From 75eef6a068dadbf521e1b2cb0bae2b252f3cf82b Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Tue, 23 Mar 1999 00:00:00 -0500
Subject: [PATCH] snapshot-19990323

---
 postfix/HISTORY                    | 12 ++++++++++--
 postfix/conf/postfix-script-nosgid |  4 ++++
 postfix/conf/postfix-script-sgid   |  4 ++++
 postfix/global/mail_version.h      |  2 +-
 postfix/local/recipient.c          |  9 ++++++++-
 postfix/util/dict_unix.h           |  4 ++--
 postfix/util/stream_listen.c       |  2 +-
 7 files changed, 30 insertions(+), 7 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index f6750e5d3..fa3b5c41d 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -2388,8 +2388,8 @@ Apologies for any names omitted.
 	recipient addresses. For the sake of symmetry, we now also
 	have reject_unknown_sender_domain. This means the old
 	reject_unknown_address restriction is being phased out.
-	Suggested by Rask Ingemann Lambertsen [XXX affiliation to
-	be determined].
+	Suggested by Rask Ingemann Lambertsen, Denmark Technical
+	University.
 
 	Feature: unknown sender/recipient domain restrictions now
 	distinguish between soft errors (always: 450) and hard
@@ -2405,6 +2405,14 @@ Apologies for any names omitted.
 	rewrite that problem is eliminated.  Thanks to Chris
 	Cappuccio, Empire Net, for assistance with testing.
 
+19990323
+
+	Bugfix: too much forwarding when users list their own name
+	in their .forward file (e.g. mail to user@localhost would
+	go through .forward, would be forwarded to user@$myorigin,
+	and would go through .forward again). Problem reported by
+	Roman Dolejsi, Prague University of Economics.
+
 Future:
 
 	Planned: must be able to list the same hash table in
diff --git a/postfix/conf/postfix-script-nosgid b/postfix/conf/postfix-script-nosgid
index 6a5ac4fc1..f46984aae 100755
--- a/postfix/conf/postfix-script-nosgid
+++ b/postfix/conf/postfix-script-nosgid
@@ -164,6 +164,10 @@ check)
 	find $daemon_directory/* $config_directory/* ! -user root \
 		-exec $WARN not owned by root: {} \;
 
+	find $daemon_directory/. $config_directory/. \
+		\( -perm -020 -or -perm -002 \) \
+		-exec $WARN group or other writable: {} \;
+
 	find $queue_directory/* $config_directory/* -name '*core' \
 		-exec $WARN core file: {} \; 2>/dev/null
 
diff --git a/postfix/conf/postfix-script-sgid b/postfix/conf/postfix-script-sgid
index cfbc171c9..f6ddf6f19 100755
--- a/postfix/conf/postfix-script-sgid
+++ b/postfix/conf/postfix-script-sgid
@@ -164,6 +164,10 @@ check)
 	find $daemon_directory/* $config_directory/* ! -user root \
 		-exec $WARN not owned by root: {} \;
 
+	find $daemon_directory/. $config_directory/. \
+		\( -perm -020 -or -perm -002 \) \
+		-exec $WARN group or other writable: {} \;
+
 	find $queue_directory/* $config_directory/* -name '*core' \
 		-exec $WARN core file: {} \; 2>/dev/null
 
diff --git a/postfix/global/mail_version.h b/postfix/global/mail_version.h
index 5164dfe05..d1240368d 100644
--- a/postfix/global/mail_version.h
+++ b/postfix/global/mail_version.h
@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Snapshot-19990322"
+#define DEF_MAIL_VERSION	"Snapshot-19990323"
 extern char *var_mail_version;
 
 /* LICENSE
diff --git a/postfix/local/recipient.c b/postfix/local/recipient.c
index 17271b28b..5ee0836fd 100644
--- a/postfix/local/recipient.c
+++ b/postfix/local/recipient.c
@@ -145,9 +145,16 @@ static int deliver_switch(LOCAL_STATE state, USER_ATTR usr_attr)
      * approach is that recipients in the expansion of an alias without
      * owner- won't have separate delivery queue file status records, because
      * for them, the message won't be resubmitted as a new queue file.
+     * 
+     * Do something sensible on systems that receive mail for multiple domains,
+     * such as primary.name and secondary.name. Don't resubmit the message
+     * when mail for `user@secondary.name' is delivered to a .forward file
+     * that lists `user' or `user@primary.name'. We already know that the
+     * recipient domain is local, so we only have to compare local parts.
      */
     if (state.msg_attr.owner != 0
-	&& strcasecmp(state.msg_attr.owner, state.msg_attr.recipient) != 0)
+	&& strncasecmp(state.msg_attr.owner, state.msg_attr.recipient,
+		       strlen(state.msg_attr.local) + 1) != 0)
 	return (deliver_indirect(state));
 
     /*
diff --git a/postfix/util/dict_unix.h b/postfix/util/dict_unix.h
index df8dc6470..c0cce81a5 100644
--- a/postfix/util/dict_unix.h
+++ b/postfix/util/dict_unix.h
@@ -1,5 +1,5 @@
-#ifndef _DIST_UNIX_H_INCLUDED_
-#define _DIST_UNIX_H_INCLUDED_
+#ifndef _DICT_UNIX_H_INCLUDED_
+#define _DICT_UNIX_H_INCLUDED_
 
 /*++
 /* NAME
diff --git a/postfix/util/stream_listen.c b/postfix/util/stream_listen.c
index dbbe1a095..5882c30d9 100644
--- a/postfix/util/stream_listen.c
+++ b/postfix/util/stream_listen.c
@@ -76,7 +76,7 @@ int     stream_listen(const char *path, int unused_backlog, int block_mode)
      * We can't specify a listen backlog, however, sending file descriptors
      * across a FIFO gives us a backlog buffer of 460 on Solaris 2.4/SPARC.
      */
-    return (fifo_listen(path, 0666, block_mode));
+    return (fifo_listen(path, 0622, block_mode));
 #else
     msg_fatal("stream connections are not implemented");
 #endif