diff --git a/postfix/HISTORY b/postfix/HISTORY index 8c0721d14..a2de98587 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -18782,3 +18782,17 @@ Apologies for any names omitted. Logging: minimal DNAME support. Viktor Dukhovni. dns/dns.h, dns/dns_lookup.c, dns/dns_strtype.c, dns/test_dns_lookup.c. +20130710 + + Workaround: smtp_connection_reuse_count_limit (default 0, + i.e. unlimited) for sites that must deal with hostile + connection reuse policies. The documentation comes with a + warning that this feature introduces a "fatal attractor" + failure mode. Files: global/mail_params.h, mantools/postlink, + proto/postconf.proto, smtp/smtp.c, smtp/smtp_params.c, + smtp/lmtp_params.c, smtp/smtp.h. + + Workaround: FreeBSD9 nroff outputs ANSI escape sequences + instead of overstrike sequences. To make matters worse, it + uses the ESC[0m sequence sometimes for end-of-bold and + sometimes for end-of-italic. File: mantools/man2html. diff --git a/postfix/README_FILES/CONNECTION_CACHE_README b/postfix/README_FILES/CONNECTION_CACHE_README index 1c90ffd74..5067f7aea 100644 --- a/postfix/README_FILES/CONNECTION_CACHE_README +++ b/postfix/README_FILES/CONNECTION_CACHE_README @@ -148,12 +148,17 @@ mechanisms: times. This avoids triggering bugs in implementations that do not correctly handle multiple deliveries per session. - With Postfix 2.2 the use count is limited with the - smtp_connection_cache_reuse_limit configuration parameter. With Postfix 2.3 - this is replaced by a time limit which is specified with the - smtp_connection_reuse_time_limit parameter. In addition, Postfix 2.3 logs - the use count of multiply-used connections, as shown in the following - example: + As of Postfix 2.3 connection reuse is preferably limited with the + smtp_connection_reuse_time_limit parameter. In addition, Postfix 2.11 + provides smtp_connection_reuse_count_limit to limit how many times a + connection may be reused, but this feature is unsafe as it introduces a + "fatal attractor" failure mode (when a destination has multiple inbound + MTAs, the slowest inbound MTA will attract most connections from Postfix to + that destination). + + . + Postfix 2.3 logs the use count of multiply-used connections, as shown in + the following example: Nov 3 16:04:31 myname postfix/smtp[30840]: 19B6B2900FE: to=, orig_to=, diff --git a/postfix/html/CONNECTION_CACHE_README.html b/postfix/html/CONNECTION_CACHE_README.html index d370424d5..b0201dc93 100644 --- a/postfix/html/CONNECTION_CACHE_README.html +++ b/postfix/html/CONNECTION_CACHE_README.html @@ -226,11 +226,15 @@ configuration parameters. This prevents anti-social behavior.

limited number of times. This avoids triggering bugs in implementations that do not correctly handle multiple deliveries per session.

-

With Postfix 2.2 the use count is limited with the -smtp_connection_cache_reuse_limit configuration parameter. With -Postfix 2.3 this is replaced by a time limit which is specified -with the smtp_connection_reuse_time_limit parameter. In addition, -Postfix 2.3 logs the use count of multiply-used connections, +

As of Postfix 2.3 connection reuse is preferably limited with +the smtp_connection_reuse_time_limit parameter. In addition, Postfix +2.11 provides smtp_connection_reuse_count_limit to limit how many +times a connection may be reused, but this feature is unsafe as it +introduces a "fatal attractor" failure mode (when a destination has +multiple inbound MTAs, the slowest inbound MTA will attract most +connections from Postfix to that destination).

. + +

Postfix 2.3 logs the use count of multiply-used connections, as shown in the following example:

diff --git a/postfix/html/lmtp.8.html b/postfix/html/lmtp.8.html index f22804db3..3b8ba36b6 100644 --- a/postfix/html/lmtp.8.html +++ b/postfix/html/lmtp.8.html @@ -79,7 +79,7 @@ SMTP(8) SMTP(8) inet:hostname - inet:hostname:port + inet:hostname:port inet:[address] @@ -762,6 +762,13 @@ SMTP(8) SMTP(8) SMTP message content line, or TLS protocol mes- sage). + Available in Postfix version 2.11 and later: + + smtp_connection_reuse_count_limit (0) + When SMTP connection caching is enabled, the number + of times that an SMTP session may be reused before + it is closed, or zero (no limit). + TROUBLE SHOOTING CONTROLS debug_peer_level (2) The increment in verbose logging level when a diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index a3fed7443..322bf6995 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -3968,6 +3968,17 @@ See there for details.

This feature is available in Postfix 2.3 and later.

+ + +
lmtp_connection_reuse_count_limit +(default: 0)
+ +

The LMTP-specific version of the smtp_connection_reuse_count_limit +configuration parameter. See there for details.

+ +

This feature is available in Postfix 2.11 and later.

+ +
lmtp_connection_reuse_time_limit @@ -9556,19 +9567,6 @@ delivery performance.

This feature is available in Postfix 2.2 and later.

- - -
smtp_connection_cache_reuse_limit -(default: 10)
- -

When SMTP connection caching is enabled, the number of times that -an SMTP session may be reused before it is closed. -

- -

This feature is available in Postfix 2.2. In Postfix 2.3 it is -replaced by $smtp_connection_reuse_time_limit.

- -
smtp_connection_cache_time_limit @@ -9582,6 +9580,24 @@ not specify larger values without permission from the remote sites.

This feature is available in Postfix 2.2 and later.

+ + +
smtp_connection_reuse_count_limit +(default: 0)
+ +

When SMTP connection caching is enabled, the number of times +that an SMTP session may be reused before it is closed, or zero (no +limit). With a reuse count limit of N, a connection is used up to +N+1 times.

+ +

NOTE: This feature is unsafe. When a high-volume destination +has multiple inbound MTAs, then the slowest inbound MTA will attract +the most connections to that destination. This limitation does not +exist with the smtp_connection_reuse_time_limit feature.

+ +

This feature is available in Postfix 2.11.

+ +
smtp_connection_reuse_time_limit diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html index f22804db3..3b8ba36b6 100644 --- a/postfix/html/smtp.8.html +++ b/postfix/html/smtp.8.html @@ -79,7 +79,7 @@ SMTP(8) SMTP(8) inet:hostname - inet:hostname:port + inet:hostname:port inet:[address] @@ -762,6 +762,13 @@ SMTP(8) SMTP(8) SMTP message content line, or TLS protocol mes- sage). + Available in Postfix version 2.11 and later: + + smtp_connection_reuse_count_limit (0) + When SMTP connection caching is enabled, the number + of times that an SMTP session may be reused before + it is closed, or zero (no limit). + TROUBLE SHOOTING CONTROLS debug_peer_level (2) The increment in verbose logging level when a diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index c3600b5bb..3759615fc 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -2345,6 +2345,11 @@ smtp_connection_cache_time_limit configuration parameter. See there for details. .PP This feature is available in Postfix 2.3 and later. +.SH lmtp_connection_reuse_count_limit (default: 0) +The LMTP-specific version of the smtp_connection_reuse_count_limit +configuration parameter. See there for details. +.PP +This feature is available in Postfix 2.11 and later. .SH lmtp_connection_reuse_time_limit (default: 300s) The LMTP-specific version of the smtp_connection_reuse_time_limit configuration parameter. See there for details. @@ -5820,18 +5825,24 @@ connections to be reused for other deliveries, and can improve mail delivery performance. .PP This feature is available in Postfix 2.2 and later. -.SH smtp_connection_cache_reuse_limit (default: 10) -When SMTP connection caching is enabled, the number of times that -an SMTP session may be reused before it is closed. -.PP -This feature is available in Postfix 2.2. In Postfix 2.3 it is -replaced by $smtp_connection_reuse_time_limit. .SH smtp_connection_cache_time_limit (default: 2s) When SMTP connection caching is enabled, the amount of time that an unused SMTP client socket is kept open before it is closed. Do not specify larger values without permission from the remote sites. .PP This feature is available in Postfix 2.2 and later. +.SH smtp_connection_reuse_count_limit (default: 0) +When SMTP connection caching is enabled, the number of times +that an SMTP session may be reused before it is closed, or zero (no +limit). With a reuse count limit of N, a connection is used up to +N+1 times. +.PP +NOTE: This feature is unsafe. When a high-volume destination +has multiple inbound MTAs, then the slowest inbound MTA will attract +the most connections to that destination. This limitation does not +exist with the smtp_connection_reuse_time_limit feature. +.PP +This feature is available in Postfix 2.11. .SH smtp_connection_reuse_time_limit (default: 300s) The amount of time during which Postfix will use an SMTP connection repeatedly. The timer starts when the connection is diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8 index 5607d73ec..e00f5628d 100644 --- a/postfix/man/man8/smtp.8 +++ b/postfix/man/man8/smtp.8 @@ -71,7 +71,7 @@ Connect to the local UNIX-domain server that is bound to the specified \fIpathname\fR. If the process runs chrooted, an absolute pathname is interpreted relative to the Postfix queue directory. .IP \fBinet\fR:\fIhostname\fR -.IP \fBinet\fB:\fIhostname\fR:\fIport\fR +.IP \fBinet\fR:\fIhostname\fR:\fIport\fR .IP \fBinet\fR:[\fIaddress\fR] .IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR Connect to the specified TCP port on the specified local or @@ -596,6 +596,11 @@ Change the behavior of the smtp_*_timeout time limits, from a time limit per read or write system call, to a time limit to send or receive a complete record (an SMTP command line, SMTP response line, SMTP message content line, or TLS protocol message). +.PP +Available in Postfix version 2.11 and later: +.IP "\fBsmtp_connection_reuse_count_limit (0)\fR" +When SMTP connection caching is enabled, the number of times that +an SMTP session may be reused before it is closed, or zero (no limit). .SH "TROUBLE SHOOTING CONTROLS" .na .nf diff --git a/postfix/mantools/man2html b/postfix/mantools/man2html index f3d949978..2b8e3bc49 100755 --- a/postfix/mantools/man2html +++ b/postfix/mantools/man2html @@ -18,6 +18,8 @@ echo " $title 
"
 
+ESC=`echo x | tr '[x]' '[\033]'`
+
 sed '
 	s/\([<>&]\)\1/\1/g
 	s/&/\&/g
@@ -29,6 +31,24 @@ sed '
 	s/>/\>/g
 	s;_\([^_]\);\1;g
 	s;.\(.\);\1;g
+	# Why change nroff to hard-coded ANSI escape sequences?
+	/'$ESC'\[0m$/{
+		/'$ESC'\[1m[^'$ESC']*'$ESC'\[0m$/{
+			# Here, ESC[0m means end-of-bold.
+			s;0m$;22m;
+		}
+		/'$ESC'\[4m[^'$ESC']*'$ESC'\[0m$/{
+			# Here, ESC[0m means end-of-italic.
+			s;0m$;24m;
+		}
+	}
+	s;'$ESC'\[1m;;g
+	s;'$ESC'\[22m;;g
+	s;'$ESC'\[4m;;g
+	s;'$ESC'\[24m;;g
+	# Undo gratuitous whitespace changes.
+	s;\(  *\)\(\);\2\1;g
+	# End nroff ANSI escape sequence workarounds.
 	s;\( *\);\1;g
 	s;\( *\);\1;g
 ' "$@" | egrep -v 'postconf (readme|html)_direc|tory" *to *locate *this'
diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink
index 94a39a1e4..53e810f1b 100755
--- a/postfix/mantools/postlink
+++ b/postfix/mantools/postlink
@@ -264,6 +264,7 @@ while (<>) {
     s;\blmtp_pix_workaround_delay_time\b;$&;g;
     s;\blmtp_pix_workarounds\b;$&;g;
     s;\blmtp_pix_workaround_maps\b;$&;g;
+    s;\blmtp_connection_reuse_count_limit\b;$&;g;
     s;\blmtp_connection_reuse_time_limit\b;$&;g;
     s;\blmtp_starttls_timeout\b;$&;g;
     s;\blmtp_line_length_limit\b;$&;g;
@@ -444,7 +445,7 @@ while (<>) {
     s;\bsmtp_connect_timeout\b;$&;g;
 
     s;\bsmtp_connection_cache_on_demand\b;$&;g;
-    s;\bsmtp_connection_cache_reuse_limit\b;$&;g;
+    s;\bsmtp_connection_reuse_count_limit\b;$&;g;
     s;\bsmtp_connection_reuse_time_limit\b;$&;g;
     s;\bsmtp_connection_cache_time_limit\b;$&;g;
     s;\bsmtp_connection_cache_destinations\b;$&;g;
diff --git a/postfix/proto/CONNECTION_CACHE_README.html b/postfix/proto/CONNECTION_CACHE_README.html
index ab25dc914..ef10848cb 100644
--- a/postfix/proto/CONNECTION_CACHE_README.html
+++ b/postfix/proto/CONNECTION_CACHE_README.html
@@ -226,11 +226,15 @@ configuration parameters. This prevents anti-social behavior. 

 limited number of times. This avoids triggering bugs in implementations
 that do not correctly handle multiple deliveries per session. 

 
-
 With Postfix 2.2 the use count is limited with the
-smtp_connection_cache_reuse_limit configuration parameter. With
-Postfix 2.3 this is replaced by a time limit which is specified
-with the smtp_connection_reuse_time_limit parameter. In addition,
-Postfix 2.3 logs the use count of multiply-used connections,
+
 As of Postfix 2.3 connection reuse is preferably limited with
+the smtp_connection_reuse_time_limit parameter. In addition, Postfix
+2.11 provides smtp_connection_reuse_count_limit to limit how many
+times a connection may be reused, but this feature is unsafe as it
+introduces a "fatal attractor" failure mode (when a destination has
+multiple inbound MTAs, the slowest inbound MTA will attract most
+connections from Postfix to that destination).  
.
+
+
 Postfix 2.3 logs the use count of multiply-used connections,
 as shown in the following example: 

 
 

diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 007e2c83c..213e50c4e 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -3907,15 +3907,6 @@ not specify larger values without permission from the remote sites.
 
 
 This feature is available in Postfix 2.2 and later. 

 
-%PARAM smtp_connection_cache_reuse_limit 10
-
-
 When SMTP connection caching is enabled, the number of times that
-an SMTP session may be reused before it is closed. 
-

-
-
 This feature is available in Postfix 2.2. In Postfix 2.3 it is
-replaced by $smtp_connection_reuse_time_limit.

-
 %PARAM smtp_connection_reuse_time_limit 300s
 
 
 The amount of time during which Postfix will use an SMTP
@@ -15381,3 +15372,24 @@ service maintains TLS session caches and other information in support
 of TLS. 

 
 
 This feature is available in Postfix 2.11 and later. 

+
+%PARAM lmtp_connection_reuse_count_limit 0
+
+
 The LMTP-specific version of the smtp_connection_reuse_count_limit
+configuration parameter.  See there for details. 

+
+
 This feature is available in Postfix 2.11 and later. 

+
+%PARAM smtp_connection_reuse_count_limit 0
+
+
 When SMTP connection caching is enabled, the number of times
+that an SMTP session may be reused before it is closed, or zero (no
+limit).  With a reuse count limit of N, a connection is used up to
+N+1 times.  

+
+
 NOTE: This feature is unsafe. When a high-volume destination
+has multiple inbound MTAs, then the slowest inbound MTA will attract
+the most connections to that destination.  This limitation does not
+exist with the smtp_connection_reuse_time_limit feature. 

+
+
 This feature is available in Postfix 2.11. 

diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index a20c15645..5716aa4c9 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -964,6 +964,12 @@ extern char *var_bestmx_transp;
 #define DEF_LMTP_CACHE_CONNT	"2s"
 extern int var_smtp_cache_conn;
 
+#define VAR_SMTP_REUSE_COUNT	"smtp_connection_reuse_count_limit"
+#define DEF_SMTP_REUSE_COUNT	0
+#define VAR_LMTP_REUSE_COUNT	"lmtp_connection_reuse_count_limit"
+#define DEF_LMTP_REUSE_COUNT	0
+extern int var_smtp_reuse_count;
+
 #define VAR_SMTP_REUSE_TIME	"smtp_connection_reuse_time_limit"
 #define DEF_SMTP_REUSE_TIME	"300s"
 #define VAR_LMTP_REUSE_TIME	"lmtp_connection_reuse_time_limit"
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 2e4d791a1..c3d77779a 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20130709"
+#define MAIL_RELEASE_DATE	"20130710"
 #define MAIL_VERSION_NUMBER	"2.11"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/smtp/lmtp_params.c b/postfix/src/smtp/lmtp_params.c
index 40b7b70bf..faaa6dee1 100644
--- a/postfix/src/smtp/lmtp_params.c
+++ b/postfix/src/smtp/lmtp_params.c
@@ -85,6 +85,7 @@
 	VAR_LMTP_LINE_LIMIT, DEF_LMTP_LINE_LIMIT, &var_smtp_line_limit, 0, 0,
 	VAR_LMTP_MXADDR_LIMIT, DEF_LMTP_MXADDR_LIMIT, &var_smtp_mxaddr_limit, 0, 0,
 	VAR_LMTP_MXSESS_LIMIT, DEF_LMTP_MXSESS_LIMIT, &var_smtp_mxsess_limit, 0, 0,
+	VAR_LMTP_REUSE_COUNT, DEF_LMTP_REUSE_COUNT, &var_smtp_reuse_count, 0, 0,
 #ifdef USE_TLS
 	VAR_LMTP_TLS_SCERT_VD, DEF_LMTP_TLS_SCERT_VD, &var_smtp_tls_scert_vd, 0, 0,
 #endif
diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c
index 1cf409f98..82684575b 100644
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@@ -61,7 +61,7 @@
 /*      \fIpathname\fR. If the process runs chrooted, an absolute pathname
 /*      is interpreted relative to the Postfix queue directory.
 /* .IP \fBinet\fR:\fIhostname\fR
-/* .IP \fBinet\fB:\fIhostname\fR:\fIport\fR
+/* .IP \fBinet\fR:\fIhostname\fR:\fIport\fR
 /* .IP \fBinet\fR:[\fIaddress\fR]
 /* .IP \fBinet\fR:[\fIaddress\fR]:\fIport\fR
 /*      Connect to the specified TCP port on the specified local or
@@ -562,6 +562,11 @@
 /*	time limit per read or write system call, to a time limit to send
 /*	or receive a complete record (an SMTP command line, SMTP response
 /*	line, SMTP message content line, or TLS protocol message).
+/* .PP
+/*	Available in Postfix version 2.11 and later:
+/* .IP "\fBsmtp_connection_reuse_count_limit (0)\fR"
+/*	When SMTP connection caching is enabled, the number of times that
+/*	an SMTP session may be reused before it is closed, or zero (no limit).
 /* TROUBLE SHOOTING CONTROLS
 /* .ad
 /* .fi
@@ -806,6 +811,7 @@ int     var_smtp_mxaddr_limit;
 int     var_smtp_mxsess_limit;
 int     var_smtp_cache_conn;
 int     var_smtp_reuse_time;
+int     var_smtp_reuse_count;
 char   *var_smtp_cache_dest;
 char   *var_scache_service;		/* You can now leave this here. */
 bool    var_smtp_cache_demand;
diff --git a/postfix/src/smtp/smtp.h b/postfix/src/smtp/smtp.h
index fbf9b0ab5..255302979 100644
--- a/postfix/src/smtp/smtp.h
+++ b/postfix/src/smtp/smtp.h
@@ -422,7 +422,9 @@ extern HBC_CALL_BACKS smtp_hbc_callbacks[];
 
 #define THIS_SESSION_IS_EXPIRED \
 	(THIS_SESSION_IS_CACHED \
-	    && session->expire_time < vstream_ftime(session->stream))
+	    && (session->expire_time < vstream_ftime(session->stream) \
+		|| (var_smtp_reuse_count > 0 \
+		    && session->reuse_count >= var_smtp_reuse_count)))
 
 #define THIS_SESSION_IS_BAD \
 	(!THIS_SESSION_IS_DEAD && session->expire_time < 0)
diff --git a/postfix/src/smtp/smtp_params.c b/postfix/src/smtp/smtp_params.c
index 13f8723fa..16c51159b 100644
--- a/postfix/src/smtp/smtp_params.c
+++ b/postfix/src/smtp/smtp_params.c
@@ -86,6 +86,7 @@
 	VAR_SMTP_LINE_LIMIT, DEF_SMTP_LINE_LIMIT, &var_smtp_line_limit, 0, 0,
 	VAR_SMTP_MXADDR_LIMIT, DEF_SMTP_MXADDR_LIMIT, &var_smtp_mxaddr_limit, 0, 0,
 	VAR_SMTP_MXSESS_LIMIT, DEF_SMTP_MXSESS_LIMIT, &var_smtp_mxsess_limit, 0, 0,
+	VAR_SMTP_REUSE_COUNT, DEF_SMTP_REUSE_COUNT, &var_smtp_reuse_count, 0, 0,
 #ifdef USE_TLS
 	VAR_SMTP_TLS_SCERT_VD, DEF_SMTP_TLS_SCERT_VD, &var_smtp_tls_scert_vd, 0, 0,
 #endif