postfix-2.6-20081012

postfix/HISTORY

@@ -14669,7 +14669,9 @@ Apologies for any names omitted.
 	from an SMTP-based content filter.  This was fixed with a
 	a minor semantic change to the XFORWARD protocol.  Files:
 	smtpd/smtpd.c, qmqpd/qmqpd.c, smtp/smtp_proto.c,
-	cleanup/cleanup_envelope.c, proto/XFORWARD.html.
+	cleanup/cleanup_envelope.c, proto/XFORWARD.html. Note: the
+	changes to propagate local submission details were undone
+	20082012.
 
 	Feature: a DUNNO lookup result in per_sender_relayhost_maps
 	stops the search without replacing the next-hop destination.
@@ -14715,7 +14717,14 @@ Apologies for any names omitted.
 	Feature: controls for opportunistic TLS protocols and
 	ciphers. The smtp_tls_protocols, smtp_tls_ciphers, and
 	equivalent parameters for lmtp and smtpd provide global
-	settings; The SMTP client TLS policy table provides ciphers
+	settings; the SMTP client TLS policy table provides ciphers
 	and protocols settings for specific peers.  Code by Victor
 	Duchovni. Files: smtp/smtp.c, smtp/smtp_session.c, smtpd/smtpd.c
 	and documentation.
+
+20081012
+
+	Cleanup: simplify the 20081003 changes and don't try to
+	propagate local submission information through XFORWARD.
+	Files: smtpd/smtpd.c, qmqpd/qmqpd.c, smtp/smtp_proto.c,
+	cleanup/cleanup_envelope.c, proto/XFORWARD.html.

postfix/README_FILES/XFORWARD_README

@@ -33,9 +33,9 @@ XFORWARD. The keyword is followed by the names of the attributes that the
 XFORWARD implementation supports.
 
 After receiving the server's announcement for XFORWARD support, the client may
-send one or more XFORWARD requests at any time except in the middle of a mail
+send XFORWARD requests at any time except in the middle of a mail delivery
-delivery transaction (i.e. between MAIL and RSET or DOT). The command may be
+transaction (i.e. between MAIL and RSET or DOT). The command may be pipelined
-pipelined when the server supports ESMTP command pipelining.
+when the server supports ESMTP command pipelining.
 
 The syntax of XFORWARD requests is described below. Upper case and quoted
 strings specify terminals, lowercase strings specify meta terminals, and SP is
@@ -58,9 +58,6 @@ are in fact case insensitive.
     when the address information is unavailable. Address information is not
     enclosed with [].
 
-  * When both the NAME and ADDR attributes have the value [UNAVAILABLE], the
-    upcoming MAIL FROM transaction corresponds to a local submission.
-
   * The PORT attribute specifies an up-stream client TCP port number in
     decimal, or [UNAVAILABLE] when the information is unavailable.
 
@@ -106,8 +103,8 @@ Upon receipt of an initial XFORWARD command, the SMTP server initializes all
 XFORWARD attributes to [UNAVAILABLE]. With each valid XFORWARD command, the
 server updates XFORWARD attributes with the specified values.
 
-When the server uses XFORWARD attributes for logging purposes, it must not mix
+The server must not mix client attributes from XFORWARD with client attributes
-XFORWARD attributes with attributes from the current SMTP session.
+from the current SMTP session.
 
 At the end of each MAIL FROM transaction (i.e. RSET or DOT), the server resets
 all XFORWARD attributes to the undefined state, and is ready to receive another

postfix/RELEASE_NOTES

@@ -11,18 +11,15 @@ instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
 
-Incompatibility with snapshot 20081003
+Major changes with snapshot 20081010
-======================================
+====================================
 
-This release fixes cosmetic bugs in the way that Postfix propagates
+Controls for the protocols and ciphers that Postfix will use with
-the origin of email messages through SMTP-based content filters.
+opportunistic TLS. The smtp_tls_protocols, smtp_tls_ciphers, and
-This changes the results of $name expansions by the local(8) and
+equivalent parameters for lmtp and smtpd provide global settings;
-pipe(8) delivery agents. With a local submission, the $client_hostname
+the SMTP client TLS policy table provides ciphers and protocols
-etc. attributes now correctly expand into the empty string, instead
+settings for specific peers.  Code by Victor Duchovni. Details are
-of information about the host that runs the content filter; and
+given in the TLS_README and postconf(5) documents.
-with a remote submission from a client with an unknown hostname,
-the $client_hostname attribute now correctly expands into "unknown"
-instead of the empty string.
 
 Incompatibility with snapshot 20080814
 ======================================

postfix/html/XFORWARD_README.html

@@ -56,8 +56,7 @@ extension is XFORWARD. The keyword is followed by the names of the
 attributes that the XFORWARD implementation supports. </p>
 
 <p> After receiving the server's announcement for XFORWARD support,
-the client may send one or more XFORWARD requests at any time except
+the client may send XFORWARD requests at any time except in
-in
 the middle of a mail delivery transaction (i.e.  between MAIL and
 RSET or DOT).  The command may be pipelined when the server supports
 ESMTP command pipelining.  </p>
@@ -95,10 +94,6 @@ names are shown in upper case, they are in fact case insensitive.
     is unavailable.  Address information is not enclosed with [].
     </p>
 
-    <li> <p> When both the NAME and ADDR attributes have the value
-    [UNAVAILABLE], the upcoming MAIL FROM transaction corresponds
-    to a local submission. </p>
-
     <li> <p> The PORT attribute specifies an up-stream client TCP
     port number in decimal, or [UNAVAILABLE] when the information
     is unavailable.  </p>
@@ -155,9 +150,8 @@ initializes all XFORWARD attributes to [UNAVAILABLE].  With each
 valid XFORWARD command, the server updates XFORWARD attributes with
 the specified values. </p>
 
-<p> When the server uses XFORWARD attributes for logging purposes,
+<p> The server must not mix client attributes from XFORWARD with
-it must not mix XFORWARD attributes with attributes from the current
+client attributes from the current SMTP session. </p>
-SMTP session.  </p>
 
 <p> At the end of each MAIL FROM transaction (i.e. RSET or DOT),
 the server resets all XFORWARD attributes to the undefined state,

postfix/proto/XFORWARD_README.html

@@ -56,8 +56,7 @@ extension is XFORWARD. The keyword is followed by the names of the
 attributes that the XFORWARD implementation supports. </p>
 
 <p> After receiving the server's announcement for XFORWARD support,
-the client may send one or more XFORWARD requests at any time except
+the client may send XFORWARD requests at any time except in
-in
 the middle of a mail delivery transaction (i.e.  between MAIL and
 RSET or DOT).  The command may be pipelined when the server supports
 ESMTP command pipelining.  </p>
@@ -95,10 +94,6 @@ names are shown in upper case, they are in fact case insensitive.
     is unavailable.  Address information is not enclosed with [].
     </p>
 
-    <li> <p> When both the NAME and ADDR attributes have the value
-    [UNAVAILABLE], the upcoming MAIL FROM transaction corresponds
-    to a local submission. </p>
-
     <li> <p> The PORT attribute specifies an up-stream client TCP
     port number in decimal, or [UNAVAILABLE] when the information
     is unavailable.  </p>
@@ -155,9 +150,8 @@ initializes all XFORWARD attributes to [UNAVAILABLE].  With each
 valid XFORWARD command, the server updates XFORWARD attributes with
 the specified values. </p>
 
-<p> When the server uses XFORWARD attributes for logging purposes,
+<p> The server must not mix client attributes from XFORWARD with
-it must not mix XFORWARD attributes with attributes from the current
+client attributes from the current SMTP session. </p>
-SMTP session.  </p>
 
 <p> At the end of each MAIL FROM transaction (i.e. RSET or DOT),
 the server resets all XFORWARD attributes to the undefined state,

postfix/src/global/deliver_request.h

@@ -53,6 +53,12 @@ typedef struct DELIVER_REQUEST {
     int     dsn_ret;			/* DSN full/header notification */
 } DELIVER_REQUEST;
 
+ /*
+  * Since we can't send null pointers, null strings represent unavailable
+  * attributes instead. They're less likely to explode in our face, too.
+  */
+#define DEL_REQ_ATTR_AVAIL(a)	(*(a))
+
  /*
   * How to deliver, really?
   */

postfix/src/global/mail_proto.h

@@ -174,7 +174,7 @@ extern char *mail_pathname(const char *, const char *);
 #define MAIL_ATTR_LOG_CLIENT_PORT "log_client_port"	/* client port */
 #define MAIL_ATTR_LOG_HELO_NAME	"log_helo_name"	/* SMTP helo name */
 #define MAIL_ATTR_LOG_PROTO_NAME "log_protocol_name"	/* SMTP/ESMTP/QMQP */
-#define MAIL_ATTR_LOG_CLIENT_DUMMY "log_client_dummy"	/* none of the above */
+#define MAIL_ATTR_LOG_ORIGIN	"log_message_origin"	/* name[addr]:port */
 
 #define MAIL_ATTR_ACT_CLIENT	"client"/* client name addr */
 #define MAIL_ATTR_ACT_CLIENT_NAME "client_name"	/* client name */
@@ -187,27 +187,9 @@ extern char *mail_pathname(const char *, const char *);
 #define MAIL_ATTR_ACT_FORWARD_CLIENT_NAME "forward_client_name"
 
 #define MAIL_ATTR_PROTO_STATE	"protocol_state"	/* MAIL/RCPT/... */
-
- /*
-  * Local submissions do not provide an origin record.
-  */
-#define MAIL_ATTR_LOG_ORIGIN	"log_message_origin"	/* name[addr]:port */
 #define MAIL_ATTR_ORG_NONE	"unknown"	/* origin unknown */
 #define MAIL_ATTR_ORG_LOCAL	"local"	/* local submission */
 
- /*
-  * Non-existent attribute values are represented as empty strings (e.g. no
-  * remote client, or no HELO hostname). Unknown attribute values are
-  * represented as "unknown" (e.g., unknown remote client hostname). An empty
-  * string is more convenient to send than a null pointer, and is less likely
-  * to blow up.
-  */
-#define MAIL_ATTR_VAL_NONEXIST	""
-#define MAIL_ATTR_VAL_UNKNOWN	"unknown"
-
-#define MAIL_ATTR_IS_EXIST(a)	(*(a))
-#define MAIL_ATTR_IS_KNOWN(a)	((*(a)) && strcmp((a), MAIL_ATTR_VAL_UNKNOWN))
-
  /*
   * XCLIENT/XFORWARD in SMTP.
   */

postfix/src/global/mail_version.h

@@ -20,19 +20,19 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20081010"
+#define MAIL_RELEASE_DATE	"20081012"
 #define MAIL_VERSION_NUMBER	"2.6"
 
 #ifdef SNAPSHOT
-#define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
+# define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
 #else
-#define MAIL_VERSION_DATE	""
+# define MAIL_VERSION_DATE	""
 #endif
 
 #ifdef NONPROD
-#define MAIL_VERSION_PROD	"-nonprod"
+# define MAIL_VERSION_PROD	"-nonprod"
 #else
-#define MAIL_VERSION_PROD	""
+# define MAIL_VERSION_PROD	""
 #endif
 
 #define VAR_MAIL_VERSION	"mail_version"

postfix/src/oqmgr/qmgr_message.c

@@ -662,8 +662,6 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
 		    myfree(message->client_helo);
 		message->client_helo = mystrdup(value);
 		have_log_client_attr = 1;
-	    } else if (strcmp(name, MAIL_ATTR_LOG_CLIENT_DUMMY) == 0) {
-		have_log_client_attr = 1;
 	    } else if (strcmp(name, MAIL_ATTR_SASL_METHOD) == 0) {
 		if (message->sasl_method == 0)
 		    message->sasl_method = mystrdup(value);

postfix/src/qmgr/qmgr_message.c

@@ -703,8 +703,6 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
 		    myfree(message->client_helo);
 		message->client_helo = mystrdup(value);
 		have_log_client_attr = 1;
-	    } else if (strcmp(name, MAIL_ATTR_LOG_CLIENT_DUMMY) == 0) {
-		have_log_client_attr = 1;
 	    } else if (strcmp(name, MAIL_ATTR_SASL_METHOD) == 0) {
 		if (message->sasl_method == 0)
 		    message->sasl_method = mystrdup(value);

postfix/src/qmqpd/qmqpd.c

@@ -318,10 +318,18 @@ static void qmqpd_write_attributes(QMQPD_STATE *state)
 {
 
     /*
-     * Logging attribute for the Postfix 2.3+ cleanup server.
+     * Logging attributes, also used for XFORWARD.
      */
+    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+		MAIL_ATTR_LOG_CLIENT_NAME, state->name);
+    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+		MAIL_ATTR_LOG_CLIENT_ADDR, state->rfc_addr);
+    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+		MAIL_ATTR_LOG_CLIENT_PORT, state->port);
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
 		MAIL_ATTR_LOG_ORIGIN, state->namaddr);
+    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+		MAIL_ATTR_LOG_PROTO_NAME, state->protocol);
 
     /*
      * For consistency with the smtpd Milter client, we need to provide the
@@ -334,15 +342,16 @@ static void qmqpd_write_attributes(QMQPD_STATE *state)
      */
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
 		MAIL_ATTR_ACT_CLIENT_NAME, state->name);
-    /* XXX Backwards compatibility: include IPv6: prefix. */
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-		MAIL_ATTR_ACT_CLIENT_ADDR, state->rfc_addr);
+		MAIL_ATTR_ACT_CLIENT_ADDR, state->addr);
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
 		MAIL_ATTR_ACT_CLIENT_PORT, state->port);
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%u",
 		MAIL_ATTR_ACT_CLIENT_AF, state->addr_family);
     rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-                MAIL_ATTR_ACT_PROTO_NAME, state->protocol);
+		MAIL_ATTR_ACT_PROTO_NAME, state->protocol);
+
+    /* XXX What about the address rewriting context? */
 }
 
 /* qmqpd_copy_recipients - copy message recipients */

postfix/src/smtp/smtp_proto.c

@@ -1221,23 +1221,20 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
 	     */
 	case SMTP_STATE_XFORWARD_NAME_ADDR:
 	    vstring_strcpy(next_command, XFORWARD_CMD);
-	    if (session->features & SMTP_FEATURE_XFORWARD_NAME) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_NAME)
+		&& DEL_REQ_ATTR_AVAIL(request->client_name)) {
 		vstring_strcat(next_command, " " XFORWARD_NAME "=");
-		xtext_quote_append(next_command,
+		xtext_quote_append(next_command, request->client_name, "");
-				   MAIL_ATTR_IS_KNOWN(request->client_name) ?
-			   request->client_name : XFORWARD_UNAVAILABLE, "");
 	    }
-	    if (session->features & SMTP_FEATURE_XFORWARD_ADDR) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_ADDR)
+		&& DEL_REQ_ATTR_AVAIL(request->client_addr)) {
 		vstring_strcat(next_command, " " XFORWARD_ADDR "=");
-		xtext_quote_append(next_command,
+		xtext_quote_append(next_command, request->client_addr, "");
-				   MAIL_ATTR_IS_KNOWN(request->client_addr) ?
-			   request->client_addr : XFORWARD_UNAVAILABLE, "");
 	    }
-	    if (session->features & SMTP_FEATURE_XFORWARD_PORT) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_PORT)
+		&& DEL_REQ_ATTR_AVAIL(request->client_port)) {
 		vstring_strcat(next_command, " " XFORWARD_PORT "=");
-		xtext_quote_append(next_command,
+		xtext_quote_append(next_command, request->client_port, "");
-				   MAIL_ATTR_IS_KNOWN(request->client_port) ?
-			   request->client_port : XFORWARD_UNAVAILABLE, "");
 	    }
 	    if (session->send_proto_helo)
 		next_state = SMTP_STATE_XFORWARD_PROTO_HELO;
@@ -1247,23 +1244,20 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
 
 	case SMTP_STATE_XFORWARD_PROTO_HELO:
 	    vstring_strcpy(next_command, XFORWARD_CMD);
-	    if (session->features & SMTP_FEATURE_XFORWARD_PROTO) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_PROTO)
+		&& DEL_REQ_ATTR_AVAIL(request->client_proto)) {
 		vstring_strcat(next_command, " " XFORWARD_PROTO "=");
-		xtext_quote_append(next_command,
+		xtext_quote_append(next_command, request->client_proto, "");
-				 MAIL_ATTR_IS_KNOWN(request->client_proto) ?
-			  request->client_proto : XFORWARD_UNAVAILABLE, "");
 	    }
-	    if (session->features & SMTP_FEATURE_XFORWARD_HELO) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_HELO)
+		&& DEL_REQ_ATTR_AVAIL(request->client_helo)) {
 		vstring_strcat(next_command, " " XFORWARD_HELO "=");
-		xtext_quote_append(next_command,
+		xtext_quote_append(next_command, request->client_helo, "");
-				   MAIL_ATTR_IS_EXIST(request->client_helo) ?
-			   request->client_helo : XFORWARD_UNAVAILABLE, "");
 	    }
-	    if (session->features & SMTP_FEATURE_XFORWARD_DOMAIN) {
+	    if ((session->features & SMTP_FEATURE_XFORWARD_DOMAIN)
+		&& DEL_REQ_ATTR_AVAIL(request->rewrite_context)) {
 		vstring_strcat(next_command, " " XFORWARD_DOMAIN "=");
 		xtext_quote_append(next_command,
-			 MAIL_ATTR_IS_EXIST(request->rewrite_context) == 0 ?
-				   XFORWARD_UNAVAILABLE :
 		     strcmp(request->rewrite_context, MAIL_ATTR_RWR_LOCAL) ?
 			      XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL, "");
 	    }
@@ -1932,24 +1926,27 @@ int     smtp_xfer(SMTP_STATE *state)
 
     /*
      * Use XFORWARD to forward the origin of this email message across an
-     * SMTP-based content filter. Send client attribute information even in
+     * SMTP-based content filter. Send client attribute information only if
-     * the case of local submissions, which have no client attributes. This
+     * it exists (i.e. remote submission). Local submissions have no client
-     * fixes a minor problem that was introduced with Postfix 2.1: no client
+     * attributes; the mail will appear to originate from the content filter
-     * attribute information was sent in the case of local submissions, and
+     * which is acceptable.
-     * therefore local submissions appeared to originate from the SMTP-based
-     * content filter. To make this work we introduced one change to the
-     * XFORWARD protocol: when both NAME and ADDR values are [UNAVAILABLE],
-     * this is a local submission.
      */
     send_name_addr =
 	var_smtp_send_xforward
-	&& (session->features & (SMTP_FEATURE_XFORWARD_NAME
+	&& (((session->features & SMTP_FEATURE_XFORWARD_NAME)
-				 | SMTP_FEATURE_XFORWARD_ADDR));
+	     && DEL_REQ_ATTR_AVAIL(request->client_name))
+	    || ((session->features & SMTP_FEATURE_XFORWARD_ADDR)
+		&& DEL_REQ_ATTR_AVAIL(request->client_addr))
+	    || ((session->features & SMTP_FEATURE_XFORWARD_PORT)
+		&& DEL_REQ_ATTR_AVAIL(request->client_port)));
     session->send_proto_helo =
 	var_smtp_send_xforward
-	&& (session->features & (SMTP_FEATURE_XFORWARD_PROTO
+	&& (((session->features & SMTP_FEATURE_XFORWARD_PROTO)
-				 | SMTP_FEATURE_XFORWARD_HELO
+	     && DEL_REQ_ATTR_AVAIL(request->client_proto))
-				 | SMTP_FEATURE_XFORWARD_DOMAIN));
+	    || ((session->features & SMTP_FEATURE_XFORWARD_HELO)
+		&& DEL_REQ_ATTR_AVAIL(request->client_helo))
+	    || ((session->features & SMTP_FEATURE_XFORWARD_DOMAIN)
+		&& DEL_REQ_ATTR_AVAIL(request->rewrite_context)));
     if (send_name_addr)
 	recv_state = send_state = SMTP_STATE_XFORWARD_NAME_ADDR;
     else if (session->send_proto_helo)

postfix/src/smtpd/smtpd.c

@@ -1763,46 +1763,26 @@ static int mail_open_stream(SMTPD_STATE *state)
 	if (SMTPD_STAND_ALONE(state) == 0) {
 
 	    /*
-	     * Forwarded client attributes. These propagate original client
+	     * Attributes for logging, also used for XFORWARD.
-	     * information through an SMTP-based content filter, to improve
-	     * the logging from an after-filter MTA.
 	     * 
-	     * In the case of a remote submission, send all client attributes,
+	     * We store all client attributes, including ones with unknown
-	     * including ones with missing values. Otherwise, an unknown
+	     * values. Otherwise, an unknown client hostname would be treated
-	     * client hostname would be treated as a non-existent hostname
+	     * as a non-existent hostname (i.e. local submission).
-	     * (i.e. local submission).
-	     * 
-	     * In the case of a forwarded local submission, specify explicitly
-	     * that the original client attributes are non-existent.
-	     * Otherwise, the real client attributes would be used, and mail
-	     * would appear to come from the content filter.
 	     */
-	    if (SMTPD_HAVE_XFORWARD_ATTR(state)) {
+	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-		if (MAIL_ATTR_IS_KNOWN(state->xforward.name)
+			MAIL_ATTR_LOG_CLIENT_NAME, FORWARD_NAME(state));
-		    || MAIL_ATTR_IS_KNOWN(state->xforward.addr)) {
+	    /* XXX Note: state->rfc_addr, not state->addr. */
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			   MAIL_ATTR_LOG_CLIENT_NAME, state->xforward.name);
+			MAIL_ATTR_LOG_CLIENT_ADDR, FORWARD_ADDR(state));
-		    /* XXX Backwards compatibility: include IPv6: prefix. */
+	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+			MAIL_ATTR_LOG_CLIENT_PORT, FORWARD_PORT(state));
-		       MAIL_ATTR_LOG_CLIENT_ADDR, state->xforward.rfc_addr);
+	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+			MAIL_ATTR_LOG_ORIGIN, FORWARD_NAMADDR(state));
-			     MAIL_ATTR_LOG_ORIGIN, state->xforward.namaddr);
+	    if (FORWARD_HELO(state))
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			   MAIL_ATTR_LOG_CLIENT_PORT, state->xforward.port);
-		    if (state->xforward.helo_name)
-			rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			MAIL_ATTR_LOG_HELO_NAME, state->xforward.helo_name);
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			MAIL_ATTR_LOG_PROTO_NAME, state->xforward.protocol);
-		} else {
-		    /* Local submission. See also qmgr_message_read(). */
-		    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-				MAIL_ATTR_LOG_CLIENT_DUMMY, "dummy");
-		}
-	    } else {
 		rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			    MAIL_ATTR_LOG_ORIGIN, state->namaddr);
+			    MAIL_ATTR_LOG_HELO_NAME, FORWARD_HELO(state));
-	    }
+	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+			MAIL_ATTR_LOG_PROTO_NAME, FORWARD_PROTO(state));
 
 	    /*
 	     * Attributes with actual client information. These are used by
@@ -1818,9 +1798,9 @@ static int mail_open_stream(SMTPD_STATE *state)
 			MAIL_ATTR_ACT_CLIENT_NAME, state->name);
 	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
 		    MAIL_ATTR_ACT_REVERSE_CLIENT_NAME, state->reverse_name);
-	    /* XXX Backwards compatibility: include IPv6: prefix. */
+	    /* XXX Note: state->addr, not state->rfc_addr. */
 	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
-			MAIL_ATTR_ACT_CLIENT_ADDR, state->rfc_addr);
+			MAIL_ATTR_ACT_CLIENT_ADDR, state->addr);
 	    rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
 			MAIL_ATTR_ACT_CLIENT_PORT, state->port);
 	    if (state->helo_name)

postfix/src/smtpd/smtpd.h

@@ -228,20 +228,29 @@ extern void smtpd_state_reset(SMTPD_STATE *);
 #define SMTPD_CMD_UNKNOWN	"UNKNOWN"
 
  /*
-  * Representation of missing and non-existent client information. Throughout
+  * Representation of unknown and non-existent client information. Throughout
-  * Postfix, we use the "unknown" string value for missing client information
+  * Postfix, we use the "unknown" string value for unknown client information
-  * (e.g., unknown remote client hostname), and we use the empty string or
+  * (e.g., unknown remote client hostname), and we use the empty string, null
-  * null pointer for non-existent client information (e.g., no HELO command,
+  * pointer or "no queue file record" for non-existent client information
-  * or local submission).
+  * (e.g., no HELO command, or local submission).
   * 
-  * When XFORWARD support was introduced with Postfix 2.1, the specification
+  * Inside the SMTP server, unknown real client attributes are represented by
-  * failed to clearly distinguish between missing and non-existent client
+  * the string "unknown", and non-existent HELO is represented as a null
-  * information. This ambiguity affected the implementation: unknown client
+  * pointer. The SMTP server uses this same representation internally for
-  * hostnames could become empty strings (as if a submission was local), and
+  * forwarded client attributes; the XFORWARD syntax makes no distinction
-  * local submissions could appear to originate from an SMTP-based content
+  * between unknown (remote submission) and non-existent (local submission).
-  * filter. This was corrected during the Postfix 2.6 development cycle by
+  * 
-  * introducing one semantic change to the XFORWARD protocol: when both NAME
+  * The SMTP client sends forwarded client attributes only when upstream client
-  * and ADDR values are [UNAVAILABLE], this is a local submission.
+  * attributes exist (i.e. remote submission). Thus, local submissions will
+  * appear to come from an SMTP-based content filter, which is acceptable.
+  * 
+  * Known/unknown client attribute values use the SMTP server's internal
+  * representation in queue files, in queue manager delivery requests, and in
+  * delivery agent $name expansions.
+  * 
+  * Non-existent attribute values are never present in queue files. Non-existent
+  * information is represented as empty strings in queue manager delivery
+  * requests and in delivery agent $name expansions.
   */
 #define CLIENT_ATTR_UNKNOWN	"unknown"
 
@@ -299,34 +308,12 @@ extern void smtpd_peer_reset(SMTPD_STATE *state);
 		    (port), (char *) 0)
 
  /*
-  * Choose between normal or forwarded attributes.
+  * Don't mix information from the current SMTP session with forwarded
-  * 
+  * information from an up-stream session.
-  * Inside the SMTP server, unknown real client attributes are represented by
-  * the string "unknown", and non-existent HELO is represented as a null
-  * pointer. The SMTP server uses this same representation internally for
-  * forwarded client attributes; the XFORWARD syntax makes no distinction
-  * between unknown (remote submission) and non-existent (local submission).
-  * The SMTP server decides between remote and local submission when it
-  * generates queue file records (see below) so that the correct result is
-  * produced with down-stream logging and with $name expansion in delivery
-  * agents.
-  * 
-  * Known/unknown client attribute values use the SMTP server's internal
-  * representation in queue files, in queue manager delivery requests, and in
-  * delivery agent $name expansions.
-  * 
-  * Non-existent attribute values are never present in queue files. The SMTP
-  * server stores a dummy attribute to indicate that no client attributes
-  * exist. Non-existent information is represented as empty strings in queue
-  * manager delivery requests and in delivery agent $name expansions.
-  * 
-  * When forwarding client information, don't mix information from the current
-  * SMTP session with forwarded information from an up-stream session.
   */
-#define SMTPD_HAVE_XFORWARD_ATTR(s) \
-	((s)->xforward.flags & SMTPD_STATE_XFORWARD_INIT)
 #define FORWARD_CLIENT_ATTR(s, a) \
-	(SMTPD_HAVE_XFORWARD_ATTR(s) ? (s)->xforward.a : (s)->a)
+	(((s)->xforward.flags & SMTPD_STATE_XFORWARD_CLIENT_MASK) ? \
+	    (s)->xforward.a : (s)->a)
 
 #define FORWARD_ADDR(s)		FORWARD_CLIENT_ATTR((s), rfc_addr)
 #define FORWARD_NAME(s)		FORWARD_CLIENT_ATTR((s), name)