mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-31 14:17:41 +00:00
Code Issues Releases Wiki Activity

postfix-2.0.11-20030609

Browse Source
This commit is contained in:
Wietse Venema
2003-06-09 00:00:00 -05:00
committed by Viktor Dukhovni
parent 0e858d9596
commit 6e9e5c1246
31 changed files with 592 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
postfix/.indent.pro vendored
View File

@@ -67,7 +67,6 @@
-THEADER_OPTS
-THEADER_TOKEN
-THOST
-THOST
-THTABLE
-THTABLE_INFO
-TINET_ADDR_LIST
@@ -132,6 +131,7 @@
-TRESOLVE_REPLY
-TRESPONSE
-TREST_TABLE
-TRES_CONTEXT
-TSCAN_DIR
-TSCAN_INFO
-TSCAN_OBJ
@@ -157,6 +157,7 @@
-TSTRING_TABLE
-TSYS_EXITS_TABLE
-TTOK822
-TTRANSPORT_INFO
-TTRIGGER_SERVER
-TUSER_ATTR
-TVBUF

4
postfix/0README → postfix/AAAREADME
View File

@@ -46,10 +46,10 @@ Web sites:
Mail addresses (PLEASE send questions to the mailing list)
postfix-XXX@postfix.org Postfix mailing lists
postfix-users@postfix.org Postfix users mailing list
wietse@porcupine.org the original author
In order to subscribe to a mailing list, see http://www.postfix.org/.
In order to subscribe to the mailing list, see http://www.postfix.org/.
Acknowledgments
===============

3
postfix/COMPATIBILITY
View File

@@ -38,6 +38,7 @@ newaliases yes (main alias database only)
nis tables yes
nis+ tables not yet
no <> in smtp yes (most common address forms)
pgsql tables yes (contributed)
pipeline option yes (server and client)
pop/imap yes (with third-party daemons that use /var[/spool]/mail)
qmqp server yes (with verp support)
@@ -49,7 +50,7 @@ sendmail -q yes
sendmail -qRxxx yes (for domains specified in fast_flush_domains)
sendmail -qSxxx no
sendmail -qtime ignored
sendmail -v yes (but does not show delivery)
sendmail -v yes (sends delivery report via email)
sendmail.cf no (uses table-driven address rewriting)
size option yes, server and client
smarthost yes (specify relayhost in main.cf)

21
postfix/HISTORY
View File

@@ -1264,12 +1264,12 @@ Apologies for any names omitted.
reorganization of the way queue scans were done. The queue
manager socket now has become public.
10091002
19981002
SMTPD now logs "lost connection after end-of-message"
instead of "lost connection after DATA".
10091005
19981005
More bullet proofing: timeouts on all triggers.
@@ -8165,6 +8165,23 @@ Apologies for any names omitted.
Cleanup: added support for vstream_fseek(.., .., SEEK_END).
File: util/vstream.c.
20030608
Feature: separate address resolver controls for address
verification probe messages: address_verify_{local,virtual,
relay,default}_transport, address_verify_relayhost, and
address_verify_transport_maps. The default values are the
regular versions of the same controls. Files: trivial-rewrite/*,
global/resolve_clnt.[hc], *qmgr/qmgr_message.c.
20030609
Bugfix: the "unread recipient" counter needs to be restored
after the queue manager has a problem reading a queue file.
This fix is for purists only, because after such a failure
Postfix closes the queue file and parks it in the corrupt
queue. Fix by Patrik Rak. File: nqmgr/qmgr_message.c.
Open problems:
Low: smtp-source may block when sending large test messages.

77
postfix/README_FILES/ADDRESS_VERIFICATION_README
View File

@@ -28,6 +28,13 @@ nearest MTA accepts the recipient, then Postfix assumes that the
address is deliverable, even when the address will bounce AFTER
that MTA accepts it.
Normally, address verification probe messages follow the same path
as regular mail. However, some sites send mail to the Internet
via an intermediate relayhost; this breaks address verification.
See below, section "Controlling the routing of address verification
probes", for how to override mail routing and for possible limitations
when you have to do this.
Postfix assumes that an address is undeliverable when the nearest
MTA for the address rejects the probe, regardless of the reason
for rejection (client rejected, HELO rejected, MAIL FROM rejected,
@@ -188,3 +195,73 @@ Right now, no tools are provided to manage the address verification
database. If the file gets too big, or if it gets corrupted, you
can manually delete the file and run "postfix reload". The new
verify daemon process will then create a new, empty, database.
Controlling the routing of address verification probes
======================================================
By default, Postfix sends address verification probe messages via
the same route as regular mail, because that normally produces the
most accurate result. It's no good to verify a local address by
connecting to your own SMTP port; that just triggers all kinds of
mailer loop alarms. The same is true for any destination that your
machine is best MX host for: hidden domains, virtual domains, etc.
However, some sites have a complex infrastructure where mail is
not sent directly to the Internet, but is instead given to an
intermediate relayhost. This is a problem for address verification,
because remote Internet destinations can be verified only when
Postfix can access those destinations directly.
For this reason, Postfix allows you to override the routing parameters
when it delivers an address verification probe message.
First, the address_verify_relayhost parameter allows you to override
the relayhost setting, and the address_verify_transport_maps
parameter allows you to override the transport_maps setting.
Second, each address class is given its own address verification
version of the message delivery transport (address classes are
defined in the ADDRESS_CLASS_README file) as shown in the table:
Destination type Regular transport Verify transport
parameter name parameter name
=====================================================================
mydestination local_transport address_verify_local_transport
virtual_alias_domains (not applicable) (not applicable)
virtual_mailbox_domains virtual_transport address_verify_virtual_transport
relay_domains relay_transport address_verify_relay_transport
other default_transport address_verify_default_transport
By default, the parameters that control delivery of address probes
have the same value as the parameters that control normal mail
delivery.
Examples
--------
In a typical scenario one would override the relayhost setting
for address verification probes and leave everything else alone:
/etc/postfix/main.cf:
relayhost = $mydomain
address_verify_relayhost =
Sites behind an address translation relay might have to use a
different SMTP client that sends the correct hostname information:
/etc/postfix/main.cf:
relayhost = $mydomain
address_verify_relayhost =
address_verify_default_transport = direct_smtp
/etc/postfix/master.cf:
direct_smtp .. .. .. .. .. .. .. .. .. smtp -o smtp_helo_name=nat.box.tld
Limitations
-----------
Inconsistencies can happen when probe messages don't follow the
same path as regular mail. For example, a message can be accepted
when it follows the regular route while an otherwise identical
probe message is rejected when it follows the forced route. The
opposite can happen, too, but is less likely.

16
postfix/RELEASE_NOTES
View File

@@ -22,6 +22,19 @@ snapshot release). Patches change the patchlevel and the release
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
Major changes with Postfix snapshot 2.0.11-20030609
===================================================
Address verification probes can now follow a different route than
ordinary mail. To make this possible, the address resolver supports
multiple personalities. The regular personality is used for regular
mail, and the alternate personality is used for address verification
probes. The alternate personality is controlled by parameters named
address_verify_X with X = relayhost, transport_maps, local_transport,
virtual_transport, relay_transport, and default_transport. These
alternate parameters have by default the same values as the regular
parameters. For more detail see the ADDRESS_VERIFICATION_README file.
Major changes with Postfix snapshot 2.0.11-20030606
===================================================
@@ -29,7 +42,8 @@ Complete rewrite of the queue file record reading loops in the
pickup, cleanup and in the queue manager daemons. This code had
deteriorated over time. The new code eliminates an old problem
where the queue manager had to read most queue file records twice
in the case of very large alias/include file expansions.
in the case of an alias/include file expansion with more than
qmgr_message_recipient_limit recipients.
Incompatible changes with Postfix snapshot 2.0.8-20030417
=========================================================

48
postfix/conf/sample-verify.cf
View File

@@ -79,3 +79,51 @@ address_verify_negative_expire_time = 3d
# Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
#
address_verify_negative_refresh_time = 2h
#
# ADDRESS PROBE DELIVERY
#
# Normally, address verification probe messages are sent along the
# same path as regular mail. This usually produces the most accurate
# result. However, some sites have a more complex infrastructure.
#
# The parameters below allow you to override specific aspects of
# Postfix mail delivery routing. Typically, one would override
# relayhost, default_transport and/or transport_maps and leave
# everything else alone.
#
# The address_verify_transport_maps configuration parameter overrides
# the transport_maps parameter setting for address verification
# probes.
#
address_verify_transport_maps = $transport_maps
# The address_verify_relayhost configuration parameter overrides the
# relayhost parameter setting for address verification probes.
#
address_verify_relayhost = $relayhost
# The address_verify_default_transport configuration parameter
# overrides the default_transport parameter setting for address
# verification probes.
#
address_verify_default_transport = $default_transport
# The address_verify_relay_transport configuration parameter
# overrides the relay_transport parameter setting for address
# verification probes.
#
address_verify_relay_transport = $relay_transport
# The address_verify_virtual_transport configuration parameter
# overrides the virtual_transport parameter setting for address
# verification probes.
#
address_verify_virtual_transport = $virtual_transport
# The address_verify_local_transport configuration parameter
# overrides the local_transport parameter setting for address
# verification probes.
#
address_verify_local_transport = $local_transport

130
postfix/html/trivial-rewrite.8.html
View File

@@ -9,7 +9,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>trivial-rewrite</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
The <b>trivial-rewrite</b> daemon processes two types of client
The <b>trivial-rewrite</b> daemon processes three types of client
service requests:
<b>rewrite</b>
@@ -37,62 +37,65 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
The envelope recipient address that is
passed on to <i>nexthop</i>.
<b>verify</b> Resolve an address for address verification pur-
poses.
<b>DEFAULT</b> <b>DELIVERY</b> <b>METHODS</b>
By default, Postfix uses one of the following delivery
methods. This may be overruled with the optional <a href="transport.5.html">trans-</a>
By default, Postfix uses one of the following delivery
methods. This may be overruled with the optional <a href="transport.5.html">trans-</a>
<a href="transport.5.html">port(5)</a> table. The default delivery method is selected by
matching the recipient address domain against one of the
matching the recipient address domain against one of the
following:
<b>$mydestination</b>
<b>$inet</b><i>_</i><b>interfaces</b>
The transport and optional nexthop are specified
with <b>$local</b><i>_</i><b>transport</b>. The default nexthop is the
The transport and optional nexthop are specified
with <b>$local</b><i>_</i><b>transport</b>. The default nexthop is the
recipient domain.
<b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
The recipient address is undeliverable (user
unknown). By definition, all known addresses in a
virtual alias domain are aliased to other
The recipient address is undeliverable (user
unknown). By definition, all known addresses in a
virtual alias domain are aliased to other
addresses.
<b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
The transport and optional nexthop are specified
with <b>$virtual</b><i>_</i><b>transport</b>. The default nexthop is
The transport and optional nexthop are specified
with <b>$virtual</b><i>_</i><b>transport</b>. The default nexthop is
the recipient domain.
<b>$relay</b><i>_</i><b>domains</b>
The transport and optional nexthop are specified
with <b>$relay</b><i>_</i><b>transport</b>. This overrides the optional
nexthop information that is specified with <b>$relay-</b>
The transport and optional nexthop are specified
with <b>$relay</b><i>_</i><b>transport</b>. This overrides the optional
nexthop information that is specified with <b>$relay-</b>
<b>host</b>. The default nexthop is the recipient domain.
none of the above
The transport and optional nexthop are specified
with <b>$default</b><i>_</i><b>transport</b>. This overrides the
The transport and optional nexthop are specified
with <b>$default</b><i>_</i><b>transport</b>. This overrides the
optional nexthop information that is specified with
<b>$relayhost</b>. The default nexthop is the recipient
<b>$relayhost</b>. The default nexthop is the recipient
domain.
<b>SERVER</b> <b>PROCESS</b> <b>MANAGEMENT</b>
The trivial-rewrite servers run under control by the Post-
fix master server. Each server can handle multiple simul-
taneous connections. When all servers are busy while a
client connects, the master creates a new server process,
provided that the trivial-rewrite server process limit is
taneous connections. When all servers are busy while a
client connects, the master creates a new server process,
provided that the trivial-rewrite server process limit is
not exceeded. Each trivial-rewrite server terminates
after serving at least <b>$max</b><i>_</i><b>use</b> clients of after <b>$max</b><i>_</i><b>idle</b>
seconds of idle time.
<b>STANDARDS</b>
None. The command does not interact with the outside
None. The command does not interact with the outside
world.
<b>SECURITY</b>
The <b>trivial-rewrite</b> daemon is not security sensitive. By
default, this daemon does not talk to remote or local
users. It can run at a fixed low privilege in a chrooted
The <b>trivial-rewrite</b> daemon is not security sensitive. By
default, this daemon does not talk to remote or local
users. It can run at a fixed low privilege in a chrooted
environment.
<b>DIAGNOSTICS</b>
@@ -100,21 +103,21 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>BUGS</b>
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Miscellaneous</b>
<b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
The recipient that is substituted for the null
The recipient that is substituted for the null
address.
<b>inet</b><i>_</i><b>interfaces</b>
The network interfaces that this mail system
receives mail on. This information is used to
determine if <i>user</i>@[<i>net.work.addr.ess</i>] is local or
remote. Mail for local users is given to the
The network interfaces that this mail system
receives mail on. This information is used to
determine if <i>user</i>@[<i>net.work.addr.ess</i>] is local or
remote. Mail for local users is given to the
<b>$local</b><i>_</i><b>transport</b>.
<b>mydestination</b>
@@ -122,8 +125,8 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>port</b>.
<b>virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
List of simulated virtual domains (domains with all
recipients aliased to some other local or remote
List of virtual alias domains (domains with all
recipients aliased to some other local or remote
domain).
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
@@ -136,10 +139,10 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>resolve</b><i>_</i><b>unquoted</b><i>_</i><b>address</b>
When resolving an address, do not quote the address
localpart as per <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>, so that additional <b>@</b>, <b>%</b>
or <b>!</b> characters remain visible. This is techni-
localpart as per <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>, so that additional <b>@</b>, <b>%</b>
or <b>!</b> characters remain visible. This is techni-
cally incorrect, but allows us to stop relay
attacks when forwarding mail to a Sendmail primary
attacks when forwarding mail to a Sendmail primary
MX host.
<b>relocated</b><i>_</i><b>maps</b>
@@ -165,52 +168,61 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>Routing</b>
<b>local</b><i>_</i><b>transport</b>
Where to deliver mail for destinations that match
<b>$mydestination</b> or <b>$inet</b><i>_</i><b>interfaces</b>. The default
Where to deliver mail for destinations that match
<b>$mydestination</b> or <b>$inet</b><i>_</i><b>interfaces</b>. The default
transport is <b>local:$myhostname</b>.
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>virtual</b><i>_</i><b>transport</b>
Where to deliver mail for non-local domains that
match <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>. The default trans-
port is <b>virtual</b>.
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>virtual</b><i>_</i><b>transport</b>
Where to deliver mail for non-local domains that
match <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>. The default trans-
port is <b>virtual</b>.
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>relay</b><i>_</i><b>transport</b>
Where to deliver mail for non-local domains that
match <b>$relay</b><i>_</i><b>domains</b>. The default transport is
Where to deliver mail for non-local domains that
match <b>$relay</b><i>_</i><b>domains</b>. The default transport is
<b>relay</b> (which normally is a clone of the <b>smtp</b> trans-
port).
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>default</b><i>_</i><b>transport</b>
Where to deliver all other non-local mail. The
Where to deliver all other non-local mail. The
default transport is <b>smtp</b>.
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b>relayhost</b>
The default host to send non-local mail to when no
host is specified with <b>$relay</b><i>_</i><b>transport</b> or
<b>$default</b><i>_</i><b>transport</b>, and when the recipient address
The default host to send non-local mail to when no
host is specified with <b>$relay</b><i>_</i><b>transport</b> or
<b>$default</b><i>_</i><b>transport</b>, and when the recipient address
does not match the optional the <a href="transport.5.html"><b>transport</b>(5)</a> table.
<b>transport</b><i>_</i><b>maps</b>
List of tables with <i>recipient</i> or <i>domain</i> to (<i>trans-</i>
List of tables with <i>recipient</i> or <i>domain</i> to (<i>trans-</i>
<i>port,</i> <i>nexthop</i>) mappings.
<b>Address</b> <b>verification</b>
By default, address verification probes use the same route
as regular mail. To override specific aspects of message
routing for address verification probes, specify one or
more of the following: <b>address</b><i>_</i><b>verify</b><i>_</i><b>local</b><i>_</i><b>transport</b>,
<b>address</b><i>_</i><b>verify</b><i>_</i><b>virtual</b><i>_</i><b>transport</b>, <b>address</b><i>_</i><b>ver-</b>
<b>ify</b><i>_</i><b>relay</b><i>_</i><b>transport</b>, <b>address</b><i>_</i><b>verify</b><i>_</i><b>default</b><i>_</i><b>transport</b>,
<b>address</b><i>_</i><b>verify</b><i>_</i><b>relayhost</b>, <b>address</b><i>_</i><b>verify</b><i>_</i><b>transport</b><i>_</i><b>maps</b>.
<b>SEE</b> <b>ALSO</b>
<a href="master.8.html">master(8)</a> process manager
syslogd(8) system logging
@@ -218,7 +230,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<a href="relocated.5.html">relocated(5)</a> format of the "user has moved" table
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

26
postfix/html/verify.8.html
View File

@@ -93,6 +93,7 @@ VERIFY(8) VERIFY(8)
default values. Use the <b>postfix</b> <b>reload</b> command after a
configuration change.
<b>Cache</b> <b>control</b>
<b>address</b><i>_</i><b>verify</b><i>_</i><b>map</b>
Optional table for persistent recipient status
storage. The file is opened before the process
@@ -135,8 +136,31 @@ VERIFY(8) VERIFY(8)
probe is sent to verify that a known to be bad
address is still bad.
<b>Probe</b> <b>message</b> <b>routing</b>
By default, probe messages are delivered via the same
route as regular messages. The following parameters can
be used to override specific message routing mechanisms.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>relayhost</b>
Overrides the <b>relayhost</b> setting.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>transport</b><i>_</i><b>maps</b>
Overrides the <b>transport</b><i>_</i><b>maps</b> setting.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>local</b><i>_</i><b>transport</b>
Overrides the <b>local</b><i>_</i><b>transport</b> setting.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>virtual</b><i>_</i><b>transport</b>
Overrides the <b>virtual</b><i>_</i><b>transport</b> setting.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>relay</b><i>_</i><b>transport</b>
Overrides the <b>relay</b><i>_</i><b>transport</b> setting.
<b>address</b><i>_</i><b>verify</b><i>_</i><b>default</b><i>_</i><b>transport</b>
Overrides the <b>default</b><i>_</i><b>transport</b> setting.
<b>SEE</b> <b>ALSO</b>
verify_clnt(3) address verification client
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> address rewriting and resolving
<b>LICENSE</b>
The Secure Mailer license must be distributed with this

19
postfix/man/man8/trivial-rewrite.8
View File

@@ -12,7 +12,7 @@ Postfix address rewriting and resolving daemon
.SH DESCRIPTION
.ad
.fi
The \fBtrivial-rewrite\fR daemon processes two types of client
The \fBtrivial-rewrite\fR daemon processes three types of client
service requests:
.IP \fBrewrite\fR
Rewrite an address to standard form. The \fBtrivial-rewrite\fR
@@ -32,6 +32,8 @@ The host to send to and optional delivery method information.
.IP \fIrecipient\fR
The envelope recipient address that is passed on to \fInexthop\fR.
.RE
.IP \fBverify\fR
Resolve an address for address verification purposes.
.SH DEFAULT DELIVERY METHODS
.na
.nf
@@ -121,7 +123,7 @@ Mail for local users is given to the \fB$local_transport\fR.
.IP \fBmydestination\fR
List of domains that are given to the \fB$local_transport\fR.
.IP \fBvirtual_alias_domains\fR
List of simulated virtual domains (domains with all recipients
List of virtual alias domains (domains with all recipients
aliased to some other local or remote domain).
.IP \fBvirtual_mailbox_domains\fR
List of domains that are given to the \fB$virtual_transport\fR.
@@ -192,6 +194,19 @@ and when the recipient address does not match the optional the
.IP \fBtransport_maps\fR
List of tables with \fIrecipient\fR or \fIdomain\fR to
(\fItransport, nexthop\fR) mappings.
.SH Address verification
.ad
.fi
By default, address verification probes use the same route
as regular mail. To override specific aspects of message
routing for address verification probes, specify one or more
of the following:
\fBaddress_verify_local_transport\fR,
\fBaddress_verify_virtual_transport\fR,
\fBaddress_verify_relay_transport\fR,
\fBaddress_verify_default_transport\fR,
\fBaddress_verify_relayhost\fR,
\fBaddress_verify_transport_maps\fR.
.SH SEE ALSO
.na
.nf

23
postfix/man/man8/verify.8
View File

@@ -91,6 +91,9 @@ a basic Postfix principle.
See the Postfix \fBmain.cf\fR file for syntax details and for
default values. Use the \fBpostfix reload\fR command after a
configuration change.
.SH Cache control
.ad
.fi
.IP \fBaddress_verify_map\fR
Optional table for persistent recipient status storage. The file
is opened before the process enters a chroot jail and before
@@ -120,10 +123,28 @@ The amount of time after which a rejected address expires.
.IP \fBaddress_verify_negative_refresh_time\fR
The minimal amount of time after which a proactive probe is sent to
verify that a known to be bad address is still bad.
.SH Probe message routing
.ad
.fi
By default, probe messages are delivered via the same route
as regular messages. The following parameters can be used to
override specific message routing mechanisms.
.IP \fBaddress_verify_relayhost\fR
Overrides the \fBrelayhost\fR setting.
.IP \fBaddress_verify_transport_maps\fR
Overrides the \fBtransport_maps\fR setting.
.IP \fBaddress_verify_local_transport\fR
Overrides the \fBlocal_transport\fR setting.
.IP \fBaddress_verify_virtual_transport\fR
Overrides the \fBvirtual_transport\fR setting.
.IP \fBaddress_verify_relay_transport\fR
Overrides the \fBrelay_transport\fR setting.
.IP \fBaddress_verify_default_transport\fR
Overrides the \fBdefault_transport\fR setting.
.SH SEE ALSO
.na
.nf
verify_clnt(3) address verification client
trivial-rewrite(8) address rewriting and resolving
.SH LICENSE
.na
.nf

24
postfix/src/global/mail_params.h
View File

@@ -1691,6 +1691,30 @@ extern bool var_verify_neg_cache;
#define DEF_VERIFY_SENDER "postmaster"
extern char *var_verify_sender;
#define VAR_VRFY_LOCAL_XPORT "address_verify_local_transport"
#define DEF_VRFY_LOCAL_XPORT "$" VAR_LOCAL_TRANSPORT
extern char *var_vrfy_local_xport;
#define VAR_VRFY_VIRT_XPORT "address_verify_virtual_transport"
#define DEF_VRFY_VIRT_XPORT "$" VAR_VIRT_TRANSPORT
extern char *var_vrfy_virt_xport;
#define VAR_VRFY_RELAY_XPORT "address_verify_relay_transport"
#define DEF_VRFY_RELAY_XPORT "$" VAR_RELAY_TRANSPORT
extern char *var_vrfy_relay_xport;
#define VAR_VRFY_DEF_XPORT "address_verify_default_transport"
#define DEF_VRFY_DEF_XPORT "$" VAR_DEF_TRANSPORT
extern char *var_vrfy_def_xport;
#define VAR_VRFY_RELAYHOST "address_verify_relayhost"
#define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST
extern char *var_vrfy_relayhost;
#define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps"
#define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS
extern char *var_vrfy_xport_maps;
/*
* Message delivery trace service.
*/

2
postfix/src/global/mail_version.h
View File

@@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
#define MAIL_RELEASE_DATE "20030606"
#define MAIL_RELEASE_DATE "20030609"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.11-" MAIL_RELEASE_DATE

2
postfix/src/global/qmgr_user.h
View File

@@ -17,6 +17,8 @@
#define QMGR_READ_FLAG_NONE 0 /* No special features */
#define QMGR_READ_FLAG_MIXED_RCPT_OTHER (1<<0) /* Mixed recipient/other */
#define QMGR_READ_FLAG_USER (QMGR_READ_FLAG_MIXED_RCPT_OTHER)
/*
* Backwards compatibility.
*/

17
postfix/src/global/resolve_clnt.c
View File

@@ -19,7 +19,11 @@
/* RESOLVE_REPLY *reply;
/*
/* void resolve_clnt_query(address, reply)
/* const char *address
/* const char *address;
/* RESOLVE_REPLY *reply;
/*
/* void resolve_clnt_verify(address, reply)
/* const char *address;
/* RESOLVE_REPLY *reply;
/*
/* void resolve_clnt_free(reply)
@@ -37,6 +41,9 @@
/* address. In case of communication failure the program keeps trying
/* until the mail system goes down.
/*
/* resolve_clnt_verify() implements an alternative version that can
/* be used for address verification.
/*
/* In the resolver reply, the flags member is the bit-wise OR of
/* zero or more of the following:
/* .IP RESOLVE_FLAG_FINAL
@@ -132,11 +139,11 @@ void resolve_clnt_init(RESOLVE_REPLY *reply)
reply->flags = 0;
}
/* resolve_clnt_query - resolve address to (transport, next hop, recipient) */
/* resolve_clnt - resolve address to (transport, next hop, recipient) */
void resolve_clnt_query(const char *addr, RESOLVE_REPLY *reply)
void resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply)
{
char *myname = "resolve_clnt_query";
char *myname = "resolve_clnt";
VSTREAM *stream;
/*
@@ -186,7 +193,7 @@ void resolve_clnt_query(const char *addr, RESOLVE_REPLY *reply)
stream = clnt_stream_access(rewrite_clnt_stream);
errno = 0;
if (attr_print(stream, ATTR_FLAG_NONE,
ATTR_TYPE_STR, MAIL_ATTR_REQ, RESOLVE_ADDR,
ATTR_TYPE_STR, MAIL_ATTR_REQ, class,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
ATTR_TYPE_END) != 0
|| vstream_fflush(stream)

10
postfix/src/global/resolve_clnt.h
View File

@@ -19,7 +19,8 @@
/*
* External interface.
*/
#define RESOLVE_ADDR "resolve"
#define RESOLVE_REGULAR "resolve"
#define RESOLVE_VERIFY "verify"
#define RESOLVE_FLAG_FINAL (1<<0) /* final delivery */
#define RESOLVE_FLAG_ROUTED (1<<1) /* routed destination */
@@ -40,12 +41,15 @@ typedef struct RESOLVE_REPLY {
VSTRING *nexthop;
VSTRING *recipient;
int flags;
} RESOLVE_REPLY;
} RESOLVE_REPLY;
extern void resolve_clnt_init(RESOLVE_REPLY *);
extern void resolve_clnt_query(const char *, RESOLVE_REPLY *);
extern void resolve_clnt(const char *, const char *, RESOLVE_REPLY *);
extern void resolve_clnt_free(RESOLVE_REPLY *);
#define resolve_clnt_query(a, r) resolve_clnt(RESOLVE_REGULAR, (a), (r))
#define resolve_clnt_verify(a, r) resolve_clnt(RESOLVE_VERIFY, (a), (r))
#define RESOLVE_CLNT_ASSIGN(reply, transport, nexthop, recipient) { \
(reply).transport = (transport); \
(reply).nexthop = (nexthop); \

1
postfix/src/global/sent.h
View File

@@ -42,6 +42,5 @@ extern int vsent(int, const char *, const char *, const char *, const char *,
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
/**INDENT** Error@17: Unmatched #endif */
#endif

1
postfix/src/local/Makefile.in
View File

@@ -468,6 +468,7 @@ token.o: ../../include/mail_params.h
token.o: ../../include/bounce.h
token.o: ../../include/deliver_request.h
token.o: ../../include/recipient_list.h
token.o: ../../include/defer.h
token.o: local.h
token.o: ../../include/been_here.h
token.o: ../../include/mbox_conf.h

10
postfix/src/nqmgr/qmgr_message.c
View File

@@ -293,6 +293,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
int rec_type;
long curr_offset;
long save_offset = message->rcpt_offset; /* save a flag */
int save_unread = message->rcpt_unread; /* save a count */
char *start;
int recipient_limit;
const char *error_text;
@@ -460,7 +461,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
rec_type = REC_TYPE_ERROR;
break;
}
if (message->rflags & (~0 << 16)) {
if (message->rflags & ~QMGR_READ_FLAG_USER) {
msg_warn("%s: invalid flags in size record: %.100s",
message->queue_id, start);
rec_type = REC_TYPE_ERROR;
@@ -616,7 +617,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
return (0);
}
message->rcpt_offset = save_offset; /* restore flag */
message->rcpt_unread += message->rcpt_list.len;
message->rcpt_unread = save_unread; /* restore count */
qmgr_rcpt_list_free(&message->rcpt_list);
qmgr_rcpt_list_init(&message->rcpt_list);
return (-1);
@@ -720,7 +721,10 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
static int qmgr_resolve_one(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
const char *addr, RESOLVE_REPLY *reply)
{
resolve_clnt_query(addr, reply);
if ((message->tflags & DEL_REQ_FLAG_VERIFY) == 0)
resolve_clnt_query(addr, reply);
else
resolve_clnt_verify(addr, reply);
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, "address resolver failure");
return (-1);

1
postfix/src/pickup/Makefile.in
View File

@@ -64,7 +64,6 @@ pickup.o: ../../include/vbuf.h
pickup.o: ../../include/vstream.h
pickup.o: ../../include/set_ugid.h
pickup.o: ../../include/safe_open.h
pickup.o: ../../include/stringops.h
pickup.o: ../../include/mail_queue.h
pickup.o: ../../include/mail_open_ok.h
pickup.o: ../../include/mymalloc.h

1
postfix/src/postdrop/Makefile.in
View File

@@ -66,6 +66,7 @@ postdrop.o: ../../include/msg_vstream.h
postdrop.o: ../../include/msg_syslog.h
postdrop.o: ../../include/argv.h
postdrop.o: ../../include/iostuff.h
postdrop.o: ../../include/stringops.h
postdrop.o: ../../include/mail_proto.h
postdrop.o: ../../include/attr.h
postdrop.o: ../../include/mail_queue.h

7
postfix/src/qmgr/qmgr_message.c
View File

@@ -426,7 +426,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
rec_type = REC_TYPE_ERROR;
break;
}
if (message->rflags & (~0 << 16)) {
if (message->rflags & ~QMGR_READ_FLAG_USER) {
msg_warn("%s: invalid flags in size record: %.100s",
message->queue_id, start);
rec_type = REC_TYPE_ERROR;
@@ -677,7 +677,10 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
static int qmgr_resolve_one(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
const char *addr, RESOLVE_REPLY *reply)
{
resolve_clnt_query(addr, reply);
if ((message->tflags & DEL_REQ_FLAG_VERIFY) == 0)
resolve_clnt_query(addr, reply);
else
resolve_clnt_verify(addr, reply);
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, "address resolver failure");
return (-1);

2
postfix/src/smtpd/Makefile.in
View File

@@ -121,11 +121,11 @@ smtpd.o: ../../include/valid_hostname.h
smtpd.o: ../../include/dict.h
smtpd.o: ../../include/argv.h
smtpd.o: ../../include/watchdog.h
smtpd.o: ../../include/iostuff.h
smtpd.o: ../../include/mail_params.h
smtpd.o: ../../include/record.h
smtpd.o: ../../include/rec_type.h
smtpd.o: ../../include/mail_proto.h
smtpd.o: ../../include/iostuff.h
smtpd.o: ../../include/attr.h
smtpd.o: ../../include/cleanup_user.h
smtpd.o: ../../include/mail_date.h

1
postfix/src/trivial-rewrite/Makefile.in
View File

@@ -155,3 +155,4 @@ trivial-rewrite.o: ../../include/mail_addr.h
trivial-rewrite.o: ../../include/mail_server.h
trivial-rewrite.o: trivial-rewrite.h
trivial-rewrite.o: transport.h
trivial-rewrite.o: ../../include/maps.h

49
postfix/src/trivial-rewrite/resolve.c
View File

@@ -8,13 +8,9 @@
/*
/* void resolve_init(void)
/*
/* void resolve_proto(stream)
/* void resolve_proto(context, stream)
/* RES_CONTEXT *context;
/* VSTREAM *stream;
/*
/* void resolve_addr(rule, addr, result)
/* char *rule;
/* char *addr;
/* VSTRING *result;
/* DESCRIPTION
/* This module implements the trivial address resolving engine.
/* It distinguishes between local and remote mail, and optionally
@@ -28,10 +24,6 @@
/* resolve_proto() implements the client-server protocol:
/* read one address in FQDN form, reply with a (transport,
/* nexthop, internalized recipient) triple.
/*
/* resolve_addr() gives direct access to the address resolving
/* engine. It resolves an internalized address to a (transport,
/* nexthop, internalized recipient) triple.
/* STANDARDS
/* DIAGNOSTICS
/* Problems and transactions are logged to the syslog daemon.
@@ -138,8 +130,9 @@ static MAPS *relocated_maps;
/* resolve_addr - resolve address according to rule set */
void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
VSTRING *nextrcpt, int *flags)
static void resolve_addr(RES_CONTEXT *rp, char *addr,
VSTRING *channel, VSTRING *nexthop,
VSTRING *nextrcpt, int *flags)
{
char *myname = "resolve_addr";
VSTRING *addr_buf = vstring_alloc(100);
@@ -435,9 +428,9 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
rcpt_domain, VAR_VIRT_MAILBOX_DOMS,
VAR_RELAY_DOMAINS);
}
vstring_strcpy(channel, var_virt_transport);
vstring_strcpy(channel, RES_PARAM_VALUE(rp->virt_transport));
vstring_strcpy(nexthop, rcpt_domain);
blame = VAR_VIRT_TRANSPORT;
blame = rp->virt_transport_name;
*flags |= RESOLVE_CLASS_VIRTUAL;
} else if (dict_errno != 0) {
msg_warn("%s lookup failure", VAR_VIRT_MAILBOX_DOMS);
@@ -450,8 +443,8 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
*/
if (relay_domains
&& domain_list_match(relay_domains, rcpt_domain)) {
vstring_strcpy(channel, var_relay_transport);
blame = VAR_RELAY_TRANSPORT;
vstring_strcpy(channel, RES_PARAM_VALUE(rp->relay_transport));
blame = rp->relay_transport_name;
*flags |= RESOLVE_CLASS_RELAY;
} else if (dict_errno != 0) {
msg_warn("%s lookup failure", VAR_RELAY_DOMAINS);
@@ -463,16 +456,16 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
* Other off-host destination.
*/
else {
vstring_strcpy(channel, var_def_transport);
blame = VAR_DEF_TRANSPORT;
vstring_strcpy(channel, RES_PARAM_VALUE(rp->def_transport));
blame = rp->def_transport_name;
*flags |= RESOLVE_CLASS_DEFAULT;
}
/*
* With off-host delivery, relayhost overrides recipient domain.
*/
if (*var_relayhost)
vstring_strcpy(nexthop, var_relayhost);
if (*RES_PARAM_VALUE(rp->relayhost))
vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost));
else
vstring_strcpy(nexthop, rcpt_domain);
}
@@ -495,9 +488,9 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
msg_warn("do not list domain %s in BOTH %s and %s",
rcpt_domain, VAR_MYDEST, VAR_VIRT_MAILBOX_DOMS);
}
vstring_strcpy(channel, var_local_transport);
vstring_strcpy(channel, RES_PARAM_VALUE(rp->local_transport));
vstring_strcpy(nexthop, rcpt_domain);
blame = VAR_LOCAL_TRANSPORT;
blame = rp->local_transport_name;
*flags |= RESOLVE_CLASS_LOCAL;
}
@@ -553,10 +546,11 @@ void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
*
* XXX Don't override the virtual alias class (error:User unknown) result.
*/
if (*var_transport_maps && !(*flags & RESOLVE_CLASS_ALIAS)) {
if (transport_lookup(STR(nextrcpt), rcpt_domain, channel, nexthop) == 0
if (rp->transport_info && !(*flags & RESOLVE_CLASS_ALIAS)) {
if (transport_lookup(rp->transport_info, STR(nextrcpt),
rcpt_domain, channel, nexthop) == 0
&& dict_errno != 0) {
msg_warn("%s lookup failure", VAR_TRANSPORT_MAPS);
msg_warn("%s lookup failure", rp->transport_maps_name);
*flags |= RESOLVE_FLAG_FAIL;
FREE_MEMORY_AND_RETURN;
}
@@ -602,7 +596,7 @@ static VSTRING *query;
/* resolve_proto - read request and send reply */
int resolve_proto(VSTREAM *stream)
int resolve_proto(RES_CONTEXT *context, VSTREAM *stream)
{
int flags;
@@ -611,7 +605,8 @@ int resolve_proto(VSTREAM *stream)
ATTR_TYPE_END) != 1)
return (-1);
resolve_addr(STR(query), channel, nexthop, nextrcpt, &flags);
resolve_addr(context, STR(query),
channel, nexthop, nextrcpt, &flags);
if (msg_verbose)
msg_info("%s -> (`%s' `%s' `%s' `%d')", STR(query), STR(channel),

112
postfix/src/trivial-rewrite/transport.c
View File

@@ -6,21 +6,33 @@
/* SYNOPSIS
/* #include "transport.h"
/*
/* void transport_init()
/* TRANSPORT_INFO *transport_pre_init(maps_name, maps)
/* const char *maps_name;
/* const char *maps;
/*
/* int transport_lookup(address, rcpt_domain, channel, nexthop)
/* void transport_post_init(info)
/* TRANSPORT_INFO *info;
/*
/* int transport_lookup(info, address, rcpt_domain, channel, nexthop)
/* TRANSPORT_INFO *info;
/* const char *address;
/* const char *rcpt_domain;
/* VSTRING *channel;
/* VSTRING *nexthop;
/*
/* void transport_free(info);
/* TRANSPORT_INFO * info;
/* DESCRIPTION
/* This module implements access to the table that maps transport
/* user@domain addresses to (channel, nexthop) tuples.
/*
/* transport_init() performs initializations that should be
/* transport_pre_init() performs initializations that should be
/* done before the process enters the chroot jail, and
/* before calling transport_lookup().
/*
/* transport_post_init() can be invoked after entering the chroot
/* jail, and must be called before before calling transport_lookup().
/*
/* transport_lookup() finds the channel and nexthop for the given
/* domain, and returns 1 if something was found. Otherwise, 0
/* is returned.
@@ -72,23 +84,46 @@
#include "transport.h"
static MAPS *transport_path;
static int transport_match_parent_style;
static VSTRING *wildcard_channel;
static VSTRING *wildcard_nexthop;
static int transport_errno;
#define STR(x) vstring_str(x)
/* transport_init - pre-jail initialization */
static void transport_wildcard_init(TRANSPORT_INFO *);
void transport_init(void)
/* transport_pre_init - pre-jail initialization */
TRANSPORT_INFO *transport_pre_init(const char *transport_maps_name,
const char *transport_maps)
{
TRANSPORT_INFO *tp;
tp = (TRANSPORT_INFO *) mymalloc(sizeof(*tp));
tp->transport_path = maps_create(transport_maps_name, transport_maps,
DICT_FLAG_LOCK);
tp->wildcard_channel = tp->wildcard_nexthop = 0;
tp->transport_errno = 0;
return (tp);
}
/* transport_post_init - post-jail initialization */
void transport_post_init(TRANSPORT_INFO *tp)
{
if (transport_path)
msg_panic("transport_init: repeated call");
transport_path = maps_create("transport", var_transport_maps,
DICT_FLAG_LOCK);
transport_match_parent_style = match_parent_style(VAR_TRANSPORT_MAPS);
transport_wildcard_init(tp);
}
/* transport_free - destroy transport info */
void transport_free(TRANSPORT_INFO *tp)
{
if (tp->transport_path)
maps_free(tp->transport_path);
if (tp->wildcard_channel)
vstring_free(tp->wildcard_channel);
if (tp->wildcard_nexthop)
vstring_free(tp->wildcard_nexthop);
myfree((char *) tp);
}
/* update_entry - update from transport table entry */
@@ -125,8 +160,9 @@ static void update_entry(const char *new_channel, const char *new_nexthop,
/* find_transport_entry - look up and parse transport table entry */
static int find_transport_entry(const char *key, const char *rcpt_domain,
int flags, VSTRING *channel, VSTRING *nexthop)
static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
const char *rcpt_domain, int flags,
VSTRING *channel, VSTRING *nexthop)
{
char *saved_value;
const char *host;
@@ -140,15 +176,12 @@ static int find_transport_entry(const char *key, const char *rcpt_domain,
#define FOUND 1
#define NOTFOUND 0
if (transport_path == 0)
msg_panic("find_transport_entry: missing initialization");
/*
* Look up an entry with extreme prejudice.
*
* XXX Should report lookup failure status to caller instead of aborting.
*/
if ((value = maps_find(transport_path, key, flags)) == 0)
if ((value = maps_find(tp->transport_path, key, flags)) == 0)
return (NOTFOUND);
/*
@@ -168,9 +201,9 @@ static int find_transport_entry(const char *key, const char *rcpt_domain,
}
}
/* transport_wildcard_init - post-jail initialization */
/* transport_wildcard_init - (re) initialize wild-card lookup result */
void transport_wildcard_init(void)
static void transport_wildcard_init(TRANSPORT_INFO *tp)
{
VSTRING *channel = vstring_alloc(10);
VSTRING *nexthop = vstring_alloc(10);
@@ -189,15 +222,19 @@ void transport_wildcard_init(void)
#define FULL 0
#define PARTIAL DICT_FLAG_FIXED
if (find_transport_entry(WILDCARD, "", FULL, channel, nexthop)) {
transport_errno = 0;
wildcard_channel = channel;
wildcard_nexthop = nexthop;
if (find_transport_entry(tp, WILDCARD, "", FULL, channel, nexthop)) {
tp->transport_errno = 0;
if (tp->wildcard_channel)
vstring_free(tp->wildcard_channel);
tp->wildcard_channel = channel;
if (tp->wildcard_nexthop)
vstring_free(tp->wildcard_nexthop);
tp->wildcard_nexthop = nexthop;
if (msg_verbose)
msg_info("wildcard_{chan:hop}={%s:%s}",
vstring_str(wildcard_channel), vstring_str(wildcard_nexthop));
vstring_str(channel), vstring_str(nexthop));
} else {
transport_errno = dict_errno;
tp->transport_errno = dict_errno;
vstring_free(channel);
vstring_free(nexthop);
}
@@ -205,7 +242,8 @@ void transport_wildcard_init(void)
/* transport_lookup - map a transport domain */
int transport_lookup(const char *addr, const char *rcpt_domain,
int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
const char *rcpt_domain,
VSTRING *channel, VSTRING *nexthop)
{
char *full_addr;
@@ -243,7 +281,7 @@ int transport_lookup(const char *addr, const char *rcpt_domain,
if ((ratsign = strrchr(full_addr, '@')) == 0 || ratsign[1] == 0)
msg_panic("transport_lookup: bad address: \"%s\"", full_addr);
if (find_transport_entry(full_addr, rcpt_domain, FULL, channel, nexthop))
if (find_transport_entry(tp, full_addr, rcpt_domain, FULL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
@@ -255,7 +293,7 @@ int transport_lookup(const char *addr, const char *rcpt_domain,
*/
if ((stripped_addr = strip_addr(full_addr, DISCARD_EXTENSION,
*var_rcpt_delim)) != 0) {
found = find_transport_entry(stripped_addr, rcpt_domain, PARTIAL,
found = find_transport_entry(tp, stripped_addr, rcpt_domain, PARTIAL,
channel, nexthop);
myfree(stripped_addr);
@@ -282,7 +320,7 @@ int transport_lookup(const char *addr, const char *rcpt_domain,
* with regular expressions.
*/
for (name = ratsign + 1; /* void */ ; name = next) {
if (find_transport_entry(name, rcpt_domain, PARTIAL, channel, nexthop))
if (find_transport_entry(tp, name, rcpt_domain, PARTIAL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
@@ -295,13 +333,13 @@ int transport_lookup(const char *addr, const char *rcpt_domain,
/*
* Fall back to the wild-card entry.
*/
if (transport_errno)
transport_wildcard_init();
if (transport_errno) {
dict_errno = transport_errno;
if (tp->transport_errno)
transport_wildcard_init(tp);
if (tp->transport_errno) {
dict_errno = tp->transport_errno;
RETURN_FREE(NOTFOUND);
} else if (wildcard_channel) {
update_entry(STR(wildcard_channel), STR(wildcard_nexthop),
} else if (tp->wildcard_channel) {
update_entry(STR(tp->wildcard_channel), STR(tp->wildcard_nexthop),
rcpt_domain, channel, nexthop);
RETURN_FREE(FOUND);
}

19
postfix/src/trivial-rewrite/transport.h
View File

@@ -13,12 +13,25 @@
*/
#include <vstring.h>
/*
* Global library.
*/
#include <maps.h>
/*
* External interface.
*/
extern void transport_init(void);
extern void transport_wildcard_init(void);
extern int transport_lookup(const char *, const char *, VSTRING *, VSTRING *);
typedef struct TRANSPORT_INFO {
MAPS *transport_path;
VSTRING *wildcard_channel;
VSTRING *wildcard_nexthop;
int transport_errno;
} TRANSPORT_INFO;
extern TRANSPORT_INFO *transport_pre_init(const char *, const char *);
extern void transport_post_init(TRANSPORT_INFO *);
extern int transport_lookup(TRANSPORT_INFO *, const char *, const char *, VSTRING *, VSTRING *);
extern void transport_free(TRANSPORT_INFO *);
/* LICENSE
/* .ad

84
postfix/src/trivial-rewrite/trivial-rewrite.c
View File

@@ -6,7 +6,7 @@
/* SYNOPSIS
/* \fBtrivial-rewrite\fR [generic Postfix daemon options]
/* DESCRIPTION
/* The \fBtrivial-rewrite\fR daemon processes two types of client
/* The \fBtrivial-rewrite\fR daemon processes three types of client
/* service requests:
/* .IP \fBrewrite\fR
/* Rewrite an address to standard form. The \fBtrivial-rewrite\fR
@@ -26,6 +26,8 @@
/* .IP \fIrecipient\fR
/* The envelope recipient address that is passed on to \fInexthop\fR.
/* .RE
/* .IP \fBverify\fR
/* Resolve an address for address verification purposes.
/* DEFAULT DELIVERY METHODS
/* .ad
/* .fi
@@ -101,7 +103,7 @@
/* .IP \fBmydestination\fR
/* List of domains that are given to the \fB$local_transport\fR.
/* .IP \fBvirtual_alias_domains\fR
/* List of simulated virtual domains (domains with all recipients
/* List of virtual alias domains (domains with all recipients
/* aliased to some other local or remote domain).
/* .IP \fBvirtual_mailbox_domains\fR
/* List of domains that are given to the \fB$virtual_transport\fR.
@@ -172,6 +174,19 @@
/* .IP \fBtransport_maps\fR
/* List of tables with \fIrecipient\fR or \fIdomain\fR to
/* (\fItransport, nexthop\fR) mappings.
/* .SH Address verification
/* .ad
/* .fi
/* By default, address verification probes use the same route
/* as regular mail. To override specific aspects of message
/* routing for address verification probes, specify one or more
/* of the following:
/* \fBaddress_verify_local_transport\fR,
/* \fBaddress_verify_virtual_transport\fR,
/* \fBaddress_verify_relay_transport\fR,
/* \fBaddress_verify_default_transport\fR,
/* \fBaddress_verify_relayhost\fR,
/* \fBaddress_verify_transport_maps\fR.
/* SEE ALSO
/* master(8) process manager
/* syslogd(8) system logging
@@ -248,6 +263,37 @@ char *var_def_transport;
char *var_empty_addr;
int var_show_unk_rcpt_table;
/*
* Shadow personality for address verification.
*/
char *var_vrfy_xport_maps;
char *var_vrfy_local_xport;
char *var_vrfy_virt_xport;
char *var_vrfy_relay_xport;
char *var_vrfy_def_xport;
char *var_vrfy_relayhost;
/*
* Different resolver personalities depending on the kind of request.
*/
RES_CONTEXT resolve_regular = {
VAR_LOCAL_TRANSPORT, &var_local_transport,
VAR_VIRT_TRANSPORT, &var_virt_transport,
VAR_RELAY_TRANSPORT, &var_relay_transport,
VAR_DEF_TRANSPORT, &var_def_transport,
VAR_RELAYHOST, &var_relayhost,
VAR_TRANSPORT_MAPS, &var_transport_maps, 0
};
RES_CONTEXT resolve_verify = {
VAR_VRFY_LOCAL_XPORT, &var_vrfy_local_xport,
VAR_VRFY_VIRT_XPORT, &var_vrfy_virt_xport,
VAR_VRFY_RELAY_XPORT, &var_vrfy_relay_xport,
VAR_VRFY_DEF_XPORT, &var_vrfy_def_xport,
VAR_VRFY_RELAYHOST, &var_vrfy_relayhost,
VAR_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0
};
/* rewrite_service - read request and send reply */
static void rewrite_service(VSTREAM *stream, char *unused_service, char **argv)
@@ -270,8 +316,10 @@ static void rewrite_service(VSTREAM *stream, char *unused_service, char **argv)
ATTR_TYPE_END) == 1) {
if (strcmp(vstring_str(command), REWRITE_ADDR) == 0) {
status = rewrite_proto(stream);
} else if (strcmp(vstring_str(command), RESOLVE_ADDR) == 0) {
status = resolve_proto(stream);
} else if (strcmp(vstring_str(command), RESOLVE_REGULAR) == 0) {
status = resolve_proto(&resolve_regular, stream);
} else if (strcmp(vstring_str(command), RESOLVE_VERIFY) == 0) {
status = resolve_proto(&resolve_verify, stream);
} else {
msg_warn("bad command %.30s", printable(vstring_str(command), '?'));
}
@@ -285,7 +333,7 @@ static void rewrite_service(VSTREAM *stream, char *unused_service, char **argv)
static void pre_accept(char *unused_name, char **unused_argv)
{
const char *table;
if ((table = dict_changed_name()) != 0) {
msg_info("table %s has changed -- restarting", table);
exit(0);
@@ -299,12 +347,24 @@ static void pre_jail_init(char *unused_name, char **unused_argv)
command = vstring_alloc(100);
rewrite_init();
resolve_init();
transport_init();
if (*RES_PARAM_VALUE(resolve_regular.transport_maps))
resolve_regular.transport_info =
transport_pre_init(resolve_regular.transport_maps_name,
RES_PARAM_VALUE(resolve_regular.transport_maps));
if (*RES_PARAM_VALUE(resolve_verify.transport_maps))
resolve_verify.transport_info =
transport_pre_init(resolve_verify.transport_maps_name,
RES_PARAM_VALUE(resolve_verify.transport_maps));
}
/* post_jail_init - initialize after entering chroot jail */
static void post_jail_init(char *unused_name, char **unused_argv)
{
transport_wildcard_init();
if (resolve_regular.transport_info)
transport_post_init(resolve_regular.transport_info);
if (resolve_verify.transport_info)
transport_post_init(resolve_verify.transport_info);
}
/* main - pass control to the multi-threaded skeleton code */
@@ -316,15 +376,19 @@ int main(int argc, char **argv)
VAR_LOCAL_TRANSPORT, DEF_LOCAL_TRANSPORT, &var_local_transport, 1, 0,
VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
VAR_DEF_TRANSPORT, DEF_DEF_TRANSPORT, &var_def_transport, 1, 0,
VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
VAR_DEF_TRANSPORT, DEF_DEF_TRANSPORT, &var_def_transport, 1, 0,
VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
VAR_EMPTY_ADDR, DEF_EMPTY_ADDR, &var_empty_addr, 1, 0,
VAR_VRFY_XPORT_MAPS, DEF_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0, 0,
VAR_VRFY_LOCAL_XPORT, DEF_VRFY_LOCAL_XPORT, &var_vrfy_local_xport, 1, 0,
VAR_VRFY_VIRT_XPORT, DEF_VRFY_VIRT_XPORT, &var_vrfy_virt_xport, 1, 0,
VAR_VRFY_RELAY_XPORT, DEF_VRFY_RELAY_XPORT, &var_vrfy_relay_xport, 1, 0,
VAR_VRFY_DEF_XPORT, DEF_VRFY_DEF_XPORT, &var_vrfy_def_xport, 1, 0,
VAR_VRFY_RELAYHOST, DEF_VRFY_RELAYHOST, &var_vrfy_relayhost, 0, 0,
0,
};
static CONFIG_BOOL_TABLE bool_table[] = {

21
postfix/src/trivial-rewrite/trivial-rewrite.h
View File

@@ -30,9 +30,26 @@ extern void rewrite_tree(char *, TOK822 *);
/*
* resolve.c
*/
typedef struct {
const char *local_transport_name; /* name of variable */
char **local_transport; /* local transport:nexthop */
const char *virt_transport_name; /* name of variable */
char **virt_transport; /* virtual mailbox transport:nexthop */
const char *relay_transport_name; /* name of variable */
char **relay_transport; /* relay transport:nexthop */
const char *def_transport_name; /* name of variable */
char **def_transport; /* default transport:nexthop */
const char *relayhost_name; /* name of variable */
char **relayhost; /* for relay and default transport */
const char *transport_maps_name; /* name of variable */
char **transport_maps; /* maptype:mapname */
struct TRANSPORT_INFO *transport_info; /* handle */
} RES_CONTEXT;
#define RES_PARAM_VALUE(x) (*(x)) /* make it easy to do it right */
extern void resolve_init(void);
extern int resolve_proto(VSTREAM *);
extern void resolve_addr(char *, VSTRING *, VSTRING *, VSTRING *, int *);
extern int resolve_proto(RES_CONTEXT *, VSTREAM *);
/* LICENSE
/* .ad

2
postfix/src/util/sys_defs.h
View File

@@ -261,6 +261,8 @@ extern int opterr;
#define LOCAL_CONNECT stream_connect
#define LOCAL_TRIGGER stream_trigger
#define HAS_VOLATILE_LOCKS
#define BROKEN_READ_SELECT_ON_BLOCKING_SOCKET
/*
* Allow build environment to override paths.
*/

23
postfix/src/verify/verify.c
View File

@@ -77,6 +77,9 @@
/* See the Postfix \fBmain.cf\fR file for syntax details and for
/* default values. Use the \fBpostfix reload\fR command after a
/* configuration change.
/* .SH Cache control
/* .ad
/* .fi
/* .IP \fBaddress_verify_map\fR
/* Optional table for persistent recipient status storage. The file
/* is opened before the process enters a chroot jail and before
@@ -106,8 +109,26 @@
/* .IP \fBaddress_verify_negative_refresh_time\fR
/* The minimal amount of time after which a proactive probe is sent to
/* verify that a known to be bad address is still bad.
/* .SH Probe message routing
/* .ad
/* .fi
/* By default, probe messages are delivered via the same route
/* as regular messages. The following parameters can be used to
/* override specific message routing mechanisms.
/* .IP \fBaddress_verify_relayhost\fR
/* Overrides the \fBrelayhost\fR setting.
/* .IP \fBaddress_verify_transport_maps\fR
/* Overrides the \fBtransport_maps\fR setting.
/* .IP \fBaddress_verify_local_transport\fR
/* Overrides the \fBlocal_transport\fR setting.
/* .IP \fBaddress_verify_virtual_transport\fR
/* Overrides the \fBvirtual_transport\fR setting.
/* .IP \fBaddress_verify_relay_transport\fR
/* Overrides the \fBrelay_transport\fR setting.
/* .IP \fBaddress_verify_default_transport\fR
/* Overrides the \fBdefault_transport\fR setting.
/* SEE ALSO
/* verify_clnt(3) address verification client
/* trivial-rewrite(8) address rewriting and resolving
/* LICENSE
/* .ad
/* .fi