diff --git a/postfix/HISTORY b/postfix/HISTORY index bd1c669c7..9efee19b0 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -6228,6 +6228,101 @@ Apologies for any names omitted. stripping in postqueue/postqueue.c. Problem reported by Victor Duchovni, Morgan Stanley. +20020402 + + Workaround: recognize more headers that are sent instead + of SMTP commands. File: smtpd/smtpd.c. + +20020413 + + Feature: new pipe delivery agent "D" flag to prepend a + Delivered-To: message header. This requires single recipient + deliveries. Based on code by Matthias Andree. File: + pipe/pipe.c. + +20020414 + + Portability: Postfix will no longer attempt to build with + gdbm support, because gdbm is broken. File: makedefs. + +20020415 + + Cleanup: the attribute list IPC code did not distinguish + between "disconnect" and "timeout" while reading an attribute + list, making trouble shooting more difficult than necessary. + Files: util/attr_scan0.c, util/attr_scan64.c. + + Cleanup: install parameter defaults can now be overruled + from makedefs: sendmail_path, mailq_path, newaliases_path, + command_directory, daemon_directory. Based on code by + Victor Duchovni, Morgan Stanley. File: util/sys_defs.h. + +20020411 + + Cleanup: Use more robust quoting passing makedefs/Makefile + settings. This also simplifies the seven backslashes example + in the INSTALL file. Victor Duchovni, Morgan Stanley. + Files: makedefs, INSTALL. + +20020417 + + Bugfix: the post-install script failed to upgrade master.cf + settings from private to public if the service was explicitly + configured as private. + +20020418 + + Documentation: added CPU saving patterns for quickly skipping + base 64 encoded text in message bodies. Liviu Daia. + Files: {proto,conf}/pcre_table, {proto,conf}/regexp_table, + conf/sample_{regexp,pcre}_body.cf. + +20020426 + + Bugfix: the SMTP client forgot to quote whitespace etc. + in a sender/recipient address when DNS lookup was turned + off (disable_dns_lookups = yes). Problem experienced by + Chip Paswater. Files: smtp/smtp_proto.c. + +20020501 + + Feature: wildcard lookup in transport maps (lookup key + "*"). Code developed with Lamont Jones, HP. + + Feature: a null transport:destination transport map entry + means proceed as if the transport map lookup failed. Code + developed with Lamont Jones, HP. + + Feature: more efficient use of cache memory when a process + opens multiple Berkeley DB tables. Files: util/dict_db.c, + global/mkmap_db.c. Victor Duchovni, Morgan Stanley. + +20020503 + + Cleanup: postqueue silently ignored command-line arguments + following -p or -f options, instead of complaining; postqueue + produced an incorrect error message (mail system down) when + the command was installed with incorrect privileges. File: + postqueue/postqueue.c. + + Bugfix: while reporting a domain name or IP address syntax + error, postqueue could dereference a dangling pointer with + some getopt() implementations. LaMont Jones, HP. File: + postqueue/postqueue.c. + + Safety: postalias and postmap now drop root privileges + while processing a non-root input file. Thus, the result + should be writable to the source file owner. Specify the + -o option if this is a problem. Files: postmap/postmap.c, + postalias/postalias.c. + + Consistency: just like postmap, postalias now copies file + permissions from the source file when it creates a new + table for the first time. File: postalias/postalias.c. + + Portability: run-time test to avoid GDBM trouble. File: + util/dict_dbm.c. + Open problems: Low: sendmail does not store null command-line recipients. @@ -6252,7 +6347,8 @@ Open problems: Low: generic showq protocol, to allow for more intelligent processing than just mailq. Maybe marry this with postsuper. - Low: default domain for appending to unqualified recipients. + Low: default domain for appending to unqualified recipients, + so that unqualified names can be delivered locally. Low: The $process_id_directory setting is not used anywhere in Postfix. Problem reported by Michael Smith, texas.net. diff --git a/postfix/INSTALL b/postfix/INSTALL index b3e3b246f..ac9334f26 100644 --- a/postfix/INSTALL +++ b/postfix/INSTALL @@ -135,10 +135,20 @@ and so on. In some cases, optimization is turned off automatically. In order to build with non-default settings, for example, with a configuration directory other than /etc/postfix, use: - % make makefiles CCARGS=-DDEF_CONFIG_DIR=\\\\\\\"/some/where\\\\\\\" + % make makefiles CCARGS='-DDEF_CONFIG_DIR=\"/some/where\"' % make -That's seven backslashes :-) But at least this works with sh and csh. +Be sure to get the quotes right. These details matter a lot. + +Other parameters whose defaults can be specified in this way are: + + Macro name default value for + ------------------------------------- + DEF_COMMAND_DIR command_directory + DEF_DAEMON_DIR daemon_directory + DEF_SENDMAIL_PATH sendmail_path + DEF_MAILQ_PATH mailq_path + DEF_NEWALIAS_PATH newaliases_path In order to build Postfix for very large applications, where you expect to run more than 1000 delivery processes, you may need to @@ -209,16 +219,22 @@ In order to install or upgrade Postfix: postfix:*:12345:12345:postfix:/no/where:/no/shell + Note: there should be no whitespace before "postfix:". + - Make sure there is a corresponding alias in /etc/aliases: postfix: root + Note: there should be no whitespace before "postfix:". + - Create a group "postdrop" with a group id that is not used by any other user account. Not even by the postfix user account. My group file entry looks like: postdrop:*:54321: + Note: there should be no whitespace before "postdrop:". + NB: this group was optional with older Postfix releases; it is now required. @@ -285,7 +301,7 @@ In order to inspect the mail queue, use % sendmail -bp -See also the "Care and feeding" section 13 below. +See also the "Care and feeding" section 12 below. 8 - Configuring Postfix to send and receive mail (virtual interface) ==================================================================== @@ -327,7 +343,7 @@ In order to inspect the mail queue, use % sendmail -bp -See also the "Care and feeding" section 13 below. +See also the "Care and feeding" section 12 below. 9 - Turning off sendmail forever ================================ @@ -357,7 +373,7 @@ and watch the syslog file for any complaints from the mail system. Typical logfile names are: /var/log/maillog or /var/log/syslog. See /etc/syslog.conf for actual logfile names. -See also the "Care and feeding" section 13 below. +See also the "Care and feeding" section 12 below. 10 - Mandatory configuration file edits ======================================= diff --git a/postfix/Makefile.in b/postfix/Makefile.in index 429d62f1c..a8fff873e 100644 --- a/postfix/Makefile.in +++ b/postfix/Makefile.in @@ -1,6 +1,6 @@ SHELL = /bin/sh WARN = -Wmissing-prototypes -Wformat -OPTS = "CC=$(CC)" +OPTS = 'CC=$(CC)' DIRS = src/util src/global src/dns src/master src/postfix src/smtpstone \ src/sendmail src/error src/pickup src/cleanup src/smtpd src/local \ src/lmtp src/trivial-rewrite src/qmgr src/smtp src/bounce src/pipe \ diff --git a/postfix/conf/pcre_table b/postfix/conf/pcre_table index ebedffe48..423a31768 100644 --- a/postfix/conf/pcre_table +++ b/postfix/conf/pcre_table @@ -1,4 +1,3 @@ -# # PCRE_TABLE(5) PCRE_TABLE(5) # # NAME @@ -80,6 +79,13 @@ # /^Subject: make money fast/ REJECT # /^To: friend@public\.com/ REJECT # +# EXAMPLE BODY FILTER MAP +# # First skip over base 64 encoded text to save CPU cycles. +# # Requires PCRE version 3. +# ~^[[:alnum:]+/]{60,}$~ OK +# +# # Put your own body patterns here. +# # SEE ALSO # regexp_table(5) format of POSIX regular expression tables # @@ -97,5 +103,4 @@ # P.O. Box 704 # Yorktown Heights, NY 10598, USA # -# 1 -# +# PCRE_TABLE(5) diff --git a/postfix/conf/post-install b/postfix/conf/post-install index 3feeb4a2e..4fd59c312 100644 --- a/postfix/conf/post-install +++ b/postfix/conf/post-install @@ -487,12 +487,12 @@ EOF for name in cleanup flush do - grep "^$name[ ]*unix[ ]*-" \ + grep "^$name[ ]*unix[ ]*[-y]" \ $config_directory/master.cf >/dev/null && { echo Editing $config_directory/master.cf, making the $name service public ed $config_directory/master.cf <restriction... - Apply the named UCE restriction(s) (permit, reject, + Apply the named UCE restriction(s) (permit, reject, reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES diff --git a/postfix/html/flush.8.html b/postfix/html/flush.8.html index 93223e406..97aefe42a 100644 --- a/postfix/html/flush.8.html +++ b/postfix/html/flush.8.html @@ -1,5 +1,4 @@ 
-
 FLUSH(8)                                                 FLUSH(8)
 
 NAME
@@ -156,6 +155,5 @@ FLUSH(8)                                                 FLUSH(8)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                         FLUSH(8)
diff --git a/postfix/html/pcre_table.5.html b/postfix/html/pcre_table.5.html index 55d1e7148..29111019c 100644 --- a/postfix/html/pcre_table.5.html +++ b/postfix/html/pcre_table.5.html @@ -1,5 +1,4 @@ 
-
 PCRE_TABLE(5)                                       PCRE_TABLE(5)
 
 NAME
@@ -81,6 +80,13 @@ PCRE_TABLE(5)                                       PCRE_TABLE(5)
        /^Subject: make money fast/     REJECT
        /^To: friend@public\.com/       REJECT
 
+EXAMPLE BODY FILTER MAP
+       # First skip over base 64 encoded text to save CPU cycles.
+       # Requires PCRE version 3.
+       ~^[[:alnum:]+/]{60,}$~          OK
+
+       # Put your own body patterns here.
+
 SEE ALSO
        regexp_table(5) format of POSIX regular expression tables
 
@@ -98,6 +104,5 @@ PCRE_TABLE(5)                                       PCRE_TABLE(5)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                    PCRE_TABLE(5)
diff --git a/postfix/html/pickup.8.html b/postfix/html/pickup.8.html index 428f0e187..dfd20d5d7 100644 --- a/postfix/html/pickup.8.html +++ b/postfix/html/pickup.8.html @@ -1,5 +1,4 @@ 
-
 PICKUP(8)                                               PICKUP(8)
 
 NAME
@@ -80,6 +79,5 @@ PICKUP(8)                                               PICKUP(8)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                        PICKUP(8)
diff --git a/postfix/html/pipe.8.html b/postfix/html/pipe.8.html index 372fce1b6..46f3cc5db 100644 --- a/postfix/html/pipe.8.html +++ b/postfix/html/pipe.8.html @@ -1,5 +1,4 @@ 
-
 PIPE(8)                                                   PIPE(8)
 
 NAME
@@ -44,7 +43,7 @@ PIPE(8)                                                   PIPE(8)
        file at the end of a service definition.  The syntax is as
        follows:
 
-       flags=BFRhqu.> (optional)
+       flags=BDFRhqu.> (optional)
               Optional message processing flags.  By  default,  a
               message is copied unchanged.
 
@@ -53,43 +52,48 @@ PIPE(8)                                                   PIPE(8)
                      agents  that  recognize  "From  " lines only
                      when preceded by a blank line.
 
-              F      Prepend a "From sender time_stamp"  envelope
-                     header  to  the  message  content.   This is
+              D      Prepend a "Delivered-To: recipient"  message
+                     header  with the envelope recipient address.
+                     Note: for this to work, the transport_desti-
+                     nation_recipient_limit must be 1.
+
+              F      Prepend  a "From sender time_stamp" envelope
+                     header to  the  message  content.   This  is
                      expected by, for example, UUCP software.
 
-              R      Prepend a Return-Path: message  header  with
+              R      Prepend  a  Return-Path: message header with
                      the envelope sender address.
 
               h      Fold the command-line $recipient domain name
-                     and $nexthop host name to lower case.   This
+                     and  $nexthop host name to lower case.  This
                      is recommended for delivery via UUCP.
 
-              q      Quote  white space and other special charac-
+              q      Quote white space and other special  charac-
                      ters in the command-line $sender and $recip-
                      ient address localparts (text to the left of
                      the right-most @ character), according to an
-                     8-bit  transparent version of RFC 822.  This
-                     is recommended  for  delivery  via  UUCP  or
+                     8-bit transparent version of RFC 822.   This
+                     is  recommended  for  delivery  via  UUCP or
                      BSMTP.
 
-                     The  result  is  compatible with the address
-                     parsing of command-line  recipients  by  the
+                     The result is compatible  with  the  address
+                     parsing  of  command-line  recipients by the
                      Postfix sendmail mail submission command.
 
-                     The  q  flag  affects only entire addresses,
+                     The q flag affects  only  entire  addresses,
                      not the partial address information from the
-                     $user,  $extension  or $mailbox command-line
+                     $user, $extension or  $mailbox  command-line
                      macros.
 
               u      Fold  the  command-line  $recipient  address
-                     localpart  (text  to  the left of the right-
-                     most @ character) to lower  case.   This  is
+                     localpart (text to the left  of  the  right-
+                     most  @  character)  to lower case.  This is
                      recommended for delivery via UUCP.
 
-              .      Prepend  .  to lines starting with ".". This
+              .      Prepend . to lines starting with  ".".  This
                      is needed by, for example, BSMTP software.
 
-              >      Prepend > to lines starting  with  "From  ".
+              >      Prepend  >  to  lines starting with "From ".
                      This is expected by, for example, UUCP soft-
                      ware.
 
@@ -97,16 +101,16 @@ PIPE(8)                                                   PIPE(8)
 
        user=username:groupname
               The external command is executed with the rights of
-              the  specified  username.   The software refuses to
-              execute commands with root privileges, or with  the
-              privileges  of  the mail system owner. If groupname
-              is specified, the corresponding group  ID  is  used
+              the specified username.  The  software  refuses  to
+              execute  commands with root privileges, or with the
+              privileges of the mail system owner.  If  groupname
+              is  specified,  the  corresponding group ID is used
               instead of the group ID of username.
 
        eol=string (default: \n)
-              The  output  record  delimiter. Typically one would
-              use either \r\n or \n. The usual C-style  backslash
-              escape  sequences are recognized: \a \b \f \n \r \t
+              The output record delimiter.  Typically  one  would
+              use  either \r\n or \n. The usual C-style backslash
+              escape sequences are recognized: \a \b \f \n \r  \t
               \v \octal and \\.
 
        size=size_limit (optional)
@@ -114,107 +118,107 @@ PIPE(8)                                                   PIPE(8)
               will be bounced back to the sender.
 
        argv=command... (required)
-              The  command to be executed. This must be specified
+              The command to be executed. This must be  specified
               as the last command attribute.  The command is exe-
               cuted  directly,  i.e.  without  interpretation  of
-              shell meta characters by  a  shell  command  inter-
+              shell  meta  characters  by  a shell command inter-
               preter.
 
               In  the  command  argument  vector,  the  following
               macros are recognized and replaced with correspond-
-              ing  information  from  the  Postfix  queue manager
+              ing information  from  the  Postfix  queue  manager
               delivery request:
 
               ${extension}
-                     This macro expands to the extension part  of
-                     a  recipient  address.  For example, with an
+                     This  macro expands to the extension part of
+                     a recipient address.  For example,  with  an
                      address  user+foo@domain  the  extension  is
                      foo.
 
-                     A   command-line   argument   that  contains
-                     ${extension} expands into as  many  command-
+                     A  command-line   argument   that   contains
+                     ${extension}  expands  into as many command-
                      line arguments as there are recipients.
 
-                     This  information  is modified by the u flag
+                     This information is modified by the  u  flag
                      for case folding.
 
               ${mailbox}
-                     This macro expands  to  the  complete  local
-                     part  of  a recipient address.  For example,
-                     with an address user+foo@domain the  mailbox
+                     This  macro  expands  to  the complete local
+                     part of a recipient address.   For  example,
+                     with  an address user+foo@domain the mailbox
                      is user+foo.
 
-                     A   command-line   argument   that  contains
+                     A  command-line   argument   that   contains
                      ${mailbox} expands into as many command-line
                      arguments as there are recipients.
 
-                     This  information  is modified by the u flag
+                     This information is modified by the  u  flag
                      for case folding.
 
               ${nexthop}
                      This macro expands to the next-hop hostname.
 
-                     This  information  is modified by the h flag
+                     This information is modified by the  h  flag
                      for case folding.
 
               ${recipient}
                      This macro expands to the complete recipient
                      address.
 
-                     A   command-line   argument   that  contains
-                     ${recipient} expands into as  many  command-
+                     A  command-line   argument   that   contains
+                     ${recipient}  expands  into as many command-
                      line arguments as there are recipients.
 
-                     This  information  is  modified  by  the hqu
+                     This information  is  modified  by  the  hqu
                      flags for quoting and case folding.
 
               ${sender}
-                     This macro expands to  the  envelope  sender
+                     This  macro  expands  to the envelope sender
                      address.
 
-                     This  information  is modified by the q flag
+                     This information is modified by the  q  flag
                      for quoting.
 
               ${size}
-                     This macro expands to Postfix's idea of  the
-                     message  size,  which is an approximation of
+                     This  macro expands to Postfix's idea of the
+                     message size, which is an  approximation  of
                      the size of the message as delivered.
 
               ${user}
                      This macro expands to the username part of a
-                     recipient  address.   For  example,  with an
+                     recipient address.   For  example,  with  an
                      address user+foo@domain the username part is
                      user.
 
-                     A   command-line   argument   that  contains
-                     ${user} expands into  as  many  command-line
+                     A  command-line   argument   that   contains
+                     ${user}  expands  into  as many command-line
                      arguments as there are recipients.
 
-                     This  information  is modified by the u flag
+                     This information is modified by the  u  flag
                      for case folding.
 
-       In addition to the  form  ${name},  the  forms  $name  and
-       $(name)  are also recognized.  Specify $$ where a single $
+       In  addition  to  the  form  ${name},  the forms $name and
+       $(name) are also recognized.  Specify $$ where a single  $
        is wanted.
 
 DIAGNOSTICS
-       Command exit status codes are expected to follow the  con-
+       Command  exit status codes are expected to follow the con-
        ventions defined in <sysexits.h>.
 
-       Problems  and transactions are logged to syslogd(8).  Cor-
-       rupted message files are marked so that the queue  manager
+       Problems and transactions are logged to syslogd(8).   Cor-
+       rupted  message files are marked so that the queue manager
        can move them to the corrupt queue for further inspection.
 
 SECURITY
-       This program needs a dual personality  1)  to  access  the
-       private  Postfix  queue and IPC mechanisms, and 2) to exe-
+       This  program  needs  a  dual personality 1) to access the
+       private Postfix queue and IPC mechanisms, and 2)  to  exe-
        cute external commands as the specified user. It is there-
        fore security sensitive.
 
 CONFIGURATION PARAMETERS
-       The  following  main.cf parameters are especially relevant
-       to this program. See the Postfix main.cf file  for  syntax
-       details  and  for  default  values. Use the postfix reload
+       The following main.cf parameters are  especially  relevant
+       to  this  program. See the Postfix main.cf file for syntax
+       details and for default values.  Use  the  postfix  reload
        command after a configuration change.
 
 Miscellaneous
@@ -223,32 +227,32 @@ PIPE(8)                                                   PIPE(8)
               exported to non-Postfix processes.
 
        mail_owner
-              The  process  privileges  used while not running an
+              The process privileges used while  not  running  an
               external command.
 
 Resource controls
-       In the text below, transport is the first field in a  mas-
+       In  the text below, transport is the first field in a mas-
        ter.cf entry.
 
        transport_destination_concurrency_limit
               Limit the number of parallel deliveries to the same
-              destination, for delivery via the named  transport.
-              The  default limit is taken from the default_desti-
-              nation_concurrency_limit parameter.  The  limit  is
+              destination,  for delivery via the named transport.
+              The default limit is taken from the  default_desti-
+              nation_concurrency_limit  parameter.   The limit is
               enforced by the Postfix queue manager.
 
        transport_destination_recipient_limit
-              Limit  the  number of recipients per message deliv-
-              ery, for delivery  via  the  named  transport.  The
-              default  limit  is  taken from the default_destina-
-              tion_recipient_limit  parameter.   The   limit   is
+              Limit the number of recipients per  message  deliv-
+              ery,  for  delivery  via  the  named transport. The
+              default limit is taken  from  the  default_destina-
+              tion_recipient_limit   parameter.    The  limit  is
               enforced by the Postfix queue manager.
 
        transport_time_limit
-              Limit  the  time  for delivery to external command,
-              for delivery via the named transport.  The  default
-              limit  is taken from the command_time_limit parame-
-              ter.  The limit is enforced by  the  Postfix  queue
+              Limit the time for delivery  to  external  command,
+              for  delivery  via the named transport. The default
+              limit is taken from the command_time_limit  parame-
+              ter.   The  limit  is enforced by the Postfix queue
               manager.
 
 SEE ALSO
@@ -258,7 +262,7 @@ PIPE(8)                                                   PIPE(8)
        syslogd(8) system logging
 
 LICENSE
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 AUTHOR(S)
@@ -267,6 +271,5 @@ PIPE(8)                                                   PIPE(8)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                          PIPE(8)
diff --git a/postfix/html/postalias.1.html b/postfix/html/postalias.1.html index 75168f09f..0b402dc57 100644 --- a/postfix/html/postalias.1.html +++ b/postfix/html/postalias.1.html @@ -1,12 +1,11 @@ 
-
 POSTALIAS(1)                                         POSTALIAS(1)
 
 NAME
        postalias - Postfix alias database maintenance
 
 SYNOPSIS
-       postalias [-Nfinrvw] [-c config_dir] [-d key] [-q key]
+       postalias [-Nfinorvw] [-c config_dir] [-d key] [-q key]
        [file_type:]file_name ...
 
 DESCRIPTION
@@ -16,6 +15,10 @@ POSTALIAS(1)                                         POSTALIAS(1)
        Sendmail  version  8,  and are expected to be suitable for
        the use as NIS alias maps.
 
+       If the result files do not exist they will be created with
+       the  same  group  and other read permissions as the source
+       file.
+
        While a database update is in progress, signal delivery is
        postponed,  and  an exclusive, advisory, lock is placed on
        the entire database, in order to avoid surprises in  spec-
@@ -55,25 +58,30 @@ POSTALIAS(1)                                         POSTALIAS(1)
               Postfix  does  whatever is the default for the host
               operating system.
 
-       -q key Search the specified maps for  key  and  print  the
-              first  value  found  on the standard output stream.
+       -o     Do not release root privileges  when  processing  a
+              non-root  input  file.  By default, postalias drops
+              root privileges and runs as the source  file  owner
+              instead.
+
+       -q key Search  the  specified  maps  for key and print the
+              first value found on the  standard  output  stream.
               The exit status is zero when the requested informa-
               tion was found.
 
               If a key value of - is specified, the program reads
-              key values  from  the  standard  input  stream  and
-              prints  one  line of key: value output for each key
-              that was found. The exit status  is  zero  when  at
+              key  values  from  the  standard  input  stream and
+              prints one line of key: value output for  each  key
+              that  was  found.  The  exit status is zero when at
               least one of the requested keys was found.
 
-       -r     When  updating a table, do not warn about duplicate
+       -r     When updating a table, do not warn about  duplicate
               entries; silently replace them.
 
        -v     Enable verbose logging for debugging purposes. Mul-
-              tiple  -v  options  make  the software increasingly
+              tiple -v options  make  the  software  increasingly
               verbose.
 
-       -w     When updating a table, do not warn about  duplicate
+       -w     When  updating a table, do not warn about duplicate
               entries; silently ignore them.
 
        Arguments:
@@ -81,35 +89,35 @@ POSTALIAS(1)                                         POSTALIAS(1)
        file_type
               The type of database to be produced.
 
-              btree  The   output   is   a   btree   file,  named
-                     file_name.db.  This  is  available  only  on
-                     systems with support for db databases.
-
-              dbm    The  output  consists  of  two  files, named
-                     file_name.pag and  file_name.dir.   This  is
-                     available  only  on systems with support for
-                     dbm databases.
-
-              hash   The  output  is   a   hashed   file,   named
+              btree  The  output   is   a   btree   file,   named
                      file_name.db.   This  is  available  only on
                      systems with support for db databases.
 
-              When no file_type is specified, the  software  uses
-              the  database  type specified via the database_type
-              configuration parameter.   The  default  value  for
+              dbm    The output  consists  of  two  files,  named
+                     file_name.pag  and  file_name.dir.   This is
+                     available only on systems with  support  for
+                     dbm databases.
+
+              hash   The   output   is   a   hashed  file,  named
+                     file_name.db.  This  is  available  only  on
+                     systems with support for db databases.
+
+              When  no  file_type is specified, the software uses
+              the database type specified via  the  database_type
+              configuration  parameter.   The  default  value for
               this parameter depends on the host environment.
 
        file_name
-              The  name  of  the  alias database source file when
+              The name of the alias  database  source  file  when
               rebuilding a database.
 
 DIAGNOSTICS
-       Problems are logged to the standard error stream. No  out-
+       Problems  are logged to the standard error stream. No out-
        put means no problems were detected. Duplicate entries are
        skipped and are flagged with a warning.
 
        postalias terminates with zero exit status in case of suc-
-       cess  (including  successful postmap -q lookup) and termi-
+       cess (including successful postalias -q lookup) and termi-
        nates with non-zero exit status in case of failure.
 
 ENVIRONMENT
@@ -120,12 +128,12 @@ POSTALIAS(1)                                         POSTALIAS(1)
               Enable verbose logging for debugging purposes.
 
 CONFIGURATION PARAMETERS
-       The following main.cf parameters are  especially  relevant
-       to  this  program. See the Postfix main.cf file for syntax
+       The  following  main.cf parameters are especially relevant
+       to this program. See the Postfix main.cf file  for  syntax
        details and for default values.
 
        database_type
-              Default alias database type. On many UNIX  systems,
+              Default  alias database type. On many UNIX systems,
               the default type is either dbm or hash.
 
 STANDARDS
@@ -136,7 +144,7 @@ POSTALIAS(1)                                         POSTALIAS(1)
        sendmail(1) mail posting and compatibility interface.
 
 LICENSE
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 AUTHOR(S)
@@ -145,6 +153,5 @@ POSTALIAS(1)                                         POSTALIAS(1)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                     POSTALIAS(1)
diff --git a/postfix/html/postconf.1.html b/postfix/html/postconf.1.html index d43547e45..2fa962840 100644 --- a/postfix/html/postconf.1.html +++ b/postfix/html/postconf.1.html @@ -1,5 +1,4 @@ 
-
 POSTCONF(1)                                           POSTCONF(1)
 
 NAME
@@ -36,7 +35,23 @@ POSTCONF(1)                                           POSTCONF(1)
               label that normally precedes the value.
 
        -l     List the names of  all  supported  mailbox  locking
-              methods.
+              methods.  Postfix supports the following methods:
+
+              flock  A  kernel-based  advisory locking method for
+                     local files only.  This  locking  method  is
+                     available only on systems with a BSD compat-
+                     ible library.
+
+              fcntl  A kernel-based advisory locking  method  for
+                     local and remote files.
+
+              dotlock
+                     An   application-level  locking  method.  An
+                     application locks a file named  filename  by
+                     creating  a  file  named filename.lock.  The
+                     application is expected to  remove  its  own
+                     lock  file, as well as stale lock files that
+                     were left behind after abnormal termination.
 
        -m     List the names of all supported lookup table types.
 
@@ -59,6 +74,5 @@ POSTCONF(1)                                           POSTCONF(1)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                      POSTCONF(1)
diff --git a/postfix/html/postdrop.1.html b/postfix/html/postdrop.1.html index b1dd861d5..d45e5188f 100644 --- a/postfix/html/postdrop.1.html +++ b/postfix/html/postdrop.1.html @@ -1,5 +1,4 @@ 
-
 POSTDROP(1)                                           POSTDROP(1)
 
 NAME
@@ -87,6 +86,5 @@ POSTDROP(1)                                           POSTDROP(1)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                      POSTDROP(1)
diff --git a/postfix/html/postmap.1.html b/postfix/html/postmap.1.html index 925818342..6c1eee82e 100644 --- a/postfix/html/postmap.1.html +++ b/postfix/html/postmap.1.html @@ -1,12 +1,11 @@ 
-
 POSTMAP(1)                                             POSTMAP(1)
 
 NAME
        postmap - Postfix lookup table management
 
 SYNOPSIS
-       postmap [-Nfinrvw] [-c config_dir] [-d key] [-q key]
+       postmap [-Nfinorvw] [-c config_dir] [-d key] [-q key]
        [file_type:]file_name ...
 
 DESCRIPTION
@@ -80,25 +79,30 @@ POSTMAP(1)                                             POSTMAP(1)
               Postfix does whatever is the default for  the  host
               operating system.
 
-       -q key Search  the  specified  maps  for key and print the
-              first value found on the  standard  output  stream.
+       -o     Do  not  release  root privileges when processing a
+              non-root input file. By default, postmap drops root
+              privileges  and  runs  as  the  source  file  owner
+              instead.
+
+       -q key Search the specified maps for  key  and  print  the
+              first  value  found  on the standard output stream.
               The exit status is zero when the requested informa-
               tion was found.
 
               If a key value of - is specified, the program reads
-              key  values  from  the  standard  input  stream and
-              prints one line of key value output  for  each  key
-              that  was  found.  The  exit status is zero when at
+              key values  from  the  standard  input  stream  and
+              prints  one  line  of key value output for each key
+              that was found. The exit status  is  zero  when  at
               least one of the requested keys was found.
 
-       -r     When updating a table, do not warn about  duplicate
+       -r     When  updating a table, do not warn about duplicate
               entries; silently replace them.
 
        -v     Enable verbose logging for debugging purposes. Mul-
-              tiple -v options  make  the  software  increasingly
+              tiple  -v  options  make  the software increasingly
               verbose.
 
-       -w     When  updating a table, do not warn about duplicate
+       -w     When updating a table, do not warn about  duplicate
               entries; silently ignore them.
 
        Arguments:
@@ -106,25 +110,25 @@ POSTMAP(1)                                             POSTMAP(1)
        file_type
               The type of database to be produced.
 
-              btree  The output  file  is  a  btree  file,  named
-                     file_name.db.   This  is  available  only on
-                     systems with support for db databases.
-
-              dbm    The output  consists  of  two  files,  named
-                     file_name.pag  and  file_name.dir.   This is
-                     available only on systems with  support  for
-                     dbm databases.
-
-              hash   The  output  file  is  a  hashed file, named
+              btree  The  output  file  is  a  btree  file, named
                      file_name.db.  This  is  available  only  on
                      systems with support for db databases.
 
-              When  no  file_type is specified, the software uses
-              the database type specified via  the  database_type
+              dbm    The  output  consists  of  two  files, named
+                     file_name.pag and  file_name.dir.   This  is
+                     available  only  on systems with support for
+                     dbm databases.
+
+              hash   The output file  is  a  hashed  file,  named
+                     file_name.db.   This  is  available  only on
+                     systems with support for db databases.
+
+              When no file_type is specified, the  software  uses
+              the  database  type specified via the database_type
               configuration parameter.
 
        file_name
-              The  name  of  the  lookup  table  source file when
+              The name of  the  lookup  table  source  file  when
               rebuilding a database.
 
 DIAGNOSTICS
@@ -132,8 +136,8 @@ POSTMAP(1)                                             POSTMAP(1)
        stream. No output means no problems. Duplicate entries are
        skipped and are flagged with a warning.
 
-       postmap terminates with zero exit status in case  of  suc-
-       cess  (including  successful postmap -q lookup) and termi-
+       postmap  terminates  with zero exit status in case of suc-
+       cess (including successful postmap -q lookup)  and  termi-
        nates with non-zero exit status in case of failure.
 
 ENVIRONMENT
@@ -145,12 +149,12 @@ POSTMAP(1)                                             POSTMAP(1)
 
 CONFIGURATION PARAMETERS
        database_type
-              Default output database type.  On  many  UNIX  sys-
-              tems,  the  default database type is either hash or
+              Default  output  database  type.  On many UNIX sys-
+              tems, the default database type is either  hash  or
               dbm.
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
@@ -159,6 +163,5 @@ POSTMAP(1)                                             POSTMAP(1)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                       POSTMAP(1)
diff --git a/postfix/html/regexp_table.5.html b/postfix/html/regexp_table.5.html index 704b8abc3..f93096c47 100644 --- a/postfix/html/regexp_table.5.html +++ b/postfix/html/regexp_table.5.html @@ -1,5 +1,4 @@ 
-
 REGEXP_TABLE(5)                                   REGEXP_TABLE(5)
 
 NAME
@@ -82,6 +81,12 @@ REGEXP_TABLE(5)                                   REGEXP_TABLE(5)
        /^Subject: make money fast/     REJECT
        /^To: friend@public\.com/       REJECT
 
+EXAMPLE BODY FILTER MAP
+       # First skip over base 64 encoded text to save CPU cycles.
+       ~^[[:alnum:]+/]{60,}$~          OK
+
+       # Put your own body patterns here.
+
 SEE ALSO
        pcre_table(5) format of PCRE tables
 
@@ -103,6 +108,5 @@ REGEXP_TABLE(5)                                   REGEXP_TABLE(5)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                                  REGEXP_TABLE(5)
diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html index 92f478d06..b5293eebf 100644 --- a/postfix/html/trivial-rewrite.8.html +++ b/postfix/html/trivial-rewrite.8.html @@ -1,5 +1,4 @@ 
-
 TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
 
 NAME
@@ -141,6 +140,5 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
        P.O. Box 704
        Yorktown Heights, NY 10598, USA
 
-                                                                1
-
+                                               TRIVIAL-REWRITE(8)
diff --git a/postfix/html/uce.html b/postfix/html/uce.html index bde7921b6..47c5f44f0 100644 --- a/postfix/html/uce.html +++ b/postfix/html/uce.html @@ -379,7 +379,7 @@ UCE software can be stopped by being strict here. By default, this restriction is applied when the client sends the RCPT TO command. In order to have the restriction take effect -as soon as possible, specify smtpd_delay_reject = yes in +as soon as possible, specify smtpd_delay_reject = no in the Postfix main.cf configuration file. Doing so may cause unexpected results with poorly implemented client software. @@ -550,7 +550,7 @@ addresses this system accepts in MAIL FROM commands. By default, this restriction is applied when the client sends the RCPT TO command. In order to have the restriction take effect -as soon as possible, specify smtpd_delay_reject = yes in +as soon as possible, specify smtpd_delay_reject = no in the Postfix main.cf configuration file. Doing so may cause unexpected results with poorly implemented client software. diff --git a/postfix/makedefs b/postfix/makedefs index be453054a..19b77ed74 100644 --- a/postfix/makedefs +++ b/postfix/makedefs @@ -187,16 +187,16 @@ case "$SYSTEM.$RELEASE" in echo "See the RELEASE_NOTES file for more information." 1>&2 exit 1 fi - # See where GDBM's ndbm.h include file sits. - if [ -f /usr/include/gdbm-ndbm.h ] - then - CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H=''" - GDBM_LIBS=gdbm - elif [ -f /usr/include/gdbm/ndbm.h ] - then - CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H=''" - GDBM_LIBS=gdbm - fi + # GDBM locks the DBM .pag file after open. This breaks postmap. + # if [ -f /usr/include/gdbm-ndbm.h ] + # then + # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H=''" + # GDBM_LIBS=gdbm + # elif [ -f /usr/include/gdbm/ndbm.h ] + # then + # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H=''" + # GDBM_LIBS=gdbm + # fi SYSLIBS="-ldb" for name in nsl resolv $GDBM_LIBS do @@ -309,5 +309,5 @@ OPT = $OPT DEBUG = $DEBUG AWK = $AWK STRCASE = $STRCASE -EXPORT = AUXLIBS="$AUXLIBS" CCARGS="$CCARGS" OPT="$OPT" DEBUG="$DEBUG" +EXPORT = AUXLIBS='$AUXLIBS' CCARGS='$CCARGS' OPT='$OPT' DEBUG='$DEBUG' EOF diff --git a/postfix/man/man1/postalias.1 b/postfix/man/man1/postalias.1 index 0917606ff..f461d29a3 100644 --- a/postfix/man/man1/postalias.1 +++ b/postfix/man/man1/postalias.1 @@ -9,7 +9,7 @@ Postfix alias database maintenance .na .nf .fi -\fBpostalias\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR] +\fBpostalias\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR] [\fB-d \fIkey\fR] [\fB-q \fIkey\fR] [\fIfile_type\fR:]\fIfile_name\fR ... .SH DESCRIPTION @@ -20,6 +20,9 @@ alias databases, or updates an existing one. The input and output file formats are expected to be compatible with Sendmail version 8, and are expected to be suitable for the use as NIS alias maps. +If the result files do not exist they will be created with the +same group and other read permissions as the source file. + While a database update is in progress, signal delivery is postponed, and an exclusive, advisory, lock is placed on the entire database, in order to avoid surprises in spectator @@ -51,6 +54,10 @@ a new database from the entries in \fBfile_name\fR. Don't include the terminating null character that terminates lookup keys and values. By default, Postfix does whatever is the default for the host operating system. +.IP \fB-o\fR +Do not release root privileges when processing a non-root +input file. By default, \fBpostalias\fR drops root privileges +and runs as the source file owner instead. .IP "\fB-q \fIkey\fR" Search the specified maps for \fIkey\fR and print the first value found on the standard output stream. The exit status is zero @@ -99,7 +106,7 @@ no problems were detected. Duplicate entries are skipped and are flagged with a warning. \fBpostalias\fR terminates with zero exit status in case of success -(including successful \fBpostmap -q\fR lookup) and terminates +(including successful \fBpostalias -q\fR lookup) and terminates with non-zero exit status in case of failure. .SH ENVIRONMENT .na diff --git a/postfix/man/man1/postconf.1 b/postfix/man/man1/postconf.1 index 291bc0dd1..20689d4f3 100644 --- a/postfix/man/man1/postconf.1 +++ b/postfix/man/man1/postconf.1 @@ -38,6 +38,20 @@ Show parameter values only, not the ``name = '' label that normally precedes the value. .IP \fB-l\fR List the names of all supported mailbox locking methods. +Postfix supports the following methods: +.RS +.IP \fBflock\fR +A kernel-based advisory locking method for local files only. +This locking method is available only on systems with a BSD +compatible library. +.IP \fBfcntl\fR +A kernel-based advisory locking method for local and remote files. +.IP \fBdotlock\fR +An application-level locking method. An application locks a file +named \fIfilename\fR by creating a file named \fIfilename\fB.lock\fR. +The application is expected to remove its own lock file, as well as +stale lock files that were left behind after abnormal termination. +.RE .IP \fB-m\fR List the names of all supported lookup table types. .IP \fB-n\fR diff --git a/postfix/man/man1/postmap.1 b/postfix/man/man1/postmap.1 index d5385d407..da50c768d 100644 --- a/postfix/man/man1/postmap.1 +++ b/postfix/man/man1/postmap.1 @@ -9,7 +9,7 @@ Postfix lookup table management .na .nf .fi -\fBpostmap\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR] +\fBpostmap\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR] [\fB-d \fIkey\fR] [\fB-q \fIkey\fR] [\fIfile_type\fR:]\fIfile_name\fR ... .SH DESCRIPTION @@ -75,6 +75,10 @@ a new database from the entries in \fBfile_name\fR. Don't include the terminating null character that terminates lookup keys and values. By default, Postfix does whatever is the default for the host operating system. +.IP \fB-o\fR +Do not release root privileges when processing a non-root +input file. By default, \fBpostmap\fR drops root privileges +and runs as the source file owner instead. .IP "\fB-q \fIkey\fR" Search the specified maps for \fIkey\fR and print the first value found on the standard output stream. The exit status is zero diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index 0c9644909..8f7b99d6c 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -119,7 +119,7 @@ Accept the address etc. that matches the pattern. An all-numerical result is treated as OK. This format is generated by address-based relay authorization schemes. .IP \fIrestriction...\fR -Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR, +Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR, \fBreject_unauth_destination\fR, and so on). .SH REGULAR EXPRESSION TABLES .na diff --git a/postfix/man/man5/pcre_table.5 b/postfix/man/man5/pcre_table.5 index 598839ee0..f57d3f2c7 100644 --- a/postfix/man/man5/pcre_table.5 +++ b/postfix/man/man5/pcre_table.5 @@ -77,6 +77,14 @@ or $(n) if they aren't followed by whitespace. .nf /^Subject: make money fast/ REJECT /^To: friend@public\\.com/ REJECT +.SH EXAMPLE BODY FILTER MAP +.na +.nf +# First skip over base 64 encoded text to save CPU cycles. +# Requires PCRE version 3. +~^[[:alnum:]+/]{60,}$~ OK + +# Put your own body patterns here. .SH SEE ALSO .na .nf diff --git a/postfix/man/man5/regexp_table.5 b/postfix/man/man5/regexp_table.5 index b561a4b14..209bb8d07 100644 --- a/postfix/man/man5/regexp_table.5 +++ b/postfix/man/man5/regexp_table.5 @@ -78,6 +78,13 @@ by whitespace. # These were once common in junk mail. /^Subject: make money fast/ REJECT /^To: friend@public\\.com/ REJECT +.SH EXAMPLE BODY FILTER MAP +.na +.nf +# First skip over base 64 encoded text to save CPU cycles. +~^[[:alnum:]+/]{60,}$~ OK + +# Put your own body patterns here. .SH SEE ALSO .na .nf diff --git a/postfix/man/man8/pipe.8 b/postfix/man/man8/pipe.8 index 65e566e48..97a9e873e 100644 --- a/postfix/man/man8/pipe.8 +++ b/postfix/man/man8/pipe.8 @@ -50,7 +50,7 @@ entry for the pipe-based delivery transport. .fi The external command attributes are given in the \fBmaster.cf\fR file at the end of a service definition. The syntax is as follows: -.IP "\fBflags=BFRhqu.>\fR (optional)" +.IP "\fBflags=BDFRhqu.>\fR (optional)" Optional message processing flags. By default, a message is copied unchanged. .RS @@ -58,6 +58,10 @@ copied unchanged. Append a blank line at the end of each message. This is required by some mail user agents that recognize "\fBFrom \fR" lines only when preceded by a blank line. +.IP \fBD\fR +Prepend a "\fBDelivered-To: \fIrecipient\fR" message header with the +envelope recipient address. Note: for this to work, the +\fItransport\fB_destination_recipient_limit\fR must be 1. .IP \fBF\fR Prepend a "\fBFrom \fIsender time_stamp\fR" envelope header to the message content. diff --git a/postfix/proto/access b/postfix/proto/access index 36713ab09..cd77ecfe9 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -103,7 +103,7 @@ # An all-numerical result is treated as OK. This format is # generated by address-based relay authorization schemes. # .IP \fIrestriction...\fR -# Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR, +# Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR, # \fBreject_unauth_destination\fR, and so on). # REGULAR EXPRESSION TABLES # .ad diff --git a/postfix/proto/pcre_table b/postfix/proto/pcre_table index 69c8488b2..5e6e5d5da 100644 --- a/postfix/proto/pcre_table +++ b/postfix/proto/pcre_table @@ -67,6 +67,12 @@ # EXAMPLE HEADER FILTER MAP # /^Subject: make money fast/ REJECT # /^To: friend@public\\.com/ REJECT +# EXAMPLE BODY FILTER MAP +# # First skip over base 64 encoded text to save CPU cycles. +# # Requires PCRE version 3. +# ~^[[:alnum:]+/]{60,}$~ OK +# +# # Put your own body patterns here. # SEE ALSO # regexp_table(5) format of POSIX regular expression tables # AUTHOR(S) diff --git a/postfix/proto/regexp_table b/postfix/proto/regexp_table index bd6cb7f72..18578a7e8 100644 --- a/postfix/proto/regexp_table +++ b/postfix/proto/regexp_table @@ -68,6 +68,11 @@ # # These were once common in junk mail. # /^Subject: make money fast/ REJECT # /^To: friend@public\\.com/ REJECT +# EXAMPLE BODY FILTER MAP +# # First skip over base 64 encoded text to save CPU cycles. +# ~^[[:alnum:]+/]{60,}$~ OK +# +# # Put your own body patterns here. # SEE ALSO # pcre_table(5) format of PCRE tables # AUTHOR(S) diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 6d7505304..e3c6863f9 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,15 +20,17 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ +#define MAIL_RELEASE_DATE "20020501" + #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "1.1.7-$mail_release_date" +#define DEF_MAIL_VERSION "1.1.7-" MAIL_RELEASE_DATE extern char *var_mail_version; /* * Release date. */ #define VAR_MAIL_RELEASE "mail_release_date" -#define DEF_MAIL_RELEASE "20020331" +#define DEF_MAIL_RELEASE MAIL_RELEASE_DATE extern char *var_mail_release; /* LICENSE diff --git a/postfix/src/global/mkmap_db.c b/postfix/src/global/mkmap_db.c index fd216df08..0d7c9e729 100644 --- a/postfix/src/global/mkmap_db.c +++ b/postfix/src/global/mkmap_db.c @@ -37,6 +37,10 @@ #include +/* Global library. */ + +#include "mail_conf.h" + /* Utility library. */ #include @@ -58,11 +62,31 @@ /* mkmap_db_open - create or open database */ +/* + * db_mpool_size" is defined in util/dict_db.c and defaults to 256K, + * which works well for the lookup code. + * + * We use a larger memory pool when building ".db" files. + * For "hash" files performance degrades rapidly unless the memory pool + * is O(file size). + * + * For "btree" files peformance is good with sorted input even for small + * memory pools, but with random input degrades rapidly unless the memory + * pool is O(file size). + */ +extern int db_mpool_size; + +#define VAR_MPOOL_SIZE "db_mkmap_mpool_size" +#define DEF_MPOOL_SIZE 16777216 /* 16MB */ + static MKMAP *mkmap_db_open(const char *path, DICT *(*db_open) (const char *, int, int)) { MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap)); + /* Override default mpool size for map rebuilds */ + db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0); + /* * Fill in the generic members. */ diff --git a/postfix/src/global/mkmap_dbm.c b/postfix/src/global/mkmap_dbm.c index c4b7b7b4b..cb6664b39 100644 --- a/postfix/src/global/mkmap_dbm.c +++ b/postfix/src/global/mkmap_dbm.c @@ -1,6 +1,6 @@ /*++ /* NAME -/* mkmap 3 +/* mkmap_dbm 3 /* SUMMARY /* create or open database, DBM style /* SYNOPSIS diff --git a/postfix/src/pipe/pipe.c b/postfix/src/pipe/pipe.c index 9794c697c..8061389a3 100644 --- a/postfix/src/pipe/pipe.c +++ b/postfix/src/pipe/pipe.c @@ -40,7 +40,7 @@ /* .fi /* The external command attributes are given in the \fBmaster.cf\fR /* file at the end of a service definition. The syntax is as follows: -/* .IP "\fBflags=BFRhqu.>\fR (optional)" +/* .IP "\fBflags=BDFRhqu.>\fR (optional)" /* Optional message processing flags. By default, a message is /* copied unchanged. /* .RS @@ -48,6 +48,10 @@ /* Append a blank line at the end of each message. This is required /* by some mail user agents that recognize "\fBFrom \fR" lines only /* when preceded by a blank line. +/* .IP \fBD\fR +/* Prepend a "\fBDelivered-To: \fIrecipient\fR" message header with the +/* envelope recipient address. Note: for this to work, the +/* \fItransport\fB_destination_recipient_limit\fR must be 1. /* .IP \fBF\fR /* Prepend a "\fBFrom \fIsender time_stamp\fR" envelope header to /* the message content. @@ -580,6 +584,9 @@ static void get_service_attr(PIPE_ATTR *attr, char **argv) case 'R': attr->flags |= MAIL_COPY_RETURN_PATH; break; + case 'D': + attr->flags |= MAIL_COPY_DELIVERED; + break; case 'h': attr->flags |= PIPE_OPT_FOLD_HOST; break; @@ -781,6 +788,19 @@ static int deliver_message(DELIVER_REQUEST *request, char *service, char **argv) get_service_attr(&attr, argv); } + /* + * The D flag cannot be specified for multi-recipient deliveries. + */ + if ((attr.flags & MAIL_COPY_DELIVERED) && (rcpt_list->len > 1)) { + deliver_status = eval_command_status(PIPE_STAT_DEFER, service, + request, request->fp, + "mailer configuration error"); + msg_warn("pipe flag `D' requires %s_destination_recipient_limit = 1", + service); + DELIVER_MSG_CLEANUP(); + return (deliver_status); + } + /* * Check that this agent accepts messages this large. */ @@ -831,6 +851,7 @@ static int deliver_message(DELIVER_REQUEST *request, char *service, char **argv) PIPE_CMD_TIME_LIMIT, conf.time_limit, PIPE_CMD_EOL, STR(attr.eol), PIPE_CMD_EXPORT, export_env->argv, + PIPE_CMD_DELIVERED, rcpt_list->info[0].address, PIPE_CMD_END); argv_free(export_env); diff --git a/postfix/src/postalias/postalias.c b/postfix/src/postalias/postalias.c index 6daf0fff6..83eb23e95 100644 --- a/postfix/src/postalias/postalias.c +++ b/postfix/src/postalias/postalias.c @@ -5,7 +5,7 @@ /* Postfix alias database maintenance /* SYNOPSIS /* .fi -/* \fBpostalias\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR] +/* \fBpostalias\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR] /* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR] /* [\fIfile_type\fR:]\fIfile_name\fR ... /* DESCRIPTION @@ -14,6 +14,9 @@ /* file formats are expected to be compatible with Sendmail version 8, /* and are expected to be suitable for the use as NIS alias maps. /* +/* If the result files do not exist they will be created with the +/* same group and other read permissions as the source file. +/* /* While a database update is in progress, signal delivery is /* postponed, and an exclusive, advisory, lock is placed on the /* entire database, in order to avoid surprises in spectator @@ -45,6 +48,10 @@ /* Don't include the terminating null character that terminates lookup /* keys and values. By default, Postfix does whatever is the default for /* the host operating system. +/* .IP \fB-o\fR +/* Do not release root privileges when processing a non-root +/* input file. By default, \fBpostalias\fR drops root privileges +/* and runs as the source file owner instead. /* .IP "\fB-q \fIkey\fR" /* Search the specified maps for \fIkey\fR and print the first value /* found on the standard output stream. The exit status is zero @@ -91,7 +98,7 @@ /* flagged with a warning. /* /* \fBpostalias\fR terminates with zero exit status in case of success -/* (including successful \fBpostmap -q\fR lookup) and terminates +/* (including successful \fBpostalias -q\fR lookup) and terminates /* with non-zero exit status in case of failure. /* ENVIRONMENT /* .ad @@ -147,6 +154,7 @@ #include #include #include +#include /* Global library. */ @@ -159,9 +167,11 @@ #define STR vstring_str +#define POSTALIAS_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */ + /* postalias - create or update alias database */ -static void postalias(char *map_type, char *path_name, +static void postalias(char *map_type, char *path_name, int postalias_flags, int open_flags, int dict_flags) { VSTREAM *source_fp; @@ -174,6 +184,8 @@ static void postalias(char *map_type, char *path_name, TOK822 *key_list; TOK822 *colon; TOK822 *value_list; + struct stat st; + mode_t saved_mask; /* * Initialize. @@ -187,6 +199,24 @@ static void postalias(char *map_type, char *path_name, } else if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) { msg_fatal("open %s: %m", path_name); } + if (fstat(vstream_fileno(source_fp), &st) < 0) + msg_fatal("fstat %s: %m", path_name); + + /* + * Turn off group/other read permissions as indicated in the source file. + */ + if (S_ISREG(st.st_mode)) + saved_mask = umask(022 | (~st.st_mode & 077)); + + /* + * If running as root, run as the owner of the source file, so that the + * result shows proper ownership, and so that a bug in postalias does not + * allow privilege escalation. + */ + if ((postalias_flags & POSTALIAS_FLAG_AS_OWNER) && getuid() == 0 + && (st.st_uid != geteuid() || st.st_gid != getegid())) + set_eugid(st.st_uid, st.st_gid); + /* * Open the database, create it when it does not exist, truncate it when @@ -194,6 +224,12 @@ static void postalias(char *map_type, char *path_name, */ mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags); + /* + * And restore the umask, in case it matters. + */ + if (S_ISREG(st.st_mode)) + umask(saved_mask); + /* * Add records to the database. */ @@ -439,7 +475,7 @@ static int postalias_delete(const char *map_type, const char *map_name, static NORETURN usage(char *myname) { - msg_fatal("usage: %s [-Nfinrvw] [-c config_dir] [-d key] [-q key] [map_type:]file...", + msg_fatal("usage: %s [-Nfinorvw] [-c config_dir] [-d key] [-q key] [map_type:]file...", myname); } @@ -450,6 +486,7 @@ int main(int argc, char **argv) int fd; char *slash; struct stat st; + int postalias_flags = POSTALIAS_FLAG_AS_OWNER; int open_flags = O_RDWR | O_CREAT | O_TRUNC; int dict_flags = DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_KEY; char *query = 0; @@ -489,7 +526,7 @@ int main(int argc, char **argv) /* * Parse JCL. */ - while ((ch = GETOPT(argc, argv, "Nc:d:finq:rvw")) > 0) { + while ((ch = GETOPT(argc, argv, "Nc:d:finoq:rvw")) > 0) { switch (ch) { default: usage(argv[0]); @@ -517,6 +554,9 @@ int main(int argc, char **argv) dict_flags |= DICT_FLAG_TRY0NULL; dict_flags &= ~DICT_FLAG_TRY1NULL; break; + case 'o': + postalias_flags &= ~POSTALIAS_FLAG_AS_OWNER; + break; case 'q': if (query || delkey) msg_fatal("specify only one of -q or -d"); @@ -580,9 +620,11 @@ int main(int argc, char **argv) usage(argv[0]); while (optind < argc) { if ((path_name = split_at(argv[optind], ':')) != 0) { - postalias(argv[optind], path_name, open_flags, dict_flags); + postalias(argv[optind], path_name, postalias_flags, + open_flags, dict_flags); } else { - postalias(var_db_type, argv[optind], open_flags, dict_flags); + postalias(var_db_type, argv[optind], postalias_flags, + open_flags, dict_flags); } optind++; } diff --git a/postfix/src/postconf/postconf.c b/postfix/src/postconf/postconf.c index ffcc7fbd8..3eae38b0d 100644 --- a/postfix/src/postconf/postconf.c +++ b/postfix/src/postconf/postconf.c @@ -32,6 +32,20 @@ /* that normally precedes the value. /* .IP \fB-l\fR /* List the names of all supported mailbox locking methods. +/* Postfix supports the following methods: +/* .RS +/* .IP \fBflock\fR +/* A kernel-based advisory locking method for local files only. +/* This locking method is available only on systems with a BSD +/* compatible library. +/* .IP \fBfcntl\fR +/* A kernel-based advisory locking method for local and remote files. +/* .IP \fBdotlock\fR +/* An application-level locking method. An application locks a file +/* named \fIfilename\fR by creating a file named \fIfilename\fB.lock\fR. +/* The application is expected to remove its own lock file, as well as +/* stale lock files that were left behind after abnormal termination. +/* .RE /* .IP \fB-m\fR /* List the names of all supported lookup table types. /* .IP \fB-n\fR @@ -303,7 +317,7 @@ static void edit_parameters(int argc, char **argv) if (strchr(cp, '\n') != 0) msg_fatal("edit accepts no multi-line input"); while (ISSPACE(*cp)) - cp++; + cp++; if (*cp == '#') msg_fatal("edit accepts no comment input"); if ((err = split_nameval(cp, &edit_key, &edit_val)) != 0) @@ -352,7 +366,7 @@ static void edit_parameters(int argc, char **argv) interesting = 0; while (vstring_get(buf, src) != VSTREAM_EOF) { for (cp = STR(buf); ISSPACE(*cp) /* including newline */ ; cp++) - /* void */ ; + /* void */ ; /* Copy comment, all-whitespace, or empty line. */ if (*cp == '#' || *cp == 0) { vstream_fputs(STR(buf), dst); @@ -800,7 +814,7 @@ int main(int argc, char **argv) /* * Parse JCL. */ - while ((ch = GETOPT(argc, argv, "c:dehmlnv")) > 0) { + while ((ch = GETOPT(argc, argv, "c:deEhmlnv")) > 0) { switch (ch) { case 'c': if (setenv(CONF_ENV_PATH, optarg, 1) < 0) @@ -812,6 +826,18 @@ int main(int argc, char **argv) case 'e': mode |= EDIT_MAIN; break; + + /* + * People, this does not work unless you properly handle default + * settings. For example, fast_flush_domains = $relay_domains + * must not evaluate to the empty string when relay_domains is + * left at its default setting of $mydestination. + */ +#if 0 + case 'E': + mode |= SHOW_EVAL; + break; +#endif case 'h': mode &= ~SHOW_NAME; break; diff --git a/postfix/src/postmap/postmap.c b/postfix/src/postmap/postmap.c index 40579938e..fe85e21ee 100644 --- a/postfix/src/postmap/postmap.c +++ b/postfix/src/postmap/postmap.c @@ -5,7 +5,7 @@ /* Postfix lookup table management /* SYNOPSIS /* .fi -/* \fBpostmap\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR] +/* \fBpostmap\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR] /* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR] /* [\fIfile_type\fR:]\fIfile_name\fR ... /* DESCRIPTION @@ -69,6 +69,10 @@ /* Don't include the terminating null character that terminates lookup /* keys and values. By default, Postfix does whatever is the default for /* the host operating system. +/* .IP \fB-o\fR +/* Do not release root privileges when processing a non-root +/* input file. By default, \fBpostmap\fR drops root privileges +/* and runs as the source file owner instead. /* .IP "\fB-q \fIkey\fR" /* Search the specified maps for \fIkey\fR and print the first value /* found on the standard output stream. The exit status is zero @@ -162,6 +166,7 @@ #include #include #include +#include /* Global library. */ @@ -173,9 +178,11 @@ #define STR vstring_str +#define POSTMAP_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */ + /* postmap - create or update mapping database */ -static void postmap(char *map_type, char *path_name, +static void postmap(char *map_type, char *path_name, int postmap_flags, int open_flags, int dict_flags) { VSTREAM *source_fp; @@ -206,6 +213,15 @@ static void postmap(char *map_type, char *path_name, if (S_ISREG(st.st_mode)) saved_mask = umask(022 | (~st.st_mode & 077)); + /* + * If running as root, run as the owner of the source file, so that the + * result shows proper ownership, and so that a bug in postmap does not + * allow privilege escalation. + */ + if ((postmap_flags & POSTMAP_FLAG_AS_OWNER) && getuid() == 0 + && (st.st_uid != geteuid() || st.st_gid != getegid())) + set_eugid(st.st_uid, st.st_gid); + /* * Open the database, optionally create it when it does not exist, * optionally truncate it when it does exist, and lock out any @@ -410,7 +426,7 @@ static int postmap_delete(const char *map_type, const char *map_name, static NORETURN usage(char *myname) { - msg_fatal("usage: %s [-Nfinrvw] [-c config_dir] [-d key] [-q key] [map_type:]file...", + msg_fatal("usage: %s [-Nfinorvw] [-c config_dir] [-d key] [-q key] [map_type:]file...", myname); } @@ -421,6 +437,7 @@ int main(int argc, char **argv) int fd; char *slash; struct stat st; + int postmap_flags = POSTMAP_FLAG_AS_OWNER; int open_flags = O_RDWR | O_CREAT | O_TRUNC; int dict_flags = DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_KEY; char *query = 0; @@ -460,7 +477,7 @@ int main(int argc, char **argv) /* * Parse JCL. */ - while ((ch = GETOPT(argc, argv, "Nc:d:finq:rvw")) > 0) { + while ((ch = GETOPT(argc, argv, "Nc:d:finoq:rvw")) > 0) { switch (ch) { default: usage(argv[0]); @@ -488,6 +505,9 @@ int main(int argc, char **argv) dict_flags |= DICT_FLAG_TRY0NULL; dict_flags &= ~DICT_FLAG_TRY1NULL; break; + case 'o': + postmap_flags &= ~POSTMAP_FLAG_AS_OWNER; + break; case 'q': if (query || delkey) msg_fatal("specify only one of -q or -d"); @@ -551,9 +571,11 @@ int main(int argc, char **argv) usage(argv[0]); while (optind < argc) { if ((path_name = split_at(argv[optind], ':')) != 0) { - postmap(argv[optind], path_name, open_flags, dict_flags); + postmap(argv[optind], path_name, postmap_flags, + open_flags, dict_flags); } else { - postmap(var_db_type, argv[optind], open_flags, dict_flags); + postmap(var_db_type, argv[optind], postmap_flags, + open_flags, dict_flags); } optind++; } diff --git a/postfix/src/postqueue/postqueue.c b/postfix/src/postqueue/postqueue.c index 80a97aed7..c7e06a811 100644 --- a/postfix/src/postqueue/postqueue.c +++ b/postfix/src/postqueue/postqueue.c @@ -184,6 +184,16 @@ static void show_queue(void) msg_warn("close: %m"); } + /* + * Don't assume that the mail system is down when the user has + * insufficient permission to access the showq socket. + */ + else if (errno != ECONNREFUSED && errno != ENOENT) { + msg_fatal_status(EX_SOFTWARE, + "Connect to the %s %s service: %m", + var_mail_name, var_showq_service); + } + /* * When the mail system is down, the superuser can still access the queue * directly. Just run the showq program in stand-alone mode. @@ -255,7 +265,7 @@ static void flush_site(const char *site) static NORETURN usage(void) { - msg_fatal_status(EX_USAGE, "usage: specify one of -f, -p, or -s"); + msg_fatal_status(EX_USAGE, "usage: postqueue -f | postqueue -p | postqueue -s site"); } /* main - the main program */ @@ -270,6 +280,7 @@ int main(int argc, char **argv) char *site_to_flush = 0; ARGV *import_env; char *last; + int bad_site; /* * Be consistent with file permissions. @@ -319,7 +330,6 @@ int main(int argc, char **argv) usage(); mode = PQ_MODE_MAILQ_LIST; break; - break; case 's': /* flush site */ if (mode != PQ_MODE_DEFAULT) usage(); @@ -333,6 +343,8 @@ int main(int argc, char **argv) usage(); } } + if (argc > optind) + usage(); /* * Further initialization... @@ -362,21 +374,20 @@ int main(int argc, char **argv) * Further input validation. */ if (site_to_flush != 0) { + bad_site = 0; if (*site_to_flush == '[' && *(last = site_to_flush + strlen(site_to_flush) - 1) == ']') { *last = 0; - if (!valid_hostaddr(site_to_flush + 1, DONT_GRIPE)) - site_to_flush = 0; + bad_site = !valid_hostaddr(site_to_flush + 1, DONT_GRIPE); *last = ']'; } else { - if (!valid_hostname(site_to_flush, DONT_GRIPE) - && !valid_hostaddr(site_to_flush, DONT_GRIPE)) - site_to_flush = 0; + bad_site = (!valid_hostname(site_to_flush, DONT_GRIPE) + && !valid_hostaddr(site_to_flush, DONT_GRIPE)); } - if (site_to_flush == 0) + if (bad_site) msg_fatal_status(EX_USAGE, "Cannot flush mail queue - invalid destination: \"%.100s%s\"", - optarg, strlen(optarg) > 100 ? "..." : ""); + site_to_flush, strlen(site_to_flush) > 100 ? "..." : ""); } /* diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index 6745c6661..6cebfec53 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -312,6 +312,14 @@ int smtp_xfer(SMTP_STATE *state) } \ } while (0) +#define QUOTE_ADDRESS(addr) do { \ + if (*(addr)) { \ + quote_821_local(state->scratch, addr); \ + myfree(addr); \ + addr = mystrdup(vstring_str(state->scratch)); \ + } \ + } while (0) + #define RETURN(x) do { vstring_free(next_command); return (x); } while (0) #define SENDER_IS_AHEAD \ @@ -399,9 +407,11 @@ int smtp_xfer(SMTP_STATE *state) * Build the MAIL FROM command. */ case SMTP_STATE_MAIL: - if (*request->sender) - if (var_disable_dns == 0) - REWRITE_ADDRESS(request->sender); + if (var_disable_dns == 0) { + REWRITE_ADDRESS(request->sender); + } else { + QUOTE_ADDRESS(request->sender); + } vstring_sprintf(next_command, "MAIL FROM:<%s>", request->sender); if (state->features & SMTP_FEATURE_SIZE) vstring_sprintf_append(next_command, " SIZE=%lu", @@ -415,8 +425,11 @@ int smtp_xfer(SMTP_STATE *state) */ case SMTP_STATE_RCPT: rcpt = request->rcpt_list.info + send_rcpt; - if (var_disable_dns == 0) + if (var_disable_dns == 0) { REWRITE_ADDRESS(rcpt->address); + } else { + QUOTE_ADDRESS(rcpt->address); + } vstring_sprintf(next_command, "RCPT TO:<%s>", rcpt->address); if ((next_rcpt = send_rcpt + 1) == request->rcpt_list.len) next_state = SMTP_STATE_DATA; diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index 1e68eaa4a..497907ea8 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -1314,6 +1314,8 @@ static SMTPD_CMD smtpd_cmd_table[] = { "ETRN", etrn_cmd, SMTPD_CMD_FLAG_LIMIT, "QUIT", quit_cmd, 0, "Received:", 0, SMTPD_CMD_FLAG_HEADER, + "Reply-To:", 0, SMTPD_CMD_FLAG_HEADER, + "Message-ID:", 0, SMTPD_CMD_FLAG_HEADER, "Subject:", 0, SMTPD_CMD_FLAG_HEADER, "From:", 0, SMTPD_CMD_FLAG_HEADER, 0, diff --git a/postfix/src/trivial-rewrite/transport.c b/postfix/src/trivial-rewrite/transport.c index 379e2395f..5d0230906 100644 --- a/postfix/src/trivial-rewrite/transport.c +++ b/postfix/src/trivial-rewrite/transport.c @@ -70,6 +70,8 @@ static MAPS *transport_path; static int transport_match_parent_style; +static VSTRING *wildcard_channel; +static VSTRING *wildcard_nexthop; /* transport_init - pre-jail initialization */ @@ -80,6 +82,21 @@ void transport_init(void) transport_path = maps_create("transport", var_transport_maps, DICT_FLAG_LOCK); transport_match_parent_style = match_parent_style(VAR_TRANSPORT_MAPS); + +} + +void transport_wildcard_init(void) +{ + wildcard_channel = vstring_alloc(10); + wildcard_nexthop = vstring_alloc(10); + if (!transport_lookup("*", wildcard_channel, wildcard_nexthop)) { + vstring_free(wildcard_channel); + vstring_free(wildcard_nexthop); + } + if (msg_verbose) { + msg_info("wildcard_{chan,hop}={%s %s}", + vstring_str(wildcard_channel), vstring_str(wildcard_nexthop)); + } } /* transport_lookup - map a transport domain */ @@ -94,6 +111,7 @@ int transport_lookup(const char *domain, VSTRING *channel, VSTRING *nexthop) char *saved_value; char *transport; int found = 0; + int null_found = 0; #define FULL 0 #define PARTIAL DICT_FLAG_FIXED @@ -105,7 +123,9 @@ int transport_lookup(const char *domain, VSTRING *channel, VSTRING *nexthop) /* * Keep stripping domain components until nothing is left or until a - * matching entry is found. + * matching entry is found. If a NULL entry (either no RHS, or ':'), + * then pretend we got no match, and return. If we really got no match, + * then return the wildcard transport, if any. * * After checking the full name, check for .upper.domain, to distinguish * between the upper domain and it's decendants, ala sendmail and tcp @@ -117,11 +137,17 @@ int transport_lookup(const char *domain, VSTRING *channel, VSTRING *nexthop) * Specify if a key is partial or full, to avoid matching partial keys with * regular expressions. */ - for (name = low_domain; /* void */; name = next) { + for (name = low_domain; /* void */ ; name = next) { if ((value = maps_find(transport_path, name, maps_flag)) != 0) { saved_value = mystrdup(value); - if ((host = split_at(saved_value, ':')) == 0 || *host == 0) + if ((host = split_at(saved_value, ':')) == 0 || *host == 0) { + if (*saved_value == 0) { + myfree(saved_value); + null_found = 1; + break; + } host = domain; + } if (*(transport = saved_value) == 0) transport = var_def_transport; vstring_strcpy(channel, transport); @@ -143,5 +169,14 @@ int transport_lookup(const char *domain, VSTRING *channel, VSTRING *nexthop) maps_flag = PARTIAL; } myfree(low_domain); + + if (wildcard_channel && !null_found) { + vstring_strcpy(channel, vstring_str(wildcard_channel)); + if (vstring_str(wildcard_nexthop)) + vstring_strcpy(nexthop, vstring_str(wildcard_nexthop)); + else + vstring_strcpy(nexthop, domain); + found = 1; + } return (found); } diff --git a/postfix/src/trivial-rewrite/transport.h b/postfix/src/trivial-rewrite/transport.h index 2747ec215..2ebe3def4 100644 --- a/postfix/src/trivial-rewrite/transport.h +++ b/postfix/src/trivial-rewrite/transport.h @@ -17,6 +17,7 @@ * External interface. */ extern void transport_init(void); +extern void transport_wildcard_init(void); extern int transport_lookup(const char *, VSTRING *, VSTRING *); /* LICENSE diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c index 71dc8b2f1..1411d7b0e 100644 --- a/postfix/src/trivial-rewrite/trivial-rewrite.c +++ b/postfix/src/trivial-rewrite/trivial-rewrite.c @@ -220,6 +220,11 @@ static void pre_jail_init(char *unused_name, char **unused_argv) transport_init(); } +static void post_jail_init(char *unused_name, char **unused_argv) +{ + transport_wildcard_init(); +} + /* main - pass control to the multi-threaded skeleton code */ int main(int argc, char **argv) @@ -241,6 +246,7 @@ int main(int argc, char **argv) MAIL_SERVER_STR_TABLE, str_table, MAIL_SERVER_BOOL_TABLE, bool_table, MAIL_SERVER_PRE_INIT, pre_jail_init, + MAIL_SERVER_POST_INIT, post_jail_init, MAIL_SERVER_PRE_ACCEPT, pre_accept, 0); } diff --git a/postfix/src/util/attr_scan0.c b/postfix/src/util/attr_scan0.c index ea4cf8808..0ccfc040f 100644 --- a/postfix/src/util/attr_scan0.c +++ b/postfix/src/util/attr_scan0.c @@ -161,7 +161,8 @@ static int attr_scan0_string(VSTREAM *fp, VSTRING *plain_buf, const char *contex int ch; if ((ch = vstring_get_null(plain_buf, fp)) == VSTREAM_EOF) { - msg_warn("premature end-of-input from %s while reading %s", + msg_warn("%s on %s while reading %s", + vstream_ftimeout(fp) ? "timeout" : "premature end-of-input", VSTREAM_PATH(fp), context); return (-1); } diff --git a/postfix/src/util/attr_scan64.c b/postfix/src/util/attr_scan64.c index d8631ef1c..0c38c5ea5 100644 --- a/postfix/src/util/attr_scan64.c +++ b/postfix/src/util/attr_scan64.c @@ -170,7 +170,8 @@ static int attr_scan64_string(VSTREAM *fp, VSTRING *plain_buf, const char *conte VSTRING_RESET(base64_buf); while ((ch = VSTREAM_GETC(fp)) != ':' && ch != '\n') { if (ch == VSTREAM_EOF) { - msg_warn("premature end-of-input from %s while reading %s", + msg_warn("%s on %s while reading %s", + vstream_ftimeout(fp) ? "timeout" : "premature end-of-input", VSTREAM_PATH(fp), context); return (-1); } diff --git a/postfix/src/util/dict_db.c b/postfix/src/util/dict_db.c index 9eeb3a780..004e65793 100644 --- a/postfix/src/util/dict_db.c +++ b/postfix/src/util/dict_db.c @@ -104,8 +104,17 @@ typedef struct { DB *db; /* open db file */ } DICT_DB; -#define DICT_DB_CACHE_SIZE (1024 * 1024) + /* + * db_mpool_size is initialized when the first database is opened. The + * parameter can be preempted by setting db_mpool_size != 0 before calling + * dict_hash_open() or dict_btree_open(). This is done in mkmap_db_open() + * via "db_mkmap_mpool_size" to set a larger memory pool for database + * rebuilds. + */ +#define VAR_MPOOL_SIZE "db_mpool_size" +#define DEF_MPOOL_SIZE 262144 /* 256K default memory pool */ #define DICT_DB_NELM 4096 +int db_mpool_size; #if DB_VERSION_MAJOR > 1 @@ -138,6 +147,86 @@ static int sanitize(int status) #endif +#if DB_VERSION_MAJOR > 1 + +static DB_ENV *dict_db_env; +static int dict_db_refcount; + +static int dict_db_env_alloc(DB_ENV ** env) +{ + int err; + + /* + * Allocate a new environment if this is the first database. Bump the + * reference count so we can deallocate the environment when the last + * database is closed. + */ + if (dict_db_env != 0) { + ++dict_db_refcount; + *env = dict_db_env; + return 0; + } +#if DB_VERSION_MAJOR == 2 +#define DICT_DB_ENV_FLAGS (DB_CREATE|DB_INIT_MPOOL|DB_MPOOL_PRIVATE) + + dict_db_env = (DB_ENV *) mymalloc(sizeof(DB_ENV)); + memset((char *) dict_db_env, 0, sizeof(DB_ENV)); + dict_db_env->mp_size = db_mpool_size; + + if ((err = db_appinit(0, 0, dict_db_env, DICT_DB_ENV_FLAGS)) != 0) { + myfree((char *) dict_db_env); + dict_db_env = 0; + return err; + } +#endif /* DB_VERSION_MAJOR == 2 */ + +#if DB_VERSION_MAJOR > 2 +#define DICT_DB_ENV_FLAGS (DB_CREATE|DB_INIT_MPOOL|DB_PRIVATE) + + err = db_env_create(&dict_db_env, 0); + if (err == 0) + err = dict_db_env->set_cachesize(dict_db_env, 0, db_mpool_size, 1); + if (err == 0) + err = dict_db_env->open(dict_db_env, 0, DICT_DB_ENV_FLAGS, 0644); + + if (err != 0) { + if (dict_db_env) + dict_db_env->close(dict_db_env, 0); + dict_db_env = 0; + return err; + } +#endif /* DB_VERSION_MAJOR > 2 */ + + ++dict_db_refcount; + *env = dict_db_env; + return 0; +} + +static void dict_db_env_free(void) +{ + + /* + * Deallocate a database within the environment Free the environment when + * the last database is closed + */ + +#if DB_VERSION_MAJOR == 2 + if (dict_db_env && dict_db_refcount > 0 && --dict_db_refcount == 0) { + db_appexit(dict_db_env); + dict_db_env = 0; + } +#endif + +#if DB_VERSION_MAJOR > 2 + if (dict_db_env && dict_db_refcount > 0 && --dict_db_refcount == 0) { + dict_db_env->close(dict_db_env, 0); + dict_db_env = 0; + } +#endif +} + +#endif /* DB_VERSION_MAJOR > 1 */ + /* dict_db_lookup - find database entry */ static const char *dict_db_lookup(DICT *dict, const char *name) @@ -417,6 +506,11 @@ static void dict_db_close(DICT *dict) msg_fatal("flush database %s: %m", dict_db->dict.name); if (DICT_DB_CLOSE(dict_db->db) < 0) msg_fatal("close database %s: %m", dict_db->dict.name); + +#if DB_VERSION_MAJOR > 1 + dict_db_env_free(); +#endif + dict_free(dict); } @@ -434,6 +528,7 @@ static DICT *dict_db_open(const char *class, const char *path, int open_flags, #if DB_VERSION_MAJOR > 1 int db_flags; + DB_ENV *env; #endif @@ -493,7 +588,9 @@ static DICT *dict_db_open(const char *class, const char *path, int open_flags, db_flags |= DB_CREATE; if (open_flags & O_TRUNC) db_flags |= DB_TRUNCATE; - if ((errno = db_open(db_path, type, db_flags, 0644, 0, tweak, &db)) != 0) + if ((errno = dict_db_env_alloc(&env)) != 0) + msg_fatal("create DB environment: %m"); + if ((errno = db_open(db_path, type, db_flags, 0644, env, tweak, &db)) != 0) msg_fatal("open database %s: %m", db_path); if (db == 0) msg_panic("db_open null result"); @@ -512,12 +609,12 @@ static DICT *dict_db_open(const char *class, const char *path, int open_flags, db_flags |= DB_CREATE; if (open_flags & O_TRUNC) db_flags |= DB_TRUNCATE; - if ((errno = db_create(&db, 0, 0)) != 0) + if ((errno = dict_db_env_alloc(&env)) != 0) + msg_fatal("create DB environment: %m"); + if ((errno = db_create(&db, env, 0)) != 0) msg_fatal("create DB database: %m"); if (db == 0) msg_panic("db_create null result"); - if ((errno = db->set_cachesize(db, 0, DICT_DB_CACHE_SIZE, 0)) != 0) - msg_fatal("set DB cache size %d: %m", DICT_DB_CACHE_SIZE); if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0) msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM); if ((errno = db->open(db, db_path, 0, type, db_flags, 0644)) != 0) @@ -570,22 +667,31 @@ DICT *dict_hash_open(const char *path, int open_flags, int dict_flags) #if DB_VERSION_MAJOR < 2 HASHINFO tweak; - memset((char *) &tweak, 0, sizeof(tweak)); - tweak.nelem = DICT_DB_NELM; - tweak.cachesize = DICT_DB_CACHE_SIZE; #endif #if DB_VERSION_MAJOR == 2 DB_INFO tweak; - memset((char *) &tweak, 0, sizeof(tweak)); - tweak.h_nelem = DICT_DB_NELM; - tweak.db_cachesize = DICT_DB_CACHE_SIZE; #endif #if DB_VERSION_MAJOR > 2 void *tweak; - tweak = 0; #endif + + /* Set the mpool size if not already set in mkmap_db_open() */ + if (db_mpool_size == 0) + db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0); + + memset((char *) &tweak, 0, sizeof(tweak)); + +#if DB_VERSION_MAJOR < 2 + tweak.nelem = DICT_DB_NELM; + tweak.cachesize = db_mpool_size; +#endif +#if DB_VERSION_MAJOR == 2 + tweak.h_nelem = DICT_DB_NELM; + tweak.db_cachesize = 0; +#endif + return (dict_db_open(DICT_TYPE_HASH, path, open_flags, DB_HASH, (void *) &tweak, dict_flags)); } @@ -597,19 +703,24 @@ DICT *dict_btree_open(const char *path, int open_flags, int dict_flags) #if DB_VERSION_MAJOR < 2 BTREEINFO tweak; - memset((char *) &tweak, 0, sizeof(tweak)); - tweak.cachesize = DICT_DB_CACHE_SIZE; #endif #if DB_VERSION_MAJOR == 2 DB_INFO tweak; - memset((char *) &tweak, 0, sizeof(tweak)); - tweak.db_cachesize = DICT_DB_CACHE_SIZE; #endif #if DB_VERSION_MAJOR > 2 void *tweak; - tweak = 0; +#endif + + /* Set the mpool size if not already set in mkmap_db_open() */ + if (db_mpool_size == 0) + db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0); + + memset((char *) &tweak, 0, sizeof(tweak)); + +#if DB_VERSION_MAJOR < 2 + tweak.cachesize = db_mpool_size; #endif return (dict_db_open(DICT_TYPE_BTREE, path, open_flags, DB_BTREE, diff --git a/postfix/src/util/dict_dbm.c b/postfix/src/util/dict_dbm.c index 23e1d58d2..8949a8cbf 100644 --- a/postfix/src/util/dict_dbm.c +++ b/postfix/src/util/dict_dbm.c @@ -406,6 +406,8 @@ DICT *dict_dbm_open(const char *path, int open_flags, int dict_flags) dict_dbm->dict.close = dict_dbm_close; dict_dbm->dict.lock_fd = dbm_dirfno(dbm); dict_dbm->dict.stat_fd = dbm_pagfno(dbm); + if (dict_dbm->dict.lock_fd == dict_dbm->dict.stat_fd) + msg_fatal("open database %s: cannot support GDBM", path); if (fstat(dict_dbm->dict.stat_fd, &st) < 0) msg_fatal("dict_dbm_open: fstat: %m"); dict_dbm->dict.mtime = st.st_mtime; diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index 19d10d617..37a4d8acf 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -52,11 +52,11 @@ #define STATFS_IN_SYS_MOUNT_H #define HAS_POSIX_REGEXP #define HAS_ST_GEN /* struct stat contains inode generation number */ -#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) @@ -99,11 +99,11 @@ #define PRINTFLIKE(x,y) #define SCANFLIKE(x,y) #define HAS_NETINFO -#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -152,9 +152,9 @@ extern int h_errno; #define DUP2_DUPS_CLOSE_ON_EXEC #define MISSING_USLEEP #define NO_HERRNO -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" -#define DEF_COMMAND_DIR "/usr/etc" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_COMMAND_DIR "/usr/etc" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -221,11 +221,11 @@ extern int opterr; #define STATFS_IN_SYS_VFS_H #define memmove(d,s,l) bcopy(s,d,l) #define NO_HERRNO -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" -#define DEF_MAILQ_PATH "/usr/ucb/mailq" -#define DEF_NEWALIAS_PATH "/usr/ucb/newaliases" -#define DEF_COMMAND_DIR "/usr/etc" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_MAILQ_PATH "/usr/ucb/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/ucb/newaliases" +#define NATIVE_COMMAND_DIR "/usr/etc" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -260,11 +260,14 @@ extern int opterr; #define LOCAL_CONNECT stream_connect #define LOCAL_TRIGGER stream_trigger #define HAS_VOLATILE_LOCKS -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +/* + * Allow build environment to override paths. + */ +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -353,11 +356,11 @@ extern int opterr; #define USE_STATVFS #define STATVFS_IN_SYS_STATVFS_H #define STRCASECMP_IN_STRINGS_H -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" -#define DEF_MAILQ_PATH "/usr/sbin/mailq" -#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_MAILQ_PATH "/usr/sbin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/sbin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif #ifdef AIX4 @@ -392,11 +395,11 @@ extern int seteuid(uid_t); extern int setegid(gid_t); extern int initgroups(const char *, int); #endif -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" -#define DEF_MAILQ_PATH "/usr/sbin/mailq" -#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_MAILQ_PATH "/usr/sbin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/sbin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif @@ -430,7 +433,7 @@ extern time_t time(time_t *); extern int seteuid(uid_t); extern int setegid(gid_t); extern int initgroups(const char *, int); -#define DEF_SENDMAIL_PATH "/usr/lib/sendmail" +#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail" #endif @@ -494,11 +497,11 @@ extern int initgroups(const char *, int); #define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT #define PREPEND_PLUS_TO_OPTSTRING #define HAS_POSIX_REGEXP -#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -532,11 +535,11 @@ extern int h_errno; /* imports too much stuff */ #define USE_STATFS #define STATFS_IN_SYS_VFS_H #define HAS_POSIX_REGEXP -#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif #ifdef HPUX10 @@ -567,11 +570,11 @@ extern int h_errno; /* imports too much stuff */ #define USE_STATFS #define STATFS_IN_SYS_VFS_H #define HAS_POSIX_REGEXP -#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_COMMAND_DIR "/usr/sbin" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_COMMAND_DIR "/usr/sbin" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif #ifdef HPUX9 @@ -604,10 +607,10 @@ extern int h_errno; #define USE_STATFS #define STATFS_IN_SYS_VFS_H #define HAS_POSIX_REGEXP -#define DEF_SENDMAIL_PATH "/usr/bin/sendmail" -#define DEF_MAILQ_PATH "/usr/bin/mailq" -#define DEF_NEWALIAS_PATH "/usr/bin/newaliases" -#define DEF_DAEMON_DIR "/usr/libexec/postfix" +#define NATIVE_SENDMAIL_PATH "/usr/bin/sendmail" +#define NATIVE_MAILQ_PATH "/usr/bin/mailq" +#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases" +#define NATIVE_DAEMON_DIR "/usr/libexec/postfix" #endif /* @@ -809,6 +812,39 @@ extern int h_errno; */ #ifndef SUPPORTED #error "unsupported platform" +#endif + + /* + * Allow command line flags to override native settings + */ +#ifndef DEF_COMMAND_DIR +#ifdef NATIVE_COMMAND_DIR +#define DEF_COMMAND_DIR NATIVE_COMMAND_DIR +#endif +#endif + +#ifndef DEF_DAEMON_DIR +#ifdef NATIVE_DAEMON_DIR +#define DEF_DAEMON_DIR NATIVE_DAEMON_DIR +#endif +#endif + +#ifndef DEF_SENDMAIL_PATH +#ifdef NATIVE_SENDMAIL_PATH +#define DEF_SENDMAIL_PATH NATIVE_SENDMAIL_PATH +#endif +#endif + +#ifndef DEF_MAILQ_PATH +#ifdef NATIVE_MAILQ_PATH +#define DEF_MAILQ_PATH NATIVE_MAILQ_PATH +#endif +#endif + +#ifndef DEF_NEWALIAS_PATH +#ifdef NATIVE_NEWALIAS_PATH +#define DEF_NEWALIAS_PATH NATIVE_NEWALIAS_PATH +#endif #endif #define CAST_CHAR_PTR_TO_INT(cptr) ((int) (long) (cptr)) diff --git a/postfix/src/virtual/Makefile.in b/postfix/src/virtual/Makefile.in index 8bf523ed3..40b501a0b 100644 --- a/postfix/src/virtual/Makefile.in +++ b/postfix/src/virtual/Makefile.in @@ -51,7 +51,7 @@ depend: $(MAKES) $(CC) -E $(DEFS) $(INCL) $$i | sed -n -e '/^# *1 *"\([^"]*\)".*/{' \ -e 's//'`echo $$i|sed 's/c$$/o/'`': \1/' -e 'p' -e '}'; \ done) | grep -v '[.][o][:][ ][/]' >$$$$ && mv $$$$ Makefile.in - @make -f Makefile.in Makefile + @$(EXPORT) @make -f Makefile.in Makefile # do not edit below this line - it is generated by 'make depend' deliver_attr.o: deliver_attr.c