From 0e032173f7f66fe008a348dbbf05136c35c29c9d Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Thu, 28 Sep 2000 00:00:00 -0500 Subject: [PATCH] snapshot-20000928 --- postfix/ETRN_README | 33 +++++++ postfix/HISTORY | 15 ++++ postfix/RELEASE_NOTES | 14 +++ postfix/conf/etrn | 110 +++++++++++++++++++++++ postfix/conf/master.cf | 2 +- postfix/conf/sample-local.cf | 11 +++ postfix/conf/sample-misc.cf | 10 +++ postfix/conf/sample-smtpd.cf | 44 ++++----- postfix/html/Makefile.in | 6 +- postfix/html/etrn.5.html | 134 ++++++++++++++++++++++++++++ postfix/html/flushd.8.html | 78 ++++++++-------- postfix/html/sendmail.1.html | 88 +++++++++--------- postfix/html/smtpd.8.html | 132 +++++++++++++-------------- postfix/html/uce.html | 11 ++- postfix/man/Makefile.in | 6 +- postfix/man/man1/sendmail.1 | 17 +++- postfix/man/man5/etrn.5 | 101 +++++++++++++++++++++ postfix/man/man8/flushd.8 | 35 +++++--- postfix/man/man8/smtpd.8 | 17 ++-- postfix/proto/Makefile.in | 5 +- postfix/proto/etrn | 88 ++++++++++++++++++ postfix/src/flushd/.printfck | 25 ++++++ postfix/src/flushd/flushd.c | 68 +++++++++----- postfix/src/global/mail_params.h | 12 ++- postfix/src/global/mail_queue.c | 3 +- postfix/src/global/mail_version.h | 2 +- postfix/src/sendmail/sendmail.c | 25 +++--- postfix/src/smtp/smtp_sasl_glue.c | 4 +- postfix/src/smtp/smtp_unalias.c | 3 + postfix/src/smtpd/smtpd.c | 15 ++-- postfix/src/smtpd/smtpd_check.c | 5 +- postfix/src/smtpd/smtpd_sasl_glue.c | 4 +- 32 files changed, 869 insertions(+), 254 deletions(-) create mode 100644 postfix/ETRN_README create mode 100644 postfix/conf/etrn create mode 100644 postfix/html/etrn.5.html create mode 100644 postfix/man/man5/etrn.5 create mode 100644 postfix/proto/etrn create mode 100644 postfix/src/flushd/.printfck diff --git a/postfix/ETRN_README b/postfix/ETRN_README new file mode 100644 index 000000000..c94a14847 --- /dev/null +++ b/postfix/ETRN_README @@ -0,0 +1,33 @@ +Enabling the Postfix fast ETRN service +====================================== + +Add an entry to the master.cf file for the new flush daemon: + + /etc/postfix/master.cf: + flush unix n - n - 0 flushd + +Configure a list of domains that have fast ETRN service and +what clients can use the service: + + /etc/postfix/etrn: + domain.name permit_mynetworks + +Run the postmap command: + + # postmap /etc/postfix/etrn + +Create any missing directories that are needed for fast ETRN service: + + # postfix check + +Configure Postfix to use the fast ETRN service: + + /etc/postfix/main.cf: + etrn_maps = hash:/etc/postfix/etrn + +(specify dbm instead of hash if your machine uses DBM databases +rather than DB). + +Refresh Postfix: + + # postfix reload diff --git a/postfix/HISTORY b/postfix/HISTORY index 4e9246e8d..28680ea86 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -4304,3 +4304,18 @@ Apologies for any names omitted. First implementation of a logfile-based fast flush server, which is the basis for ETRN and "sendmail -qRsite". + +20000928 + + Bugfix: the stricter dns_lookup() argument checks revealed + that Postfix was doing DNS lookups for domain literals + ([ip.address]) when expanding aliases in MAIL FROM and RCPT + TO address parameters. Reported by Jim Littlefield. File: + smtp/smtp_unalias.c. + + Documentation: added text on the biff=yes/no parameter to + conf/sample-local.cf (text provided by Paul Wagland, + relational-consultancy.com. + + Robustness? Log errors from SASL library code as warnings + not as fatal errors. Files: smtp*/*glue.c. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 5c88e92a5..ed53a8659 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -1,6 +1,20 @@ Incompatible changes with snapshot-20000924 =========================================== +After building and installing, you need to "postfix check" +and "postfix reload". + +The ETRN service is no longer enabled by default. You need to +configure what domains and what clients can use ETRN. See the +ETRN_README file for more information. + +The smtpd_etrn_restrictions are gone. + +The "flush" queue should be listed in "hash_queue_names". + +Incompatible changes with snapshot-20000924 +=========================================== + The postmaster address in the "sorry" text at the top of bounced mail is now just postmaster, not postmaster@sending.machine. The idea is to refer users to their own postmaster. diff --git a/postfix/conf/etrn b/postfix/conf/etrn new file mode 100644 index 000000000..5ed1aea59 --- /dev/null +++ b/postfix/conf/etrn @@ -0,0 +1,110 @@ +# +# ETRN(5) ETRN(5) +# +# NAME +# etrn - format of Postfix etrn table +# +# SYNOPSIS +# etrn_maps = hash:/etc/postfix/etrn +# etrn_maps = dbm:/etc/postfix/etrn +# +# postmap /etc/postfix/etrn +# +# DESCRIPTION +# The optional etrn file specifies what destination domain +# names can be specified in SMTP ETRN commands. This infor- +# mation is used by the smtpd(8) and flushd(8) daemon. +# +# Normally, the file serves as input to the postmap(1) com- +# mand. The result, an indexed file in dbm or db format, is +# used for fast searching by the mail system. Execute the +# command postmap /etc/postfix/etrn in order to rebuild the +# indexed file after changing the etrn table. +# +# When the table is provided via other means such as NIS, +# LDAP, SQL, or as regular expressions, the same lookups are +# done as for ordinary indexed files. +# +# TABLE FORMAT +# The format of the etrn table is as follows: +# +# blanks and comments +# Blank lines are ignored, as are lines beginning +# with `#'. +# +# domain restrictions +# The left-hand side, domain, specifies a destination +# domain name that can be specified in ETRN commands. +# +# The right-hand side specifies one or more access +# restrictions. Restrictions are processed in the +# given order and the search stops at the first +# match. +# +# reject_unknown_client +# Reject the request if the client hostname is +# unknown. +# +# permit_mynetworks +# Permit the request if the client address +# matches $mynetworks. +# +# reject_maps_rbl +# Reject the request if the reverse client +# network address is listed under +# $maps_rbl_domains. +# +# reject Reject the request. Place this at the end of +# +# 1 +# +# ETRN(5) ETRN(5) +# +# a restriction list. +# +# permit Permit the request. Place this at the end of +# a restriction list. +# +# CONFIGURATION PARAMETERS +# The following main.cf parameters are especially relevant +# to this topic. See the Postfix main.cf file for syntax +# details and for default values. Use the postfix reload +# command after a configuration change. +# +# etrn_maps +# Tables that specify what domains have ETRN service. +# For each table entry, the left-hand side specifies +# a destination domain name that can be specified in +# an ETRN request, and the right-hand side specifies +# a list of access restrictions for SMTP clients that +# issue ETRN for the domain. +# +# fast_flush_maps +# The table with names of destinations that this MTA +# provides the fast flush service for. By default, +# this is set to $etrn_maps. +# +# relay_domains +# The list of domains that this MTA is willing to +# forward mail from or to. This defaults to $mydesti- +# nation, $fast_flush_maps. +# +# SEE ALSO +# smtpd(8) Postfix SMTP server +# flushd(1) Postfix fast flush service +# sendmail(5) sendmail-compatible interface +# pcre_table(5) format of PCRE tables +# regexp_table(5) format of POSIX regular expression tables +# +# LICENSE +# The Secure Mailer license must be distributed with this +# software. +# +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +# +# 2 +# diff --git a/postfix/conf/master.cf b/postfix/conf/master.cf index b3b1fa7f7..0f9ba3718 100644 --- a/postfix/conf/master.cf +++ b/postfix/conf/master.cf @@ -75,7 +75,7 @@ bounce unix - - n - 0 bounce defer unix - - n - 0 bounce smtp unix - - n - - smtp showq unix n - n - - showq -flush unix n - n - - flushd +flush unix n - n - 0 flushd error unix - - n - - error local unix - n n - - local lmtp unix - - n - - lmtp diff --git a/postfix/conf/sample-local.cf b/postfix/conf/sample-local.cf index 940ef40b8..edf2c0fb7 100644 --- a/postfix/conf/sample-local.cf +++ b/postfix/conf/sample-local.cf @@ -7,6 +7,17 @@ # See the sample-aliases.cf file for parameters that are specific to # alias database lookup. +# The biff parameter specifies whether or not to contact the biff +# server. This server sends "new mail" notifications to users who +# have requested new mail notification with "biff y". +# +# For compatibility reasons this feature is on by default. On systems +# with lots of interactive users, this "protocol" can be a real +# performance pig. Specify "biff = no" to disable. +# +# biff = no +biff = yes + # # OVERRIDE LOCAL TRANSPORT # diff --git a/postfix/conf/sample-misc.cf b/postfix/conf/sample-misc.cf index e5b134b36..f1f876d2f 100644 --- a/postfix/conf/sample-misc.cf +++ b/postfix/conf/sample-misc.cf @@ -38,6 +38,16 @@ default_transport = smtp # double_bounce_sender = double-bounce +# The fast_flush_maps parameter specifies what destination domain +# names can be used in SMTP ETRN requests and in "sendmail -qRdomain.name" +# commands. By default, the value is $etrn_maps, the set of domain names +# that can be used in SMTP ETRN requests (see sample-smtpd.cf). +# +# The fast_flush_maps parameter is also used in the default settings +# of the relay_domains configuration parameter. +# +fast_flush_maps = + # The hash_queue_depth parameter specifies the number of subdirectory # levels below the queue directories listed in the hash_queue_names # parameter. diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf index 0539cc551..8729602b9 100644 --- a/postfix/conf/sample-smtpd.cf +++ b/postfix/conf/sample-smtpd.cf @@ -14,6 +14,27 @@ # #disable_vrfy_command = no +# The etrn_maps parameter specifies what domains have ETRN service. +# For each table entry, the left-hand side specifies a destination +# domain name, and the right-hand side specifies a list of access +# restrictions for clients that issue ETRN for the domain. +# +# The default is to disallow ETRN commands. The following restrictions +# are available: +# +# reject_unknown_client: reject the request if the client hostname is unknown. +# permit_mynetworks: permit if the client address matches $mynetworks. +# reject_maps_rbl: reject if the reverse client network address +# is listed under $maps_rbl_domains. +# reject: reject the request. Place this at the end of a restriction. +# permit: permit the request. Place this at the end of a restriction. +# +# etrn_maps is also the default value for the fast_flush_maps parameter +# which controls the fast flush service which is used for ETRN and for +# "sendmail -qRdomain.name" +# +etrn_maps = + # The smtpd_banner parameter specifies the text that follows the 220 # status code in the SMTP greeting banner. Some people like to see # the mail version advertised. By default, Postfix shows no version. @@ -26,27 +47,6 @@ # smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_banner = $myhostname ESMTP $mail_name -# The smtpd_etrn_restrictions parameter restricts what clients are -# allowed to issue the ETRN command. The present Postfix ETRN differs -# from other ETRN implementations in that it flushes mail for all -# destinations. This will change in the future. -# -# The default is to allow ETRN from any host. The following restrictions -# are available: -# -# reject_unknown_client: reject the request if the client hostname is unknown. -# permit_mynetworks: permit if the client address matches $mynetworks. -# check_client_access maptype:mapname -# maptype:mapname: look up client name, parent domains, client address, -# or networks obtained by stripping octets. -# Reject if result is REJECT or "[45]xx text" -# Permit otherwise. -# reject_maps_rbl: reject if the reverse client network address -# is listed under $maps_rbl_domains. -# reject: reject the request. Place this at the end of a restriction. -# permit: permit the request. Place this at the end of a restriction. -smtpd_etrn_restrictions = - # The smtpd_recipient_limit parameter restricts the number of recipients # that the SMTP server accepts per message delivery. # @@ -313,7 +313,7 @@ maps_rbl_domains = rbl.maps.vix.com # permit_mx_backup restriction, in the description of the # smtpd_recipient_restrictions parameter. # -relay_domains = $mydestination +relay_domains = $mydestination $fast_flush_maps # # RESPONSE CODES diff --git a/postfix/html/Makefile.in b/postfix/html/Makefile.in index 35f235000..4fed7b980 100644 --- a/postfix/html/Makefile.in +++ b/postfix/html/Makefile.in @@ -11,7 +11,8 @@ COMMANDS= mailq.1.html newaliases.1.html postalias.1.html postcat.1.html \ postlog.1.html postdrop.1.html postmap.1.html sendmail.1.html \ postsuper.1.html CONFIG = access.5.html aliases.5.html canonical.5.html relocated.5.html \ - transport.5.html virtual.5.html pcre_table.5.html regexp_table.5.html + transport.5.html virtual.5.html pcre_table.5.html regexp_table.5.html \ + etrn.5.html update: $(DAEMONS) $(COMMANDS) $(CONFIG) @@ -131,6 +132,9 @@ aliases.5.html: ../proto/aliases canonical.5.html: ../proto/canonical srctoman - $? | nroff -man | man2html | postlink >$@ +etrn.5.html: ../proto/etrn + srctoman - $? | nroff -man | man2html | postlink >$@ + pcre_table.5.html: ../proto/pcre_table srctoman - $? | nroff -man | man2html | postlink >$@ diff --git a/postfix/html/etrn.5.html b/postfix/html/etrn.5.html new file mode 100644 index 000000000..7b1a13fee --- /dev/null +++ b/postfix/html/etrn.5.html @@ -0,0 +1,134 @@ + 
+
+
+
+ETRN(5)                                                   ETRN(5)
+
+
+NAME
+       etrn - format of Postfix etrn table
+
+SYNOPSIS
+       etrn_maps = hash:/etc/postfix/etrn
+       etrn_maps = dbm:/etc/postfix/etrn
+
+       postmap /etc/postfix/etrn
+
+DESCRIPTION
+       The  optional  etrn file specifies what destination domain
+       names can be specified in SMTP ETRN commands. This  infor-
+       mation is used by the smtpd(8) and flushd(8) daemon.
+
+       Normally,  the file serves as input to the postmap(1) com-
+       mand.  The result, an indexed file in dbm or db format, is
+       used  for  fast  searching by the mail system. Execute the
+       command postmap /etc/postfix/etrn in order to rebuild  the
+       indexed file after changing the etrn table.
+
+       When  the  table  is provided via other means such as NIS,
+       LDAP, SQL, or as regular expressions, the same lookups are
+       done as for ordinary indexed files.
+
+TABLE FORMAT
+       The format of the etrn table is as follows:
+
+       blanks and comments
+              Blank  lines  are  ignored,  as are lines beginning
+              with `#'.
+
+       domain restrictions
+              The left-hand side, domain, specifies a destination
+              domain name that can be specified in ETRN commands.
+
+              The right-hand side specifies one  or  more  access
+              restrictions.   Restrictions  are  processed in the
+              given order and  the  search  stops  at  the  first
+              match.
+
+              reject_unknown_client
+                     Reject the request if the client hostname is
+                     unknown.
+
+              permit_mynetworks
+                     Permit the request  if  the  client  address
+                     matches $mynetworks.
+
+              reject_maps_rbl
+                     Reject  the  request  if  the reverse client
+                     network    address    is    listed     under
+                     $maps_rbl_domains.
+
+              reject Reject the request. Place this at the end of
+
+
+
+                                                                1
+
+
+
+
+
+ETRN(5)                                                   ETRN(5)
+
+
+                     a restriction list.
+
+              permit Permit the request. Place this at the end of
+                     a restriction list.
+
+
+CONFIGURATION PARAMETERS
+       The  following  main.cf parameters are especially relevant
+       to this topic. See the Postfix  main.cf  file  for  syntax
+       details  and  for  default  values. Use the postfix reload
+       command after a configuration change.
+
+       etrn_maps
+              Tables that specify what domains have ETRN service.
+              For  each table entry, the left-hand side specifies
+              a destination domain name that can be specified  in
+              an  ETRN request, and the right-hand side specifies
+              a list of access restrictions for SMTP clients that
+              issue ETRN for the domain.
+
+       fast_flush_maps
+              The  table with names of destinations that this MTA
+              provides the fast flush service  for.  By  default,
+              this is set to $etrn_maps.
+
+       relay_domains
+              The  list  of  domains  that this MTA is willing to
+              forward mail from or to. This defaults to $mydesti-
+              nation, $fast_flush_maps.
+
+SEE ALSO
+       smtpd(8) Postfix SMTP server
+       flushd(1) Postfix fast flush service
+       sendmail(5) sendmail-compatible interface
+       pcre_table(5) format of PCRE tables
+       regexp_table(5) format of POSIX regular expression tables
+
+LICENSE
+       The  Secure  Mailer  license must be distributed with this
+       software.
+
+AUTHOR(S)
+       Wietse Venema
+       IBM T.J. Watson Research
+       P.O. Box 704
+       Yorktown Heights, NY 10598, USA
+
+
+
+
+
+
+
+
+
+
+
+                                                                2
+
+
+
diff --git a/postfix/html/flushd.8.html b/postfix/html/flushd.8.html index dc67ace3c..fab4a17f6 100644 --- a/postfix/html/flushd.8.html +++ b/postfix/html/flushd.8.html @@ -19,11 +19,11 @@ FLUSHD(8) FLUSHD(8) This server implements the following requests: - FLUSH_REQ_ADD sitename queue_id - Append a record to the per-site fast flush logfile - for the specified queue ID. + FLUSH_REQ_ADD sitename queue_id + Append queue_id to the fast flush logfile for the + specified site. - FLUSH_REQ_SEND sitename + FLUSH_REQ_SEND sitename Arrange for the delivery of all messages that are listed in the fast flush logfile for the specified site. After the logfile is processed, the file is @@ -31,34 +31,34 @@ FLUSHD(8) FLUSHD(8) The response to the client is one of: - FLUSH_STAT_OK + FLUSH_STAT_OK The request completed normally. - FLUSH_STAT_BAD + FLUSH_STAT_BAD The flush server rejected the request (bad request name, bad request parameter value). - FLUSH_STAT_UNKNOWN + FLUSH_STAT_UNKNOWN The specified site has no fast flush logfile and is not configured to have one. + Fast flush logfiles are truncated only after a flush + request. In order to prevent fast flush logfiles from + growing without bounds, and to prevent them from accumu- + lating too much outdated information, the flush service + generates a pro-active flush request once every every 1000 + append requests. This should not impact operation. + SECURITY The fast flush server is moderately security-sensitive. It - does not talk to the network, but it does talk to local + does not talk to the network, but it does talk to local unprivileged users, in order to emulate "sendmail -qRsite" - behavior. For this reason all strings in a request are - truncated at ine_length_limit. + behavior. For this reason all strings in a request are + truncated at line_length_limit. The fast flush server can run chrooted at fixed low privi- lege. -DIAGNOSTICS - Problems and transactions are logged to syslogd(8). - -BUGS - In reality, this server schedules delivery of messages, - regardless of their destination. This limitation is due to - the fact that one queue runner has to handle mail for @@ -71,28 +71,40 @@ FLUSHD(8) FLUSHD(8) FLUSHD(8) FLUSHD(8) - multiple destinations. +DIAGNOSTICS + Problems and transactions are logged to syslogd(8). + +BUGS + In reality, this server schedules delivery of messages, + regardless of their destination. This limitation is due to + the fact that one queue runner has to handle mail for mul- + tiple destinations. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this program. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. + etrn_maps + Tables that specify what domains have ETRN service. + For each table entry, the left-hand side specifies + a destination domain name that can be specified in + an ETRN request, and the right-hand side specifies + a list of access restrictions for SMTP clients that + issue ETRN for the domain. + fast_flush_maps The table with names of destinations that this MTA - provides the fast flush service for, and with - clients that may issue the ETRN command for those - destinations. Postfix maintains fast flush logfiles - only for destinations listed in this table. + provides the fast flush service for. By default, + this is set to $etrn_maps. line_length_limit Maximal length of strings in a fast flush client request. SEE ALSO - smtp(8) Postfix SMTP client - smtpd) Postfix SMTP server + smtpd(8) Postfix SMTP server qmgr(8) Postfix queue manager syslogd(8) system logging @@ -113,18 +125,6 @@ FLUSHD(8) FLUSHD(8) - - - - - - - - - - - - diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index 5da935a3f..98f8ed9b8 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -190,7 +190,7 @@ SENDMAIL(1) SENDMAIL(1) queued for the named site. This functionality is available only for sites that are configured for the fast flush service support as described in - flushd(8). For other sites, this command is + flushd(8). For other sites, use the slower @@ -203,28 +203,28 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) - equivalent to using the slower sendmail -q instead. + sendmail -q command instead. -qSsite - The site name is ignored. This command is equiva- - lent to using the slower sendmail -q instead. + This command is not implemented. Use the slower + sendmail -q command instead. - -t Extract recipients from message headers. This - requires that no recipients be specified on the + -t Extract recipients from message headers. This + requires that no recipients be specified on the command line. -v Enable verbose logging for debugging purposes. Mul- - tiple -v options make the software increasingly + tiple -v options make the software increasingly verbose. SECURITY - By design, this program is not set-user (or group) id. - However, it must handle data from untrusted users or - untrusted machines. Thus, the usual precautions need to + By design, this program is not set-user (or group) id. + However, it must handle data from untrusted users or + untrusted machines. Thus, the usual precautions need to be taken against malicious inputs. DIAGNOSTICS - Problems are logged to syslogd(8) and to the standard + Problems are logged to syslogd(8) and to the standard error stream. ENVIRONMENT @@ -236,7 +236,7 @@ SENDMAIL(1) SENDMAIL(1) MAIL_DEBUG Enable debugging with an external command, as spec- - ified with the debugger_command configuration + ified with the debugger_command configuration parameter. FILES @@ -244,13 +244,13 @@ SENDMAIL(1) SENDMAIL(1) /etc/postfix, configuration files CONFIGURATION PARAMETERS - See the Postfix main.cf file for syntax details and for - default values. Use the postfix reload command after a + See the Postfix main.cf file for syntax details and for + default values. Use the postfix reload command after a configuration change. alias_database - Default alias database(s) for newaliases. The - default value for this parameter is system-spe- + Default alias database(s) for newaliases. The + default value for this parameter is system-spe- cific. bounce_size_limit @@ -278,16 +278,29 @@ SENDMAIL(1) SENDMAIL(1) initialized. debug_peer_level - Increment in verbose logging level when a remote + Increment in verbose logging level when a remote host matches a pattern in the debug_peer_list parameter. debug_peer_list - List of domain or network patterns. When a remote - host matches a pattern, increase the verbose log- - ging level by the amount specified in the + List of domain or network patterns. When a remote + host matches a pattern, increase the verbose log- + ging level by the amount specified in the debug_peer_level parameter. + etrn_maps + Tables that specify what domains have ETRN service. + For each table entry, the left-hand side specifies + a destination domain name that can be specified in + an ETRN request, and the right-hand side specifies + a list of access restrictions for SMTP clients that + issue ETRN for the domain. + + fast_flush_maps + The table with names of destinations that this MTA + provides the fast flush service for. By default, + this is set to $etrn_maps. + fork_attempts Number of attempts to fork() a process before giv- ing up. @@ -311,6 +324,17 @@ SENDMAIL(1) SENDMAIL(1) Directory with Postfix daemon programs (default: $program_directory). + + + 5 + + + + + +SENDMAIL(1) SENDMAIL(1) + + queue_directory Top-level directory of the Postfix queue. This is also the root directory of Postfix daemons that run @@ -323,18 +347,6 @@ SENDMAIL(1) SENDMAIL(1) SEE ALSO pickup(8) mail pickup daemon postalias(1) maintain alias database - - - - 5 - - - - - -SENDMAIL(1) SENDMAIL(1) - - postdrop(1) privileged posting agent postfix(1) mail system control postkick(1) kick a Postfix daemon @@ -371,18 +383,6 @@ SENDMAIL(1) SENDMAIL(1) - - - - - - - - - - - - diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index 963aed645..d085f68d1 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -26,9 +26,9 @@ SMTPD(8) SMTPD(8) system is not running. The SMTP server implements a variety of policies for con- - nection requests, and for parameters given to HELO, MAIL - FROM, VRFY and RCPT TO commands. They are detailed below - and in the main.cf configuration file. + nection requests, and for parameters given to HELO, ETRN, + MAIL FROM, VRFY, and RCPT TO commands. They are detailed + below and in the main.cf configuration file. SECURITY The SMTP server is moderately security-sensitive. It talks @@ -42,7 +42,7 @@ SMTPD(8) SMTPD(8) RFC 1652 (8bit-MIME transport) RFC 1854 (SMTP Pipelining) RFC 1870 (Message Size Declaration) - RFC 1985 (ETRN command) (partial) + RFC 1985 (ETRN command) RFC 2554 (AUTH command) DIAGNOSTICS @@ -52,13 +52,13 @@ SMTPD(8) SMTPD(8) the postmaster is notified of bounces, protocol problems, policy violations, and of other trouble. -BUGS - RFC 1985 is implemented by forcing delivery of all - deferred mail. - CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this program. See the Postfix main.cf file for syntax + The following main.cf parameters are especially relevant + to this program. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload + command after a configuration change. + + @@ -71,27 +71,24 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) - details and for default values. Use the postfix reload - command after a configuration change. - Compatibility controls strict_rfc821_envelopes - Disallow non-RFC 821 style addresses in envelopes. - For example, allow RFC822-style address forms with + Disallow non-RFC 821 style addresses in envelopes. + For example, allow RFC822-style address forms with comments, like Sendmail does. Content inspection controls content_filter - The name of a mail delivery transport that filters + The name of a mail delivery transport that filters mail and that either bounces mail or re-injects the - result back into Postfix. This parameter uses the - same syntax as the right-hand side of a Postfix + result back into Postfix. This parameter uses the + same syntax as the right-hand side of a Postfix transport table. Authenication controls enable_sasl_authentication - Enable per-session authentication as per RFC 2554 - (SASL). This functionality is available only when + Enable per-session authentication as per RFC 2554 + (SASL). This functionality is available only when explicitly selected at program build time and explicitly enabled at runtime. @@ -115,7 +112,7 @@ SMTPD(8) SMTPD(8) Miscellaneous always_bcc - Address to send a copy of each message that enters + Address to send a copy of each message that enters the system. command_directory @@ -123,8 +120,11 @@ SMTPD(8) SMTPD(8) $program_directory). debug_peer_level - Increment in verbose logging level when a remote + Increment in verbose logging level when a remote host matches a pattern in the debug_peer_list + parameter. + + @@ -137,18 +137,24 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) - parameter. - debug_peer_list - List of domain or network patterns. When a remote - host matches a pattern, increase the verbose log- - ging level by the amount specified in the + List of domain or network patterns. When a remote + host matches a pattern, increase the verbose log- + ging level by the amount specified in the debug_peer_level parameter. error_notice_recipient - Recipient of protocol/policy/resource/software + Recipient of protocol/policy/resource/software error notices. + etrn_maps + Tables that specify what domains have ETRN service. + For each table entry, the left-hand side specifies + a destination domain name that can be specified in + an ETRN request, and the right-hand side specifies + a list of access restrictions for clients that + issue ETRN for the domain. + hopcount_limit Limit the number of Received: message headers. @@ -184,13 +190,7 @@ SMTPD(8) SMTPD(8) receive a client request. Resource controls - line_length_limit - Limit the amount of memory in bytes used for the - handling of partial input lines. - message_size_limit - Limit the total size in bytes of a message, includ- - ing on-disk storage for envelope information. @@ -203,6 +203,14 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) + line_length_limit + Limit the amount of memory in bytes used for the + handling of partial input lines. + + message_size_limit + Limit the total size in bytes of a message, includ- + ing on-disk storage for envelope information. + queue_minfree Minimal amount of free space in bytes in the queue file system for the SMTP server to accept any mail @@ -249,14 +257,6 @@ SMTPD(8) SMTPD(8) Restrict what recipient addresses are allowed in RCPT TO commands. - smtpd_etrn_restrictions - Restrict what domain names can be used in ETRN com- - mands, and what clients may issue ETRN commands. - - allow_untrusted_routing - Allow untrusted clients to specify addresses with - sender-specified routing. Enabling this opens up - nasty relay loopholes involving trusted backup MX @@ -269,60 +269,60 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) + allow_untrusted_routing + Allow untrusted clients to specify addresses with + sender-specified routing. Enabling this opens up + nasty relay loopholes involving trusted backup MX hosts. restriction_classes - Declares the name of zero or more parameters that - contain a list of UCE restrictions. The names of - these parameters can then be used instead of the + Declares the name of zero or more parameters that + contain a list of UCE restrictions. The names of + these parameters can then be used instead of the restriction lists that they represent. maps_rbl_domains - List of DNS domains that publish the addresses of + List of DNS domains that publish the addresses of blacklisted hosts. relay_domains - Restrict what domains or networks this mail system + Restrict what domains or networks this mail system will relay mail from or to. UCE control responses access_map_reject_code - Server response when a client violates an access + Server response when a client violates an access database restriction. invalid_hostname_reject_code - Server response when a client violates the + Server response when a client violates the reject_invalid_hostname restriction. maps_rbl_reject_code - Server response when a client violates the + Server response when a client violates the maps_rbl_domains restriction. reject_code - Response code when the client matches a reject + Response code when the client matches a reject restriction. relay_domains_reject_code - Server response when a client attempts to violate + Server response when a client attempts to violate the mail relay policy. unknown_address_reject_code - Server response when a client violates the + Server response when a client violates the reject_unknown_address restriction. unknown_client_reject_code - Server response when a client without address to - name mapping violates the reject_unknown_clients + Server response when a client without address to + name mapping violates the reject_unknown_clients restriction. unknown_hostname_reject_code - Server response when a client violates the + Server response when a client violates the reject_unknown_hostname restriction. -SEE ALSO - cleanup(8) message canonicalization - master(8) process manager - syslogd(8) system logging @@ -335,8 +335,13 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) +SEE ALSO + cleanup(8) message canonicalization + master(8) process manager + syslogd(8) system logging + LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -381,11 +386,6 @@ SMTPD(8) SMTPD(8) - - - - - diff --git a/postfix/html/uce.html b/postfix/html/uce.html index d35330a2f..8d88392fe 100644 --- a/postfix/html/uce.html +++ b/postfix/html/uce.html @@ -1015,7 +1015,16 @@ restriction list.
Default:
relay_domains = -$mydestination +$mydestination $fast_flush_maps + +

+ +(The $fast_flush_maps parameter specifies, among others, +what destinations can be used in SMTP ETRN requests or in sendmail +-qRsitename commands. This parameter defaults to +$etrn_maps, the list of destinations that can be used in +SMTP ETRN requests. More details in the etrn +manual page.)

diff --git a/postfix/man/Makefile.in b/postfix/man/Makefile.in index f82ef9269..2ffd04b2a 100644 --- a/postfix/man/Makefile.in +++ b/postfix/man/Makefile.in @@ -11,7 +11,8 @@ COMMANDS= man1/postalias.1 man1/postcat.1 man1/postconf.1 man1/postfix.1 \ man1/postmap.1 man1/sendmail.1 man1/mailq.1 man1/newaliases.1 \ man1/postsuper.1 CONFIG = man5/access.5 man5/aliases.5 man5/canonical.5 man5/relocated.5 \ - man5/transport.5 man5/virtual.5 man5/pcre_table.5 man5/regexp_table.5 + man5/transport.5 man5/virtual.5 man5/pcre_table.5 man5/regexp_table.5 \ + man5/etrn.5 update: $(DAEMONS) $(COMMANDS) $(CONFIG) @@ -128,6 +129,9 @@ man5/aliases.5: ../proto/aliases man5/canonical.5: ../proto/canonical ../mantools/srctoman - $? >$@ +man5/etrn.5: ../proto/etrn + ../mantools/srctoman - $? >$@ + man5/pcre_table.5: ../proto/pcre_table ../mantools/srctoman - $? >$@ diff --git a/postfix/man/man1/sendmail.1 b/postfix/man/man1/sendmail.1 index 641e544aa..e9aa0f35e 100644 --- a/postfix/man/man1/sendmail.1 +++ b/postfix/man/man1/sendmail.1 @@ -140,11 +140,11 @@ Schedule immediate delivery of all mail that is queued for the named \fIsite\fR. This functionality is available only for sites that are configured for the \fBfast flush\fR service support as described in -\fBflushd\fR(8). For other sites, this command is equivalent to -using the slower \fBsendmail -q\fR instead. +\fBflushd\fR(8). For other sites, use the slower \fBsendmail -q\fR +command instead. .IP \fB-qS\fIsite\fR -The site name is ignored. This command is equivalent to using -the slower \fBsendmail -q\fR instead. +This command is not implemented. Use the slower \fBsendmail -q\fR +command instead. .IP \fB-t\fR Extract recipients from message headers. This requires that no recipients be specified on the command line. @@ -208,6 +208,15 @@ pattern in the \fBdebug_peer_list\fR parameter. List of domain or network patterns. When a remote host matches a pattern, increase the verbose logging level by the amount specified in the \fBdebug_peer_level\fR parameter. +.IP \fBetrn_maps\fR +Tables that specify what domains have \fBETRN\fR service. For each +table entry, the left-hand side specifies a destination domain name +that can be specified in an \fBETRN\fR request, and the right-hand +side specifies a list of access restrictions for SMTP clients that +issue \fBETRN\fR for the domain. +.IP \fBfast_flush_maps\fR +The table with names of destinations that this MTA provides the +fast flush service for. By default, this is set to $\fBetrn_maps\fR. .IP \fBfork_attempts\fR Number of attempts to \fBfork\fR() a process before giving up. .IP \fBfork_delay\fR diff --git a/postfix/man/man5/etrn.5 b/postfix/man/man5/etrn.5 new file mode 100644 index 000000000..8603f8257 --- /dev/null +++ b/postfix/man/man5/etrn.5 @@ -0,0 +1,101 @@ +.TH ETRN 5 +.ad +.fi +.SH NAME +etrn +\- +format of Postfix etrn table +.SH SYNOPSIS +.na +.nf +\fBetrn_maps = hash:/etc/postfix/etrn\fR +\fBetrn_maps = dbm:/etc/postfix/etrn\fR + +\fBpostmap /etc/postfix/etrn\fR +.SH DESCRIPTION +.ad +.fi +The optional \fBetrn\fR file specifies what destination domain +names can be specified in SMTP \fBETRN\fR commands. This information +is used by the \fBsmtpd\fR(8) and \fBflushd\fR(8) daemon. + +Normally, the file serves as input to the \fBpostmap\fR(1) command. +The result, an indexed file in \fBdbm\fR or \fBdb\fR format, +is used for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/etrn\fR in order to rebuild the indexed +file after changing the etrn table. + +When the table is provided via other means such as NIS, LDAP, +SQL, or as regular expressions, the same lookups are done as +for ordinary indexed files. +.SH TABLE FORMAT +.na +.nf +.ad +.fi +The format of the \fBetrn\fR table is as follows: +.IP "blanks and comments" +Blank lines are ignored, as are lines beginning with `#'. +.IP "\fIdomain restrictions\fR" +The left-hand side, \fIdomain\fR, specifies a destination domain +name that can be specified in \fBETRN\fR commands. +.sp +The right-hand side specifies one or more access restrictions. +Restrictions are processed in the given order and the search +stops at the first match. +.RS +.IP \fBreject_unknown_client\fR +Reject the request if the client hostname is unknown. +.IP \fBpermit_mynetworks\fR +Permit the request if the client address matches $mynetworks. +.IP \fBreject_maps_rbl\fR +Reject the request if the reverse client network address +is listed under $maps_rbl_domains. +.IP \fBreject\fR +Reject the request. Place this at the end of a restriction list. +.IP \fBpermit\fR +Permit the request. Place this at the end of a restriction list. +.RE +.PP +.SH CONFIGURATION PARAMETERS +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this topic. See the Postfix \fBmain.cf\fR file for syntax details +and for default values. Use the \fBpostfix reload\fR command after +a configuration change. +.IP \fBetrn_maps\fR +Tables that specify what domains have \fBETRN\fR service. For each +table entry, the left-hand side specifies a destination domain name +that can be specified in an \fBETRN\fR request, and the right-hand +side specifies a list of access restrictions for SMTP clients that +issue \fBETRN\fR for the domain. +.IP \fBfast_flush_maps\fR +The table with names of destinations that this MTA provides the +fast flush service for. By default, this is set to $\fBetrn_maps\fR. +.IP \fBrelay_domains\fR +The list of domains that this MTA is willing to forward mail from +or to. This defaults to \fB$mydestination, $fast_flush_maps\fR. +.SH SEE ALSO +.na +.nf +smtpd(8) Postfix SMTP server +flushd(1) Postfix fast flush service +sendmail(5) sendmail-compatible interface +pcre_table(5) format of PCRE tables +regexp_table(5) format of POSIX regular expression tables +.SH LICENSE +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH AUTHOR(S) +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA diff --git a/postfix/man/man8/flushd.8 b/postfix/man/man8/flushd.8 index 74a5c23d8..eeb8634dc 100644 --- a/postfix/man/man8/flushd.8 +++ b/postfix/man/man8/flushd.8 @@ -18,23 +18,29 @@ This program expects to be run from the \fBmaster\fR(8) process manager. This server implements the following requests: -.IP "FLUSH_REQ_ADD sitename queue_id" -Append a record to the per-site fast flush logfile for the specified -queue ID. -.IP "FLUSH_REQ_SEND sitename" +.IP "\fBFLUSH_REQ_ADD\fI sitename queue_id\fR" +Append \fIqueue_id\fR to the fast flush logfile for the +specified site. +.IP "\fBFLUSH_REQ_SEND\fI sitename\fR" Arrange for the delivery of all messages that are listed in the fast flush logfile for the specified site. After the logfile is processed, the file is truncated to length zero. .PP The response to the client is one of: -.IP FLUSH_STAT_OK +.IP \fBFLUSH_STAT_OK\fR The request completed normally. -.IP FLUSH_STAT_BAD +.IP \fBFLUSH_STAT_BAD\fR The flush server rejected the request (bad request name, bad request parameter value). -.IP FLUSH_STAT_UNKNOWN +.IP \fBFLUSH_STAT_UNKNOWN\fR The specified site has no fast flush logfile and is not configured to have one. +.PP +Fast flush logfiles are truncated only after a flush request. In +order to prevent fast flush logfiles from growing without bounds, +and to prevent them from accumulating too much outdated information, +the flush service generates a pro-active flush request once every +every 1000 append requests. This should not impact operation. .SH SECURITY .na .nf @@ -43,7 +49,7 @@ to have one. The fast flush server is moderately security-sensitive. It does not talk to the network, but it does talk to local unprivileged users, in order to emulate "sendmail -qRsite" behavior. For this reason all -strings in a request are truncated at \fline_length_limit\fR. +strings in a request are truncated at \fIline_length_limit\fR. The fast flush server can run chrooted at fixed low privilege. .SH DIAGNOSTICS @@ -65,18 +71,21 @@ The following \fBmain.cf\fR parameters are especially relevant to this program. See the Postfix \fBmain.cf\fR file for syntax details and for default values. Use the \fBpostfix reload\fR command after a configuration change. +.IP \fBetrn_maps\fR +Tables that specify what domains have \fBETRN\fR service. For each +table entry, the left-hand side specifies a destination domain name +that can be specified in an \fBETRN\fR request, and the right-hand +side specifies a list of access restrictions for SMTP clients that +issue \fBETRN\fR for the domain. .IP \fBfast_flush_maps\fR The table with names of destinations that this MTA provides the -fast flush service for, and with clients that may issue the ETRN -command for those destinations. Postfix maintains fast flush logfiles -only for destinations listed in this table. +fast flush service for. By default, this is set to $\fBetrn_maps\fR. .IP \fBline_length_limit\fR Maximal length of strings in a fast flush client request. .SH SEE ALSO .na .nf -smtp(8) Postfix SMTP client -smtpd) Postfix SMTP server +smtpd(8) Postfix SMTP server qmgr(8) Postfix queue manager syslogd(8) system logging .SH LICENSE diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index faab87589..2da91e142 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -26,7 +26,7 @@ mode, the SMTP server can accept mail even while the mail system is not running. The SMTP server implements a variety of policies for connection -requests, and for parameters given to \fBHELO, MAIL FROM, VRFY\fR +requests, and for parameters given to \fBHELO, ETRN, MAIL FROM, VRFY\fR, and \fBRCPT TO\fR commands. They are detailed below and in the \fBmain.cf\fR configuration file. .SH SECURITY @@ -46,7 +46,7 @@ RFC 1651 (SMTP service extensions) RFC 1652 (8bit-MIME transport) RFC 1854 (SMTP Pipelining) RFC 1870 (Message Size Declaration) -RFC 1985 (ETRN command) (partial) +RFC 1985 (ETRN command) RFC 2554 (AUTH command) .SH DIAGNOSTICS .ad @@ -56,10 +56,6 @@ Problems and transactions are logged to \fBsyslogd\fR(8). Depending on the setting of the \fBnotify_classes\fR parameter, the postmaster is notified of bounces, protocol problems, policy violations, and of other trouble. -.SH BUGS -.ad -.fi -RFC 1985 is implemented by forcing delivery of all deferred mail. .SH CONFIGURATION PARAMETERS .na .nf @@ -117,6 +113,12 @@ a pattern, increase the verbose logging level by the amount specified in the \fBdebug_peer_level\fR parameter. .IP \fBerror_notice_recipient\fR Recipient of protocol/policy/resource/software error notices. +.IP \fBetrn_maps\fR +Tables that specify what domains have \fBETRN\fR service. For +each table entry, the left-hand side specifies a destination +domain name that can be specified in an \fBETRN\fR request, and +the right-hand side specifies a list of access restrictions for +clients that issue \fBETRN\fR for the domain. .IP \fBhopcount_limit\fR Limit the number of \fBReceived:\fR message headers. .IP \fBlocal_recipient_maps\fR @@ -184,9 +186,6 @@ Restrict what client hostnames are allowed in \fBHELO\fR and Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands. .IP \fBsmtpd_recipient_restrictions\fR Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands. -.IP \fBsmtpd_etrn_restrictions\fR -Restrict what domain names can be used in \fBETRN\fR commands, -and what clients may issue \fBETRN\fR commands. .IP \fBallow_untrusted_routing\fR Allow untrusted clients to specify addresses with sender-specified routing. Enabling this opens up nasty relay loopholes involving diff --git a/postfix/proto/Makefile.in b/postfix/proto/Makefile.in index 02397426d..a69634774 100644 --- a/postfix/proto/Makefile.in +++ b/postfix/proto/Makefile.in @@ -4,7 +4,7 @@ SHELL = /bin/sh CONFIG = ../conf/access ../conf/aliases ../conf/canonical ../conf/relocated \ ../conf/transport ../conf/virtual ../conf/pcre_table \ - ../conf/regexp_table + ../conf/regexp_table ../conf/etrn update: $(CONFIG) @@ -28,6 +28,9 @@ clobber: ../conf/canonical: canonical srctoman - $? | nroff -man | col -bx | uniq | sed 's/^/# /' >$@ +../conf/etrn: etrn + srctoman - $? | nroff -man | col -bx | uniq | sed 's/^/# /' >$@ + ../conf/pcre_table: pcre_table srctoman - $? | nroff -man | col -bx | uniq | sed 's/^/# /' >$@ diff --git a/postfix/proto/etrn b/postfix/proto/etrn new file mode 100644 index 000000000..4f145e1ab --- /dev/null +++ b/postfix/proto/etrn @@ -0,0 +1,88 @@ +#++ +# NAME +# etrn 5 +# SUMMARY +# format of Postfix etrn table +# SYNOPSIS +# \fBetrn_maps = hash:/etc/postfix/etrn\fR +# \fBetrn_maps = dbm:/etc/postfix/etrn\fR +# +# \fBpostmap /etc/postfix/etrn\fR +# DESCRIPTION +# The optional \fBetrn\fR file specifies what destination domain +# names can be specified in SMTP \fBETRN\fR commands. This information +# is used by the \fBsmtpd\fR(8) and \fBflushd\fR(8) daemon. +# +# Normally, the file serves as input to the \fBpostmap\fR(1) command. +# The result, an indexed file in \fBdbm\fR or \fBdb\fR format, +# is used for fast searching by the mail system. Execute the command +# \fBpostmap /etc/postfix/etrn\fR in order to rebuild the indexed +# file after changing the etrn table. +# +# When the table is provided via other means such as NIS, LDAP, +# SQL, or as regular expressions, the same lookups are done as +# for ordinary indexed files. +# TABLE FORMAT +# .ad +# .fi +# The format of the \fBetrn\fR table is as follows: +# .IP "blanks and comments" +# Blank lines are ignored, as are lines beginning with `#'. +# .IP "\fIdomain restrictions\fR" +# The left-hand side, \fIdomain\fR, specifies a destination domain +# name that can be specified in \fBETRN\fR commands. +# .sp +# The right-hand side specifies one or more access restrictions. +# Restrictions are processed in the given order and the search +# stops at the first match. +# .RS +# .IP \fBreject_unknown_client\fR +# Reject the request if the client hostname is unknown. +# .IP \fBpermit_mynetworks\fR +# Permit the request if the client address matches $mynetworks. +# .IP \fBreject_maps_rbl\fR +# Reject the request if the reverse client network address +# is listed under $maps_rbl_domains. +# .IP \fBreject\fR +# Reject the request. Place this at the end of a restriction list. +# .IP \fBpermit\fR +# Permit the request. Place this at the end of a restriction list. +# .RE +# .PP +# CONFIGURATION PARAMETERS +# .ad +# .fi +# The following \fBmain.cf\fR parameters are especially relevant to +# this topic. See the Postfix \fBmain.cf\fR file for syntax details +# and for default values. Use the \fBpostfix reload\fR command after +# a configuration change. +# .IP \fBetrn_maps\fR +# Tables that specify what domains have \fBETRN\fR service. For each +# table entry, the left-hand side specifies a destination domain name +# that can be specified in an \fBETRN\fR request, and the right-hand +# side specifies a list of access restrictions for SMTP clients that +# issue \fBETRN\fR for the domain. +# .IP \fBfast_flush_maps\fR +# The table with names of destinations that this MTA provides the +# fast flush service for. By default, this is set to $\fBetrn_maps\fR. +# .IP \fBrelay_domains\fR +# The list of domains that this MTA is willing to forward mail from +# or to. This defaults to \fB$mydestination, $fast_flush_maps\fR. +# SEE ALSO +# smtpd(8) Postfix SMTP server +# flushd(1) Postfix fast flush service +# sendmail(5) sendmail-compatible interface +# pcre_table(5) format of PCRE tables +# regexp_table(5) format of POSIX regular expression tables +# LICENSE +# .ad +# .fi +# The Secure Mailer license must be distributed with this software. +# AUTHOR(S) +# Wietse Venema +# IBM T.J. Watson Research +# P.O. Box 704 +# Yorktown Heights, NY 10598, USA +#-- + +# By default, this file is not used. See sample-smtpd.cf diff --git a/postfix/src/flushd/.printfck b/postfix/src/flushd/.printfck new file mode 100644 index 000000000..66016ed45 --- /dev/null +++ b/postfix/src/flushd/.printfck @@ -0,0 +1,25 @@ +been_here_xt 2 0 +bounce_append 5 0 +cleanup_out_format 1 0 +defer_append 5 0 +mail_command 1 0 +mail_print 1 0 +msg_error 0 0 +msg_fatal 0 0 +msg_info 0 0 +msg_panic 0 0 +msg_warn 0 0 +opened 4 0 +post_mail_fprintf 1 0 +qmgr_message_bounce 2 0 +rec_fprintf 2 0 +sent 4 0 +smtp_cmd 1 0 +smtp_mesg_fail 2 0 +smtp_printf 1 0 +smtp_rcpt_fail 3 0 +smtp_site_fail 2 0 +udp_syslog 1 0 +vstream_fprintf 1 0 +vstream_printf 0 0 +vstring_sprintf 1 0 diff --git a/postfix/src/flushd/flushd.c b/postfix/src/flushd/flushd.c index 189e28723..e85cd926f 100644 --- a/postfix/src/flushd/flushd.c +++ b/postfix/src/flushd/flushd.c @@ -12,30 +12,36 @@ /* manager. /* /* This server implements the following requests: -/* .IP "FLUSH_REQ_ADD sitename queue_id" -/* Append a record to the per-site fast flush logfile for the specified -/* queue ID. -/* .IP "FLUSH_REQ_SEND sitename" -/* Arrange for the delivery of all messages that are listed in the fast -/* flush logfile for the specified site. After the logfile is processed, +/* .IP "\fBFLUSH_REQ_ADD\fI sitename queue_id\fR" +/* Append \fIqueue_id\fR to the fast flush logfile for the +/* specified site. +/* .IP "\fBFLUSH_REQ_SEND\fI sitename\fR" +/* Arrange for the delivery of all messages that are listed in the fast +/* flush logfile for the specified site. After the logfile is processed, /* the file is truncated to length zero. /* .PP /* The response to the client is one of: -/* .IP FLUSH_STAT_OK +/* .IP \fBFLUSH_STAT_OK\fR /* The request completed normally. -/* .IP FLUSH_STAT_BAD +/* .IP \fBFLUSH_STAT_BAD\fR /* The flush server rejected the request (bad request name, bad /* request parameter value). -/* .IP FLUSH_STAT_UNKNOWN +/* .IP \fBFLUSH_STAT_UNKNOWN\fR /* The specified site has no fast flush logfile and is not configured /* to have one. +/* .PP +/* Fast flush logfiles are truncated only after a flush request. In +/* order to prevent fast flush logfiles from growing without bounds, +/* and to prevent them from accumulating too much outdated information, +/* the flush service generates a pro-active flush request once every +/* every 1000 append requests. This should not impact operation. /* SECURITY /* .ad /* .fi /* The fast flush server is moderately security-sensitive. It does not /* talk to the network, but it does talk to local unprivileged users, in /* order to emulate "sendmail -qRsite" behavior. For this reason all -/* strings in a request are truncated at \fline_length_limit\fR. +/* strings in a request are truncated at \fIline_length_limit\fR. /* /* The fast flush server can run chrooted at fixed low privilege. /* DIAGNOSTICS @@ -51,16 +57,19 @@ /* this program. See the Postfix \fBmain.cf\fR file for syntax details /* and for default values. Use the \fBpostfix reload\fR command after /* a configuration change. +/* .IP \fBetrn_maps\fR +/* Tables that specify what domains have \fBETRN\fR service. For each +/* table entry, the left-hand side specifies a destination domain name +/* that can be specified in an \fBETRN\fR request, and the right-hand +/* side specifies a list of access restrictions for SMTP clients that +/* issue \fBETRN\fR for the domain. /* .IP \fBfast_flush_maps\fR /* The table with names of destinations that this MTA provides the -/* fast flush service for, and with clients that may issue the ETRN -/* command for those destinations. Postfix maintains fast flush logfiles -/* only for destinations listed in this table. +/* fast flush service for. By default, this is set to $\fBetrn_maps\fR. /* .IP \fBline_length_limit\fR /* Maximal length of strings in a fast flush client request. /* SEE ALSO -/* smtp(8) Postfix SMTP client -/* smtpd) Postfix SMTP server +/* smtpd(8) Postfix SMTP server /* qmgr(8) Postfix queue manager /* syslogd(8) system logging /* LICENSE @@ -110,6 +119,7 @@ /* * Tunable parameters. */ +char *var_etrn_maps; char *var_fflush_maps; /* Application-specific. */ @@ -133,14 +143,14 @@ static int flush_append(const char *site, const char *queue_id) * Open or create the logfile. We allow for the fact that a logfile * exists for a site that is no longer listed in the fast flush maps. */ - if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_WRONLY, 0600)) == 0) { + if ((log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_APPEND | O_WRONLY, 0600)) == 0) { if (errno != ENOENT) msg_fatal("%s: open fast flush log for site %s: %m", myname, site); if (maps_find(fflush_maps, site, 0) == 0) { msg_warn("no fast flush support configured for site %s", site); return (FLUSH_STAT_UNKNOWN); } - log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_CREAT | O_WRONLY, 0600); + log = mail_queue_open(MAIL_QUEUE_FLUSH, site, O_CREAT | O_APPEND | O_WRONLY, 0600); if (log == 0) msg_fatal("%s: open fast flush log for site %s: %m", myname, site); } @@ -219,10 +229,10 @@ static int flush_site(const char *site) * This is the part that dominates running time: schedule the listed * queue files for delivery by updating their file time stamps. This * should take no more than a couple seconds under normal conditions - * (sites that receive millions of messages in a day do not use fast - * flush routinely). Filter out duplicate names to avoid hammering the - * file system, with some finite limit on the amount of memory that we - * are willing to sacrifice. Graceful degradation. + * (sites that receive millions of messages in a day should not use fast + * flush service). Filter out duplicate names to avoid hammering the file + * system, with some finite limit on the amount of memory that we are + * willing to sacrifice. Graceful degradation. */ queue_id = vstring_alloc(10); queue_file = vstring_alloc(10); @@ -292,6 +302,7 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, VSTRING *site = vstring_alloc(10); VSTRING *queue_id; int status = FLUSH_STAT_BAD; + static int counter; /* * Sanity check. This service takes no command-line arguments. @@ -333,6 +344,20 @@ static void flush_service(VSTREAM *client_stream, char *unused_service, } } mail_print(client_stream, "%d", status); + + /* + * Once in a while we generate a pro-active flush request to ensure that + * the logfile does not grow unreasonably, and to ensure that it does not + * contain too much outdated information. Flush our reply to the client + * so that it does not have to wait while the pro-active flush happens. + */ + if (status == FLUSH_STAT_OK && STREQ(STR(request), FLUSH_REQ_ADD) + && (++counter + event_time() + getpid()) % 1000 == 0) { + vstream_fflush(client_stream); + if (msg_verbose) + msg_info("site %s: time for a pro-active flush", STR(site)); + (void) flush_site(STR(site)); + } vstring_free(site); vstring_free(request); } @@ -363,6 +388,7 @@ static void pre_jail_init(char *unused_service, char **unused_argv) int main(int argc, char **argv) { static CONFIG_STR_TABLE str_table[] = { + VAR_ETRN_MAPS, DEF_ETRN_MAPS, &var_etrn_maps, 0, 0, VAR_FFLUSH_MAPS, DEF_FFLUSH_MAPS, &var_fflush_maps, 0, 0, 0, }; diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index a49f6746c..151826785 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -592,7 +592,7 @@ extern int var_debug_peer_level; * subdirectories, and how deep the forest is. */ #define VAR_HASH_QUEUE_NAMES "hash_queue_names" -#define DEF_HASH_QUEUE_NAMES "defer" +#define DEF_HASH_QUEUE_NAMES "defer,flush" extern char *var_hash_queue_names; #define VAR_HASH_QUEUE_DEPTH "hash_queue_depth" @@ -896,7 +896,7 @@ extern int var_trigger_timeout; extern char *var_mynetworks; #define VAR_RELAY_DOMAINS "relay_domains" -#define DEF_RELAY_DOMAINS "$mydestination" +#define DEF_RELAY_DOMAINS "$mydestination $fast_flush_maps" extern char *var_relay_domains; #define VAR_CLIENT_CHECKS "smtpd_client_restrictions" @@ -1065,10 +1065,14 @@ extern void mail_params_init(void); extern char *var_filter_xport; /* - * Fast flush support. + * ETRN and fast flush support. */ +#define VAR_ETRN_MAPS "etrn_maps" +#define DEF_ETRN_MAPS "" +extern char *var_etrn_maps; + #define VAR_FFLUSH_MAPS "fast_flush_maps" -#define DEF_FFLUSH_MAPS "" +#define DEF_FFLUSH_MAPS "$etrn_maps" extern char *var_fflush_maps; /* LICENSE diff --git a/postfix/src/global/mail_queue.c b/postfix/src/global/mail_queue.c index 73ede8534..3f4703561 100644 --- a/postfix/src/global/mail_queue.c +++ b/postfix/src/global/mail_queue.c @@ -285,7 +285,8 @@ int mail_queue_id_ok(const char *queue_id) /* * Must be in valid hostname form. */ - if (valid_hostname(queue_id)) + if ((strchr(queue_id, '.') || strchr(queue_id, '-')) + && valid_hostname(queue_id)) return (1); /* diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 138e4030f..3a0ba75b7 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -15,7 +15,7 @@ * Version of this program. */ #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "Snapshot-20000927" +#define DEF_MAIL_VERSION "Snapshot-20000928" extern char *var_mail_version; /* LICENSE diff --git a/postfix/src/sendmail/sendmail.c b/postfix/src/sendmail/sendmail.c index 412d57972..18c89bdfc 100644 --- a/postfix/src/sendmail/sendmail.c +++ b/postfix/src/sendmail/sendmail.c @@ -134,11 +134,11 @@ /* \fIsite\fR. /* This functionality is available only for sites that are configured /* for the \fBfast flush\fR service support as described in -/* \fBflushd\fR(8). For other sites, this command is equivalent to -/* using the slower \fBsendmail -q\fR instead. +/* \fBflushd\fR(8). For other sites, use the slower \fBsendmail -q\fR +/* command instead. /* .IP \fB-qS\fIsite\fR -/* The site name is ignored. This command is equivalent to using -/* the slower \fBsendmail -q\fR instead. +/* This command is not implemented. Use the slower \fBsendmail -q\fR +/* command instead. /* .IP \fB-t\fR /* Extract recipients from message headers. This requires that no /* recipients be specified on the command line. @@ -192,6 +192,15 @@ /* List of domain or network patterns. When a remote host matches /* a pattern, increase the verbose logging level by the amount /* specified in the \fBdebug_peer_level\fR parameter. +/* .IP \fBetrn_maps\fR +/* Tables that specify what domains have \fBETRN\fR service. For each +/* table entry, the left-hand side specifies a destination domain name +/* that can be specified in an \fBETRN\fR request, and the right-hand +/* side specifies a list of access restrictions for SMTP clients that +/* issue \fBETRN\fR for the domain. +/* .IP \fBfast_flush_maps\fR +/* The table with names of destinations that this MTA provides the +/* fast flush service for. By default, this is set to $\fBetrn_maps\fR. /* .IP \fBfork_attempts\fR /* Number of attempts to \fBfork\fR() a process before giving up. /* .IP \fBfork_delay\fR @@ -571,9 +580,7 @@ static void flush_site(const char *site) case FLUSH_STAT_OK: break; case FLUSH_STAT_UNKNOWN: - msg_warn("No \"sendmail -qR\" support for site %s", site); - msg_warn("Using the slower \"sendmail -q\" instead"); - flush_queue(); + msg_fatal("No \"sendmail -qR\" support is configured for %s", site); break; case FLUSH_STAT_BAD: msg_fatal("invalid request: %s", site); @@ -822,10 +829,6 @@ int main(int argc, char **argv) } } else if (optarg[0] == 'R') { site_to_flush = optarg + 1; - } else if (optarg[0] == 'S') { - msg_warn( - "-qS is not implemented - using \"sendmail -q\" instead"); - mode = SM_MODE_FLUSHQ; } else { msg_fatal("-q%c is not implemented", optarg[0]); } diff --git a/postfix/src/smtp/smtp_sasl_glue.c b/postfix/src/smtp/smtp_sasl_glue.c index c6df7d3c4..290a83702 100644 --- a/postfix/src/smtp/smtp_sasl_glue.c +++ b/postfix/src/smtp/smtp_sasl_glue.c @@ -137,9 +137,7 @@ static int smtp_sasl_log(void *unused_context, int priority, const char *message) { switch (priority) { - case SASL_LOG_ERR: - msg_fatal("%s", message); - break; + case SASL_LOG_ERR: case SASL_LOG_WARNING: msg_warn("%s", message); break; diff --git a/postfix/src/smtp/smtp_unalias.c b/postfix/src/smtp/smtp_unalias.c index 91cf6f989..20abf3880 100644 --- a/postfix/src/smtp/smtp_unalias.c +++ b/postfix/src/smtp/smtp_unalias.c @@ -68,6 +68,9 @@ const char *smtp_unalias_name(const char *name) VSTRING *fqdn; char *result; + if (*name == '[') + return (name); + /* * Initialize the cache on the fly. The smtp client is designed to exit * after servicing a limited number of requests, so there is no need to diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index b57481f60..90e00398a 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -20,7 +20,7 @@ /* system is not running. /* /* The SMTP server implements a variety of policies for connection -/* requests, and for parameters given to \fBHELO, MAIL FROM, VRFY\fR +/* requests, and for parameters given to \fBHELO, ETRN, MAIL FROM, VRFY\fR, /* and \fBRCPT TO\fR commands. They are detailed below and in the /* \fBmain.cf\fR configuration file. /* SECURITY @@ -36,7 +36,7 @@ /* RFC 1652 (8bit-MIME transport) /* RFC 1854 (SMTP Pipelining) /* RFC 1870 (Message Size Declaration) -/* RFC 1985 (ETRN command) (partial) +/* RFC 1985 (ETRN command) /* RFC 2554 (AUTH command) /* DIAGNOSTICS /* Problems and transactions are logged to \fBsyslogd\fR(8). @@ -44,8 +44,6 @@ /* Depending on the setting of the \fBnotify_classes\fR parameter, /* the postmaster is notified of bounces, protocol problems, /* policy violations, and of other trouble. -/* BUGS -/* RFC 1985 is implemented by forcing delivery of all deferred mail. /* CONFIGURATION PARAMETERS /* .ad /* .fi @@ -101,6 +99,12 @@ /* specified in the \fBdebug_peer_level\fR parameter. /* .IP \fBerror_notice_recipient\fR /* Recipient of protocol/policy/resource/software error notices. +/* .IP \fBetrn_maps\fR +/* Tables that specify what domains have \fBETRN\fR service. For +/* each table entry, the left-hand side specifies a destination +/* domain name that can be specified in an \fBETRN\fR request, and +/* the right-hand side specifies a list of access restrictions for +/* clients that issue \fBETRN\fR for the domain. /* .IP \fBhopcount_limit\fR /* Limit the number of \fBReceived:\fR message headers. /* .IP \fBlocal_recipient_maps\fR @@ -168,9 +172,6 @@ /* Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands. /* .IP \fBsmtpd_recipient_restrictions\fR /* Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands. -/* .IP \fBsmtpd_etrn_restrictions\fR -/* Restrict what domain names can be used in \fBETRN\fR commands, -/* and what clients may issue \fBETRN\fR commands. /* .IP \fBallow_untrusted_routing\fR /* Allow untrusted clients to specify addresses with sender-specified /* routing. Enabling this opens up nasty relay loopholes involving diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 28acfb048..d0d847a2d 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -81,6 +81,9 @@ /* .IP "check_recipient_access maptype:mapname" /* Look up the resolved recipient address in the named access table, /* any parent domains of the recipient domain, and the localpart@. +/* .IP "check_etrn_access maptype:mapname" +/* Look up the client hostname or IP address in the named access table. +/* This table is used for ETRN command access control only. /* .IP reject_maps_rbl /* Look up the reversed client network address in the real-time blackhole /* DNS zones below the domains listed in the "maps_rbl_domains" @@ -1919,7 +1922,7 @@ char *smtpd_check_etrn(SMTPD_STATE *state, char *domain) pattern); msg_warn("do not specify lookup tables inside fast flush maps"); msg_warn("define a restriction class and specify its name instead"); - status = SMTPD_CHECK_OK; + status = SMTPD_CHECK_DUNNO; } else { restrictions = argv_split(pattern, " \t\r\n"); state->recursion = 0; diff --git a/postfix/src/smtpd/smtpd_sasl_glue.c b/postfix/src/smtpd/smtpd_sasl_glue.c index ad77a5240..c3c17118a 100644 --- a/postfix/src/smtpd/smtpd_sasl_glue.c +++ b/postfix/src/smtpd/smtpd_sasl_glue.c @@ -116,9 +116,7 @@ static int smtpd_sasl_log(void *unused_context, int priority, const char *message) { switch (priority) { - case SASL_LOG_ERR: - msg_fatal("%s", message); - break; + case SASL_LOG_ERR: case SASL_LOG_WARNING: msg_warn("%s", message); break;