postfix-2.0.4-20030219

postfix/HISTORY

@@ -7814,9 +7814,46 @@ Apologies for any names omitted.
 
 20030126
 
-	Update: maildir filename algorithm updated according to 
+	Update: maildir filename algorithm updated according to
 	today's version of http://cr.yp.to/proto/maildir.html.
 
+20030127
+
+	Cleanup: use separate error messages for separate problems
+	with computing the list of SASL authentication mechanisms.
+	File: smtpd/smtpd_sasl_glue.c.
+
+20030130
+
+	Bugfix: allow $name in default time values. File:
+	global/mail_conf_time.c.
+
+20030205
+
+	Feature: allow !, /file/name and map:name in masquerade_exceptions.
+	By Liviu Daia.  Files:cleanup_init.c, cleanup.h,
+	cleanup_masquerade.c.
+
+20030219
+
+	Bugfix: the local pickup daemon skipped unterminated records,
+	since they happened to have the same record type code as
+	content filtering instructions. Victor Duchovni.  Files:
+	global/rec_type.h, pickup/pickup.c.
+
+	Portability: Postfix could block, and thus not enforce
+	command execution time limits, while delivering mail to
+	command.  File: global/pipe_command.c.
+
+	Bugfix: command execution time limits were not enforced
+	because the child process killing code in pipe_command()
+	was running with the wrong privileges. Problem reported by
+	Ben Rosengart, Panix. File: global/pipe_command.c.
+
+	Bugfix: duplicate recipient filtering in the cleanup server
+	did not eliminate virtual expansion duplicates with the
+	same original recipient. File: cleanup/cleanup_out_recipient.c.
+
 Open problems:
 
 	Med: make qmgr recipient bounce/defer activity asynchronous

postfix/README_FILES/LOCAL_RECIPIENT_README

@@ -24,6 +24,10 @@ The local_recipient_maps parameter specifies lookup tables with
 all names or addresses of local recipients. A recipient address is
 local when the address domain matches $mydestination or $inet_interfaces.
 
+The right-hand side of the lookup tables is conveniently ignored.
+In the left-hand side, specify a bare username, an @domain.tld
+wild-card, or specify a user@domain.tld address.
+
 If the local_recipient_maps parameter value is non-empty, then the
 SMTP server will reject for an unknown local recipient mail with
 "User unknown in local recipient table".

postfix/conf/main.cf

@@ -188,6 +188,10 @@ mail_owner = postfix
 # to access the passwd file via the proxymap service, in order to
 # overcome chroot restrictions. The alternative, having a copy of
 # the system passwd file in the chroot jail is just not practical.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify a bare username, an @domain.tld
+# wild-card, or specify a user@domain.tld address.
 # 
 #local_recipient_maps = unix:passwd.byname $alias_maps
 #local_recipient_maps = proxy:unix:passwd.byname $alias_maps
@@ -307,6 +311,10 @@ unknown_local_recipient_reject_code = 450
 #
 # If this parameter is defined, then the SMTP server will reject
 # mail for unknown relay users. This feature is off by default.
+#
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify an @domain.tld wild-card, or specify
+# a user@domain.tld address.
 # 
 #relay_recipient_maps = hash:/etc/postfix/relay_recipients
 

postfix/conf/sample-rewrite.cf

@@ -68,6 +68,14 @@ masquerade_domains =
 # names that are not subjected to address masquerading.
 # 
 # By default, address masquerading makes no exceptions.
+#
+# Specify a list of user names, /file/name or type:table patterns,
+# separated by commas and/or whitespace. The list is matched left to
+# right, and the search stops on the first match. Specify !name to
+# exclude a name from the list. A /file/name pattern is replaced by
+# its contents; a type:table is matched when a name matches a lookup
+# key (the right-hand side is ignored).  Continue long lines by
+# starting the next line with whitespace.
 # 
 #masquerade_exceptions = root,mailer-daemon
 #masquerade_exceptions = root

postfix/conf/sample-smtpd.cf

@@ -32,11 +32,17 @@
 # - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
 #   feature of the Postfix local delivery agent (see sample-local.cf).
 #
+# Details are described in the LOCAL_RECIPIENT_README file.
+#
 # Beware: if the Postfix SMTP server runs chrooted, you probably have
 # to access the passwd file via the proxymap service, in order to
 # overcome chroot restrictions. The alternative, having a copy of
 # the system passwd file in the chroot jail is just not practical.
 # 
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify a bare username, an @domain.tld
+# wild-card, or specify a user@domain.tld address.
+#
 #local_recipient_maps =
 #local_recipient_maps = unix:passwd.byname $alias_maps
 local_recipient_maps = proxy:unix:passwd.byname $alias_maps
@@ -61,6 +67,10 @@ unknown_local_recipient_reject_code = 550
 # If this parameter is defined, then the SMTP server will reject
 # mail for unknown relay users. This feature is off by default.
 # 
+# The right-hand side of the lookup tables is conveniently ignored.
+# In the left-hand side, specify an @domain.tld wild-card, or specify
+# a user@domain.tld address.
+#
 #relay_recipient_maps = hash:/etc/postfix/relay_recipients
 
 #

postfix/html/rewrite.html

@@ -265,13 +265,21 @@ but strips any.thing.else.example.com to example.com.
 
 The <b>masquerade_exceptions</b> configuration parameter specifies
 what user names should not be subjected to address masquerading.
-Specify one or more user names separated by whitespace or commas.
+Specify a list of user names, /file/name or type:table patterns,
+separated by commas and/or whitespace. The list is matched left to
+right, and the search stops on the first match. Specify !name to
+exclude a name from the list. A /file/name pattern is replaced by
+its contents; a type:table is matched when a name matches a lookup
+key (the right-hand side is ignored).  Continue long lines by
+starting the next line with whitespace.
 For example,
 
 <dl>
 
 <dd><b>masquerade_exceptions = root</b>
 
+<dd><b>masquerade_exceptions = /etc/postfix/masquerade-exceptions</b>
+
 </dl>
 
 <p>

postfix/src/cleanup/Makefile.in

@@ -110,6 +110,9 @@ cleanup.o: ../../include/been_here.h
 cleanup.o: ../../include/mail_stream.h
 cleanup.o: ../../include/mime_state.h
 cleanup.o: ../../include/header_opts.h
+cleanup.o: ../../include/string_list.h
+cleanup.o: ../../include/match_list.h
+cleanup.o: ../../include/match_ops.h
 cleanup_api.o: cleanup_api.c
 cleanup_api.o: ../../include/sys_defs.h
 cleanup_api.o: ../../include/msg.h
@@ -140,6 +143,9 @@ cleanup_api.o: ../../include/been_here.h
 cleanup_api.o: ../../include/mail_conf.h
 cleanup_api.o: ../../include/mime_state.h
 cleanup_api.o: ../../include/header_opts.h
+cleanup_api.o: ../../include/string_list.h
+cleanup_api.o: ../../include/match_list.h
+cleanup_api.o: ../../include/match_ops.h
 cleanup_envelope.o: cleanup_envelope.c
 cleanup_envelope.o: ../../include/sys_defs.h
 cleanup_envelope.o: ../../include/msg.h
@@ -169,6 +175,9 @@ cleanup_envelope.o: ../../include/mail_stream.h
 cleanup_envelope.o: ../../include/mail_conf.h
 cleanup_envelope.o: ../../include/mime_state.h
 cleanup_envelope.o: ../../include/header_opts.h
+cleanup_envelope.o: ../../include/string_list.h
+cleanup_envelope.o: ../../include/match_list.h
+cleanup_envelope.o: ../../include/match_ops.h
 cleanup_extracted.o: cleanup_extracted.c
 cleanup_extracted.o: ../../include/sys_defs.h
 cleanup_extracted.o: ../../include/msg.h
@@ -197,6 +206,9 @@ cleanup_extracted.o: ../../include/mail_stream.h
 cleanup_extracted.o: ../../include/mail_conf.h
 cleanup_extracted.o: ../../include/mime_state.h
 cleanup_extracted.o: ../../include/header_opts.h
+cleanup_extracted.o: ../../include/string_list.h
+cleanup_extracted.o: ../../include/match_list.h
+cleanup_extracted.o: ../../include/match_ops.h
 cleanup_init.o: cleanup_init.c
 cleanup_init.o: ../../include/sys_defs.h
 cleanup_init.o: ../../include/msg.h
@@ -222,6 +234,9 @@ cleanup_init.o: ../../include/mail_stream.h
 cleanup_init.o: ../../include/mail_conf.h
 cleanup_init.o: ../../include/mime_state.h
 cleanup_init.o: ../../include/header_opts.h
+cleanup_init.o: ../../include/string_list.h
+cleanup_init.o: ../../include/match_list.h
+cleanup_init.o: ../../include/match_ops.h
 cleanup_map11.o: cleanup_map11.c
 cleanup_map11.o: ../../include/sys_defs.h
 cleanup_map11.o: ../../include/msg.h
@@ -246,6 +261,9 @@ cleanup_map11.o: ../../include/mail_stream.h
 cleanup_map11.o: ../../include/mail_conf.h
 cleanup_map11.o: ../../include/mime_state.h
 cleanup_map11.o: ../../include/header_opts.h
+cleanup_map11.o: ../../include/string_list.h
+cleanup_map11.o: ../../include/match_list.h
+cleanup_map11.o: ../../include/match_ops.h
 cleanup_map1n.o: cleanup_map1n.c
 cleanup_map1n.o: ../../include/sys_defs.h
 cleanup_map1n.o: ../../include/mymalloc.h
@@ -270,6 +288,9 @@ cleanup_map1n.o: ../../include/mail_stream.h
 cleanup_map1n.o: ../../include/mail_conf.h
 cleanup_map1n.o: ../../include/mime_state.h
 cleanup_map1n.o: ../../include/header_opts.h
+cleanup_map1n.o: ../../include/string_list.h
+cleanup_map1n.o: ../../include/match_list.h
+cleanup_map1n.o: ../../include/match_ops.h
 cleanup_masquerade.o: cleanup_masquerade.c
 cleanup_masquerade.o: ../../include/sys_defs.h
 cleanup_masquerade.o: ../../include/msg.h
@@ -294,6 +315,9 @@ cleanup_masquerade.o: ../../include/mail_stream.h
 cleanup_masquerade.o: ../../include/mail_conf.h
 cleanup_masquerade.o: ../../include/mime_state.h
 cleanup_masquerade.o: ../../include/header_opts.h
+cleanup_masquerade.o: ../../include/string_list.h
+cleanup_masquerade.o: ../../include/match_list.h
+cleanup_masquerade.o: ../../include/match_ops.h
 cleanup_message.o: cleanup_message.c
 cleanup_message.o: ../../include/sys_defs.h
 cleanup_message.o: ../../include/msg.h
@@ -330,6 +354,9 @@ cleanup_message.o: ../../include/dict.h
 cleanup_message.o: ../../include/been_here.h
 cleanup_message.o: ../../include/mail_stream.h
 cleanup_message.o: ../../include/mail_conf.h
+cleanup_message.o: ../../include/string_list.h
+cleanup_message.o: ../../include/match_list.h
+cleanup_message.o: ../../include/match_ops.h
 cleanup_out.o: cleanup_out.c
 cleanup_out.o: ../../include/sys_defs.h
 cleanup_out.o: ../../include/msg.h
@@ -354,6 +381,9 @@ cleanup_out.o: ../../include/mail_stream.h
 cleanup_out.o: ../../include/mail_conf.h
 cleanup_out.o: ../../include/mime_state.h
 cleanup_out.o: ../../include/header_opts.h
+cleanup_out.o: ../../include/string_list.h
+cleanup_out.o: ../../include/match_list.h
+cleanup_out.o: ../../include/match_ops.h
 cleanup_out_recipient.o: cleanup_out_recipient.c
 cleanup_out_recipient.o: ../../include/sys_defs.h
 cleanup_out_recipient.o: ../../include/argv.h
@@ -376,6 +406,9 @@ cleanup_out_recipient.o: ../../include/mail_stream.h
 cleanup_out_recipient.o: ../../include/mail_conf.h
 cleanup_out_recipient.o: ../../include/mime_state.h
 cleanup_out_recipient.o: ../../include/header_opts.h
+cleanup_out_recipient.o: ../../include/string_list.h
+cleanup_out_recipient.o: ../../include/match_list.h
+cleanup_out_recipient.o: ../../include/match_ops.h
 cleanup_rewrite.o: cleanup_rewrite.c
 cleanup_rewrite.o: ../../include/sys_defs.h
 cleanup_rewrite.o: ../../include/msg.h
@@ -399,6 +432,9 @@ cleanup_rewrite.o: ../../include/mail_stream.h
 cleanup_rewrite.o: ../../include/mail_conf.h
 cleanup_rewrite.o: ../../include/mime_state.h
 cleanup_rewrite.o: ../../include/header_opts.h
+cleanup_rewrite.o: ../../include/string_list.h
+cleanup_rewrite.o: ../../include/match_list.h
+cleanup_rewrite.o: ../../include/match_ops.h
 cleanup_state.o: cleanup_state.c
 cleanup_state.o: ../../include/sys_defs.h
 cleanup_state.o: ../../include/mymalloc.h
@@ -419,3 +455,6 @@ cleanup_state.o: ../../include/tok822.h
 cleanup_state.o: ../../include/resolve_clnt.h
 cleanup_state.o: ../../include/mail_stream.h
 cleanup_state.o: ../../include/mail_conf.h
+cleanup_state.o: ../../include/string_list.h
+cleanup_state.o: ../../include/match_list.h
+cleanup_state.o: ../../include/match_ops.h

postfix/src/cleanup/cleanup.h

@@ -25,6 +25,7 @@
 #include <mail_stream.h>
 #include <mail_conf.h>
 #include <mime_state.h>
+#include <string_list.h>
 
  /*
   * These state variables are accessed by many functions, and there is only
@@ -82,6 +83,7 @@ extern MAPS *cleanup_nesthdr_checks;
 extern MAPS *cleanup_body_checks;
 extern MAPS *cleanup_virt_alias_maps;
 extern ARGV *cleanup_masq_domains;
+extern STRING_LIST *cleanup_masq_exceptions;
 extern int cleanup_masq_flags;
 
  /*

postfix/src/cleanup/cleanup_init.c

@@ -157,6 +157,7 @@ MAPS   *cleanup_nesthdr_checks;
 MAPS   *cleanup_body_checks;
 MAPS   *cleanup_virt_alias_maps;
 ARGV   *cleanup_masq_domains;
+STRING_LIST *cleanup_masq_exceptions;
 int     cleanup_masq_flags;
 
  /*
@@ -213,6 +214,9 @@ void    cleanup_pre_jail(char *unused_name, char **unused_argv)
     if (*var_body_checks)
 	cleanup_body_checks =
 	    maps_create(VAR_BODY_CHECKS, var_body_checks, DICT_FLAG_LOCK);
+    if (*var_masq_exceptions)
+	cleanup_masq_exceptions =
+	    string_list_init(MATCH_FLAG_NONE, var_masq_exceptions);
     if (*var_masq_classes)
 	cleanup_masq_flags = name_mask(VAR_MASQ_CLASSES, masq_class_table,
 				       var_masq_classes);

postfix/src/cleanup/cleanup_masquerade.c

@@ -88,23 +88,9 @@ void    cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
     int     truncate;
 
     /* Stuff for excluded names. */
-    static HTABLE *masq_except_table = 0;
-    char   *saved_names;
     char   *name;
-    char   *ptr;
     int     excluded;
 
-    /*
-     * First time, build a lookup table for excluded names.
-     */
-    if (*var_masq_exceptions && masq_except_table == 0) {
-	masq_except_table = htable_create(5);
-	ptr = saved_names = mystrdup(var_masq_exceptions);
-	while ((name = mystrtok(&ptr, ", \t\r\n")) != 0)
-	    htable_enter(masq_except_table, lowercase(name), (char *) 0);
-	myfree(saved_names);
-    }
-
     /*
      * Find the domain part.
      */
@@ -116,9 +102,9 @@ void    cleanup_masquerade_external(VSTRING *addr, ARGV *masq_domains)
     /*
      * Don't masquerade excluded names (regardless of domain).
      */
-    if (masq_except_table) {
+    if (*var_masq_exceptions) {
 	name = mystrndup(STR(addr), domain - 1 - STR(addr));
-	excluded = (htable_locate(masq_except_table, lowercase(name)) != 0);
+	excluded = (string_list_match(cleanup_masq_exceptions, lowercase(name)) != 0);
 	myfree(name);
 	if (excluded)
 	    return;
@@ -190,6 +176,7 @@ void    cleanup_masquerade_internal(VSTRING *addr, ARGV *masq_domains)
 #include <vstream.h>
 
 char *var_masq_exceptions;
+STRING_LIST *cleanup_masq_exceptions;
 
 int main(int argc, char **argv)
 {
@@ -200,6 +187,8 @@ int main(int argc, char **argv)
 	msg_fatal("usage: %s exceptions masquerade_list address", argv[0]);
 
     var_masq_exceptions = argv[1];
+    cleanup_masq_exceptions =
+  	string_list_init(MATCH_FLAG_NONE, var_masq_exceptions);
     masq_domains = argv_split(argv[2], " ,\t\r\n");
     addr = vstring_alloc(1);
     if (strchr(argv[3], '@') == 0)

postfix/src/cleanup/cleanup_out_recipient.c

@@ -69,25 +69,25 @@ void    cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
     char  **cpp;
 
     /*
-     * Apply the duplicate recipient filter before virtual expansion, so that
+     * Distinguish between different original recipient addresses that map
-     * we can distinguish between different addresses that map onto the same
+     * onto the same mailbox. The recipient will use our original recipient
-     * mailbox. The recipient will use our original recipient message header
+     * message header to figure things out.
-     * to figure things out.
      */
-    if (been_here_fixed(state->dups, recip) != 0)
-	return;
-
     if (cleanup_virt_alias_maps == 0) {
-	cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
+	if (been_here(state->dups, "%s\n%s", orcpt, recip) == 0) {
-	cleanup_out_string(state, REC_TYPE_RCPT, recip);
+	    cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
-	state->rcpt_count++;
+	    cleanup_out_string(state, REC_TYPE_RCPT, recip);
+	    state->rcpt_count++;
+	}
     } else {
 	argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
 				  cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
 	for (cpp = argv->argv; *cpp; cpp++) {
-	    cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
+	    if (been_here(state->dups, "%s\n%s", orcpt, *cpp) == 0) {
-	    cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
+		cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
-	    state->rcpt_count++;
+		cleanup_out_string(state, REC_TYPE_RCPT, *cpp);
+		state->rcpt_count++;
+	    }
 	}
 	argv_free(argv);
     }

postfix/src/global/Makefile.in

@@ -1052,6 +1052,7 @@ pipe_command.o: ../../include/stringops.h
 pipe_command.o: ../../include/iostuff.h
 pipe_command.o: ../../include/timed_wait.h
 pipe_command.o: ../../include/set_ugid.h
+pipe_command.o: ../../include/set_eugid.h
 pipe_command.o: ../../include/argv.h
 pipe_command.o: mail_params.h
 pipe_command.o: mail_copy.h
@@ -1157,12 +1158,6 @@ resolve_local.o: mail_params.h
 resolve_local.o: own_inet_addr.h
 resolve_local.o: resolve_local.h
 resolve_local.o: match_parent_style.h
-resover.o: resover.c
-resover.o: ../../include/sys_defs.h
-resover.o: ../../include/msg.h
-resover.o: ../../include/vstring.h
-resover.o: ../../include/vbuf.h
-resover.o: ../../include/split_at.h
 rewrite_clnt.o: rewrite_clnt.c
 rewrite_clnt.o: ../../include/sys_defs.h
 rewrite_clnt.o: ../../include/msg.h

postfix/src/global/mail_conf_time.c

@@ -140,7 +140,7 @@ static int get_def_time_unit(const char *name, const char *defval)
 {
     const char *cp;
 
-    for (cp = defval; /* void */ ; cp++) {
+    for (cp = mail_conf_eval(defval); /* void */ ; cp++) {
 	if (*cp == 0)
 	    msg_panic("parameter %s: missing time unit in default value: %s",
 		      name, defval);

postfix/src/global/mail_version.h

@@ -20,10 +20,10 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20030126"
+#define MAIL_RELEASE_DATE	"20030219"
 
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"2.0.3-" MAIL_RELEASE_DATE
+#define DEF_MAIL_VERSION	"2.0.4-" MAIL_RELEASE_DATE
 extern char *var_mail_version;
 
  /*

postfix/src/global/pipe_command.c

@@ -132,6 +132,7 @@
 #include <iostuff.h>
 #include <timed_wait.h>
 #include <set_ugid.h>
+#include <set_eugid.h>
 #include <argv.h>
 
 /* Global library. */
@@ -292,9 +293,28 @@ static int pipe_command_read(int fd, void *buf, unsigned len)
     }
 }
 
+/* kill_command - terminate command forcibly */
+
+static void kill_command(pid_t pid, int sig, uid_t kill_uid, gid_t kill_gid)
+{
+    pid_t   saved_euid = geteuid();
+    gid_t   saved_egid = getegid();
+
+    /*
+     * Switch privileges to that of the child process. Terminate the child
+     * and its offspring.
+     */
+    set_eugid(kill_uid, kill_gid);
+    if (kill(-pid, sig) < 0 && kill(pid, sig) < 0)
+	msg_warn("cannot kill process (group) %lu: %m",
+		 (unsigned long) pid);
+    set_eugid(saved_euid, saved_egid);
+}
+
 /* pipe_command_wait_or_kill - wait for command with time limit, or kill it */
 
-static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig)
+static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig,
+				             uid_t kill_uid, gid_t kill_gid)
 {
     int     maxtime = (pipe_command_timeout == 0) ? pipe_command_maxtime : 1;
     char   *myname = "pipe_command_wait_or_kill";
@@ -309,7 +329,7 @@ static int pipe_command_wait_or_kill(pid_t pid, WAIT_STATUS_T *statusp, int sig)
 		msg_info("%s: time limit exceeded", myname);
 	    pipe_command_timeout = 1;
 	}
-	kill(-pid, sig);
+	kill_command(pid, sig, kill_uid, kill_gid);
 	n = waitpid(pid, statusp, 0);
     }
     return (n);
@@ -358,10 +378,14 @@ int     pipe_command(VSTREAM *src, VSTRING *why,...)
      * truncated without too much loss. I could even argue that truncating
      * the amount of diagnostic output is a good thing to do, but I won't go
      * that far.
+     * 
+     * Turn on non-blocking writes to the child process so that we can enforce
+     * timeouts after partial writes.
      */
     if (pipe(cmd_in_pipe) < 0 || pipe(cmd_out_pipe) < 0)
 	msg_fatal("%s: pipe: %m", myname);
     non_blocking(cmd_out_pipe[1], NON_BLOCKING);
+    non_blocking(cmd_in_pipe[1], NON_BLOCKING);
 
     /*
      * Spawn off a child process and irrevocably change privilege to the
@@ -488,8 +512,9 @@ int     pipe_command(VSTREAM *src, VSTRING *why,...)
 	 * not just the child process but also its offspring.
 	 */
 	if (pipe_command_timeout)
-	    (void) kill(-pid, SIGKILL);
+	    kill_command(pid, SIGKILL, args.uid, args.gid);
-	if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL) < 0)
+	if (pipe_command_wait_or_kill(pid, &wait_status, SIGKILL,
+				      args.uid, args.gid) < 0)
 	    msg_fatal("wait: %m");
 	if (pipe_command_timeout) {
 	    vstring_sprintf(why, "Command time limit exceeded: \"%s\"%s%s",

postfix/src/global/rec_type.h

@@ -64,10 +64,13 @@
   * this is "postfix internal" information. However, the pickup server has to
   * allow for the presence of A records in the extracted segment, because it
   * can be requested to re-process already queued mail with `postsuper -r'.
+  * 
+  * Note: REC_TYPE_FILT and REC_TYPE_CONT are encoded with the same 'L'
+  * constant, and it  is too late to change that now.
   */
 #define REC_TYPE_ENVELOPE	"MCTFILSDROWVA>"
 #define REC_TYPE_CONTENT	"XLN"
-#define REC_TYPE_EXTRACT	"EDROPreAFI>"
+#define REC_TYPE_EXTRACT	"EDROPreAFIL>"
 
  /*
   * The record at the beginning of the envelope segment specifies the message

postfix/src/local/maildir.c

@@ -168,7 +168,7 @@ int     deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path)
      * 
      * [...]
      * 
-     * # Pn, where n is (in decimal) the process ID.
+     * Pn, where n is (in decimal) the process ID.
      * 
      * [...]
      */

postfix/src/pickup/pickup.c

@@ -225,7 +225,12 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
 	if (type == REC_TYPE_INSP)
 	    /* Use current content inspection settings instead. */
 	    continue;
-	if (type == REC_TYPE_FILT)
+
+	/*
+	 * XXX Workaround: REC_TYPE_FILT (used in envelopes) == REC_TYPE_CONT
+	 * (used in message content).
+	 */
+	if (type == REC_TYPE_FILT && *expected != REC_TYPE_CONTENT[0])
 	    /* Use current content filter settings instead. */
 	    continue;
 	else {

postfix/src/smtpd/smtpd_sasl_glue.c

@@ -310,8 +310,9 @@ void    smtpd_sasl_connect(SMTPD_STATE *state)
 		      "", " ", "",
 		      &state->sasl_mechanism_list,
 		      IGNORE_MECHANISM_LEN,
-		      &sasl_mechanism_count) != SASL_OK
+		      &sasl_mechanism_count) != SASL_OK)
-	|| sasl_mechanism_count <= 0)
+	msg_fatal("cannot lookup SASL authentication mechanisms");
+    if (sasl_mechanism_count <= 0)
 	msg_fatal("no SASL authentication mechanisms");
 }
 

postfix/src/virtual/maildir.c

@@ -165,7 +165,7 @@ int     deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr)
      * 
      * [...]
      * 
-     * # Pn, where n is (in decimal) the process ID.
+     * Pn, where n is (in decimal) the process ID.
      * 
      * [...]
      */