mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.3.4-RC1

Browse Source
This commit is contained in:
Wietse Venema 2006-10-02 00:00:00 -05:00 committed by Viktor Dukhovni
parent 8a941b258a
commit 4ad87a3fca
30 changed files with 283 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
postfix/HISTORY
View File

@ -12691,3 +12691,51 @@ Apologies for any names omitted.
Robustness: mail delivery agents now detect loops in queue
files. Files with too many backward jumps are saved to the
"corrupt" directory. File: global/record.c.
20060831
Bugfix (introduced with initial implementation): missing
"dict_errno = 0" caused mis-leading error messages after
non-error lookup failure. Victor Duchovni. File:
util/dict_cidr.c.
Robustness: the default TLS cipher lists were changed from
!foo:ALL into ALL:!foo. Victor Duchovni. Files:
global/mail_params.h and documentation.
20060902
Bugfix (introduced Postfix 2.3): the LMTP client stripped
"inet": from the next-hop destination, but still used the
complete next-hop from the delivery request. File:
smtp/smtp_connect.c.
20060903
Cleanup: record loop detection. File: global/record.c.
20060929
Workaround: AIX 5.[1-3] getaddrinfo() creates socket address
structures with a non-zero port value. This breaks the
smtp_bind_address etc. features, and breaks inet_interfaces
settings with only one IP address. Problem reported by
Hamish Marson. Files: util/sock_addr.[hc], util/myaddrinfo.c.
Bugfix (introduced with the Postfix TLS patch): memory leak
in verify_extract_peer(). The OpenSSL documentation provides
no information on how subjectAltNames are managed. Sam
Rushing, ironport. File: tls/tls_client.c.
Bugfix (introduced with Postfix 2.2): smtp_generic_maps
turned on MIME conversion. File: smtp/smtp_proto.c.
Workaround: don't send SIZE information in the MAIL FROM
command when message content will be subject to 8bit ->
quoted-printable conversion. File: smtp/smtp_proto.c.
20061002
Compatibility: Sendmail now invokes the Milter connect
action with the verified hostname instead of the name
obtained with PTR lookup. File: smtpd/smtpd.c.

6
postfix/auxiliary/qshape/qshape.pl
View File

@ -19,7 +19,7 @@
# Postfix queue message distribution in time and by sender domain
# or recipient domain. The program needs read access to the queue
# directories and queue files, so it must run as the superuser or
# the \fBmail_owner\fR specified in \fImain.cf\fR (typically
# the \fBmail_owner\fR specified in \fBmain.cf\fR (typically
# \fBpostfix\fR).
#
# Options:
@ -73,8 +73,8 @@
# the incoming and active queues. To display a different set of
# queues, just list their directory names on the command line.
# Absolute paths are used as is, other paths are taken relative
# to the \fImain.cf\fR \fBqueue_directory\fR parameter setting.
# While \fImain.cf\fR supports the use of \fI$variable\fR expansion
# to the \fBmain.cf\fR \fBqueue_directory\fR parameter setting.
# While \fBmain.cf\fR supports the use of \fI$variable\fR expansion
# in the definition of the \fBqueue_directory\fR parameter, the
# \fBqshape\fR program does not. If you must use variable expansions
# in the \fBqueue_directory\fR setting, you must specify an explicit

6
postfix/html/postconf.5.html
View File

@ -11604,7 +11604,7 @@ strongly encouraged to not change this setting. </p>
</DD>
<DT><b><a name="tls_high_cipherlist">tls_high_cipherlist</a>
(default: !EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)</b></DT><DD>
(default: ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b></DT><DD>
<p> The OpenSSL cipherlist for "HIGH" grade ciphers. This defines
the meaning of the "high" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
@ -11617,7 +11617,7 @@ strongly encouraged to not change this setting. </p>
</DD>
<DT><b><a name="tls_low_cipherlist">tls_low_cipherlist</a>
(default: !EXPORT:ALL:+RC4:@STRENGTH)</b></DT><DD>
(default: ALL:!EXPORT:+RC4:@STRENGTH)</b></DT><DD>
<p> The OpenSSL cipherlist for "LOW" or higher grade ciphers. This defines
the meaning of the "low" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,
@ -11630,7 +11630,7 @@ strongly encouraged to not change this setting. </p>
</DD>
<DT><b><a name="tls_medium_cipherlist">tls_medium_cipherlist</a>
(default: !EXPORT:!LOW:ALL:+RC4:@STRENGTH)</b></DT><DD>
(default: ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b></DT><DD>
<p> The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. This
defines the meaning of the "medium" setting in <a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a>,

6
postfix/html/qshape.1.html
View File

@ -20,7 +20,7 @@ QSHAPE(1) QSHAPE(1)
Postfix queue message distribution in time and by sender
domain or recipient domain. The program needs read access
to the queue directories and queue files, so it must run
as the superuser or the <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> specified in <i<a href="postconf.5.html">>main.cf</</a>i>
as the superuser or the <b><a href="postconf.5.html#mail_owner">mail_owner</a></b> specified in <a href="postconf.5.html"><b>main.cf</b></a>
(typically <b>postfix</b>).
Options:
@ -90,8 +90,8 @@ QSHAPE(1) QSHAPE(1)
a different set of queues, just list their direc-
tory names on the command line. Absolute paths are
used as is, other paths are taken relative to the
<i<a href="postconf.5.html">>main.cf</</a>i> <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter setting. While
<i<a href="postconf.5.html">>main.cf</</a>i> supports the use of <i>$variable</i> expansion in
<a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter setting. While
<a href="postconf.5.html"><b>main.cf</b></a> supports the use of <i>$variable</i> expansion in
the definition of the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> parameter,
the <b>qshape</b> program does not. If you must use vari-
able expansions in the <b><a href="postconf.5.html#queue_directory">queue_directory</a></b> setting, you

198
postfix/html/sendmail.1.html
View File

@ -120,48 +120,49 @@ SENDMAIL(1) SENDMAIL(1)
files.
<b>-F</b> <i>full</i><b>_</b><i>name</i>
Set the sender full name. This is used only with
messages that have no <b>From:</b> message header.
Set the sender full name. This overrides the NAME
environment variable, and is used only with mes-
sages that have no <b>From:</b> message header.
<b>-f</b> <i>sender</i>
Set the envelope sender address. This is the
address where delivery problems are sent to. With
address where delivery problems are sent to. With
Postfix versions before 2.1, the <b>Errors-To:</b> message
header overrides the error return address.
<b>-G</b> Gateway (relay) submission, as opposed to initial
user submission. Either do not rewrite addresses
at all, or update incomplete addresses with the
<b>-G</b> Gateway (relay) submission, as opposed to initial
user submission. Either do not rewrite addresses
at all, or update incomplete addresses with the
domain information specified with <b>remote_header_re-</b>
<b>write_domain</b>.
This option is ignored before Postfix version 2.3.
This option is ignored before Postfix version 2.3.
<b>-h</b> <i>hop</i><b>_</b><i>count</i> (ignored)
Hop count limit. Use the <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a></b> configura-
Hop count limit. Use the <b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a></b> configura-
tion parameter instead.
<b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
<b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
mand above.
<b>-i</b> When reading a message from standard input, don't
treat a line with only a <b>.</b> character as the end of
<b>-i</b> When reading a message from standard input, don't
treat a line with only a <b>.</b> character as the end of
input.
<b>-L</b> <i>label</i> (ignored)
The logging label. Use the <b><a href="postconf.5.html#syslog_name">syslog_name</a></b> configura-
The logging label. Use the <b><a href="postconf.5.html#syslog_name">syslog_name</a></b> configura-
tion parameter instead.
<b>-m</b> (ignored)
Backwards compatibility.
<b>-N</b> <i>dsn</i> (default: 'delay, failure')
Delivery status notification control. Specify
either a comma-separated list with one or more of
<b>failure</b> (send notification when delivery fails),
Delivery status notification control. Specify
either a comma-separated list with one or more of
<b>failure</b> (send notification when delivery fails),
<b>delay</b> (send notification when delivery is delayed),
or <b>success</b> (send notification when the message is
delivered); or specify <b>never</b> (don't send any noti-
or <b>success</b> (send notification when the message is
delivered); or specify <b>never</b> (don't send any noti-
fications at all).
This feature is available in Postfix 2.3 and later.
@ -170,7 +171,7 @@ SENDMAIL(1) SENDMAIL(1)
Backwards compatibility.
<b>-oA</b><i>alias</i><b>_</b><i>database</i>
Non-default alias database. Specify <i>pathname</i> or
Non-default alias database. Specify <i>pathname</i> or
<i>type</i>:<i>pathname</i>. See <a href="postalias.1.html"><b>postalias</b>(1)</a> for details.
<b>-O</b> <i>option=value</i> (ignored)
@ -180,60 +181,60 @@ SENDMAIL(1) SENDMAIL(1)
<b>-o8</b> (ignored)
To send 8-bit or binary content, use an appropriate
MIME encapsulation and specify the appropriate <b>-B</b>
MIME encapsulation and specify the appropriate <b>-B</b>
command-line option.
<b>-oi</b> When reading a message from standard input, don't
treat a line with only a <b>.</b> character as the end of
<b>-oi</b> When reading a message from standard input, don't
treat a line with only a <b>.</b> character as the end of
input.
<b>-om</b> (ignored)
The sender is never eliminated from alias etc.
The sender is never eliminated from alias etc.
expansions.
<b>-o</b> <i>x value</i> (ignored)
Set option <i>x</i> to <i>value</i>. Use the equivalent configu-
Set option <i>x</i> to <i>value</i>. Use the equivalent configu-
ration parameter in <a href="postconf.5.html"><b>main.cf</b></a> instead.
<b>-r</b> <i>sender</i>
Set the envelope sender address. This is the
address where delivery problems are sent to. With
address where delivery problems are sent to. With
Postfix versions before 2.1, the <b>Errors-To:</b> message
header overrides the error return address.
<b>-R</b> <i>return</i><b>_</b><i>limit</i> (ignored)
Limit the size of bounced mail. Use the
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
Limit the size of bounced mail. Use the
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a></b> configuration parameter instead.
<b>-q</b> Attempt to deliver all queued mail. This is imple-
<b>-q</b> Attempt to deliver all queued mail. This is imple-
mented by executing the <a href="postqueue.1.html"><b>postqueue</b>(1)</a> command.
Warning: flushing undeliverable mail frequently
will result in poor delivery performance of all
will result in poor delivery performance of all
other mail.
<b>-q</b><i>interval</i> (ignored)
The interval between queue runs. Use the
The interval between queue runs. Use the
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a></b> configuration parameter instead.
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is
Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. This option accepts only
<i>site</i> names that are eligible for the "fast flush"
service, and is implemented by executing the
<i>site</i> names that are eligible for the "fast flush"
service, and is implemented by executing the
<a href="postqueue.1.html"><b>postqueue</b>(1)</a> command. See <a href="flush.8.html"><b>flush</b>(8)</a> for more infor-
mation about the "fast flush" service.
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower
This command is not implemented. Use the slower
"<b>sendmail -q</b>" command instead.
<b>-t</b> Extract recipients from message headers. These are
added to any recipients specified on the command
<b>-t</b> Extract recipients from message headers. These are
added to any recipients specified on the command
line.
With Postfix versions prior to 2.1, this option
requires that no recipient addresses are specified
With Postfix versions prior to 2.1, this option
requires that no recipient addresses are specified
on the command line.
<b>-U</b> (ignored)
@ -246,63 +247,67 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
<b>-XV</b> (Postfix 2.2 and earlier: <b>-V</b>)
Variable Envelope Return Path. Given an envelope
sender address of the form <i>owner-listname</i>@<i>origin</i>,
each recipient <i>user</i>@<i>domain</i> receives mail with a
Variable Envelope Return Path. Given an envelope
sender address of the form <i>owner-listname</i>@<i>origin</i>,
each recipient <i>user</i>@<i>domain</i> receives mail with a
personalized envelope sender address.
By default, the personalized envelope sender
address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
default <b>+</b> and <b>=</b> characters are configurable with
the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
By default, the personalized envelope sender
address is <i>owner-listname</i><b>+</b><i>user</i><b>=</b><i>domain</i>@<i>origin</i>. The
default <b>+</b> and <b>=</b> characters are configurable with
the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration parame-
ter.
<b>-XV</b><i>xy</i> (Postfix 2.2 and earlier: <b>-V</b><i>xy</i>)
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
characters, instead of the characters specified
with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
As <b>-XV</b>, but uses <i>x</i> and <i>y</i> as the VERP delimiter
characters, instead of the characters specified
with the <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a></b> configuration
parameter.
<b>-v</b> Send an email report of the first delivery attempt
(Postfix versions 2.1 and later). Mail delivery
always happens in the background. When multiple <b>-v</b>
<b>-v</b> Send an email report of the first delivery attempt
(Postfix versions 2.1 and later). Mail delivery
always happens in the background. When multiple <b>-v</b>
options are given, enable verbose logging for
debugging purposes.
<b>-X</b> <i>log</i><b>_</b><i>file</i> (ignored)
Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
Log mailer traffic. Use the <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a></b> and
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a></b> configuration parameters instead.
<b>SECURITY</b>
By design, this program is not set-user (or group) id.
However, it must handle data from untrusted users or
untrusted machines. Thus, the usual precautions need to
By design, this program is not set-user (or group) id.
However, it must handle data from untrusted users or
untrusted machines. Thus, the usual precautions need to
be taken against malicious inputs.
<b>DIAGNOSTICS</b>
Problems are logged to <b>syslogd</b>(8) and to the standard
Problems are logged to <b>syslogd</b>(8) and to the standard
error stream.
<b>ENVIRONMENT</b>
<b>MAIL_CONFIG</b>
Directory with Postfix configuration files.
<b>MAIL_VERBOSE</b>
<b>MAIL_VERBOSE</b> (value does not matter)
Enable verbose logging for debugging purposes.
<b>MAIL_DEBUG</b>
<b>MAIL_DEBUG</b> (value does not matter)
Enable debugging with an external command, as spec-
ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
ified with the <b><a href="postconf.5.html#debugger_command">debugger_command</a></b> configuration
parameter.
<b>NAME</b> The sender full name. This is used only with mes-
sages that have no <b>From:</b> message header. See also
the <b>-F</b> option above.
<b>CONFIGURATION PARAMETERS</b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>TROUBLE SHOOTING CONTROLS</b>
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
The <a href="DEBUG_README.html">DEBUG_README</a> file gives examples of how to trouble
shoot a Postfix system.
<b><a href="postconf.5.html#debugger_command">debugger_command</a> (empty)</b>
@ -310,29 +315,29 @@ SENDMAIL(1) SENDMAIL(1)
mon program is invoked with the -D option.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a
remote client or server matches a pattern in the
The increment in verbose logging level when a
remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname
or network address patterns that cause the verbose
logging level to increase by the amount specified
Optional list of remote client or server hostname
or network address patterns that cause the verbose
logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b>ACCESS CONTROLS</b>
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#authorized_flush_users">authorized_flush_users</a> (static:anyone)</b>
List of users who are authorized to flush the
List of users who are authorized to flush the
queue.
<b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (static:anyone)</b>
List of users who are authorized to view the queue.
<b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
List of users who are authorized to submit mail
with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
List of users who are authorized to submit mail
with the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command (and with the privi-
leged <a href="postdrop.1.html"><b>postdrop</b>(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
@ -341,7 +346,7 @@ SENDMAIL(1) SENDMAIL(1)
sent in a non-delivery notification.
<b><a href="postconf.5.html#fork_attempts">fork_attempts</a> (5)</b>
The maximal number of attempts to fork() a child
The maximal number of attempts to fork() a child
process.
<b><a href="postconf.5.html#fork_delay">fork_delay</a> (1s)</b>
@ -349,11 +354,11 @@ SENDMAIL(1) SENDMAIL(1)
process.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
The maximal number of Received: message headers
The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#queue_run_delay">queue_run_delay</a> (1000s)</b>
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
The time between <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> scans by the queue
manager.
<b>FAST FLUSH CONTROLS</b>
@ -362,37 +367,37 @@ SENDMAIL(1) SENDMAIL(1)
<b><a href="postconf.5.html#fast_flush_domains">fast_flush_domains</a> ($<a href="postconf.5.html#relay_domains">relay_domains</a>)</b>
Optional list of destinations that are eligible for
per-destination logfiles with mail that is queued
per-destination logfiles with mail that is queued
to those destinations.
<b>VERP CONTROLS</b>
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
details of Postfix support for variable envelope return
details of Postfix support for variable envelope return
path addresses.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter
characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
The characters Postfix accepts as VERP delimiter
characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#alias_database">alias_database</a> (see 'postconf -d' output)</b>
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
The alias databases for <a href="local.8.html"><b>local</b>(8)</a> delivery that are
updated with "<b>newaliases</b>" or with "<b>sendmail -bi</b>".
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative com-
The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_directory">daemon_directory</a> (see 'postconf -d' output)</b>
The directory with Postfix support programs and
The directory with Postfix support programs and
daemon programs.
<b><a href="postconf.5.html#default_database_type">default_database_type</a> (see 'postconf -d' output)</b>
@ -400,16 +405,16 @@ SENDMAIL(1) SENDMAIL(1)
<a href="postalias.1.html"><b>postalias</b>(1)</a> and <a href="postmap.1.html"><b>postmap</b>(1)</a> commands.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
The time after which the sender receives the mes-
The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#enable_errors_to">enable_errors_to</a> (no)</b>
Report mail delivery errors to the address speci-
fied with the non-standard Errors-To: message
header, instead of the envelope sender address
(this feature is removed with Postfix version 2.2,
is turned off by default with Postfix version 2.1,
and is always turned on with older Postfix ver-
Report mail delivery errors to the address speci-
fied with the non-standard Errors-To: message
header, instead of the envelope sender address
(this feature is removed with Postfix version 2.2,
is turned off by default with Postfix version 2.1,
and is always turned on with older Postfix ver-
sions).
<b><a href="postconf.5.html#mail_owner">mail_owner</a> (postfix)</b>
@ -417,28 +422,23 @@ SENDMAIL(1) SENDMAIL(1)
and most Postfix daemon processes.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc-
The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Don't rewrite message headers from remote clients
Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
write message headers and append the specified
write message headers and append the specified
domain name to incomplete addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#trigger_timeout">trigger_timeout</a> (10s)</b>
The time limit for sending a trigger to a Postfix
daemon (for example, the <a href="pickup.8.html"><b>pickup</b>(8)</a> or <a href="qmgr.8.html"><b>qmgr</b>(8)</a> dae-
mon).
<b>FILES</b>
/var/spool/postfix, mail queue
/etc/postfix, configuration files
@ -461,7 +461,7 @@ SENDMAIL(1) SENDMAIL(1)
<a href="VERP_README.html">VERP_README</a>, Postfix VERP howto
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

6
postfix/html/smtp.8.html
View File

@ -417,14 +417,14 @@ SMTP(8) SMTP(8)
number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a></b>
<b>(!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)</b>
<b>(ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "HIGH" grade ciphers.
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)</b>
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "MEDIUM" or higher grade
ciphers.
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (!EXPORT:ALL:+RC4:@STRENGTH)</b>
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (ALL:!EXPORT:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "LOW" or higher grade
ciphers.

6
postfix/html/smtpd.8.html
View File

@ -456,14 +456,14 @@ SMTPD(8) SMTPD(8)
number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a></b>
<b>(!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)</b>
<b>(ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "HIGH" grade ciphers.
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)</b>
<b><a href="postconf.5.html#tls_medium_cipherlist">tls_medium_cipherlist</a> (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "MEDIUM" or higher grade
ciphers.
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (!EXPORT:ALL:+RC4:@STRENGTH)</b>
<b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (ALL:!EXPORT:+RC4:@STRENGTH)</b>
The OpenSSL cipherlist for "LOW" or higher grade
ciphers.

2
postfix/makedefs
View File

@ -132,6 +132,8 @@ case "$SYSTEM.$RELEASE" in
;;
NetBSD.3*) SYSTYPE=NETBSD3
;;
NetBSD.4*) SYSTYPE=NETBSD4
;;
BSD/OS.2*) SYSTYPE=BSDI2
;;
BSD/OS.3*) SYSTYPE=BSDI3

6
postfix/man/man1/qshape.1
View File

@ -20,7 +20,7 @@ The \fBqshape\fR program helps the administrator understand the
Postfix queue message distribution in time and by sender domain
or recipient domain. The program needs read access to the queue
directories and queue files, so it must run as the superuser or
the \fBmail_owner\fR specified in \fImain.cf\fR (typically
the \fBmail_owner\fR specified in \fBmain.cf\fR (typically
\fBpostfix\fR).
Options:
@ -74,8 +74,8 @@ By default \fBqshape\fR displays the combined distribution of
the incoming and active queues. To display a different set of
queues, just list their directory names on the command line.
Absolute paths are used as is, other paths are taken relative
to the \fImain.cf\fR \fBqueue_directory\fR parameter setting.
While \fImain.cf\fR supports the use of \fI$variable\fR expansion
to the \fBmain.cf\fR \fBqueue_directory\fR parameter setting.
While \fBmain.cf\fR supports the use of \fI$variable\fR expansion
in the definition of the \fBqueue_directory\fR parameter, the
\fBqshape\fR program does not. If you must use variable expansions
in the \fBqueue_directory\fR setting, you must specify an explicit

14
postfix/man/man1/sendmail.1
View File

@ -101,7 +101,8 @@ With all Postfix versions, you can specify a directory pathname
with the MAIL_CONFIG environment variable to override the
location of configuration files.
.IP "\fB-F \fIfull_name\fR
Set the sender full name. This is used only with messages that
Set the sender full name. This overrides the NAME environment
variable, and is used only with messages that
have no \fBFrom:\fR message header.
.IP "\fB-f \fIsender\fR"
Set the envelope sender address. This is the address where
@ -239,11 +240,15 @@ stream.
.fi
.IP \fBMAIL_CONFIG\fR
Directory with Postfix configuration files.
.IP \fBMAIL_VERBOSE\fR
.IP "\fBMAIL_VERBOSE\fR (value does not matter)"
Enable verbose logging for debugging purposes.
.IP \fBMAIL_DEBUG\fR
.IP "\fBMAIL_DEBUG\fR (value does not matter)"
Enable debugging with an external command, as specified with the
\fBdebugger_command\fR configuration parameter.
.IP \fBNAME\fR
The sender full name. This is used only with messages that
have no \fBFrom:\fR message header. See also the \fB-F\fR
option above.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
@ -364,9 +369,6 @@ The syslog facility of Postfix logging.
.IP "\fBsyslog_name (postfix)\fR"
The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.IP "\fBtrigger_timeout (10s)\fR"
The time limit for sending a trigger to a Postfix daemon (for
example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
.SH "FILES"
.na
.nf

6
postfix/man/man5/postconf.5
View File

@ -7044,21 +7044,21 @@ level and is the default cipherlist for the SMTP server. You are
strongly encouraged to not change this setting.
.PP
This feature is available in Postfix 2.3 and later.
.SH tls_high_cipherlist (default: !EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)
.SH tls_high_cipherlist (default: ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)
The OpenSSL cipherlist for "HIGH" grade ciphers. This defines
the meaning of the "high" setting in smtpd_tls_mandatory_ciphers,
smtp_tls_mandatory_ciphers and lmtp_tls_mandatory_ciphers. You are
strongly encouraged to not change this setting.
.PP
This feature is available in Postfix 2.3 and later.
.SH tls_low_cipherlist (default: !EXPORT:ALL:+RC4:@STRENGTH)
.SH tls_low_cipherlist (default: ALL:!EXPORT:+RC4:@STRENGTH)
The OpenSSL cipherlist for "LOW" or higher grade ciphers. This defines
the meaning of the "low" setting in smtpd_tls_mandatory_ciphers,
smtp_tls_mandatory_ciphers and lmtp_tls_mandatory_ciphers. You are
strongly encouraged to not change this setting.
.PP
This feature is available in Postfix 2.3 and later.
.SH tls_medium_cipherlist (default: !EXPORT:!LOW:ALL:+RC4:@STRENGTH)
.SH tls_medium_cipherlist (default: ALL:!EXPORT:!LOW:+RC4:@STRENGTH)
The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. This
defines the meaning of the "medium" setting in smtpd_tls_mandatory_ciphers,
smtp_tls_mandatory_ciphers and lmtp_tls_mandatory_ciphers. This is

6
postfix/man/man8/smtp.8
View File

@ -347,11 +347,11 @@ The server certificate peername verification method for the
The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
process requests from the \fBtlsmgr\fR(8) server in order to seed its
internal pseudo random number generator (PRNG).
.IP "\fBtls_high_cipherlist (!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "HIGH" grade ciphers.
.IP "\fBtls_medium_cipherlist (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
.IP "\fBtls_low_cipherlist (!EXPORT:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "LOW" or higher grade ciphers.
.IP "\fBtls_export_cipherlist (ALL:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.

6
postfix/man/man8/smtpd.8
View File

@ -378,11 +378,11 @@ instead of using the STARTTLS command.
The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
process requests from the \fBtlsmgr\fR(8) server in order to seed its
internal pseudo random number generator (PRNG).
.IP "\fBtls_high_cipherlist (!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "HIGH" grade ciphers.
.IP "\fBtls_medium_cipherlist (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
.IP "\fBtls_low_cipherlist (!EXPORT:ALL:+RC4:@STRENGTH)\fR"
.IP "\fBtls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "LOW" or higher grade ciphers.
.IP "\fBtls_export_cipherlist (ALL:+RC4:@STRENGTH)\fR"
The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.

6
postfix/proto/postconf.proto
View File

@ -10301,7 +10301,7 @@ works in addition to the exclusions listed with smtp_tls_exclude_ciphers
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM tls_high_cipherlist !EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH
%PARAM tls_high_cipherlist ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH
<p> The OpenSSL cipherlist for "HIGH" grade ciphers. This defines
the meaning of the "high" setting in smtpd_tls_mandatory_ciphers,
@ -10310,7 +10310,7 @@ strongly encouraged to not change this setting. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM tls_medium_cipherlist !EXPORT:!LOW:ALL:+RC4:@STRENGTH
%PARAM tls_medium_cipherlist ALL:!EXPORT:!LOW:+RC4:@STRENGTH
<p> The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers. This
defines the meaning of the "medium" setting in smtpd_tls_mandatory_ciphers,
@ -10322,7 +10322,7 @@ setting. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM tls_low_cipherlist !EXPORT:ALL:+RC4:@STRENGTH
%PARAM tls_low_cipherlist ALL:!EXPORT:+RC4:@STRENGTH
<p> The OpenSSL cipherlist for "LOW" or higher grade ciphers. This defines
the meaning of the "low" setting in smtpd_tls_mandatory_ciphers,

2
postfix/src/cleanup/Makefile.in
View File

@ -60,7 +60,7 @@ cleanup_masquerade: cleanup_masquerade.o
CLEANUP_MILTER_OBJS = cleanup_state.o cleanup_out.o cleanup_addr.o \
cleanup_out_recipient.o
cleanup_milter: cleanup_milter.o $(CLEANUP_MILTER_OBJS)
cleanup_milter: cleanup_milter.o $(CLEANUP_MILTER_OBJS) $(LIBS)
mv cleanup_milter.o junk
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(CLEANUP_MILTER_OBJS) $(LIBS) $(SYSLIBS)
mv junk cleanup_milter.o

6
postfix/src/global/mail_params.h
View File

@ -2648,15 +2648,15 @@ extern bool var_smtp_cname_overr;
* TLS cipherlists
*/
#define VAR_TLS_HIGH_CLIST "tls_high_cipherlist"
#define DEF_TLS_HIGH_CLIST "!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH"
#define DEF_TLS_HIGH_CLIST "ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH"
extern char *var_tls_high_clist;
#define VAR_TLS_MEDIUM_CLIST "tls_medium_cipherlist"
#define DEF_TLS_MEDIUM_CLIST "!EXPORT:!LOW:ALL:+RC4:@STRENGTH"
#define DEF_TLS_MEDIUM_CLIST "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
extern char *var_tls_medium_clist;
#define VAR_TLS_LOW_CLIST "tls_low_cipherlist"
#define DEF_TLS_LOW_CLIST "!EXPORT:ALL:+RC4:@STRENGTH"
#define DEF_TLS_LOW_CLIST "ALL:!EXPORT:+RC4:@STRENGTH"
extern char *var_tls_low_clist;
#define VAR_TLS_EXPORT_CLIST "tls_export_cipherlist"

4
postfix/src/global/mail_version.h
View File

@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "200600825"
#define MAIL_VERSION_NUMBER "2.3.3"
#define MAIL_RELEASE_DATE "20061002"
#define MAIL_VERSION_NUMBER "2.3.4-RC1"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE

7
postfix/src/global/record.c
View File

@ -320,10 +320,13 @@ int rec_goto(VSTREAM *stream, const char *buf)
msg_warn("%s: malformed pointer record value: %s",
VSTREAM_PATH(stream), buf);
return (REC_TYPE_ERROR);
} else if (offset < saved_offset && ++reverse_count > REVERSE_JUMP_LIMIT) {
} else if (offset == 0) {
/* Dummy record. */
return (0);
} else if (offset <= saved_offset && ++reverse_count > REVERSE_JUMP_LIMIT) {
msg_warn("%s: too many reverse jump records", VSTREAM_PATH(stream));
return (REC_TYPE_ERROR);
} else if (offset > 0 && vstream_fseek(stream, offset, SEEK_SET) < 0) {
} else if (vstream_fseek(stream, offset, SEEK_SET) < 0) {
msg_warn("%s: seek error after pointer record: %m",
VSTREAM_PATH(stream));
return (REC_TYPE_ERROR);

14
postfix/src/sendmail/sendmail.c
View File

@ -95,7 +95,8 @@
/* with the MAIL_CONFIG environment variable to override the
/* location of configuration files.
/* .IP "\fB-F \fIfull_name\fR
/* Set the sender full name. This is used only with messages that
/* Set the sender full name. This overrides the NAME environment
/* variable, and is used only with messages that
/* have no \fBFrom:\fR message header.
/* .IP "\fB-f \fIsender\fR"
/* Set the envelope sender address. This is the address where
@ -227,11 +228,15 @@
/* .fi
/* .IP \fBMAIL_CONFIG\fR
/* Directory with Postfix configuration files.
/* .IP \fBMAIL_VERBOSE\fR
/* .IP "\fBMAIL_VERBOSE\fR (value does not matter)"
/* Enable verbose logging for debugging purposes.
/* .IP \fBMAIL_DEBUG\fR
/* .IP "\fBMAIL_DEBUG\fR (value does not matter)"
/* Enable debugging with an external command, as specified with the
/* \fBdebugger_command\fR configuration parameter.
/* .IP \fBNAME\fR
/* The sender full name. This is used only with messages that
/* have no \fBFrom:\fR message header. See also the \fB-F\fR
/* option above.
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
@ -338,9 +343,6 @@
/* .IP "\fBsyslog_name (postfix)\fR"
/* The mail system name that is prepended to the process name in syslog
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .IP "\fBtrigger_timeout (10s)\fR"
/* The time limit for sending a trigger to a Postfix daemon (for
/* example, the \fBpickup\fR(8) or \fBqmgr\fR(8) daemon).
/* FILES
/* /var/spool/postfix, mail queue
/* /etc/postfix, configuration files

6
postfix/src/smtp/smtp.c
View File

@ -317,11 +317,11 @@
/* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
/* process requests from the \fBtlsmgr\fR(8) server in order to seed its
/* internal pseudo random number generator (PRNG).
/* .IP "\fBtls_high_cipherlist (!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "HIGH" grade ciphers.
/* .IP "\fBtls_medium_cipherlist (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
/* .IP "\fBtls_low_cipherlist (!EXPORT:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "LOW" or higher grade ciphers.
/* .IP "\fBtls_export_cipherlist (ALL:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.

4
postfix/src/smtp/smtp_connect.c
View File

@ -663,9 +663,9 @@ static void smtp_connect_remote(SMTP_STATE *state, const char *nexthop,
* primary destination to be a list (it could be just separators).
*/
sites = argv_alloc(1);
argv_add(sites, request->nexthop, (char *) 0);
argv_add(sites, nexthop, (char *) 0);
if (sites->argc == 0)
msg_panic("null destination: \"%s\"", request->nexthop);
msg_panic("null destination: \"%s\"", nexthop);
non_fallback_sites = sites->argc;
if ((state->misc_flags & SMTP_MISC_FLAG_USE_LMTP) == 0)
argv_split_append(sites, var_fallback_relay, ", \t\r\n");

21
postfix/src/smtp/smtp_proto.c
View File

@ -230,6 +230,11 @@ char *xfer_request[SMTP_STATE_LAST] = {
"QUIT command",
};
#define SMTP_MIME_DOWNGRADE(session, request) \
(var_disable_mime_oconv == 0 \
&& (session->features & SMTP_FEATURE_8BITMIME) == 0 \
&& strcmp(request->encoding, MAIL_ATTR_ENC_7BIT) != 0)
static int smtp_start_tls(SMTP_STATE *);
/* smtp_helo - perform initial handshake with SMTP server */
@ -1172,7 +1177,9 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
QUOTE_ADDRESS(session->scratch, vstring_str(session->scratch2));
vstring_sprintf(next_command, "MAIL FROM:<%s>",
vstring_str(session->scratch));
if (session->features & SMTP_FEATURE_SIZE) /* RFC 1870 */
/* XXX Don't announce SIZE if we're going to MIME downgrade. */
if (session->features & SMTP_FEATURE_SIZE /* RFC 1870 */
&& !SMTP_MIME_DOWNGRADE(session, request))
vstring_sprintf_append(next_command, " SIZE=%lu",
request->data_size);
if (session->features & SMTP_FEATURE_8BITMIME) { /* RFC 1652 */
@ -1619,13 +1626,13 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
* transaction in progress.
*/
if (send_state == SMTP_STATE_DOT && nrcpt > 0) {
downgrading =
(var_disable_mime_oconv == 0
&& (session->features & SMTP_FEATURE_8BITMIME) == 0
&& strcmp(request->encoding, MAIL_ATTR_ENC_7BIT) != 0);
downgrading = SMTP_MIME_DOWNGRADE(session, request);
/* XXX Don't downgrade just because generic_maps is turned on. */
if (downgrading || smtp_generic_maps)
session->mime_state = mime_state_alloc(MIME_OPT_DOWNGRADE
| MIME_OPT_REPORT_NESTING,
session->mime_state = mime_state_alloc(downgrading ?
MIME_OPT_DOWNGRADE
| MIME_OPT_REPORT_NESTING :
MIME_OPT_REPORT_NESTING,
smtp_generic_maps ?
smtp_header_rewrite :
smtp_header_out,

10
postfix/src/smtpd/smtpd.c
View File

@ -346,11 +346,11 @@
/* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
/* process requests from the \fBtlsmgr\fR(8) server in order to seed its
/* internal pseudo random number generator (PRNG).
/* .IP "\fBtls_high_cipherlist (!EXPORT:!LOW:!MEDIUM:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_high_cipherlist (ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "HIGH" grade ciphers.
/* .IP "\fBtls_medium_cipherlist (!EXPORT:!LOW:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_medium_cipherlist (ALL:!EXPORT:!LOW:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "MEDIUM" or higher grade ciphers.
/* .IP "\fBtls_low_cipherlist (!EXPORT:ALL:+RC4:@STRENGTH)\fR"
/* .IP "\fBtls_low_cipherlist (ALL:!EXPORT:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "LOW" or higher grade ciphers.
/* .IP "\fBtls_export_cipherlist (ALL:+RC4:@STRENGTH)\fR"
/* The OpenSSL cipherlist for "EXPORT" or higher grade ciphers.
@ -2250,7 +2250,7 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
}
vstring_strcpy(state->dsn_orcpt_buf, arg + 6);
if (dsn_orcpt_addr
|| (coded_addr = split_at(STR(state->dsn_orcpt_buf), ';')) == 0
|| (coded_addr = split_at(STR(state->dsn_orcpt_buf), ';')) == 0
|| xtext_unquote(state->dsn_buf, coded_addr) == 0
|| *(dsn_orcpt_type = STR(state->dsn_orcpt_buf)) == 0) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
@ -3901,7 +3901,7 @@ static void smtpd_proto(SMTPD_STATE *state)
if (smtpd_milters != 0 && SMTPD_STAND_ALONE(state) == 0) {
milter_macro_callback(smtpd_milters, smtpd_milter_eval,
(void *) state);
if ((err = milter_conn_event(smtpd_milters, state->reverse_name,
if ((err = milter_conn_event(smtpd_milters, state->name,
state->addr, XXX_NO_PORT,
state->addr_family)) != 0)
err = check_milter_reply(state, err);

1
postfix/src/smtpstone/smtp-sink.c
View File

@ -282,6 +282,7 @@ static void rcpt_response(SINK_STATE *state)
static void data_response(SINK_STATE *state)
{
/* Not: ST_ANY. */
state->data_state = ST_CR_LF;
smtp_printf(state->stream, "354 End data with <CR><LF>.<CR><LF>");
smtp_flush(state->stream);

2
postfix/src/tls/tls_client.c
View File

@ -565,7 +565,7 @@ static void verify_extract_peer(const char *nexthop, const char *hname,
break;
}
}
sk_GENERAL_NAME_free(gens);
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
}
}
if (dNSName_found) {

2
postfix/src/util/dict_cidr.c
View File

@ -78,6 +78,8 @@ static const char *dict_cidr_lookup(DICT *dict, const char *key)
if (msg_verbose)
msg_info("dict_cidr_lookup: %s: %s", dict->name, key);
dict_errno = 0;
if ((entry = (DICT_CIDR_ENTRY *)
cidr_match_execute(&(dict_cidr->head->cidr_info), key)) != 0)
return (entry->value);

34
postfix/src/util/myaddrinfo.c
View File

@ -400,8 +400,12 @@ int hostname_to_sockaddr(const char *hostname, const char *service,
* might blow up. Instead we turn off IPV6_V6ONLY in inet_listen(), and
* supply a protocol-dependent hard-coded string value to getaddrinfo()
* below, so that it will convert into the appropriate wild-card address.
*
* XXX AIX 5.[1-3] getaddrinfo() may return a non-null port when a null
* service argument is specified.
*/
struct addrinfo hints;
int err;
memset((char *) &hints, 0, sizeof(hints));
hints.ai_family = inet_proto_info()->ai_family;
@ -423,7 +427,18 @@ int hostname_to_sockaddr(const char *hostname, const char *service,
}
#endif
}
return (getaddrinfo(hostname, service, &hints, res));
err = getaddrinfo(hostname, service, &hints, res);
#if defined(BROKEN_AI_NULL_SERVICE)
if (service == 0 && err == 0) {
struct addrinfo *r;
unsigned short *portp;
for (r = *res; r != 0; r = r->ai_next)
if (*(portp = SOCK_ADDR_PORTP(r->ai_addr)) != 0)
*portp = 0;
}
#endif
return (err);
#endif
}
@ -500,8 +515,12 @@ int hostaddr_to_sockaddr(const char *hostaddr, const char *service,
* ai_family=PF_UNSPEC, ai_flags=AI_NUMERICHOST, ai_socktype=SOCK_STREAM,
* ai_protocol=0 or IPPROTO_TCP, and service=0. The workaround is to
* ignore all but the first result.
*
* XXX AIX 5.[1-3] getaddrinfo() may return a non-null port when a null
* service argument is specified.
*/
struct addrinfo hints;
int err;
memset(&hints, 0, sizeof(hints));
hints.ai_family = inet_proto_info()->ai_family;
@ -524,7 +543,18 @@ int hostaddr_to_sockaddr(const char *hostaddr, const char *service,
}
#endif
}
return (getaddrinfo(hostaddr, service, &hints, res));
err = getaddrinfo(hostaddr, service, &hints, res);
#if defined(BROKEN_AI_NULL_SERVICE)
if (service == 0 && err == 0) {
struct addrinfo *r;
unsigned short *portp;
for (r = *res; r != 0; r = r->ai_next)
if (*(portp = SOCK_ADDR_PORTP(r->ai_addr)) != 0)
*portp = 0;
}
#endif
return (err);
#endif
}

6
postfix/src/util/sock_addr.c
View File

@ -28,6 +28,8 @@
/* struct sockaddr *SOCK_ADDR_PTR(ptr)
/* unsigned char SOCK_ADDR_FAMILY(ptr)
/* unsigned char SOCK_ADDR_LEN(ptr)
/* unsigned short SOCK_ADDR_PORT(ptr)
/* unsigned short *SOCK_ADDR_PORTP(ptr)
/*
/* struct sockaddr_in *SOCK_ADDR_IN_PTR(ptr)
/* unsigned char SOCK_ADDR_IN_FAMILY(ptr)
@ -66,7 +68,9 @@
/* address family and length of the real structure that hides
/* inside a generic sockaddr structure. On systems where struct
/* sockaddr has no sa_len member, SOCK_ADDR_LEN() cannot be
/* used as lvalue.
/* used as lvalue. SOCK_ADDR_PORT() returns the IPv4 or IPv6
/* port number, in network byte order; it must not be used as
/* lvalue. SOCK_ADDR_PORTP() returns a pointer to the same.
/*
/* The macros SOCK_ADDR_IN{,6}_{PTR,FAMILY,PORT,ADDR}() cast
/* a generic pointer to a specific socket address structure

10
postfix/src/util/sock_addr.h
View File

@ -45,6 +45,13 @@ extern int sock_addr_in_loopback(const struct sockaddr *);
sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in))
#endif
#define SOCK_ADDR_PORT(sa) \
(SOCK_ADDR_PTR(sa)->sa_family == AF_INET6 ? \
SOCK_ADDR_IN6_PORT(sa) : SOCK_ADDR_IN_PORT(sa))
#define SOCK_ADDR_PORTP(sa) \
(SOCK_ADDR_PTR(sa)->sa_family == AF_INET6 ? \
&SOCK_ADDR_IN6_PORT(sa) : &SOCK_ADDR_IN_PORT(sa))
#define SOCK_ADDR_IN6_PTR(sa) ((struct sockaddr_in6 *)(sa))
#define SOCK_ADDR_IN6_FAMILY(sa) SOCK_ADDR_IN6_PTR(sa)->sin6_family
#define SOCK_ADDR_IN6_PORT(sa) SOCK_ADDR_IN6_PTR(sa)->sin6_port
@ -71,6 +78,9 @@ extern int sock_addr_in_loopback(const struct sockaddr *);
#define SOCK_ADDR_LEN(sa) sizeof(struct sockaddr_in)
#endif
#define SOCK_ADDR_PORT(sa) SOCK_ADDR_IN_PORT(sa))
#define SOCK_ADDR_PORTP(sa) &SOCK_ADDR_IN_PORT(sa))
#define SOCK_ADDR_EQ_ADDR(sa, sb) \
(SOCK_ADDR_FAMILY(sa) == AF_INET && SOCK_ADDR_FAMILY(sb) == AF_INET \
&& SOCK_ADDR_IN_ADDR(sa).s_addr == SOCK_ADDR_IN_ADDR(sb).s_addr)

2
postfix/src/util/sys_defs.h
View File

@ -28,6 +28,7 @@
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
|| defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
|| defined(NETBSD4) \
|| defined(EKKOBSD1)
#define SUPPORTED
#include <sys/types.h>
@ -512,6 +513,7 @@ extern int opterr;
# define HAS_IPV6
#endif
#define BROKEN_AI_PASSIVE_NULL_HOST
#define BROKEN_AI_NULL_SERVICE
#endif
#ifdef AIX4