diff --git a/postfix/HISTORY b/postfix/HISTORY index 246e2a462..5856ca152 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -12638,6 +12638,18 @@ Apologies for any names omitted. calls into NO-OPs. This avoids unnecessary panic() events for completely harmless conditions. File: milter/milter8.c. +20060805 + + Bugfix: #ifdef damage caused smtp_sasl_start() to be invoked + twice. Reported by C-J Lofstedt. File: smtp/smtp_sasl_proto.c. + +20060806 + + Postfix no longer announces its name in delivery status + notifications. Users believe that Wietse provides a free + helpdesk service that solves all their email problems. + Credits to Jonathan Balester. File: bounce/bounce_templates.c. + Wish list: The type of var_message_limit should be changed from int diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 4fd0e0b11..e90aeb5e3 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -17,3 +17,9 @@ Incompatibility with Postfix 2.2 and earlier If you upgrade from Postfix 2.2 or earlier, read RELEASE_NOTES-2.3 before proceeding. +Incompatible changes with Postfix snapshot 20060806 +=================================================== + +Postfix no longer announces its name in delivery status notifications. +Users believe that Wietse provides a free help desk service that +solves all their email problems. diff --git a/postfix/RELEASE_NOTES-1.0 b/postfix/RELEASE_NOTES-1.0 new file mode 100644 index 000000000..9fcf519b3 --- /dev/null +++ b/postfix/RELEASE_NOTES-1.0 @@ -0,0 +1,746 @@ +This is the first official Postfix release that is not called BETA. +May it help the people who cannot get BETA software past their +management. + +Release 20010228 differs from snapshot 20010228 in that the virtual +delivery agent and nqmgr queue manager are left out. That software +will become part of the official release when it has not changed +in a while. + +In the text below, incompatible changes are labeled with the Postfix +version that introduced the change. If you upgrade from a later +Postfix version, then you do not have to worry about that particular +incompatibility. + +Major incompatible changes with release-20010228 +================================================ + +[snapshot-20010225] POSTFIX NO LONGER RELAYS MAIL FOR CLIENTS IN +THE ENTIRE CLASS A/B/C NETWORK. To get the old behavior, specify +"mynetworks_style = class" in the main.cf file. The default +(mynetworks_style = subnet) is to relay for clients in the local +IP subnet. See conf/main.cf. + +[snapshot-20001005, snapshot-20010225] You must execute "postfix +stop" before installing this release. Some recommended parameter +settings have changed, and a new entry must be added to the master.cf +file before you can start Postfix again. + +1 - The recommended Postfix configuration no longer uses flat + directories for the "incoming" "active", "bounce", and "defer" + queue directories. The "flush" directory for the new "flush" + service directory should not be flat either. + + Upon start-up, Postfix checks if the hash_queue_names configuration + parameter is properly set up, and will add any queue directory + names that are missing. + +2 - In order to improve performance of one-to-one mail deliveries + the queue manager will now look at up to 10000 queue files + (was: 1000). The default qmgr_message_active_limit setting + was changed accordingly. + + If you have a non-default qmgr_message_active_limit in main.cf, + you may want adjust it. + +3 - The new "flush" service needs to be configured in master.cf. + + Upon start-up, Postfix checks if the new "flush" service is + configured in the master.cf file, and will add an entry if it + is missing. + +Should you wish to back out to a previous Postfix release there is +no need to undo the above queue configuration changes. + +[snapshot-20000921] The protocol between queue manager and delivery +agents has changed. This means that you cannot mix the Postfix +queue manager or delivery agents with those of Postfix versions +prior to 20000921. This change does not affect Postfix queue file +formats. + +[snapshot-20000529] This release introduces an incompatible queue +file format change ONLY when content filtering is enabled (see text +in FILTER_README). Old Postfix queue files will work fine, but +queue files with the new content filtering info will not work with +Postfix versions before 20000529. Postfix logs a warning and moves +incompatible queue files to the "corrupt" mail queue subdirectory. + +Minor incompatible changes with release-20010228 +================================================ + +[snapshot-20010225] The incoming and deferred queue directories +are now hashed by default. This improves the performance considerably +under heavy load, at the cost of a small but noticeable slowdown +when one runs "mailq" on an unloaded system. + +[snapshot-20010222] Postfix no longer automatically delivers +recipients one at a time when their domain is listed in $mydestination. +This change solves delivery performance problems with delivery via +LMTP, with virus scanning, and with firewall relays that forward +all mail for $mydestination to an inside host. + +The "one recipient at a time" delivery behavior is now controlled +by the per-transport recipient limit (xxx_destination_recipient_limit, +where xxx is the name of the delivery mechanism). This parameter +controls the number of recipients that can be sent in one delivery +(surprise). + +The setting of the per-transport recipient limit also controls the +meaning of the per-transport destination concurrency limit (named +xxx_destination_concurrency_limit, where xxx is again the name of +the delivery mechanism): + + 1) When the per-transport recipient limit is 1 (i.e., send one + recipient per delivery), the per-transport destination concurrency + limit controls the number of simultaneous deliveries to the + same recipient. This is the default behavior for delivery via + the Postfix local delivery agent. + + 2) When the per-transport recipient limit is > 1 (i.e., send + multiple recipients per delivery), the per-transport destination + concurrency limit controls the number of simultaneous deliveries + to the same domain. This is the default behavior for all other + Postfix delivery agents. + +[snapshot-20010128] The Postfix local delivery agent now enforces +mailbox file size limits (default: mailbox_size_limit = 51200000). +This limit affects all file write access by the local delivery +agent or by a process run by the local delivery agent. The purpose +of this parameter is to act as a safety for run-away software. It +cannot be a substitute for a file quota management system. Specify +a limit of 0 to disable. + +[snapshot-20010128] REJECT in header/body_checks is now flagged as +policy violation rather than bounce, for consistency in postmaster +notifications. + +[snapshot-20010128] The default RBL (real-time blackhole lists) +domain examples have been changed from *.vix.com to *.mail-abuse.org. + +[snapshot-20001210] Several interfaces of libutil and libglobal +routines have changed. This may break third-party code written +for Postfix. In particular, the safe_open() routine has changed, +the way the preferred locking method is specified in the sys_defs.h +file, as well as all routines that perform file locking. When +compiling third-party code written for Postfix, the incompatibilities +will be detected by the compiler provided that #include file +dependencies are properly maintained. + +[snapshot-20001210] When delivering to /file/name (as directed in +an alias or .forward file), the local delivery agent now logs a +warning when it is unable to create a /file/name.lock file. Mail +is still delivered as before. + +[snapshot-20001210] The "sun_mailtool_compatibility" feature is +going away (a compatibility mode that turns off kernel locks on +mailbox files). It still works, but a warning is logged. Instead +of using "sun_mailtool_compatibility", specify the mailbox locking +strategy as "mailbox_delivery_lock = dotlock". + +[snapshot-20001210] The Postfix SMTP client now skips SMTP server +replies that do not start with "CODE SPACE" or with "CODE HYPHEN" +and flags them as protocol errors. Older Postfix SMTP clients +silently treated "CODE TEXT" as "CODE SPACE TEXT", i.e. as a valid +SMTP reply. + +[snapshot-20001121] On RedHat Linux 7.0, you must install the +db3-devel RPM before you can compile the Postfix source code. + +[snapshot-20000924] The postmaster address in the "sorry" text at +the top of bounced mail is now just postmaster, not postmaster@machine. +The idea is to refer users to their own postmaster. + +[snapshot-20000921] The notation of [host:port] in transport tables +etc. is going away but it is still supported. The preferred form +is now [host]:port. This change is necessary to support IPV6 +address forms which use ":" as part of a numeric IP address. In a +future release, Postfix will log a warning when it encounters the +[host:port] form. + +[snapshot-20000921] In mail headers, Errors-To:, Reply-To: and +Return-Receipt: addresses are now rewritten as a sender address +(was: recipient). + +[snapshot-20000921] Postfix no longer inserts Sender: message +headers. + +[snapshot-20000921] The queue manager now logs the original number +of recipients when opening a queue file (example: from=<>, size=3502, +nrcpt=1). + +[snapshot-20000921] The local delivery agent no longer appends a +blank line to mail that is delivered to external command. + +[snapshot-20000921] The pipe delivery agent no longer appends a +blank line when the F flag is specified (in the master.cf file). +Specify the B flag if you need that blank line. + +[snapshot-20000507] As required by RFC 822, Postfix now inserts a +generic destination message header when no destination header is +present. The text is specified via the undisclosed_recipients_header +configuration parameter (default: "To: undisclosed-recipients:;"). + +[snapshot-20000507] The Postfix sendmail command treats a line with +only `.' as the end of input, for the sake of sendmail compatibility. +To disable this feature, specify the sendmail-compatible `-i' or +`-oi' flags on the sendmail command line. + +[snapshot-20000507] For the sake of Sendmail compatibility, the +Postfix SMTP client skips over SMTP servers that greet with a 4XX +or 5XX reply code, treating them as unreachable servers. To obtain +prior behavior (4XX=retry, 5XX=bounce), specify "smtp_skip_4xx_greeting += no" and "smtp_skip_5xx_greeting = no". + +Major changes with release-20010228 +=================================== + +Postfix produces DSN formatted bounced/delayed mail notifications. +The human-readable text still exists, so that users will not have +to be unnecessarily confused by all the ugliness of RFC 1894. Full +DSN support will be later. + +This release introduces full content filtering through an external +process. This involves an incompatible change in queue file format. +Mail is delivered to content filtering software via an existing +mail delivery agent, and is re-injected into Postfix via an existing +mail submission agent. See examples in the FILTER_README file. +Depending on how the filter is implemented, you can expect to lose +a factor of 2 to 4 in delivery performance of SMTP transit mail, +more if the content filtering software needs lots of CPU or memory. + +Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick +and dirty emergency content filter that looks at non-header lines +one line at a time (including MIME headers inside the message body). +Details in conf/sample-filter.cf. + +The header_checks and body_checks features can be used to strip +out unwanted data. Specify IGNORE on the right-hand side and the +data will disappear from the mail. + +Support for SASL (RFC 2554) authentication in the SMTP server and +in the SMTP and LMTP clients. See the SASL_README file for more +details. This file still needs better examples. + +Postfix now ships with an LMTP delivery agent that can deliver over +local/remote TCP sockets and over local UNIX-domain sockets. The +LMTP_README file gives example, but still needs to be revised. + +Fast "ETRN" and "sendmail -qR". Postfix maintains per-destination +logfiles with information about what mail is queued for selected +destinations. See the file ETRN_README for details. + +The mailbox locking style is now fully configurable at runtime. +The new configuration parameter is called "mailbox_delivery_lock". +Depending on the operating system type, mailboxes can be locked +with one or more of "flock", "fcntl" or "dotlock". The command +"postconf -l" shows the available locking styles. The default +mailbox locking style is system dependent. This change affects +all mailbox and all "/file/name" deliveries by the Postfix local +delivery agent. + +Minor changes with release-20010228 +=================================== + +You can now specify multiple SMTP destinations in the relayhost +and fallback_relay configuration parameters. The destinations are +tried in the specified order. Specify host or host:port (perform +MX record lookups), [host] or [host]:port (no MX record lookups), +[address] or [address]:port (numerical IP address). + +The "mailbox_transport" and "fallback_transport" parameters now +understand the form "transport:nexthop", with suitable defaults +when either transport or nexthop are omitted, just like in the +Postfix transport map. This allows you to specify for example, +"mailbox_transport = lmtp:unix:/file/name". + +The local_transport and default_transport configuration parameters +can now be specified in transport:destination notation, just like +the mailbox_transport and fallback_transport parameters. The +:destination part is optional. However, these parameters take only +one destination, unlike relayhost and fallback-relay which take +any number of destinations. + +More general virtual domain support. Postfix now supports both +Sendmail-style virtual domains and Postfix-style virtual domains. +Details and examples are given in the revised virtual manual page. + +- With Sendmail-style virtual domains, local users/aliases/mailing + lists are visible as localname@virtual.domain. This is convenient + if you want to host mailing lists under virtual domains. + +- With Postfix-style virtual domains, local users/aliases/mailing + lists are not visible as localname@virtual.domain. Each virtual + domain has its own separate name space. + +More general "soft bounce" feature. Specify "soft_bounce = yes" +in main.cf to prevent the SMTP server from bouncing mail while you +are testing configurations. Until this release the SMTP server was +not aware of soft bounces. + +Workarounds for non-standard RFC 2554 (AUTH command) implementations. +Specify "broken_sasl_auth_clients = yes" to enable SMTP server +support for old Microsoft client applications. The Postfix SMTP +client supports non-standard RFC 2554 servers by default. + +All time-related configuration parameters now accept a one-letter +suffix to indicate the time unit (s: second, m: minute, h: hour, +d: day, w: week). The exceptions are the LDAP and MYSQL modules +which are maintained separately. + +New "import_environment" and "export_environment" configuration +parameters provide explicit control over what environment variables +Postfix will import, and what environment variables Postfix will +pass on to a non-Postfix process. + +In order to improve performance of one-to-one deliveries, Postfix +by default now looks at up to 10000 messages at a time (was: 1000). + +Specify "syslog_facility = log_local1" etc. to separate the logging +from multiple Postfix instances. However, a non-default logging +facility takes effect only after process initialization. Errors +during command-line parsing are still logged with the default syslog +facility, as are errors while processing the main.cf file. + +Postfix now strips out Content-Length: headers in incoming mail to +avoid confusion in mail user agents. + +Specify "require_home_directory = yes" to prevent mail from being +delivered to a user whose home directory is not mounted. This +feature is implemented by the Postfix local delivery agent. + +The pipe mailer has a size limit (size=nnn) command-line argument. + +The pipe delivery agent has a configurable end-of-line attribute. +Specify "pipe ... eol=\r\n" for delivery mechanisms that require +CRLF record delimiters. The eol attribute understands the following +C-style escape sequences: \a \b \f \n \r \t \v \nnn \\. + +In master.cf you can selectively override main.cf configuration +parameters, for example: "smtpd -o myhostname=foo.com". + +In main.cf, specify "smtp_bind_address=x.x.x.x" to bind SMTP +connections to a specific local interface. Or override the default +setting in master.cf with "smtp -o smtp_bind_address=x.x.x.x". +For now, you must specify a numeric IP address. + +Questionable feature: with "smtp_always_send_ehlo = yes", the SMTP +client sends EHLO regardless of the content of the SMTP server's +greeting. + +Specify "-d key" to postalias or postmap in order to remove one +key. This still needs to be generalized to multi-key removal (e.g., +read keys from stdin). + +Comments in Postfix configuration files no longer contain troff +formatting codes. The text is now generated from prototype files +in a new "proto" subdirectory. + +Major changes with postfix-19991231: +==================================== + +- It is now much more difficult to configure Postfix as an open +relay. The SMTP server requires that "smtpd_recipient_restrictions" +contains at least one restriction that by default refuses mail (as +is the default). There were too many accidents with changes to +the UCE restrictions. + +- The relay_domains parameter no longer needs to contain $virtual_maps. + +- Overhauled FAQ (html/faq.html) with many more examples. + +- Updated UCE documentation (html/uce.html) with more examples. +More UCE configuration examples in sample configuration files. + +- Several little improvements to the installation procedure: +relative symlinks, configurable directory for scratch files so the +installation can be done without write access to the build tree. + +- Updated LDAP client code (John Hensley). + +- Updated mysql client code (Scott Cotton). + +- The SMTP server now rejects mail for unknown users in virtual +domains that are defined by Postfix virtual maps. + +- The SMTP server can reject mail for unknown local users. Specify +"local_recipient_maps = $alias_maps, unix:passwd.byname" if your +local mail is delivered by a UNIX-style local delivery agent. See +example in conf/main.cf. + +- Use "disable_vrfy_command = yes" to disable the SMTP VRFY command. +This prevents some forms of address harvesting. + +- The sendmail "-f" option now understands and even understands +forms with RFC 822-style comments. + +- New "qmgr_fudge_factor" parameter allows you to balance mailing +list performance against response time for one-to-one mail. The +fudge factor controls what percentage of delivery resources Postfix +will devote to one message. With 100%, delivery of one message +does not begin before delivery of the previous message is completed. +This is good for list performance, bad for one-to-one mail. With +10%, response time for one-to-one mail improves much, but list +performance suffers: in the worst case, people near the start of a +mailing list get a burst of postings today, while people near the +end of the list get that same burst of postings a whole day later. + +- It is now relatively safe to configure 550 status codes for the +main.cf unknown_address_reject_code or unknown_client_reject_code +parameters. The SMTP server now always sends a 450 (try again) +reply code when an UCE restriction fails due to a soft DNS error, +regardless of what main.cf specifies. + +- The RBL checks now show the content of TXT records (Simon J Mudd). + +- The Postfix SMTP server now understands a wider range of illegal +address forms in MAIL FROM and RCPT TO commands. In order to disable +illegal forms, specify "strict_rfc821_envelopes = yes". This also +disables support for MAIL FROM and RCPT TO addresses without <>. + +- Per-client/helo/sender/recipient UCE restrictions (fully-recursive +UCE restriction parser). See the RESTRICTION_CLASS file for details. + +- Use "postmap -q key" or "postalias -q key" for testing Postfix +lookup tables or alias files. + +- Use "postconf -e name=value..." to edit the main.cf file. This +is easier and safer than editing the main.cf file by hand. The +edits are done on a temporary copy that is renamed into place. + +- Use "postconf -m" to display all supported lookup table types +(Scott Cotton). + +- New "permit_auth_destination" UCE restriction for finer-grained +access control (Jesper Skriver). + +Incompatible changes with postfix-19990906 +========================================== + +- On systems that use user.lock files to protect system mailboxes +against simultaneous updates, Postfix now uses /file/name.lock +files while delivering to files specified in aliases/forward/include +files. This is a no-op when the recipient lacks directory write +permission. + +- The LDAP client code no longer looks up a name containing "*" +because it could be abused. See the LDAP_README file for how to +restore previous behavior. + +- The Postfix to PCRE interface now expects PCRE version 2.08. +Postfix is no longer compatible with PCRE versions prior to 2.06. + +Major changes with postfix-19990906 +=================================== + +Several bugfixes, none related to security. See the HISTORY file +for a complete list of changes. + +- Postfix is now distributed under IBM Public License Version 1.0 +which does not carry the controversial termination clause. The new +license does have a requirement that contributors make source code +available. + +- INSTALL.sh install/upgrade procedure that replaces existing +programs and shell scripts instead of overwriting them, and that +leaves existing queue files and configuration files alone. + +- The ugly Delivered-To: header can now be turned off selectively. +The default setting is: "prepend_delivered_header = command, file, +forward". Turning off the Delivered-To: header when forwarding +mail is not recommended. + +- mysql client support by Scott Cotton and Joshua Marcus, Internet +Consultants Group, Inc. See the file MYSQL_README for instructions. + +- reject_unauth_destination SMTP recipient restriction that rejects +destinations not in $relay_domains. Unlike the check_relay_domains +restriction, reject_unauth_destination ignores the client hostname. +By Lamont Jones of Hewlett-Packard. + +- reject_unauth_pipelining SMTP *anything* restriction to stop mail +from spammers that improperly use SMTP command pipelining to speed +up their deliveries. + +- Postfix "sendmail" now issues a warning and drops privileges if +installed set-uid root. + +- No more duplicate delivery when "postfix reload" is immediately +followed by "sendmail -q". + +- No more "invalid argument" errors when a Postfix daemon opens a +DB/DBM file while some other process is changing the file. + +- Portability to the Mac OS X Server, Reliant Unix, AIX 3.2.5 and +Ultrix 4.3. + +Incompatible changes with postfix-19990601: +=========================================== + +- The SMTP server now delays all UCE restrictions until the RCPT +TO, VRFY or ETRN command. This makes the restrictions more useful, +because many SMTP clients do not expect negative responses earlier +in the protocol. In order to restore the old behavior, specify +"smtpd_delay_reject = no" in /etc/postfix/main.cf. + +- The Postfix local delivery agent no longer automatically propagates +address extensions to aliases/include/forward addresses. Specify +"propagate_unmatched_extensions = canonical, virtual, alias, forward, +include" to restore the old behavior. + +- The Postfix local delivery agent no longer does $name expansion +on words found in the mailbox_command configuration parameter. This +makes it easier to specify shell syntax. See conf/main.cf. + +- The luser_relay syntax has changed. You can specify one address; +it is subjected to $user, etc. expansions. See conf/main.cf. + +- File system reorganization: daemon executables are now in the +libexec subdirectory, command executables in the bin subdirectory. +The INSTALL instructions now recommend installing daemons and +commands into separate directories. + +Major changes with postfix-19990601: +===================================== + +- New USER, EXTENSION, LOCAL, DOMAIN and RECIPIENT environment +variables for delivery to command (including mailbox_command) by +the local delivery agent. As you might expect, the information is +censored. The list of acceptable characters is specified with the +command_expansion_filter configuration parameter. Unacceptable +characters are replaced by underscores. See html/local.8.html. + +- Specify "forward_path = /var/forward/$user" to avoid looking up +.forward files in user home directories. The default value is +$home/.forward$recipient_delimiter$extension, $home/.forward. +Initial code by Philip A. Prindeville, Mirapoint, Inc., USA. + +- Conditional $name expansion in forward_path and luser_relay. +Available names are: $user (bare user name) $shell (user login +shell), $home (user home directory), $local (everything to the left +of @), $extension (optional address extension), $domain (everything +to the right of @), $recipient (the complete address) and +$recipient_delimiter. A simple $name expands as usual. ${name?value} +expands to value when $name is defined. ${name:value} expands to +value when $name is not defined. With ${name?value} and ${name:value}, +the value is subject to another iteration of $name expansion. + +- POSIX regular expression support, enabled by default on 4.4BSD, +LINUX, HP-UX, and Solaris 2.5 and later. See conf/sample-regexp.cf. +Initial code by Lamont Jones, Hewlett-Packard, borrowing heavily +from the PCRE implementation by Andrew McNamara, connect.com.au +Pty. Ltd., Australia. + +- Regular expression checks for message headers. This requires +support for POSIX or for PCRE regular expressions. Specify +"header_checks = regexp:/file/name" or "header_checks = pcre:/file/name", +and specify "/^header-name: badstuff/ REJECT" in the pattern file +(patterns are case-insensitive by default). Code by Lamont Jones, +Hewlett-Packard. It is to be expected that full content filtering +will be delegated to an external command. + +- Regular expression support for all lookup tables, including access +control (full mail addresses only), address rewriting (canonical/virtual, +full mail addresses only) and transport tables (full domain names +only). However, regular expressions are not allowed for aliases, +because that would open up security exposures. + +- Automatic detection of changes to DB or DBM lookup tables. This +eliminates the need to run "postfix reload" after each change to +the SMTP access table, or to the canonical, virtual, transport or +aliases tables. + +- New error mailer. Specify ".domain.name error:domain is undeliverable" +in the transport table to bounce mail for entire domains. + +- No more Postfix lockups on Solaris (knock on wood). The code no +longer uses Solaris UNIX-domain sockets, because they are still +broken, even with Solaris 7. + +- Workaround for the Solaris mailtool, which keeps an exclusive +kernel lock on the mailbox while its window is not iconified (specify +"sun_mailtool_compatibility = yes" in main.cf). + +- Questionable workaround for Solaris, which reportedly loses +long-lived exclusive locks that are held by the master daemon. + +- New reject_unknown_{sender,recipient}_domain restrictions for +sender and recipient mail addresses that distinguish between soft +errors (always 450) and hard errors (unknown_address_reject_code, +default 450). + +- MIME-encapsulated bounce messages, making it easier to recover +bounced mail. Initial implementation by Philip A. Prindeville, +Mirapoint, Inc., USA. Support for RFC 1892 (multipart/report) and +RFC 1894 (DSN) will have to wait until Postfix internals have been +revised to support RFC 1893. + +- Separately configurable "postmaster" addresses for single bounces +(bounce_notice_recipient), double bounces (2bounce_notice_recipient), +delayed mail (delay_notice_recipient), and for mailer error reports +(error_notice_recipient). See conf/main.cf. + +- Questionable feature: specify "best_mx_transport = local" if +this machine is the best MX host for domains not in mydestinations. + +Incompatible changes with postfix-19990317: +=========================================== + +- You MUST install the new version of /etc/postfix/postfix-script. + +- The pipe mailer "flags" syntax has changed. You now explicitly +MUST specify the R flag in order to generate a Return-Path: message +header (as needed by, for example, cyrus). + +Major changes with postfix-19990317: +==================================== + +A detailed record of changes is given in the HISTORY file. + +- Less postmaster mail. Undeliverable bounce messages (double +bounces) are now discarded. Specify "notify_classes = 2bounce..." +to get copies of double bounces. Specify "notify_classes = bounce..." +to get copies of normal and double bounces. + +- Improved LDAP client code by John Hensley of Merit Network, USA. +See LDAP_README for details. + +- Perl-compatible regular expression support for lookup maps by +Andrew McNamara, connect.com.au Pty. Ltd., Australia.. Example: +"check_recipient_access pcre:/etc/postfix/sample-pcre.cf". Regular +expressions provide a powerful tool not only for SMTP access control +but also for address rewriting. See PCRE_README for details. + +- Automatic notification of delayed mail (disabled by default). +With "delay_warning_time = 4", Postfix informs senders when mail +has not been delivered after 4 hours. Initial version of the code +by Daniel Eisenbud, University of California at Berkeley. In order +to get postmaster copies of such warnings, specify "notify_classes += delay...". + +- More configurable local delivery: "mail_spool_directory" to +specify the UNIX mail spool directory; "mailbox_transport" to +delegate all mailbox delivery to, for example, cyrus, and +"fallback_transport" to delegate delivery of only non-UNIX users. +And all this without losing local aliases and local .forward +processing. See config/main.cf and config/master.cf. + +- Several changes to improve Postfix behavior under worst-case +conditions (frequent Postfix restarts/reloads combined with lots +if inbound mail, intermittent connectivity problems, SMTP servers +that become comatose after receiving QUIT). + +- More NFS-friendly mailbox delivery. The local delivery agent +now avoids using root privileges where possible. + +- For sites that do not receive mail at all, mydestination can now +be an empty string. Be sure to set up a transport table entry to +prevent mail from looping. + +- New "postsuper" utility to clean up stale files from Postfix +queues. + +- Workaround for BSD select() collisions that cause performance +problems on large BSD systems. + +- Several questionable but useful features to capture mail: +"always_bcc = address" to capture a copy of every message that +enters the system, and "luser_relay = address" to capture mail for +unknown recipients (does not work when mailbox_transport or +fallback_transport are being used). + +- Junk mail controls: new reject_non_fqdn_{hostname,sender,recipient} +restrictions to reject non-FQDN arguments in HELO, MAIL FROM and +RCPT TO commands, and stricter checking of numeric HELO arguments. + +- "fallback_relay" feature for sites that use DNS but that can't +talk to the entire world. The fall-back relay gets the mail when +a destination is not found in the DNS or when the destination is +found but not reachable. + +- Several questionable controls that can help to keep mail going: +specify "smtp_skip_4xx_greeting = yes" to skip SMTP servers that +greet with 4XX, "ignore_mx_lookup_error = yes" to look up an A +record when a DNS server does not respond to an MX query. + +Incompatible changes with postfix-beta-19990122-pl01: +===================================================== + +None. + +Major changes with postfix-beta-19990122-pl01: +============================================== + +- Restrict who may use ETRN and what domains may be specified. +Example: "smtpd_etrn_restrictions = permit_mynetworks, reject". + +- BIFF notifications. For compatibility reasons this feature is +on by default. Specify "biff = no" in main.cf if your machine has +lots of shell users. + +- With "soft_bounce = yes", defer delivery instead of bouncing +mail. This is a safety net for configuration errors with delivery +agents. It has no effect on errors in virtual maps, canonical maps, +or in junk mail restrictions. + +- Specify "owner_request_special = no" to turn off special treatment +of owner-foo and foo-request addresses. + +Incompatible changes with postfix-beta-19990122: +================================================ + +- The syntax of the transport table has changed. An entry like: + + customer.org smtp:[gateway.customer.org] + + no longer forwards mail for anything.customer.org. For that you + need to specify: + + customer.org smtp:[gateway.customer.org] + .customer.org smtp:[gateway.customer.org] + + This change makes transport tables more compatible with + sendmail mailer tables. + +- The format of syslog records has changed. A client is now always +logged as hostname[address]; the pickup daemon logs queue file uid +and sender address. + +Major changes with postfix-beta-19990122: +========================================= + +- Junk mail restrictions can now be postponed to the RCPT TO command. +Specify: "smtpd_recipient_restrictions = reject_maps_rbl...". + +- More flexible interface for delivery to e.g., cyrus IMAP without +need for PERL scripts to munge recipient addresses. In addition to +$sender, $nexthop and $recipient, the pipe mailer now also supports +$user, $extension and $mailbox. + +- New mail now has precedence over deferred mail, plus some other +tweaks to make bulk mail go faster. But it ain't no cure for massive +network outages. + +- Watchdog timer for systems that cause the Postfix queue manager +to lock up, so it recovers without human intervention. + +- Delivery to qmail-style maildir files, which is good for NFS +environments. Specify "home_mailbox = Maildir/", or specify +/file/name/ in aliases or in .forward files. The trailing / is +required to turn on maildir delivery. + +- Incremental updates of aliases and maps. Specify "postmap -i +mapname" and it will read new entries from stdin. + +- Newaliases will now update more than one alias database. +Specify the names with the main.cf "alias_database" parameter. + +- Address masquerading exceptions to prevent users from being +masqueraded. Specify "masquerade_exceptions = root". + +- A pipelined SMTP client. Deliveries to Postfix, qmail, LSOFT, +zmailer, and exim (once it's fixed) speed up by some 30% for short +messages with one recipient, with more for multi-recipient mails. + +- Hook for local delivery to "|command" via the smrsh restricted +shell, to restrict what commands may be used in .forward etc. files. +Specify "local_command_shell = /some/where/smrsh -c". diff --git a/postfix/html/bounce.5.html b/postfix/html/bounce.5.html index 104247f9e..7d5ebac31 100644 --- a/postfix/html/bounce.5.html +++ b/postfix/html/bounce.5.html @@ -76,7 +76,7 @@ BOUNCE(5) BOUNCE(5) Subject: Undelivered Mail Returned to Sender Postmaster-Subject: Postmaster Copy: Undelivered Mail - This is the $mail_name program at host $myhostname. + This is the mail system at host $myhostname. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. @@ -86,7 +86,7 @@ BOUNCE(5) BOUNCE(5) If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF The usage and specification of bounce templates is subject diff --git a/postfix/implementation-notes/MILTER b/postfix/implementation-notes/MILTER index 16137f530..0da7cc5db 100644 --- a/postfix/implementation-notes/MILTER +++ b/postfix/implementation-notes/MILTER @@ -23,9 +23,10 @@ Network versus local submission As of Sendmail 8.12, all mail is received via SMTP, so all mail is subject to Miltering (local submissions are queued in a submission -queue and then delivered via SMTP to the main MTA). In Postfix, -local submissions are received by the pickup server, which feeds -the mail into the cleanup server after doing some sanity checks. +queue and then delivered via SMTP to the main MTA, or appended to +$HOME/dead.letter). In Postfix, local submissions are received by +the pickup server, which feeds the mail into the cleanup server +after doing basic sanity checks. How do we set up the Milters with SMTP mail versus local submissions? diff --git a/postfix/makedefs b/postfix/makedefs index 70cbc5700..3c58c676b 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -122,6 +122,8 @@ case "$SYSTEM.$RELEASE" in ;; OpenBSD.3*) SYSTYPE=OPENBSD3 ;; + OpenBSD.4*) SYSTYPE=OPENBSD4 + ;; ekkoBSD.1*) SYSTYPE=EKKOBSD1 ;; NetBSD.1*) SYSTYPE=NETBSD1 diff --git a/postfix/man/man5/bounce.5 b/postfix/man/man5/bounce.5 index 4d2d591f0..ce3d03735 100644 --- a/postfix/man/man5/bounce.5 +++ b/postfix/man/man5/bounce.5 @@ -86,7 +86,7 @@ From: MAILER-DAEMON (Mail Delivery System) Subject: Undelivered Mail Returned to Sender Postmaster-Subject: Postmaster Copy: Undelivered Mail -This is the $mail_name program at host $myhostname. +This is the mail system at host $myhostname. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. @@ -97,7 +97,7 @@ If you do so, please include this problem report. You can delete your own text from the attached returned message. .ti +12 - The $mail_name program + The mail system EOF .in -4 .ad diff --git a/postfix/proto/bounce b/postfix/proto/bounce index aaf5fd43f..f770a5e33 100644 --- a/postfix/proto/bounce +++ b/postfix/proto/bounce @@ -76,7 +76,7 @@ # Subject: Undelivered Mail Returned to Sender # Postmaster-Subject: Postmaster Copy: Undelivered Mail # -# This is the $mail_name program at host $myhostname. +# This is the mail system at host $myhostname. # # I'm sorry to have to inform you that your message could not # be delivered to one or more recipients. It's attached below. @@ -87,7 +87,7 @@ # delete your own text from the attached returned message. # # .ti +12 -# The $mail_name program +# The mail system # EOF # .in -4 # .ad diff --git a/postfix/src/bounce/2template_test.in b/postfix/src/bounce/2template_test.in index 0a26bd64d..48063735e 100644 --- a/postfix/src/bounce/2template_test.in +++ b/postfix/src/bounce/2template_test.in @@ -4,7 +4,7 @@ From: MAILER-DAEMON (Mail Delivery System) Subject: Undelivered Mail Returned to Sender Postmaster-Subject: Postmaster Copy: Undelivered Mail -This is the $mail_name program at host $myhostname. +This is the mail system at host $myhostname. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. @@ -14,7 +14,7 @@ For further assistance, please send mail to If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF delay_template = < If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF success_template = < If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF delay_template = < If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF success_template = < If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF delay_template = < If you do so, please include this problem report. You can delete your own text from the attached returned message. - The $mail_name program + The mail system EOF success_template = </dev/null >bug1.tmp + diff bug1.ref bug1.tmp + ../postcat/postcat bug1.file.tmp 2>/dev/null >bug1.tmp + diff bug1.text.ref bug1.tmp + rm -f bug1.file.tmp bug1.tmp + +bug2_test: cleanup_milter bug2.file bug2.in bug2.ref bug2.text.ref \ + ../postcat/postcat + cp bug2.file bug2.file.tmp + chmod u+w bug2.file.tmp + ./cleanup_milter /dev/null >bug2.tmp + diff bug2.ref bug2.tmp + ../postcat/postcat bug2.file.tmp 2>/dev/null >bug2.tmp + diff bug2.text.ref bug2.tmp + rm -f bug2.file.tmp bug2.tmp + # Test queue file editing routines. -cleanup_milter_test: cleanup_milter cleanup_milter.in1 cleanup_milter.ref1 \ - test-queue-file ../postcat/postcat +cleanup_milter_test: cleanup_milter test-queue-file cleanup_milter.in1 \ + cleanup_milter.ref1 test-queue-file ../postcat/postcat cp test-queue-file test-queue-file.tmp chmod u+w test-queue-file.tmp ./cleanup_milter /dev/null >cleanup_milter.tmp + diff cleanup_milter.ref3 cleanup_milter.tmp + rm -f test-queue-file3.tmp cleanup_milter.tmp + +cleanup_milter_test4: cleanup_milter test-queue-file4 cleanup_milter.in4a \ + cleanup_milter.in4b cleanup_milter.in4c cleanup_milter.ref4 \ + test-queue-file4 ../postcat/postcat + cp test-queue-file4 test-queue-file4.tmp + chmod u+w test-queue-file4.tmp + ./cleanup_milter /dev/null >cleanup_milter.tmp + diff cleanup_milter.ref4 cleanup_milter.tmp + cp test-queue-file4 test-queue-file4.tmp + chmod u+w test-queue-file4.tmp + ./cleanup_milter /dev/null >cleanup_milter.tmp + diff cleanup_milter.ref4 cleanup_milter.tmp + cp test-queue-file4 test-queue-file4.tmp + chmod u+w test-queue-file4.tmp + ./cleanup_milter /dev/null >cleanup_milter.tmp + diff cleanup_milter.ref4 cleanup_milter.tmp + rm -f test-queue-file4.tmp cleanup_milter.tmp + +cleanup_milter_test5: cleanup_milter test-queue-file5 cleanup_milter.in5 \ + cleanup_milter.ref5 test-queue-file5 ../postcat/postcat + cp test-queue-file5 test-queue-file5.tmp + chmod u+w test-queue-file5.tmp + ./cleanup_milter /dev/null >cleanup_milter.tmp + diff cleanup_milter.ref5 cleanup_milter.tmp + rm -f test-queue-file5.tmp cleanup_milter.tmp + depend: $(MAKES) (sed '1,/^# do not edit/!d' Makefile.in; \ set -e; for i in [a-z][a-z0-9]*.c; do \ diff --git a/postfix/src/cleanup/bug1.file b/postfix/src/cleanup/bug1.file new file mode 100644 index 000000000..da59ed963 Binary files /dev/null and b/postfix/src/cleanup/bug1.file differ diff --git a/postfix/src/cleanup/bug1.file.ref b/postfix/src/cleanup/bug1.file.ref new file mode 100755 index 000000000..229d26d27 Binary files /dev/null and b/postfix/src/cleanup/bug1.file.ref differ diff --git a/postfix/src/cleanup/bug1.in b/postfix/src/cleanup/bug1.in new file mode 100644 index 000000000..bda18cfad --- /dev/null +++ b/postfix/src/cleanup/bug1.in @@ -0,0 +1,41 @@ +#verbose on +open bug1.file.tmp + +# Symptom: +# +# infinite loop in postcat and in delivery agents +# +# Cause: +# +# Failure to update location info after following a pointer record, +# while updating a message header record +# +# Analysis: +# +# This happens with repeated updates of the same message header. +# After the first update, the update #1 header record sits in the +# heap at the end of the queue file, and is followed by a reverse +# pointer to the start of the next message header record or the +# message body, somewhere in the middle of the queue file. +# +# The problem started with update #2 of that same message header. +# While following the reverse pointer record after the update #1 +# header record to find out the start of the next header or message +# body, the header updating routine did not update its notion of +# where it was. Thus, it believed that the next header or body record +# was located after the reverse pointer record. That was not the +# middle of the message, but the end of the queue file. The second +# update would result in an update #2 header record, followed by a +# reverse pointer to what used to be the end of the queue file, but +# had meanwhile become the location of the update #2 header record. +# +# Thus, anything that tried to deliver mail would loop on the update +# #2 header record. After update update #3 of the same header, the +# delivery agent would loop on the update #3 record, etc. + +upd_header 1 Subject long header text +upd_header 1 Subject long header text +upd_header 1 Subject long header text +upd_header 1 Subject long header text + +close diff --git a/postfix/src/cleanup/bug1.ref b/postfix/src/cleanup/bug1.ref new file mode 100644 index 000000000..66fe730e2 --- /dev/null +++ b/postfix/src/cleanup/bug1.ref @@ -0,0 +1,49 @@ +*** ENVELOPE RECORDS bug1.file.tmp *** + 0 message_size: 428 654 3 0 + 65 message_arrival_time: Sat May 13 21:04:18 2006 + 84 create_time: Sat May 13 21:04:27 2006 + 108 named_attribute: rewrite_context=local + 131 sender: wietse@porcupine.org + 153 named_attribute: client_name=tail.porcupine.org + 185 named_attribute: client_address=IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f + 240 named_attribute: message_origin=tail.porcupine.org[2001:240:587:0:2d0:b7ff:febe:ca9f] + 310 named_attribute: helo_name=tail.porcupine.org + 340 named_attribute: protocol_name=SMTP + 360 named_attribute: dsn_orig_rcpt=rfc822;wietse@porcupine.org + 403 original_recipient: wietse@porcupine.org + 425 recipient: wietse@porcupine.org + 447 named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org + 494 original_recipient: alias@tail.porcupine.org + 520 recipient: wietse@porcupine.org + 542 named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org + 589 original_recipient: alias@tail.porcupine.org + 615 recipient: root@porcupine.org + 635 pointer_record: 0 + 652 *** MESSAGE CONTENTS bug1.file.tmp *** + 654 regular_text: Received: from tail.porcupine.org (tail.porcupine.org [IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f]) + 751 regular_text: by tail.porcupine.org (Postfix) with SMTP id E0F703D1E36; + 811 regular_text: Sat, 13 May 2006 21:04:18 -0400 (EDT) + 851 regular_text: X: 1 + 857 regular_text: 2 + 861 regular_text: 3 + 865 regular_text: 4 + 869 regular_text: 5 + 873 regular_text: 6 + 877 regular_text: 7 + 881 regular_text: Y: 1234567 + 893 regular_text: Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org> + 954 regular_text: Date: Sat, 13 May 2006 21:04:18 -0400 (EDT) + 999 regular_text: From: wietse@porcupine.org + 1027 regular_text: To: undisclosed-recipients:; + 1057 pointer_record: 1103 + 1103 pointer_record: 1147 + 1147 pointer_record: 1191 + 1191 pointer_record: 1235 + 1235 regular_text: Subject: long header text + 1262 pointer_record: 1130 + 1130 pointer_record: 1074 + 1074 regular_text: + 1076 regular_text: text + 1082 *** HEADER EXTRACTED bug1.file.tmp *** + 1084 pointer_record: 0 + 1101 *** MESSAGE FILE END bug1.file.tmp *** diff --git a/postfix/src/cleanup/bug1.text.ref b/postfix/src/cleanup/bug1.text.ref new file mode 100644 index 000000000..5b64c3899 --- /dev/null +++ b/postfix/src/cleanup/bug1.text.ref @@ -0,0 +1,41 @@ +*** ENVELOPE RECORDS bug1.file.tmp *** +message_size: 428 654 3 0 +message_arrival_time: Sat May 13 21:04:18 2006 +create_time: Sat May 13 21:04:27 2006 +named_attribute: rewrite_context=local +sender: wietse@porcupine.org +named_attribute: client_name=tail.porcupine.org +named_attribute: client_address=IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f +named_attribute: message_origin=tail.porcupine.org[2001:240:587:0:2d0:b7ff:febe:ca9f] +named_attribute: helo_name=tail.porcupine.org +named_attribute: protocol_name=SMTP +named_attribute: dsn_orig_rcpt=rfc822;wietse@porcupine.org +original_recipient: wietse@porcupine.org +recipient: wietse@porcupine.org +named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org +original_recipient: alias@tail.porcupine.org +recipient: wietse@porcupine.org +named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org +original_recipient: alias@tail.porcupine.org +recipient: root@porcupine.org +*** MESSAGE CONTENTS bug1.file.tmp *** +Received: from tail.porcupine.org (tail.porcupine.org [IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f]) + by tail.porcupine.org (Postfix) with SMTP id E0F703D1E36; + Sat, 13 May 2006 21:04:18 -0400 (EDT) +X: 1 + 2 + 3 + 4 + 5 + 6 + 7 +Y: 1234567 +Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org> +Date: Sat, 13 May 2006 21:04:18 -0400 (EDT) +From: wietse@porcupine.org +To: undisclosed-recipients:; +Subject: long header text + +text +*** HEADER EXTRACTED bug1.file.tmp *** +*** MESSAGE FILE END bug1.file.tmp *** diff --git a/postfix/src/cleanup/bug2.file b/postfix/src/cleanup/bug2.file new file mode 100644 index 000000000..f5a7b0194 Binary files /dev/null and b/postfix/src/cleanup/bug2.file differ diff --git a/postfix/src/cleanup/bug2.in b/postfix/src/cleanup/bug2.in new file mode 100644 index 000000000..138ca3d42 --- /dev/null +++ b/postfix/src/cleanup/bug2.in @@ -0,0 +1,37 @@ +#verbose on +open bug2.file.tmp + +# Two bugs while updating a short Subject: header immediately before +# a still virgin "append header" pointer record. +# +# Symptom: +# +# warning: : malformed pointer record value: +# +# Cause: +# +# Failure to recognize the "append header" record while updating +# a short message header +# +# Analysis: +# +# This happened while updating a header record that was followed by +# the current "append header" record. The pointer could be the initial +# "append header" record between message header and body, or it could +# be a later version of that pointer somewhere in the heap. +# +# - Postfix considered the pointer record as any pointer record after +# a header record. Thus, it decided that some portion of the pointer +# record could be overwritten with the location of the new Subject: +# header on the heap. Later "append header" operations would then +# update old "append header" record and thus clobber part of the +# pointer to the new Subject: header value. +# +# - While saving the "append header" pointer record value on the +# heap, Postfix did not replace the still virgin "0" append header" +# pointer record value by the actual location of the message body +# content. + +upd_header 1 Subject hey! +add_header foo foobar +close diff --git a/postfix/src/cleanup/bug2.ref b/postfix/src/cleanup/bug2.ref new file mode 100644 index 000000000..89945f07b --- /dev/null +++ b/postfix/src/cleanup/bug2.ref @@ -0,0 +1,27 @@ +*** ENVELOPE RECORDS bug2.file.tmp *** + 0 message_size: 329 181 1 0 + 65 message_arrival_time: Tue Jul 25 15:37:06 2006 + 82 create_time: Tue Jul 25 15:37:06 2006 + 106 named_attribute: rewrite_context=local + 129 sender_fullname: Wietse Venema + 144 sender: me@porcupine.org + 162 pointer_record: 0 + 179 *** MESSAGE CONTENTS bug2.file.tmp *** + 181 regular_text: Received: by bristle.watson.ibm.com (Postfix, from userid 0) + 243 regular_text: id 034B229013F; Tue, 25 Jul 2006 15:37:06 -0400 (EDT) + 299 regular_text: From: me@porcupine.org + 323 regular_text: To: you@porcupine.org + 346 regular_text: Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org> + 408 regular_text: Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT) + 453 pointer_record: 552 + 552 regular_text: Subject: hey! + 567 pointer_record: 584 + 584 regular_text: foo: foobar + 597 pointer_record: 485 + 485 regular_text: + 487 regular_text: text + 493 pointer_record: 0 + 510 *** HEADER EXTRACTED bug2.file.tmp *** + 512 original_recipient: you@porcupine.org + 531 recipient: you@porcupine.org + 550 *** MESSAGE FILE END bug2.file.tmp *** diff --git a/postfix/src/cleanup/bug2.text.ref b/postfix/src/cleanup/bug2.text.ref new file mode 100644 index 000000000..1c7da0dda --- /dev/null +++ b/postfix/src/cleanup/bug2.text.ref @@ -0,0 +1,22 @@ +*** ENVELOPE RECORDS bug2.file.tmp *** +message_size: 329 181 1 0 +message_arrival_time: Tue Jul 25 15:37:06 2006 +create_time: Tue Jul 25 15:37:06 2006 +named_attribute: rewrite_context=local +sender_fullname: Wietse Venema +sender: me@porcupine.org +*** MESSAGE CONTENTS bug2.file.tmp *** +Received: by bristle.watson.ibm.com (Postfix, from userid 0) + id 034B229013F; Tue, 25 Jul 2006 15:37:06 -0400 (EDT) +From: me@porcupine.org +To: you@porcupine.org +Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org> +Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +Subject: hey! +foo: foobar + +text +*** HEADER EXTRACTED bug2.file.tmp *** +original_recipient: you@porcupine.org +recipient: you@porcupine.org +*** MESSAGE FILE END bug2.file.tmp *** diff --git a/postfix/src/cleanup/cleanup_milter.in1 b/postfix/src/cleanup/cleanup_milter.in1 index e1929af74..4d11edeb3 100644 --- a/postfix/src/cleanup/cleanup_milter.in1 +++ b/postfix/src/cleanup/cleanup_milter.in1 @@ -1,14 +1,42 @@ #verbose on open test-queue-file.tmp + +# Add and remove some recipient records. We verify that all results +# from virtual alias expansion are deleted. We don't yet attempt to +# remove non-existent recipients. + add_rcpt xxxx add_rcpt yyyy del_rcpt alias@tail.porcupine.org del_rcpt yyyy -ins_header 2 X-Test-Header test header value 1 -ins_header 2 X-Test-Header test header value 2 -del_header 2 X-Test-Header -ins_header 3 X-Test-Header test header value 3 -upd_header 1 X X-replaced-header replacement header text -upd_header 1 X X-replaced-header replacement header text + +# Insert a short header X2 at the position of a short multi-line +# header X, so that the first part of the multi-line header X needs +# to be copied to the heap, right after the inserted header. Then +# update the inserted header X2, so that a smaller portion of the +# saved multi-line header X needs to be copied again. Thus we end +# up with a multi-line header X that is broken up into three pieces. +# Finally, delete the inserted header X2. All this tests if an insert +# operation properly saves a portion of a multi-line header, to make +# space for the forward pointer to the inserted content. + +ins_header 2 X2 v1 +upd_header 1 X2 v2 +del_header 1 X2 + +# Insert a header at the position of a single-line short header Y, +# so that both header Y, and the single-line Message-ID header that +# follows Y, need to be copied to the heap. This tests if an insert +# operation properly saves records to make space for the forward +# pointer record to the inserted content. + +ins_header 3 X2 test header value 3 + +# Update the multiply broken, multi-line, header X. This tests if +# we correcly link the new header to the header that comes after the +# modified header. + upd_header 1 X X-replaced-header replacement header text +#upd_header 1 X X-replaced-header replacement header text +#upd_header 1 X X-replaced-header replacement header text close diff --git a/postfix/src/cleanup/cleanup_milter.in2 b/postfix/src/cleanup/cleanup_milter.in2 index 5bdbdc522..c459a9f6e 100644 --- a/postfix/src/cleanup/cleanup_milter.in2 +++ b/postfix/src/cleanup/cleanup_milter.in2 @@ -1,5 +1,23 @@ #verbose on open test-queue-file2.tmp + +# Update a short Subject: header that immediately precedes the "append +# header" pointer record. The new Subject: header value is stored +# at the end of the heap, followed by the saved "append header" +# pointer record value. +# +# - Postfix must not consider the "append header" pointer record as +# if it were part of the short Subject: header. Instead, the record +# must be saved to the heap, right after the new Subject: header +# value. +# +# - Postfix must update its idea of the current "append header" +# pointer record location. +# +# - While saving the "append header" pointer record value, Postfix +# must replace a "0" append header" pointer record value by the +# actual location of the message body content. + upd_header 1 Subject hey! upd_header 1 Subject hey! upd_header 1 Subject hey! diff --git a/postfix/src/cleanup/cleanup_milter.in3 b/postfix/src/cleanup/cleanup_milter.in3 new file mode 100644 index 000000000..8a9b412e9 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.in3 @@ -0,0 +1,60 @@ +#verbose on +open test-queue-file3.tmp + +# Another torture test for mail with a short last message header. +# This complements test #2 with the same message where we update the +# short Subject header, but none of the other headers. Like test #1, +# this also tests possible interactions with envelope recipient +# updates, which share the same heap with message header updates. + +# Add a recipient and update all headers in reverse order. + +add_rcpt me@porcupine.org +upd_header 1 Subject hey! +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 To you@porcupine.org +upd_header 1 From me@porcupine.org + +# Delete the recipient added above, and update headers in reverse +# order, twice. This tests repeated updates of short headers, but +# doesn't test much for the longer ones. + +del_rcpt me@porcupine.org +upd_header 1 Subject hey! +upd_header 1 Subject hey! +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 To you@porcupine.org +upd_header 1 To you@porcupine.org +upd_header 1 From me@porcupine.org +upd_header 1 From me@porcupine.org + +# Add a new recipient, using a different address than above, so that +# the duplicate filter won't suppress it. Update the headers in the +# normal order, in case it makes a difference. + +add_rcpt em@porcupine.org +upd_header 1 From me@porcupine.org +upd_header 1 To you@porcupine.org +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Subject hey! + +# Delete the recipient and update the headers again. + +del_rcpt em@porcupine.org +upd_header 1 From me@porcupine.org +upd_header 1 From me@porcupine.org +upd_header 1 To you@porcupine.org +upd_header 1 To you@porcupine.org +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 Message-Id <20060725192735.5EC2D29013F@hades.porcupine.org> +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Date Tue, 25 Jul 2006 15:27:19 -0400 (EDT) +upd_header 1 Subject hey! +upd_header 1 Subject hey! + +close diff --git a/postfix/src/cleanup/cleanup_milter.in4a b/postfix/src/cleanup/cleanup_milter.in4a new file mode 100644 index 000000000..ce0790752 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.in4a @@ -0,0 +1,9 @@ +#verbose on +open test-queue-file4.tmp +add_rcpt 01 +add_rcpt 02 +add_rcpt 03 +del_rcpt 03 +del_rcpt 02 +del_rcpt 01 +close diff --git a/postfix/src/cleanup/cleanup_milter.in4b b/postfix/src/cleanup/cleanup_milter.in4b new file mode 100644 index 000000000..3e6202d85 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.in4b @@ -0,0 +1,9 @@ +#verbose on +open test-queue-file4.tmp +add_rcpt 01 +add_rcpt 02 +add_rcpt 03 +del_rcpt 01 +del_rcpt 02 +del_rcpt 03 +close diff --git a/postfix/src/cleanup/cleanup_milter.in4c b/postfix/src/cleanup/cleanup_milter.in4c new file mode 100644 index 000000000..25dc6d631 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.in4c @@ -0,0 +1,12 @@ +#verbose on +open test-queue-file4.tmp +add_rcpt 01 +del_rcpt 01 +del_rcpt 03 +add_rcpt 02 +del_rcpt 02 +del_rcpt 01 +add_rcpt 03 +del_rcpt 03 +del_rcpt 02 +close diff --git a/postfix/src/cleanup/cleanup_milter.in5 b/postfix/src/cleanup/cleanup_milter.in5 new file mode 100644 index 000000000..393e300c5 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.in5 @@ -0,0 +1,19 @@ +open test-queue-file5.tmp + +# Test with a series of multiple short headers. + +# Update short multi-line X header in the middle of other headers, +# so that the next header gets copied right after the new X header. +# Then update the X header another time so that it separates from +# the header that follows it. + +upd_header 1 X whatevershebringswesing +upd_header 1 X whatevershebringswesing + +# Update a short Subject header that precedes the updated X header, +# and see if pointers are updated properly. + +upd_header 1 Subject hya +#upd_header 1 Subject hya + +close diff --git a/postfix/src/cleanup/cleanup_milter.ref1 b/postfix/src/cleanup/cleanup_milter.ref1 index 5fea0c699..41f298dc4 100644 --- a/postfix/src/cleanup/cleanup_milter.ref1 +++ b/postfix/src/cleanup/cleanup_milter.ref1 @@ -31,19 +31,16 @@ 654 regular_text: Received: from tail.porcupine.org (tail.porcupine.org [IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f]) 751 regular_text: by tail.porcupine.org (Postfix) with SMTP id E0F703D1E36; 811 regular_text: Sat, 13 May 2006 21:04:18 -0400 (EDT) - 851 pointer_record: 1264 - 1264 regular_text: X-Test-Header: test header value 2 - 1300 pointer_record: 1317 - 1317 regular_text: X-Test-Header: test header value 3 - 1353 pointer_record: 1193 - 1193 deleted_text: X-Test-Header: test header value 1 - 1229 pointer_record: 1370 - 1370 pointer_record: 1433 - 1433 pointer_record: 1496 - 1496 regular_text: X: X-replaced-header replacement header text - 1542 pointer_record: 881 - 881 regular_text: Y: 1234567 - 893 regular_text: Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org> + 851 pointer_record: 1193 + 1193 pointer_record: 1236 + 1236 deleted_text: X2: v2 + 1244 pointer_record: 1386 + 1386 regular_text: X: X-replaced-header replacement header text + 1432 pointer_record: 1271 + 1271 regular_text: X2: test header value 3 + 1296 regular_text: Y: 1234567 + 1308 regular_text: Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org> + 1369 pointer_record: 954 954 regular_text: Date: Sat, 13 May 2006 21:04:18 -0400 (EDT) 999 regular_text: From: wietse@porcupine.org 1027 regular_text: To: undisclosed-recipients:; diff --git a/postfix/src/cleanup/cleanup_milter.ref3 b/postfix/src/cleanup/cleanup_milter.ref3 new file mode 100644 index 000000000..77c5b5c68 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.ref3 @@ -0,0 +1,50 @@ +*** ENVELOPE RECORDS test-queue-file3.tmp *** + 0 message_size: 329 181 1 0 + 65 message_arrival_time: Tue Jul 25 15:37:06 2006 + 82 create_time: Tue Jul 25 15:37:06 2006 + 106 named_attribute: rewrite_context=local + 129 sender_fullname: Wietse Venema + 144 sender: me@porcupine.org + 162 pointer_record: 552 + 552 named_attribute: notify_flags=1 + 568 original_recipient: me@porcupine.org + 586 canceled_recipient: me@porcupine.org + 604 pointer_record: 1383 + 1383 named_attribute: notify_flags=1 + 1399 original_recipient: em@porcupine.org + 1417 canceled_recipient: em@porcupine.org + 1435 pointer_record: 179 + 179 *** MESSAGE CONTENTS test-queue-file3.tmp *** + 181 regular_text: Received: by bristle.watson.ibm.com (Postfix, from userid 0) + 243 regular_text: id 034B229013F; Tue, 25 Jul 2006 15:37:06 -0400 (EDT) + 299 pointer_record: 834 + 834 pointer_record: 1301 + 1301 pointer_record: 1342 + 1342 pointer_record: 1452 + 1452 pointer_record: 1706 + 1706 pointer_record: 1747 + 1747 regular_text: From: me@porcupine.org + 1771 pointer_record: 1493 + 1493 pointer_record: 1788 + 1788 pointer_record: 1828 + 1828 regular_text: To: you@porcupine.org + 1851 pointer_record: 1533 + 1533 pointer_record: 1868 + 1868 pointer_record: 1947 + 1947 regular_text: Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org> + 2009 pointer_record: 1612 + 1612 pointer_record: 2026 + 2026 pointer_record: 2088 + 2088 regular_text: Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT) + 2133 pointer_record: 1674 + 1674 pointer_record: 2150 + 2150 pointer_record: 2182 + 2182 regular_text: Subject: hey! + 2197 pointer_record: 485 + 485 regular_text: + 487 regular_text: text + 493 pointer_record: 0 + 510 *** HEADER EXTRACTED test-queue-file3.tmp *** + 512 original_recipient: you@porcupine.org + 531 recipient: you@porcupine.org + 550 *** MESSAGE FILE END test-queue-file3.tmp *** diff --git a/postfix/src/cleanup/cleanup_milter.ref4 b/postfix/src/cleanup/cleanup_milter.ref4 new file mode 100644 index 000000000..5dc13ca29 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.ref4 @@ -0,0 +1,55 @@ +*** ENVELOPE RECORDS test-queue-file4.tmp *** + 0 message_size: 428 654 3 0 + 65 message_arrival_time: Sat May 13 21:04:18 2006 + 84 create_time: Sat May 13 21:04:27 2006 + 108 named_attribute: rewrite_context=local + 131 sender: wietse@porcupine.org + 153 named_attribute: client_name=tail.porcupine.org + 185 named_attribute: client_address=IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f + 240 named_attribute: message_origin=tail.porcupine.org[2001:240:587:0:2d0:b7ff:febe:ca9f] + 310 named_attribute: helo_name=tail.porcupine.org + 340 named_attribute: protocol_name=SMTP + 360 named_attribute: dsn_orig_rcpt=rfc822;wietse@porcupine.org + 403 original_recipient: wietse@porcupine.org + 425 recipient: wietse@porcupine.org + 447 named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org + 494 original_recipient: alias@tail.porcupine.org + 520 recipient: wietse@porcupine.org + 542 named_attribute: dsn_orig_rcpt=rfc822;alias@tail.porcupine.org + 589 original_recipient: alias@tail.porcupine.org + 615 recipient: root@porcupine.org + 635 pointer_record: 1103 + 1103 named_attribute: notify_flags=1 + 1119 original_recipient: 01 + 1123 canceled_recipient: 01 + 1127 pointer_record: 1144 + 1144 named_attribute: notify_flags=1 + 1160 original_recipient: 02 + 1164 canceled_recipient: 02 + 1168 pointer_record: 1185 + 1185 named_attribute: notify_flags=1 + 1201 original_recipient: 03 + 1205 canceled_recipient: 03 + 1209 pointer_record: 652 + 652 *** MESSAGE CONTENTS test-queue-file4.tmp *** + 654 regular_text: Received: from tail.porcupine.org (tail.porcupine.org [IPv6:2001:240:587:0:2d0:b7ff:febe:ca9f]) + 751 regular_text: by tail.porcupine.org (Postfix) with SMTP id E0F703D1E36; + 811 regular_text: Sat, 13 May 2006 21:04:18 -0400 (EDT) + 851 regular_text: X: 1 + 857 regular_text: 2 + 861 regular_text: 3 + 865 regular_text: 4 + 869 regular_text: 5 + 873 regular_text: 6 + 877 regular_text: 7 + 881 regular_text: Y: 1234567 + 893 regular_text: Message-Id: <20060514010427.E0F703D1E36@tail.porcupine.org> + 954 regular_text: Date: Sat, 13 May 2006 21:04:18 -0400 (EDT) + 999 regular_text: From: wietse@porcupine.org + 1027 regular_text: To: undisclosed-recipients:; + 1057 pointer_record: 0 + 1074 regular_text: + 1076 regular_text: text + 1082 *** HEADER EXTRACTED test-queue-file4.tmp *** + 1084 pointer_record: 0 + 1101 *** MESSAGE FILE END test-queue-file4.tmp *** diff --git a/postfix/src/cleanup/cleanup_milter.ref5 b/postfix/src/cleanup/cleanup_milter.ref5 new file mode 100644 index 000000000..49e8f0463 --- /dev/null +++ b/postfix/src/cleanup/cleanup_milter.ref5 @@ -0,0 +1,29 @@ +*** ENVELOPE RECORDS test-queue-file5.tmp *** + 0 message_size: 370 221 1 0 + 65 message_arrival_time: Fri Jul 28 15:14:59 2006 + 84 create_time: Fri Jul 28 15:15:05 2006 + 108 named_attribute: rewrite_context=local + 131 sender_fullname: Wietse Venema + 146 sender: me@porcupine.org + 164 original_recipient: you@porcupine.org + 183 recipient: you@porcupine.org + 202 pointer_record: 0 + 219 *** MESSAGE CONTENTS test-queue-file5.tmp *** + 221 regular_text: Received: by bristle.watson.ibm.com (Postfix, from userid 1001) + 286 regular_text: id 78849290593; Fri, 28 Jul 2006 15:15:05 -0400 (EDT) + 342 pointer_record: 750 + 750 regular_text: Subject: hya + 764 pointer_record: 705 + 705 regular_text: X: whatevershebringswesing + 733 pointer_record: 623 + 623 regular_text: Message-Id: <20060728191505.78849290593@bristle.watson.ibm.com> + 688 pointer_record: 434 + 434 regular_text: Date: Fri, 28 Jul 2006 15:14:59 -0400 (EDT) + 479 regular_text: From: me@porcupine.org (Wietse Venema) + 519 regular_text: To: undisclosed-recipients:; + 549 pointer_record: 0 + 566 regular_text: + 568 regular_text: text + 574 pointer_record: 0 + 591 *** HEADER EXTRACTED test-queue-file5.tmp *** + 593 *** MESSAGE FILE END test-queue-file5.tmp *** diff --git a/postfix/src/cleanup/test-queue-file3 b/postfix/src/cleanup/test-queue-file3 new file mode 100644 index 000000000..f5a7b0194 Binary files /dev/null and b/postfix/src/cleanup/test-queue-file3 differ diff --git a/postfix/src/cleanup/test-queue-file4 b/postfix/src/cleanup/test-queue-file4 new file mode 100755 index 000000000..da59ed963 Binary files /dev/null and b/postfix/src/cleanup/test-queue-file4 differ diff --git a/postfix/src/cleanup/test-queue-file5 b/postfix/src/cleanup/test-queue-file5 new file mode 100644 index 000000000..dedead44c Binary files /dev/null and b/postfix/src/cleanup/test-queue-file5 differ diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 6a457703c..ed34b8c06 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change both the patchlevel and the release date. Snapshots have no * patchlevel; they change the release date only. */ -#define MAIL_RELEASE_DATE "20060727" +#define MAIL_RELEASE_DATE "20060806" #define MAIL_VERSION_NUMBER "2.4" #ifdef SNAPSHOT diff --git a/postfix/src/milter/milter8.c b/postfix/src/milter/milter8.c index b4105c0cb..4f5c4d609 100644 --- a/postfix/src/milter/milter8.c +++ b/postfix/src/milter/milter8.c @@ -2144,7 +2144,7 @@ static const char *milter8_message(MILTER *m, VSTREAM *qfile, /* * XXX When the message (not MIME body part) does not end in CRLF - * (i.e. the last record was REC_TYPE_CONT), do we send CRLF + * (i.e. the last record was REC_TYPE_CONT), do we send a CRLF * terminator before triggering the end-of-body condition? */ for (;;) { diff --git a/postfix/src/smtp/smtp_sasl_proto.c b/postfix/src/smtp/smtp_sasl_proto.c index a76e77236..295c0fbd2 100644 --- a/postfix/src/smtp/smtp_sasl_proto.c +++ b/postfix/src/smtp/smtp_sasl_proto.c @@ -176,18 +176,19 @@ int smtp_sasl_helo_login(SMTP_STATE *state) ret = smtp_sess_fail(state); /* Session reuse is disabled. */ } else { -#ifdef USE_TLS +#ifndef USE_TLS + smtp_sasl_start(session, VAR_SMTP_SASL_OPTS, + var_smtp_sasl_opts); +#else if (session->tls_context == 0) -#endif smtp_sasl_start(session, VAR_SMTP_SASL_OPTS, var_smtp_sasl_opts); -#ifdef USE_TLS #ifdef SNAPSHOT /* XXX: Not yet */ else if (session->tls_context->peer_verified) smtp_sasl_start(session, VAR_SMTP_SASL_TLSV_OPTS, var_smtp_sasl_tlsv_opts); - else #endif + else smtp_sasl_start(session, VAR_SMTP_SASL_TLS_OPTS, var_smtp_sasl_tls_opts); #endif diff --git a/postfix/src/util/mymalloc.c b/postfix/src/util/mymalloc.c index 1c8165da7..9e6221350 100644 --- a/postfix/src/util/mymalloc.c +++ b/postfix/src/util/mymalloc.c @@ -147,6 +147,11 @@ char *mymalloc(ssize_t len) char *ptr; MBLOCK *real_ptr; + /* + * Note: for safety reasons the request length is a signed type. This + * allows us to catch integer overflow problems that weren't already + * caught up-stream. + */ if (len < 1) msg_panic("mymalloc: requested length %ld", (long) len); if ((real_ptr = (MBLOCK *) malloc(SPACE_FOR(len))) == 0) @@ -168,6 +173,11 @@ char *myrealloc(char *ptr, ssize_t len) return (mymalloc(len)); #endif + /* + * Note: for safety reasons the request length is a signed type. This + * allows us to catch integer overflow problems that weren't already + * caught up-stream. + */ if (len < 1) msg_panic("myrealloc: requested length %ld", (long) len); CHECK_IN_PTR(ptr, real_ptr, old_len, "myrealloc"); diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index efb0b3b02..296806d3e 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -26,7 +26,7 @@ #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \ || defined(FREEBSD5) || defined(FREEBSD6) \ || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ - || defined(OPENBSD2) || defined(OPENBSD3) \ + || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \ || defined(EKKOBSD1) #define SUPPORTED