mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-28 12:48:01 +00:00
Code Issues Releases Wiki Activity

postfix-2.4-20061224

Browse Source
This commit is contained in:
Wietse Venema 2006-12-24 00:00:00 -05:00 committed by Viktor Dukhovni
parent aa829595a8
commit 42dbfa896e
13 changed files with 97 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
postfix/HISTORY
View File

@ -12816,9 +12816,6 @@ Apologies for any names omitted.
20061106
The following is implemented using snapshot 20061019 as the
code base.
Feature: new retry delivery agent, to avoid the synchronous
defer service client in the queue manager. This code is
co-located with the error(8) server. File: error/error.c.
@ -12987,11 +12984,11 @@ Apologies for any names omitted.
20061211
When doing server access control by the TLS client fingerprint,
do not require client certificate verification. Victor
Duchovni. File: smtpd/smtpd_check.c.
Cleanup: when doing server access control by the remote TLS
client fingerprint, do not require client certificate
verification. Victor Duchovni. File: smtpd/smtpd_check.c.
When the remote SMTP client certificate isn't verified,
Safety: when the remote TLS client certificate isn't verified,
don't send ccert_subject and ccert_issuer attributes in
check_policy_service requests. Victor Duchovni. File:
smtpd/smtpd_check.c.
@ -13045,6 +13042,11 @@ Apologies for any names omitted.
N+M) could work as if (N, N) had been specified. Problem
reported by Mark Martinec. File: milter/milter8.c.
20061221
Feature: time unit suffix support in _command_time_limit.
Files: pipe/pipe.c, spawn/spawn.c.
Wish list:
Update MILTER_README with Martinec info.

5
postfix/README_FILES/FILTER_README
View File

@ -331,6 +331,7 @@ the Postfix master.cf file:
scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o smtp_generic_maps=
* This runs up to 10 content filters in parallel. Instead of a limit of 10
concurrent processes, use whatever process limit is feasible for your
@ -349,6 +350,10 @@ the Postfix master.cf file:
because some SMTP-based content filters don't announce 8BITMIME support,
even though they can handle it just fine.
* The "-o smtp_generic_maps=" is a workaround that prevents local address
rewriting with generic(5) maps. Such rewriting should happen only when mail
is sent out to the Internet.
AAddvvaanncceedd ccoonntteenntt ffiilltteerr:: rruunnnniinngg tthhee ccoonntteenntt ffiilltteerr
The content filter can be set up with the Postfix spawn service, which is the

14
postfix/RELEASE_NOTES
View File

@ -32,6 +32,20 @@ More precise queue flushing with the ETRN, "postqueue -s site", and
New per-queue-file flushing with "postqueue -i queueid" and "sendmail
-qIqueueid".
Incompatible changes with Postfix snapshot 20061214
===================================================
The check_smtpd_policy client sends TLS certificate attributes
(client ccert_subject, ccert_issuer) only after successful client
certificate verification. The reason is that the certification
verification status itself is not available in the policy request.
The check_smtpd_policy client sends TLS certificate fingerprint
information even when the certificate itself was not verified.
The remote SMTP client TLS certificate fingerprint can be used for
access control even when the certificate itself was not verified.
Incompatible changes with Postfix snapshot 20061209
===================================================

5
postfix/html/FILTER_README.html
View File

@ -616,6 +616,7 @@ how one would set up the service in the Postfix <a href="master.5.html">master.c
scan unix - - n - 10 smtp
-o <a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a>=yes
-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes
-o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=
</pre>
</blockquote>
@ -639,6 +640,10 @@ that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
<li> <p> The "-o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=" is a workaround that prevents
local address rewriting with <a href="generic.5.html">generic(5)</a> maps. Such rewriting should
happen only when mail is sent out to the Internet. </p>
</ul>
<h3>Advanced content filter: running the content filter</h3>

33
postfix/html/pipe.8.html
View File

@ -373,22 +373,27 @@ PIPE(8) PIPE(8)
for delivery via the named <i>transport</i>. The limit is
enforced by the pipe delivery agent.
Postfix 2.4 and later support a suffix that speci-
fies the time unit: s (seconds), m (minutes), h
(hours), d (days), w (weeks). The default time unit
is seconds.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal
The maximal number of digits after the decimal
point when logging sub-second delay values.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a Postfix
The list of environment variables that a Postfix
process will export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
@ -400,24 +405,24 @@ PIPE(8) PIPE(8)
and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The maximal number of connection requests before a
The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon
The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
@ -428,8 +433,8 @@ PIPE(8) PIPE(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
@ -441,7 +446,7 @@ PIPE(8) PIPE(8)
syslogd(8), system logging
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

31
postfix/html/spawn.8.html
View File

@ -81,18 +81,23 @@ SPAWN(8) SPAWN(8)
The amount of time the command is allowed to run
before it is terminated.
Postfix 2.4 and later support a suffix that speci-
fies the time unit: s (seconds), m (minutes), h
(hours), d (days), w (weeks). The default time unit
is seconds.
<b>MISCELLANEOUS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a Postfix
The list of environment variables that a Postfix
process will export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
@ -104,32 +109,32 @@ SPAWN(8) SPAWN(8)
and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The maximal number of connection requests before a
The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon
The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
@ -138,7 +143,7 @@ SPAWN(8) SPAWN(8)
syslogd(8), system logging
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

4
postfix/man/man8/pipe.8
View File

@ -323,6 +323,10 @@ The limit is enforced by the Postfix queue manager.
Limit the time for delivery to external command, for delivery via
the named \fItransport\fR.
The limit is enforced by the pipe delivery agent.
Postfix 2.4 and later support a suffix that specifies the
time unit: s (seconds), m (minutes), h (hours), d (days),
w (weeks). The default time unit is seconds.
.SH "MISCELLANEOUS CONTROLS"
.na
.nf

4
postfix/man/man8/spawn.8
View File

@ -87,6 +87,10 @@ in the \fBmaster.cf\fR file.
.IP "\fItransport\fB_time_limit ($command_time_limit)\fR"
The amount of time the command is allowed to run before it is
terminated.
Postfix 2.4 and later support a suffix that specifies the
time unit: s (seconds), m (minutes), h (hours), d (days),
w (weeks). The default time unit is seconds.
.SH "MISCELLANEOUS"
.na
.nf

5
postfix/proto/FILTER_README.html
View File

@ -616,6 +616,7 @@ how one would set up the service in the Postfix master.cf file:
scan unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o disable_mime_output_conversion=yes
-o smtp_generic_maps=
</pre>
</blockquote>
@ -639,6 +640,10 @@ that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
<li> <p> The "-o smtp_generic_maps=" is a workaround that prevents
local address rewriting with generic(5) maps. Such rewriting should
happen only when mail is sent out to the Internet. </p>
</ul>
<h3>Advanced content filter: running the content filter</h3>

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20061221"
#define MAIL_RELEASE_DATE "20061224"
#define MAIL_VERSION_NUMBER "2.4"
#ifdef SNAPSHOT

25
postfix/src/milter/milter8.c
View File

@ -143,12 +143,6 @@
#define SMFIR_REPLYCODE 'y' /* reply code etc */
#define SMFIR_QUARANTINE 'q' /* quarantine */
/* Introduced with Sendmail 8.14. */
#define SMFIR_ADDRCPT_PAR '2' /* add recipient (incl. ESMTP args) */
#define SMFIR_CHGFROM 'e' /* change envelope sender (from) */
#define SMFIR_SETSYMLIST 'l' /* set list of symbols (macros) */
#define SMFIR_SKIP 's' /* skip */
/*
* Commands that the filter does not want to receive, and replies that the
* filter will not send.
@ -160,23 +154,10 @@
#define SMFIP_NOBODY (1L<<4) /* MTA should not send body */
#define SMFIP_NOHDRS (1L<<5) /* MTA should not send headers */
#define SMFIP_NOEOH (1L<<6) /* MTA should not send EOH */
#define SMFIP_NR_HDR (1L<<7) /* filter will not reply per header */
#define SMFIP_NOHREPL SMFIP_NR_HDR
#define SMFIP_NOHREPL (1L<<7) /* filter will not reply per header */
#define SMFIP_NOUNKNOWN (1L<<8) /* MTA should not send unknown cmd */
#define SMFIP_NODATA (1L<<9) /* MTA should not send DATA */
/* Introduced with Sendmail 8.14. */
#define SMFIP_SKIP 0x00000400L /* MTA understands SMFIS_SKIP */
#define SMFIP_RCPT_REJ 0x00000800L /* MTA should send rejected RCPTs */
#define SMFIP_NR_CONN 0x00001000L /* No reply for connect */
#define SMFIP_NR_HELO 0x00002000L /* No reply for HELO */
#define SMFIP_NR_MAIL 0x00004000L /* No reply for MAIL */
#define SMFIP_NR_RCPT 0x00008000L /* No reply for RCPT */
#define SMFIP_NR_DATA 0x00010000L /* No reply for DATA */
#define SMFIP_NR_UNKN 0x00020000L /* No reply for UNKN */
#define SMFIP_NR_EOH 0x00040000L /* No reply for eoh */
#define SMFIP_NR_BODY 0x00080000L /* No reply for body chunk */
/*
* Modifications that the filter may request at the end of the message body.
*/
@ -589,10 +570,10 @@ static int vmilter8_read_data(MILTER8 *milter, ssize_t data_len, va_list ap)
break;
/*
* Raw on-the-wire format.
* Raw on-the-wire format, without explicit null terminator.
*/
case MILTER8_DATA_BUFFER:
if (data_left < 1) {
if (data_left < 0) {
msg_warn("milter %s: no data in input packet", milter->m.name);
return (milter8_comm_error(milter));
}

6
postfix/src/pipe/pipe.c
View File

@ -303,6 +303,10 @@
/* Limit the time for delivery to external command, for delivery via
/* the named \fItransport\fR.
/* The limit is enforced by the pipe delivery agent.
/*
/* Postfix 2.4 and later support a suffix that specifies the
/* time unit: s (seconds), m (minutes), h (hours), d (days),
/* w (weeks). The default time unit is seconds.
/* MISCELLANEOUS CONTROLS
/* .ad
/* .fi
@ -714,7 +718,7 @@ static void get_service_params(PIPE_PARAMS *config, char *service)
* Figure out the command time limit for this transport.
*/
config->time_limit =
get_mail_conf_int2(service, "_time_limit", var_command_maxtime, 1, 0);
get_mail_conf_time2(service, "_time_limit", var_command_maxtime, 's', 1, 0);
/*
* Give the poor tester a clue of what is going on.

6
postfix/src/spawn/spawn.c
View File

@ -69,6 +69,10 @@
/* .IP "\fItransport\fB_time_limit ($command_time_limit)\fR"
/* The amount of time the command is allowed to run before it is
/* terminated.
/*
/* Postfix 2.4 and later support a suffix that specifies the
/* time unit: s (seconds), m (minutes), h (hours), d (days),
/* w (weeks). The default time unit is seconds.
/* MISCELLANEOUS
/* .ad
/* .fi
@ -190,7 +194,7 @@ static void get_service_attr(SPAWN_ATTR *attr, char *service, char **argv)
* Figure out the command time limit for this transport.
*/
attr->time_limit =
get_mail_conf_int2(service, "_time_limit", var_command_maxtime, 1, 0);
get_mail_conf_time2(service, "_time_limit", var_command_maxtime, 's', 1, 0);
/*
* Iterate over the command-line attribute list.