mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-3.10-20250121-nonprod

Browse Source
This commit is contained in:
Wietse Z Venema 2025-01-21 00:00:00 -05:00 committed by Viktor Dukhovni
parent b800a42bb8
commit 34b1f20fa8
14 changed files with 460 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
postfix/HISTORY
View File

@ -28914,22 +28914,75 @@ Apologies for any names omitted.
bounce/bounce_one_service.c, bounce/bounce_trace_service.c,
bounce/bounce_verp_service.c, bounce/bounce_warn_service.c.
Completed: new Postfix sendmail command option "-O requiretls"
to request that deliveries over SMTP use the REQUIRETLS
extension. The option value "requiretls" is case-insensitive.
Files: sendmail/sendmail.c, global/rec_types.h.
Cleanup: new Postfix sendmail command option "-O smtputf8"
to request that deliveries over SMTP use the SMTPUTF8
extension. This reuses logic that was introduced for
REQUIRETLS. The option value "smtputf8" is case-insensitive.
Files: sendmail/sendmail.c.
Cleanup: when message delivery requires that a remote SMTP
server supports SMTPUTF8, try multiple MX servers before
returning a message as undeliverable. This reuses logic
that was introduced for REQUIRETLS. File: smtp/smtp_proto.c.
TODO:
The RFC says that REQUIRETLS applies to LMTP. Dovecot supports
TLS, but how common is it for Postfix to verify a Dovecot
server certificate? Should we add a 'cheat' setting that does
not enforce REQUIRETLS?
What REQUIRETLS expectations can we enforce when delivering
over a UNIX-domain channel? The SMTP/LMTP client currently
implements the same behavior as for TCP, except that
opportunistic TLS is converted into 'none'.
If a message contains "TLS-Required: no", should a bounce message
also contain this header?
Document how REQUIRETLS works (or does not) with external
content filters.
If the Postfix SMTP server accepted REQUIRETLS, should that stay
in effect if, before the message is forwarded, the configuration
is changed to "requiretls_enable = no"? Same for "postsuper -r".
- REQUIRETLS will work with Milter-based content filters.
Ditto for "tls_required_enable = no" and "TLS-Required: no".
- REQUIRETLS will work with smtpd_proxy_filter as long as
the filter passes the entire Postfix SMTP client's MAIL
FROM command line through the filter to the Postfix SMTP
server after the proxy filter. The Postfix proxy filter
client does not need to see REQUIRETLS (or SMTPUTF8)
announcements in the filter's EHLO response.
Simplify the cleanup_envelope_test. Write the initial SIZE record
to /dev/null, don't call cleanup_final(), and verify the value
of state->sendopts.
- REQUIRETLS will work with an SMTP-based after-queue content
filters as long as the filter announces REQUIRETLS in the
EHLO response (this could be 'always', or copied from the
after-filter Postfix SMTP server's EHLO response), and
as long as the filter passes the entire MAIL FROM command
from the before-filter Postfix SMTP client to the
after-filter Postfix SMTP server. Apart from that, the
content filter does not need to 'know' that REQUIRETLS
exists.
- There currently is no sendmail(1) command-line option to
request REQUIRETLS, and no pipe(8) option to propagate
REQUIRETLS. We could invent a custom long option,
such as '-O RequireTLS' and some way to emit that with
pipe(8). Absent such a command-line option we could use
an environment variable but that will have to be supported
long-term.
The RFC says that REQUIRETLS applies to LMTP. Dovecot
supports TLS, but how common is it for Postfix to verify a
Dovecot server certificate? Should we add a 'cheat' setting
that does not enforce REQUIRETLS?
If a message contains "TLS-Required: no", should a bounce
message also contain this header?
If the Postfix SMTP server accepted REQUIRETLS, should that
stay in effect if, before the message is forwarded, the
configuration is changed to "requiretls_enable = no"? Same
for "postsuper -r".
Ditto for "tls_required_enable = no" and "TLS-Required:
no".
Simplify the cleanup_envelope_test. Write the initial SIZE
record to /dev/null, don't call cleanup_final(), and verify
the value of state->sendopts.

171
postfix/html/mailq.1.html
View File

@ -174,54 +174,75 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-O requiretls</b>
When delivering the message with SMTP, the connection must use
TLS with a verified server certificate, and the remote SMTP
server must support REQUIRETLS. Try multiple SMTP servers if
possible, and return the message as undeliverable when these
requirements were not satisfied with any of the remote SMTP
servers that were tried. The "requiretls" option value is
case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-O smtputf8</b>
When delivering the message with SMTP, the connection must use
the SMTPUTF8 extension. Try multiple SMTP servers if possible,
and return the message as undeliverable when a message contains
an UTF8 envelope address or message header, but SMTPUTF8 was not
supported by any of the remote SMTP servers that were tried. The
"smtputf8" option value is case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-n</b> (ignored)
Backwards compatibility.
<b>-oA</b><i>alias</i><b>_</b><i>database</i>
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
<b>-O</b> <i>option=value</i> (ignored)
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-o7</b> (ignored)
<b>-o8</b> (ignored)
To send 8-bit or binary content, use an appropriate MIME encap-
To send 8-bit or binary content, use an appropriate MIME encap-
sulation and specify the appropriate <b>-B</b> command-line option.
<b>-oi</b> When reading a message from standard input, don't treat a line
<b>-oi</b> When reading a message from standard input, don't treat a line
with only a <b>.</b> character as the end of input.
<b>-om</b> (ignored)
The sender is never eliminated from alias etc. expansions.
<b>-o</b> <i>x value</i> (ignored)
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
ter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-r</b> <i>sender</i>
Set the envelope sender address. This is the address where
Set the envelope sender address. This is the address where
delivery problems are sent to. With Postfix versions before 2.1,
the <b>Errors-To:</b> message header overrides the error return
the <b>Errors-To:</b> message header overrides the error return
address.
<b>-R</b> <i>return</i>
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
copy (the default behavior).
The <b>-R</b> option specifies an upper bound; Postfix will return only
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
setting.
This option is ignored before Postfix version 2.10.
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently will result in
Warning: flushing undeliverable mail frequently will result in
poor delivery performance of all other mail.
<b>-q</b><i>interval</i> (ignored)
@ -230,21 +251,21 @@ SENDMAIL(1) SENDMAIL(1)
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the specified queue ID.
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
mand, and is available with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
ing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more information
about the "fast flush" service.
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower "<b>sendmail -q</b>"
This command is not implemented. Use the slower "<b>sendmail -q</b>"
command instead.
<b>-t</b> Extract recipients from message headers. These are added to any
<b>-t</b> Extract recipients from message headers. These are added to any
recipients specified on the command line.
With Postfix versions prior to 2.1, this option requires that no
@ -260,23 +281,23 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
receives mail with a personalized envelope sender address.
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
ration parameter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
instead of the characters specified with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delim</a>-</b>
<b><a href="postconf.5.html#default_verp_delimiters">iters</a></b> configuration parameter.
<b>-v</b> Send an email report of the first delivery attempt (Postfix ver-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
ging for debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
@ -284,42 +305,42 @@ SENDMAIL(1) SENDMAIL(1)
configuration parameters instead.
<b><a name="security">SECURITY</a></b>
By design, this program is not set-user (or group) id. It is prepared
By design, this program is not set-user (or group) id. It is prepared
to handle message content from untrusted, possibly remote, users.
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
and group IDs of the process. Concretely, this means that running Post-
fix commands as root (from sudo or equivalent) on behalf of a non-root
fix commands as root (from sudo or equivalent) on behalf of a non-root
user is likely to create privilege escalation opportunities.
If an application runs any Postfix programs on behalf of users that do
If an application runs any Postfix programs on behalf of users that do
not have normal shell access to Postfix commands, then that application
MUST restrict user-specified command-line arguments to avoid privilege
MUST restrict user-specified command-line arguments to avoid privilege
escalation.
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
hardlinks to sensitive files, and must not be vulnerable to TOC-
TOU race attacks.
<b>o</b> Disable command options processing for all command arguments
<b>o</b> Disable command options processing for all command arguments
that contain user-specified data. For example, the Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command line MUST be structured as follows:
<b>/path/to/sendmail</b> <i>system-arguments</i> <b>--</b> <i>user-arguments</i>
Here, the "<b>--</b>" disables command option processing for all
Here, the "<b>--</b>" disables command option processing for all
<i>user-arguments</i> that follow.
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
starts with "<b>-</b>".
<b><a name="diagnostics">DIAGNOSTICS</a></b>
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
error stream.
<b><a name="environment">ENVIRONMENT</a></b>
@ -333,12 +354,12 @@ SENDMAIL(1) SENDMAIL(1)
Enable debugging with an external command, as specified with the
<b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter.
<b>NAME</b> The sender full name. This is used only with messages that have
<b>NAME</b> The sender full name. This is used only with messages that have
no <b>From:</b> message header. See also the <b>-F</b> option above.
<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
<a href="postconf.5.html"><b>conf</b>(5)</a> for more details including examples.
<b><a name="compatibility_controls">COMPATIBILITY CONTROLS</a></b>
@ -349,7 +370,7 @@ SENDMAIL(1) SENDMAIL(1)
line endings from &lt;CR&gt;&lt;LF&gt; into UNIX format (&lt;LF&gt;).
<b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
@ -357,14 +378,14 @@ SENDMAIL(1) SENDMAIL(1)
invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a name="access_controls">ACCESS CONTROLS</a></b>
@ -377,13 +398,13 @@ SENDMAIL(1) SENDMAIL(1)
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command (and with the privileged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper com-
mand).
<b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
The maximal amount of original message text that is sent in a
The maximal amount of original message text that is sent in a
non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
@ -397,11 +418,11 @@ SENDMAIL(1) SENDMAIL(1)
in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
<b><a name="fast_flush_controls">FAST FLUSH CONTROLS</a></b>
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
the Postfix "fast flush" service.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
@ -409,26 +430,26 @@ SENDMAIL(1) SENDMAIL(1)
tion logfiles with mail that is queued to those destinations.
<b><a name="verp_controls">VERP CONTROLS</a></b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
Postfix support for variable envelope return path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter characters on
The characters Postfix accepts as VERP delimiter characters on
the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line and in SMTP commands.
<b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
"<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative commands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
@ -439,25 +460,25 @@ SENDMAIL(1) SENDMAIL(1)
and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
The time after which the sender receives a copy of the message
The time after which the sender receives a copy of the message
headers of mail that is still queued.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
name=value environment overrides.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue and most
The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue directory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter, and adding missing head-
ers.
@ -465,24 +486,30 @@ SENDMAIL(1) SENDMAIL(1)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
A prefix that is prepended to the process name in syslog
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Postfix 3.2 and later:
<b><a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a> (empty)</b>
A list of non-default Postfix configuration directories that may
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
MAIL_CONFIG environment parameter.
<b><a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> (empty)</b>
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
etc., together with the default Postfix instance.
Postfix 3.10 and later:
<b><a href="postconf.5.html#requiretls_enable">requiretls_enable</a> (yes)</b>
Enable support for the ESMTP verb "REQUIRETLS", defined in <a href="https://tools.ietf.org/html/rfc8689">RFC</a>
<a href="https://tools.ietf.org/html/rfc8689">8689</a>.
<b><a name="files">FILES</a></b>
/var/spool/postfix, mail queue
/etc/postfix, configuration files

171
postfix/html/newaliases.1.html
View File

@ -174,54 +174,75 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-O requiretls</b>
When delivering the message with SMTP, the connection must use
TLS with a verified server certificate, and the remote SMTP
server must support REQUIRETLS. Try multiple SMTP servers if
possible, and return the message as undeliverable when these
requirements were not satisfied with any of the remote SMTP
servers that were tried. The "requiretls" option value is
case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-O smtputf8</b>
When delivering the message with SMTP, the connection must use
the SMTPUTF8 extension. Try multiple SMTP servers if possible,
and return the message as undeliverable when a message contains
an UTF8 envelope address or message header, but SMTPUTF8 was not
supported by any of the remote SMTP servers that were tried. The
"smtputf8" option value is case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-n</b> (ignored)
Backwards compatibility.
<b>-oA</b><i>alias</i><b>_</b><i>database</i>
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
<b>-O</b> <i>option=value</i> (ignored)
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-o7</b> (ignored)
<b>-o8</b> (ignored)
To send 8-bit or binary content, use an appropriate MIME encap-
To send 8-bit or binary content, use an appropriate MIME encap-
sulation and specify the appropriate <b>-B</b> command-line option.
<b>-oi</b> When reading a message from standard input, don't treat a line
<b>-oi</b> When reading a message from standard input, don't treat a line
with only a <b>.</b> character as the end of input.
<b>-om</b> (ignored)
The sender is never eliminated from alias etc. expansions.
<b>-o</b> <i>x value</i> (ignored)
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
ter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-r</b> <i>sender</i>
Set the envelope sender address. This is the address where
Set the envelope sender address. This is the address where
delivery problems are sent to. With Postfix versions before 2.1,
the <b>Errors-To:</b> message header overrides the error return
the <b>Errors-To:</b> message header overrides the error return
address.
<b>-R</b> <i>return</i>
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
copy (the default behavior).
The <b>-R</b> option specifies an upper bound; Postfix will return only
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
setting.
This option is ignored before Postfix version 2.10.
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently will result in
Warning: flushing undeliverable mail frequently will result in
poor delivery performance of all other mail.
<b>-q</b><i>interval</i> (ignored)
@ -230,21 +251,21 @@ SENDMAIL(1) SENDMAIL(1)
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the specified queue ID.
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
mand, and is available with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
ing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more information
about the "fast flush" service.
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower "<b>sendmail -q</b>"
This command is not implemented. Use the slower "<b>sendmail -q</b>"
command instead.
<b>-t</b> Extract recipients from message headers. These are added to any
<b>-t</b> Extract recipients from message headers. These are added to any
recipients specified on the command line.
With Postfix versions prior to 2.1, this option requires that no
@ -260,23 +281,23 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
receives mail with a personalized envelope sender address.
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
ration parameter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
instead of the characters specified with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delim</a>-</b>
<b><a href="postconf.5.html#default_verp_delimiters">iters</a></b> configuration parameter.
<b>-v</b> Send an email report of the first delivery attempt (Postfix ver-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
ging for debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
@ -284,42 +305,42 @@ SENDMAIL(1) SENDMAIL(1)
configuration parameters instead.
<b><a name="security">SECURITY</a></b>
By design, this program is not set-user (or group) id. It is prepared
By design, this program is not set-user (or group) id. It is prepared
to handle message content from untrusted, possibly remote, users.
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
and group IDs of the process. Concretely, this means that running Post-
fix commands as root (from sudo or equivalent) on behalf of a non-root
fix commands as root (from sudo or equivalent) on behalf of a non-root
user is likely to create privilege escalation opportunities.
If an application runs any Postfix programs on behalf of users that do
If an application runs any Postfix programs on behalf of users that do
not have normal shell access to Postfix commands, then that application
MUST restrict user-specified command-line arguments to avoid privilege
MUST restrict user-specified command-line arguments to avoid privilege
escalation.
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
hardlinks to sensitive files, and must not be vulnerable to TOC-
TOU race attacks.
<b>o</b> Disable command options processing for all command arguments
<b>o</b> Disable command options processing for all command arguments
that contain user-specified data. For example, the Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command line MUST be structured as follows:
<b>/path/to/sendmail</b> <i>system-arguments</i> <b>--</b> <i>user-arguments</i>
Here, the "<b>--</b>" disables command option processing for all
Here, the "<b>--</b>" disables command option processing for all
<i>user-arguments</i> that follow.
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
starts with "<b>-</b>".
<b><a name="diagnostics">DIAGNOSTICS</a></b>
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
error stream.
<b><a name="environment">ENVIRONMENT</a></b>
@ -333,12 +354,12 @@ SENDMAIL(1) SENDMAIL(1)
Enable debugging with an external command, as specified with the
<b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter.
<b>NAME</b> The sender full name. This is used only with messages that have
<b>NAME</b> The sender full name. This is used only with messages that have
no <b>From:</b> message header. See also the <b>-F</b> option above.
<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
<a href="postconf.5.html"><b>conf</b>(5)</a> for more details including examples.
<b><a name="compatibility_controls">COMPATIBILITY CONTROLS</a></b>
@ -349,7 +370,7 @@ SENDMAIL(1) SENDMAIL(1)
line endings from &lt;CR&gt;&lt;LF&gt; into UNIX format (&lt;LF&gt;).
<b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
@ -357,14 +378,14 @@ SENDMAIL(1) SENDMAIL(1)
invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a name="access_controls">ACCESS CONTROLS</a></b>
@ -377,13 +398,13 @@ SENDMAIL(1) SENDMAIL(1)
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command (and with the privileged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper com-
mand).
<b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
The maximal amount of original message text that is sent in a
The maximal amount of original message text that is sent in a
non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
@ -397,11 +418,11 @@ SENDMAIL(1) SENDMAIL(1)
in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
<b><a name="fast_flush_controls">FAST FLUSH CONTROLS</a></b>
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
the Postfix "fast flush" service.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
@ -409,26 +430,26 @@ SENDMAIL(1) SENDMAIL(1)
tion logfiles with mail that is queued to those destinations.
<b><a name="verp_controls">VERP CONTROLS</a></b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
Postfix support for variable envelope return path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter characters on
The characters Postfix accepts as VERP delimiter characters on
the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line and in SMTP commands.
<b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
"<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative commands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
@ -439,25 +460,25 @@ SENDMAIL(1) SENDMAIL(1)
and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
The time after which the sender receives a copy of the message
The time after which the sender receives a copy of the message
headers of mail that is still queued.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
name=value environment overrides.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue and most
The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue directory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter, and adding missing head-
ers.
@ -465,24 +486,30 @@ SENDMAIL(1) SENDMAIL(1)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
A prefix that is prepended to the process name in syslog
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Postfix 3.2 and later:
<b><a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a> (empty)</b>
A list of non-default Postfix configuration directories that may
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
MAIL_CONFIG environment parameter.
<b><a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> (empty)</b>
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
etc., together with the default Postfix instance.
Postfix 3.10 and later:
<b><a href="postconf.5.html#requiretls_enable">requiretls_enable</a> (yes)</b>
Enable support for the ESMTP verb "REQUIRETLS", defined in <a href="https://tools.ietf.org/html/rfc8689">RFC</a>
<a href="https://tools.ietf.org/html/rfc8689">8689</a>.
<b><a name="files">FILES</a></b>
/var/spool/postfix, mail queue
/etc/postfix, configuration files

171
postfix/html/sendmail.1.html
View File

@ -174,54 +174,75 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-O requiretls</b>
When delivering the message with SMTP, the connection must use
TLS with a verified server certificate, and the remote SMTP
server must support REQUIRETLS. Try multiple SMTP servers if
possible, and return the message as undeliverable when these
requirements were not satisfied with any of the remote SMTP
servers that were tried. The "requiretls" option value is
case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-O smtputf8</b>
When delivering the message with SMTP, the connection must use
the SMTPUTF8 extension. Try multiple SMTP servers if possible,
and return the message as undeliverable when a message contains
an UTF8 envelope address or message header, but SMTPUTF8 was not
supported by any of the remote SMTP servers that were tried. The
"smtputf8" option value is case-insensitive.
This feature is available in Postfix 3.10 and later.
<b>-n</b> (ignored)
Backwards compatibility.
<b>-oA</b><i>alias</i><b>_</b><i>database</i>
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
Non-default alias database. Specify <i>pathname</i> or <i>type</i>:<i>pathname</i>.
See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
<b>-O</b> <i>option=value</i> (ignored)
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
Set the named <i>option</i> to <i>value</i>. Use the equivalent configuration
parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-o7</b> (ignored)
<b>-o8</b> (ignored)
To send 8-bit or binary content, use an appropriate MIME encap-
To send 8-bit or binary content, use an appropriate MIME encap-
sulation and specify the appropriate <b>-B</b> command-line option.
<b>-oi</b> When reading a message from standard input, don't treat a line
<b>-oi</b> When reading a message from standard input, don't treat a line
with only a <b>.</b> character as the end of input.
<b>-om</b> (ignored)
The sender is never eliminated from alias etc. expansions.
<b>-o</b> <i>x value</i> (ignored)
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
Set option <i>x</i> to <i>value</i>. Use the equivalent configuration parame-
ter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-r</b> <i>sender</i>
Set the envelope sender address. This is the address where
Set the envelope sender address. This is the address where
delivery problems are sent to. With Postfix versions before 2.1,
the <b>Errors-To:</b> message header overrides the error return
the <b>Errors-To:</b> message header overrides the error return
address.
<b>-R</b> <i>return</i>
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
Delivery status notification control. Specify "hdrs" to return
only the header when a message bounces, "full" to return a full
copy (the default behavior).
The <b>-R</b> option specifies an upper bound; Postfix will return only
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
the header, when a full copy would exceed the <a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a>
setting.
This option is ignored before Postfix version 2.10.
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
<b>-q</b> Attempt to deliver all queued mail. This is implemented by exe-
cuting the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently will result in
Warning: flushing undeliverable mail frequently will result in
poor delivery performance of all other mail.
<b>-q</b><i>interval</i> (ignored)
@ -230,21 +251,21 @@ SENDMAIL(1) SENDMAIL(1)
<b>-qI</b><i>queueid</i>
Schedule immediate delivery of mail with the specified queue ID.
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
This option is implemented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> com-
mand, and is available with Postfix version 2.4 and later.
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
Schedule immediate delivery of all mail that is queued for the
named <i>site</i>. This option accepts only <i>site</i> names that are eligi-
ble for the "fast flush" service, and is implemented by execut-
ing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more information
about the "fast flush" service.
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower "<b>sendmail -q</b>"
This command is not implemented. Use the slower "<b>sendmail -q</b>"
command instead.
<b>-t</b> Extract recipients from message headers. These are added to any
<b>-t</b> Extract recipients from message headers. These are added to any
recipients specified on the command line.
With Postfix versions prior to 2.1, this option requires that no
@ -260,23 +281,23 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
Variable Envelope Return Path. Given an envelope sender address
of the form <i>owner-listname</i>@<i>origin</i>, each recipient <i>user</i>@<i>domain</i>
receives mail with a personalized envelope sender address.
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
By default, the personalized envelope sender address is
<i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The default <b>+</b> and <b>=</b> charac-
ters are configurable with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configu-
ration parameter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter characters,
instead of the characters specified with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delim</a>-</b>
<b><a href="postconf.5.html#default_verp_delimiters">iters</a></b> configuration parameter.
<b>-v</b> Send an email report of the first delivery attempt (Postfix ver-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
sions 2.1 and later). Mail delivery always happens in the back-
ground. When multiple <b>-v</b> options are given, enable verbose log-
ging for debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
@ -284,42 +305,42 @@ SENDMAIL(1) SENDMAIL(1)
configuration parameters instead.
<b><a name="security">SECURITY</a></b>
By design, this program is not set-user (or group) id. It is prepared
By design, this program is not set-user (or group) id. It is prepared
to handle message content from untrusted, possibly remote, users.
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
However, like most Postfix programs, this program does not enforce a
security policy on its command-line arguments. Instead, it relies on
the UNIX system to enforce access policies based on the effective user
and group IDs of the process. Concretely, this means that running Post-
fix commands as root (from sudo or equivalent) on behalf of a non-root
fix commands as root (from sudo or equivalent) on behalf of a non-root
user is likely to create privilege escalation opportunities.
If an application runs any Postfix programs on behalf of users that do
If an application runs any Postfix programs on behalf of users that do
not have normal shell access to Postfix commands, then that application
MUST restrict user-specified command-line arguments to avoid privilege
MUST restrict user-specified command-line arguments to avoid privilege
escalation.
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
<b>o</b> Filter all command-line arguments, for example arguments that
contain a pathname or that specify a database access method.
These pathname checks must reject user-controlled symlinks or
hardlinks to sensitive files, and must not be vulnerable to TOC-
TOU race attacks.
<b>o</b> Disable command options processing for all command arguments
<b>o</b> Disable command options processing for all command arguments
that contain user-specified data. For example, the Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command line MUST be structured as follows:
<b>/path/to/sendmail</b> <i>system-arguments</i> <b>--</b> <i>user-arguments</i>
Here, the "<b>--</b>" disables command option processing for all
Here, the "<b>--</b>" disables command option processing for all
<i>user-arguments</i> that follow.
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
Without the "<b>--</b>", a malicious user could enable Postfix <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command options, by specifying an email address that
starts with "<b>-</b>".
<b><a name="diagnostics">DIAGNOSTICS</a></b>
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
Problems are logged to <b>syslogd</b>(8) or <a href="postlogd.8.html"><b>postlogd</b>(8)</a>, and to the standard
error stream.
<b><a name="environment">ENVIRONMENT</a></b>
@ -333,12 +354,12 @@ SENDMAIL(1) SENDMAIL(1)
Enable debugging with an external command, as specified with the
<b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration parameter.
<b>NAME</b> The sender full name. This is used only with messages that have
<b>NAME</b> The sender full name. This is used only with messages that have
no <b>From:</b> message header. See also the <b>-F</b> option above.
<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram. The text below provides only a parameter summary. See <a href="postconf.5.html"><b>post-</b></a>
<a href="postconf.5.html"><b>conf</b>(5)</a> for more details including examples.
<b><a name="compatibility_controls">COMPATIBILITY CONTROLS</a></b>
@ -349,7 +370,7 @@ SENDMAIL(1) SENDMAIL(1)
line endings from &lt;CR&gt;&lt;LF&gt; into UNIX format (&lt;LF&gt;).
<b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to troubleshoot a Postfix
system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
@ -357,14 +378,14 @@ SENDMAIL(1) SENDMAIL(1)
invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a name="access_controls">ACCESS CONTROLS</a></b>
@ -377,13 +398,13 @@ SENDMAIL(1) SENDMAIL(1)
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (<a href="DATABASE_README.html#types">static</a>:anyone)</b>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
List of users who are authorized to submit mail with the <a href="sendmail.1.html"><b>send-</b></a>
<a href="sendmail.1.html"><b>mail</b>(1)</a> command (and with the privileged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper com-
mand).
<b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
The maximal amount of original message text that is sent in a
The maximal amount of original message text that is sent in a
non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
@ -397,11 +418,11 @@ SENDMAIL(1) SENDMAIL(1)
in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (300s)</b>
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
<b><a name="fast_flush_controls">FAST FLUSH CONTROLS</a></b>
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
The <a href="ETRN_README.html">ETRN_README</a> file describes configuration and operation details for
the Postfix "fast flush" service.
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
@ -409,26 +430,26 @@ SENDMAIL(1) SENDMAIL(1)
tion logfiles with mail that is queued to those destinations.
<b><a name="verp_controls">VERP CONTROLS</a></b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation details of
Postfix support for variable envelope return path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter characters on
The characters Postfix accepts as VERP delimiter characters on
the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line and in SMTP commands.
<b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are updated with
"<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative commands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
@ -439,25 +460,25 @@ SENDMAIL(1) SENDMAIL(1)
and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
The time after which the sender receives a copy of the message
The time after which the sender receives a copy of the message
headers of mail that is still queued.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
name=value environment overrides.
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
The UNIX system account that owns the Postfix queue and most
The UNIX system account that owns the Postfix queue and most
Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue directory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
Rewrite or add message headers in mail from remote clients if
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter value is non-empty,
updating incomplete addresses with the domain specified in the
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter, and adding missing head-
ers.
@ -465,24 +486,30 @@ SENDMAIL(1) SENDMAIL(1)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
A prefix that is prepended to the process name in syslog
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Postfix 3.2 and later:
<b><a href="postconf.5.html#alternate_config_directories">alternate_config_directories</a> (empty)</b>
A list of non-default Postfix configuration directories that may
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
be specified with "-c <a href="postconf.5.html#config_directory">config_directory</a>" on the command line (in
the case of <a href="sendmail.1.html"><b>sendmail</b>(1)</a>, with the "-C" option), or via the
MAIL_CONFIG environment parameter.
<b><a href="postconf.5.html#multi_instance_directories">multi_instance_directories</a> (empty)</b>
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
An optional list of non-default Postfix configuration directo-
ries; these directories belong to additional Postfix instances
that share the Postfix executable files and documentation with
the default Postfix instance, and that are started, stopped,
etc., together with the default Postfix instance.
Postfix 3.10 and later:
<b><a href="postconf.5.html#requiretls_enable">requiretls_enable</a> (yes)</b>
Enable support for the ESMTP verb "REQUIRETLS", defined in <a href="https://tools.ietf.org/html/rfc8689">RFC</a>
<a href="https://tools.ietf.org/html/rfc8689">8689</a>.
<b><a name="files">FILES</a></b>
/var/spool/postfix, mail queue
/etc/postfix, configuration files

23
postfix/man/man1/sendmail.1
View File

@ -162,6 +162,24 @@ notification when delivery is delayed), or \fBsuccess\fR
\fBnever\fR (don't send any notifications at all).
This feature is available in Postfix 2.3 and later.
.IP "\fB\-O requiretls"
When delivering the message with SMTP, the connection must use TLS
with a verified server certificate, and the remote SMTP server
must support REQUIRETLS. Try multiple SMTP servers if possible,
and return the message as undeliverable when these requirements
were not satisfied with any of the remote SMTP servers that were
tried. The "requiretls" option value is case\-insensitive.
This feature is available in Postfix 3.10 and later.
.IP "\fB\-O smtputf8"
When delivering the message with SMTP, the connection must use
the SMTPUTF8 extension. Try multiple SMTP servers if possible,
and return the message as undeliverable when a message contains
an UTF8 envelope address or message header, but SMTPUTF8 was not
supported by any of the remote SMTP servers that were tried. The
"smtputf8" option value is case\-insensitive.
This feature is available in Postfix 3.10 and later.
.IP "\fB\-n\fR (ignored)"
Backwards compatibility.
.IP "\fB\-oA\fIalias_database\fR"
@ -462,6 +480,11 @@ these directories belong to additional Postfix instances that share
the Postfix executable files and documentation with the default
Postfix instance, and that are started, stopped, etc., together
with the default Postfix instance.
.PP
Postfix 3.10 and later:
.IP "\fBrequiretls_enable (yes)\fR"
Enable support for the ESMTP verb "REQUIRETLS", defined in RFC
8689.
.SH "FILES"
.na
.nf

2
postfix/proto/stop.double-history
View File

@ -161,3 +161,5 @@ proto proto socketmap_table
operations Files cleanup cleanup h cleanup cleanup_message c
global ehlo_mask_test c local forward c smtpd smtpd c
more alternate MX servers to try Files smtp smtp h
Files sendmail sendmail c global rec_types h
Files sendmail sendmail c

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20250120"
#define MAIL_RELEASE_DATE "20250121"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT

2
postfix/src/global/rec_type.h
View File

@ -110,7 +110,7 @@
/*
* The subset of inputs that the postdrop command allows.
*/
#define REC_TYPE_POST_ENVELOPE "MFSRVAin"
#define REC_TYPE_POST_ENVELOPE "MCFSRVAin"
#define REC_TYPE_POST_CONTENT "XLN"
#define REC_TYPE_POST_EXTRACT "EAR"

6
postfix/src/pickup/pickup.c
View File

@ -236,6 +236,7 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
char *attr_value;
char *saved_attr;
int skip_attr;
ssize_t count;
/*
* Limit the input record size. All front-end programs should protect the
@ -246,7 +247,7 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
*
* We must allow PTR records here because of "postsuper -r".
*/
for (;;) {
for (count = 0; /* void */; count++) {
if ((type = rec_get(qfile, buf, var_line_limit)) < 0
|| strchr(expected, type) == 0)
return (file_read_error(info, type));
@ -264,6 +265,9 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
}
if (type == REC_TYPE_TIME)
time_seen = 1;
if (type == REC_TYPE_SIZE && count > 0)
/* Discard SIZE record not at beginning of segment. */
continue;
/*
* XXX Workaround: REC_TYPE_FILT (used in envelopes) == REC_TYPE_CONT

1
postfix/src/sendmail/Makefile.in
View File

@ -86,6 +86,7 @@ sendmail.o: ../../include/recipient_list.h
sendmail.o: ../../include/record.h
sendmail.o: ../../include/resolve_clnt.h
sendmail.o: ../../include/safe.h
sendmail.o: ../../include/sendopts.h
sendmail.o: ../../include/set_ugid.h
sendmail.o: ../../include/split_at.h
sendmail.o: ../../include/stringops.h

51
postfix/src/sendmail/sendmail.c
View File

@ -156,6 +156,24 @@
/* \fBnever\fR (don't send any notifications at all).
/*
/* This feature is available in Postfix 2.3 and later.
/* .IP "\fB-O requiretls"
/* When delivering the message with SMTP, the connection must use TLS
/* with a verified server certificate, and the remote SMTP server
/* must support REQUIRETLS. Try multiple SMTP servers if possible,
/* and return the message as undeliverable when these requirements
/* were not satisfied with any of the remote SMTP servers that were
/* tried. The "requiretls" option value is case-insensitive.
/*
/* This feature is available in Postfix 3.10 and later.
/* .IP "\fB-O smtputf8"
/* When delivering the message with SMTP, the connection must use
/* the SMTPUTF8 extension. Try multiple SMTP servers if possible,
/* and return the message as undeliverable when a message contains
/* an UTF8 envelope address or message header, but SMTPUTF8 was not
/* supported by any of the remote SMTP servers that were tried. The
/* "smtputf8" option value is case-insensitive.
/*
/* This feature is available in Postfix 3.10 and later.
/* .IP "\fB-n\fR (ignored)"
/* Backwards compatibility.
/* .IP "\fB-oA\fIalias_database\fR"
@ -434,6 +452,11 @@
/* the Postfix executable files and documentation with the default
/* Postfix instance, and that are started, stopped, etc., together
/* with the default Postfix instance.
/* .PP
/* Postfix 3.10 and later:
/* .IP "\fBrequiretls_enable (yes)\fR"
/* Enable support for the ESMTP verb "REQUIRETLS", defined in RFC
/* 8689.
/* FILES
/* /var/spool/postfix, mail queue
/* /etc/postfix, configuration files
@ -537,6 +560,7 @@
#include <user_acl.h>
#include <dsn_mask.h>
#include <mail_parm_split.h>
#include <sendopts.h>
/* Application-specific. */
@ -589,6 +613,11 @@ static const CONFIG_STR_TABLE str_table[] = {
0,
};
/*
* Sender options.
*/
static int sm_sendopts;
/*
* Silly little macros (SLMs).
*/
@ -788,6 +817,14 @@ static void enqueue(const int flags, const char *encoding,
* With "sendmail -N", instead of a per-message NOTIFY record we store one
* per recipient so that we can simplify the implementation somewhat.
*/
if (sm_sendopts)
rec_fprintf(dst, REC_TYPE_SIZE, REC_TYPE_SIZE_FORMAT,
(REC_TYPE_SIZE_CAST1) ~ 0, /* message segment size */
(REC_TYPE_SIZE_CAST2) ~ 0, /* content offset */
(REC_TYPE_SIZE_CAST3) ~ 0, /* recipient count */
(REC_TYPE_SIZE_CAST4) ~ 0, /* qmgr options */
(REC_TYPE_SIZE_CAST5) ~ 0, /* content length */
(REC_TYPE_SIZE_CAST6) sm_sendopts);
if (dsn_envid)
rec_fprintf(dst, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_DSN_ENVID, dsn_envid);
@ -1251,7 +1288,19 @@ int main(int argc, char **argv)
break;
case 'N':
if ((dsn_notify = dsn_notify_mask(optarg)) == 0)
msg_warn("bad -N option value -- ignored");
msg_warn("bad -N option value: '%s' -- ignored", optarg);
break;
case 'O':
if (strcasecmp(optarg, "REQUIRETLS") == 0) {
sm_sendopts |= SOPT_REQUIRETLS_ESMTP;
if (var_requiretls_enable == 0)
msg_warn("'-O requiretls' was requested, but the "
"configuration is 'requiretls_enable = no'");
} else if (strcasecmp(optarg, "SMTPUTF8") == 0) {
sm_sendopts |= SOPT_SMTPUTF8_REQUESTED;
} else {
msg_warn("bad -O option value: '%s' -- ignored", optarg);
}
break;
case 'R':
if ((dsn_ret = dsn_ret_code(optarg)) == 0)

6
postfix/src/smtp/smtp_connect.c
View File

@ -522,8 +522,10 @@ static int smtp_get_effective_tls_level(DSN_BUF *why, SMTP_STATE *state)
if (TLS_MUST_MATCH(tls->level) == 0) {
dsb_simple(why, "5.7.10", "Sender requires a TLS server "
"certificate match, but the configured %s TLS "
"security level (%s) does not support that",
var_mail_name, str_tls_level(tls->level));
"security level '%s' does not support that. "
"The last attempted server was %s",
var_mail_name, str_tls_level(tls->level),
STR(iter->host));
return (0);
}
}

3
postfix/src/smtp/smtp_proto.c
View File

@ -665,7 +665,8 @@ int smtp_helo(SMTP_STATE *state)
*/
if ((session->features & SMTP_FEATURE_SMTPUTF8) == 0
&& DELIVERY_REQUIRES_SMTPUTF8)
return (smtp_mesg_fail(state, DSN_BY_LOCAL_MTA,
return (smtp_misc_fail(state, SMTP_MISC_FAIL_SOFT_NON_FINAL,
DSN_BY_LOCAL_MTA,
SMTP_RESP_FAKE(&fake, "5.6.7"),
"SMTPUTF8 is required, "
"but was not offered by host %s",

16
postfix/src/util/Makefile.in
View File

@ -1391,6 +1391,14 @@ cidr_match.o: stringops.h
cidr_match.o: sys_defs.h
cidr_match.o: vbuf.h
cidr_match.o: vstring.h
clean_ascii_cntrl_space.o: check_arg.h
clean_ascii_cntrl_space.o: clean_ascii_cntrl_space.c
clean_ascii_cntrl_space.o: clean_ascii_cntrl_space.h
clean_ascii_cntrl_space.o: stringops.h
clean_ascii_cntrl_space.o: sys_defs.h
clean_ascii_cntrl_space.o: vbuf.h
clean_ascii_cntrl_space.o: vstream.h
clean_ascii_cntrl_space.o: vstring.h
clean_env.o: argv.h
clean_env.o: check_arg.h
clean_env.o: clean_env.c
@ -2837,14 +2845,6 @@ trimblanks.o: sys_defs.h
trimblanks.o: trimblanks.c
trimblanks.o: vbuf.h
trimblanks.o: vstring.h
clean_ascii_cntrl_space.o: check_arg.h
clean_ascii_cntrl_space.o: stringops.h
clean_ascii_cntrl_space.o: sys_defs.h
clean_ascii_cntrl_space.o: clean_ascii_cntrl_space.c
clean_ascii_cntrl_space.o: clean_ascii_cntrl_space.h
clean_ascii_cntrl_space.o: vbuf.h
clean_ascii_cntrl_space.o: vstream.h
clean_ascii_cntrl_space.o: vstring.h
unescape.o: check_arg.h
unescape.o: stringops.h
unescape.o: sys_defs.h