mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-09-03 07:35:20 +00:00
Code Issues Releases Wiki Activity

postfix-2.2-20040827

Browse Source
This commit is contained in:
Wietse Venema
2004-08-27 00:00:00 -05:00
committed by Viktor Dukhovni
parent 5cd36a369b
commit 851738e9a2
57 changed files with 1022 additions and 257 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
postfix/HISTORY
View File

@@ -9617,7 +9617,7 @@ Apologies for any names omitted.
queue manager is unable to schedule back-to-back deliveries.
File: *qmgr/qmgr_entry.c.
20040730
20040731
Hysteresis: turn on "opportunistic session caching" when
back-to-back deliveries happen, but don't turn if off
@@ -9632,6 +9632,67 @@ Apologies for any names omitted.
Portability: h_errno is not an lvalue in the UnixWare 7.1
multi-threaded environment. Olivier PRENANT.
20040812
Bugfix: update SMTP server error counter when a client is
denied access with smtpd_delay_reject=no.
20040816
Bugfix: The smtp_chat_cmd() forced output flushing code in
the SMTP client could run before an I/O error handler was
set up. Problem diagnosed by Victor Duchovni, Morgan
Stanley. The fix is to disable the smtp_chat_cmd() forced
output flushing code as it duplicates better code in
smtp_loop(). File: smtp/smtp_chat.c.
Safety: set up an I/O error handler before the smtp_loop()
protocol engine starts; this handler logs a warning in case
it ever runs, because that means someone broke ESMTP command
pipelining. File: smtp/smtp_proto.c.
Feature: canonical_classes parameter by Kimmo Suominen, to
control what addresses are rewritten by canonical_maps.
Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.
20040817
Bugfix: update the vstream I/O time AFTER the completion
of an I/O request, so that time-sensitive applications
don't force flush output too soon and possibly trigger
NAGLE delays. Problem diagnosed by Victor Duchovni, Morgan
Stanley. File: util/vstream.c.
Portability: avoid postmap/postalias test file name clashes
on Windows. Ian Lance Taylor (of Taylor UUCP fame).
20030823
Bugfix: vstream_popen() did not close the child pipe
after failure to fork(). File: util/vstream_popen.c.
20040826
Feature: support for systems with closefrom(), and emulation
for those without. Victor Duchovni, Morgan Stanley. Files:
util/sys_defs.h, util/sys_compat.c.
20040827
Feature: {sender,recipient}_canonical_classes parameters,
which give better control than sender_canonical_classes.
Files: cleanup/cleanup_addr.c, cleanup/cleanup_message.c.
Feature: the proxymap client now recognizes when a map
can't be proxied, and will open it directly instead. This
makes proxy maps easier to use for virtual mailbox domains.
File: global/dict_proxy.c.
Feature: smtp_sasl_mechanism_filter restricts what remote
SMTP server mechanism names the Postfix SMTP client passes
on to the SASL library. Victor Duchovni, Morgan Stanley.
Files: smtp/smtp.c. smtp/smtp_sasl_glue.c, smtp/smtp_sasl_proto.c.
Open problems:
Low: update events.c so that 1-second timer requests do

17
postfix/README_FILES/ADDRESS_REWRITING_README
View File

@@ -214,11 +214,14 @@ address manipulations:
CCaannoonniiccaall aaddddrreessss mmaappppiinngg
The cleanup(8) daemon uses the canonical(5) tables to rewrite all addresses in
message envelopes and in message headers. This is done for local and remote
addresses. The mapping is useful to replace login names by "Firstname.Lastname"
style addresses, or to clean up invalid domains in mail addresses produced by
legacy mail systems.
The cleanup(8) daemon uses the canonical(5) tables to rewrite addresses in
message envelopes and in message headers. By default all header and envelope
addresses are rewritten; this is controlled with the canonical_classes
configuration parameter.
Address rewriting is done for local and remote addresses. The mapping is useful
to replace login names by "Firstname.Lastname" style addresses, or to clean up
invalid domains in mail addresses produced by legacy mail systems.
Canonical mapping is disabled by default. To enable, edit the canonical_maps
parameter in the main.cf file and specify one or more lookup tables, separated
@@ -248,7 +251,9 @@ Example:
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
The sender and recipient canonical maps are applied before the common canonical
maps.
maps. The sender_canonical_classes and recipient_canonical_classes parameters
control what addresses are subject to sender_canonical_maps and
recipient_canonical_maps mappings, respectively.
Sender-specific rewriting is useful when you want to rewrite ugly sender
addresses to pretty ones, and still want to be able to send mail to the those

6
postfix/README_FILES/SASL_README
View File

@@ -319,6 +319,12 @@ plaintext authentication specify, for example:
The SASL client password file is opened before the SMTP server enters the
optional chroot jail, so you can keep the file in /etc/postfix.
Note: Some SMTP servers support authentication mechanisms that, although
available on the client system, may not in practice work or possess the
appropriate credentials to authenticate to the server. It is possible via the
smtp_sasl_mechanism_filter parameter to further restrict the list of server
mechanisms that the smtp(8) client will take into consideration.
The Postfix SMTP client is backwards compatible with SMTP servers that use the
non-standard "AUTH=method..." syntax in response to the EHLO command; there is
no Postfix client configuration needed to work around it.

16
postfix/README_FILES/STANDARD_CONFIGURATION_README
View File

@@ -298,6 +298,22 @@ Translation:
listed in $mydestination, or when it matches $inet_interfaces or
$proxy_interfaces.
In some installations, there may be separate instances of Postfix processing
inbound and outbound mail on a multi-homed firewall. The inbound Postfix
instance has an SMTP server listening on the external firewall interface, and
the outbound Postfix instance has an SMTP server listening on the internal
interface. In such a configuration is it is tempting to configure
$inet_interfaces in each instance with just the corresponding interface
address.
In most cases using inet_interaces in this way will not work, because as
documented in the $inet_interfaces reference manual, the smtp(8) delivery agent
will also use the specified interface address as the source address for
outbound connections and will be unable to reach hosts on "the other side" of
the firewall. The symptoms are that the firewall is unable to connect to hosts
that are in fact up. See the inet_interfaces parameter documentation for
suggested work-arounds.
RRuunnnniinngg PPoossttffiixx bbeehhiinndd aa ffiirreewwaallll
The simplest way to set up Postfix on a host behind a firewalled network is to

19
postfix/RELEASE_NOTES
View File

@@ -7,6 +7,25 @@ snapshot release). Patches are issued for the official release
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
Major changes with snapshot Postfix-2.2-20040827
================================================
Easier use of the proxymap service with the virtual(8) delivery
agent. As of now, the virtual(8) delivery agent will silently open
maps directly when they can't be proxied. This means you can now
specify "virtual_mailbox_maps = proxy:mysql:whatever" without
triggering fatal errors in the virtual(8) delivery agent.
Better SMTP client control over the use of SASL mechanisms. New
smtp_sasl_mechanism_filter mechanism to shorten the list of SASL
mechanisms from a remote server to just those that the local SASL
library can actually use.
Finer control over canonical mapping with canonical_classes,
sender_canonical_classes and recipient_canonical_classes. These
specify one or more of envelope_sender, header_sender, envelope_recipient
or header_recipient. The default settings are backwards compatible.
Incompatible changes with snapshot Postfix-2.2-20040729
=======================================================

11
postfix/conf/canonical
View File

@@ -33,6 +33,13 @@
# way as described below under "REGULAR EXPRESSION TABLES"
# and "TCP-BASED TABLES".
#
# By default the canonical mapping affects both message
# header addresses (i.e. addresses that appear inside mes-
# sages) and message envelope addresses (for example, the
# addresses that are used in SMTP protocol commands). Think
# Sendmail rule set S3, if you like. This is controlled
# with the canonical_classes parameter.
#
# The canonical mapping affects both message header
# addresses (i.e. addresses that appear inside messages) and
# message envelope addresses (for example, the addresses
@@ -147,6 +154,10 @@
# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
#
# canonical_classes
# What addresses are subject to canonical address
# mapping.
#
# canonical_maps
# List of canonical mapping tables.
#

2
postfix/conf/header_checks
View File

@@ -297,7 +297,7 @@
#
# /etc/postfix/header_checks:
# /^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
# REJECT Bad attachment file name extension: $1
# REJECT Bad attachment file name extension: $2
#
# Body pattern to stop a specific HTML browser vulnerability
# exploit.

11
postfix/html/ADDRESS_REWRITING_README.html
View File

@@ -410,7 +410,11 @@ address. </p> </dd>
<h3> <a name="canonical"> Canonical address mapping </a> </h3>
<p> The <a href="cleanup.8.html">cleanup(8)</a> daemon uses the <a href="canonical.5.html">canonical(5)</a> tables to rewrite
all addresses in message envelopes and in message headers. This is
addresses in message envelopes and in message headers. By default
all header and envelope addresses are rewritten; this is controlled
with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> configuration parameter. </p>
<p> Address rewriting is
done for local and remote addresses. The mapping is useful to
replace login names by "Firstname.Lastname" style addresses, or to
clean up invalid domains in mail addresses produced by legacy mail
@@ -453,7 +457,10 @@ applied only to sender addresses or to recipient addresses. </p>
</blockquote>
<p> The sender and recipient canonical maps are applied before the
common canonical maps. </p>
common canonical maps. The <a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> and
<a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> parameters control what addresses are
subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> and <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a>
mappings, respectively. </p>
<p> Sender-specific rewriting is useful when you want to rewrite
ugly sender addresses to pretty ones, and still want to be able to

7
postfix/html/SASL_README.html
View File

@@ -473,6 +473,13 @@ for example: </p>
enters the optional chroot jail, so you can keep the file in
/etc/postfix. </p>
<p> Note: Some SMTP servers support authentication mechanisms that,
although available on the client system, may not in practice work or
possess the appropriate credentials to authenticate to the server. It
is possible via the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> parameter to further
restrict the list of server mechanisms that the <a href="smtp.8.html">smtp(8)</a> client will take
into consideration. </p>
<p> The Postfix SMTP client is backwards compatible with SMTP
servers that use the non-standard "AUTH=method..." syntax in response
to the EHLO command; there is no Postfix client configuration needed

16
postfix/html/STANDARD_CONFIGURATION_README.html
View File

@@ -422,6 +422,22 @@ matches $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a hr
</ul>
<p> In some installations, there may be separate instances of Postfix
processing inbound and outbound mail on a multi-homed firewall. The
inbound Postfix instance has an SMTP server listening on the external
firewall interface, and the outbound Postfix instance has an SMTP server
listening on the internal interface. In such a configuration is it is
tempting to configure $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> in each instance with just the
corresponding interface address. </p>
<p> In most cases using inet_interaces in this way will not work,
because as documented in the $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> reference manual, the
<a href="smtp.8.html">smtp(8)</a> delivery agent will also use the specified interface address
as the source address for outbound connections and will be unable to
reach hosts on "the other side" of the firewall. The symptoms are that
the firewall is unable to connect to hosts that are in fact up. See the
<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> parameter documentation for suggested work-arounds.</p>
<h2><a name="intranet">Running Postfix behind a firewall</a></h2>
<p> The simplest way to set up Postfix on a host behind a firewalled

11
postfix/html/canonical.5.html
View File

@@ -39,6 +39,13 @@ CANONICAL(5) CANONICAL(5)
way as described below under "REGULAR EXPRESSION TABLES"
and "TCP-BASED TABLES".
By default the <b>canonical</b> mapping affects both message
header addresses (i.e. addresses that appear inside mes-
sages) and message envelope addresses (for example, the
addresses that are used in SMTP protocol commands). Think
Sendmail rule set <b>S3</b>, if you like. This is controlled
with the <b>canonical_classes</b> parameter.
The <b>canonical</b> mapping affects both message header
addresses (i.e. addresses that appear inside messages) and
message envelope addresses (for example, the addresses
@@ -153,6 +160,10 @@ CANONICAL(5) CANONICAL(5)
The text below provides only a parameter summary. See
<a href="postconf.5.html">postconf(5)</a> for more details including examples.
<b>canonical_classes</b>
What addresses are subject to canonical address
mapping.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a></b>
List of canonical mapping tables.

16
postfix/html/cleanup.8.html
View File

@@ -223,6 +223,22 @@ CLEANUP(8) CLEANUP(8)
addresses or domains to other local or remote
address.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
<b>header_sender, header_recipient)</b>
What addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
address mapping.
<b><a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> (envelope_recipient,</b>
<b>header_recipient)</b>
What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
<a href="postconf.5.html#recipient_canonical_maps">cal_maps</a> address mapping.
<b><a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> (envelope_sender, header_sender)</b>
What addresses are subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a>
address mapping.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
The maximal number of addresses remembered by the

2
postfix/html/header_checks.5.html
View File

@@ -303,7 +303,7 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
/etc/postfix/header_checks:
/^content-(type|disposition):.*name[[:space:]]*=.*\.(exe|vbs)/
REJECT Bad attachment file name extension: $1
REJECT Bad attachment file name extension: $2
Body pattern to stop a specific HTML browser vulnerability
exploit.

135
postfix/html/postconf.5.html
View File

@@ -528,8 +528,11 @@ Example:
<p>
Allow a recipient address to have `-' as the first character. By
default, this is not allowed, to avoid accidents with software that
passes email addresses via the command line.
</p>
passes email addresses via the command line. Such software
would not be able to distinguish a malicious address from a
bona fide command-line option. Although this can be prevented by
inserting a "--" option terminator into the command line, this is
difficult to enforce consistently and globally. </p>
</DD>
@@ -945,6 +948,20 @@ AUTH support in a non-standard way.
</p>
</DD>
<DT><b><a name="canonical_classes">canonical_classes</a>
(default: envelope_sender, envelope_recipient, header_sender, header_recipient)</b></DT><DD>
<p> What addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a> address mapping.
By default, <a href="postconf.5.html#canonical_maps">canonical_maps</a> address mapping is applied to envelope
sender and recipient addresses, and to header sender and header
recipient addresses. </p>
<p> Specify one or more of: envelope_sender, envelope_recipient,
header_sender, header_recipient </p>
</DD>
<DT><b><a name="canonical_maps">canonical_maps</a>
@@ -953,7 +970,8 @@ AUTH support in a non-standard way.
<p>
Optional address mapping lookup tables for message headers and
envelopes. The mapping is applied to both sender and recipient
addresses, in both envelopes and in headers. This is typically used
addresses, in both envelopes and in headers, as controlled
with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
are documented in <a href="canonical.5.html">canonical(5)</a>.
@@ -2405,6 +2423,26 @@ machine. The parameter also controls delivery of mail to
user@[ip.address].
</p>
<p>
When <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> consists of just one IP address that is not a
loopback (net 127) address, the Postfix SMTP client will use this address
as the IP source address for outbound mail. </p>
<p>
On a multi-homed firewall with separate Postfix instances listening on the
"inside" and "outside" interfaces, this can prevent each instance from
being able to reach servers on the "other side" of the firewall. Setting
<a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> to 0.0.0.0 avoids the potential problem. </p>
<p>
A better solution is to leave <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> at the default value
and instead use explicit IP addresses in master.cf. This preserves SMTP
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> to a
single IP address is primarily useful with virtual hosting of domains on
secondary IP addresses, when each IP address serves a different domain
(and has a different $<a href="postconf.5.html#myhostname">myhostname</a> setting). </p>
<p>
See also the <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameter, for network addresses that
are forwarded to us by way of a proxy or address translator.
@@ -4557,6 +4595,20 @@ Example:
</pre>
</DD>
<DT><b><a name="recipient_canonical_classes">recipient_canonical_classes</a>
(default: envelope_recipient, header_recipient)</b></DT><DD>
<p> What addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address
mapping. By default, <a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> address mapping is
applied to envelope recipient addresses, and to header recipient
addresses. </p>
<p> Specify one or more of: envelope_recipient, header_recipient
</p>
</DD>
<DT><b><a name="recipient_canonical_maps">recipient_canonical_maps</a>
@@ -4971,6 +5023,19 @@ Example:
</pre>
</DD>
<DT><b><a name="sender_canonical_classes">sender_canonical_classes</a>
(default: envelope_sender, header_sender)</b></DT><DD>
<p> What addresses are subject to <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address
mapping. By default, <a href="postconf.5.html#sender_canonical_maps">sender_canonical_maps</a> address mapping is
applied to envelope sender addresses, and to header sender addresses.
</p>
<p> Specify one or more of: envelope_sender, header_sender </p>
</DD>
<DT><b><a name="sender_canonical_maps">sender_canonical_maps</a>
@@ -5140,6 +5205,12 @@ for example:
smtp ... smtp -o <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>=11.22.33.44
</pre>
<p> Note: when <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> specifies exactly one address that
is a non-loopback address, it is automatically used as the
<a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a>. This supports virtual IP hosting, but can be
a problem on multi-homed firewalls. See the <a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
documentation for more detail. </p>
</DD>
@@ -5642,6 +5713,33 @@ Example:
</pre>
</DD>
<DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
(default: empty)</b></DT><DD>
<p>
If non-empty, filters the SMTP server's list of offered SASL mechanisms.
Different client and server implementations may support different
mechanism lists. By default, the client will use the intersection of the
two. <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> further restricts what server mechanisms
the client will take into consideration. </p>
<p> Specify mechanism names, "/file/name" patterns or "<a href="DATABASE_README.html">type:table</a>"
lookup tables. The right-hand side result from "<a href="DATABASE_README.html">type:table</a>" lookups
is ignored. </p>
<p>
Examples:
</p>
<pre>
<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = plain, login
<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = /etc/postfix/smtp_mechs
<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !login, static:rest
</pre>
</DD>
<DT><b><a name="smtp_sasl_password_maps">smtp_sasl_password_maps</a>
@@ -6857,9 +6955,8 @@ from filling up with undeliverable MAILER-DAEMON messages.
or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> but the
recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
is not null.
<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
<li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
@@ -6892,9 +6989,8 @@ of forged mail from worms or viruses. </p>
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> but the recipient
is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>, and $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> is
not null.
<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the recipient
is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
<li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
@@ -7992,9 +8088,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent does
not allow table lookup through the <a href="proxymap.8.html">proxymap(8)</a> service, because
that would open a security hole.
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
it will open the table directly. Before Postfix version 2.2, the
<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
</p>
@@ -8118,9 +8215,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent disallows
table lookup through the <a href="proxymap.8.html">proxymap(8)</a> server, because that would
open a security hole.
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
it will open the table directly. Before Postfix version 2.2, the
<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
</p>
@@ -8203,9 +8301,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent does
not allow table lookup through the <a href="proxymap.8.html">proxymap(8)</a> service, because
that would open a security hole.
Note 2: for security reasons, the <a href="virtual.8.html">virtual(8)</a> delivery agent will
silently ignore requests to use the <a href="proxymap.8.html">proxymap(8)</a> server. Instead
it will open the table directly. Before Postfix version 2.2, the
<a href="virtual.8.html">virtual(8)</a> delivery agent will terminate with a fatal error.
</p>

6
postfix/html/smtp.8.html
View File

@@ -170,6 +170,12 @@ SMTP(8) SMTP(8)
What authentication mechanisms the Postfix SMTP
client is allowed to use.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, filters the SMTP server's list of
offered SASL mechanisms.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>

9
postfix/man/man5/canonical.5
View File

@@ -36,6 +36,13 @@ can be directed to TCP-based server. In that case, the lookups are
done in a slightly different way as described below under
"REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
By default the \fBcanonical\fR mapping affects both message
header addresses (i.e. addresses that appear inside messages)
and message envelope addresses (for example, the addresses
that are used in SMTP protocol commands). Think Sendmail
rule set \fBS3\fR, if you like. This is controlled with
the \fBcanonical_classes\fR parameter.
The \fBcanonical\fR mapping affects both message header addresses
(i.e. addresses that appear inside messages) and message envelope
addresses (for example, the addresses that are used in SMTP protocol
@@ -152,6 +159,8 @@ The table format does not understand quoting conventions.
The following \fBmain.cf\fR parameters are especially relevant.
The text below provides only a parameter summary. See
postconf(5) for more details including examples.
.IP \fBcanonical_classes\fR
What addresses are subject to canonical address mapping.
.IP \fBcanonical_maps\fR
List of canonical mapping tables.
.IP \fBrecipient_canonical_maps\fR

2
postfix/man/man5/header_checks.5
View File

@@ -282,7 +282,7 @@ header_checks = regexp:/etc/postfix/header_checks
.ti +4
/^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
.ti +8
REJECT Bad attachment file name extension: $1
REJECT Bad attachment file name extension: $2
.ad
.fi

106
postfix/man/man5/postconf.5
View File

@@ -287,7 +287,11 @@ allow_mail_to_files = alias,forward,include
.SH allow_min_user (default: no)
Allow a recipient address to have `-' as the first character. By
default, this is not allowed, to avoid accidents with software that
passes email addresses via the command line.
passes email addresses via the command line. Such software
would not be able to distinguish a malicious address from a
bona fide command-line option. Although this can be prevented by
inserting a "--" option terminator into the command line, this is
difficult to enforce consistently and globally.
.SH allow_percent_hack (default: yes)
Enable the rewriting of the form "user%domain" to "user@domain".
This is enabled by default.
@@ -483,10 +487,19 @@ version 5.0.
.PP
Specify "\fBbroken_sasl_auth_clients = yes\fR" to have Postfix advertise
AUTH support in a non-standard way.
.SH canonical_classes (default: envelope_sender, envelope_recipient, header_sender, header_recipient)
What addresses are subject to canonical_maps address mapping.
By default, canonical_maps address mapping is applied to envelope
sender and recipient addresses, and to header sender and header
recipient addresses.
.PP
Specify one or more of: envelope_sender, envelope_recipient,
header_sender, header_recipient
.SH canonical_maps (default: empty)
Optional address mapping lookup tables for message headers and
envelopes. The mapping is applied to both sender and recipient
addresses, in both envelopes and in headers. This is typically used
addresses, in both envelopes and in headers, as controlled
with the canonical_classes parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
are documented in canonical(5).
@@ -1202,6 +1215,23 @@ on. By default, the software claims all active interfaces on the
machine. The parameter also controls delivery of mail to
user@[ip.address].
.PP
When inet_interfaces consists of just one IP address that is not a
loopback (net 127) address, the Postfix SMTP client will use this address
as the IP source address for outbound mail.
.PP
On a multi-homed firewall with separate Postfix instances listening on the
"inside" and "outside" interfaces, this can prevent each instance from
being able to reach servers on the "other side" of the firewall. Setting
smtp_bind_address to 0.0.0.0 avoids the potential problem.
.PP
A better solution is to leave inet_interfaces at the default value
and instead use explicit IP addresses in master.cf. This preserves SMTP
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $inet_interfaces to a
single IP address is primarily useful with virtual hosting of domains on
secondary IP addresses, when each IP address serves a different domain
(and has a different $myhostname setting).
.PP
See also the proxy_interfaces parameter, for network addresses that
are forwarded to us by way of a proxy or address translator.
.PP
@@ -2350,6 +2380,13 @@ recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
.fi
.ad
.ft R
.SH recipient_canonical_classes (default: envelope_recipient, header_recipient)
What addresses are subject to recipient_canonical_maps address
mapping. By default, recipient_canonical_maps address mapping is
applied to envelope recipient addresses, and to header recipient
addresses.
.PP
Specify one or more of: envelope_recipient, header_recipient
.SH recipient_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header
recipient addresses.
@@ -2606,6 +2643,12 @@ sender_bcc_maps = hash:/etc/postfix/sender_bcc
.fi
.ad
.ft R
.SH sender_canonical_classes (default: envelope_sender, header_sender)
What addresses are subject to sender_canonical_maps address
mapping. By default, sender_canonical_maps address mapping is
applied to envelope sender addresses, and to header sender addresses.
.PP
Specify one or more of: envelope_sender, header_sender
.SH sender_canonical_maps (default: empty)
Optional address mapping lookup tables for envelope and header
sender addresses.
@@ -2686,6 +2729,12 @@ for example:
.fi
.ad
.ft R
.PP
Note: when inet_interfaces specifies exactly one address that
is a non-loopback address, it is automatically used as the
smtp_bind_address. This supports virtual IP hosting, but can be
a problem on multi-homed firewalls. See the inet_interfaces
documentation for more detail.
.SH smtp_connect_timeout (default: 30s)
The SMTP client time limit for completing a TCP connection, or
zero (use the operating system built-in time limit).
@@ -2929,6 +2978,28 @@ smtp_sasl_auth_enable = yes
.fi
.ad
.ft R
.SH smtp_sasl_mechanism_filter (default: empty)
If non-empty, filters the SMTP server's list of offered SASL mechanisms.
Different client and server implementations may support different
mechanism lists. By default, the client will use the intersection of the
two. smtp_sasl_mechanism_filter further restricts what server mechanisms
the client will take into consideration.
.PP
Specify mechanism names, "/file/name" patterns or "type:table"
lookup tables. The right-hand side result from "type:table" lookups
is ignored.
.PP
Examples:
.PP
.nf
.na
.ft C
smtp_sasl_mechanism_filter = plain, login
smtp_sasl_mechanism_filter = /etc/postfix/smtp_mechs
smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
.fi
.ad
.ft R
.SH smtp_sasl_password_maps (default: empty)
Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no
@@ -3661,9 +3732,8 @@ The recipient domain matches $mydestination, $inet_interfaces
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
The recipient domain matches $virtual_alias_maps but the
recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
is not null.
The recipient domain matches $virtual_alias_domains but the
recipient is not listed in $virtual_alias_maps.
.IP \(bu
The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
@@ -3684,9 +3754,8 @@ The sender domain matches $mydestination, $inet_interfaces or
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
.IP \(bu
The sender domain matches $virtual_alias_maps but the recipient
is not listed in $virtual_alias_maps, and $virtual_alias_maps is
not null.
The sender domain matches $virtual_alias_domains but the recipient
is not listed in $virtual_alias_maps.
.IP \(bu
The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
@@ -4300,9 +4369,10 @@ Note 1: for security reasons, the virtual(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
Note 2: for security reasons, the virtual(8) delivery agent does
not allow table lookup through the proxymap(8) service, because
that would open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
.SH virtual_mailbox_base (default: empty)
A prefix that the virtual(8) delivery agent prepends to all pathname
results from $virtual_mailbox_maps table lookups. This is a safety
@@ -4372,9 +4442,10 @@ Note 1: for security reasons, the virtual(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
Note 2: for security reasons, the virtual(8) delivery agent disallows
table lookup through the proxymap(8) server, because that would
open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
.SH virtual_maps (default: empty)
Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote domains,
@@ -4415,9 +4486,10 @@ Note 1: for security reasons, the virtual(8) delivery agent disallows
regular expression substitution of $1 etc. in regular expression
lookup tables, because that would open a security hole.
.PP
Note 2: for security reasons, the virtual(8) delivery agent does
not allow table lookup through the proxymap(8) service, because
that would open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
.SH SEE ALSO
.na
.nf

10
postfix/man/man8/cleanup.8
View File

@@ -194,6 +194,16 @@ Available in Postfix version 2.0 and later:
.IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address.
.PP
Available in Postfix version 2.2 and later:
.IP "\fBcanonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)\fR"
What addresses are subject to canonical_maps address mapping.
.IP "\fBrecipient_canonical_classes (envelope_recipient, header_recipient)\fR"
What addresses are subject to recipient_canonical_maps address
mapping.
.IP "\fBsender_canonical_classes (envelope_sender, header_sender)\fR"
What addresses are subject to sender_canonical_maps address
mapping.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf

4
postfix/man/man8/smtp.8
View File

@@ -162,6 +162,10 @@ per remote hostname or domain.
.IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
What authentication mechanisms the Postfix SMTP client is allowed
to use.
.PP
Available in Postfix version 2.2 and later:
.IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
If non-empty, filters the SMTP server's list of offered SASL mechanisms.
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf

1
postfix/mantools/docparam
View File

@@ -185,6 +185,7 @@ BEGIN {
table["smtpd_sasl_local_domain"] = "var_smtpd_sasl_realm"
table["smtpd_sender_login_maps"] = "var_smtpd_snd_auth_maps"
table["smtp_sasl_auth_enable"] = "var_smtp_sasl_enable"
table["smtp_sasl_mechanism_filter"] = "var_smtp_sasl_mechs"
table["smtp_sasl_password_maps"] = "var_smtp_sasl_passwd"
table["smtp_sasl_security_options"] = "var_smtp_sasl_opts"
table["lmtpd_banner"] = "var_lmtpd_banner"

6
postfix/mantools/postlink
View File

@@ -104,6 +104,7 @@ while (<>) {
s;\bbounce_service_name\b;<a href="postconf.5.html#bounce_service_name">$&</a>;g;
s;\bbounce_size_limit\b;<a href="postconf.5.html#bounce_size_limit">$&</a>;g;
s;\bbroken_sasl_auth_clients\b;<a href="postconf.5.html#broken_sasl_auth_clients">$&</a>;g;
s;\bcanonical_classes\b;<a href="postconf.5.html#canonical_classes">$&</a>;g;
s;\bcanonical_maps\b;<a href="postconf.5.html#canonical_maps">$&</a>;g;
s;\bcleanup_service_name\b;<a href="postconf.5.html#cleanup_service_name">$&</a>;g;
s;\bcommand_execu[-</bB>]*\n* *[<bB>]*tion_direc[-</bB>]*\n* *[<bB>]*tory\b;<a href="postconf.5.html#command_execution_directory">$&</a>;g;
@@ -274,7 +275,8 @@ while (<>) {
s;\bno_address_mappings\b;<a href="postconf.5.html#no_address_mappings">$&</a>;g;
s;\bno_header_body_checks\b;<a href="postconf.5.html#no_header_body_checks">$&</a>;g;
s;\brecip[-</bB>]*\n* *[<bB>]*ient_bcc_maps\b;<a href="postconf.5.html#recipient_bcc_maps">$&</a>;g;
s;\brecip[-</bB>]*\n* *[<bB>]*ient_canonical_maps\b;<a href="postconf.5.html#recipient_canonical_maps">$&</a>;g;
s;\brecip[-</bB>]*\n* *[<bB>]*ient_canoni[-</bB>]*\n* *[<bB>]*cal_classes\b;<a href="postconf.5.html#recipient_canonical_classes">$&</a>;g;
s;\brecip[-</bB>]*\n* *[<bB>]*ient_canoni[-</bB>]*\n* *[<bB>]*cal_maps\b;<a href="postconf.5.html#recipient_canonical_maps">$&</a>;g;
s;\brecip[-</bB>]*\n* *[<bB>]*ient_delim[-</bB>]*\n* *[<bB>]*iter\b;<a href="postconf.5.html#recipient_delimiter">$&<\/a>;g;
s;\breject_code\b;<a href="postconf.5.html#reject_code">$&</a>;g;
s;\brelay_domains\b;<a href="postconf.5.html#relay_domains">$&</a>;g;
@@ -289,6 +291,7 @@ while (<>) {
s;\bsample_directory\b;<a href="postconf.5.html#sample_directory">$&</a>;g;
s;\bsender_based_routing\b;<a href="postconf.5.html#sender_based_routing">$&</a>;g;
s;\bsender_bcc_maps\b;<a href="postconf.5.html#sender_bcc_maps">$&</a>;g;
s;\bsender_canonical_classes\b;<a href="postconf.5.html#sender_canonical_classes">$&</a>;g;
s;\bsender_canonical_maps\b;<a href="postconf.5.html#sender_canonical_maps">$&</a>;g;
s;\bsendmail_path\b;<a href="postconf.5.html#sendmail_path">$&</a>;g;
s;\bservice_throttle_time\b;<a href="postconf.5.html#service_throttle_time">$&</a>;g;
@@ -336,6 +339,7 @@ while (<>) {
s;\bsmtp_rcpt_timeout\b;<a href="postconf.5.html#smtp_rcpt_timeout">$&</a>;g;
s;\bsmtp_rset_timeout\b;<a href="postconf.5.html#smtp_rset_timeout">$&</a>;g;
s;\bsmtp_sasl_auth_enable\b;<a href="postconf.5.html#smtp_sasl_auth_enable">$&</a>;g;
s;\bsmtp_sasl_mechanism_filter\b;<a href="postconf.5.html#smtp_sasl_mechanism_filter">$&</a>;g;
s;\bsmtp_sasl_password_maps\b;<a href="postconf.5.html#smtp_sasl_password_maps">$&</a>;g;
s;\bsmtp_sasl_security_options\b;<a href="postconf.5.html#smtp_sasl_security_options">$&</a>;g;
s;\bsmtp_send_xforward_command\b;<a href="postconf.5.html#smtp_send_xforward_command">$&</a>;g;

1
postfix/mantools/useparam
View File

@@ -175,6 +175,7 @@ BEGIN {
table["var_smtpd_sasl_realm"] = "smtpd_sasl_local_domain"
table["var_smtpd_snd_auth_maps"] = "smtpd_sender_login_maps"
table["var_smtp_sasl_enable"] = "smtp_sasl_auth_enable"
table["var_smtp_sasl_mechs"] = "smtp_sasl_mechanism_filter"
table["var_smtp_sasl_passwd"] = "smtp_sasl_password_maps"
table["var_smtp_sasl_opts"] = "smtp_sasl_security_options"
table["var_lmtpd_banner"] = "lmtpd_banner"

11
postfix/proto/ADDRESS_REWRITING_README.html
View File

@@ -410,7 +410,11 @@ address. </p> </dd>
<h3> <a name="canonical"> Canonical address mapping </a> </h3>
<p> The cleanup(8) daemon uses the canonical(5) tables to rewrite
all addresses in message envelopes and in message headers. This is
addresses in message envelopes and in message headers. By default
all header and envelope addresses are rewritten; this is controlled
with the canonical_classes configuration parameter. </p>
<p> Address rewriting is
done for local and remote addresses. The mapping is useful to
replace login names by "Firstname.Lastname" style addresses, or to
clean up invalid domains in mail addresses produced by legacy mail
@@ -453,7 +457,10 @@ applied only to sender addresses or to recipient addresses. </p>
</blockquote>
<p> The sender and recipient canonical maps are applied before the
common canonical maps. </p>
common canonical maps. The sender_canonical_classes and
recipient_canonical_classes parameters control what addresses are
subject to sender_canonical_maps and recipient_canonical_maps
mappings, respectively. </p>
<p> Sender-specific rewriting is useful when you want to rewrite
ugly sender addresses to pretty ones, and still want to be able to

7
postfix/proto/SASL_README.html
View File

@@ -473,6 +473,13 @@ for example: </p>
enters the optional chroot jail, so you can keep the file in
/etc/postfix. </p>
<p> Note: Some SMTP servers support authentication mechanisms that,
although available on the client system, may not in practice work or
possess the appropriate credentials to authenticate to the server. It
is possible via the smtp_sasl_mechanism_filter parameter to further
restrict the list of server mechanisms that the smtp(8) client will take
into consideration. </p>
<p> The Postfix SMTP client is backwards compatible with SMTP
servers that use the non-standard "AUTH=method..." syntax in response
to the EHLO command; there is no Postfix client configuration needed

16
postfix/proto/STANDARD_CONFIGURATION_README.html
View File

@@ -422,6 +422,22 @@ matches $inet_interfaces or $proxy_interfaces. </p>
</ul>
<p> In some installations, there may be separate instances of Postfix
processing inbound and outbound mail on a multi-homed firewall. The
inbound Postfix instance has an SMTP server listening on the external
firewall interface, and the outbound Postfix instance has an SMTP server
listening on the internal interface. In such a configuration is it is
tempting to configure $inet_interfaces in each instance with just the
corresponding interface address. </p>
<p> In most cases using inet_interaces in this way will not work,
because as documented in the $inet_interfaces reference manual, the
smtp(8) delivery agent will also use the specified interface address
as the source address for outbound connections and will be unable to
reach hosts on "the other side" of the firewall. The symptoms are that
the firewall is unable to connect to hosts that are in fact up. See the
inet_interfaces parameter documentation for suggested work-arounds.</p>
<h2><a name="intranet">Running Postfix behind a firewall</a></h2>
<p> The simplest way to set up Postfix on a host behind a firewalled

9
postfix/proto/canonical
View File

@@ -30,6 +30,13 @@
# done in a slightly different way as described below under
# "REGULAR EXPRESSION TABLES" and "TCP-BASED TABLES".
#
# By default the \fBcanonical\fR mapping affects both message
# header addresses (i.e. addresses that appear inside messages)
# and message envelope addresses (for example, the addresses
# that are used in SMTP protocol commands). Think Sendmail
# rule set \fBS3\fR, if you like. This is controlled with
# the \fBcanonical_classes\fR parameter.
#
# The \fBcanonical\fR mapping affects both message header addresses
# (i.e. addresses that appear inside messages) and message envelope
# addresses (for example, the addresses that are used in SMTP protocol
@@ -134,6 +141,8 @@
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
# .IP \fBcanonical_classes\fR
# What addresses are subject to canonical address mapping.
# .IP \fBcanonical_maps\fR
# List of canonical mapping tables.
# .IP \fBrecipient_canonical_maps\fR

2
postfix/proto/header_checks
View File

@@ -262,7 +262,7 @@
# .ti +4
# /^content-(type|disposition):.*name[[:space:]]*=.*\\.(exe|vbs)/
# .ti +8
# REJECT Bad attachment file name extension: $1
# REJECT Bad attachment file name extension: $2
#
# .ad
# .fi

119
postfix/proto/postconf.proto
View File

@@ -486,8 +486,11 @@ allow_mail_to_files = alias,forward,include
<p>
Allow a recipient address to have `-' as the first character. By
default, this is not allowed, to avoid accidents with software that
passes email addresses via the command line.
</p>
passes email addresses via the command line. Such software
would not be able to distinguish a malicious address from a
bona fide command-line option. Although this can be prevented by
inserting a "--" option terminator into the command line, this is
difficult to enforce consistently and globally. </p>
%PARAM allow_percent_hack yes
@@ -655,7 +658,8 @@ proportionally. </p>
<p>
Optional address mapping lookup tables for message headers and
envelopes. The mapping is applied to both sender and recipient
addresses, in both envelopes and in headers. This is typically used
addresses, in both envelopes and in headers, as controlled
with the canonical_classes parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
are documented in canonical(5).
@@ -677,6 +681,35 @@ canonical_maps = dbm:/etc/postfix/canonical
canonical_maps = hash:/etc/postfix/canonical
</pre>
%PARAM canonical_classes envelope_sender, envelope_recipient, header_sender, header_recipient
<p> What addresses are subject to canonical_maps address mapping.
By default, canonical_maps address mapping is applied to envelope
sender and recipient addresses, and to header sender and header
recipient addresses. </p>
<p> Specify one or more of: envelope_sender, envelope_recipient,
header_sender, header_recipient </p>
%PARAM sender_canonical_classes envelope_sender, header_sender
<p> What addresses are subject to sender_canonical_maps address
mapping. By default, sender_canonical_maps address mapping is
applied to envelope sender addresses, and to header sender addresses.
</p>
<p> Specify one or more of: envelope_sender, header_sender </p>
%PARAM recipient_canonical_classes envelope_recipient, header_recipient
<p> What addresses are subject to recipient_canonical_maps address
mapping. By default, recipient_canonical_maps address mapping is
applied to envelope recipient addresses, and to header recipient
addresses. </p>
<p> Specify one or more of: envelope_recipient, header_recipient
</p>
%PARAM command_directory see "postconf -d" output
<p>
@@ -1507,6 +1540,26 @@ machine. The parameter also controls delivery of mail to
user@[ip.address].
</p>
<p>
When inet_interfaces consists of just one IP address that is not a
loopback (net 127) address, the Postfix SMTP client will use this address
as the IP source address for outbound mail. </p>
<p>
On a multi-homed firewall with separate Postfix instances listening on the
"inside" and "outside" interfaces, this can prevent each instance from
being able to reach servers on the "other side" of the firewall. Setting
smtp_bind_address to 0.0.0.0 avoids the potential problem. </p>
<p>
A better solution is to leave inet_interfaces at the default value
and instead use explicit IP addresses in master.cf. This preserves SMTP
loop detection, by ensuring that each side of the firewall knows that the
other IP address is still the same host. Setting $inet_interfaces to a
single IP address is primarily useful with virtual hosting of domains on
secondary IP addresses, when each IP address serves a different domain
(and has a different $myhostname setting). </p>
<p>
See also the proxy_interfaces parameter, for network addresses that
are forwarded to us by way of a proxy or address translator.
@@ -3172,6 +3225,12 @@ for example:
smtp ... smtp -o smtp_bind_address=11.22.33.44
</pre>
<p> Note: when inet_interfaces specifies exactly one address that
is a non-loopback address, it is automatically used as the
smtp_bind_address. This supports virtual IP hosting, but can be
a problem on multi-homed firewalls. See the inet_interfaces
documentation for more detail. </p>
%PARAM smtp_connection_cache_time_limit 2s
<p> When SMTP session caching is enabled, the amount of time that
@@ -3654,6 +3713,29 @@ Example:
smtp_sasl_security_options = noplaintext
</pre>
%PARAM smtp_sasl_mechanism_filter
<p>
If non-empty, filters the SMTP server's list of offered SASL mechanisms.
Different client and server implementations may support different
mechanism lists. By default, the client will use the intersection of the
two. smtp_sasl_mechanism_filter further restricts what server mechanisms
the client will take into consideration. </p>
<p> Specify mechanism names, "/file/name" patterns or "type:table"
lookup tables. The right-hand side result from "type:table" lookups
is ignored. </p>
<p>
Examples:
</p>
<pre>
smtp_sasl_mechanism_filter = plain, login
smtp_sasl_mechanism_filter = /etc/postfix/smtp_mechs
smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
</pre>
%PARAM smtp_send_xforward_command no
<p>
@@ -6484,9 +6566,8 @@ from filling up with undeliverable MAILER-DAEMON messages.
or $proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
<li> The recipient domain matches $virtual_alias_maps but the
recipient is not listed in $virtual_alias_maps, and $virtual_alias_maps
is not null.
<li> The recipient domain matches $virtual_alias_domains but the
recipient is not listed in $virtual_alias_maps.
<li> The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
@@ -6515,9 +6596,8 @@ of forged mail from worms or viruses. </p>
$proxy_interfaces, but the recipient is not listed in
$local_recipient_maps, and $local_recipient_maps is not null.
<li> The sender domain matches $virtual_alias_maps but the recipient
is not listed in $virtual_alias_maps, and $virtual_alias_maps is
not null.
<li> The sender domain matches $virtual_alias_domains but the recipient
is not listed in $virtual_alias_maps.
<li> The sender domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
@@ -6729,9 +6809,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the virtual(8) delivery agent does
not allow table lookup through the proxymap(8) service, because
that would open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
</p>
%PARAM virtual_mailbox_base
@@ -6835,9 +6916,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the virtual(8) delivery agent disallows
table lookup through the proxymap(8) server, because that would
open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
</p>
%PARAM virtual_minimum_uid 100
@@ -6895,9 +6977,10 @@ lookup tables, because that would open a security hole.
</p>
<p>
Note 2: for security reasons, the virtual(8) delivery agent does
not allow table lookup through the proxymap(8) service, because
that would open a security hole.
Note 2: for security reasons, the virtual(8) delivery agent will
silently ignore requests to use the proxymap(8) server. Instead
it will open the table directly. Before Postfix version 2.2, the
virtual(8) delivery agent will terminate with a fatal error.
</p>
%PARAM config_directory see "postconf -d" output

1
postfix/proto/postconf.spec
View File

@@ -293,6 +293,7 @@
%PARAM smtp_sasl_auth_enable
%PARAM smtp_sasl_password_maps
%PARAM smtp_sasl_security_options
%PARAM smtp_sasl_mechanism_filter
%CLASS lmtp-sasl
%PARAM lmtp_sasl_auth_enable

10
postfix/src/cleanup/cleanup.c
View File

@@ -170,6 +170,16 @@
/* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
/* Optional lookup tables that alias specific mail addresses or domains
/* to other local or remote address.
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBcanonical_classes (envelope_sender, envelope_recipient, header_sender, header_recipient)\fR"
/* What addresses are subject to canonical_maps address mapping.
/* .IP "\fBrecipient_canonical_classes (envelope_recipient, header_recipient)\fR"
/* What addresses are subject to recipient_canonical_maps address
/* mapping.
/* .IP "\fBsender_canonical_classes (envelope_sender, header_sender)\fR"
/* What addresses are subject to sender_canonical_maps address
/* mapping.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi

11
postfix/src/cleanup/cleanup.h
View File

@@ -80,6 +80,9 @@ typedef struct CLEANUP_STATE {
extern MAPS *cleanup_comm_canon_maps;
extern MAPS *cleanup_send_canon_maps;
extern MAPS *cleanup_rcpt_canon_maps;
extern int cleanup_comm_canon_flags;
extern int cleanup_send_canon_flags;
extern int cleanup_rcpt_canon_flags;
extern MAPS *cleanup_header_checks;
extern MAPS *cleanup_mimehdr_checks;
extern MAPS *cleanup_nesthdr_checks;
@@ -91,6 +94,14 @@ extern int cleanup_masq_flags;
extern MAPS *cleanup_send_bcc_maps;
extern MAPS *cleanup_rcpt_bcc_maps;
/*
* Address canonicalization fine control.
*/
#define CLEANUP_CANON_FLAG_ENV_FROM (1<<0) /* envelope sender */
#define CLEANUP_CANON_FLAG_ENV_RCPT (1<<1) /* envelope recipient */
#define CLEANUP_CANON_FLAG_HDR_FROM (1<<2) /* header sender */
#define CLEANUP_CANON_FLAG_HDR_RCPT (1<<3) /* header recipient */
/*
* Address masquerading fine control.
*/

18
postfix/src/cleanup/cleanup_addr.c
View File

@@ -99,10 +99,12 @@ void cleanup_addr_sender(CLEANUP_STATE *state, const char *buf)
vstring_strcpy(clean_addr, "");
}
if (state->flags & CLEANUP_FLAG_MAP_OK) {
if (cleanup_send_canon_maps)
if (cleanup_send_canon_maps
&& (cleanup_send_canon_flags & CLEANUP_CANON_FLAG_ENV_FROM))
cleanup_map11_internal(state, clean_addr, cleanup_send_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_comm_canon_maps)
if (cleanup_comm_canon_maps
&& (cleanup_comm_canon_flags & CLEANUP_CANON_FLAG_ENV_FROM))
cleanup_map11_internal(state, clean_addr, cleanup_comm_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_masq_domains
@@ -130,10 +132,12 @@ void cleanup_addr_recipient(CLEANUP_STATE *state, const char *buf)
cleanup_rewrite_internal(clean_addr, *buf ? buf : var_empty_addr);
if (state->flags & CLEANUP_FLAG_MAP_OK) {
if (cleanup_rcpt_canon_maps)
if (cleanup_rcpt_canon_maps
&& (cleanup_rcpt_canon_flags & CLEANUP_CANON_FLAG_ENV_RCPT))
cleanup_map11_internal(state, clean_addr, cleanup_rcpt_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_comm_canon_maps)
if (cleanup_comm_canon_maps
&& (cleanup_comm_canon_flags & CLEANUP_CANON_FLAG_ENV_RCPT))
cleanup_map11_internal(state, clean_addr, cleanup_comm_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_masq_domains
@@ -160,10 +164,12 @@ void cleanup_addr_bcc(CLEANUP_STATE *state, const char *bcc)
cleanup_rewrite_internal(clean_addr, bcc);
if (state->flags & CLEANUP_FLAG_MAP_OK) {
if (cleanup_rcpt_canon_maps)
if (cleanup_rcpt_canon_maps
&& (cleanup_rcpt_canon_flags & CLEANUP_CANON_FLAG_ENV_RCPT))
cleanup_map11_internal(state, clean_addr, cleanup_rcpt_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_comm_canon_maps)
if (cleanup_comm_canon_maps
&& (cleanup_comm_canon_flags & CLEANUP_CANON_FLAG_ENV_RCPT))
cleanup_map11_internal(state, clean_addr, cleanup_comm_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_masq_domains

39
postfix/src/cleanup/cleanup_init.c
View File

@@ -97,6 +97,9 @@ int var_hopcount_limit; /* max mailer hop count */
char *var_canonical_maps; /* common canonical maps */
char *var_send_canon_maps; /* sender canonical maps */
char *var_rcpt_canon_maps; /* recipient canonical maps */
char *var_canon_classes; /* what to canonicalize */
char *var_send_canon_classes; /* what sender to canonicalize */
char *var_rcpt_canon_classes; /* what recipient to canonicalize */
char *var_virt_alias_maps; /* virtual alias maps */
char *var_masq_domains; /* masquerade domains */
char *var_masq_exceptions; /* users not masqueraded */
@@ -145,6 +148,9 @@ CONFIG_STR_TABLE cleanup_str_table[] = {
VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
VAR_SEND_CANON_MAPS, DEF_SEND_CANON_MAPS, &var_send_canon_maps, 0, 0,
VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
VAR_CANON_CLASSES, DEF_CANON_CLASSES, &var_canon_classes, 1, 0,
VAR_SEND_CANON_CLASSES, DEF_SEND_CANON_CLASSES, &var_send_canon_classes, 1, 0,
VAR_RCPT_CANON_CLASSES, DEF_RCPT_CANON_CLASSES, &var_rcpt_canon_classes, 1, 0,
VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
VAR_MASQ_DOMAINS, DEF_MASQ_DOMAINS, &var_masq_domains, 0, 0,
VAR_EMPTY_ADDR, DEF_EMPTY_ADDR, &var_empty_addr, 1, 0,
@@ -168,6 +174,9 @@ CONFIG_STR_TABLE cleanup_str_table[] = {
MAPS *cleanup_comm_canon_maps;
MAPS *cleanup_send_canon_maps;
MAPS *cleanup_rcpt_canon_maps;
int cleanup_comm_canon_flags;
int cleanup_send_canon_flags;
int cleanup_rcpt_canon_flags;
MAPS *cleanup_header_checks;
MAPS *cleanup_mimehdr_checks;
MAPS *cleanup_nesthdr_checks;
@@ -196,6 +205,24 @@ void cleanup_all(void)
void cleanup_pre_jail(char *unused_name, char **unused_argv)
{
static NAME_MASK send_canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
0,
};
static NAME_MASK rcpt_canon_class_table[] = {
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_RCPT, CLEANUP_CANON_FLAG_HDR_RCPT,
0,
};
static NAME_MASK canon_class_table[] = {
CANON_CLASS_ENV_FROM, CLEANUP_CANON_FLAG_ENV_FROM,
CANON_CLASS_ENV_RCPT, CLEANUP_CANON_FLAG_ENV_RCPT,
CANON_CLASS_HDR_FROM, CLEANUP_CANON_FLAG_HDR_FROM,
CANON_CLASS_HDR_RCPT, CLEANUP_CANON_FLAG_HDR_RCPT,
0,
};
static NAME_MASK masq_class_table[] = {
MASQ_CLASS_ENV_FROM, CLEANUP_MASQ_FLAG_ENV_FROM,
MASQ_CLASS_ENV_RCPT, CLEANUP_MASQ_FLAG_ENV_RCPT,
@@ -219,6 +246,18 @@ void cleanup_pre_jail(char *unused_name, char **unused_argv)
cleanup_virt_alias_maps = maps_create(VAR_VIRT_ALIAS_MAPS,
var_virt_alias_maps,
DICT_FLAG_LOCK);
if (*var_canon_classes)
cleanup_comm_canon_flags =
name_mask(VAR_CANON_CLASSES, canon_class_table,
var_canon_classes);
if (*var_send_canon_classes)
cleanup_send_canon_flags =
name_mask(VAR_CANON_CLASSES, send_canon_class_table,
var_send_canon_classes);
if (*var_rcpt_canon_classes)
cleanup_rcpt_canon_flags =
name_mask(VAR_CANON_CLASSES, rcpt_canon_class_table,
var_rcpt_canon_classes);
if (*var_masq_domains)
cleanup_masq_domains = argv_split(var_masq_domains, " ,\t\r\n");
if (*var_header_checks)

13
postfix/src/cleanup/cleanup_message.c
View File

@@ -177,10 +177,12 @@ static void cleanup_rewrite_sender(CLEANUP_STATE *state, HEADER_OPTS *hdr_opts,
for (tpp = addr_list; *tpp; tpp++) {
cleanup_rewrite_tree(*tpp);
if (state->flags & CLEANUP_FLAG_MAP_OK) {
if (cleanup_send_canon_maps)
if (cleanup_send_canon_maps
&& (cleanup_send_canon_flags & CLEANUP_CANON_FLAG_HDR_FROM))
cleanup_map11_tree(state, *tpp, cleanup_send_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_comm_canon_maps)
if (cleanup_comm_canon_maps
&& (cleanup_comm_canon_flags & CLEANUP_CANON_FLAG_HDR_FROM))
cleanup_map11_tree(state, *tpp, cleanup_comm_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_masq_domains
@@ -234,13 +236,14 @@ static void cleanup_rewrite_recip(CLEANUP_STATE *state, HEADER_OPTS *hdr_opts,
for (tpp = addr_list; *tpp; tpp++) {
cleanup_rewrite_tree(*tpp);
if (state->flags & CLEANUP_FLAG_MAP_OK) {
if (cleanup_rcpt_canon_maps)
if (cleanup_rcpt_canon_maps
&& (cleanup_rcpt_canon_flags & CLEANUP_CANON_FLAG_HDR_RCPT))
cleanup_map11_tree(state, *tpp, cleanup_rcpt_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_comm_canon_maps)
if (cleanup_comm_canon_maps
&& (cleanup_comm_canon_flags & CLEANUP_CANON_FLAG_HDR_RCPT))
cleanup_map11_tree(state, *tpp, cleanup_comm_canon_maps,
cleanup_ext_prop_mask & EXT_PROP_CANONICAL);
if (cleanup_masq_domains
&& (cleanup_masq_flags & CLEANUP_MASQ_FLAG_HDR_RCPT))
cleanup_masquerade_tree(*tpp, cleanup_masq_domains);

11
postfix/src/global/dict_proxy.c
View File

@@ -173,13 +173,18 @@ DICT *dict_proxy_open(const char *map, int open_flags, int dict_flags)
/*
* Sanity checks.
*/
if (dict_flags & DICT_FLAG_NO_PROXY)
msg_fatal("%s: %s map is not allowed for security sensitive data",
map, DICT_TYPE_PROXY);
if (open_flags != O_RDONLY)
msg_fatal("%s: %s map open requires O_RDONLY access mode",
map, DICT_TYPE_PROXY);
/*
* OK. If this map can't be proxied then we silently do a direct open.
* This allows sites to benefit from proxying the virtual mailbox maps
* without unnecessary pain.
*/
if (dict_flags & DICT_FLAG_NO_PROXY)
return (dict_open(map, open_flags, dict_flags));
/*
* Local initialization.
*/

27
postfix/src/global/mail_params.h
View File

@@ -334,6 +334,28 @@ extern char *var_send_canon_maps;
#define DEF_RCPT_CANON_MAPS ""
extern char *var_rcpt_canon_maps;
#define CANON_CLASS_ENV_FROM "envelope_sender"
#define CANON_CLASS_ENV_RCPT "envelope_recipient"
#define CANON_CLASS_HDR_FROM "header_sender"
#define CANON_CLASS_HDR_RCPT "header_recipient"
#define VAR_CANON_CLASSES "canonical_classes"
#define DEF_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \
CANON_CLASS_ENV_RCPT ", " \
CANON_CLASS_HDR_FROM ", " \
CANON_CLASS_HDR_RCPT
extern char *var_canon_classes;
#define VAR_SEND_CANON_CLASSES "sender_canonical_classes"
#define DEF_SEND_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \
CANON_CLASS_HDR_FROM
extern char *var_send_canon_classes;
#define VAR_RCPT_CANON_CLASSES "recipient_canonical_classes"
#define DEF_RCPT_CANON_CLASSES CANON_CLASS_ENV_RCPT ", " \
CANON_CLASS_HDR_RCPT
extern char *var_rcpt_canon_classes;
#define VAR_SEND_BCC_MAPS "sender_bcc_maps"
#define DEF_SEND_BCC_MAPS ""
extern char *var_send_bcc_maps;
@@ -980,6 +1002,10 @@ extern char *var_smtp_sasl_passwd;
#define DEF_SMTP_SASL_OPTS "noplaintext, noanonymous"
extern char *var_smtp_sasl_opts;
#define VAR_SMTP_SASL_MECHS "smtp_sasl_mechanism_filter"
#define DEF_SMTP_SASL_MECHS ""
extern char *var_smtp_sasl_mechs;
/*
* LMTP server. The soft error limit determines how many errors an LMTP
* client may make before we start to slow down; the hard error limit
@@ -2038,6 +2064,7 @@ extern int var_anvil_stat_time;
#define VAR_ANVIL_SERVICE "client_connection_rate_service"
#define DEF_ANVIL_SERVICE "local:" ANVIL_CLASS "/" ANVIL_SERVICE
extern char *var_anvil_service;
#endif
/* LICENSE

2
postfix/src/global/mail_version.h
View File

@@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
#define MAIL_RELEASE_DATE "20040801"
#define MAIL_RELEASE_DATE "20040827"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"

6
postfix/src/master/master.c
View File

@@ -209,7 +209,6 @@ int main(int argc, char **argv)
int fd;
int n;
int test_lock = 0;
int fd_limit = open_limit(0);
VSTRING *why;
WATCHDOG *watchdog;
ARGV *import_env;
@@ -252,10 +251,7 @@ int main(int argc, char **argv)
* of this we have to close descriptors > 2, and pray that doing so does
* not break things.
*/
if (fd_limit > 500)
fd_limit = 500;
for (fd = 3; fd < fd_limit; fd++)
(void) close(fd);
closefrom(3);
/*
* Initialize logging and exit handler.

8
postfix/src/postalias/Makefile.in
View File

@@ -22,7 +22,7 @@ update: ../../bin/$(PROG)
tests: test1 test2
test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-ABC1.ref
test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-uABC1.ref
./$(PROG) map.in
for key in abc ghi; \
do \
@@ -31,11 +31,11 @@ test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-ABC1.ref
./$(PROG) -f map.in
for key in ABC; \
do \
./$(PROG) -fq $${key} map.in | diff map-$${key}1.ref -; \
./$(PROG) -fq $${key} map.in | diff map-u$${key}1.ref -; \
done
rm -f map.in.db
test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-ABC2.ref
test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-uABC2.ref
./$(PROG) map.in
for key in abc ghi; \
do \
@@ -44,7 +44,7 @@ test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-ABC2.ref
./$(PROG) -f map.in
for key in ABC; \
do \
echo $${key} | ./$(PROG) -fq - map.in | diff map-$${key}2.ref -; \
echo $${key} | ./$(PROG) -fq - map.in | diff map-u$${key}2.ref -; \
done
rm -f map.in.db

0
postfix/src/postalias/map-ABC1.ref → postfix/src/postalias/map-uABC1.ref
View File

0
postfix/src/postalias/map-ABC2.ref → postfix/src/postalias/map-uABC2.ref
View File

8
postfix/src/postmap/Makefile.in
View File

@@ -25,7 +25,7 @@ update: ../../bin/$(PROG)
tests: test1 test2
test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-ABC1.ref
test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-uABC1.ref
./$(PROG) map.in
for key in abc ghi; \
do \
@@ -34,11 +34,11 @@ test1: $(PROG) map.in map-abc1.ref map-ghi1.ref map-ABC1.ref
./$(PROG) -f map.in
for key in ABC; \
do \
./$(PROG) -fq $${key} map.in | diff map-$${key}1.ref -; \
./$(PROG) -fq $${key} map.in | diff map-u$${key}1.ref -; \
done
rm -f map.in.db
test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-ABC2.ref
test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-uABC2.ref
./$(PROG) map.in
for key in abc ghi; \
do \
@@ -47,7 +47,7 @@ test2: $(PROG) map.in map-abc2.ref map-ghi2.ref map-ABC2.ref
./$(PROG) -f map.in
for key in ABC; \
do \
echo $${key} | ./$(PROG) -fq - map.in | diff map-$${key}2.ref -; \
echo $${key} | ./$(PROG) -fq - map.in | diff map-u$${key}2.ref -; \
done
rm -f map.in.db

0
postfix/src/postmap/map-ABC1.ref → postfix/src/postmap/map-uABC1.ref
View File

0
postfix/src/postmap/map-ABC2.ref → postfix/src/postmap/map-uABC2.ref
View File

1
postfix/src/sendmail/sendmail.c
View File

@@ -621,6 +621,7 @@ static void enqueue(const int flags, const char *encoding, const char *sender,
*/
rec_fputs(dst, REC_TYPE_MESG, "");
if (DEL_REQ_TRACE_ONLY(flags) != 0) {
rec_fprintf(dst, REC_TYPE_NORM, "From: %s", saved_sender);
rec_fprintf(dst, REC_TYPE_NORM, "Subject: probe");
if (recipients) {
rec_fprintf(dst, REC_TYPE_NORM, "To:");

6
postfix/src/smtp/smtp.c
View File

@@ -138,6 +138,10 @@
/* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
/* What authentication mechanisms the Postfix SMTP client is allowed
/* to use.
/* .PP
/* Available in Postfix version 2.2 and later:
/* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
/* If non-empty, filters the SMTP server's list of offered SASL mechanisms.
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
@@ -365,6 +369,7 @@ int var_smtp_never_ehlo;
char *var_smtp_sasl_opts;
char *var_smtp_sasl_passwd;
bool var_smtp_sasl_enable;
char *var_smtp_sasl_mechs;
char *var_smtp_bind_addr;
bool var_smtp_rand_addr;
int var_smtp_pix_thresh;
@@ -568,6 +573,7 @@ int main(int argc, char **argv)
VAR_ERROR_RCPT, DEF_ERROR_RCPT, &var_error_rcpt, 1, 0,
VAR_SMTP_SASL_PASSWD, DEF_SMTP_SASL_PASSWD, &var_smtp_sasl_passwd, 0, 0,
VAR_SMTP_SASL_OPTS, DEF_SMTP_SASL_OPTS, &var_smtp_sasl_opts, 0, 0,
VAR_SMTP_SASL_MECHS, DEF_SMTP_SASL_MECHS, &var_smtp_sasl_mechs, 0, 0,
VAR_SMTP_BIND_ADDR, DEF_SMTP_BIND_ADDR, &var_smtp_bind_addr, 0, 0,
VAR_SMTP_HELO_NAME, DEF_SMTP_HELO_NAME, &var_smtp_helo_name, 1, 0,
VAR_SMTP_HOST_LOOKUP, DEF_SMTP_HOST_LOOKUP, &var_smtp_host_lookup, 1, 0,

13
postfix/src/smtp/smtp_chat.c
View File

@@ -163,6 +163,18 @@ void smtp_chat_cmd(SMTP_SESSION *session, char *fmt,...)
*/
smtp_fputs(STR(session->buffer), LEN(session->buffer), session->stream);
/*
* Force flushing of output does not belong here. It is done in the
* smtp_loop() main protocol loop when reading the server response, and
* in smtp_helo() when reading the EHLO response after sending the EHLO
* command.
*
* If we do forced flush here, then we must longjmp() on error, and a
* matching "prepare for disaster" error handler must be set up before
* every smtp_chat_cmd() call.
*/
#if 0
/*
* Flush unsent data to avoid timeouts after slow DNS lookups.
*/
@@ -176,6 +188,7 @@ void smtp_chat_cmd(SMTP_SESSION *session, char *fmt,...)
vstream_longjmp(session->stream, SMTP_ERR_TIME);
if (vstream_ferror(session->stream))
vstream_longjmp(session->stream, SMTP_ERR_EOF);
#endif
}
/* smtp_chat_resp - read and process SMTP server response */

44
postfix/src/smtp/smtp_proto.c
View File

@@ -525,6 +525,14 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
#define CANT_RSET_THIS_SESSION \
(session->features |= SMTP_FEATURE_RSET_REJECTED)
/*
* Sanity check. We don't want smtp_chat() to inadvertently flush the
* output buffer. That means someone broke pipelining support.
*/
if (session->sndbufsize > VSTREAM_BUFSIZE)
msg_panic("bad sndbufsize %d > VSTREAM_BUFSIZE %d",
session->sndbufsize, VSTREAM_BUFSIZE);
/*
* Miscellaneous initialization. Some of this might be done in
* smtp_xfer() but that just complicates interfaces and data structures.
@@ -551,6 +559,42 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
next_rcpt = send_rcpt = recv_rcpt = 0;
mail_from_rejected = 0;
/*
* Prepare for disaster. This should not be needed because the design
* guarantees that no output is flushed before smtp_chat_resp() is
* called.
*
* 1) Every SMTP command fits entirely in a VSTREAM output buffer.
*
* 2) smtp_loop() never invokes smtp_chat_cmd() without making sure that
* there is sufficient space for the command in the output buffer.
*
* 3) smtp_loop() flushes the output buffer to avoid server timeouts.
*
* Changing any of these would violate the design, and would likely break
* SMTP pipelining.
*
* We set up the error handler anyway (only upon entry to avoid wasting
* resources) because 1) there is code below that expects that VSTREAM
* timeouts are enabled, and 2) this allows us to detect if someone broke
* Postfix by introducing spurious flush before read operations.
*/
if (send_state < SMTP_STATE_XFORWARD_NAME_ADDR
|| send_state > SMTP_STATE_QUIT)
msg_panic("%s: bad sender state %d (receiver state %d)",
myname, send_state, recv_state);
smtp_timeout_setup(session->stream,
*xfer_timeouts[send_state]);
if ((except = vstream_setjmp(session->stream)) != 0) {
msg_warn("smtp_proto: spurious flush before read in send state %d",
send_state);
RETURN(SENDING_MAIL ? smtp_stream_except(state, except,
xfer_states[send_state]) : -1);
}
/*
* The main protocol loop.
*/
do {
/*

1
postfix/src/smtp/smtp_sasl.h
View File

@@ -23,6 +23,7 @@ extern int smtp_sasl_helo_login(SMTP_STATE *);
extern void smtp_sasl_passivate(SMTP_SESSION *, VSTRING *);
extern int smtp_sasl_activate(SMTP_SESSION *, char *);
extern STRING_LIST *smtp_sasl_mechs;
/* LICENSE
/* .ad

11
postfix/src/smtp/smtp_sasl_glue.c
View File

@@ -190,6 +190,11 @@ static NAME_MASK smtp_sasl_sec_mask[] = {
*/
static MAPS *smtp_sasl_passwd_map;
/*
* Supported SASL mechanisms.
*/
STRING_LIST *smtp_sasl_mechs;
/* smtp_sasl_log - logging call-back routine */
static int smtp_sasl_log(void *unused_context, int priority,
@@ -343,6 +348,12 @@ void smtp_sasl_initialize(void)
if (sasl_client_init(callbacks) != SASL_OK)
msg_fatal("SASL library initialization");
/*
* Initialize optional supported mechanism matchlist
*/
if (*var_smtp_sasl_mechs)
smtp_sasl_mechs = string_list_init(MATCH_FLAG_NONE,
var_smtp_sasl_mechs);
}
/* smtp_sasl_connect - per-session client initialization */

50
postfix/src/smtp/smtp_sasl_proto.c
View File

@@ -61,6 +61,7 @@
#include <msg.h>
#include <mymalloc.h>
#include <stringops.h>
/* Global library. */
@@ -73,28 +74,67 @@
#ifdef USE_SASL_AUTH
/* smtp_sasl_compat_mechs - Trim server's mechanism list */
static const char *smtp_sasl_compat_mechs(const char *words)
{
static VSTRING *buf;
char *mech_list;
char *save_mech;
char *mech;
int ret;
/*
* Use server's mechanisms if no filter specified
*/
if (smtp_sasl_mechs == 0 || *words == 0)
return (words);
if (buf == 0)
buf = vstring_alloc(10);
VSTRING_RESET(buf);
VSTRING_TERMINATE(buf);
save_mech = mech_list = mystrdup(words);
while (mech = mystrtok(&mech_list, " \t")) {
if (string_list_match(smtp_sasl_mechs, mech)) {
if (VSTRING_LEN(buf) > 0)
VSTRING_ADDCH(buf, ' ');
vstring_strcat(buf, mech);
}
}
myfree(save_mech);
return (vstring_str(buf));
}
/* smtp_sasl_helo_auth - handle AUTH option in EHLO reply */
void smtp_sasl_helo_auth(SMTP_SESSION *session, const char *words)
{
const char *mech_list = smtp_sasl_compat_mechs(words);
/*
* XXX If the server offers a null list of authentication mechanisms,
* XXX If the server offers no compatible authentication mechanisms,
* then pretend that the server doesn't support SASL authentication.
*/
if (session->sasl_mechanism_list) {
if (strcasecmp(session->sasl_mechanism_list, words) == 0)
if (strcasecmp(session->sasl_mechanism_list, mech_list) == 0)
return;
myfree(session->sasl_mechanism_list);
msg_warn("%s offered AUTH option multiple times", session->namaddr);
session->sasl_mechanism_list = 0;
session->features &= ~SMTP_FEATURE_AUTH;
}
if (strlen(words) > 0) {
session->sasl_mechanism_list = mystrdup(words);
if (strlen(mech_list) > 0) {
session->sasl_mechanism_list = mystrdup(mech_list);
session->features |= SMTP_FEATURE_AUTH;
} else {
msg_warn("%s offered null AUTH mechanism list", session->namaddr);
msg_warn(*words ? "%s offered no supported AUTH mechanisms: '%s'" :
"%s offered null AUTH mechanism list",
session->namaddr, words);
}
}

1
postfix/src/smtpd/smtpd.c
View File

@@ -2438,6 +2438,7 @@ static void smtpd_proto(SMTPD_STATE *state, const char *service)
&& var_smtpd_delay_reject == 0
&& (state->access_denied = smtpd_check_client(state)) != 0) {
smtpd_chat_reply(state, "%s", state->access_denied);
state->error_count++;
} else {
smtpd_chat_reply(state, "220 %s", var_smtpd_banner);
}

28
postfix/src/util/sys_compat.c
View File

@@ -6,6 +6,9 @@
/* SYNOPSIS
/* #include <sys_defs.h>
/*
/* void closefrom(int lowfd)
/* int lowfd;
/*
/* const char *strerror(err)
/* int err;
/*
@@ -234,3 +237,28 @@ int dup2_pass_on_exec(int oldd, int newd)
}
#endif
#ifndef HAS_CLOSEFROM
#include <errno.h>
/* closefrom() - closes all file descriptors from the given one up */
int closefrom(int lowfd)
{
int fd_limit = open_limit(0);
int fd;
if (lowfd > fd_limit) {
errno = EINVAL;
return (-1);
}
if (fd_limit > 500)
fd_limit = 500;
for (fd = lowfd; fd < fd_limit; fd++)
(void) close(fd);
return (0);
}
#endif

23
postfix/src/util/sys_defs.h
View File

@@ -92,20 +92,28 @@
#define SOCKOPT_SIZE socklen_t
#endif
#if OpenBSD >= 200405 /* 3.5 */
#define HAS_CLOSEFROM
#endif
/* __NetBSD_Version__ is major+minor */
#if __NetBSD_Version__ >= 103000000 /* XXX */
#if __NetBSD_Version__ >= 103000000 /* XXX maybe earlier */
#undef DEF_MAILBOX_LOCK
#define DEF_MAILBOX_LOCK "flock, dotlock"
#endif
#if __NetBSD_Version__ >= 105000000 /* XXX */
#if __NetBSD_Version__ >= 105000000 /* XXX maybe earlier */
#define HAS_ISSETUGID
#endif
#if __NetBSD_Version__ >= 106000000 /* XXX */
#if __NetBSD_Version__ >= 106000000 /* XXX maybe earlier */
#define SOCKADDR_SIZE socklen_t
#define SOCKOPT_SIZE socklen_t
#endif
#if __NetBSD_Version__ >= 200060000 /* 2.0F */
#define HAS_CLOSEFROM
#endif
/*
@@ -303,6 +311,10 @@ extern int opterr;
#define HAS_VOLATILE_LOCKS
#define BROKEN_READ_SELECT_ON_TCP_SOCKET
#if SOLARIS >= 20900 || (SOLARIS < 10000 && SOLARIS >= 209)
#define HAS_CLOSEFROM
#endif
/*
* Allow build environment to override paths.
*/
@@ -1067,6 +1079,11 @@ extern int setsid(void);
#endif
#ifndef HAS_CLOSEFROM
extern int closefrom(int);
#endif
#ifdef MISSING_STD_FILENOS
#define STDIN_FILENO 0
#define STDOUT_FILENO 1

8
postfix/src/util/vstream.c
View File

@@ -543,14 +543,14 @@ static int vstream_fflush_some(VSTREAM *stream, int to_flush)
* any.
*/
for (data = (char *) bp->data, len = to_flush; len > 0; len -= n, data += n) {
if (stream->timeout)
stream->iotime = time((time_t *) 0);
if ((n = stream->write_fn(stream->fd, data, len, stream->timeout, stream->context)) <= 0) {
bp->flags |= VSTREAM_FLAG_ERR;
if (errno == ETIMEDOUT)
bp->flags |= VSTREAM_FLAG_TIMEOUT;
return (VSTREAM_EOF);
}
if (stream->timeout)
stream->iotime = time((time_t *) 0);
if (msg_verbose > 2 && stream != VSTREAM_ERR && n != to_flush)
msg_info("%s: %d flushed %d/%d", myname, stream->fd, n, to_flush);
}
@@ -674,8 +674,6 @@ static int vstream_buf_get_ready(VBUF *bp)
* data as is available right now, whichever is less. Update the cached
* file seek position, if any.
*/
if (stream->timeout)
stream->iotime = time((time_t *) 0);
switch (n = stream->read_fn(stream->fd, bp->data, bp->len, stream->timeout, stream->context)) {
case -1:
bp->flags |= VSTREAM_FLAG_ERR;
@@ -686,6 +684,8 @@ static int vstream_buf_get_ready(VBUF *bp)
bp->flags |= VSTREAM_FLAG_EOF;
return (VSTREAM_EOF);
default:
if (stream->timeout)
stream->iotime = time((time_t *) 0);
if (msg_verbose > 2)
msg_info("%s: fd %d got %d", myname, stream->fd, n);
bp->cnt = -n;

2
postfix/src/util/vstream_popen.c
View File

@@ -213,6 +213,8 @@ VSTREAM *vstream_popen(int flags,...)
switch (pid = fork()) {
case -1: /* error */
(void) close(sockfd[0]);
(void) close(sockfd[1]);
return (0);
case 0: /* child */
if (close(sockfd[1]))