mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-2.12-20140321

Browse Source
This commit is contained in:
Wietse Venema 2014-03-21 00:00:00 -05:00 committed by Viktor Dukhovni
parent 1b55748771
commit 48a0b6fc23
38 changed files with 958 additions and 840 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
postfix/HISTORY
View File

@ -19627,10 +19627,25 @@ Apologies for any names omitted.
Feature: local_bounce_defer_filter support. Files:
global/bounce.[hc], global/defer.[hc], local/command.c,
local/file.c, local/bounce_workaround.c, local/local.c,
global/mail_params.h.
global/mail_params.h, mantools/postlink.
20140318
Refinement: don't throttle an SMTP destination when the new
smtp_bounce_defer_filter feature turns a soft bounce into
a hard bounce. File: smtp/smtp_trouble.c.
20140320
Feature: support to replace successful delivery status code
and explanatory text. This can be used to to hide local
details such as destination commands or file names when a
remote sender requests confirmation of delivery. As of now
*_bounce_defer_filter is renamed into *_delivery_status_filter.
Files: global/bounce.c, global/bounce.h, global/defer.c,
global/defer.h, global/dsn_filter.c, global/dsn_filter.h,
global/mail_params.c, global/mail_params.h, global/sent.c,
local/local.c, master/event_server.c, master/multi_server.c,
master/single_server.c, master/trigger_server.c, pipe/pipe.c,
smtp/lmtp_params.c, smtp/smtp.c, smtp/smtp_params.c,
virtual/virtual.c, mantools/postlink.

47
postfix/RELEASE_NOTES
View File

@ -16,42 +16,53 @@ specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.
Major changes with snapshot 20140318
Major changes with snapshot 20140321
====================================
Support to change arbitrary hard delivery errors into soft errors
and vice versa, or to replace the descriptive text in non-delivery
notifications. This was originally implemented for sites that want
to bounce mail when no remote SMTP server supports STARTTLS.
Delivery status filter support, to replace the delivery status codes
and explanatory text of successful or unsuccessful deliveries. This
was originally implemented for sites that want to turn certain soft
delivery errors into hard delivery errors, but it can also be used
to censor out information from delivery confirmation reports.
This feature is implemented as a filter that replaces the three-number
enhanced status code and descriptive text in Postfix delivery agent
bounce/defer messages. Note: this will not override "soft_bounce=yes".
success, bounce, or defer messages. Note: this will not override
"soft_bounce=yes", and this will not change a successful delivery
status into an unsuccessful status or vice versa.
The following example turns specific soft TLS errors into hard
The first example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
/etc/postfix/main.cf:
smtp_bounce_defer_filter = pcre:/etc/postfix/smtp_ndr_filter
smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
/etc/postfix/smtp_ndr_filter:
/etc/postfix/smtp_dsn_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/ 5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/ 5$1
The second example removes the destination command name and file
name from local(8) successful delivery reports, so that they will
not be reported when a sender requests confirmation of delivery.
/etc/postfix/main.cf:
local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
/etc/postfix/local_dsn_filter:
/^(2\S+ delivered to file).+/ $1
/^(2\S+ delivered to command).+/ $1
This feature is supported in the lmtp(8), local(8), pipe(8), smtp(8)
and virtual(8) delivery agents. That is, all delivery agents that
actually deliver mail.
This feature will not be supported in the error(8) or retry(8) dummy
delivery agents, because lots of things would break.
The new main.cf parameters and default values are:
default_bounce_defer_filter =
lmtp_bounce_defer_filter = $default_bounce_defer_filter
local_bounce_defer_filter = $default_bounce_defer_filter
pipe_bounce_defer_filter = $default_bounce_defer_filter
smtp_bounce_defer_filter = $default_bounce_defer_filter
virtual_bounce_defer_filter = $default_bounce_defer_filter
default_delivery_status_filter =
lmtp_delivery_status_filter = $default_delivery_status_filter
local_delivery_status_filter = $default_delivery_status_filter
pipe_delivery_status_filter = $default_delivery_status_filter
smtp_delivery_status_filter = $default_delivery_status_filter
virtual_delivery_status_filter = $default_delivery_status_filter
See the postconf(5) manpage for more details.

201
postfix/html/lmtp.8.html
View File

@ -292,9 +292,10 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#smtp_bounce_defer_filter">smtp_bounce_defer_filter</a> ($<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b>
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="smtp.8.html"><b>smtp</b>(8)</a> delivery agent.
<b><a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="smtp.8.html"><b>smtp</b>(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuc-
cessful deliveries.
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
@ -312,7 +313,7 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a> (no)</b>
Send the non-standard XFORWARD command when the Postfix SMTP
Send the non-standard XFORWARD command when the Postfix SMTP
server EHLO response announces XFORWARD support.
<b>SASL AUTHENTICATION CONTROLS</b>
@ -320,62 +321,62 @@ SMTP(8) SMTP(8)
Enable SASL authentication in the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
address when sender-dependent authentication is enabled.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
Postfix SMTP client SASL security options; as of Postfix 2.3 the
list of available features depends on the SASL client implemen-
list of available features depends on the SASL client implemen-
tation that is selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, a Postfix SMTP client filter for the remote SMTP
If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
Enable sender-dependent authentication in the Postfix SMTP
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
ferent senders will use the appropriate credentials.
<b><a href="postconf.5.html#smtp_sasl_path">smtp_sasl_path</a> (empty)</b>
Implementation-specific information that the Postfix SMTP client
passes through to the SASL plug-in implementation that is
passes through to the SASL plug-in implementation that is
selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
<b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> (cyrus)</b>
The SASL plug-in type that the Postfix SMTP client should use
The SASL plug-in type that the Postfix SMTP client should use
for authentication.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> (empty)</b>
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
password.
<b><a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a> (90d)</b>
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
is removed.
<b><a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> (yes)</b>
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
mail as undeliverable.
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a> (no)</b>
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
command in SASL-authenticated SMTP sessions.
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be found in the
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
@ -385,20 +386,20 @@ SMTP(8) SMTP(8)
<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
Time limit for Postfix SMTP client write and read operations
Time limit for Postfix SMTP client write and read operations
during TLS startup and shutdown handshake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
tificates.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
Directory with PEM format certificate authority certificates
Directory with PEM format certificate authority certificates
that the Postfix SMTP client uses to verify a remote SMTP server
certificate.
@ -406,7 +407,7 @@ SMTP(8) SMTP(8)
File with the Postfix SMTP client RSA certificate in PEM format.
<b><a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> (empty)</b>
@ -414,8 +415,8 @@ SMTP(8) SMTP(8)
client cipher list at all TLS security levels.
<b><a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> (empty)</b>
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
els.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
@ -431,7 +432,7 @@ SMTP(8) SMTP(8)
Enable additional Postfix SMTP client logging of TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
Log the hostname of a remote SMTP server that offers STARTTLS,
Log the hostname of a remote SMTP server that offers STARTTLS,
when TLS is not already enabled for that server.
<b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
@ -440,14 +441,14 @@ SMTP(8) SMTP(8)
fied, this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
<b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (!SSLv2)</b>
List of SSL/TLS protocols that the Postfix SMTP client will use
List of SSL/TLS protocols that the Postfix SMTP client will use
with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (9)</b>
The verification depth for remote SMTP server certificates.
<b><a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> (nexthop, dot-nexthop)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "secure" TLS security level.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
@ -455,16 +456,16 @@ SMTP(8) SMTP(8)
session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
The expiration time of Postfix SMTP client TLS session cache
The expiration time of Postfix SMTP client TLS session cache
information.
<b><a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> (hostname)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "verify" TLS security level.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
internal pseudo random number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
@ -480,52 +481,52 @@ SMTP(8) SMTP(8)
The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
<b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b>
The OpenSSL cipherlist for "NULL" grade ciphers that provide
The OpenSSL cipherlist for "NULL" grade ciphers that provide
authentication without encryption.
Available in Postfix version 2.4 and later:
<b><a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> ($<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">rity_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
server certificate.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> (empty)</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_tls_security_level">rity_level</a></b> = fingerprint).
<b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> (md5)</b>
The message digest algorithm used to construct remote SMTP
The message digest algorithm used to construct remote SMTP
server certificate fingerprints.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (!SSLv2)</b>
List of TLS protocols that the Postfix SMTP client will exclude
List of TLS protocols that the Postfix SMTP client will exclude
or include with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> (export)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> (empty)</b>
File with the Postfix SMTP client ECDSA certificate in PEM for-
File with the Postfix SMTP client ECDSA certificate in PEM for-
mat.
<b><a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> ($<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>)</b>
File with the Postfix SMTP client ECDSA private key in PEM for-
File with the Postfix SMTP client ECDSA private key in PEM for-
mat.
Available in Postfix version 2.7 and later:
<b><a href="postconf.5.html#smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a> (no)</b>
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
TLS session.
Available in Postfix version 2.8 and later:
@ -536,11 +537,11 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_tls_trust_anchor_file">smtp_tls_trust_anchor_file</a> (empty)</b>
Zero or more PEM-format files with trust-anchor certificates
Zero or more PEM-format files with trust-anchor certificates
and/or public keys.
<b><a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">smtp_tls_force_insecure_host_tlsa_lookup</a> (no)</b>
Lookup the associated DANE TLSA RRset even when a hostname is
Lookup the associated DANE TLSA RRset even when a hostname is
not an alias and its address records lie in an unsigned zone.
<b><a href="postconf.5.html#tls_dane_trust_anchor_digest_enable">tls_dane_trust_anchor_digest_enable</a> (yes)</b>
@ -550,49 +551,49 @@ SMTP(8) SMTP(8)
The name of the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
future release.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
Opportunistic mode: use TLS when a remote SMTP server announces
Opportunistic mode: use TLS when a remote SMTP server announces
STARTTLS support, otherwise send the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
Enforcement mode: require that remote SMTP servers use TLS
Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
With mandatory TLS encryption, require that the remote SMTP
server hostname matches the information in the remote SMTP
With mandatory TLS encryption, require that the remote SMTP
server hostname matches the information in the remote SMTP
server certificate.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client TLS usage
policy by next-hop destination and by remote SMTP server host-
Optional lookup tables with the Postfix SMTP client TLS usage
policy by next-hop destination and by remote SMTP server host-
name.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP client TLS
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP client TLS
cipher list.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
The maximal number of parallel deliveries to the same destina-
The maximal number of parallel deliveries to the same destina-
tion via the smtp message delivery transport.
<b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b>
The maximal number of recipients per message for the smtp mes-
The maximal number of recipients per message for the smtp mes-
sage delivery transport.
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
The Postfix SMTP client time limit for completing a TCP connec-
The Postfix SMTP client time limit for completing a TCP connec-
tion, or zero (use the operating system built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the HELO or EHLO
command, and for receiving the initial remote SMTP server
The Postfix SMTP client time limit for sending the HELO or EHLO
command, and for receiving the initial remote SMTP server
response.
<b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
@ -604,19 +605,19 @@ SMTP(8) SMTP(8)
mand, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the MAIL FROM
The Postfix SMTP client time limit for sending the MAIL FROM
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the SMTP RCPT TO
The Postfix SMTP client time limit for sending the SMTP RCPT TO
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
The Postfix SMTP client time limit for sending the SMTP DATA
The Postfix SMTP client time limit for sending the SMTP DATA
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
The Postfix SMTP client time limit for sending the SMTP message
The Postfix SMTP client time limit for sending the SMTP message
content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
@ -630,13 +631,13 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
The maximal number of MX (mail exchanger) IP addresses that can
result from Postfix SMTP client mail exchanger lookups, or zero
The maximal number of MX (mail exchanger) IP addresses that can
result from Postfix SMTP client mail exchanger lookups, or zero
(no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
The maximal number of SMTP sessions per delivery request before
the Postfix SMTP client gives up or delivers to a fall-back
The maximal number of SMTP sessions per delivery request before
the Postfix SMTP client gives up or delivers to a fall-back
<a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
@ -646,17 +647,17 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.2 and earlier:
<b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
Keep Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
Keep Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
seconds.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
Permanently enable SMTP connection caching for the specified
Permanently enable SMTP connection caching for the specified
destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
Temporarily enable SMTP connection caching while a destination
Temporarily enable SMTP connection caching while a destination
has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
<b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
@ -670,37 +671,37 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
Time limit for connection cache connect, send or receive opera-
Time limit for connection cache connect, send or receive opera-
tions.
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
sage).
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
When SMTP connection caching is enabled, the number of times
that an SMTP session may be reused before it is closed, or zero
When SMTP connection caching is enabled, the number of times
that an SMTP session may be reused before it is closed, or zero
(no limit).
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a remote client or
The increment in verbose logging level when a remote client or
server matches a pattern in the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname or network
Optional list of remote client or server hostname or network
address patterns that cause the verbose logging level to
increase by the amount specified in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about mail delivery
The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or proto-
col errors.
@ -714,46 +715,46 @@ SMTP(8) SMTP(8)
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
Where the Postfix SMTP client should deliver mail when it
Where the Postfix SMTP client should deliver mail when it
detects a "mail loops back to myself" error condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to handle a
How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal point when log-
The maximal number of digits after the decimal point when log-
ging sub-second delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP clients.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
The network interface addresses that this mail system receives
The network interface addresses that this mail system receives
mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (all)</b>
The Internet protocols Postfix will attempt to use when making
The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information over an
The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
When a remote LMTP server announces no DSN support, assume that
the server performs final delivery, and send "delivered" deliv-
When a remote LMTP server announces no DSN support, assume that
the server performs final delivery, and send "delivered" deliv-
ery status notifications instead of "relayed".
<b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
The default TCP port that the Postfix LMTP client connects to.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix daemon process
The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@ -767,20 +768,20 @@ SMTP(8) SMTP(8)
The process name of a Postfix command or daemon process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail system receives
The network interface addresses that this mail system receives
mail on by way of a proxy or network address translation unit.
<b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
client will try first, when a destination has IPv6 and IPv4
client will try first, when a destination has IPv6 and IPv4
addresses with equal MX preference.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
An optional numerical network address that the Postfix SMTP
An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv4 connection.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
An optional numerical network address that the Postfix SMTP
An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv6 connection.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
@ -800,8 +801,8 @@ SMTP(8) SMTP(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available with Postfix 2.2 and earlier:

91
postfix/html/local.8.html
View File

@ -360,43 +360,44 @@ LOCAL(8) LOCAL(8)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#local_bounce_defer_filter">local_bounce_defer_filter</a> ($<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b>
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="local.8.html"><b>local</b>(8)</a> delivery agent.
<b><a href="postconf.5.html#local_delivery_status_filter">local_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="local.8.html"><b>local</b>(8)</a> delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries.
<b>DELIVERY METHOD CONTROLS</b>
The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to low is:
The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to low is:
aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>, <a href="postconf.5.html#mailbox_transport">mailbox_transport</a>,
<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_direc</a>-
<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_direc</a>-
<a href="postconf.5.html#mail_spool_directory">tory</a>, <a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a>, and <a href="postconf.5.html#luser_relay">luser_relay</a>.
<b><a href="postconf.5.html#alias_maps">alias_maps</a> (see 'postconf -d' output)</b>
The alias databases that are used for <a href="local.8.html"><b>local</b>(8)</a> delivery.
<b><a href="postconf.5.html#forward_path">forward_path</a> (see 'postconf -d' output)</b>
The <a href="local.8.html"><b>local</b>(8)</a> delivery agent search list for finding a .forward
The <a href="local.8.html"><b>local</b>(8)</a> delivery agent search list for finding a .forward
file with user-specified delivery methods.
<b><a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a> (empty)</b>
Optional lookup tables with per-recipient message delivery
transports to use for <a href="local.8.html"><b>local</b>(8)</a> mailbox delivery, whether or not
transports to use for <a href="local.8.html"><b>local</b>(8)</a> mailbox delivery, whether or not
the recipients are found in the UNIX passwd database.
<b><a href="postconf.5.html#mailbox_transport">mailbox_transport</a> (empty)</b>
Optional message delivery transport that the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent should use for mailbox delivery to all local recipients,
Optional message delivery transport that the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent should use for mailbox delivery to all local recipients,
whether or not they are found in the UNIX passwd database.
<b><a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a> (empty)</b>
Optional lookup tables with per-recipient external commands to
Optional lookup tables with per-recipient external commands to
use for <a href="local.8.html"><b>local</b>(8)</a> mailbox delivery.
<b><a href="postconf.5.html#mailbox_command">mailbox_command</a> (empty)</b>
Optional external command that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent
Optional external command that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent
should use for mailbox delivery.
<b><a href="postconf.5.html#home_mailbox">home_mailbox</a> (empty)</b>
Optional pathname of a mailbox file relative to a <a href="local.8.html"><b>local</b>(8)</a>
Optional pathname of a mailbox file relative to a <a href="local.8.html"><b>local</b>(8)</a>
user's home directory.
<b><a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a> (see 'postconf -d' output)</b>
@ -408,17 +409,17 @@ LOCAL(8) LOCAL(8)
not find in the <a href="aliases.5.html"><b>aliases</b>(5)</a> or UNIX password database.
<b><a href="postconf.5.html#fallback_transport">fallback_transport</a> (empty)</b>
Optional message delivery transport that the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent should use for names that are not found in the <a href="aliases.5.html"><b>aliases</b>(5)</a>
Optional message delivery transport that the <a href="local.8.html"><b>local</b>(8)</a> delivery
agent should use for names that are not found in the <a href="aliases.5.html"><b>aliases</b>(5)</a>
or UNIX password database.
<b><a href="postconf.5.html#luser_relay">luser_relay</a> (empty)</b>
Optional catch-all destination for unknown <a href="local.8.html"><b>local</b>(8)</a> recipients.
Optional catch-all destination for unknown <a href="local.8.html"><b>local</b>(8)</a> recipients.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#command_execution_directory">command_execution_directory</a> (empty)</b>
The <a href="local.8.html"><b>local</b>(8)</a> delivery agent working directory for delivery to
The <a href="local.8.html"><b>local</b>(8)</a> delivery agent working directory for delivery to
external command.
<b>MAILBOX LOCKING CONTROLS</b>
@ -427,15 +428,15 @@ LOCAL(8) LOCAL(8)
mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
The time between attempts to acquire an exclusive lock on a
The time between attempts to acquire an exclusive lock on a
mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
<b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
The time after which a stale exclusive mailbox lockfile is
The time after which a stale exclusive mailbox lockfile is
removed.
<b><a href="postconf.5.html#mailbox_delivery_lock">mailbox_delivery_lock</a> (see 'postconf -d' output)</b>
How to lock a UNIX-style <a href="local.8.html"><b>local</b>(8)</a> mailbox before attempting
How to lock a UNIX-style <a href="local.8.html"><b>local</b>(8)</a> mailbox before attempting
delivery.
<b>RESOURCE AND RATE CONTROLS</b>
@ -448,18 +449,18 @@ LOCAL(8) LOCAL(8)
<a href="showq.8.html"><b>showq</b>(8)</a> queue displays.
<b><a href="postconf.5.html#local_destination_concurrency_limit">local_destination_concurrency_limit</a> (2)</b>
The maximal number of parallel deliveries via the local mail
delivery transport to the same recipient (when "<a href="postconf.5.html#local_destination_recipient_limit">local_destina</a>-
<a href="postconf.5.html#local_destination_recipient_limit">tion_recipient_limit</a> = 1") or the maximal number of parallel
The maximal number of parallel deliveries via the local mail
delivery transport to the same recipient (when "<a href="postconf.5.html#local_destination_recipient_limit">local_destina</a>-
<a href="postconf.5.html#local_destination_recipient_limit">tion_recipient_limit</a> = 1") or the maximal number of parallel
deliveries to the same local domain (when "<a href="postconf.5.html#local_destination_recipient_limit">local_destina</a>-
<a href="postconf.5.html#local_destination_recipient_limit">tion_recipient_limit</a> &gt; 1").
<b><a href="postconf.5.html#local_destination_recipient_limit">local_destination_recipient_limit</a> (1)</b>
The maximal number of recipients per message delivery via the
The maximal number of recipients per message delivery via the
local mail delivery transport.
<b><a href="postconf.5.html#mailbox_size_limit">mailbox_size_limit</a> (51200000)</b>
The maximal size of any <a href="local.8.html"><b>local</b>(8)</a> individual mailbox or maildir
The maximal size of any <a href="local.8.html"><b>local</b>(8)</a> individual mailbox or maildir
file, or zero (no limit).
<b>SECURITY CONTROLS</b>
@ -470,49 +471,49 @@ LOCAL(8) LOCAL(8)
Restrict <a href="local.8.html"><b>local</b>(8)</a> mail delivery to external files.
<b><a href="postconf.5.html#command_expansion_filter">command_expansion_filter</a> (see 'postconf -d' output)</b>
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
in $name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a> and $<a href="postconf.5.html#command_execution_directory">command_execu</a>-
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
in $name expansions of $<a href="postconf.5.html#mailbox_command">mailbox_command</a> and $<a href="postconf.5.html#command_execution_directory">command_execu</a>-
<a href="postconf.5.html#command_execution_directory">tion_directory</a>.
<b><a href="postconf.5.html#default_privs">default_privs</a> (nobody)</b>
The default rights used by the <a href="local.8.html"><b>local</b>(8)</a> delivery agent for
The default rights used by the <a href="local.8.html"><b>local</b>(8)</a> delivery agent for
delivery to external file or command.
<b><a href="postconf.5.html#forward_expansion_filter">forward_expansion_filter</a> (see 'postconf -d' output)</b>
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
in $name expansions of $<a href="postconf.5.html#forward_path">forward_path</a>.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#execution_directory_expansion_filter">execution_directory_expansion_filter</a> (see 'postconf -d' output)</b>
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
Restrict the characters that the <a href="local.8.html"><b>local</b>(8)</a> delivery agent allows
in $name expansions of $<a href="postconf.5.html#command_execution_directory">command_execution_directory</a>.
Available in Postfix version 2.5.3 and later:
<b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b>
Defer delivery when a mailbox file is not owned by its recipi-
Defer delivery when a mailbox file is not owned by its recipi-
ent.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to handle a
How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal point when log-
The maximal number of digits after the decimal point when log-
ging sub-second delay values.
<b><a href="postconf.5.html#export_environment">export_environment</a> (see 'postconf -d' output)</b>
The list of environment variables that a Postfix process will
The list of environment variables that a Postfix process will
export to non-Postfix processes.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information over an
The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#local_command_shell">local_command_shell</a> (empty)</b>
@ -520,7 +521,7 @@ LOCAL(8) LOCAL(8)
mand.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix daemon process
The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@ -528,8 +529,8 @@ LOCAL(8) LOCAL(8)
process will service before terminating voluntarily.
<b><a href="postconf.5.html#prepend_delivered_header">prepend_delivered_header</a> (command, file, forward)</b>
The message delivery contexts where the Postfix <a href="local.8.html"><b>local</b>(8)</a> deliv-
ery agent prepends a Delivered-To: message header with the
The message delivery contexts where the Postfix <a href="local.8.html"><b>local</b>(8)</a> deliv-
ery agent prepends a Delivered-To: message header with the
address that the mail was delivered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
@ -539,15 +540,15 @@ LOCAL(8) LOCAL(8)
The process name of a Postfix command or daemon process.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
What address lookup tables copy an address extension from the
What address lookup tables copy an address extension from the
lookup key to the lookup result.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue directory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
The set of characters that can separate a user name from its
extension (example: user+foo), or a .forward file name from its
The set of characters that can separate a user name from its
extension (example: user+foo), or a .forward file name from its
extension (example: .forward+foo).
<b><a href="postconf.5.html#require_home_directory">require_home_directory</a> (no)</b>
@ -558,8 +559,8 @@ LOCAL(8) LOCAL(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
<b>FILES</b>
@ -582,10 +583,10 @@ LOCAL(8) LOCAL(8)
The Secure Mailer license must be distributed with this software.
<b>HISTORY</b>
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> system by Daniel
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> system by Daniel
Bernstein.
The <i>maildir</i> structure appears in the <b>qmail</b> system by Daniel Bernstein.
The <i>maildir</i> structure appears in the <b>qmail</b> system by Daniel Bernstein.
<b>AUTHOR(S)</b>
Wietse Venema

7
postfix/html/pipe.8.html
View File

@ -449,9 +449,10 @@ PIPE(8) PIPE(8)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#pipe_bounce_defer_filter">pipe_bounce_defer_filter</a> ($<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b>
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="pipe.8.html"><b>pipe</b>(8)</a> delivery agent.
<b><a href="postconf.5.html#pipe_delivery_status_filter">pipe_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="pipe.8.html"><b>pipe</b>(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuc-
cessful deliveries.
<b>SEE ALSO</b>
<a href="qmgr.8.html">qmgr(8)</a>, queue manager

252
postfix/html/postconf.5.html
View File

@ -1756,74 +1756,6 @@ Example:
</pre>
</DD>
<DT><b><a name="default_bounce_defer_filter">default_bounce_defer_filter</a>
(default: empty)</b></DT><DD>
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa. This is implemented by rewriting the
three-number enhanced status code and the explanatory text in a
Postfix delivery agent bounce/defer message. </p>
<p> Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup table names, separated
by comma or whitespace. With each bounce or defer request, the
tables are queried in the specified order with one line of text
that is structured as follows: </p>
<blockquote>
enhanced-status-code SPACE explanatory-text
</blockquote>
<p> The first table match wins. The lookup result must have the
same structure as the query: enhanced status codes must have a
first numerical field of 4 (defer) or 5 (bounce), and the explanatory
text field must be non-empty. Other results will result in a warning.
</p>
<p> Example: </p>
<p> The following example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
</p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_bounce_defer_filter">smtp_bounce_defer_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_ndr_filter
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/smtp_ndr_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
5$1
# Do not change the following into hard bounces. They may
# result from a local configuration problem.
# 4.\d+.\d+ TLS is required, but our TLS engine is unavailable
# 4.\d+.\d+ TLS is required, but unavailable
# 4.\d+.\d+ Cannot start TLS: handshake failure
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> This feature will NOT override the <a href="postconf.5.html#soft_bounce">soft_bounce</a> safety net. </p>
<li> <p> This feature will change the enhanced status code and text
that is logged to the maillog file, and that is reported to the
sender. </p>
</ul>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="default_database_type">default_database_type</a>
@ -1952,6 +1884,93 @@ name of the message delivery transport.
</p>
</DD>
<DT><b><a name="default_delivery_status_filter">default_delivery_status_filter</a>
(default: empty)</b></DT><DD>
<p> Optional filter to replace the delivery status code or explanatory
text of successful or unsuccessful deliveries. This does, however,
not allow the replacement of a successful status code (2.X.X) with
an unsuccessful status code (4.X.X or 5.X.X) or vice versa. </p>
<p> Specify zero or more "<a href="DATABASE_README.html">type:table</a>" lookup table names, separated
by comma or whitespace. With each bounce or defer request, the
tables are queried in the specified order with one line of text
that is structured as follows: </p>
<blockquote>
enhanced-status-code SPACE explanatory-text
</blockquote>
<p> The first table match wins. The lookup result must have the
same structure as the query, a successful status code (2.X.X) must
be replaced with a successful status code, an unsuccessful status
code (4.X.X or 5.X.X) must be replaced with an unsuccessful status
code, and the explanatory text field must be non-empty. Other results
will result in a warning. </p>
<p> Example 1: convert specific soft TLS errors into hard errors,
by overriding the first number in the enhanced status code. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/smtp_dsn_filter
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/smtp_dsn_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
5$1
# Do not change the following into hard bounces. They may
# result from a local configuration problem.
# 4.\d+.\d+ TLS is required, but our TLS engine is unavailable
# 4.\d+.\d+ TLS is required, but unavailable
# 4.\d+.\d+ Cannot start TLS: handshake failure
</pre>
</blockquote>
<p> Example 2: censor the per-recipient delivery status text so
that it does not not reveal the destination command or filename
when a remote sender requests confirmation of successful delivery.
</p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#local_delivery_status_filter">local_delivery_status_filter</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/local_dsn_filter
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/local_dsn_filter:
/^(2\S+ delivered to file).+/ $1
/^(2\S+ delivered to command).+/ $1
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> This feature will NOT override the <a href="postconf.5.html#soft_bounce">soft_bounce</a> safety net. </p>
<li> <p> This feature will change the enhanced status code and text
that is logged to the maillog file, and that is reported to the
sender in delivery confirmation or non-delivery notifications.
</p>
</ul>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="default_destination_concurrency_failed_cohort_limit">default_destination_concurrency_failed_cohort_limit</a>
@ -3920,17 +3939,6 @@ parameter. See there for details. </p>
<p> This feature is available in Postfix 2.5 and later. </p>
</DD>
<DT><b><a name="lmtp_bounce_defer_filter">lmtp_bounce_defer_filter</a>
(default: empty)</b></DT><DD>
<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_bounce_defer_filter">smtp_bounce_defer_filter</a>
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="lmtp_cache_connection">lmtp_cache_connection</a>
@ -4132,6 +4140,17 @@ configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="lmtp_delivery_status_filter">lmtp_delivery_status_filter</a>
(default: empty)</b></DT><DD>
<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a>
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="lmtp_destination_concurrency_limit">lmtp_destination_concurrency_limit</a>
@ -5127,18 +5146,6 @@ This feature is available in Postfix 2.1 and later.
</p>
</DD>
<DT><b><a name="local_bounce_defer_filter">local_bounce_defer_filter</a>
(default: $<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b></DT><DD>
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="local.8.html">local(8)</a> delivery agent. See
<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a> for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="local_command_shell">local_command_shell</a>
@ -5169,6 +5176,18 @@ Example:
</pre>
</DD>
<DT><b><a name="local_delivery_status_filter">local_delivery_status_filter</a>
(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
<p> Optional filter for the <a href="local.8.html">local(8)</a> delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries. See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="local_destination_concurrency_limit">local_destination_concurrency_limit</a>
@ -7013,12 +7032,12 @@ This feature is available in Postfix 2.0 and later.
</DD>
<DT><b><a name="pipe_bounce_defer_filter">pipe_bounce_defer_filter</a>
(default: $<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b></DT><DD>
<DT><b><a name="pipe_delivery_status_filter">pipe_delivery_status_filter</a>
(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="pipe.8.html">pipe(8)</a> delivery agent. See
<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a> for details. </p>
<p> Optional filter for the <a href="pipe.8.html">pipe(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
@ -9588,22 +9607,6 @@ that change the delivery time or destination are not available.
<p> This feature is available in Postfix 2.5 and later. </p>
</DD>
<DT><b><a name="smtp_bounce_defer_filter">smtp_bounce_defer_filter</a>
(default: $<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b></DT><DD>
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="smtp.8.html">smtp(8)</a> delivery agent. See
<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a> for details. </p>
<p> NOTE: This feature modifies error messages that are generated
by the Postfix SMTP client, and that may or may not be derived from
remote SMTP server responses. In contrast, the <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a>
feature modifies remote SMTP server responses that may result in
email non-delivery or delivery. </p>
</DD>
<DT><b><a name="smtp_cname_overrides_servername">smtp_cname_overrides_servername</a>
@ -9868,6 +9871,21 @@ This feature is available in Postfix 2.1 and later.
</p>
</DD>
<DT><b><a name="smtp_delivery_status_filter">smtp_delivery_status_filter</a>
(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
<p> Optional filter for the <a href="smtp.8.html">smtp(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details. </p>
<p> NOTE: This feature modifies Postfix SMTP client error or non-error
messages that may or may not be derived from remote SMTP server
responses. In contrast, the <a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> feature modifies
remote SMTP server responses only. </p>
</DD>
<DT><b><a name="smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a>
@ -18219,12 +18237,12 @@ This feature is available in Postfix 2.1 and later.
</DD>
<DT><b><a name="virtual_bounce_defer_filter">virtual_bounce_defer_filter</a>
(default: $<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b></DT><DD>
<DT><b><a name="virtual_delivery_status_filter">virtual_delivery_status_filter</a>
(default: $<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b></DT><DD>
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="virtual.8.html">virtual(8)</a> delivery agent. See
<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a> for details. </p>
<p> Optional filter for the <a href="virtual.8.html">virtual(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See <a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a> for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>

201
postfix/html/smtp.8.html
View File

@ -292,9 +292,10 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#smtp_bounce_defer_filter">smtp_bounce_defer_filter</a> ($<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b>
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="smtp.8.html"><b>smtp</b>(8)</a> delivery agent.
<b><a href="postconf.5.html#smtp_delivery_status_filter">smtp_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="smtp.8.html"><b>smtp</b>(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuc-
cessful deliveries.
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
@ -312,7 +313,7 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a> (no)</b>
Send the non-standard XFORWARD command when the Postfix SMTP
Send the non-standard XFORWARD command when the Postfix SMTP
server EHLO response announces XFORWARD support.
<b>SASL AUTHENTICATION CONTROLS</b>
@ -320,62 +321,62 @@ SMTP(8) SMTP(8)
Enable SASL authentication in the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
address when sender-dependent authentication is enabled.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
Postfix SMTP client SASL security options; as of Postfix 2.3 the
list of available features depends on the SASL client implemen-
list of available features depends on the SASL client implemen-
tation that is selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, a Postfix SMTP client filter for the remote SMTP
If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
Enable sender-dependent authentication in the Postfix SMTP
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
client; this is available only with SASL authentication, and
disables SMTP connection caching to ensure that mail from dif-
ferent senders will use the appropriate credentials.
<b><a href="postconf.5.html#smtp_sasl_path">smtp_sasl_path</a> (empty)</b>
Implementation-specific information that the Postfix SMTP client
passes through to the SASL plug-in implementation that is
passes through to the SASL plug-in implementation that is
selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
<b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> (cyrus)</b>
The SASL plug-in type that the Postfix SMTP client should use
The SASL plug-in type that the Postfix SMTP client should use
for authentication.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> (empty)</b>
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
An optional table to prevent repeated SASL authentication fail-
ures with the same remote SMTP server hostname, username and
password.
<b><a href="postconf.5.html#smtp_sasl_auth_cache_time">smtp_sasl_auth_cache_time</a> (90d)</b>
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
The maximal age of an <a href="postconf.5.html#smtp_sasl_auth_cache_name">smtp_sasl_auth_cache_name</a> entry before it
is removed.
<b><a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> (yes)</b>
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
When a remote SMTP server rejects a SASL authentication request
with a 535 reply code, defer mail delivery instead of returning
mail as undeliverable.
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_send_dummy_mail_auth">smtp_send_dummy_mail_auth</a> (no)</b>
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
Whether or not to append the "AUTH=&lt;&gt;" option to the MAIL FROM
command in SASL-authenticated SMTP sessions.
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be found in the
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
@ -385,20 +386,20 @@ SMTP(8) SMTP(8)
<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
Time limit for Postfix SMTP client write and read operations
Time limit for Postfix SMTP client write and read operations
during TLS startup and shutdown handshake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
A file containing CA certificates of root CAs trusted to sign
either remote SMTP server certificates or intermediate CA cer-
tificates.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
Directory with PEM format certificate authority certificates
Directory with PEM format certificate authority certificates
that the Postfix SMTP client uses to verify a remote SMTP server
certificate.
@ -406,7 +407,7 @@ SMTP(8) SMTP(8)
File with the Postfix SMTP client RSA certificate in PEM format.
<b><a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> (empty)</b>
@ -414,8 +415,8 @@ SMTP(8) SMTP(8)
client cipher list at all TLS security levels.
<b><a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> (empty)</b>
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP client cipher list at mandatory TLS security lev-
els.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
@ -431,7 +432,7 @@ SMTP(8) SMTP(8)
Enable additional Postfix SMTP client logging of TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
Log the hostname of a remote SMTP server that offers STARTTLS,
Log the hostname of a remote SMTP server that offers STARTTLS,
when TLS is not already enabled for that server.
<b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
@ -440,14 +441,14 @@ SMTP(8) SMTP(8)
fied, this overrides the obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
<b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (!SSLv2)</b>
List of SSL/TLS protocols that the Postfix SMTP client will use
List of SSL/TLS protocols that the Postfix SMTP client will use
with mandatory TLS encryption.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (9)</b>
The verification depth for remote SMTP server certificates.
<b><a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> (nexthop, dot-nexthop)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "secure" TLS security level.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
@ -455,16 +456,16 @@ SMTP(8) SMTP(8)
session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
The expiration time of Postfix SMTP client TLS session cache
The expiration time of Postfix SMTP client TLS session cache
information.
<b><a href="postconf.5.html#smtp_tls_verify_cert_match">smtp_tls_verify_cert_match</a> (hostname)</b>
How the Postfix SMTP client verifies the server certificate
How the Postfix SMTP client verifies the server certificate
peername for the "verify" TLS security level.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
internal pseudo random number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
@ -480,52 +481,52 @@ SMTP(8) SMTP(8)
The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
<b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b>
The OpenSSL cipherlist for "NULL" grade ciphers that provide
The OpenSSL cipherlist for "NULL" grade ciphers that provide
authentication without encryption.
Available in Postfix version 2.4 and later:
<b><a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a> ($<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">rity_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions with a verified
server certificate.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtp_tls_fingerprint_cert_match">smtp_tls_fingerprint_cert_match</a> (empty)</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
List of acceptable remote SMTP server certificate fingerprints
for the "fingerprint" TLS security level (<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_secu</a>-</b>
<b><a href="postconf.5.html#smtp_tls_security_level">rity_level</a></b> = fingerprint).
<b><a href="postconf.5.html#smtp_tls_fingerprint_digest">smtp_tls_fingerprint_digest</a> (md5)</b>
The message digest algorithm used to construct remote SMTP
The message digest algorithm used to construct remote SMTP
server certificate fingerprints.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (!SSLv2)</b>
List of TLS protocols that the Postfix SMTP client will exclude
List of TLS protocols that the Postfix SMTP client will exclude
or include with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> (export)</b>
The minimum TLS cipher grade that the Postfix SMTP client will
The minimum TLS cipher grade that the Postfix SMTP client will
use with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a> (empty)</b>
File with the Postfix SMTP client ECDSA certificate in PEM for-
File with the Postfix SMTP client ECDSA certificate in PEM for-
mat.
<b><a href="postconf.5.html#smtp_tls_eckey_file">smtp_tls_eckey_file</a> ($<a href="postconf.5.html#smtp_tls_eccert_file">smtp_tls_eccert_file</a>)</b>
File with the Postfix SMTP client ECDSA private key in PEM for-
File with the Postfix SMTP client ECDSA private key in PEM for-
mat.
Available in Postfix version 2.7 and later:
<b><a href="postconf.5.html#smtp_tls_block_early_mail_reply">smtp_tls_block_early_mail_reply</a> (no)</b>
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
Try to detect a mail hijacking attack based on a TLS protocol
vulnerability (CVE-2009-3555), where an attacker prepends mali-
cious HELO, MAIL, RCPT, DATA commands to a Postfix SMTP client
TLS session.
Available in Postfix version 2.8 and later:
@ -536,11 +537,11 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_tls_trust_anchor_file">smtp_tls_trust_anchor_file</a> (empty)</b>
Zero or more PEM-format files with trust-anchor certificates
Zero or more PEM-format files with trust-anchor certificates
and/or public keys.
<b><a href="postconf.5.html#smtp_tls_force_insecure_host_tlsa_lookup">smtp_tls_force_insecure_host_tlsa_lookup</a> (no)</b>
Lookup the associated DANE TLSA RRset even when a hostname is
Lookup the associated DANE TLSA RRset even when a hostname is
not an alias and its address records lie in an unsigned zone.
<b><a href="postconf.5.html#tls_dane_trust_anchor_digest_enable">tls_dane_trust_anchor_digest_enable</a> (yes)</b>
@ -550,49 +551,49 @@ SMTP(8) SMTP(8)
The name of the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
future release.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
Opportunistic mode: use TLS when a remote SMTP server announces
Opportunistic mode: use TLS when a remote SMTP server announces
STARTTLS support, otherwise send the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
Enforcement mode: require that remote SMTP servers use TLS
Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
With mandatory TLS encryption, require that the remote SMTP
server hostname matches the information in the remote SMTP
With mandatory TLS encryption, require that the remote SMTP
server hostname matches the information in the remote SMTP
server certificate.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client TLS usage
policy by next-hop destination and by remote SMTP server host-
Optional lookup tables with the Postfix SMTP client TLS usage
policy by next-hop destination and by remote SMTP server host-
name.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP client TLS
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP client TLS
cipher list.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
The maximal number of parallel deliveries to the same destina-
The maximal number of parallel deliveries to the same destina-
tion via the smtp message delivery transport.
<b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b>
The maximal number of recipients per message for the smtp mes-
The maximal number of recipients per message for the smtp mes-
sage delivery transport.
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
The Postfix SMTP client time limit for completing a TCP connec-
The Postfix SMTP client time limit for completing a TCP connec-
tion, or zero (use the operating system built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the HELO or EHLO
command, and for receiving the initial remote SMTP server
The Postfix SMTP client time limit for sending the HELO or EHLO
command, and for receiving the initial remote SMTP server
response.
<b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
@ -604,19 +605,19 @@ SMTP(8) SMTP(8)
mand, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the MAIL FROM
The Postfix SMTP client time limit for sending the MAIL FROM
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
The Postfix SMTP client time limit for sending the SMTP RCPT TO
The Postfix SMTP client time limit for sending the SMTP RCPT TO
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
The Postfix SMTP client time limit for sending the SMTP DATA
The Postfix SMTP client time limit for sending the SMTP DATA
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
The Postfix SMTP client time limit for sending the SMTP message
The Postfix SMTP client time limit for sending the SMTP message
content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
@ -630,13 +631,13 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
The maximal number of MX (mail exchanger) IP addresses that can
result from Postfix SMTP client mail exchanger lookups, or zero
The maximal number of MX (mail exchanger) IP addresses that can
result from Postfix SMTP client mail exchanger lookups, or zero
(no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
The maximal number of SMTP sessions per delivery request before
the Postfix SMTP client gives up or delivers to a fall-back
The maximal number of SMTP sessions per delivery request before
the Postfix SMTP client gives up or delivers to a fall-back
<a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
@ -646,17 +647,17 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.2 and earlier:
<b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
Keep Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
Keep Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
seconds.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
Permanently enable SMTP connection caching for the specified
Permanently enable SMTP connection caching for the specified
destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
Temporarily enable SMTP connection caching while a destination
Temporarily enable SMTP connection caching while a destination
has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
<b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
@ -670,37 +671,37 @@ SMTP(8) SMTP(8)
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
Time limit for connection cache connect, send or receive opera-
Time limit for connection cache connect, send or receive opera-
tions.
Available in Postfix version 2.9 and later:
<b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
Change the behavior of the smtp_*_timeout time limits, from a
time limit per read or write system call, to a time limit to
send or receive a complete record (an SMTP command line, SMTP
response line, SMTP message content line, or TLS protocol mes-
sage).
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
When SMTP connection caching is enabled, the number of times
that an SMTP session may be reused before it is closed, or zero
When SMTP connection caching is enabled, the number of times
that an SMTP session may be reused before it is closed, or zero
(no limit).
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a remote client or
The increment in verbose logging level when a remote client or
server matches a pattern in the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname or network
Optional list of remote client or server hostname or network
address patterns that cause the verbose logging level to
increase by the amount specified in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about mail delivery
The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or proto-
col errors.
@ -714,46 +715,46 @@ SMTP(8) SMTP(8)
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
Where the Postfix SMTP client should deliver mail when it
Where the Postfix SMTP client should deliver mail when it
detects a "mail loops back to myself" error condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to handle a
How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal point when log-
The maximal number of digits after the decimal point when log-
ging sub-second delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP clients.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
The network interface addresses that this mail system receives
The network interface addresses that this mail system receives
mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (all)</b>
The Internet protocols Postfix will attempt to use when making
The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
The time limit for sending or receiving information over an
The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
When a remote LMTP server announces no DSN support, assume that
the server performs final delivery, and send "delivered" deliv-
When a remote LMTP server announces no DSN support, assume that
the server performs final delivery, and send "delivered" deliv-
ery status notifications instead of "relayed".
<b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
The default TCP port that the Postfix LMTP client connects to.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix daemon process
The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@ -767,20 +768,20 @@ SMTP(8) SMTP(8)
The process name of a Postfix command or daemon process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail system receives
The network interface addresses that this mail system receives
mail on by way of a proxy or network address translation unit.
<b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
client will try first, when a destination has IPv6 and IPv4
client will try first, when a destination has IPv6 and IPv4
addresses with equal MX preference.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
An optional numerical network address that the Postfix SMTP
An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv4 connection.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
An optional numerical network address that the Postfix SMTP
An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv6 connection.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
@ -800,8 +801,8 @@ SMTP(8) SMTP(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available with Postfix 2.2 and earlier:

15
postfix/html/virtual.8.html
View File

@ -263,9 +263,10 @@ VIRTUAL(8) VIRTUAL(8)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#virtual_bounce_defer_filter">virtual_bounce_defer_filter</a> ($<a href="postconf.5.html#default_bounce_defer_filter">default_bounce_defer_filter</a>)</b>
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent.
<b><a href="postconf.5.html#virtual_delivery_status_filter">virtual_delivery_status_filter</a> ($<a href="postconf.5.html#default_delivery_status_filter">default_delivery_status_filter</a>)</b>
Optional filter for the <a href="virtual.8.html"><b>virtual</b>(8)</a> delivery agent to change the
delivery status code or explanatory text of successful or unsuc-
cessful deliveries.
<b>SEE ALSO</b>
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
@ -282,15 +283,15 @@ VIRTUAL(8) VIRTUAL(8)
The Secure Mailer license must be distributed with this software.
<b>HISTORY</b>
This delivery agent was originally based on the Postfix local delivery
agent. Modifications mainly consisted of removing code that either was
This delivery agent was originally based on the Postfix local delivery
agent. Modifications mainly consisted of removing code that either was
not applicable or that was not safe in this context: aliases,
~user/.forward files, delivery to "|command" or to /file/name.
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> system by Daniel
The <b>Delivered-To:</b> message header appears in the <b>qmail</b> system by Daniel
Bernstein.
The <b>maildir</b> structure appears in the <b>qmail</b> system by Daniel Bernstein.
The <b>maildir</b> structure appears in the <b>qmail</b> system by Daniel Bernstein.
<b>AUTHOR(S)</b>
Wietse Venema

214
postfix/man/man5/postconf.5
View File

@ -1021,71 +1021,6 @@ debugger_command =
.fi
.ad
.ft R
.SH default_bounce_defer_filter (default: empty)
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa. This is implemented by rewriting the
three-number enhanced status code and the explanatory text in a
Postfix delivery agent bounce/defer message.
.PP
Specify zero or more "type:table" lookup table names, separated
by comma or whitespace. With each bounce or defer request, the
tables are queried in the specified order with one line of text
that is structured as follows:
.sp
.in +4
enhanced-status-code SPACE explanatory-text
.in -4
.PP
The first table match wins. The lookup result must have the
same structure as the query: enhanced status codes must have a
first numerical field of 4 (defer) or 5 (bounce), and the explanatory
text field must be non-empty. Other results will result in a warning.
.PP
Example:
.PP
The following example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/main.cf:
smtp_bounce_defer_filter = pcre:/etc/postfix/smtp_ndr_filter
.fi
.ad
.ft R
.in -4
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/smtp_ndr_filter:
/^4(\e.\ed+\e.\ed+ TLS is required, but host \eS+ refused to start TLS: .+)/
5$1
/^4(\e.\ed+\e.\ed+ TLS is required, but was not offered by host .+)/
5$1
# Do not change the following into hard bounces. They may
# result from a local configuration problem.
# 4.\ed+.\ed+ TLS is required, but our TLS engine is unavailable
# 4.\ed+.\ed+ TLS is required, but unavailable
# 4.\ed+.\ed+ Cannot start TLS: handshake failure
.fi
.ad
.ft R
.in -4
.PP
Notes:
.IP \(bu
This feature will NOT override the soft_bounce safety net.
.IP \(bu
This feature will change the enhanced status code and text
that is logged to the maillog file, and that is reported to the
sender.
.br
.PP
This feature is available in Postfix 2.12 and later.
.SH default_database_type (default: see "postconf -d" output)
The default database type for use in \fBnewaliases\fR(1), \fBpostalias\fR(1)
and \fBpostmap\fR(1) commands. On many UNIX systems the default type is
@ -1173,6 +1108,98 @@ another preemption can take place later.
Use \fItransport\fR_delivery_slot_loan to specify a
transport-specific override, where \fItransport\fR is the master.cf
name of the message delivery transport.
.SH default_delivery_status_filter (default: empty)
Optional filter to replace the delivery status code or explanatory
text of successful or unsuccessful deliveries. This does, however,
not allow the replacement of a successful status code (2.X.X) with
an unsuccessful status code (4.X.X or 5.X.X) or vice versa.
.PP
Specify zero or more "type:table" lookup table names, separated
by comma or whitespace. With each bounce or defer request, the
tables are queried in the specified order with one line of text
that is structured as follows:
.sp
.in +4
enhanced-status-code SPACE explanatory-text
.in -4
.PP
The first table match wins. The lookup result must have the
same structure as the query, a successful status code (2.X.X) must
be replaced with a successful status code, an unsuccessful status
code (4.X.X or 5.X.X) must be replaced with an unsuccessful status
code, and the explanatory text field must be non-empty. Other results
will result in a warning.
.PP
Example 1: convert specific soft TLS errors into hard errors,
by overriding the first number in the enhanced status code.
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/main.cf:
smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
.fi
.ad
.ft R
.in -4
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/smtp_dsn_filter:
/^4(\e.\ed+\e.\ed+ TLS is required, but host \eS+ refused to start TLS: .+)/
5$1
/^4(\e.\ed+\e.\ed+ TLS is required, but was not offered by host .+)/
5$1
# Do not change the following into hard bounces. They may
# result from a local configuration problem.
# 4.\ed+.\ed+ TLS is required, but our TLS engine is unavailable
# 4.\ed+.\ed+ TLS is required, but unavailable
# 4.\ed+.\ed+ Cannot start TLS: handshake failure
.fi
.ad
.ft R
.in -4
.PP
Example 2: censor the per-recipient delivery status text so
that it does not not reveal the destination command or filename
when a remote sender requests confirmation of successful delivery.
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/main.cf:
local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
.fi
.ad
.ft R
.in -4
.sp
.in +4
.nf
.na
.ft C
/etc/postfix/local_dsn_filter:
/^(2\eS+ delivered to file).+/ $1
/^(2\eS+ delivered to command).+/ $1
.fi
.ad
.ft R
.in -4
.PP
Notes:
.IP \(bu
This feature will NOT override the soft_bounce safety net.
.IP \(bu
This feature will change the enhanced status code and text
that is logged to the maillog file, and that is reported to the
sender in delivery confirmation or non-delivery notifications.
.br
.PP
This feature is available in Postfix 2.12 and later.
.SH default_destination_concurrency_failed_cohort_limit (default: 1)
How many pseudo-cohorts must suffer connection or handshake
failure before a specific destination is considered unavailable
@ -2340,11 +2367,6 @@ The LMTP-specific version of the smtp_body_checks configuration
parameter. See there for details.
.PP
This feature is available in Postfix 2.5 and later.
.SH lmtp_bounce_defer_filter (default: empty)
The LMTP-specific version of the smtp_bounce_defer_filter
configuration parameter. See there for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH lmtp_cache_connection (default: yes)
Keep Postfix LMTP client connections open for up to $max_idle
seconds. When the LMTP client receives a request for the same
@ -2454,6 +2476,11 @@ The LMTP-specific version of the smtp_defer_if_no_mx_address_found
configuration parameter. See there for details.
.PP
This feature is available in Postfix 2.3 and later.
.SH lmtp_delivery_status_filter (default: empty)
The LMTP-specific version of the smtp_delivery_status_filter
configuration parameter. See there for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH lmtp_destination_concurrency_limit (default: $default_destination_concurrency_limit)
The maximal number of parallel deliveries to the same destination
via the lmtp message delivery transport. This limit is enforced by
@ -2929,12 +2956,6 @@ Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
The default time unit is s (seconds).
.PP
This feature is available in Postfix 2.1 and later.
.SH local_bounce_defer_filter (default: $default_bounce_defer_filter)
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBlocal\fR(8) delivery agent. See
default_bounce_defer_filter for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH local_command_shell (default: empty)
Optional shell program for \fBlocal\fR(8) delivery to non-Postfix command.
By default, non-Postfix commands are executed directly; commands
@ -2959,6 +2980,12 @@ local_command_shell = /bin/bash -c
.fi
.ad
.ft R
.SH local_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the \fBlocal\fR(8) delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH local_destination_concurrency_limit (default: 2)
The maximal number of parallel deliveries via the local mail
delivery transport to the same recipient (when
@ -4173,10 +4200,10 @@ The name of the \fBpickup\fR(8) service. This service picks up local mail
submissions from the Postfix maildrop queue.
.PP
This feature is available in Postfix 2.0 and later.
.SH pipe_bounce_defer_filter (default: $default_bounce_defer_filter)
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBpipe\fR(8) delivery agent. See
default_bounce_defer_filter for details.
.SH pipe_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the \fBpipe\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH plaintext_reject_code (default: 450)
@ -5852,16 +5879,6 @@ These tables are searched while mail is being delivered. Actions
that change the delivery time or destination are not available.
.PP
This feature is available in Postfix 2.5 and later.
.SH smtp_bounce_defer_filter (default: $default_bounce_defer_filter)
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBsmtp\fR(8) delivery agent. See
default_bounce_defer_filter for details.
.PP
NOTE: This feature modifies error messages that are generated
by the Postfix SMTP client, and that may or may not be derived from
remote SMTP server responses. In contrast, the smtp_reply_filter
feature modifies remote SMTP server responses that may result in
email non-delivery or delivery.
.SH smtp_cname_overrides_servername (default: version dependent)
When the remote SMTP servername is a DNS CNAME, replace the
servername with the result from CNAME expansion for the purpose of
@ -6027,6 +6044,15 @@ or worse preference
than the local MTA itself.
.PP
This feature is available in Postfix 2.1 and later.
.SH smtp_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the \fBsmtp\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details.
.PP
NOTE: This feature modifies Postfix SMTP client error or non-error
messages that may or may not be derived from remote SMTP server
responses. In contrast, the smtp_reply_filter feature modifies
remote SMTP server responses only.
.SH smtp_destination_concurrency_limit (default: $default_destination_concurrency_limit)
The maximal number of parallel deliveries to the same destination
via the smtp message delivery transport. This limit is enforced by
@ -12338,10 +12364,10 @@ reach the sum of the expansion and recursion limits. This may
change in the future.
.PP
This feature is available in Postfix 2.1 and later.
.SH virtual_bounce_defer_filter (default: $default_bounce_defer_filter)
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBvirtual\fR(8) delivery agent. See
default_bounce_defer_filter for details.
.SH virtual_delivery_status_filter (default: $default_delivery_status_filter)
Optional filter for the \fBvirtual\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details.
.PP
This feature is available in Postfix 2.12 and later.
.SH virtual_destination_concurrency_limit (default: $default_destination_concurrency_limit)

7
postfix/man/man8/local.8
View File

@ -421,9 +421,10 @@ attribute, when delivering mail to a child alias that does not have
its own owner alias.
.PP
Available in Postfix version 2.12 and later:
.IP "\fBlocal_bounce_defer_filter ($default_bounce_defer_filter)\fR"
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBlocal\fR(8) delivery agent.
.IP "\fBlocal_delivery_status_filter ($default_delivery_status_filter)\fR"
Optional filter for the \fBlocal\fR(8) delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries.
.SH "DELIVERY METHOD CONTROLS"
.na
.nf

7
postfix/man/man8/pipe.8
View File

@ -426,9 +426,10 @@ The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.PP
Available in Postfix version 2.12 and later:
.IP "\fBpipe_bounce_defer_filter ($default_bounce_defer_filter)\fR"
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBpipe\fR(8) delivery agent.
.IP "\fBpipe_delivery_status_filter ($default_delivery_status_filter)\fR"
Optional filter for the \fBpipe\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries.
.SH "SEE ALSO"
.na
.nf

7
postfix/man/man8/smtp.8
View File

@ -276,9 +276,10 @@ Available in Postfix version 2.11 and later:
Level of DNS support in the Postfix SMTP client.
.PP
Available in Postfix version 2.12 and later:
.IP "\fBsmtp_bounce_defer_filter ($default_bounce_defer_filter)\fR"
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBsmtp\fR(8) delivery agent.
.IP "\fBsmtp_delivery_status_filter ($default_delivery_status_filter)\fR"
Optional filter for the \fBsmtp\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries.
.SH "MIME PROCESSING CONTROLS"
.na
.nf

7
postfix/man/man8/virtual.8
View File

@ -283,9 +283,10 @@ The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.PP
Available in Postfix version 2.12 and later:
.IP "\fBvirtual_bounce_defer_filter ($default_bounce_defer_filter)\fR"
Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the \fBvirtual\fR(8) delivery agent.
.IP "\fBvirtual_delivery_status_filter ($default_delivery_status_filter)\fR"
Optional filter for the \fBvirtual\fR(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries.
.SH "SEE ALSO"
.na
.nf

12
postfix/mantools/postlink
View File

@ -133,7 +133,7 @@ while (<>) {
s;\bdaemon_timeout\b;<a href="postconf.5.html#daemon_timeout">$&</a>;g;
s;\bdebug_peer_level\b;<a href="postconf.5.html#debug_peer_level">$&</a>;g;
s;\bdebug_peer_list\b;<a href="postconf.5.html#debug_peer_list">$&</a>;g;
s;\bdefault_bounce_defer_filter\b;<a href="postconf.5.html#default_bounce_defer_filter">$&</a>;g;
s;\bdefault_delivery_status_filter\b;<a href="postconf.5.html#default_delivery_status_filter">$&</a>;g;
s;\bdefault_data[-</Bb>]*\n* *[<Bb>]*base_type\b;<a href="postconf.5.html#default_database_type">$&</a>;g;
s;\bdefault_deliv[-</Bb>]*\n* *[<Bb>]*ery_slot_cost\b;<a href="postconf.5.html#default_delivery_slot_cost">$&</a>;g;
s;\bdefault_deliv[-</Bb>]*\n* *[<Bb>]*ery_slot_discount\b;<a href="postconf.5.html#default_delivery_slot_discount">$&</a>;g;
@ -213,7 +213,7 @@ while (<>) {
s;\blmtp_address_preference\b;<a href="postconf.5.html#lmtp_address_preference">$&</a>;g;
s;\blmtp_body_checks\b;<a href="postconf.5.html#lmtp_body_checks">$&</a>;g;
s;\blmtp_cname_overrides_servername\b;<a href="postconf.5.html#lmtp_cname_overrides_servername">$&</a>;g;
s;\blmtp_bounce_defer_filter\b;<a href="postconf.5.html#lmtp_bounce_defer_filter">$&</a>;g;
s;\blmtp_delivery_status_filter\b;<a href="postconf.5.html#lmtp_delivery_status_filter">$&</a>;g;
s;\blmtp_dns_resolver_options\b;<a href="postconf.5.html#lmtp_dns_resolver_options">$&</a>;g;
s;\blmtp_dns_support_level\b;<a href="postconf.5.html#lmtp_dns_support_level">$&</a>;g;
s;\blmtp_header_checks\b;<a href="postconf.5.html#lmtp_header_checks">$&</a>;g;
@ -307,7 +307,7 @@ while (<>) {
s;\blmtp_skip_quit_response\b;<a href="postconf.5.html#lmtp_skip_quit_response">$&</a>;g;
s;\blmtp_tcp_port\b;<a href="postconf.5.html#lmtp_tcp_port">$&</a>;g;
s;\blmtp_xforward_timeout\b;<a href="postconf.5.html#lmtp_xforward_timeout">$&</a>;g;
s;\blocal_bounce_defer_filter\b;<a href="postconf.5.html#local_bounce_defer_filter">$&</a>;g;
s;\blocal_delivery_status_filter\b;<a href="postconf.5.html#local_delivery_status_filter">$&</a>;g;
s;\blocal_command_shell\b;<a href="postconf.5.html#local_command_shell">$&</a>;g;
s;\blocal_destina[-</bB>]*\n* *[<bB>]*tion_concurrency_limit\b;<a href="postconf.5.html#local_destination_concurrency_limit">$&</a>;g;
s;\blocal_destina[-</bB>]*\n* *[<bB>]*tion_recip[-</bB>]*\n* *[<bB>]*ient_limit\b;<a href="postconf.5.html#local_destination_recipient_limit">$&</a>;g;
@ -360,7 +360,7 @@ while (<>) {
s;\bpar[-</bB>]*\n* *[<bB>]*ent_domain_matches_subdomains\b;<a href="postconf.5.html#parent_domain_matches_subdomains">$&</a>;g;
s;\bpermit_mx_backup_networks\b;<a href="postconf.5.html#permit_mx_backup_networks">$&</a>;g;
s;\bpickup_service_name\b;<a href="postconf.5.html#pickup_service_name">$&</a>;g;
s;\bpipe_bounce_defer_filter\b;<a href="postconf.5.html#pipe_bounce_defer_filter">$&</a>;g;
s;\bpipe_delivery_status_filter\b;<a href="postconf.5.html#pipe_delivery_status_filter">$&</a>;g;
s;\bplaintext_reject_code\b;<a href="postconf.5.html#plaintext_reject_code">$&</a>;g;
s;\bpost[-</bB>]*\n* *[<bB>]*multi_start_commands\b;<a href="postconf.5.html#postmulti_start_commands">$&</a>;g;
s;\bpost[-</bB>]*\n* *[<bB>]*multi_stop_commands\b;<a href="postconf.5.html#postmulti_stop_commands">$&</a>;g;
@ -455,7 +455,7 @@ while (<>) {
s;\bsmtp_connection_cache_time_limit\b;<a href="postconf.5.html#smtp_connection_cache_time_limit">$&</a>;g;
s;\bsmtp_connection_cache_destinations\b;<a href="postconf.5.html#smtp_connection_cache_destinations">$&</a>;g;
s;\bsmtp_bounce_defer_filter\b;<a href="postconf.5.html#smtp_bounce_defer_filter">$&</a>;g;
s;\bsmtp_delivery_status_filter\b;<a href="postconf.5.html#smtp_delivery_status_filter">$&</a>;g;
s;\bsmtp_data_done_timeout\b;<a href="postconf.5.html#smtp_data_done_timeout">$&</a>;g;
s;\bsmtp_data_init_timeout\b;<a href="postconf.5.html#smtp_data_init_timeout">$&</a>;g;
s;\bsmtp_data_xfer_timeout\b;<a href="postconf.5.html#smtp_data_xfer_timeout">$&</a>;g;
@ -606,7 +606,7 @@ while (<>) {
s;\bvir[-</bB>]*\n*[ <bB>]*tual_alias_maps\b;<a href="postconf.5.html#virtual_alias_maps">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_maps\b;<a href="postconf.5.html#virtual_maps">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_alias_recursion_limit\b;<a href="postconf.5.html#virtual_alias_recursion_limit">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_bounce_defer_filter\b;<a href="postconf.5.html#virtual_bounce_defer_filter">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_delivery_status_filter\b;<a href="postconf.5.html#virtual_delivery_status_filter">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_gid_maps\b;<a href="postconf.5.html#virtual_gid_maps">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_mail[-</bB>]*\n* *[<bB>]*box_base\b;<a href="postconf.5.html#virtual_mailbox_base">$&</a>;g;
s;\bvir[-</bB>]*\n*[ <bB>]*tual_mail[-</bB>]*\n* *[<bB>]*box_domains\b;<a href="postconf.5.html#virtual_mailbox_domains">$&</a>;g;

98
postfix/proto/postconf.proto
View File

@ -15616,12 +15616,12 @@ anchor assertion) TLSA records. </p>
<p> This feature is available in Postfix 2.11 and later. </p>
%PARAM default_bounce_defer_filter
%PARAM default_delivery_status_filter
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa. This is implemented by rewriting the
three-number enhanced status code and the explanatory text in a
Postfix delivery agent bounce/defer message. </p>
<p> Optional filter to replace the delivery status code or explanatory
text of successful or unsuccessful deliveries. This does, however,
not allow the replacement of a successful status code (2.X.X) with
an unsuccessful status code (4.X.X or 5.X.X) or vice versa. </p>
<p> Specify zero or more "type:table" lookup table names, separated
by comma or whitespace. With each bounce or defer request, the
@ -15633,27 +15633,25 @@ enhanced-status-code SPACE explanatory-text
</blockquote>
<p> The first table match wins. The lookup result must have the
same structure as the query: enhanced status codes must have a
first numerical field of 4 (defer) or 5 (bounce), and the explanatory
text field must be non-empty. Other results will result in a warning.
</p>
same structure as the query, a successful status code (2.X.X) must
be replaced with a successful status code, an unsuccessful status
code (4.X.X or 5.X.X) must be replaced with an unsuccessful status
code, and the explanatory text field must be non-empty. Other results
will result in a warning. </p>
<p> Example: </p>
<p> The following example turns specific soft TLS errors into hard
errors, by overriding the first number in the enhanced status code.
</p>
<p> Example 1: convert specific soft TLS errors into hard errors,
by overriding the first number in the enhanced status code. </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
smtp_bounce_defer_filter = pcre:/etc/postfix/smtp_ndr_filter
smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/smtp_ndr_filter:
/etc/postfix/smtp_dsn_filter:
/^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS: .+)/
5$1
/^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
@ -15666,6 +15664,26 @@ errors, by overriding the first number in the enhanced status code.
</pre>
</blockquote>
<p> Example 2: censor the per-recipient delivery status text so
that it does not not reveal the destination command or filename
when a remote sender requests confirmation of successful delivery.
</p>
<blockquote>
<pre>
/etc/postfix/main.cf:
local_delivery_status_filter = pcre:/etc/postfix/local_dsn_filter
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/local_dsn_filter:
/^(2\S+ delivered to file).+/ $1
/^(2\S+ delivered to command).+/ $1
</pre>
</blockquote>
<p> Notes: </p>
<ul>
@ -15674,51 +15692,51 @@ errors, by overriding the first number in the enhanced status code.
<li> <p> This feature will change the enhanced status code and text
that is logged to the maillog file, and that is reported to the
sender. </p>
sender in delivery confirmation or non-delivery notifications.
</p>
</ul>
<p> This feature is available in Postfix 2.12 and later. </p>
%PARAM smtp_bounce_defer_filter $default_bounce_defer_filter
%PARAM smtp_delivery_status_filter $default_delivery_status_filter
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the smtp(8) delivery agent. See
default_bounce_defer_filter for details. </p>
<p> Optional filter for the smtp(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details. </p>
<p> NOTE: This feature modifies error messages that are generated
by the Postfix SMTP client, and that may or may not be derived from
remote SMTP server responses. In contrast, the smtp_reply_filter
feature modifies remote SMTP server responses that may result in
email non-delivery or delivery. </p>
<p> NOTE: This feature modifies Postfix SMTP client error or non-error
messages that may or may not be derived from remote SMTP server
responses. In contrast, the smtp_reply_filter feature modifies
remote SMTP server responses only. </p>
%PARAM lmtp_bounce_defer_filter
%PARAM lmtp_delivery_status_filter
<p> The LMTP-specific version of the smtp_bounce_defer_filter
<p> The LMTP-specific version of the smtp_delivery_status_filter
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
%PARAM pipe_bounce_defer_filter $default_bounce_defer_filter
%PARAM pipe_delivery_status_filter $default_delivery_status_filter
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the pipe(8) delivery agent. See
default_bounce_defer_filter for details. </p>
<p> Optional filter for the pipe(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
%PARAM virtual_bounce_defer_filter $default_bounce_defer_filter
%PARAM virtual_delivery_status_filter $default_delivery_status_filter
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the virtual(8) delivery agent. See
default_bounce_defer_filter for details. </p>
<p> Optional filter for the virtual(8) delivery agent to change the
delivery status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
%PARAM local_bounce_defer_filter $default_bounce_defer_filter
%PARAM local_delivery_status_filter $default_delivery_status_filter
<p> Optional filter to change arbitrary hard delivery errors into
soft errors and vice versa in the local(8) delivery agent. See
default_bounce_defer_filter for details. </p>
<p> Optional filter for the local(8) delivery agent to change the
status code or explanatory text of successful or unsuccessful
deliveries. See default_delivery_status_filter for details. </p>
<p> This feature is available in Postfix 2.12 and later. </p>

38
postfix/src/global/Makefile.in
View File

@ -32,7 +32,7 @@ SRCS = abounce.c anvil_clnt.c been_here.c bounce.c bounce_log.c \
match_service.c mail_conf_nint.c addr_match_list.c mail_conf_nbool.c \
smtp_reply_footer.c safe_ultostr.c verify_sender_addr.c \
dict_memcache.c mail_version.c memcache_proto.c server_acl.c \
mkmap_fail.c haproxy_srvr.c ndr_filter.c
mkmap_fail.c haproxy_srvr.c dsn_filter.c
OBJS = abounce.o anvil_clnt.o been_here.o bounce.o bounce_log.o \
canon_addr.o cfg_parser.o cleanup_strerror.o cleanup_strflags.o \
clnt_stream.o conv_time.o db_common.o debug_peer.o debug_process.o \
@ -66,7 +66,7 @@ OBJS = abounce.o anvil_clnt.o been_here.o bounce.o bounce_log.o \
match_service.o mail_conf_nint.o addr_match_list.o mail_conf_nbool.o \
smtp_reply_footer.o safe_ultostr.o verify_sender_addr.o \
dict_memcache.o mail_version.o memcache_proto.o server_acl.o \
mkmap_fail.o haproxy_srvr.o ndr_filter.o
mkmap_fail.o haproxy_srvr.o dsn_filter.o
HDRS = abounce.h anvil_clnt.h been_here.h bounce.h bounce_log.h \
canon_addr.h cfg_parser.h cleanup_user.h clnt_stream.h config.h \
conv_time.h db_common.h debug_peer.h debug_process.h defer.h \
@ -93,7 +93,7 @@ HDRS = abounce.h anvil_clnt.h been_here.h bounce.h bounce_log.h \
fold_addr.h header_body_checks.h data_redirect.h match_service.h \
addr_match_list.h smtp_reply_footer.h safe_ultostr.h \
verify_sender_addr.h dict_memcache.h memcache_proto.h server_acl.h \
haproxy_srvr.h ndr_filter.h
haproxy_srvr.h dsn_filter.h
TESTSRC = rec2stream.c stream2rec.c recdump.c
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
CFLAGS = $(DEBUG) $(OPT) $(DEFS)
@ -666,7 +666,7 @@ bounce.o: log_adhoc.h
bounce.o: mail_params.h
bounce.o: mail_proto.h
bounce.o: msg_stats.h
bounce.o: ndr_filter.h
bounce.o: dsn_filter.h
bounce.o: rcpt_print.h
bounce.o: recipient_list.h
bounce.o: trace.h
@ -812,7 +812,7 @@ defer.o: mail_params.h
defer.o: mail_proto.h
defer.o: mail_queue.h
defer.o: msg_stats.h
defer.o: ndr_filter.h
defer.o: dsn_filter.h
defer.o: rcpt_print.h
defer.o: recipient_list.h
defer.o: trace.h
@ -1806,20 +1806,20 @@ namadr_list.o: ../../include/match_list.h
namadr_list.o: ../../include/sys_defs.h
namadr_list.o: namadr_list.c
namadr_list.o: namadr_list.h
ndr_filter.o: ../../include/argv.h
ndr_filter.o: ../../include/dict.h
ndr_filter.o: ../../include/msg.h
ndr_filter.o: ../../include/myflock.h
ndr_filter.o: ../../include/mymalloc.h
ndr_filter.o: ../../include/sys_defs.h
ndr_filter.o: ../../include/vbuf.h
ndr_filter.o: ../../include/vstream.h
ndr_filter.o: ../../include/vstring.h
ndr_filter.o: dsn.h
ndr_filter.o: dsn_util.h
ndr_filter.o: maps.h
ndr_filter.o: ndr_filter.c
ndr_filter.o: ndr_filter.h
dsn_filter.o: ../../include/argv.h
dsn_filter.o: ../../include/dict.h
dsn_filter.o: ../../include/msg.h
dsn_filter.o: ../../include/myflock.h
dsn_filter.o: ../../include/mymalloc.h
dsn_filter.o: ../../include/sys_defs.h
dsn_filter.o: ../../include/vbuf.h
dsn_filter.o: ../../include/vstream.h
dsn_filter.o: ../../include/vstring.h
dsn_filter.o: dsn.h
dsn_filter.o: dsn_util.h
dsn_filter.o: maps.h
dsn_filter.o: dsn_filter.c
dsn_filter.o: dsn_filter.h
off_cvt.o: ../../include/msg.h
off_cvt.o: ../../include/sys_defs.h
off_cvt.o: ../../include/vbuf.h

18
postfix/src/global/bounce.c
View File

@ -53,7 +53,7 @@
/* const char *title;
/* const char *maps;
/* INTERNAL API
/* NDR_FILTER *bounce_defer_filter;
/* DSN_FILTER *delivery_status_filter;
/*
/* int bounce_append_intern(flags, id, stats, recipient, relay, dsn)
/* int flags;
@ -181,7 +181,7 @@
/* Global library. */
#define BOUNCE_DEFER_INTERN
#define DSN_INTERN
#include <mail_params.h>
#include <mail_proto.h>
#include <log_adhoc.h>
@ -195,7 +195,7 @@
/* Shared internally, between bounce and defer clients. */
NDR_FILTER *bounce_defer_filter;
DSN_FILTER *delivery_status_filter;
/* bounce_append - append delivery status to per-message bounce log */
@ -218,8 +218,8 @@ int bounce_append(int flags, const char *id, MSG_STATS *stats,
/*
* DSN filter (Postfix 2.12).
*/
if (bounce_defer_filter != 0
&& (dsn_res = ndr_filter_lookup(bounce_defer_filter, &my_dsn)) != 0) {
if (delivery_status_filter != 0
&& (dsn_res = dsn_filter_lookup(delivery_status_filter, &my_dsn)) != 0) {
if (dsn_res->status[0] == '4')
return (defer_append_intern(flags, id, stats, rcpt, relay, dsn_res));
my_dsn = *dsn_res;
@ -406,8 +406,8 @@ int bounce_one(int flags, const char *queue, const char *id,
/*
* DSN filter (Postfix 2.12).
*/
if (bounce_defer_filter != 0
&& (dsn_res = ndr_filter_lookup(bounce_defer_filter, &my_dsn)) != 0) {
if (delivery_status_filter != 0
&& (dsn_res = dsn_filter_lookup(delivery_status_filter, &my_dsn)) != 0) {
if (dsn_res->status[0] == '4')
return (defer_append_intern(flags, id, stats, rcpt, relay, dsn_res));
my_dsn = *dsn_res;
@ -508,8 +508,8 @@ void bounce_client_init(const char *title, const char *maps)
{
const char myname[] = "bounce_client_init";
if (bounce_defer_filter != 0)
if (delivery_status_filter != 0)
msg_panic("%s: duplicate initialization", myname);
if (*maps)
bounce_defer_filter = ndr_filter_create(title, maps);
delivery_status_filter = dsn_filter_create(title, maps);
}

6
postfix/src/global/bounce.h
View File

@ -70,11 +70,11 @@ extern void bounce_client_init(const char *, const char *);
* Start of private API.
*/
#ifdef BOUNCE_DEFER_INTERN
#ifdef DSN_INTERN
#include <ndr_filter.h>
#include <dsn_filter.h>
extern NDR_FILTER *bounce_defer_filter;
extern DSN_FILTER *delivery_status_filter;
extern int bounce_append_intern(int, const char *, MSG_STATS *, RECIPIENT *,
const char *, DSN *);

12
postfix/src/global/defer.c
View File

@ -77,7 +77,7 @@
/* question has been deferred. The defer log is not deleted,
/* and no recipients are deleted from the original queue file.
/*
/* defer_one() implements ndr_filter(3) compatibility for the
/* defer_one() implements dsn_filter(3) compatibility for the
/* bounce_one() routine.
/*
/* defer_append_intern() is for use after the DSN filter.
@ -160,7 +160,7 @@
/* Global library. */
#define BOUNCE_DEFER_INTERN
#define DSN_INTERN
#include <mail_params.h>
#include <mail_queue.h>
#include <mail_proto.h>
@ -195,8 +195,8 @@ int defer_append(int flags, const char *id, MSG_STATS *stats,
/*
* DSN filter (Postfix 2.12).
*/
if (bounce_defer_filter != 0
&& (dsn_res = ndr_filter_lookup(bounce_defer_filter, &my_dsn)) != 0) {
if (delivery_status_filter != 0
&& (dsn_res = dsn_filter_lookup(delivery_status_filter, &my_dsn)) != 0) {
if (dsn_res->status[0] == '5')
return (bounce_append_intern(flags, id, stats, rcpt, relay, dsn_res));
my_dsn = *dsn_res;
@ -351,8 +351,8 @@ int defer_one(int flags, const char *queue, const char *id,
/*
* DSN filter (Postfix 2.12).
*/
if (bounce_defer_filter != 0
&& (dsn_res = ndr_filter_lookup(bounce_defer_filter, &my_dsn)) != 0) {
if (delivery_status_filter != 0
&& (dsn_res = dsn_filter_lookup(delivery_status_filter, &my_dsn)) != 0) {
if (dsn_res->status[0] == '5')
return (bounce_one_intern(flags, queue, id, encoding, sender,
dsn_envid, dsn_ret, stats, rcpt,

2
postfix/src/global/defer.h
View File

@ -33,7 +33,7 @@ extern int defer_one(int, const char *, const char *, const char *,
/*
* Start of private API.
*/
#ifdef BOUNCE_DEFER_INTERN
#ifdef DSN_INTERN
extern int defer_append_intern(int, const char *, MSG_STATS *, RECIPIENT *,
const char *, DSN *);

192
postfix/src/global/dsn_filter.c Normal file
View File

@ -0,0 +1,192 @@
/*++
/* NAME
/* dsn_filter 3
/* SUMMARY
/* filter DSN status or text
/* SYNOPSIS
/* #include <dsn_filter.h>
/*
/* DSN_FILTER *dsn_filter_create(
/* const char *title,
/* const char *map_names)
/*
/* DSN *dsn_filter_lookup(
/* DSN_FILTER *fp,
/* DSN *dsn)
/*
/* void dsn_free(
/* DSN_FILTER *fp)
/* DESCRIPTION
/* This module maps (bounce or defer non-delivery status code
/* and text) into replacement (bounce or defer non-delivery
/* status code and text), or maps (success status code and
/* text) into replacement (success status code and text). Other
/* DSN attributes are passed through without modification.
/*
/* dsn_filter_create() instantiates a DSN filter.
/*
/* dsn_filter_lookup() queries the specified filter. The input
/* DSN must be a success, bounce or defer DSN. If a match is
/* found a non-delivery status must map to a non-delivery
/* status, a success status must map to a success status, and
/* the text must be non-empty. The result is a null pointer
/* when no valid match is found. Otherwise, the result is
/* overwritten upon each call. This function must not be
/* called with the result from a dsn_filter_lookup() call.
/*
/* dsn_free() destroys the specified DSN filter.
/*
/* Arguments:
/* .IP title
/* Origin of the mapnames argument, typically a configuration
/* parameter name. This is reported in diagnostics.
/* .IP mapnames
/* List of lookup tables, separated by whitespace or comma.
/* .IP fp
/* filter created with dsn_filter_create()
/* .IP dsn
/* A success, bounce or defer DSN data structure. The
/* dsn_filter_lookup() result value is in part a shallow copy
/* of this argument.
/* SEE ALSO
/* maps(3) multi-table search
/* DIAGNOSTICS
/* Panic: invalid dsn argument; recursive call. Fatal error:
/* memory allocation problem. Warning: invalid DSN lookup
/* result.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/*
* System libraries.
*/
#include <sys_defs.h>
/*
* Utility library.
*/
#include <msg.h>
#include <mymalloc.h>
#include <vstring.h>
/*
* Global library.
*/
#include <maps.h>
#include <dsn.h>
#include <dsn_util.h>
#include <maps.h>
#include <dsn_filter.h>
/*
* Private data structure.
*/
struct DSN_FILTER {
MAPS *maps; /* Replacement (status, text) */
VSTRING *buffer; /* Status code and text */
DSN_SPLIT dp; /* Parsing aid */
DSN dsn; /* Shallow copy */
};
/*
* SLMs.
*/
#define STR(x) vstring_str(x)
/* dsn_filter_create - create bounce/defer NDR filter */
DSN_FILTER *dsn_filter_create(const char *title, const char *map_names)
{
const char myname[] = "dsn_filter_create";
DSN_FILTER *fp;
if (msg_verbose)
msg_info("%s: %s %s", myname, title, map_names);
fp = (DSN_FILTER *) mymalloc(sizeof(*fp));
fp->buffer = vstring_alloc(100);
fp->maps = maps_create(title, map_names, DICT_FLAG_LOCK);
return (fp);
}
/* dsn_filter_lookup - apply bounce/defer NDR filter */
DSN *dsn_filter_lookup(DSN_FILTER *fp, DSN *dsn)
{
const char myname[] = "dsn_filter_lookup";
const char *result;
int ndr_dsn = 0;
if (msg_verbose)
msg_info("%s: %s %s", myname, dsn->status, dsn->reason);
/*
* XXX Instead of hard-coded '4' etc., use some form of encapsulation
* when reading or updating the status class field.
*/
#define IS_SUCCESS_DSN(s) (dsn_valid(s) && (s)[0] == '2')
#define IS_NDR_DSN(s) (dsn_valid(s) && ((s)[0] == '4' || (s)[0] == '5'))
/*
* Sanity check. We filter only success/bounce/defer DSNs.
*/
if (IS_SUCCESS_DSN(dsn->status))
ndr_dsn = 0;
else if (IS_NDR_DSN(dsn->status))
ndr_dsn = 1;
else
msg_panic("%s: dsn argument with bad status code: %s",
myname, dsn->status);
/*
* Sanity check. A DSN filter must not be invoked with its own result.
*/
if (dsn->reason == fp->dsn.reason)
msg_panic("%s: recursive call is not allowed", myname);
/*
* Look up replacement status and text.
*/
vstring_sprintf(fp->buffer, "%s %s", dsn->status, dsn->reason);
if ((result = maps_find(fp->maps, STR(fp->buffer), 0)) != 0) {
/* Sanity check. Do not allow success<=>error mappings. */
if ((ndr_dsn == 0 && !IS_SUCCESS_DSN(result))
|| (ndr_dsn != 0 && !IS_NDR_DSN(result))) {
msg_warn("%s: bad status code: %s", fp->maps->title, result);
return (0);
} else {
vstring_strcpy(fp->buffer, result);
dsn_split(&fp->dp, "can't happen", STR(fp->buffer));
(void) DSN_ASSIGN(&fp->dsn, DSN_STATUS(fp->dp.dsn),
(result[0] == '4' ? "delayed" :
result[0] == '5' ? "failed" :
dsn->action),
fp->dp.text, dsn->dtype, dsn->dtext,
dsn->mtype, dsn->mname);
return (&fp->dsn);
}
}
return (0);
}
/* dsn_filter_free - destroy bounce/defer NDR filter */
void dsn_filter_free(DSN_FILTER *fp)
{
const char myname[] = "dsn_filter_free";
if (msg_verbose)
msg_info("%s: %s", myname, fp->maps->title);
maps_free(fp->maps);
vstring_free(fp->buffer);
myfree((char *) fp);
}

16
postfix/src/global/ndr_filter.h → postfix/src/global/dsn_filter.h
View File

@ -1,24 +1,24 @@
#ifndef _NDR_FILTER_H_INCLUDED_
#define _NDR_FILTER_H_INCLUDED_
#ifndef _DSN_FILTER_H_INCLUDED_
#define _DSN_FILTER_H_INCLUDED_
/*++
/* NAME
/* ndr_filter 3h
/* dsn_filter 3h
/* SUMMARY
/* bounce/defer DSN filter
/* SYNOPSIS
/* #include <ndr_filter.h>
/* #include <dsn_filter.h>
/* DESCRIPTION
/* .nf
/*
* External interface.
*/
typedef struct NDR_FILTER NDR_FILTER;
typedef struct DSN_FILTER DSN_FILTER;
extern NDR_FILTER *ndr_filter_create(const char *, const char *);
extern DSN *ndr_filter_lookup(NDR_FILTER *, DSN *);
extern void ndr_filter_free(NDR_FILTER *);
extern DSN_FILTER *dsn_filter_create(const char *, const char *);
extern DSN *dsn_filter_lookup(DSN_FILTER *, DSN *);
extern void dsn_filter_free(DSN_FILTER *);
/* LICENSE
/* .ad

6
postfix/src/global/mail_params.c
View File

@ -121,7 +121,7 @@
/* bool var_multi_enable;
/* bool var_long_queue_ids;
/* bool var_daemon_open_fatal;
/* char *var_ndr_filter;
/* char *var_dsn_filter;
/*
/* void mail_params_init()
/*
@ -315,7 +315,7 @@ char *var_multi_name;
bool var_multi_enable;
bool var_long_queue_ids;
bool var_daemon_open_fatal;
char *var_ndr_filter;
char *var_dsn_filter;
const char null_format_string[1] = "";
@ -591,7 +591,7 @@ void mail_params_init()
VAR_INT_FILT_CLASSES, DEF_INT_FILT_CLASSES, &var_int_filt_classes, 0, 0,
/* multi_instance_wrapper may have dependencies but not dependents. */
VAR_MULTI_WRAPPER, DEF_MULTI_WRAPPER, &var_multi_wrapper, 0, 0,
VAR_NDR_FILTER, DEF_NDR_FILTER, &var_ndr_filter, 0, 0,
VAR_DSN_FILTER, DEF_DSN_FILTER, &var_dsn_filter, 0, 0,
0,
};
static const CONFIG_STR_FN_TABLE function_str_defaults_2[] = {

34
postfix/src/global/mail_params.h
View File

@ -3747,27 +3747,27 @@ extern bool var_daemon_open_fatal;
/*
* Optional DSN bounce/defer filter.
*/
#define VAR_NDR_FILTER "default_bounce_defer_filter"
#define DEF_NDR_FILTER ""
extern char *var_ndr_filter;
#define VAR_DSN_FILTER "default_delivery_status_filter"
#define DEF_DSN_FILTER ""
extern char *var_dsn_filter;
#define VAR_SMTP_NDR_FILTER "smtp_bounce_defer_filter"
#define DEF_SMTP_NDR_FILTER "$" VAR_NDR_FILTER
#define VAR_LMTP_NDR_FILTER "lmtp_bounce_defer_filter"
#define DEF_LMTP_NDR_FILTER "$" VAR_NDR_FILTER
extern char *var_smtp_ndr_filter;
#define VAR_SMTP_DSN_FILTER "smtp_delivery_status_filter"
#define DEF_SMTP_DSN_FILTER "$" VAR_DSN_FILTER
#define VAR_LMTP_DSN_FILTER "lmtp_delivery_status_filter"
#define DEF_LMTP_DSN_FILTER "$" VAR_DSN_FILTER
extern char *var_smtp_dsn_filter;
#define VAR_PIPE_NDR_FILTER "pipe_bounce_defer_filter"
#define DEF_PIPE_NDR_FILTER "$" VAR_NDR_FILTER
extern char *var_pipe_ndr_filter;
#define VAR_PIPE_DSN_FILTER "pipe_delivery_status_filter"
#define DEF_PIPE_DSN_FILTER "$" VAR_DSN_FILTER
extern char *var_pipe_dsn_filter;
#define VAR_VIRT_NDR_FILTER "virtual_bounce_defer_filter"
#define DEF_VIRT_NDR_FILTER "$" VAR_NDR_FILTER
extern char *var_virt_ndr_filter;
#define VAR_VIRT_DSN_FILTER "virtual_delivery_status_filter"
#define DEF_VIRT_DSN_FILTER "$" VAR_DSN_FILTER
extern char *var_virt_dsn_filter;
#define VAR_LOCAL_NDR_FILTER "local_bounce_defer_filter"
#define DEF_LOCAL_NDR_FILTER "$" VAR_NDR_FILTER
extern char *var_local_ndr_filter;
#define VAR_LOCAL_DSN_FILTER "local_delivery_status_filter"
#define DEF_LOCAL_DSN_FILTER "$" VAR_DSN_FILTER
extern char *var_local_dsn_filter;
/* LICENSE
/* .ad

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20140318"
#define MAIL_RELEASE_DATE "20140321"
#define MAIL_VERSION_NUMBER "2.12"
#ifdef SNAPSHOT

182
postfix/src/global/ndr_filter.c
View File

@ -1,182 +0,0 @@
/*++
/* NAME
/* ndr_filter 3
/* SUMMARY
/* bounce or defer NDR filter
/* SYNOPSIS
/* #include <ndr_filter.h>
/*
/* NDR_FILTER *ndr_filter_create(
/* const char *title,
/* const char *map_names)
/*
/* DSN *ndr_filter_lookup(
/* NDR_FILTER *fp,
/* DSN *dsn)
/*
/* void dsn_free(
/* NDR_FILTER *fp)
/* DESCRIPTION
/* This module maps a bounce or defer non-delivery status code
/* and text into a bounce or defer non-delivery status code
/* and text. The other DSN attributes are passed through without
/* modification.
/*
/* ndr_filter_create() instantiates a bounce or defer NDR filter.
/*
/* ndr_filter_lookup() queries the specified filter. The DSN
/* must be a bounce or defer DSN. If a match is found and the
/* result is properly formatted, the result value must specify
/* a bounce or defer DSN. The result is in part overwritten
/* upon each call, and is in part a shallow copy of the dsn
/* argument. The result is a null pointer when no valid match
/* is found. This function must not be called with the result
/* from a ndr_filter_lookup() call.
/*
/* dsn_free() destroys the specified NDR filter.
/*
/* Arguments:
/* .IP title
/* Origin of the mapnames argument, typically a configuration
/* parameter name. This is reported in diagnostics.
/* .IP mapnames
/* List of lookup tables, separated by whitespace or comma.
/* .IP fp
/* filter created with ndr_filter_create()
/* .IP dsn
/* A bounce or defer DSN data structure. The ndr_filter_lookup()
/* result value is in part a shallow copy of this argument.
/* SEE ALSO
/* maps(3) multi-table search
/* DIAGNOSTICS
/* Panic: invalid dsn argument; recursive call. Fatal error:
/* memory allocation problem. Warning: invalid DSN lookup
/* result.
/* LICENSE
/* .ad
/* .fi
/* The Secure Mailer license must be distributed with this software.
/* AUTHOR(S)
/* Wietse Venema
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/*
* System libraries.
*/
#include <sys_defs.h>
/*
* Utility library.
*/
#include <msg.h>
#include <mymalloc.h>
#include <vstring.h>
/*
* Global library.
*/
#include <maps.h>
#include <dsn.h>
#include <dsn_util.h>
#include <maps.h>
#include <ndr_filter.h>
/*
* Private data structure.
*/
struct NDR_FILTER {
MAPS *maps; /* Replacement (status, text) */
VSTRING *buffer; /* Status code and text */
DSN_SPLIT dp; /* Parsing aid */
DSN dsn; /* Shallow copy */
};
/*
* SLMs.
*/
#define STR(x) vstring_str(x)
/* ndr_filter_create - create bounce/defer NDR filter */
NDR_FILTER *ndr_filter_create(const char *title, const char *map_names)
{
const char myname[] = "ndr_filter_create";
NDR_FILTER *fp;
if (msg_verbose)
msg_info("%s: %s %s", myname, title, map_names);
fp = (NDR_FILTER *) mymalloc(sizeof(*fp));
fp->buffer = vstring_alloc(100);
fp->maps = maps_create(title, map_names, DICT_FLAG_LOCK);
return (fp);
}
/* ndr_filter_lookup - apply bounce/defer NDR filter */
DSN *ndr_filter_lookup(NDR_FILTER *fp, DSN *dsn)
{
const char myname[] = "ndr_filter_lookup";
const char *result;
if (msg_verbose)
msg_info("%s: %s %s", myname, dsn->status, dsn->reason);
/*
* XXX Instead of hard-coded '4' or '5', use some form of encapsulation
* to read or update the class field.
*/
#define IS_NDR_DSN(s) \
(dsn_valid(s) && ((s)[0] == '4' || (s)[0] == '5'))
/*
* Sanity check. We filter only bounce/defer DSNs.
*/
if (!IS_NDR_DSN(dsn->status))
msg_panic("%s: dsn argument with bad status code: %s",
myname, dsn->status);
/*
* Sanity check. An NDR filter must not be invoked with its own result.
*/
if (dsn->reason == fp->dsn.reason)
msg_panic("%s: recursive call is not allowed", myname);
/*
* Look up replacement status and text.
*/
vstring_sprintf(fp->buffer, "%s %s", dsn->status, dsn->reason);
if ((result = maps_find(fp->maps, STR(fp->buffer), 0)) != 0) {
/* Sanity check. We accept only bounce/defer DSNs. */
if (!IS_NDR_DSN(result)) {
msg_warn("%s: bad status code: %s", fp->maps->title, result);
return (0);
} else {
vstring_strcpy(fp->buffer, result);
dsn_split(&fp->dp, "can't happen", STR(fp->buffer));
(void) DSN_ASSIGN(&fp->dsn, DSN_STATUS(fp->dp.dsn),
(result[0] == '4' ? "delayed" : "failed"),
fp->dp.text, dsn->dtype, dsn->dtext,
dsn->mtype, dsn->mname);
return (&fp->dsn);
}
}
return (0);
}
/* ndr_filter_free - destroy bounce/defer NDR filter */
void ndr_filter_free(NDR_FILTER *fp)
{
const char myname[] = "ndr_filter_free";
if (msg_verbose)
msg_info("%s: %s", myname, fp->maps->title);
maps_free(fp->maps);
vstring_free(fp->buffer);
myfree((char *) fp);
}

13
postfix/src/global/sent.c
View File

@ -19,8 +19,6 @@
/* message delivery record on request by the sender. The
/* flags argument determines the action.
/*
/* vsent() implements an alternative interface.
/*
/* Arguments:
/* .IP flags
/* Zero or more of the following:
@ -79,6 +77,7 @@
/* Global library. */
#define DSN_INTERN
#include <mail_params.h>
#include <verify.h>
#include <log_adhoc.h>
@ -97,6 +96,7 @@ int sent(int flags, const char *id, MSG_STATS *stats,
DSN *dsn)
{
DSN my_dsn = *dsn;
DSN *dsn_res;
int status;
/*
@ -107,6 +107,13 @@ int sent(int flags, const char *id, MSG_STATS *stats,
my_dsn.status = "2.0.0";
}
/*
* DSN filter (Postfix 2.12).
*/
if (delivery_status_filter != 0
&& (dsn_res = dsn_filter_lookup(delivery_status_filter, &my_dsn)) != 0)
my_dsn = *dsn_res;
/*
* MTA-requested address verification information is stored in the verify
* service database.
@ -147,7 +154,7 @@ int sent(int flags, const char *id, MSG_STATS *stats,
vstring_sprintf(junk, "%s: %s service failed",
id, var_trace_service);
my_dsn.reason = vstring_str(junk);
my_dsn.status ="4.3.0";
my_dsn.status = "4.3.0";
status = defer_append(flags, id, stats, recipient, relay, &my_dsn);
vstring_free(junk);
}

11
postfix/src/local/local.c
View File

@ -387,9 +387,10 @@
/* its own owner alias.
/* .PP
/* Available in Postfix version 2.12 and later:
/* .IP "\fBlocal_bounce_defer_filter ($default_bounce_defer_filter)\fR"
/* Optional filter to change arbitrary hard delivery errors into
/* soft errors and vice versa in the \fBlocal\fR(8) delivery agent.
/* .IP "\fBlocal_delivery_status_filter ($default_delivery_status_filter)\fR"
/* Optional filter for the \fBlocal\fR(8) delivery agent to change the
/* status code or explanatory text of successful or unsuccessful
/* deliveries.
/* DELIVERY METHOD CONTROLS
/* .ad
/* .fi
@ -904,7 +905,7 @@ int main(int argc, char **argv)
VAR_DELIVER_HDR, DEF_DELIVER_HDR, &var_deliver_hdr, 0, 0,
VAR_MAILBOX_LOCK, DEF_MAILBOX_LOCK, &var_mailbox_lock, 1, 0,
VAR_MAILBOX_CMD_MAPS, DEF_MAILBOX_CMD_MAPS, &var_mailbox_cmd_maps, 0, 0,
VAR_LOCAL_NDR_FILTER, DEF_LOCAL_NDR_FILTER, &var_local_ndr_filter, 0, 0,
VAR_LOCAL_DSN_FILTER, DEF_LOCAL_DSN_FILTER, &var_local_ndr_filter, 0, 0,
0,
};
static const CONFIG_BOOL_TABLE bool_table[] = {
@ -943,7 +944,7 @@ int main(int argc, char **argv)
MAIL_SERVER_POST_INIT, post_init,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
MAIL_SERVER_PRIVILEGED,
MAIL_SERVER_BOUNCE_INIT, VAR_LOCAL_NDR_FILTER,
MAIL_SERVER_BOUNCE_INIT, VAR_LOCAL_DSN_FILTER,
&var_local_ndr_filter,
0);
}

8
postfix/src/master/Makefile.in
View File

@ -94,7 +94,7 @@ event_server.o: ../../include/deliver_request.h
event_server.o: ../../include/dict.h
event_server.o: ../../include/dsn.h
event_server.o: ../../include/dsn_buf.h
event_server.o: ../../include/ndr_filter.h
event_server.o: ../../include/dsn_filter.h
event_server.o: ../../include/events.h
event_server.o: ../../include/htable.h
event_server.o: ../../include/iostuff.h
@ -300,7 +300,7 @@ multi_server.o: ../../include/deliver_request.h
multi_server.o: ../../include/dict.h
multi_server.o: ../../include/dsn.h
multi_server.o: ../../include/dsn_buf.h
multi_server.o: ../../include/ndr_filter.h
multi_server.o: ../../include/dsn_filter.h
multi_server.o: ../../include/events.h
multi_server.o: ../../include/htable.h
multi_server.o: ../../include/iostuff.h
@ -341,7 +341,7 @@ single_server.o: ../../include/deliver_request.h
single_server.o: ../../include/dict.h
single_server.o: ../../include/dsn.h
single_server.o: ../../include/dsn_buf.h
single_server.o: ../../include/ndr_filter.h
single_server.o: ../../include/dsn_filter.h
single_server.o: ../../include/events.h
single_server.o: ../../include/htable.h
single_server.o: ../../include/iostuff.h
@ -382,7 +382,7 @@ trigger_server.o: ../../include/deliver_request.h
trigger_server.o: ../../include/dict.h
trigger_server.o: ../../include/dsn.h
trigger_server.o: ../../include/dsn_buf.h
trigger_server.o: ../../include/ndr_filter.h
trigger_server.o: ../../include/dsn_filter.h
trigger_server.o: ../../include/events.h
trigger_server.o: ../../include/htable.h
trigger_server.o: ../../include/iostuff.h

10
postfix/src/master/event_server.c
View File

@ -560,8 +560,8 @@ NORETURN event_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
char *generation;
int msg_vstream_needed = 0;
int redo_syslog_init = 0;
const char *ndr_filter_title;
const char **ndr_filter_maps;
const char *dsn_filter_title;
const char **dsn_filter_maps;
/*
* Process environment options as early as we can.
@ -773,9 +773,9 @@ NORETURN event_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
event_server_slow_exit = va_arg(ap, MAIL_SERVER_SLOW_EXIT_FN);
break;
case MAIL_SERVER_BOUNCE_INIT:
ndr_filter_title = va_arg(ap, const char *);
ndr_filter_maps = va_arg(ap, const char **);
bounce_client_init(ndr_filter_title, *ndr_filter_maps);
dsn_filter_title = va_arg(ap, const char *);
dsn_filter_maps = va_arg(ap, const char **);
bounce_client_init(dsn_filter_title, *dsn_filter_maps);
break;
default:
msg_panic("%s: unknown argument type: %d", myname, key);

10
postfix/src/master/multi_server.c
View File

@ -556,8 +556,8 @@ NORETURN multi_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
char *generation;
int msg_vstream_needed = 0;
int redo_syslog_init = 0;
const char *ndr_filter_title;
const char **ndr_filter_maps;
const char *dsn_filter_title;
const char **dsn_filter_maps;
/*
* Process environment options as early as we can.
@ -763,9 +763,9 @@ NORETURN multi_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
service_name);
break;
case MAIL_SERVER_BOUNCE_INIT:
ndr_filter_title = va_arg(ap, const char *);
ndr_filter_maps = va_arg(ap, const char **);
bounce_client_init(ndr_filter_title, *ndr_filter_maps);
dsn_filter_title = va_arg(ap, const char *);
dsn_filter_maps = va_arg(ap, const char **);
bounce_client_init(dsn_filter_title, *dsn_filter_maps);
break;
default:
msg_panic("%s: unknown argument type: %d", myname, key);

10
postfix/src/master/single_server.c
View File

@ -434,8 +434,8 @@ NORETURN single_server_main(int argc, char **argv, SINGLE_SERVER_FN service,...)
char *generation;
int msg_vstream_needed = 0;
int redo_syslog_init = 0;
const char *ndr_filter_title;
const char **ndr_filter_maps;
const char *dsn_filter_title;
const char **dsn_filter_maps;
/*
* Process environment options as early as we can.
@ -638,9 +638,9 @@ NORETURN single_server_main(int argc, char **argv, SINGLE_SERVER_FN service,...)
service_name);
break;
case MAIL_SERVER_BOUNCE_INIT:
ndr_filter_title = va_arg(ap, const char *);
ndr_filter_maps = va_arg(ap, const char **);
bounce_client_init(ndr_filter_title, *ndr_filter_maps);
dsn_filter_title = va_arg(ap, const char *);
dsn_filter_maps = va_arg(ap, const char **);
bounce_client_init(dsn_filter_title, *dsn_filter_maps);
break;
default:
msg_panic("%s: unknown argument type: %d", myname, key);

10
postfix/src/master/trigger_server.c
View File

@ -437,8 +437,8 @@ NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,..
char *generation;
int msg_vstream_needed = 0;
int redo_syslog_init = 0;
const char *ndr_filter_title;
const char **ndr_filter_maps;
const char *dsn_filter_title;
const char **dsn_filter_maps;
/*
* Process environment options as early as we can.
@ -644,9 +644,9 @@ NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,..
trigger_server_watchdog = *va_arg(ap, int *);
break;
case MAIL_SERVER_BOUNCE_INIT:
ndr_filter_title = va_arg(ap, const char *);
ndr_filter_maps = va_arg(ap, const char **);
bounce_client_init(ndr_filter_title, *ndr_filter_maps);
dsn_filter_title = va_arg(ap, const char *);
dsn_filter_maps = va_arg(ap, const char **);
bounce_client_init(dsn_filter_title, *dsn_filter_maps);
break;
default:
msg_panic("%s: unknown argument type: %d", myname, key);

11
postfix/src/pipe/pipe.c
View File

@ -404,9 +404,10 @@
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .PP
/* Available in Postfix version 2.12 and later:
/* .IP "\fBpipe_bounce_defer_filter ($default_bounce_defer_filter)\fR"
/* Optional filter to change arbitrary hard delivery errors into
/* soft errors and vice versa in the \fBpipe\fR(8) delivery agent.
/* .IP "\fBpipe_delivery_status_filter ($default_delivery_status_filter)\fR"
/* Optional filter for the \fBpipe\fR(8) delivery agent to change the
/* delivery status code or explanatory text of successful or unsuccessful
/* deliveries.
/* SEE ALSO
/* qmgr(8), queue manager
/* bounce(8), delivery status reports
@ -1329,7 +1330,7 @@ int main(int argc, char **argv)
0,
};
static const CONFIG_STR_TABLE str_table[] = {
VAR_PIPE_NDR_FILTER, DEF_PIPE_NDR_FILTER, &var_pipe_ndr_filter, 0, 0,
VAR_PIPE_DSN_FILTER, DEF_PIPE_DSN_FILTER, &var_pipe_ndr_filter, 0, 0,
0,
};
@ -1344,7 +1345,7 @@ int main(int argc, char **argv)
MAIL_SERVER_POST_INIT, drop_privileges,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
MAIL_SERVER_PRIVILEGED,
MAIL_SERVER_BOUNCE_INIT, VAR_PIPE_NDR_FILTER,
MAIL_SERVER_BOUNCE_INIT, VAR_PIPE_DSN_FILTER,
&var_pipe_ndr_filter,
0);
}

2
postfix/src/smtp/lmtp_params.c
View File

@ -57,7 +57,7 @@
VAR_LMTP_RESP_FILTER, DEF_LMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
VAR_LMTP_ADDR_PREF, DEF_LMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
VAR_LMTP_DNS_RES_OPT, DEF_LMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0,
VAR_LMTP_NDR_FILTER, DEF_LMTP_NDR_FILTER, &var_smtp_ndr_filter, 0, 0,
VAR_LMTP_DSN_FILTER, DEF_LMTP_DSN_FILTER, &var_smtp_ndr_filter, 0, 0,
0,
};
static const CONFIG_TIME_TABLE lmtp_time_table[] = {

9
postfix/src/smtp/smtp.c
View File

@ -254,9 +254,10 @@
/* Level of DNS support in the Postfix SMTP client.
/* .PP
/* Available in Postfix version 2.12 and later:
/* .IP "\fBsmtp_bounce_defer_filter ($default_bounce_defer_filter)\fR"
/* Optional filter to change arbitrary hard delivery errors into
/* soft errors and vice versa in the \fBsmtp\fR(8) delivery agent.
/* .IP "\fBsmtp_delivery_status_filter ($default_delivery_status_filter)\fR"
/* Optional filter for the \fBsmtp\fR(8) delivery agent to change the
/* delivery status code or explanatory text of successful or unsuccessful
/* deliveries.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
@ -1277,7 +1278,7 @@ int main(int argc, char **argv)
MAIL_SERVER_PRE_INIT, pre_init,
MAIL_SERVER_POST_INIT, post_init,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
MAIL_SERVER_BOUNCE_INIT, VAR_SMTP_NDR_FILTER,
MAIL_SERVER_BOUNCE_INIT, VAR_SMTP_DSN_FILTER,
&var_smtp_ndr_filter,
0);
}

2
postfix/src/smtp/smtp_params.c
View File

@ -58,7 +58,7 @@
VAR_SMTP_RESP_FILTER, DEF_SMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
VAR_SMTP_ADDR_PREF, DEF_SMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
VAR_SMTP_DNS_RES_OPT, DEF_SMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0,
VAR_SMTP_NDR_FILTER, DEF_SMTP_NDR_FILTER, &var_smtp_ndr_filter, 0, 0,
VAR_SMTP_DSN_FILTER, DEF_SMTP_DSN_FILTER, &var_smtp_ndr_filter, 0, 0,
0,
};
static const CONFIG_TIME_TABLE smtp_time_table[] = {

11
postfix/src/virtual/virtual.c
View File

@ -247,9 +247,10 @@
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .PP
/* Available in Postfix version 2.12 and later:
/* .IP "\fBvirtual_bounce_defer_filter ($default_bounce_defer_filter)\fR"
/* Optional filter to change arbitrary hard delivery errors into
/* soft errors and vice versa in the \fBvirtual\fR(8) delivery agent.
/* .IP "\fBvirtual_delivery_status_filter ($default_delivery_status_filter)\fR"
/* Optional filter for the \fBvirtual\fR(8) delivery agent to change the
/* delivery status code or explanatory text of successful or unsuccessful
/* deliveries.
/* SEE ALSO
/* qmgr(8), queue manager
/* bounce(8), delivery status reports
@ -516,7 +517,7 @@ int main(int argc, char **argv)
VAR_VIRT_GID_MAPS, DEF_VIRT_GID_MAPS, &var_virt_gid_maps, 0, 0,
VAR_VIRT_MAILBOX_BASE, DEF_VIRT_MAILBOX_BASE, &var_virt_mailbox_base, 1, 0,
VAR_VIRT_MAILBOX_LOCK, DEF_VIRT_MAILBOX_LOCK, &var_virt_mailbox_lock, 1, 0,
VAR_VIRT_NDR_FILTER, DEF_VIRT_NDR_FILTER, &var_virt_ndr_filter, 0, 0,
VAR_VIRT_DSN_FILTER, DEF_VIRT_DSN_FILTER, &var_virt_ndr_filter, 0, 0,
0,
};
static const CONFIG_BOOL_TABLE bool_table[] = {
@ -538,7 +539,7 @@ int main(int argc, char **argv)
MAIL_SERVER_POST_INIT, post_init,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
MAIL_SERVER_PRIVILEGED,
MAIL_SERVER_BOUNCE_INIT, VAR_VIRT_NDR_FILTER,
MAIL_SERVER_BOUNCE_INIT, VAR_VIRT_DSN_FILTER,
&var_virt_ndr_filter,
0);
}