mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-1.1.11-20020717

Browse Source
This commit is contained in:
Wietse Venema 2002-07-17 00:00:00 -05:00 committed by Viktor Dukhovni
parent 97342c743c
commit 1289303582
46 changed files with 691 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
postfix/HISTORY
View File

@ -6632,8 +6632,79 @@ Apologies for any names omitted.
experienced by Pavol Luptak. Files: pickup/pickup.c,
cleanup/cleanup_extracted.c.
20020705
Safety: log a warning when a domain is listed in mydestination
and (virtual_maps or virtual_mailbox_maps). This configuration
error causes the Postfix SMTP server to reject recipients
when the local_recipient_maps feature is enabled. File:
smtpd/smtpd_check.c.
200207011
Portability: in the master daemon, the default now is to
enable the signal handler code that writes a byte into a
pipe, instead of the signal handler code that sets a global
flag and hopes that select() will somehow wake up. File:
master/master_sig.c. This is needed for some IRIX and
UnixWare versions, but it should also produce a robust
result on all other supported systems.
Performance: the default SMTP connection establishment
timeout is now 30 seconds, instead of the system default
which can be atrociously large.
20020712
When DNS lookup fails while delivering mail, report not
only the domain name but also the DNS record type. This
should clue in people who ask why Postfix can't find a
domain while nslookup can. File: dns/dns_lookup.c.
20020713
Bugfix: undo change made at 20020610 that causes the trivial
resolver client to loop when an address consists entirely
of @ and . characters. File: trivial-rewrite/resolve.c.
Cleanup: Postfix no longer strips multiple '.' at the end
of a domain name. One '.' is silently tolerated. Files:
trivial-rewrite/rewrite.c, trivial-rewrite/resolve.c,
global/resolve_local.c. This policy is too distributed.
20020715
Feature: @domain.tld catch-all map entries for the virtual
mail delivery agent. Files: global/virtual8_maps_find.c,
virtual/mailbox.c, smtpd/smtpd_check.c.
Feature: the virtual mail delivery agent now accepts address
extensions (user+foo@domain.tld), ignores them when looking
up users in its tables, but displays them in Delivered-To:
message headers. File: global/virtual8_maps_find.c.
20020716
Feature: domain names in a masquerade_domains list can now
be prefixed with !, in order to disable masquerading for
that domain name and for its subdomains. File:
cleanup/cleanup_masquerade.c.
20020717
Bugfix: Mac OS X niscript (Netinfo) update by Gerben Wierda.
File: auxiliary/MacOSX/niscript.
Feature: The SMTP server reject_unknown_whatever restrictions
now also attempt to look up AAAA (IPV6 address) records.
Jun-ichiro itojun Hagino, IIJ labs. Files: smtpd/smtpd_check.c,
dns/dns_lookup.c.
Open problems:
Medium: should permit_mx_backup defer delivery if DNS
has some error of some kind?
Medium: old maildrop files are no longer readable by the
pickup service. Log a message that suggests a fix.

2
postfix/INSTALL
View File

@ -162,7 +162,7 @@ In any case, if the command
% make
produces compiler error messages, it may be time to examine the
FAQ document (see htlm/faq.html).
FAQ document (see html/faq.html).
5 - Porting to on an unsupported system
=======================================

4
postfix/README_FILES/INSTALL
View File

@ -162,7 +162,7 @@ In any case, if the command
% make
produces compiler error messages, it may be time to examine the
FAQ document (see htlm/faq.html).
FAQ document (see html/faq.html).
5 - Porting to on an unsupported system
=======================================
@ -474,7 +474,7 @@ the Postfix queue directories (/var/spool/postfix). This provides
a significant barrier against intrusion. The barrier is not
impenetrable, but every little bit helps.
With the exception of the Postfix local delivery and `pipe' daemons,
With the exception of the Postfix daemons that deliver mail locally,
every Postfix daemon can run chrooted.
Sites with high security requirements should consider to chroot

3
postfix/README_FILES/SASL_README
View File

@ -136,6 +136,9 @@ In order to authenticate against the UNIX password database, try:
pwcheck_method: pwcheck
The pwcheck daemon is contained in the cyrus-sasl source tarball.
IMPORTANT: postfix processes need to have group read+execute
permission for the /var/pwcheck directory, otherwise authentication
attempts will fail.
Alternately, in SASL 1.5.27 and later (including 2.1.1), try:

15
postfix/README_FILES/VIRTUAL_README
View File

@ -68,6 +68,11 @@ virtual_mailbox_maps
directory is unconditionally prepended to this path. If the
recipient is not found the mail is bounced.
In a lookup table, specify a left-hand side of @domain.tld to
match any user in the specified domain that does not have a
specific user@domain.tld entry. While searching a lookup table,
an address extension (user+foo@domain.tld) is ignored.
If a recipient is not found the mail is returned to the sender.
For security reasons, regexp maps are not allowed here, because
@ -87,6 +92,11 @@ virtual_uid_maps
Recipients are looked up in this map to determine the UID (owner
privileges) to be used when writing to the target mailbox.
In a lookup table, specify a left-hand side of @domain.tld to
match any user in the specified domain that does not have a
specific user@domain.tld entry. While searching a lookup table,
an address extension (user+foo@domain.tld) is ignored.
For security reasons, regexp maps are not allowed here, because
their $1 etc. substitutions would open a security hole.
@ -101,6 +111,11 @@ virtual_gid_maps
Recipients are looked up in this map to determine the GID (group
privileges) to be used when writing to the target mailbox.
In a lookup table, specify a left-hand side of @domain.tld to
match any user in the specified domain that does not have a
specific user@domain.tld entry. While searching a lookup table,
an address extension (user+foo@domain.tld) is ignored.
For security reasons, regexp maps are not allowed here, because
their $1 etc. substitutions would open a security hole.

32
postfix/RELEASE_NOTES
View File

@ -12,6 +12,38 @@ snapshot release). Patches change the patchlevel and the release
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
Incompatible changes with Postfix snapshot 1.1.11-20020717
==========================================================
The default timeout for establishing an SMTP connection has been
reduced to 30 seconds, because many systems have an atrociously
large default timeout value.
The Postfix SMTP client now logs a warning when the same domain is
listed in main.cf:mydestination as well as a Postfix-style virtual
map. Such a mis-configuration may cause mail for users to be rejected
with "user unknown".
Postfix no longer strips multiple '.' characters from the end of
an email address or domain name. Only one '.' is tolerated.
The SMTP server reject_unknown_{sender,recipient}_domain etc.
restrictions now also attempt to look up AAAA (IPV6 address) records.
Major changes with Postfix snapshot 1.1.11-20020717
===================================================
The masquerade_domains feature now supports exceptions. Prepend
a ! character to a domain name in order to not strip its subdomain
structure. More information in conf/sample-rewrite.cf.
The Postfix virtual delivery agent supports catch-all entries
(@domain.tld) in lookup tables. These match users that do not
have a specific user@domain.tld entry. The virtual delivery agent
now ignores address extensions (user+foo@domain.tld) when searching
its lookup tables, but displays the extensions in Delivered-To:
message headers.
Incompatible changes with Postfix snapshot 1.1.11-20020610
==========================================================

42
postfix/auxiliary/MacOSX/niscript Executable file → Normal file
View File

@ -8,6 +8,12 @@
# system where groups and/or users have been added, this script checks
# if the users/groups are there and if not creates them with free id's.
# 17 Jul 2002 GW: Fixed two bugs
# 1. Typo in createuser would always have uid 88 for postfix
# 2. Add to netinfo domain . instead of / so that it also works on systems
# where the / domain is actually network-wide (not very useful to add
# a postfix user to all systems in that netinfo domain...)
print <<_WARNING
This script massages your netinfo database. This can severely break
@ -76,7 +82,7 @@ warn "\n";
sub creategroup
{
my $name = shift;
open( NIDUMP, "nidump group /|") or die "Cannot run nidump\n";
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
@ -91,10 +97,10 @@ sub creategroup
}
die "Cannot find free gid\n" if $tryno == 65536;
warn "Will create $name as gid $tryno\n";
system "niutil -create / /groups/$name";
system "niutil -createprop / /groups/$name name $name";
system "niutil -createprop / /groups/$name gid $tryno";
system "niutil -createprop / /groups/$name passwd '*'";
system "niutil -create . /groups/$name";
system "niutil -createprop . /groups/$name name $name";
system "niutil -createprop . /groups/$name gid $tryno";
system "niutil -createprop . /groups/$name passwd '*'";
return $tryno;
}
@ -102,12 +108,12 @@ sub addusertogroup
{
my $user = shift;
my $group = shift;
system "niutil -appendprop / /groups/$group users $user";
system "niutil -appendprop . /groups/$group users $user";
}
sub readgroups
{
open( NIDUMP, "nidump group /|") or die "Cannot run nidump\n";
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
return @groups;
@ -116,7 +122,7 @@ sub readgroups
sub readusers
{
my @passwd;
open( NIDUMP, "nidump passwd /|") or die "Cannot run nidump\n";
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
@passwd=<NIDUMP>;
close( NIDUMP);
return @passwd;
@ -130,8 +136,8 @@ sub createuser
my $home = shift;
my $gid = shift;
open( NIDUMP, "nidump passwd /|") or die "Cannot run nidump\n";
my @passwd=<NIDUMP>;
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
my @passwds=<NIDUMP>;
close( NIDUMP);
my $tryno;
@ -145,14 +151,14 @@ sub createuser
}
die "Cannot find free uid\n" if $tryno == 65536;
warn "Will create $name as uid $tryno\n";
system "niutil -create / /users/$name";
system "niutil -createprop / /users/$name realname $realname";
system "niutil -createprop / /users/$name shell $shell";
system "niutil -createprop / /users/$name uid $tryno";
system "niutil -createprop / /users/$name gid $gid";
system "niutil -createprop / /users/$name home $home";
system "niutil -createprop / /users/$name _shadow_passwd";
system "niutil -createprop / /users/$name passwd '*'";
system "niutil -create . /users/$name";
system "niutil -createprop . /users/$name realname $realname";
system "niutil -createprop . /users/$name shell $shell";
system "niutil -createprop . /users/$name uid $tryno";
system "niutil -createprop . /users/$name gid $gid";
system "niutil -createprop . /users/$name home $home";
system "niutil -createprop . /users/$name _shadow_passwd";
system "niutil -createprop . /users/$name passwd '*'";
return $tryno;
}

8
postfix/conf/main.cf
View File

@ -84,6 +84,10 @@ mail_owner = postfix
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
#myorigin = $myhostname
#myorigin = $mydomain
@ -385,8 +389,8 @@ mail_owner = postfix
#fallback_transport =
# The luser_relay parameter specifies an optional destination address
# for unknown recipients. By default, mail for unknown local recipients
# is bounced.
# for unknown recipients. By default, mail for unknown@$mydestination
# and unknown@[$inet_interfaces] is returned as undeliverable.
#
# The following expansions are done on luser_relay: $user (recipient
# username), $shell (recipient shell), $home (recipient home directory),

3
postfix/conf/master.cf
View File

@ -92,8 +92,9 @@ lmtp unix - - n - - lmtp
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
# Cyrus 2.1.5 (Amos Gouaux)
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${recipient} -m ${extension} ${user}
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe

4
postfix/conf/sample-local.cf
View File

@ -119,8 +119,8 @@ default_privs = nobody
home_mailbox =
# The luser_relay parameter specifies an optional destination address
# for unknown recipients. By default, mail for unknown local recipients
# is bounced.
# for unknown recipients. By default, mail for unknown@$mydestination
# and unknown@[$inet_interfaces] is returned as undeliverable.
#
# The following expansions are done on luser_relay: $user (recipient
# username), $shell (recipient shell), $home (recipient home directory),

20
postfix/conf/sample-rewrite.cf
View File

@ -40,8 +40,24 @@ empty_address_recipient = MAILER-DAEMON
#
masquerade_classes = envelope_sender, header_sender, header_recipient
# The masquerade_domains parameter gives an optional list of domains
# that must have their subdomain structure stripped off.
# The masquerade_domains parameter specifies an optional list of
# domains that must have their subdomain structure stripped off.
#
# The list is processed left to right, and processing stops at the
# first match. Thus,
#
# masquerade_domains = foo.example.com example.com
#
# strips any.thing.foo.example.com to foo.example.com, but strips
# any.thing.else.example.com to example.com.
#
# A domain name prefixed with ! means do not masquerade this domain
# or its subdomains. Thus,
#
# masquerade_domains = !foo.example.com example.com
#
# does not change any.thing.foo.example.com and foo.example.com,
# but strips any.thing.else.example.com to example.com.
#
# By default, address masquerading is disabled.
#

7
postfix/conf/sample-smtp.cf
View File

@ -168,13 +168,14 @@ smtp_destination_recipient_limit = $default_destination_recipient_limit
#
# When no connection can be made within the deadline, the SMTP client
# tries the next address on the mail exchanger list. Specify 0 to
# disable the timeout.
# disable the timeout (i.e. use whatever timeout is implemented by
# the operating system).
#
# Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
# The default time unit is s (seconds).
#
#smtp_connect_timeout = 30s
smtp_connect_timeout = 0s
#smtp_connect_timeout = 0s
smtp_connect_timeout = 30s
# The smtp_helo_timeout parameter specifies the SMTP client timeout
# for receiving the SMTP greeting banner.

6
postfix/html/basic.html
View File

@ -94,6 +94,12 @@ domain of the machine name.
<p>
For the sake of consistency between sender and recipient addresses,
<b>myorigin</b> also specifies the default domain name that is
appended to an unqualified recipient address.
<p>
<dl>
<dt> Examples:

25
postfix/html/postalias.1.html
View File

@ -106,16 +106,17 @@ POSTALIAS(1) POSTALIAS(1)
of database your Postfix installation can support.
When no <i>file_type</i> is specified, the software uses
the database type specified via the <b>database</b><i>_</i><b>type</b>
configuration parameter. The default value for
this parameter depends on the host environment.
the database type specified via the
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b> configuration parameter. The
default value for this parameter depends on the
host environment.
<i>file_name</i>
The name of the alias database source file when
The name of the alias database source file when
rebuilding a database.
<b>DIAGNOSTICS</b>
Problems are logged to the standard error stream. No out-
Problems are logged to the standard error stream. No out-
put means no problems were detected. Duplicate entries are
skipped and are flagged with a warning.
@ -131,20 +132,20 @@ POSTALIAS(1) POSTALIAS(1)
Enable verbose logging for debugging purposes.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values.
<b>database</b><i>_</i><b>type</b>
Default alias database type. On many UNIX systems,
efault_Bdatabase_type
Default alias database type. On many UNIX systems,
the default type is either <b>dbm</b> or <b>hash</b>.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>create</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
Amount of buffer memory to be used when creating a
Amount of buffer memory to be used when creating a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>read</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
Amount of buffer memory to be used when reading a
Amount of buffer memory to be used when reading a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.
<b>STANDARDS</b>
@ -155,7 +156,7 @@ POSTALIAS(1) POSTALIAS(1)
<a href="sendmail.1.html">sendmail(1)</a> mail posting and compatibility interface.
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

6
postfix/html/postmap.1.html
View File

@ -127,8 +127,8 @@ POSTMAP(1) POSTMAP(1)
of database your Postfix installation can support.
When no <i>file_type</i> is specified, the software uses
the database type specified via the <b>database</b><i>_</i><b>type</b>
configuration parameter.
the database type specified via the
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b> configuration parameter.
<i>file_name</i>
The name of the lookup table source file when
@ -151,7 +151,7 @@ POSTMAP(1) POSTMAP(1)
Enable verbose logging for debugging purposes.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
<b>database</b><i>_</i><b>type</b>
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b>
Default output database type. On many UNIX sys-
tems, the default database type is either <b>hash</b> or
<b>dbm</b>.

29
postfix/html/rewrite.html
View File

@ -233,20 +233,33 @@ comes from the gateway itself, instead of from individual machines.
<p>
Address masquerading is disabled by default. To enable, edit the
<b>masquerade_domains</b> parameter in the <b>main.cf</b>
file and specify one or more domain names separated by whitespace
or commas. For example:
<b>masquerade_domains</b> parameter in the <b>main.cf</b> file and
specify one or more domain names separated by whitespace or commas.
The list is processed left to right, and processing stops at the
first match. Thus,
<dl>
<blockquote>
<dd><b>masquerade_domains = $mydomain</b>
<b>masquerade_domains = foo.example.com example.com</b>
</dl>
</blockquote>
strips any.thing.foo.example.com to foo.example.com, but strips
any.thing.else.example.com to example.com.
<p>
In this example, addresses of the form <i>user@host.$mydomain</i>
would be rewritten to <i>user@$mydomain</i>.
A domain name prefixed with ! means do not masquerade this domain
or its subdomains. Thus,
<blockquote>
<b>masquerade_domains = !foo.example.com example.com</b>
</blockquote>
does not change any.thing.foo.example.com and foo.example.com,
but strips any.thing.else.example.com to example.com.
<p>

8
postfix/html/sendmail.1.html
View File

@ -42,9 +42,9 @@ SENDMAIL(1) SENDMAIL(1)
program processes the file(s) specified with the
<b>alias</b><i>_</i><b>database</b> configuration parameter. If no
alias database type is specified, the program uses
the type specified with the <b>database</b><i>_</i><b>type</b> configu-
ration parameter. This mode of operation is imple-
mented by running the <a href="postalias.1.html"><b>postalias</b>(1)</a> command.
the type specified with the <b>default</b><i>_</i><b>database</b><i>_</i><b>type</b>
configuration parameter. This mode of operation is
implemented by running the <a href="postalias.1.html"><b>postalias</b>(1)</a> command.
Note: it may take a minute or so before an alias
database update becomes visible. Use the <b>postfix</b>
@ -244,7 +244,7 @@ SENDMAIL(1) SENDMAIL(1)
The amount of original message context that is sent
along with a non-delivery notification.
<b>database</b><i>_</i><b>type</b>
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b>
Default alias etc. database type. On many UNIX sys-
tems the default type is either <b>dbm</b> or <b>hash</b>.

30
postfix/html/virtual.8.html
View File

@ -1,5 +1,4 @@
<html> <head> </head> <body> <pre>
VIRTUAL(8) VIRTUAL(8)
<b>NAME</b>
@ -70,7 +69,7 @@ VIRTUAL(8) VIRTUAL(8)
The <b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b> parameter imposes a lower bound on
numerical user ID values that may be specified in any <b>vir-</b>
<b>tual</b><i>_</i><b>owner</b><i>_</i><b>maps</b> or <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>.
<b>tual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>.
<b>SECURITY</b>
The virtual delivery agent is not security sensitive, pro-
@ -123,6 +122,14 @@ VIRTUAL(8) VIRTUAL(8)
delivery is carried out, otherwise the path is
assumed to specify a UNIX-style mailbox file.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
Note that <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base</b> is unconditionally
prepended to this path.
@ -138,11 +145,27 @@ VIRTUAL(8) VIRTUAL(8)
the user ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b> (regexp maps disallowed)
Recipients are looked up in these maps to determine
the group ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
<b>Locking</b> <b>controls</b>
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>lock</b>
How to lock UNIX-style mailboxes: one or more of
@ -223,6 +246,5 @@ VIRTUAL(8) VIRTUAL(8)
Level 3, 213 Miller St
North Sydney 2060, NSW, Australia
1
VIRTUAL(8)
</pre> </body> </html>

5
postfix/man/man1/postalias.1
View File

@ -96,7 +96,8 @@ Use the command \fBpostconf -m\fR to find out what types of database
your Postfix installation can support.
When no \fIfile_type\fR is specified, the software uses the database
type specified via the \fBdatabase_type\fR configuration parameter.
type specified via the \fBdefault_database_type\fR configuration
parameter.
The default value for this parameter depends on the host environment.
.RE
.IP \fIfile_name\fR
@ -128,7 +129,7 @@ Enable verbose logging for debugging purposes.
The following \fBmain.cf\fR parameters are especially relevant to
this program. See the Postfix \fBmain.cf\fR file for syntax details
and for default values.
.IP \fBdatabase_type\fR
.IP \fdefault_Bdatabase_type\fR
Default alias database type. On many UNIX systems, the default type
is either \fBdbm\fR or \fBhash\fR.
.IP \fBberkeley_db_create_buffer_size\fR

5
postfix/man/man1/postmap.1
View File

@ -117,7 +117,8 @@ Use the command \fBpostconf -m\fR to find out what types of database
your Postfix installation can support.
When no \fIfile_type\fR is specified, the software uses the database
type specified via the \fBdatabase_type\fR configuration parameter.
type specified via the \fBdefault_database_type\fR configuration
parameter.
.RE
.IP \fIfile_name\fR
The name of the lookup table source file when rebuilding a database.
@ -145,7 +146,7 @@ Enable verbose logging for debugging purposes.
.nf
.ad
.fi
.IP \fBdatabase_type\fR
.IP \fBdefault_database_type\fR
Default output database type.
On many UNIX systems, the default database type is either \fBhash\fR
or \fBdbm\fR.

4
postfix/man/man1/sendmail.1
View File

@ -42,7 +42,7 @@ Initialize the alias database. If no input file is specified (with
the \fB-oA\fR option, see below), the program processes the file(s)
specified with the \fBalias_database\fR configuration parameter.
If no alias database type is specified, the program uses the type
specified with the \fBdatabase_type\fR configuration parameter.
specified with the \fBdefault_database_type\fR configuration parameter.
This mode of operation is implemented by running the \fBpostalias\fR(1)
command.
.sp
@ -217,7 +217,7 @@ for this parameter is system-specific.
.IP \fBbounce_size_limit\fR
The amount of original message context that is sent along
with a non-delivery notification.
.IP \fBdatabase_type\fR
.IP \fBdefault_database_type\fR
Default alias etc. database type. On many UNIX systems the
default type is either \fBdbm\fR or \fBhash\fR.
.IP \fBdebugger_command\fR

23
postfix/man/man8/virtual.8
View File

@ -82,7 +82,7 @@ a string with the numerical user and group ID, respectively.
The \fBvirtual_minimum_uid\fR parameter imposes a lower bound on
numerical user ID values that may be specified in any
\fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR.
\fBvirtual_uid_maps\fR.
.SH SECURITY
.na
.nf
@ -139,6 +139,13 @@ their mailbox or maildir. If the returned path ends in a slash
("/"), maildir-style delivery is carried out, otherwise the
path is assumed to specify a UNIX-style mailbox file.
While searching a lookup table, an address extension
(\fIuser+foo@domain.tld\fR) is ignored.
In a lookup table, specify a left-hand side of \fI@domain.tld\fR
to match any user in the specified domain that does not have a
specific \fIuser@domain.tld\fR entry.
Note that \fBvirtual_mailbox_base\fR is unconditionally prepended
to this path.
.IP \fBvirtual_minimum_uid\fR
@ -149,9 +156,23 @@ will be deferred.
.IP "\fBvirtual_uid_maps\fR (regexp maps disallowed)"
Recipients are looked up in these maps to determine the user ID to be
used when writing to the target mailbox.
While searching a lookup table, an address extension
(\fIuser+foo@domain.tld\fR) is ignored.
In a lookup table, specify a left-hand side of \fI@domain.tld\fR
to match any user in the specified domain that does not have a
specific \fIuser@domain.tld\fR entry.
.IP "\fBvirtual_gid_maps\fR (regexp maps disallowed)"
Recipients are looked up in these maps to determine the group ID to be
used when writing to the target mailbox.
While searching a lookup table, an address extension
(\fIuser+foo@domain.tld\fR) is ignored.
In a lookup table, specify a left-hand side of \fI@domain.tld\fR
to match any user in the specified domain that does not have a
specific \fIuser@domain.tld\fR entry.
.SH "Locking controls"
.ad
.fi

22
postfix/src/cleanup/Makefile.in
View File

@ -14,7 +14,7 @@ WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
-Wunused
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
CFLAGS = $(DEBUG) $(OPT) $(DEFS)
TESTPROG=
TESTPROG= cleanup_masquerade
PROG = cleanup
INC_DIR = ../../include
LIBS = ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a
@ -53,6 +53,26 @@ clean:
tidy: clean
cleanup_masquerade: cleanup_masquerade.o
mv cleanup_masquerade.o junk
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) $(SYSLIBS)
mv junk cleanup_masquerade.o
tests: cleanup_masquerade_test
cleanup_masquerade_test: cleanup_masquerade cleanup_masq.ref
rm -f cleanup_masq.tmp
./cleanup_masquerade '' a.b.c,b.c xxx@aa.a.b.c >>cleanup_masq.tmp
./cleanup_masquerade 'xxx' a.b.c,b.c xxx@aa.a.b.c >>cleanup_masq.tmp
./cleanup_masquerade 'yyy' a.b.c,b.c xxx@aa.a.b.c >>cleanup_masq.tmp
./cleanup_masquerade '' !a.b.c,b.c xxx@aa.a.b.c >>cleanup_masq.tmp
./cleanup_masquerade '' a.b.c,b.c xxx@a.b.c >>cleanup_masq.tmp
./cleanup_masquerade '' !a.b.c,b.c xxx@a.b.c >>cleanup_masq.tmp
./cleanup_masquerade '' a.b.c,b.c xxx@aaa.b.c >>cleanup_masq.tmp
./cleanup_masquerade '' a.b.c,b.c xxx@b.c >>cleanup_masq.tmp
diff cleanup_masq.ref cleanup_masq.tmp
rm -f cleanup_masq.tmp
depend: $(MAKES)
(sed '1,/^# do not edit/!d' Makefile.in; \
set -e; for i in [a-z][a-z0-9]*.c; do \

40
postfix/src/cleanup/cleanup_masq.ref Normal file
View File

@ -0,0 +1,40 @@
----------
exceptions:
masq_list: a.b.c,b.c
address: xxx@aa.a.b.c
result: xxx@a.b.c
----------
exceptions: xxx
masq_list: a.b.c,b.c
address: xxx@aa.a.b.c
result: xxx@aa.a.b.c
----------
exceptions: yyy
masq_list: a.b.c,b.c
address: xxx@aa.a.b.c
result: xxx@a.b.c
----------
exceptions:
masq_list: !a.b.c,b.c
address: xxx@aa.a.b.c
result: xxx@aa.a.b.c
----------
exceptions:
masq_list: a.b.c,b.c
address: xxx@a.b.c
result: xxx@a.b.c
----------
exceptions:
masq_list: !a.b.c,b.c
address: xxx@a.b.c
result: xxx@a.b.c
----------
exceptions:
masq_list: a.b.c,b.c
address: xxx@aaa.b.c
result: xxx@b.c
----------
exceptions:
masq_list: a.b.c,b.c
address: xxx@b.c
result: xxx@b.c

68
postfix/src/cleanup/cleanup_masquerade.c
View File

@ -82,8 +82,10 @@ void cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
char *domain;
int domain_len;
char **masqp;
char *masq;
int masq_len;
char *parent;
int truncate;
/* Stuff for excluded names. */
static HTABLE *masq_except_table = 0;
@ -127,18 +129,24 @@ void cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
* the domain in the address and terminate. If the domain matches a
* masquerade domain, leave it alone. Order of specification matters.
*/
for (masqp = masq_domains->argv; *masqp; masqp++) {
masq_len = strlen(*masqp);
for (masqp = masq_domains->argv; (masq = *masqp) != 0; masqp++) {
for (truncate = 1; *masq == '!'; masq++)
truncate = !truncate;
masq_len = strlen(masq);
if (masq_len == 0)
continue;
if (masq_len == domain_len) {
if (strcasecmp(*masqp, domain) == 0)
if (strcasecmp(masq, domain) == 0)
break;
} else if (masq_len < domain_len) {
parent = domain + domain_len - masq_len;
if (parent[-1] == '.' && strcasecmp(*masqp, parent) == 0) {
if (msg_verbose)
msg_info("masquerade: %s -> %s", domain, *masqp);
vstring_truncate(addr, domain - STR(addr));
vstring_strcat(addr, *masqp);
if (parent[-1] == '.' && strcasecmp(masq, parent) == 0) {
if (truncate) {
if (msg_verbose)
msg_info("masquerade: %s -> %s", domain, masq);
vstring_truncate(addr, domain - STR(addr));
vstring_strcat(addr, masq);
}
break;
}
}
@ -171,3 +179,47 @@ void cleanup_masquerade_internal(VSTRING *addr, ARGV *masq_domains)
vstring_free(temp);
}
/*
* Code for stand-alone testing. Instead of using main.cf, specify the strip
* list and the candidate domain on the command line. Specify null arguments
* for data that should be empty.
*/
#ifdef TEST
#include <vstream.h>
char *var_masq_exceptions;
int main(int argc, char **argv)
{
VSTRING *addr;
ARGV *masq_domains;
if (argc != 4)
msg_fatal("usage: %s exceptions masquerade_list address", argv[0]);
var_masq_exceptions = argv[1];
masq_domains = argv_split(argv[2], " ,\t\r\n");
addr = vstring_alloc(1);
if (strchr(argv[3], '@') == 0)
msg_fatal("address must be in user@domain form");
vstring_strcpy(addr, argv[3]);
vstream_printf("----------\n");
vstream_printf("exceptions: %s\n", argv[1]);
vstream_printf("masq_list: %s\n", argv[2]);
vstream_printf("address: %s\n", argv[3]);
cleanup_masquerade_external(addr, masq_domains);
vstream_printf("result: %s\n", STR(addr));
vstream_fflush(VSTREAM_OUT);
vstring_free(addr);
argv_free(masq_domains);
return (0);
}
#endif

18
postfix/src/dns/dns_lookup.c
View File

@ -132,6 +132,7 @@ typedef struct DNS_REPLY {
} DNS_REPLY;
#define INET_ADDR_LEN 4 /* XXX */
#define INET6_ADDR_LEN 16 /* XXX */
/* dns_query - query name server and pre-parse the reply */
@ -168,8 +169,8 @@ static int dns_query(const char *name, int type, int flags,
len = res_search((char *) name, C_IN, type, reply->buf, sizeof(reply->buf));
if (len < 0) {
if (why)
vstring_sprintf(why, "Name service error for %s: %s",
name, dns_strerror(h_errno));
vstring_sprintf(why, "Name service error for name=%s type=%s: %s",
name, dns_strtype(type), dns_strerror(h_errno));
if (msg_verbose)
msg_info("dns_query: %s (%s): %s",
name, dns_strtype(type), dns_strerror(h_errno));
@ -337,6 +338,19 @@ static DNS_RR *dns_get_rr(DNS_REPLY *reply, unsigned char *pos,
memcpy(temp, pos, fixed->length);
data_len = fixed->length;
break;
#ifdef T_AAAA
case T_AAAA:
if (fixed->length != INET6_ADDR_LEN) {
msg_warn("extract_answer: bad address length: %d", fixed->length);
return (0);
}
if (fixed->length > sizeof(temp))
msg_panic("dns_get_rr: length %d > DNS_NAME_LEN",
fixed->length);
memcpy(temp, pos, fixed->length);
data_len = fixed->length;
break;
#endif
case T_TXT:
data_len = MIN2(pos[0] + 1, MIN2(fixed->length + 1, sizeof(temp)));
for (src = pos + 1, dst = (unsigned char *) (temp);

18
postfix/src/global/Makefile.in
View File

@ -20,7 +20,7 @@ SRCS = been_here.c bounce.c canon_addr.c cleanup_strerror.c clnt_stream.c \
tok822_resolve.c tok822_rewrite.c tok822_tree.c xtext.c bounce_log.c \
flush_clnt.c mail_conf_time.c mbox_conf.c mbox_open.c abounce.c \
verp_sender.c match_parent_style.c mime_state.c header_token.c \
strip_addr.c
strip_addr.c virtual8_maps_find.c
OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
debug_peer.o debug_process.o defer.o deliver_completed.o \
deliver_flock.o deliver_pass.o deliver_request.o domain_list.o \
@ -42,7 +42,7 @@ OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
tok822_resolve.o tok822_rewrite.o tok822_tree.o xtext.o bounce_log.o \
flush_clnt.o mail_conf_time.o mbox_conf.o mbox_open.o abounce.o \
verp_sender.o match_parent_style.o mime_state.o header_token.o \
strip_addr.o
strip_addr.o virtual8_maps_find.o
HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
config.h debug_peer.h debug_process.h defer.h deliver_completed.h \
deliver_flock.h deliver_pass.h deliver_request.h domain_list.h \
@ -60,7 +60,7 @@ HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
sys_exits.h timed_ipc.h tok822.h xtext.h bounce_log.h flush_clnt.h \
mbox_conf.h mbox_open.h abounce.h qmqp_proto.h verp_sender.h \
match_parent_style.h quote_flags.h mime_state.h header_token.h \
lex_822.h strip_addr.h
lex_822.h strip_addr.h virtual8.h
TESTSRC = rec2stream.c stream2rec.c recdump.c
WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
@ -1154,6 +1154,18 @@ verp_sender.o: ../../include/vstring.h
verp_sender.o: ../../include/vbuf.h
verp_sender.o: mail_params.h
verp_sender.o: verp_sender.h
virtual8_maps_find.o: virtual8_maps_find.c
virtual8_maps_find.o: ../../include/sys_defs.h
virtual8_maps_find.o: ../../include/msg.h
virtual8_maps_find.o: ../../include/mymalloc.h
virtual8_maps_find.o: maps.h
virtual8_maps_find.o: ../../include/dict.h
virtual8_maps_find.o: ../../include/vstream.h
virtual8_maps_find.o: ../../include/vbuf.h
virtual8_maps_find.o: ../../include/argv.h
virtual8_maps_find.o: mail_params.h
virtual8_maps_find.o: strip_addr.h
virtual8_maps_find.o: virtual8.h
xtext.o: xtext.c
xtext.o: ../../include/sys_defs.h
xtext.o: ../../include/vstream.h

4
postfix/src/global/lex_822.h
View File

@ -1,5 +1,5 @@
#ifndef _SPACE_822_H_INCLUDED_
#define _SPACE_822_H_INCLUDED_
#ifndef _LEX_822_H_INCLUDED_
#define _LEX_822_H_INCLUDED_
/*++
/* NAME

2
postfix/src/global/mail_params.h
View File

@ -671,7 +671,7 @@ extern int var_hash_queue_depth;
extern char *var_bestmx_transp;
#define VAR_SMTP_CONN_TMOUT "smtp_connect_timeout"
#define DEF_SMTP_CONN_TMOUT "0s"
#define DEF_SMTP_CONN_TMOUT "30s"
extern int var_smtp_conn_tmout;
#define VAR_SMTP_HELO_TMOUT "smtp_helo_timeout"

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
#define MAIL_RELEASE_DATE "20020613"
#define MAIL_RELEASE_DATE "20020717"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "1.1.11-" MAIL_RELEASE_DATE

2
postfix/src/global/resolve_clnt.c
View File

@ -264,7 +264,9 @@ int main(int argc, char **argv)
while (vstring_fgets_nonl(buffer, VSTREAM_IN)) {
resolve(STR(buffer), &reply);
}
vstring_free(buffer);
}
resolve_clnt_free(&reply);
}
#endif

8
postfix/src/global/resolve_local.c
View File

@ -88,13 +88,19 @@ int resolve_local(const char *addr)
resolve_local_init();
/*
* Strip one trailing dot.
* Strip one trailing dot but not dot-dot.
*
* XXX This should not be distributed all over the code. Problem is,
* addresses can enter the system via multiple paths: networks, local
* forward/alias/include files, even as the result of address rewriting.
*/
len = strlen(saved_addr);
if (len == 0)
RETURN(0);
if (saved_addr[len - 1] == '.')
saved_addr[--len] = 0;
if (len == 0 || saved_addr[len - 1] == '.')
RETURN(0);
/*
* Compare the destination against the list of destinations that we

35
postfix/src/global/virtual8.h Normal file
View File

@ -0,0 +1,35 @@
#ifndef _VIRTUAL8_H_INCLUDED_
#define _VIRTUAL8_H_INCLUDED_
/*++
/* NAME
/* virtual8 3h
/* SUMMARY
/* virtual delivery agent compatibility
/* SYNOPSIS
/* #include <virtual8.h>
/* DESCRIPTION
/* .nf
/*
* Global library.
*/
#include <maps.h>
/*
* External interface.
*/
extern const char *virtual8_maps_find(MAPS *, const char *);
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
#endif

94
postfix/src/global/virtual8_maps_find.c Normal file
View File

@ -0,0 +1,94 @@
/*++
/* NAME
/* virtual8_maps_find 3
/* SUMMARY
/* virtual delivery agent map lookups
/* SYNOPSIS
/* #include <virtual8.h>
/*
/* const char *virtual8_maps_find(maps, recipient)
/* MAPS *maps;
/* const char *recipient;
/* DESCRIPTION
/* virtual8_maps_find() does user lookups for the virtual delivery
/* agent. The code is made available as a library routine so that
/* other programs can perform compatible queries.
/*
/* A zero result means that the named user was not found.
/*
/* Arguments:
/* .IP maps
/* List of pre-opened lookup tables.
/* .IP recipient
/* Recipient address. An optional address extension is ignored.
/* DIAGNOSTICS
/* The dict_errno variable is non-zero in case of problems.
/* BUGS
/* This code is a temporary solution that implements a hard-coded
/* lookup strategy. In a future version of Postfix, the lookup
/* strategy should become configurable.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/* System library. */
#include <sys_defs.h>
#include <string.h>
/* Utility library. */
#include <msg.h>
#include <mymalloc.h>
/* Global library. */
#include <maps.h>
#include <mail_params.h>
#include <strip_addr.h>
#include <virtual8.h>
/* Application-specific. */
/* virtual8_maps_find - lookup for virtual delivery agent */
const char *virtual8_maps_find(MAPS *maps, const char *recipient)
{
const char *ratsign;
const char *result;
char *bare;
/*
* Look up the address minus the optional extension. This is done first,
* to avoid hammering the database with extended address lookups, and to
* have straightforward semantics (extensions are always ignored).
*/
if (*var_rcpt_delim
&& (bare = strip_addr(recipient, (char **) 0, *var_rcpt_delim)) != 0) {
result = maps_find(maps, bare, DICT_FLAG_FIXED);
myfree(bare);
if (result != 0 || dict_errno != 0)
return (result);
}
/*
* Look up the full address.
*/
result = maps_find(maps, recipient, DICT_FLAG_FIXED);
if (result != 0 || dict_errno != 0)
return (result);
/*
* Look up the @domain catch-all.
*/
if ((ratsign = strrchr(recipient, '@')) == 0)
return (0);
return (maps_find(maps, ratsign, DICT_FLAG_FIXED));
}

2
postfix/src/master/Makefile.in
View File

@ -174,6 +174,8 @@ master_sig.o: ../../include/sys_defs.h
master_sig.o: ../../include/msg.h
master_sig.o: ../../include/posix_signals.h
master_sig.o: master.h
master_sig.o: ../../include/iostuff.h
master_sig.o: ../../include/events.h
master_spawn.o: master_spawn.c
master_spawn.o: ../../include/sys_defs.h
master_spawn.o: ../../include/msg.h

7
postfix/src/master/master_sig.c
View File

@ -54,12 +54,17 @@
#include <sys/syscall.h>
#endif
#ifndef USE_SIG_RETURN
#define USE_SIG_PIPE
#endif
/* Local stuff. */
#ifdef USE_SIG_PIPE
#include <errno.h>
#include <fcntl.h>
#include <iostuff.h>
#include <events.h>
int master_sig_pipe[2];
@ -114,7 +119,7 @@ static void master_sigchld(int sig, int code, struct sigcontext * scp)
/* master_sigchld - force wakeup from select() */
static void master_sigchld(int sig)
static void master_sigchld(int unused_sig)
{
if (write(SIG_PIPE_WRITE_FD, "", 1) != 1)
msg_warn("write to SIG_PIPE_WRITE_FD failed: %m");

5
postfix/src/postalias/postalias.c
View File

@ -90,7 +90,8 @@
/* your Postfix installation can support.
/*
/* When no \fIfile_type\fR is specified, the software uses the database
/* type specified via the \fBdatabase_type\fR configuration parameter.
/* type specified via the \fBdefault_database_type\fR configuration
/* parameter.
/* The default value for this parameter depends on the host environment.
/* .RE
/* .IP \fIfile_name\fR
@ -116,7 +117,7 @@
/* The following \fBmain.cf\fR parameters are especially relevant to
/* this program. See the Postfix \fBmain.cf\fR file for syntax details
/* and for default values.
/* .IP \fBdatabase_type\fR
/* .IP \fdefault_Bdatabase_type\fR
/* Default alias database type. On many UNIX systems, the default type
/* is either \fBdbm\fR or \fBhash\fR.
/* .IP \fBberkeley_db_create_buffer_size\fR

5
postfix/src/postmap/postmap.c
View File

@ -111,7 +111,8 @@
/* your Postfix installation can support.
/*
/* When no \fIfile_type\fR is specified, the software uses the database
/* type specified via the \fBdatabase_type\fR configuration parameter.
/* type specified via the \fBdefault_database_type\fR configuration
/* parameter.
/* .RE
/* .IP \fIfile_name\fR
/* The name of the lookup table source file when rebuilding a database.
@ -133,7 +134,7 @@
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* .IP \fBdatabase_type\fR
/* .IP \fBdefault_database_type\fR
/* Default output database type.
/* On many UNIX systems, the default database type is either \fBhash\fR
/* or \fBdbm\fR.

4
postfix/src/sendmail/sendmail.c
View File

@ -36,7 +36,7 @@
/* the \fB-oA\fR option, see below), the program processes the file(s)
/* specified with the \fBalias_database\fR configuration parameter.
/* If no alias database type is specified, the program uses the type
/* specified with the \fBdatabase_type\fR configuration parameter.
/* specified with the \fBdefault_database_type\fR configuration parameter.
/* This mode of operation is implemented by running the \fBpostalias\fR(1)
/* command.
/* .sp
@ -201,7 +201,7 @@
/* .IP \fBbounce_size_limit\fR
/* The amount of original message context that is sent along
/* with a non-delivery notification.
/* .IP \fBdatabase_type\fR
/* .IP \fBdefault_database_type\fR
/* Default alias etc. database type. On many UNIX systems the
/* default type is either \fBdbm\fR or \fBhash\fR.
/* .IP \fBdebugger_command\fR

55
postfix/src/smtpd/smtpd_check.c
View File

@ -291,6 +291,7 @@
#include <mail_addr_find.h>
#include <match_parent_style.h>
#include <strip_addr.h>
#include <virtual8.h>
/* Application-specific. */
@ -721,6 +722,20 @@ static const char *check_maps_find(SMTPD_STATE *state, const char *reply_name,
return (result);
}
/* checkv8_maps_find - reject with temporary failure if dict lookup fails */
static const char *checkv8_maps_find(SMTPD_STATE *state, const char *reply_name,
MAPS *maps, const char *key)
{
const char *result;
dict_errno = 0;
if ((result = virtual8_maps_find(maps, key)) == 0
&& dict_errno == DICT_ERR_RETRY)
reject_dict_retry(state, reply_name);
return (result);
}
/* check_mail_addr_find - reject with temporary failure if dict lookup fails */
static const char *check_mail_addr_find(SMTPD_STATE *state,
@ -744,8 +759,17 @@ static int resolve_final(SMTPD_STATE *state, const char *reply_name,
{
/* If matches $mydestination or $inet_interfaces. */
if (resolve_local(domain))
if (resolve_local(domain)) {
if (*var_virtual_maps
&& check_maps_find(state, reply_name, virtual_maps, domain, 0))
msg_warn("list domain %s in only one of $%s and $%s",
domain, VAR_MYDEST, VAR_VIRTUAL_MAPS);
if (*var_virt_mailbox_maps
&& checkv8_maps_find(state, reply_name, virt_mailbox_maps, domain))
msg_warn("list domain %s in only one of $%s and $%s",
domain, VAR_MYDEST, VAR_VIRT_MAILBOX_MAPS);
return (1);
}
/* If Postfix-style virtual domain. */
if (*var_virtual_maps
@ -754,7 +778,7 @@ static int resolve_final(SMTPD_STATE *state, const char *reply_name,
/* If virtual mailbox domain. */
if (*var_virt_mailbox_maps
&& check_maps_find(state, reply_name, virt_mailbox_maps, domain, 0))
&& checkv8_maps_find(state, reply_name, virt_mailbox_maps, domain))
return (1);
return (0);
@ -801,6 +825,10 @@ static char *dup_if_truncate(char *name)
/*
* Truncate hostnames ending in dot but not dot-dot.
*
* XXX This should not be distributed all over the code. Problem is,
* addresses can enter the system via multiple paths: networks, local
* forward/alias/include files, even as the result of address rewriting.
*/
if ((len = strlen(name)) > 1
&& name[len - 1] == '.'
@ -920,7 +948,7 @@ static int reject_non_fqdn_hostname(SMTPD_STATE *state, char *name,
return (stat);
}
/* reject_unknown_hostname - fail if name has no A or MX record */
/* reject_unknown_hostname - fail if name has no A, AAAA or MX record */
static int reject_unknown_hostname(SMTPD_STATE *state, char *name,
char *reply_name, char *reply_class)
@ -931,8 +959,14 @@ static int reject_unknown_hostname(SMTPD_STATE *state, char *name,
if (msg_verbose)
msg_info("%s: %s", myname, name);
#ifdef T_AAAA
#define RR_ADDR_TYPES T_A, T_AAAA
#else
#define RR_ADDR_TYPES T_A
#endif
dns_status = dns_lookup_types(name, 0, (DNS_RR **) 0, (VSTRING *) 0,
(VSTRING *) 0, T_A, T_MX, 0);
(VSTRING *) 0, RR_ADDR_TYPES, T_MX, 0);
if (dns_status != DNS_OK)
return (smtpd_check_reject(state, MAIL_ERROR_POLICY,
"%d <%s>: %s rejected: Host not found",
@ -942,7 +976,7 @@ static int reject_unknown_hostname(SMTPD_STATE *state, char *name,
return (SMTPD_CHECK_DUNNO);
}
/* reject_unknown_mailhost - fail if name has no A or MX record */
/* reject_unknown_mailhost - fail if name has no A, AAAA or MX record */
static int reject_unknown_mailhost(SMTPD_STATE *state, const char *name,
const char *reply_name, const char *reply_class)
@ -954,7 +988,7 @@ static int reject_unknown_mailhost(SMTPD_STATE *state, const char *name,
msg_info("%s: %s", myname, name);
dns_status = dns_lookup_types(name, 0, (DNS_RR **) 0, (VSTRING *) 0,
(VSTRING *) 0, T_A, T_MX, 0);
(VSTRING *) 0, RR_ADDR_TYPES, T_MX, 0);
if (dns_status != DNS_OK)
return (smtpd_check_reject(state, MAIL_ERROR_POLICY,
"%d <%s>: %s rejected: Domain not found",
@ -2462,6 +2496,9 @@ char *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
#define NOMATCH(map, rcpt) \
(check_mail_addr_find(state, recipient, map, rcpt, (char **) 0) == 0)
#define NOMATCHV8(map, rcpt) \
(checkv8_maps_find(state, recipient, map, rcpt) == 0)
/*
* Reject mail to unknown addresses in Postfix-style virtual domains.
*/
@ -2470,7 +2507,7 @@ char *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
if (NOMATCH(rcpt_canon_maps, CONST_STR(reply->recipient))
&& NOMATCH(canonical_maps, CONST_STR(reply->recipient))
&& NOMATCH(relocated_maps, CONST_STR(reply->recipient))
&& NOMATCH(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCH(virtual_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
@ -2486,7 +2523,7 @@ char *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
if (NOMATCH(rcpt_canon_maps, CONST_STR(reply->recipient))
&& NOMATCH(canonical_maps, CONST_STR(reply->recipient))
&& NOMATCH(relocated_maps, CONST_STR(reply->recipient))
&& NOMATCH(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCH(virtual_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
@ -2503,7 +2540,7 @@ char *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
if (NOMATCH(rcpt_canon_maps, CONST_STR(reply->recipient))
&& NOMATCH(canonical_maps, CONST_STR(reply->recipient))
&& NOMATCH(relocated_maps, CONST_STR(reply->recipient))
&& NOMATCH(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
&& NOMATCH(virtual_maps, CONST_STR(reply->recipient))
&& NOMATCH(local_rcpt_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,

15
postfix/src/trivial-rewrite/resolve.c
View File

@ -124,9 +124,18 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
while (tree->head) {
/*
* Strip trailing dot or @.
* Strip trailing dot at end of domain, but not dot-dot. This merely
* makes diagnostics more accurate by leaving bogus addresses alone.
*/
if (tree->tail->type == '.' || tree->tail->type == '@') {
if (tree->tail->type == '.'
&& tok822_rfind_type(tree->tail, '@') != 0
&& tree->tail->prev->type != '.')
tok822_free_tree(tok822_sub_keep_before(tree, tree->tail));
/*
* Strip trailing @.
*/
if (tree->tail->type == '@') {
tok822_free_tree(tok822_sub_keep_before(tree, tree->tail));
continue;
}
@ -193,7 +202,7 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
if (saved_domain) {
tok822_sub_append(tree, saved_domain);
saved_domain = 0;
} else if (tree->head) {
} else { /* Aargh! Always! */
tok822_sub_append(tree, tok822_alloc('@', (char *) 0));
tok822_sub_append(tree, tok822_scan(var_myhostname, (TOK822 **) 0));
}

7
postfix/src/trivial-rewrite/rewrite.c
View File

@ -169,9 +169,12 @@ void rewrite_tree(char *unused_ruleset, TOK822 *tree)
}
/*
* Strip trailing dot.
* Strip trailing dot at end of domain, but not dot-dot. This merely
* makes diagnostics more accurate by leaving bogus addresses alone.
*/
if (tree->tail->type == '.')
if (tree->tail->type == '.'
&& tok822_rfind_type(tree->tail, '@') != 0
&& tree->tail->prev->type != '.')
tok822_free_tree(tok822_sub_keep_before(tree, tree->tail));
}

2
postfix/src/util/sane_accept.c
View File

@ -90,7 +90,9 @@ int sane_accept(int sock, struct sockaddr * sa, SOCKADDR_SIZE *len)
}
for (count = 0; (err = accept_warn_errors[count]) != 0; count++) {
if (errno == err) {
#if 0
msg_warn("accept: %m");
#endif
errno = EAGAIN;
break;
}

7
postfix/src/virtual/Makefile.in
View File

@ -85,12 +85,13 @@ mailbox.o: ../../include/defer.h
mailbox.o: ../../include/bounce.h
mailbox.o: ../../include/sent.h
mailbox.o: ../../include/mail_params.h
mailbox.o: virtual.h
mailbox.o: ../../include/deliver_request.h
mailbox.o: ../../include/recipient_list.h
mailbox.o: ../../include/virtual8.h
mailbox.o: ../../include/maps.h
mailbox.o: ../../include/dict.h
mailbox.o: ../../include/argv.h
mailbox.o: virtual.h
mailbox.o: ../../include/deliver_request.h
mailbox.o: ../../include/recipient_list.h
mailbox.o: ../../include/mbox_conf.h
maildir.o: maildir.c
maildir.o: ../../include/sys_defs.h

14
postfix/src/virtual/mailbox.c
View File

@ -60,6 +60,7 @@
#include <defer.h>
#include <sent.h>
#include <mail_params.h>
#include <virtual8.h>
#ifndef EDQUOT
#define EDQUOT EFBIG
@ -172,8 +173,7 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
* Look up the mailbox location. Bounce if not found, defer in case of
* trouble.
*/
mailbox_res = maps_find(virtual_mailbox_maps, state.msg_attr.user,
DICT_FLAG_FIXED);
mailbox_res = virtual8_maps_find(virtual_mailbox_maps, state.msg_attr.user);
if (mailbox_res == 0) {
if (dict_errno == 0)
return (NO);
@ -191,8 +191,8 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
/*
* Look up the mailbox owner rights. Defer in case of trouble.
*/
if ((uid_res = maps_find(virtual_uid_maps, state.msg_attr.user,
DICT_FLAG_FIXED)) == 0) {
uid_res = virtual8_maps_find(virtual_uid_maps, state.msg_attr.user);
if (uid_res == 0) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: uid not found in %s",
state.msg_attr.user, virtual_uid_maps->title);
@ -209,8 +209,8 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
/*
* Look up the mailbox group rights. Defer in case of trouble.
*/
if ((gid_res = maps_find(virtual_gid_maps, state.msg_attr.user,
DICT_FLAG_FIXED)) == 0) {
gid_res = virtual8_maps_find(virtual_gid_maps, state.msg_attr.user);
if (gid_res == 0) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: gid not found in %s",
state.msg_attr.user, virtual_gid_maps->title);
@ -230,7 +230,7 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
(unsigned) usr_attr.uid, (unsigned) usr_attr.gid);
/*
* Deliver to mailbox or to external command.
* Deliver to mailbox or to maildir.
*/
#define LAST_CHAR(s) (s[strlen(s) - 1])

23
postfix/src/virtual/virtual.c
View File

@ -68,7 +68,7 @@
/*
/* The \fBvirtual_minimum_uid\fR parameter imposes a lower bound on
/* numerical user ID values that may be specified in any
/* \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR.
/* \fBvirtual_uid_maps\fR.
/* SECURITY
/* .ad
/* .fi
@ -115,6 +115,13 @@
/* ("/"), maildir-style delivery is carried out, otherwise the
/* path is assumed to specify a UNIX-style mailbox file.
/*
/* While searching a lookup table, an address extension
/* (\fIuser+foo@domain.tld\fR) is ignored.
/*
/* In a lookup table, specify a left-hand side of \fI@domain.tld\fR
/* to match any user in the specified domain that does not have a
/* specific \fIuser@domain.tld\fR entry.
/*
/* Note that \fBvirtual_mailbox_base\fR is unconditionally prepended
/* to this path.
/* .IP \fBvirtual_minimum_uid\fR
@ -125,9 +132,23 @@
/* .IP "\fBvirtual_uid_maps\fR (regexp maps disallowed)"
/* Recipients are looked up in these maps to determine the user ID to be
/* used when writing to the target mailbox.
/*
/* While searching a lookup table, an address extension
/* (\fIuser+foo@domain.tld\fR) is ignored.
/*
/* In a lookup table, specify a left-hand side of \fI@domain.tld\fR
/* to match any user in the specified domain that does not have a
/* specific \fIuser@domain.tld\fR entry.
/* .IP "\fBvirtual_gid_maps\fR (regexp maps disallowed)"
/* Recipients are looked up in these maps to determine the group ID to be
/* used when writing to the target mailbox.
/*
/* While searching a lookup table, an address extension
/* (\fIuser+foo@domain.tld\fR) is ignored.
/*
/* In a lookup table, specify a left-hand side of \fI@domain.tld\fR
/* to match any user in the specified domain that does not have a
/* specific \fIuser@domain.tld\fR entry.
/* .SH "Locking controls"
/* .ad
/* .fi