination</a></b></dt>
+
+<dd>Permit the request when one of the following is true:
+
+<ul>
+
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
+$<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and the address contains no
+sender-specified routing (user@elsewhere@domain),
+
+<li> Postfix is the final destination: the resolved RCPT TO domain
+matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
+$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and the address
+contains no sender-specified routing (user@elsewhere@domain).
+
+</ul></dd>
+
+<dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
+
+<dd>Permit the request when the local mail system is backup MX for
+the RCPT TO domain, or when the domain is an authorized destination
+(see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
+
+<ul>
+
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> can be vulnerable to mis-use when
+access is not restricted with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>.
+
+<li> Safety: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain.  Exception: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> accepts the address
+when it specifies an authorized destination (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
+for definition).
+
+<li> Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
+
+</ul></dd>
+
+<dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
+
+<dd>Reject the request when the RCPT TO address specifies a
+domain that is not in
+fully-qualified domain form, as required by the RFC. <br> The
+<a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
+rejected requests (default: 504). </dd>
+
+<dt><b><a name="reject_rhsbl_recipient">reject_rhsbl_recipient <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the RCPT TO domain is listed with the
+A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix version
+2.1 and later only).  Each "<i>d</i>" is a number, or a pattern
+inside "[]" that contains one or more ";"-separated numbers or
+number..number ranges (Postfix version 2.8 and later). If no
+"<i>=d.d.d.d</i>" is specified, reject
+the request when the RCPT TO domain is listed with
+any A record under <i>rbl_domain</i>. <br> The <a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a>
+parameter specifies the response code for rejected requests (default:
+554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter specifies the default server
+reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter specifies tables with server
+replies indexed by <i>rbl_domain</i>.  This feature is available
+in Postfix version 2.0 and later.</dd>
+
+<dt><b><a name="reject_unauth_destination">reject_unauth_destination</a></b></dt>
+
+<dd>Reject the request unless one of the following is true:
+
+<ul>
+
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
+$<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and contains no sender-specified
+routing (user@elsewhere@domain),
+
+<li> Postfix is the final destination: the resolved RCPT TO domain
+matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
+$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and contains
+no sender-specified routing (user@elsewhere@domain).
+
+</ul>The <a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> parameter specifies the response
+code for rejected requests (default: 554). </dd>
+
+<dt><b><a name="defer_unauth_destination">defer_unauth_destination</a></b></dt>
+
+<dd> Reject the same requests as <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>, with a
+non-permanent error code.  This feature is available in Postfix
+2.10 and later.</dd>
+
+<dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
+
+<dd>Reject the request when Postfix is not final destination for
+the recipient domain, and the RCPT TO domain has 1) no DNS MX and
+no DNS A
+record or 2) a malformed MX record such as a record with
+a zero-length MX hostname (Postfix version 2.3 and later). <br> The
+reply is specified with the <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter
+(default: 450), <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> (default:
+<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>), or 556 (nullmx, Postfix 3.0 and
+later). See the respective parameter descriptions for details.
+</dd>
+
+<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (with Postfix version 2.0: check_recipient_maps)</dt>
+
+<dd> Reject the request when the RCPT TO address is not listed in
+the list of valid recipients for its domain class. See the
+<a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> parameter description for details.
+This feature is available in Postfix 2.1 and later.</dd>
+
+<dt><b><a name="reject_unverified_recipient">reject_unverified_recipient</a></b></dt>
+
+<dd>Reject the request when mail to the RCPT TO address is known
+to bounce, or when the recipient address destination is not reachable.
+Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
+see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details.  <br> The
+<a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> parameter specifies the numerical
+response code when an address is known to bounce (default: 450,
+change into 550 when you are confident that it is safe to do so).
+<br>The <a href="postconf.5.html#unverified_recipient_defer_code">unverified_recipient_defer_code</a> parameter specifies the
+numerical response code when an address probe failed due to a
+temporary problem (default: 450). <br> The
+<a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a> parameter specifies the action
+after address probe failure due to a temporary problem (default:
+<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).  <br>  This feature is available in Postfix 2.1
+and later.  </dd>
+
+</dl>
+
+<p>
+Other restrictions that are valid in this context:
+</p>
+
+<ul>
+
+<li><a href="#generic">Generic</a> restrictions that can be used
+in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li>SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> and
+<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>.
+
+</ul>
+
+<p>
+Example:
+</p>
+
+<pre>
+# The Postfix before 2.10 default mail relay policy. Later Postfix
+# versions implement this preferably with <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>.
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_reject_footer">smtpd_reject_footer</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional information that is appended after each Postfix SMTP
+server
+4XX or 5XX response. </p>
+
+<p> The following example uses "\c" at the start of the template
+(supported in Postfix 2.10 and later) to suppress the line break
+between the reply text and the footer text. With earlier Postfix
+versions, the footer text always begins on a new line, and the "\c"
+is output literally. </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> = \c. For assistance, call 800-555-0101.
+     Please provide the following information in your problem report:
+     time ($localtime), client ($client_address) and server
+     ($server_name).
+</pre>
+
+<p> Server response: </p>
+
+<pre>
+    550-5.5.1 &lt;user@example&gt; Recipient address rejected: User
+    unknown. For assistance, call 800-555-0101. Please provide the
+    following information in your problem report: time (Jan 4 15:42:00),
+    client (192.168.1.248) and server (mail1.example.com).
+</pre>
+
+<p> Note: the above text is meant to make it easier to find the
+Postfix logfile records for a failed SMTP session. The text itself
+is not logged to the Postfix SMTP server's maillog file. </p>
+
+<p> Be sure to keep the text as short as possible. Long text may
+be truncated before it is logged to the remote SMTP client's maillog
+file, or before it is returned to the sender in a delivery status
+notification.  </p>
+
+<p> This feature supports a limited number of $name attributes in
+the footer text. These are replaced by their current value for the
+SMTP session: </p>
+
+<dl>
+
+<dt> <b>client_address</b> </dt> <dd> The Client IP address that
+is logged in the maillog file. </dd>
+
+<dt> <b>client_port</b> </dt> <dd> The client TCP port that is
+logged in the maillog file. </dd>
+
+<dt> <b>localtime</b> </dt> <dd> The server local time (Mmm dd
+hh:mm:ss) that is logged in the maillog file. </dd>
+
+<dt> <b>server_name</b> </dt> <dd> The server's <a href="postconf.5.html#myhostname">myhostname</a> value.
+This attribute is made available for sites with multiple MTAs
+(perhaps behind a load-balancer), where the server name can help
+the server support team to quickly find the right log files.  </dd>
+
+</dl>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> NOT SUPPORTED are other attributes such as sender, recipient,
+or <a href="postconf.5.html">main.cf</a> parameters.  </p>
+
+<li> <p> For safety reasons, text that does not match
+$<a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> is censored. </p>
+
+</ul>
+
+<p> This feature supports the two-character sequence \n as a request
+for a line break in the footer text. Postfix automatically inserts
+after each line break the three-digit SMTP reply code (and optional
+enhanced status code) from the original Postfix reject message.
+</p>
+
+<p> To work around mail software that mis-handles multi-line replies,
+specify the two-character sequence \c at the start of the template.
+This suppresses the line break between the reply text and the footer
+text (Postfix 2.10 and later).  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Request that the Postfix SMTP server rejects mail for unknown
+recipient addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a>
+access restriction is specified. This prevents the Postfix queue
+from filling up with undeliverable MAILER-DAEMON messages.
+</p>
+
+<p> An address is always considered "known" when it matches a
+<a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping.
+
+<ul>
+
+<li> The recipient domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
+$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
+
+<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
+recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
+
+<li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
+recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
+is not null.
+
+<li> The recipient domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the recipient
+is not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
+is not null.
+
+</ul>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a>
+(default: no)</b></DT><DD>
+
+<p> Request that the Postfix SMTP server rejects mail from unknown
+sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
+access restriction is specified. This can slow down an explosion
+of forged mail from worms or viruses.  </p>
+
+<p> An address is always considered "known" when it matches a
+<a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping.
+
+<ul>
+
+<li> The sender domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
+$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the sender is not listed in
+$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
+
+<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the sender
+is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
+
+<li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
+sender is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
+is not null.
+
+<li> The sender domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the sender is
+not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> is
+not null.
+
+</ul>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_relay_restrictions">smtpd_relay_restrictions</a>
+(default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, <a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>)</b></DT><DD>
+
+<p> Access restrictions for mail relay control that the Postfix
+SMTP server applies in the context of the RCPT TO command, before
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p> With Postfix versions before 2.10, the rules for relay permission
+and spam blocking were combined under <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>,
+resulting in error-prone configuration.  As of Postfix 2.10, relay
+permission rules are preferably implemented with <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>,
+so that a permissive spam blocking policy under
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> will no longer result in a permissive
+mail relay policy.  </p>
+
+<p> For backwards compatibility, sites that migrate from Postfix
+versions before 2.10 can set <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> to the empty
+value, and use <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> exactly as before. </p>
+
+<p>
+By default, the Postfix SMTP server accepts:
+</p>
+
+<ul>
+
+<li> Mail from clients whose IP address matches $<a href="postconf.5.html#mynetworks">mynetworks</a>, or:
+
+<li> Mail to remote destinations that match $<a href="postconf.5.html#relay_domains">relay_domains</a>, except
+for addresses that contain sender-specified routing
+(user@elsewhere@domain), or:
+
+<li> Mail to local destinations that match $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or
+$<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+
+</ul>
+
+<p>
+IMPORTANT: Either the <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> or the
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> parameter must specify
+at least one of the following restrictions. Otherwise Postfix will
+refuse to receive mail:
+</p>
+
+<blockquote>
+<pre>
+reject, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+defer, <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>, <a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>
+</pre>
+</blockquote>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+The same restrictions are available as documented under
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
+</p>
+
+<p> This feature is available in Postix 2.10 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_restriction_classes">smtpd_restriction_classes</a>
+(default: empty)</b></DT><DD>
+
+<p>
+User-defined aliases for groups of access restrictions. The aliases
+can be specified in <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> etc., and on the
+right-hand side of a Postfix <a href="access.5.html">access(5)</a> table.
+</p>
+
+<p>
+One major application is for implementing per-recipient UCE control.
+See the <a href="RESTRICTION_CLASS_README.html">RESTRICTION_CLASS_README</a> document for other examples.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_application_name">smtpd_sasl_application_name</a>
+(default: smtpd)</b></DT><DD>
+
+<p>
+The application name that the Postfix SMTP server uses for SASL
+server initialization. This
+controls the name of the SASL configuration file. The default value
+is <b>smtpd</b>, corresponding to a SASL configuration file named
+<b>smtpd.conf</b>.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and 2.2. With Postfix 2.3
+it was renamed to <a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable SASL authentication in the Postfix SMTP server. By default,
+the Postfix SMTP server does not use authentication.
+</p>
+
+<p>
+If a remote SMTP client is authenticated, the <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>
+access restriction can be used to permit relay access, like this:
+</p>
+
+<blockquote>
+<pre>
+# With Postfix 2.10 and later, the mail relay policy is
+# preferably specified under <a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a>.
+<a href="postconf.5.html#smtpd_relay_restrictions">smtpd_relay_restrictions</a> =
+    <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, ...
+</pre>
+
+<pre>
+# With Postfix before 2.10, the relay policy can be
+# specified only under <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>.
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
+    <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, ...
+</pre>
+</blockquote>
+
+<p> To reject all SMTP connections from unauthenticated clients,
+specify "<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes" (which is the default) and use:
+</p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> = <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, reject
+</pre>
+</blockquote>
+
+<p>
+See the <a href="SASL_README.html">SASL_README</a> file for SASL configuration and operation details.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a>
+(default: no)</b></DT><DD>
+
+<p> Report the SASL authenticated user name in the <a href="smtpd.8.html">smtpd(8)</a> Received
+message header.  </p>
+
+<p> This feature is available in Postfix 2.3 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a>
+(default: empty)</b></DT><DD>
+
+<p>
+What remote SMTP clients the Postfix SMTP server will not offer
+AUTH support to.
+</p>
+
+<p>
+Some clients (Netscape 4 at least) have a bug that causes them to
+require a login and password whenever AUTH is offered, whether it's
+necessary or not. To work around this, specify, for example,
+$<a href="postconf.5.html#mynetworks">mynetworks</a> to prevent Postfix from offering AUTH to local clients.
+</p>
+
+<p>
+Specify a list of network/netmask patterns, separated by commas
+and/or whitespace. The mask specifies the number of bits in the
+network part of a host address. You can also "/file/name" or
+"<a href="DATABASE_README.html">type:table</a>" patterns.  A "/file/name" pattern is replaced by its
+contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table entry
+matches a lookup string (the lookup result is ignored).  Continue
+long lines by starting the next line with whitespace. Specify
+"!pattern" to exclude an address or network block from the list.
+The form "!/file/name" is supported only in Postfix version 2.4 and
+later.  </p>
+
+<p> Note: IP version 6 address information must be specified inside
+<tt>[]</tt> in the <a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> value, and in
+files specified with "/file/name".  IP version 6 addresses contain
+the ":" character, and would otherwise be confused with a "<a href="DATABASE_README.html">type:table</a>"
+pattern.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
+</pre>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_local_domain">smtpd_sasl_local_domain</a>
+(default: empty)</b></DT><DD>
+
+<p>
+The name of the Postfix SMTP server's local SASL authentication
+realm.
+</p>
+
+<p>
+By default, the local authentication realm name is the null string.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
+<a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> = $<a href="postconf.5.html#myhostname">myhostname</a>
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_path">smtpd_sasl_path</a>
+(default: smtpd)</b></DT><DD>
+
+<p> Implementation-specific information that the Postfix SMTP server
+passes through to
+the SASL plug-in implementation that is selected with
+<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  Typically this specifies the name of a
+configuration file or rendezvous point. </p>
+
+<p> This feature is available in Postfix 2.3 and later. In earlier
+releases it was called <b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a></b>. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_security_options">smtpd_sasl_security_options</a>
+(default: noanonymous)</b></DT><DD>
+
+<p> Postfix SMTP server SASL security options; as of Postfix 2.3
+the list of available
+features depends on the SASL server implementation that is selected
+with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.  </p>
+
+<p> The following security features are defined for the <b>cyrus</b>
+server SASL implementation: </p>
+
+<p>
+Restrict what authentication mechanisms the Postfix SMTP server
+will offer to the client.  The list of available authentication
+mechanisms is system dependent.
+</p>
+
+<p>
+Specify zero or more of the following:
+</p>
+
+<dl>
+
+<dt><b>noplaintext</b></dt>
+
+<dd>Disallow methods that use plaintext passwords. </dd>
+
+<dt><b>noactive</b></dt>
+
+<dd>Disallow methods subject to active (non-dictionary) attack. </dd>
+
+<dt><b>nodictionary</b></dt>
+
+<dd>Disallow methods subject to passive (dictionary) attack. </dd>
+
+<dt><b>noanonymous</b></dt>
+
+<dd>Disallow methods that allow anonymous authentication. </dd>
+
+<dt><b>forward_secrecy</b></dt>
+
+<dd>Only allow methods that support forward secrecy (Dovecot only).
+</dd>
+
+<dt><b>mutual_auth</b></dt>
+
+<dd>Only allow methods that provide mutual authentication (not available
+with Cyrus SASL version 1). </dd>
+
+</dl>
+
+<p>
+By default, the Postfix SMTP server accepts plaintext passwords but
+not anonymous logins.
+</p>
+
+<p>
+Warning: it appears that clients try authentication methods in the
+order as advertised by the server (e.g., PLAIN ANONYMOUS CRAM-MD5)
+which means that if you disable plaintext passwords, clients will
+log in anonymously, even when they should be able to use CRAM-MD5.
+So, if you disable plaintext logins, disable anonymous logins too.
+Postfix treats anonymous login as no authentication.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> = noanonymous, noplaintext
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_service">smtpd_sasl_service</a>
+(default: smtp)</b></DT><DD>
+
+<p> The service name that is passed to the SASL plug-in that is
+selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b> and <b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a></b>.
+</p>
+
+<p> This feature is available in Postfix 2.11 and later. Prior
+versions behave as if "<b>smtp</b>" is specified. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a>
+(default: $<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a>)</b></DT><DD>
+
+<p> The SASL authentication security options that the Postfix SMTP
+server uses for TLS encrypted SMTP sessions. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sasl_type">smtpd_sasl_type</a>
+(default: cyrus)</b></DT><DD>
+
+<p> The SASL plug-in type that the Postfix SMTP server should use
+for authentication. The available types are listed with the
+"<b>postconf -a</b>" command. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sender_login_maps">smtpd_sender_login_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup table with the SASL login names that own the sender
+(MAIL FROM) addresses.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.  With lookups from
+indexed files such as DB or DBM, or from networked tables such as
+NIS, LDAP or SQL, the following search operations are done with a
+sender address of <i>user@domain</i>:  </p>
+
+<dl>
+
+<dt> 1) <i>user@domain</i> </dt>
+
+<dd>This table lookup is always done and has the highest precedence. </dd>
+
+<dt> 2) <i>user</i> </dt>
+
+<dd>This table lookup is done only when the <i>domain</i> part of the
+sender address matches $<a href="postconf.5.html#myorigin">myorigin</a>, $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
+or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. </dd>
+
+<dt> 3) <i>@domain</i> </dt>
+
+<dd>This table lookup is done last and has the lowest precedence. </dd>
+
+</dl>
+
+<p>
+In all cases the result of table lookup must be either "not found"
+or a list of SASL login names separated by comma and/or whitespace.
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_sender_restrictions">smtpd_sender_restrictions</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional restrictions that the Postfix SMTP server applies in the
+context of a client MAIL FROM command.
+See <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a>, section "Delayed evaluation of SMTP access
+restriction lists" for a discussion of evaluation context and time.
+</p>
+
+<p>
+The default is to permit everything.
+</p>
+
+<p>
+Specify a list of restrictions, separated by commas and/or whitespace.
+Continue long lines by starting the next line with whitespace.
+Restrictions are applied in the order as specified; the first
+restriction that matches wins.
+</p>
+
+<p>
+The following restrictions are specific to the sender address
+received with the MAIL FROM command.
+</p>
+
+<dl>
+
+<dt><b><a name="check_sender_access">check_sender_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MAIL FROM
+address, domain, parent domains, or localpart@, and execute the
+corresponding action. </dd>
+
+<dt><b><a name="check_sender_a_access">check_sender_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
+the MAIL FROM domain, and execute the corresponding action.  Note:
+a result of "OK" is not allowed for safety reasons. Instead, use
+DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 3.0 and later. </dd>
+
+<dt><b><a name="check_sender_mx_access">check_sender_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
+the MAIL FROM domain, and execute the corresponding action.  Note:
+a result of "OK" is not allowed for safety reasons. Instead, use
+DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 2.1 and later. </dd>
+
+<dt><b><a name="check_sender_ns_access">check_sender_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
+
+<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
+for the MAIL FROM domain, and execute the corresponding action.
+Note: a result of "OK" is not allowed for safety reasons. Instead,
+use DUNNO in order to exclude specific hosts from blacklists.  This
+feature is available in Postfix 2.1 and later.  </dd>
+
+<dt><b><a name="reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a></b></dt>
+
+<dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
+authenticated clients only. This feature is available in
+Postfix version 2.1 and later. </dd>
+
+<dt><b><a name="reject_known_sender_login_mismatch">reject_known_sender_login_mismatch</a></b></dt>
+
+<dd>Apply the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction only to MAIL
+FROM addresses that are known in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.  This
+feature is available in Postfix version 2.11 and later. </dd>
+
+<dt><b><a name="reject_non_fqdn_sender">reject_non_fqdn_sender</a></b></dt>
+
+<dd>Reject the request when the MAIL FROM address specifies a
+domain that is not in
+fully-qualified domain form as required by the RFC. <br> The
+<a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
+rejected requests (default: 504). </dd>
+
+<dt><b><a name="reject_rhsbl_sender">reject_rhsbl_sender <i>rbl_domain=d.d.d.d</i></a></b></dt>
+
+<dd>Reject the request when the MAIL FROM domain is listed with
+the A record "<i>d.d.d.d</i>" under <i>rbl_domain</i> (Postfix
+version 2.1 and later only).  Each "<i>d</i>" is a number, or a
+pattern inside "[]" that contains one or more ";"-separated numbers
+or number..number ranges (Postfix version 2.8 and later). If no
+"<i>=d.d.d.d</i>" is specified,
+reject the request when the MAIL FROM domain is
+listed with any A record under <i>rbl_domain</i>. <br> The
+<a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> parameter specifies the response code for
+rejected requests (default:  554); the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> parameter
+specifies the default server reply; and the <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> parameter
+specifies tables with server replies indexed by <i>rbl_domain</i>.
+This feature is available in Postfix 2.0 and later.</dd>
+
+<dt><b><a name="reject_sender_login_mismatch">reject_sender_login_mismatch</a></b></dt>
+
+<dd>Reject the request when $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> specifies an
+owner for the MAIL FROM address, but the client is not (SASL) logged
+in as that MAIL FROM address owner; or when the client is (SASL)
+logged in, but the client login name doesn't own the MAIL FROM
+address according to $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.</dd>
+
+<dt><b><a name="reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a></b></dt>
+
+<dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
+unauthenticated clients only. This feature is available in
+Postfix version 2.1 and later. </dd>
+
+<dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
+
+<dd>Reject the request when Postfix is not final destination for
+the sender address, and the MAIL FROM domain has 1) no DNS MX and
+no DNS A
+record, or 2) a malformed MX record such as a record with
+a zero-length MX hostname (Postfix version 2.3 and later). <br> The
+reply is specified with the <a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter
+(default: 450), <a href="postconf.5.html#unknown_address_tempfail_action">unknown_address_tempfail_action</a> (default:
+<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>), or 550 (nullmx, Postfix 3.0 and
+later). See the respective parameter descriptions for details.
+</dd>
+
+<dt><b><a name="reject_unlisted_sender">reject_unlisted_sender</a></b></dt>
+
+<dd>Reject the request when the MAIL FROM address is not listed in
+the list of valid recipients for its domain class. See the
+<a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> parameter description for details.
+This feature is available in Postfix 2.1 and later.</dd>
+
+<dt><b><a name="reject_unverified_sender">reject_unverified_sender</a></b></dt>
+
+<dd>Reject the request when mail to the MAIL FROM address is known to
+bounce, or when the sender address destination is not reachable.
+Address verification information is managed by the <a href="verify.8.html">verify(8)</a> server;
+see the <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> file for details. <br> The
+<a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> parameter specifies the numerical
+response code when an address is known to bounce (default: 450,
+change into 550 when you are confident that it is safe to do so).
+<br>The <a href="postconf.5.html#unverified_sender_defer_code">unverified_sender_defer_code</a> specifies the numerical response
+code when an address probe failed due to a temporary problem
+(default: 450).  <br> The <a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a> parameter
+specifies the action after address probe failure due to a temporary
+problem (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>).  <br> This feature is available
+in Postfix 2.1 and later.  </dd>
+
+</dl>
+
+<p>
+Other restrictions that are valid in this context:
+</p>
+
+<ul>
+
+<li> <a href="#generic">Generic</a> restrictions that can be used
+in any SMTP command context, described under <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>.
+
+<li> SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a>.
+
+<li> SMTP command specific restrictions described under
+<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>. When recipient restrictions are listed
+under <a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, they have effect only with
+"<a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> = yes", so that $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> is
+evaluated at the time of the RCPT TO command.
+
+</ul>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
+<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>,
+    <a href="postconf.5.html#check_sender_access">check_sender_access</a> <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/access
+</pre>
+
+
+</DD>
+
+<DT><b><a name="smtpd_service_name">smtpd_service_name</a>
+(default: smtpd)</b></DT><DD>
+
+<p> The internal service that <a href="postscreen.8.html">postscreen(8)</a> hands off allowed
+connections to. In a future version there may be different
+classes of SMTP service. </p>
+
+<p> This feature is available in Postfix 2.8. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_soft_error_limit">smtpd_soft_error_limit</a>
+(default: 10)</b></DT><DD>
+
+<p>
+The number of errors a remote SMTP client is allowed to make without
+delivering mail before the Postfix SMTP server slows down all its
+responses.
+</p>
+
+<ul>
+
+<li><p>With Postfix version 2.1 and later, the Postfix SMTP server
+delays all responses by $<a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> seconds. </p>
+
+<li><p>With Postfix versions 2.0 and earlier, the Postfix SMTP
+server delays all responses by (number of errors) seconds. </p>
+
+</ul>
+
+
+</DD>
+
+<DT><b><a name="smtpd_starttls_timeout">smtpd_starttls_timeout</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The time limit for Postfix SMTP server write and read operations
+during TLS startup and shutdown handshake procedures. The current
+default value is stress-dependent. Before Postfix version 2.8, it
+was fixed at 300s. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_timeout">smtpd_timeout</a>
+(default: normal: 300s, overload: 10s)</b></DT><DD>
+
+<p>
+The time limit for sending a Postfix SMTP server response and for
+receiving a remote SMTP client request. Normally the default limit
+is 300s, but it changes under overload to just 10s. With Postfix
+2.5 and earlier, the SMTP server always uses a time limit of 300s
+by default.
+</p>
+
+<p>
+Note: if you set SMTP time limits to very large values you may have
+to update the global <a href="postconf.5.html#ipc_timeout">ipc_timeout</a> parameter.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_CAfile">smtpd_tls_CAfile</a>
+(default: empty)</b></DT><DD>
+
+<p> A file containing (PEM format) CA certificates of root CAs trusted
+to sign either remote SMTP client certificates or intermediate CA
+certificates.  These are loaded into memory before the <a href="smtpd.8.html">smtpd(8)</a> server
+enters the chroot jail. If the number of trusted roots is large, consider
+using <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> instead, but note that the latter directory must
+be present in the chroot jail if the <a href="smtpd.8.html">smtpd(8)</a> server is chrooted. This
+file may also be used to augment the server certificate trust chain,
+but it is best to include all the required certificates directly in the
+server certificate file. </p>
+
+<p> Specify "<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> = /path/to/system_CA_file" to use ONLY
+the system-supplied default Certification Authority certificates.
+</p>
+
+<p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. </p>
+
+<p> By default (see <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>), client certificates are not
+requested, and <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> should remain empty. If you do make use
+of client certificates, the distinguished names (DNs) of the Certification
+Authorities listed in <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> are sent to the remote SMTP client
+in the client certificate request message. MUAs with multiple client
+certificates may use the list of preferred Certification Authorities
+to select the correct client certificate.  You may want to put your
+"preferred" CA or CAs in this file, and install other trusted CAs in
+$<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> = /etc/postfix/CAcert.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_CApath">smtpd_tls_CApath</a>
+(default: empty)</b></DT><DD>
+
+<p> A directory containing (PEM format) CA certificates of root CAs
+trusted to sign either remote SMTP client certificates or intermediate CA
+certificates. Do not forget to create the necessary "hash" links with,
+for example, "$OPENSSL_HOME/bin/c_rehash /etc/postfix/certs". To use
+<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> in chroot mode, this directory (or a copy) must be
+inside the chroot jail. </p>
+
+<p> Specify "<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> = /path/to/system_CA_directory" to
+use ONLY the system-supplied default Certification Authority certificates.
+</p>
+
+<p> Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = no" to prevent Postfix from
+appending the system-supplied default CAs and trusting third-party
+certificates. </p>
+
+<p> By default (see <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>), client certificates are
+not requested, and <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> should remain empty. In contrast
+to <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, DNs of Certification Authorities installed
+in $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> are not included in the client certificate
+request message. MUAs with multiple client certificates may use the
+list of preferred Certification Authorities to select the correct
+client certificate.  You may want to put your "preferred" CA or
+CAs in $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, and install the remaining trusted CAs in
+$<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> = /etc/postfix/certs
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>
+(default: yes)</b></DT><DD>
+
+<p> Force the Postfix SMTP server to issue a TLS session id, even
+when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
+is empty). This behavior is compatible with Postfix &lt; 2.3. </p>
+
+<p> With Postfix 2.3 and later the Postfix SMTP server can disable
+session id generation when TLS session caching is turned off. This
+keeps remote SMTP clients from caching sessions that almost certainly cannot
+be re-used.  </p>
+
+<p> By default, the Postfix SMTP server always generates TLS session
+ids. This works around a known defect in mail client applications
+such as MS Outlook, and may also prevent interoperability issues
+with other MTAs. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> = no
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>
+(default: no)</b></DT><DD>
+
+<p> Ask a remote SMTP client for a client certificate. This
+information is needed for certificate based mail relaying with,
+for example, the <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a> feature. </p>
+
+<p> Some clients such as Netscape will either complain if no
+certificate is available (for the list of CAs in $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>)
+or will offer multiple client certificates to choose from. This
+may be annoying, so this option is "off" by default. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_auth_only">smtpd_tls_auth_only</a>
+(default: no)</b></DT><DD>
+
+<p> When TLS encryption is optional in the Postfix SMTP server, do
+not announce or accept SASL authentication over unencrypted
+connections. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a>
+(default: 9)</b></DT><DD>
+
+<p> The verification depth for remote SMTP client certificates. A
+depth of 1 is sufficient if the issuing CA is listed in a local CA
+file. </p>
+
+<p> The default verification depth is 9 (the OpenSSL default) for
+compatibility with earlier Postfix behavior. Prior to Postfix 2.5,
+the default value was 5, but the limit was not actually enforced. If
+you have set this to a lower non-default value, certificates with longer
+trust chains may now fail to verify. Certificate chains with 1 or 2
+CAs are common, deeper chains are more rare and any number between 5
+and 9 should suffice in practice. You can choose a lower number if,
+for example, you trust certificates directly signed by an issuing CA
+but not any CAs it delegates to. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_cert_file">smtpd_tls_cert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP server RSA certificate in PEM format.
+This file may also contain the Postfix SMTP server private RSA key. </p>
+
+<p> Public Internet MX hosts without certificates signed by a "reputable"
+CA must generate, and be prepared to present to most clients, a
+self-signed or private-CA signed certificate. The client will not be
+able to authenticate the server, but unless it is running Postfix 2.3 or
+similar software, it will still insist on a server certificate. </p>
+
+<p> For servers that are <b>not</b> public Internet MX hosts, Postfix
+2.3 supports configurations with no certificates. This entails the
+use of just the anonymous TLS ciphers, which are not supported by
+typical SMTP clients. Since such clients will not, as a rule, fall
+back to plain text after a TLS handshake failure, the server will
+be unable to receive email from TLS enabled clients. To avoid
+accidental configurations with no certificates, Postfix 2.3 enables
+certificate-less operation only when the administrator explicitly
+sets "<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = none". This ensures that new Postfix
+configurations will not accidentally run with no certificates. </p>
+
+<p> Both RSA and DSA certificates are supported.  When both types
+are present, the cipher used determines which certificate will be
+presented to the client.  For Netscape and OpenSSL clients without
+special cipher choices the RSA certificate is preferred. </p>
+
+<p> To enable a remote SMTP client to verify the Postfix SMTP server
+certificate, the issuing CA certificates must be made available to the
+client. You should include the required certificates in the server
+certificate file, the server certificate first, then the issuing
+CA(s) (bottom-up order). </p>
+
+<p> Example: the certificate for "server.example.com" was issued by
+"intermediate CA" which itself has a certificate of "root CA".
+Create the server.pem file with "cat server_cert.pem intermediate_CA.pem
+root_CA.pem &gt; server.pem". </p>
+
+<p> If you also want to verify client certificates issued by these
+CAs, you can add the CA certificates to the <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>, in which
+case it is not necessary to have them in the <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> or
+<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
+
+<p> A certificate supplied here must be usable as an SSL server certificate
+and hence pass the "openssl verify -purpose sslserver ..." test. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> = /etc/postfix/server.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_cipherlist">smtpd_tls_cipherlist</a>
+(default: empty)</b></DT><DD>
+
+<p> Obsolete Postfix &lt; 2.3 control for the Postfix SMTP server TLS
+cipher list. It is easy to create interoperability problems by choosing
+a non-default cipher list. Do not use a non-default TLS cipherlist for
+MX hosts on the public Internet. Clients that begin the TLS handshake,
+but are unable to agree on a common cipher, may not be able to send any
+email to the SMTP server. Using a restricted cipher list may be more
+appropriate for a dedicated MSA or an internal mailhub, where one can
+exert some control over the TLS software and settings of the connecting
+clients. </p>
+
+<p> <b>Note:</b> do not use "" quotes around the parameter value. </p>
+
+<p>This feature is available with Postfix version 2.2. It is not used with
+Postfix 2.3 and later; use <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_ciphers">smtpd_tls_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix SMTP server
+will use with opportunistic TLS encryption. Cipher types listed in
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> are excluded from the base definition of
+the selected cipher grade.  The default value is "medium" for Postfix
+releases after the middle of 2015, "export" for older releases.
+</p>
+
+<p> When TLS is mandatory the cipher grade is chosen via the
+<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> configuration parameter, see there for syntax
+details. </p>
+
+<p> This feature is available in Postfix 2.6 and later. With earlier Postfix
+releases only the <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> parameter is implemented,
+and opportunistic TLS always uses "export" or better (i.e. all) ciphers. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP server DSA certificate in PEM format.
+This file may also contain the Postfix SMTP server private DSA key. </p>
+
+<p> See the discussion under <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for more details.
+</p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> = /etc/postfix/server-dsa.pem
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with DH parameters that the Postfix SMTP server should
+use with non-export EDH ciphers. </p>
+
+<p> Instead of using the exact same parameter sets as distributed
+with other TLS packages, it is more secure to generate your own
+set of parameters with something like the following commands:  </p>
+
+<blockquote>
+<pre>
+openssl dhparam -out /etc/postfix/dh512.pem 512
+openssl dhparam -out /etc/postfix/dh1024.pem 1024
+openssl dhparam -out /etc/postfix/dh2048.pem 2048
+</pre>
+</blockquote>
+
+<p> It is safe to share the same DH parameters between multiple
+Postfix instances.  If you prefer, you can generate separate
+parameters for each instance.  </p>
+
+<p> If you want to take maximal advantage of ciphers that offer <a
+href="FORWARD_SECRECY_README.html#dfn_fs">forward secrecy</a> see
+the <a href="FORWARD_SECRECY_README.html#quick-start">Getting
+started</a> section of <a
+href="FORWARD_SECRECY_README.html">FORWARD_SECRECY_README</a>.  The
+full document conveniently presents all information about Postfix
+"perfect" forward secrecy support in one place: what forward secrecy
+is, how to tweak settings, and what you can expect to see when
+Postfix uses ciphers with forward secrecy.  </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> = /etc/postfix/dh2048.pem
+</pre>
+
+<p>This feature is available with Postfix version 2.2.</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with DH parameters that the Postfix SMTP server should
+use with export-grade EDH ciphers.  The default SMTP server cipher
+grade is "medium" with Postfix releases after the middle of 2015,
+and as a result export-grade cipher suites are by default not used.
+</p>
+
+<p> See also the discussion under the <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
+configuration parameter.  </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> = /etc/postfix/dh_512.pem
+</pre>
+
+<p>This feature is available with Postfix version 2.2.</p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_dkey_file">smtpd_tls_dkey_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP server DSA private key in PEM format.
+This file may be combined with the Postfix SMTP server DSA certificate
+file specified with $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>
+(default: empty)</b></DT><DD>
+
+<p> File with the Postfix SMTP server ECDSA certificate in PEM format.
+This file may also contain the Postfix SMTP server private ECDSA key. </p>
+
+<p> See the discussion under <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for more details. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> = /etc/postfix/ecdsa-scert.pem
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_eckey_file">smtpd_tls_eckey_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP server ECDSA private key in PEM format.
+This file may be combined with the Postfix SMTP server ECDSA certificate
+file specified with $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+<p> This feature is available in Postfix 2.6 and later, when Postfix is
+compiled and linked with OpenSSL 1.0.0 or later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The Postfix SMTP server security grade for ephemeral elliptic-curve
+Diffie-Hellman (EECDH) key exchange. </p>
+
+<p> The available choices are: </p>
+
+<dl>
+
+<dt><b>none</b></dt> <dd> Don't use EECDH. Ciphers based on EECDH key
+exchange will be disabled. This is the default in Postfix versions
+2.6 and 2.7. </dd>
+
+<dt><b>strong</b></dt> <dd> Use EECDH with approximately 128
+bits of security at a reasonable computational cost. This is the
+current best-practice trade-off between security and computational
+efficiency. This is the default in Postfix version 2.8 and later.
+</dd>
+
+<dt><b>ultra</b></dt> <dd> Use EECDH with approximately 192 bits of
+security at computational cost that is approximately twice as high
+as 128 bit strength ECC. Barring significant progress in attacks on
+elliptic curve crypto-systems, the "strong" curve is sufficient for most
+users. </dd>
+
+<dt><b>auto</b></dt> <dd> Use the most preferred curve that is
+supported by both the client and the server.  This setting requires
+Postfix &ge; 3.2 compiled and linked with OpenSSL &ge; 1.0.2.  This
+is the default setting under the above conditions.  </dd>
+
+</dl>
+
+<p> If you want to take maximal advantage of ciphers that offer <a
+href="FORWARD_SECRECY_README.html#dfn_fs">forward secrecy</a> see
+the <a href="FORWARD_SECRECY_README.html#quick-start">Getting
+started</a> section of <a
+href="FORWARD_SECRECY_README.html">FORWARD_SECRECY_README</a>.  The
+full document conveniently presents all information about Postfix
+"perfect" forward secrecy support in one place: what forward secrecy
+is, how to tweak settings, and what you can expect to see when
+Postfix uses ciphers with forward secrecy.  </p>
+
+<p> This feature is available in Postfix 2.6 and later, when it is
+compiled and linked with OpenSSL 1.0.0 or later on platforms
+where EC algorithms have not been disabled by the vendor. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> List of ciphers or cipher types to exclude from the SMTP server
+cipher list at all TLS security levels. Excluding valid ciphers
+can create interoperability problems. DO NOT exclude ciphers unless it
+is essential to do so. This is not an OpenSSL cipherlist; it is a simple
+list separated by whitespace and/or commas. The elements are a single
+cipher, or one or more "+" separated cipher properties, in which case
+only ciphers matching <b>all</b> the properties are excluded. </p>
+
+<p> Examples (some of these will cause problems): </p>
+
+<blockquote>
+<pre>
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = MD5, DES
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = DES+MD5
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = AES256-SHA, DES-CBC3-MD5
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = kEDH+aRSA
+</pre>
+</blockquote>
+
+<p> The first setting disables anonymous ciphers. The next setting
+disables ciphers that use the MD5 digest algorithm or the (single) DES
+encryption algorithm. The next setting disables ciphers that use MD5 and
+DES together.  The next setting disables the two ciphers "AES256-SHA"
+and "DES-CBC3-MD5". The last setting disables ciphers that use "EDH"
+key exchange with RSA authentication. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a>
+(default: md5)</b></DT><DD>
+
+<p> The message digest algorithm to construct remote SMTP
+client-certificate
+fingerprints or public key fingerprints (Postfix 2.9 and later)
+for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and <b><a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a></b>. The
+default algorithm is <b>md5</b>, for backwards compatibility with Postfix
+releases prior to 2.5.  </p>
+
+<p> Advances in hash
+function cryptanalysis have led to md5 being deprecated in favor of sha1.
+However, as long as there are no known "second pre-image" attacks
+against md5, its use in this context can still be considered safe.
+</p>
+
+<p> While additional digest algorithms are often available with OpenSSL's
+libcrypto, only those used by libssl in SSL cipher suites are available to
+Postfix. </p>
+
+<p> To find the fingerprint of a specific certificate file, with a
+specific digest algorithm, run: </p>
+
+<blockquote>
+<pre>
+$ openssl x509 -noout -fingerprint -<i>digest</i> -in <i>certfile</i>.pem
+</pre>
+</blockquote>
+
+<p> The text to the right of "=" sign is the desired fingerprint.
+For example: </p>
+
+<blockquote>
+<pre>
+$ openssl x509 -noout -fingerprint -sha1 -in cert.pem
+SHA1 Fingerprint=D4:6A:AB:19:24:79:F8:32:BB:A6:CB:66:82:C0:8E:9B:EE:29:A8:1A
+</pre>
+</blockquote>
+
+<p> To extract the public key fingerprint from an X.509 certificate,
+you need to extract the public key from the certificate and compute
+the appropriate digest of its DER (ASN.1) encoding. With OpenSSL
+the "-pubkey" option of the "x509" command extracts the public
+key always in "PEM" format. We pipe the result to another OpenSSL
+command that converts the key to DER and then to the "dgst" command
+to compute the fingerprint. </p>
+
+<p> The actual command to transform the key to DER format depends
+on the version of OpenSSL used. With OpenSSL 1.0.0 and later, the
+"pkey" command supports all key types. With OpenSSL 0.9.8 and
+earlier, the key type is always RSA (nobody uses DSA, and EC
+keys are not fully supported by 0.9.8), so the "rsa" command is
+used. </p>
+<blockquote>
+<pre>
+# OpenSSL 1.0 with all certificates and SHA-1 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+    openssl pkey -pubin -outform DER |
+    openssl dgst -sha1 -c
+(stdin)= 64:3f:1f:f6:e5:1e:d4:2a:56:8b:fc:09:1a:61:98:b5:bc:7c:60:58
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+# OpenSSL 0.9.8 with RSA certificates and MD5 fingerprints.
+$ openssl x509 -in cert.pem -noout -pubkey |
+    openssl rsa -pubin -outform DER |
+    openssl dgst -md5 -c
+(stdin)= f4:62:60:f6:12:8f:d5:8d:28:4d:13:a7:db:b2:ff:50
+</pre>
+</blockquote>
+
+<p> The Postfix SMTP server and client log the peer (leaf) certificate
+fingerprint and public key fingerprint when the TLS loglevel is 2 or
+higher. </p>
+
+<p> <b>Note:</b> Postfix 2.9.0&ndash;2.9.5 computed the public key
+fingerprint incorrectly. To use public-key fingerprints, upgrade
+to Postfix 2.9.6 or later. </p>
+
+<p> Example: client-certificate access table, with sha1 fingerprints: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> = sha1
+    <a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> =
+        <a href="postconf.5.html#check_ccert_access">check_ccert_access</a> <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/access,
+        reject
+</pre>
+<pre>
+/etc/postfix/access:
+    # Action folded to next line...
+    AF:88:7C:AD:51:95:6F:36:96:F6:01:FB:2E:48:CD:AB:49:25:A2:3B
+        OK
+    85:16:78:FD:73:6E:CE:70:E0:31:5F:0D:3C:C8:6D:C4:2C:24:59:E1
+        <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
+</pre>
+</blockquote>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_key_file">smtpd_tls_key_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix SMTP server RSA private key in PEM format.
+This file may be combined with the Postfix SMTP server RSA certificate
+file specified with $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>. </p>
+
+<p> The private key must be accessible without a pass-phrase, i.e. it
+must not be encrypted. File permissions should grant read-only
+access to the system superuser account ("root"), and no access
+to anyone else. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_loglevel">smtpd_tls_loglevel</a>
+(default: 0)</b></DT><DD>
+
+<p> Enable additional Postfix SMTP server logging of TLS activity.
+Each logging level also includes the information that is logged at
+a lower logging level.  </p>
+
+<dl compact>
+
+<dt> </dt> <dd> 0 Disable logging of TLS activity. </dd>
+
+<dt> </dt> <dd> 1 Log only a summary message on TLS handshake completion
+&mdash; no logging of client certificate trust-chain verification errors
+if client certificate verification is not required.  With Postfix 2.8 and
+earlier, log the summary message, peer certificate summary information
+and unconditionally log trust-chain verification errors.  </dd>
+
+<dt> </dt> <dd> 2 Also log levels during TLS negotiation. </dd>
+
+<dt> </dt> <dd> 3 Also log hexadecimal and ASCII dump of TLS negotiation
+process. </dd>
+
+<dt> </dt> <dd> 4 Also log hexadecimal and ASCII dump of complete
+transmission after STARTTLS. </dd>
+
+</dl>
+
+<p> Do not use "<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> = 2" or higher except in case
+of problems. Use of loglevel 4 is strongly discouraged. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>
+(default: medium)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix SMTP server will
+use with mandatory TLS encryption. The default grade ("medium") is
+sufficiently strong that any benefit from globally restricting TLS
+sessions to a more stringent grade is likely negligible, especially
+given the fact that many implementations still do not offer any stronger
+("high" grade) ciphers, while those that do, will always use "high"
+grade ciphers. So insisting on "high" grade ciphers is generally
+counter-productive. Allowing "export" or "low" ciphers is typically
+not a good idea, as systems limited to just these are limited to
+obsolete browsers. No known SMTP clients fail to support at least
+one "medium" or "high" grade cipher. </p>
+
+<p> The following cipher grades are supported: </p>
+
+<dl>
+<dt><b>export</b></dt>
+<dd> Enable "EXPORT" grade or stronger OpenSSL ciphers.  The
+underlying cipherlist is specified via the <a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a>
+configuration parameter, which you are strongly encouraged to not
+change.  This choice is insecure and SHOULD NOT be used.  </dd>
+
+<dt><b>low</b></dt>
+<dd> Enable "LOW" grade or stronger OpenSSL ciphers. The underlying
+cipherlist is specified via the <a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> configuration
+parameter, which you are strongly encouraged to not change.  This
+choice is insecure and SHOULD NOT be used.  </dd>
+
+<dt><b>medium</b></dt>
+<dd> Enable "MEDIUM" grade or stronger OpenSSL ciphers. These use 128-bit
+or longer symmetric bulk-encryption keys. This is the default minimum
+strength for mandatory TLS encryption. The underlying cipherlist is
+specified via the <a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> configuration parameter, which
+you are strongly encouraged to not change. </dd>
+
+<dt><b>high</b></dt>
+<dd> Enable only "HIGH" grade OpenSSL ciphers. The
+underlying cipherlist is specified via the <a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a>
+configuration parameter, which you are strongly encouraged to
+not change. </dd>
+
+<dt><b>null</b></dt>
+<dd> Enable only the "NULL" OpenSSL ciphers, these provide authentication
+without encryption.  This setting is only appropriate in the rare
+case that all clients are prepared to use NULL ciphers (not normally
+enabled in TLS clients). The underlying cipherlist is specified via the
+<a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> configuration parameter, which you are strongly
+encouraged to not change. </dd>
+
+</dl>
+
+<p> Cipher types listed in
+<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> or <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> are
+excluded from the base definition of the selected cipher grade. See
+<a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a> for cipher controls that apply to opportunistic
+TLS. </p>
+
+<p> The underlying cipherlists for grades other than "null" include
+anonymous ciphers, but these are automatically filtered out if the
+server is configured to ask for remote SMTP client certificates.  You are very
+unlikely to need to take any steps to exclude anonymous ciphers, they
+are excluded automatically as required.  If you must exclude anonymous
+ciphers even when Postfix does not need or use peer certificates, set
+"<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> = aNULL". To exclude anonymous ciphers only
+when TLS is enforced, set "<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL". </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>
+(default: empty)</b></DT><DD>
+
+<p> Additional list of ciphers or cipher types to exclude from the
+Postfix SMTP server cipher list at mandatory TLS security levels.
+This list
+works in addition to the exclusions listed with <a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>
+(see there for syntax details).  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> The SSL/TLS protocols accepted by the Postfix SMTP server with
+mandatory TLS encryption. If the list is empty, the server supports
+all available SSL/TLS protocol versions.  A non-empty value is a
+list of protocol names separated by whitespace, commas or colons.
+The supported protocol names are "SSLv2", "SSLv3" and "TLSv1", and
+are not case sensitive. The default value is "!SSLv2, !SSLv3" for
+Postfix releases after the middle of 2015, "!SSLv2" for older
+releases. </p>
+
+<p> With Postfix &ge; 2.5 the parameter syntax was expanded to support
+protocol exclusions. One can explicitly exclude "SSLv2" by setting
+"<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2". To exclude both "SSLv2" and
+"SSLv3" set "<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3". Listing
+the protocols to include, rather than protocols to exclude, is
+supported, but not recommended. The exclusion form more closely
+matches the underlying OpenSSL interface semantics.  </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". When Postfix &le; 2.5 is linked against OpenSSL 1.0.1
+or later, these, or any other new protocol versions, cannot be
+disabled.  The latest patch levels of Postfix &ge; 2.6, and all
+versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
+
+<p> Example: </p>
+
+<pre>
+# Preferred syntax with Postfix &ge; 2.5:
+<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
+# Legacy syntax:
+<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
+</pre>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_protocols">smtpd_tls_protocols</a>
+(default: !SSLv2, !SSLv3)</b></DT><DD>
+
+<p> List of TLS protocols that the Postfix SMTP server will exclude
+or include with opportunistic TLS encryption. The default value is
+"!SSLv2, !SSLv3" for Postfix releases after the middle of 2015,
+empty for older releases allowing all protocols to be
+used with opportunistic TLS.  A non-empty value is a list of protocol
+names separated by whitespace, commas or colons.  The supported
+protocol names are "SSLv2", "SSLv3" and "TLSv1", and are not case
+sensitive. </p>
+
+<p> Note: As of OpenSSL 1.0.1 two new protocols are defined, "TLSv1.1"
+and "TLSv1.2". The latest patch levels of Postfix &ge; 2.6, and all
+versions of Postfix &ge; 2.10 can disable support for "TLSv1.1" or
+"TLSv1.2". </p>
+
+<p> To include a protocol list its name, to exclude it, prefix the name
+with a "!" character. To exclude SSLv2 for opportunistic TLS set
+"<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2". To exclude both "SSLv2" and "SSLv3" set
+"<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2, !SSLv3". Explicitly listing the protocols to
+include, rather than protocols to exclude, is supported, but not
+recommended.  The exclusion form more closely matches the underlying
+OpenSSL interface semantics. </p>
+
+<p> Example: </p>
+<pre>
+<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> = !SSLv2, !SSLv3
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_received_header">smtpd_tls_received_header</a>
+(default: no)</b></DT><DD>
+
+<p> Request that the Postfix SMTP server produces Received:  message
+headers that include information about the protocol and cipher used,
+as well as the remote SMTP client CommonName and client certificate issuer
+CommonName.  This is disabled by default, as the information may
+be modified in transit through other mail servers.  Only information
+that was recorded by the final destination can be trusted. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>
+(default: no)</b></DT><DD>
+
+<p> With mandatory TLS encryption, require a trusted remote SMTP client
+certificate in order to allow TLS connections to proceed.  This
+option implies "<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> = yes". </p>
+
+<p> When TLS encryption is optional, this setting is ignored with
+a warning written to the mail log. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_security_level">smtpd_tls_security_level</a>
+(default: empty)</b></DT><DD>
+
+<p> The SMTP TLS security level for the Postfix SMTP server; when
+a non-empty value is specified, this overrides the obsolete parameters
+<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. This parameter is ignored with
+"<a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> = yes".  </p>
+
+<p> Specify one of the following security levels: </p>
+
+<dl>
+
+<dt><b>none</b></dt> <dd> TLS will not be used. </dd>
+
+<dt><b>may</b></dt> <dd> Opportunistic TLS: announce STARTTLS support
+to remote SMTP clients, but do not require that clients use TLS encryption.
+</dd>
+
+<dt><b>encrypt</b></dt> <dd>Mandatory TLS encryption: announce
+STARTTLS support to remote SMTP clients, and require that clients use TLS
+encryption. According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a> this MUST NOT be applied in case
+of a publicly-referenced SMTP server. Instead, this option should
+be used only on dedicated servers. </dd>
+
+</dl>
+
+<p> Note 1: the "fingerprint", "verify" and "secure" levels are not
+supported here.
+The Postfix SMTP server logs a warning and uses "encrypt" instead.
+To verify remote SMTP client certificates, see <a href="TLS_README.html">TLS_README</a> for a discussion
+of the <a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>, <a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>, and <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
+features.  </p>
+
+<p> Note 2: The parameter setting "<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> =
+encrypt" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes".</p>
+
+<p> Note 3: when invoked via "sendmail -bs", Postfix will never
+offer STARTTLS due to insufficient privileges to access the server
+private key. This is intended behavior.</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>
+(default: empty)</b></DT><DD>
+
+<p> Name of the file containing the optional Postfix SMTP server
+TLS session cache. Specify a database type that supports enumeration,
+such as <b>btree</b> or <b>sdbm</b>; there is no need to support
+concurrent access.  The file is created if it does not exist. The <a href="smtpd.8.html">smtpd(8)</a>
+daemon does not use this parameter directly, rather the cache is
+implemented indirectly in the <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon. This means that
+per-smtpd-instance <a href="master.5.html">master.cf</a> overrides of this parameter are not
+effective. Note, that each of the cache databases supported by <a href="tlsmgr.8.html">tlsmgr(8)</a>
+daemon: $<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, $<a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a>
+(and with Postfix 2.3 and later $<a href="postconf.5.html#lmtp_tls_session_cache_database">lmtp_tls_session_cache_database</a>), needs to be
+stored separately. It is not at this time possible to store multiple
+caches in a single database. </p>
+
+<p> Note: <b>dbm</b> databases are not suitable. TLS
+session objects are too large. </p>
+
+<p> As of version 2.5, Postfix no longer uses root privileges when
+opening this file. The file should now be stored under the Postfix-owned
+<a href="postconf.5.html#data_directory">data_directory</a>. As a migration aid, an attempt to open the file
+under a non-Postfix directory is redirected to the Postfix-owned
+<a href="postconf.5.html#data_directory">data_directory</a>, and a warning is logged. </p>
+
+<p> As of Postfix 2.11 the preferred mechanism for session resumption
+is <a href="http://tools.ietf.org/html/rfc5077">RFC 5077</a> TLS session tickets, which don't require server-side
+storage.  Consequently, for Postfix &ge; 2.11 this parameter should
+generally be left empty.  TLS session tickets require an OpenSSL
+library (at least version 0.9.8h) that provides full support for
+this TLS extension.  See also <a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>. </p>
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> = <a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/smtpd_scache
+</pre>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>
+(default: 3600s)</b></DT><DD>
+
+<p> The expiration time of Postfix SMTP server TLS session cache
+information. A cache cleanup is performed periodically
+every $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> seconds. As with
+$<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a>, this parameter is implemented in the
+<a href="tlsmgr.8.html">tlsmgr(8)</a> daemon and therefore per-smtpd-instance <a href="master.5.html">master.cf</a> overrides
+are not possible. </p>
+
+<p> As of Postfix 2.11 this setting cannot exceed 100 days.  If set
+&le; 0, session caching is disabled, not just via the database, but
+also via <a href="http://tools.ietf.org/html/rfc5077">RFC 5077</a> TLS session tickets, which don't require server-side
+storage.  If set to a positive value less than 2 minutes, the minimum
+value of 2 minutes is used instead.  TLS session tickets require
+an OpenSSL library (at least version 0.9.8h) that provides full
+support for this TLS extension. </p>
+
+<p> This feature is available in Postfix 2.2 and later, and updated
+for TLS session ticket support in Postfix 2.11. </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>
+(default: no)</b></DT><DD>
+
+<p> Run the Postfix SMTP server in the non-standard "wrapper" mode,
+instead of using the STARTTLS command. </p>
+
+<p> If you want to support this service, enable a special port in
+<a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
+server's command line. Port 465 (smtps) was once chosen for this
+purpose. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a>
+(default: empty)</b></DT><DD>
+
+<p> The name of the proxy protocol used by an optional before-smtpd
+proxy agent. When a proxy agent is used, this protocol conveys local
+and remote address and port information.  Specify
+"<a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> = haproxy" to enable the haproxy
+protocol.  </p>
+
+<p> NOTE: To use the nginx proxy with <a href="smtpd.8.html">smtpd(8)</a>, enable the XCLIENT
+protocol with <a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a>. This supports SASL
+authentication in the proxy agent (Postfix 2.9 and later). <p>
+
+<p> This feature is available in Postfix 2.10 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_upstream_proxy_timeout">smtpd_upstream_proxy_timeout</a>
+(default: 5s)</b></DT><DD>
+
+<p> The time limit for the proxy protocol specified with the
+<a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> parameter. </p>
+
+<p> This feature is available in Postfix 2.10 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="smtpd_use_tls">smtpd_use_tls</a>
+(default: no)</b></DT><DD>
+
+<p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
+but do not require that clients use TLS encryption. </p>
+
+<p> Note: when invoked via "<b>sendmail -bs</b>", Postfix will never offer
+STARTTLS due to insufficient privileges to access the server private
+key. This is intended behavior. </p>
+
+<p> This feature is available in Postfix 2.2 and later. With
+Postfix 2.3 and later use <a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> instead. </p>
+
+
+</DD>
+
+<DT><b><a name="smtputf8_autodetect_classes">smtputf8_autodetect_classes</a>
+(default: sendmail, verify)</b></DT><DD>
+
+<p> Detect that a message requires SMTPUTF8 support for the specified
+mail origin classes.  This is a workaround to avoid chicken-and-egg
+problems during the initial SMTPUTF8 roll-out in environments with
+pre-existing mail flows that contain UTF8. Those mail flows should
+not break because Postfix suddenly refuses to deliver such mail
+to down-stream MTAs that don't announce SMTPUTF8 support.  </p>
+
+<p> The problem is that Postfix cannot rely solely on the sender's
+declaration that a message requires SMTPUTF8 support, because UTF8
+may be introduced during local processing (for example, the client
+hostname in Postfix's Received: header, adding @$<a href="postconf.5.html#myorigin">myorigin</a> or
+.$<a href="postconf.5.html#mydomain">mydomain</a> to an incomplete address, address rewriting, alias
+expansion, automatic BCC recipients, local forwarding, and changes
+made by header checks or Milter applications). </p>
+
+<p> For now, the default is to enable "SMTPUTF8 required" autodetection
+only for Postfix sendmail command-line submissions and address
+verification probes.  This may change once SMTPUTF8 support achieves
+world domination.  However, sites that add UTF8 content via local
+processing (see above) should autodetect the need for SMTPUTF8
+support for all email.</p>
+
+<p> Specify one or more of the following: </p>
+
+<dl compact>
+
+<dt> <b> sendmail </b> </dt> <dd> Submission with the Postfix
+<a href="sendmail.1.html">sendmail(1)</a> command. </dd>
+
+<dt> <b> smtpd </b> </dt> <dd> Mail received with the <a href="smtpd.8.html">smtpd(8)</a>
+daemon. </dd>
+
+<dt> <b> qmqpd </b> </dt> <dd> Mail received with the <a href="qmqpd.8.html">qmqpd(8)</a>
+daemon. </dd>
+
+<dt> <b> forward </b> </dt> <dd> Local forwarding or aliasing.  When
+a message is received with "SMTPUTF8 required", then the forwarded
+(aliased) message always has "SMTPUTF8 required".  </dd>
+
+<dt> <b> bounce </b> </dt> <dd> Submission by the <a href="bounce.8.html">bounce(8)</a> daemon.
+When a message is received with "SMTPUTF8 required", then the
+delivery status notification always has "SMTPUTF8 required".  </dd>
+
+<dt> <b> notify </b> </dt> <dd> Postmaster notification from the
+<a href="smtp.8.html">smtp(8)</a> or <a href="smtpd.8.html">smtpd(8)</a> daemon. </dd>
+
+<dt> <b> verify </b> </dt> <dd> Address verification probe from the
+<a href="verify.8.html">verify(8)</a> daemon.  </dd>
+
+<dt> <b> all </b> </dt> <dd> Enable SMTPUTF8 autodetection for all
+mail. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="smtputf8_enable">smtputf8_enable</a>
+(default: yes)</b></DT><DD>
+
+<p> Enable preliminary SMTPUTF8 support for the protocols described
+in <a href="http://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533. This requires that Postfix is built to support
+these protocols. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="soft_bounce">soft_bounce</a>
+(default: no)</b></DT><DD>
+
+<p>
+Safety net to keep mail queued that would otherwise be returned to
+the sender.  This parameter disables locally-generated bounces,
+changes the handling of negative responses from remote servers,
+content filters or plugins,
+and prevents the Postfix SMTP server from rejecting mail permanently
+by changing 5xx reply codes into 4xx.  However, <a href="postconf.5.html#soft_bounce">soft_bounce</a> is no
+cure for address rewriting mistakes or mail routing mistakes.
+</p>
+
+<p>
+Note: "<a href="postconf.5.html#soft_bounce">soft_bounce</a> = yes" is in some cases implemented by modifying
+server responses. Therefore, the response that Postfix logs may
+differ from the response that Postfix actually sends or receives.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#soft_bounce">soft_bounce</a> = yes
+</pre>
+
+
+</DD>
+
+<DT><b><a name="stale_lock_time">stale_lock_time</a>
+(default: 500s)</b></DT><DD>
+
+<p>
+The time after which a stale exclusive mailbox lockfile is removed.
+This is used for delivery to file or mailbox.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="stress">stress</a>
+(default: empty)</b></DT><DD>
+
+<p> This feature is documented in the <a href="STRESS_README.html">STRESS_README</a> document. </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="strict_7bit_headers">strict_7bit_headers</a>
+(default: no)</b></DT><DD>
+
+<p>
+Reject mail with 8-bit text in message headers. This blocks mail
+from poorly written applications.
+</p>
+
+<p>
+This feature should not be enabled on a general purpose mail server,
+because it is likely to reject legitimate email.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="strict_8bitmime">strict_8bitmime</a>
+(default: no)</b></DT><DD>
+
+<p>
+Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and <a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a>.
+</p>
+
+<p>
+This feature should not be enabled on a general purpose mail server,
+because it is likely to reject legitimate email.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="strict_8bitmime_body">strict_8bitmime_body</a>
+(default: no)</b></DT><DD>
+
+<p>
+Reject 8-bit message body text without 8-bit MIME content encoding
+information.  This blocks mail from poorly written applications.
+</p>
+
+<p>
+Unfortunately, this also rejects majordomo approval requests when
+the included request contains valid 8-bit MIME mail, and it rejects
+bounces from mailers that do not MIME encapsulate 8-bit content
+(for example, bounces from qmail or from old versions of Postfix).
+</p>
+
+<p>
+This feature should not be enabled on a general purpose mail server,
+because it is likely to reject legitimate email.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="strict_mailbox_ownership">strict_mailbox_ownership</a>
+(default: yes)</b></DT><DD>
+
+<p> Defer delivery when a mailbox file is not owned by its recipient.
+The default setting is not backwards compatible.  </p>
+
+<p> This feature is available in Postfix 2.5.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="strict_mime_encoding_domain">strict_mime_encoding_domain</a>
+(default: no)</b></DT><DD>
+
+<p>
+Reject mail with invalid Content-Transfer-Encoding: information
+for the message/* or multipart/* MIME content types.  This blocks
+mail from poorly written software.
+</p>
+
+<p>
+This feature should not be enabled on a general purpose mail server,
+because it will reject mail after a single violation.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="strict_rfc821_envelopes">strict_rfc821_envelopes</a>
+(default: no)</b></DT><DD>
+
+<p>
+Require that addresses received in SMTP MAIL FROM and RCPT TO
+commands are enclosed with &lt;&gt;, and that those addresses do
+not contain <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> style comments or phrases.  This stops mail
+from poorly written software.
+</p>
+
+<p>
+By default, the Postfix SMTP server accepts <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> syntax in MAIL
+FROM and RCPT TO addresses.
+</p>
+
+
+</DD>
+
+<DT><b><a name="strict_smtputf8">strict_smtputf8</a>
+(default: no)</b></DT><DD>
+
+<p> Enable stricter enforcement of the SMTPUTF8 protocol. The Postfix
+SMTP server accepts UTF8 sender or recipient addresses only when
+the client requests an SMTPUTF8 mail transaction. </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="sun_mailtool_compatibility">sun_mailtool_compatibility</a>
+(default: no)</b></DT><DD>
+
+<p>
+Obsolete SUN mailtool compatibility feature. Instead, use
+"<a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> = dotlock".
+</p>
+
+
+</DD>
+
+<DT><b><a name="swap_bangpath">swap_bangpath</a>
+(default: yes)</b></DT><DD>
+
+<p>
+Enable the rewriting of "site!user" into "user@site".  This is
+necessary if your machine is connected to UUCP networks.  It is
+enabled by default.
+</p>
+
+<p> Note: with Postfix version 2.2, message header address rewriting
+happens only when one of the following conditions is true: </p>
+
+<ul>
+
+<li> The message is received with the Postfix <a href="sendmail.1.html">sendmail(1)</a> command,
+
+<li> The message is received from a network client that matches
+$<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a>,
+
+<li> The message is received from the network, and the
+<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter specifies a non-empty value.
+
+</ul>
+
+<p> To get the behavior before Postfix version 2.2, specify
+"<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="DATABASE_README.html#types">static</a>:all". </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#swap_bangpath">swap_bangpath</a> = no
+</pre>
+
+
+</DD>
+
+<DT><b><a name="syslog_facility">syslog_facility</a>
+(default: mail)</b></DT><DD>
+
+<p>
+The syslog facility of Postfix logging. Specify a facility as
+defined in syslog.conf(5). The default facility is "mail".
+</p>
+
+<p>
+Warning: a non-default <a href="postconf.5.html#syslog_facility">syslog_facility</a> setting takes effect only
+after a Postfix process has completed initialization.  Errors during
+process initialization will be logged with the default facility.
+Examples are errors while parsing the command line arguments, and
+errors while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
+</p>
+
+
+</DD>
+
+<DT><b><a name="syslog_name">syslog_name</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+A prefix that is prepended to the process name in syslog
+records, so that, for example, "smtpd" becomes "prefix/smtpd".
+</p>
+
+<p>
+Warning: a non-default <a href="postconf.5.html#syslog_name">syslog_name</a> setting takes effect only after
+a Postfix process has completed initialization. Errors during
+process initialization will be logged with the default name. Examples
+are errors while parsing the command line arguments, and errors
+while accessing the Postfix <a href="postconf.5.html">main.cf</a> configuration file.
+</p>
+
+
+</DD>
+
+<DT><b><a name="tcp_windowsize">tcp_windowsize</a>
+(default: 0)</b></DT><DD>
+
+<p> An optional workaround for routers that break TCP window scaling.
+Specify a value &gt; 0 and &lt; 65536 to enable this feature.  With
+Postfix TCP servers (<a href="smtpd.8.html">smtpd(8)</a>, <a href="qmqpd.8.html">qmqpd(8)</a>), this feature is implemented
+by the Postfix <a href="master.8.html">master(8)</a> daemon.  </p>
+
+<p> To change this parameter without stopping Postfix, you need to
+first terminate all Postfix TCP servers: </p>
+
+<blockquote>
+<pre>
+# postconf -e <a href="postconf.5.html#master_service_disable">master_service_disable</a>=inet
+# postfix reload
+</pre>
+</blockquote>
+
+<p> This immediately terminates all processes that accept network
+connections.  Next, you enable Postfix TCP servers with the updated
+<a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> setting: </p>
+
+<blockquote>
+<pre>
+# postconf -e <a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a>=65535 <a href="postconf.5.html#master_service_disable">master_service_disable</a>=
+# postfix reload
+</pre>
+</blockquote>
+
+<p> If you skip these steps with a running Postfix system, then the
+<a href="postconf.5.html#tcp_windowsize">tcp_windowsize</a> change will work only for Postfix TCP clients (<a href="smtp.8.html">smtp(8)</a>,
+<a href="lmtp.8.html">lmtp(8)</a>).  </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_append_default_CA">tls_append_default_CA</a>
+(default: no)</b></DT><DD>
+
+<p> Append the system-supplied default Certification Authority
+certificates to the ones specified with *_tls_CApath or *_tls_CAfile.
+The default is "no"; this prevents Postfix from trusting third-party
+certificates and giving them relay permission with
+<a href="postconf.5.html#permit_tls_all_clientcerts">permit_tls_all_clientcerts</a>.  </p>
+
+<p> This feature is available in Postfix 2.4.15, 2.5.11, 2.6.8,
+2.7.2 and later versions. Specify "<a href="postconf.5.html#tls_append_default_CA">tls_append_default_CA</a> = yes" for
+backwards compatibility, to avoid breaking certificate verification
+with sites that don't use <a href="postconf.5.html#permit_tls_all_clientcerts">permit_tls_all_clientcerts</a>. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_daemon_random_bytes">tls_daemon_random_bytes</a>
+(default: 32)</b></DT><DD>
+
+<p> The number of pseudo-random bytes that an <a href="smtp.8.html">smtp(8)</a> or <a href="smtpd.8.html">smtpd(8)</a>
+process requests from the <a href="tlsmgr.8.html">tlsmgr(8)</a> server in order to seed its
+internal pseudo random number generator (PRNG).  The default of 32
+bytes (equivalent to 256 bits) is sufficient to generate a 128bit
+(or 168bit) session key. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_dane_digest_agility">tls_dane_digest_agility</a>
+(default: on)</b></DT><DD>
+
+<p> Configure <a href="http://tools.ietf.org/html/rfc7671">RFC7671</a> DANE TLSA digest algorithm agility.
+Do not change this setting from its default value. </p>
+
+<p> See Section 8 of <a href="http://tools.ietf.org/html/rfc7671">RFC7671</a> for correct key rotation procedures.  </p>
+
+<p> This feature is available in Postfix 2.11 through 3.1.  Postfix
+3.2 and later ignore this configuration parameter and behave as
+though it were set to "on".  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_dane_digests">tls_dane_digests</a>
+(default: sha512 sha256)</b></DT><DD>
+
+<p> DANE TLSA (<a href="http://tools.ietf.org/html/rfc6698">RFC 6698</a>, <a href="http://tools.ietf.org/html/rfc7671">RFC 7671</a>, <a href="http://tools.ietf.org/html/rfc7672">RFC 7672</a>) resource-record "matching
+type" digest algorithms in descending preference order.  All the
+specified algorithms must be supported by the underlying OpenSSL
+library, otherwise the Postfix SMTP client will not support DANE
+TLSA security.  </p>
+
+<p> Specify a list of digest names separated by commas and/or
+whitespace.  Each digest name may be followed by an optional
+"=&lt;number&gt;" suffix.  For example, "sha512" may instead be specified
+as "sha512=2" and "sha256" may instead be specified as "sha256=1".
+The optional number must match the <a
+href="https://www.iana.org/assignments/dane-parameters/dane-parameters.xhtml#matching-types"
+>IANA</a> assigned TLSA matching type number the algorithm in question.
+Postfix will check this constraint for the algorithms it knows about.
+Additional matching type algorithms registered with IANA can be added
+with explicit numbers provided they are supported by OpenSSL. </p>
+
+<p> Invalid list elements are logged with a warning and disable DANE
+support.  TLSA RRs that specify digests not included in the list are
+ignored with a warning. </p>
+
+<p> Note: It is unwise to omit sha256 from the digest list.  This
+digest algorithm is the only mandatory to implement digest algorithm
+in <a href="http://tools.ietf.org/html/rfc6698">RFC 6698</a>, and many servers are expected publish TLSA records
+with just sha256 digests.  Unless one of the standard digests is
+seriously compromised and servers have had ample time to update their
+TLSA records you should not omit any standard digests, just arrange
+them in order from strongest to weakest.  </p>
+
+<p> This feature is available in Postfix 2.11 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_dane_trust_anchor_digest_enable">tls_dane_trust_anchor_digest_enable</a>
+(default: yes)</b></DT><DD>
+
+<p> Enable support for <a href="http://tools.ietf.org/html/rfc6698">RFC 6698</a> (DANE TLSA) DNS records that contain
+digests of trust-anchors with certificate usage "2".  Do not change
+this setting from its default value.  </p>
+
+<p> This feature is available in Postfix 2.11 through 3.1.  It has
+been withdrawn in Postfix 3.2, as trust-anchor TLSA records are now
+widely used and have proved sufficiently reliable.  Postfix 3.2 and
+later ignore this configuration parameter and behaves as though it
+were set to "yes".  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_disable_workarounds">tls_disable_workarounds</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> List or bit-mask of OpenSSL bug work-arounds to disable. </p>
+
+<p> The OpenSSL toolkit includes a set of work-arounds for buggy SSL/TLS
+implementations. Applications, such as Postfix, that want to maximize
+interoperability ask the OpenSSL library to enable the full set of
+recommended work-arounds. </p>
+
+<p> From time to time, it is discovered that a work-around creates a
+security issue, and should no longer be used. If upgrading OpenSSL
+to a fixed version is not an option or an upgrade is not available
+in a timely manner, or in closed environments where no buggy clients
+or servers exist, it may be appropriate to disable some or all of the
+OpenSSL interoperability work-arounds. This parameter specifies which
+bug work-arounds to disable. </p>
+
+<p> If the value of the parameter is a hexadecimal long integer starting
+with "0x", the bug work-arounds corresponding to the bits specified in
+its value are removed from the <b>SSL_OP_ALL</b> work-around bit-mask
+(see openssl/ssl.h and SSL_CTX_set_options(3)). You can specify more
+bits than are present in SSL_OP_ALL, excess bits are ignored. Specifying
+0xFFFFFFFF disables all bug-workarounds on a 32-bit system. This should
+also be sufficient on 64-bit systems, until OpenSSL abandons support
+for 32-bit systems and starts using the high 32 bits of a 64-bit
+bug-workaround mask. </p>
+
+<p> Otherwise, the parameter is a white-space or comma separated list
+of specific named bug work-arounds chosen from the list below. It
+is possible that your OpenSSL version includes new bug work-arounds
+added after your Postfix source code was last updated, in that case
+you can only disable one of these via the hexadecimal syntax above. </p>
+
+<dl>
+
+<dt><b>MICROSOFT_SESS_ID_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
+
+<dt><b>NETSCAPE_CHALLENGE_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
+
+<dt><b>LEGACY_SERVER_CONNECT</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
+
+<dt><b>NETSCAPE_REUSE_CIPHER_CHANGE_BUG</b></dt> <dd> also aliased
+as <b>CVE-2010-4180</b>. Postfix 2.8 disables this work-around by
+default with OpenSSL versions that may predate the fix. Fixed in
+OpenSSL 0.9.8q and OpenSSL 1.0.0c.</dd>
+
+<dt><b>SSLREF2_REUSE_CERT_TYPE_BUG</b></dt> <dd>See
+SSL_CTX_set_options(3)</dd>
+
+<dt><b>MICROSOFT_BIG_SSLV3_BUFFER</b></dt> <dd>See
+SSL_CTX_set_options(3)</dd>
+
+<dt><b>MSIE_SSLV2_RSA_PADDING</b></dt> <dd> also aliased as
+<b>CVE-2005-2969</b>. Postfix 2.8 disables this work-around by
+default with OpenSSL versions that may predate the fix. Fixed in
+OpenSSL 0.9.7h and OpenSSL 0.9.8a.</dd>
+
+<dt><b>SSLEAY_080_CLIENT_DH_BUG</b></dt> <dd>See
+SSL_CTX_set_options(3)</dd>
+
+<dt><b>TLS_D5_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
+
+<dt><b>TLS_BLOCK_PADDING_BUG</b></dt> <dd>See SSL_CTX_set_options(3)</dd>
+
+<dt><b>TLS_ROLLBACK_BUG</b></dt> <dd>See SSL_CTX_set_options(3).
+This is disabled in OpenSSL 0.9.7 and later. Nobody should still
+be using 0.9.6! </dd>
+
+<dt><b>DONT_INSERT_EMPTY_FRAGMENTS</b></dt> <dd>See
+SSL_CTX_set_options(3)</dd>
+
+<dt><b>CRYPTOPRO_TLSEXT_BUG</b></dt> <dd>New with GOST support in
+OpenSSL 1.0.0.</dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_eecdh_auto_curves">tls_eecdh_auto_curves</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The prioritized list of elliptic curves supported by the Postfix
+SMTP client and server.  These curves are used by the Postfix SMTP
+server when "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = auto".  The selected curves
+must be implemented by OpenSSL and be standardized for use in TLS
+(<a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a> or its imminent successor).  It is unwise to list only
+"bleeding-edge" curves supported by a small subset of clients.  The
+default list is suitable for most users. </p>
+
+<p> Postfix skips curve names that are unknown to OpenSSL, or that
+are known but not yet implemented.  This makes it possible to
+"anticipate" support for curves that should be used once they become
+available.  In particular, in some OpenSSL versions, the new <a href="http://tools.ietf.org/html/rfc8031">RFC</a>
+<a href="http://tools.ietf.org/html/rfc8031">8031</a> curves "X25519" and "X448" may be known by name, but ECDH
+support for either or both may be missing.  These curves may appear
+in the default value of this parameter, even though they'll only
+be usable with later versions of OpenSSL.  </p>
+
+<p> This feature is available in Postfix 3.2 and later, when it is
+compiled and linked with OpenSSL 1.0.2 or later on platforms where
+EC algorithms have not been disabled by the vendor. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_eecdh_strong_curve">tls_eecdh_strong_curve</a>
+(default: prime256v1)</b></DT><DD>
+
+<p> The elliptic curve used by the Postfix SMTP server for sensibly
+strong
+ephemeral ECDH key exchange. This curve is used by the Postfix SMTP
+server when "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = strong". The phrase "sensibly
+strong" means approximately 128-bit security based on best known
+attacks. The selected curve must be implemented by OpenSSL (as
+reported by ecparam(1) with the "-list_curves" option) and be one
+of the curves listed in Section 5.1.1 of <a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a>. You should not
+generally change this setting.  Remote SMTP client implementations
+must support this curve for EECDH key exchange to take place.  It
+is unwise to choose an "bleeding-edge" curve supported by only a
+small subset of clients.  </p>
+
+<p> The default "strong" curve is rated in NSA <a
+href="http://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
+B</a> for information classified up to SECRET.  </p>
+
+<p> Note: elliptic curve names are poorly standardized; different
+standards groups are assigning different names to the same underlying
+curves.  The curve with the X9.62 name "prime256v1" is also known
+under the SECG name "secp256r1", but OpenSSL does not recognize the
+latter name. </p>
+
+<p> If you want to take maximal advantage of ciphers that offer <a
+href="FORWARD_SECRECY_README.html#dfn_fs">forward secrecy</a> see
+the <a href="FORWARD_SECRECY_README.html#quick-start">Getting
+started</a> section of <a
+href="FORWARD_SECRECY_README.html">FORWARD_SECRECY_README</a>.  The
+full document conveniently presents all information about Postfix
+"perfect" forward secrecy support in one place: what forward secrecy
+is, how to tweak settings, and what you can expect to see when
+Postfix uses ciphers with forward secrecy.  </p>
+
+<p> This feature is available in Postfix 2.6 and later, when it is
+compiled and linked with OpenSSL 1.0.0 or later on platforms where
+EC algorithms have not been disabled by the vendor. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_eecdh_ultra_curve">tls_eecdh_ultra_curve</a>
+(default: secp384r1)</b></DT><DD>
+
+<p> The elliptic curve used by the Postfix SMTP server for maximally
+strong
+ephemeral ECDH key exchange. This curve is used by the Postfix SMTP
+server when "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = ultra". The phrase "maximally
+strong" means approximately 192-bit security based on best known attacks.
+This additional strength comes at a significant computational cost, most
+users should instead set "<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = strong".  The selected
+curve must be implemented by OpenSSL (as reported by ecparam(1) with the
+"-list_curves" option) and be one of the curves listed in Section 5.1.1
+of <a href="http://tools.ietf.org/html/rfc4492">RFC 4492</a>. You should not generally change this setting. </p>
+
+<p> This default "ultra" curve is rated in NSA <a
+href="http://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
+B</a> for information classified up to TOP SECRET. </p>
+
+<p> If you want to take maximal advantage of ciphers that offer <a
+href="FORWARD_SECRECY_README.html#dfn_fs">forward secrecy</a> see
+the <a href="FORWARD_SECRECY_README.html#quick-start">Getting
+started</a> section of <a
+href="FORWARD_SECRECY_README.html">FORWARD_SECRECY_README</a>.  The
+full document conveniently presents all information about Postfix
+"perfect" forward secrecy support in one place: what forward secrecy
+is, how to tweak settings, and what you can expect to see when
+Postfix uses ciphers with forward secrecy.  </p>
+
+<p> This feature is available in Postfix 2.6 and later, when it is
+compiled and linked with OpenSSL 1.0.0 or later on platforms where
+EC algorithms have not been disabled by the vendor. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_export_cipherlist">tls_export_cipherlist</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The OpenSSL cipherlist for "export" or higher grade ciphers. This
+defines the meaning of the "export" setting in <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>,
+<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>, <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>,
+<a href="postconf.5.html#lmtp_tls_ciphers">lmtp_tls_ciphers</a>, and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>.  With Postfix
+releases before the middle of 2015 this is the default cipherlist
+for the opportunistic ("may") TLS client security level and also
+the default cipherlist for the SMTP server. You are strongly
+encouraged to not change this setting.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_high_cipherlist">tls_high_cipherlist</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The OpenSSL cipherlist for "high" grade ciphers. This defines
+the meaning of the "high" setting in <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>,
+<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>, <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>,
+<a href="postconf.5.html#lmtp_tls_ciphers">lmtp_tls_ciphers</a>, and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are strongly
+encouraged to not change this setting.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_legacy_public_key_fingerprints">tls_legacy_public_key_fingerprints</a>
+(default: no)</b></DT><DD>
+
+<p> A temporary migration aid for sites that use certificate
+<i>public-key</i> fingerprints with Postfix 2.9.0..2.9.5, which use
+an incorrect algorithm. This parameter has no effect on the certificate
+fingerprint support that is available since Postfix 2.2. </p>
+
+<p> Specify "<a href="postconf.5.html#tls_legacy_public_key_fingerprint">tls_legacy_public_key_fingerprints</a> = yes" temporarily,
+pending a migration from configuration files with incorrect Postfix
+2.9.0..2.9.5 certificate public-key finger prints, to the correct
+fingerprints used by Postfix 2.9.6 and later.  To compute the correct
+certificate public-key fingerprints, see <a href="TLS_README.html">TLS_README</a>. </p>
+
+<p> This feature is available in Postfix 2.9.6 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_low_cipherlist">tls_low_cipherlist</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The OpenSSL cipherlist for "low" or higher grade ciphers. This defines
+the meaning of the "low" setting in <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>,
+<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>, <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>,
+<a href="postconf.5.html#lmtp_tls_ciphers">lmtp_tls_ciphers</a>, and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>. You are strongly
+encouraged to not change this setting.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_medium_cipherlist">tls_medium_cipherlist</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The OpenSSL cipherlist for "medium" or higher grade ciphers. This
+defines the meaning of the "medium" setting in <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>,
+<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>, <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a>,
+<a href="postconf.5.html#lmtp_tls_ciphers">lmtp_tls_ciphers</a>, and <a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>.  This is the
+default cipherlist for mandatory TLS encryption in the TLS client
+(with anonymous ciphers disabled when verifying server certificates).
+This is the default cipherlist for opportunistic TLS with Postfix
+releases after the middle of 2015.  You are strongly encouraged to
+not change this setting.  </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_null_cipherlist">tls_null_cipherlist</a>
+(default: eNULL:!aNULL)</b></DT><DD>
+
+<p> The OpenSSL cipherlist for "NULL" grade ciphers that provide
+authentication without encryption. This defines the meaning of the "null"
+setting in smtpd_mandatory_tls_ciphers, <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
+<a href="postconf.5.html#lmtp_tls_mandatory_ciphers">lmtp_tls_mandatory_ciphers</a>.  You are strongly encouraged to not
+change this setting. </p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_preempt_cipherlist">tls_preempt_cipherlist</a>
+(default: no)</b></DT><DD>
+
+<p> With SSLv3 and later, use the Postfix SMTP server's cipher
+preference order instead of the remote client's cipher preference
+order. </p>
+
+<p> By default, the OpenSSL server selects the client's most preferred
+cipher that the server supports. With SSLv3 and later, the server may
+choose its own most preferred cipher that is supported (offered) by
+the client. Setting "<a href="postconf.5.html#tls_preempt_cipherlist">tls_preempt_cipherlist</a> = yes" enables server cipher
+preferences. </p>
+
+<p> While server cipher selection may in some cases lead to a more secure
+or performant cipher choice, there is some risk of interoperability
+issues. In the past, some SSL clients have listed lower priority ciphers
+that they did not implement correctly. If the server chooses a cipher
+that the client prefers less, it may select a cipher whose client
+implementation is flawed. Most notably Windows 2003 Microsoft
+Exchange servers have flawed implementations of DES-CBC3-SHA, which
+OpenSSL considers stronger than RC4-SHA.  Enabling server cipher-suite
+selection may create interoperability issues with Windows 2003
+Microsoft Exchange clients.  </p>
+
+<p> This feature is available in Postfix 2.8 and later, in combination
+with OpenSSL 0.9.7 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_random_bytes">tls_random_bytes</a>
+(default: 32)</b></DT><DD>
+
+<p> The number of bytes that <a href="tlsmgr.8.html">tlsmgr(8)</a> reads from $<a href="postconf.5.html#tls_random_source">tls_random_source</a>
+when (re)seeding the in-memory pseudo random number generator (PRNG)
+pool. The default of 32 bytes (256 bits) is good enough for 128bit
+symmetric keys.  If using EGD or a device file, a maximum of 255
+bytes is read. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_random_exchange_name">tls_random_exchange_name</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> Name of the pseudo random number generator (PRNG) state file
+that is maintained by <a href="tlsmgr.8.html">tlsmgr(8)</a>. The file is created when it does
+not exist, and its length is fixed at 1024 bytes.  </p>
+
+<p> As of version 2.5, Postfix no longer uses root privileges when
+opening this file, and the default file location was changed from
+${<a href="postconf.5.html#config_directory">config_directory</a>}/prng_exch to ${<a href="postconf.5.html#data_directory">data_directory</a>}/prng_exch.  As
+a migration aid, an attempt to open the file under a non-Postfix
+directory is redirected to the Postfix-owned <a href="postconf.5.html#data_directory">data_directory</a>, and a
+warning is logged. </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_random_prng_update_period">tls_random_prng_update_period</a>
+(default: 3600s)</b></DT><DD>
+
+<p> The time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to save the state of
+the pseudo random number generator (PRNG) to the file specified
+with $<a href="postconf.5.html#tls_random_exchange_name">tls_random_exchange_name</a>.  </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_random_reseed_period">tls_random_reseed_period</a>
+(default: 3600s)</b></DT><DD>
+
+<p> The maximal time between attempts by <a href="tlsmgr.8.html">tlsmgr(8)</a> to re-seed the
+in-memory pseudo random number generator (PRNG) pool from external
+sources.  The actual time between re-seeding attempts is calculated
+using the PRNG, and is between 0 and the time specified.  </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_random_source">tls_random_source</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p> The external entropy source for the in-memory <a href="tlsmgr.8.html">tlsmgr(8)</a> pseudo
+random number generator (PRNG) pool. Be sure to specify a non-blocking
+source.  If this source is not a regular file, the entropy source
+type must be prepended:  egd:/path/to/egd_socket for a source with
+EGD compatible socket interface, or dev:/path/to/device for a
+device file.  </p>
+
+<p> Note: on OpenBSD systems specify /dev/arandom when /dev/urandom
+gives timeout errors.  </p>
+
+<p> This feature is available in Postfix 2.2 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_session_ticket_cipher">tls_session_ticket_cipher</a>
+(default: Postfix &ge; 3.0: aes-256-cbc, Postfix &lt; 3.0: aes-128-cbc)</b></DT><DD>
+
+<p> Algorithm used to encrypt <a href="http://tools.ietf.org/html/rfc5077">RFC5077</a> TLS session tickets.  This
+algorithm must use CBC mode, have a 128-bit block size, and must
+have a key length between 128 and 256 bits.  The default is
+aes-256-cbc.  Overriding the default to choose a different algorithm
+is discouraged.  </p>
+
+<p> Setting this parameter empty disables session ticket support
+in the Postfix SMTP server.  Another way to disable session ticket
+support is via the <a href="postconf.5.html#tls_ssl_options">tls_ssl_options</a> parameter.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tls_ssl_options">tls_ssl_options</a>
+(default: empty)</b></DT><DD>
+
+<p> List or bit-mask of OpenSSL options to enable. </p>
+
+<p> The OpenSSL toolkit provides a set of options that applications
+can enable to tune the OpenSSL behavior.  Some of these work around
+bugs in other implementations and are on by default.  You can use
+the <a href="postconf.5.html#tls_disable_workarounds">tls_disable_workarounds</a> parameter to selectively disable some
+or all of the bug work-arounds, making OpenSSL more strict at the
+cost of non-interoperability with SSL clients or servers that exhibit
+the bugs.  </p>
+
+<p> Other options are off by default, and typically enable or disable
+features rather than bug work-arounds.  These may be turned on (with
+care) via the <a href="postconf.5.html#tls_ssl_options">tls_ssl_options</a> parameter.  The value is a white-space
+or comma separated list of named options chosen from the list below.
+The names are not case-sensitive, you can use lower-case if you
+prefer.  The upper case values below match the corresponding macro
+name in the ssl.h header file with the SSL_OP_ prefix removed.  It
+is possible that your OpenSSL version includes new options added
+after your Postfix source code was last updated, in that case you
+can only enable one of these via the hexadecimal syntax below.  </p>
+
+<p> You should only enable features via the hexadecimal mask when
+the need to control the feature is critical (to deal with a new
+vulnerability or a serious interoperability problem).  Postfix DOES
+NOT promise backwards compatible behavior with respect to the mask
+bits.  A feature enabled via the mask in one release may be enabled
+by other means in a later release, and the mask bit will then be
+ignored.  Therefore, use of the hexadecimal mask is only a temporary
+measure until a new Postfix or OpenSSL release provides a better
+solution.  </p>
+
+<p> If the value of the parameter is a hexadecimal long integer
+starting with "0x", the options corresponding to the bits specified
+in its value are enabled (see openssl/ssl.h and SSL_CTX_set_options(3)).
+You can only enable options not already controlled by other Postfix
+settings.  For example, you cannot disable protocols or enable
+server cipher preference.  Do not attempt to turn all features by
+specifying 0xFFFFFFFF, this is unlikely to be a good idea.  </p>
+
+<dl>
+
+<dt><b>LEGACY_SERVER_CONNECT</b></dt> <dd>See SSL_CTX_set_options(3).</dd>
+
+<dt><b>NO_TICKET</b></dt> <dd>See SSL_CTX_set_options(3).</dd>
+
+<dt><b>NO_COMPRESSION</b></dt> <dd>Disable SSL compression even if
+supported by the OpenSSL library.  Compression is CPU-intensive,
+and compression before encryption does not always improve security.  </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tls_wildcard_matches_multiple_labels">tls_wildcard_matches_multiple_labels</a>
+(default: yes)</b></DT><DD>
+
+<p> Match multiple DNS labels with "*" in wildcard certificates.
+</p>
+
+<p> Some mail service providers prepend the customer domain name
+to a base domain for which they have a wildcard TLS certificate.
+For example, the MX records for example.com hosted by example.net
+may be: </p>
+
+<blockquote>
+<pre>
+example.com. IN MX 0 example.com.mx1.example.net.
+example.com. IN MX 0 example.com.mx2.example.net.
+</pre>
+</blockquote>
+
+<p> and the TLS certificate may be for "*.example.net". The "*"
+then corresponds with multiple labels in the mail server domain
+name.  While multi-label wildcards are not widely supported, and
+are not blessed by any standard, there is little to be gained by
+disallowing their use in this context.  </p>
+
+<p> Notes: <p>
+
+<ul>
+
+<li> <p> In a certificate name, the "*" is special only when it is
+used as the first label. </p>
+
+<li> <p> While Postfix (2.11 or later) can match "*" with multiple
+domain name labels, other implementations likely will not.  </p>
+
+<li> <p> Earlier Postfix implementations behave as if
+"<a href="postconf.5.html#tls_wildcard_matches_multiple_labels">tls_wildcard_matches_multiple_labels</a> = no". </p>
+
+</ul>
+
+<p> This feature is available in Postfix 2.11 and later.  </p>
+
+
+</DD>
+
+<DT><b><a name="tlsmgr_service_name">tlsmgr_service_name</a>
+(default: tlsmgr)</b></DT><DD>
+
+<p> The name of the <a href="tlsmgr.8.html">tlsmgr(8)</a> service entry in <a href="master.5.html">master.cf</a>. This
+service maintains TLS session caches and other information in support
+of TLS. </p>
+
+<p> This feature is available in Postfix 2.11 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_enforce_tls">tlsproxy_enforce_tls</a>
+(default: $<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>)</b></DT><DD>
+
+<p> Mandatory TLS: announce STARTTLS support to remote SMTP clients, and
+require that clients use TLS encryption. See <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> for
+further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_service_name">tlsproxy_service_name</a>
+(default: tlsproxy)</b></DT><DD>
+
+<p> The name of the <a href="tlsproxy.8.html">tlsproxy(8)</a> service entry in <a href="master.5.html">master.cf</a>. This
+service performs plaintext &lt;=&gt; TLS ciphertext conversion. <p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_CAfile">tlsproxy_tls_CAfile</a>
+(default: $<a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a>)</b></DT><DD>
+
+<p> A file containing (PEM format) CA certificates of root CAs
+trusted to sign either remote SMTP client certificates or intermediate
+CA certificates.  See <a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_CApath">tlsproxy_tls_CApath</a>
+(default: $<a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a>)</b></DT><DD>
+
+<p> A directory containing (PEM format) CA certificates of root CAs
+trusted to sign either remote SMTP client certificates or intermediate
+CA certificates. See <a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_always_issue_session_ids">tlsproxy_tls_always_issue_session_ids</a>
+(default: $<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a>)</b></DT><DD>
+
+<p> Force the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server to issue a TLS session id,
+even when TLS session caching is turned off. See
+<a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_ask_ccert">tlsproxy_tls_ask_ccert</a>
+(default: $<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a>)</b></DT><DD>
+
+<p> Ask a remote SMTP client for a client certificate. See
+<a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_ccert_verifydepth">tlsproxy_tls_ccert_verifydepth</a>
+(default: $<a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a>)</b></DT><DD>
+
+<p> The verification depth for remote SMTP client certificates. A
+depth of 1 is sufficient if the issuing CA is listed in a local CA
+file. See <a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_cert_file">tlsproxy_tls_cert_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server RSA certificate in PEM
+format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+private RSA key.  See <a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> for further details.  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_ciphers">tlsproxy_tls_ciphers</a>
+(default: $<a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+will use with opportunistic TLS encryption. See <a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a>
+for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_dcert_file">tlsproxy_tls_dcert_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server DSA certificate in PEM
+format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+private DSA key.  See <a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> for further details.
+</p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_dh1024_param_file">tlsproxy_tls_dh1024_param_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>)</b></DT><DD>
+
+<p> File with DH parameters that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+should use with non-export EDH ciphers. See <a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a>
+for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_dh512_param_file">tlsproxy_tls_dh512_param_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>)</b></DT><DD>
+
+<p> File with DH parameters that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+should use with export-grade EDH ciphers. See <a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a>
+for further details.  The default SMTP server cipher grade is
+"medium" with Postfix releases after the middle of 2015, and as a
+result export-grade cipher suites are by default not used.  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_dkey_file">tlsproxy_tls_dkey_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server DSA private key in PEM
+format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
+server DSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>.
+See <a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_eccert_file">tlsproxy_tls_eccert_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server ECDSA certificate in
+PEM format.  This file may also contain the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
+server private ECDSA key.  See <a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> for further
+details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_eckey_file">tlsproxy_tls_eckey_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server ECDSA private key in
+PEM format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
+server ECDSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>.
+See <a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_eecdh_grade">tlsproxy_tls_eecdh_grade</a>
+(default: $<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a>)</b></DT><DD>
+
+<p> The Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server security grade for ephemeral
+elliptic-curve Diffie-Hellman (EECDH) key exchange. See
+<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_exclude_ciphers">tlsproxy_tls_exclude_ciphers</a>
+(default: $<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a>)</b></DT><DD>
+
+<p> List of ciphers or cipher types to exclude from the <a href="tlsproxy.8.html">tlsproxy(8)</a>
+server cipher list at all TLS security levels. See
+<a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_fingerprint_digest">tlsproxy_tls_fingerprint_digest</a>
+(default: $<a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a>)</b></DT><DD>
+
+<p> The message digest algorithm to construct remote SMTP
+client-certificate
+fingerprints. See <a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> for further details.
+</p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_key_file">tlsproxy_tls_key_file</a>
+(default: $<a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a>)</b></DT><DD>
+
+<p> File with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server RSA private key in PEM
+format.  This file may be combined with the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a>
+server RSA certificate file specified with $<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>.
+See <a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_loglevel">tlsproxy_tls_loglevel</a>
+(default: $<a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a>)</b></DT><DD>
+
+<p> Enable additional Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server logging of TLS
+activity.  Each logging level also includes the information that
+is logged at a lower logging level. See <a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> for
+further details.  </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_mandatory_ciphers">tlsproxy_tls_mandatory_ciphers</a>
+(default: $<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>)</b></DT><DD>
+
+<p> The minimum TLS cipher grade that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+will use with mandatory TLS encryption. See <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>
+for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_mandatory_exclude_ciphers">tlsproxy_tls_mandatory_exclude_ciphers</a>
+(default: $<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a>)</b></DT><DD>
+
+<p> Additional list of ciphers or cipher types to exclude from the
+<a href="tlsproxy.8.html">tlsproxy(8)</a> server cipher list at mandatory TLS security levels.
+See <a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_mandatory_protocols">tlsproxy_tls_mandatory_protocols</a>
+(default: $<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a>)</b></DT><DD>
+
+<p> The SSL/TLS protocols accepted by the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server
+with mandatory TLS encryption. If the list is empty, the server
+supports all available SSL/TLS protocol versions.  See
+<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_protocols">tlsproxy_tls_protocols</a>
+(default: $<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a>)</b></DT><DD>
+
+<p> List of TLS protocols that the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server will
+exclude or include with opportunistic TLS encryption. See
+<a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_req_ccert">tlsproxy_tls_req_ccert</a>
+(default: $<a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a>)</b></DT><DD>
+
+<p> With mandatory TLS encryption, require a trusted remote SMTP
+client certificate in order to allow TLS connections to proceed.
+See <a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_security_level">tlsproxy_tls_security_level</a>
+(default: $<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a>)</b></DT><DD>
+
+<p> The SMTP TLS security level for the Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server;
+when a non-empty value is specified, this overrides the obsolete
+parameters <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>. See
+<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_tls_session_cache_timeout">tlsproxy_tls_session_cache_timeout</a>
+(default: $<a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>)</b></DT><DD>
+
+<p> Obsolete expiration time of Postfix <a href="tlsproxy.8.html">tlsproxy(8)</a> server TLS session
+cache information. Since the cache is shared with <a href="smtpd.8.html">smtpd(8)</a> and managed
+by <a href="tlsmgr.8.html">tlsmgr(8)</a>, there is only one expiration time for the SMTP server cache
+shared by all three services, namely <a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a>. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_use_tls">tlsproxy_use_tls</a>
+(default: $<a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>)</b></DT><DD>
+
+<p> Opportunistic TLS: announce STARTTLS support to remote SMTP clients,
+but do not require that clients use TLS encryption. See <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a>
+for further details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="tlsproxy_watchdog_timeout">tlsproxy_watchdog_timeout</a>
+(default: 10s)</b></DT><DD>
+
+<p> How much time a <a href="tlsproxy.8.html">tlsproxy(8)</a> process may take to process local
+or remote I/O before it is terminated by a built-in watchdog timer.
+This is a safety mechanism that prevents <a href="tlsproxy.8.html">tlsproxy(8)</a> from becoming
+non-responsive due to a bug in Postfix itself or in system software.
+To avoid false alarms and unnecessary cache corruption this limit
+cannot be set under 10s.  </p>
+
+<p> Specify a non-zero time value (an integral value plus an optional
+one-letter suffix that specifies the time unit).  Time units: s
+(seconds), m (minutes), h (hours), d (days), w (weeks).  </p>
+
+<p> This feature is available in Postfix 2.8.  </p>
+
+
+</DD>
+
+<DT><b><a name="trace_service_name">trace_service_name</a>
+(default: trace)</b></DT><DD>
+
+<p>
+The name of the trace service. This service is implemented by the
+<a href="bounce.8.html">bounce(8)</a> daemon and maintains a record
+of mail deliveries and produces a mail delivery report when verbose
+delivery is requested with "<b>sendmail -v</b>".
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="transport_delivery_slot_cost">transport_delivery_slot_cost</a>
+(default: $<a href="postconf.5.html#default_delivery_slot_cost">default_delivery_slot_cost</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_delivery_slot_cost">default_delivery_slot_cost</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_delivery_slot_cost"><i>transport</i>_delivery_slot_cost</a> parameters will not
+show up in "postconf" command output before Postfix version 2.9.
+This limitation applies to many parameters whose name is a combination
+of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
+"_delivery_slot_cost"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_delivery_slot_discount">transport_delivery_slot_discount</a>
+(default: $<a href="postconf.5.html#default_delivery_slot_discount">default_delivery_slot_discount</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_delivery_slot_discount">default_delivery_slot_discount</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_delivery_slot_discount"><i>transport</i>_delivery_slot_discount</a> parameters will
+not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_delivery_slot_discount"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_delivery_slot_loan">transport_delivery_slot_loan</a>
+(default: $<a href="postconf.5.html#default_delivery_slot_loan">default_delivery_slot_loan</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_delivery_slot_loan">default_delivery_slot_loan</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_delivery_slot_loan"><i>transport</i>_delivery_slot_loan</a> parameters will not
+show up in "postconf" command output before Postfix version 2.9.
+This limitation applies to many parameters whose name is a combination
+of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
+"_delivery_slot_loan"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_concurrency_failed_cohort_limit">transport_destination_concurrency_failed_cohort_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_failed_cohort_limit">default_destination_concurrency_failed_cohort_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the
+<a href="postconf.5.html#default_destination_concurrency_failed_cohort_limit">default_destination_concurrency_failed_cohort_limit</a> parameter value,
+where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message delivery
+transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a>
+parameters will not show up in "postconf" command output before
+Postfix version 2.9.  This limitation applies to many parameters
+whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
+built-in suffix (in this case:
+"_destination_concurrency_failed_cohort_limit"). </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_concurrency_limit">transport_destination_concurrency_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the
+<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a> parameter value, where
+<i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message delivery
+transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_concurrency_limit"><i>transport</i>_destination_concurrency_limit</a>
+parameters will not show up in "postconf" command output before
+Postfix version 2.9.  This limitation applies to many parameters
+whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
+built-in suffix (in this case: "_destination_concurrency_limit").
+</p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_concurrency_negative_feedback">transport_destination_concurrency_negative_feedback</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_negative_feedback">default_destination_concurrency_negative_feedback</a>)</b></DT><DD>
+
+<p> A transport-specific override for the
+<a href="postconf.5.html#default_destination_concurrency_negative_feedback">default_destination_concurrency_negative_feedback</a> parameter value,
+where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message delivery
+transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_concurrency_negative_feedback"><i>transport</i>_destination_concurrency_negative_feedback</a>
+parameters will not show up in "postconf" command output before
+Postfix version 2.9.  This limitation applies to many parameters
+whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
+built-in suffix (in this case:
+"_destination_concurrency_negative_feedback"). </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_concurrency_positive_feedback">transport_destination_concurrency_positive_feedback</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_positive_feedback">default_destination_concurrency_positive_feedback</a>)</b></DT><DD>
+
+<p> A transport-specific override for the
+<a href="postconf.5.html#default_destination_concurrency_positive_feedback">default_destination_concurrency_positive_feedback</a> parameter value,
+where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message delivery
+transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_concurrency_positive_feedback"><i>transport</i>_destination_concurrency_positive_feedback</a>
+parameters will not show up in "postconf" command output before
+Postfix version 2.9.  This limitation applies to many parameters
+whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
+built-in suffix (in this case:
+"_destination_concurrency_positive_feedback"). </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_rate_delay">transport_destination_rate_delay</a>
+(default: $<a href="postconf.5.html#default_destination_rate_delay">default_destination_rate_delay</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_destination_rate_delay">default_destination_rate_delay</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_rate_delay"><i>transport</i>_destination_rate_delay</a> parameters
+will not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_destination_rate_delay"). </p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_destination_recipient_limit">transport_destination_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the
+<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a> parameter value, where
+<i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message delivery
+transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_destination_recipient_limit"><i>transport</i>_destination_recipient_limit</a> parameters
+will not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_destination_recipient_limit"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_extra_recipient_limit">transport_extra_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_extra_recipient_limit">default_extra_recipient_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_extra_recipient_limit">default_extra_recipient_limit</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_extra_recipient_limit"><i>transport</i>_extra_recipient_limit</a> parameters will
+not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_extra_recipient_limit").  </p>
+
+
+</DD>
+
+<DT><b><a name="transport_initial_destination_concurrency">transport_initial_destination_concurrency</a>
+(default: $<a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_initial_destination_concurrency"><i>transport</i>_initial_destination_concurrency</a>
+parameters will not show up in "postconf" command output before
+Postfix version 2.9.  This limitation applies to many parameters
+whose name is a combination of a <a href="master.5.html">master.cf</a> service name and a
+built-in suffix (in this case: "_initial_destination_concurrency").
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_maps">transport_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables with mappings from recipient address to
+(message delivery transport, next-hop destination).  See <a href="transport.5.html">transport(5)</a>
+for details.
+</p>
+
+<p>
+Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.  If you use this
+feature with local files, run "<b>postmap /etc/postfix/transport</b>"
+after making a change.  </p>
+
+<p> Pattern matching of domain names is controlled by the presence
+or absence of "<a href="postconf.5.html#transport_maps">transport_maps</a>" in the <a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>
+parameter value.  </p>
+
+<p> For safety reasons, as of Postfix 2.3 this feature does not
+allow $number substitutions in regular expression maps. </p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/postfix/transport
+<a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
+</pre>
+
+
+</DD>
+
+<DT><b><a name="transport_minimum_delivery_slots">transport_minimum_delivery_slots</a>
+(default: $<a href="postconf.5.html#default_minimum_delivery_slots">default_minimum_delivery_slots</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_minimum_delivery_slots">default_minimum_delivery_slots</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_minimum_delivery_slots"><i>transport</i>_minimum_delivery_slots</a> parameters will
+not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_minimum_delivery_slots"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_recipient_limit">transport_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_recipient_limit">default_recipient_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_recipient_limit">default_recipient_limit</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: some <a href="postconf.5.html#transport_recipient_limit"><i>transport</i>_recipient_limit</a> parameters will not
+show up in "postconf" command output before Postfix version 2.9.
+This limitation applies to many parameters whose name is a combination
+of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
+"_recipient_limit"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_recipient_refill_delay">transport_recipient_refill_delay</a>
+(default: $<a href="postconf.5.html#default_recipient_refill_delay">default_recipient_refill_delay</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_recipient_refill_delay">default_recipient_refill_delay</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_recipient_refill_delay"><i>transport</i>_recipient_refill_delay</a> parameters will
+not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_recipient_refill_delay").  </p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_recipient_refill_limit">transport_recipient_refill_limit</a>
+(default: $<a href="postconf.5.html#default_recipient_refill_limit">default_recipient_refill_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_recipient_refill_limit">default_recipient_refill_limit</a>
+parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of
+the message delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_recipient_refill_limit"><i>transport</i>_recipient_refill_limit</a> parameters will
+not show up in "postconf" command output before Postfix version
+2.9.  This limitation applies to many parameters whose name is a
+combination of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in
+this case: "_recipient_refill_limit").  </p>
+
+<p> This feature is available in Postfix 2.4 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="transport_retry_time">transport_retry_time</a>
+(default: 60s)</b></DT><DD>
+
+<p>
+The time between attempts by the Postfix queue manager to contact
+a malfunctioning message delivery transport.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="transport_time_limit">transport_time_limit</a>
+(default: $<a href="postconf.5.html#command_time_limit">command_time_limit</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#command_time_limit">command_time_limit</a> parameter
+value, where <i>transport</i> is the <a href="master.5.html">master.cf</a> name of the message
+delivery transport. </p>
+
+<p> Note: <a href="postconf.5.html#transport_time_limit"><i>transport</i>_time_limit</a> parameters will not show up
+in "postconf" command output before Postfix version 2.9.  This
+limitation applies to many parameters whose name is a combination
+of a <a href="master.5.html">master.cf</a> service name and a built-in suffix (in this case:
+"_time_limit"). </p>
+
+
+</DD>
+
+<DT><b><a name="transport_transport_rate_delay">transport_transport_rate_delay</a>
+(default: $<a href="postconf.5.html#default_transport_rate_delay">default_transport_rate_delay</a>)</b></DT><DD>
+
+<p> A transport-specific override for the <a href="postconf.5.html#default_transport_rate_delay">default_transport_rate_delay</a>
+parameter value, where the initial <i>transport</i> in the parameter
+name is the <a href="master.5.html">master.cf</a> name of the message delivery transport. </p>
+
+
+</DD>
+
+<DT><b><a name="trigger_timeout">trigger_timeout</a>
+(default: 10s)</b></DT><DD>
+
+<p>
+The time limit for sending a trigger to a Postfix daemon (for
+example, the <a href="pickup.8.html">pickup(8)</a> or <a href="qmgr.8.html">qmgr(8)</a> daemon). This time limit prevents
+programs from getting stuck when the mail system is under heavy
+load.
+</p>
+
+<p>
+Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
+The default time unit is s (seconds).
+</p>
+
+
+</DD>
+
+<DT><b><a name="undisclosed_recipients_header">undisclosed_recipients_header</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+Message header that the Postfix <a href="cleanup.8.html">cleanup(8)</a> server inserts when a
+message contains no To: or Cc: message header. With Postfix 2.8
+and later, the default value is empty. With Postfix 2.4-2.7,
+specify an empty value to disable this feature.  </p>
+
+<p> Example: </p>
+
+<pre>
+# Default value before Postfix 2.8.
+# Note: the ":" and ";" are both required.
+<a href="postconf.5.html#undisclosed_recipients_header">undisclosed_recipients_header</a> = To: undisclosed-recipients:;
+</pre>
+
+
+</DD>
+
+<DT><b><a name="unknown_address_reject_code">unknown_address_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical response code when the Postfix SMTP server rejects a
+sender or recipient address because its domain is unknown.  This
+is one of the possible replies from the restrictions
+<a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> and <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a>.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_address_tempfail_action">unknown_address_tempfail_action</a>
+(default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
+
+<p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
+or <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> fail due to a temporary error
+condition. Specify "defer" to defer the remote SMTP client request
+immediately. With the default "<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix
+SMTP server continues to look for opportunities to reject mail, and
+defers the client request only if it would otherwise be accepted.
+</p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="unknown_client_reject_code">unknown_client_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a client
+without valid address &lt;=&gt; name mapping is rejected by the
+<a href="postconf.5.html#reject_unknown_client_hostname">reject_unknown_client_hostname</a> restriction. The SMTP server always replies
+with 450 when the mapping failed due to a temporary error condition.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a>
+(default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
+
+<p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a>
+fails due to an temporary error condition. Specify "defer" to defer
+the remote SMTP client request immediately. With the default
+"<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
+for opportunities to reject mail, and defers the client request
+only if it would otherwise be accepted. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="unknown_hostname_reject_code">unknown_hostname_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when the hostname
+specified with the HELO or EHLO command is rejected by the
+<a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> restriction.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a>
+(default: 550)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a recipient
+address is local, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of
+lookup tables that does not match the recipient.  A recipient
+address is local when its domain matches $<a href="postconf.5.html#mydestination">mydestination</a>,
+$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> or $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>.
+</p>
+
+<p>
+The default setting is 550 (reject mail) but it is safer to initially
+use 450 (try again later) so you have time to find out if your
+<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> settings are OK.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> = 450
+</pre>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a>
+(default: 550)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server reply code when a recipient
+address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies
+a list of lookup tables that does not match the recipient address.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a>
+(default: 550)</b></DT><DD>
+
+<p>
+The Postfix SMTP server reply code when a recipient address matches
+$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> specifies a list
+of lookup tables that does not match the recipient address.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a>
+(default: 550)</b></DT><DD>
+
+<p>
+The Postfix SMTP server reply code when a recipient address matches
+$<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> specifies a list
+of lookup tables that does not match the recipient address.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unverified_recipient_defer_code">unverified_recipient_defer_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response when a recipient address
+probe fails due to a temporary error condition.
+</p>
+
+<p>
+Unlike elsewhere in Postfix, you can specify 250 in order to
+accept the address anyway.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.6 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unverified_recipient_reject_code">unverified_recipient_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response when a recipient address
+is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restriction.
+</p>
+
+<p>
+Unlike elsewhere in Postfix, you can specify 250 in order to
+accept the address anyway.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unverified_recipient_reject_reason">unverified_recipient_reject_reason</a>
+(default: empty)</b></DT><DD>
+
+<p> The Postfix SMTP server's reply when rejecting mail with
+<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>. Do not include the numeric SMTP reply
+code or the enhanced status code. By default, the response includes
+actual address verification details.
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#unverified_recipient_reject_reason">unverified_recipient_reject_reason</a> = Recipient address lookup failed
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a>
+(default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
+
+<p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>
+fails due to a temporary error condition. Specify "defer" to defer
+the remote SMTP client request immediately. With the default
+"<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
+for opportunities to reject mail, and defers the client request
+only if it would otherwise be accepted. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="unverified_sender_defer_code">unverified_sender_defer_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a sender address
+probe fails due to a temporary error condition.
+</p>
+
+<p>
+Unlike elsewhere in Postfix, you can specify 250 in order to
+accept the address anyway.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.6 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unverified_sender_reject_code">unverified_sender_reject_code</a>
+(default: 450)</b></DT><DD>
+
+<p>
+The numerical Postfix SMTP server response code when a recipient
+address is rejected by the <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
+</p>
+
+<p>
+Unlike elsewhere in Postfix, you can specify 250 in order to
+accept the address anyway.
+</p>
+
+<p>
+Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="unverified_sender_reject_reason">unverified_sender_reject_reason</a>
+(default: empty)</b></DT><DD>
+
+<p> The Postfix SMTP server's reply when rejecting mail with
+<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>. Do not include the numeric SMTP reply
+code or the enhanced status code. By default, the response includes
+actual address verification details.
+
+<p> Example: </p>
+
+<pre>
+<a href="postconf.5.html#unverified_sender_reject_reason">unverified_sender_reject_reason</a> = Sender address lookup failed
+</pre>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="unverified_sender_tempfail_action">unverified_sender_tempfail_action</a>
+(default: $<a href="postconf.5.html#reject_tempfail_action">reject_tempfail_action</a>)</b></DT><DD>
+
+<p> The Postfix SMTP server's action when <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>
+fails due to a temporary error condition. Specify "defer" to defer
+the remote SMTP client request immediately. With the default
+"<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>" action, the Postfix SMTP server continues to look
+for opportunities to reject mail, and defers the client request
+only if it would otherwise be accepted. </p>
+
+<p> This feature is available in Postfix 2.6 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="verp_delimiter_filter">verp_delimiter_filter</a>
+(default: -=+)</b></DT><DD>
+
+<p>
+The characters Postfix accepts as VERP delimiter characters on the
+Postfix <a href="sendmail.1.html">sendmail(1)</a> command line and in SMTP commands.
+</p>
+
+<p>
+This feature is available in Postfix 1.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_alias_address_length_limit">virtual_alias_address_length_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p>
+The maximal length of an email address after virtual alias expansion.
+This stops virtual aliasing loops that increase the address length
+exponentially.
+</p>
+
+<p>
+This feature is available in Postfix 3.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_alias_domains">virtual_alias_domains</a>
+(default: $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b></DT><DD>
+
+<p> Postfix is final destination for the specified list of virtual
+alias domains, that is, domains for which all addresses are aliased
+to addresses in other local or remote domains. The SMTP server
+validates recipient addresses with $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> and rejects
+non-existent recipients. See also the <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> class
+in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file </p>
+
+<p>
+This feature is available in Postfix 2.0 and later. The default
+value is backwards compatible with Postfix version 1.1.
+</p>
+
+<p>
+The default value is $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> so that you can keep all
+information about <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a> in one place.  If you have
+many users, it is better to separate information that changes more
+frequently (virtual address -&gt; local or remote address mapping)
+from information that changes less frequently (the list of virtual
+domain names).
+</p>
+
+<p> Specify a list of host or domain names, "/file/name" or
+"<a href="DATABASE_README.html">type:table</a>" patterns, separated by commas and/or whitespace. A
+"/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
+lookup table is matched when a table entry matches a lookup string
+(the lookup result is ignored).  Continue long lines by starting
+the next line with whitespace. Specify "!pattern" to exclude a host
+or domain name from the list. The form "!/file/name" is supported
+only in Postfix version 2.4 and later.  </p>
+
+<p>
+See also the <a href="VIRTUAL_README.html">VIRTUAL_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents
+for further information.
+</p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> = virtual1.tld virtual2.tld
+</pre>
+
+
+</DD>
+
+<DT><b><a name="virtual_alias_expansion_limit">virtual_alias_expansion_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p>
+The maximal number of addresses that virtual alias expansion produces
+from each original recipient.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_alias_maps">virtual_alias_maps</a>
+(default: $<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b></DT><DD>
+
+<p>
+Optional lookup tables that alias specific mail addresses or domains
+to other local or remote address.  The table format and lookups
+are documented in <a href="virtual.5.html">virtual(5)</a>. For an overview of Postfix address
+manipulations see the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later. The default
+value is backwards compatible with Postfix version 1.1.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+Note: these lookups are recursive.
+</p>
+
+<p>
+If you use this feature with indexed files, run "<b>postmap
+/etc/postfix/virtual</b>" after changing the file.
+</p>
+
+<p>
+Examples:
+</p>
+
+<pre>
+<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="DATABASE_README.html#types">dbm</a>:/etc/postfix/virtual
+<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/virtual
+</pre>
+
+
+</DD>
+
+<DT><b><a name="virtual_alias_recursion_limit">virtual_alias_recursion_limit</a>
+(default: 1000)</b></DT><DD>
+
+<p>
+The maximal nesting depth of virtual alias expansion.  Currently
+the recursion limit is applied only to the left branch of the
+expansion graph, so the depth of the tree can in the worst case
+reach the sum of the expansion and recursion limits.  This may
+change in the future.
+</p>
+
+<p>
+This feature is available in Postfix 2.1 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_delivery_status_filter">virtual_delivery_status_filter</a>
+(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
+
+<p> Optional filter for the <a href="virtual.8.html">virtual(8)</a> delivery agent to change the
+delivery status code or explanatory text of successful or unsuccessful
+deliveries.  See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details.  </p>
+
+<p> This feature is available in Postfix 3.0 and later. </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a>
+(default: $<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concurrency_limit</a>)</b></DT><DD>
+
+<p> The maximal number of parallel deliveries to the same destination
+via the virtual message delivery transport. This limit is enforced
+by the queue manager. The message delivery transport name is the
+first field in the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_destination_recipient_limit">virtual_destination_recipient_limit</a>
+(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
+
+<p> The maximal number of recipients per message for the virtual
+message delivery transport. This limit is enforced by the queue
+manager. The message delivery transport name is the first field in
+the entry in the <a href="master.5.html">master.cf</a> file.  </p>
+
+<p> Setting this parameter to a value of 1 changes the meaning of
+<a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a> from concurrency per domain
+into concurrency per recipient.  </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_gid_maps">virtual_gid_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Lookup tables with the per-recipient group ID for <a href="virtual.8.html">virtual(8)</a> mailbox
+delivery.
+</p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+In a lookup table, specify a left-hand side of "@domain.tld" to
+match any user in the specified domain that does not have a specific
+"user@domain.tld" entry.
+</p>
+
+<p>
+When a recipient address has an optional address extension
+(user+foo@domain.tld), the <a href="virtual.8.html">virtual(8)</a> delivery agent looks up
+the full address first, and when the lookup fails, it looks up the
+unextended address (user@domain.tld).
+</p>
+
+<p>
+Note 1: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent disallows
+regular expression substitution of $1 etc. in regular expression
+lookup tables, because that would open a security hole.
+</p>
+
+<p>
+Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
+silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
+it will open the table directly. Before Postfix version 2.2, the
+<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_mailbox_base">virtual_mailbox_base</a>
+(default: empty)</b></DT><DD>
+
+<p>
+A prefix that the <a href="virtual.8.html">virtual(8)</a> delivery agent prepends to all pathname
+results from $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> table lookups.  This is a safety
+measure to ensure that an out of control map doesn't litter the
+file system with mailboxes.  While <a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> could be
+set to "/", this setting isn't recommended.
+</p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+<p>
+Example:
+</p>
+
+<pre>
+<a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> = /var/mail
+</pre>
+
+
+</DD>
+
+<DT><b><a name="virtual_mailbox_domains">virtual_mailbox_domains</a>
+(default: $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b></DT><DD>
+
+<p> Postfix is final destination for the specified list of domains;
+mail is delivered via the $<a href="postconf.5.html#virtual_transport">virtual_transport</a> mail delivery transport.
+By default this is the Postfix <a href="virtual.8.html">virtual(8)</a> delivery agent.  The SMTP
+server validates recipient addresses with $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
+and rejects mail for non-existent recipients.  See also the virtual
+mailbox domain class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
+
+<p> This parameter expects the same syntax as the <a href="postconf.5.html#mydestination">mydestination</a>
+configuration parameter.  </p>
+
+<p>
+This feature is available in Postfix 2.0 and later. The default
+value is backwards compatible with Postfix version 1.1.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_mailbox_limit">virtual_mailbox_limit</a>
+(default: 51200000)</b></DT><DD>
+
+<p>
+The maximal size in bytes of an individual <a href="virtual.8.html">virtual(8)</a> mailbox or
+maildir file, or zero (no limit).  </p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_mailbox_lock">virtual_mailbox_lock</a>
+(default: see "postconf -d" output)</b></DT><DD>
+
+<p>
+How to lock a UNIX-style <a href="virtual.8.html">virtual(8)</a> mailbox before attempting
+delivery.  For a list of available file locking methods, use the
+"<b>postconf -l</b>" command.
+</p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+<p>
+This setting is ignored with <b>maildir</b> style delivery, because
+such deliveries are safe without application-level locks.
+</p>
+
+<p>
+Note 1: the <b>dotlock</b> method requires that the recipient UID
+or GID has write access to the parent directory of the recipient's
+mailbox file.
+</p>
+
+<p>
+Note 2: the default setting of this parameter is system dependent.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_mailbox_maps">virtual_mailbox_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables with all valid addresses in the domains that
+match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+</p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+In a lookup table, specify a left-hand side of "@domain.tld" to
+match any user in the specified domain that does not have a specific
+"user@domain.tld" entry.
+</p>
+
+<p> The remainder of this text is specific to the <a href="virtual.8.html">virtual(8)</a> delivery
+agent.  It does not apply when mail is delivered with a different
+mail delivery program.  </p>
+
+<p>
+The <a href="virtual.8.html">virtual(8)</a> delivery agent uses this table to look up the
+per-recipient mailbox or maildir pathname.  If the lookup result
+ends in a slash ("/"), maildir-style delivery is carried out,
+otherwise the path is assumed to specify a UNIX-style mailbox file.
+Note that $<a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> is unconditionally prepended to
+this path.
+</p>
+
+<p>
+When a recipient address has an optional address extension
+(user+foo@domain.tld), the <a href="virtual.8.html">virtual(8)</a> delivery agent looks up
+the full address first, and when the lookup fails, it looks up the
+unextended address (user@domain.tld).
+</p>
+
+<p>
+Note 1: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent disallows
+regular expression substitution of $1 etc. in regular expression
+lookup tables, because that would open a security hole.
+</p>
+
+<p>
+Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
+silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
+it will open the table directly. Before Postfix version 2.2, the
+<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_maps">virtual_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables with a) names of domains for which all
+addresses are aliased to addresses in other local or remote domains,
+and b) addresses that are aliased to addresses in other local or
+remote domains.  Available before Postfix version 2.0. With Postfix
+version 2.0 and later, this is replaced by separate controls: <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>
+and <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>. </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_minimum_uid">virtual_minimum_uid</a>
+(default: 100)</b></DT><DD>
+
+<p>
+The minimum user ID value that the <a href="virtual.8.html">virtual(8)</a> delivery agent accepts
+as a result from $<a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> table lookup.  Returned
+values less than this will be rejected, and the message will be
+deferred.
+</p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+
+</DD>
+
+<DT><b><a name="virtual_transport">virtual_transport</a>
+(default: virtual)</b></DT><DD>
+
+<p>
+The default mail delivery transport and next-hop destination for
+final delivery to domains listed with $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+This information can be overruled with the <a href="transport.5.html">transport(5)</a> table.
+</p>
+
+<p>
+Specify a string of the form <i>transport:nexthop</i>, where <i>transport</i>
+is the name of a mail delivery transport defined in <a href="master.5.html">master.cf</a>.
+The <i>:nexthop</i> destination is optional; its syntax is documented
+in the manual page of the corresponding delivery agent.
+</p>
+
+<p>
+This feature is available in Postfix 2.0 and later.
+</p>
+
+
+</DD>
+
+<DT><b><a name="virtual_uid_maps">virtual_uid_maps</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Lookup tables with the per-recipient user ID that the <a href="virtual.8.html">virtual(8)</a>
+delivery agent uses while writing to the recipient's mailbox.
+</p>
+
+<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
+It does not apply when mail is delivered with a different mail
+delivery program.  </p>
+
+<p>
+Specify zero or more "type:name" lookup tables, separated by
+whitespace or comma. Tables will be searched in the specified order
+until a match is found.
+</p>
+
+<p>
+In a lookup table, specify a left-hand side of "@domain.tld"
+to match any user in the specified domain that does not have a
+specific "user@domain.tld" entry.
+</p>
+
+<p>
+When a recipient address has an optional address extension
+(user+foo@domain.tld), the <a href="virtual.8.html">virtual(8)</a> delivery agent looks up
+the full address first, and when the lookup fails, it looks up the
+unextended address (user@domain.tld).
+</p>
+
+<p>
+Note 1: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent disallows
+regular expression substitution of $1 etc. in regular expression
+lookup tables, because that would open a security hole.
+</p>
+
+<p>
+Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
+silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
+it will open the table directly. Before Postfix version 2.2, the
+<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
+</p>
+
+
+</DD>
+
+</dl>
+
+</body>
+
+</html>

data/incoming/virtual.8.html

@@ -0,0 +1,313 @@
+<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
+        "http://www.w3.org/TR/html4/loose.dtd">
+<html> <head>
+<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
+<title> Postfix manual - virtual(8) </title>
+</head> <body> <pre>
+VIRTUAL(8)                                                          VIRTUAL(8)
+
+<b>NAME</b>
+       virtual - Postfix virtual domain mail delivery agent
+
+<b>SYNOPSIS</b>
+       <b>virtual</b> [generic Postfix daemon options]
+
+<b>DESCRIPTION</b>
+       The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent is designed for virtual mail hosting ser-
+       vices. Originally based on the Postfix <a href="local.8.html"><b>local</b>(8)</a>  delivery  agent,  this
+       agent  looks  up  recipients  with  map lookups of their full recipient
+       address, instead of using hard-coded unix password file lookups of  the
+       address local part only.
+
+       This  delivery  agent  only delivers mail.  Other features such as mail
+       forwarding, out-of-office notifications, etc., must be  configured  via
+       virtual_alias maps or via similar lookup mechanisms.
+
+<b>MAILBOX LOCATION</b>
+       The mailbox location is controlled by the <b><a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a></b> and <b><a href="postconf.5.html#virtual_mailbox_maps">vir</a>-</b>
+       <b><a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a></b>  configuration  parameters  (see  below).   The  <b><a href="postconf.5.html#virtual_mailbox_maps">vir-</b>
+       <b>tual_mailbox_maps</a></b>   table  is  indexed  by  the  recipient  address  as
+       described under TABLE SEARCH ORDER below.
+
+       The mailbox pathname is constructed as follows:
+
+         <b>$<a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a>/$virtual_mailbox_maps(</b><i>recipient</i><b>)</b>
+
+       where <i>recipient</i> is the full recipient address.
+
+<b>UNIX MAILBOX FORMAT</b>
+       When the mailbox location does not end in <b>/</b>, the message  is  delivered
+       in  UNIX  mailbox format.   This format stores multiple messages in one
+       textfile.
+
+       The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent prepends a "<b>From</b> <i>sender time</i><b>_</b><i>stamp</i>" enve-
+       lope  header  to  each message, prepends a <b>Delivered-To:</b> message header
+       with the envelope recipient address, prepends an <b>X-Original-To:</b>  header
+       with the recipient address as given to Postfix, prepends a <b>Return-Path:</b>
+       message header with the envelope sender address, prepends a &gt; character
+       to lines beginning with "<b>From</b> ", and appends an empty line.
+
+       The  mailbox  is  locked  for  exclusive  access  while  delivery is in
+       progress. In case of problems, an attempt is made to truncate the mail-
+       box to its original length.
+
+<b>QMAIL MAILDIR FORMAT</b>
+       When  the mailbox location ends in <b>/</b>, the message is delivered in qmail
+       <b>maildir</b> format. This format stores one message per file.
+
+       The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent prepends a <b>Delivered-To:</b>  message  header
+       with  the  final envelope recipient address, prepends an <b>X-Original-To:</b>
+       header with the recipient address as given to Postfix, and  prepends  a
+       <b>Return-Path:</b> message header with the envelope sender address.
+
+       By  definition,  <b>maildir</b> format does not require application-level file
+       locking during mail delivery or retrieval.
+
+<b>MAILBOX OWNERSHIP</b>
+       Mailbox ownership  is  controlled  by  the  <b><a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a></b>  and  <b><a href="postconf.5.html#virtual_gid_maps">vir</a>-</b>
+       <b><a href="postconf.5.html#virtual_gid_maps">tual_gid_maps</a></b>  lookup tables, which are indexed with the full recipient
+       address. Each table provides a string with the numerical user and group
+       ID, respectively.
+
+       The  <b><a href="postconf.5.html#virtual_minimum_uid">virtual_minimum_uid</a></b>  parameter  imposes a lower bound on numerical
+       user ID values that may be specified in any <b><a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a></b>.
+
+<b>CASE FOLDING</b>
+       All delivery decisions are  made  using  the  full  recipient  address,
+       folded  to  lower  case. See also the next section for a few exceptions
+       with optional address extensions.
+
+<b>TABLE SEARCH ORDER</b>
+       Normally, a lookup table is specified as a text  file  that  serves  as
+       input  to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The result, an indexed file in <b>dbm</b> or
+       <b>db</b> format, is used for fast searching by the mail system.
+
+       The search order is as follows. The search stops upon  the  first  suc-
+       cessful lookup.
+
+       <b>o</b>      When  the  recipient  has  an  optional  address  extension  the
+              <i>user+extension@domain.tld</i> address is looked up first.
+
+              With Postfix versions before 2.1, the optional address extension
+              is always ignored.
+
+       <b>o</b>      The  <i>user@domain.tld</i>  address,  without  address  extension,  is
+              looked up next.
+
+       <b>o</b>      Finally, the recipient <i>@domain</i> is looked up.
+
+       When the table is provided via other means such as NIS,  LDAP  or  SQL,
+       the same lookups are done as for ordinary indexed files.
+
+       Alternatively,  a  table  can  be  provided as a regular-expression map
+       where patterns are given as regular expressions. In that case, only the
+       full recipient address is given to the regular-expression map.
+
+<b>SECURITY</b>
+       The  <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent is not security sensitive, provided that
+       the lookup tables with recipient user/group  ID  information  are  ade-
+       quately protected. This program is not designed to run chrooted.
+
+       The <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent disallows regular expression substitution
+       of $1 etc. in regular expression lookup tables, because that would open
+       a security hole.
+
+       The  <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent will silently ignore requests to use the
+       <a href="proxymap.8.html"><b>proxymap</b>(8)</a> server. Instead it will open  the  table  directly.  Before
+       Postfix  version  2.2, the virtual delivery agent will terminate with a
+       fatal error.
+
+<b>STANDARDS</b>
+       <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> (ARPA Internet Text Messages)
+
+<b>DIAGNOSTICS</b>
+       Mail bounces when the recipient has no mailbox or when the recipient is
+       over  disk quota. In all other cases, mail for an existing recipient is
+       deferred and a warning is logged.
+
+       Problems and transactions are logged to <b>syslogd</b>(8).  Corrupted  message
+       files are marked so that the queue manager can move them to the <b>corrupt</b>
+       queue afterwards.
+
+       Depending on the setting of the <b><a href="postconf.5.html#notify_classes">notify_classes</a></b> parameter, the  postmas-
+       ter is notified of bounces and of other trouble.
+
+<b>BUGS</b>
+       This  delivery agent supports address extensions in email addresses and
+       in lookup table keys, but does not propagate address extension informa-
+       tion to the result of table lookup.
+
+       Postfix  should  have  lookup  tables  that  can return multiple result
+       attributes. In order to avoid the inconvenience  of  maintaining  three
+       tables, use an LDAP or MYSQL database.
+
+<b>CONFIGURATION PARAMETERS</b>
+       Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="virtual.8.html"><b>virtual</b>(8)</a> processes
+       run for only a limited amount of time. Use the command "<b>postfix reload</b>"
+       to speed up a change.
+
+       The  text  below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
+       more details including examples.
+
+<b>MAILBOX DELIVERY CONTROLS</b>
+       <b><a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> (empty)</b>
+              A prefix that the <a href="virtual.8.html"><b>virtual</b>(8)</a>  delivery  agent  prepends  to  all
+              pathname results from $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> table lookups.
+
+       <b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
+              Optional  lookup  tables with all valid addresses in the domains
+              that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+
+       <b><a href="postconf.5.html#virtual_minimum_uid">virtual_minimum_uid</a> (100)</b>
+              The minimum user ID value that  the  <a href="virtual.8.html"><b>virtual</b>(8)</a>  delivery  agent
+              accepts as a result from $<a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> table lookup.
+
+       <b><a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> (empty)</b>
+              Lookup tables with the per-recipient user ID that the <a href="virtual.8.html"><b>virtual</b>(8)</a>
+              delivery agent uses while writing to the recipient's mailbox.
+
+       <b><a href="postconf.5.html#virtual_gid_maps">virtual_gid_maps</a> (empty)</b>
+              Lookup tables with the per-recipient  group  ID  for  <a href="virtual.8.html"><b>virtual</b>(8)</a>
+              mailbox delivery.
+
+       Available in Postfix version 2.0 and later:
+
+       <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
+              Postfix  is final destination for the specified list of domains;
+              mail is  delivered  via  the  $<a href="postconf.5.html#virtual_transport">virtual_transport</a>  mail  delivery
+              transport.
+
+       <b><a href="postconf.5.html#virtual_transport">virtual_transport</a> (virtual)</b>
+              The default mail delivery transport and next-hop destination for
+              final delivery to domains listed with  $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+
+       Available in Postfix version 2.5.3 and later:
+
+       <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b>
+              Defer  delivery  when a mailbox file is not owned by its recipi-
+              ent.
+
+<b>LOCKING CONTROLS</b>
+       <b><a href="postconf.5.html#virtual_mailbox_lock">virtual_mailbox_lock</a> (see 'postconf -d' output)</b>
+              How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a>  mailbox  before  attempting
+              delivery.
+
+       <b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
+              The maximal number of attempts to acquire an exclusive lock on a
+              mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+       <b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
+              The time between attempts to acquire  an  exclusive  lock  on  a
+              mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+       <b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
+              The  time  after  which  a  stale  exclusive mailbox lockfile is
+              removed.
+
+<b>RESOURCE AND RATE CONTROLS</b>
+       <b><a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a>     ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
+       <b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
+              The maximal number of parallel deliveries to the  same  destina-
+              tion via the virtual message delivery transport.
+
+       <b><a href="postconf.5.html#virtual_destination_recipient_limit">virtual_destination_recipient_limit</a>       ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipi</a>-</b>
+       <b><a href="postconf.5.html#default_destination_recipient_limit">ent_limit</a>)</b>
+              The  maximal  number  of  recipients per message for the virtual
+              message delivery transport.
+
+       <b><a href="postconf.5.html#virtual_mailbox_limit">virtual_mailbox_limit</a> (51200000)</b>
+              The maximal size in bytes of an individual <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox or
+              maildir file, or zero (no limit).
+
+<b>MISCELLANEOUS CONTROLS</b>
+       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+              The  default  location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+              figuration files.
+
+       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+              How much time a Postfix daemon process  may  take  to  handle  a
+              request before it is terminated by a built-in watchdog timer.
+
+       <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
+              The  maximal  number of digits after the decimal point when log-
+              ging sub-second delay values.
+
+       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+              The time limit for sending  or  receiving  information  over  an
+              internal communication channel.
+
+       <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+              The  maximum  amount of time that an idle Postfix daemon process
+              waits for an incoming connection before terminating voluntarily.
+
+       <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+              The maximal number of incoming connections that a Postfix daemon
+              process will service before terminating voluntarily.
+
+       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+              The process ID of a Postfix command or daemon process.
+
+       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+              The process name of a Postfix command or daemon process.
+
+       <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+              The location of the Postfix top-level queue directory.
+
+       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+              The syslog facility of Postfix logging.
+
+       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
+              A prefix that  is  prepended  to  the  process  name  in  syslog
+              records, so that, for example, "smtpd" becomes "prefix/smtpd".
+
+       Available in Postfix version 3.0 and later:
+
+       <b><a href="postconf.5.html#virtual_delivery_status_filter">virtual_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
+              Optional  filter for the <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent to change the
+              delivery status code or explanatory text of successful or unsuc-
+              cessful deliveries.
+
+<b>SEE ALSO</b>
+       <a href="qmgr.8.html">qmgr(8)</a>, queue manager
+       <a href="bounce.8.html">bounce(8)</a>, delivery status reports
+       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
+       syslogd(8), system logging
+
+<b>README_FILES</b>
+       Use "<b>postconf <a href="postconf.5.html#readme_directory">readme_directory</a></b>" or
+       "<b>postconf <a href="postconf.5.html#html_directory">html_directory</a></b>" to locate this information.
+       <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting howto
+
+<b>LICENSE</b>
+       The Secure Mailer license must be distributed with this software.
+
+<b>HISTORY</b>
+       This  delivery agent was originally based on the Postfix local delivery
+       agent. Modifications mainly consisted of removing code that either  was
+       not  applicable  or  that  was  not  safe  in  this  context:  aliases,
+       ~user/.forward files, delivery to "|command" or to /file/name.
+
+       The <b>Delivered-To:</b> message header appears in the <b>qmail</b> system by  Daniel
+       Bernstein.
+
+       The  <b>maildir</b> structure appears in the <b>qmail</b> system by Daniel Bernstein.
+
+<b>AUTHOR(S)</b>
+       Wietse Venema
+       IBM T.J. Watson Research
+       P.O. Box 704
+       Yorktown Heights, NY 10598, USA
+
+       Wietse Venema
+       Google, Inc.
+       111 8th Avenue
+       New York, NY 10011, USA
+
+       Andrew McNamara
+       andrewm@connect.com.au
+       connect.com.au Pty. Ltd.
+       Level 3, 213 Miller St
+       North Sydney 2060, NSW, Australia
+
+                                                                    VIRTUAL(8)
+</pre> </body> </html>

pom.xml

@@ -0,0 +1,229 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>com.redhat.training</groupId>
+  <artifactId>demo</artifactId>
+  <version>1.0-SNAPSHOT</version>
+  <name>demo</name>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <maven.compiler.source>17</maven.compiler.source>
+    <maven.compiler.target>17</maven.compiler.target>
+    <maven.compiler.release>17</maven.compiler.release>
+    <java.version>17</java.version>
+    <maven.repo.redhat.ga>https://maven.repository.redhat.com/ga/</maven.repo.redhat.ga>
+    <maven.repo.redhat.ea>https://maven.repository.redhat.com/earlyaccess/all/</maven.repo.redhat.ea>
+    <!-- Red Hat Build of (Plain) Camel -->
+    <!-- <camel.bom.group>org.apache.camel</camel.bom.group>
+    <camel.bom.artifact>camel-bom</camel.bom.artifact>
+    <camel.bom.version>4.4.0.redhat-00041</camel.bom.version> -->
+    <!-- Red Hat Fuse -->
+    <!-- <camel.bom.group>org.jboss.redhat-fuse</camel.bom.group>
+    <camel.bom.artifact>fuse-springboot-bom</camel.bom.artifact>
+    <camel.bom.version>7.13.0.fuse-7_13_0-00012-redhat-00001</camel.bom.version> -->
+    <!-- Red Hat Build of Camel SpringBoot -->
+     <camel.bom.group>com.redhat.camel.springboot.platform</camel.bom.group>
+     <camel.bom.artifact>camel-spring-boot-bom</camel.bom.artifact>
+     <camel.bom.version>4.4.0.redhat-00033</camel.bom.version>
+     <openshift.plugin.version>7.13.0.fuse-7_13_0-00012-redhat-00001</openshift.plugin.version>
+  </properties>
+
+  <repositories>
+    <repository>
+        <id>redhat-ga</id>
+        <url>${maven.repo.redhat.ga}</url>
+        <releases>
+            <enabled>true</enabled>
+        </releases>
+        <snapshots>
+            <enabled>false</enabled>
+        </snapshots>
+    </repository>
+    <repository>
+        <id>redhat-ea</id>
+        <url>${maven.repo.redhat.ea}</url>
+        <releases>
+            <enabled>true</enabled>
+        </releases>
+        <snapshots>
+            <enabled>false</enabled>
+        </snapshots>
+    </repository>
+  </repositories>
+  <pluginRepositories>
+    <pluginRepository>
+        <id>redhat-ga</id>
+        <url>${maven.repo.redhat.ga}</url>
+        <releases>
+            <enabled>true</enabled>
+        </releases>
+        <snapshots>
+            <enabled>false</enabled>
+        </snapshots>
+    </pluginRepository>
+    <pluginRepository>
+        <id>redhat-ea</id>
+        <url>${maven.repo.redhat.ea}</url>
+        <releases>
+            <enabled>true</enabled>
+        </releases>
+        <snapshots>
+            <enabled>false</enabled>
+        </snapshots>
+    </pluginRepository>
+  </pluginRepositories>
+
+  <dependencyManagement>
+    <dependencies>
+        <dependency>
+            <groupId>${camel.bom.group}</groupId>
+            <artifactId>${camel.bom.artifact}</artifactId>
+            <version>${camel.bom.version}</version>
+            <type>pom</type>
+            <scope>import</scope>
+        </dependency>
+    </dependencies>
+  </dependencyManagement>
+
+  <dependencies>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-spring-boot-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-jaxb-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-jackson-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-bindy-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-xj-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-amqp-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-jms-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.activemq</groupId>
+        <artifactId>artemis-jakarta-client</artifactId>
+        <version>2.33.0.redhat-00016</version>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-kafka-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-jdbc-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-sql-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-jpa-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.postgresql</groupId>
+        <artifactId>postgresql</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.hibernate.orm</groupId>
+        <artifactId>hibernate-core</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-web</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-rest-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-servlet-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel.springboot</groupId>
+        <artifactId>camel-http-starter</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>jakarta.servlet</groupId>
+        <artifactId>jakarta.servlet-api</artifactId>
+        <version>5.0.0</version>
+    </dependency>
+    <dependency>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-actuator</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-test</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.camel</groupId>
+        <artifactId>camel-test-spring-junit5</artifactId>
+        <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <pluginManagement>
+      <plugins>
+        <plugin>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-maven-plugin</artifactId>
+            <executions>
+                <execution>
+                    <goals>
+                        <goal>repackage</goal>
+                    </goals>
+                </execution>
+            </executions>
+        </plugin>
+      </plugins>
+    </pluginManagement>
+  </build>
+  <profiles>
+    <profile>
+        <id>openshift</id>
+        <properties>
+            <jkube.generator.from>registry.access.redhat.com/ubi9/openjdk-17:latest</jkube.generator.from>
+        </properties>
+        <build>
+            <plugins>
+                <plugin>
+                    <groupId>org.jboss.redhat-fuse</groupId>
+                    <artifactId>openshift-maven-plugin</artifactId>
+                    <version>${openshift.plugin.version}</version>
+                    <executions>
+                        <execution>
+                            <goals>
+                                <goal>resource</goal>
+                                <goal>build</goal>
+                                <goal>apply</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin>
+            </plugins>
+        </build>
+    </profile>
+  </profiles>
+</project>

scripts/kafka-podman.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+podman volume create --ignore zklogs
+podman run --rm -d --name zookeeper -p 2181:2181 -v zklogs:/opt/kafka/logs --network kafka registry.redhat.io/amq-streams/kafka-36-rhel9:2.7.0 ./bin/zookeeper-server-start.sh ./config/zookeeper.properties
+
+podman volume create --ignore kafkalogs
+podman secret create --replace kafkaconfig ./server.properties
+podman run --rm -d --name broker -p 9092:9092 -v kafkalogs:/opt/kafka/logs --secret kafkaconfig,type=mount,target=/opt/kafka/config/server.properties --network kafka registry.redhat.io/amq-streams/kafka-36-rhel9:2.7.0 ./bin/kafka-server-start.sh ./config/server.properties
+

scripts/postgres-init.sql

@@ -0,0 +1,4 @@
+create table randomstuff (id serial, item varchar(64));
+insert into randomstuff (item) values ('hammer'), ('screw'), ('box');
+grant all on randomstuff to developer;
+grant all on randomstuff_id_seq to developer;

scripts/postgres-podman.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+MYDIR="$(cd $(dirname $0) && pwd)"
+
+podman volume create --ignore pgdata
+podman run -d --rm --name postgres -p 5432:5432 -v pgdata:/var/lib/pgsql/data -e POSTGRESQL_USER=developer -e POSTGRESQL_PASSWORD=developer -e POSTGRESQL_DATABASE=items registry.access.redhat.com/rhel9/postgresql-16:latest 
+
+sleep 3
+cat ${MYDIR}/postgres-init.sql | podman exec -i postgres psql items
+

scripts/server.properties

@@ -0,0 +1,138 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#
+# This configuration file is intended for use in ZK-based mode, where Apache ZooKeeper is required.
+# See kafka.server.KafkaConfig for additional details and defaults
+#
+
+############################# Server Basics #############################
+
+# The id of the broker. This must be set to a unique integer for each broker.
+broker.id=0
+
+############################# Socket Server Settings #############################
+
+# The address the socket server listens on. If not configured, the host name will be equal to the value of
+# java.net.InetAddress.getCanonicalHostName(), with PLAINTEXT listener name, and port 9092.
+#   FORMAT:
+#     listeners = listener_name://host_name:port
+#   EXAMPLE:
+#     listeners = PLAINTEXT://your.host.name:9092
+#listeners=PLAINTEXT://:9092
+
+# Listener name, hostname and port the broker will advertise to clients.
+# If not set, it uses the value for "listeners".
+#advertised.listeners=PLAINTEXT://your.host.name:9092
+
+# Maps listener names to security protocols, the default is for them to be the same. See the config documentation for more details
+#listener.security.protocol.map=PLAINTEXT:PLAINTEXT,SSL:SSL,SASL_PLAINTEXT:SASL_PLAINTEXT,SASL_SSL:SASL_SSL
+
+# The number of threads that the server uses for receiving requests from the network and sending responses to the network
+num.network.threads=3
+
+# The number of threads that the server uses for processing requests, which may include disk I/O
+num.io.threads=8
+
+# The send buffer (SO_SNDBUF) used by the socket server
+socket.send.buffer.bytes=102400
+
+# The receive buffer (SO_RCVBUF) used by the socket server
+socket.receive.buffer.bytes=102400
+
+# The maximum size of a request that the socket server will accept (protection against OOM)
+socket.request.max.bytes=104857600
+
+
+############################# Log Basics #############################
+
+# A comma separated list of directories under which to store log files
+log.dirs=/tmp/kafka-logs
+
+# The default number of log partitions per topic. More partitions allow greater
+# parallelism for consumption, but this will also result in more files across
+# the brokers.
+num.partitions=1
+
+# The number of threads per data directory to be used for log recovery at startup and flushing at shutdown.
+# This value is recommended to be increased for installations with data dirs located in RAID array.
+num.recovery.threads.per.data.dir=1
+
+############################# Internal Topic Settings  #############################
+# The replication factor for the group metadata internal topics "__consumer_offsets" and "__transaction_state"
+# For anything other than development testing, a value greater than 1 is recommended to ensure availability such as 3.
+offsets.topic.replication.factor=1
+transaction.state.log.replication.factor=1
+transaction.state.log.min.isr=1
+
+############################# Log Flush Policy #############################
+
+# Messages are immediately written to the filesystem but by default we only fsync() to sync
+# the OS cache lazily. The following configurations control the flush of data to disk.
+# There are a few important trade-offs here:
+#    1. Durability: Unflushed data may be lost if you are not using replication.
+#    2. Latency: Very large flush intervals may lead to latency spikes when the flush does occur as there will be a lot of data to flush.
+#    3. Throughput: The flush is generally the most expensive operation, and a small flush interval may lead to excessive seeks.
+# The settings below allow one to configure the flush policy to flush data after a period of time or
+# every N messages (or both). This can be done globally and overridden on a per-topic basis.
+
+# The number of messages to accept before forcing a flush of data to disk
+#log.flush.interval.messages=10000
+
+# The maximum amount of time a message can sit in a log before we force a flush
+#log.flush.interval.ms=1000
+
+############################# Log Retention Policy #############################
+
+# The following configurations control the disposal of log segments. The policy can
+# be set to delete segments after a period of time, or after a given size has accumulated.
+# A segment will be deleted whenever *either* of these criteria are met. Deletion always happens
+# from the end of the log.
+
+# The minimum age of a log file to be eligible for deletion due to age
+log.retention.hours=168
+
+# A size-based retention policy for logs. Segments are pruned from the log unless the remaining
+# segments drop below log.retention.bytes. Functions independently of log.retention.hours.
+#log.retention.bytes=1073741824
+
+# The maximum size of a log segment file. When this size is reached a new log segment will be created.
+#log.segment.bytes=1073741824
+
+# The interval at which log segments are checked to see if they can be deleted according
+# to the retention policies
+log.retention.check.interval.ms=300000
+
+############################# Zookeeper #############################
+
+# Zookeeper connection string (see zookeeper docs for details).
+# This is a comma separated host:port pairs, each corresponding to a zk
+# server. e.g. "127.0.0.1:3000,127.0.0.1:3001,127.0.0.1:3002".
+# You can also append an optional chroot string to the urls to specify the
+# root directory for all kafka znodes.
+zookeeper.connect=zookeeper:2181
+
+# Timeout in ms for connecting to zookeeper
+zookeeper.connection.timeout.ms=18000
+
+
+############################# Group Coordinator Settings #############################
+
+# The following configuration specifies the time, in milliseconds, that the GroupCoordinator will delay the initial consumer rebalance.
+# The rebalance will be further delayed by the value of group.initial.rebalance.delay.ms as new members join the group, up to a maximum of max.poll.interval.ms.
+# The default value for this is 3 seconds.
+# We override this to 0 here as it makes for a better out-of-the-box experience for development and testing.
+# However, in production environments the default value of 3 seconds is more suitable as this will help to avoid unnecessary, and potentially expensive, rebalances during application startup.
+group.initial.rebalance.delay.ms=0

src/main/java/com/redhat/training/camel/Application.java

@@ -0,0 +1,11 @@
+package com.redhat.training.camel;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+    public static void main(String... args) {
+        SpringApplication.run(Application.class, args);
+    }
+}

src/main/java/com/redhat/training/camel/CamelContextConfig.java

@@ -0,0 +1,98 @@
+package com.redhat.training.camel;
+
+import org.apache.camel.CamelContext;
+import org.apache.camel.RoutesBuilder;
+import org.apache.camel.spring.boot.CamelContextConfiguration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import com.redhat.training.camel.bookstore.BookstoreRoutes;
+import com.redhat.training.camel.database.DatabaseRoutes;
+import com.redhat.training.camel.intro.CamelHello;
+import com.redhat.training.camel.jms.JmsExample;
+import com.redhat.training.camel.kafka.KafkaExample;
+import com.redhat.training.camel.rest.HelloService;
+import com.redhat.training.camel.rest.HttpClient;
+import com.redhat.training.camel.rest.RestClient;
+
+@Configuration
+public class CamelContextConfig {
+    private final Logger LOG = LoggerFactory.getLogger(CamelContextConfig.class.getName());
+
+    // start with...
+    //  mvn spring-boot:run -Dspring-boot.run.jvmArguments="-Dcamel.problem=FOO"
+    @Value("${camel.problem:}")
+    private String problem;
+
+    // this is invoked by CamelContextConfiguration below, no need to annotate it
+    RoutesBuilder giveMeRoutes() {
+        LOG.info("Checking which problem to load (" + problem + ")...");
+
+        if (problem == null || problem.isEmpty()) {
+            System.err.println("""
+                    ERROR: No problem specified. Must set camel.problem system property to one of:
+                     - intro
+                     - database
+                     - jms
+                     - kafka
+                     - rest-service
+                     - rest-client
+                     - http-client
+                     - health
+                     - bookstore
+                    """);
+            System.exit(1);
+        }
+
+        switch (problem) {
+            case "intro":
+                LOG.info("Loading CamelHello...");
+                return new CamelHello();
+            case "database":
+                LOG.info("Loading DatabaseRoutes...");
+                return new DatabaseRoutes();
+            case "jms":
+                LOG.info("Loading JmsExample...");
+                return new JmsExample();
+            case "kafka":
+                LOG.info("Loading KafkaExample...");
+                return new KafkaExample();
+            case "rest-service":
+                LOG.info("Loading HelloService...");
+                return new HelloService();
+            case "rest-client":
+                LOG.info("Loading RestClient...");
+                return new RestClient();
+            case "http-client":
+                LOG.info("Loading HttpClient...");
+                return new HttpClient();
+            case "bookstore":
+                LOG.info("Loading BookstoreRoutes...");
+                return new BookstoreRoutes();
+        }
+
+        LOG.info("No recognisable problem specified.");
+        return null;
+    }
+
+    @Bean
+    CamelContextConfiguration giveMeCamelContext() {
+        return new CamelContextConfiguration() {
+            @Override
+            public void beforeApplicationStart(CamelContext ctx) {
+                try {
+                    ctx.addRoutes(giveMeRoutes());
+                } catch (Exception e) {
+                    LOG.info("Exception in CamelContextConfiguration.beforeApplicationStart()", e);
+                }
+                ctx.start();
+            }
+            public void afterApplicationStart(CamelContext ctx) {
+                //
+            }
+        };
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/BookstoreRoutes.java

@@ -0,0 +1,151 @@
+package com.redhat.training.camel.bookstore;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.jackson.JacksonDataFormat;
+import org.apache.camel.component.jackson.ListJacksonDataFormat;
+import org.apache.camel.converter.jaxb.JaxbDataFormat;
+import org.apache.camel.dataformat.bindy.csv.BindyCsvDataFormat;
+import org.springframework.stereotype.Component;
+
+import com.redhat.training.camel.bookstore.model.FulfillmentOrder;
+import com.redhat.training.camel.bookstore.model.Order;
+import com.redhat.training.camel.bookstore.model.User;
+import com.redhat.training.camel.bookstore.registry.BookNotFoundException;
+import com.redhat.training.camel.bookstore.registry.UserNotFoundException;
+
+@Component
+public class BookstoreRoutes extends RouteBuilder {
+
+    @Override
+    public void configure() throws Exception {
+        // one of the builtin error handlers, global to the class and all exceptions
+        // (unless more specific rules apply by means of onException(), or in the route)
+        // errorHandler(defaultErrorHandler());
+        // errorHandler(noErrorHandler());
+        // errorHandler(deadLetterChannel("file:data/errors/?fileName=error.txt&fileExist=Append"));
+
+        // exception-specific rule(s)
+        // onException(IllegalArgumentException.class)
+        //     .to("file:error/?fileName=iae.log&fileExist=Append")
+        //     .handled(true)
+        //     .maximumRedeliveries(3);
+
+        // read the book catalog and add it to a singleton list
+        from("file:data/bookstore/?fileName=books.xml&noop=true")
+            .routeId("bookLoader")
+            .to("log:bookInitialRead?showAll=true")
+            // split on an xpath expression
+            .split().xpath("/bookstore/book") 
+            .to("log:booksAfterSplit?showAll=true")
+            // pay attention to src/main/resources/com/redhat/training/camel/bookstore/model/jaxb.index
+            .unmarshal(new JaxbDataFormat("com.redhat.training.camel.bookstore.model"))
+            .to("log:bookLogger?showAll=true")
+            // use simple expression language to only sell books newer than 2003
+            .filter(simple("${body.year} > 2003"))
+            // use a custom predicate (we can't sell G.R.R.Martin)
+            .filter(new MyBookFilterPredicate())
+            .to("log:booksAfterFilter?showAll=true")
+            // add the book to the catalog, if still here
+            .to("bean:bookCatalog?method=simpleAdd");
+
+        // XML2JSON conversion
+        // .to("xj:identity?transformDirection=XML2JSON")
+        // .to("log:afterTransform");
+
+        // load the book catalog and add it to a singleton list
+        from("file:data/bookstore/?fileName={{users.file:users.csv}}&noop=true")
+            .routeId("userLoader")
+            .to("log:usersInitialRead?showAll=true")
+            // UNSAFE: a malformed line in the users.csv file will kill the entire file read.
+            // .doTry()
+            //     .unmarshal(new BindyCsvDataFormat(User.class))
+            // .doCatch(IllegalArgumentException.class)
+            //     .to("log:errorLog?showAll=true")
+            // .end()
+            // .to("log:usersAfterUnmarshal?showAll=true")
+            // INSTEAD: split first, ignore the header line, and unmarshal each line separately.
+            .split().tokenize("\n").streaming()
+            .choice()
+                // recognise the header line and stop processing that exchange
+                .when().simple("${body} == 'Identifier;Access code;Recovery code;First name;Last name;Department;Location'")
+                    .log("Skipping CSV header line")
+                    .stop()
+                .end()
+            .to("log:userLogger?showAll=true")
+            // attempt to unmarshal CSV to User
+            // ignore IllegalArgumentExceptions as they signify a data format error
+            .doTry()
+                .unmarshal(new BindyCsvDataFormat(User.class))
+            .doCatch(IllegalArgumentException.class)
+                .log("Ignoring parsing error: " + exceptionMessage())
+                .stop()
+            .end()
+            .to("log:userPostUnmarshal?showAll=true")
+            // spin off to aggregate users by team
+            .wireTap("direct:aggregateByTeam")
+            // this will handle duplicate user exceptions
+            .doTry()
+                .to("bean:userCatalog")
+            .doCatch(IllegalArgumentException.class)
+                .log("Ignoring IllegalArgumentException: " + exceptionMessage())
+            .end();
+
+        // aggregate users by team
+        from("direct:aggregateByTeam")
+            .routeId("userAggregator")
+            // key is user.department
+            .aggregate(simple("${body.department}"),
+                        new TeamAggregator())
+                .completionSize(10)
+                .completionTimeout(1500)
+            .to("log:logTeam?showAll=true")
+            // marshal everything to JSON once the group completes
+            .marshal(new JacksonDataFormat())
+            .to("log:afterMarshal")
+            // write it to teams.json
+            .to("file:data/out/?fileName=teams.json&fileExist=Append");
+
+        // load the orders from the JSON file
+        from("file:data/bookstore/?fileName=orders.json&noop=true")
+            .routeId("orderLoader")
+            .to("log:ordersInitialRead?showAll=true")
+            // Jackson will produce a list of Order objects that we can split on
+            .unmarshal(new ListJacksonDataFormat(Order.class))
+            .to("log:ordersBeforeSplit?showAll=true")
+            .split().body()
+            // pay attention to src/main/resources/META-INF/services/org/apache/camel/TypeConverter
+            // and com.redhat.training.camel.bookstore.PlainToFulfillmentOrderConverter
+            .convertBodyTo(FulfillmentOrder.class)
+            // enrich order data (just the book title and user ID) with data from the catalogs
+            .enrich("direct:orderEnrichment")
+            // finally, log the order...
+            .to("log:orderLogger?showAll=true")
+            // ...marshal to JSON...
+            .marshal(new JacksonDataFormat())
+            .to("log:orderAfterMarshal?showAll=true")
+            // ...and write it to orders.json
+            .to("file:data/out/?fileName=orders.json&fileExist=Append");
+
+        // JSON2XML conversion
+        // .to("xj:identity?transformDirection=JSON2XML")
+        // .to("log:afterTransform");
+
+        // order enrichment is just about two bean invocations
+        // we could do it via routerSlip or just two consecutive bean() invocations
+        from("direct:orderEnrichment")
+            .routeId("orderEnrichment")
+            // any of the business exceptions should redeliver up to 10 times
+            // DO NOT mark those as handled(true) or they will propagate
+            // also, do not get confused by the fact premature enrichment exceptions
+            // remain in the exchange - that's just a record of history
+            .onException(UserNotFoundException.class, BookNotFoundException.class)
+                .to("log:orderEnrichmentERROR?showAll=true")
+                .redeliveryDelay(1500)
+                .maximumRedeliveries(10)
+            .end()
+            .to("log:orderEnrichmentPre?showAll=true")
+            .bean(FulfillmentEnrichment.class, "enrichUser")
+            .bean(FulfillmentEnrichment.class, "enrichBook")
+            .to("log:orderEnrichmentPost?showAll=true");
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/FulfillmentEnrichment.java

@@ -0,0 +1,47 @@
+package com.redhat.training.camel.bookstore;
+
+import org.apache.camel.Message;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+
+import com.redhat.training.camel.bookstore.model.Book;
+import com.redhat.training.camel.bookstore.model.FulfillmentOrder;
+import com.redhat.training.camel.bookstore.model.User;
+import com.redhat.training.camel.bookstore.registry.BookRegistry;
+import com.redhat.training.camel.bookstore.registry.UserRegistry;
+
+public class FulfillmentEnrichment {
+    private final Logger LOG = LoggerFactory.getLogger(FulfillmentEnrichment.class.getName());
+
+    @Autowired
+    @Qualifier("userCatalog")
+    UserRegistry ureg;
+
+    @Autowired
+    @Qualifier("bookCatalog")
+    BookRegistry breg;
+
+    public void enrichUser(Message m) {
+        FulfillmentOrder fo = m.getBody(FulfillmentOrder.class);
+        if (fo.getUser() == null || fo.getUser().getId() == 0) {
+            throw new IllegalArgumentException("FulfillmentOrder has no user (or user ID).");
+        }
+        User u = ureg.get(fo.getUser().getId());
+        LOG.info("Enriching user: " + fo.getUser().getId() + " -> " + u);
+        fo.setUser(u);
+        m.setBody(fo);
+        return;
+    }
+
+    public FulfillmentOrder enrichBook(FulfillmentOrder fo) {
+        if (fo.getBook() == null || fo.getBook().getTitle() == null) {
+            throw new IllegalArgumentException("FulfillmentOrder has no book (or book title).");
+        }
+        Book b = breg.get(fo.getBook().getTitle());
+        LOG.info("Enriching book: " + fo.getBook().getTitle() + " -> " + b);
+        fo.setBook(b);
+        return fo;
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/MyBookFilterPredicate.java

@@ -0,0 +1,24 @@
+package com.redhat.training.camel.bookstore;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Predicate;
+
+import com.redhat.training.camel.bookstore.model.Book;
+
+public class MyBookFilterPredicate implements Predicate {
+
+    @Override
+    public boolean matches(Exchange exchange) {
+        Object t = exchange.getIn().getBody();
+
+        if (!(t instanceof Book))
+            return false;
+
+        Book b = (Book)t;
+        if (!b.getAuthor().equals("George R. R. Martin"))
+            return true;
+
+        return false;
+    }
+
+}

src/main/java/com/redhat/training/camel/bookstore/PlainToFulfillmentOrderConverter.java

@@ -0,0 +1,25 @@
+package com.redhat.training.camel.bookstore;
+
+import org.apache.camel.Converter;
+
+import com.redhat.training.camel.bookstore.model.Book;
+import com.redhat.training.camel.bookstore.model.FulfillmentOrder;
+import com.redhat.training.camel.bookstore.model.Order;
+import com.redhat.training.camel.bookstore.model.User;
+
+@Converter
+public class PlainToFulfillmentOrderConverter {
+    @Converter
+    public static FulfillmentOrder lalala(Order o) {
+        FulfillmentOrder fo = new FulfillmentOrder();
+        User u = new User();
+        u.setId(o.getUserid());
+        Book b = new Book();
+        b.setTitle(o.getBook());
+
+        fo.setUser(u);
+        fo.setBook(b);
+
+        return fo;
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/TeamAggregator.java

@@ -0,0 +1,28 @@
+package com.redhat.training.camel.bookstore;
+
+import org.apache.camel.AggregationStrategy;
+import org.apache.camel.Exchange;
+
+import com.redhat.training.camel.bookstore.model.Team;
+import com.redhat.training.camel.bookstore.model.User;
+
+public class TeamAggregator implements AggregationStrategy {
+
+    @Override
+    public Exchange aggregate(Exchange oldExchange, Exchange newExchange) {
+        Team t;
+        if (oldExchange == null) {
+            t = new Team();
+            t.setName(newExchange.getMessage().getBody(User.class).getDepartment());
+        } else {
+            t = oldExchange.getMessage().getBody(Team.class);
+        }
+
+        t.addUser(newExchange.getMessage().getBody(User.class));
+
+        newExchange.getMessage().setBody(t);
+
+        return newExchange;
+    }
+
+}

src/main/java/com/redhat/training/camel/bookstore/model/Book.java

@@ -0,0 +1,59 @@
+package com.redhat.training.camel.bookstore.model;
+
+import java.io.Serializable;
+
+import jakarta.xml.bind.annotation.XmlAccessType;
+import jakarta.xml.bind.annotation.XmlAccessorType;
+import jakarta.xml.bind.annotation.XmlAttribute;
+import jakarta.xml.bind.annotation.XmlElement;
+import jakarta.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class Book implements Serializable {
+    @XmlAttribute
+    private String category;
+    @XmlElement
+    private String title;
+    @XmlElement
+    private String author;
+    @XmlElement
+    private int year;
+    @XmlElement
+    private double price;
+    public String getCategory() {
+        return category;
+    }
+    public void setCategory(String category) {
+        this.category = category;
+    }
+    public String getTitle() {
+        return title;
+    }
+    public void setTitle(String title) {
+        this.title = title;
+    }
+    public String getAuthor() {
+        return author;
+    }
+    public void setAuthor(String author) {
+        this.author = author;
+    }
+    public int getYear() {
+        return year;
+    }
+    public void setYear(int year) {
+        this.year = year;
+    }
+    public double getPrice() {
+        return price;
+    }
+    public void setPrice(double price) {
+        this.price = price;
+    }
+    public String toString() {
+        return "Book[title=" + this.getTitle() + "," +
+                    "author=" + this.getAuthor() + "," +
+                    "year=" + this.getYear() + "]";
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/model/FulfillmentOrder.java

@@ -0,0 +1,31 @@
+package com.redhat.training.camel.bookstore.model;
+
+import java.util.Date;
+
+public class FulfillmentOrder {
+    private User user;
+    private Book book;
+    private Date orderPlacedDate;
+    public User getUser() {
+        return user;
+    }
+    public void setUser(User user) {
+        this.user = user;
+    }
+    public Book getBook() {
+        return book;
+    }
+    public void setBook(Book book) {
+        this.book = book;
+    }
+    public Date getOrderPlacedDate() {
+        return orderPlacedDate;
+    }
+    public void setOrderPlacedDate(Date orderPlacedDate) {
+        this.orderPlacedDate = orderPlacedDate;
+    }
+
+    public String toString() {
+        return "FulfillmentOrder:[[" + this.user.toString() + "][" + this.book.toString() + "]]";
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/model/Order.java

@@ -0,0 +1,26 @@
+package com.redhat.training.camel.bookstore.model;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class Order {
+    private String book;
+
+    @JsonProperty("user")
+    private int userid;
+
+    public String getBook() {
+        return book;
+    }
+    public void setBook(String book) {
+        this.book = book;
+    }
+    public int getUserid() {
+        return userid;
+    }
+    public void setUserid(int userid) {
+        this.userid = userid;
+    }
+    public String toString() {
+        return "[Book: " + book + ", userid: " + userid + "]";
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/model/Team.java

@@ -0,0 +1,42 @@
+package com.redhat.training.camel.bookstore.model;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class Team {
+    private String name;
+    private List<User> members;
+
+    public Team() {
+        members = new ArrayList<>();
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public void addUser(User u) {
+        if (members.contains(u)) {
+            throw new IllegalStateException("User already a member.");
+        }
+        members.add(u);
+    }
+    public List<User> getMembers() {
+        return members;
+    }
+    public String toString() {
+        String rv = "[" + this.name + "[";
+        for (User u : members) {
+            if (!rv.equals("[")) {
+                rv += ",";
+            }
+            rv += u.getFirstName() + " " + u.getLastName();
+        }
+        rv += "]]";
+        return rv;
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/model/User.java

@@ -0,0 +1,70 @@
+package com.redhat.training.camel.bookstore.model;
+
+import org.apache.camel.dataformat.bindy.annotation.CsvRecord;
+import org.apache.camel.dataformat.bindy.annotation.DataField;
+
+// skipFirstLine must only be used when reading the entire file
+@CsvRecord(separator = ";") // , skipFirstLine = true)
+public class User {
+    @DataField(pos = 1)
+    private int id;
+    @DataField(pos = 2)
+    private String accessCode;
+    @DataField(pos = 3)
+    private String recoveryCode;
+    @DataField(pos = 4)
+    private String firstName;
+    @DataField(pos = 5)
+    private String lastName;
+    @DataField(pos = 6)
+    private String department;
+    @DataField(pos = 7)
+    private String location;
+
+    public int getId() {
+        return id;
+    }
+    public void setId(int id) {
+        this.id = id;
+    }
+    public String getAccessCode() {
+        return accessCode;
+    }
+    public void setAccessCode(String accessCode) {
+        this.accessCode = accessCode;
+    }
+    public String getRecoveryCode() {
+        return recoveryCode;
+    }
+    public void setRecoveryCode(String recoveryCode) {
+        this.recoveryCode = recoveryCode;
+    }
+    public String getFirstName() {
+        return firstName;
+    }
+    public void setFirstName(String firstName) {
+        this.firstName = firstName;
+    }
+    public String getLastName() {
+        return lastName;
+    }
+    public void setLastName(String lastName) {
+        this.lastName = lastName;
+    }
+    public String getDepartment() {
+        return department;
+    }
+    public void setDepartment(String department) {
+        this.department = department;
+    }
+    public String getLocation() {
+        return location;
+    }
+    public void setLocation(String location) {
+        this.location = location;
+    }
+
+    public String toString() {
+        return "[User: id=" + id + ", name=" + firstName + " " + lastName + "]";
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/BookNotFoundException.java

@@ -0,0 +1,7 @@
+package com.redhat.training.camel.bookstore.registry;
+
+public class BookNotFoundException extends RuntimeException {
+    public BookNotFoundException(String message) {
+        super(message);
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/BookRegistry.java

@@ -0,0 +1,25 @@
+package com.redhat.training.camel.bookstore.registry;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.redhat.training.camel.bookstore.model.Book;
+
+public class BookRegistry extends Registry<String, Book> {
+    private final Logger LOG = LoggerFactory.getLogger(BookRegistry.class.getName());
+
+    @Override
+    public Book get(String key) {
+        if (!this.has(key)) {
+            throw new BookNotFoundException("Book not in registry: " + key);
+        }
+        LOG.info("Returning book: " + key);
+        return this.registry.get(key);
+    }
+
+    @Override
+    public void simpleAdd(Book b) {
+        LOG.info("Adding book: " + b);
+        this.add(b.getTitle(), b);
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/Registry.java

@@ -0,0 +1,40 @@
+package com.redhat.training.camel.bookstore.registry;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public abstract class Registry<K,V> {
+    private final Logger LOG = LoggerFactory.getLogger(Registry.class.getName());
+
+    protected Map<K,V> registry = new HashMap<>();
+
+    public Collection<V> getItems() {
+        return registry.values();
+    }
+
+    // throw VNotFoundException or return V
+    public abstract V get(K key);
+
+    // extract key from V and use add(K, V)
+    public abstract void simpleAdd(V val);
+
+    public void add(K key, V item) {
+        LOG.info("Adding " + item.getClass().getSimpleName() + " to registry.");
+        if (this.has(key)) {
+            throw new IllegalArgumentException("Key already exists in registry: " + key.toString());
+        }
+        registry.put(key, item);
+    }
+
+    public void remove(K key) {
+        registry.remove(key);
+    }
+
+    public boolean has(K key) {
+        return registry.containsKey(key);
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/RegistryService.java

@@ -0,0 +1,29 @@
+package com.redhat.training.camel.bookstore.registry;
+
+import org.springframework.beans.factory.config.ConfigurableBeanFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Component;
+
+@Component
+public class RegistryService {
+    UserRegistry ureg;
+    BookRegistry breg;
+
+    public RegistryService() {
+        this.ureg = new UserRegistry();
+        this.breg = new BookRegistry();
+    }
+
+    @Bean(name = "userCatalog")
+    @Scope(value = ConfigurableBeanFactory.SCOPE_SINGLETON)
+    public UserRegistry getUserRegistry() {
+        return this.ureg;
+    }
+
+    @Bean(name = "bookCatalog")
+    @Scope(value = ConfigurableBeanFactory.SCOPE_SINGLETON)
+    public BookRegistry getBookRegistry() {
+        return this.breg;
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/UserNotFoundException.java

@@ -0,0 +1,7 @@
+package com.redhat.training.camel.bookstore.registry;
+
+public class UserNotFoundException extends RuntimeException {
+    public UserNotFoundException(String message) {
+        super(message);
+    }
+}

src/main/java/com/redhat/training/camel/bookstore/registry/UserRegistry.java

@@ -0,0 +1,27 @@
+package com.redhat.training.camel.bookstore.registry;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import com.redhat.training.camel.bookstore.model.User;
+
+@Component
+public class UserRegistry extends Registry<Integer, User> {
+    private final Logger LOG = LoggerFactory.getLogger(UserRegistry.class.getName());
+
+    @Override
+    public User get(Integer key) {
+        if (!this.has(key)) {
+            throw new UserNotFoundException("User not in registry: " + key);
+        }
+        LOG.info("Returning user: " + key);
+        return this.registry.get(key);
+    }
+
+    @Override
+    public void simpleAdd(User u) {
+        LOG.info("Adding user: " + u);
+        this.add(u.getId(), u);
+    }
+}

src/main/java/com/redhat/training/camel/database/DatabaseRoutes.java

@@ -0,0 +1,53 @@
+package com.redhat.training.camel.database;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.support.processor.idempotent.MemoryIdempotentRepository;
+import org.springframework.stereotype.Component;
+
+import com.redhat.training.camel.database.RandomBean.RandomException;
+
+@Component
+public class DatabaseRoutes extends RouteBuilder {
+
+    @Override
+    public void configure() throws Exception {
+        from("timer:singleRead?repeatCount=1")
+            .routeId("jdbc-component")
+            .setHeader("stuffid", constant(1))
+            .setBody().simple("SELECT * FROM randomstuff WHERE id = ${header.stuffid}")
+            .to("jdbc:mydb")
+            .to("log:jdbcComponent?showAll=true");
+
+        from("sql:SELECT * FROM randomstuff?dataSource=#mydb&repeatCount=1")
+            .routeId("sql-component-no-params")
+            .to("log:sqlComponentNoParam?showAll=true");
+
+        from("timer:singleRead?repeatCount=1")
+            .routeId("sql-component-with-param")
+            .setHeader("stuffid", constant(3))
+            .to("sql:SELECT * FROM randomstuff WHERE id = :#stuffid?dataSource=#mydb&repeatCount=1")
+            .to("log:sqlComponentParam?showAll=true");
+
+        from("jpa:com.redhat.training.camel.database.Item?persistenceUnit=jpaRoute&consumeDelete=false")
+            .idempotentConsumer(simple("${body.id}"),
+                                MemoryIdempotentRepository.memoryIdempotentRepository(1000))
+            .routeId("jpa-component-consumer")
+            .to("log:jpaComponentConsumer?showAll=true");
+
+        onException(RandomException.class)
+            .to("log:randomExceptionHandler?showAll=true")
+            .handled(true)
+            .markRollbackOnly();
+
+        from("timer:jpaStore?repeatCount=1")
+            .routeId("jpa-component-producer")
+            .transacted("myRequiresNewPolicy")
+            .setBody().constant(new Item("ladder"))
+            .to("log:jpaComponentProducerPre?showAll=true")
+            .to("jpa:com.redhat.training.database.Item?persistenceUnit=jpaRoute")
+            .to("log:jpaComponentProducerPost?showAll=true")
+            .bean(RandomBean.class)
+            .to("log:jpaAfterBean?showAll=true");
+    }
+
+}

src/main/java/com/redhat/training/camel/database/Item.java

@@ -0,0 +1,52 @@
+package com.redhat.training.camel.database;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.SequenceGenerator;
+import jakarta.persistence.Table;
+
+@Entity
+@Table(name = "randomstuff")
+public class Item {
+    @Id
+    @GeneratedValue(strategy = GenerationType.SEQUENCE,
+                    generator = "randomstuff_id_seq")
+    @SequenceGenerator(name = "randomstuff_id_seq",
+                    sequenceName = "randomstuff_id_seq",
+                    allocationSize = 1)
+    private int id;
+
+    @Column(name = "item")
+    private String name;
+
+    public Item() {
+        // NOP
+    }
+
+    public Item(String name) {
+        this.setName(name);
+    }
+
+    public int getId() {
+        return id;
+    }
+
+    public void setId(int id) {
+        this.id = id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String toString() {
+        return "Item:[id=" + id + ",name=" + name + "]";
+    }
+}

src/main/java/com/redhat/training/camel/database/JpaRoutePersistenceUnit.java

@@ -0,0 +1,122 @@
+package com.redhat.training.camel.database;
+
+import java.net.URL;
+import java.util.List;
+import java.util.Properties;
+
+import javax.sql.DataSource;
+
+import org.postgresql.ds.PGSimpleDataSource;
+import org.springframework.stereotype.Component;
+
+import jakarta.persistence.SharedCacheMode;
+import jakarta.persistence.ValidationMode;
+import jakarta.persistence.spi.ClassTransformer;
+import jakarta.persistence.spi.PersistenceUnitInfo;
+import jakarta.persistence.spi.PersistenceUnitTransactionType;
+
+@Component
+public class JpaRoutePersistenceUnit implements PersistenceUnitInfo {
+    @Override
+    public String getPersistenceUnitName() {
+        return "jpaRoute";
+    }
+
+    @Override
+    public String getPersistenceProviderClassName() {
+        return org.hibernate.jpa.HibernatePersistenceProvider.class.getName();
+    }
+
+    @Override
+    public PersistenceUnitTransactionType getTransactionType() {
+        return PersistenceUnitTransactionType.RESOURCE_LOCAL;
+    }
+
+    @Override
+    public DataSource getJtaDataSource() {
+        PGSimpleDataSource ds = new PGSimpleDataSource();
+        ds.setURL("jdbc:postgresql://localhost:5432/items");
+        ds.setUser("developer");
+        ds.setPassword("developer");
+        return ds;
+    }
+
+    @Override
+    public DataSource getNonJtaDataSource() {
+        PGSimpleDataSource ds = new PGSimpleDataSource();
+        ds.setURL("jdbc:postgresql://localhost:5432/items");
+        ds.setUser("developer");
+        ds.setPassword("developer");
+        return ds;
+    }
+
+    @Override
+    public List<String> getMappingFileNames() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getMappingFileNames'");
+    }
+
+    @Override
+    public List<URL> getJarFileUrls() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getJarFileUrls'");
+    }
+
+    @Override
+    public URL getPersistenceUnitRootUrl() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getPersistenceUnitRootUrl'");
+    }
+
+    @Override
+    public List<String> getManagedClassNames() {
+        return List.of(com.redhat.training.camel.database.Item.class.getName());
+    }
+
+    @Override
+    public boolean excludeUnlistedClasses() {
+        return false;
+    }
+
+    @Override
+    public SharedCacheMode getSharedCacheMode() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getSharedCacheMode'");
+    }
+
+    @Override
+    public ValidationMode getValidationMode() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getValidationMode'");
+    }
+
+    @Override
+    public Properties getProperties() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getProperties'");
+    }
+
+    @Override
+    public String getPersistenceXMLSchemaVersion() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getPersistenceXMLSchemaVersion'");
+    }
+
+    @Override
+    public ClassLoader getClassLoader() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getClassLoader'");
+    }
+
+    @Override
+    public void addTransformer(ClassTransformer transformer) {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'addTransformer'");
+    }
+
+    @Override
+    public ClassLoader getNewTempClassLoader() {
+        // TODO Auto-generated method stub
+        throw new UnsupportedOperationException("Unimplemented method 'getNewTempClassLoader'");
+    }
+}

src/main/java/com/redhat/training/camel/database/MyDbDataSource.java

@@ -0,0 +1,19 @@
+package com.redhat.training.camel.database;
+
+import javax.sql.DataSource;
+
+import org.postgresql.ds.PGSimpleDataSource;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class MyDbDataSource {
+    @Bean(name = "mydb")
+    public DataSource getDataSource() {
+        PGSimpleDataSource ds = new PGSimpleDataSource();
+        ds.setURL("jdbc:postgresql://localhost:5432/items");
+        ds.setUser("developer");
+        ds.setPassword("developer");
+        return ds;
+    }
+}

src/main/java/com/redhat/training/camel/database/MyXaPropagationPolicy.java

@@ -0,0 +1,17 @@
+package com.redhat.training.camel.database;
+
+import org.apache.camel.spring.spi.SpringTransactionPolicy;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.transaction.PlatformTransactionManager;
+
+@Configuration
+public class MyXaPropagationPolicy {
+    @Bean(name = "myRequiresNewPolicy")
+    public SpringTransactionPolicy requiresNew(PlatformTransactionManager ptm) {
+        SpringTransactionPolicy stp = new SpringTransactionPolicy();
+        stp.setTransactionManager(ptm);
+        stp.setPropagationBehaviorName("PROPAGATION_REQUIRES_NEW");
+        return stp;
+    }
+}

src/main/java/com/redhat/training/camel/database/RandomBean.java

@@ -0,0 +1,12 @@
+package com.redhat.training.camel.database;
+
+import org.apache.camel.Exchange;
+
+public class RandomBean {
+    public void doRandomStuff(Exchange e) throws RandomException {
+        throw new RandomException();
+    }
+
+    class RandomException extends Exception {
+    }
+}

src/main/java/com/redhat/training/camel/database/XaMgr.java

@@ -0,0 +1,21 @@
+package com.redhat.training.camel.database;
+
+import javax.sql.DataSource;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.jdbc.datasource.DataSourceTransactionManager;
+import org.springframework.transaction.PlatformTransactionManager;
+
+@Configuration
+public class XaMgr {
+    @Bean
+    public PlatformTransactionManager getXaMgr(DataSource ds) {
+        return new DataSourceTransactionManager(ds);
+    }
+
+    // public PlatformTransactionManager getGlobalXaMgr(Object... objs) {
+        // configure jta mgr with the implementation instance
+        // return new JtaTransactionManager(impl);
+    // }
+}

src/main/java/com/redhat/training/camel/health/AppHealthIndicator.java

@@ -0,0 +1,23 @@
+package com.redhat.training.camel.health;
+
+import org.apache.camel.CamelContext;
+import org.apache.camel.Route;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.actuate.health.Health;
+import org.springframework.boot.actuate.health.HealthIndicator;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AppHealthIndicator implements HealthIndicator {
+    @Autowired
+    private CamelContext ctx;
+
+    @Override
+    public Health health() {
+        Route myRoute = ctx.getRoute("restClient");
+        if (myRoute != null && myRoute.isAutoStartup()) {
+            return Health.up().build();
+        }
+        return Health.down().withDetail("Route missing", ctx.getStatus().toString()).build();
+    }
+}

src/main/java/com/redhat/training/camel/intro/CamelHello.java

@@ -0,0 +1,56 @@
+package com.redhat.training.camel.intro;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CamelHello extends RouteBuilder {
+    @Override
+    public void configure() throws Exception {
+        // read all files from the incoming directory except .html (regex: .*\.html)
+        from("file:data/incoming/?noop=true&exclude=.*\\.html")
+            // turn on tracing (don't forget to run with logging.level.root=TRACE)
+            .tracing("true")
+            // set a meaningful route ID
+            .routeId("FileReader")
+            // CamelFileName is the message header that reflects current file being read
+            .log("Processing file ${header.CamelFileName}...")
+            // append .txt to file name using a processor
+            .process(new FileNameProcessor())
+            // append .txt to file name using a bean (first would throw AmbiguousMethodCallException)
+            // .bean(ChangeFileName.class)
+            .bean(ChangeFileName.class, "changeFileName")
+            // this will set two headers: format and size, invoking the DetectFileType bean twice
+            .routingSlip(constant("bean:DetectFileType?method=getFileFormat,bean:DetectFileType?method=getFileSize"))
+            // use the above headers to select destination directory
+            .toD("file:data/out/${header.size}/${header.format}");
+
+            // you can also invoke routingSlip from message headers - statically (next line) or dynamically (line after that)
+            // .setHeader("processorList").constant("bean:MyContentInspector,log:foo?showAll=true,jms:topic:xyz")
+            // .setHeader("processorList").method(ContentInspectorDecisionMaker.class)
+            // .routingSlip(header("processorList"))
+
+            // dynamicRouter is recursive invocation of a bean method or processor until it returns null
+            // .dynamicRouter(method(RecursiveDestinationComposer.class, "figureOutNextProcessor"))
+
+            // toD is a dynamic processor/producer instantiation mechanism
+            // .bean(NextStepCalculater.class)
+            // .toD("${header.nextStep}")
+
+            // CBR example: send files to data/out/${class}, where class is one of small, medium, large, xlarge
+            // .choice()
+            //     .when(simple("${header.CamelFileLength} < 10000"))
+            //         .to("file:data/out/small/")
+            //     .when(simple("${header.CamelFileLength} >= 10000 && ${header.CamelFileLength} < 50000"))
+            //         .to("file:data/out/medium/")
+            //     .when(simple("${header.CamelFileLength} >= 50000 && ${header.CamelFileLength} < 100000"))
+            //         .to("file:data/out/large/")
+            //     .otherwise()
+            //         .to("file:data/out/xlarge/")
+            // .end()
+            // .to("log:afterChoice");
+
+        // if necessary, you can stop a route via a route controller
+        // getContext().getRouteController().stopRoute("FileReader");
+    }
+}

src/main/java/com/redhat/training/camel/intro/ChangeFileName.java

@@ -0,0 +1,30 @@
+package com.redhat.training.camel.intro;
+
+import org.apache.camel.Message;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class ChangeFileName {
+    private final Logger LOG = LoggerFactory.getLogger(ChangeFileName.class);
+
+    public void changeFileName(Message in) {
+        LOG.info("Checking file name...");
+
+        String existingName = in.getHeader("CamelFileName", String.class);
+        if (existingName.endsWith(".txt")) {
+            LOG.info("File name already correct.");
+            return;
+        }
+        if (existingName.indexOf(".") != -1) {
+            LOG.info("File name already has suffix.");
+            return;
+        }
+
+        LOG.info("Adding suffix...");
+        in.setHeader("CamelFileName", existingName + ".txt");
+    }
+
+    public void logFileSize(Message in) {
+        LOG.info("File has " + in.getBody().toString().length() + " characters.");
+    }
+}

src/main/java/com/redhat/training/camel/intro/DetectFileType.java

@@ -0,0 +1,49 @@
+package com.redhat.training.camel.intro;
+
+import org.apache.camel.Message;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+@Component("DetectFileType")
+public class DetectFileType {
+    private final Logger LOG = LoggerFactory.getLogger(DetectFileType.class);
+
+    // set the "size" message header containing one of "small", "medium", "large", or "xlarge"
+    public void getFileSize(Message m) {
+        LOG.info("Classifying file by size...");
+        int fs = m.getHeader("CamelFileLength", Integer.class).intValue();
+        if (fs < 10000) {
+            LOG.info("Size is small.");
+            m.setHeader("size", "small");
+        } else if (fs >= 10000 && fs < 50000) {
+            LOG.info("Size is medium.");
+            m.setHeader("size", "medium");
+        } else if (fs >= 50000 && fs < 100000) {
+            LOG.info("Size is large.");
+            m.setHeader("size", "large");
+        } else if (fs >= 100000) {
+            LOG.info("Size is xlarge.");
+            m.setHeader("size", "xlarge");
+        }
+    }
+
+    // set the "format" message header containing one of "html", "pdf", "txt", or "unknown"
+    public void getFileFormat(Message m) {
+        LOG.info("Classifying file by type...");
+        String fn = m.getHeader("CamelFileName", String.class);
+        if (fn.endsWith(".html")) {
+            LOG.info("Format is html.");
+            m.setHeader("format", "html");
+        } else if (fn.endsWith(".pdf")) {
+            LOG.info("Format is pdf.");
+            m.setHeader("format", "pdf");
+        } else if (fn.endsWith(".txt")) {
+            LOG.info("Format is txt.");
+            m.setHeader("format", "txt");
+        } else {
+            LOG.info("Format is unknown.");
+            m.setHeader("format", "unknown");
+        }
+    }
+}

src/main/java/com/redhat/training/camel/intro/FileNameProcessor.java

@@ -0,0 +1,33 @@
+package com.redhat.training.camel.intro;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FileNameProcessor implements Processor {
+    private final Logger LOG = LoggerFactory.getLogger(FileNameProcessor.class.getName());
+
+    @Override
+    public void process(Exchange exchange) throws Exception {
+        String currentFileName = (String)exchange.getIn().getHeader("CamelFileName");
+
+        if (currentFileName.endsWith(".txt")) {
+            LOG.info("File name suffix already correct.");
+            return;
+        }
+
+        if (currentFileName.indexOf(".") != -1) {
+            LOG.info("File name already has suffix.");
+            return;
+        }
+
+        // quick-and-dirty way
+        // exchange.getIn().setHeader("CamelFileName", currentFileName + ".txt");
+
+        // take the "in" message and put it into the out part of the exchange
+        exchange.setMessage(exchange.getIn().copy());
+        exchange.getMessage().setHeader("CamelFileName", currentFileName + ".txt");
+    }
+
+}

src/main/java/com/redhat/training/camel/jms/AmqpComponentConfig.java

@@ -0,0 +1,13 @@
+package com.redhat.training.camel.jms;
+
+import org.apache.camel.component.amqp.AMQPComponent;
+import org.springframework.context.annotation.Bean;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AmqpComponentConfig {
+    @Bean
+    public AMQPComponent amqpComponent() {
+        return AMQPComponent.amqpComponent("amqp://localhost:61616", "admin", "admin");
+    }
+}

src/main/java/com/redhat/training/camel/jms/JmsComponentConfig.java

@@ -0,0 +1,24 @@
+package com.redhat.training.camel.jms;
+
+import org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory;
+import org.apache.camel.component.jms.JmsComponent;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import jakarta.jms.JMSException;
+
+@Configuration
+public class JmsComponentConfig {
+    @Bean(name = "brokerA")
+    public JmsComponent jmsComponent() throws JMSException {
+        ActiveMQConnectionFactory cf = new ActiveMQConnectionFactory();
+        cf.setBrokerURL("tcp://localhost:61616");
+        cf.setUser("admin");
+        cf.setPassword("admin");
+
+        JmsComponent jc = new JmsComponent();
+        jc.setConnectionFactory(cf);
+
+        return jc;
+    }
+}

src/main/java/com/redhat/training/camel/jms/JmsExample.java

@@ -0,0 +1,22 @@
+package com.redhat.training.camel.jms;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.springframework.stereotype.Component;
+
+@Component
+public class JmsExample extends RouteBuilder {
+
+    @Override
+    public void configure() throws Exception {
+        from("timer:jmsSender?period=1000")
+            .routeId("jmsProducer")
+            .setBody().constant("Hello, world!")
+            .to("log:jmsProducer?showAll=true")
+            .to("brokerA:queue:HelloQueue");
+
+        from("amqp:queue:HelloQueue")
+            .routeId("amqpConsumer")
+            .to("log:amqpConsumer?showAll=true");
+    }
+
+}

src/main/java/com/redhat/training/camel/kafka/KafkaExample.java

@@ -0,0 +1,32 @@
+package com.redhat.training.camel.kafka;
+
+import java.util.Random;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.kafka.KafkaConstants;
+import org.springframework.context.annotation.Bean;
+import org.springframework.stereotype.Component;
+
+@Component
+public class KafkaExample extends RouteBuilder {
+    private Random rng = new Random();
+
+    @Bean(name = "rng")
+    public Random getRng() {
+        return this.rng;
+    }
+
+    @Override
+    public void configure() throws Exception {
+        from("timer:kafkaMessage?period=1000")
+            .routeId("kafkaProducer")
+            .setHeader(KafkaConstants.KEY).method("rng", "nextInt(100)")
+            .setBody().constant("Hello, Kafka!")
+            .to("log:kafkaProducer?showAll=true")
+            .to("kafka:hello-topic?brokers=localhost:9092");
+
+        from("kafka:hello-topic?brokers=localhost:9092&groupId=camelConsumer&autoOffsetReset=earliest")
+            .routeId("kafkaConsumer")
+            .to("log:kafkaConsumer?showAll=true");
+    }
+}

src/main/java/com/redhat/training/camel/rest/HelloService.java

@@ -0,0 +1,59 @@
+package com.redhat.training.camel.rest;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.builder.ThreadPoolProfileBuilder;
+import org.apache.camel.component.jackson.JacksonDataFormat;
+import org.apache.camel.spi.ThreadPoolProfile;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+@Component
+public class HelloService extends RouteBuilder {
+    @Override
+    public void configure() throws Exception {
+        // Reset Camel's default thread pool profile.
+        // N.B.: need to use the inherited getContext() as injection will not have happened here yet
+        ThreadPoolProfile tpp = getContext().getExecutorServiceManager().getDefaultThreadPoolProfile();
+        tpp.setPoolSize(10);
+        tpp.setMaxPoolSize(100);
+        tpp.setMaxQueueSize(50);
+
+        // Use a custom thread pool profile.
+        // N.B.: need to use the inherited getContext() as injection will not have happened here yet
+        ThreadPoolProfileBuilder tppb = new ThreadPoolProfileBuilder("restPool");
+        ThreadPoolProfile restTpp = tppb.poolSize(5)
+                                        .maxPoolSize(100)
+                                        .maxQueueSize(50)
+                                        .build();
+        getContext().getExecutorServiceManager().registerThreadPoolProfile(restTpp);
+
+        restConfiguration()
+            .component("servlet")
+            .componentProperty("executorRef", "restPool")
+            .port(8080);
+
+        rest("/hello")
+            .get()
+                .to("direct:sayHello")
+            .get("/{name}")
+                .to("direct:sayHello")
+            .post("/new")
+                .consumes(MediaType.APPLICATION_JSON_VALUE)
+                .produces(MediaType.TEXT_PLAIN_VALUE)
+                .to("direct:getHello");
+
+        from("rest:get:/goodbye:/{name}")
+            .transform().simple("Goodbye, ${header.name}");
+
+        from("direct:sayHello")
+            // .threads(1, 100) <-- makes no sense here, rest component decides parallelism
+            .to("log:sayHello?showAll=true")
+            .setBody().constant("Hello, world!");
+
+        from("direct:getHello")
+            .unmarshal(new JacksonDataFormat(Person.class))
+            .to("log:getHello?showAll=true")
+            .setBody().simple("Hello, ${body.name}!");
+    }
+
+}

src/main/java/com/redhat/training/camel/rest/HttpClient.java

@@ -0,0 +1,18 @@
+package com.redhat.training.camel.rest;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.http.HttpConstants;
+import org.springframework.stereotype.Component;
+
+@Component
+public class HttpClient extends RouteBuilder {
+
+    @Override
+    public void configure() throws Exception {
+        from("timer:httpClient?repeatCount=1")
+            .setHeader(HttpConstants.HTTP_QUERY, constant("q=hello+world"))
+            .to("https://www.google.com/search?httpMethod=GET")
+            .to("log:httpClient?showAll=true");
+    }
+
+}

src/main/java/com/redhat/training/camel/rest/Person.java

@@ -0,0 +1,15 @@
+package com.redhat.training.camel.rest;
+
+public class Person {
+    private String name;
+
+    public String getName() {
+        return name;
+    }
+    public void setName(String name) {
+        this.name = name;
+    }
+    public String toString() {
+        return "Person[" + name + "]";
+    }
+}

src/main/java/com/redhat/training/camel/rest/ReqContext.java

@@ -0,0 +1,59 @@
+package com.redhat.training.camel.rest;
+
+import java.util.Map;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class ReqContext {
+    private String rdfs;
+    private String onki;
+    private Map<String, String> title;
+    private String vocabularies;
+    private String id;
+    private String uri;
+    @JsonProperty("@base")
+    private String base;
+    public String getRdfs() {
+        return rdfs;
+    }
+    public void setRdfs(String rdfs) {
+        this.rdfs = rdfs;
+    }
+    public String getOnki() {
+        return onki;
+    }
+    public void setOnki(String onki) {
+        this.onki = onki;
+    }
+    public Map<String, String> getTitle() {
+        return title;
+    }
+    public void setTitle(Map<String, String> title) {
+        this.title = title;
+    }
+    public String getVocabularies() {
+        return vocabularies;
+    }
+    public void setVocabularies(String vocabularies) {
+        this.vocabularies = vocabularies;
+    }
+    public String getId() {
+        return id;
+    }
+    public void setId(String id) {
+        this.id = id;
+    }
+    public String getUri() {
+        return uri;
+    }
+    public void setUri(String uri) {
+        this.uri = uri;
+    }
+    public String getBase() {
+        return base;
+    }
+    public void setBase(String base) {
+        this.base = base;
+    }
+    
+}

src/main/java/com/redhat/training/camel/rest/RestClient.java

@@ -0,0 +1,44 @@
+package com.redhat.training.camel.rest;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.http.HttpConstants;
+import org.apache.camel.http.base.HttpOperationFailedException;
+import org.springframework.stereotype.Component;
+
+@Component
+public class RestClient extends RouteBuilder {
+
+    @Override
+    public void configure() throws Exception {
+        restConfiguration().host("https://api.finto.fi:443/rest/v1")
+                            .producerComponent("http");
+
+        // Handle response codes > 299
+        onException(HttpOperationFailedException.class)
+            .to("direct:errorChecker")
+            .handled(true);
+        from("direct:errorChecker")
+            .choice()
+                .when(simple("${header.CamelHttpResponseCode} != 302"))
+                    .throwException(new IllegalStateException("Wrong response code."))
+            .end();                    
+
+        from("timer:restClient?repeatCount=1")
+            .setBody().constant("en")
+            .setHeader(HttpConstants.HTTP_QUERY, simple("lang=${body}"))
+            .enrich("rest:get:/vocabularies?outType=com.redhat.training.camel.rest.VocabularyList&bindingMode=json",
+            (o, n) -> {
+                String lang = o.getMessage().getBody(String.class);
+                for (Vocabulary v : n.getMessage().getBody(VocabularyList.class).getVocabularies()) {
+                    v.setLanguage(lang);
+                }
+                return n;
+            })
+            .process((e) -> {
+                VocabularyList vl = e.getMessage().getBody(VocabularyList.class);
+                e.getMessage().setBody(vl.getVocabularies());
+            })
+            .split().body()
+            .to("log:restClient?showAll=true");
+    }
+}

src/main/java/com/redhat/training/camel/rest/Vocabulary.java

@@ -0,0 +1,35 @@
+package com.redhat.training.camel.rest;
+
+public class Vocabulary {
+    private String id;
+    private String uri;
+    private String title;
+    private String language;
+    public String getId() {
+        return id;
+    }
+    public void setId(String id) {
+        this.id = id;
+    }
+    public String getUri() {
+        return uri;
+    }
+    public void setUri(String uri) {
+        this.uri = uri;
+    }
+    public String getTitle() {
+        return title;
+    }
+    public void setTitle(String title) {
+        this.title = title;
+    }
+    public String getLanguage() {
+        return language;
+    }
+    public void setLanguage(String language) {
+        this.language = language;
+    }
+    public String toString() {
+        return "Vocabulary[id=" + id + ",uri=" + uri + ",lang=" + language + ",title=" + title + "]";
+    }
+}

src/main/java/com/redhat/training/camel/rest/VocabularyList.java

@@ -0,0 +1,31 @@
+package com.redhat.training.camel.rest;
+
+import java.util.List;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class VocabularyList {
+    @JsonProperty("@context")
+    private ReqContext context;
+    private String uri;
+    private List<Vocabulary> vocabularies;
+    public ReqContext getContext() {
+        return context;
+    }
+    public void setContext(ReqContext context) {
+        this.context = context;
+    }
+    public String getUri() {
+        return uri;
+    }
+    public void setUri(String uri) {
+        this.uri = uri;
+    }
+    public List<Vocabulary> getVocabularies() {
+        return vocabularies;
+    }
+    public void setVocabularies(List<Vocabulary> vocabularies) {
+        this.vocabularies = vocabularies;
+    }
+    
+}

src/main/jkube/deployment.yml

@@ -0,0 +1,27 @@
+spec:
+  template:
+    spec:
+      containers:
+        - resources:
+            requests:
+              memory: 128Mi
+            limits:
+              memory: 2Gi
+          readinessProbe:
+            httpGet:
+              path: /actuator/health/readiness
+              port: 8080
+              scheme: HTTP
+            timeoutSeconds: 5
+            initialDelaySeconds: 10
+            periodSeconds: 5
+            successThreshold: 3
+          livenessProbe:
+            httpGet:
+              path: /actuator/health/liveness
+              port: 8080
+              scheme: HTTP
+            timeoutSeconds: 5
+            initialDelaySeconds: 30
+            periodSeconds: 15
+            failureThreshold: 2

src/main/resources/META-INF/services/org/apache/camel/TypeConverter

@@ -0,0 +1 @@
+com.redhat.training.camel.bookstore.PlainToFulfillmentOrderConverter

src/main/resources/application.properties

@@ -0,0 +1,27 @@
+# default log level is INFO, but override here if necessary
+logging.level.root = INFO
+
+# debugging the Camel servlet component
+# logging.level.org.apache.camel.component.servlet = TRACE
+
+# needed without spring-boot-starter-web to prevent immediate shutdown
+camel.springboot.main-run-controller = true
+
+# do not load any routes by default - CamelContextConfig takes care of this
+camel.springboot.java-routes-exclude-pattern = **
+camel.springboot.routes-exclude-pattern = **
+
+# enables the Camel 2.x type converter loading mechanism
+# also requires src/main/resources/META-INF/services/org/apache/camel/TypeConverter
+camel.springboot.load-type-converters = true
+
+# Spring Boot Actuator configuration, including custom AppHealthIndicator
+management.endpoint.health.show-details = always
+management.health.probes.enabled = true
+management.endpoint.health.group.readiness.include=app
+
+# Property {{placeholders}} can refer to these in endpoints and other places:
+# hello.message = Hello, world!
+# hello.timer.name = helloTrigger
+# users.file = users.csv
+# books.file = books.xml

src/main/resources/com/redhat/training/camel/bookstore/model/jaxb.index

@@ -0,0 +1 @@
+Book