mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00
Code Issues Releases Wiki Activity

postfix-3.8-20221207

Browse Source
This commit is contained in:
Wietse Venema 2022-12-07 00:00:00 -05:00 committed by Viktor Dukhovni
parent f54d4f0f18
commit 5835cf11c8
15 changed files with 283 additions and 203 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
postfix/HISTORY
View File

@ -26659,3 +26659,37 @@ Apologies for any names omitted.
Documentation: the local_header_rewrite_clients and
remote_header_rewrite_domain features also enable adding
missing headers. File: proto/postconf.proto.
20221125
Bugfix (introduced: Postfix 3.6): the Postfix TLS client
logged a TLS connection as 'Untrusted' instead of 'Trusted',
when a matching DANE record was found but the MX RRset was
insecure. Fix by Viktor Dukhovni. File: tls/tls_client.c.
20221128
Bugfix (introduced: Postfix 2.2): the smtpd_proxy_client
code mis-parsed the last XFORWARD attribute name in the
SMTP server's EHLO response. The result was that the
smtpd_proxy_client code failed to forward the IDENT attribute.
Fix by Andreas Weigel. File: smtpd/smtpd_proxy.c.
Typo in MAILLOG_README. Paul Menzel.
20221207
Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
lazily bound handles that may fail to work when one attempts
to use them, because no provider search happens until one
constructs an actual operation context. In sufficiently
hostile configurations, Postfix could mistakenly believe
that an algorithm is available, when in fact it is not. A
similar workaround may be needed for EVP_get_cipherbyname().
Fix by Viktor Dukhovni. Files: tls/tls.h, tls/tls_dane.c,
tls/tls_fprint.c, tls/tls_misc.c.
Bugfix (introduced: Postfix 2.11): the checkok() macro in
tls/tls_fprint.c evaluated its argument unconditionally;
it should evaluate the argument only if there was no prior
error. Found during code review. File: tls/tls_fprint.c.

2
postfix/README_FILES/MAILLOG_README
View File

@ -4,7 +4,7 @@ PPoossttffiixx llooggggiinngg ttoo ffiillee oorr ssttdd
OOvveerrvviieeww
Postfix supports it own logging system as an alternative to syslog (which
Postfix supports its own logging system as an alternative to syslog (which
remains the default). This is available with Postfix version 3.4 or later.
Topics covered in this document:

15
postfix/WISHLIST
View File

@ -9,6 +9,14 @@ Wish list:
Scan Postfix code with github.com/googleprojectzero/weggli
(depends on "rust").
In tls_fprint.c() rename unsafe macros to upper-case names.
For example, checkok() has a function-like name, but it
evaluates arguments conditionally. Rename all macros that
invoke checkok().
Update TLS_README diagram, tlsmgr no longer manages cert
info.
Consider renaming local_header_rewrite_clients to
local_header_canonicalize_clients, as a more accurate name.
Optionally support "local_header_canonicalize_classes =
@ -17,6 +25,13 @@ Wish list:
And ditto for remote_header_rewrite_domain, whether it
should rewrite address, add missing headers, or both.
Add weight factors to randmap, for example randmap:{{result1}*99,
{result2}*1}. To parse out weights, see postscreen.
randmap already allows randmap:{{result}, ...}, to support
whitespace and comma in result values, but it should also
extract the value from {}.
Migrate masquerade_domains from ARGV to STRING_LIST, or
deprecate this feature because it breaks table-driven address
validation.

2
postfix/html/MAILLOG_README.html
View File

@ -20,7 +20,7 @@ logging to file or stdout</h1>
<h2>Overview </h2>
<p> Postfix supports it own logging system as an alternative to
<p> Postfix supports its own logging system as an alternative to
syslog (which remains the default). This is available with Postfix
version 3.4 or later. </p>

278
postfix/html/smtpd.8.html
View File

@ -194,37 +194,34 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (<a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>)</b>
Rewrite message header addresses in mail from these clients and
update incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or
$<a href="postconf.5.html#mydomain">mydomain</a>; either don't rewrite message headers from other
clients at all, or rewrite message headers and update incomplete
addresses with the domain specified in the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_re</a>-
<a href="postconf.5.html#remote_header_rewrite_domain">write_domain</a> parameter.
Rewrite or add message headers in mail from these clients,
updating incomplete addresses with the domain name in $<a href="postconf.5.html#myorigin">myorigin</a>
or $<a href="postconf.5.html#mydomain">mydomain</a>, and adding missing headers.
<b>BEFORE-SMTPD PROXY AGENT</b>
Available in Postfix version 2.10 and later:
<b><a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> (empty)</b>
The name of the proxy protocol used by an optional before-smtpd
The name of the proxy protocol used by an optional before-smtpd
proxy agent.
<b><a href="postconf.5.html#smtpd_upstream_proxy_timeout">smtpd_upstream_proxy_timeout</a> (5s)</b>
The time limit for the proxy protocol specified with the
The time limit for the proxy protocol specified with the
<a href="postconf.5.html#smtpd_upstream_proxy_protocol">smtpd_upstream_proxy_protocol</a> parameter.
<b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
As of version 1.0, Postfix can be configured to send new mail to an
external content filter AFTER the mail is queued. This content filter
is expected to inject mail back into a (Postfix or other) MTA for fur-
As of version 1.0, Postfix can be configured to send new mail to an
external content filter AFTER the mail is queued. This content filter
is expected to inject mail back into a (Postfix or other) MTA for fur-
ther delivery. See the <a href="FILTER_README.html">FILTER_README</a> document for details.
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
After the message is queued, send the entire message to the
After the message is queued, send the entire message to the
specified <i>transport:destination</i>.
<b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
As of version 2.1, the Postfix SMTP server can be configured to send
incoming mail to a real-time SMTP-based content filter BEFORE mail is
As of version 2.1, the Postfix SMTP server can be configured to send
incoming mail to a real-time SMTP-based content filter BEFORE mail is
queued. This content filter is expected to inject mail back into Post-
fix. See the <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
ure and operate this feature.
@ -233,40 +230,40 @@ SMTPD(8) SMTPD(8)
The hostname and TCP port of the mail filtering proxy server.
<b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
How the Postfix SMTP server announces itself to the proxy fil-
How the Postfix SMTP server announces itself to the proxy fil-
ter.
<b><a href="postconf.5.html#smtpd_proxy_options">smtpd_proxy_options</a> (empty)</b>
List of options that control how the Postfix SMTP server commu-
List of options that control how the Postfix SMTP server commu-
nicates with a before-queue content filter.
<b><a href="postconf.5.html#smtpd_proxy_timeout">smtpd_proxy_timeout</a> (100s)</b>
The time limit for connecting to a proxy filter and for sending
The time limit for connecting to a proxy filter and for sending
or receiving information.
<b>BEFORE QUEUE MILTER CONTROLS</b>
As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
filter) protocol. These content filters run outside Postfix. They can
inspect the SMTP command stream and the message content, and can
request modifications before mail is queued. For details see the <a href="MILTER_README.html">MIL</a>-
filter) protocol. These content filters run outside Postfix. They can
inspect the SMTP command stream and the message content, and can
request modifications before mail is queued. For details see the <a href="MILTER_README.html">MIL</a>-
<a href="MILTER_README.html">TER_README</a> document.
<b><a href="postconf.5.html#smtpd_milters">smtpd_milters</a> (empty)</b>
A list of Milter (mail filter) applications for new mail that
A list of Milter (mail filter) applications for new mail that
arrives via the Postfix <a href="smtpd.8.html"><b>smtpd</b>(8)</a> server.
<b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (6)</b>
The mail filter protocol version and optional protocol exten-
sions for communication with a Milter application; prior to
The mail filter protocol version and optional protocol exten-
sions for communication with a Milter application; prior to
Postfix 2.6 the default protocol is 2.
<b><a href="postconf.5.html#milter_default_action">milter_default_action</a> (tempfail)</b>
The default action when a Milter (mail filter) response is
unavailable (for example, bad Postfix configuration or Milter
The default action when a Milter (mail filter) response is
unavailable (for example, bad Postfix configuration or Milter
failure).
<b><a href="postconf.5.html#milter_macro_daemon_name">milter_macro_daemon_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The {daemon_name} macro value for Milter (mail filter) applica-
The {daemon_name} macro value for Milter (mail filter) applica-
tions.
<b><a href="postconf.5.html#milter_macro_v">milter_macro_v</a> ($<a href="postconf.5.html#mail_name">mail_name</a> $<a href="postconf.5.html#mail_version">mail_version</a>)</b>
@ -277,60 +274,60 @@ SMTPD(8) SMTPD(8)
tion, and for negotiating protocol options.
<b><a href="postconf.5.html#milter_command_timeout">milter_command_timeout</a> (30s)</b>
The time limit for sending an SMTP command to a Milter (mail
The time limit for sending an SMTP command to a Milter (mail
filter) application, and for receiving the response.
<b><a href="postconf.5.html#milter_content_timeout">milter_content_timeout</a> (300s)</b>
The time limit for sending message content to a Milter (mail
The time limit for sending message content to a Milter (mail
filter) application, and for receiving the response.
<b><a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after completion of an SMTP connection.
<b><a href="postconf.5.html#milter_helo_macros">milter_helo_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP HELO or EHLO command.
<b><a href="postconf.5.html#milter_mail_macros">milter_mail_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP MAIL FROM command.
<b><a href="postconf.5.html#milter_rcpt_macros">milter_rcpt_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the SMTP RCPT TO command.
<b><a href="postconf.5.html#milter_data_macros">milter_data_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to version 4 or higher Milter (mail
The macros that are sent to version 4 or higher Milter (mail
filter) applications after the SMTP DATA command.
<b><a href="postconf.5.html#milter_unknown_command_macros">milter_unknown_command_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to version 3 or higher Milter (mail
The macros that are sent to version 3 or higher Milter (mail
filter) applications after an unknown SMTP command.
<b><a href="postconf.5.html#milter_end_of_header_macros">milter_end_of_header_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the end of the message header.
<b><a href="postconf.5.html#milter_end_of_data_macros">milter_end_of_data_macros</a> (see 'postconf -d' output)</b>
The macros that are sent to Milter (mail filter) applications
The macros that are sent to Milter (mail filter) applications
after the message end-of-data.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#milter_macro_defaults">milter_macro_defaults</a> (empty)</b>
Optional list of <i>name=value</i> pairs that specify default values
for arbitrary macros that Postfix may send to Milter applica-
Optional list of <i>name=value</i> pairs that specify default values
for arbitrary macros that Postfix may send to Milter applica-
tions.
Available in Postfix version 3.2 and later:
<b><a href="postconf.5.html#smtpd_milter_maps">smtpd_milter_maps</a> (empty)</b>
Lookup tables with Milter settings per remote SMTP client IP
Lookup tables with Milter settings per remote SMTP client IP
address.
<b>GENERAL CONTENT INSPECTION CONTROLS</b>
The following parameters are applicable for both built-in and external
The following parameters are applicable for both built-in and external
content filters.
Available in Postfix version 2.1 and later:
@ -340,51 +337,51 @@ SMTPD(8) SMTPD(8)
ing, or address mapping.
<b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
The following parameters are applicable for both before-queue and
The following parameters are applicable for both before-queue and
after-queue content filtering.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b>
What remote SMTP clients are allowed to use the XFORWARD fea-
What remote SMTP clients are allowed to use the XFORWARD fea-
ture.
<b>SASL AUTHENTICATION CONTROLS</b>
Postfix SASL support (<a href="https://tools.ietf.org/html/rfc4954">RFC 4954</a>) can be used to authenticate remote SMTP
clients to the Postfix SMTP server, and to authenticate the Postfix
SMTP client to a remote SMTP server. See the <a href="SASL_README.html">SASL_README</a> document for
clients to the Postfix SMTP server, and to authenticate the Postfix
SMTP client to a remote SMTP server. See the <a href="SASL_README.html">SASL_README</a> document for
details.
<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b>
Enable interoperability with remote SMTP clients that implement
Enable interoperability with remote SMTP clients that implement
an obsolete version of the AUTH command (<a href="https://tools.ietf.org/html/rfc4954">RFC 4954</a>).
<b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b>
Enable SASL authentication in the Postfix SMTP server.
<b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b>
The name of the Postfix SMTP server's local SASL authentication
The name of the Postfix SMTP server's local SASL authentication
realm.
<b><a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> (noanonymous)</b>
Postfix SMTP server SASL security options; as of Postfix 2.3 the
list of available features depends on the SASL server implemen-
list of available features depends on the SASL server implemen-
tation that is selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b>
Optional lookup table with the SASL login names that own the
Optional lookup table with the SASL login names that own the
sender (MAIL FROM) addresses.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b>
What remote SMTP clients the Postfix SMTP server will not offer
What remote SMTP clients the Postfix SMTP server will not offer
AUTH support to.
Available in Postfix version 2.1 and 2.2:
<b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a> (smtpd)</b>
The application name that the Postfix SMTP server uses for SASL
The application name that the Postfix SMTP server uses for SASL
server initialization.
Available in Postfix version 2.3 and later:
@ -395,11 +392,11 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a> (smtpd)</b>
Implementation-specific information that the Postfix SMTP server
passes through to the SASL plug-in implementation that is
passes through to the SASL plug-in implementation that is
selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a> (cyrus)</b>
The SASL plug-in type that the Postfix SMTP server should use
The SASL plug-in type that the Postfix SMTP server should use
for authentication.
Available in Postfix version 2.5 and later:
@ -411,7 +408,7 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtpd_sasl_service">smtpd_sasl_service</a> (smtp)</b>
The service name that is passed to the SASL plug-in that is
The service name that is passed to the SASL plug-in that is
selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b> and <b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a></b>.
Available in Postfix version 3.4 and later:
@ -423,20 +420,20 @@ SMTPD(8) SMTPD(8)
Available in Postfix 3.6 and later:
<b><a href="postconf.5.html#smtpd_sasl_mechanism_filter">smtpd_sasl_mechanism_filter</a> (!external, <a href="DATABASE_README.html#types">static</a>:rest)</b>
If non-empty, a filter for the SASL mechanism names that the
If non-empty, a filter for the SASL mechanism names that the
Postfix SMTP server will announce in the EHLO response.
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be found in the
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> (empty)</b>
The SMTP TLS security level for the Postfix SMTP server; when a
The SMTP TLS security level for the Postfix SMTP server; when a
non-empty value is specified, this overrides the obsolete param-
eters <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and <a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>.
<b><a href="postconf.5.html#smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
The SASL authentication security options that the Postfix SMTP
server uses for TLS encrypted SMTP sessions.
<b><a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> (see 'postconf -d' output)</b>
@ -444,25 +441,25 @@ SMTPD(8) SMTPD(8)
during TLS startup and shutdown handshake procedures.
<b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b>
A file containing (PEM format) CA certificates of root CAs
A file containing (PEM format) CA certificates of root CAs
trusted to sign either remote SMTP client certificates or inter-
mediate CA certificates.
<b><a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> (empty)</b>
A directory containing (PEM format) CA certificates of root CAs
A directory containing (PEM format) CA certificates of root CAs
trusted to sign either remote SMTP client certificates or inter-
mediate CA certificates.
<b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b>
Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_ses</a>-
Force the Postfix SMTP server to issue a TLS session id, even
when TLS session caching is turned off (<a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_ses</a>-
<a href="postconf.5.html#smtpd_tls_session_cache_database">sion_cache_database</a> is empty).
<b><a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> (no)</b>
Ask a remote SMTP client for a client certificate.
<b><a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> (no)</b>
When TLS encryption is optional in the Postfix SMTP server, do
When TLS encryption is optional in the Postfix SMTP server, do
not announce or accept SASL authentication over unencrypted con-
nections.
@ -473,18 +470,18 @@ SMTPD(8) SMTPD(8)
File with the Postfix SMTP server RSA certificate in PEM format.
<b><a href="postconf.5.html#smtpd_tls_exclude_ciphers">smtpd_tls_exclude_ciphers</a> (empty)</b>
List of ciphers or cipher types to exclude from the SMTP server
List of ciphers or cipher types to exclude from the SMTP server
cipher list at all TLS security levels.
<b><a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> (empty)</b>
File with the Postfix SMTP server DSA certificate in PEM format.
<b><a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> (empty)</b>
File with DH parameters that the Postfix SMTP server should use
File with DH parameters that the Postfix SMTP server should use
with non-export EDH ciphers.
<b><a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> (empty)</b>
File with DH parameters that the Postfix SMTP server should use
File with DH parameters that the Postfix SMTP server should use
with export-grade EDH ciphers.
<b><a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a> ($<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b>
@ -497,12 +494,12 @@ SMTPD(8) SMTPD(8)
Enable additional Postfix SMTP server logging of TLS activity.
<b><a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP server will
The minimum TLS cipher grade that the Postfix SMTP server will
use with mandatory TLS encryption.
<b><a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> (empty)</b>
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP server cipher list at mandatory TLS security lev-
Additional list of ciphers or cipher types to exclude from the
Postfix SMTP server cipher list at mandatory TLS security lev-
els.
<b><a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> (see 'postconf -d' output)</b>
@ -511,21 +508,21 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#smtpd_tls_received_header">smtpd_tls_received_header</a> (no)</b>
Request that the Postfix SMTP server produces Received: message
headers that include information about the protocol and cipher
used, as well as the remote SMTP client CommonName and client
headers that include information about the protocol and cipher
used, as well as the remote SMTP client CommonName and client
certificate issuer CommonName.
<b><a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a> (no)</b>
With mandatory TLS encryption, require a trusted remote SMTP
With mandatory TLS encryption, require a trusted remote SMTP
client certificate in order to allow TLS connections to proceed.
<b><a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> (no)</b>
Run the Postfix SMTP server in the non-standard "wrapper" mode,
instead of using the STARTTLS command.
Run the Postfix SMTP server in TLS "wrapper" mode, instead of
using the STARTTLS command.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> server in order to seed its
internal pseudo random number generator (PRNG).
<b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a> (see 'postconf -d' output)</b>
@ -541,41 +538,41 @@ SMTPD(8) SMTPD(8)
The OpenSSL cipherlist for "export" or higher grade ciphers.
<b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (eNULL:!aNULL)</b>
The OpenSSL cipherlist for "NULL" grade ciphers that provide
The OpenSSL cipherlist for "NULL" grade ciphers that provide
authentication without encryption.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#smtpd_tls_fingerprint_digest">smtpd_tls_fingerprint_digest</a> (see 'postconf -d' output)</b>
The message digest algorithm to construct remote SMTP
client-certificate fingerprints or public key fingerprints
(Postfix 2.9 and later) for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and <b>per-</b>
The message digest algorithm to construct remote SMTP
client-certificate fingerprints or public key fingerprints
(Postfix 2.9 and later) for <b><a href="postconf.5.html#check_ccert_access">check_ccert_access</a></b> and <b>per-</b>
<b>mit_tls_clientcerts</b>.
Available in Postfix version 2.6 and later:
<b><a href="postconf.5.html#smtpd_tls_protocols">smtpd_tls_protocols</a> (see postconf -d output)</b>
TLS protocols accepted by the Postfix SMTP server with oppor-
TLS protocols accepted by the Postfix SMTP server with oppor-
tunistic TLS encryption.
<b><a href="postconf.5.html#smtpd_tls_ciphers">smtpd_tls_ciphers</a> (medium)</b>
The minimum TLS cipher grade that the Postfix SMTP server will
The minimum TLS cipher grade that the Postfix SMTP server will
use with opportunistic TLS encryption.
<b><a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a> (empty)</b>
File with the Postfix SMTP server ECDSA certificate in PEM for-
File with the Postfix SMTP server ECDSA certificate in PEM for-
mat.
<b><a href="postconf.5.html#smtpd_tls_eckey_file">smtpd_tls_eckey_file</a> ($<a href="postconf.5.html#smtpd_tls_eccert_file">smtpd_tls_eccert_file</a>)</b>
File with the Postfix SMTP server ECDSA private key in PEM for-
File with the Postfix SMTP server ECDSA private key in PEM for-
mat.
<b><a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> (see 'postconf -d' output)</b>
The Postfix SMTP server security grade for ephemeral ellip-
The Postfix SMTP server security grade for ephemeral ellip-
tic-curve Diffie-Hellman (EECDH) key exchange.
<b><a href="postconf.5.html#tls_eecdh_strong_curve">tls_eecdh_strong_curve</a> (prime256v1)</b>
The elliptic curve used by the Postfix SMTP server for sensibly
The elliptic curve used by the Postfix SMTP server for sensibly
strong ephemeral ECDH key exchange.
<b><a href="postconf.5.html#tls_eecdh_ultra_curve">tls_eecdh_ultra_curve</a> (secp384r1)</b>
@ -586,7 +583,7 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#tls_preempt_cipherlist">tls_preempt_cipherlist</a> (no)</b>
With SSLv3 and later, use the Postfix SMTP server's cipher pref-
erence order instead of the remote client's cipher preference
erence order instead of the remote client's cipher preference
order.
<b><a href="postconf.5.html#tls_disable_workarounds">tls_disable_workarounds</a> (see 'postconf -d' output)</b>
@ -599,7 +596,7 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#tls_session_ticket_cipher">tls_session_ticket_cipher</a> (Postfix</b> &gt;<b>= 3.0: aes-256-cbc, Postfix</b> &lt; <b>3.0:</b>
<b><a href="postconf.5.html#tls_session_ticket_cipher">tls_session_ticket_cipher</a> (Postfix</b> &gt;<b>= 3.0: aes-256-cbc, Postfix</b> &lt; <b>3.0:</b>
<b>aes-128-cbc)</b>
Algorithm used to encrypt <a href="https://tools.ietf.org/html/rfc5077">RFC5077</a> TLS session tickets.
@ -612,33 +609,33 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 3.4 and later:
<b><a href="postconf.5.html#smtpd_tls_chain_files">smtpd_tls_chain_files</a> (empty)</b>
List of one or more PEM files, each holding one or more private
List of one or more PEM files, each holding one or more private
keys directly followed by a corresponding certificate chain.
<b><a href="postconf.5.html#tls_server_sni_maps">tls_server_sni_maps</a> (empty)</b>
Optional lookup tables that map names received from remote SMTP
clients via the TLS Server Name Indication (SNI) extension to
Optional lookup tables that map names received from remote SMTP
clients via the TLS Server Name Indication (SNI) extension to
the appropriate keys and certificate chains.
Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
<b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
A workaround for implementations that hang Postfix while shut-
A workaround for implementations that hang Postfix while shut-
ting down a TLS session, until Postfix times out.
Available in Postfix 3.5 and later:
<b><a href="postconf.5.html#info_log_address_format">info_log_address_format</a> (external)</b>
The email address form that will be used in non-debug logging
The email address form that will be used in non-debug logging
(info, warning, etc.).
<b>OBSOLETE STARTTLS CONTROLS</b>
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
The following configuration parameters exist for compatibility with
Postfix versions before 2.3. Support for these will be removed in a
future release.
<b><a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> (no)</b>
Opportunistic TLS: announce STARTTLS support to remote SMTP
Opportunistic TLS: announce STARTTLS support to remote SMTP
clients, but do not require that clients use TLS encryption.
<b><a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> (no)</b>
@ -646,94 +643,94 @@ SMTPD(8) SMTPD(8)
and require that clients use TLS encryption.
<b><a href="postconf.5.html#smtpd_tls_cipherlist">smtpd_tls_cipherlist</a> (empty)</b>
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP server TLS
Obsolete Postfix &lt; 2.3 control for the Postfix SMTP server TLS
cipher list.
<b>SMTPUTF8 CONTROLS</b>
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
Enable preliminary SMTPUTF8 support for the protocols described
in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
Enable preliminary SMTPUTF8 support for the protocols described
in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
<b><a href="postconf.5.html#strict_smtputf8">strict_smtputf8</a> (no)</b>
Enable stricter enforcement of the SMTPUTF8 protocol.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
Available in Postfix version 3.2 and later:
<b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
Enable 'transitional' compatibility between IDNA2003 and
IDNA2008, when converting UTF-8 domain names to/from the ASCII
Enable 'transitional' compatibility between IDNA2003 and
IDNA2008, when converting UTF-8 domain names to/from the ASCII
form that is used for DNS lookups.
<b>VERP SUPPORT CONTROLS</b>
With VERP style delivery, each recipient of a message receives a cus-
tomized copy of the message with his/her own recipient address encoded
With VERP style delivery, each recipient of a message receives a cus-
tomized copy of the message with his/her own recipient address encoded
in the envelope sender address. The <a href="VERP_README.html">VERP_README</a> file describes config-
uration and operation details of Postfix support for variable envelope
return path addresses. VERP style delivery is requested with the SMTP
XVERP command or with the "sendmail -V" command-line option and is
uration and operation details of Postfix support for variable envelope
return path addresses. VERP style delivery is requested with the SMTP
XVERP command or with the "sendmail -V" command-line option and is
available in Postfix version 1.1 and later.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter characters on
The characters Postfix accepts as VERP delimiter characters on
the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line and in SMTP commands.
Available in Postfix version 1.1 and 2.0:
<b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
What remote SMTP clients are allowed to specify the XVERP com-
What remote SMTP clients are allowed to specify the XVERP com-
mand.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b>
What remote SMTP clients are allowed to specify the XVERP com-
What remote SMTP clients are allowed to specify the XVERP com-
mand.
<b>TROUBLE SHOOTING CONTROLS</b>
The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of the Postfix
mail system. The methods vary from making the software log a lot of
The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of the Postfix
mail system. The methods vary from making the software log a lot of
detail, to running some daemon processes under control of a call tracer
or debugger.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
The increment in verbose logging level when a nexthop destina-
tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
Optional list of nexthop destination, remote client or server
name or network address patterns that, if matched, cause the
verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about mail delivery
The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or proto-
col errors.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
What categories of Postfix-generated mail are subject to
before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
What categories of Postfix-generated mail are subject to
before-queue content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
The list of error classes that are reported to the postmaster.
<b><a href="postconf.5.html#smtpd_reject_footer">smtpd_reject_footer</a> (empty)</b>
Optional information that is appended after each Postfix SMTP
Optional information that is appended after each Postfix SMTP
server 4XX or 5XX response.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
Safety net to keep mail queued that would otherwise be returned
Safety net to keep mail queued that would otherwise be returned
to the sender.
Available in Postfix version 2.1 and later:
@ -744,45 +741,46 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 2.10 and later:
<b><a href="postconf.5.html#smtpd_log_access_permit_actions">smtpd_log_access_permit_actions</a> (empty)</b>
Enable logging of the named "permit" actions in SMTP server
access lists (by default, the SMTP server logs "reject" actions
Enable logging of the named "permit" actions in SMTP server
access lists (by default, the SMTP server logs "reject" actions
but not "permit" actions).
<b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b>
As of Postfix version 2.0, the SMTP server rejects mail for unknown
As of Postfix version 2.0, the SMTP server rejects mail for unknown
recipients. This prevents the mail queue from clogging up with undeliv-
erable MAILER-DAEMON messages. Additional information on this topic is
erable MAILER-DAEMON messages. Additional information on this topic is
in the <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents.
<b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b>
Display the name of the recipient table in the "User unknown"
Display the name of the recipient table in the "User unknown"
responses.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for message headers and
Optional address mapping lookup tables for message headers and
envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope and header
Optional address mapping lookup tables for envelope and header
recipient addresses.
<b><a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope and header
Optional address mapping lookup tables for envelope and header
sender addresses.
Parameters concerning known/unknown local recipients:
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b>
The list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
The list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
mail delivery transport.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
The network interface addresses that this mail system receives
mail on.
The local network interface addresses that this mail system
receives mail on.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail system receives
mail on by way of a proxy or network address translation unit.
The remote network interface addresses that this mail system
receives mail on by way of a proxy or network address transla-
tion unit.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d output')</b>
The Internet protocols Postfix will attempt to use when making
@ -818,13 +816,13 @@ SMTPD(8) SMTPD(8)
domains:
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
Postfix is final destination for the specified list of virtual
alias domains, that is, domains for which all addresses are
Postfix is the final destination for the specified list of vir-
tual alias domains, that is, domains for which all addresses are
aliased to addresses in other local or remote domains.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
Optional lookup tables that alias specific mail addresses or
domains to other local or remote address.
domains to other local or remote addresses.
<b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b>
The Postfix SMTP server reply code when a recipient address
@ -836,9 +834,9 @@ SMTPD(8) SMTPD(8)
domains:
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
Postfix is final destination for the specified list of domains;
mail is delivered via the $<a href="postconf.5.html#virtual_transport">virtual_transport</a> mail delivery
transport.
Postfix is the final destination for the specified list of
domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">virtual_transport</a> mail
delivery transport.
<b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
Optional lookup tables with all valid addresses in the domains

23
postfix/man/man8/smtpd.8
View File

@ -190,12 +190,9 @@ filtering, or address mapping.
.PP
Available in Postfix version 2.2 and later:
.IP "\fBlocal_header_rewrite_clients (permit_inet_interfaces)\fR"
Rewrite message header addresses in mail from these clients and
update incomplete addresses with the domain name in $myorigin or
$mydomain; either don't rewrite message headers from other clients
at all, or rewrite message headers and update incomplete addresses
with the domain specified in the remote_header_rewrite_domain
parameter.
Rewrite or add message headers in mail from these clients,
updating incomplete addresses with the domain name in $myorigin or
$mydomain, and adding missing headers.
.SH "BEFORE-SMTPD PROXY AGENT"
.na
.nf
@ -473,7 +470,7 @@ CommonName.
With mandatory TLS encryption, require a trusted remote SMTP client
certificate in order to allow TLS connections to proceed.
.IP "\fBsmtpd_tls_wrappermode (no)\fR"
Run the Postfix SMTP server in the non\-standard "wrapper" mode,
Run the Postfix SMTP server in TLS "wrapper" mode,
instead of using the STARTTLS command.
.IP "\fBtls_daemon_random_bytes (32)\fR"
The number of pseudo\-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
@ -584,7 +581,7 @@ cipher list.
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
.IP "\fBsmtputf8_enable (yes)\fR"
Enable preliminary SMTPUTF8 support for the protocols described
in RFC 6531..6533.
in RFC 6531, RFC 6532, and RFC 6533.
.IP "\fBstrict_smtputf8 (no)\fR"
Enable stricter enforcement of the SMTPUTF8 protocol.
.IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
@ -694,10 +691,10 @@ Parameters concerning known/unknown local recipients:
The list of domains that are delivered via the $local_transport
mail delivery transport.
.IP "\fBinet_interfaces (all)\fR"
The network interface addresses that this mail system receives
The local network interface addresses that this mail system receives
mail on.
.IP "\fBproxy_interfaces (empty)\fR"
The network interface addresses that this mail system receives mail
The remote network interface addresses that this mail system receives mail
on by way of a proxy or network address translation unit.
.IP "\fBinet_protocols (see 'postconf -d output')\fR"
The Internet protocols Postfix will attempt to use when making
@ -726,12 +723,12 @@ a list of lookup tables that does not match the recipient address.
Parameters concerning known/unknown recipients in virtual alias
domains:
.IP "\fBvirtual_alias_domains ($virtual_alias_maps)\fR"
Postfix is final destination for the specified list of virtual
Postfix is the final destination for the specified list of virtual
alias domains, that is, domains for which all addresses are aliased
to addresses in other local or remote domains.
.IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address.
to other local or remote addresses.
.IP "\fBunknown_virtual_alias_reject_code (550)\fR"
The Postfix SMTP server reply code when a recipient address matches
$virtual_alias_domains, and $virtual_alias_maps specifies a list
@ -740,7 +737,7 @@ of lookup tables that does not match the recipient address.
Parameters concerning known/unknown recipients in virtual mailbox
domains:
.IP "\fBvirtual_mailbox_domains ($virtual_mailbox_maps)\fR"
Postfix is final destination for the specified list of domains;
Postfix is the final destination for the specified list of domains;
mail is delivered via the $virtual_transport mail delivery transport.
.IP "\fBvirtual_mailbox_maps (empty)\fR"
Optional lookup tables with all valid addresses in the domains that

2
postfix/proto/MAILLOG_README.html
View File

@ -20,7 +20,7 @@ logging to file or stdout</h1>
<h2>Overview </h2>
<p> Postfix supports it own logging system as an alternative to
<p> Postfix supports its own logging system as an alternative to
syslog (which remains the default). This is available with Postfix
version 3.4 or later. </p>

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20221023"
#define MAIL_RELEASE_DATE "20221207"
#define MAIL_VERSION_NUMBER "3.8"
#ifdef SNAPSHOT

23
postfix/src/smtpd/smtpd.c
View File

@ -172,12 +172,9 @@
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBlocal_header_rewrite_clients (permit_inet_interfaces)\fR"
/* Rewrite message header addresses in mail from these clients and
/* update incomplete addresses with the domain name in $myorigin or
/* $mydomain; either don't rewrite message headers from other clients
/* at all, or rewrite message headers and update incomplete addresses
/* with the domain specified in the remote_header_rewrite_domain
/* parameter.
/* Rewrite or add message headers in mail from these clients,
/* updating incomplete addresses with the domain name in $myorigin or
/* $mydomain, and adding missing headers.
/* BEFORE-SMTPD PROXY AGENT
/* .ad
/* .fi
@ -439,7 +436,7 @@
/* With mandatory TLS encryption, require a trusted remote SMTP client
/* certificate in order to allow TLS connections to proceed.
/* .IP "\fBsmtpd_tls_wrappermode (no)\fR"
/* Run the Postfix SMTP server in the non-standard "wrapper" mode,
/* Run the Postfix SMTP server in TLS "wrapper" mode,
/* instead of using the STARTTLS command.
/* .IP "\fBtls_daemon_random_bytes (32)\fR"
/* The number of pseudo-random bytes that an \fBsmtp\fR(8) or \fBsmtpd\fR(8)
@ -546,7 +543,7 @@
/* Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
/* .IP "\fBsmtputf8_enable (yes)\fR"
/* Enable preliminary SMTPUTF8 support for the protocols described
/* in RFC 6531..6533.
/* in RFC 6531, RFC 6532, and RFC 6533.
/* .IP "\fBstrict_smtputf8 (no)\fR"
/* Enable stricter enforcement of the SMTPUTF8 protocol.
/* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
@ -650,10 +647,10 @@
/* The list of domains that are delivered via the $local_transport
/* mail delivery transport.
/* .IP "\fBinet_interfaces (all)\fR"
/* The network interface addresses that this mail system receives
/* The local network interface addresses that this mail system receives
/* mail on.
/* .IP "\fBproxy_interfaces (empty)\fR"
/* The network interface addresses that this mail system receives mail
/* The remote network interface addresses that this mail system receives mail
/* on by way of a proxy or network address translation unit.
/* .IP "\fBinet_protocols (see 'postconf -d output')\fR"
/* The Internet protocols Postfix will attempt to use when making
@ -682,12 +679,12 @@
/* Parameters concerning known/unknown recipients in virtual alias
/* domains:
/* .IP "\fBvirtual_alias_domains ($virtual_alias_maps)\fR"
/* Postfix is final destination for the specified list of virtual
/* Postfix is the final destination for the specified list of virtual
/* alias domains, that is, domains for which all addresses are aliased
/* to addresses in other local or remote domains.
/* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
/* Optional lookup tables that alias specific mail addresses or domains
/* to other local or remote address.
/* to other local or remote addresses.
/* .IP "\fBunknown_virtual_alias_reject_code (550)\fR"
/* The Postfix SMTP server reply code when a recipient address matches
/* $virtual_alias_domains, and $virtual_alias_maps specifies a list
@ -696,7 +693,7 @@
/* Parameters concerning known/unknown recipients in virtual mailbox
/* domains:
/* .IP "\fBvirtual_mailbox_domains ($virtual_mailbox_maps)\fR"
/* Postfix is final destination for the specified list of domains;
/* Postfix is the final destination for the specified list of domains;
/* mail is delivered via the $virtual_transport mail delivery transport.
/* .IP "\fBvirtual_mailbox_maps (empty)\fR"
/* Optional lookup tables with all valid addresses in the domains that

2
postfix/src/smtpd/smtpd_proxy.c
View File

@ -388,7 +388,7 @@ static int smtpd_proxy_connect(SMTPD_STATE *state)
*/
server_xforward_features = 0;
lines = STR(proxy->reply);
while ((words = mystrtok(&lines, "\n")) != 0) {
while ((words = mystrtok(&lines, "\r\n")) != 0) {
if (mystrtok(&words, "- ") && (word = mystrtok(&words, " \t")) != 0) {
if (strcasecmp(word, XFORWARD_CMD) == 0)
while ((word = mystrtok(&words, " \t")) != 0)

1
postfix/src/tls/tls.h
View File

@ -647,6 +647,7 @@ extern TLS_TLSA *tlsa_prepend(TLS_TLSA *, uint8_t, uint8_t, uint8_t,
/*
* tls_fprint.c
*/
extern const EVP_MD *tls_digest_byname(const char *, EVP_MD_CTX **);
extern char *tls_digest_encode(const unsigned char *, int);
extern char *tls_cert_fprint(X509 *, const char *);
extern char *tls_pkey_fprint(X509 *, const char *);

4
postfix/src/tls/tls_client.c
View File

@ -324,6 +324,7 @@ static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
* checks are now performed internally in OpenSSL.
*/
if (SSL_get_verify_result(TLScontext->con) == X509_V_OK) {
TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
if (TLScontext->must_fail) {
msg_panic("%s: cert valid despite trust init failure",
TLScontext->namaddr);
@ -352,8 +353,7 @@ static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
TLScontext->namaddr, peername);
tls_dane_log(TLScontext);
}
} else
TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
}
}
/*

8
postfix/src/tls/tls_dane.c
View File

@ -823,7 +823,7 @@ int tls_dane_enable(TLS_SESS_STATE *TLScontext)
/* tls_dane_digest_init - configure supported DANE digests */
void tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD * fpt_alg)
void tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD *fpt_alg)
{
dane_mtype mtypes[256];
char *cp;
@ -930,7 +930,7 @@ void tls_dane_digest_init(SSL_CTX *ctx, const EVP_MD * fpt_alg)
}
mtypes[codepoint].ord = ++ord;
if ((mtypes[codepoint].alg = EVP_get_digestbyname(algname)) == 0) {
if ((mtypes[codepoint].alg = tls_digest_byname(algname, NULL)) == 0) {
msg_warn("%s: digest algorithm \"%s\"(%d) unknown",
VAR_TLS_DANE_DIGESTS, algname, codepoint);
continue;
@ -1132,11 +1132,11 @@ static void load_tlsa_args(SSL *ssl, char *argv[])
case 0:
break;
case 1:
if ((md = EVP_get_digestbyname(LN_sha256)) == 0)
if ((md = tls_digest_byname(LN_sha256, NULL)) == 0)
msg_fatal("Digest %s not found", LN_sha256);
break;
case 2:
if ((md = EVP_get_digestbyname(LN_sha512)) == 0)
if ((md = tls_digest_byname(LN_sha512, NULL)) == 0)
msg_fatal("Digest %s not found", LN_sha512);
break;
default:

76
postfix/src/tls/tls_fprint.c
View File

@ -6,6 +6,10 @@
/* SYNOPSIS
/* #include <tls.h>
/*
/* EVP_MD *tls_digest_byname(const char *mdalg, EVP_MD_CTX **mdctxPtr)
/* const char *mdalg;
/* EVP_MD_CTX **mdctxPtr;
/*
/* char *tls_serverid_digest(TLScontext, props, ciphers)
/* TLS_SESS_STATE *TLScontext;
/* const TLS_CLIENT_START_PROPS *props;
@ -23,6 +27,13 @@
/* X509 *peercert;
/* const char *mdalg;
/* DESCRIPTION
/* tls_digest_byname() constructs, and optionally returns, an EVP_MD_CTX
/* handle for performing digest operations with the algorithm named by the
/* mdalg parameter. The return value is non-null on success, and holds a
/* digest algorithm handle. If the mdctxPtr argument is non-null the
/* created context is returned to the caller, who is then responsible for
/* deleting it by calling EVP_MD_ctx_free() once it is no longer needed.
/*
/* tls_digest_encode() converts a binary message digest to a hex ASCII
/* format with ':' separators between each pair of hex digits.
/* The return value is dynamically allocated with mymalloc(),
@ -50,6 +61,8 @@
/* free it with myfree().
/*
/* Arguments:
/* .IP mdalg
/* A digest algorithm name, such as "sha256".
/* .IP peercert
/* Server or client X.509 certificate.
/* .IP md_buf
@ -60,6 +73,9 @@
/* Name of a message digest algorithm suitable for computing secure
/* (1st pre-image resistant) message digests of certificates. For now,
/* md5, sha1, or member of SHA-2 family if supported by OpenSSL.
/* .IP mdctxPtr
/* Pointer to an (EVP_MD_CTX *) handle, or NULL if only probing for
/* algorithm support without immediate use in mind.
/* .IP buf
/* Input data for the message digest algorithm mdalg.
/* .IP len
@ -114,7 +130,7 @@
static const char hexcodes[] = "0123456789ABCDEF";
#define checkok(ret) (ok &= ((ret) ? 1 : 0))
#define checkok(stillok) (ok = ok && (stillok))
#define digest_object(p) digest_data((unsigned char *)(p), sizeof(*(p)))
#define digest_data(p, l) checkok(digest_bytes(mdctx, (p), (l)))
#define digest_string(s) checkok(digest_chars(mdctx, (s)))
@ -182,6 +198,44 @@ static int tls_digest_tlsa(EVP_MD_CTX *mdctx, TLS_TLSA *tlsa)
return (ok);
}
/* tls_digest_byname - test availability or prepare to use digest */
const EVP_MD *tls_digest_byname(const char *mdalg, EVP_MD_CTX **mdctxPtr)
{
const EVP_MD *md;
EVP_MD_CTX *mdctx = NULL;
int ok = 1;
/*
* In OpenSSL 3.0, because of dynamically variable algorithm providers,
* there is a time-of-check/time-of-use issue that means that abstract
* algorithm handles returned by EVP_get_digestbyname() can (and not
* infrequently do) return ultimately unusable algorithms, to check for
* actual availability, one needs to use the new EVP_MD_fetch() API, or
* indirectly check usability by creating a concrete context. We take the
* latter approach here (works for 1.1.1 without #ifdef).
*
* Note that EVP_MD_CTX_{create,destroy} were renamed to, respectively,
* EVP_MD_CTX_{new,free} in OpenSSL 1.1.0.
*/
checkok(md = EVP_get_digestbyname(mdalg));
/*
* Sanity check: Newer shared libraries could (hypothentical ABI break)
* allow larger digests, we avoid such poison algorithms.
*/
checkok(EVP_MD_size(md) <= EVP_MAX_MD_SIZE);
checkok(mdctx = EVP_MD_CTX_new());
checkok(EVP_DigestInit_ex(mdctx, md, NULL));
if (ok && mdctxPtr != 0)
*mdctxPtr = mdctx;
else
EVP_MD_CTX_free(mdctx);
return (ok ? md : 0);
}
/* tls_serverid_digest - suffix props->serverid with parameter digest */
char *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
@ -189,7 +243,6 @@ char *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
const char *ciphers)
{
EVP_MD_CTX *mdctx;
const EVP_MD *md;
const char *mdalg;
unsigned char md_buf[EVP_MAX_MD_SIZE];
unsigned int md_len;
@ -205,17 +258,17 @@ char *tls_serverid_digest(TLS_SESS_STATE *TLScontext,
* default digest, but DANE requires sha256 and sha512, so if we must
* fall back to our default digest, DANE support won't be available. We
* panic if the fallback algorithm is not available, as it was verified
* available in tls_client_init() and must not simply vanish.
* available in tls_client_init() and must not simply vanish. Our
* provider set is not expected to change once the OpenSSL library is
* initialised.
*/
if ((md = EVP_get_digestbyname(mdalg = "sha256")) == 0
&& (md = EVP_get_digestbyname(mdalg = props->mdalg)) == 0)
msg_panic("digest algorithm \"%s\" not found", mdalg);
if (tls_digest_byname(mdalg = LN_sha256, &mdctx) == 0
&& tls_digest_byname(mdalg = props->mdalg, &mdctx) == 0)
msg_panic("digest algorithm \"%s\" not found", props->mdalg);
/* Salt the session lookup key with the OpenSSL runtime version. */
sslversion = OpenSSL_version_num();
mdctx = EVP_MD_CTX_create();
checkok(EVP_DigestInit_ex(mdctx, md, NULL));
digest_string(props->helo ? props->helo : "");
digest_object(&sslversion);
digest_string(props->protocols);
@ -306,18 +359,15 @@ char *tls_digest_encode(const unsigned char *md_buf, int md_len)
static char *tls_data_fprint(const unsigned char *buf, int len, const char *mdalg)
{
EVP_MD_CTX *mdctx;
const EVP_MD *md;
EVP_MD_CTX *mdctx = NULL;
unsigned char md_buf[EVP_MAX_MD_SIZE];
unsigned int md_len;
int ok = 1;
/* Previously available in "init" routine. */
if ((md = EVP_get_digestbyname(mdalg)) == 0)
if (tls_digest_byname(mdalg, &mdctx) == 0)
msg_panic("digest algorithm \"%s\" not found", mdalg);
mdctx = EVP_MD_CTX_create();
checkok(EVP_DigestInit_ex(mdctx, md, NULL));
digest_data(buf, len);
checkok(EVP_DigestFinal_ex(mdctx, md_buf, &md_len));
EVP_MD_CTX_destroy(mdctx);

14
postfix/src/tls/tls_misc.c
View File

@ -1575,25 +1575,13 @@ long tls_bio_dump_cb(BIO *bio, int cmd, const char *argp, size_t len,
const EVP_MD *tls_validate_digest(const char *dgst)
{
const EVP_MD *md_alg;
unsigned int md_len;
/*
* If the administrator specifies an unsupported digest algorithm, fail
* now, rather than in the middle of a TLS handshake.
*/
if ((md_alg = EVP_get_digestbyname(dgst)) == 0) {
if ((md_alg = tls_digest_byname(dgst, NULL)) == 0)
msg_warn("Digest algorithm \"%s\" not found", dgst);
return (0);
}
/*
* Sanity check: Newer shared libraries may use larger digests.
*/
if ((md_len = EVP_MD_size(md_alg)) > EVP_MAX_MD_SIZE) {
msg_warn("Digest algorithm \"%s\" output size %u too large",
dgst, md_len);
return (0);
}
return md_alg;
}