postfix-2.6-20080115

2025-08-30 21:55:20 +00:00 · 2008-01-15 00:00:00 -05:00
parent c3c54cab07
commit 85a879816e
22 changed files with 1509 additions and 420 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -14252,3 +14252,16 @@ Apologies for any names omitted.
 	Safety: the smtpd_client_new_tls_session_rate_limit setting
 	now also limits the number of failed TLS handshakes. This
 	limits the impact of broken configurations. File: smtpd/smtpd.c.
 20080115
 	Bugfix (introduced 20080112): Patrik Rak found two bugs
 	that largely canceled each other out, causing Postfix not
 	to complain about a missing "proxy:" prefix with the new
 	smtp_sasl_auth_cache_name parameter setting. File:
 	smtp/smtp_sasl_glue.c.
 	Documentation: new SOHO_README file for small/home offices.
 	The text is automatically generated from bits and pieces of
 	information that are scattered across other documents.
 	File: mantools/make_soho_readme.
--- a/postfix/README_FILES/AAAREADME
+++ b/postfix/README_FILES/AAAREADME
@@ -4,6 +4,7 @@
 GGeenneerraall ccoonnffiigguurraattiioonn
  * BASIC_CONFIGURATION_README: Basic configuration
  * SOHO_README: Small/home office hints and tips
  * STANDARD_CONFIGURATION_README: Standard configuration examples
  * ADDRESS_REWRITING_README: Address rewriting
  * VIRTUAL_README: Virtual domain hosting
@@ -25,6 +26,7 @@ CCoonntteenntt iinnssppeeccttiioonn
  * CONTENT_INSPECTION_README: Content inspection overview
  * BACKSCATTER_README: Stopping backscatter mail
  * BUILTIN_FILTER_README: Built-in content inspection
  * FILTER_README: After-queue content filter
  * SMTPD_PROXY_README: Before-queue content filter
  * MILTER_README: Before-queue Milter applications
--- a/postfix/README_FILES/SASL_README
+++ b/postfix/README_FILES/SASL_README
@@ -39,6 +39,7 @@ This document covers the following topics:
  * Testing SASL authentication in the Postfix SMTP server
  * Trouble shooting the SASL internals
  * Enabling SASL authentication in the Postfix SMTP client
  * Supporting multiple ISP accounts in the Postfix SMTP client
  * Credits
 WWhhaatt SSAASSLL iimmpplleemmeennttaattiioonnss aarree ssuuppppoorrtteedd
@@ -423,55 +424,116 @@ relayhost parameter or with a transport(5) table.
        smtp_sasl_auth_enable = yes
        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
        smtp_sasl_type = cyrus
        relayhost = [mail.myisp.net]
        # Alternative form:
        # relayhost = [mail.myisp.net]:submission
    /etc/postfix/sasl_passwd:
        foo.com                     username:password
        bar.com                     username
        [mail.myisp.net]            username:password
        [mail.myisp.net]:submission username:password
-The Postfix SMTP client opens the SASL client password file before entering the
+Notes:
 optional chroot jail, so you can keep the file in /etc/postfix and set
 permissions read / write only for root to keep the username:password
 combinations away from other system users.
-Postfix version 2.3 supports-per-sender SASL password information. To search
+  * The "submission" destination port tells Postfix to send mail via TCP
-the Postfix SASL password by sender before it searches by destination, specify:
+    network port 587, which is normally reserved for email clients. The default
    is to send mail to the "smtp" destination port (TCP port 25), which is used
    for receiving mail across the internet. If you use an explicit destination
    port in main.cf, then you must use the same form also in the
    smtp_sasl_password_maps file.
  * Postfix does not deliver mail via TCP port 465 (the obsolete "wrappermode"
    protocol). See TLS_README for a solution that uses the "stunnel" command.
  * The "[" and "]" prevent Postfix from looking up the MX (mail exchanger)
    records for the enclosed name. If you use this form in main.cf, then you
    must use the same form also in the smtp_sasl_password_maps file.
  * The Postfix SMTP client opens the SASL client password file before entering
    the optional chroot jail, so you can keep the file in /etc/postfix and set
    permissions read / write only for root to keep the username:password
    combinations away from other system users.
  * Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
    files. To find out what lookup tables Postfix supports, use the command
    "ppoossttccoonnff --mm".
  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
    the sasl_passwd table.
 Workarounds:
  * Some remote SMTP servers support PLAIN or LOGIN authentication only. By
    default, the Postfix SMTP client does not use authentication methods that
    send plaintext passwords, and defers delivery with the following error
    message: "Authentication failed: cannot SASL authenticate to server". To
    enable plaintext authentication specify, for example:
        /etc/postfix/main.cf:
            smtp_sasl_security_options = noanonymous
  * Some remote SMTP servers announce authentication mechanisms that don't
    actually work. It is possible via the smtp_sasl_mechanism_filter parameter
    to restrict the list of server mechanisms that the Postfix SMTP client will
    take into consideration:
        /etc/postfix/main.cf:
            smtp_sasl_mechanism_filter = !gssapi, !external, static:all
    In the above example, the Postfix SMTP client will decline to use
    mechanisms that require special infrastructure such as Kerberos or TLS.
  * The Postfix SMTP client is backwards compatible with SMTP servers that use
    the non-standard "AUTH=method..." syntax in response to the EHLO command;
    there is no Postfix client configuration needed to work around it.
 SSuuppppoorrttiinngg mmuullttiippllee IISSPP aaccccoouunnttss iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
 Postfix version 2.3 supports multiple ISP accounts. This can be useful when one
 person uses the same machine for work and for personal use, or when people with
 different ISP accounts share the same Postfix server. To make this possible,
 Postfix 2.3 supports per-sender SASL passwords and per-sender relay hosts. In
 the example below, Postfix will search the SASL password file by sender before
 it searches that same file by destination. Likewise, Postfix will search the
 per-sender relayhost file, and use the default relayhost only as a final
 resort.
    /etc/postfix/main.cf:
        smtp_sender_dependent_authentication = yes
        sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
        smtp_sasl_auth_enable = yes
        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
        relayhost = [mail.myisp.net]
        # Alternative form:
        # relayhost = [mail.myisp.net]:submission
    /etc/postfix/sasl_passwd:
-        user@example.com            username:password
+        # Per-sender authentication; see also /etc/postfix/sender_relay.
-        bar.com                     username
+        user1@example.com           username2:password2
        user2@example.net           username2:password2
        # Login information for the default relayhost.
        [mail.myisp.net]            username:password
        [mail.myisp.net]:submission username:password
-Note: some remote SMTP servers support PLAIN or LOGIN authentication only. By
+    /etc/postfix/sender_relay:
-default, the Postfix SMTP client does not use authentication methods that send
+        # Per-sender provider; see also /etc/postfix/sasl_passwd.
-plaintext passwords, and defers delivery with the following error message:
+        user1@example.com           [mail.example.com]:submission
-"Authentication failed: cannot SASL authenticate to server". To enable
+        user2@example.net           [mail.example.net]
 plaintext authentication specify, for example:
-    /etc/postfix/main.cf:
+Notes:
        smtp_sasl_security_options = noanonymous
-Note: some remote SMTP servers announce authentication mechanisms that don't
+  * If you are creative, then you can try to combine the two tables into one
-actually work. It is possible via the smtp_sasl_mechanism_filter parameter to
+    single MySQL database, and configure different Postfix queries to extract
-restrict the list of server mechanisms that the Postfix SMTP client will take
+    the appropriate information.
 into consideration:
-    /etc/postfix/main.cf:
+  * Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
-        smtp_sasl_mechanism_filter = !gssapi, !external, static:all
+    files. To find out what lookup tables Postfix supports, use the command
    "ppoossttccoonnff --mm".
-In the above example, the Postfix SMTP client will decline to use mechanisms
+  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
-that require special infrastructure such as Kerberos or TLS.
+    the sasl_passwd table.
-The Postfix SMTP client is backwards compatible with SMTP servers that use the
+  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//sseennddeerr__rreellaayy" whenever you change
-non-standard "AUTH=method..." syntax in response to the EHLO command; there is
+    the sender_relay table.
 no Postfix client configuration needed to work around it.
 CCrreeddiittss
--- a/postfix/README_FILES/SOHO_README
+++ b/postfix/README_FILES/SOHO_README
@@ -0,0 +1,276 @@
 PPoossttffiixx SSmmaallll//HHoommee OOffffiiccee HHiinnttss aanndd TTiippss
 -------------------------------------------------------------------------------
 OOvveerrvviieeww
 This document combines hints and tips for "small office/home office"
 applications into one document so that they are easier to find. The text
 describes the mail sending side only. If your machine does not receive mail
 directly (i.e. it does not have its own Internet domain name and its own fixed
 IP address), then you will need a solution such as "fetchmail", which is
 outside the scope of the Postfix documentation.
  * Selected topics from the STANDARD_CONFIGURATION_README document:
      o Postfix on a stand-alone Internet host
      o Postfix on hosts without a real Internet hostname
    Selected topics from the SASL_README document:
      o Enabling SASL authentication in the Postfix SMTP client
      o Supporting multiple ISP accounts in the Postfix SMTP client
 See the SASL_README and STANDARD_CONFIGURATION_README documents for further
 information on these topics.
 PPoossttffiixx oonn aa ssttaanndd--aalloonnee IInntteerrnneett hhoosstt
 Postfix should work out of the box without change on a stand-alone machine that
 has direct Internet access. At least, that is how Postfix installs when you
 download the Postfix source code via http://www.postfix.org/.
 You can use the command "ppoossttccoonnff --nn" to find out what settings are overruled
 by your main.cf. Besides a few pathname settings, few parameters should be set
 on a stand-alone box, beyond what is covered in the BASIC_CONFIGURATION_README
 document:
    /etc/postfix/main.cf:
        # Optional: send mail as user@domainname instead of user@hostname.
        #myorigin = $mydomain
        # Optional: specify NAT/proxy external address.
        #proxy_interfaces = 1.2.3.4
        # Alternative 1: don't relay mail from other hosts.
        mynetworks_style = host
        relay_domains =
        # Alternative 2: relay mail from local clients only.
        # mynetworks = 192.168.1.0/28
        # relay_domains =
 See also the section "Postfix on hosts without a real Internet hostname" if
 this is applicable to your configuration.
 PPoossttffiixx oonn hhoossttss wwiitthhoouutt aa rreeaall IInntteerrnneett hhoossttnnaammee
 This section is for hosts that don't have their own Internet hostname.
 Typically these are systems that get a dynamic IP address via DHCP or via
 dialup. Postfix will let you send and receive mail just fine between accounts
 on a machine with a fantasy name. However, you cannot use a fantasy hostname in
 your email address when sending mail into the Internet, because no-one would be
 able to reply to your mail. In fact, more and more sites refuse mail addresses
 with non-existent domain names.
 Note: the following information is Postfix version dependent. To find out what
 Postfix version you have, execute the command "ppoossttccoonnff mmaaiill__vveerrssiioonn".
 SSoolluuttiioonn 11:: PPoossttffiixx vveerrssiioonn 22..22 aanndd llaatteerr
 Postfix 2.2 uses the generic(5) address mapping to replace local fantasy email
 addresses by valid Internet addresses. This mapping happens ONLY when mail
 leaves the machine; not when you send mail between users on the same machine.
 The following example presents additional configuration. You need to combine
 this with basic configuration information as discussed the first half of this
 document.
    1 /etc/postfix/main.cf:
    2     smtp_generic_maps = hash:/etc/postfix/generic
    3
    4 /etc/postfix/generic:
    5     his@localdomain.local             hisaccount@hisisp.example
    6     her@localdomain.local             heraccount@herisp.example
    7     @localdomain.local                hisaccount+local@hisisp.example
 When mail is sent to a remote host via SMTP:
  * Line 5 replaces his@localdomain.local by his ISP mail address,
  * Line 6 replaces her@localdomain.local by her ISP mail address, and
  * Line 7 replaces other local addresses by his ISP account, with an address
    extension of +local (this example assumes that the ISP supports "+" style
    address extensions).
 Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb files.
 To find out what lookup tables Postfix supports, use the command "ppoossttccoonnff --mm".
 Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ggeenneerriicc" whenever you change the
 generic table.
 SSoolluuttiioonn 22:: PPoossttffiixx vveerrssiioonn 22..11 aanndd eeaarrlliieerr
 The solution with older Postfix systems is to use valid Internet addresses
 where possible, and to let Postfix map valid Internet addresses to local
 fantasy addresses. With this, you can send mail to the Internet and to local
 fantasy addresses, including mail to local fantasy addresses that don't have a
 valid Internet address of their own.
 The following example presents additional configuration. You need to combine
 this with basic configuration information as discussed the first half of this
 document.
     1 /etc/postfix/main.cf:
     2     myhostname = hostname.localdomain
     3     mydomain = localdomain
     4
     5     canonical_maps = hash:/etc/postfix/canonical
     6
     7     virtual_alias_maps = hash:/etc/postfix/virtual
     8
     9 /etc/postfix/canonical:
    10     your-login-name    your-account@your-isp.com
    11
    12 /etc/postfix/virtual:
    13     your-account@your-isp.com       your-login-name
 Translation:
  * Lines 2-3: Substitute your fantasy hostname here. Do not use a domain name
    that is already in use by real organizations on the Internet. See RFC 2606
    for examples of domain names that are guaranteed not to be owned by anyone.
  * Lines 5, 9, 10: This provides the mapping from "your-login-
    name@hostname.localdomain" to "your-account@your-isp.com". This part is
    required.
  * Lines 7, 12, 13: Deliver mail for "your-account@your-isp.com" locally,
    instead of sending it to the ISP. This part is not required but is
    convenient.
 Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb files.
 To find out what lookup tables Postfix supports, use the command "ppoossttccoonnff --mm".
 Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ccaannoonniiccaall" whenever you change the
 canonical table.
 Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//vviirrttuuaall" whenever you change the
 virtual table.
 EEnnaabblliinngg SSAASSLL aauutthheennttiiccaattiioonn iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
 Turn on client-side SASL authentication, and specify a table with per-host or
 per-destination username and password information. The Postfix SMTP client
 first searches the table for an entry with the remote SMTP server hostname; if
 no entry is found, then the Postfix SMTP client searches the table for an entry
 with the next-hop destination. Usually, that is the right-hand part of an email
 address, but it can also be the information that is specified with the
 relayhost parameter or with a transport(5) table.
    /etc/postfix/main.cf:
        smtp_sasl_auth_enable = yes
        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
        smtp_sasl_type = cyrus
        relayhost = [mail.myisp.net]
        # Alternative form:
        # relayhost = [mail.myisp.net]:submission
    /etc/postfix/sasl_passwd:
        [mail.myisp.net]            username:password
        [mail.myisp.net]:submission username:password
 Notes:
  * The "submission" destination port tells Postfix to send mail via TCP
    network port 587, which is normally reserved for email clients. The default
    is to send mail to the "smtp" destination port (TCP port 25), which is used
    for receiving mail across the internet. If you use an explicit destination
    port in main.cf, then you must use the same form also in the
    smtp_sasl_password_maps file.
  * Postfix does not deliver mail via TCP port 465 (the obsolete "wrappermode"
    protocol). See TLS_README for a solution that uses the "stunnel" command.
  * The "[" and "]" prevent Postfix from looking up the MX (mail exchanger)
    records for the enclosed name. If you use this form in main.cf, then you
    must use the same form also in the smtp_sasl_password_maps file.
  * The Postfix SMTP client opens the SASL client password file before entering
    the optional chroot jail, so you can keep the file in /etc/postfix and set
    permissions read / write only for root to keep the username:password
    combinations away from other system users.
  * Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
    files. To find out what lookup tables Postfix supports, use the command
    "ppoossttccoonnff --mm".
  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
    the sasl_passwd table.
 Workarounds:
  * Some remote SMTP servers support PLAIN or LOGIN authentication only. By
    default, the Postfix SMTP client does not use authentication methods that
    send plaintext passwords, and defers delivery with the following error
    message: "Authentication failed: cannot SASL authenticate to server". To
    enable plaintext authentication specify, for example:
        /etc/postfix/main.cf:
            smtp_sasl_security_options = noanonymous
  * Some remote SMTP servers announce authentication mechanisms that don't
    actually work. It is possible via the smtp_sasl_mechanism_filter parameter
    to restrict the list of server mechanisms that the Postfix SMTP client will
    take into consideration:
        /etc/postfix/main.cf:
            smtp_sasl_mechanism_filter = !gssapi, !external, static:all
    In the above example, the Postfix SMTP client will decline to use
    mechanisms that require special infrastructure such as Kerberos or TLS.
  * The Postfix SMTP client is backwards compatible with SMTP servers that use
    the non-standard "AUTH=method..." syntax in response to the EHLO command;
    there is no Postfix client configuration needed to work around it.
 SSuuppppoorrttiinngg mmuullttiippllee IISSPP aaccccoouunnttss iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
 Postfix version 2.3 supports multiple ISP accounts. This can be useful when one
 person uses the same machine for work and for personal use, or when people with
 different ISP accounts share the same Postfix server. To make this possible,
 Postfix 2.3 supports per-sender SASL passwords and per-sender relay hosts. In
 the example below, Postfix will search the SASL password file by sender before
 it searches that same file by destination. Likewise, Postfix will search the
 per-sender relayhost file, and use the default relayhost only as a final
 resort.
    /etc/postfix/main.cf:
        smtp_sender_dependent_authentication = yes
        sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
        smtp_sasl_auth_enable = yes
        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
        relayhost = [mail.myisp.net]
        # Alternative form:
        # relayhost = [mail.myisp.net]:submission
    /etc/postfix/sasl_passwd:
        # Per-sender authentication; see also /etc/postfix/sender_relay.
        user1@example.com           username2:password2
        user2@example.net           username2:password2
        # Login information for the default relayhost.
        [mail.myisp.net]            username:password
        [mail.myisp.net]:submission username:password
    /etc/postfix/sender_relay:
        # Per-sender provider; see also /etc/postfix/sasl_passwd.
        user1@example.com           [mail.example.com]:submission
        user2@example.net           [mail.example.net]
 Notes:
  * If you are creative, then you can try to combine the two tables into one
    single MySQL database, and configure different Postfix queries to extract
    the appropriate information.
  * Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
    files. To find out what lookup tables Postfix supports, use the command
    "ppoossttccoonnff --mm".
  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
    the sasl_passwd table.
  * Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//sseennddeerr__rreellaayy" whenever you change
    the sender_relay table.
--- a/postfix/README_FILES/STANDARD_CONFIGURATION_README
+++ b/postfix/README_FILES/STANDARD_CONFIGURATION_README
@@ -45,10 +45,14 @@ document:
        # Optional: specify NAT/proxy external address.
        #proxy_interfaces = 1.2.3.4
-        # Don't relay mail from other hosts.
+        # Alternative 1: don't relay mail from other hosts.
        mynetworks_style = host
        relay_domains =
        # Alternative 2: relay mail from local clients only.
        # mynetworks = 192.168.1.0/28
        # relay_domains =
 See also the section "Postfix on hosts without a real Internet hostname" if
 this is applicable to your configuration.
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -1,340 +1,18 @@
-The stable Postfix release is called postfix-2.4.x where 2=major
+The stable Postfix release is called postfix-2.5.x where 2=major
-release number, 4=minor release number, x=patchlevel.  The stable
+release number, 5=minor release number, x=patchlevel.  The stable
 release never changes except for patches that address bugs or
 emergencies. Patches change the patchlevel and the release date.
 New features are developed in snapshot releases. These are called
-postfix-2.5-yyyymmdd where yyyymmdd is the release date (yyyy=year,
+postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
 mm=month, dd=day).  Patches are never issued for snapshot releases;
 instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
-Incompatibility with Postfix 2.3 and earlier
+Incompatibility with Postfix 2.4 and earlier
 ============================================
-If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
+If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
 before proceeding.
 Incompatibility with Postfix snapshot 20080114
 ==============================================
 The Postfix SMTP client now by default defers mail after a remote
 SMTP server rejects a SASL authentication attempt.  Specify
 "smtp_sasl_auth_soft_bounce = no" for the old behavior.
 Major changes with Postfix snapshot 20080114
 ============================================
 The Postfix SMTP client can now avoid making repeated SASL login
 failures with the same server, username and password.  To enable
 this safety feature, specify for example "smtp_sasl_auth_cache_name
 = proxy:btree:/var/lib/postfix/sasl_auth_cache" (access through the
 proxy service is required). Instead of trying to SASL authenticate,
 the Postfix SMTP client defers or bounces mail as controlled with
 the new smtp_sasl_auth_soft_bounce configuration parameter.
 Incompatibility with Postfix snapshot 20080109
 ==============================================
 TLS logging output has changed to make it more useful. Existing
 logfile parser regular expressions may need adjustment.
 - More log entries include the "hostnamename[ipaddress]" of the
  remote SMTP peer.
 - Certificate trust chain error reports show only the first
  error certificate (closest to the trust chain root), and the
  reporting is more human-readable for the most likely errors.
 - After the completion of the TLS handshake, the session is logged
  with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
  "Verified" (SMTP client only).
  - "Untrusted" means that the certificate trust chain is invalid,
    or that the root CA is not trusted.
  - "Trusted" means that the certificate trust chain is valid, and
    that the root CA is trusted.
  - "Verified" means that the certificate meets the SMTP client's
    matching criteria for the destination:
    - In the case of a destination name match, "Verified" also
      implies "Trusted".
    - In the case of a fingerprint match, CA trust is not applicable.
 - The logging of protocol states with TLS loglevel >= 2 no longer
  reports bogus error conditions when OpenSSL asks Postfix to refill
  (or flush) network I/O buffers.  This loglevel is for debugging
  only; use 0 or 1 in production configurations.
 Major changes with Postfix snapshot 20080109
 ============================================
 The Postfix SMTP client has a new "fingerprint" security level.
 This avoids dependencies on CAs, and relies entirely on bi-lateral
 exchange of public keys (really self-signed or private CA signed
 X.509 public key certificates). Scalability is clearly limited. For
 details, see the fingerprint discussion in TLS_README.
 The Postfix SMTP server can now use SHA1 instead of MD5 to compute
 remote SMTP client certificate fingerprints. For backwards
 compatibility, the default algorithm is MD5.  For details, see the
 "smtpd_tls_fingerprint_digest" parameter in the postconf(5) manual.
 The maximum certificate trust chain depth (verifydepth) is finally
 implemented in the Postfix TLS library. Previously, the parameter
 had no effect. The default depth was changed to 9 (the OpenSSL
 default) for backwards compatibility.
 If you have explicity limited the verification depth in main.cf,
 check that the configured limit meets your needs. See the
 "lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
 "smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
 The selection of SSL/TLS protocols for mandatory TLS can now use
 exclusion rather than inclusion. Either form is acceptable; see the
 "lmtp_tls_mandatory_protocols", "smtp_tls_mandatory_protocols" and
 "smtpd_tls_mandatory_protocols" parameters in the postconf(5) manual.
 Major changes with Postfix snapshot 20080107
 ============================================
 New "pass" service type in master.cf.  Written years ago, this
 allows a future front-end daemon to accept all connections from the
 network, and forward only those from well-behaved clients to Postfix.
 Since this uses file descriptor passing, it imposes no overhead
 once a connection is handed over to Postfix. See master(5) for a
 few details.
 Incompatibility with Postfix snapshot 20071224
 ==============================================
 The protocol to send Milter information from smtpd(8) to cleanup(8)
 processes was cleaned up. If you use the Milter feature, and upgrade
 a live Postfix system, you may see an "unexpected record type"
 warning from a cleanup(8) server process.  To prevent this, execute
 the command "postfix reload".  The incompatibility affects only
 systems that use the Milter feature. It does not cause loss of mail,
 just a minor delay until the remote SMTP client retries.
 Major changes with Postfix snapshot 20071221
 ============================================
 Support for most of the Sendmail 8.14 Milter protocol features.
 To enable the new features specify "milter_protocol = 6" and link
 the filter application with a libmilter library from Sendmail 8.14
 or later.
 Sendmail 8.14 Milter features supported at this time:
 - NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR, 
  NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
  to some of the SMTP events that Postfix sends. This makes the      
  protocol less chatty and improves performance.
 - SKIP: The filter can tell Postfix to skip sending the rest of    
  the message body, which also improves performance.
 - HDR_LEADSPC: The filter can request that Postfix does not delete 
  the first space character between header name and header value       
  when sending a header to the filter, and that Postfix does not
  insert a space character between header name and header value 
  when receiving a header from the filter.  This fixes a limitation
  in the old Milter protocol that can break DKIM and DK signatures.
 - SETSYMLIST: The filter can override one or more of the main.cf
  milter_xxx_macros parameter settings.
 Sendmail 8.14 Milter features not supported at this time:
 - RCPT_REJ: report rejected recipients to the mail filter. 
 - CHGFROM: replace sender, with optional ESMTP command parameters.
 - ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
 It is unclear when (if ever) the missing features will be implemented.
 SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
 processing and error handling.  SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
 require ESMTP command-line parsing in the cleanup server. Unfortunately,
 Sendmail's documentation does not specify what ESMTP options are
 supported, but only discusses examples of things that don't work.
 Incompatibility with Postfix snapshot 20071216
 ==============================================
 Due to an incompatible API change between OpenLDAP 2.0.11 and 2.0.12,
 an LDAP client compiled for OpenLDAP version <= 2.0.11 will refuse
 to work with an OpenLDAP library version >= 2.0.12 and vice versa.
 The SMTP "transcript of session" email now includes the remote SMTP
 server TCP port number.
 Incompatibility with Postfix snapshot 20071212
 ==============================================
 The allow_min_user feature now applies to both sender and recipient
 addresses in SMTP commands. With earlier Postfix versions, only
 recipients were subject to the allow_min_user feature, and the
 restriction took effect at mail delivery time, causing mail to be
 bounced later instead of being rejected immediately.
 Incompatibility with Postfix snapshot 20071206
 ==============================================
 The "make install" and "make upgrade" procedures now create a
 Postfix-owned directory for Postfix-writable data files such as
 caches and random numbers. The location is specified with the
 "data_directory" parameter (default: "/var/lib/postfix"), and the
 ownership is specified with the "mail_owner" parameter.
 The tlsmgr(8) and verify(8) servers no longer use root privileges
 when opening the address_verify_map, *_tls_session_cache_database,
 and tls_random_exchange_name cache files.  This avoids a potential
 security loophole where the ownership of a file (or directory) does
 not match the trust level of the content of that file (or directory).
 The tlsmgr(8) and verify(8) cache files should now be stored under
 the Postfix-owned data_directory.  As a migration aid, attempts to
 open these files under a non-Postfix directory are redirected to
 the Postfix-owned data_directory, and a warning is logged.
 This is an example of the warning messages:
    Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
 	to update file /etc/postfix/prng_exch in non-postfix directory
 	/etc/postfix
    Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
 	the request to postfix-owned data_directory /var/lib/postfix
 If you wish to continue using a pre-existing tls_random_exchange_name
 or address_verify_map file, move it to the Postfix-owned data_directory
 and change ownership to the account specified with the mail_owner
 configuration parameter.
 Major changes with Postfix snapshot 20071205
 ============================================
 The "make install" and "make upgrade" procedures now create a
 Postfix-owned directory for Postfix-writable data files such as
 caches and random numbers. The location is specified with the
 "data_directory" parameter (default: "/var/lib/postfix"), and the
 ownership is specified with the "mail_owner" parameter.
 Incompatibility with Postfix snapshot 20071203
 ==============================================
 The "make upgrade" procedure adds a new service "proxywrite" to the
 master.cf file, for read/write lookup table access. If you copy
 your old configuration file over the updated one, you will have
 to run "postfix upgrade-configuration" again.
 Major changes with Postfix snapshot 20071202
 ============================================
 Output rate control in the queue manager. For example, specify
 "smtp_delivery_rate_delay = 5m", to pause five minutes between
 message deliveries. More information in the postconf(5) manual
 under "default_delivery_rate_delay".
 Major changes with Postfix snapshot 20071130
 ============================================
 Revised queue manager with separate mechanisms for per-destination
 concurrency control and for dead destination detection.  The
 concurrency control supports less-than-1 feedback to allow for more
 gradual concurrency adjustments, and uses hysteresis to avoid rapid
 oscillations.  A destination is declared "dead" after a configurable
 number of pseudo-cohorts(*) reports connection or handshake failure.
 (*) A pseudo-cohort is a number of delivery requests equal to a
    destination's delivery concurrency.
 The drawbacks of the old +/-1 feedback scheduler are a) overshoot
 due to exponential delivery concurrency growth with each pseudo-cohort(*)
 (5-10-20...); b) throttling down to zero concurrency after a single
 pseudo-cohort(*) failure. The latter was especially an issue with
 low-concurrency channels where a single failure could be sufficient
 to mark a destination as "dead", and suspend further deliveries.
 New configuration parameters: destination_concurrency_feedback_debug,
 default_destination_concurrency_positive_feedback,
 default_destination_concurrency_negative_feedback,
 default_destination_concurrency_failed_cohort_limit, as well as
 transport-specific versions of the same.  See postconf(5) for
 extensive descriptions, and SCHEDULER_README for background information
 on the theory and practice of how these settings work.
 The default parameter settings are backwards compatible with older
 Postfix versions. This may change after better defaults are field
 tested.
 Major changes with Postfix snapshot 20071111
 ============================================
 Header/body checks are now available in the SMTP client, after the
 implementation was moved from the cleanup server to a library module.
 The SMTP client provides only actions that don't change the message
 delivery time or destination: warn, replace, prepend, ignore, dunno,
 ok.
 Major changes with Postfix snapshot 20070911
 ============================================
 Stress-adaptive behavior. When a "public" network service runs into
 an "all processes are busy" condition, the master(8) daemon logs a
 warning, restarts the service, and runs it with "-o stress=yes" on
 the command line (under normal conditions it runs the service with
 "-o stress=" on the command line).  This can be used to make main.cf
 parameter settings stress dependent, for example:
 /etc/postfix/main.cf:
    smtpd_timeout = ${stress?10}${stress:300}
    smtpd_hard_error_limit = ${stress?1}${stress:20}
 Translation: under conditions of stress, use an smtpd_timeout value
 of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
 instead of 20. The syntax is explained in the postconf(5) manpage.
 This feature needs further configuration and documentation, but is
 already useful in its present form.
 Major changes with Postfix snapshot 20070724
 ============================================
 Not really major. New support for RFC 3848 (Received: headers with
 ESMTPS, ESMTPA, or ESMTPSA); updated SASL support according to RFC
 4954, resulting in small changes to SMTP reply codes and (DSN)
 enhanced status codes.
 Incompatibility with Postfix snapshot 20070614
 ==============================================
 By default, the Postfix Cyrus SASL client no longer sends a SASL
 authoriZation ID (authzid); it sends only the SASL authentiCation
 ID (authcid) plus the authcid's password. Specify "send_cyrus_sasl_authzid
 = yes" to get the old behavior.
 Incompatibility with Postfix snapshot 20070613
 ==============================================
 The pipe(8) delivery agent no longer allows delivery with the same
 group ID as the main.cf postdrop group.
 Incompatibility with Postfix snapshot 20070514
 ==============================================
 The default sender address for address verification probes was
 changed from "postmaster" to "double-bounce", so that the Postfix
 SMTP server no longer causes surprising behavior by excluding
 "postmaster" from SMTP server access controls.
 Incompatibility with Postfix snapshot 20070422
 ==============================================
 When the pipe(8) delivery agent is configured to create the optional
 Delivered-To: header, it now first checks if that same header is
 already present in the message. If so, the message is returned as
 undeliverable. This test should have been included with Postfix 2.0
 when Delivered-To: support was added to the pipe(8) delivery agent.
--- a/postfix/RELEASE_NOTES-2.5
+++ b/postfix/RELEASE_NOTES-2.5
@@ -0,0 +1,376 @@
 The stable Postfix release is called postfix-2.5.x where 2=major
 release number, 5=minor release number, x=patchlevel.  The stable
 release never changes except for patches that address bugs or
 emergencies. Patches change the patchlevel and the release date.
 New features are developed in snapshot releases. These are called
 postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
 mm=month, dd=day).  Patches are never issued for snapshot releases;
 instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
 Incompatibility with Postfix 2.3 and earlier
 ============================================
 If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
 before proceeding.
 Major changes - critical
 ------------------------
 [Incompat 20071224] The protocol to send Milter information from
 smtpd(8) to cleanup(8) processes was cleaned up. If you use the
 Milter feature, and upgrade a live Postfix system, you may see an
 "unexpected record type" warning from a cleanup(8) server process.
 To prevent this, execute the command "postfix reload".  The
 incompatibility affects only systems that use the Milter feature.
 It does not cause loss of mail, just a minor delay until the remote
 SMTP client retries.
 [Incompat 20071212] The allow_min_user feature now applies to both
 sender and recipient addresses in SMTP commands. With earlier Postfix
 versions, only recipients were subject to the allow_min_user feature,
 and the restriction took effect at mail delivery time, causing mail
 to be bounced later instead of being rejected immediately.
 [Incompat 20071206] The "make install" and "make upgrade" procedures
 now create a Postfix-owned directory for Postfix-writable data files
 such as caches and random numbers. The location is specified with
 the "data_directory" parameter (default: "/var/lib/postfix"), and
 the ownership is specified with the "mail_owner" parameter.
 [Incompat 20071206] The tlsmgr(8) and verify(8) servers no longer
 use root privileges when opening the address_verify_map,
 *_tls_session_cache_database, and tls_random_exchange_name cache
 files.  This avoids a potential security loophole where the ownership
 of a file (or directory) does not match the trust level of the
 content of that file (or directory).
 [Incompat 20071206] The tlsmgr(8) and verify(8) cache files should
 now be stored as Postfix-owned files under the Postfix-owned
 data_directory.  As a migration aid, attempts to open these files
 under a non-Postfix directory are redirected to the Postfix-owned
 data_directory, and a warning is logged.
 This is an example of the warning messages:
    Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
 	to update file /etc/postfix/prng_exch in non-postfix directory
 	/etc/postfix
    Dec  6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
 	the request to postfix-owned data_directory /var/lib/postfix
 If you wish to continue using a pre-existing tls_random_exchange_name
 or address_verify_map file, move it to the Postfix-owned data_directory
 and change ownership from root to Postfix (that is, change ownership
 to the account specified with the mail_owner configuration parameter).
 [Feature 20071205] The "make install" and "make upgrade" procedures
 now create a Postfix-owned directory for Postfix-writable data files
 such as caches and random numbers. The location is specified with
 the "data_directory" parameter (default: "/var/lib/postfix"), and
 the ownership is specified with the "mail_owner" parameter.
 [Incompat 20071203] The "make upgrade" procedure adds a new service
 "proxywrite" to the master.cf file, for read/write lookup table
 access. If you copy your old configuration file over the updated
 one, you may see warnings in the maillog file like this:
   connect #xx to subsystem private/proxywrite: No such file or directory
 To recover, run "postfix upgrade-configuration" again.
 [Incompat 20070613] The pipe(8) delivery agent no longer allows
 delivery with the same group ID as the main.cf postdrop group.
 Major changes - malware defense
 -------------------------------
 [Feature 20080107] New "pass" service type in master.cf.  Written
 years ago, this allows future front-end daemons to accept all
 connections from the network, and to hand over connections from
 well-behaved clients to Postfix.  Since this feature uses file
 descriptor passing, it imposes no overhead once a connection is
 handed over to Postfix.  See master(5) for a few details.
 [Feature 20070911] Stress-adaptive behavior. When a "public" network
 service runs into an "all processes are busy" condition, the master(8)
 daemon logs a warning, restarts the service, and runs it with "-o
 stress=yes" on the command line (under normal conditions it runs
 the service with "-o stress=" on the command line).  This can be
 used to make main.cf parameter settings stress dependent, for
 example:
 /etc/postfix/main.cf:
    smtpd_timeout = ${stress?10}${stress:300}
    smtpd_hard_error_limit = ${stress?1}${stress:20}
 Translation: under conditions of stress, use an smtpd_timeout value
 of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
 instead of 20. The syntax is explained in the postconf(5) manpage.
 The STRESS_README file gives examples of how to mitigate flooding
 problems.
 Major changes - tls support
 ---------------------------
 [Incompat 20080109] TLS logging output has changed to make it more
 useful. Existing logfile parser regular expressions may need
 adjustment.
 - More log entries include the "hostnamename[ipaddress]" of the
  remote SMTP peer.
 - Certificate trust chain error reports show only the first
  error certificate (closest to the trust chain root), and the
  reporting is more human-readable for the most likely errors.
 - After the completion of the TLS handshake, the session is logged
  with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
  "Verified" (SMTP client only).
  - "Untrusted" means that the certificate trust chain is invalid,
    or that the root CA is not trusted.
  - "Trusted" means that the certificate trust chain is valid, and
    that the root CA is trusted.
  - "Verified" means that the certificate meets the SMTP client's
    matching criteria for the destination:
    - In the case of a destination name match, "Verified" also
      implies "Trusted".
    - In the case of a fingerprint match, CA trust is not applicable.
 - The logging of protocol states with TLS loglevel >= 2 no longer
  reports bogus error conditions when OpenSSL asks Postfix to refill
  (or flush) network I/O buffers.  This loglevel is for debugging
  only; use 0 or 1 in production configurations.
 [Feature 20080109] The Postfix SMTP client has a new "fingerprint"
 security level.  This avoids dependencies on CAs, and relies entirely
 on bi-lateral exchange of public keys (really self-signed or private
 CA signed X.509 public key certificates). Scalability is clearly
 limited. For details, see the fingerprint discussion in TLS_README.
 [Feature 20080109] The Postfix SMTP server can now use SHA1 instead
 of MD5 to compute remote SMTP client certificate fingerprints. For
 backwards compatibility, the default algorithm is MD5.  For details,
 see the "smtpd_tls_fingerprint_digest" parameter in the postconf(5)
 manual.
 [Feature 20080109] The maximum certificate trust chain depth
 (verifydepth) is finally implemented in the Postfix TLS library.
 Previously, the parameter had no effect. The default depth was
 changed to 9 (the OpenSSL default) for backwards compatibility.
 If you have explicity limited the verification depth in main.cf,
 check that the configured limit meets your needs. See the
 "lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
 "smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
 [Feature 20080109] The selection of SSL/TLS protocols for mandatory
 TLS can now use exclusion rather than inclusion. Either form is
 acceptable; see the "lmtp_tls_mandatory_protocols",
 "smtp_tls_mandatory_protocols" and "smtpd_tls_mandatory_protocols"
 parameters in the postconf(5) manual.
 Major changes - scheduler
 -------------------------
 [Feature 20071130] Revised queue manager with separate mechanisms
 for per-destination concurrency control and for dead destination
 detection.  The concurrency control supports less-than-1 feedback
 to allow for more gradual concurrency adjustments, and uses hysteresis
 to avoid rapid oscillations.  A destination is declared "dead" after
 a configurable number of pseudo-cohorts(*) reports connection or
 handshake failure.
 (*) A pseudo-cohort is a number of delivery requests equal to a
    destination's delivery concurrency.
 The drawbacks of the old +/-1 feedback scheduler are a) overshoot
 due to exponential delivery concurrency growth with each pseudo-cohort(*)
 (5-10-20...); b) throttling down to zero concurrency after a single
 pseudo-cohort(*) failure. The latter was especially an issue with
 low-concurrency channels where a single failure could be sufficient
 to mark a destination as "dead", and suspend further deliveries.
 New configuration parameters: destination_concurrency_feedback_debug,
 default_destination_concurrency_positive_feedback,
 default_destination_concurrency_negative_feedback,
 default_destination_concurrency_failed_cohort_limit, as well as
 transport-specific versions of the same.  See postconf(5) for
 extensive descriptions, and SCHEDULER_README for background information
 on the theory and practice of how these settings work.
 The default parameter settings are backwards compatible with older
 Postfix versions. This may change after better defaults are field
 tested.
 The SCHEDULER_README document describes the new concurrency scheduler,
 as well as Patrik Rak's preemptive job scheduler.
 Major changes - small/home office
 ---------------------------------
 [Feature 20080115] Preliminary SOHO_README document that combines
 bits and pieces from other document in one place, so that it is
 easier to find. This document describes the "mail sending" side
 only.
 [Feature 20071202] Output rate control in the queue manager. For
 example, specify "smtp_delivery_rate_delay = 5m", to pause five
 minutes between message deliveries. More information in the postconf(5)
 manual under "default_delivery_rate_delay".
 Major changes - smtp client
 ---------------------------
 [Incompat 20080114] The Postfix SMTP client now by default defers
 mail after a remote SMTP server rejects a SASL authentication
 attempt.  Specify "smtp_sasl_auth_soft_bounce = no" for the old
 behavior.
 [Feature 20080114] The Postfix SMTP client can now avoid making
 repeated SASL login failures with the same server, username and
 password.  To enable this safety feature, specify for example
 "smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache"
 (access through the proxy service is required). Instead of trying
 to SASL authenticate, the Postfix SMTP client defers or bounces
 mail as controlled with the new smtp_sasl_auth_soft_bounce configuration
 parameter.
 [Feature 20071111] Header/body checks are now available in the SMTP
 client, after the implementation was moved from the cleanup server
 to a library module.  The SMTP client provides only actions that
 don't change the message delivery time or destination: warn, replace,
 prepend, ignore, dunno, ok.
 [Incompat 20070614] By default, the Postfix Cyrus SASL client no
 longer sends a SASL authoriZation ID (authzid); it sends only the
 SASL authentiCation ID (authcid) plus the authcid's password. Specify
 "send_cyrus_sasl_authzid = yes" to get the old behavior.
 Major changes - smtp server
 ---------------------------
 [Feature 20070724] Not really major. New support for RFC 3848
 (Received: headers with ESMTPS, ESMTPA, or ESMTPSA); updated SASL
 support according to RFC 4954, resulting in small changes to SMTP
 reply codes and (DSN) enhanced status codes.
 Major changes - milter
 ----------------------
 [Incompat 20071224] The protocol to send Milter information from
 smtpd(8) to cleanup(8) processes was cleaned up. If you use the
 Milter feature, and upgrade a live Postfix system, you may see an
 "unexpected record type" warning from a cleanup(8) server process.
 To prevent this, execute the command "postfix reload".  The
 incompatibility affects only systems that use the Milter feature.
 It does not cause loss of mail, just a minor delay until the remote
 SMTP client retries.
 [Feature 20071221] Support for most of the Sendmail 8.14 Milter
 protocol features.
 To enable the new features specify "milter_protocol = 6" and link
 the filter application with a libmilter library from Sendmail 8.14
 or later.
 Sendmail 8.14 Milter features supported at this time:
 - NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR, 
  NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
  to some of the SMTP events that Postfix sends. This makes the      
  protocol less chatty and improves performance.
 - SKIP: The filter can tell Postfix to skip sending the rest of    
  the message body, which also improves performance.
 - HDR_LEADSPC: The filter can request that Postfix does not delete 
  the first space character between header name and header value       
  when sending a header to the filter, and that Postfix does not
  insert a space character between header name and header value 
  when receiving a header from the filter.  This fixes a limitation
  in the old Milter protocol that can break DKIM and DK signatures.
 - SETSYMLIST: The filter can override one or more of the main.cf
  milter_xxx_macros parameter settings.
 Sendmail 8.14 Milter features not supported at this time:
 - RCPT_REJ: report rejected recipients to the mail filter. 
 - CHGFROM: replace sender, with optional ESMTP command parameters.
 - ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
 It is unclear when (if ever) the missing features will be implemented.
 SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
 processing and error handling.  SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
 require ESMTP command-line parsing in the cleanup server. Unfortunately,
 Sendmail's documentation does not specify what ESMTP options are
 supported, but only discusses examples of things that don't work.
 Major changes - address verification
 ------------------------------------
 [Incompat 20070514] The default sender address for address verification
 probes was changed from "postmaster" to "double-bounce", so that
 the Postfix SMTP server no longer causes surprising behavior by
 excluding "postmaster" from SMTP server access controls.
 Major changes - ldap
 --------------------
 [Incompat 20071216] Due to an incompatible API change between
 OpenLDAP 2.0.11 and 2.0.12, an LDAP client compiled for OpenLDAP
 version <= 2.0.11 will refuse to work with an OpenLDAP library
 version >= 2.0.12 and vice versa.
 Major changes - logging
 -----------------------
 [Incompat 20080109] TLS logging output has changed to make it more
 useful. Existing logfile parser regular expressions may need
 adjustment.
 - More log entries include the "hostnamename[ipaddress]" of the
  remote SMTP peer.
 - Certificate trust chain error reports show only the first
  error certificate (closest to the trust chain root), and the
  reporting is more human-readable for the most likely errors.
 - After the completion of the TLS handshake, the session is logged
  with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
  "Verified" (SMTP client only).
  - "Untrusted" means that the certificate trust chain is invalid,
    or that the root CA is not trusted.
  - "Trusted" means that the certificate trust chain is valid, and
    that the root CA is trusted.
  - "Verified" means that the certificate meets the SMTP client's
    matching criteria for the destination:
    - In the case of a destination name match, "Verified" also
      implies "Trusted".
    - In the case of a fingerprint match, CA trust is not applicable.
 - The logging of protocol states with TLS loglevel >= 2 no longer
  reports bogus error conditions when OpenSSL asks Postfix to refill
  (or flush) network I/O buffers.  This loglevel is for debugging
  only; use 0 or 1 in production configurations.
 [Incompat 20071216] The SMTP "transcript of session" email now
 includes the remote SMTP server TCP port number.
 Major changes - loop detection
 ------------------------------
 [Incompat 20070422] [Incompat 20070422] When the pipe(8) delivery
 agent is configured to create the optional Delivered-To: header,
 it now first checks if that same header is already present in the
 message. If so, the message is returned as undeliverable. This test
 should have been included with Postfix 2.0 when Delivered-To: support
 was added to the pipe(8) delivery agent.
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@@ -1,5 +1,9 @@
 Wish list:
 	Collect random bits and pieces in one SOHO_README document:
 	smtp_generic_maps, sender_dependent_mumble,
 	smtp_sasl_auth_cache_name/time.
 	See if "pickup =o content_filter=smtp:127.0.0.1" can be
 	made a viable alternative to the use of non_smtpd_milters.
--- a/postfix/html/SASL_README.html
+++ b/postfix/html/SASL_README.html
@@ -79,6 +79,9 @@ Postfix SMTP server</a></li>
 <li><a href="#client_sasl">Enabling SASL authentication in the
 Postfix SMTP client</a></li>
 <li><a href="#client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></li>
 <li><a href="#credits">Credits</a>
 </ul>
@@ -636,42 +639,57 @@ table. </p>
    <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
    <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
    <a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> = cyrus
    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
    # Alternative form:
    # <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    foo.com                     username:password
    bar.com                     username
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 </pre>
 </blockquote>
-<p> The Postfix SMTP client opens the SASL client password file
+<p> Notes: </p>
-before entering the optional chroot jail, so you can keep the file
+
-in /etc/postfix and set permissions read / write only for root to
+<ul>
-keep the username:password combinations away from other system
+
 <li> <p> The "submission" destination port tells Postfix to send
 mail via TCP network port 587, which is normally reserved for email
 clients. The default is to send mail to the "smtp" destination port
 (TCP port 25), which is used for receiving mail across the internet.
 If you use an explicit destination port in <a href="postconf.5.html">main.cf</a>, then you must
 use the same form also in the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file.  </p>
 <li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
 "wrappermode" protocol). See <a href="TLS_README.html">TLS_README</a> for a solution that uses the
 "stunnel" command. </p>
 <li> <p> The "[" and "]" prevent Postfix from looking up the MX
 (mail exchanger) records for the enclosed name.  If you use this
 form in <a href="postconf.5.html">main.cf</a>, then you must use the same form also in the
 <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
 <li> <p> The Postfix SMTP client opens the SASL client password
 file before entering the optional chroot jail, so you can keep the
 file in /etc/postfix and set permissions read / write only for root
 to keep the username:password combinations away from other system
 users. </p>
-<p> Postfix version 2.3 supports-per-sender SASL password
+<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
-information. To search the Postfix SASL password by sender 
+uses <b>dbm</b> files instead of <b>db</b> files. To find out what
-before it searches by destination, specify: </p>
+lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
-<blockquote>
+<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
-<pre>
+whenever you change the sasl_passwd table. </p>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
    <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
    <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
-/etc/postfix/sasl_passwd:
+</ul>
    user@example.com            username:password
    bar.com                     username
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 </pre>
 </blockquote>
-<p> Note: some remote SMTP servers support PLAIN or LOGIN authentication
+<p> Workarounds: </p>
-only.
+
 <ul>
 <li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
 By default, the Postfix SMTP client does not use authentication
 methods that send plaintext passwords, and defers delivery with
 the following error message:  "Authentication failed: cannot SASL
@@ -685,7 +703,7 @@ for example: </p>
 </pre>
 </blockquote>
-<p> Note: some remote SMTP servers announce authentication mechanisms
+<li> <p> Some remote SMTP servers announce authentication mechanisms
 that don't actually work. It is possible via the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
 parameter to restrict the list of server mechanisms that the Postfix
 SMTP client will take into consideration:  </p>
@@ -701,11 +719,73 @@ SMTP client will take into consideration:  </p>
 use mechanisms
 that require special infrastructure such as Kerberos or TLS. </p>
-<p> The Postfix SMTP client is backwards compatible with SMTP
+<li> <p> The Postfix SMTP client is backwards compatible with SMTP
 servers that use the non-standard "AUTH=method..." syntax in response
 to the EHLO command; there is no Postfix client configuration needed
 to work around it. </p>
 </ul>
 <h2><a name="client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></h2>
 <p> Postfix version 2.3 supports multiple ISP accounts. This can
 be useful when one person uses the same machine for work and for
 personal use, or when people with different ISP accounts share the
 same Postfix server.  To make this possible, Postfix 2.3 supports
 per-sender SASL passwords and per-sender relay hosts. In the example
 below, Postfix will search the SASL password file by sender before
 it searches that same file by destination. Likewise, Postfix will
 search the per-sender <a href="postconf.5.html#relayhost">relayhost</a> file, and use the default <a href="postconf.5.html#relayhost">relayhost</a>
 only as a final resort.  </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
    <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> = hash:/etc/postfix/sender_relay
    <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
    <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
    # Alternative form:
    # <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    # Per-sender authentication; see also /etc/postfix/sender_relay.
    user1@example.com           username2:password2
    user2@example.net           username2:password2
    # Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 /etc/postfix/sender_relay:
    # Per-sender provider; see also /etc/postfix/sasl_passwd.
    user1@example.com           [mail.example.com]:submission
    user2@example.net           [mail.example.net]
 </pre>
 </blockquote>
 <p> Notes: </p>
 <ul>
 <li> <p> If you are creative, then you can try to combine the two
 tables into one single MySQL database, and configure different
 Postfix queries to extract the appropriate information. </p>
 <li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
 uses <b>dbm</b> files instead of <b>db</b> files. To find out what
 lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
 whenever you change the sasl_passwd table. </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
 whenever you change the sender_relay table. </p>
 </ul>
 <h2><a name="credits">Credits</a></h2>
 <ul>
--- a/postfix/html/SOHO_README.html
+++ b/postfix/html/SOHO_README.html
@@ -0,0 +1,385 @@
 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
 <title>Postfix Small/Home Office Hints and Tips</title>
 <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
 </head>
 <body>
 <h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Small/Home Office Hints and Tips</h1>
 <hr>
 <h2>Overview</h2>
 <p> This document combines hints and tips for "small office/home
 office" applications into one document so that they are easier to
 find. The text describes the mail sending side only. If your machine
 does not receive mail directly (i.e. it does not have its own
 Internet domain name and its own fixed IP address), then you will
 need a solution such as "fetchmail", which is outside the scope of
 the Postfix documentation.  </p>
 <ul>
 <li> <p> Selected topics from the <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> document: </p>
 <ul>
 <li><a href="#stand_alone">Postfix on a stand-alone Internet host</a>
 <li><a href="#fantasy">Postfix on hosts without a real
 Internet hostname</a>
 </ul>
 <p> Selected topics from the <a href="SASL_README.html">SASL_README</a> document: </p>
 <ul>
 <li><a href="#client_sasl">Enabling SASL authentication in the
 Postfix SMTP client</a></li>
 <li><a href="#client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></li>
 </ul>
 </ul>
 <p> See the <a href="SASL_README.html">SASL_README</a> and <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> documents for
 further information on these topics. </p>
 <h2><a name="stand_alone">Postfix on a stand-alone Internet host</a></h2>
 <p> Postfix should work out of the box without change on a stand-alone
 machine that has direct Internet access.  At least, that is how
 Postfix installs when you download the Postfix source code via
 <a href="http://www.postfix.org/">http://www.postfix.org/</a>. </p>
 <p> You can use the command "<b>postconf -n</b>" to find out what
 settings are overruled by your <a href="postconf.5.html">main.cf</a>. Besides a few pathname
 settings, few parameters should be set on a stand-alone box, beyond
 what is covered in the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> document: </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    # Optional: send mail as user@domainname instead of user@hostname.
    #<a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
    # Optional: specify NAT/proxy external address.
    #<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
    # Alternative 1: don't relay mail from other hosts.
    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host
    <a href="postconf.5.html#relay_domains">relay_domains</a> =
    # Alternative 2: relay mail from local clients only.
    # <a href="postconf.5.html#mynetworks">mynetworks</a> = 192.168.1.0/28
    # <a href="postconf.5.html#relay_domains">relay_domains</a> =
 </pre>
 </blockquote>
 <p> See also the section "<a href="#fantasy">Postfix on hosts without
 a real Internet hostname</a>" if this is applicable to your configuration.
 </p>
 <h2><a name="fantasy">Postfix on hosts without a real Internet
 hostname</a></h2>
 <p> This section is for hosts that don't have their own Internet
 hostname.  Typically these are systems that get a dynamic IP address
 via DHCP or via dialup. Postfix will let you send and receive mail
 just fine between accounts on a machine with a fantasy name. However,
 you cannot use a fantasy hostname in your email address when sending
 mail into the Internet, because no-one would be able to reply to
 your mail. In fact, more and more sites refuse mail addresses with
 non-existent domain names. </p>
 <p> Note: the following information is Postfix version dependent.
 To find out what Postfix version you have, execute the command
 "<b>postconf <a href="postconf.5.html#mail_version">mail_version</a></b>". </p>
 <h3>Solution 1: Postfix version 2.2 and later </h3>
 <p> Postfix 2.2 uses the <a href="generic.5.html">generic(5)</a> address mapping to replace
 local fantasy email addresses by valid Internet addresses.  This
 mapping happens ONLY when mail leaves the machine; not when you
 send mail between users on the same machine. </p>
 <p> The following example presents additional configuration. You
 need to combine this with basic configuration information as
 discussed the first half of this document. </p>
 <blockquote>
 <pre>
 1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
 2     <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> = hash:/etc/postfix/generic
 3 
 4 /etc/postfix/generic:
 5     his@localdomain.local             hisaccount@hisisp.example
 6     her@localdomain.local             heraccount@herisp.example
 7     @localdomain.local                hisaccount+local@hisisp.example
 </pre>
 </blockquote>
 <p> When mail is sent to a remote host via SMTP: </p>
 <ul>
 <li> <p> Line 5 replaces <i>his@localdomain.local</i> by his ISP
 mail address, </p>
 <li> <p> Line 6 replaces <i>her@localdomain.local</i> by her ISP
 mail address, and </p>
 <li> <p> Line 7 replaces other local addresses by his ISP account,
 with an address extension of +<i>local</i> (this example assumes
 that the ISP supports "+" style address extensions). </p>
 </ul>
 <p>Specify <b>dbm</b> instead of <b>hash</b> if your system uses
 <b>dbm</b> files instead of <b>db</b> files. To find out what lookup
 tables Postfix supports, use the command "<b>postconf -m</b>".  </p>
 <p> Execute the command "<b>postmap /etc/postfix/generic</b>"
 whenever you change the generic table. </p>
 <h3>Solution 2: Postfix version 2.1 and earlier </h3>
 <p> The solution with older Postfix systems is to use valid
 Internet addresses where possible, and to let Postfix map valid
 Internet addresses to local fantasy addresses. With this, you can
 send mail to the Internet and to local fantasy addresses, including
 mail to local fantasy addresses that don't have a valid Internet
 address of their own.</p>
 <p> The following example presents additional configuration. You
 need to combine this with basic configuration information as
 discussed the first half of this document. </p>
 <blockquote>
 <pre>
 1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
 2     <a href="postconf.5.html#myhostname">myhostname</a> = hostname.localdomain
 3     <a href="postconf.5.html#mydomain">mydomain</a> = localdomain
 4 
 5     <a href="postconf.5.html#canonical_maps">canonical_maps</a> = hash:/etc/postfix/canonical
 6 
 7     <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
 8 
 9 /etc/postfix/canonical:
 10     your-login-name    your-account@your-isp.com
 11 
 12 /etc/postfix/<a href="virtual.8.html">virtual</a>:
 13     your-account@your-isp.com       your-login-name
 </pre>
 </blockquote>
 <p> Translation: </p>
 <ul>
 <li> <p> Lines 2-3: Substitute your fantasy hostname here. Do not
 use a domain name that is already in use by real organizations
 on the Internet. See <a href="http://tools.ietf.org/html/rfc2606">RFC 2606</a> for examples of domain
 names that are guaranteed not to be owned by anyone. </p>
 <li> <p> Lines 5, 9, 10: This provides the mapping from
 "your-login-name@hostname.localdomain" to "your-account@your-isp.com".
 This part is required. </p>
 <li> <p> Lines 7, 12, 13: Deliver mail for "your-account@your-isp.com"
 locally, instead of sending it to the ISP. This part is not required
 but is convenient.
 </ul>
 <p>Specify <b>dbm</b> instead of <b>hash</b> if your system uses
 <b>dbm</b> files instead of <b>db</b> files. To find out what lookup
 tables Postfix supports, use the command "<b>postconf -m</b>".  </p>
 <p> Execute the command "<b>postmap /etc/postfix/canonical</b>"
 whenever you change the canonical table. </p>
 <p> Execute the command "<b>postmap /etc/postfix/virtual</b>"
 whenever you change the virtual table. </p>
 <h2><a name="client_sasl">Enabling SASL authentication in the
 Postfix SMTP client</a></h2>
 <p> Turn on client-side SASL authentication, and specify a table
 with per-host or per-destination username and password information.
 The Postfix SMTP client first searches the table for an entry with
 the remote SMTP server hostname; if no entry is found, then the
 Postfix SMTP client searches the table for
 an entry with the next-hop destination.  Usually, that is the
 right-hand part of an email address, but it can also be the information
 that is specified with the <a href="postconf.5.html#relayhost">relayhost</a> parameter or with a <a href="transport.5.html">transport(5)</a>
 table. </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
    <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
    <a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> = cyrus
    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
    # Alternative form:
    # <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 </pre>
 </blockquote>
 <p> Notes: </p>
 <ul>
 <li> <p> The "submission" destination port tells Postfix to send
 mail via TCP network port 587, which is normally reserved for email
 clients. The default is to send mail to the "smtp" destination port
 (TCP port 25), which is used for receiving mail across the internet.
 If you use an explicit destination port in <a href="postconf.5.html">main.cf</a>, then you must
 use the same form also in the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file.  </p>
 <li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
 "wrappermode" protocol). See <a href="TLS_README.html">TLS_README</a> for a solution that uses the
 "stunnel" command. </p>
 <li> <p> The "[" and "]" prevent Postfix from looking up the MX
 (mail exchanger) records for the enclosed name.  If you use this
 form in <a href="postconf.5.html">main.cf</a>, then you must use the same form also in the
 <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
 <li> <p> The Postfix SMTP client opens the SASL client password
 file before entering the optional chroot jail, so you can keep the
 file in /etc/postfix and set permissions read / write only for root
 to keep the username:password combinations away from other system
 users. </p>
 <li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
 uses <b>dbm</b> files instead of <b>db</b> files. To find out what
 lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
 whenever you change the sasl_passwd table. </p>
 </ul>
 <p> Workarounds: </p>
 <ul>
 <li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
 By default, the Postfix SMTP client does not use authentication
 methods that send plaintext passwords, and defers delivery with
 the following error message:  "Authentication failed: cannot SASL
 authenticate to server". To enable plaintext authentication specify,
 for example: </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> = noanonymous
 </pre>
 </blockquote>
 <li> <p> Some remote SMTP servers announce authentication mechanisms
 that don't actually work. It is possible via the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
 parameter to restrict the list of server mechanisms that the Postfix
 SMTP client will take into consideration:  </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !external, static:all
 </pre>
 </blockquote>
 <p> In the above example, the Postfix SMTP client will decline to
 use mechanisms
 that require special infrastructure such as Kerberos or TLS. </p>
 <li> <p> The Postfix SMTP client is backwards compatible with SMTP
 servers that use the non-standard "AUTH=method..." syntax in response
 to the EHLO command; there is no Postfix client configuration needed
 to work around it. </p>
 </ul>
 <h2><a name="client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></h2>
 <p> Postfix version 2.3 supports multiple ISP accounts. This can
 be useful when one person uses the same machine for work and for
 personal use, or when people with different ISP accounts share the
 same Postfix server.  To make this possible, Postfix 2.3 supports
 per-sender SASL passwords and per-sender relay hosts. In the example
 below, Postfix will search the SASL password file by sender before
 it searches that same file by destination. Likewise, Postfix will
 search the per-sender <a href="postconf.5.html#relayhost">relayhost</a> file, and use the default <a href="postconf.5.html#relayhost">relayhost</a>
 only as a final resort.  </p>
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
    <a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
    <a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> = hash:/etc/postfix/sender_relay
    <a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
    <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
    # Alternative form:
    # <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    # Per-sender authentication; see also /etc/postfix/sender_relay.
    user1@example.com           username2:password2
    user2@example.net           username2:password2
    # Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 /etc/postfix/sender_relay:
    # Per-sender provider; see also /etc/postfix/sasl_passwd.
    user1@example.com           [mail.example.com]:submission
    user2@example.net           [mail.example.net]
 </pre>
 </blockquote>
 <p> Notes: </p>
 <ul>
 <li> <p> If you are creative, then you can try to combine the two
 tables into one single MySQL database, and configure different
 Postfix queries to extract the appropriate information. </p>
 <li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
 uses <b>dbm</b> files instead of <b>db</b> files. To find out what
 lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
 whenever you change the sasl_passwd table. </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
 whenever you change the sender_relay table. </p>
 </ul>
 </body>
 </html>
--- a/postfix/html/STANDARD_CONFIGURATION_README.html
+++ b/postfix/html/STANDARD_CONFIGURATION_README.html
@@ -81,9 +81,13 @@ what is covered in the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURA
    # Optional: specify NAT/proxy external address.
    #<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
-    # Don't relay mail from other hosts.
+    # Alternative 1: don't relay mail from other hosts.
    <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host
    <a href="postconf.5.html#relay_domains">relay_domains</a> =
    # Alternative 2: relay mail from local clients only.
    # <a href="postconf.5.html#mynetworks">mynetworks</a> = 192.168.1.0/28
    # <a href="postconf.5.html#relay_domains">relay_domains</a> =
 </pre>
 </blockquote>
@@ -789,7 +793,7 @@ discussed the first half of this document. </p>
 <li> <p> Lines 2-3: Substitute your fantasy hostname here. Do not
 use a domain name that is already in use by real organizations
-on the Internet. See <a href="http://www.faqs.org/rfcs/rfc2606.html">RFC 2606</a> for examples of domain
+on the Internet. See <a href="http://tools.ietf.org/html/rfc2606">RFC 2606</a> for examples of domain
 names that are guaranteed not to be owned by anyone. </p>
 <li> <p> Lines 5, 9, 10: This provides the mapping from
--- a/postfix/html/index.html
+++ b/postfix/html/index.html
@@ -28,6 +28,8 @@
 <li> <a href="BASIC_CONFIGURATION_README.html"> Basic configuration
 </a>
 <li> <a href="SOHO_README.html"> Small/home office hints and tips </a>
 <li> <a href="STANDARD_CONFIGURATION_README.html"> Standard
 configuration examples </a>
@@ -74,6 +76,14 @@ overview </a>
 <li> <a href="BUILTIN_FILTER_README.html"> Built-in content inspection </a>
 </ul>
 </td>
 <td width="30%" align="left" valign="top">
 <ul>
 <li> <a href="FILTER_README.html"> After-queue content filter </a>
 <li> <a href="SMTPD_PROXY_README.html"> Before-queue content
@@ -84,10 +94,6 @@ filter  </a>
 </ul>
 </td>
 <td width="30%" align="left" valign="top">
 <p><strong>SMTP Relay and access control </strong></p>
 <ul>
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -8205,6 +8205,12 @@ same server, username and password, and instead bounces or defers
 mail as controlled with the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> configuration
 parameter.  </p>
 <p> Use a per-destination delivery concurrency of 1 (for example,
 "<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> = 1",
 "<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> = 1", etc.), otherwise multiple
 delivery agents may experience a login failure at the same time.
 </p>
 <p> The table must be accessed via the proxywrite service, i.e. the
 map name must start with "<a href="proxymap.8.html">proxy</a>:". The table should be stored under
 the directory specified with the <a href="postconf.5.html#data_directory">data_directory</a> parameter. </p>
--- a/postfix/implementation-notes/MILTER
+++ b/postfix/implementation-notes/MILTER
@@ -247,4 +247,8 @@ or backward compatibility.
 It does mean, however, that a pointer record can easily exceed the
 length of a header record. This is why we go through the trouble
-of record relocation and dummy records.
+of record relocation and dummy records. 
 In Postfix 2.4 we fixed this by adding padding to short message
 header records so that we can always write a pointer record over a
 message header.  This immensly simplifies the code.
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -4616,6 +4616,11 @@ same server, username and password, and instead bounces or defers
 mail as controlled with the smtp_sasl_auth_soft_bounce configuration
 parameter.
 .PP
 Use a per-destination delivery concurrency of 1 (for example,
 "smtp_destination_concurrency_limit = 1",
 "relay_destination_concurrency_limit = 1", etc.), otherwise multiple
 delivery agents may experience a login failure at the same time.
 .PP
 The table must be accessed via the proxywrite service, i.e. the
 map name must start with "proxy:". The table should be stored under
 the directory specified with the data_directory parameter.
--- a/postfix/mantools/make_soho_readme
+++ b/postfix/mantools/make_soho_readme
@@ -0,0 +1,84 @@
 #!/bin/sh
 cat <<'EOF'
 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
 <title>Postfix Small/Home Office Hints and Tips</title>
 <meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
 </head>
 <body>
 <h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Small/Home Office Hints and Tips</h1>
 <hr>
 <h2>Overview</h2>
 <p> This document combines hints and tips for "small office/home
 office" applications into one document so that they are easier to
 find. The text describes the mail sending side only. If your machine
 does not receive mail directly (i.e. it does not have its own
 Internet domain name and its own fixed IP address), then you will
 need a solution such as "fetchmail", which is outside the scope of
 the Postfix documentation.  </p>
 <ul>
 <li> <p> Selected topics from the STANDARD_CONFIGURATION_README document: </p>
 <ul>
 <li><a href="#stand_alone">Postfix on a stand-alone Internet host</a>
 <li><a href="#fantasy">Postfix on hosts without a real
 Internet hostname</a>
 </ul>
 <p> Selected topics from the SASL_README document: </p>
 <ul>
 <li><a href="#client_sasl">Enabling SASL authentication in the
 Postfix SMTP client</a></li>
 <li><a href="#client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></li>
 </ul>
 </ul>
 <p> See the SASL_README and STANDARD_CONFIGURATION_README documents for
 further information on these topics. </p>
 EOF
 sed -n '/^<h2><a name="stand_alone">/,${
        /^<h2><a name="null_client">/q
        p
 }' STANDARD_CONFIGURATION_README.html
 sed -n '/^<h2><a name="fantasy">/,${
 	/^<\/body>/q
 	p
 }' STANDARD_CONFIGURATION_README.html
 sed -n '/^<h2><a name="client_sasl">/,${
 	/^<h2><a name="credits/q
 	p
 }' SASL_README.html
 cat <<'EOF'
 </body>
 </html>
 EOF
--- a/postfix/proto/Makefile.in
+++ b/postfix/proto/Makefile.in
@@ -33,6 +33,7 @@ HTML	= ../html/ADDRESS_CLASS_README.html \
 	../html/SCHEDULER_README.html ../html/SMTPD_ACCESS_README.html \
 	../html/SMTPD_POLICY_README.html \
 	../html/SMTPD_PROXY_README.html \
 	../html/SOHO_README.html \
 	../html/STANDARD_CONFIGURATION_README.html \
 	../html/STRESS_README.html \
 	../html/TLS_README.html ../html/TLS_LEGACY_README.html \
@@ -69,6 +70,7 @@ README	= ../README_FILES/ADDRESS_CLASS_README \
 	../README_FILES/SASL_README ../README_FILES/SCHEDULER_README \
 	../README_FILES/SMTPD_ACCESS_README \
 	../README_FILES/SMTPD_POLICY_README ../README_FILES/SMTPD_PROXY_README \
 	../README_FILES/SOHO_README \
 	../README_FILES/STANDARD_CONFIGURATION_README \
 	../README_FILES/STRESS_README \
 	../README_FILES/TLS_README ../README_FILES/TLS_LEGACY_README \
@@ -85,6 +87,8 @@ SRCTOMAN= ../mantools/srctoman
 POSTLINK= ../mantools/postlink
 HT2READ	= ../mantools/html2readme
 MAKEAAA	= ../mantools/makereadme
 MAKESOHO= ../mantools/make_soho_readme
 DEPSOHO	= SASL_README.html STANDARD_CONFIGURATION_README.html
 update:	$(CONFIG) $(HTML) $(README) $(MAN)
@@ -234,6 +238,9 @@ clobber:
 ../html/SMTPD_PROXY_README.html: SMTPD_PROXY_README.html
 	$(POSTLINK) $? >$@
 ../html/SOHO_README.html: $(MAKESOHO) $(DEPSOHO)
 	$(MAKESOHO) | $(POSTLINK) >$@
 ../html/STANDARD_CONFIGURATION_README.html: STANDARD_CONFIGURATION_README.html
 	$(POSTLINK) $? >$@
@@ -378,6 +385,9 @@ clobber:
 ../README_FILES/SMTPD_PROXY_README: SMTPD_PROXY_README.html
 	$(HT2READ) $? >$@
 ../README_FILES/SOHO_README: $(MAKESOHO) $(DEPSOHO)
 	$(MAKESOHO) | $(HT2READ) >$@
 ../README_FILES/STANDARD_CONFIGURATION_README: STANDARD_CONFIGURATION_README.html
 	$(HT2READ) $? >$@
--- a/postfix/proto/SASL_README.html
+++ b/postfix/proto/SASL_README.html
@@ -79,6 +79,9 @@ Postfix SMTP server</a></li>
 <li><a href="#client_sasl">Enabling SASL authentication in the
 Postfix SMTP client</a></li>
 <li><a href="#client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></li>
 <li><a href="#credits">Credits</a>
 </ul>
@@ -636,42 +639,57 @@ table. </p>
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_type = cyrus
    relayhost = [mail.myisp.net]
    # Alternative form:
    # relayhost = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    foo.com                     username:password
    bar.com                     username
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 </pre>
 </blockquote>
-<p> The Postfix SMTP client opens the SASL client password file
+<p> Notes: </p>
-before entering the optional chroot jail, so you can keep the file
+
-in /etc/postfix and set permissions read / write only for root to
+<ul>
-keep the username:password combinations away from other system
+
 <li> <p> The "submission" destination port tells Postfix to send
 mail via TCP network port 587, which is normally reserved for email
 clients. The default is to send mail to the "smtp" destination port
 (TCP port 25), which is used for receiving mail across the internet.
 If you use an explicit destination port in main.cf, then you must
 use the same form also in the smtp_sasl_password_maps file.  </p>
 <li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
 "wrappermode" protocol). See TLS_README for a solution that uses the
 "stunnel" command. </p>
 <li> <p> The "[" and "]" prevent Postfix from looking up the MX
 (mail exchanger) records for the enclosed name.  If you use this
 form in main.cf, then you must use the same form also in the
 smtp_sasl_password_maps file. </p>
 <li> <p> The Postfix SMTP client opens the SASL client password
 file before entering the optional chroot jail, so you can keep the
 file in /etc/postfix and set permissions read / write only for root
 to keep the username:password combinations away from other system
 users. </p>
-<p> Postfix version 2.3 supports-per-sender SASL password
+<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
-information. To search the Postfix SASL password by sender 
+uses <b>dbm</b> files instead of <b>db</b> files. To find out what
-before it searches by destination, specify: </p>
+lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
-<blockquote>
+<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
-<pre>
+whenever you change the sasl_passwd table. </p>
 /etc/postfix/main.cf:
    smtp_sender_dependent_authentication = yes
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
-/etc/postfix/sasl_passwd:
+</ul>
    user@example.com            username:password
    bar.com                     username
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 </pre>
 </blockquote>
-<p> Note: some remote SMTP servers support PLAIN or LOGIN authentication
+<p> Workarounds: </p>
-only.
+
 <ul>
 <li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
 By default, the Postfix SMTP client does not use authentication
 methods that send plaintext passwords, and defers delivery with
 the following error message:  "Authentication failed: cannot SASL
@@ -685,7 +703,7 @@ for example: </p>
 </pre>
 </blockquote>
-<p> Note: some remote SMTP servers announce authentication mechanisms
+<li> <p> Some remote SMTP servers announce authentication mechanisms
 that don't actually work. It is possible via the smtp_sasl_mechanism_filter
 parameter to restrict the list of server mechanisms that the Postfix
 SMTP client will take into consideration:  </p>
@@ -701,11 +719,73 @@ SMTP client will take into consideration:  </p>
 use mechanisms
 that require special infrastructure such as Kerberos or TLS. </p>
-<p> The Postfix SMTP client is backwards compatible with SMTP
+<li> <p> The Postfix SMTP client is backwards compatible with SMTP
 servers that use the non-standard "AUTH=method..." syntax in response
 to the EHLO command; there is no Postfix client configuration needed
 to work around it. </p>
 </ul>
 <h2><a name="client_sasl_sender">Supporting multiple ISP accounts
 in the Postfix SMTP client</a></h2>
 <p> Postfix version 2.3 supports multiple ISP accounts. This can
 be useful when one person uses the same machine for work and for
 personal use, or when people with different ISP accounts share the
 same Postfix server.  To make this possible, Postfix 2.3 supports
 per-sender SASL passwords and per-sender relay hosts. In the example
 below, Postfix will search the SASL password file by sender before
 it searches that same file by destination. Likewise, Postfix will
 search the per-sender relayhost file, and use the default relayhost
 only as a final resort.  </p>
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
    smtp_sender_dependent_authentication = yes
    sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    relayhost = [mail.myisp.net]
    # Alternative form:
    # relayhost = [mail.myisp.net]:submission
 /etc/postfix/sasl_passwd:
    # Per-sender authentication; see also /etc/postfix/sender_relay.
    user1@example.com           username2:password2
    user2@example.net           username2:password2
    # Login information for the default relayhost.
    [mail.myisp.net]            username:password
    [mail.myisp.net]:submission username:password
 /etc/postfix/sender_relay:
    # Per-sender provider; see also /etc/postfix/sasl_passwd.
    user1@example.com           [mail.example.com]:submission
    user2@example.net           [mail.example.net]
 </pre>
 </blockquote>
 <p> Notes: </p>
 <ul>
 <li> <p> If you are creative, then you can try to combine the two
 tables into one single MySQL database, and configure different
 Postfix queries to extract the appropriate information. </p>
 <li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
 uses <b>dbm</b> files instead of <b>db</b> files. To find out what
 lookup tables Postfix supports, use the command "<b>postconf -m</b>".
 </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
 whenever you change the sasl_passwd table. </p>
 <li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
 whenever you change the sender_relay table. </p>
 </ul>
 <h2><a name="credits">Credits</a></h2>
 <ul>
--- a/postfix/proto/STANDARD_CONFIGURATION_README.html
+++ b/postfix/proto/STANDARD_CONFIGURATION_README.html
@@ -81,9 +81,13 @@ what is covered in the BASIC_CONFIGURATION_README document: </p>
    # Optional: specify NAT/proxy external address.
    #proxy_interfaces = 1.2.3.4
-    # Don't relay mail from other hosts.
+    # Alternative 1: don't relay mail from other hosts.
    mynetworks_style = host
    relay_domains =
    # Alternative 2: relay mail from local clients only.
    # mynetworks = 192.168.1.0/28
    # relay_domains =
 </pre>
 </blockquote>
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -11466,6 +11466,12 @@ same server, username and password, and instead bounces or defers
 mail as controlled with the smtp_sasl_auth_soft_bounce configuration
 parameter.  </p>
 <p> Use a per-destination delivery concurrency of 1 (for example,
 "smtp_destination_concurrency_limit = 1",
 "relay_destination_concurrency_limit = 1", etc.), otherwise multiple
 delivery agents may experience a login failure at the same time.
 </p>
 <p> The table must be accessed via the proxywrite service, i.e. the
 map name must start with "proxy:". The table should be stored under
 the directory specified with the data_directory parameter. </p>
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20080114"
+#define MAIL_RELEASE_DATE	"20080115"
-#define MAIL_VERSION_NUMBER	"2.5"
+#define MAIL_VERSION_NUMBER	"2.6"
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
--- a/postfix/src/smtp/smtp_sasl_auth_cache.c
+++ b/postfix/src/smtp/smtp_sasl_auth_cache.c
@@ -133,8 +133,8 @@ SMTP_SASL_AUTH_CACHE *smtp_sasl_auth_cache_init(const char *map, int ttl)
 #define CACHE_DICT_OPEN_FLAGS \
 	(DICT_FLAG_DUP_REPLACE | DICT_FLAG_SYNC_UPDATE)
-    if (strncmp(map, DICT_TYPE_PROXY, sizeof(DICT_TYPE_PROXY)) - 1 != 0
+    if (strncmp(map, DICT_TYPE_PROXY, sizeof(DICT_TYPE_PROXY) - 1) != 0
-	&& map[sizeof(DICT_TYPE_PROXY) - 1] != ':')
+	|| map[sizeof(DICT_TYPE_PROXY) - 1] != ':')
 	msg_fatal("SASL authentication cache name \"%s\" must start with \""
 		  DICT_TYPE_PROXY "\":", map);