postfix-2.0.13-20030706

postfix/HISTORY

@@ -8336,9 +8336,8 @@ Apologies for any names omitted.
 	what happens before or after an external content filter:
 	rejecting unknown recipients, canonical and virtual address
 	mapping, address masquerading, automatic BCC recipients
-	and header/body checks. This is more convenient than having
+	and header/body checks. This eliminates the need to configure
-	to specify two different cleanup services in the master.cf
+	multiple cleanup services in the master.cf file.
-	file.
 
 Open problems:
 

postfix/README_FILES/SMTPD_PROXY_README

@@ -11,6 +11,27 @@ in the Postfix mail queue.
 FILTER_README document, where all mail is inspected AFTER it is
 stored in the Postfix mail queue]
 
+This feature is meant to be used as follows:
+                                                             / smtp
+    Internet -> smtpd -> proxy -> smtpd -> cleanup -> queue -> local
+               Postfix           Postfix                     \ virtual etc.
+
+For reference, this is the normal path through Postfix:
+
+                                           / smtp
+    Internet -> smtpd -> cleanup -> queue -> local
+                Postfix                    \ virtual etc.
+
+For comparison, this is the FILTER_README approach with an SMTP-based
+content filter:
+                                           / smtp
+    Internet -> smtpd -> cleanup -> queue -> local
+               Postfix      ^         v    \ virtual etc.
+                          smtpd      smtp
+                         Postfix   Postfix
+                            \         /
+                             filter <-
+
 The SMTP proxy server receives unfiltered mail from Postfix and
 does one of the following:
 
@@ -18,7 +39,8 @@ does one of the following:
     content.
 
 2 - Reject the mail (by sending a suitable status code back to
-    Postfix) so that it is returned to sender.
+    Postfix). Postfix passes the status back to the remote SMTP
+    client. This way, Postfix does not have to send a bounce message.
 
 3 - Send the mail somewhere else.
 
@@ -57,26 +79,6 @@ has approved.  All commands are sent without using ESMTP command
 pipelining. The SMTP proxy server must accept the same MAIL FROM
 and RCPT TO command syntax as the Postfix SMTP server.
 
-This feature is meant to be used as follows:
-                                                             / smtp
-    Internet -> smtpd -> proxy -> smtpd -> cleanup -> queue -> local
-               Postfix           Postfix                     \ virtual etc.
-
-For reference, this is the normal path through Postfix:
-
-                                           / smtp
-    Internet -> smtpd -> cleanup -> queue -> local
-                Postfix                    \ virtual etc.
-
-For comparison, this is the FILTER_README approach with an SMTP-based
-content filter:
-                                           / smtp
-    Internet -> smtpd -> cleanup -> queue -> local
-               Postfix      ^         v    \ virtual etc.
-                          smtpd      smtp
-                         Postfix   Postfix
-                            \         /
-                             filter <-
 Configuration parameters 
 ========================
 

postfix/RELEASE_NOTES

@@ -22,7 +22,7 @@ snapshot release).  Patches change the patchlevel and the release
 date. Snapshots change only the release date, unless they include
 the same bugfixes as a patch release.
 
-Major changes with Postfix snapshot 2.0.13-20030705
+Major changes with Postfix snapshot 2.0.13-20030706
 ===================================================
 
 New receive_override_options parameter that eliminates the need
@@ -58,9 +58,10 @@ Credits to Victor Duchovni and Lamont Jones.
 New CIDR-based lookup table, remotely based on code by Jozsef
 Kadlecsik.  For details and examples, see "man cidr_table".
 
-The TCP-based client-server table lookup protocol is finished.
+The TCP-based table lookup protocol is finished.  For details and
-For details and examples, see "man tcp_table". This will allow you
+examples, see "man tcp_table". This will allow you to implement
-to implement your own greylisting.
+your own greylisting, or to do your own open proxy tests before
+accepting mail.
 
 Support for !/pattern/ (negative matches) in PCRE lookup tables by
 Victor Duchovni. See "man pcre_table" for more.
@@ -71,11 +72,11 @@ If this is turned off Postfix produces no X-Original-To: headers
 and ignores the original recipient when eliminating duplicates
 after virtual alias expansion. Code by Victor Duchovni.
 
-Finer control over how long the SMTP server waits for address
+Finer control over how long Postfix SMTPD waits for completion of
-verification probes to complete. address_verify_poll_{count,delay}
+address verification probes: the address_verify_poll_{count,delay}
-control how often to query the verify server and how long to wait
+parameters control how often to query the verify server and how
-between queries. Specify address_verify_poll_count=1 to implement
+long to wait between queries. Specify address_verify_poll_count=1
-a crude form of greylisting.
+to implement a crude form of greylisting.
 
 Major changes with Postfix snapshot 2.0.11-20030611
 ===================================================

postfix/conf/tcp_table

@@ -70,9 +70,9 @@
 #        to not contain the % or NEWLINE character.
 # 
 # SECURITY
-#        Do not use TCP lookup tables for security critical purposes.
+#        Do  not  use  TCP lookup tables for security critical pur-
-#        The client-server connection is not protected and the server
+#        poses.  The client-server connection is not protected  and
-#        is not authenticated.
+#        the server is not authenticated.
 # 
 # SEE ALSO
 #        regexp_table(5) format of regular expression tables

postfix/html/tcp_table.5.html

@@ -71,9 +71,9 @@ TCP_TABLE(5)                                         TCP_TABLE(5)
        to not contain the % or NEWLINE character.
 
 <b>SECURITY</b>
-       Do not use TCP lookup tables for security critical purposes.
+       Do  not  use  TCP lookup tables for security critical pur-
-       The client-server connection is not protected and the server
+       poses.  The client-server connection is not protected  and
-       is not authenticated.
+       the server is not authenticated.
 
 <b>SEE ALSO</b>
        <a href="regexp_table.5.html">regexp_table(5)</a> format of regular expression tables

postfix/man/man5/tcp_table.5

@@ -78,6 +78,8 @@ is guaranteed to not contain the % or NEWLINE character.
 .SH SECURITY
 .na
 .nf
+.ad
+.fi
 Do not use TCP lookup tables for security critical purposes.
 The client-server connection is not protected and the server
 is not authenticated.

postfix/proto/tcp_table

@@ -62,6 +62,8 @@
 #	The server may omit the encoding as long as the reply
 #	is guaranteed to not contain the % or NEWLINE character.
 # SECURITY
+# .ad 
+# .fi
 #	Do not use TCP lookup tables for security critical purposes.
 #	The client-server connection is not protected and the server
 #	is not authenticated.

postfix/src/cleanup/cleanup_api.c

@@ -175,6 +175,8 @@ void    cleanup_control(CLEANUP_STATE *state, int flags)
      * discard input after any lethal error. See the CLEANUP_OUT_OK() macro
      * definition.
      */
+    if (msg_verbose)
+	msg_info("cleanup flags = %s", cleanup_strflags(flags));
     if ((state->flags = flags) & CLEANUP_FLAG_BOUNCE) {
 	state->err_mask = CLEANUP_STAT_MASK_INCOMPLETE;
     } else {

postfix/src/cleanup/cleanup_message.c

@@ -382,7 +382,7 @@ static void cleanup_header_callback(void *context, int header_class,
     const char *map_class;
 
     if (msg_verbose)
-	msg_info("%s: '%s'", myname, vstring_str(header_buf));
+	msg_info("%s: '%.200s'", myname, vstring_str(header_buf));
 
     /*
      * Crude header filtering. This stops malware that isn't sophisticated

postfix/src/global/Makefile.in

@@ -21,7 +21,8 @@ SRCS	= been_here.c bounce.c canon_addr.c cleanup_strerror.c clnt_stream.c \
 	flush_clnt.c mail_conf_time.c mbox_conf.c mbox_open.c abounce.c \
 	verp_sender.c match_parent_style.c mime_state.c header_token.c \
 	strip_addr.c virtual8_maps.c hold_message.c verify_clnt.c \
-	trace.c log_adhoc.c verify.c dict_proxy.c mail_dict.c input_transp.c
+	trace.c log_adhoc.c verify.c dict_proxy.c mail_dict.c input_transp.c \
+	cleanup_strflags.c
 OBJS	= been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
 	debug_peer.o debug_process.o defer.o deliver_completed.o \
 	deliver_flock.o deliver_pass.o deliver_request.o domain_list.o \
@@ -44,7 +45,8 @@ OBJS	= been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
 	flush_clnt.o mail_conf_time.o mbox_conf.o mbox_open.o abounce.o \
 	verp_sender.o match_parent_style.o mime_state.o header_token.o \
 	strip_addr.o virtual8_maps.o hold_message.o verify_clnt.o \
-	trace.o log_adhoc.o verify.o dict_proxy.o mail_dict.o input_transp.o
+	trace.o log_adhoc.o verify.o dict_proxy.o mail_dict.o input_transp.o \
+	cleanup_strflags.o
 HDRS	= been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
 	config.h debug_peer.h debug_process.h defer.h deliver_completed.h \
 	deliver_flock.h deliver_pass.h deliver_request.h domain_list.h \
@@ -433,6 +435,12 @@ cleanup_strerror.o: ../../include/sys_defs.h
 cleanup_strerror.o: ../../include/vstring.h
 cleanup_strerror.o: ../../include/vbuf.h
 cleanup_strerror.o: cleanup_user.h
+cleanup_strflags.o: cleanup_strflags.c
+cleanup_strflags.o: ../../include/sys_defs.h
+cleanup_strflags.o: ../../include/msg.h
+cleanup_strflags.o: ../../include/vstring.h
+cleanup_strflags.o: ../../include/vbuf.h
+cleanup_strflags.o: cleanup_user.h
 clnt_stream.o: clnt_stream.c
 clnt_stream.o: ../../include/sys_defs.h
 clnt_stream.o: ../../include/msg.h

postfix/src/global/cleanup_strflags.c

@@ -0,0 +1,85 @@
+/*++
+/* NAME
+/*	cleanup_strflags 3
+/* SUMMARY
+/*	cleanup flags code to string
+/* SYNOPSIS
+/*	#include <cleanup_user.h>
+/*
+/*	const char *cleanup_strflags(code)
+/*	int	code;
+/* DESCRIPTION
+/*	cleanup_strflags() maps a CLEANUP_FLAGS code to printable string.
+/*	The result is for read purposes only. The result is overwritten
+/*	upon each call.
+/* LICENSE
+/* .ad
+/* .fi
+/*	The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/*	Wietse Venema
+/*	IBM T.J. Watson Research
+/*	P.O. Box 704
+/*	Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <vstring.h>
+
+/* Global library. */
+
+#include "cleanup_user.h"
+
+ /*
+  * Mapping from flags code to printable string.
+  */
+struct cleanup_flag_map {
+    unsigned flag;
+    const char *text;
+};
+
+static struct cleanup_flag_map cleanup_flag_map[] = {
+    CLEANUP_FLAG_BOUNCE, "enable_bad_mail_bounce",
+    CLEANUP_FLAG_FILTER, "enable_header_body_filter",
+    CLEANUP_FLAG_HOLD, "hold_message",
+    CLEANUP_FLAG_DISCARD, "discard_message",
+    CLEANUP_FLAG_BCC_OK, "enable_automatic_bcc",
+    CLEANUP_FLAG_MAP_OK, "enable_address_mapping",
+};
+
+/* cleanup_strflags - map flags code to printable string */
+
+const char *cleanup_strflags(unsigned flags)
+{
+    static VSTRING *result;
+    unsigned i;
+
+    if (flags == 0)
+	return ("none");
+
+    if (result == 0)
+	result = vstring_alloc(20);
+    else
+	VSTRING_RESET(result);
+
+    for (i = 0; i < sizeof(cleanup_flag_map) / sizeof(cleanup_flag_map[0]); i++) {
+	if (cleanup_flag_map[i].flag & flags) {
+	    vstring_sprintf_append(result, "%s ", cleanup_flag_map[i].text);
+	    flags &= ~cleanup_flag_map[i].flag;
+	}
+    }
+
+    if (flags != 0 || VSTRING_LEN(result) == 0)
+	msg_panic("cleanup_strflags: unrecognized flag value(s) 0x%x", flags);
+
+    vstring_truncate(result, VSTRING_LEN(result) - 1);
+    VSTRING_TERMINATE(result);
+
+    return (vstring_str(result));
+}

postfix/src/global/cleanup_user.h

@@ -66,6 +66,7 @@
 	(CLEANUP_STAT_BAD | CLEANUP_STAT_WRITE | CLEANUP_STAT_SIZE)
 
 extern const char *cleanup_strerror(unsigned);
+extern const char *cleanup_strflags(unsigned);
 
 /* LICENSE
 /* .ad

postfix/src/global/input_transp.c

@@ -13,7 +13,8 @@
 /*	This module controls how much processing happens before mail is
 /*	written to the Postfix queue. Each transparency option is either
 /*	implemented by a client of the cleanup service, or is passed
-/*	along in a client request to the cleanup service.
+/*	along in a client request to the cleanup service. This eliminates
+/*	the need to configure multiple cleanup service instances.
 /*
 /*	input_transp_mask() takes a comma-separated list of names and
 /*	computes the corresponding mask. The following names are

postfix/src/global/mail_version.h

@@ -20,7 +20,7 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20030705"
+#define MAIL_RELEASE_DATE	"20030706"
 
 #define VAR_MAIL_VERSION	"mail_version"
 #define DEF_MAIL_VERSION	"2.0.13-" MAIL_RELEASE_DATE

postfix/src/global/rewrite_clnt.c

@@ -102,6 +102,8 @@ VSTRING *rewrite_clnt(const char *rule, const char *addr, VSTRING *result)
 
     /*
      * Peek at the cache.
+     * 
+     * XXX Must be made "rule" specific.
      */
     if (strcmp(addr, STR(last_addr)) == 0) {
 	vstring_strcpy(result, STR(last_result));

postfix/src/global/xtext.c

@@ -16,11 +16,11 @@
 /*	const char *quoted;
 /* DESCRIPTION
 /*	xtext_quote() takes a null-terminated string and replaces characters
-/*	<33(10) and >126(10), as well as characters specified with "special"
+/*	+, <33(10) and >126(10), as well as characters specified with "special"
 /*	by +XX, XX being the two-digit uppercase hexadecimal equivalent.
 /*
 /*	xtext_unquote() performs the opposite transformation. This function
-/*	understands lowercase, uppercase, and mixed case %XX sequences. The
+/*	understands lowercase, uppercase, and mixed case +XX sequences. The
 /*	result value is the unquoted argument in case of success, a null pointer
 /*	otherwise.
 /* BUGS