mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.4.0-RC8

Browse Source
This commit is contained in:
Wietse Venema 2007-03-23 00:00:00 -05:00 committed by Viktor Dukhovni
parent b98446f146
commit 47602acef6
86 changed files with 1472 additions and 2088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
postfix/HISTORY
View File

@ -13303,7 +13303,8 @@ Apologies for any names omitted.
instead of appending mail to a deleted file. To minimize
the use of this workaround, Postfix now by default creates
mailbox dotlock files on all systems, and creates dotlock
files before opening mailbox files. Files: util/sys_defs.h.
files before opening mailbox files. Files: util/sys_defs.h,
global/mbox_open.c.
20070301
@ -13374,6 +13375,17 @@ Apologies for any names omitted.
records or content encoding records with other mail. File:
global/rec_type.h.
20070321
Bugfix (introduced 20070224): local(8) or virtual(8) could
log a misleading error message after failure to open a
mailbox file. File: global/mbox_open.c.
Bugfix (code should have been updated 20070104): the proxymap
client did not propagate changes in case folding flags.
Currently, nothing in Postfix uses this functionality.
File: global/dict_proxy.c.
Wish list:
Bind all deliveries to the same local delivery process,

8
postfix/README_FILES/AAAREADME
View File

@ -18,7 +18,6 @@ PPrroobblleemm ssoollvviinngg
* QSHAPE_README: Bottleneck analysis
* TUNING_README: Performance tuning
* DEBUG_README: Debugging strategies
* Error messages (*)
CCoonntteenntt iinnssppeeccttiioonn
@ -50,20 +49,16 @@ LLooookkuupp ttaabblleess ((ddaattaabbaasseess))
MMaaiilliinngg lliisstt ssuuppppoorrtt
* qmail/ezmlm support (*)
* VERP_README: VERP Support
SSppeecciiffiicc eennvviirroonnmmeennttss
* LINUX_README: Linux issues
* NFS_README: NFS issues
* ULTRIX_README: Ultrix support
OOtthheerr mmaaiill ddeelliivveerryy aaggeennttss
* Cyrus (*)
* MAILDROP_README: Maildrop
* LMTP (*)
OOtthheerr ttooppiiccss
@ -78,6 +73,3 @@ OOtthheerr ttooppiiccss
* XCLIENT_README: XCLIENT Command
* XFORWARD_README: XFORWARD Command
(*) These documents will be made available via http://www.postfix.org/ and
mirror sites.

5
postfix/README_FILES/ADDRESS_CLASS_README
View File

@ -28,8 +28,9 @@ An address class is defined by three items.
* The list of domains that are a member of the class: for example, all local
domains, or all relay domains.
* The default delivery method. For example, the local or smtp delivery agent.
This helps to keep Postfix configurations simple.
* The default delivery transport. For example, the local or relay delivery
transport (delivery transports are defined in master.cf). This helps to
keep Postfix configurations simple.
* The list of valid recipient addresses for that address class. The Postfix
SMTP server rejects invalid recipients with "User unknown in <name of

4
postfix/README_FILES/ADDRESS_VERIFICATION_README
View File

@ -122,7 +122,9 @@ from filling up with MAILER-DAEMON messages.
Recipient address verification is relatively straightforward and there are no
surprises. If a recipient probe fails, then Postfix rejects mail for the
recipient address. If a recipient probe succeeds, then Postfix accepts mail for
the recipient address.
the recipient address. However, recipient address verification probes can
increase the load on down-stream MTAs when you're being flooded by backscatter
bounces, or when some spammer is mounting a dictionary attack.
By default, address verification results are not saved. To avoid probing the
same address repeatedly, you can store the result in a persistent database as

18
postfix/README_FILES/CONNECTION_CACHE_README
View File

@ -57,13 +57,25 @@ reused only by the mail delivering process that creates the connection. To get
the same performance improvement as with a shared connection cache, non-shared
connections need to be kept open for a longer time.
Internet <-- smtp(8) <-> scache(8) <-> smtp(8) --> Internet
The scache(8) server, introduced with Postfix version 2.2, maintains the shared
connection cache. With Postfix version 2.2, only the smtp(8) client has support
to access this cache.
smtp(8) --> Internet
|
|
|
| smtp(8) --> Internet
|
|
v ^
|
scache(8)
When SMTP connection caching is enabled (see next section), the smtp(8) client
does not disconnect after a mail transaction, but gives the connection to the
scache(8) server which keeps the connection open for a limited amount of time.

6
postfix/README_FILES/DATABASE_README
View File

@ -44,7 +44,8 @@ Benefits of the Postfix (key, value) query interface:
lookups" below.
* You can use Berkeley DB files with fixed lookup strings for simple address
rewriting operations and you can use regular expression tables for the more
complicated work.
complicated work. In other words, you don't have to put everything into the
same table.
PPoossttffiixx lliissttss vveerrssuuss ttaabblleess
@ -124,7 +125,8 @@ update fails because the disk is full or because something else happens. This
is because commands such as postmap(1) or postalias(1) overwrite existing
files. If the update fails in the middle then you have no usable database, and
Postfix will stop working. This is not an issue with the CDB database type
available with Postfix 2.2 and later, because CDB database rebuilds are atomic.
available with Postfix 2.2 and later: CDB creates a new file, and renames the
file upon successful completion.
With multi-file databases such as DBM, there is no simple solution. With
Berkeley DB and other "one file" databases, it is possible to add some extra

15
postfix/README_FILES/DB_README
View File

@ -25,14 +25,15 @@ This document describes:
BBuuiillddiinngg PPoossttffiixx oonn ssyysstteemmss wwiitthhoouutt BBeerrkkeelleeyy DDBB
Many commercial UNIXes ship without Berkeley DB support. Examples are Solaris,
HP-UX, IRIX, UNIXWARE. In order to build Postfix with Berkeley DB support you
need to download and install the source code from http://www.sleepycat.com/
Some UNIXes ship without Berkeley DB support; for historical reasons these use
DBM files instead. A problem with DBM files is that they can store only limited
amounts of data. To build Postfix with Berkeley DB support you need to download
and install the source code from http://www.oracle.com/database/berkeley-db/.
Warning: some Linux system libraries use Berkeley DB, as do some third-party
libraries such as SASL. If you compile Postfix with a different Berkeley DB
implementation, then every Postfix program will dump core because either the
system library, SASL library, or Postfix itself ends up using the wrong
system library, the SASL library, or Postfix itself ends up using the wrong
version.
The more recent Berkeley DB versions have a compile-time switch, "--with-
@ -40,8 +41,8 @@ uniquename", which renames the symbols so that multiple versions of Berkeley DB
can co-exist in the same application. Although wasteful, this may be the only
way to keep things from falling apart.
To build Postfix after you installed the Berkeley DB from http://
www.sleepycat.com/, use something like:
To build Postfix after you installed the Berkeley DB from source code, use
something like:
% make tidy
% make makefiles CCARGS="-DHAS_DB -I/usr/local/BerkeleyDB/include" \
@ -151,5 +152,5 @@ Add the "-lpthread" library to the "make makefiles" command.
% make makefiles .... AUXLIBS="... -lpthread"
More information is available at http://www.sleepycat.com/.
More information is available at http://www.oracle.com/database/berkeley-db/.

41
postfix/README_FILES/DEBUG_README
View File

@ -54,8 +54,8 @@ The nature of each problem is indicated as follows:
configuration file settings that you can fix. Postfix cannot proceed until
this is fixed.
* "eerrrroorr" reports a fatal or non-fatal error condition. Postfix cannot
proceed until this is fixed.
* "eerrrroorr" reports an error condition. For safety reasons, a Postfix process
will terminate when more than 13 of these happen.
* "wwaarrnniinngg" indicates a non-fatal error. These are problems that you may not
be able to fix (such as a broken DNS server elsewhere on the network) but
@ -85,7 +85,7 @@ Postfix can produce two types of mail delivery reports for debugging:
Mail Delivery Status Report will be mailed to <your login name>.
These reports contain information that is generated by Postfix delivery agents.
Since these run as daemon processes and do not interact with users directly,
Since these run as daemon processes that cannot interact with users directly,
the result is sent as mail to the sender of the test message. The format of
these reports is practically identical to that of ordinary non-delivery
notifications.
@ -136,29 +136,31 @@ change effective immediately, execute the command "ppoossttffiixx rreel
RReeccoorrdd tthhee SSMMTTPP sseessssiioonn wwiitthh aa nneettwwoorrkk ssnniiffffeerr
This example uses ttccppdduummpp. In order to record a conversation you need to
specify a large enough buffer with the "-s" option or else you will miss some
specify a large enough buffer with the "--ss" option or else you will miss some
or all of the packet payload.
# ttccppdduummpp --ww //ffiillee//nnaammee --ss 22000000 hhoosstt eexxaammppllee..ccoomm aanndd ppoorrtt 2255
# ttccppdduummpp --ww //ffiillee//nnaammee --ss 00 hhoosstt eexxaammppllee..ccoomm aanndd ppoorrtt 2255
Older tcpdump versions don't support "--ss 00"; in that case, use "--ss 22000000"
instead.
Run this for a while, stop with Ctrl-C when done. To view the data use a binary
viewer, or eetthheerreeaall, or use my ttccppdduummppxx utility that is available from ftp://
ftp.porcupine.org/pub/debugging/.
viewer, eetthheerreeaall, or good old lleessss.
MMaakkiinngg PPoossttffiixx ddaaeemmoonn pprrooggrraammss mmoorree vveerrbboossee
Append one or more "--vv" options to selected daemon definitions in /etc/postfix/
master.cf and type "ppoossttffiixx rreellooaadd". This will cause a lot of activity to be
logged to the syslog daemon. Example:
logged to the syslog daemon. For example, to make the Postfix SMTP server
process more verbose:
/etc/postfix/master.cf:
smtp inet n - n - - smtpd -v
This makes the Postfix SMTP server more verbose. To diagnose problems with
address rewriting one would specify a "--vv" option for the cleanup(8) and/or
trivial-rewrite(8) daemon, and to diagnose problems with mail delivery one
would specify a "--vv" option for the qmgr(8) or oqmgr(8) queue manager, or for
the lmtp(8), local(8), pipe(8), smtp(8), or virtual(8) delivery agent.
To diagnose problems with address rewriting specify a "--vv" option for the
cleanup(8) and/or trivial-rewrite(8) daemon, and to diagnose problems with mail
delivery specify a "--vv" option for the qmgr(8) or oqmgr(8) queue manager, or
for the lmtp(8), local(8), pipe(8), smtp(8), or virtual(8) delivery agent.
MMaannuuaallllyy ttrraacciinngg aa PPoossttffiixx ddaaeemmoonn pprroocceessss
@ -361,16 +363,17 @@ When reporting a problem, be sure to include the following information.
* Postfix logging. See the text at the top of the DEBUG_README document to
find out where logging is stored. Please do not frustrate the helpers by
word wrapping the logging.
word wrapping the logging. If the logging is more than a few kbytes of
text, consider posting an URL on a web or ftp site.
* Consider using a test email address so that you don't have to reveal email
addresses or passwords of innocent people.
* If you can't use a test email address, please anonymize information
consistently. Replace each letter by "A", each digit by "D" so that the
helpers can still recognize syntactical errors.
* If you can't use a test email address, please anonymize email addresses and
host names consistently. Replace each letter by "A", each digit by "D" so
that the helpers can still recognize syntactical errors.
* Output from "ppoossttccoonnff --nn". Please do not send your main.cf file or 400+
* Output from "ppoossttccoonnff --nn". Please do not send your main.cf file, or 500+
lines of ppoossttccoonnff output.
* Better, provide output from the ppoossttffiinnggeerr tool. This can be found at http:
@ -383,7 +386,7 @@ When reporting a problem, be sure to include the following information.
* If the problem is about too much mail in the queue, consider including
output from the qqsshhaappee tool, as described in the QSHAPE_README file.
* If the problem is protocol related (connections time out or an SMTP server
* If the problem is protocol related (connections time out, or an SMTP server
complains about syntax errors etc.) consider recording a session with
ttccppdduummpp, as described in the DEBUG_README document.

2
postfix/README_FILES/DSN_README
View File

@ -22,7 +22,7 @@ Specifically, DSN support gives an email sender the ability to specify:
confused with the message ID, which identifies the message content.
The implementation of DSN support involves extra parameters to the SMTP MAIL
FROM and RCPT TO commands, as well as new Postfix sendmail command line options
FROM and RCPT TO commands, as well as two Postfix sendmail command line options
that provide a sub-set of the functions of the extra SMTP command parameters.
This document has information on the following topics:

40
postfix/README_FILES/ETRN_README
View File

@ -11,10 +11,6 @@ to the customer, and delivers that mail bbyy ccoonnnneeccttiinngg t
sseerrvveerr. The mail is not delivered via the connection that was used for sending
ETRN.
Postfix versions before 1.0 (also known as version 20010228) implemented the
ETRN command in an inefficient manner: they simply attempted to deliver all
queued mail. This is slow on mail servers that queue mail for many customers.
As of version 1.0, Postfix has a fast ETRN implementation that does not require
Postfix to examine every queue file. Instead, Postfix maintains a record of
what queue files contain mail for destinations that are configured for ETRN
@ -40,11 +36,11 @@ The following is an example SMTP session that shows how an SMTP client requests
the ETRN service. Client commands are shown in bold font.
220 my.server.tld ESMTP Postfix
hheelloo mmyy..cclliieenntt..ttlldd
HHEELLOO mmyy..cclliieenntt..ttlldd
250 Ok
eettrrnn ssoommee..ccuussttoommeerr..ddoommaaiinn
EETTRRNN ssoommee..ccuussttoommeerr..ddoommaaiinn
250 Queuing started
qquuiitt
QQUUIITT
221 Bye
As mentioned in the introduction, the mail is delivered by connecting to the
@ -53,7 +49,8 @@ send the ETRN command.
The Postfix operator can request delivery for a specific customer by using the
command "sendmail -qRdestination" and, with Postfix version 1.1 and later,
"postqueue -sdestination".
"postqueue -sdestination". Access to this feature is controlled with the
authorized_flush_users configuration parameter (Postfix version 2.2 and later).
HHooww PPoossttffiixx ffaasstt EETTRRNN wwoorrkkss
@ -85,13 +82,14 @@ service for every possible destination.
* The flush(8) daemon maintains per-destination logfiles with queue file
names. When a request to "deliver mail now" arrives, Postfix will attempt
to deliver all recipients in the queue files that have mail for the
destination in question. This does not perform well when queue files have
recipients in many different domains.
destination in question. This does not perform well with queue files that
have recipients in many different domains, such as queue files with
outbound mailing list traffic.
* The flush(8) daemon maintains per-destination logfiles only for
destinations listed with $fast_flush_domains. With other destinations it
not possible to trigger delivery with "sendmail -qRdestination" or, with
Postfix version 1.1 and later, "postqueue -sdestination".
destinations listed with $fast_flush_domains. With other destinations you
cannot request delivery with "sendmail -qRdestination" or, with Postfix
version 1.1 and later, "postqueue -sdestination".
* Up to and including early versions of Postfix version 2.1, the "fast flush"
service may not deliver some messages if the request to "deliver mail now"
@ -100,6 +98,10 @@ service for every possible destination.
dead domains, and the list of message delivery transports specified with
the defer_transports configuration parameter.
* Up to and including Postfix version 2.3, the "fast flush" service may not
deliver some messages if the request to "deliver mail now" arrives while an
incoming queue scan is already in progress.
CCoonnffiigguurriinngg tthhee PPoossttffiixx ffaasstt EETTRRNN sseerrvviiccee
The behavior of the flush(8) daemon is controlled by parameters in the main.cf
@ -200,9 +202,9 @@ client that is allowed to execute ETRN commands (by default, that's every
client), and type the commands shown in boldface:
220 my.server.tld ESMTP Postfix
hheelloo mmyy..cclliieenntt..ttlldd
HHEELLOO mmyy..cclliieenntt..ttlldd
250 Ok
eettrrnn ssoommee..ccuussttoommeerr..ddoommaaiinn
EETTRRNN ssoommee..ccuussttoommeerr..ddoommaaiinn
250 Queuing started
where "some.customer.domain" is the name of a domain that has a non-empty
@ -225,9 +227,9 @@ relay to (any domain listed in $relay_domains), but that has no mail queued.
The text in bold face stands for the commands that you type:
220 my.server.tld ESMTP Postfix
hheelloo mmyy..cclliieenntt..ttlldd
HHEELLOO mmyy..cclliieenntt..ttlldd
250 Ok
eettrrnn ssoommee..ootthheerr..ccuussttoommeerr..ddoommaaiinn
EETTRRNN ssoommee..ootthheerr..ccuussttoommeerr..ddoommaaiinn
250 Queuing started
This time, the "ETRN"" command should trigger NO mail deliveries at all. If
@ -239,9 +241,9 @@ willing to relay to. It does not matter if your server has mail queued for that
destination.
220 my.server.tld ESMTP Postfix
hheelloo mmyy..cclliieenntt..ttlldd
HHEELLOO mmyy..cclliieenntt..ttlldd
250 Ok
eettrrnn nnoott..aa..ccuussttoommeerr..ddoommaaiinn
EETTRRNN nnoott..aa..ccuussttoommeerr..ddoommaaiinn
459 <not.a.customer.domain>: service unavailable
In this case, Postfix should reject the request as shown above.

82
postfix/README_FILES/FILTER_README
View File

@ -21,9 +21,9 @@ This document describes implementations that use a single Postfix instance for
everything: receiving, filtering and delivering mail. Applications that use two
separate Postfix instances will be covered by a later version of this document.
The after-queue content filter is not to be confused with the approach that is
described in the SMTPD_PROXY_README document, where incoming SMTP mail is
filtered BEFORE it is stored into the Postfix queue.
The after-queue content filter is not to be confused with the approaches
described in the SMTPD_PROXY_README or MILTER_README documents, where incoming
SMTP mail is filtered BEFORE it is stored into the Postfix queue.
This document describes two approaches to content filter all email, as well as
several options to filter mail selectively:
@ -50,14 +50,16 @@ several options to filter mail selectively:
PPrriinncciipplleess ooff ooppeerraattiioonn
An external content filter receives unfiltered mail from Postfix (as described
further below) and does one of the following:
An after-queue content filter receives unfiltered mail from Postfix (as
described further below) and can do one of the following:
1. Re-inject the mail back into Postfix, perhaps after changing content and/or
destination.
2. Reject the mail (by sending a suitable status code back to Postfix).
Postfix will return the mail to the sender.
2. Discard or quarantine the mail.
3. Reject the mail (by sending a suitable status code back to Postfix).
Postfix will send the mail back to the sender address.
NOTE: in this time of mail worms and forged spam, it is a VERY BAD IDEA to send
viruses back to the sender address, because the sender address is almost
@ -67,8 +69,9 @@ it.
SSiimmppllee ccoonntteenntt ffiilltteerr eexxaammppllee
The first example is simple to set up. Postfix receives unfiltered mail from
the network with the smtpd(8) server, and delivers unfiltered mail to a content
The first example is simple to set up, but has major limitations that will be
addressed in a second example. Postfix receives unfiltered mail from the
network with the smtpd(8) server, and delivers unfiltered mail to a content
filter with the Postfix pipe(8) delivery agent. The content filter injects
filtered mail back into Postfix with the Postfix sendmail(1) command, so that
Postfix can deliver it to the final destination.
@ -126,33 +129,36 @@ The content filter can be a simple shell script like this:
Notes:
* Line 8: The -G option does nothing before Postfix 2.3, otherwise it
disables address rewriting of message headers.
* Line 8: The -G option says the filter output is not a local mail
submission: don't do silly things like appending the local domain name to
addresses in message headers. This option does nothing before Postfix
version 2.3.
* Line 8: The -i option says don't stop reading input when a line contains
"." only.
* Line 8: NEVER NEVER NEVER use the "-t" command-line option here. It will
mis-deliver mail, like sending mailing list mail back to the mailing list.
mis-deliver mail, like sending messages from a mailing list back to the
mailing list.
* Line 21: The idea is to first capture the message to file and then run the
content through a third-party content filter program.
* Line 22: If the mail cannot be captured to file, mail delivery is deferred
by terminating with exit status 75 (EX_TEMPFAIL). Postfix places the
message in the deferred mail queue and tries again later.
* Line 22: If the message cannot be captured to file, mail delivery is
deferred by terminating with exit status 75 (EX_TEMPFAIL). Postfix places
the message in the deferred mail queue and tries again later.
* Line 25: You will need to specify a real content filter program here that
receives the content on standard input.
* Line 26: If the content filter program finds a problem, the mail is bounced
by terminating with exit status 69 (EX_UNAVAILABLE). Postfix will return
the message to the sender as undeliverable.
by terminating with exit status 69 (EX_UNAVAILABLE). Postfix will send the
message back to the sender as undeliverable mail.
* Note: in this time of mail worms and spam, it is a BAD IDEA to send known
* NOTE: in this time of mail worms and spam, it is a BAD IDEA to send known
viruses or spam back to the sender, because that address is likely to be
forged. It is safer to discard known to be bad content and to quarantine
suspicious content so that it can be inspected by a human being.
forged. It is safer to discard known viruses and to quarantine suspicious
content so that it can be inspected by a human being.
* Line 28: If the content is OK, it is given as input to the Postfix sendmail
command, and the exit status of the filter command is whatever exit status
@ -164,7 +170,7 @@ Notes:
I suggest that you first run this script by hand until you are satisfied with
the results. Run it with a real message (headers+body) as input:
% /path/to/script -f sender recipient... <message-file
% /path/to/script -f sender -- recipient... <message-file
Once you're satisfied with the content filtering script:
@ -206,10 +212,10 @@ Once you're satisfied with the content filtering script:
smtp inet ...other stuff here, do not change... smtpd
-o content_filter=filter:dummy
The "content_filter" line causes Postfix to add one content filter request
record to each incoming mail message, with content "filter:dummy". This
record overrides the normal mail routing and causes mail to be given to the
content filter instead.
The "-o content_filter" line causes Postfix to add one content filter
request record to each incoming mail message, with content "filter:dummy".
This record overrides the normal mail routing and causes mail to be given
to the content filter instead.
The content_filter configuration parameter accepts the same syntax as the
right-hand side in a Postfix transport table.
@ -249,7 +255,7 @@ To turn off "simple" content filtering:
* Edit the master.cf file, remove the "-o content_filter=filter:dummy" text
from the entry that defines the Postfix SMTP server.
* Execute "ppoossttssuuppeerr --rr AALLLL" to remove content filter information from
* Execute "ppoossttssuuppeerr --rr AALLLL" to remove content filter request records from
existing queue files.
* Execute another "ppoossttffiixx rreellooaadd".
@ -285,9 +291,11 @@ architecture.
content filter 10025
The example given here filters all mail, including mail that arrives via SMTP
and mail that is locally submitted via the Postfix sendmail command. See
examples near the end of this document for how to exclude local users from
filtering, or how to configure a destination dependent content filter.
and mail that is locally submitted via the Postfix sendmail command (local
submissions enter Postfix via the pickup(8) server; to keep the figure simple
we omit local submission details). See examples near the end of this document
for how to exclude local users from filtering, or how to configure a
destination dependent content filter.
You can expect to lose about a factor of two in Postfix performance for mail
that arrives and leaves via SMTP, provided that the content filter creates no
@ -348,7 +356,7 @@ the Postfix master.cf file:
* The "-o disable_mime_output_conversion=yes" is a workaround that prevents
the breaking of domainkeys and other digital signatures. This is needed
because some SMTP-based content filters don't announce 8BITMIME support,
even though they can handle it just fine.
even though they can handle 8-bit mail.
* The "-o smtp_generic_maps=" is a workaround that prevents local address
rewriting with generic(5) maps. Such rewriting should happen only when mail
@ -373,6 +381,10 @@ filtering processes on localhost port 10025:
user handles all potentially dangerous mail content - that is why it should
be a separate account.
* By default, Postfix will terminate a command that runs longer than
command_time_limit seconds (default: 1000s). This is a safety measure that
prevents filters from running forever.
If you want to have your filter listening on port localhost:10025 instead of
Postfix, then you must run your filter as a stand-alone program, and must not
use the Postfix spawn service.
@ -405,14 +417,14 @@ without sending `.' on the connection that injects mail back into Postfix.
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
* Note: do not use spaces around the "=" or "," characters.
* NOTE: do not use spaces around the "=" or "," characters.
* Note: the SMTP server must not have a smaller process limit than the
* NOTE: the SMTP server must not have a smaller process limit than the
"filter" master.cf entry.
* The "-o content_filter=" overrides main.cf settings, and requests no
content filtering for mail from the content filter. This is required or
else mail will stay in the content filtering loop.
else mail will loop.
* The "-o receive_override_options" overrides main.cf settings to avoid
duplicating work that was already done before the content filter. These
@ -426,7 +438,7 @@ without sending `.' on the connection that injects mail back into Postfix.
o We specify "no_milters" to disable Milter applications (this option is
available only in Postfix 2.3 and later).
o We don't specify "no_address_mapping" here. This enables virtual alias
o We don't specify "no_address_mappings" here. This enables virtual alias
expansion, canonical mappings, address masquerading, and other address
mappings after the content filter. The main.cf setting of
"receive_override_options" disables these mappings before the content
@ -470,7 +482,7 @@ To turn off "advanced" content filtering:
content_filter = scan:localhost:10025
receive_override_options = no_address_mappings
* Execute "ppoossttssuuppeerr --rr AALLLL" to remove content filter information from
* Execute "ppoossttssuuppeerr --rr AALLLL" to remove content filter request records from
existing queue files.
* Execute another "ppoossttffiixx rreellooaadd".

8
postfix/README_FILES/LDAP_README
View File

@ -249,10 +249,10 @@ attribute is for a different use case). The returned data for "auser" and
auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org
Note: if the desired member object result attribute is always also present in
the group, you get suprising results, the expansion also returns the address of
the group. This is a known limitation of Postfix releases prior to 2.4, and is
addressed in the new with Postfix 2.4 "leaf_result_attribute" feature described
in ldap_table(5).
the group, you get surprising results, the expansion also returns the address
of the group. This is a known limitation of Postfix releases prior to 2.4, and
is addressed in the new with Postfix 2.4 "leaf_result_attribute" feature
described in ldap_table(5).
Our third use case has some groups that are expanded immediately, and other
groups that are forwarded to a dedicated mailing list manager host for delayed

107
postfix/README_FILES/MILTER_README
View File

@ -11,9 +11,10 @@ FROM, etc.) as well as mail content. All this happens before mail is queued.
The reason for adding Milter support to Postfix is that there exists a large
collection of applications, not only to block unwanted mail, but also to verify
authenticity (examples: SenderID+SPF and Domain keys) or to digitally sign mail
(example: Domain keys). Having yet another Postfix-specific version of all that
software is a poor use of human and system resources.
authenticity (examples: Domain keys identified mail, SenderID+SPF and Domain
keys) or to digitally sign mail (examples: Domain keys identified mail, Domain
keys). Having yet another Postfix-specific version of all that software is a
poor use of human and system resources.
Postfix version 2.4 implements all the requests of Sendmail version 8 Milter
protocols up to version 4, including message body replacement (body replacement
@ -86,11 +87,11 @@ implements the Sendmail 8 Milter protocol. Postfix currently does not provide
such a library, but Sendmail does.
On some Linux and *BSD distributions, the Sendmail libmilter library is
installed by default. With this, applications such as dk-milter and sid-milter
build out of the box without requiring any tinkering:
installed by default. With this, applications such as dkim-milter and sid-
milter build out of the box without requiring any tinkering:
$ ggzzccaatt ddkk--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd ddkk--mmiilltteerr--xx..yy..zz
$ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
$ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
$ mmaakkee
[...lots of output omitted...]
@ -126,7 +127,7 @@ RRuunnnniinngg MMiilltteerr aapppplliiccaattiioonnss
To run a Milter application, see the documentation of the filter for options. A
typical command looks like this:
# //ssoommee//wwhheerree//ddkk--ffiilltteerr --uu uusseerriidd --pp iinneett::ppoorrttnnuummbbeerr@@llooccaallhhoosstt ......ootthheerr
# //ssoommee//wwhheerree//ddkkiimm--ffiilltteerr --uu uusseerriidd --pp iinneett::ppoorrttnnuummbbeerr@@llooccaallhhoosstt ......ootthheerr
ooppttiioonnss......
Please specify a userid value that isn't used for other applications (not
@ -407,68 +408,72 @@ Milter applications make assumptions that aren't true in a Postfix environment.
X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com <unknown-
msgid>
This happens because some Milter applications expect that the queue ID is
This happens because those Milter applications expect that the queue ID is
known before the MTA accepts the MAIL FROM (sender) command. Postfix, on
the other hand, does not choose a queue file name until after it accepts
the first valid RCPT TO (recipient) command. Postfix queue file names must
the first valid RCPT TO (recipient) command (Postfix queue file names must
be unique across multiple directories, so the name can't be chosen before
the file is created. If multiple messages were to use the same queue ID
simultaneously, mail would be lost.
the file is created; if multiple messages were to use the same queue ID
simultaneously, mail would be lost).
To work around the ugly message header from Milter applications, we add a
little code to the Milter source to look up the queue ID after Postfix
receives the end of the message.
Fixing the ugly header maybe as simple as upgrading to a recent version of the
Milter application. For example, current versions of dkim-filter and dk-filter
have code that looks up the Postfix queue ID at a later protocol stage.
o Edit the filter source file (typically named dk-filter/dk-filter.c or
similar).
To fix the ugly message header with sid-filter applications, we change the
source code, so that it does the queue ID lookup after Postfix receives the end
of the message.
o Look up the mlfi_eom() function and add code near the top shown as bboolldd
text below:
* Edit the filter source file (named sid-filter/sid-filter.c).
dfc = cc->cctx_msg;
assert(dfc != NULL);
* Look up the smfilter table and replace mlfi_eoh by NULL.
//** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00))
{{
cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
iiff ((jjoobbiidd !!== 00))
ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
}}
* Look up the mlfi_eom() function and add code near the top that calls
mlfi_eoh() as shown by the bboolldd text below:
/* get hostname; used in the X header and in new MIME boundaries */
assert(ctx != NULL);
#endif /* !DEBUG */
NOTES:
rreett == mmllffii__eeoohh((ccttxx));;
iiff ((rreett !!== SSMMFFIISS__CCOONNTTIINNUUEE))
rreettuurrnn rreett;;
o Different mail filters use slightly different names for variables. If
the above code does not compile, look for the code at the start of the
mlfi_eoh() routine.
NOTES:
o This fixes only the ugly message header, but not the WARNING message.
Fortunately, dk-filter logs that message only once.
* This was tested with sid-milter-0.2.10 and sid-milter-0.2.14.
With some Milter applications we can fix both the WARNING and the "unknown-
msgid" by postponing the call of mlfi_eoh() (or whatever routine logs the
WARNING) until the end of the message.
* This fixes only the ugly message header, but not the WARNING message.
Fortunately, sid-milter logs that message only once.
o Edit the filter source file (typically named sid-filter/sid-filter.c or
similar).
To fix the ugly message header with other Milter applications, you will need to
do something like this:
o Look up the smfilter table and replace mlfi_eoh (or whatever routine
logs the WARNING) by NULL.
* Edit the filter source file (typically named xxx-filter/xxx-filter.c or
similar).
o Look up the mlfi_eom() function and add code near the top that calls
mlfi_eoh() as shown by the bboolldd text below:
* Look up the mlfi_eom() function and add code near the top shown as bboolldd
text below:
assert(ctx != NULL);
#endif /* !DEBUG */
dfc = cc->cctx_msg;
assert(dfc != NULL);
rreett == mmllffii__eeoohh((ccttxx));;
iiff ((rreett !!== SSMMFFIISS__CCOONNTTIINNUUEE))
rreettuurrnn rreett;;
//** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00)) {{
cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
iiff ((jjoobbiidd !!== 00))
ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
}}
This works with sid-milter-0.2.10. Other Milter applications will dump core
when you do this.
/* get hostname; used in the X header and in new MIME boundaries */
NOTES:
* Different mail filters use slightly different names for variables. If the
above code does not compile, look for the code at the start of the mlfi_eoh
() routine.
* This fixes only the ugly message header, but not the WARNING message.
Fortunately, many Milters log that message only once.
LLiimmiittaattiioonnss

8
postfix/README_FILES/PACKAGE_README
View File

@ -11,10 +11,10 @@ for general use.
GGeenneerraall ddiissttrriibbuuttiioonnss:: pplleeaassee pprroovviiddee aa ssmmaallll ddeeffaauulltt mmaaiinn..ccff ffiillee
The installed main.cf file must be small. PLEASE resist the temptation to list
all 400+ parameters in the main.cf file. Postfix is supposed to be easy to
configure. Listing all 400+ in main.cf defeats the purpose. It is an invitation
for hobbyists to make random changes without understanding what they do, and
gets them into endless trouble.
all parameters in the main.cf file. Postfix is supposed to be easy to
configure. Listing all parameters in main.cf defeats the purpose. It is an
invitation for hobbyists to make random changes without understanding what they
do, and gets them into endless trouble.
GGeenneerraall ddiissttrriibbuuttiioonnss:: pplleeaassee iinncclluuddee RREEAADDMMEE oorr HHTTMMLL ffiilleess

2
postfix/README_FILES/SMTPD_POLICY_README
View File

@ -118,7 +118,7 @@ Notes:
how the client was authenticated via TLS. These attributes are empty in
case of no certificate authentication. As of Postfix 2.2.11 these attribute
values are encoded as xtext: some characters are represented by +XX, where
XX is the two-digit hecadecimal representation of the character value.
XX is the two-digit hexadecimal representation of the character value.
* The "encryption_*" attributes (Postfix 2.3 and later) specify information
about how the connection is encrypted. With plaintext connections the

77
postfix/README_FILES/TUNING_README
View File

@ -141,7 +141,8 @@ Postfix version 2.0 and earlier:
MMeeaassuurreess aaggaaiinnsstt cclliieennttss tthhaatt mmaakkee ttoooo mmaannyy ccoonnnneeccttiioonnss
Note: the anvil(8) service was introduced with Postfix version 2.2.
Note: these features use the Postfix anvil(8) service, introduced with Postfix
version 2.2.
The Postfix smtpd(8) server can limit the number of simultaneous connections
from the same SMTP client, as well as the number of connections that a client
@ -149,29 +150,31 @@ is allowed to make per unit time. These statistics are maintained by the anvil
(8) server (translation: if anvil(8) breaks, then connection limits stop
working).
IMPORTANT: These limits are designed to protect the smtpd(8) server against
flagrant abuse. Do not use these limits to regulate legitimate traffic: mail
will suffer grotesque delays if you do so.
IMPORTANT: These limits must not be used to regulate legitimate traffic: mail
will suffer grotesque delays if you do so. The limits are designed to protect
the smtpd(8) server against abuse by out-of-control clients.
* An SMTP client may make up to $smtpd_client_connection_count_limit
simultaneous connections (default: 50). This is half the default process
limit.
* An SMTP client may make up to $smtpd_client_message_rate_limit message
delivery requests per unit time (default: no limit).
* An SMTP client may send up to $smtpd_client_recipient_rate_limit recipient
addresses per unit time (default: no limit).
* An SMTP client may make up to $smtpd_client_connection_rate_limit
connections per unit time (default: no limit).
* These limits are not applied to SMTP clients in the networks specified with
$smtpd_client_event_limit_exceptions (default: clients in $mynetworks may
make an unlimited number of connections).
* The anvil_rate_time_unit parameter specifies the time unit over which
client connection rates are computed (default: 60s).
smtpd_client_connection_count_limit (default: 50)
The maximum number of connections than an SMTP client may make
simultaneously.
smtpd_client_connection_rate_limit (default: no limit)
The maximum number of connections that an SMTP client may make in the
time interval specified with anvil_rate_time_unit (default: 60s).
smtpd_client_message_rate_limit (default: no limit)
The maximum number of message delivery requests that an SMTP client may
make in the time interval specified with anvil_rate_time_unit (default:
60s).
smtpd_client_recipient_rate_limit (default: no limit)
The maximum number of recipient addresses that an SMTP client may
specify in the time interval specified with anvil_rate_time_unit
(default: 60s).
smtpd_client_new_tls_session_rate_limit (default: no limit)
The maximum number of new TLS sessions (without using the TLS session
cache) that an SMTP client may negotiate in the time interval specified
with anvil_rate_time_unit (default: 60s).
smtpd_client_event_limit_exceptions (default: $mynetworks)
SMTP clients that are excluded from connection and rate limits
specified above.
GGeenneerraall mmaaiill ddeelliivveerryy ppeerrffoorrmmaannccee ttiippss
@ -251,7 +254,7 @@ Examples of transport specific concurrency limits are:
limit delivery concurrency to the same recipient: if the recipient has an
expensive shell command in her .forward file, or if the recipient is a
mailing list manager, you don't want to run too many instances of those
processes the same time.
processes at the same time.
* The default smtp_destination_concurrency_limit of 20 seems enough to
noticeably load a system without bringing it to its knees. Be careful when
@ -334,9 +337,9 @@ message it may blame the message itself, or it may blame the receiving party.
This process is governed by a bunch of little parameters.
queue_run_delay (default: 1000 seconds)
queue_run_delay (default: 300 seconds; before Postfix 2.4: 1000s)
How often the queue manager scans the queue for deferred mail.
minimal_backoff_time (default: 1000 seconds)
minimal_backoff_time (default: 300 seconds; before Postfix 2.4: 1000s)
The minimal amount of time a message won't be looked at, and the
minimal amount of time to stay away from a "dead" destination.
maximal_backoff_time (default: 4000 seconds)
@ -374,8 +377,8 @@ mail delivery performance actually becomes worse. The symptoms are as follows:
When mail is being deferred frequently, fixing the problem is always better
than increasing the frequency of delivery attempts. However, if you can control
only the delivery attempt frequency, consider using a dedicated fallback_relay
"graveyard" machine for bad destinations so that they do not ruin the
performance of normal mail deliveries.
"graveyard" machine for bad destinations, so that these destinations do not
ruin the performance of normal mail deliveries.
TTuunniinngg tthhee nnuummbbeerr ooff PPoossttffiixx pprroocceesssseess
@ -414,6 +417,16 @@ TTuunniinngg tthhee nnuummbbeerr ooff ooppeenn ffiillee
When Postfix opens too many files or sockets, processes will abort with fatal
errors, and the system may log "file table full" errors.
* Depending on your Postfix and operating system versions you may need to
recompile Postfix if you need more than 1024 file descriptors per process:
o No recompilation is needed for Postfix version 2.4 and later, when it
was compiled for systems that support BSD kqueue(2) (FreeBSD 4.1,
NetBSD 2.0, OpenBSD 2.9), Solaris 8 /dev/poll, or Linux 2.6 epoll(4).
o Otherwise, Postfix needs to be recompiled to override the default
FD_SETSIZE value.
* Reduce the number of processes as described under "Tuning the number of
Postfix processes" above. Fewer processes need fewer open files and
sockets.
@ -423,8 +436,8 @@ errors, and the system may log "file table full" errors.
sure to verify the following information with your system tuning guide:
o Some FreeBSD kernel parameters can be specified in /boot/loader.conf,
and some can be changed with sysctl commands. Which is which depends on
the version.
and some can be specified in /etc/sysctl.conf or changed with sysctl
commands. Which is which depends on the version.
kern.ipc.maxsockets="5000"
kern.ipc.nmbclusters="65536"
@ -432,8 +445,8 @@ errors, and the system may log "file table full" errors.
kern.maxfiles="16384"
kern.maxfilesperproc="16384"
o Linux kernel parameters can be specified in /etc/sysctl.conf and can
also be changed with sysctl commands:
o Linux kernel parameters can be specified in /etc/sysctl.conf or changed
with sysctl commands:
fs.file-max=16384
kernel.threads-max=2048

14
postfix/TODO
View File

@ -1,23 +1,13 @@
What needs to be done before Postfix 2.4.0 is finished:
- Update MILTER_README (dkim, application patches).
- Create RELEASE_NOTES_2.4.
- Update BACKSCATTER_README with PCRE rules.
- Otherwise done up to and including FILTER_README
- Truncate wish list from HISTORY.
- Spell check and double word check the proto files.
- Parameter hyperlink check and HTML check the html outputs.
- Replace SPF policy server script by link to SPF website.
- Remove MacOS X examples. They have not been updated.
- Is "postmap -qf" still needed with regexp/pcre maps?
- Update TUNING_README smtpd_client_*_limit feature list (add TLS).
- Update TUNING_README file descriptor tuning.

46
postfix/auxiliary/MacOSX/Postfix.StartupItem/Postfix
View File

@ -1,46 +0,0 @@
#!/bin/sh
# Gerben Wierda, Oct 2001. Adapted from an existing example. I waive every
# copyright on this and I also do not give any warranty.
# Updated Sepember 29, 2002
# To work properly, the POSTFIX variable needs to be set to -YES-
# in /etc/hostconfig
. /etc/rc.common
if [ "${POSTFIX:=-NO-}" = "-YES-" -a "${MAILSERVER:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Cannot run concurrent postfix and sendmail"
sleep 2
exit
fi
##
# Start mail server
##
if [ "$1" == "start" ]
then
if [ "${POSTFIX:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Starting Postfix mail services"
/usr/sbin/postfix start
fi
elif [ "$1" == "stop" ]
then
ConsoleMessage "Stopping Postfix mail services"
/usr/sbin/postfix stop
elif [ "$1" == "restart" ]
then
if [ "${POSTFIX:=-NO-}" = "-YES-" ]
then
ConsoleMessage "Reloading Postfix configuration"
/usr/sbin/postfix reload
else
ConsoleMessage "Stopping Postfix mail services"
/usr/sbin/postfix stop
fi
fi

13
postfix/auxiliary/MacOSX/Postfix.StartupItem/StartupParameters.plist
View File

@ -1,13 +0,0 @@
{
Description = "Postfix mail server";
Provides = ("SMTP");
Requires = ("Resolver");
Uses = ("Network Time", "NFS");
Preference = "None";
Messages =
{
start = "Starting Postfix";
stop = "Stopping Postfix";
restart = "Reloading Postfix Configuration";
};
}

74
postfix/auxiliary/MacOSX/README-INSTALL.OSX
View File

@ -1,74 +0,0 @@
# Adapted from an existing example by Gerben Wierda, Oct 2001. I waive every
# copyright on this and I also do not give any warranty.
Let's start with the important warning:
DO NOT USE THE MULTIPLE USERS APPLICATION TO CREATE THE POSTFIX USER!
NOTE: Mac OS X as of version 10.3 comes with Postfix as the standard mailer
and it is supported in Server Admin on Mac OS X 10.3 Server . The instructions
below therefore only apply for Mac OS X 10.2.8.
NOTE: As of 29 September 2002, these instructions and the scripts have changed
to make the solution more robust for Apple updates.
Run the commands below in the order that they are presented
A. INSTALLING POSTFIX for the first time and selecting it as the active
Mail Transfer Agent (MTA):
# All these commands are written to be run from this directory.
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
# Prepare for reactivating sendmail
sudo ./backup-sendmail-binaries
# this creates the necessary users & groups for proper operation
# of postfix:
sudo ./niscript
# Install postfix:
# When the script asks you for setgid (the default will be no) tell it
# maildrop
(cd ../..; sudo make install)
# Prepare for reactivating postfix
sudo ./backup-postfix-binaries
# edit /etc/postfix/main.cf to suit your requirements
### add your own commands here ###
# Activate postfix startup at boot time. Deactivates sendmail.
sudo ./activate-postfix
# Test. Read INSTALL for a series of suggested tests.
B. DEACTIVATING POSTFIX
# Deactivate postfix startup at boot time
sudo ./deactivate-postfix
C. RESTORING Sendmail as the MTA when Postfix is the active MTA
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
# Deactivate postfix startup at boot time
sudo ./deactivate-postfix
sudo ./activate-sendmail
# Restart your computer
D. RESTORING postfix as the MTA when Sendmail is the active MTA
# NOTE: The first time you activate postfix you have to follow
# the steps of A.
# This repairs the previous Oct 2001 setup if any
sudo ./repair-oldsetup
sudo ./activate-postfix

43
postfix/auxiliary/MacOSX/activate-postfix
View File

@ -1,43 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
# Activate binaries
if [ ! -e ${POSTFIXBACKUPDIR}/sendmail ]
then
echo "Something is wrong: there is no existing postfix binary backup"
exit 1;
else
echo "Restoring postfix versions of sendmail programs from backup..."
(cd ${POSTFIXBACKUPDIR}; tar cf - sendmail) | (cd /usr/sbin; tar xf -)
(cd ${POSTFIXBACKUPDIR}; tar cf - newaliases) | (cd /usr/bin; tar xf -)
(cd ${POSTFIXBACKUPDIR}; tar cf - mailq) | (cd /usr/bin; tar xf -)
fi
if [ -e "${PSI}" ]
then
echo "Postfix StartupItem already exists."
else
if [ -e "${PSIDISABLED}" ]
then
echo "Reinstating disabled Postfix StartupItem..."
mv "${PSIDISABLED}" "${PSI}"
else
echo "Installing new default Postfix StartupItem..."
cp -R Postfix.StartupItem "${PSI}"
fi
fi
# De-activate sendmail in /etc/hostconfig
/usr/bin/perl -pi -e 's/MAILSERVER=-YES-/MAILSERVER=-NO-/g' /etc/hostconfig
# Activate postfix in /etc/hostconfig
if /usr/bin/grep '^POSTFIX=-NO-' /etc/hostconfig >/dev/null 2>&1; then
/usr/bin/perl -pi -e 's/POSTFIX=-NO-/POSTFIX=-YES-/g' /etc/hostconfig
else
echo "POSTFIX=-YES-" >>/etc/hostconfig
fi
/usr/sbin/postfix start

24
postfix/auxiliary/MacOSX/activate-sendmail
View File

@ -1,24 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
. ./deactivate-postfix
# Activate binaries
if [ ! -e ${SENDMAILBACKUPDIR}/sendmail ]
then
echo "Something is wrong: there is no existing sendmail binary backup"
exit 1;
else
echo "Restoring sendmail versions of sendmail programs from backup..."
(cd ${SENDMAILBACKUPDIR}; tar cf - sendmail) | (cd /usr/sbin; tar xf -)
(cd ${SENDMAILBACKUPDIR}; tar cf - newaliases) | (cd /usr/bin; tar xf -)
(cd ${SENDMAILBACKUPDIR}; tar cf - mailq) | (cd /usr/bin; tar xf -)
fi
# Activate sendmail in /etc/hostconfig
/usr/bin/perl -pi -e 's/MAILSERVER=-NO-/MAILSERVER=-YES-/g' /etc/hostconfig

20
postfix/auxiliary/MacOSX/backup-postfix-binaries
View File

@ -1,20 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
# We use tar, as we do not know beforehand if we are dealing with real
# files or symbolic links. Since we use tar, we cannot change filenames
# we need to create a directory to hold our backup binaries.
. ./defines
if [ ! -d ${POSTFIXBACKUPDIR} ]
then
mkdir -p ${POSTFIXBACKUPDIR}
fi
(cd /usr/sbin; tar cf - sendmail) | (cd ${POSTFIXBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - newaliases) | (cd ${POSTFIXBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - mailq) | (cd ${POSTFIXBACKUPDIR}; tar xf -)

20
postfix/auxiliary/MacOSX/backup-sendmail-binaries
View File

@ -1,20 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
# We use tar, as we do not know beforehand if we are dealing with real
# files or symbolic links. Since we use tar, we cannot change filenames
# we need to create a directory to hold our backup binaries.
. ./defines
if [ ! -d ${SENDMAILBACKUPDIR} ]
then
mkdir -p ${SENDMAILBACKUPDIR}
fi
(cd /usr/sbin; tar cf - sendmail) | (cd ${SENDMAILBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - newaliases) | (cd ${SENDMAILBACKUPDIR}; tar xf -)
(cd /usr/bin; tar cf - mailq) | (cd ${SENDMAILBACKUPDIR}; tar xf -)

16
postfix/auxiliary/MacOSX/deactivate-postfix
View File

@ -1,16 +0,0 @@
#!/bin/sh
# Written by Gerben Wierda, Sep 2002. I waive every copyright on this and
# I also do not give any warranty.
. ./defines
if [ -e "${PSI}" ]
then
mv "${PSI}" "${PSIDISABLED}"
fi
# De-activate postfix in /etc/hostconfig
/usr/bin/perl -pi -e 's/POSTFIX=-YES-/POSTFIX=-NO-/g' /etc/hostconfig
/usr/sbin/postfix stop >/dev/null 2>&1

12
postfix/auxiliary/MacOSX/defines
View File

@ -1,12 +0,0 @@
#! /bin/sh
# Written by Gerben Wierda, Oct 2001. I waive every copyright on this and
# I also do not give any warranty.
SIDIR="/Library/StartupItems"
PSI="${SIDIR}/Postfix"
PSIDISABLED="${PSI}.disabled"
POSTFIXBACKUPDIR=/usr/sbin/.postfixbackup
SENDMAILBACKUPDIR=/usr/sbin/.sendmailbackup

164
postfix/auxiliary/MacOSX/niscript
View File

@ -1,164 +0,0 @@
#!/usr/bin/perl
# niscript.pl by Gerben Wierda <gerben_wierda@rna.nl>
# This little script is an adaptation of the original niscript sh script by
# Joe Block <jpb@creol.ucf.edu>
# instead of using fixed uid/gid and thus not robust if you run it on a
# system where groups and/or users have been added, this script checks
# if the users/groups are there and if not creates them with free id's.
# 17 Jul 2002 GW: Fixed two bugs
# 1. Typo in createuser would always have uid 88 for postfix
# 2. Add to netinfo domain . instead of / so that it also works on systems
# where the / domain is actually network-wide (not very useful to add
# a postfix user to all systems in that netinfo domain...)
print <<_WARNING
This script massages your netinfo database. This can severely break
your system. If your netinfo database breaks, you get to keep the parts.
No Warranty. Really.
This script tries to create two groups (if they do not already exist):
- postfix
- maildrop
and tries to create a user (if it does not already exist)
- postfix
which is member of group postfix.
_WARNING
;
# The script starts to look at id 88 (both for user and group) and up to 65535
# It dies if no free id is found.
my $postfixgid = undef;
my $maildropgid = undef;
my $postfixuid = undef;
# First create
my @groups = readgroups();
foreach $group (@groups) {
(my $groupname, undef, my $gid, undef) = split( ':', $group);
if ($groupname eq 'postfix') {
warn "You already have a postfix group (with gid $gid)\n";
$postfixgid = $gid;
}
if ($groupname eq 'maildrop') {
warn "You already have a maildrop group (with gid $gid)\n";
$maildropgid = $gid;
}
}
if (not defined $postfixgid) {
$postfixgid = creategroup( 'postfix');
}
if (not defined $maildropgid) {
$maildropgid = creategroup( 'maildrop');
}
my @users = readusers();
foreach $user (@users) {
(my $username, undef, my $uid, undef) = split( ':', $user);
if ($username eq 'postfix') {
warn "You already have a postfix user (with uid $uid)\n";
$postfixuid = $uid;
}
}
if (not defined $postfixuid) {
$postfixuid = createuser( 'postfix', '"Postfix User"',
'/usr/bin/false', '/etc/postfix',
$postfixgid);
addusertogroup( 'postfix', 'postfix');
}
warn "\n";
sub creategroup
{
my $name = shift;
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
my $tryno;
NEXTNO: for ($tryno = 88; $tryno <= 65535; $tryno++) {
foreach my $group (@groups) {
(my $groupname, undef, my $gid, undef) =
split( ':', $group);
next NEXTNO if $gid == $tryno;
}
last NEXTNO;
}
die "Cannot find free gid\n" if $tryno == 65536;
warn "Will create $name as gid $tryno\n";
system "niutil -create . /groups/$name";
system "niutil -createprop . /groups/$name name $name";
system "niutil -createprop . /groups/$name gid $tryno";
system "niutil -createprop . /groups/$name passwd '*'";
return $tryno;
}
sub addusertogroup
{
my $user = shift;
my $group = shift;
system "niutil -appendprop . /groups/$group users $user";
}
sub readgroups
{
open( NIDUMP, "nidump group .|") or die "Cannot run nidump\n";
my @groups=<NIDUMP>;
close( NIDUMP);
return @groups;
}
sub readusers
{
my @passwd;
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
@passwd=<NIDUMP>;
close( NIDUMP);
return @passwd;
}
sub createuser
{
my $name = shift;
my $realname = shift;
my $shell = shift;
my $home = shift;
my $gid = shift;
open( NIDUMP, "nidump passwd .|") or die "Cannot run nidump\n";
my @passwds=<NIDUMP>;
close( NIDUMP);
my $tryno;
NEXTNO: for ($tryno = 88; $tryno <= 65535; $tryno++) {
foreach my $passwd (@passwds) {
(my $passwdname, undef, my $uid, undef) =
split( ':', $passwd);
next NEXTNO if $uid == $tryno;
}
last NEXTNO;
}
die "Cannot find free uid\n" if $tryno == 65536;
warn "Will create $name as uid $tryno\n";
system "niutil -create . /users/$name";
system "niutil -createprop . /users/$name realname $realname";
system "niutil -createprop . /users/$name shell $shell";
system "niutil -createprop . /users/$name uid $tryno";
system "niutil -createprop . /users/$name gid $gid";
system "niutil -createprop . /users/$name home $home";
system "niutil -createprop . /users/$name _shadow_passwd";
system "niutil -createprop . /users/$name passwd '*'";
return $tryno;
}

8
postfix/auxiliary/MacOSX/repair-oldsetup
View File

@ -1,8 +0,0 @@
#!/bin/sh
if [ -d /System/Library/DisabledStartupItems/Sendmail ]
then
mv /System/Library/DisabledStartupItems/Sendmail /System/Library/StartupItems
rmdir /System/Library/DisabledStartupItems/Sendmail
rm -rf /System/Library/StartupItems/Postfix
fi

283
postfix/conf/access
View File

@ -11,34 +11,35 @@
# postmap -q - /etc/postfix/access <inputfile
#
# DESCRIPTION
# The Postfix SMTP server supports access control on remote
# SMTP client information: host names, network addresses,
# and envelope sender or recipient addresses. See
# header_checks(5) or body_checks(5) for access control on
# the content of email messages.
# This document describes access control on remote SMTP
# client information: host names, network addresses, and
# envelope sender or recipient addresses; it is implemented
# by the Postfix SMTP server. See header_checks(5) or
# body_checks(5) for access control on the content of email
# messages.
#
# Normally, the access(5) table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# "postmap /etc/postfix/access" to rebuild an indexed file
# Normally, the access(5) table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# "postmap /etc/postfix/access" to rebuild an indexed file
# after changing the corresponding text file.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# those cases, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# sions, or lookups can be directed to TCP-based server. In
# those cases, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# or "TCP-BASED TABLES".
#
# CASE FOLDING
# The search string is folded to lowercase before database
# lookup. As of Postfix 2.3, the search string is not case
# folded with database types such as regexp: or pcre: whose
# The search string is folded to lowercase before database
# lookup. As of Postfix 2.3, the search string is not case
# folded with database types such as regexp: or pcre: whose
# lookup fields can match both upper and lower case.
#
# TABLE FORMAT
@ -49,53 +50,53 @@
# address, perform the corresponding action.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# EMAIL ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, patterns are
# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user@domain
# Matches the specified mail address.
#
# domain.tld
# Matches domain.tld as the domain part of an email
# Matches domain.tld as the domain part of an email
# address.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting (note that this is the default
# for some versions of Postfix). Otherwise, specify
# .domain.tld (note the initial dot) in order to
# the Postfix parent_domain_matches_subdomains con-
# figuration setting (note that this is the default
# for some versions of Postfix). Otherwise, specify
# .domain.tld (note the initial dot) in order to
# match subdomains.
#
# user@ Matches all mail addresses with the specified user
# user@ Matches all mail addresses with the specified user
# part.
#
# Note: lookup of the null sender address is not possible
# with some types of lookup table. By default, Postfix uses
# <> as the lookup key for such addresses. The value is
# specified with the smtpd_null_access_lookup_key parameter
# Note: lookup of the null sender address is not possible
# with some types of lookup table. By default, Postfix uses
# <> as the lookup key for such addresses. The value is
# specified with the smtpd_null_access_lookup_key parameter
# in the Postfix main.cf file.
#
# EMAIL ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, domain, user+foo@,
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, domain, user+foo@,
# and user@.
#
# HOST NAME/ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# domain.tld
@ -103,9 +104,9 @@
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# (note the initial dot) in order to match subdo-
# mains.
#
# net.work.addr.ess
@ -114,21 +115,21 @@
#
# net.work
#
# net Matches the specified IPv4 host address or subnet-
# work. An IPv4 host address is a sequence of four
# net Matches the specified IPv4 host address or subnet-
# work. An IPv4 host address is a sequence of four
# decimal octets separated by ".".
#
# Subnetworks are matched by repeatedly truncating
# Subnetworks are matched by repeatedly truncating
# the last ".octet" from the remote IPv4 host address
# string until a match is found in the access table,
# string until a match is found in the access table,
# or until further truncation is not possible.
#
# NOTE 1: The information in the access map should be
# in canonical form, with unnecessary null characters
# eliminated. Address information must not be
# eliminated. Address information must not be
# enclosed with "[]" characters.
#
# NOTE 2: use the cidr lookup table type to specify
# NOTE 2: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# details.
#
@ -138,12 +139,12 @@
#
# net:work
#
# net Matches the specified IPv6 host address or subnet-
# work. An IPv6 host address is a sequence of three
# to eight hexadecimal octet pairs separated by ":".
# net Matches the specified IPv6 host address or subnet-
# work. An IPv6 host address is a sequence of three
# to eight hexadecimal octet pairs separated by ":".
#
# Subnetworks are matched by repeatedly truncating
# the last ":octetpair" from the remote IPv6 host
# Subnetworks are matched by repeatedly truncating
# the last ":octetpair" from the remote IPv6 host
# address string until a match is found in the access
# table, or until further truncation is not possible.
#
@ -153,10 +154,10 @@
#
# NOTE 2: The information in the access map should be
# in canonical form, with unnecessary null characters
# eliminated. Address information must not be
# eliminated. Address information must not be
# enclosed with "[]" characters.
#
# NOTE 3: use the cidr lookup table type to specify
# NOTE 3: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# details.
#
@ -167,48 +168,48 @@
#
# all-numerical
# An all-numerical result is treated as OK. This for-
# mat is generated by address-based relay authoriza-
# mat is generated by address-based relay authoriza-
# tion schemes such as pop-before-smtp.
#
# REJECT ACTIONS
# Postfix version 2.3 and later support enhanced status
# codes as defined in RFC 3463. When no code is specified
# at the beginning of the text below, Postfix inserts a
# default enhanced status code of "5.7.1" in the case of
# reject actions, and "4.7.1" in the case of defer actions.
# Postfix version 2.3 and later support enhanced status
# codes as defined in RFC 3463. When no code is specified
# at the beginning of the text below, Postfix inserts a
# default enhanced status code of "5.7.1" in the case of
# reject actions, and "4.7.1" in the case of defer actions.
# See "ENHANCED STATUS CODES" below.
#
# 4NN text
#
# 5NN text
# Reject the address etc. that matches the pattern,
# Reject the address etc. that matches the pattern,
# and respond with the numerical three-digit code and
# text. 4NN means "try again later", while 5NN means
# text. 4NN means "try again later", while 5NN means
# "do not try again".
#
# The reply code "421" causes Postfix to disconnect
# The reply code "421" causes Postfix to disconnect
# immediately (Postfix version 2.3 and later).
#
# REJECT optional text...
# Reject the address etc. that matches the pattern.
# Reply with $reject_code optional text... when the
# optional text is specified, otherwise reply with a
# Reject the address etc. that matches the pattern.
# Reply with $reject_code optional text... when the
# optional text is specified, otherwise reply with a
# generic error response message.
#
# DEFER_IF_REJECT optional text...
# Defer the request if some later restriction would
# result in a REJECT action. Reply with "450 4.7.1
# optional text... when the optional text is speci-
# Defer the request if some later restriction would
# result in a REJECT action. Reply with "450 4.7.1
# optional text... when the optional text is speci-
# fied, otherwise reply with a generic error response
# message.
#
# This feature is available in Postfix 2.1 and later.
#
# DEFER_IF_PERMIT optional text...
# Defer the request if some later restriction would
# result in a an explicit or implicit PERMIT action.
# Reply with "450 4.7.1 optional text... when the
# optional text is specified, otherwise reply with a
# Defer the request if some later restriction would
# result in a an explicit or implicit PERMIT action.
# Reply with "450 4.7.1 optional text... when the
# optional text is specified, otherwise reply with a
# generic error response message.
#
# This feature is available in Postfix 2.1 and later.
@ -219,158 +220,158 @@
# reject_unauth_destination, and so on).
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
# Note: this action currently affects all recipients
# of the message. To discard only one recipient
# without discarding the entire message, use the
# Note: this action currently affects all recipients
# of the message. To discard only one recipient
# without discarding the entire message, use the
# transport(5) table to direct mail to the discard(8)
# service.
#
# This feature is available in Postfix 2.0 and later.
#
# DUNNO Pretend that the lookup key was not found. This
# prevents Postfix from trying substrings of the
# lookup key (such as a subdomain name, or a network
# DUNNO Pretend that the lookup key was not found. This
# prevents Postfix from trying substrings of the
# lookup key (such as a subdomain name, or a network
# address subnetwork).
#
# This feature is available in Postfix 2.0 and later.
#
# FILTER transport:destination
# After the message is queued, send the entire mes-
# After the message is queued, send the entire mes-
# sage through the specified external content filter.
# The transport:destination syntax is described in
# the transport(5) manual page. More information
# about external content filters is in the Postfix
# The transport:destination syntax is described in
# the transport(5) manual page. More information
# about external content filters is in the Postfix
# FILTER_README file.
#
# Note: this action overrides the main.cf con-
# tent_filter setting, and currently affects all
# recipients of the message.
# Note: this action overrides the content_filter set-
# ting, and currently affects all recipients of the
# message.
#
# This feature is available in Postfix 2.0 and later.
#
# HOLD optional text...
# Place the message on the hold queue, where it will
# sit until someone either deletes it or releases it
# for delivery. Log the optional text if specified,
# Place the message on the hold queue, where it will
# sit until someone either deletes it or releases it
# for delivery. Log the optional text if specified,
# otherwise log a generic message.
#
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# mal_queue_lifetime or $bounce_queue_lifetime, or
# longer. Use "postsuper -H" only for mail that will
# longer. Use "postsuper -H" only for mail that will
# not expire within a few delivery attempts.
#
# Note: this action currently affects all recipients
# Note: this action currently affects all recipients
# of the message.
#
# This feature is available in Postfix 2.0 and later.
#
# PREPEND headername: headervalue
# Prepend the specified message header to the mes-
# sage. When more than one PREPEND action executes,
# the first prepended header appears before the sec-
# Prepend the specified message header to the mes-
# sage. When more than one PREPEND action executes,
# the first prepended header appears before the sec-
# ond etc. prepended header.
#
# Note: this action must execute before the message
# content is received; it cannot execute in the con-
# Note: this action must execute before the message
# content is received; it cannot execute in the con-
# text of smtpd_end_of_data_restrictions.
#
# This feature is available in Postfix 2.1 and later.
#
# REDIRECT user@domain
# After the message is queued, send the message to
# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
#
# Note: this action overrides the FILTER action, and
# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
#
# This feature is available in Postfix 2.1 and later.
#
# WARN optional text...
# Log a warning with the optional text, together with
# client information and if available, with helo,
# client information and if available, with helo,
# sender, recipient and protocol information.
#
# This feature is available in Postfix 2.1 and later.
#
# ENHANCED STATUS CODES
# Postfix version 2.3 and later support enhanced status
# codes as defined in RFC 3463. When an enhanced status
# code is specified in an access table, it is subject to
# modification. The following transformations are needed
# when the same access table is used for client, helo,
# sender, or recipient access restrictions; they happen
# Postfix version 2.3 and later support enhanced status
# codes as defined in RFC 3463. When an enhanced status
# code is specified in an access table, it is subject to
# modification. The following transformations are needed
# when the same access table is used for client, helo,
# sender, or recipient access restrictions; they happen
# regardless of whether Postfix replies to a MAIL FROM, RCPT
# TO or other SMTP command.
#
# o When a sender address matches a REJECT action, the
# Postfix SMTP server will transform a recipient DSN
# status (e.g., 4.1.1-4.1.6) into the corresponding
# o When a sender address matches a REJECT action, the
# Postfix SMTP server will transform a recipient DSN
# status (e.g., 4.1.1-4.1.6) into the corresponding
# sender DSN status, and vice versa.
#
# o When non-address information matches a REJECT
# action (such as the HELO command argument or the
# client hostname/address), the Postfix SMTP server
# will transform a sender or recipient DSN status
# into a generic non-address DSN status (e.g.,
# o When non-address information matches a REJECT
# action (such as the HELO command argument or the
# client hostname/address), the Postfix SMTP server
# will transform a sender or recipient DSN status
# into a generic non-address DSN status (e.g.,
# 4.0.0).
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
# cation, that string is an entire client hostname, an
# cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
# user@domain mail addresses are not broken up into their
# user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Patterns are applied in the order as specified in the ta-
# ble, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the ta-
# ble, until a pattern is found that matches the search
# string.
#
# Actions are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# Actions are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see tcp_ta-
# ble(5). This feature is not available up to and including
# Postfix version 2.4.
#
# Each lookup operation uses the entire query string once.
# Depending on the application, that string is an entire
# Each lookup operation uses the entire query string once.
# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
# mail address. Thus, no parent domain or parent network
# search is done, user@domain mail addresses are not broken
# up into their user@ and domain constituent parts, nor is
# mail address. Thus, no parent domain or parent network
# search is done, user@domain mail addresses are not broken
# up into their user@ and domain constituent parts, nor is
# user+foo broken up into user and foo.
#
# Actions are the same as with indexed file lookups.
#
# EXAMPLE
# The following example uses an indexed file, so that the
# order of table entries does not matter. The example per-
# mits access by the client at address 1.2.3.4 but rejects
# all other clients in 1.2.3.0/24. Instead of hash lookup
# tables, some systems use dbm. Use the command "postconf
# -m" to find out what lookup tables Postfix supports on
# The following example uses an indexed file, so that the
# order of table entries does not matter. The example per-
# mits access by the client at address 1.2.3.4 but rejects
# all other clients in 1.2.3.0/24. Instead of hash lookup
# tables, some systems use dbm. Use the command "postconf
# -m" to find out what lookup tables Postfix supports on
# your system.
#
# /etc/postfix/main.cf:
@ -385,7 +386,7 @@
# editing the file.
#
# BUGS
# The table format does not understand quoting conventions.
# The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1), Postfix lookup table manager
@ -394,13 +395,13 @@
# transport(5), transport:nexthop syntax
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# SMTPD_ACCESS_README, built-in SMTP server access control
# DATABASE_README, Postfix lookup table overview
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

257
postfix/conf/header_checks
View File

@ -1,7 +1,7 @@
# HEADER_CHECKS(5) HEADER_CHECKS(5)
#
# NAME
# header_checks - Postfix built-in header/body inspection
# header_checks - Postfix built-in content inspection
#
# SYNOPSIS
# header_checks = pcre:/etc/postfix/header_checks
@ -13,48 +13,49 @@
# postmap -fq - pcre:/etc/postfix/filename <inputfile
#
# DESCRIPTION
# The Postfix cleanup(8) server supports access control on
# the content of message headers and message body lines.
# See access(5) for access control on remote SMTP client
# This document describes access control on the content of
# message headers and message body lines; it is implemented
# by the Postfix cleanup(8) server before mail is queued.
# See access(5) for access control on remote SMTP client
# information.
#
# Each message header or message body line is compared
# against a list of patterns. When a match is found the
# Each message header or message body line is compared
# against a list of patterns. When a match is found the
# corresponding action is executed, and the matching process
# is repeated for the next message header or message body
# is repeated for the next message header or message body
# line.
#
# For examples, see the EXAMPLES section at the end of this
# For examples, see the EXAMPLES section at the end of this
# manual page.
#
# Postfix header or body_checks are designed to stop a flood
# of mail from worms or viruses; they do not decode attach-
# ments, and they do not unzip archives. See the documents
# referenced below in the README FILES section if you need
# of mail from worms or viruses; they do not decode attach-
# ments, and they do not unzip archives. See the documents
# referenced below in the README FILES section if you need
# more sophisticated content analysis.
#
# Postfix supports four built-in content inspection classes:
#
# header_checks
# These are applied to initial message headers
# (except for the headers that are processed with
# These are applied to initial message headers
# (except for the headers that are processed with
# mime_header_checks).
#
# mime_header_checks (default: $header_checks)
# These are applied to MIME related message headers
# These are applied to MIME related message headers
# only.
#
# This feature is available in Postfix 2.0 and later.
#
# nested_header_checks (default: $header_checks)
# These are applied to message headers of attached
# email messages (except for the headers that are
# These are applied to message headers of attached
# email messages (except for the headers that are
# processed with mime_header_checks).
#
# This feature is available in Postfix 2.0 and later.
#
# body_checks
# These are applied to all other content, including
# These are applied to all other content, including
# multi-part message boundaries.
#
# With Postfix versions before 2.0, all content after
@ -62,73 +63,73 @@
# tent.
#
# Note: message headers are examined one logical header at a
# time, even when a message header spans multiple lines.
# time, even when a message header spans multiple lines.
# Body lines are always examined one line at a time.
#
# TABLE FORMAT
# This document assumes that header and body_checks rules
# are specified in the form of Postfix regular expression
# lookup tables. Usually the best performance is obtained
# This document assumes that header and body_checks rules
# are specified in the form of Postfix regular expression
# lookup tables. Usually the best performance is obtained
# with pcre (Perl Compatible Regular Expression) tables, but
# the slower regexp (POSIX regular expressions) support is
# more widely available. Use the command "postconf -m" to
# find out what lookup table types your Postfix system sup-
# the slower regexp (POSIX regular expressions) support is
# more widely available. Use the command "postconf -m" to
# find out what lookup table types your Postfix system sup-
# ports.
#
# The general format of Postfix regular expression tables is
# given below. For a discussion of specific pattern or
# flags syntax, see pcre_table(5) or regexp_table(5),
# given below. For a discussion of specific pattern or
# flags syntax, see pcre_table(5) or regexp_table(5),
# respectively.
#
# /pattern/flags action
# When pattern matches the input string, execute the
# corresponding action. See below for a list of pos-
# When pattern matches the input string, execute the
# corresponding action. See below for a list of pos-
# sible actions.
#
# !/pattern/flags action
# When pattern does not match the input string, exe-
# When pattern does not match the input string, exe-
# cute the corresponding action.
#
# if /pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the input string also
# matches pattern. The if..endif can nest.
# if and endif, if and only if the same input string
# also matches pattern. The if..endif can nest.
#
# Note: do not prepend whitespace to patterns inside
# Note: do not prepend whitespace to patterns inside
# if..endif.
#
# if !/pattern/flags
#
# endif Match the input string against the patterns between
# if and endif, if and only if the input string does
# not match pattern. The if..endif can nest.
# if and endif, if and only if the same input string
# does not match pattern. The if..endif can nest.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A pattern/action line starts with non-whitespace
# text. A line that starts with whitespace continues
# A pattern/action line starts with non-whitespace
# text. A line that starts with whitespace continues
# a logical line.
#
# TABLE SEARCH ORDER
# For each line of message input, the patterns are applied
# in the order as specified in the table. When a pattern is
# found that matches the input line, the corresponding
# action is executed and then the next input line is
# For each line of message input, the patterns are applied
# in the order as specified in the table. When a pattern is
# found that matches the input line, the corresponding
# action is executed and then the next input line is
# inspected.
#
# TEXT SUBSTITUTION
# Substitution of substrings from the matched expression
# into the action string is possible using the conventional
# Perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# Substitution of substrings from the matched expression
# into the action string is possible using the conventional
# Perl syntax ($1, $2, etc.). The macros in the result
# string may need to be written as ${n} or $(n) if they
# aren't followed by whitespace.
#
# Note: since negated patterns (those preceded by !) return
# Note: since negated patterns (those preceded by !) return
# a result when the expression does not match, substitutions
# are not available for negated patterns.
#
@ -137,12 +138,12 @@
# case for consistency with other Postfix documentation.
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients. To discard only one recip-
# ient without discarding the entire message, use the
# transport(5) table to direct mail to the discard(8)
@ -150,74 +151,74 @@
#
# This feature is available in Postfix 2.0 and later.
#
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# can be used to shorten the table search.
#
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# as DUNNO.
#
# This feature is available in Postfix 2.1 and later.
#
# FILTER transport:destination
# Write a content filter request to the queue file
# and inspect the next input line. After the com-
# plete message is received it will be sent through
# Write a content filter request to the queue file,
# and inspect the next input line. After the com-
# plete message is received it will be sent through
# the specified external content filter. More infor-
# mation about external content filters is in the
# mation about external content filters is in the
# Postfix FILTER_README file.
#
# Note: this action overrides the main.cf con-
# tent_filter setting, and affects all recipients of
# the message. In the case that multiple FILTER
# actions fire, only the last one is executed.
# Note: this action overrides the content_filter set-
# ting, and affects all recipients of the message. In
# the case that multiple FILTER actions fire, only
# the last one is executed.
#
# This feature is available in Postfix 2.0 and later.
#
# HOLD optional text...
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# text if specified, otherwise log a generic message.
#
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# mal_queue_lifetime or $bounce_queue_lifetime, or
# longer. Use "postsuper -H" only for mail that will
# longer. Use "postsuper -H" only for mail that will
# not expire within a few delivery attempts.
#
# Note: this action affects all recipients of the
# Note: this action affects all recipients of the
# message.
#
# This feature is available in Postfix 2.0 and later.
#
# IGNORE Delete the current line from the input and inspect
# IGNORE Delete the current line from the input, and inspect
# the next input line.
#
# PREPEND text...
# Prepend one line with the specified text and
# Prepend one line with the specified text, and
# inspect the next input line.
#
# Notes:
#
# o The prepended text is output on a separate
# o The prepended text is output on a separate
# line, immediately before the input that
# triggered the PREPEND action.
#
# o The prepended text is not considered part of
# the input stream: it is not subject to
# the input stream: it is not subject to
# header/body checks or address rewriting, and
# it does not affect the way that Postfix adds
# missing message headers.
#
# o When prepending text before a message header
# line, the prepended text must begin with a
# line, the prepended text must begin with a
# valid message header label.
#
# o This action cannot be used to prepend multi-
@ -226,46 +227,46 @@
# This feature is available in Postfix 2.1 and later.
#
# REDIRECT user@domain
# Write a message redirection request to the queue
# file and inspect the next input line. After the
# Write a message redirection request to the queue
# file, and inspect the next input line. After the
# message is queued, it will be sent to the specified
# address instead of the intended recipient(s).
#
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# cuted.
#
# This feature is available in Postfix 2.1 and later.
#
# REPLACE text...
# Replace the current line with the specified text
# Replace the current line with the specified text,
# and inspect the next input line.
#
# This feature is available in Postfix 2.2 and later.
# The description below applies to Postfix 2.2.2 and
# The description below applies to Postfix 2.2.2 and
# later.
#
# Notes:
#
# o When replacing a message header line, the
# replacement text must begin with a valid
# o When replacing a message header line, the
# replacement text must begin with a valid
# header label.
#
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# headers.
#
# REJECT optional text...
# Reject the entire message. Reply with optional
# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# wise reply with a generic error message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients.
#
# Postfix version 2.3 and later support enhanced sta-
@ -274,26 +275,32 @@
# enhanced status code of "5.7.1".
#
# WARN optional text...
# Log a warning with the optional text... (or log a
# generic message) and inspect the next input line.
# Log a warning with the optional text... (or log a
# generic message), and inspect the next input line.
# This action is useful for debugging and for testing
# a pattern before applying more drastic actions.
#
# BUGS
# Many people overlook the main limitations of header and
# body_checks rules. These rules operate on one logical
# message header or one body line at a time, and a decision
# made for one line is not carried over to the next line.
# If text in the message body is encoded (RFC 2045) then the
# rules have to specified for the encoded form. Likewise,
# when message headers are encoded (RFC 2047) then the rules
# need to be specified for the encoded form.
# Many people overlook the main limitations of header and
# body_checks rules.
#
# Message headers added by the cleanup(8) daemon itself are
# o These rules operate on one logical message header
# or one body line at a time. A decision made for one
# line is not carried over to the next line.
#
# o If text in the message body is encoded (RFC 2045)
# then the rules have to specified for the encoded
# form.
#
# o Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the
# encoded form.
#
# Message headers added by the cleanup(8) daemon itself are
# excluded from inspection. Examples of such message headers
# are From:, To:, Message-ID:, Date:.
#
# Message headers deleted by the cleanup(8) daemon will be
# Message headers deleted by the cleanup(8) daemon will be
# examined before they are deleted. Examples are: Bcc:, Con-
# tent-Length:, Return-Path:.
#
@ -301,11 +308,11 @@
# body_checks
# Lookup tables with content filter rules for message
# body lines. These filters see one physical line at
# a time, in chunks of at most $line_length_limit
# a time, in chunks of at most $line_length_limit
# bytes.
#
# body_checks_size_limit
# The amount of content per message body segment
# The amount of content per message body segment
# (attachment) that is subjected to $body_checks fil-
# tering.
#
@ -315,32 +322,32 @@
#
# nested_header_checks (default: $header_checks)
# Lookup tables with content filter rules for message
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# sages.
#
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# $header_size_limit characters are truncated.
#
# disable_mime_input_processing
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# initial message headers is considered to be part of
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# that body_checks is applied to the remainder of the
# message.
#
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# time.
#
# EXAMPLES
# Header pattern to block attachments with bad file name
# Header pattern to block attachments with bad file name
# extensions.
#
# /etc/postfix/main.cf:
@ -372,7 +379,7 @@
# RFC 2047, message header encoding for non-ASCII text
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# CONTENT_INSPECTION_README, Postfix content inspection overview
@ -380,7 +387,7 @@
# BACKSCATTER_README, blocking returned forged mail
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

4
postfix/conf/postfix-files
View File

@ -280,7 +280,7 @@ $html_directory/BUILTIN_FILTER_README.html:f:root:-:644
$html_directory/CDB_README.html:f:root:-:644
$html_directory/CONNECTION_CACHE_README.html:f:root:-:644
$html_directory/CONTENT_INSPECTION_README.html:f:root:-:644
$html_directory/CYRUS_README.html:f:root:-:644
$html_directory/CYRUS_README.html:f:root:-:644:o
$html_directory/DATABASE_README.html:f:root:-:644
$html_directory/DB_README.html:f:root:-:644
$html_directory/DEBUG_README.html:f:root:-:644
@ -312,7 +312,7 @@ $html_directory/STANDARD_CONFIGURATION_README.html:f:root:-:644
$html_directory/TLS_LEGACY_README.html:f:root:-:644
$html_directory/TLS_README.html:f:root:-:644
$html_directory/TUNING_README.html:f:root:-:644
$html_directory/ULTRIX_README.html:f:root:-:644
$html_directory/ULTRIX_README.html:f:root:-:644:o
$html_directory/UUCP_README.html:f:root:-:644
$html_directory/VERP_README.html:f:root:-:644
$html_directory/VIRTUAL_README.html:f:root:-:644

6
postfix/examples/smtpd-policy/README.SPF Normal file
View File

@ -0,0 +1,6 @@
See http://www.openspf.org/Software for the current version of the
SPF policy daemon for Postfix.
SPF support is also available via MILTER plugins, such as sid-milter
at http://sourceforge.net/projects/sid-milter/ which implements both
SenderID and SPF.

238
postfix/examples/smtpd-policy/postfix-policyd-spf.pl
View File

@ -1,238 +0,0 @@
#!/usr/bin/perl
# postfix-policyd-spf
# http://www.openspf.org
# version 1.07
# $Id$
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
use strict;
# ----------------------------------------------------------
# configuration
# ----------------------------------------------------------
# to use SPF, install Mail::SPF::Query from CPAN or from the SPF website at http://www.openspf.org/downloads.html
my @HANDLERS;
push @HANDLERS, "testing";
push @HANDLERS, "sender_permitted_from"; use Mail::SPF::Query;
my $VERBOSE = 0;
my $DEFAULT_RESPONSE = "DUNNO";
#
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
#
my $syslog_socktype = 'unix'; # inet, unix, stream, console
my $syslog_facility = "mail";
my $syslog_options = "pid";
my $syslog_priority = "info";
my $syslog_ident = "postfix/policy-spf";
# ----------------------------------------------------------
# minimal documentation
# ----------------------------------------------------------
#
# Usage: smtpd-policy.pl [-v]
#
# Demo delegated Postfix SMTPD policy server.
# This server implements SPF.
# Another server implements greylisting.
# Postfix has a pluggable policy server architecture.
# You can call one or both from Postfix.
#
# The SPF handler uses Mail::SPF::Query to do the heavy lifting.
#
# This documentation assumes you have read Postfix's README_FILES/SMTPD_POLICY_README
#
# Logging is sent to syslogd.
#
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script. By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
#
# To run this from /etc/postfix/master.cf:
#
# policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/smtpd-policy.pl
#
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
#
# smtpd_recipient_restrictions =
# ...
# reject_unauth_destination
# check_policy_service unix:private/policy
# ...
#
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
#
# To test this script by hand, execute:
#
# % perl smtpd-policy.pl
#
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
#
# request=smtpd_access_policy
# protocol_state=RCPT
# protocol_name=SMTP
# helo_name=some.domain.tld
# queue_id=8045F2AB23
# sender=foo@bar.tld
# recipient=bar@foo.tld
# client_address=1.2.3.4
# client_name=another.domain.tld
# [empty line]
#
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
#
# action=dunno
# [empty line]
#
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_address=208.210.125.227
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: client_name=newbabe.mengwong.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: helo_name=newbabe.mengwong.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_name=ESMTP
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: protocol_state=RCPT
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: queue_id=
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: recipient=mengwong@dumbo.pobox.com
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: request=smtpd_access_policy
# Jul 23 18:43:29 dumbo/dumbo policyd[21171]: Attribute: sender=mengwong@newbabe.mengwong.com
# ----------------------------------------------------------
# initialization
# ----------------------------------------------------------
#
# Log an error and abort.
#
sub fatal_exit {
syslog(err => "fatal_exit: @_");
syslog(warning => "fatal_exit: @_");
syslog(info => "fatal_exit: @_");
die "fatal: @_";
}
#
# Unbuffer standard output.
#
select((select(STDOUT), $| = 1)[0]);
#
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
#
setlogsock $syslog_socktype;
openlog $syslog_ident, $syslog_options, $syslog_facility;
# ----------------------------------------------------------
# main
# ----------------------------------------------------------
#
# Receive a bunch of attributes, evaluate the policy, send the result.
#
my %attr;
while (<STDIN>) {
chomp;
if (/=/) { my ($k, $v) = split (/=/, $_, 2); $attr{$k} = $v; next }
elsif (length) { syslog(warning => sprintf("warning: ignoring garbage: %.100s", $_)); next; }
if ($VERBOSE) {
for (sort keys %attr) {
syslog(debug => "Attribute: %s=%s", $_, $attr{$_});
}
}
fatal_exit ("unrecognized request type: '$attr{request}'") unless $attr{request} eq "smtpd_access_policy";
my $action = $DEFAULT_RESPONSE;
my %responses;
foreach my $handler (@HANDLERS) {
no strict 'refs';
my $response = $handler->(attr=>\%attr);
syslog(debug => "handler %s: %s", $handler, $response);
if ($response and $response !~ /^dunno/i) {
syslog(info => "handler %s: %s is decisive.", $handler, $response);
$action = $response; last;
}
}
syslog(info => "decided action=%s", $action);
print STDOUT "action=$action\n\n";
%attr = ();
}
# ----------------------------------------------------------
# plugin: SPF
# ----------------------------------------------------------
sub sender_permitted_from {
local %_ = @_;
my %attr = %{ $_{attr} };
my $query = eval { new Mail::SPF::Query (ip =>$attr{client_address},
sender=>$attr{sender},
helo =>$attr{helo_name}) };
if ($@) {
syslog(info => "%s: Mail::SPF::Query->new(%s, %s, %s) failed: %s",
$attr{queue_id}, $attr{client_address}, $attr{sender}, $attr{helo_name}, $@);
return "DUNNO";
}
my ($result, $smtp_comment, $header_comment) = $query->result();
syslog(info => "%s: SPF %s: smtp_comment=%s, header_comment=%s",
$attr{queue_id}, $result, $smtp_comment, $header_comment);
if ($result eq "fail") { return "REJECT $smtp_comment"; }
elsif ($result eq "error") { return "DEFER_IF_PERMIT $smtp_comment"; }
else { return "PREPEND Received-SPF: $result ($header_comment)"; }
}
# ----------------------------------------------------------
# plugin: testing
# ----------------------------------------------------------
sub testing {
local %_ = @_;
my %attr = %{ $_{attr} };
if (lc address_stripped($attr{sender}) eq
lc address_stripped($attr{recipient})
and
$attr{recipient} =~ /policyblock/) {
syslog(info => "%s: testing: will block as requested", $attr{queue_id});
return "REJECT smtpd-policy blocking $attr{recipient}";
}
else {
syslog(info => "%s: testing: stripped sender=%s, stripped rcpt=%s",
$attr{queue_id},
address_stripped($attr{sender}),
address_stripped($attr{recipient}),
);
}
return "DUNNO";
}
sub address_stripped {
# my $foo = localpart_lhs('foo+bar@baz.com'); # returns 'foo@baz.com'
my $string = shift;
for ($string) {
s/[+-].*\@/\@/;
}
return $string;
}

9
postfix/html/ADDRESS_CLASS_README.html
View File

@ -53,8 +53,9 @@ address classes are very important for the operation of Postfix. </p>
<li> <p> The list of domains that are a member of the class: for
example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
<li> <p> The default delivery method. For example, the local or
smtp delivery agent. This helps to keep Postfix configurations
<li> <p> The default delivery transport. For example, the local or
relay delivery transport (delivery transports are defined in
<a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations
simple. </p>
<li> <p> The list of valid recipient addresses for that address
@ -95,7 +96,7 @@ empty, then the Postfix SMTP server accepts any address in the
<a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> class. </p>
<li> <p> The mail delivery transport is specified with the
<a href="postconf.5.html#local_transport">local_transport</a> parameter. The default value is <b>local:$<a href="postconf.5.html#myhostname">myhostname</a></b>
<a href="postconf.5.html#local_transport">local_transport</a> parameter. The default value is <b><a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a></b>
for delivery with the <a href="local.8.html">local(8)</a> delivery agent. </p>
</ul>
@ -265,7 +266,7 @@ default. The Postfix SMTP server uses this to reject mail for
unknown local recipients. See the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> file hints
and tips. </p>
<li> <p> Introduction of the relay delivery transport in master.cf.
<li> <p> Introduction of the relay delivery transport in <a href="master.5.html">master.cf</a>.
This helps to avoid mail delivery scheduling problems on inbound
mail relays when there is a lot of outbound mail, but may require
that you update your "<a href="postconf.5.html#defer_transports">defer_transports</a>" setting. </p>

5
postfix/html/ADDRESS_VERIFICATION_README.html
View File

@ -229,7 +229,10 @@ MAILER-DAEMON messages. </p>
<p> Recipient address verification is relatively straightforward
and there are no surprises. If a recipient probe fails, then Postfix
rejects mail for the recipient address. If a recipient probe
succeeds, then Postfix accepts mail for the recipient address. </p>
succeeds, then Postfix accepts mail for the recipient address.
However, recipient address verification probes can increase the
load on down-stream MTAs when you're being flooded by backscatter
bounces, or when some spammer is mounting a dictionary attack. </p>
<p> By default, address verification results are not saved. To avoid
probing the same address repeatedly, you can store the result in a

36
postfix/html/CONNECTION_CACHE_README.html
View File

@ -92,28 +92,38 @@ by the mail delivering process that creates the connection. To get
the same performance improvement as with a shared connection cache,
non-shared connections need to be kept open for a longer time. </p>
<p> The <a href="scache.8.html">scache(8)</a> server, introduced with Postfix version 2.2,
maintains the shared connection cache. With Postfix version 2.2,
only the <a href="smtp.8.html">smtp(8)</a> client has support to access this cache. </p>
<blockquote>
<table>
<tr> <td> Internet &lt;-- </td> <td align="center" bgcolor="#f0f0ff">
<br> <a href="smtp.8.html">smtp(8)</a> <br> &nbsp; </td> <td> <tt> &lt;-&gt; </tt> </td> <td
align="center" bgcolor="#f0f0ff"> <br> <a href="scache.8.html">scache(8)</a> <br> &nbsp; </td>
<td> <tt> &lt;-&gt; </tt> </td> <td align="center" bgcolor="#f0f0ff">
<br> <a href="smtp.8.html">smtp(8)</a> <br> &nbsp; </td> <td> --&gt; Internet </td>
<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a>
<br> &nbsp; </td> <td colspan="2"> --&gt; Internet </td> </tr>
<tr> <td align="center" rowspan="3"> &nbsp; </td> <td align="center"
rowspan="3"><tt>|<br>|<br>|<br>|<br>|<br>|<br>v</tt></td>
<td> &nbsp; </td> </tr>
<tr> <td align="center"
colspan="2" bgcolor="#f0f0ff"> <br> <a href="smtp.8.html">smtp(8)</a> <br> &nbsp; </td> <td
align="left"> --&gt; Internet </td> </tr>
<tr> <td align="center"><tt>^<br>|</tt></td> <td> &nbsp; </td> </tr>
<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> <a href="scache.8.html">scache(8)</a>
<br> &nbsp; </td> </tr>
</table>
</blockquote>
<p> The <a href="scache.8.html">scache(8)</a> server, introduced with Postfix version 2.2,
maintains the shared connection cache. With Postfix version 2.2,
only the <a href="smtp.8.html">smtp(8)</a> client has support to access this cache. </p>
<p> When SMTP connection caching is enabled (see next section), the
<a href="smtp.8.html">smtp(8)</a> client does not disconnect after a mail transaction, but
gives the connection to the <a href="scache.8.html">scache(8)</a> server which keeps the
connection open for a limited amount of time. </p>
connection open for a limited amount of time. </p>
<p> After handing over the open connection to the <a href="scache.8.html">scache(8)</a> server,
the <a href="smtp.8.html">smtp(8)</a> client continues with some other mail delivery request.
@ -144,7 +154,7 @@ destination has a high volume of mail in the <a href="QSHAPE_README.html#active_
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> = yes
</pre>
@ -167,7 +177,7 @@ right-hand side of an email address, without the [] around a numeric
IP address), </p>
<li> <p> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
the [] or non-default TCP port), as specified in main.cf or in the
the [] or non-default TCP port), as specified in <a href="postconf.5.html">main.cf</a> or in the
transport map, </p>
<li> <p> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
@ -184,7 +194,7 @@ lookups is ignored. </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = $<a href="postconf.5.html#relayhost">relayhost</a>
<a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = hotmail.com, ...
<a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> = static:all (<i>not recommended</i>)

24
postfix/html/CYRUS_README.html
View File

@ -1,24 +0,0 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix Cyrus Howto</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Cyrus Howto</h1>
<hr>
<p> This document will be made available via <a href="http://www.postfix.org/">http://www.postfix.org/</a>. </p>
</body>
</html>

8
postfix/html/DATABASE_README.html
View File

@ -80,7 +80,8 @@ below.
<li> You can use Berkeley DB files with fixed lookup strings for
simple address rewriting operations and you can use regular expression
tables for the more complicated work.
tables for the more complicated work. In other words, you don't
have to put everything into the same table.
</ul>
@ -189,8 +190,9 @@ because something else happens. This is because commands such as
<a href="postmap.1.html">postmap(1)</a> or <a href="postalias.1.html">postalias(1)</a> overwrite existing files. If the update
fails in the middle then you have no usable database, and Postfix
will stop working. This is not an issue with the CDB database type
available with Postfix 2.2 and later, because <a href="CDB_README.html">CDB</a>
database rebuilds are atomic. </p>
available with Postfix 2.2 and later: <a href="CDB_README.html">CDB</a>
creates a new file, and renames the file upon successful completion.
</p>
<p> With multi-file databases such as DBM, there is no simple
solution. With Berkeley DB and other "one file" databases, it is

15
postfix/html/DB_README.html
View File

@ -49,15 +49,17 @@ versions. </p>
<h2><a name="no_db">Building Postfix on systems without Berkeley
DB</a></h2>
<p> Many commercial UNIXes ship without Berkeley DB support. Examples
are Solaris, HP-UX, IRIX, UNIXWARE. In order to build Postfix with
<p> Some UNIXes ship without Berkeley DB support; for historical
reasons these use DBM files instead. A problem with DBM files is
that they can store only limited amounts of data. To build Postfix
with
Berkeley DB support you need to download and install the source
code from <a href="http://www.sleepycat.com/">http://www.sleepycat.com/</a> </p>
code from <a href="http://www.oracle.com/database/berkeley-db/">http://www.oracle.com/database/berkeley-db/</a>. </p>
<p> Warning: some Linux system libraries use Berkeley DB, as do
some third-party libraries such as SASL. If you compile Postfix
with a different Berkeley DB implementation, then every Postfix
program will dump core because either the system library, SASL
program will dump core because either the system library, the SASL
library, or Postfix itself ends up using the wrong version. </p>
<p>The more recent Berkeley DB versions have a compile-time switch,
@ -67,7 +69,7 @@ Although wasteful, this may be the only way to keep things from
falling apart. </p>
<p> To build Postfix after you installed the Berkeley DB from
<a href="http://www.sleepycat.com/">http://www.sleepycat.com/</a>, use something like: </p>
source code, use something like: </p>
<blockquote>
<pre>
@ -214,7 +216,8 @@ undefined reference to `pthread_mutex_trylock'
</pre>
</blockquote>
<p> More information is available at <a href="http://www.sleepycat.com/">http://www.sleepycat.com/</a>. </p>
<p> More information is available at
<a href="http://www.oracle.com/database/berkeley-db/">http://www.oracle.com/database/berkeley-db/</a>. </p>
</body>

40
postfix/html/DEBUG_README.html
View File

@ -100,8 +100,9 @@ is fixed. </p>
permissions, incorrect configuration file settings that you can
fix. Postfix cannot proceed until this is fixed. </p>
<li> <p> "<b>error</b>" reports a fatal or non-fatal error condition.
Postfix cannot proceed until this is fixed. </p>
<li> <p> "<b>error</b>" reports an error condition. For safety
reasons, a Postfix process will terminate when more than 13 of these
happen. </p>
<li> <p> "<b>warning</b>" indicates a non-fatal error. These are
problems that you may not be able to fix (such as a broken DNS
@ -145,7 +146,7 @@ Mail Delivery Status Report will be mailed to &lt;your login name&gt;.
</ul>
<p> These reports contain information that is generated by Postfix
delivery agents. Since these run as daemon processes and do not
delivery agents. Since these run as daemon processes that cannot
interact with users directly, the result is sent as mail to the
sender of the test message. The format of these reports is practically
identical to that of ordinary non-delivery notifications. </p>
@ -209,18 +210,21 @@ command "<b>postfix reload</b>". </p>
<h2><a name="sniffer">Record the SMTP session with a network sniffer</a></h2>
<p> This example uses <b>tcpdump</b>. In order to record a conversation
you need to specify a large enough buffer with the "-s" option or
else you will miss some or all of the packet payload. </p>
you need to specify a large enough buffer with the "<b>-s</b>"
option or else you will miss some or all of the packet payload.
</p>
<blockquote>
<pre>
# <b>tcpdump -w /file/name -s 2000 host example.com and port 25</b>
# <b>tcpdump -w /file/name -s 0 host example.com and port 25</b>
</pre>
</blockquote>
<p> Older tcpdump versions don't support "<b>-s 0</b>"; in that case,
use "<b>-s 2000</b>" instead. </p>
<p> Run this for a while, stop with Ctrl-C when done. To view the
data use a binary viewer, or <b>ethereal</b>, or use my <b>tcpdumpx</b>
utility that is available from <a href="ftp://ftp.porcupine.org/pub/debugging/">ftp://ftp.porcupine.org/pub/debugging/</a>.
data use a binary viewer, <b>ethereal</b>, or good old <b>less</b>.
</p>
<h2><a name="verbose">Making Postfix daemon programs more verbose</a></h2>
@ -228,7 +232,7 @@ utility that is available from <a href="ftp://ftp.porcupine.org/pub/debugging/">
<p> Append one or more "<b>-v</b>" options to selected daemon
definitions in /etc/postfix/<a href="master.5.html">master.cf</a> and type "<b>postfix reload</b>".
This will cause a lot of activity to be logged to the syslog daemon.
Example: </p>
For example, to make the Postfix SMTP server process more verbose: </p>
<blockquote>
<pre>
@ -237,10 +241,9 @@ Example: </p>
</pre>
</blockquote>
<p> This makes the Postfix SMTP server more verbose. To diagnose
problems with address rewriting one would specify a "<b>-v</b>"
<p> To diagnose problems with address rewriting specify a "<b>-v</b>"
option for the <a href="cleanup.8.html">cleanup(8)</a> and/or <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon, and to
diagnose problems with mail delivery one would specify a "<b>-v</b>"
diagnose problems with mail delivery specify a "<b>-v</b>"
option for the <a href="qmgr.8.html">qmgr(8)</a> or <a href="qmgr.8.html">oqmgr(8)</a> queue manager, or for the <a href="lmtp.8.html">lmtp(8)</a>,
<a href="local.8.html">local(8)</a>, <a href="pipe.8.html">pipe(8)</a>, <a href="smtp.8.html">smtp(8)</a>, or <a href="virtual.8.html">virtual(8)</a> delivery agent. </p>
@ -538,20 +541,23 @@ attachments, instead of reciting information from memory.
<li> <p> Postfix logging. See the text at the top of the <a href="DEBUG_README.html">DEBUG_README</a>
document to find out where logging is stored. Please do not frustrate
the helpers by word wrapping the logging. </p>
the helpers by word wrapping the logging. If the logging is more
than a few kbytes of text, consider posting an URL on a web or ftp
site. </p>
<li> <p> Consider using a test email address so that you don't have
to reveal email addresses or passwords of innocent people. </p>
<li> <p> If you can't use a test email address, please anonymize
information consistently. Replace each letter by "A", each digit
email addresses and host names consistently. Replace each letter
by "A", each digit
by "D" so that the helpers can still recognize syntactical errors.
</p>
<li> <p> Output from "<b>postconf -n</b>". Please do not send your
<a href="postconf.5.html">main.cf</a> file or 400+ lines of <b>postconf</b> output. </p>
<a href="postconf.5.html">main.cf</a> file, or 500+ lines of <b>postconf</b> output. </p>
<li> <p> Better, provide output from the <b>postfinger</b> tool.
<li> <p> Better, provide output from the <b>postfinger</b> tool.
This can be found at <a href="http://ftp.wl0.org/SOURCES/postfinger">http://ftp.wl0.org/SOURCES/postfinger</a>. </p>
<li> <p> If the problem is SASL related, consider including the
@ -562,7 +568,7 @@ output from the <b>saslfinger</b> tool. This can be found at
including output from the <b>qshape</b> tool, as described in the
<a href="QSHAPE_README.html">QSHAPE_README</a> file. </p>
<li> <p> If the problem is protocol related (connections time out
<li> <p> If the problem is protocol related (connections time out,
or an SMTP server complains about syntax errors etc.) consider
recording a session with <b>tcpdump</b>, as described in the <a
href="#sniffer">DEBUG_README</a> document. </ul>

2
postfix/html/DSN_README.html
View File

@ -44,7 +44,7 @@ identifies the message <i>content</i>. </p>
</ul>
<p> The implementation of DSN support involves extra parameters to
the SMTP MAIL FROM and RCPT TO commands, as well as new Postfix
the SMTP MAIL FROM and RCPT TO commands, as well as two Postfix
sendmail command line options that provide a sub-set of the functions
of the extra SMTP command parameters. </p>

49
postfix/html/ETRN_README.html
View File

@ -27,11 +27,6 @@ searches the queue for mail to the customer, and delivers that mail
not delivered via the connection that was used for sending ETRN.
</p>
<p> Postfix versions before 1.0 (also known as version 20010228)
implemented the ETRN command in an inefficient manner: they simply
attempted to deliver all queued mail. This is slow on mail servers
that queue mail for many customers. </p>
<p> As of version 1.0, Postfix has a fast ETRN implementation that
does not require Postfix to examine every queue file. Instead,
Postfix maintains a record of what queue files contain mail for
@ -74,11 +69,11 @@ font. </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.customer.domain</b>
<b>ETRN some.customer.domain</b>
250 Queuing started
<b>quit</b>
<b>QUIT</b>
221 Bye
</pre>
</blockquote>
@ -90,6 +85,8 @@ the connection that was used to send the ETRN command. </p>
<p> The Postfix operator can request delivery for a specific customer
by using the command "sendmail -qR<i>destination</i>" and, with
Postfix version 1.1 and later, "postqueue -s<i>destination</i>".
Access to this feature is controlled with the <a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a>
configuration parameter (Postfix version 2.2 and later).
</p>
<h2><a name="how">How Postfix fast ETRN works</a></h2>
@ -149,12 +146,13 @@ want to turn on fast ETRN service for every possible destination.
with queue file names. When a request to "deliver mail now" arrives,
Postfix will attempt to deliver all recipients in the queue files
that have mail for the destination in question. This does not
perform well when queue files have recipients in many different
domains. </p>
perform well with queue files that have recipients in many different
domains, such as queue files with outbound mailing list traffic.
</p>
<li> <p> The <a href="flush.8.html">flush(8)</a> daemon maintains per-destination logfiles
only for destinations listed with $<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a>. With other
destinations it not possible to trigger delivery with "sendmail
destinations you cannot request delivery with "sendmail
-qR<i>destination</i>" or, with Postfix version 1.1 and later,
"postqueue -s<i>destination</i>". </p>
@ -166,19 +164,24 @@ does not ignore the volatile in-memory list of dead domains, and
the list of message delivery transports specified with the
<a href="postconf.5.html#defer_transports">defer_transports</a> configuration parameter. </p>
<li> <p> Up to and including Postfix version 2.3, the "fast flush"
service may not deliver some messages if the request to "deliver
mail now" arrives while an <a href="QSHAPE_README.html#incoming_queue">incoming queue</a> scan is already in progress.
</p>
</ul>
<h2><a name="config">Configuring the Postfix fast ETRN service</a></h2>
<p> The behavior of the <a href="flush.8.html">flush(8)</a> daemon is controlled by parameters
in the main.cf configuration file. </p>
in the <a href="postconf.5.html">main.cf</a> configuration file. </p>
<p> By default, Postfix "fast ETRN" service is available only for
destinations that Postfix is willing to relay mail to: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> = $<a href="postconf.5.html#relay_domains">relay_domains</a>
<a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, reject
</pre>
@ -203,7 +206,7 @@ may execute the ETRN command. By default, any client has permission.
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> = $<a href="postconf.5.html#relay_domains">relay_domains</a>, some.other.domain
</pre>
</blockquote>
@ -213,7 +216,7 @@ and so that it maintains no per-destination logfiles, specify: </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> =
</pre>
</blockquote>
@ -240,7 +243,7 @@ for this delivery transport is deferred as soon as it arrives.
<blockquote>
<pre>
1 /etc/postfix/master.cf:
1 /etc/postfix/<a href="master.5.html">master.cf</a>:
2 # =============================================================
3 # service type private unpriv chroot wakeup maxproc command
4 # (yes) (yes) (yes) (never) (100)
@ -249,7 +252,7 @@ for this delivery transport is deferred as soon as it arrives.
7 relay unix - - n - - smtp
8 etrn-only unix - - n - - smtp
9
10 /etc/postfix/main.cf:
10 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
11 <a href="postconf.5.html#relay_domains">relay_domains</a> = customer.tld ...other domains...
12 <a href="postconf.5.html#defer_transports">defer_transports</a> = etrn-only
13 <a href="postconf.5.html#transport_maps">transport_maps</a> = hash:/etc/postfix/transport
@ -302,9 +305,9 @@ boldface: </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.customer.domain</b>
<b>ETRN some.customer.domain</b>
250 Queuing started
</pre>
</blockquote>
@ -338,9 +341,9 @@ commands that you type: </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.other.customer.domain</b>
<b>ETRN some.other.customer.domain</b>
250 Queuing started
</pre>
</blockquote>
@ -356,9 +359,9 @@ server has mail queued for that destination. </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn not.a.customer.domain</b>
<b>ETRN not.a.customer.domain</b>
459 &lt;not.a.customer.domain&gt;: service unavailable
</pre>
</blockquote>

62
postfix/html/FILTER_README.html
View File

@ -71,7 +71,8 @@ mail. Applications that use two separate Postfix instances will
be covered by a later version of this document. </p>
<p> The after-queue content filter is not to be confused with the
approach that is described in the <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document,
approaches described in the <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> or <a href="MILTER_README.html">MILTER_README</a>
documents,
where incoming SMTP mail is filtered BEFORE it is stored into the
Postfix queue. </p>
@ -125,16 +126,18 @@ all email, as well as several options to filter mail selectively: </p>
<h2><a name="principles">Principles of operation</a> </h2>
<p> An external content filter receives unfiltered mail from Postfix
(as described further below) and does one of the following: </p>
<p> An after-queue content filter receives unfiltered mail from Postfix
(as described further below) and can do one of the following: </p>
<ol>
<li> <p> Re-inject the mail back into Postfix, perhaps after changing
content and/or destination. </p>
<li> <p> Discard or quarantine the mail. </p>
<li> <p> Reject the mail (by sending a suitable status code back to
Postfix). Postfix will return the mail to the sender. </p>
Postfix). Postfix will send the mail back to the sender address. </p>
</ol>
@ -146,7 +149,8 @@ suspect so that a human can decide what to do with it. </p>
<h2><a name="simple_filter">Simple content filter example</a></h2>
<p> The first example is simple to set up. Postfix receives
<p> The first example is simple to set up, but has major limitations
that will be addressed in a second example. Postfix receives
unfiltered mail from the network with the <a href="smtpd.8.html">smtpd(8)</a> server, and
delivers unfiltered mail to a content filter with the Postfix
<a href="pipe.8.html">pipe(8)</a> delivery agent. The content filter injects filtered mail
@ -282,21 +286,23 @@ document for an introduction to the Postfix architecture. </p>
<ul>
<li> <p> Line 8: The -G option does nothing before Postfix 2.3,
otherwise it disables address rewriting of message headers. </p>
<li> <p> Line 8: The -G option says the filter output is not a local
mail submission: don't do silly things like appending the local
domain name to addresses in message headers. This option does
nothing before Postfix version 2.3. </p>
<li> <p> Line 8: The -i option says don't stop reading input when
a line contains "." only. </p>
<li> <p> Line 8: NEVER NEVER NEVER use the "-t" command-line option
here. It will mis-deliver mail, like sending mailing list mail back
to the mailing list. </p>
here. It will mis-deliver mail, like sending messages from a mailing
list back to the mailing list. </p>
<li> <p> Line 21: The idea is to first capture the message to
file and then run the content through a third-party content filter
program. </p>
<li> <p> Line 22: If the mail cannot be captured to file, mail
<li> <p> Line 22: If the message cannot be captured to file, mail
delivery is deferred by terminating with exit status 75 (EX_TEMPFAIL).
Postfix places the message in the deferred mail queue and tries
again later. </p>
@ -306,13 +312,14 @@ program here that receives the content on standard input. </p>
<li> <p> Line 26: If the content filter program finds a problem,
the mail is bounced by terminating with exit status 69 (EX_UNAVAILABLE).
Postfix will return the message to the sender as undeliverable.
Postfix will send the message back to the sender as undeliverable
mail.
</p>
<li> <p> Note: in this time of mail worms and spam, it is a BAD
<li> <p> NOTE: in this time of mail worms and spam, it is a BAD
IDEA to send known viruses or spam back to the sender, because that
address is likely to be forged. It is safer to discard known to be
bad content and to quarantine suspicious content so that it can
address is likely to be forged. It is safer to discard known viruses
and to quarantine suspicious content so that it can
be inspected by a human being. </p>
<li> <p> Line 28: If the content is OK, it is given as input to
@ -331,7 +338,7 @@ as input: </p>
<blockquote>
<pre>
% /path/to/script -f sender recipient... &lt;message-file
% /path/to/script -f sender -- recipient... &lt;message-file
</pre>
</blockquote>
@ -381,7 +388,7 @@ entry that defines the Postfix SMTP server: </p>
-o <a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy
</pre>
<p> The "<a href="postconf.5.html#content_filter">content_filter</a>" line causes Postfix to add one content
<p> The "-o <a href="postconf.5.html#content_filter">content_filter</a>" line causes Postfix to add one content
filter request record to each incoming mail message, with content
"filter:dummy". This record overrides the normal mail routing
and causes mail to be given to the content filter instead. </p>
@ -432,7 +439,7 @@ for filtered mail. </p>
Postfix SMTP server. </p>
<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
filter information from existing queue files. </p>
filter request records from existing queue files. </p>
<li> <p> Execute another "<b>postfix reload</b>". </p>
@ -553,7 +560,9 @@ document for an introduction to the Postfix architecture. </p>
<p> The example given here filters all mail, including mail that
arrives via SMTP and mail that is locally submitted via the Postfix
sendmail command. See examples near the end of this document for
sendmail command (local submissions enter Postfix via the <a href="pickup.8.html">pickup(8)</a>
server; to keep the figure simple we omit local submission details).
See examples near the end of this document for
how to exclude local users from filtering, or how to configure a
destination dependent content filter. </p>
@ -638,7 +647,7 @@ for more information. </p>
<li> <p> The "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes" is a workaround
that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
8BITMIME support, even though they can handle 8-bit mail. </p>
<li> <p> The "-o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=" is a workaround that prevents
local address rewriting with <a href="generic.5.html">generic(5)</a> maps. Such rewriting should
@ -672,6 +681,10 @@ shell and home directory. This user handles all potentially
dangerous mail content - that is why it should be a separate account.
</p>
<li> <p> By default, Postfix will terminate a command that runs
longer than <a href="postconf.5.html#command_time_limit">command_time_limit</a> seconds (default: 1000s). This is a
safety measure that prevents filters from running forever. </p>
</ul>
<p> If you want to have your filter listening on port localhost:10025
@ -711,15 +724,14 @@ that injects mail back into Postfix. </p>
<ul>
<li> <p> Note: do not use spaces around the "=" or "," characters. </p>
<li> <p> NOTE: do not use spaces around the "=" or "," characters. </p>
<li> <p> Note: the SMTP server must not have a smaller process
<li> <p> NOTE: the SMTP server must not have a smaller process
limit than the "filter" <a href="master.5.html">master.cf</a> entry. </p>
<li> <p> The "-o <a href="postconf.5.html#content_filter">content_filter</a>=" overrides <a href="postconf.5.html">main.cf</a> settings, and
requests no content filtering for mail from the content filter.
This is required or else mail will stay in the content filtering
loop. </p>
This is required or else mail will loop. </p>
<li> <p> The "-o <a href="postconf.5.html#receive_override_options">receive_override_options</a>" overrides <a href="postconf.5.html">main.cf</a> settings
to avoid duplicating work that was already done before the content
@ -737,7 +749,7 @@ specified in <a href="postconf.5.html">main.cf</a>: </p>
<li> <p> We specify "<a href="postconf.5.html#no_milters">no_milters</a>" to disable Milter applications
(this option is available only in Postfix 2.3 and later). </p>
<li> <p> We don't specify "no_address_mapping" here. This
<li> <p> We don't specify "<a href="postconf.5.html#no_address_mappings">no_address_mappings</a>" here. This
enables virtual alias expansion, canonical mappings, address
masquerading, and other address mappings after the content
filter. The <a href="postconf.5.html">main.cf</a> setting of "<a href="postconf.5.html#receive_override_options">receive_override_options</a>"
@ -794,7 +806,7 @@ when content filtering is turned off. </p>
</blockquote>
<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
filter information from existing queue files. </p>
filter request records from existing queue files. </p>
<li> <p> Execute another "<b>postfix reload</b>". </p>

2
postfix/html/LDAP_README.html
View File

@ -350,7 +350,7 @@ assume for the moment that groups never have a "maildrop" (the "bgroup"
</blockquote>
<p> Note: if the desired member object result attribute is always also
present in the group, you get suprising results, the expansion also
present in the group, you get surprising results, the expansion also
returns the address of the group. This is a known limitation of Postfix
releases prior to 2.4, and is addressed in the new with Postfix 2.4
"leaf_result_attribute" feature described in <a href="ldap_table.5.html">ldap_table(5)</a>. </p>

115
postfix/html/MILTER_README.html
View File

@ -28,9 +28,13 @@ this happens before mail is queued. </p>
<p> The reason for adding Milter support to Postfix is that there
exists a large collection of applications, not only to block unwanted
mail, but also to verify authenticity (examples: <a
href="http://sourceforge.net/projects/dkim-milter/">Domain keys
identified mail</a>, <a
href="http://sourceforge.net/projects/sid-milter/">SenderID+SPF</a> and
<a href="http://sourceforge.net/projects/dk-milter/">Domain keys</a>)
or to digitally sign mail (example: <a
or to digitally sign mail (examples: <a
href="http://sourceforge.net/projects/dkim-milter/">Domain keys
identified mail</a>, <a
href="http://sourceforge.net/projects/dk-milter/">Domain keys</a>).
Having yet another Postfix-specific version of all that software
is a poor use of human and system resources. </p>
@ -202,14 +206,14 @@ does. </p>
<p> On some Linux and *BSD distributions, the Sendmail libmilter
library is installed by default. With this, applications such as
<a href="http://sourceforge.net/projects/dk-milter/">dk-milter</a>
<a href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a>
and <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
build out of the box without requiring any tinkering:</p>
<blockquote>
<pre>
$ <b>gzcat dk-milter-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd dk-milter-<i>x.y.z</i></b>
$ <b>gzcat dkim-milter-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd dkim-milter-<i>x.y.z</i></b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
@ -260,7 +264,7 @@ for options. A typical command looks like this:</p>
<blockquote>
<pre>
# <b>/some/where/dk-filter -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
# <b>/some/where/dkim-filter -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
</pre>
</blockquote>
@ -652,23 +656,70 @@ X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com &lt;unknown-msgid&
</pre>
</blockquote>
<p> This happens because some Milter applications expect that the
<p> This happens because those Milter applications expect that the
queue ID is known <i>before</i> the MTA accepts the MAIL FROM
(sender) command. Postfix, on the other hand, does not choose a
queue file name until <i>after</i> it accepts the first valid RCPT
TO (recipient) command. Postfix queue file names must be unique
TO (recipient) command (Postfix queue file names must be unique
across multiple directories, so the name can't be chosen before the
file is created. If multiple messages were to use the same queue
ID <i>simultaneously</i>, mail would be lost. </p>
file is created; if multiple messages were to use the same queue
ID <i>simultaneously</i>, mail would be lost). </p>
<p> To work around the ugly message header from Milter applications,
we add a little code to the Milter source to look up the queue ID
after Postfix receives the end of the message. </p>
</ul>
<p> Fixing the ugly header maybe as simple as upgrading to a recent
version of the Milter application. For example, current versions
of dkim-filter and dk-filter have code that looks up the Postfix
queue ID at a later protocol stage. </p>
<p> To fix the ugly message header with sid-filter applications,
we change the source code, so that it does the queue ID lookup after
Postfix receives the end of the message. </p>
<ul>
<li> <p> Edit the filter source file (named
<tt>sid-filter/sid-filter.c</tt>). </p>
<li> <p> Look up the <tt>smfilter</tt> table and replace
<tt>mlfi_eoh</tt> by <tt>NULL</tt>.
</p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top that calls <tt>mlfi_eoh()</tt> as shown by the <b>bold</b>
text below: </p>
</ul>
<blockquote>
<pre>
assert(ctx != NULL);
#endif /* !DEBUG */
<b>
ret = mlfi_eoh(ctx);
if (ret != SMFIS_CONTINUE)
return ret;</b>
</pre>
</blockquote>
<p> NOTES: </p>
<ul>
<li> <p> This was tested with sid-milter-0.2.10 and sid-milter-0.2.14. </p>
<li> <p> This fixes only the ugly message header, but not the WARNING
message. Fortunately, sid-milter logs that message only once. </p>
</ul>
<p> To fix the ugly message header with other Milter applications,
you will need to do something like this: </p>
<ul>
<li> <p> Edit the filter source file (typically named
<tt>dk-filter/dk-filter.c</tt> or similar). </p>
<tt>xxx-filter/xxx-filter.c</tt> or similar). </p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top shown as <b>bold</b> text below: </p>
@ -700,43 +751,7 @@ variables. If the above code does not compile, look for the code
at the start of the <tt>mlfi_eoh()</tt> routine. </p>
<li> <p> This fixes only the ugly message header, but not the WARNING
message. Fortunately, dk-filter logs that message only once. </p>
</ul>
<p> With some Milter applications we can fix both the WARNING and
the "unknown-msgid" by postponing the call of <tt>mlfi_eoh()</tt>
(or whatever routine logs the WARNING) until the end of the message.
</p>
<ul>
<li> <p> Edit the filter source file (typically named
<tt>sid-filter/sid-filter.c</tt> or similar). </p>
<li> <p> Look up the <tt>smfilter</tt> table and replace
<tt>mlfi_eoh</tt> (or whatever routine logs the WARNING) by NULL.
</p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top that calls <tt>mlfi_eoh()</tt> as shown by the <b>bold</b>
text below: </p>
</ul>
<blockquote>
<pre>
assert(ctx != NULL);
#endif /* !DEBUG */
<b>
ret = mlfi_eoh(ctx);
if (ret != SMFIS_CONTINUE)
return ret;</b>
</pre>
</blockquote>
<p> This works with sid-milter-0.2.10. Other Milter applications
will dump core when you do this. </p>
message. Fortunately, many Milters log that message only once. </p>
</ul>

8
postfix/html/PACKAGE_README.html
View File

@ -26,9 +26,9 @@ Postfix distributions for general use. </p>
<h2>General distributions: please provide a small default main.cf
file</h2>
<p> The installed main.cf file must be small. PLEASE resist the
temptation to list all 400+ parameters in the main.cf file. Postfix
is supposed to be easy to configure. Listing all 400+ in main.cf
<p> The installed <a href="postconf.5.html">main.cf</a> file must be small. PLEASE resist the
temptation to list all parameters in the <a href="postconf.5.html">main.cf</a> file. Postfix
is supposed to be easy to configure. Listing all parameters in <a href="postconf.5.html">main.cf</a>
defeats the purpose. It is an invitation for hobbyists to make
random changes without understanding what they do, and gets them
into endless trouble. </p>
@ -70,7 +70,7 @@ script directly (<tt>% <b>sh post-install</b></tt>). </p>
<p> You will be prompted for installation parameters. Specify an
install_root directory other than /. The <a href="postconf.5.html#mail_owner">mail_owner</a> and <a href="postconf.5.html#setgid_group">setgid_group</a>
installation parameter settings will be recorded in the main.cf
installation parameter settings will be recorded in the <a href="postconf.5.html">main.cf</a>
file, but they won't take effect until the package is unpacked and
installed on the destination machine. </p>

2
postfix/html/SMTPD_POLICY_README.html
View File

@ -164,7 +164,7 @@ etrn_domain=
These attributes are empty in case of no certificate authentication.
As of Postfix 2.2.11 these attribute values are encoded as
xtext: some characters are represented by +XX, where XX is the
two-digit hecadecimal representation of the character value.
two-digit hexadecimal representation of the character value.
</p>
<li> <p> The "encryption_*" attributes (Postfix 2.3 and later)

89
postfix/html/TUNING_README.html
View File

@ -224,8 +224,8 @@ seconds or $<a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_t
<h2><a name="conn_limit">Measures against clients that make too many connections</a></h2>
<p> Note: the <a href="anvil.8.html">anvil(8)</a> service was introduced with Postfix version
2.2. </p>
<p> Note: these features use the Postfix <a href="anvil.8.html">anvil(8)</a> service, introduced
with Postfix version 2.2. </p>
<p> The Postfix <a href="smtpd.8.html">smtpd(8)</a> server can limit the number of simultaneous
connections from the same SMTP client, as well as the number of
@ -233,34 +233,47 @@ connections that a client is allowed to make per unit time.
These statistics are maintained by the <a href="anvil.8.html">anvil(8)</a> server (translation:
if <a href="anvil.8.html">anvil(8)</a> breaks, then connection limits stop working). </p>
<p> IMPORTANT: These limits are designed to protect the <a href="smtpd.8.html">smtpd(8)</a> server
against flagrant abuse. Do not use these limits to regulate legitimate
traffic: mail will suffer grotesque delays if you do so. </p>
<p> IMPORTANT: These limits must not be used to regulate legitimate
traffic: mail will suffer grotesque delays if you do so. The limits
are designed to protect the <a href="smtpd.8.html">smtpd(8)</a> server against abuse by
out-of-control clients. </p>
<ul>
<blockquote>
<li> <p> An SMTP client may make up to $<a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a>
simultaneous connections (default: 50). This is half the default
process limit. </p>
<dl>
<li> <p> An SMTP client may make up to $<a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a>
message delivery requests per unit time (default: no limit). </p>
<dt> <a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (default: 50) </dt> <dd>
The maximum number of connections than an SMTP client may make
simultaneously. </dd>
<li> <p> An SMTP client may send up to $<a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a>
recipient addresses per unit time (default: no limit). </p>
<dt> <a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (default: no limit) </dt>
<dd> The maximum number of connections that an SMTP client may make
in the time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (default:
60s). </dd>
<li> <p> An SMTP client may make up to $<a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a>
connections per unit time (default: no limit). </p>
<dt> <a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (default: no limit) </dt> <dd>
The maximum number of message delivery requests that an SMTP client
may make in the time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a>
(default: 60s). </dd>
<li> <p> These limits are not applied to SMTP clients in the networks
specified with $<a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> (default:
clients in $<a href="postconf.5.html#mynetworks">mynetworks</a> may make an unlimited number of connections).
<dt> <a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (default: no limit) </dt>
<dd> The maximum number of recipient addresses that an SMTP client
may specify in the time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a>
(default: 60s). </dd>
<li> <p> The <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> parameter specifies the time
unit over which client connection rates are computed (default:
60s).
<dt> <a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">smtpd_client_new_tls_session_rate_limit</a> (default: no limit)
</dt> <dd> The maximum number of new TLS sessions (without using
the TLS session cache) that an SMTP client may negotiate in the
time interval specified with <a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (default: 60s).
</dd>
</ul>
<dt> <a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> (default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)
</dt> <dd> SMTP clients that are excluded from connection and rate
limits specified above. </dd>
</dl>
</blockquote>
<h2><a name="mailing_tips">General mail delivery performance tips</a></h2>
@ -360,7 +373,7 @@ is not useful. Another good reason to limit delivery concurrency
to the same recipient: if the recipient has an expensive shell
command in her .forward file, or if the recipient is a mailing list
manager, you don't want to run too many instances of those processes
the same time. </p>
at the same time. </p>
<li> <p> The default <a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> of 20 seems
enough to noticeably load a system without bringing it to its knees.
@ -465,10 +478,12 @@ some amount of time. </p>
<dl>
<dt> <a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (default: 1000 seconds) </dt> <dd> How often
<dt> <a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (default: 300 seconds; before Postfix 2.4:
1000s) </dt> <dd> How often
the queue manager scans the queue for deferred mail. </dd>
<dt> <a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a> (default: 1000 seconds) </dt> <dd> The
<dt> <a href="postconf.5.html#minimal_backoff_time">minimal_backoff_time</a> (default: 300 seconds; before Postfix
2.4: 1000s) </dt> <dd> The
minimal amount of time a message won't be looked at, and the minimal
amount of time to stay away from a "dead" destination. </dd>
@ -519,7 +534,8 @@ that usually requires timing out one or more SMTP connections. </p>
always better than increasing the frequency of delivery attempts.
However, if you can control only the delivery attempt frequency,
consider using a dedicated <a href="postconf.5.html#fallback_relay">fallback_relay</a> "graveyard" machine for
bad destinations so that they do not ruin the performance of normal
bad destinations, so that these destinations do not ruin the
performance of normal
mail deliveries. </p>
<h2><a name="proc_limit">Tuning the number of Postfix processes</a></h2>
@ -573,6 +589,20 @@ errors. </p>
<ul>
<li> <p> Depending on your Postfix and operating system versions
you may need to recompile Postfix if you need more than 1024 file
descriptors per process: </p>
<ul> <li> <p> No recompilation is needed for Postfix version 2.4
and later, when it was compiled for systems that support BSD kqueue(2)
(FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9), Solaris 8 /dev/poll, or
Linux 2.6 epoll(4). </p>
<li> <p> Otherwise, Postfix needs to be recompiled to override the
default FD_SETSIZE value. </p>
</ul>
<li> <p> Reduce the number of processes as described under "<a
href="#proc_limit">Tuning the number of Postfix processes</a>" above.
Fewer processes need fewer open files and sockets. </p>
@ -585,7 +615,8 @@ with your system tuning guide: </p>
<ul>
<li> <p> Some FreeBSD kernel parameters can be specified in
/boot/loader.conf, and some can be changed with sysctl commands.
/boot/loader.conf, and some can be specified in /etc/sysctl.conf
or changed with sysctl commands.
Which is which depends on the version.
</p>
@ -598,7 +629,7 @@ kern.maxfilesperproc="16384"
</pre>
<li> <p> Linux kernel parameters can be specified in /etc/sysctl.conf
and can also be changed with sysctl commands: </p>
or changed with sysctl commands: </p>
<pre>
fs.file-max=16384
@ -607,7 +638,7 @@ kernel.threads-max=2048
<li> <p> Solaris kernel parameters can be specified in /etc/system,
as described in the <a
href="http://www.science.uva.nl/pub/solaris/solaris2.html#q3.46">Solaris
href="http://www.science.uva.nl/pub/solaris/solaris2.html#q3.48">Solaris
FAQ</a> entry titled "How can I increase the number of file
descriptors per process?" </p>

71
postfix/html/ULTRIX_README.html
View File

@ -1,71 +0,0 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix and Ultrix </title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix and Ultrix </h1>
<hr>
<h2> Postfix on Ultrix </h2>
<p> This document is probably only of historical value, because
Ultrix version 4 dates from the early 1990s. However, as long as
Wietse keeps Postfix alive for SunOS 4, it is likely to run on
Ultrix 4 with very little change. Feedback is welcome if anyone
actually still uses Postfix on any version of Ultrix. </p>
<p> The source of this document is an email message by Christian von Roques
that was sent on Jun 2, 1999. </p>
<blockquote>
<p> I've upgraded the MTA of our DECstation-3100 running Ultrix4.3a to
postfix-19990317-pl05 and am sending you the patches I needed to get
it running under Ultrix. </p>
<p> . . . </p>
<p> One of the bugs of Ultrix's /bin/sh is that shell-variables
set in arguments of `:' expand to garbage if expanded in here-documents.
Using a different shell helps. I needed to replace all calls of
``sh .../makedefs'' by ``$(SHELL) .../makedefs'' in all the
Makefile.in and am now able to use ``make SHELL=/bin/sh5'' or zsh.
<p> . . . </p>
<p> Ultrix's FD_SET_SIZE is 4096, but getdtablesize()
returns 64 by default, if not increased when building a new
kernel. getrlimit() doesn't know RLIMIT_NOFILE. This makes
event_init() always log the warning: `could allocate space for
only 64 open files'. </p>
<p> I just reduced the threshold from 256 to 64, but this is not good.
The initial problem still remains: How to disable this warning on
Ultrix without making the source ugly? </p>
</blockquote>
<p> To work around the first problem, all the Makefile.in files
have been updated to use `$(SHELL)' instead of `sh'. So you only
need to supply a non-default shell in order to eliminate Ultrix
shell trouble. </p>
<p> To work around the latter, util/sys_defs.h was updated for
Ultrix, with a default FD_SETSIZE of 100. This should be sufficient
for a workstation. Even in 1999, no-one would run a major mail hub
on Ultrix 4. </p>
</body>
</html>

281
postfix/html/access.5.html
View File

@ -17,34 +17,35 @@ ACCESS(5) ACCESS(5)
<b>postmap -q - /etc/postfix/access</b> &lt;<i>inputfile</i>
<b>DESCRIPTION</b>
The Postfix SMTP server supports access control on remote
SMTP client information: host names, network addresses,
and envelope sender or recipient addresses. See
<b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) or <b><a href="postconf.5.html#body_checks">body_checks</a></b>(5) for access control on
the content of email messages.
This document describes access control on remote SMTP
client information: host names, network addresses, and
envelope sender or recipient addresses; it is implemented
by the Postfix SMTP server. See <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) or
<b><a href="postconf.5.html#body_checks">body_checks</a></b>(5) for access control on the content of email
messages.
Normally, the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
"<b>postmap /etc/postfix/access</b>" to rebuild an indexed file
Normally, the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
"<b>postmap /etc/postfix/access</b>" to rebuild an indexed file
after changing the corresponding text file.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
indexed files.
Alternatively, the table can be provided as a regular-
Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
sions, or lookups can be directed to TCP-based server. In
those cases, the lookups are done in a slightly different
way as described below under "REGULAR EXPRESSION TABLES"
sions, or lookups can be directed to TCP-based server. In
those cases, the lookups are done in a slightly different
way as described below under "REGULAR EXPRESSION TABLES"
or "TCP-BASED TABLES".
<b>CASE FOLDING</b>
The search string is folded to lowercase before database
lookup. As of Postfix 2.3, the search string is not case
folded with database types such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose
The search string is folded to lowercase before database
lookup. As of Postfix 2.3, the search string is not case
folded with database types such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose
lookup fields can match both upper and lower case.
<b>TABLE FORMAT</b>
@ -55,53 +56,53 @@ ACCESS(5) ACCESS(5)
address, perform the corresponding <i>action</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
cal line.
<b>EMAIL ADDRESS PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, patterns are
networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user</i>@<i>domain</i>
Matches the specified mail address.
<i>domain.tld</i>
Matches <i>domain.tld</i> as the domain part of an email
Matches <i>domain.tld</i> as the domain part of an email
address.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd_access_maps</b> is listed in
the Postfix <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
figuration setting (note that this is the default
for some versions of Postfix). Otherwise, specify
<i>.domain.tld</i> (note the initial dot) in order to
the Postfix <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
figuration setting (note that this is the default
for some versions of Postfix). Otherwise, specify
<i>.domain.tld</i> (note the initial dot) in order to
match subdomains.
<i>user</i>@ Matches all mail addresses with the specified user
<i>user</i>@ Matches all mail addresses with the specified user
part.
Note: lookup of the null sender address is not possible
with some types of lookup table. By default, Postfix uses
&lt;&gt; as the lookup key for such addresses. The value is
specified with the <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a></b> parameter
Note: lookup of the null sender address is not possible
with some types of lookup table. By default, Postfix uses
&lt;&gt; as the lookup key for such addresses. The value is
specified with the <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a></b> parameter
in the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file.
<b>EMAIL ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>domain</i>, <i>user+foo</i>@,
and <i>user</i>@.
<b>HOST NAME/ADDRESS PATTERNS</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, the following
networked tables such as NIS, LDAP or SQL, the following
lookup patterns are examined in the order as listed:
<i>domain.tld</i>
@ -109,9 +110,9 @@ ACCESS(5) ACCESS(5)
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd_access_maps</b> is listed in
the Postfix <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
the Postfix <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
(note the initial dot) in order to match subdo-
(note the initial dot) in order to match subdo-
mains.
<i>net.work.addr.ess</i>
@ -120,21 +121,21 @@ ACCESS(5) ACCESS(5)
<i>net.work</i>
<i>net</i> Matches the specified IPv4 host address or subnet-
work. An IPv4 host address is a sequence of four
<i>net</i> Matches the specified IPv4 host address or subnet-
work. An IPv4 host address is a sequence of four
decimal octets separated by ".".
Subnetworks are matched by repeatedly truncating
Subnetworks are matched by repeatedly truncating
the last ".octet" from the remote IPv4 host address
string until a match is found in the access table,
string until a match is found in the access table,
or until further truncation is not possible.
NOTE 1: The information in the access map should be
in canonical form, with unnecessary null characters
eliminated. Address information must not be
eliminated. Address information must not be
enclosed with "[]" characters.
NOTE 2: use the <b>cidr</b> lookup table type to specify
NOTE 2: use the <b>cidr</b> lookup table type to specify
network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
details.
@ -144,12 +145,12 @@ ACCESS(5) ACCESS(5)
<i>net:work</i>
<i>net</i> Matches the specified IPv6 host address or subnet-
work. An IPv6 host address is a sequence of three
to eight hexadecimal octet pairs separated by ":".
<i>net</i> Matches the specified IPv6 host address or subnet-
work. An IPv6 host address is a sequence of three
to eight hexadecimal octet pairs separated by ":".
Subnetworks are matched by repeatedly truncating
the last ":octetpair" from the remote IPv6 host
Subnetworks are matched by repeatedly truncating
the last ":octetpair" from the remote IPv6 host
address string until a match is found in the access
table, or until further truncation is not possible.
@ -159,10 +160,10 @@ ACCESS(5) ACCESS(5)
NOTE 2: The information in the access map should be
in canonical form, with unnecessary null characters
eliminated. Address information must not be
eliminated. Address information must not be
enclosed with "[]" characters.
NOTE 3: use the <b>cidr</b> lookup table type to specify
NOTE 3: use the <b>cidr</b> lookup table type to specify
network/netmask patterns. See <a href="cidr_table.5.html"><b>cidr_table</b>(5)</a> for
details.
@ -173,48 +174,48 @@ ACCESS(5) ACCESS(5)
<i>all-numerical</i>
An all-numerical result is treated as OK. This for-
mat is generated by address-based relay authoriza-
mat is generated by address-based relay authoriza-
tion schemes such as pop-before-smtp.
<b>REJECT ACTIONS</b>
Postfix version 2.3 and later support enhanced status
codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>. When no code is specified
at the beginning of the <i>text</i> below, Postfix inserts a
default enhanced status code of "5.7.1" in the case of
reject actions, and "4.7.1" in the case of defer actions.
Postfix version 2.3 and later support enhanced status
codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>. When no code is specified
at the beginning of the <i>text</i> below, Postfix inserts a
default enhanced status code of "5.7.1" in the case of
reject actions, and "4.7.1" in the case of defer actions.
See "ENHANCED STATUS CODES" below.
<b>4</b><i>NN text</i>
<b>5</b><i>NN text</i>
Reject the address etc. that matches the pattern,
Reject the address etc. that matches the pattern,
and respond with the numerical three-digit code and
text. <b>4</b><i>NN</i> means "try again later", while <b>5</b><i>NN</i> means
text. <b>4</b><i>NN</i> means "try again later", while <b>5</b><i>NN</i> means
"do not try again".
The reply code "421" causes Postfix to disconnect
The reply code "421" causes Postfix to disconnect
immediately (Postfix version 2.3 and later).
<b>REJECT</b> <i>optional text...</i>
Reject the address etc. that matches the pattern.
Reply with <i>$reject</i><b>_</b><i>code optional text...</i> when the
optional text is specified, otherwise reply with a
Reject the address etc. that matches the pattern.
Reply with <i>$reject</i><b>_</b><i>code optional text...</i> when the
optional text is specified, otherwise reply with a
generic error response message.
<b>DEFER_IF_REJECT</b> <i>optional text...</i>
Defer the request if some later restriction would
result in a REJECT action. Reply with "<b>450 4.7.1</b>
<i>optional text...</i> when the optional text is speci-
Defer the request if some later restriction would
result in a REJECT action. Reply with "<b>450 4.7.1</b>
<i>optional text...</i> when the optional text is speci-
fied, otherwise reply with a generic error response
message.
This feature is available in Postfix 2.1 and later.
<b>DEFER_IF_PERMIT</b> <i>optional text...</i>
Defer the request if some later restriction would
result in a an explicit or implicit PERMIT action.
Reply with "<b>450 4.7.1</b> <i>optional text...</i> when the
optional text is specified, otherwise reply with a
Defer the request if some later restriction would
result in a an explicit or implicit PERMIT action.
Reply with "<b>450 4.7.1</b> <i>optional text...</i> when the
optional text is specified, otherwise reply with a
generic error response message.
This feature is available in Postfix 2.1 and later.
@ -225,158 +226,158 @@ ACCESS(5) ACCESS(5)
<b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a></b>, and so on).
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
erwise log a generic message.
Note: this action currently affects all recipients
of the message. To discard only one recipient
without discarding the entire message, use the
Note: this action currently affects all recipients
of the message. To discard only one recipient
without discarding the entire message, use the
<a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a>
service.
This feature is available in Postfix 2.0 and later.
<b>DUNNO</b> Pretend that the lookup key was not found. This
prevents Postfix from trying substrings of the
lookup key (such as a subdomain name, or a network
<b>DUNNO</b> Pretend that the lookup key was not found. This
prevents Postfix from trying substrings of the
lookup key (such as a subdomain name, or a network
address subnetwork).
This feature is available in Postfix 2.0 and later.
<b>FILTER</b> <i>transport:destination</i>
After the message is queued, send the entire mes-
After the message is queued, send the entire mes-
sage through the specified external content filter.
The <i>transport:destination</i> syntax is described in
the <a href="transport.5.html"><b>transport</b>(5)</a> manual page. More information
about external content filters is in the Postfix
The <i>transport:destination</i> syntax is described in
the <a href="transport.5.html"><b>transport</b>(5)</a> manual page. More information
about external content filters is in the Postfix
<a href="FILTER_README.html">FILTER_README</a> file.
Note: this action overrides the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#content_filter">con</a>-</b>
<b><a href="postconf.5.html#content_filter">tent_filter</a></b> setting, and currently affects all
recipients of the message.
Note: this action overrides the <b><a href="postconf.5.html#content_filter">content_filter</a></b> set-
ting, and currently affects all recipients of the
message.
This feature is available in Postfix 2.0 and later.
<b>HOLD</b> <i>optional text...</i>
Place the message on the <b>hold</b> queue, where it will
sit until someone either deletes it or releases it
for delivery. Log the optional text if specified,
Place the message on the <b>hold</b> queue, where it will
sit until someone either deletes it or releases it
for delivery. Log the optional text if specified,
otherwise log a generic message.
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
<b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or
longer. Use "<b>postsuper -H</b>" only for mail that will
longer. Use "<b>postsuper -H</b>" only for mail that will
not expire within a few delivery attempts.
Note: this action currently affects all recipients
Note: this action currently affects all recipients
of the message.
This feature is available in Postfix 2.0 and later.
<b>PREPEND</b> <i>headername: headervalue</i>
Prepend the specified message header to the mes-
sage. When more than one PREPEND action executes,
the first prepended header appears before the sec-
Prepend the specified message header to the mes-
sage. When more than one PREPEND action executes,
the first prepended header appears before the sec-
ond etc. prepended header.
Note: this action must execute before the message
content is received; it cannot execute in the con-
Note: this action must execute before the message
content is received; it cannot execute in the con-
text of <b><a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a></b>.
This feature is available in Postfix 2.1 and later.
<b>REDIRECT</b> <i>user@domain</i>
After the message is queued, send the message to
After the message is queued, send the message to
the specified address instead of the intended
recipient(s).
Note: this action overrides the FILTER action, and
Note: this action overrides the FILTER action, and
currently affects all recipients of the message.
This feature is available in Postfix 2.1 and later.
<b>WARN</b> <i>optional text...</i>
Log a warning with the optional text, together with
client information and if available, with helo,
client information and if available, with helo,
sender, recipient and protocol information.
This feature is available in Postfix 2.1 and later.
<b>ENHANCED STATUS CODES</b>
Postfix version 2.3 and later support enhanced status
codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>. When an enhanced status
code is specified in an access table, it is subject to
modification. The following transformations are needed
when the same access table is used for client, helo,
sender, or recipient access restrictions; they happen
Postfix version 2.3 and later support enhanced status
codes as defined in <a href="http://www.faqs.org/rfcs/rfc3463.html">RFC 3463</a>. When an enhanced status
code is specified in an access table, it is subject to
modification. The following transformations are needed
when the same access table is used for client, helo,
sender, or recipient access restrictions; they happen
regardless of whether Postfix replies to a MAIL FROM, RCPT
TO or other SMTP command.
<b>o</b> When a sender address matches a REJECT action, the
Postfix SMTP server will transform a recipient DSN
status (e.g., 4.1.1-4.1.6) into the corresponding
<b>o</b> When a sender address matches a REJECT action, the
Postfix SMTP server will transform a recipient DSN
status (e.g., 4.1.1-4.1.6) into the corresponding
sender DSN status, and vice versa.
<b>o</b> When non-address information matches a REJECT
action (such as the HELO command argument or the
client hostname/address), the Postfix SMTP server
will transform a sender or recipient DSN status
into a generic non-address DSN status (e.g.,
<b>o</b> When non-address information matches a REJECT
action (such as the HELO command argument or the
client hostname/address), the Postfix SMTP server
will transform a sender or recipient DSN status
into a generic non-address DSN status (e.g.,
4.0.0).
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to
Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
cation, that string is an entire client hostname, an
cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
no parent domain or parent network search is done,
<i>user@domain</i> mail addresses are not broken up into their
<i>user@domain</i> mail addresses are not broken up into their
<i>user@</i> and <i>domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the ta-
ble, until a pattern is found that matches the search
Patterns are applied in the order as specified in the ta-
ble, until a pattern is found that matches the search
string.
Actions are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
Actions are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
<a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
Postfix version 2.4.
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
mail address. Thus, no parent domain or parent network
search is done, <i>user@domain</i> mail addresses are not broken
up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
mail address. Thus, no parent domain or parent network
search is done, <i>user@domain</i> mail addresses are not broken
up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
<i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Actions are the same as with indexed file lookups.
<b>EXAMPLE</b>
The following example uses an indexed file, so that the
order of table entries does not matter. The example per-
mits access by the client at address 1.2.3.4 but rejects
all other clients in 1.2.3.0/24. Instead of <b>hash</b> lookup
tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>-m</b>" to find out what lookup tables Postfix supports on
The following example uses an indexed file, so that the
order of table entries does not matter. The example per-
mits access by the client at address 1.2.3.4 but rejects
all other clients in 1.2.3.0/24. Instead of <b>hash</b> lookup
tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>-m</b>" to find out what lookup tables Postfix supports on
your system.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
@ -391,7 +392,7 @@ ACCESS(5) ACCESS(5)
editing the file.
<b>BUGS</b>
The table format does not understand quoting conventions.
The table format does not understand quoting conventions.
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
@ -404,7 +405,7 @@ ACCESS(5) ACCESS(5)
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

255
postfix/html/header_checks.5.html
View File

@ -7,7 +7,7 @@
HEADER_CHECKS(5) HEADER_CHECKS(5)
<b>NAME</b>
<a href="postconf.5.html#header_checks">header_checks</a> - Postfix built-in header/body inspection
<a href="postconf.5.html#header_checks">header_checks</a> - Postfix built-in content inspection
<b>SYNOPSIS</b>
<b><a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks</b>
@ -19,48 +19,49 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b>postmap -fq - <a href="pcre_table.5.html">pcre</a>:/etc/postfix/</b><i>filename</i> &lt;<i>inputfile</i>
<b>DESCRIPTION</b>
The Postfix <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server supports access control on
the content of message headers and message body lines.
See <a href="access.5.html"><b>access</b>(5)</a> for access control on remote SMTP client
This document describes access control on the content of
message headers and message body lines; it is implemented
by the Postfix <a href="cleanup.8.html">cleanup(8)</a> server before mail is queued.
See <a href="access.5.html"><b>access</b>(5)</a> for access control on remote SMTP client
information.
Each message header or message body line is compared
against a list of patterns. When a match is found the
Each message header or message body line is compared
against a list of patterns. When a match is found the
corresponding action is executed, and the matching process
is repeated for the next message header or message body
is repeated for the next message header or message body
line.
For examples, see the EXAMPLES section at the end of this
For examples, see the EXAMPLES section at the end of this
manual page.
Postfix header or <a href="postconf.5.html#body_checks">body_checks</a> are designed to stop a flood
of mail from worms or viruses; they do not decode attach-
ments, and they do not unzip archives. See the documents
referenced below in the README FILES section if you need
of mail from worms or viruses; they do not decode attach-
ments, and they do not unzip archives. See the documents
referenced below in the README FILES section if you need
more sophisticated content analysis.
Postfix supports four built-in content inspection classes:
<b><a href="postconf.5.html#header_checks">header_checks</a></b>
These are applied to initial message headers
(except for the headers that are processed with
These are applied to initial message headers
(except for the headers that are processed with
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>).
<b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
These are applied to MIME related message headers
These are applied to MIME related message headers
only.
This feature is available in Postfix 2.0 and later.
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
These are applied to message headers of attached
email messages (except for the headers that are
These are applied to message headers of attached
email messages (except for the headers that are
processed with <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a></b>).
This feature is available in Postfix 2.0 and later.
<b><a href="postconf.5.html#body_checks">body_checks</a></b>
These are applied to all other content, including
These are applied to all other content, including
multi-part message boundaries.
With Postfix versions before 2.0, all content after
@ -68,73 +69,73 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
tent.
Note: message headers are examined one logical header at a
time, even when a message header spans multiple lines.
time, even when a message header spans multiple lines.
Body lines are always examined one line at a time.
<b>TABLE FORMAT</b>
This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules
are specified in the form of Postfix regular expression
lookup tables. Usually the best performance is obtained
This document assumes that header and <a href="postconf.5.html#body_checks">body_checks</a> rules
are specified in the form of Postfix regular expression
lookup tables. Usually the best performance is obtained
with <b>pcre</b> (Perl Compatible Regular Expression) tables, but
the slower <b>regexp</b> (POSIX regular expressions) support is
more widely available. Use the command "<b>postconf -m</b>" to
find out what lookup table types your Postfix system sup-
the slower <b>regexp</b> (POSIX regular expressions) support is
more widely available. Use the command "<b>postconf -m</b>" to
find out what lookup table types your Postfix system sup-
ports.
The general format of Postfix regular expression tables is
given below. For a discussion of specific pattern or
flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>,
given below. For a discussion of specific pattern or
flags syntax, see <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a> or <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>,
respectively.
<b>/</b><i>pattern</i><b>/</b><i>flags action</i>
When <i>pattern</i> matches the input string, execute the
corresponding <i>action</i>. See below for a list of pos-
When <i>pattern</i> matches the input string, execute the
corresponding <i>action</i>. See below for a list of pos-
sible actions.
<b>!/</b><i>pattern</i><b>/</b><i>flags action</i>
When <i>pattern</i> does <b>not</b> match the input string, exe-
When <i>pattern</i> does <b>not</b> match the input string, exe-
cute the corresponding <i>action</i>.
<b>if /</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between
<b>if</b> and <b>endif</b>, if and only if the input string also
matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
<b>if</b> and <b>endif</b>, if and only if the same input string
also matches <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
Note: do not prepend whitespace to patterns inside
Note: do not prepend whitespace to patterns inside
<b>if</b>..<b>endif</b>.
<b>if !/</b><i>pattern</i><b>/</b><i>flags</i>
<b>endif</b> Match the input string against the patterns between
<b>if</b> and <b>endif</b>, if and only if the input string does
<b>not</b> match <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
<b>if</b> and <b>endif</b>, if and only if the same input string
does <b>not</b> match <i>pattern</i>. The <b>if</b>..<b>endif</b> can nest.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A pattern/action line starts with non-whitespace
text. A line that starts with whitespace continues
A pattern/action line starts with non-whitespace
text. A line that starts with whitespace continues
a logical line.
<b>TABLE SEARCH ORDER</b>
For each line of message input, the patterns are applied
in the order as specified in the table. When a pattern is
found that matches the input line, the corresponding
action is executed and then the next input line is
For each line of message input, the patterns are applied
in the order as specified in the table. When a pattern is
found that matches the input line, the corresponding
action is executed and then the next input line is
inspected.
<b>TEXT SUBSTITUTION</b>
Substitution of substrings from the matched expression
into the <i>action</i> string is possible using the conventional
Perl syntax (<b>$1</b>, <b>$2</b>, etc.). The macros in the result
string may need to be written as <b>${n}</b> or <b>$(n)</b> if they
Substitution of substrings from the matched expression
into the <i>action</i> string is possible using the conventional
Perl syntax (<b>$1</b>, <b>$2</b>, etc.). The macros in the result
string may need to be written as <b>${n}</b> or <b>$(n)</b> if they
aren't followed by whitespace.
Note: since negated patterns (those preceded by <b>!</b>) return
Note: since negated patterns (those preceded by <b>!</b>) return
a result when the expression does not match, substitutions
are not available for negated patterns.
@ -143,12 +144,12 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
case for consistency with other Postfix documentation.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
erwise log a generic message.
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
affects all recipients. To discard only one recip-
ient without discarding the entire message, use the
<a href="transport.5.html">transport(5)</a> table to direct mail to the <a href="discard.8.html">discard(8)</a>
@ -156,74 +157,74 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.0 and later.
<b>DUNNO</b> Pretend that the input line did not match any pat-
tern, and inspect the next input line. This action
<b>DUNNO</b> Pretend that the input line did not match any pat-
tern, and inspect the next input line. This action
can be used to shorten the table search.
For backwards compatibility reasons, Postfix also
accepts <b>OK</b> but it is (and always has been) treated
For backwards compatibility reasons, Postfix also
accepts <b>OK</b> but it is (and always has been) treated
as <b>DUNNO</b>.
This feature is available in Postfix 2.1 and later.
<b>FILTER</b> <i>transport:destination</i>
Write a content filter request to the queue file
and inspect the next input line. After the com-
plete message is received it will be sent through
Write a content filter request to the queue file,
and inspect the next input line. After the com-
plete message is received it will be sent through
the specified external content filter. More infor-
mation about external content filters is in the
mation about external content filters is in the
Postfix <a href="FILTER_README.html">FILTER_README</a> file.
Note: this action overrides the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#content_filter">con</a>-</b>
<b><a href="postconf.5.html#content_filter">tent_filter</a></b> setting, and affects all recipients of
the message. In the case that multiple <b>FILTER</b>
actions fire, only the last one is executed.
Note: this action overrides the <b><a href="postconf.5.html#content_filter">content_filter</a></b> set-
ting, and affects all recipients of the message. In
the case that multiple <b>FILTER</b> actions fire, only
the last one is executed.
This feature is available in Postfix 2.0 and later.
<b>HOLD</b> <i>optional text...</i>
Arrange for the message to be placed on the <b>hold</b>
queue, and inspect the next input line. The mes-
sage remains on <b>hold</b> until someone either deletes
it or releases it for delivery. Log the optional
Arrange for the message to be placed on the <b>hold</b>
queue, and inspect the next input line. The mes-
sage remains on <b>hold</b> until someone either deletes
it or releases it for delivery. Log the optional
text if specified, otherwise log a generic message.
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
Mail that is placed on hold can be examined with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
Note: use "<b>postsuper -r</b>" to release mail that was
kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
<b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or
longer. Use "<b>postsuper -H</b>" only for mail that will
longer. Use "<b>postsuper -H</b>" only for mail that will
not expire within a few delivery attempts.
Note: this action affects all recipients of the
Note: this action affects all recipients of the
message.
This feature is available in Postfix 2.0 and later.
<b>IGNORE</b> Delete the current line from the input and inspect
<b>IGNORE</b> Delete the current line from the input, and inspect
the next input line.
<b>PREPEND</b> <i>text...</i>
Prepend one line with the specified text and
Prepend one line with the specified text, and
inspect the next input line.
Notes:
<b>o</b> The prepended text is output on a separate
<b>o</b> The prepended text is output on a separate
line, immediately before the input that
triggered the <b>PREPEND</b> action.
<b>o</b> The prepended text is not considered part of
the input stream: it is not subject to
the input stream: it is not subject to
header/body checks or address rewriting, and
it does not affect the way that Postfix adds
missing message headers.
<b>o</b> When prepending text before a message header
line, the prepended text must begin with a
line, the prepended text must begin with a
valid message header label.
<b>o</b> This action cannot be used to prepend multi-
@ -232,46 +233,46 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.1 and later.
<b>REDIRECT</b> <i>user@domain</i>
Write a message redirection request to the queue
file and inspect the next input line. After the
Write a message redirection request to the queue
file, and inspect the next input line. After the
message is queued, it will be sent to the specified
address instead of the intended recipient(s).
Note: this action overrides the <b>FILTER</b> action, and
affects all recipients of the message. If multiple
<b>REDIRECT</b> actions fire, only the last one is exe-
Note: this action overrides the <b>FILTER</b> action, and
affects all recipients of the message. If multiple
<b>REDIRECT</b> actions fire, only the last one is exe-
cuted.
This feature is available in Postfix 2.1 and later.
<b>REPLACE</b> <i>text...</i>
Replace the current line with the specified text
Replace the current line with the specified text,
and inspect the next input line.
This feature is available in Postfix 2.2 and later.
The description below applies to Postfix 2.2.2 and
The description below applies to Postfix 2.2.2 and
later.
Notes:
<b>o</b> When replacing a message header line, the
replacement text must begin with a valid
<b>o</b> When replacing a message header line, the
replacement text must begin with a valid
header label.
<b>o</b> The replaced text remains part of the input
stream. Unlike the result from the <b>PREPEND</b>
action, a replaced message header may be
subject to address rewriting and may affect
the way that Postfix adds missing message
<b>o</b> The replaced text remains part of the input
stream. Unlike the result from the <b>PREPEND</b>
action, a replaced message header may be
subject to address rewriting and may affect
the way that Postfix adds missing message
headers.
<b>REJECT</b> <i>optional text...</i>
Reject the entire message. Reply with <i>optional</i>
Reject the entire message. Reply with <i>optional</i>
<i>text...</i> when the optional text is specified, other-
wise reply with a generic error message.
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
Note: this action disables further header or
<a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
affects all recipients.
Postfix version 2.3 and later support enhanced sta-
@ -280,26 +281,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
enhanced status code of "5.7.1".
<b>WARN</b> <i>optional text...</i>
Log a warning with the <i>optional text...</i> (or log a
generic message) and inspect the next input line.
Log a warning with the <i>optional text...</i> (or log a
generic message), and inspect the next input line.
This action is useful for debugging and for testing
a pattern before applying more drastic actions.
<b>BUGS</b>
Many people overlook the main limitations of header and
<a href="postconf.5.html#body_checks">body_checks</a> rules. These rules operate on one logical
message header or one body line at a time, and a decision
made for one line is not carried over to the next line.
If text in the message body is encoded (<a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a>) then the
rules have to specified for the encoded form. Likewise,
when message headers are encoded (<a href="http://www.faqs.org/rfcs/rfc2047.html">RFC 2047</a>) then the rules
need to be specified for the encoded form.
Many people overlook the main limitations of header and
<a href="postconf.5.html#body_checks">body_checks</a> rules.
Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
<b>o</b> These rules operate on one logical message header
or one body line at a time. A decision made for one
line is not carried over to the next line.
<b>o</b> If text in the message body is encoded (<a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a>)
then the rules have to specified for the encoded
form.
<b>o</b> Likewise, when message headers are encoded (<a href="http://www.faqs.org/rfcs/rfc2047.html">RFC</a>
<a href="http://www.faqs.org/rfcs/rfc2047.html">2047</a>) then the rules need to be specified for the
encoded form.
Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
excluded from inspection. Examples of such message headers
are <b>From:</b>, <b>To:</b>, <b>Message-ID:</b>, <b>Date:</b>.
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
examined before they are deleted. Examples are: <b>Bcc:, Con-</b>
<b>tent-Length:</b>, <b>Return-Path:</b>.
@ -307,11 +314,11 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b><a href="postconf.5.html#body_checks">body_checks</a></b>
Lookup tables with content filter rules for message
body lines. These filters see one physical line at
a time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
a time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
bytes.
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a></b>
The amount of content per message body segment
The amount of content per message body segment
(attachment) that is subjected to <b>$<a href="postconf.5.html#body_checks">body_checks</a></b> fil-
tering.
@ -321,32 +328,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
Lookup tables with content filter rules for message
header lines: respectively, these are applied to
the initial message headers (not including MIME
headers), to the MIME headers anywhere in the mes-
sage, and to the initial headers of attached mes-
header lines: respectively, these are applied to
the initial message headers (not including MIME
headers), to the MIME headers anywhere in the mes-
sage, and to the initial headers of attached mes-
sages.
Note: these filters see one logical message header
at a time, even when a message header spans multi-
ple lines. Message headers that are longer than
Note: these filters see one logical message header
at a time, even when a message header spans multi-
ple lines. Message headers that are longer than
<b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are truncated.
<b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a></b>
While receiving mail, give no special treatment to
MIME related message headers; all text after the
While receiving mail, give no special treatment to
MIME related message headers; all text after the
initial message headers is considered to be part of
the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
applied to all the initial message headers, and
the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
applied to all the initial message headers, and
that <b><a href="postconf.5.html#body_checks">body_checks</a></b> is applied to the remainder of the
message.
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
process a multi-line message header one line at a
Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
process a multi-line message header one line at a
time.
<b>EXAMPLES</b>
Header pattern to block attachments with bad file name
Header pattern to block attachments with bad file name
extensions.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
@ -384,7 +391,7 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
<a href="BACKSCATTER_README.html">BACKSCATTER_README</a>, blocking returned forged mail
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

14
postfix/html/index.html
View File

@ -58,8 +58,6 @@ configuration examples </a>
<li> <a href="DEBUG_README.html"> Debugging strategies </a>
<li> Error messages (*)
</ul>
<p><strong>Content inspection </strong></p>
@ -134,8 +132,6 @@ Per-client/user/etc. access </a>
<ul>
<li> qmail/ezmlm support (*)
<li> <a href="VERP_README.html"> VERP Support </a>
</ul>
@ -152,20 +148,14 @@ Per-client/user/etc. access </a>
<li> <a href="NFS_README.html"> NFS issues </a>
<li> <a href="ULTRIX_README.html"> Ultrix support </a>
</ul>
<p><strong> Other mail delivery agents </strong></p>
<ul>
<li> Cyrus (*)
<li> <a href="MAILDROP_README.html"> Maildrop </a>
<li> LMTP (*)
</ul>
<p><strong> Other topics </strong></p>
@ -200,10 +190,6 @@ Recipients </a>
</td>
<tr> <td colspan="3"> <font size="-1"> (*) These documents will be
made available via <a href="http://www.postfix.org/">
http://www.postfix.org/</a> and mirror sites. </font> </td> </tr>
</table>
</body>

40
postfix/html/ldap_table.5.html
View File

@ -374,29 +374,30 @@ LDAP_TABLE(5) LDAP_TABLE(5)
terminal_result_attribute = maildrop
This feature is available with Postfix &gt;= 2.4.
This feature is available with Postfix 2.4 or
later.
<b>leaf_result_attribute (default: empty)</b>
When one or more special result attributes are
found in a non-terminal (see above) LDAP entry,
When one or more special result attributes are
found in a non-terminal (see above) LDAP entry,
leaf result attributes are excluded from the expan-
sion of that entry. This is useful when expanding
sion of that entry. This is useful when expanding
groups and the desired mail address attribute(s) of
the member objects obtained via DN or URI recursion
are also present in the group object. To only
return the attribute values from the leaf objects
and not the containing group, add the attribute to
the leaf_result_attribute list, and not the
result_attribute list, which is always expanded.
Note, the default value of "result_attribute" is
not empty, you may want to set it explicitly empty
when using "leaf_result_attribute" to expand the
group to a list of member DN addresses. If groups
have both member DN references AND attributes that
hold multiple string valued rfc822 addresses, then
the string attributes go in "result_attribute".
The attributes that represent the email addresses
of objects referenced via a DN (or LDAP URI) go in
are also present in the group object. To only
return the attribute values from the leaf objects
and not the containing group, add the attribute to
the leaf_result_attribute list, and not the
result_attribute list, which is always expanded.
Note, the default value of "result_attribute" is
not empty, you may want to set it explicitly empty
when using "leaf_result_attribute" to expand the
group to a list of member DN addresses. If groups
have both member DN references AND attributes that
hold multiple string valued rfc822 addresses, then
the string attributes go in "result_attribute".
The attributes that represent the email addresses
of objects referenced via a DN (or LDAP URI) go in
"leaf_result_attribute".
result_attribute = memberaddr
@ -404,7 +405,8 @@ LDAP_TABLE(5) LDAP_TABLE(5)
terminal_result_attribute = maildrop
leaf_result_attribute = mail
This feature is available with Postfix &gt;= 2.4.
This feature is available with Postfix 2.4 or
later.
<b>scope (default: sub)</b>
The LDAP search scope: <b>sub</b>, <b>base</b>, or <b>one</b>. These

26
postfix/html/postconf.5.html
View File

@ -674,8 +674,8 @@ are calculated.
</p>
<p>
This feature is implemented by the <a href="anvil.8.html">anvil(8)</a> service which is not
part of the stable Postfix version 2.1 release.
This feature is implemented by the <a href="anvil.8.html">anvil(8)</a> service which is available
in Postfix version 2.2 and later.
</p>
<p>
@ -5254,17 +5254,18 @@ This feature is available in Postfix 2.0 and later.
</DD>
<DT><b><a name="minimal_backoff_time">minimal_backoff_time</a>
(default: version dependent)</b></DT><DD>
(default: 300s)</b></DT><DD>
<p>
The minimal time between attempts to deliver a deferred message;
prior to Postfix 2.4 the default value was 1000s.
</p>
<p>
The minimal time between attempts to deliver a deferred message.
This parameter also limits the time an unreachable destination is
kept in the short-term, in-memory, destination status cache.
</p>
<p> With Postfix 2.4 the default value was reduced from 1000s to
300s. </p>
<p> This parameter should be set greater than or equal to
$<a href="postconf.5.html#queue_run_delay">queue_run_delay</a>. See also $<a href="postconf.5.html#maximal_backoff_time">maximal_backoff_time</a>. </p>
@ -6057,14 +6058,11 @@ zero means there is no minimum required amount of free space.
</DD>
<DT><b><a name="queue_run_delay">queue_run_delay</a>
(default: version dependent)</b></DT><DD>
(default: 300s)</b></DT><DD>
<p>
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager.
</p>
<p>
With Postfix 2.4 the default value was reduced from 1000s to 300s.
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
</p>
<p> This parameter should be set less than or equal to
@ -8476,7 +8474,7 @@ and higher the optional "ciphers" attribute overrides the <a href="postconf.5.ht
<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> parameter and the optional "protocols"
keyword overrides the <a href="postconf.5.html">main.cf</a> <a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameter.
In the policy table, multiple protocols must be separated by colons,
as attribute values may not contain whitespace or commas. </p>
as attribute values may not contain whitespace or commas. </dd>
<dt><b>verify</b></dt> <dd>Mandatory TLS verification. At this security
level, DNS MX lookups are trusted to be secure enough, and the name

8
postfix/makedefs
View File

@ -374,6 +374,14 @@ Rhapsody.5*|Darwin.*)
;;
esac
;;
"Mac OS".10.[0-3]*)
SYSTYPE=MACOSX
# Use the native compiler by default
: ${CC=cc}
AWK=gawk
CCARGS="$CCARGS -DNO_KQUEUE"
;;
"Mac OS".10*) SYSTYPE=MACOSX
# Use the native compiler by default
: ${CC=cc}

10
postfix/man/man5/access.5
View File

@ -16,10 +16,10 @@ Postfix SMTP server access table
.SH DESCRIPTION
.ad
.fi
The Postfix SMTP server supports access control on remote
SMTP client information: host names, network addresses, and
envelope sender
or recipient addresses. See \fBheader_checks\fR(5) or
This document describes access control on remote SMTP client
information: host names, network addresses, and envelope
sender or recipient addresses; it is implemented by the
Postfix SMTP server. See \fBheader_checks\fR(5) or
\fBbody_checks\fR(5) for access control on the content of
email messages.
@ -239,7 +239,7 @@ syntax is described in the \fBtransport\fR(5) manual page.
More information
about external content filters is in the Postfix FILTER_README file.
.sp
Note: this action overrides the \fBmain.cf content_filter\fR setting,
Note: this action overrides the \fBcontent_filter\fR setting,
and currently affects all recipients of the message.
.sp
This feature is available in Postfix 2.0 and later.

46
postfix/man/man5/header_checks.5
View File

@ -4,7 +4,7 @@
.SH NAME
header_checks
\-
Postfix built-in header/body inspection
Postfix built-in content inspection
.SH "SYNOPSIS"
.na
.nf
@ -22,8 +22,9 @@ Postfix built-in header/body inspection
.SH DESCRIPTION
.ad
.fi
The Postfix \fBcleanup\fR(8) server supports access control
on the content of message headers and message body lines.
This document describes access control on the content of
message headers and message body lines; it is implemented
by the Postfix cleanup(8) server before mail is queued.
See \fBaccess\fR(5) for access control on remote SMTP client
information.
@ -92,16 +93,17 @@ execute the corresponding \fIaction\fR.
.IP "\fBif /\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
Match the input string against the patterns between \fBif\fR
and \fBendif\fR, if and only if the input string also matches
\fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
and \fBendif\fR, if and only if the same input string also
matches \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
.sp
Note: do not prepend whitespace to patterns inside
\fBif\fR..\fBendif\fR.
.IP "\fBif !/\fIpattern\fB/\fIflags\fR"
.IP "\fBendif\fR"
Match the input string against the patterns between \fBif\fR
and \fBendif\fR, if and only if the input string does \fBnot\fR
match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
and \fBendif\fR, if and only if the same input string does
\fBnot\fR match \fIpattern\fR. The \fBif\fR..\fBendif\fR
can nest.
.IP "blank lines and comments"
Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.
@ -159,13 +161,13 @@ For backwards compatibility reasons, Postfix also accepts
.sp
This feature is available in Postfix 2.1 and later.
.IP "\fBFILTER \fItransport:destination\fR"
Write a content filter request to the queue file and
Write a content filter request to the queue file, and
inspect the next input line.
After the complete message is received it will be sent through
the specified external content filter. More information about
external content filters is in the Postfix FILTER_README file.
.sp
Note: this action overrides the \fBmain.cf content_filter\fR setting,
Note: this action overrides the \fBcontent_filter\fR setting,
and affects all recipients of the message. In the case that multiple
\fBFILTER\fR actions fire, only the last one is executed.
.sp
@ -190,10 +192,10 @@ Note: this action affects all recipients of the message.
.sp
This feature is available in Postfix 2.0 and later.
.IP \fBIGNORE\fR
Delete the current line from the input and inspect
Delete the current line from the input, and inspect
the next input line.
.IP "\fBPREPEND \fItext...\fR"
Prepend one line with the specified text and inspect the next
Prepend one line with the specified text, and inspect the next
input line.
.sp
Notes:
@ -215,7 +217,7 @@ This action cannot be used to prepend multi-line text.
.IP
This feature is available in Postfix 2.1 and later.
.IP "\fBREDIRECT \fIuser@domain\fR"
Write a message redirection request to the queue file and
Write a message redirection request to the queue file, and
inspect the next input line. After the message is queued,
it will be sent to the specified address instead of the
intended recipient(s).
@ -226,7 +228,7 @@ fire, only the last one is executed.
.sp
This feature is available in Postfix 2.1 and later.
.IP "\fBREPLACE \fItext...\fR"
Replace the current line with the specified text and inspect the next
Replace the current line with the specified text, and inspect the next
input line.
.sp
This feature is available in Postfix 2.2 and later. The
@ -257,21 +259,27 @@ text...\fR, Postfix inserts a default enhanced status code of
"5.7.1".
.IP "\fBWARN \fIoptional text...\fR
Log a warning with the \fIoptional text...\fR (or log a
generic message) and inspect the next input line. This
generic message), and inspect the next input line. This
action is useful for debugging and for testing a pattern
before applying more drastic actions.
.SH BUGS
.ad
.fi
Many people overlook the main limitations of header and body_checks
rules. These rules operate on one logical message header or one body
line at a time, and a decision made for one line is not carried over
to the next line. If text in the message body is encoded
rules.
.IP \(bu
These rules operate on one logical message header or one body
line at a time. A decision made for one line is not carried over
to the next line.
.IP \(bu
If text in the message body is encoded
(RFC 2045) then the rules have to specified for the encoded
form. Likewise, when message headers are encoded (RFC
form.
.IP \(bu
Likewise, when message headers are encoded (RFC
2047) then the rules need to be specified for the encoded
form.
.PP
Message headers added by the \fBcleanup\fR(8) daemon itself
are excluded from inspection. Examples of such message headers
are \fBFrom:\fR, \fBTo:\fR, \fBMessage-ID:\fR, \fBDate:\fR.

4
postfix/man/man5/ldap_table.5
View File

@ -352,7 +352,7 @@ other special processing.
.ti +4
terminal_result_attribute = maildrop
This feature is available with Postfix >= 2.4.
This feature is available with Postfix 2.4 or later.
.IP "\fBleaf_result_attribute (default: empty)\fR"
When one or more special result attributes are found in a non-terminal
(see above) LDAP entry, leaf result attributes are excluded from the
@ -380,7 +380,7 @@ terminal_result_attribute = maildrop
leaf_result_attribute = mail
.in -4
This feature is available with Postfix >= 2.4.
This feature is available with Postfix 2.4 or later.
.IP "\fBscope (default: sub)\fR"
The LDAP search scope: \fBsub\fR, \fBbase\fR, or \fBone\fR.
These translate into LDAP_SCOPE_SUBTREE, LDAP_SCOPE_BASE,

20
postfix/man/man5/postconf.5
View File

@ -368,8 +368,8 @@ generates itself.
The time unit over which client connection rates and other rates
are calculated.
.PP
This feature is implemented by the \fBanvil\fR(8) service which is not
part of the stable Postfix version 2.1 release.
This feature is implemented by the \fBanvil\fR(8) service which is available
in Postfix version 2.2 and later.
.PP
The default interval is relatively short. Because of the high
frequency of updates, the \fBanvil\fR(8) server uses volatile memory
@ -2850,14 +2850,13 @@ The maximal recursion level that the MIME processor will handle.
Postfix refuses mail that is nested deeper than the specified limit.
.PP
This feature is available in Postfix 2.0 and later.
.SH minimal_backoff_time (default: version dependent)
The minimal time between attempts to deliver a deferred message.
.SH minimal_backoff_time (default: 300s)
The minimal time between attempts to deliver a deferred message;
prior to Postfix 2.4 the default value was 1000s.
.PP
This parameter also limits the time an unreachable destination is
kept in the short-term, in-memory, destination status cache.
.PP
With Postfix 2.4 the default value was reduced from 1000s to
300s.
.PP
This parameter should be set greater than or equal to
$queue_run_delay. See also $maximal_backoff_time.
.PP
@ -3306,10 +3305,9 @@ value that is at least 1.5*$message_size_limit.
.PP
With Postfix versions 2.0 and earlier, a queue_minfree value of
zero means there is no minimum required amount of free space.
.SH queue_run_delay (default: version dependent)
The time between deferred queue scans by the queue manager.
.PP
With Postfix 2.4 the default value was reduced from 1000s to 300s.
.SH queue_run_delay (default: 300s)
The time between deferred queue scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
.PP
This parameter should be set less than or equal to
$minimal_backoff_time. See also $maximal_backoff_time.

16
postfix/mantools/postlink
View File

@ -14,7 +14,7 @@ while (<>) {
{
Again:
if (/-[<\/bB>]*$/) {
if (/(-[<\/bB>]*|RFC)$/) {
$_ .= "\n";
$len1 = length;
$_ .= <>;
@ -778,7 +778,13 @@ while (<>) {
s;\bmilter_unknown_command_macros\b;<a href="postconf.5.html#milter_unknown_command_macros">$&</a>;g;
s;\bmilter_end_of_data_macros\b;<a href="postconf.5.html#milter_end_of_data_macros">$&</a>;g;
# Split *README, parameter or restriction hyperlinks across line breaks
# Hyperlink URLs and RFC documents
s/(http:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/(ftp:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/\bRFC\s*([1-9]\d*)/<a href="http:\/\/www.faqs.org\/rfcs\/rfc$1.html">$&<\/a>/;
# Split README/RFC/parameter/restriction hyperlinks that span line breaks
s/(<a href="[^"]*">)([-A-Za-z0-9_]*)\b([-<\/bB>]*\n *[<bB>]*)\b([-A-Za-z0-9_]*)(<\/a>)/$1$2$5$3$1$4$5/;
@ -787,12 +793,6 @@ while (<>) {
s/(<a href="[^"]*">)([<bB>]*[-a-zA-Z0-9._]*[<bB>]*)<\/a>\1/$1$2/g;
s/(<a href="[^"]*">)([<bB>]*[-a-zA-Z0-9._]*[<bB>]*)<\/a>\1/$1$2/g;
# Hyperlink URLs and RFC documents
s/(http:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/(ftp:\/\/[^ ,"\(\)]*[^ ,"\(\):;!?.])/<a href="$1">$1<\/a>/;
s/\bRFC *([1-9]\d*)/<a href="http:\/\/www.faqs.org\/rfcs\/rfc$1.html">$&<\/a>/;
# Hyperlink phrases not in headers.
if (/<\/*h\d>/) {

5
postfix/proto/ADDRESS_CLASS_README.html
View File

@ -53,8 +53,9 @@ address classes are very important for the operation of Postfix. </p>
<li> <p> The list of domains that are a member of the class: for
example, all local domains, or all relay domains. </p>
<li> <p> The default delivery method. For example, the local or
smtp delivery agent. This helps to keep Postfix configurations
<li> <p> The default delivery transport. For example, the local or
relay delivery transport (delivery transports are defined in
master.cf). This helps to keep Postfix configurations
simple. </p>
<li> <p> The list of valid recipient addresses for that address

5
postfix/proto/ADDRESS_VERIFICATION_README.html
View File

@ -229,7 +229,10 @@ MAILER-DAEMON messages. </p>
<p> Recipient address verification is relatively straightforward
and there are no surprises. If a recipient probe fails, then Postfix
rejects mail for the recipient address. If a recipient probe
succeeds, then Postfix accepts mail for the recipient address. </p>
succeeds, then Postfix accepts mail for the recipient address.
However, recipient address verification probes can increase the
load on down-stream MTAs when you're being flooded by backscatter
bounces, or when some spammer is mounting a dictionary attack. </p>
<p> By default, address verification results are not saved. To avoid
probing the same address repeatedly, you can store the result in a

30
postfix/proto/CONNECTION_CACHE_README.html
View File

@ -92,28 +92,38 @@ by the mail delivering process that creates the connection. To get
the same performance improvement as with a shared connection cache,
non-shared connections need to be kept open for a longer time. </p>
<p> The scache(8) server, introduced with Postfix version 2.2,
maintains the shared connection cache. With Postfix version 2.2,
only the smtp(8) client has support to access this cache. </p>
<blockquote>
<table>
<tr> <td> Internet &lt;-- </td> <td align="center" bgcolor="#f0f0ff">
<br> smtp(8) <br> &nbsp; </td> <td> <tt> &lt;-&gt; </tt> </td> <td
align="center" bgcolor="#f0f0ff"> <br> scache(8) <br> &nbsp; </td>
<td> <tt> &lt;-&gt; </tt> </td> <td align="center" bgcolor="#f0f0ff">
<br> smtp(8) <br> &nbsp; </td> <td> --&gt; Internet </td>
<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> smtp(8)
<br> &nbsp; </td> <td colspan="2"> --&gt; Internet </td> </tr>
<tr> <td align="center" rowspan="3"> &nbsp; </td> <td align="center"
rowspan="3"><tt>|<br>|<br>|<br>|<br>|<br>|<br>v</tt></td>
<td> &nbsp; </td> </tr>
<tr> <td align="center"
colspan="2" bgcolor="#f0f0ff"> <br> smtp(8) <br> &nbsp; </td> <td
align="left"> --&gt; Internet </td> </tr>
<tr> <td align="center"><tt>^<br>|</tt></td> <td> &nbsp; </td> </tr>
<tr> <td align="center" colspan="3" bgcolor="#f0f0ff"> <br> scache(8)
<br> &nbsp; </td> </tr>
</table>
</blockquote>
<p> The scache(8) server, introduced with Postfix version 2.2,
maintains the shared connection cache. With Postfix version 2.2,
only the smtp(8) client has support to access this cache. </p>
<p> When SMTP connection caching is enabled (see next section), the
smtp(8) client does not disconnect after a mail transaction, but
gives the connection to the scache(8) server which keeps the
connection open for a limited amount of time. </p>
connection open for a limited amount of time. </p>
<p> After handing over the open connection to the scache(8) server,
the smtp(8) client continues with some other mail delivery request.

24
postfix/proto/CYRUS_README.html
View File

@ -1,24 +0,0 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix Cyrus Howto</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Cyrus Howto</h1>
<hr>
<p> This document will be made available via http://www.postfix.org/. </p>
</body>
</html>

8
postfix/proto/DATABASE_README.html
View File

@ -80,7 +80,8 @@ below.
<li> You can use Berkeley DB files with fixed lookup strings for
simple address rewriting operations and you can use regular expression
tables for the more complicated work.
tables for the more complicated work. In other words, you don't
have to put everything into the same table.
</ul>
@ -189,8 +190,9 @@ because something else happens. This is because commands such as
postmap(1) or postalias(1) overwrite existing files. If the update
fails in the middle then you have no usable database, and Postfix
will stop working. This is not an issue with the CDB database type
available with Postfix 2.2 and later, because <a href="CDB_README.html">CDB</a>
database rebuilds are atomic. </p>
available with Postfix 2.2 and later: <a href="CDB_README.html">CDB</a>
creates a new file, and renames the file upon successful completion.
</p>
<p> With multi-file databases such as DBM, there is no simple
solution. With Berkeley DB and other "one file" databases, it is

15
postfix/proto/DB_README.html
View File

@ -49,15 +49,17 @@ versions. </p>
<h2><a name="no_db">Building Postfix on systems without Berkeley
DB</a></h2>
<p> Many commercial UNIXes ship without Berkeley DB support. Examples
are Solaris, HP-UX, IRIX, UNIXWARE. In order to build Postfix with
<p> Some UNIXes ship without Berkeley DB support; for historical
reasons these use DBM files instead. A problem with DBM files is
that they can store only limited amounts of data. To build Postfix
with
Berkeley DB support you need to download and install the source
code from http://www.sleepycat.com/ </p>
code from http://www.oracle.com/database/berkeley-db/. </p>
<p> Warning: some Linux system libraries use Berkeley DB, as do
some third-party libraries such as SASL. If you compile Postfix
with a different Berkeley DB implementation, then every Postfix
program will dump core because either the system library, SASL
program will dump core because either the system library, the SASL
library, or Postfix itself ends up using the wrong version. </p>
<p>The more recent Berkeley DB versions have a compile-time switch,
@ -67,7 +69,7 @@ Although wasteful, this may be the only way to keep things from
falling apart. </p>
<p> To build Postfix after you installed the Berkeley DB from
http://www.sleepycat.com/, use something like: </p>
source code, use something like: </p>
<blockquote>
<pre>
@ -214,7 +216,8 @@ undefined reference to `pthread_mutex_trylock'
</pre>
</blockquote>
<p> More information is available at http://www.sleepycat.com/. </p>
<p> More information is available at
http://www.oracle.com/database/berkeley-db/. </p>
</body>

40
postfix/proto/DEBUG_README.html
View File

@ -100,8 +100,9 @@ is fixed. </p>
permissions, incorrect configuration file settings that you can
fix. Postfix cannot proceed until this is fixed. </p>
<li> <p> "<b>error</b>" reports a fatal or non-fatal error condition.
Postfix cannot proceed until this is fixed. </p>
<li> <p> "<b>error</b>" reports an error condition. For safety
reasons, a Postfix process will terminate when more than 13 of these
happen. </p>
<li> <p> "<b>warning</b>" indicates a non-fatal error. These are
problems that you may not be able to fix (such as a broken DNS
@ -145,7 +146,7 @@ Mail Delivery Status Report will be mailed to &lt;your login name&gt;.
</ul>
<p> These reports contain information that is generated by Postfix
delivery agents. Since these run as daemon processes and do not
delivery agents. Since these run as daemon processes that cannot
interact with users directly, the result is sent as mail to the
sender of the test message. The format of these reports is practically
identical to that of ordinary non-delivery notifications. </p>
@ -209,18 +210,21 @@ command "<b>postfix reload</b>". </p>
<h2><a name="sniffer">Record the SMTP session with a network sniffer</a></h2>
<p> This example uses <b>tcpdump</b>. In order to record a conversation
you need to specify a large enough buffer with the "-s" option or
else you will miss some or all of the packet payload. </p>
you need to specify a large enough buffer with the "<b>-s</b>"
option or else you will miss some or all of the packet payload.
</p>
<blockquote>
<pre>
# <b>tcpdump -w /file/name -s 2000 host example.com and port 25</b>
# <b>tcpdump -w /file/name -s 0 host example.com and port 25</b>
</pre>
</blockquote>
<p> Older tcpdump versions don't support "<b>-s 0</b>"; in that case,
use "<b>-s 2000</b>" instead. </p>
<p> Run this for a while, stop with Ctrl-C when done. To view the
data use a binary viewer, or <b>ethereal</b>, or use my <b>tcpdumpx</b>
utility that is available from ftp://ftp.porcupine.org/pub/debugging/.
data use a binary viewer, <b>ethereal</b>, or good old <b>less</b>.
</p>
<h2><a name="verbose">Making Postfix daemon programs more verbose</a></h2>
@ -228,7 +232,7 @@ utility that is available from ftp://ftp.porcupine.org/pub/debugging/.
<p> Append one or more "<b>-v</b>" options to selected daemon
definitions in /etc/postfix/master.cf and type "<b>postfix reload</b>".
This will cause a lot of activity to be logged to the syslog daemon.
Example: </p>
For example, to make the Postfix SMTP server process more verbose: </p>
<blockquote>
<pre>
@ -237,10 +241,9 @@ Example: </p>
</pre>
</blockquote>
<p> This makes the Postfix SMTP server more verbose. To diagnose
problems with address rewriting one would specify a "<b>-v</b>"
<p> To diagnose problems with address rewriting specify a "<b>-v</b>"
option for the cleanup(8) and/or trivial-rewrite(8) daemon, and to
diagnose problems with mail delivery one would specify a "<b>-v</b>"
diagnose problems with mail delivery specify a "<b>-v</b>"
option for the qmgr(8) or oqmgr(8) queue manager, or for the lmtp(8),
local(8), pipe(8), smtp(8), or virtual(8) delivery agent. </p>
@ -538,20 +541,23 @@ attachments, instead of reciting information from memory.
<li> <p> Postfix logging. See the text at the top of the DEBUG_README
document to find out where logging is stored. Please do not frustrate
the helpers by word wrapping the logging. </p>
the helpers by word wrapping the logging. If the logging is more
than a few kbytes of text, consider posting an URL on a web or ftp
site. </p>
<li> <p> Consider using a test email address so that you don't have
to reveal email addresses or passwords of innocent people. </p>
<li> <p> If you can't use a test email address, please anonymize
information consistently. Replace each letter by "A", each digit
email addresses and host names consistently. Replace each letter
by "A", each digit
by "D" so that the helpers can still recognize syntactical errors.
</p>
<li> <p> Output from "<b>postconf -n</b>". Please do not send your
main.cf file or 400+ lines of <b>postconf</b> output. </p>
main.cf file, or 500+ lines of <b>postconf</b> output. </p>
<li> <p> Better, provide output from the <b>postfinger</b> tool.
<li> <p> Better, provide output from the <b>postfinger</b> tool.
This can be found at http://ftp.wl0.org/SOURCES/postfinger. </p>
<li> <p> If the problem is SASL related, consider including the
@ -562,7 +568,7 @@ http://postfix.state-of-mind.de/patrick.koetter/saslfinger/. </p>
including output from the <b>qshape</b> tool, as described in the
QSHAPE_README file. </p>
<li> <p> If the problem is protocol related (connections time out
<li> <p> If the problem is protocol related (connections time out,
or an SMTP server complains about syntax errors etc.) consider
recording a session with <b>tcpdump</b>, as described in the <a
href="#sniffer">DEBUG_README</a> document. </ul>

2
postfix/proto/DSN_README.html
View File

@ -44,7 +44,7 @@ identifies the message <i>content</i>. </p>
</ul>
<p> The implementation of DSN support involves extra parameters to
the SMTP MAIL FROM and RCPT TO commands, as well as new Postfix
the SMTP MAIL FROM and RCPT TO commands, as well as two Postfix
sendmail command line options that provide a sub-set of the functions
of the extra SMTP command parameters. </p>

37
postfix/proto/ETRN_README.html
View File

@ -27,11 +27,6 @@ searches the queue for mail to the customer, and delivers that mail
not delivered via the connection that was used for sending ETRN.
</p>
<p> Postfix versions before 1.0 (also known as version 20010228)
implemented the ETRN command in an inefficient manner: they simply
attempted to deliver all queued mail. This is slow on mail servers
that queue mail for many customers. </p>
<p> As of version 1.0, Postfix has a fast ETRN implementation that
does not require Postfix to examine every queue file. Instead,
Postfix maintains a record of what queue files contain mail for
@ -74,11 +69,11 @@ font. </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.customer.domain</b>
<b>ETRN some.customer.domain</b>
250 Queuing started
<b>quit</b>
<b>QUIT</b>
221 Bye
</pre>
</blockquote>
@ -90,6 +85,8 @@ the connection that was used to send the ETRN command. </p>
<p> The Postfix operator can request delivery for a specific customer
by using the command "sendmail -qR<i>destination</i>" and, with
Postfix version 1.1 and later, "postqueue -s<i>destination</i>".
Access to this feature is controlled with the authorized_flush_users
configuration parameter (Postfix version 2.2 and later).
</p>
<h2><a name="how">How Postfix fast ETRN works</a></h2>
@ -149,12 +146,13 @@ want to turn on fast ETRN service for every possible destination.
with queue file names. When a request to "deliver mail now" arrives,
Postfix will attempt to deliver all recipients in the queue files
that have mail for the destination in question. This does not
perform well when queue files have recipients in many different
domains. </p>
perform well with queue files that have recipients in many different
domains, such as queue files with outbound mailing list traffic.
</p>
<li> <p> The flush(8) daemon maintains per-destination logfiles
only for destinations listed with $fast_flush_domains. With other
destinations it not possible to trigger delivery with "sendmail
destinations you cannot request delivery with "sendmail
-qR<i>destination</i>" or, with Postfix version 1.1 and later,
"postqueue -s<i>destination</i>". </p>
@ -166,6 +164,11 @@ does not ignore the volatile in-memory list of dead domains, and
the list of message delivery transports specified with the
defer_transports configuration parameter. </p>
<li> <p> Up to and including Postfix version 2.3, the "fast flush"
service may not deliver some messages if the request to "deliver
mail now" arrives while an incoming queue scan is already in progress.
</p>
</ul>
<h2><a name="config">Configuring the Postfix fast ETRN service</a></h2>
@ -302,9 +305,9 @@ boldface: </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.customer.domain</b>
<b>ETRN some.customer.domain</b>
250 Queuing started
</pre>
</blockquote>
@ -338,9 +341,9 @@ commands that you type: </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn some.other.customer.domain</b>
<b>ETRN some.other.customer.domain</b>
250 Queuing started
</pre>
</blockquote>
@ -356,9 +359,9 @@ server has mail queued for that destination. </p>
<blockquote>
<pre>
220 my.server.tld ESMTP Postfix
<b>helo my.client.tld</b>
<b>HELO my.client.tld</b>
250 Ok
<b>etrn not.a.customer.domain</b>
<b>ETRN not.a.customer.domain</b>
459 &lt;not.a.customer.domain&gt;: service unavailable
</pre>
</blockquote>

62
postfix/proto/FILTER_README.html
View File

@ -71,7 +71,8 @@ mail. Applications that use two separate Postfix instances will
be covered by a later version of this document. </p>
<p> The after-queue content filter is not to be confused with the
approach that is described in the SMTPD_PROXY_README document,
approaches described in the SMTPD_PROXY_README or MILTER_README
documents,
where incoming SMTP mail is filtered BEFORE it is stored into the
Postfix queue. </p>
@ -125,16 +126,18 @@ all email, as well as several options to filter mail selectively: </p>
<h2><a name="principles">Principles of operation</a> </h2>
<p> An external content filter receives unfiltered mail from Postfix
(as described further below) and does one of the following: </p>
<p> An after-queue content filter receives unfiltered mail from Postfix
(as described further below) and can do one of the following: </p>
<ol>
<li> <p> Re-inject the mail back into Postfix, perhaps after changing
content and/or destination. </p>
<li> <p> Discard or quarantine the mail. </p>
<li> <p> Reject the mail (by sending a suitable status code back to
Postfix). Postfix will return the mail to the sender. </p>
Postfix). Postfix will send the mail back to the sender address. </p>
</ol>
@ -146,7 +149,8 @@ suspect so that a human can decide what to do with it. </p>
<h2><a name="simple_filter">Simple content filter example</a></h2>
<p> The first example is simple to set up. Postfix receives
<p> The first example is simple to set up, but has major limitations
that will be addressed in a second example. Postfix receives
unfiltered mail from the network with the smtpd(8) server, and
delivers unfiltered mail to a content filter with the Postfix
pipe(8) delivery agent. The content filter injects filtered mail
@ -282,21 +286,23 @@ document for an introduction to the Postfix architecture. </p>
<ul>
<li> <p> Line 8: The -G option does nothing before Postfix 2.3,
otherwise it disables address rewriting of message headers. </p>
<li> <p> Line 8: The -G option says the filter output is not a local
mail submission: don't do silly things like appending the local
domain name to addresses in message headers. This option does
nothing before Postfix version 2.3. </p>
<li> <p> Line 8: The -i option says don't stop reading input when
a line contains "." only. </p>
<li> <p> Line 8: NEVER NEVER NEVER use the "-t" command-line option
here. It will mis-deliver mail, like sending mailing list mail back
to the mailing list. </p>
here. It will mis-deliver mail, like sending messages from a mailing
list back to the mailing list. </p>
<li> <p> Line 21: The idea is to first capture the message to
file and then run the content through a third-party content filter
program. </p>
<li> <p> Line 22: If the mail cannot be captured to file, mail
<li> <p> Line 22: If the message cannot be captured to file, mail
delivery is deferred by terminating with exit status 75 (EX_TEMPFAIL).
Postfix places the message in the deferred mail queue and tries
again later. </p>
@ -306,13 +312,14 @@ program here that receives the content on standard input. </p>
<li> <p> Line 26: If the content filter program finds a problem,
the mail is bounced by terminating with exit status 69 (EX_UNAVAILABLE).
Postfix will return the message to the sender as undeliverable.
Postfix will send the message back to the sender as undeliverable
mail.
</p>
<li> <p> Note: in this time of mail worms and spam, it is a BAD
<li> <p> NOTE: in this time of mail worms and spam, it is a BAD
IDEA to send known viruses or spam back to the sender, because that
address is likely to be forged. It is safer to discard known to be
bad content and to quarantine suspicious content so that it can
address is likely to be forged. It is safer to discard known viruses
and to quarantine suspicious content so that it can
be inspected by a human being. </p>
<li> <p> Line 28: If the content is OK, it is given as input to
@ -331,7 +338,7 @@ as input: </p>
<blockquote>
<pre>
% /path/to/script -f sender recipient... &lt;message-file
% /path/to/script -f sender -- recipient... &lt;message-file
</pre>
</blockquote>
@ -381,7 +388,7 @@ entry that defines the Postfix SMTP server: </p>
-o content_filter=filter:dummy
</pre>
<p> The "content_filter" line causes Postfix to add one content
<p> The "-o content_filter" line causes Postfix to add one content
filter request record to each incoming mail message, with content
"filter:dummy". This record overrides the normal mail routing
and causes mail to be given to the content filter instead. </p>
@ -432,7 +439,7 @@ content_filter=filter:dummy" text from the entry that defines the
Postfix SMTP server. </p>
<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
filter information from existing queue files. </p>
filter request records from existing queue files. </p>
<li> <p> Execute another "<b>postfix reload</b>". </p>
@ -553,7 +560,9 @@ document for an introduction to the Postfix architecture. </p>
<p> The example given here filters all mail, including mail that
arrives via SMTP and mail that is locally submitted via the Postfix
sendmail command. See examples near the end of this document for
sendmail command (local submissions enter Postfix via the pickup(8)
server; to keep the figure simple we omit local submission details).
See examples near the end of this document for
how to exclude local users from filtering, or how to configure a
destination dependent content filter. </p>
@ -638,7 +647,7 @@ for more information. </p>
<li> <p> The "-o disable_mime_output_conversion=yes" is a workaround
that prevents the breaking of domainkeys and other digital signatures.
This is needed because some SMTP-based content filters don't announce
8BITMIME support, even though they can handle it just fine. </p>
8BITMIME support, even though they can handle 8-bit mail. </p>
<li> <p> The "-o smtp_generic_maps=" is a workaround that prevents
local address rewriting with generic(5) maps. Such rewriting should
@ -672,6 +681,10 @@ shell and home directory. This user handles all potentially
dangerous mail content - that is why it should be a separate account.
</p>
<li> <p> By default, Postfix will terminate a command that runs
longer than command_time_limit seconds (default: 1000s). This is a
safety measure that prevents filters from running forever. </p>
</ul>
<p> If you want to have your filter listening on port localhost:10025
@ -711,15 +724,14 @@ that injects mail back into Postfix. </p>
<ul>
<li> <p> Note: do not use spaces around the "=" or "," characters. </p>
<li> <p> NOTE: do not use spaces around the "=" or "," characters. </p>
<li> <p> Note: the SMTP server must not have a smaller process
<li> <p> NOTE: the SMTP server must not have a smaller process
limit than the "filter" master.cf entry. </p>
<li> <p> The "-o content_filter=" overrides main.cf settings, and
requests no content filtering for mail from the content filter.
This is required or else mail will stay in the content filtering
loop. </p>
This is required or else mail will loop. </p>
<li> <p> The "-o receive_override_options" overrides main.cf settings
to avoid duplicating work that was already done before the content
@ -737,7 +749,7 @@ specified in main.cf: </p>
<li> <p> We specify "no_milters" to disable Milter applications
(this option is available only in Postfix 2.3 and later). </p>
<li> <p> We don't specify "no_address_mapping" here. This
<li> <p> We don't specify "no_address_mappings" here. This
enables virtual alias expansion, canonical mappings, address
masquerading, and other address mappings after the content
filter. The main.cf setting of "receive_override_options"
@ -794,7 +806,7 @@ when content filtering is turned off. </p>
</blockquote>
<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
filter information from existing queue files. </p>
filter request records from existing queue files. </p>
<li> <p> Execute another "<b>postfix reload</b>". </p>

2
postfix/proto/LDAP_README.html
View File

@ -350,7 +350,7 @@ assume for the moment that groups never have a "maildrop" (the "bgroup"
</blockquote>
<p> Note: if the desired member object result attribute is always also
present in the group, you get suprising results, the expansion also
present in the group, you get surprising results, the expansion also
returns the address of the group. This is a known limitation of Postfix
releases prior to 2.4, and is addressed in the new with Postfix 2.4
"leaf_result_attribute" feature described in ldap_table(5). </p>

2
postfix/proto/MACOSX_README
View File

@ -1,2 +0,0 @@
See the files in auxiliary/MacOSX for hints and tips to set up
Postfix.

115
postfix/proto/MILTER_README.html
View File

@ -28,9 +28,13 @@ this happens before mail is queued. </p>
<p> The reason for adding Milter support to Postfix is that there
exists a large collection of applications, not only to block unwanted
mail, but also to verify authenticity (examples: <a
href="http://sourceforge.net/projects/dkim-milter/">Domain keys
identified mail</a>, <a
href="http://sourceforge.net/projects/sid-milter/">SenderID+SPF</a> and
<a href="http://sourceforge.net/projects/dk-milter/">Domain keys</a>)
or to digitally sign mail (example: <a
or to digitally sign mail (examples: <a
href="http://sourceforge.net/projects/dkim-milter/">Domain keys
identified mail</a>, <a
href="http://sourceforge.net/projects/dk-milter/">Domain keys</a>).
Having yet another Postfix-specific version of all that software
is a poor use of human and system resources. </p>
@ -202,14 +206,14 @@ does. </p>
<p> On some Linux and *BSD distributions, the Sendmail libmilter
library is installed by default. With this, applications such as
<a href="http://sourceforge.net/projects/dk-milter/">dk-milter</a>
<a href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a>
and <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
build out of the box without requiring any tinkering:</p>
<blockquote>
<pre>
$ <b>gzcat dk-milter-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd dk-milter-<i>x.y.z</i></b>
$ <b>gzcat dkim-milter-<i>x.y.z</i>.tar.gz | tar xf -</b>
$ <b>cd dkim-milter-<i>x.y.z</i></b>
$ <b>make</b>
[...<i>lots of output omitted</i>...]
</pre>
@ -260,7 +264,7 @@ for options. A typical command looks like this:</p>
<blockquote>
<pre>
# <b>/some/where/dk-filter -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
# <b>/some/where/dkim-filter -u <i>userid</i> -p inet:<i>portnumber</i>@localhost ...<i>other options</i>...</b>
</pre>
</blockquote>
@ -652,23 +656,70 @@ X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com &lt;unknown-msgid&
</pre>
</blockquote>
<p> This happens because some Milter applications expect that the
<p> This happens because those Milter applications expect that the
queue ID is known <i>before</i> the MTA accepts the MAIL FROM
(sender) command. Postfix, on the other hand, does not choose a
queue file name until <i>after</i> it accepts the first valid RCPT
TO (recipient) command. Postfix queue file names must be unique
TO (recipient) command (Postfix queue file names must be unique
across multiple directories, so the name can't be chosen before the
file is created. If multiple messages were to use the same queue
ID <i>simultaneously</i>, mail would be lost. </p>
file is created; if multiple messages were to use the same queue
ID <i>simultaneously</i>, mail would be lost). </p>
<p> To work around the ugly message header from Milter applications,
we add a little code to the Milter source to look up the queue ID
after Postfix receives the end of the message. </p>
</ul>
<p> Fixing the ugly header maybe as simple as upgrading to a recent
version of the Milter application. For example, current versions
of dkim-filter and dk-filter have code that looks up the Postfix
queue ID at a later protocol stage. </p>
<p> To fix the ugly message header with sid-filter applications,
we change the source code, so that it does the queue ID lookup after
Postfix receives the end of the message. </p>
<ul>
<li> <p> Edit the filter source file (named
<tt>sid-filter/sid-filter.c</tt>). </p>
<li> <p> Look up the <tt>smfilter</tt> table and replace
<tt>mlfi_eoh</tt> by <tt>NULL</tt>.
</p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top that calls <tt>mlfi_eoh()</tt> as shown by the <b>bold</b>
text below: </p>
</ul>
<blockquote>
<pre>
assert(ctx != NULL);
#endif /* !DEBUG */
<b>
ret = mlfi_eoh(ctx);
if (ret != SMFIS_CONTINUE)
return ret;</b>
</pre>
</blockquote>
<p> NOTES: </p>
<ul>
<li> <p> This was tested with sid-milter-0.2.10 and sid-milter-0.2.14. </p>
<li> <p> This fixes only the ugly message header, but not the WARNING
message. Fortunately, sid-milter logs that message only once. </p>
</ul>
<p> To fix the ugly message header with other Milter applications,
you will need to do something like this: </p>
<ul>
<li> <p> Edit the filter source file (typically named
<tt>dk-filter/dk-filter.c</tt> or similar). </p>
<tt>xxx-filter/xxx-filter.c</tt> or similar). </p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top shown as <b>bold</b> text below: </p>
@ -700,43 +751,7 @@ variables. If the above code does not compile, look for the code
at the start of the <tt>mlfi_eoh()</tt> routine. </p>
<li> <p> This fixes only the ugly message header, but not the WARNING
message. Fortunately, dk-filter logs that message only once. </p>
</ul>
<p> With some Milter applications we can fix both the WARNING and
the "unknown-msgid" by postponing the call of <tt>mlfi_eoh()</tt>
(or whatever routine logs the WARNING) until the end of the message.
</p>
<ul>
<li> <p> Edit the filter source file (typically named
<tt>sid-filter/sid-filter.c</tt> or similar). </p>
<li> <p> Look up the <tt>smfilter</tt> table and replace
<tt>mlfi_eoh</tt> (or whatever routine logs the WARNING) by NULL.
</p>
<li> <p> Look up the <tt>mlfi_eom()</tt> function and add code near
the top that calls <tt>mlfi_eoh()</tt> as shown by the <b>bold</b>
text below: </p>
</ul>
<blockquote>
<pre>
assert(ctx != NULL);
#endif /* !DEBUG */
<b>
ret = mlfi_eoh(ctx);
if (ret != SMFIS_CONTINUE)
return ret;</b>
</pre>
</blockquote>
<p> This works with sid-milter-0.2.10. Other Milter applications
will dump core when you do this. </p>
message. Fortunately, many Milters log that message only once. </p>
</ul>

6
postfix/proto/Makefile.in
View File

@ -15,7 +15,6 @@ HTML = ../html/ADDRESS_CLASS_README.html \
../html/CDB_README.html \
../html/CONNECTION_CACHE_README.html \
../html/CONTENT_INSPECTION_README.html \
../html/CYRUS_README.html \
../html/DATABASE_README.html ../html/DB_README.html \
../html/DEBUG_README.html \
../html/DSN_README.html \
@ -37,7 +36,7 @@ HTML = ../html/ADDRESS_CLASS_README.html \
../html/STANDARD_CONFIGURATION_README.html \
../html/TLS_README.html ../html/TLS_LEGACY_README.html \
../html/TUNING_README.html \
../html/UUCP_README.html ../html/ULTRIX_README.html \
../html/UUCP_README.html \
../html/VERP_README.html ../html/VIRTUAL_README.html \
../html/XCLIENT_README.html ../html/XFORWARD_README.html \
../html/postconf.5.html
@ -51,7 +50,6 @@ README = ../README_FILES/ADDRESS_CLASS_README \
../README_FILES/CDB_README \
../README_FILES/CONNECTION_CACHE_README \
../README_FILES/CONTENT_INSPECTION_README \
../README_FILES/CYRUS_README \
../README_FILES/DATABASE_README ../README_FILES/DB_README \
../README_FILES/DEBUG_README \
../README_FILES/DSN_README \
@ -73,7 +71,7 @@ README = ../README_FILES/ADDRESS_CLASS_README \
../README_FILES/STANDARD_CONFIGURATION_README \
../README_FILES/TLS_README ../README_FILES/TLS_LEGACY_README \
../README_FILES/TUNING_README \
../README_FILES/UUCP_README ../README_FILES/ULTRIX_README \
../README_FILES/UUCP_README \
../README_FILES/VERP_README ../README_FILES/VIRTUAL_README \
../README_FILES/XCLIENT_README ../README_FILES/XFORWARD_README \
../README_FILES/AAAREADME

4
postfix/proto/PACKAGE_README.html
View File

@ -27,8 +27,8 @@ Postfix distributions for general use. </p>
file</h2>
<p> The installed main.cf file must be small. PLEASE resist the
temptation to list all 400+ parameters in the main.cf file. Postfix
is supposed to be easy to configure. Listing all 400+ in main.cf
temptation to list all parameters in the main.cf file. Postfix
is supposed to be easy to configure. Listing all parameters in main.cf
defeats the purpose. It is an invitation for hobbyists to make
random changes without understanding what they do, and gets them
into endless trouble. </p>

2
postfix/proto/SMTPD_POLICY_README.html
View File

@ -164,7 +164,7 @@ etrn_domain=
These attributes are empty in case of no certificate authentication.
As of Postfix 2.2.11 these attribute values are encoded as
xtext: some characters are represented by +XX, where XX is the
two-digit hecadecimal representation of the character value.
two-digit hexadecimal representation of the character value.
</p>
<li> <p> The "encryption_*" attributes (Postfix 2.3 and later)

89
postfix/proto/TUNING_README.html
View File

@ -224,8 +224,8 @@ seconds or $smtpd_error_sleep_time, whichever is more. </p>
<h2><a name="conn_limit">Measures against clients that make too many connections</a></h2>
<p> Note: the anvil(8) service was introduced with Postfix version
2.2. </p>
<p> Note: these features use the Postfix anvil(8) service, introduced
with Postfix version 2.2. </p>
<p> The Postfix smtpd(8) server can limit the number of simultaneous
connections from the same SMTP client, as well as the number of
@ -233,34 +233,47 @@ connections that a client is allowed to make per unit time.
These statistics are maintained by the anvil(8) server (translation:
if anvil(8) breaks, then connection limits stop working). </p>
<p> IMPORTANT: These limits are designed to protect the smtpd(8) server
against flagrant abuse. Do not use these limits to regulate legitimate
traffic: mail will suffer grotesque delays if you do so. </p>
<p> IMPORTANT: These limits must not be used to regulate legitimate
traffic: mail will suffer grotesque delays if you do so. The limits
are designed to protect the smtpd(8) server against abuse by
out-of-control clients. </p>
<ul>
<blockquote>
<li> <p> An SMTP client may make up to $smtpd_client_connection_count_limit
simultaneous connections (default: 50). This is half the default
process limit. </p>
<dl>
<li> <p> An SMTP client may make up to $smtpd_client_message_rate_limit
message delivery requests per unit time (default: no limit). </p>
<dt> smtpd_client_connection_count_limit (default: 50) </dt> <dd>
The maximum number of connections than an SMTP client may make
simultaneously. </dd>
<li> <p> An SMTP client may send up to $smtpd_client_recipient_rate_limit
recipient addresses per unit time (default: no limit). </p>
<dt> smtpd_client_connection_rate_limit (default: no limit) </dt>
<dd> The maximum number of connections that an SMTP client may make
in the time interval specified with anvil_rate_time_unit (default:
60s). </dd>
<li> <p> An SMTP client may make up to $smtpd_client_connection_rate_limit
connections per unit time (default: no limit). </p>
<dt> smtpd_client_message_rate_limit (default: no limit) </dt> <dd>
The maximum number of message delivery requests that an SMTP client
may make in the time interval specified with anvil_rate_time_unit
(default: 60s). </dd>
<li> <p> These limits are not applied to SMTP clients in the networks
specified with $smtpd_client_event_limit_exceptions (default:
clients in $mynetworks may make an unlimited number of connections).
<dt> smtpd_client_recipient_rate_limit (default: no limit) </dt>
<dd> The maximum number of recipient addresses that an SMTP client
may specify in the time interval specified with anvil_rate_time_unit
(default: 60s). </dd>
<li> <p> The anvil_rate_time_unit parameter specifies the time
unit over which client connection rates are computed (default:
60s).
<dt> smtpd_client_new_tls_session_rate_limit (default: no limit)
</dt> <dd> The maximum number of new TLS sessions (without using
the TLS session cache) that an SMTP client may negotiate in the
time interval specified with anvil_rate_time_unit (default: 60s).
</dd>
</ul>
<dt> smtpd_client_event_limit_exceptions (default: $mynetworks)
</dt> <dd> SMTP clients that are excluded from connection and rate
limits specified above. </dd>
</dl>
</blockquote>
<h2><a name="mailing_tips">General mail delivery performance tips</a></h2>
@ -360,7 +373,7 @@ is not useful. Another good reason to limit delivery concurrency
to the same recipient: if the recipient has an expensive shell
command in her .forward file, or if the recipient is a mailing list
manager, you don't want to run too many instances of those processes
the same time. </p>
at the same time. </p>
<li> <p> The default smtp_destination_concurrency_limit of 20 seems
enough to noticeably load a system without bringing it to its knees.
@ -465,10 +478,12 @@ some amount of time. </p>
<dl>
<dt> queue_run_delay (default: 1000 seconds) </dt> <dd> How often
<dt> queue_run_delay (default: 300 seconds; before Postfix 2.4:
1000s) </dt> <dd> How often
the queue manager scans the queue for deferred mail. </dd>
<dt> minimal_backoff_time (default: 1000 seconds) </dt> <dd> The
<dt> minimal_backoff_time (default: 300 seconds; before Postfix
2.4: 1000s) </dt> <dd> The
minimal amount of time a message won't be looked at, and the minimal
amount of time to stay away from a "dead" destination. </dd>
@ -519,7 +534,8 @@ that usually requires timing out one or more SMTP connections. </p>
always better than increasing the frequency of delivery attempts.
However, if you can control only the delivery attempt frequency,
consider using a dedicated fallback_relay "graveyard" machine for
bad destinations so that they do not ruin the performance of normal
bad destinations, so that these destinations do not ruin the
performance of normal
mail deliveries. </p>
<h2><a name="proc_limit">Tuning the number of Postfix processes</a></h2>
@ -573,6 +589,20 @@ errors. </p>
<ul>
<li> <p> Depending on your Postfix and operating system versions
you may need to recompile Postfix if you need more than 1024 file
descriptors per process: </p>
<ul> <li> <p> No recompilation is needed for Postfix version 2.4
and later, when it was compiled for systems that support BSD kqueue(2)
(FreeBSD 4.1, NetBSD 2.0, OpenBSD 2.9), Solaris 8 /dev/poll, or
Linux 2.6 epoll(4). </p>
<li> <p> Otherwise, Postfix needs to be recompiled to override the
default FD_SETSIZE value. </p>
</ul>
<li> <p> Reduce the number of processes as described under "<a
href="#proc_limit">Tuning the number of Postfix processes</a>" above.
Fewer processes need fewer open files and sockets. </p>
@ -585,7 +615,8 @@ with your system tuning guide: </p>
<ul>
<li> <p> Some FreeBSD kernel parameters can be specified in
/boot/loader.conf, and some can be changed with sysctl commands.
/boot/loader.conf, and some can be specified in /etc/sysctl.conf
or changed with sysctl commands.
Which is which depends on the version.
</p>
@ -598,7 +629,7 @@ kern.maxfilesperproc="16384"
</pre>
<li> <p> Linux kernel parameters can be specified in /etc/sysctl.conf
and can also be changed with sysctl commands: </p>
or changed with sysctl commands: </p>
<pre>
fs.file-max=16384
@ -607,7 +638,7 @@ kernel.threads-max=2048
<li> <p> Solaris kernel parameters can be specified in /etc/system,
as described in the <a
href="http://www.science.uva.nl/pub/solaris/solaris2.html#q3.46">Solaris
href="http://www.science.uva.nl/pub/solaris/solaris2.html#q3.48">Solaris
FAQ</a> entry titled "How can I increase the number of file
descriptors per process?" </p>

71
postfix/proto/ULTRIX_README.html
View File

@ -1,71 +0,0 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix and Ultrix </title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix and Ultrix </h1>
<hr>
<h2> Postfix on Ultrix </h2>
<p> This document is probably only of historical value, because
Ultrix version 4 dates from the early 1990s. However, as long as
Wietse keeps Postfix alive for SunOS 4, it is likely to run on
Ultrix 4 with very little change. Feedback is welcome if anyone
actually still uses Postfix on any version of Ultrix. </p>
<p> The source of this document is an email message by Christian von Roques
that was sent on Jun 2, 1999. </p>
<blockquote>
<p> I've upgraded the MTA of our DECstation-3100 running Ultrix4.3a to
postfix-19990317-pl05 and am sending you the patches I needed to get
it running under Ultrix. </p>
<p> . . . </p>
<p> One of the bugs of Ultrix's /bin/sh is that shell-variables
set in arguments of `:' expand to garbage if expanded in here-documents.
Using a different shell helps. I needed to replace all calls of
``sh .../makedefs'' by ``$(SHELL) .../makedefs'' in all the
Makefile.in and am now able to use ``make SHELL=/bin/sh5'' or zsh.
<p> . . . </p>
<p> Ultrix's FD_SET_SIZE is 4096, but getdtablesize()
returns 64 by default, if not increased when building a new
kernel. getrlimit() doesn't know RLIMIT_NOFILE. This makes
event_init() always log the warning: `could allocate space for
only 64 open files'. </p>
<p> I just reduced the threshold from 256 to 64, but this is not good.
The initial problem still remains: How to disable this warning on
Ultrix without making the source ugly? </p>
</blockquote>
<p> To work around the first problem, all the Makefile.in files
have been updated to use `$(SHELL)' instead of `sh'. So you only
need to supply a non-default shell in order to eliminate Ultrix
shell trouble. </p>
<p> To work around the latter, util/sys_defs.h was updated for
Ultrix, with a default FD_SETSIZE of 100. This should be sufficient
for a workstation. Even in 1999, no-one would run a major mail hub
on Ultrix 4. </p>
</body>
</html>

10
postfix/proto/access
View File

@ -10,10 +10,10 @@
#
# \fBpostmap -q - /etc/postfix/access <\fIinputfile\fR
# DESCRIPTION
# The Postfix SMTP server supports access control on remote
# SMTP client information: host names, network addresses, and
# envelope sender
# or recipient addresses. See \fBheader_checks\fR(5) or
# This document describes access control on remote SMTP client
# information: host names, network addresses, and envelope
# sender or recipient addresses; it is implemented by the
# Postfix SMTP server. See \fBheader_checks\fR(5) or
# \fBbody_checks\fR(5) for access control on the content of
# email messages.
#
@ -244,7 +244,7 @@
# More information
# about external content filters is in the Postfix FILTER_README file.
# .sp
# Note: this action overrides the \fBmain.cf content_filter\fR setting,
# Note: this action overrides the \fBcontent_filter\fR setting,
# and currently affects all recipients of the message.
# .sp
# This feature is available in Postfix 2.0 and later.

46
postfix/proto/header_checks
View File

@ -2,7 +2,7 @@
# NAME
# header_checks 5
# SUMMARY
# Postfix built-in header/body inspection
# Postfix built-in content inspection
# SYNOPSIS
# \fBheader_checks = pcre:/etc/postfix/header_checks\fR
# .br
@ -16,8 +16,9 @@
# .br
# \fBpostmap -fq - pcre:/etc/postfix/\fIfilename\fR <\fIinputfile\fR
# DESCRIPTION
# The Postfix \fBcleanup\fR(8) server supports access control
# on the content of message headers and message body lines.
# This document describes access control on the content of
# message headers and message body lines; it is implemented
# by the Postfix cleanup(8) server before mail is queued.
# See \fBaccess\fR(5) for access control on remote SMTP client
# information.
#
@ -84,16 +85,17 @@
# .IP "\fBif /\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
# Match the input string against the patterns between \fBif\fR
# and \fBendif\fR, if and only if the input string also matches
# \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# and \fBendif\fR, if and only if the same input string also
# matches \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# .sp
# Note: do not prepend whitespace to patterns inside
# \fBif\fR..\fBendif\fR.
# .IP "\fBif !/\fIpattern\fB/\fIflags\fR"
# .IP "\fBendif\fR"
# Match the input string against the patterns between \fBif\fR
# and \fBendif\fR, if and only if the input string does \fBnot\fR
# match \fIpattern\fR. The \fBif\fR..\fBendif\fR can nest.
# and \fBendif\fR, if and only if the same input string does
# \fBnot\fR match \fIpattern\fR. The \fBif\fR..\fBendif\fR
# can nest.
# .IP "blank lines and comments"
# Empty lines and whitespace-only lines are ignored, as
# are lines whose first non-whitespace character is a `#'.
@ -172,13 +174,13 @@
# .sp
# This feature is available in Postfix 2.1 and later.
# .IP "\fBFILTER \fItransport:destination\fR"
# Write a content filter request to the queue file and
# Write a content filter request to the queue file, and
# inspect the next input line.
# After the complete message is received it will be sent through
# the specified external content filter. More information about
# external content filters is in the Postfix FILTER_README file.
# .sp
# Note: this action overrides the \fBmain.cf content_filter\fR setting,
# Note: this action overrides the \fBcontent_filter\fR setting,
# and affects all recipients of the message. In the case that multiple
# \fBFILTER\fR actions fire, only the last one is executed.
# .sp
@ -203,10 +205,10 @@
# .sp
# This feature is available in Postfix 2.0 and later.
# .IP \fBIGNORE\fR
# Delete the current line from the input and inspect
# Delete the current line from the input, and inspect
# the next input line.
# .IP "\fBPREPEND \fItext...\fR"
# Prepend one line with the specified text and inspect the next
# Prepend one line with the specified text, and inspect the next
# input line.
# .sp
# Notes:
@ -228,7 +230,7 @@
# .IP
# This feature is available in Postfix 2.1 and later.
# .IP "\fBREDIRECT \fIuser@domain\fR"
# Write a message redirection request to the queue file and
# Write a message redirection request to the queue file, and
# inspect the next input line. After the message is queued,
# it will be sent to the specified address instead of the
# intended recipient(s).
@ -239,7 +241,7 @@
# .sp
# This feature is available in Postfix 2.1 and later.
# .IP "\fBREPLACE \fItext...\fR"
# Replace the current line with the specified text and inspect the next
# Replace the current line with the specified text, and inspect the next
# input line.
# .sp
# This feature is available in Postfix 2.2 and later. The
@ -270,19 +272,25 @@
# "5.7.1".
# .IP "\fBWARN \fIoptional text...\fR
# Log a warning with the \fIoptional text...\fR (or log a
# generic message) and inspect the next input line. This
# generic message), and inspect the next input line. This
# action is useful for debugging and for testing a pattern
# before applying more drastic actions.
# BUGS
# Many people overlook the main limitations of header and body_checks
# rules. These rules operate on one logical message header or one body
# line at a time, and a decision made for one line is not carried over
# to the next line. If text in the message body is encoded
# rules.
# .IP \(bu
# These rules operate on one logical message header or one body
# line at a time. A decision made for one line is not carried over
# to the next line.
# .IP \(bu
# If text in the message body is encoded
# (RFC 2045) then the rules have to specified for the encoded
# form. Likewise, when message headers are encoded (RFC
# form.
# .IP \(bu
# Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the encoded
# form.
#
# .PP
# Message headers added by the \fBcleanup\fR(8) daemon itself
# are excluded from inspection. Examples of such message headers
# are \fBFrom:\fR, \fBTo:\fR, \fBMessage-ID:\fR, \fBDate:\fR.

4
postfix/proto/ldap_table
View File

@ -340,7 +340,7 @@
# .ti +4
# terminal_result_attribute = maildrop
#
# This feature is available with Postfix >= 2.4.
# This feature is available with Postfix 2.4 or later.
# .IP "\fBleaf_result_attribute (default: empty)\fR"
# When one or more special result attributes are found in a non-terminal
# (see above) LDAP entry, leaf result attributes are excluded from the
@ -368,7 +368,7 @@
# leaf_result_attribute = mail
# .in -4
#
# This feature is available with Postfix >= 2.4.
# This feature is available with Postfix 2.4 or later.
# .IP "\fBscope (default: sub)\fR"
# The LDAP search scope: \fBsub\fR, \fBbase\fR, or \fBone\fR.
# These translate into LDAP_SCOPE_SUBTREE, LDAP_SCOPE_BASE,

26
postfix/proto/postconf.proto
View File

@ -2622,17 +2622,18 @@ Specify 0 when mail delivery should be tried only once.
The maximal size in bytes of a message, including envelope information.
</p>
%PARAM minimal_backoff_time version dependent
%PARAM minimal_backoff_time 300s
<p>
The minimal time between attempts to deliver a deferred message;
prior to Postfix 2.4 the default value was 1000s.
</p>
<p>
The minimal time between attempts to deliver a deferred message.
This parameter also limits the time an unreachable destination is
kept in the short-term, in-memory, destination status cache.
</p>
<p> With Postfix 2.4 the default value was reduced from 1000s to
300s. </p>
<p> This parameter should be set greater than or equal to
$queue_run_delay. See also $maximal_backoff_time. </p>
@ -3076,14 +3077,11 @@ With Postfix versions 2.0 and earlier, a queue_minfree value of
zero means there is no minimum required amount of free space.
</p>
%PARAM queue_run_delay version dependent
%PARAM queue_run_delay 300s
<p>
The time between deferred queue scans by the queue manager.
</p>
<p>
With Postfix 2.4 the default value was reduced from 1000s to 300s.
The time between deferred queue scans by the queue manager;
prior to Postfix 2.4 the default value was 1000s.
</p>
<p> This parameter should be set less than or equal to
@ -6491,8 +6489,8 @@ are calculated.
</p>
<p>
This feature is implemented by the anvil(8) service which is not
part of the stable Postfix version 2.1 release.
This feature is implemented by the anvil(8) service which is available
in Postfix version 2.2 and later.
</p>
<p>
@ -9631,7 +9629,7 @@ and higher the optional "ciphers" attribute overrides the main.cf
smtp_tls_mandatory_ciphers parameter and the optional "protocols"
keyword overrides the main.cf smtp_tls_mandatory_protocols parameter.
In the policy table, multiple protocols must be separated by colons,
as attribute values may not contain whitespace or commas. </p>
as attribute values may not contain whitespace or commas. </dd>
<dt><b>verify</b></dt> <dd>Mandatory TLS verification. At this security
level, DNS MX lookups are trusted to be secure enough, and the name

7
postfix/src/global/dict_proxy.c
View File

@ -91,6 +91,7 @@ static const char *dict_proxy_lookup(DICT *dict, const char *key)
VSTREAM *stream;
int status;
int count = 0;
int request_flags;
/*
* The client and server live in separate processes that may start and
@ -101,6 +102,8 @@ static const char *dict_proxy_lookup(DICT *dict, const char *key)
*/
VSTRING_RESET(dict_proxy->result);
VSTRING_TERMINATE(dict_proxy->result);
request_flags = (dict_proxy->in_flags & DICT_FLAG_RQST_MASK)
| (dict->flags & DICT_FLAG_RQST_MASK);
for (;;) {
stream = clnt_stream_access(proxy_stream);
errno = 0;
@ -108,7 +111,7 @@ static const char *dict_proxy_lookup(DICT *dict, const char *key)
if (attr_print(stream, ATTR_FLAG_NONE,
ATTR_TYPE_STR, MAIL_ATTR_REQ, PROXY_REQ_LOOKUP,
ATTR_TYPE_STR, MAIL_ATTR_TABLE, dict->name,
ATTR_TYPE_INT, MAIL_ATTR_FLAGS, dict_proxy->in_flags,
ATTR_TYPE_INT, MAIL_ATTR_FLAGS, request_flags,
ATTR_TYPE_STR, MAIL_ATTR_KEY, key,
ATTR_TYPE_END) != 0
|| vstream_fflush(stream)
@ -122,7 +125,7 @@ static const char *dict_proxy_lookup(DICT *dict, const char *key)
if (msg_verbose)
msg_info("%s: table=%s flags=%s key=%s -> status=%d result=%s",
myname, dict->name,
dict_flags_str(dict_proxy->in_flags), key,
dict_flags_str(request_flags), key,
status, STR(dict_proxy->result));
switch (status) {
case PROXY_STAT_BAD:

4
postfix/src/global/mail_version.h
View File

@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20070320"
#define MAIL_VERSION_NUMBER "2.4.0-RC7"
#define MAIL_RELEASE_DATE "20070323"
#define MAIL_VERSION_NUMBER "2.4.0-RC8"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE

2
postfix/src/global/mbox_open.c
View File

@ -161,9 +161,9 @@ MBOX *mbox_open(const char *path, int flags, mode_t mode, struct stat * st,
*/
if ((fp = safe_open(path, flags | O_NONBLOCK, mode, st,
chown_uid, chown_gid, why->reason)) == 0) {
dsb_status(why, mbox_dsn(errno, def_dsn));
if (locked & MBOX_DOT_LOCK)
dot_unlockfile(path);
dsb_status(why, mbox_dsn(errno, def_dsn));
return (0);
}
close_on_exec(vstream_fileno(fp), CLOSE_ON_EXEC);

6
postfix/src/util/sys_defs.h
View File

@ -208,6 +208,12 @@
#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
#define NATIVE_COMMAND_DIR "/usr/sbin"
#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#ifndef NO_KQUEUE
# define EVENTS_STYLE EVENTS_STYLE_KQUEUE
# define USE_SYSV_POLL
#endif
#endif
/*