mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-25 11:27:48 +00:00
Code Issues Releases Wiki Activity

postfix-2.10-20120801

Browse Source
This commit is contained in:
Wietse Venema 2012-08-01 00:00:00 -05:00 committed by Viktor Dukhovni
parent 7f53bacbb8
commit 678c09702b
23 changed files with 231 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
postfix/HISTORY
View File

@ -17901,3 +17901,20 @@ Apologies for any names omitted.
buffer size that will be used with the next read(2) or buffer size that will be used with the next read(2) or
write(2) operation. Files: util/vstream.c, util/vstream.h, write(2) operation. Files: util/vstream.c, util/vstream.h,
util/vstream_tweak.c. util/vstream_tweak.c.
20120717
Documentation: update to RFC5321.
20120730
Bugfix (introduced: 20000314): AUTH is not allowed after
MAIL. Timo Sirainen. Files: smtpd/smtpd.c, smtpd/smtpd.h,
smtpd/smtpd_sasl_proto.c.
20120801
Documentation: point of what virtual_xxx parameters are
specific to the virtual(8) delivery agent, and will have
no effect when mail is delivered with a different program.
Files: proto/postconf.proto, proto/VIRTUAL_README.html.

5
postfix/README_FILES/VIRTUAL_README
View File

@ -259,7 +259,10 @@ More details about the virtual mailbox delivery agent are given in the virtual
NNoonn--PPoossttffiixx mmaaiillbbooxx ssttoorree:: sseeppaarraattee ddoommaaiinnss,, nnoonn--UUNNIIXX aaccccoouunnttss NNoonn--PPoossttffiixx mmaaiillbbooxx ssttoorree:: sseeppaarraattee ddoommaaiinnss,, nnoonn--UUNNIIXX aaccccoouunnttss
This is a variation on the Postfix virtual mailbox example. Again, every hosted This is a variation on the Postfix virtual mailbox example. Again, every hosted
address can have its own mailbox. address can have its own mailbox. However, most parameters that control the
virtual(8) delivery agent are no longer applicable: only
virtual_mailbox_domains and virtual_mailbox_maps stay in effect. These
parameters are needed to reject mail for unknown recipients.
While non-Postfix software is being used for final delivery, some Postfix While non-Postfix software is being used for final delivery, some Postfix
concepts are still needed in order to glue everything together. For additional concepts are still needed in order to glue everything together. For additional

10
postfix/html/VIRTUAL_README.html
View File

@ -260,8 +260,8 @@ section at the top of this document.</p>
3 <a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> = /var/mail/vhosts 3 <a href="postconf.5.html#virtual_mailbox_base">virtual_mailbox_base</a> = /var/mail/vhosts
4 <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> = hash:/etc/postfix/vmailbox 4 <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> = hash:/etc/postfix/vmailbox
5 <a href="postconf.5.html#virtual_minimum_uid">virtual_minimum_uid</a> = 100 5 <a href="postconf.5.html#virtual_minimum_uid">virtual_minimum_uid</a> = 100
6 <a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> = static:5000 6 <a href="postconf.5.html#virtual_uid_maps">virtual_uid_maps</a> = <a href="DATABASE_README.html#types">static</a>:5000
7 <a href="postconf.5.html#virtual_gid_maps">virtual_gid_maps</a> = static:5000 7 <a href="postconf.5.html#virtual_gid_maps">virtual_gid_maps</a> = <a href="DATABASE_README.html#types">static</a>:5000
8 <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual 8 <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
9 9
10 /etc/postfix/vmailbox: 10 /etc/postfix/vmailbox:
@ -357,7 +357,11 @@ in the <a href="virtual.8.html">virtual(8)</a> manual page. </p>
domains, non-UNIX accounts</a></h2> domains, non-UNIX accounts</a></h2>
<p> This is a variation on the Postfix <a href="VIRTUAL_README.html#virtual_mailbox">virtual mailbox example</a>. <p> This is a variation on the Postfix <a href="VIRTUAL_README.html#virtual_mailbox">virtual mailbox example</a>.
Again, every hosted address can have its own mailbox. </p> Again, every hosted address can have its own mailbox. However, most
parameters that control the <a href="virtual.8.html">virtual(8)</a> delivery agent are no longer
applicable: only <a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> and <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
stay in effect. These parameters are needed to reject mail for
unknown recipients. </p>
<p> While non-Postfix software is being used for final delivery, <p> While non-Postfix software is being used for final delivery,
some Postfix concepts are still needed in order to glue everything some Postfix concepts are still needed in order to glue everything

3
postfix/html/lmtp.8.html
View File

@ -115,6 +115,7 @@ SMTP(8) SMTP(8)
<a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN Extension) <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN Extension)
<a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes) <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes)
<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command) <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command)
<a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol)
<b>DIAGNOSTICS</b> <b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Cor- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
@ -194,7 +195,7 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a> (yes)</b> <b><a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a> (yes)</b>
Quote addresses in Postfix SMTP client MAIL FROM Quote addresses in Postfix SMTP client MAIL FROM
and RCPT TO commands as required by <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. and RCPT TO commands as required by <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
<b><a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> (empty)</b> <b><a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> (empty)</b>
A mechanism to transform replies from remote SMTP A mechanism to transform replies from remote SMTP

62
postfix/html/postconf.5.html
View File

@ -96,7 +96,7 @@ is hard-coded as "450".
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -115,7 +115,7 @@ an <a href="access.5.html">access(5)</a> map "reject" action.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -2398,7 +2398,7 @@ client request is rejected by the "defer" restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -3646,7 +3646,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -5630,7 +5630,7 @@ client request is blocked by the <a href="postconf.5.html#reject_rbl_client">rej
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -6369,7 +6369,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -8416,7 +8416,7 @@ client request is rejected by the "reject" restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -8543,7 +8543,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -10003,12 +10003,12 @@ The default time unit is s (seconds).
<p> <p>
Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
as required as required
by <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. This includes putting quotes around an address localpart by <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>. This includes putting quotes around an address localpart
that ends in ".". that ends in ".".
</p> </p>
<p> <p>
The default is to comply with <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. If you have to send mail to The default is to comply with <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>. If you have to send mail to
a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>: a broken SMTP server, configure a special SMTP client in <a href="master.5.html">master.cf</a>:
</p> </p>
@ -16611,7 +16611,7 @@ always 450 in case of a temporary DNS error.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -16644,7 +16644,7 @@ with 450 when the mapping failed due to a temporary error condition.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -16675,7 +16675,7 @@ specified with the HELO or EHLO command is rejected by the
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
@ -16775,7 +16775,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -16799,7 +16799,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -16857,7 +16857,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -16881,7 +16881,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. Do not change this unless you have a complete understanding of <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
</p> </p>
<p> <p>
@ -17088,6 +17088,10 @@ Lookup tables with the per-recipient group ID for <a href="virtual.8.html">virtu
delivery. delivery.
</p> </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
In a lookup table, specify a left-hand side of "@domain.tld" to In a lookup table, specify a left-hand side of "@domain.tld" to
match any user in the specified domain that does not have a specific match any user in the specified domain that does not have a specific
@ -17128,6 +17132,10 @@ file system with mailboxes. While <a href="postconf.5.html#virtual_mailbox_base
set to "/", this setting isn't recommended. set to "/", this setting isn't recommended.
</p> </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
Example: Example:
</p> </p>
@ -17167,6 +17175,10 @@ value is backwards compatible with Postfix version 1.1.
The maximal size in bytes of an individual <a href="virtual.8.html">virtual(8)</a> mailbox or The maximal size in bytes of an individual <a href="virtual.8.html">virtual(8)</a> mailbox or
maildir file, or zero (no limit). </p> maildir file, or zero (no limit). </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
</DD> </DD>
@ -17179,6 +17191,10 @@ delivery. For a list of available file locking methods, use the
"<b>postconf -l</b>" command. "<b>postconf -l</b>" command.
</p> </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
This setting is ignored with <b>maildir</b> style delivery, because This setting is ignored with <b>maildir</b> style delivery, because
such deliveries are safe without application-level locks. such deliveries are safe without application-level locks.
@ -17211,6 +17227,10 @@ match any user in the specified domain that does not have a specific
"user@domain.tld" entry. "user@domain.tld" entry.
</p> </p>
<p> The remainder of this text is specific to the <a href="virtual.8.html">virtual(8)</a> delivery
agent. It does not apply when mail is delivered with a different
mail delivery program. </p>
<p> <p>
The <a href="virtual.8.html">virtual(8)</a> delivery agent uses this table to look up the The <a href="virtual.8.html">virtual(8)</a> delivery agent uses this table to look up the
per-recipient mailbox or maildir pathname. If the lookup result per-recipient mailbox or maildir pathname. If the lookup result
@ -17266,6 +17286,10 @@ values less than this will be rejected, and the message will be
deferred. deferred.
</p> </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
</DD> </DD>
@ -17300,6 +17324,10 @@ Lookup tables with the per-recipient user ID that the <a href="virtual.8.html">v
delivery agent uses while writing to the recipient's mailbox. delivery agent uses while writing to the recipient's mailbox.
</p> </p>
<p> This parameter is specific to the <a href="virtual.8.html">virtual(8)</a> delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
In a lookup table, specify a left-hand side of "@domain.tld" In a lookup table, specify a left-hand side of "@domain.tld"
to match any user in the specified domain that does not have a to match any user in the specified domain that does not have a

2
postfix/html/postqueue.1.html
View File

@ -73,7 +73,7 @@ POSTQUEUE(1) POSTQUEUE(1)
<b>-s</b> <i>site</i> <b>-s</b> <i>site</i>
Schedule immediate delivery of all mail that is Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. A numerical site must be queued for the named <i>site</i>. A numerical site must be
specified as a valid <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a> address literal specified as a valid <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> address literal
enclosed in [], just like in email addresses. The enclosed in [], just like in email addresses. The
site must be eligible for the "fast flush" service. site must be eligible for the "fast flush" service.
See <a href="flush.8.html"><b>flush</b>(8)</a> for more information about the "fast See <a href="flush.8.html"><b>flush</b>(8)</a> for more information about the "fast

22
postfix/html/postscreen.8.html
View File

@ -78,24 +78,24 @@ POSTSCREEN(8) POSTSCREEN(8)
<b>BUGS</b> <b>BUGS</b>
The <a href="postscreen.8.html"><b>postscreen</b>(8)</a> built-in SMTP protocol engine currently The <a href="postscreen.8.html"><b>postscreen</b>(8)</a> built-in SMTP protocol engine currently
does not announce support for AUTH, XCLIENT or XFORWARD. does not announce support for AUTH, XCLIENT or XFORWARD.
Support for AUTH may be added in the future. In the mean If you need to make these services available on port 25,
time, if you need to make these services available on port then do not enable the optional "after 220 server greet-
25, then do not enable the optional "after 220 server ing" tests, and do not use DNSBLs that reject traffic from
greeting" tests, and do not use DNSBLs that reject traffic dial-up and residential networks.
from dial-up and residential networks.
The optional "after 220 server greeting" tests involve The optional "after 220 server greeting" tests involve
<a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine. When these <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s built-in SMTP protocol engine. When these
tests succeed, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> adds the client to the tempo- tests succeed, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> adds the client to the tempo-
rary whitelist but it cannot not hand off the "live" con- rary whitelist, but it cannot not hand off the "live" con-
nection to a Postfix SMTP server process in the middle of nection to a Postfix SMTP server process in the middle of
a session. Instead, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> defers attempts to a session. Instead, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> defers attempts to
deliver mail with a 4XX status, and waits for the client deliver mail with a 4XX status, and waits for the client
to disconnect. The next time a good client connects, it to disconnect. When the client connects again,
will be allowed to talk to a Postfix SMTP server process <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will allow the client to talk to a Postfix
to deliver mail. <a href="postscreen.8.html"><b>postscreen</b>(8)</a> mitigates the impact of SMTP server process (provided that the whitelist status
this limitation by giving such tests a long expiration has not expired). <a href="postscreen.8.html"><b>postscreen</b>(8)</a> mitigates the impact of
time. this limitation by giving the "after 220 server greeting"
tests a long expiration time.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
Changes to <a href="postconf.5.html">main.cf</a> are not picked up automatically, as Changes to <a href="postconf.5.html">main.cf</a> are not picked up automatically, as

3
postfix/html/smtp.8.html
View File

@ -115,6 +115,7 @@ SMTP(8) SMTP(8)
<a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN Extension) <a href="http://tools.ietf.org/html/rfc3461">RFC 3461</a> (SMTP DSN Extension)
<a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes) <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a> (Enhanced Status Codes)
<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command) <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command)
<a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol)
<b>DIAGNOSTICS</b> <b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Cor- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
@ -194,7 +195,7 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a> (yes)</b> <b><a href="postconf.5.html#smtp_quote_rfc821_envelope">smtp_quote_rfc821_envelope</a> (yes)</b>
Quote addresses in Postfix SMTP client MAIL FROM Quote addresses in Postfix SMTP client MAIL FROM
and RCPT TO commands as required by <a href="http://tools.ietf.org/html/rfc2821">RFC 2821</a>. and RCPT TO commands as required by <a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a>.
<b><a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> (empty)</b> <b><a href="postconf.5.html#smtp_reply_filter">smtp_reply_filter</a> (empty)</b>
A mechanism to transform replies from remote SMTP A mechanism to transform replies from remote SMTP

1
postfix/html/smtpd.8.html
View File

@ -59,6 +59,7 @@ SMTPD(8) SMTPD(8)
<a href="http://tools.ietf.org/html/rfc3848">RFC 3848</a> (ESMTP transmission types) <a href="http://tools.ietf.org/html/rfc3848">RFC 3848</a> (ESMTP transmission types)
<a href="http://tools.ietf.org/html/rfc4409">RFC 4409</a> (Message submission) <a href="http://tools.ietf.org/html/rfc4409">RFC 4409</a> (Message submission)
<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command) <a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a> (AUTH command)
<a href="http://tools.ietf.org/html/rfc5321">RFC 5321</a> (SMTP protocol)
<b>DIAGNOSTICS</b> <b>DIAGNOSTICS</b>
Problems and transactions are logged to <b>syslogd</b>(8). Problems and transactions are logged to <b>syslogd</b>(8).

2
postfix/man/man1/postqueue.1
View File

@ -66,7 +66,7 @@ attempt will be made until the mail is taken off hold.
.RE .RE
.IP "\fB-s \fIsite\fR" .IP "\fB-s \fIsite\fR"
Schedule immediate delivery of all mail that is queued for the named Schedule immediate delivery of all mail that is queued for the named
\fIsite\fR. A numerical site must be specified as a valid RFC 2821 \fIsite\fR. A numerical site must be specified as a valid RFC 5321
address literal enclosed in [], just like in email addresses. address literal enclosed in [], just like in email addresses.
The site must be eligible for the "fast flush" service. The site must be eligible for the "fast flush" service.
See \fBflush\fR(8) for more information about the "fast flush" See \fBflush\fR(8) for more information about the "fast flush"

62
postfix/man/man5/postconf.5
View File

@ -69,14 +69,14 @@ an \fBaccess\fR(5) map "defer" action, including "defer_if_permit"
or "defer_if_reject". Prior to Postfix 2.6, the response or "defer_if_reject". Prior to Postfix 2.6, the response
is hard-coded as "450". is hard-coded as "450".
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
.SH access_map_reject_code (default: 554) .SH access_map_reject_code (default: 554)
The numerical Postfix SMTP server response code for The numerical Postfix SMTP server response code for
an \fBaccess\fR(5) map "reject" action. an \fBaccess\fR(5) map "reject" action.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH address_verify_cache_cleanup_interval (default: 12h) .SH address_verify_cache_cleanup_interval (default: 12h)
The amount of time between \fBverify\fR(8) address verification The amount of time between \fBverify\fR(8) address verification
database cleanup runs. This feature requires that the database database cleanup runs. This feature requires that the database
@ -1392,7 +1392,7 @@ This feature is available in Postfix 1.1 and later.
The numerical Postfix SMTP server response code when a remote SMTP The numerical Postfix SMTP server response code when a remote SMTP
client request is rejected by the "defer" restriction. client request is rejected by the "defer" restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH defer_service_name (default: defer) .SH defer_service_name (default: defer)
The name of the defer service. This service is implemented by the The name of the defer service. This service is implemented by the
\fBbounce\fR(8) daemon and maintains a record \fBbounce\fR(8) daemon and maintains a record
@ -2093,7 +2093,7 @@ The numerical Postfix SMTP server response code when the client
HELO or EHLO command parameter is rejected by the reject_invalid_helo_hostname HELO or EHLO command parameter is rejected by the reject_invalid_helo_hostname
restriction. restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH ipc_idle (default: version dependent) .SH ipc_idle (default: version dependent)
The time after which a client closes an idle internal communication The time after which a client closes an idle internal communication
channel. The purpose is to allow Postfix daemon processes to channel. The purpose is to allow Postfix daemon processes to
@ -3142,7 +3142,7 @@ client request is blocked by the reject_rbl_client, reject_rhsbl_client,
reject_rhsbl_reverse_client, reject_rhsbl_sender or reject_rhsbl_reverse_client, reject_rhsbl_sender or
reject_rhsbl_recipient restriction. reject_rhsbl_recipient restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH masquerade_classes (default: envelope_sender, header_sender, header_recipient) .SH masquerade_classes (default: envelope_sender, header_sender, header_recipient)
What addresses are subject to address masquerading. What addresses are subject to address masquerading.
.PP .PP
@ -3609,7 +3609,7 @@ The numerical Postfix SMTP server response code when a remote SMTP
client request is blocked by the reject_multi_recipient_bounce client request is blocked by the reject_multi_recipient_bounce
restriction. restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
.SH mydestination (default: $myhostname, localhost.$mydomain, localhost) .SH mydestination (default: $myhostname, localhost.$mydomain, localhost)
@ -4860,7 +4860,7 @@ recipient_delimiter = +
The numerical Postfix SMTP server response code when a remote SMTP The numerical Postfix SMTP server response code when a remote SMTP
client request is rejected by the "reject" restriction. client request is rejected by the "reject" restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH reject_tempfail_action (default: defer_if_permit) .SH reject_tempfail_action (default: defer_if_permit)
The Postfix SMTP server's action when a reject-type restriction The Postfix SMTP server's action when a reject-type restriction
fails due to a temporary error condition. Specify "defer" to defer fails due to a temporary error condition. Specify "defer" to defer
@ -4950,7 +4950,7 @@ The numerical Postfix SMTP server response code when a client
request is rejected by the reject_unauth_destination recipient request is rejected by the reject_unauth_destination recipient
restriction. restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH relay_recipient_maps (default: empty) .SH relay_recipient_maps (default: empty)
Optional lookup tables with all valid addresses in the domains Optional lookup tables with all valid addresses in the domains
that match $relay_domains. Specify @domain as a wild-card for that match $relay_domains. Specify @domain as a wild-card for
@ -5833,10 +5833,10 @@ The default time unit is s (seconds).
.SH smtp_quote_rfc821_envelope (default: yes) .SH smtp_quote_rfc821_envelope (default: yes)
Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
as required as required
by RFC 2821. This includes putting quotes around an address localpart by RFC 5321. This includes putting quotes around an address localpart
that ends in ".". that ends in ".".
.PP .PP
The default is to comply with RFC 2821. If you have to send mail to The default is to comply with RFC 5321. If you have to send mail to
a broken SMTP server, configure a special SMTP client in master.cf: a broken SMTP server, configure a special SMTP client in master.cf:
.sp .sp
.in +4 .in +4
@ -10700,7 +10700,7 @@ recipient address is rejected by the reject_unknown_sender_domain
or reject_unknown_recipient_domain restriction. The response is or reject_unknown_recipient_domain restriction. The response is
always 450 in case of a temporary DNS error. always 450 in case of a temporary DNS error.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH unknown_address_tempfail_action (default: $reject_tempfail_action) .SH unknown_address_tempfail_action (default: $reject_tempfail_action)
The Postfix SMTP server's action when reject_unknown_sender_domain The Postfix SMTP server's action when reject_unknown_sender_domain
or reject_unknown_recipient_domain fail due to a temporary error or reject_unknown_recipient_domain fail due to a temporary error
@ -10716,7 +10716,7 @@ without valid address <=> name mapping is rejected by the
reject_unknown_client_hostname restriction. The SMTP server always replies reject_unknown_client_hostname restriction. The SMTP server always replies
with 450 when the mapping failed due to a temporary error condition. with 450 when the mapping failed due to a temporary error condition.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH unknown_helo_hostname_tempfail_action (default: $reject_tempfail_action) .SH unknown_helo_hostname_tempfail_action (default: $reject_tempfail_action)
The Postfix SMTP server's action when reject_unknown_helo_hostname The Postfix SMTP server's action when reject_unknown_helo_hostname
fails due to an temporary error condition. Specify "defer" to defer fails due to an temporary error condition. Specify "defer" to defer
@ -10731,7 +10731,7 @@ The numerical Postfix SMTP server response code when the hostname
specified with the HELO or EHLO command is rejected by the specified with the HELO or EHLO command is rejected by the
reject_unknown_helo_hostname restriction. reject_unknown_helo_hostname restriction.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.SH unknown_local_recipient_reject_code (default: 550) .SH unknown_local_recipient_reject_code (default: 550)
The numerical Postfix SMTP server response code when a recipient The numerical Postfix SMTP server response code when a recipient
address is local, and $local_recipient_maps specifies a list of address is local, and $local_recipient_maps specifies a list of
@ -10779,7 +10779,7 @@ probe fails due to a temporary error condition.
Unlike elsewhere in Postfix, you can specify 250 in order to Unlike elsewhere in Postfix, you can specify 250 in order to
accept the address anyway. accept the address anyway.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
.SH unverified_recipient_reject_code (default: 450) .SH unverified_recipient_reject_code (default: 450)
@ -10789,7 +10789,7 @@ is rejected by the reject_unverified_recipient restriction.
Unlike elsewhere in Postfix, you can specify 250 in order to Unlike elsewhere in Postfix, you can specify 250 in order to
accept the address anyway. accept the address anyway.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
.SH unverified_recipient_reject_reason (default: empty) .SH unverified_recipient_reject_reason (default: empty)
@ -10825,7 +10825,7 @@ probe fails due to a temporary error condition.
Unlike elsewhere in Postfix, you can specify 250 in order to Unlike elsewhere in Postfix, you can specify 250 in order to
accept the address anyway. accept the address anyway.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.6 and later. This feature is available in Postfix 2.6 and later.
.SH unverified_sender_reject_code (default: 450) .SH unverified_sender_reject_code (default: 450)
@ -10835,7 +10835,7 @@ address is rejected by the reject_unverified_sender restriction.
Unlike elsewhere in Postfix, you can specify 250 in order to Unlike elsewhere in Postfix, you can specify 250 in order to
accept the address anyway. accept the address anyway.
.PP .PP
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
.PP .PP
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
.SH unverified_sender_reject_reason (default: empty) .SH unverified_sender_reject_reason (default: empty)
@ -10961,6 +10961,10 @@ into concurrency per recipient.
Lookup tables with the per-recipient group ID for \fBvirtual\fR(8) mailbox Lookup tables with the per-recipient group ID for \fBvirtual\fR(8) mailbox
delivery. delivery.
.PP .PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.PP
In a lookup table, specify a left-hand side of "@domain.tld" to In a lookup table, specify a left-hand side of "@domain.tld" to
match any user in the specified domain that does not have a specific match any user in the specified domain that does not have a specific
"user@domain.tld" entry. "user@domain.tld" entry.
@ -10985,6 +10989,10 @@ measure to ensure that an out of control map doesn't litter the
file system with mailboxes. While virtual_mailbox_base could be file system with mailboxes. While virtual_mailbox_base could be
set to "/", this setting isn't recommended. set to "/", this setting isn't recommended.
.PP .PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.PP
Example: Example:
.PP .PP
.nf .nf
@ -11010,11 +11018,19 @@ value is backwards compatible with Postfix version 1.1.
.SH virtual_mailbox_limit (default: 51200000) .SH virtual_mailbox_limit (default: 51200000)
The maximal size in bytes of an individual \fBvirtual\fR(8) mailbox or The maximal size in bytes of an individual \fBvirtual\fR(8) mailbox or
maildir file, or zero (no limit). maildir file, or zero (no limit).
.PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.SH virtual_mailbox_lock (default: see "postconf -d" output) .SH virtual_mailbox_lock (default: see "postconf -d" output)
How to lock a UNIX-style \fBvirtual\fR(8) mailbox before attempting How to lock a UNIX-style \fBvirtual\fR(8) mailbox before attempting
delivery. For a list of available file locking methods, use the delivery. For a list of available file locking methods, use the
"\fBpostconf -l\fR" command. "\fBpostconf -l\fR" command.
.PP .PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.PP
This setting is ignored with \fBmaildir\fR style delivery, because This setting is ignored with \fBmaildir\fR style delivery, because
such deliveries are safe without application-level locks. such deliveries are safe without application-level locks.
.PP .PP
@ -11031,6 +11047,10 @@ In a lookup table, specify a left-hand side of "@domain.tld" to
match any user in the specified domain that does not have a specific match any user in the specified domain that does not have a specific
"user@domain.tld" entry. "user@domain.tld" entry.
.PP .PP
The remainder of this text is specific to the \fBvirtual\fR(8) delivery
agent. It does not apply when mail is delivered with a different
mail delivery program.
.PP
The \fBvirtual\fR(8) delivery agent uses this table to look up the The \fBvirtual\fR(8) delivery agent uses this table to look up the
per-recipient mailbox or maildir pathname. If the lookup result per-recipient mailbox or maildir pathname. If the lookup result
ends in a slash ("/"), maildir-style delivery is carried out, ends in a slash ("/"), maildir-style delivery is carried out,
@ -11063,6 +11083,10 @@ The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
as a result from $virtual_uid_maps table lookup. Returned as a result from $virtual_uid_maps table lookup. Returned
values less than this will be rejected, and the message will be values less than this will be rejected, and the message will be
deferred. deferred.
.PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.SH virtual_transport (default: virtual) .SH virtual_transport (default: virtual)
The default mail delivery transport and next-hop destination for The default mail delivery transport and next-hop destination for
final delivery to domains listed with $virtual_mailbox_domains. final delivery to domains listed with $virtual_mailbox_domains.
@ -11078,6 +11102,10 @@ This feature is available in Postfix 2.0 and later.
Lookup tables with the per-recipient user ID that the \fBvirtual\fR(8) Lookup tables with the per-recipient user ID that the \fBvirtual\fR(8)
delivery agent uses while writing to the recipient's mailbox. delivery agent uses while writing to the recipient's mailbox.
.PP .PP
This parameter is specific to the \fBvirtual\fR(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program.
.PP
In a lookup table, specify a left-hand side of "@domain.tld" In a lookup table, specify a left-hand side of "@domain.tld"
to match any user in the specified domain that does not have a to match any user in the specified domain that does not have a
specific "user@domain.tld" entry. specific "user@domain.tld" entry.

16
postfix/man/man8/postscreen.8
View File

@ -83,8 +83,7 @@ Problems and transactions are logged to \fBsyslogd\fR(8).
The \fBpostscreen\fR(8) built-in SMTP protocol engine The \fBpostscreen\fR(8) built-in SMTP protocol engine
currently does not announce support for AUTH, XCLIENT or currently does not announce support for AUTH, XCLIENT or
XFORWARD. XFORWARD.
Support for AUTH may be added in the future. If you need to make these services available
In the mean time, if you need to make these services available
on port 25, then do not enable the optional "after 220 on port 25, then do not enable the optional "after 220
server greeting" tests, and do not use DNSBLs that reject server greeting" tests, and do not use DNSBLs that reject
traffic from dial-up and residential networks. traffic from dial-up and residential networks.
@ -92,15 +91,16 @@ traffic from dial-up and residential networks.
The optional "after 220 server greeting" tests involve The optional "after 220 server greeting" tests involve
\fBpostscreen\fR(8)'s built-in SMTP protocol engine. When \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
these tests succeed, \fBpostscreen\fR(8) adds the client these tests succeed, \fBpostscreen\fR(8) adds the client
to the temporary whitelist but it cannot not hand off the to the temporary whitelist, but it cannot not hand off the
"live" connection to a Postfix SMTP server process in the "live" connection to a Postfix SMTP server process in the
middle of a session. Instead, \fBpostscreen\fR(8) defers middle of a session. Instead, \fBpostscreen\fR(8) defers
attempts to deliver mail with a 4XX status, and waits for attempts to deliver mail with a 4XX status, and waits for
the client to disconnect. The next time a good client the client to disconnect. When the client connects again,
connects, it will be allowed to talk to a Postfix SMTP \fBpostscreen\fR(8) will allow the client to talk to a
server process to deliver mail. \fBpostscreen\fR(8) mitigates Postfix SMTP server process (provided that the whitelist
the impact of this limitation by giving such tests a long status has not expired). \fBpostscreen\fR(8) mitigates
expiration time. the impact of this limitation by giving the "after 220
server greeting" tests a long expiration time.
.SH "CONFIGURATION PARAMETERS" .SH "CONFIGURATION PARAMETERS"
.na .na
.nf .nf

3
postfix/man/man8/smtp.8
View File

@ -109,6 +109,7 @@ RFC 3207 (STARTTLS command)
RFC 3461 (SMTP DSN Extension) RFC 3461 (SMTP DSN Extension)
RFC 3463 (Enhanced Status Codes) RFC 3463 (Enhanced Status Codes)
RFC 4954 (AUTH command) RFC 4954 (AUTH command)
RFC 5321 (SMTP protocol)
.SH DIAGNOSTICS .SH DIAGNOSTICS
.ad .ad
.fi .fi
@ -185,7 +186,7 @@ per-destination workarounds for CISCO PIX firewall bugs.
.IP "\fBsmtp_quote_rfc821_envelope (yes)\fR" .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR"
Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
as required as required
by RFC 2821. by RFC 5321.
.IP "\fBsmtp_reply_filter (empty)\fR" .IP "\fBsmtp_reply_filter (empty)\fR"
A mechanism to transform replies from remote SMTP servers one A mechanism to transform replies from remote SMTP servers one
line at a time. line at a time.

1
postfix/man/man8/smtpd.8
View File

@ -62,6 +62,7 @@ RFC 3463 (Enhanced status codes)
RFC 3848 (ESMTP transmission types) RFC 3848 (ESMTP transmission types)
RFC 4409 (Message submission) RFC 4409 (Message submission)
RFC 4954 (AUTH command) RFC 4954 (AUTH command)
RFC 5321 (SMTP protocol)
.SH DIAGNOSTICS .SH DIAGNOSTICS
.ad .ad
.fi .fi

6
postfix/proto/VIRTUAL_README.html
View File

@ -357,7 +357,11 @@ in the virtual(8) manual page. </p>
domains, non-UNIX accounts</a></h2> domains, non-UNIX accounts</a></h2>
<p> This is a variation on the Postfix virtual mailbox example. <p> This is a variation on the Postfix virtual mailbox example.
Again, every hosted address can have its own mailbox. </p> Again, every hosted address can have its own mailbox. However, most
parameters that control the virtual(8) delivery agent are no longer
applicable: only virtual_mailbox_domains and virtual_mailbox_maps
stay in effect. These parameters are needed to reject mail for
unknown recipients. </p>
<p> While non-Postfix software is being used for final delivery, <p> While non-Postfix software is being used for final delivery,
some Postfix concepts are still needed in order to glue everything some Postfix concepts are still needed in order to glue everything

62
postfix/proto/postconf.proto
View File

@ -157,7 +157,7 @@ an access(5) map "reject" action.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM access_map_defer_code 450 %PARAM access_map_defer_code 450
@ -170,7 +170,7 @@ is hard-coded as "450".
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -1291,7 +1291,7 @@ client request is rejected by the "defer" restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM defer_transports %PARAM defer_transports
@ -1979,7 +1979,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM ipc_idle version dependent %PARAM ipc_idle version dependent
@ -2625,7 +2625,7 @@ reject_rhsbl_recipient restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM masquerade_classes envelope_sender, header_sender, header_recipient %PARAM masquerade_classes envelope_sender, header_sender, header_recipient
@ -2837,7 +2837,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -3468,7 +3468,7 @@ client request is rejected by the "reject" restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM relay_domains $mydestination %PARAM relay_domains $mydestination
@ -3508,7 +3508,7 @@ restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM relay_recipient_maps %PARAM relay_recipient_maps
@ -4242,12 +4242,12 @@ The default time unit is s (seconds).
<p> <p>
Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
as required as required
by RFC 2821. This includes putting quotes around an address localpart by RFC 5321. This includes putting quotes around an address localpart
that ends in ".". that ends in ".".
</p> </p>
<p> <p>
The default is to comply with RFC 2821. If you have to send mail to The default is to comply with RFC 5321. If you have to send mail to
a broken SMTP server, configure a special SMTP client in master.cf: a broken SMTP server, configure a special SMTP client in master.cf:
</p> </p>
@ -6412,7 +6412,7 @@ always 450 in case of a temporary DNS error.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM unknown_client_reject_code 450 %PARAM unknown_client_reject_code 450
@ -6425,7 +6425,7 @@ with 450 when the mapping failed due to a temporary error condition.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM unknown_hostname_reject_code 450 %PARAM unknown_hostname_reject_code 450
@ -6437,7 +6437,7 @@ reject_unknown_helo_hostname restriction.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
%PARAM unknown_local_recipient_reject_code 550 %PARAM unknown_local_recipient_reject_code 550
@ -6481,7 +6481,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -6501,7 +6501,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -6521,7 +6521,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -6541,7 +6541,7 @@ accept the address anyway.
</p> </p>
<p> <p>
Do not change this unless you have a complete understanding of RFC 2821. Do not change this unless you have a complete understanding of RFC 5321.
</p> </p>
<p> <p>
@ -8272,6 +8272,10 @@ Lookup tables with the per-recipient group ID for virtual(8) mailbox
delivery. delivery.
</p> </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
In a lookup table, specify a left-hand side of "@domain.tld" to In a lookup table, specify a left-hand side of "@domain.tld" to
match any user in the specified domain that does not have a specific match any user in the specified domain that does not have a specific
@ -8308,6 +8312,10 @@ file system with mailboxes. While virtual_mailbox_base could be
set to "/", this setting isn't recommended. set to "/", this setting isn't recommended.
</p> </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
Example: Example:
</p> </p>
@ -8339,6 +8347,10 @@ value is backwards compatible with Postfix version 1.1.
The maximal size in bytes of an individual virtual(8) mailbox or The maximal size in bytes of an individual virtual(8) mailbox or
maildir file, or zero (no limit). </p> maildir file, or zero (no limit). </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
%PARAM virtual_mailbox_lock see "postconf -d" output %PARAM virtual_mailbox_lock see "postconf -d" output
<p> <p>
@ -8347,6 +8359,10 @@ delivery. For a list of available file locking methods, use the
"<b>postconf -l</b>" command. "<b>postconf -l</b>" command.
</p> </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
This setting is ignored with <b>maildir</b> style delivery, because This setting is ignored with <b>maildir</b> style delivery, because
such deliveries are safe without application-level locks. such deliveries are safe without application-level locks.
@ -8375,6 +8391,10 @@ match any user in the specified domain that does not have a specific
"user@domain.tld" entry. "user@domain.tld" entry.
</p> </p>
<p> The remainder of this text is specific to the virtual(8) delivery
agent. It does not apply when mail is delivered with a different
mail delivery program. </p>
<p> <p>
The virtual(8) delivery agent uses this table to look up the The virtual(8) delivery agent uses this table to look up the
per-recipient mailbox or maildir pathname. If the lookup result per-recipient mailbox or maildir pathname. If the lookup result
@ -8413,6 +8433,10 @@ values less than this will be rejected, and the message will be
deferred. deferred.
</p> </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
%PARAM virtual_transport virtual %PARAM virtual_transport virtual
<p> <p>
@ -8439,6 +8463,10 @@ Lookup tables with the per-recipient user ID that the virtual(8)
delivery agent uses while writing to the recipient's mailbox. delivery agent uses while writing to the recipient's mailbox.
</p> </p>
<p> This parameter is specific to the virtual(8) delivery agent.
It does not apply when mail is delivered with a different mail
delivery program. </p>
<p> <p>
In a lookup table, specify a left-hand side of "@domain.tld" In a lookup table, specify a left-hand side of "@domain.tld"
to match any user in the specified domain that does not have a to match any user in the specified domain that does not have a

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20120715" #define MAIL_RELEASE_DATE "20120801"
#define MAIL_VERSION_NUMBER "2.10" #define MAIL_VERSION_NUMBER "2.10"
#ifdef SNAPSHOT #ifdef SNAPSHOT

2
postfix/src/postqueue/postqueue.c
View File

@ -60,7 +60,7 @@
/* .RE /* .RE
/* .IP "\fB-s \fIsite\fR" /* .IP "\fB-s \fIsite\fR"
/* Schedule immediate delivery of all mail that is queued for the named /* Schedule immediate delivery of all mail that is queued for the named
/* \fIsite\fR. A numerical site must be specified as a valid RFC 2821 /* \fIsite\fR. A numerical site must be specified as a valid RFC 5321
/* address literal enclosed in [], just like in email addresses. /* address literal enclosed in [], just like in email addresses.
/* The site must be eligible for the "fast flush" service. /* The site must be eligible for the "fast flush" service.
/* See \fBflush\fR(8) for more information about the "fast flush" /* See \fBflush\fR(8) for more information about the "fast flush"

16
postfix/src/postscreen/postscreen.c
View File

@ -69,8 +69,7 @@
/* The \fBpostscreen\fR(8) built-in SMTP protocol engine /* The \fBpostscreen\fR(8) built-in SMTP protocol engine
/* currently does not announce support for AUTH, XCLIENT or /* currently does not announce support for AUTH, XCLIENT or
/* XFORWARD. /* XFORWARD.
/* Support for AUTH may be added in the future. /* If you need to make these services available
/* In the mean time, if you need to make these services available
/* on port 25, then do not enable the optional "after 220 /* on port 25, then do not enable the optional "after 220
/* server greeting" tests, and do not use DNSBLs that reject /* server greeting" tests, and do not use DNSBLs that reject
/* traffic from dial-up and residential networks. /* traffic from dial-up and residential networks.
@ -78,15 +77,16 @@
/* The optional "after 220 server greeting" tests involve /* The optional "after 220 server greeting" tests involve
/* \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When /* \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
/* these tests succeed, \fBpostscreen\fR(8) adds the client /* these tests succeed, \fBpostscreen\fR(8) adds the client
/* to the temporary whitelist but it cannot not hand off the /* to the temporary whitelist, but it cannot not hand off the
/* "live" connection to a Postfix SMTP server process in the /* "live" connection to a Postfix SMTP server process in the
/* middle of a session. Instead, \fBpostscreen\fR(8) defers /* middle of a session. Instead, \fBpostscreen\fR(8) defers
/* attempts to deliver mail with a 4XX status, and waits for /* attempts to deliver mail with a 4XX status, and waits for
/* the client to disconnect. The next time a good client /* the client to disconnect. When the client connects again,
/* connects, it will be allowed to talk to a Postfix SMTP /* \fBpostscreen\fR(8) will allow the client to talk to a
/* server process to deliver mail. \fBpostscreen\fR(8) mitigates /* Postfix SMTP server process (provided that the whitelist
/* the impact of this limitation by giving such tests a long /* status has not expired). \fBpostscreen\fR(8) mitigates
/* expiration time. /* the impact of this limitation by giving the "after 220
/* server greeting" tests a long expiration time.
/* CONFIGURATION PARAMETERS /* CONFIGURATION PARAMETERS
/* .ad /* .ad
/* .fi /* .fi

3
postfix/src/smtp/smtp.c
View File

@ -95,6 +95,7 @@
/* RFC 3461 (SMTP DSN Extension) /* RFC 3461 (SMTP DSN Extension)
/* RFC 3463 (Enhanced Status Codes) /* RFC 3463 (Enhanced Status Codes)
/* RFC 4954 (AUTH command) /* RFC 4954 (AUTH command)
/* RFC 5321 (SMTP protocol)
/* DIAGNOSTICS /* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8). /* Problems and transactions are logged to \fBsyslogd\fR(8).
/* Corrupted message files are marked so that the queue manager can /* Corrupted message files are marked so that the queue manager can
@ -163,7 +164,7 @@
/* .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR" /* .IP "\fBsmtp_quote_rfc821_envelope (yes)\fR"
/* Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands /* Quote addresses in Postfix SMTP client MAIL FROM and RCPT TO commands
/* as required /* as required
/* by RFC 2821. /* by RFC 5321.
/* .IP "\fBsmtp_reply_filter (empty)\fR" /* .IP "\fBsmtp_reply_filter (empty)\fR"
/* A mechanism to transform replies from remote SMTP servers one /* A mechanism to transform replies from remote SMTP servers one
/* line at a time. /* line at a time.

15
postfix/src/smtpd/smtpd.c
View File

@ -52,6 +52,7 @@
/* RFC 3848 (ESMTP transmission types) /* RFC 3848 (ESMTP transmission types)
/* RFC 4409 (Message submission) /* RFC 4409 (Message submission)
/* RFC 4954 (AUTH command) /* RFC 4954 (AUTH command)
/* RFC 5321 (SMTP protocol)
/* DIAGNOSTICS /* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8). /* Problems and transactions are logged to \fBsyslogd\fR(8).
/* /*
@ -2217,9 +2218,7 @@ static int mail_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
smtpd_chat_reply(state, "503 5.5.1 Error: send HELO/EHLO first"); smtpd_chat_reply(state, "503 5.5.1 Error: send HELO/EHLO first");
return (-1); return (-1);
} }
#define IN_MAIL_TRANSACTION(state) ((state)->sender != 0) if (SMTPD_IN_MAIL_TRANSACTION(state)) {
if (IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: nested MAIL command"); smtpd_chat_reply(state, "503 5.5.1 Error: nested MAIL command");
return (-1); return (-1);
@ -2525,7 +2524,7 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
* command with a 501 response. So much for the principle of "be liberal * command with a 501 response. So much for the principle of "be liberal
* in what you accept, be strict in what you send". * in what you accept, be strict in what you send".
*/ */
if (!IN_MAIL_TRANSACTION(state)) { if (!SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: need MAIL command"); smtpd_chat_reply(state, "503 5.5.1 Error: need MAIL command");
return (-1); return (-1);
@ -2888,7 +2887,7 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
* error. * error.
*/ */
if (state->rcpt_count == 0) { if (state->rcpt_count == 0) {
if (!IN_MAIL_TRANSACTION(state)) { if (!SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: need RCPT command"); smtpd_chat_reply(state, "503 5.5.1 Error: need RCPT command");
} else { } else {
@ -3438,7 +3437,7 @@ static int etrn_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
smtpd_chat_reply(state, "%s", err); smtpd_chat_reply(state, "%s", err);
return (-1); return (-1);
} }
if (IN_MAIL_TRANSACTION(state)) { if (SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 Error: MAIL transaction in progress"); smtpd_chat_reply(state, "503 Error: MAIL transaction in progress");
return (-1); return (-1);
@ -3553,7 +3552,7 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
* XXX The XCLIENT command will override its own access control, so that * XXX The XCLIENT command will override its own access control, so that
* connection count/rate restrictions can be correctly simulated. * connection count/rate restrictions can be correctly simulated.
*/ */
if (IN_MAIL_TRANSACTION(state)) { if (SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: MAIL transaction in progress"); smtpd_chat_reply(state, "503 5.5.1 Error: MAIL transaction in progress");
return (-1); return (-1);
@ -3849,7 +3848,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
/* /*
* Sanity checks. * Sanity checks.
*/ */
if (IN_MAIL_TRANSACTION(state)) { if (SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL; state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: MAIL transaction in progress"); smtpd_chat_reply(state, "503 5.5.1 Error: MAIL transaction in progress");
return (-1); return (-1);

5
postfix/src/smtpd/smtpd.h
View File

@ -305,6 +305,11 @@ extern void smtpd_state_reset(SMTPD_STATE *);
#define USE_SMTPD_PROXY(state) \ #define USE_SMTPD_PROXY(state) \
(SMTPD_STAND_ALONE(state) == 0 && *var_smtpd_proxy_filt) (SMTPD_STAND_ALONE(state) == 0 && *var_smtpd_proxy_filt)
/*
* Are we in a MAIL transaction?
*/
#define SMTPD_IN_MAIL_TRANSACTION(state) ((state)->sender != 0)
/* /*
* SMTPD peer information lookup. * SMTPD peer information lookup.
*/ */

5
postfix/src/smtpd/smtpd_sasl_proto.c
View File

@ -164,6 +164,11 @@ int smtpd_sasl_auth_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
smtpd_chat_reply(state, "503 5.5.1 Error: authentication not enabled"); smtpd_chat_reply(state, "503 5.5.1 Error: authentication not enabled");
return (-1); return (-1);
} }
if (SMTPD_IN_MAIL_TRANSACTION(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: MAIL transaction in progress");
return (-1);
}
if (smtpd_milters != 0 && (err = milter_other_event(smtpd_milters)) != 0) { if (smtpd_milters != 0 && (err = milter_other_event(smtpd_milters)) != 0) {
if (err[0] == '5') { if (err[0] == '5') {
state->error_mask |= MAIL_ERROR_POLICY; state->error_mask |= MAIL_ERROR_POLICY;