mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 13:18:12 +00:00
Code Issues Releases Wiki Activity

postfix-2.4.0

Browse Source
This commit is contained in:
Wietse Venema 2007-03-28 00:00:00 -05:00 committed by Viktor Dukhovni
parent 39195f053d
commit 453b66fac7
15 changed files with 351 additions and 559 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

260
postfix/HISTORY
View File

@ -13396,263 +13396,3 @@ Apologies for any names omitted.
Workaround: Eric Raymond's man page formatters don't handle
low-level *roff .in or .ti controls. We now use .nf and .fi
instead. Files: many.
Wish list:
Remove defer(8) and trace(8) references and man pages. These
are services not program names.
Bind all deliveries to the same local delivery process,
making Postfix perform as poorly as monolithic mailers,
but giving a possibility to eliminate duplicate deliveries.
Maybe declare loop when resolve_local(mxhost) is true?
Update message content length when adding/removing headers.
Need scache size limit.
Update BACKSCATTER_README to use PCRE because that's what I
am using now.
Make postcat header/body aware so people can grep headers.
Make postmap header/body aware so people can test multi-line
header checks.
REDIRECT should override original recipient info, and
probably override DSN as well.
Find out if with Sendmail, a Milter "add recipient" request
results in NOTIFY=NONE as Postfix does now.
Update FILTER_README with mailing list suggestions to tag
with a badness indicator and then filter down-stream.
Either document or remove the internal_mail_filter_classes
feature (it's disabled by default).
Build a command-line test driver for the cleanup engine.
This allows us to test it with arbitrary record sequences
without having to use a live mail queue.
Make null local-part handling configurable: either expand
into mailer-daemon (current bahavior) or disallow (strict
behavior, currently implemented only in the SMTP server).
The type of var_message_limit should be changed from int
to long or better, to take advantage of LP64 architectures.
This also requires checking all expressions in which
var_message_limit appears.
Add M flag (enable multi-recipient delivery) to pipe daemon.
The usage of TLScontext->cache_type is unclear. It specifies
a TLS session cache type (smtpd, smtp, or lmtp), but it is
sometimes used as an indicator that TLS session caching is
unavailable. In reality, that decision is made by not
registering call-back functions for cache maintenance.
Postfix TLS library code should copy any strings that it
receives from the application, instead of passing them
around as pointers. TLScontext->cache_type is a case in
point.
Are transport:nexthop null fields the same as in the case
of default_transport etc. parameters?
Don't lose bits when converting st_dev into maildir file
name. It's 64 bits on Linux. Found with the BEAM source
code analyzer. Is this really a problem, or are they just
using 64 bits for upwards compatibility with LP64 systems?
Do or don't introduce unknown_reverse_client_reject_code.
Check that "UINT32 == unsigned int" choice is ok (i.e. LP64
UNIX).
Tempfail when a Milter application wants content access,
while it is configured in an SMTP server that runs before
the smtpd_proxy filter.
Log DSN original recipient when rejecting mail.
Keep whitespace between label and ":"?
Make the map case folding/locking options configurable, if
not at run-time then at least at compile time so we get
consistent behavior across applications.
Investigate what it would take to eliminate oqmgr, and to
make the old behavior configurable in a unified queue
manager. This would shave another 2.7 KLOC from the source
footprint.
Document the case folding strategy for match_list like
features.
Eliminate the (incoming,deferred)->active rename operation.
Softbounce fallback-to-ISP for SOHO users. This requires
playing with the soft_error test in the smtp_trouble.c
module, and avoiding delivery to backup MX hosts.
In the SMTP server, set a "pipelining detected" flag at the
start of a session and at protocol synchronization points,
so that reject_unauth_pipelining can be specified in any
access rule.
Centralize main.cf parameter input so that defaults work
consistently. What about parameter names that are prefixed
with mail delivery transport names?
Fix default time unit handling so that we can have a default
bounce lifetime of $maximal_queue_lifetime, without causing
panics when a non-default maximal_queue_lifetime setting
includes no time unit.
After the 20051222 ISASCII paranoia, lowercase() lowercases
ASCII text only.
Privacy: remove local command/pathname details from remote
delivery status reports, and log them via local msg_warn().
Is it safe to cache a connection after it has been used for
more than some number of address verification probes?
Try to recognize that Resent- headers appear in blocks,
newest block first. But don't break on incorrect header
block organization.
Hard limits on cache sizes (anvil, specifically).
Laptop friendliness: make the qmgr remember when the next
deferred queue scan needs to be done, and have the pickup
server stat() the maildrop directory before searching it.
Low: replace_sender/replace_recipient actions in access
maps?
Low: configurable order of local(8) delivery methods.
Med: local and remote source port and IP address for smtpd
policy hook.
Med: smtp_connect_timeout_budget (default: 3x smtp_connect_timeout)
to limit the total time spent trying to connect.
Med: transform IPv4-in-IPv6 address literals to IPv4 form
when comparing against local IP addresses?
Med: transform IPv4-in-IPv6 address literals to IPv4 form
when eliminating MX mailer loops?
Med: Postfix requires [] around IPv6 address information
in match lists such as mynetworks, debug_peer_list etc.,
but the [] must not be specified in access(5) maps. Other
places don't care. For now, this gotcha is documented in
IPV6_README and in postconf(5) with each feature that may
use IPv6 address information. The general recommendation
is not to use [] unless absolutely necessary.
Med: the partial address matching of IPv6 addresses in
access(5) maps is a bit lame: it repeatedly truncates the
last ":octetpair" from the printable address representation
until a match is found or until truncation is no longer
possible. Since one or more ":" are usually omitted from
the printable IPv6 address representation, this does not
really try all the possibilities that one might expect to
be tried. For now, this gotcha is documented in access(5).
Med: the TLS certificate verification depth parameters never
worked.
Low: reject HELO with any domain name or IP address that
this MTA is the final destination for.
Low: should the Delivered-To: test in local(8) be configurable?
Low: make mail_addr_find() lookup configurable.
Low: update events.c so that 1-second timer requests do not
suffer from rounding errors. This is needed for 1-second
SMTP session caching time limits. A 1-second interval would
become arbitrarily short when an event is scheduled just
before the current second rolls over.
Low: configurable internal/system locking method.
Low: add INSTALL section for pre-existing Postfix systems.
Low: add INSTALL section for pre-existing RPM Postfixes.
Low: disallow smtpd_recipient_limit < 100 (the RFC minimum).
Low: noise filter: allow smtp(8) to retry immediately if
all MXes return a quick ECONNRESET or 4xx reply during the
initial handshake. Retry once? How many times?
Low: make post-install a "postfix-only script" so it can
take data from the environment instead of main.cf.
Low: randomize deferred mail backoff.
Med: separate ulimit for delivery to command?
Med: option to open queue file early, after MAIL FROM. This
would allow correlation of rejected RCPT TO requests with
accepted requests for the same mail transaction.
Med: postsuper -r should do something with recipients in
bounce logfiles, to make sure the sender will be notified.
To be perfectly safe, no process other than the queue manager
should move a queue file away from the active queue.
This could involve tagging a queue file, and use up another
permission bit (postsuper tags a "hot" file, qmgr requeues it).
Low: postsuper re-run after renaming files, but only a
limited number of times.
Low: smtp-source may block when sending large test messages.
Med: find a way to log the sender address when MAIL FROM
is rejected due to lack of disk space.
Low: revise other local delivery agent duplicate filters.
Low: all table lookups should consistently use internalized
(unquoted) or externalized (quoted) forms as lookup keys.
smtpd, qmgr, local, etc. use unquoted address forms as keys.
cleanup uses quoted forms.
Low: have a configurable list of errno values for mailbox
or maildir delivery that result in deferral rather than
bouncing mail. What about "killed by signal" exits?
Low: after reorganizing configuration parameters, add flags
to all parameters whose value can be read from file.
Medium: need in-process caching for map lookups. LDAP servers
seem to need this in particular. Need a way to expire cached
results that are too old.
Low: generic showq protocol, to allow for more intelligent
processing than just mailq. Maybe marry this with postsuper.
Low: default domain for appending to unqualified recipients,
so that unqualified names can be delivered locally.
Low: The $process_id_directory setting is not used anywhere
in Postfix. Problem reported by Michael Smith, texas.net.
This should be documented, or better, the code should warn
about attempts to set read-only parameters.
Low: postconf -e edits parameters that postconf won't list.
Low: while converting 8bit text to quoted-printable, perhaps
use =46rom to avoid having to produce >From when delivering
to mailbox.
virtual_mailbox_path expression like forward_path, so that
people can specify prefix and suffix.

40
postfix/README_FILES/BACKSCATTER_README
View File

@ -4,7 +4,11 @@ PPoossttffiixx BBaacckkssccaatttteerr HHoowwttoo
OOvveerrvviieeww
This document describes features that require Postfix version 2.0 or later.
This document describes features that require Postfix version 2.0 or later. The
examples use Perl Compatible Regular Expressions (Postfix pcre: tables), but
also provide a translation to POSIX regular expressions (Postfix regexp:
tables). PCRE is preferred primarily because the implementation is often
faster.
Topics covered in this document:
@ -97,8 +101,8 @@ To block such backscatter I use header_checks and body_checks patterns like
this:
/etc/postfix/main.cf:
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
/etc/postfix/header_checks:
if /^Received:/
@ -107,7 +111,7 @@ this:
/^Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)
(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^Received:.* +by +(porcupine\.org)[[:>:]]/
/^Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^Message-ID:.* <!&!/ DUNNO
@ -121,7 +125,7 @@ this:
/^[> ]*Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)
(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^[> ]*Received:.* +by +(porcupine\.org)[[:>:]]/
/^[> ]*Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^[> ]*Message-ID:.* <!&!/ DUNNO
@ -130,6 +134,9 @@ this:
Notes:
* The example uses pcre: tables mainly for speed; with minor modifications,
you can use regexp: tables as explained below.
* The example is simplified for educational purposes. In reality my patterns
list multiple domain names, as "(domain|domain|...)".
@ -139,8 +146,9 @@ Notes:
* The "\(" and "\)" match "(" and ")" literally. Without the "\", the "(" and
")" would be grouping operators.
* The "[[:>:]]" matches the end of a word. On some systems you should specify
"\>" instead. For details see your system documentation.
* The "\b" is used here to match the end of a word. If you use regexp:
tables, specify "[[:>:]]" (on some systems you should specify "\>" instead;
for details see your system documentation).
* The "if /pattern/" and "endif" eliminate unnecessary matching attempts. DO
NOT indent lines starting with /pattern/ between the "if" and "endif"!
@ -202,25 +210,29 @@ the backscatter mail that I get claims to be sent from these addresses. Such
mail is obviously forged and is very easy to stop.
/etc/postfix/main.cf:
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
/etc/postfix/header_checks:
/^(From|Return-Path):.*[[:<:]](user@domain\.tld)[[:>:]]/
/^(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
/etc/postfix/body_checks:
/^[> ]*(From|Return-Path):.*[[:<:]](user@domain\.tld)[[:>:]]/
/^[> ]*(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
Notes:
* The example uses pcre: tables mainly for speed; with minor modifications,
you can use regexp: tables as explained below.
* The example is simplified for educational purposes. In reality, my patterns
list multiple email addresses as "(user1@domain1\.tld|user2@domain2\.tld)".
* The "[[:<:]]" and "[[:>:]]" match the beginning and end of a word,
respectively. On some systems you should specify "\<" and "\>" instead. For
details see your system documentation.
* The two "\b" as used in "\b(user@domain\.tld)\b" match the beginning and
end of a word, respectively. If you use regexp: tables, specify "[[:<:]]
and [[:>:]]" (on some systems you should specify "\< and \>" instead; for
details see your system documentation).
* The "\." matches "." literally. Without the "\", the "." would match any
character.

11
postfix/README_FILES/OVERVIEW
View File

@ -209,12 +209,13 @@ queues.
Network -> smtpd(8) <-> anvil(8)
* The bounce(8), defer(8) and trace(8) servers each maintain their own queue
directory trees with per-message logfiles. This information is used to send
delivery or non-delivery notifications to the sender.
* The bounce(8), defer(8) and trace(8) services each maintain their own queue
directory trees with per-message logfiles. Postfix uses this information
when sending "failed", "delayed" or "success" delivery status notifications
to the sender.
The trace(8) service implements support for the Postfix "sendmail -bv" and
"sendmail -v" commands which produce reports about how Postfix delivers
The trace(8) service also implements support for the Postfix "sendmail -bv"
and "sendmail -v" commands which produce reports about how Postfix delivers
mail, and is available with Postfix version 2.1 and later. See DEBUG_README
for examples.

46
postfix/RELEASE_NOTES
View File

@ -14,6 +14,8 @@ specifies the release date of a stable release or snapshot release.
Major changes - critical
------------------------
See RELEASE_NOTES-2.3 if you upgrade from Postfix 2.2 or earlier.
[Incompat 20070122] To take advantage of the new support for BSD
kqueue, Linux epoll, or Solaris /dev/poll, you must restart (not
reload) Postfix after upgrading from Postfix 2.3.
@ -42,8 +44,8 @@ creates mailbox dotlock files on all systems. This prevents problems
with GNU POP3D which subverts kernel locking by creating a new
mailbox file and deleting the old one.
Major changes - milter
----------------------
Major changes - Milter support
------------------------------
[Feature 20070121] The support for Milter header modification
requests was revised. With minimal change in the on-disk representation,
@ -55,8 +57,13 @@ format is entirely backwards compatible with Postfix 2.3.
body. Postfix now implements all the header/body modification
requests that are available with Sendmail 8.13.
Major changes - tls
-------------------
[Incompat 20070116] A new field is added to the queue file "size"
record that specifies the message content length. Postfix 2.3 and
older Postfix 2.4 snapshots will ignore this field, and will report
the message size as it was before the body was replaced.
Major changes - TLS support
---------------------------
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
@ -113,35 +120,34 @@ default_recipient_refill_delay (how long to wait between refill
operations). These two parameters act as defaults for optional
per-transport settings.
Major changes - delivery status notification
--------------------------------------------
Major changes - delivery status notifications
---------------------------------------------
[Incompat 20061209] Small changes were made to the default bounce
message templates, to prevent HTML-aware software from hiding or
removing the text "<postmaster>", and producing misleading text.
[Incompat 20060806] [Incompat 20060806] Postfix no longer announces
its name in delivery status notifications. Users believe that
Wietse provides a free help desk service that solves all their email
problems.
[Incompat 20060806] Postfix no longer announces its name in delivery
status notifications. Users believe that Wietse provides a free
help desk service that solves all their email problems.
Major changes - etrn
--------------------
Major changes - ETRN support
----------------------------
[Feature 20061217] More precise queue flushing with the ETRN,
"postqueue -s site", and "sendmail -qRsite" commands, after
minimization of race conditions. New per-queue-file flushing with
"postqueue -i queueid" and "sendmail -qIqueueid".
Major changes - small office/home office
----------------------------------------
Major changes - small office/home office support
------------------------------------------------
[Incompat 20061217] Postfix no longer requires a domain name. It
uses "localdomain" as the default Internet domain name when no
domain is specified via main.cf or via the machine's hostname.
Major changes - access control
------------------------------
Major changes - SMTP access control
-----------------------------------
[Incompat 20061214] The check_smtpd_policy client sends TLS certificate
attributes (client ccert_subject, ccert_issuer) only after successful
@ -190,11 +196,3 @@ on/off configurable. This introduces new parameters: smtp_pix_workarounds
(default: disable_esmtp, delay_dotcrlf) and smtp_pix_workaround_maps
(workarounds indexed by server IP address). The default settings
are backwards compatible.
Major changes - other
---------------------
[Incompat 20070116] A new field is added to the queue file "size"
record that specifies the message content length. Postfix 2.3 and
older Postfix 2.4 versions will ignore this field, and will report
the message size as it was before the body was replaced.

0
postfix/RELEASE_NOTES_2.3 → postfix/RELEASE_NOTES-2.3
View File

5
postfix/TODO
View File

@ -1,5 +0,0 @@
What needs to be done before Postfix 2.4.0 is finished:
- Update BACKSCATTER_README with PCRE rules.
- Truncate wish list from HISTORY.

203
postfix/conf/header_checks
View File

@ -66,70 +66,75 @@
# time, even when a message header spans multiple lines.
# Body lines are always examined one line at a time.
#
# COMPATIBILITY
# With Postfix version 2.2 and earlier specify "postmap -fq"
# to query a table that contains case sensitive patterns. By
# default, regexp: and pcre: patterns are case insensitive.
#
# TABLE FORMAT
# This document assumes that header and body_checks rules
# are specified in the form of Postfix regular expression
# lookup tables. Usually the best performance is obtained
# This document assumes that header and body_checks rules
# are specified in the form of Postfix regular expression
# lookup tables. Usually the best performance is obtained
# with pcre (Perl Compatible Regular Expression) tables, but
# the slower regexp (POSIX regular expressions) support is
# more widely available. Use the command "postconf -m" to
# find out what lookup table types your Postfix system sup-
# the slower regexp (POSIX regular expressions) support is
# more widely available. Use the command "postconf -m" to
# find out what lookup table types your Postfix system sup-
# ports.
#
# The general format of Postfix regular expression tables is
# given below. For a discussion of specific pattern or
# flags syntax, see pcre_table(5) or regexp_table(5),
# given below. For a discussion of specific pattern or
# flags syntax, see pcre_table(5) or regexp_table(5),
# respectively.
#
# /pattern/flags action
# When pattern matches the input string, execute the
# corresponding action. See below for a list of pos-
# When pattern matches the input string, execute the
# corresponding action. See below for a list of pos-
# sible actions.
#
# !/pattern/flags action
# When pattern does not match the input string, exe-
# When pattern does not match the input string, exe-
# cute the corresponding action.
#
# if /pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the same input string
# if and endif, if and only if the same input string
# also matches pattern. The if..endif can nest.
#
# Note: do not prepend whitespace to patterns inside
# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# if !/pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the same input string
# if and endif, if and only if the same input string
# does not match pattern. The if..endif can nest.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A pattern/action line starts with non-whitespace
# text. A line that starts with whitespace continues
# A pattern/action line starts with non-whitespace
# text. A line that starts with whitespace continues
# a logical line.
#
# TABLE SEARCH ORDER
# For each line of message input, the patterns are applied
# in the order as specified in the table. When a pattern is
# found that matches the input line, the corresponding
# action is executed and then the next input line is
# For each line of message input, the patterns are applied
# in the order as specified in the table. When a pattern is
# found that matches the input line, the corresponding
# action is executed and then the next input line is
# inspected.
#
# TEXT SUBSTITUTION
# Substitution of substrings from the matched expression
# into the action string is possible using the conventional
# Perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# Substitution of substrings from the matched expression
# into the action string is possible using the conventional
# Perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# aren't followed by whitespace.
#
# Note: since negated patterns (those preceded by !) return
# Note: since negated patterns (those preceded by !) return
# a result when the expression does not match, substitutions
# are not available for negated patterns.
#
@ -138,12 +143,12 @@
# case for consistency with other Postfix documentation.
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients. To discard only one recip-
# ient without discarding the entire message, use the
# transport(5) table to direct mail to the discard(8)
@ -151,49 +156,49 @@
#
# This feature is available in Postfix 2.0 and later.
#
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# can be used to shorten the table search.
#
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# as DUNNO.
#
# This feature is available in Postfix 2.1 and later.
#
# FILTER transport:destination
# Write a content filter request to the queue file,
# and inspect the next input line. After the com-
# plete message is received it will be sent through
# Write a content filter request to the queue file,
# and inspect the next input line. After the com-
# plete message is received it will be sent through
# the specified external content filter. More infor-
# mation about external content filters is in the
# mation about external content filters is in the
# Postfix FILTER_README file.
#
# Note: this action overrides the content_filter set-
# ting, and affects all recipients of the message. In
# the case that multiple FILTER actions fire, only
# the case that multiple FILTER actions fire, only
# the last one is executed.
#
# This feature is available in Postfix 2.0 and later.
#
# HOLD optional text...
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# text if specified, otherwise log a generic message.
#
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# mal_queue_lifetime or $bounce_queue_lifetime, or
# longer. Use "postsuper -H" only for mail that will
# longer. Use "postsuper -H" only for mail that will
# not expire within a few delivery attempts.
#
# Note: this action affects all recipients of the
# Note: this action affects all recipients of the
# message.
#
# This feature is available in Postfix 2.0 and later.
@ -202,23 +207,23 @@
# the next input line.
#
# PREPEND text...
# Prepend one line with the specified text, and
# Prepend one line with the specified text, and
# inspect the next input line.
#
# Notes:
#
# o The prepended text is output on a separate
# o The prepended text is output on a separate
# line, immediately before the input that
# triggered the PREPEND action.
#
# o The prepended text is not considered part of
# the input stream: it is not subject to
# the input stream: it is not subject to
# header/body checks or address rewriting, and
# it does not affect the way that Postfix adds
# missing message headers.
#
# o When prepending text before a message header
# line, the prepended text must begin with a
# line, the prepended text must begin with a
# valid message header label.
#
# o This action cannot be used to prepend multi-
@ -227,46 +232,46 @@
# This feature is available in Postfix 2.1 and later.
#
# REDIRECT user@domain
# Write a message redirection request to the queue
# file, and inspect the next input line. After the
# Write a message redirection request to the queue
# file, and inspect the next input line. After the
# message is queued, it will be sent to the specified
# address instead of the intended recipient(s).
#
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# cuted.
#
# This feature is available in Postfix 2.1 and later.
#
# REPLACE text...
# Replace the current line with the specified text,
# Replace the current line with the specified text,
# and inspect the next input line.
#
# This feature is available in Postfix 2.2 and later.
# The description below applies to Postfix 2.2.2 and
# The description below applies to Postfix 2.2.2 and
# later.
#
# Notes:
#
# o When replacing a message header line, the
# replacement text must begin with a valid
# o When replacing a message header line, the
# replacement text must begin with a valid
# header label.
#
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# headers.
#
# REJECT optional text...
# Reject the entire message. Reply with optional
# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# wise reply with a generic error message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients.
#
# Postfix version 2.3 and later support enhanced sta-
@ -275,32 +280,32 @@
# enhanced status code of "5.7.1".
#
# WARN optional text...
# Log a warning with the optional text... (or log a
# generic message), and inspect the next input line.
# Log a warning with the optional text... (or log a
# generic message), and inspect the next input line.
# This action is useful for debugging and for testing
# a pattern before applying more drastic actions.
#
# BUGS
# Many people overlook the main limitations of header and
# Many people overlook the main limitations of header and
# body_checks rules.
#
# o These rules operate on one logical message header
# o These rules operate on one logical message header
# or one body line at a time. A decision made for one
# line is not carried over to the next line.
#
# o If text in the message body is encoded (RFC 2045)
# then the rules have to specified for the encoded
# o If text in the message body is encoded (RFC 2045)
# then the rules need to be specified for the encoded
# form.
#
# o Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the
# o Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the
# encoded form.
#
# Message headers added by the cleanup(8) daemon itself are
# Message headers added by the cleanup(8) daemon itself are
# excluded from inspection. Examples of such message headers
# are From:, To:, Message-ID:, Date:.
#
# Message headers deleted by the cleanup(8) daemon will be
# Message headers deleted by the cleanup(8) daemon will be
# examined before they are deleted. Examples are: Bcc:, Con-
# tent-Length:, Return-Path:.
#
@ -308,11 +313,11 @@
# body_checks
# Lookup tables with content filter rules for message
# body lines. These filters see one physical line at
# a time, in chunks of at most $line_length_limit
# a time, in chunks of at most $line_length_limit
# bytes.
#
# body_checks_size_limit
# The amount of content per message body segment
# The amount of content per message body segment
# (attachment) that is subjected to $body_checks fil-
# tering.
#
@ -322,32 +327,32 @@
#
# nested_header_checks (default: $header_checks)
# Lookup tables with content filter rules for message
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# sages.
#
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# $header_size_limit characters are truncated.
#
# disable_mime_input_processing
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# initial message headers is considered to be part of
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# that body_checks is applied to the remainder of the
# message.
#
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# time.
#
# EXAMPLES
# Header pattern to block attachments with bad file name
# Header pattern to block attachments with bad file name
# extensions.
#
# /etc/postfix/main.cf:
@ -379,7 +384,7 @@
# RFC 2047, message header encoding for non-ASCII text
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# CONTENT_INSPECTION_README, Postfix content inspection overview
@ -387,7 +392,7 @@
# BACKSCATTER_README, blocking returned forged mail
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

43
postfix/html/BACKSCATTER_README.html
View File

@ -21,7 +21,10 @@ Backscatter Howto</h1>
<h2>Overview </h2>
This document describes features that require Postfix version 2.0
or later.
or later. The examples use Perl Compatible Regular Expressions
(Postfix <a href="pcre_table.5.html">pcre</a>: tables), but also provide a translation to POSIX
regular expressions (Postfix <a href="regexp_table.5.html">regexp</a>: tables). PCRE is preferred
primarily because the implementation is often faster.</p>
<p> Topics covered in this document: </p>
@ -174,8 +177,8 @@ patterns like this: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/header_checks
<a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks
<a href="postconf.5.html#body_checks">body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/body_checks
/etc/postfix/header_checks:
if /^Received:/
@ -183,7 +186,7 @@ patterns like this: </p>
reject forged client name in Received: header: $1
/^Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^Received:.* +by +(porcupine\.org)[[:&gt;:]]/
/^Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^Message-ID:.* &lt;!&amp;!/ DUNNO
@ -196,7 +199,7 @@ patterns like this: </p>
reject forged client name in Received: header: $1
/^[&gt; ]*Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^[&gt; ]*Received:.* +by +(porcupine\.org)[[:&gt;:]]/
/^[&gt; ]*Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^[&gt; ]*Message-ID:.* &lt;!&amp;!/ DUNNO
@ -209,6 +212,9 @@ patterns like this: </p>
<ul>
<li> <p> The example uses <a href="pcre_table.5.html">pcre</a>: tables mainly for speed; with minor
modifications, you can use <a href="regexp_table.5.html">regexp</a>: tables as explained below. </p>
<li> <p> The example is simplified for educational purposes. In
reality my patterns list multiple domain names, as
"<tt>(domain|domain|...)</tt>". </p>
@ -220,9 +226,10 @@ the "<tt>\</tt>", the "<tt>.</tt>" would match any character. </p>
and "<tt>)</tt>" literally. Without the "<tt>\</tt>", the "<tt>(</tt>"
and "<tt>)</tt>" would be grouping operators. </p>
<li> <p> The "<tt>[[:&gt;:]]</tt>" matches the end of a word. On
some systems you should specify "<tt>\&gt;</tt>" instead. For details
see your system documentation. </p>
<li> <p> The "<tt>\b</tt>" is used here to match the end of a word.
If you use <a href="regexp_table.5.html">regexp</a>: tables, specify "<tt>[[:&gt;:]]</tt>" (on some
systems you should specify "<tt>\&gt;</tt>" instead; for details
see your system documentation).
<li> <p> The "if /pattern/" and "endif" eliminate unnecessary
matching attempts. DO NOT indent lines starting with /pattern/
@ -311,15 +318,15 @@ and is very easy to stop.
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/header_checks
<a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks
<a href="postconf.5.html#body_checks">body_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/body_checks
/etc/postfix/header_checks:
/^(From|Return-Path):.*[[:&lt;:]](user@domain\.tld)[[:&gt;:]]/
/^(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
/etc/postfix/body_checks:
/^[&gt; ]*(From|Return-Path):.*[[:&lt;:]](user@domain\.tld)[[:&gt;:]]/
/^[&gt; ]*(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
</pre>
</blockquote>
@ -328,14 +335,18 @@ and is very easy to stop.
<ul>
<li> <p> The example uses <a href="pcre_table.5.html">pcre</a>: tables mainly for speed; with minor
modifications, you can use <a href="regexp_table.5.html">regexp</a>: tables as explained below. </p>
<li> <p> The example is simplified for educational purposes. In
reality, my patterns list multiple email addresses as
"<tt>(user1@domain1\.tld|user2@domain2\.tld)</tt>". </p>
<li> <p> The "<tt>[[:&lt;:]]</tt>" and "<tt>[[:&gt;:]]</tt>" match
the beginning and end of a word, respectively. On some systems you
should specify "<tt>\&lt;</tt>" and "<tt>\&gt;</tt>" instead. For
details see your system documentation. </p>
<li> <p> The two "<tt>\b</tt>" as used in "<tt>\b(user@domain\.tld)\b</tt>"
match the beginning and end of a word, respectively. If you use
<a href="regexp_table.5.html">regexp</a>: tables, specify "<tt>[[:&lt;:]]</tt> and <tt>[[:&gt;:]]</tt>"
(on some systems you should specify "<tt>\&lt;</tt> and <tt>\&gt;</tt>"
instead; for details see your system documentation). </p>
<li> <p> The "<tt>\.</tt>" matches "<tt>.</tt>" literally. Without
the "<tt>\</tt>", the "<tt>.</tt>" would match any character. </p>

11
postfix/html/OVERVIEW.html
View File

@ -460,12 +460,13 @@ bgcolor="#f0f0ff"> <br> <a href="smtpd.8.html">smtpd(8)</a><br><br> </td> <td> <
</table>
<li> <p> The <a href="bounce.8.html">bounce(8)</a>, <a href="defer.8.html">defer(8)</a> and <a href="trace.8.html">trace(8)</a> servers each maintain
their own queue directory trees with per-message logfiles. This
information is used to send delivery or non-delivery notifications
to the sender. </p>
<li> <p> The <a href="bounce.8.html">bounce(8)</a>, <a href="defer.8.html">defer(8)</a> and <a href="trace.8.html">trace(8)</a> services each maintain
their own queue directory trees with per-message logfiles. Postfix
uses this information when sending "failed", "delayed" or "success"
delivery status notifications to the sender. </p>
<p> The <a href="trace.8.html">trace(8)</a> service implements support for the Postfix "sendmail
<p> The <a href="trace.8.html">trace(8)</a> service also implements support for the Postfix
"sendmail
-bv" and "sendmail -v" commands which produce reports about how
Postfix delivers mail, and is available with Postfix version 2.1
and later. See <a href="DEBUG_README.html#trace_mail"> DEBUG_README

201
postfix/html/header_checks.5.html
View File

@ -72,70 +72,75 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
time, even when a message header spans multiple lines.
Body lines are always examined one line at a time.
<b>COMPATIBILITY</b>
With Postfix version 2.2 and earlier specify "<b>postmap -fq</b>"
to query a table that contains case sensitive patterns. By
default, <a href="regexp_table.5.html">regexp</a>: and <a href="pcre_table.5.html">pcre</a>: patterns are case insensitive.
<b>TABLE FORMAT</b>
This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules
are specified in the form of Postfix regular expression
lookup tables. Usually the best performance is obtained
This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules
are specified in the form of Postfix regular expression
lookup tables. Usually the best performance is obtained
with <b>pcre</b> (Perl Compatible Regular Expression) tables, but
the slower <b>regexp</b> (POSIX regular expressions) support is
more widely available. Use the command "<b>postconf -m</b>" to
find out what lookup table types your Postfix system sup-
the slower <b>regexp</b> (POSIX regular expressions) support is
more widely available. Use the command "<b>postconf -m</b>" to
find out what lookup table types your Postfix system sup-
ports.
The general format of Postfix regular expression tables is
given below. For a discussion of specific pattern or
flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>,
given below. For a discussion of specific pattern or
flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>,
respectively.
<b>/</b><i>pattern</i><b>/</b><i>flags action</i>
When <i>pattern</i> matches the input string, execute the
corresponding <i>action</i>. See below for a list of pos-
When <i>pattern</i> matches the input string, execute the
corresponding <i>action</i>. See below for a list of pos-
sible actions.
<b>!/</b><i>pattern</i><b>/</b><i>flags action</i>
When <i>pattern</i> does <b>not</b> match the input string, exe-
When <i>pattern</i> does <b>not</b> match the input string, exe-
cute the corresponding <i>action</i>.
<b>if /</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between
<b>if</b> and <b>endif</b>, if and only if the same input string
<b>if</b> and <b>endif</b>, if and only if the same input string
also matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
Note: do not prepend whitespace to patterns inside
Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
<b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between
<b>if</b> and <b>endif</b>, if and only if the same input string
<b>if</b> and <b>endif</b>, if and only if the same input string
does <b>not</b> match <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A pattern/action line starts with non-whitespace
text. A line that starts with whitespace continues
A pattern/action line starts with non-whitespace
text. A line that starts with whitespace continues
a logical line.
<b>TABLE SEARCH ORDER</b>
For each line of message input, the patterns are applied
in the order as specified in the table. When a pattern is
found that matches the input line, the corresponding
action is executed and then the next input line is
For each line of message input, the patterns are applied
in the order as specified in the table. When a pattern is
found that matches the input line, the corresponding
action is executed and then the next input line is
inspected.
<b>TEXT SUBSTITUTION</b>
Substitution of substrings from the matched expression
into the <i>action</i> string is possible using the conventional
Perl syntax (<b>$1</b>, <b>$2</b>, etc.). The macros in the result
string may need to be written as <b>${n}</b> or <b>$(n)</b> if they
Substitution of substrings from the matched expression
into the <i>action</i> string is possible using the conventional
Perl syntax (<b>$1</b>, <b>$2</b>, etc.). The macros in the result
string may need to be written as <b>${n}</b> or <b>$(n)</b> if they
aren't followed by whitespace.
Note: since negated patterns (those preceded by <b>!</b>) return
Note: since negated patterns (those preceded by <b>!</b>) return
a result when the expression does not match, substitutions
are not available for negated patterns.
@ -144,12 +149,12 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
case for consistency with other Postfix documentation.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
erwise log a generic message.
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
affects all recipients. To discard only one recip-
ient without discarding the entire message, use the
<a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a>
@ -157,49 +162,49 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.0 and later.
<b>DUNNO</b> Pretend that the input line did not match any pat-
tern, and inspect the next input line. This action
<b>DUNNO</b> Pretend that the input line did not match any pat-
tern, and inspect the next input line. This action
can be used to shorten the table search.
For backwards compatibility reasons, Postfix also
accepts <b>OK</b> but it is (and always has been) treated
For backwards compatibility reasons, Postfix also
accepts <b>OK</b> but it is (and always has been) treated
as <b>DUNNO</b>.
This feature is available in Postfix 2.1 and later.
<b>FILTER</b> <i>transport:destination</i>
Write a content filter request to the queue file,
and inspect the next input line. After the com-
plete message is received it will be sent through
Write a content filter request to the queue file,
and inspect the next input line. After the com-
plete message is received it will be sent through
the specified external content filter. More infor-
mation about external content filters is in the
mation about external content filters is in the
Postfix <a href="FILTER_README.html">FILTER_README</a> file.
Note: this action overrides the <b><a href="postconf.5.html#content_filter">content_filter</a></b> set-
ting, and affects all recipients of the message. In
the case that multiple <b>FILTER</b> actions fire, only
the case that multiple <b>FILTER</b> actions fire, only
the last one is executed.
This feature is available in Postfix 2.0 and later.
<b>HOLD</b> <i>optional text...</i>
Arrange for the message to be placed on the <b>hold</b>
queue, and inspect the next input line. The mes-
sage remains on <b>hold</b> until someone either deletes
it or releases it for delivery. Log the optional
Arrange for the message to be placed on the <b>hold</b>
queue, and inspect the next input line. The mes-
sage remains on <b>hold</b> until someone either deletes
it or releases it for delivery. Log the optional
text if specified, otherwise log a generic message.
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
<b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or
longer. Use "<b>postsuper -H</b>" only for mail that will
longer. Use "<b>postsuper -H</b>" only for mail that will
not expire within a few delivery attempts.
Note: this action affects all recipients of the
Note: this action affects all recipients of the
message.
This feature is available in Postfix 2.0 and later.
@ -208,23 +213,23 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
the next input line.
<b>PREPEND</b> <i>text...</i>
Prepend one line with the specified text, and
Prepend one line with the specified text, and
inspect the next input line.
Notes:
<b>o</b> The prepended text is output on a separate
<b>o</b> The prepended text is output on a separate
line, immediately before the input that
triggered the <b>PREPEND</b> action.
<b>o</b> The prepended text is not considered part of
the input stream: it is not subject to
the input stream: it is not subject to
header/body checks or address rewriting, and
it does not affect the way that Postfix adds
missing message headers.
<b>o</b> When prepending text before a message header
line, the prepended text must begin with a
line, the prepended text must begin with a
valid message header label.
<b>o</b> This action cannot be used to prepend multi-
@ -233,46 +238,46 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.1 and later.
<b>REDIRECT</b> <i>user@domain</i>
Write a message redirection request to the queue
file, and inspect the next input line. After the
Write a message redirection request to the queue
file, and inspect the next input line. After the
message is queued, it will be sent to the specified
address instead of the intended recipient(s).
Note: this action overrides the <b>FILTER</b> action, and
affects all recipients of the message. If multiple
<b>REDIRECT</b> actions fire, only the last one is exe-
Note: this action overrides the <b>FILTER</b> action, and
affects all recipients of the message. If multiple
<b>REDIRECT</b> actions fire, only the last one is exe-
cuted.
This feature is available in Postfix 2.1 and later.
<b>REPLACE</b> <i>text...</i>
Replace the current line with the specified text,
Replace the current line with the specified text,
and inspect the next input line.
This feature is available in Postfix 2.2 and later.
The description below applies to Postfix 2.2.2 and
The description below applies to Postfix 2.2.2 and
later.
Notes:
<b>o</b> When replacing a message header line, the
replacement text must begin with a valid
<b>o</b> When replacing a message header line, the
replacement text must begin with a valid
header label.
<b>o</b> The replaced text remains part of the input
stream. Unlike the result from the <b>PREPEND</b>
action, a replaced message header may be
subject to address rewriting and may affect
the way that Postfix adds missing message
<b>o</b> The replaced text remains part of the input
stream. Unlike the result from the <b>PREPEND</b>
action, a replaced message header may be
subject to address rewriting and may affect
the way that Postfix adds missing message
headers.
<b>REJECT</b> <i>optional text...</i>
Reject the entire message. Reply with <i>optional</i>
Reject the entire message. Reply with <i>optional</i>
<i>text...</i> when the optional text is specified, other-
wise reply with a generic error message.
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
affects all recipients.
Postfix version 2.3 and later support enhanced sta-
@ -281,32 +286,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
enhanced status code of "5.7.1".
<b>WARN</b> <i>optional text...</i>
Log a warning with the <i>optional text...</i> (or log a
generic message), and inspect the next input line.
Log a warning with the <i>optional text...</i> (or log a
generic message), and inspect the next input line.
This action is useful for debugging and for testing
a pattern before applying more drastic actions.
<b>BUGS</b>
Many people overlook the main limitations of header and
Many people overlook the main limitations of header and
<a href="postconf.5.html#body_checks">body_checks</a> rules.
<b>o</b> These rules operate on one logical message header
<b>o</b> These rules operate on one logical message header
or one body line at a time. A decision made for one
line is not carried over to the next line.
<b>o</b> If text in the message body is encoded (<a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a>)
then the rules have to specified for the encoded
<b>o</b> If text in the message body is encoded (<a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a>)
then the rules need to be specified for the encoded
form.
<b>o</b> Likewise, when message headers are encoded (<a href="http://www.faqs.org/rfcs/rfc2047.html">RFC</a>
<a href="http://www.faqs.org/rfcs/rfc2047.html">2047</a>) then the rules need to be specified for the
<b>o</b> Likewise, when message headers are encoded (<a href="http://www.faqs.org/rfcs/rfc2047.html">RFC</a>
<a href="http://www.faqs.org/rfcs/rfc2047.html">2047</a>) then the rules need to be specified for the
encoded form.
Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
excluded from inspection. Examples of such message headers
are <b>From:</b>, <b>To:</b>, <b>Message-ID:</b>, <b>Date:</b>.
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
examined before they are deleted. Examples are: <b>Bcc:, Con-</b>
<b>tent-Length:</b>, <b>Return-Path:</b>.
@ -314,11 +319,11 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b><a href="postconf.5.html#body_checks">body_checks</a></b>
Lookup tables with content filter rules for message
body lines. These filters see one physical line at
a time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
a time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
bytes.
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a></b>
The amount of content per message body segment
The amount of content per message body segment
(attachment) that is subjected to <b>$<a href="postconf.5.html#body_checks">body_checks</a></b> fil-
tering.
@ -328,32 +333,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
Lookup tables with content filter rules for message
header lines: respectively, these are applied to
the initial message headers (not including MIME
headers), to the MIME headers anywhere in the mes-
sage, and to the initial headers of attached mes-
header lines: respectively, these are applied to
the initial message headers (not including MIME
headers), to the MIME headers anywhere in the mes-
sage, and to the initial headers of attached mes-
sages.
Note: these filters see one logical message header
at a time, even when a message header spans multi-
ple lines. Message headers that are longer than
Note: these filters see one logical message header
at a time, even when a message header spans multi-
ple lines. Message headers that are longer than
<b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are truncated.
<b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a></b>
While receiving mail, give no special treatment to
MIME related message headers; all text after the
While receiving mail, give no special treatment to
MIME related message headers; all text after the
initial message headers is considered to be part of
the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
applied to all the initial message headers, and
the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
applied to all the initial message headers, and
that <b><a href="postconf.5.html#body_checks">body_checks</a></b> is applied to the remainder of the
message.
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
process a multi-line message header one line at a
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
process a multi-line message header one line at a
time.
<b>EXAMPLES</b>
Header pattern to block attachments with bad file name
Header pattern to block attachments with bad file name
extensions.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
@ -391,7 +396,7 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<a href="BACKSCATTER_README.html">BACKSCATTER_README</a>, blocking returned forged mail
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

17
postfix/man/man5/header_checks.5
View File

@ -8,17 +8,15 @@ Postfix built-in content inspection
.SH "SYNOPSIS"
.na
.nf
.nf
\fBheader_checks = pcre:/etc/postfix/header_checks\fR
.br
\fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
.br
\fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
.br
\fBbody_checks = pcre:/etc/postfix/body_checks\fR
.sp
\fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
.br
\fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
.fi
.SH DESCRIPTION
.ad
.fi
@ -66,6 +64,15 @@ message headers is treated as body content.
Note: message headers are examined one logical header at a time,
even when a message header spans multiple lines. Body lines are
always examined one line at a time.
.SH "COMPATIBILITY"
.na
.nf
.ad
.fi
With Postfix version 2.2 and earlier specify "\fBpostmap
-fq\fR" to query a table that contains case sensitive
patterns. By default, regexp: and pcre: patterns are case
insensitive.
.SH "TABLE FORMAT"
.na
.nf
@ -273,7 +280,7 @@ line at a time. A decision made for one line is not carried over
to the next line.
.IP \(bu
If text in the message body is encoded
(RFC 2045) then the rules have to specified for the encoded
(RFC 2045) then the rules need to be specified for the encoded
form.
.IP \(bu
Likewise, when message headers are encoded (RFC

43
postfix/proto/BACKSCATTER_README.html
View File

@ -21,7 +21,10 @@ Backscatter Howto</h1>
<h2>Overview </h2>
This document describes features that require Postfix version 2.0
or later.
or later. The examples use Perl Compatible Regular Expressions
(Postfix pcre: tables), but also provide a translation to POSIX
regular expressions (Postfix regexp: tables). PCRE is preferred
primarily because the implementation is often faster.</p>
<p> Topics covered in this document: </p>
@ -174,8 +177,8 @@ patterns like this: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
/etc/postfix/header_checks:
if /^Received:/
@ -183,7 +186,7 @@ patterns like this: </p>
reject forged client name in Received: header: $1
/^Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^Received:.* +by +(porcupine\.org)[[:&gt;:]]/
/^Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^Message-ID:.* &lt;!&amp;!/ DUNNO
@ -196,7 +199,7 @@ patterns like this: </p>
reject forged client name in Received: header: $1
/^[&gt; ]*Received: +from +[^ ]+ +\(([^ ]+ +[he]+lo=|[he]+lo +)(porcupine\.org)\)/
reject forged client name in Received: header: $2
/^[&gt; ]*Received:.* +by +(porcupine\.org)[[:&gt;:]]/
/^[&gt; ]*Received:.* +by +(porcupine\.org)\b/
reject forged mail server name in Received: header: $1
endif
/^[&gt; ]*Message-ID:.* &lt;!&amp;!/ DUNNO
@ -209,6 +212,9 @@ patterns like this: </p>
<ul>
<li> <p> The example uses pcre: tables mainly for speed; with minor
modifications, you can use regexp: tables as explained below. </p>
<li> <p> The example is simplified for educational purposes. In
reality my patterns list multiple domain names, as
"<tt>(domain|domain|...)</tt>". </p>
@ -220,9 +226,10 @@ the "<tt>\</tt>", the "<tt>.</tt>" would match any character. </p>
and "<tt>)</tt>" literally. Without the "<tt>\</tt>", the "<tt>(</tt>"
and "<tt>)</tt>" would be grouping operators. </p>
<li> <p> The "<tt>[[:&gt;:]]</tt>" matches the end of a word. On
some systems you should specify "<tt>\&gt;</tt>" instead. For details
see your system documentation. </p>
<li> <p> The "<tt>\b</tt>" is used here to match the end of a word.
If you use regexp: tables, specify "<tt>[[:&gt;:]]</tt>" (on some
systems you should specify "<tt>\&gt;</tt>" instead; for details
see your system documentation).
<li> <p> The "if /pattern/" and "endif" eliminate unnecessary
matching attempts. DO NOT indent lines starting with /pattern/
@ -311,15 +318,15 @@ and is very easy to stop.
<blockquote>
<pre>
/etc/postfix/main.cf:
header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
header_checks = pcre:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
/etc/postfix/header_checks:
/^(From|Return-Path):.*[[:&lt;:]](user@domain\.tld)[[:&gt;:]]/
/^(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
/etc/postfix/body_checks:
/^[&gt; ]*(From|Return-Path):.*[[:&lt;:]](user@domain\.tld)[[:&gt;:]]/
/^[&gt; ]*(From|Return-Path):.*\b(user@domain\.tld)\b/
reject forged sender address in $1: header: $2
</pre>
</blockquote>
@ -328,14 +335,18 @@ and is very easy to stop.
<ul>
<li> <p> The example uses pcre: tables mainly for speed; with minor
modifications, you can use regexp: tables as explained below. </p>
<li> <p> The example is simplified for educational purposes. In
reality, my patterns list multiple email addresses as
"<tt>(user1@domain1\.tld|user2@domain2\.tld)</tt>". </p>
<li> <p> The "<tt>[[:&lt;:]]</tt>" and "<tt>[[:&gt;:]]</tt>" match
the beginning and end of a word, respectively. On some systems you
should specify "<tt>\&lt;</tt>" and "<tt>\&gt;</tt>" instead. For
details see your system documentation. </p>
<li> <p> The two "<tt>\b</tt>" as used in "<tt>\b(user@domain\.tld)\b</tt>"
match the beginning and end of a word, respectively. If you use
regexp: tables, specify "<tt>[[:&lt;:]]</tt> and <tt>[[:&gt;:]]</tt>"
(on some systems you should specify "<tt>\&lt;</tt> and <tt>\&gt;</tt>"
instead; for details see your system documentation). </p>
<li> <p> The "<tt>\.</tt>" matches "<tt>.</tt>" literally. Without
the "<tt>\</tt>", the "<tt>.</tt>" would match any character. </p>

11
postfix/proto/OVERVIEW.html
View File

@ -460,12 +460,13 @@ bgcolor="#f0f0ff"> <br> smtpd(8)<br><br> </td> <td> <tt> &lt;-&gt;
</table>
<li> <p> The bounce(8), defer(8) and trace(8) servers each maintain
their own queue directory trees with per-message logfiles. This
information is used to send delivery or non-delivery notifications
to the sender. </p>
<li> <p> The bounce(8), defer(8) and trace(8) services each maintain
their own queue directory trees with per-message logfiles. Postfix
uses this information when sending "failed", "delayed" or "success"
delivery status notifications to the sender. </p>
<p> The trace(8) service implements support for the Postfix "sendmail
<p> The trace(8) service also implements support for the Postfix
"sendmail
-bv" and "sendmail -v" commands which produce reports about how
Postfix delivers mail, and is available with Postfix version 2.1
and later. See <a href="DEBUG_README.html#trace_mail"> DEBUG_README

15
postfix/proto/header_checks
View File

@ -4,17 +4,15 @@
# SUMMARY
# Postfix built-in content inspection
# SYNOPSIS
# .nf
# \fBheader_checks = pcre:/etc/postfix/header_checks\fR
# .br
# \fBmime_header_checks = pcre:/etc/postfix/mime_header_checks\fR
# .br
# \fBnested_header_checks = pcre:/etc/postfix/nested_header_checks\fR
# .br
# \fBbody_checks = pcre:/etc/postfix/body_checks\fR
# .sp
# \fBpostmap -q "\fIstring\fB" pcre:/etc/postfix/\fIfilename\fR
# .br
# \fBpostmap -q - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
# .fi
# DESCRIPTION
# This document describes access control on the content of
# message headers and message body lines; it is implemented
@ -60,6 +58,13 @@
# Note: message headers are examined one logical header at a time,
# even when a message header spans multiple lines. Body lines are
# always examined one line at a time.
# COMPATIBILITY
# .ad
# .fi
# With Postfix version 2.2 and earlier specify "\fBpostmap
# -fq\fR" to query a table that contains case sensitive
# patterns. By default, regexp: and pcre: patterns are case
# insensitive.
# TABLE FORMAT
# .ad
# .fi
@ -284,7 +289,7 @@
# to the next line.
# .IP \(bu
# If text in the message body is encoded
# (RFC 2045) then the rules have to specified for the encoded
# (RFC 2045) then the rules need to be specified for the encoded
# form.
# .IP \(bu
# Likewise, when message headers are encoded (RFC

4
postfix/src/global/mail_version.h
View File

@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20070327"
#define MAIL_VERSION_NUMBER "2.4.0-RC10"
#define MAIL_RELEASE_DATE "20070328"
#define MAIL_VERSION_NUMBER "2.4.0"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE