mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

snapshot-20010129

Browse Source
This commit is contained in:
Wietse Venema 2001-01-29 00:00:00 -05:00 committed by Viktor Dukhovni
parent 86e8d4a282
commit 3339e62c54
16 changed files with 127 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
postfix/HISTORY
View File

@ -4789,3 +4789,22 @@ Apologies for any names omitted.
McNamara. See VIRTUAL_README for detailed examples.
Update: merged a re-vamped nqmgr by Patrik Rak.
20010129
Tweak: several little nqmgr tweaks by Patrik Rak. Files:
global/mail_params.h, nqmgr/qmgr_job.c.
Bugfix: the virtual delivery agent did not save maps_find()
results timely. J?rgen Thomsen, postfix.jth.net. File:
virtual/mailbox.c.
Security: disallow regexp tables in the virtual delivery
agent. The $1 etc. substitution mechanism gives too much
power to the sender. File: virtual/mailbox.c.
Cleanup: clarified documentation and boundary cases in the
random_sleep() routine.
Bugfix: the MISSING_USLEEP feature was used backwards.
Patrik Rak. File: util/random_sleep.c.

67
postfix/LMTP_README
View File

@ -16,8 +16,9 @@ the user database among the front end and back end systems.
Postfix LMTP support is based on a modified version of the Postfix
SMTP client. The initial version was by Philip A. Prindeville of
Mirapoint, Inc., USA. This code was modified further by Amos Gouaux
of University of Texas at Dallas, Richardson, USA. Wietse Venema
reduced the code to its present shape.
of University of Texas at Dallas, Richardson, USA, who also revised
much of the documentation. Wietse Venema reduced the code to its
present shape.
Overview
@ -53,33 +54,41 @@ Using main.cf configuration
This is the simplest LMTP configuration.
1. LMTP over UNIX-domain sockets.
1. Delivery mechanisms
Postfix supports three mechanisms to deliver mail over LMTP.
Each method can use UNIX-domain or TCP sockets as described in
a later section.
mailbox_transport = lmtp:unix:/path/name (UNIX-domain socket)
mailbox_transport = lmtp:hostname:port (TCP socket)
The Postfix local delivery agent expands aliases and .forward
files, and delegates mailbox delivery to the LMTP server.
local_transport = lmtp:unix:/path/name (UNIX-domain socket)
local_transport = lmtp:hostname:port (TCP socket)
Mail that resolves as local is directly given to the LMTP
server. The mail is not processed by the Postfix local
delivery agent; therefore aliases and .forward files are
not expanded.
fallback_transport = lmtp:unix:/path/name (UNIX-domain socket)
fallback_transport = lmtp:hostname:port (TCP socket)
The Postfix local delivery agent expands aliases and .forward
files, and delivers to /var[/spool]/mail/$user for users
that have a UNIX account. Mail for other local users is
delegated to the LMTP server.
2. LMTP over UNIX-domain sockets.
The UNIX-domain socket is specified as a name in the local file
system. This "/path/name" should be the socket created by the
LMTP server on the local machine. See the specific examples
later in this document.
The settings local_transport, mailbox_transport, and
fallback_transport support the following connections:
mailbox_transport = lmtp:unix:/path/name
The Postfix local delivery agent expands aliases and .forward
files, and delegates mailbox delivery to the LMTP server.
local_transport = lmtp:unix:/path/name
Mail that resolves as local is directly given to the LMTP server.
The mail is not processed by the Postfix local delivery agent;
therefore aliases and .forward files are not expanded.
fallback_transport = lmtp:unix:/path/name
The Postfix local delivery agent expands aliases and .forward files,
and delivers to /var/mail/$user for users that have a UNIX account.
Mail for other local users is delegated to the LMTP server.
NOTE:
If you run the lmtp client chrooted, the interpretation of
@ -90,22 +99,12 @@ This is the simplest LMTP configuration.
With LMTP delivery to the local machine there is no good
reason to run the Postfix LMTP client chrooted.
2. LMTP over TCP sockets.
3. LMTP over TCP sockets.
Currently the default TCP port number for this type of connection
is 24, but this can be customized in the "/etc/services" file.
Specific examples are given later in this document.
The settings local_transport, mailbox_transport, and
fallback_transport support the following connections:
mailbox_transport = lmtp:hostname:port
local_transport = lmtp:hostname:port
fallback_transport = lmtp:hostname:port
See the previous section for a discussion of the differences
between these three delivery methods.
NOTE:
With connections over TCP sockets, later Cyrus implementations

4
postfix/RELEASE_NOTES
View File

@ -27,8 +27,8 @@ agent can deliver mail for any number of domains. See the file
VIRTUAL_README for detailed examples. This code is still new. Once
it stops changing it will become part of the non-beta release.
Many "valid_hostname" warnings were either eliminated, and the rest
was replaced by something more informative.
Many "valid_hostname" warnings were eliminated, and the rest was
replaced by something more informative.
SASL support (RFC 2554) for the LMTP delivery agent. This is required
by recent Cyrus implementations when delivering mail over TCP

6
postfix/VIRTUAL_README
View File

@ -61,6 +61,8 @@ virtual_mailbox_maps
If a recipient is not found the mail is returned to the sender.
For security reasons, regexp maps are not allowed here.
The mail administrator is expected to create and chown recipient
mailbox files or maildir directories ahead of time.
@ -75,11 +77,15 @@ virtual_uid_maps
Recipients are looked up in this map to determine the UID (owner
privileges) to be used when writing to the target mailbox.
For security reasons, regexp maps are not allowed here.
virtual_gid_maps
Recipients are looked up in this map to determine the GID (group
privileges) to be used when writing to the target mailbox.
For security reasons, regexp maps are not allowed here.
virtual_mailbox_lock
This setting is ignored in case of maildir delivery.

9
postfix/conf/sample-local.cf
View File

@ -187,7 +187,7 @@ mailbox_transport =
fallback_transport =
#
# RATE CONTROLS
# RESOURCE CONTROLS
#
# The local_destination_concurrency_limit parameter limits the number
@ -200,6 +200,13 @@ fallback_transport =
#
local_destination_concurrency_limit = 2
# The mailbox_size_limit parameter controls the maximal size of a
# mailbox or maildir file (in fact, it limits the size of any file
# that is written to upon local delivery) The default is 20MBytes.
# This limit must not be set smaller than the message size limit.
#
mailbox_size_limit = 20480000
# The local_destination_recipient_limit parameter limits the number
# of recipients per local message delivery. The default limit is
# taken from the default_destination_recipient_limit parameter.

34
postfix/html/local.8.html
View File

@ -449,11 +449,11 @@ LOCAL(8) LOCAL(8)
ery. The default limit is taken from the
<b>default</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter.
<b>Security</b> <b>controls</b>
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>commands</b>
Restrict the usage of mail delivery to external
command.
<b>mailbox</b><i>_</i><b>size</b><i>_</i><b>limit</b>
Limit the size of a mailbox etc. file (any file
that is written to upon delivery).
<b>Security</b> <b>controls</b>
@ -467,29 +467,33 @@ LOCAL(8) LOCAL(8)
LOCAL(8) LOCAL(8)
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>commands</b>
Restrict the usage of mail delivery to external
command.
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
Restrict the usage of mail delivery to external
file.
<b>command</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
What characters are allowed to appear in $name
expansions of mailbox_command. Illegal characters
What characters are allowed to appear in $name
expansions of mailbox_command. Illegal characters
are replaced by underscores.
<b>default</b><i>_</i><b>privs</b>
Default rights for delivery to external file or
Default rights for delivery to external file or
command.
<b>forward</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
What characters are allowed to appear in $name
expansions of forward_path. Illegal characters are
What characters are allowed to appear in $name
expansions of forward_path. Illegal characters are
replaced by underscores.
<b>HISTORY</b>
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
Daniel Bernstein.
The <i>maildir</i> structure appears in the <b>qmail</b> system by
The <i>maildir</i> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>SEE</b> <b>ALSO</b>
@ -500,7 +504,7 @@ LOCAL(8) LOCAL(8)
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
@ -520,10 +524,6 @@ LOCAL(8) LOCAL(8)
8

6
postfix/html/virtual.8.html
View File

@ -142,7 +142,7 @@ VIRTUAL(8) VIRTUAL(8)
boxes. While it could be set to "/", this setting
isn't recommended.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b>
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> (regexp maps disallowed)
Recipients are looked up in these maps to determine
the path to their mailbox or maildir. If the
returned path ends in a slash ("/"), maildir-style
@ -159,12 +159,12 @@ VIRTUAL(8) VIRTUAL(8)
this will be rejected, and the message will be
deferred.
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> (regexp maps disallowed)
Recipients are looked up in these maps to determine
the user ID to be used when writing to the target
mailbox.
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b>
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b> (regexp maps disallowed)
Recipients are looked up in these maps to determine
the group ID to be used when writing to the target
mailbox.

3
postfix/man/man8/local.8
View File

@ -375,6 +375,9 @@ The default limit is taken from the
Limit the number of recipients per message delivery.
The default limit is taken from the
\fBdefault_destination_recipient_limit\fR parameter.
.IP \fBmailbox_size_limit\fR
Limit the size of a mailbox etc. file (any file that is
written to upon delivery).
.SH "Security controls"
.ad
.fi

6
postfix/man/man8/virtual.8
View File

@ -131,7 +131,7 @@ Specifies a path that is prepended to all mailbox or maildir paths.
This is a safety measure to ensure that an out of control map in
\fBvirtual_mailbox_maps\fR doesn't litter the filesystem with mailboxes.
While it could be set to "/", this setting isn't recommended.
.IP \fBvirtual_mailbox_maps\fR
.IP "\fBvirtual_mailbox_maps\fR (regexp maps disallowed)"
Recipients are looked up in these maps to determine the path to
their mailbox or maildir. If the returned path ends in a slash
("/"), maildir-style delivery is carried out, otherwise the
@ -144,10 +144,10 @@ Specifies a minimum uid that will be accepted as a return from
a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
Returned values less than this will be rejected, and the message
will be deferred.
.IP \fBvirtual_uid_maps\fR
.IP "\fBvirtual_uid_maps\fR (regexp maps disallowed)"
Recipients are looked up in these maps to determine the user ID to be
used when writing to the target mailbox.
.IP \fBvirtual_gid_maps\fR
.IP "\fBvirtual_gid_maps\fR (regexp maps disallowed)"
Recipients are looked up in these maps to determine the group ID to be
used when writing to the target mailbox.
.SH "Locking controls"

4
postfix/src/global/mail_params.h
View File

@ -492,12 +492,12 @@ extern int var_stack_rcpt_limit;
*/
#define VAR_DELIVERY_SLOT_COST "default_delivery_slot_cost"
#define _DELIVERY_SLOT_COST "_delivery_slot_cost"
#define DEF_DELIVERY_SLOT_COST 10
#define DEF_DELIVERY_SLOT_COST 5
extern int var_delivery_slot_cost;
#define VAR_DELIVERY_SLOT_LOAN "default_delivery_slot_loan"
#define _DELIVERY_SLOT_LOAN "_delivery_slot_loan"
#define DEF_DELIVERY_SLOT_LOAN 5
#define DEF_DELIVERY_SLOT_LOAN 3
extern int var_delivery_slot_loan;
#define VAR_DELIVERY_SLOT_DISCOUNT "default_delivery_slot_discount"

2
postfix/src/global/mail_version.h
View File

@ -15,7 +15,7 @@
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "Snapshot-20010128"
#define DEF_MAIL_VERSION "Snapshot-20010129"
extern char *var_mail_version;
/* LICENSE

3
postfix/src/local/local.c
View File

@ -347,6 +347,9 @@
/* Limit the number of recipients per message delivery.
/* The default limit is taken from the
/* \fBdefault_destination_recipient_limit\fR parameter.
/* .IP \fBmailbox_size_limit\fR
/* Limit the size of a mailbox etc. file (any file that is
/* written to upon delivery).
/* .SH "Security controls"
/* .ad
/* .fi

4
postfix/src/nqmgr/qmgr_job.c
View File

@ -477,7 +477,7 @@ static QMGR_JOB *qmgr_job_candidate(QMGR_JOB *current)
QMGR_TRANSPORT *transport = current->transport;
QMGR_JOB *job,
*best_job = 0;
float score,
double score,
best_score = 0.0;
int max_slots,
max_needed_entries,
@ -534,7 +534,7 @@ static QMGR_JOB *qmgr_job_candidate(QMGR_JOB *current)
max_needed_entries = max_total_entries - job->selected_entries;
delay = now - job->message->queued_time + 1;
if (max_needed_entries > 0 && max_needed_entries <= max_slots) {
score = (float) delay / max_total_entries;
score = (double) delay / max_total_entries;
if (score > best_score) {
best_score = score;
best_job = job;

15
postfix/src/util/rand_sleep.c
View File

@ -10,15 +10,14 @@
/* unsigned delay;
/* unsigned variation;
/* DESCRIPTION
/* rand_sleep() blocks the current process for a pseudo-random
/* amount of time.
/* rand_sleep() blocks the current process for an amount of time
/* pseudo-randomly chosen from the interval (delay += variation/2).
/*
/* Arguments:
/* .IP delay
/* Time to sleep in microseconds.
/* .IP variation
/* Sleep time variation in microseconds; must be smaller than
/* the time to sleep.
/* Variation in microseconds; must not be larger than delay.
/* DIAGNOSTICS
/* Panic: interface violation. All system call errors are fatal.
/* LICENSE
@ -61,20 +60,20 @@ void rand_sleep(unsigned delay, unsigned variation)
*/
if (delay == 0)
msg_panic("%s: bad delay %d", myname, delay);
if (variation >= delay)
if (variation > delay)
msg_panic("%s: bad variation %d", myname, variation);
/*
* Use the semi-crappy random number generator.
*/
if (my_pid == 0)
srandom(my_pid = getpid() ^ time((time_t *) 0));
srandom(my_pid = (getpid() ^ time((time_t *) 0)));
usec = (delay - variation / 2) + variation * (double) random() / RAND_MAX;
#ifdef MISSING_USLEEP
doze(usec);
#else
if (usleep(usec) < 0)
msg_fatal("usleep: %m");
#else
doze(usec);
#endif
}

29
postfix/src/virtual/mailbox.c
View File

@ -168,7 +168,8 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
* Look up the mailbox location. Bounce if not found, defer in case of
* trouble.
*/
mailbox_res = maps_find(virtual_mailbox_maps, state.msg_attr.user, 0);
mailbox_res = maps_find(virtual_mailbox_maps, state.msg_attr.user,
DICT_FLAG_FIXED);
if (mailbox_res == 0) {
if (dict_errno == 0)
return (NO);
@ -178,46 +179,47 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
virtual_mailbox_maps->title, state.msg_attr.user);
return (YES);
}
usr_attr.mailbox = concatenate(var_virt_mailbox_base, "/",
mailbox_res, (char *) 0);
#define RETURN(res) { myfree(usr_attr.mailbox); return (res); }
/*
* Look up the mailbox owner rights. Defer in case of trouble.
*/
if ((uid_res = maps_find(virtual_uid_maps, state.msg_attr.user, 0)) == 0) {
if ((uid_res = maps_find(virtual_uid_maps, state.msg_attr.user,
DICT_FLAG_FIXED)) == 0) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: uid not found in %s",
state.msg_attr.user, virtual_uid_maps->title);
return (YES);
RETURN(YES);
}
if ((n = atol(uid_res)) < var_virt_minimum_uid) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: bad uid %s in %s",
state.msg_attr.user, uid_res, virtual_uid_maps->title);
return (YES);
RETURN(YES);
}
usr_attr.uid = (uid_t) n;
/*
* Look up the mailbox group rights. Defer in case of trouble.
*/
if ((gid_res = maps_find(virtual_gid_maps, state.msg_attr.user, 0)) == 0) {
if ((gid_res = maps_find(virtual_gid_maps, state.msg_attr.user,
DICT_FLAG_FIXED)) == 0) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: gid not found in %s",
state.msg_attr.user, virtual_gid_maps->title);
return (YES);
RETURN(YES);
}
if ((n = atol(gid_res)) <= 0) {
*statusp = defer_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
"recipient %s: bad gid %s in %s",
state.msg_attr.user, gid_res, virtual_gid_maps->title);
return (YES);
RETURN(YES);
}
usr_attr.gid = (gid_t) n;
/*
* No early returns or we have a memory leak.
*/
usr_attr.mailbox = concatenate(var_virt_mailbox_base, "/",
mailbox_res, (char *) 0);
if (msg_verbose)
msg_info("%s[%d]: set user_attr: %s, uid = %d, gid = %d",
myname, state.level,
@ -236,6 +238,5 @@ int deliver_mailbox(LOCAL_STATE state, USER_ATTR usr_attr, int *statusp)
/*
* Cleanup.
*/
myfree(usr_attr.mailbox);
return (YES);
RETURN(YES);
}

6
postfix/src/virtual/virtual.c
View File

@ -107,7 +107,7 @@
/* This is a safety measure to ensure that an out of control map in
/* \fBvirtual_mailbox_maps\fR doesn't litter the filesystem with mailboxes.
/* While it could be set to "/", this setting isn't recommended.
/* .IP \fBvirtual_mailbox_maps\fR
/* .IP "\fBvirtual_mailbox_maps\fR (regexp maps disallowed)"
/* Recipients are looked up in these maps to determine the path to
/* their mailbox or maildir. If the returned path ends in a slash
/* ("/"), maildir-style delivery is carried out, otherwise the
@ -120,10 +120,10 @@
/* a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
/* Returned values less than this will be rejected, and the message
/* will be deferred.
/* .IP \fBvirtual_uid_maps\fR
/* .IP "\fBvirtual_uid_maps\fR (regexp maps disallowed)"
/* Recipients are looked up in these maps to determine the user ID to be
/* used when writing to the target mailbox.
/* .IP \fBvirtual_gid_maps\fR
/* .IP "\fBvirtual_gid_maps\fR (regexp maps disallowed)"
/* Recipients are looked up in these maps to determine the group ID to be
/* used when writing to the target mailbox.
/* .SH "Locking controls"