mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-28 20:57:56 +00:00
Code Issues Releases Wiki Activity

postfix-2.4-20061224

Browse Source
This commit is contained in:
Wietse Venema 2006-12-24 00:00:00 -05:00 committed by Viktor Dukhovni
parent aa829595a8
commit 42dbfa896e
13 changed files with 97 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
postfix/HISTORY
View File

@ -12816,9 +12816,6 @@ Apologies for any names omitted.
20061106 20061106
The following is implemented using snapshot 20061019 as the
code base.
Feature: new retry delivery agent, to avoid the synchronous Feature: new retry delivery agent, to avoid the synchronous
defer service client in the queue manager. This code is defer service client in the queue manager. This code is
co-located with the error(8) server. File: error/error.c. co-located with the error(8) server. File: error/error.c.
@ -12987,11 +12984,11 @@ Apologies for any names omitted.
20061211 20061211
When doing server access control by the TLS client fingerprint, Cleanup: when doing server access control by the remote TLS
do not require client certificate verification. Victor client fingerprint, do not require client certificate
Duchovni. File: smtpd/smtpd_check.c. verification. Victor Duchovni. File: smtpd/smtpd_check.c.
When the remote SMTP client certificate isn't verified, Safety: when the remote TLS client certificate isn't verified,
don't send ccert_subject and ccert_issuer attributes in don't send ccert_subject and ccert_issuer attributes in
check_policy_service requests. Victor Duchovni. File: check_policy_service requests. Victor Duchovni. File:
smtpd/smtpd_check.c. smtpd/smtpd_check.c.
@ -13045,6 +13042,11 @@ Apologies for any names omitted.
N+M) could work as if (N, N) had been specified. Problem N+M) could work as if (N, N) had been specified. Problem
reported by Mark Martinec. File: milter/milter8.c. reported by Mark Martinec. File: milter/milter8.c.
20061221
Feature: time unit suffix support in _command_time_limit.
Files: pipe/pipe.c, spawn/spawn.c.
Wish list: Wish list:
Update MILTER_README with Martinec info. Update MILTER_README with Martinec info.

5
postfix/README_FILES/FILTER_README
View File

@ -331,6 +331,7 @@ the Postfix master.cf file:
scan unix - - n - 10 smtp scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes -o disable_mime_output_conversion=yes
-o smtp_generic_maps=
* This runs up to 10 content filters in parallel. Instead of a limit of 10 * This runs up to 10 content filters in parallel. Instead of a limit of 10
concurrent processes, use whatever process limit is feasible for your concurrent processes, use whatever process limit is feasible for your
@ -349,6 +350,10 @@ the Postfix master.cf file:
because some SMTP-based content filters don't announce 8BITMIME support, because some SMTP-based content filters don't announce 8BITMIME support,
even though they can handle it just fine. even though they can handle it just fine.
* The "-o smtp_generic_maps=" is a workaround that prevents local address
rewriting with generic(5) maps. Such rewriting should happen only when mail
is sent out to the Internet.
AAddvvaanncceedd ccoonntteenntt ffiilltteerr:: rruunnnniinngg tthhee ccoonntteenntt ffiilltteerr AAddvvaanncceedd ccoonntteenntt ffiilltteerr:: rruunnnniinngg tthhee ccoonntteenntt ffiilltteerr
The content filter can be set up with the Postfix spawn service, which is the The content filter can be set up with the Postfix spawn service, which is the

14
postfix/RELEASE_NOTES
View File

@ -32,6 +32,20 @@ More precise queue flushing with the ETRN, "postqueue -s site", and
New per-queue-file flushing with "postqueue -i queueid" and "sendmail New per-queue-file flushing with "postqueue -i queueid" and "sendmail
-qIqueueid". -qIqueueid".
Incompatible changes with Postfix snapshot 20061214
===================================================
The check_smtpd_policy client sends TLS certificate attributes
(client ccert_subject, ccert_issuer) only after successful client
certificate verification. The reason is that the certification
verification status itself is not available in the policy request.
The check_smtpd_policy client sends TLS certificate fingerprint
information even when the certificate itself was not verified.
The remote SMTP client TLS certificate fingerprint can be used for
access control even when the certificate itself was not verified.
Incompatible changes with Postfix snapshot 20061209 Incompatible changes with Postfix snapshot 20061209
=================================================== ===================================================

5
postfix/html/FILTER_README.html
View File

@ -616,6 +616,7 @@ how one would set up the service in the Postfix <a href="master.5.html">master.c
scan unix - - n - 10 smtp scan unix - - n - 10 smtp
-o <a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a>=yes -o <a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a>=yes
-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes -o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes
-o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=
</pre> </pre>
</blockquote> </blockquote>
@ -639,6 +640,10 @@ that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p> 8BITMIME support, even though they can handle it just fine. </p>
<li> <p> The "-o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=" is a workaround that prevents
local address rewriting with <a href="generic.5.html">generic(5)</a> maps. Such rewriting should
happen only when mail is sent out to the Internet. </p>
</ul> </ul>
<h3>Advanced content filter: running the content filter</h3> <h3>Advanced content filter: running the content filter</h3>

5
postfix/html/pipe.8.html
View File

@ -373,6 +373,11 @@ PIPE(8) PIPE(8)
for delivery via the named <i>transport</i>. The limit is for delivery via the named <i>transport</i>. The limit is
enforced by the pipe delivery agent. enforced by the pipe delivery agent.
Postfix 2.4 and later support a suffix that speci-
fies the time unit: s (seconds), m (minutes), h
(hours), d (days), w (weeks). The default time unit
is seconds.
<b>MISCELLANEOUS CONTROLS</b> <b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and The default location of the Postfix <a href="postconf.5.html">main.cf</a> and

5
postfix/html/spawn.8.html
View File

@ -81,6 +81,11 @@ SPAWN(8) SPAWN(8)
The amount of time the command is allowed to run The amount of time the command is allowed to run
before it is terminated. before it is terminated.
Postfix 2.4 and later support a suffix that speci-
fies the time unit: s (seconds), m (minutes), h
(hours), d (days), w (weeks). The default time unit
is seconds.
<b>MISCELLANEOUS</b> <b>MISCELLANEOUS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and The default location of the Postfix <a href="postconf.5.html">main.cf</a> and

4
postfix/man/man8/pipe.8
View File

@ -323,6 +323,10 @@ The limit is enforced by the Postfix queue manager.
Limit the time for delivery to external command, for delivery via Limit the time for delivery to external command, for delivery via
the named \fItransport\fR. the named \fItransport\fR.
The limit is enforced by the pipe delivery agent. The limit is enforced by the pipe delivery agent.
Postfix 2.4 and later support a suffix that specifies the
time unit: s (seconds), m (minutes), h (hours), d (days),
w (weeks). The default time unit is seconds.
.SH "MISCELLANEOUS CONTROLS" .SH "MISCELLANEOUS CONTROLS"
.na .na
.nf .nf

4
postfix/man/man8/spawn.8
View File

@ -87,6 +87,10 @@ in the \fBmaster.cf\fR file.
.IP "\fItransport\fB_time_limit ($command_time_limit)\fR" .IP "\fItransport\fB_time_limit ($command_time_limit)\fR"
The amount of time the command is allowed to run before it is The amount of time the command is allowed to run before it is
terminated. terminated.
Postfix 2.4 and later support a suffix that specifies the
time unit: s (seconds), m (minutes), h (hours), d (days),
w (weeks). The default time unit is seconds.
.SH "MISCELLANEOUS" .SH "MISCELLANEOUS"
.na .na
.nf .nf

5
postfix/proto/FILTER_README.html
View File

@ -616,6 +616,7 @@ how one would set up the service in the Postfix master.cf file:
scan unix - - n - 10 smtp scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes -o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes -o disable_mime_output_conversion=yes
-o smtp_generic_maps=
</pre> </pre>
</blockquote> </blockquote>
@ -639,6 +640,10 @@ that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p> 8BITMIME support, even though they can handle it just fine. </p>
<li> <p> The "-o smtp_generic_maps=" is a workaround that prevents
local address rewriting with generic(5) maps. Such rewriting should
happen only when mail is sent out to the Internet. </p>
</ul> </ul>
<h3>Advanced content filter: running the content filter</h3> <h3>Advanced content filter: running the content filter</h3>

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20061221" #define MAIL_RELEASE_DATE "20061224"
#define MAIL_VERSION_NUMBER "2.4" #define MAIL_VERSION_NUMBER "2.4"
#ifdef SNAPSHOT #ifdef SNAPSHOT

25
postfix/src/milter/milter8.c
View File

@ -143,12 +143,6 @@
#define SMFIR_REPLYCODE 'y' /* reply code etc */ #define SMFIR_REPLYCODE 'y' /* reply code etc */
#define SMFIR_QUARANTINE 'q' /* quarantine */ #define SMFIR_QUARANTINE 'q' /* quarantine */
/* Introduced with Sendmail 8.14. */
#define SMFIR_ADDRCPT_PAR '2' /* add recipient (incl. ESMTP args) */
#define SMFIR_CHGFROM 'e' /* change envelope sender (from) */
#define SMFIR_SETSYMLIST 'l' /* set list of symbols (macros) */
#define SMFIR_SKIP 's' /* skip */
/* /*
* Commands that the filter does not want to receive, and replies that the * Commands that the filter does not want to receive, and replies that the
* filter will not send. * filter will not send.
@ -160,23 +154,10 @@
#define SMFIP_NOBODY (1L<<4) /* MTA should not send body */ #define SMFIP_NOBODY (1L<<4) /* MTA should not send body */
#define SMFIP_NOHDRS (1L<<5) /* MTA should not send headers */ #define SMFIP_NOHDRS (1L<<5) /* MTA should not send headers */
#define SMFIP_NOEOH (1L<<6) /* MTA should not send EOH */ #define SMFIP_NOEOH (1L<<6) /* MTA should not send EOH */
#define SMFIP_NR_HDR (1L<<7) /* filter will not reply per header */ #define SMFIP_NOHREPL (1L<<7) /* filter will not reply per header */
#define SMFIP_NOHREPL SMFIP_NR_HDR
#define SMFIP_NOUNKNOWN (1L<<8) /* MTA should not send unknown cmd */ #define SMFIP_NOUNKNOWN (1L<<8) /* MTA should not send unknown cmd */
#define SMFIP_NODATA (1L<<9) /* MTA should not send DATA */ #define SMFIP_NODATA (1L<<9) /* MTA should not send DATA */
/* Introduced with Sendmail 8.14. */
#define SMFIP_SKIP 0x00000400L /* MTA understands SMFIS_SKIP */
#define SMFIP_RCPT_REJ 0x00000800L /* MTA should send rejected RCPTs */
#define SMFIP_NR_CONN 0x00001000L /* No reply for connect */
#define SMFIP_NR_HELO 0x00002000L /* No reply for HELO */
#define SMFIP_NR_MAIL 0x00004000L /* No reply for MAIL */
#define SMFIP_NR_RCPT 0x00008000L /* No reply for RCPT */
#define SMFIP_NR_DATA 0x00010000L /* No reply for DATA */
#define SMFIP_NR_UNKN 0x00020000L /* No reply for UNKN */
#define SMFIP_NR_EOH 0x00040000L /* No reply for eoh */
#define SMFIP_NR_BODY 0x00080000L /* No reply for body chunk */
/* /*
* Modifications that the filter may request at the end of the message body. * Modifications that the filter may request at the end of the message body.
*/ */
@ -589,10 +570,10 @@ static int vmilter8_read_data(MILTER8 *milter, ssize_t data_len, va_list ap)
break; break;
/* /*
* Raw on-the-wire format. * Raw on-the-wire format, without explicit null terminator.
*/ */
case MILTER8_DATA_BUFFER: case MILTER8_DATA_BUFFER:
if (data_left < 1) { if (data_left < 0) {
msg_warn("milter %s: no data in input packet", milter->m.name); msg_warn("milter %s: no data in input packet", milter->m.name);
return (milter8_comm_error(milter)); return (milter8_comm_error(milter));
} }

6
postfix/src/pipe/pipe.c
View File

@ -303,6 +303,10 @@
/* Limit the time for delivery to external command, for delivery via /* Limit the time for delivery to external command, for delivery via
/* the named \fItransport\fR. /* the named \fItransport\fR.
/* The limit is enforced by the pipe delivery agent. /* The limit is enforced by the pipe delivery agent.
/*
/* Postfix 2.4 and later support a suffix that specifies the
/* time unit: s (seconds), m (minutes), h (hours), d (days),
/* w (weeks). The default time unit is seconds.
/* MISCELLANEOUS CONTROLS /* MISCELLANEOUS CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -714,7 +718,7 @@ static void get_service_params(PIPE_PARAMS *config, char *service)
* Figure out the command time limit for this transport. * Figure out the command time limit for this transport.
*/ */
config->time_limit = config->time_limit =
get_mail_conf_int2(service, "_time_limit", var_command_maxtime, 1, 0); get_mail_conf_time2(service, "_time_limit", var_command_maxtime, 's', 1, 0);
/* /*
* Give the poor tester a clue of what is going on. * Give the poor tester a clue of what is going on.

6
postfix/src/spawn/spawn.c
View File

@ -69,6 +69,10 @@
/* .IP "\fItransport\fB_time_limit ($command_time_limit)\fR" /* .IP "\fItransport\fB_time_limit ($command_time_limit)\fR"
/* The amount of time the command is allowed to run before it is /* The amount of time the command is allowed to run before it is
/* terminated. /* terminated.
/*
/* Postfix 2.4 and later support a suffix that specifies the
/* time unit: s (seconds), m (minutes), h (hours), d (days),
/* w (weeks). The default time unit is seconds.
/* MISCELLANEOUS /* MISCELLANEOUS
/* .ad /* .ad
/* .fi /* .fi
@ -190,7 +194,7 @@ static void get_service_attr(SPAWN_ATTR *attr, char *service, char **argv)
* Figure out the command time limit for this transport. * Figure out the command time limit for this transport.
*/ */
attr->time_limit = attr->time_limit =
get_mail_conf_int2(service, "_time_limit", var_command_maxtime, 1, 0); get_mail_conf_time2(service, "_time_limit", var_command_maxtime, 's', 1, 0);
/* /*
* Iterate over the command-line attribute list. * Iterate over the command-line attribute list.