mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.6-20080115

Browse Source
This commit is contained in:
Wietse Venema
2008-01-15 00:00:00 -05:00
committed by Viktor Dukhovni
parent c3c54cab07
commit 85a879816e
22 changed files with 1509 additions and 420 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
postfix/HISTORY
View File

@@ -14252,3 +14252,16 @@ Apologies for any names omitted.
Safety: the smtpd_client_new_tls_session_rate_limit setting
now also limits the number of failed TLS handshakes. This
limits the impact of broken configurations. File: smtpd/smtpd.c.
20080115
Bugfix (introduced 20080112): Patrik Rak found two bugs
that largely canceled each other out, causing Postfix not
to complain about a missing "proxy:" prefix with the new
smtp_sasl_auth_cache_name parameter setting. File:
smtp/smtp_sasl_glue.c.
Documentation: new SOHO_README file for small/home offices.
The text is automatically generated from bits and pieces of
information that are scattered across other documents.
File: mantools/make_soho_readme.

2
postfix/README_FILES/AAAREADME
View File

@@ -4,6 +4,7 @@
GGeenneerraall ccoonnffiigguurraattiioonn
* BASIC_CONFIGURATION_README: Basic configuration
* SOHO_README: Small/home office hints and tips
* STANDARD_CONFIGURATION_README: Standard configuration examples
* ADDRESS_REWRITING_README: Address rewriting
* VIRTUAL_README: Virtual domain hosting
@@ -25,6 +26,7 @@ CCoonntteenntt iinnssppeeccttiioonn
* CONTENT_INSPECTION_README: Content inspection overview
* BACKSCATTER_README: Stopping backscatter mail
* BUILTIN_FILTER_README: Built-in content inspection
* FILTER_README: After-queue content filter
* SMTPD_PROXY_README: Before-queue content filter
* MILTER_README: Before-queue Milter applications

118
postfix/README_FILES/SASL_README
View File

@@ -39,6 +39,7 @@ This document covers the following topics:
* Testing SASL authentication in the Postfix SMTP server
* Trouble shooting the SASL internals
* Enabling SASL authentication in the Postfix SMTP client
* Supporting multiple ISP accounts in the Postfix SMTP client
* Credits
WWhhaatt SSAASSLL iimmpplleemmeennttaattiioonnss aarree ssuuppppoorrtteedd
@@ -423,55 +424,116 @@ relayhost parameter or with a transport(5) table.
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
foo.com username:password
bar.com username
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
The Postfix SMTP client opens the SASL client password file before entering the
optional chroot jail, so you can keep the file in /etc/postfix and set
permissions read / write only for root to keep the username:password
combinations away from other system users.
Notes:
Postfix version 2.3 supports-per-sender SASL password information. To search
the Postfix SASL password by sender before it searches by destination, specify:
* The "submission" destination port tells Postfix to send mail via TCP
network port 587, which is normally reserved for email clients. The default
is to send mail to the "smtp" destination port (TCP port 25), which is used
for receiving mail across the internet. If you use an explicit destination
port in main.cf, then you must use the same form also in the
smtp_sasl_password_maps file.
* Postfix does not deliver mail via TCP port 465 (the obsolete "wrappermode"
protocol). See TLS_README for a solution that uses the "stunnel" command.
* The "[" and "]" prevent Postfix from looking up the MX (mail exchanger)
records for the enclosed name. If you use this form in main.cf, then you
must use the same form also in the smtp_sasl_password_maps file.
* The Postfix SMTP client opens the SASL client password file before entering
the optional chroot jail, so you can keep the file in /etc/postfix and set
permissions read / write only for root to keep the username:password
combinations away from other system users.
* Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
files. To find out what lookup tables Postfix supports, use the command
"ppoossttccoonnff --mm".
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
the sasl_passwd table.
Workarounds:
* Some remote SMTP servers support PLAIN or LOGIN authentication only. By
default, the Postfix SMTP client does not use authentication methods that
send plaintext passwords, and defers delivery with the following error
message: "Authentication failed: cannot SASL authenticate to server". To
enable plaintext authentication specify, for example:
/etc/postfix/main.cf:
smtp_sasl_security_options = noanonymous
* Some remote SMTP servers announce authentication mechanisms that don't
actually work. It is possible via the smtp_sasl_mechanism_filter parameter
to restrict the list of server mechanisms that the Postfix SMTP client will
take into consideration:
/etc/postfix/main.cf:
smtp_sasl_mechanism_filter = !gssapi, !external, static:all
In the above example, the Postfix SMTP client will decline to use
mechanisms that require special infrastructure such as Kerberos or TLS.
* The Postfix SMTP client is backwards compatible with SMTP servers that use
the non-standard "AUTH=method..." syntax in response to the EHLO command;
there is no Postfix client configuration needed to work around it.
SSuuppppoorrttiinngg mmuullttiippllee IISSPP aaccccoouunnttss iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
Postfix version 2.3 supports multiple ISP accounts. This can be useful when one
person uses the same machine for work and for personal use, or when people with
different ISP accounts share the same Postfix server. To make this possible,
Postfix 2.3 supports per-sender SASL passwords and per-sender relay hosts. In
the example below, Postfix will search the SASL password file by sender before
it searches that same file by destination. Likewise, Postfix will search the
per-sender relayhost file, and use the default relayhost only as a final
resort.
/etc/postfix/main.cf:
smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
user@example.com username:password
bar.com username
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user2@example.net username2:password2
# Login information for the default relayhost.
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
Note: some remote SMTP servers support PLAIN or LOGIN authentication only. By
default, the Postfix SMTP client does not use authentication methods that send
plaintext passwords, and defers delivery with the following error message:
"Authentication failed: cannot SASL authenticate to server". To enable
plaintext authentication specify, for example:
/etc/postfix/sender_relay:
# Per-sender provider; see also /etc/postfix/sasl_passwd.
user1@example.com [mail.example.com]:submission
user2@example.net [mail.example.net]
/etc/postfix/main.cf:
smtp_sasl_security_options = noanonymous
Notes:
Note: some remote SMTP servers announce authentication mechanisms that don't
actually work. It is possible via the smtp_sasl_mechanism_filter parameter to
restrict the list of server mechanisms that the Postfix SMTP client will take
into consideration:
* If you are creative, then you can try to combine the two tables into one
single MySQL database, and configure different Postfix queries to extract
the appropriate information.
/etc/postfix/main.cf:
smtp_sasl_mechanism_filter = !gssapi, !external, static:all
* Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
files. To find out what lookup tables Postfix supports, use the command
"ppoossttccoonnff --mm".
In the above example, the Postfix SMTP client will decline to use mechanisms
that require special infrastructure such as Kerberos or TLS.
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
the sasl_passwd table.
The Postfix SMTP client is backwards compatible with SMTP servers that use the
non-standard "AUTH=method..." syntax in response to the EHLO command; there is
no Postfix client configuration needed to work around it.
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//sseennddeerr__rreellaayy" whenever you change
the sender_relay table.
CCrreeddiittss

276
postfix/README_FILES/SOHO_README Normal file
View File

@@ -0,0 +1,276 @@
PPoossttffiixx SSmmaallll//HHoommee OOffffiiccee HHiinnttss aanndd TTiippss
-------------------------------------------------------------------------------
OOvveerrvviieeww
This document combines hints and tips for "small office/home office"
applications into one document so that they are easier to find. The text
describes the mail sending side only. If your machine does not receive mail
directly (i.e. it does not have its own Internet domain name and its own fixed
IP address), then you will need a solution such as "fetchmail", which is
outside the scope of the Postfix documentation.
* Selected topics from the STANDARD_CONFIGURATION_README document:
o Postfix on a stand-alone Internet host
o Postfix on hosts without a real Internet hostname
Selected topics from the SASL_README document:
o Enabling SASL authentication in the Postfix SMTP client
o Supporting multiple ISP accounts in the Postfix SMTP client
See the SASL_README and STANDARD_CONFIGURATION_README documents for further
information on these topics.
PPoossttffiixx oonn aa ssttaanndd--aalloonnee IInntteerrnneett hhoosstt
Postfix should work out of the box without change on a stand-alone machine that
has direct Internet access. At least, that is how Postfix installs when you
download the Postfix source code via http://www.postfix.org/.
You can use the command "ppoossttccoonnff --nn" to find out what settings are overruled
by your main.cf. Besides a few pathname settings, few parameters should be set
on a stand-alone box, beyond what is covered in the BASIC_CONFIGURATION_README
document:
/etc/postfix/main.cf:
# Optional: send mail as user@domainname instead of user@hostname.
#myorigin = $mydomain
# Optional: specify NAT/proxy external address.
#proxy_interfaces = 1.2.3.4
# Alternative 1: don't relay mail from other hosts.
mynetworks_style = host
relay_domains =
# Alternative 2: relay mail from local clients only.
# mynetworks = 192.168.1.0/28
# relay_domains =
See also the section "Postfix on hosts without a real Internet hostname" if
this is applicable to your configuration.
PPoossttffiixx oonn hhoossttss wwiitthhoouutt aa rreeaall IInntteerrnneett hhoossttnnaammee
This section is for hosts that don't have their own Internet hostname.
Typically these are systems that get a dynamic IP address via DHCP or via
dialup. Postfix will let you send and receive mail just fine between accounts
on a machine with a fantasy name. However, you cannot use a fantasy hostname in
your email address when sending mail into the Internet, because no-one would be
able to reply to your mail. In fact, more and more sites refuse mail addresses
with non-existent domain names.
Note: the following information is Postfix version dependent. To find out what
Postfix version you have, execute the command "ppoossttccoonnff mmaaiill__vveerrssiioonn".
SSoolluuttiioonn 11:: PPoossttffiixx vveerrssiioonn 22..22 aanndd llaatteerr
Postfix 2.2 uses the generic(5) address mapping to replace local fantasy email
addresses by valid Internet addresses. This mapping happens ONLY when mail
leaves the machine; not when you send mail between users on the same machine.
The following example presents additional configuration. You need to combine
this with basic configuration information as discussed the first half of this
document.
1 /etc/postfix/main.cf:
2 smtp_generic_maps = hash:/etc/postfix/generic
3
4 /etc/postfix/generic:
5 his@localdomain.local hisaccount@hisisp.example
6 her@localdomain.local heraccount@herisp.example
7 @localdomain.local hisaccount+local@hisisp.example
When mail is sent to a remote host via SMTP:
* Line 5 replaces his@localdomain.local by his ISP mail address,
* Line 6 replaces her@localdomain.local by her ISP mail address, and
* Line 7 replaces other local addresses by his ISP account, with an address
extension of +local (this example assumes that the ISP supports "+" style
address extensions).
Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb files.
To find out what lookup tables Postfix supports, use the command "ppoossttccoonnff --mm".
Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ggeenneerriicc" whenever you change the
generic table.
SSoolluuttiioonn 22:: PPoossttffiixx vveerrssiioonn 22..11 aanndd eeaarrlliieerr
The solution with older Postfix systems is to use valid Internet addresses
where possible, and to let Postfix map valid Internet addresses to local
fantasy addresses. With this, you can send mail to the Internet and to local
fantasy addresses, including mail to local fantasy addresses that don't have a
valid Internet address of their own.
The following example presents additional configuration. You need to combine
this with basic configuration information as discussed the first half of this
document.
1 /etc/postfix/main.cf:
2 myhostname = hostname.localdomain
3 mydomain = localdomain
4
5 canonical_maps = hash:/etc/postfix/canonical
6
7 virtual_alias_maps = hash:/etc/postfix/virtual
8
9 /etc/postfix/canonical:
10 your-login-name your-account@your-isp.com
11
12 /etc/postfix/virtual:
13 your-account@your-isp.com your-login-name
Translation:
* Lines 2-3: Substitute your fantasy hostname here. Do not use a domain name
that is already in use by real organizations on the Internet. See RFC 2606
for examples of domain names that are guaranteed not to be owned by anyone.
* Lines 5, 9, 10: This provides the mapping from "your-login-
name@hostname.localdomain" to "your-account@your-isp.com". This part is
required.
* Lines 7, 12, 13: Deliver mail for "your-account@your-isp.com" locally,
instead of sending it to the ISP. This part is not required but is
convenient.
Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb files.
To find out what lookup tables Postfix supports, use the command "ppoossttccoonnff --mm".
Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ccaannoonniiccaall" whenever you change the
canonical table.
Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//vviirrttuuaall" whenever you change the
virtual table.
EEnnaabblliinngg SSAASSLL aauutthheennttiiccaattiioonn iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
Turn on client-side SASL authentication, and specify a table with per-host or
per-destination username and password information. The Postfix SMTP client
first searches the table for an entry with the remote SMTP server hostname; if
no entry is found, then the Postfix SMTP client searches the table for an entry
with the next-hop destination. Usually, that is the right-hand part of an email
address, but it can also be the information that is specified with the
relayhost parameter or with a transport(5) table.
/etc/postfix/main.cf:
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
Notes:
* The "submission" destination port tells Postfix to send mail via TCP
network port 587, which is normally reserved for email clients. The default
is to send mail to the "smtp" destination port (TCP port 25), which is used
for receiving mail across the internet. If you use an explicit destination
port in main.cf, then you must use the same form also in the
smtp_sasl_password_maps file.
* Postfix does not deliver mail via TCP port 465 (the obsolete "wrappermode"
protocol). See TLS_README for a solution that uses the "stunnel" command.
* The "[" and "]" prevent Postfix from looking up the MX (mail exchanger)
records for the enclosed name. If you use this form in main.cf, then you
must use the same form also in the smtp_sasl_password_maps file.
* The Postfix SMTP client opens the SASL client password file before entering
the optional chroot jail, so you can keep the file in /etc/postfix and set
permissions read / write only for root to keep the username:password
combinations away from other system users.
* Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
files. To find out what lookup tables Postfix supports, use the command
"ppoossttccoonnff --mm".
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
the sasl_passwd table.
Workarounds:
* Some remote SMTP servers support PLAIN or LOGIN authentication only. By
default, the Postfix SMTP client does not use authentication methods that
send plaintext passwords, and defers delivery with the following error
message: "Authentication failed: cannot SASL authenticate to server". To
enable plaintext authentication specify, for example:
/etc/postfix/main.cf:
smtp_sasl_security_options = noanonymous
* Some remote SMTP servers announce authentication mechanisms that don't
actually work. It is possible via the smtp_sasl_mechanism_filter parameter
to restrict the list of server mechanisms that the Postfix SMTP client will
take into consideration:
/etc/postfix/main.cf:
smtp_sasl_mechanism_filter = !gssapi, !external, static:all
In the above example, the Postfix SMTP client will decline to use
mechanisms that require special infrastructure such as Kerberos or TLS.
* The Postfix SMTP client is backwards compatible with SMTP servers that use
the non-standard "AUTH=method..." syntax in response to the EHLO command;
there is no Postfix client configuration needed to work around it.
SSuuppppoorrttiinngg mmuullttiippllee IISSPP aaccccoouunnttss iinn tthhee PPoossttffiixx SSMMTTPP cclliieenntt
Postfix version 2.3 supports multiple ISP accounts. This can be useful when one
person uses the same machine for work and for personal use, or when people with
different ISP accounts share the same Postfix server. To make this possible,
Postfix 2.3 supports per-sender SASL passwords and per-sender relay hosts. In
the example below, Postfix will search the SASL password file by sender before
it searches that same file by destination. Likewise, Postfix will search the
per-sender relayhost file, and use the default relayhost only as a final
resort.
/etc/postfix/main.cf:
smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user2@example.net username2:password2
# Login information for the default relayhost.
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
/etc/postfix/sender_relay:
# Per-sender provider; see also /etc/postfix/sasl_passwd.
user1@example.com [mail.example.com]:submission
user2@example.net [mail.example.net]
Notes:
* If you are creative, then you can try to combine the two tables into one
single MySQL database, and configure different Postfix queries to extract
the appropriate information.
* Specify ddbbmm instead of hhaasshh if your system uses ddbbmm files instead of ddbb
files. To find out what lookup tables Postfix supports, use the command
"ppoossttccoonnff --mm".
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//ssaassll__ppaasssswwdd" whenever you change
the sasl_passwd table.
* Execute the command "ppoossttmmaapp //eettcc//ppoossttffiixx//sseennddeerr__rreellaayy" whenever you change
the sender_relay table.

6
postfix/README_FILES/STANDARD_CONFIGURATION_README
View File

@@ -45,10 +45,14 @@ document:
# Optional: specify NAT/proxy external address.
#proxy_interfaces = 1.2.3.4
# Don't relay mail from other hosts.
# Alternative 1: don't relay mail from other hosts.
mynetworks_style = host
relay_domains =
# Alternative 2: relay mail from local clients only.
# mynetworks = 192.168.1.0/28
# relay_domains =
See also the section "Postfix on hosts without a real Internet hostname" if
this is applicable to your configuration.

332
postfix/RELEASE_NOTES
View File

@@ -1,340 +1,18 @@
The stable Postfix release is called postfix-2.4.x where 2=major
release number, 4=minor release number, x=patchlevel. The stable
The stable Postfix release is called postfix-2.5.x where 2=major
release number, 5=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.5-yyyymmdd where yyyymmdd is the release date (yyyy=year,
postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
Incompatibility with Postfix 2.3 and earlier
Incompatibility with Postfix 2.4 and earlier
============================================
If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
before proceeding.
Incompatibility with Postfix snapshot 20080114
==============================================
The Postfix SMTP client now by default defers mail after a remote
SMTP server rejects a SASL authentication attempt. Specify
"smtp_sasl_auth_soft_bounce = no" for the old behavior.
Major changes with Postfix snapshot 20080114
============================================
The Postfix SMTP client can now avoid making repeated SASL login
failures with the same server, username and password. To enable
this safety feature, specify for example "smtp_sasl_auth_cache_name
= proxy:btree:/var/lib/postfix/sasl_auth_cache" (access through the
proxy service is required). Instead of trying to SASL authenticate,
the Postfix SMTP client defers or bounces mail as controlled with
the new smtp_sasl_auth_soft_bounce configuration parameter.
Incompatibility with Postfix snapshot 20080109
==============================================
TLS logging output has changed to make it more useful. Existing
logfile parser regular expressions may need adjustment.
- More log entries include the "hostnamename[ipaddress]" of the
remote SMTP peer.
- Certificate trust chain error reports show only the first
error certificate (closest to the trust chain root), and the
reporting is more human-readable for the most likely errors.
- After the completion of the TLS handshake, the session is logged
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
"Verified" (SMTP client only).
- "Untrusted" means that the certificate trust chain is invalid,
or that the root CA is not trusted.
- "Trusted" means that the certificate trust chain is valid, and
that the root CA is trusted.
- "Verified" means that the certificate meets the SMTP client's
matching criteria for the destination:
- In the case of a destination name match, "Verified" also
implies "Trusted".
- In the case of a fingerprint match, CA trust is not applicable.
- The logging of protocol states with TLS loglevel >= 2 no longer
reports bogus error conditions when OpenSSL asks Postfix to refill
(or flush) network I/O buffers. This loglevel is for debugging
only; use 0 or 1 in production configurations.
Major changes with Postfix snapshot 20080109
============================================
The Postfix SMTP client has a new "fingerprint" security level.
This avoids dependencies on CAs, and relies entirely on bi-lateral
exchange of public keys (really self-signed or private CA signed
X.509 public key certificates). Scalability is clearly limited. For
details, see the fingerprint discussion in TLS_README.
The Postfix SMTP server can now use SHA1 instead of MD5 to compute
remote SMTP client certificate fingerprints. For backwards
compatibility, the default algorithm is MD5. For details, see the
"smtpd_tls_fingerprint_digest" parameter in the postconf(5) manual.
The maximum certificate trust chain depth (verifydepth) is finally
implemented in the Postfix TLS library. Previously, the parameter
had no effect. The default depth was changed to 9 (the OpenSSL
default) for backwards compatibility.
If you have explicity limited the verification depth in main.cf,
check that the configured limit meets your needs. See the
"lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
"smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
The selection of SSL/TLS protocols for mandatory TLS can now use
exclusion rather than inclusion. Either form is acceptable; see the
"lmtp_tls_mandatory_protocols", "smtp_tls_mandatory_protocols" and
"smtpd_tls_mandatory_protocols" parameters in the postconf(5) manual.
Major changes with Postfix snapshot 20080107
============================================
New "pass" service type in master.cf. Written years ago, this
allows a future front-end daemon to accept all connections from the
network, and forward only those from well-behaved clients to Postfix.
Since this uses file descriptor passing, it imposes no overhead
once a connection is handed over to Postfix. See master(5) for a
few details.
Incompatibility with Postfix snapshot 20071224
==============================================
The protocol to send Milter information from smtpd(8) to cleanup(8)
processes was cleaned up. If you use the Milter feature, and upgrade
a live Postfix system, you may see an "unexpected record type"
warning from a cleanup(8) server process. To prevent this, execute
the command "postfix reload". The incompatibility affects only
systems that use the Milter feature. It does not cause loss of mail,
just a minor delay until the remote SMTP client retries.
Major changes with Postfix snapshot 20071221
============================================
Support for most of the Sendmail 8.14 Milter protocol features.
To enable the new features specify "milter_protocol = 6" and link
the filter application with a libmilter library from Sendmail 8.14
or later.
Sendmail 8.14 Milter features supported at this time:
- NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR,
NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
to some of the SMTP events that Postfix sends. This makes the
protocol less chatty and improves performance.
- SKIP: The filter can tell Postfix to skip sending the rest of
the message body, which also improves performance.
- HDR_LEADSPC: The filter can request that Postfix does not delete
the first space character between header name and header value
when sending a header to the filter, and that Postfix does not
insert a space character between header name and header value
when receiving a header from the filter. This fixes a limitation
in the old Milter protocol that can break DKIM and DK signatures.
- SETSYMLIST: The filter can override one or more of the main.cf
milter_xxx_macros parameter settings.
Sendmail 8.14 Milter features not supported at this time:
- RCPT_REJ: report rejected recipients to the mail filter.
- CHGFROM: replace sender, with optional ESMTP command parameters.
- ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
It is unclear when (if ever) the missing features will be implemented.
SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
processing and error handling. SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
require ESMTP command-line parsing in the cleanup server. Unfortunately,
Sendmail's documentation does not specify what ESMTP options are
supported, but only discusses examples of things that don't work.
Incompatibility with Postfix snapshot 20071216
==============================================
Due to an incompatible API change between OpenLDAP 2.0.11 and 2.0.12,
an LDAP client compiled for OpenLDAP version <= 2.0.11 will refuse
to work with an OpenLDAP library version >= 2.0.12 and vice versa.
The SMTP "transcript of session" email now includes the remote SMTP
server TCP port number.
Incompatibility with Postfix snapshot 20071212
==============================================
The allow_min_user feature now applies to both sender and recipient
addresses in SMTP commands. With earlier Postfix versions, only
recipients were subject to the allow_min_user feature, and the
restriction took effect at mail delivery time, causing mail to be
bounced later instead of being rejected immediately.
Incompatibility with Postfix snapshot 20071206
==============================================
The "make install" and "make upgrade" procedures now create a
Postfix-owned directory for Postfix-writable data files such as
caches and random numbers. The location is specified with the
"data_directory" parameter (default: "/var/lib/postfix"), and the
ownership is specified with the "mail_owner" parameter.
The tlsmgr(8) and verify(8) servers no longer use root privileges
when opening the address_verify_map, *_tls_session_cache_database,
and tls_random_exchange_name cache files. This avoids a potential
security loophole where the ownership of a file (or directory) does
not match the trust level of the content of that file (or directory).
The tlsmgr(8) and verify(8) cache files should now be stored under
the Postfix-owned data_directory. As a migration aid, attempts to
open these files under a non-Postfix directory are redirected to
the Postfix-owned data_directory, and a warning is logged.
This is an example of the warning messages:
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
to update file /etc/postfix/prng_exch in non-postfix directory
/etc/postfix
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
the request to postfix-owned data_directory /var/lib/postfix
If you wish to continue using a pre-existing tls_random_exchange_name
or address_verify_map file, move it to the Postfix-owned data_directory
and change ownership to the account specified with the mail_owner
configuration parameter.
Major changes with Postfix snapshot 20071205
============================================
The "make install" and "make upgrade" procedures now create a
Postfix-owned directory for Postfix-writable data files such as
caches and random numbers. The location is specified with the
"data_directory" parameter (default: "/var/lib/postfix"), and the
ownership is specified with the "mail_owner" parameter.
Incompatibility with Postfix snapshot 20071203
==============================================
The "make upgrade" procedure adds a new service "proxywrite" to the
master.cf file, for read/write lookup table access. If you copy
your old configuration file over the updated one, you will have
to run "postfix upgrade-configuration" again.
Major changes with Postfix snapshot 20071202
============================================
Output rate control in the queue manager. For example, specify
"smtp_delivery_rate_delay = 5m", to pause five minutes between
message deliveries. More information in the postconf(5) manual
under "default_delivery_rate_delay".
Major changes with Postfix snapshot 20071130
============================================
Revised queue manager with separate mechanisms for per-destination
concurrency control and for dead destination detection. The
concurrency control supports less-than-1 feedback to allow for more
gradual concurrency adjustments, and uses hysteresis to avoid rapid
oscillations. A destination is declared "dead" after a configurable
number of pseudo-cohorts(*) reports connection or handshake failure.
(*) A pseudo-cohort is a number of delivery requests equal to a
destination's delivery concurrency.
The drawbacks of the old +/-1 feedback scheduler are a) overshoot
due to exponential delivery concurrency growth with each pseudo-cohort(*)
(5-10-20...); b) throttling down to zero concurrency after a single
pseudo-cohort(*) failure. The latter was especially an issue with
low-concurrency channels where a single failure could be sufficient
to mark a destination as "dead", and suspend further deliveries.
New configuration parameters: destination_concurrency_feedback_debug,
default_destination_concurrency_positive_feedback,
default_destination_concurrency_negative_feedback,
default_destination_concurrency_failed_cohort_limit, as well as
transport-specific versions of the same. See postconf(5) for
extensive descriptions, and SCHEDULER_README for background information
on the theory and practice of how these settings work.
The default parameter settings are backwards compatible with older
Postfix versions. This may change after better defaults are field
tested.
Major changes with Postfix snapshot 20071111
============================================
Header/body checks are now available in the SMTP client, after the
implementation was moved from the cleanup server to a library module.
The SMTP client provides only actions that don't change the message
delivery time or destination: warn, replace, prepend, ignore, dunno,
ok.
Major changes with Postfix snapshot 20070911
============================================
Stress-adaptive behavior. When a "public" network service runs into
an "all processes are busy" condition, the master(8) daemon logs a
warning, restarts the service, and runs it with "-o stress=yes" on
the command line (under normal conditions it runs the service with
"-o stress=" on the command line). This can be used to make main.cf
parameter settings stress dependent, for example:
/etc/postfix/main.cf:
smtpd_timeout = ${stress?10}${stress:300}
smtpd_hard_error_limit = ${stress?1}${stress:20}
Translation: under conditions of stress, use an smtpd_timeout value
of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
instead of 20. The syntax is explained in the postconf(5) manpage.
This feature needs further configuration and documentation, but is
already useful in its present form.
Major changes with Postfix snapshot 20070724
============================================
Not really major. New support for RFC 3848 (Received: headers with
ESMTPS, ESMTPA, or ESMTPSA); updated SASL support according to RFC
4954, resulting in small changes to SMTP reply codes and (DSN)
enhanced status codes.
Incompatibility with Postfix snapshot 20070614
==============================================
By default, the Postfix Cyrus SASL client no longer sends a SASL
authoriZation ID (authzid); it sends only the SASL authentiCation
ID (authcid) plus the authcid's password. Specify "send_cyrus_sasl_authzid
= yes" to get the old behavior.
Incompatibility with Postfix snapshot 20070613
==============================================
The pipe(8) delivery agent no longer allows delivery with the same
group ID as the main.cf postdrop group.
Incompatibility with Postfix snapshot 20070514
==============================================
The default sender address for address verification probes was
changed from "postmaster" to "double-bounce", so that the Postfix
SMTP server no longer causes surprising behavior by excluding
"postmaster" from SMTP server access controls.
Incompatibility with Postfix snapshot 20070422
==============================================
When the pipe(8) delivery agent is configured to create the optional
Delivered-To: header, it now first checks if that same header is
already present in the message. If so, the message is returned as
undeliverable. This test should have been included with Postfix 2.0
when Delivered-To: support was added to the pipe(8) delivery agent.

376
postfix/RELEASE_NOTES-2.5 Normal file
View File

@@ -0,0 +1,376 @@
The stable Postfix release is called postfix-2.5.x where 2=major
release number, 5=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
New features are developed in snapshot releases. These are called
postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
mm=month, dd=day). Patches are never issued for snapshot releases;
instead, a new snapshot is released.
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
Incompatibility with Postfix 2.3 and earlier
============================================
If you upgrade from Postfix 2.3 or earlier, read RELEASE_NOTES-2.4
before proceeding.
Major changes - critical
------------------------
[Incompat 20071224] The protocol to send Milter information from
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
Milter feature, and upgrade a live Postfix system, you may see an
"unexpected record type" warning from a cleanup(8) server process.
To prevent this, execute the command "postfix reload". The
incompatibility affects only systems that use the Milter feature.
It does not cause loss of mail, just a minor delay until the remote
SMTP client retries.
[Incompat 20071212] The allow_min_user feature now applies to both
sender and recipient addresses in SMTP commands. With earlier Postfix
versions, only recipients were subject to the allow_min_user feature,
and the restriction took effect at mail delivery time, causing mail
to be bounced later instead of being rejected immediately.
[Incompat 20071206] The "make install" and "make upgrade" procedures
now create a Postfix-owned directory for Postfix-writable data files
such as caches and random numbers. The location is specified with
the "data_directory" parameter (default: "/var/lib/postfix"), and
the ownership is specified with the "mail_owner" parameter.
[Incompat 20071206] The tlsmgr(8) and verify(8) servers no longer
use root privileges when opening the address_verify_map,
*_tls_session_cache_database, and tls_random_exchange_name cache
files. This avoids a potential security loophole where the ownership
of a file (or directory) does not match the trust level of the
content of that file (or directory).
[Incompat 20071206] The tlsmgr(8) and verify(8) cache files should
now be stored as Postfix-owned files under the Postfix-owned
data_directory. As a migration aid, attempts to open these files
under a non-Postfix directory are redirected to the Postfix-owned
data_directory, and a warning is logged.
This is an example of the warning messages:
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: request
to update file /etc/postfix/prng_exch in non-postfix directory
/etc/postfix
Dec 6 12:56:22 bristle postfix/tlsmgr[7899]: warning: redirecting
the request to postfix-owned data_directory /var/lib/postfix
If you wish to continue using a pre-existing tls_random_exchange_name
or address_verify_map file, move it to the Postfix-owned data_directory
and change ownership from root to Postfix (that is, change ownership
to the account specified with the mail_owner configuration parameter).
[Feature 20071205] The "make install" and "make upgrade" procedures
now create a Postfix-owned directory for Postfix-writable data files
such as caches and random numbers. The location is specified with
the "data_directory" parameter (default: "/var/lib/postfix"), and
the ownership is specified with the "mail_owner" parameter.
[Incompat 20071203] The "make upgrade" procedure adds a new service
"proxywrite" to the master.cf file, for read/write lookup table
access. If you copy your old configuration file over the updated
one, you may see warnings in the maillog file like this:
connect #xx to subsystem private/proxywrite: No such file or directory
To recover, run "postfix upgrade-configuration" again.
[Incompat 20070613] The pipe(8) delivery agent no longer allows
delivery with the same group ID as the main.cf postdrop group.
Major changes - malware defense
-------------------------------
[Feature 20080107] New "pass" service type in master.cf. Written
years ago, this allows future front-end daemons to accept all
connections from the network, and to hand over connections from
well-behaved clients to Postfix. Since this feature uses file
descriptor passing, it imposes no overhead once a connection is
handed over to Postfix. See master(5) for a few details.
[Feature 20070911] Stress-adaptive behavior. When a "public" network
service runs into an "all processes are busy" condition, the master(8)
daemon logs a warning, restarts the service, and runs it with "-o
stress=yes" on the command line (under normal conditions it runs
the service with "-o stress=" on the command line). This can be
used to make main.cf parameter settings stress dependent, for
example:
/etc/postfix/main.cf:
smtpd_timeout = ${stress?10}${stress:300}
smtpd_hard_error_limit = ${stress?1}${stress:20}
Translation: under conditions of stress, use an smtpd_timeout value
of 10 seconds instead of 300, and use smtpd_hard_error_limit of 1
instead of 20. The syntax is explained in the postconf(5) manpage.
The STRESS_README file gives examples of how to mitigate flooding
problems.
Major changes - tls support
---------------------------
[Incompat 20080109] TLS logging output has changed to make it more
useful. Existing logfile parser regular expressions may need
adjustment.
- More log entries include the "hostnamename[ipaddress]" of the
remote SMTP peer.
- Certificate trust chain error reports show only the first
error certificate (closest to the trust chain root), and the
reporting is more human-readable for the most likely errors.
- After the completion of the TLS handshake, the session is logged
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
"Verified" (SMTP client only).
- "Untrusted" means that the certificate trust chain is invalid,
or that the root CA is not trusted.
- "Trusted" means that the certificate trust chain is valid, and
that the root CA is trusted.
- "Verified" means that the certificate meets the SMTP client's
matching criteria for the destination:
- In the case of a destination name match, "Verified" also
implies "Trusted".
- In the case of a fingerprint match, CA trust is not applicable.
- The logging of protocol states with TLS loglevel >= 2 no longer
reports bogus error conditions when OpenSSL asks Postfix to refill
(or flush) network I/O buffers. This loglevel is for debugging
only; use 0 or 1 in production configurations.
[Feature 20080109] The Postfix SMTP client has a new "fingerprint"
security level. This avoids dependencies on CAs, and relies entirely
on bi-lateral exchange of public keys (really self-signed or private
CA signed X.509 public key certificates). Scalability is clearly
limited. For details, see the fingerprint discussion in TLS_README.
[Feature 20080109] The Postfix SMTP server can now use SHA1 instead
of MD5 to compute remote SMTP client certificate fingerprints. For
backwards compatibility, the default algorithm is MD5. For details,
see the "smtpd_tls_fingerprint_digest" parameter in the postconf(5)
manual.
[Feature 20080109] The maximum certificate trust chain depth
(verifydepth) is finally implemented in the Postfix TLS library.
Previously, the parameter had no effect. The default depth was
changed to 9 (the OpenSSL default) for backwards compatibility.
If you have explicity limited the verification depth in main.cf,
check that the configured limit meets your needs. See the
"lmtp_tls_scert_verifydepth", "smtp_tls_scert_verifydepth" and
"smtpd_tls_ccert_verifydepth" parameters in the postconf(5) manual.
[Feature 20080109] The selection of SSL/TLS protocols for mandatory
TLS can now use exclusion rather than inclusion. Either form is
acceptable; see the "lmtp_tls_mandatory_protocols",
"smtp_tls_mandatory_protocols" and "smtpd_tls_mandatory_protocols"
parameters in the postconf(5) manual.
Major changes - scheduler
-------------------------
[Feature 20071130] Revised queue manager with separate mechanisms
for per-destination concurrency control and for dead destination
detection. The concurrency control supports less-than-1 feedback
to allow for more gradual concurrency adjustments, and uses hysteresis
to avoid rapid oscillations. A destination is declared "dead" after
a configurable number of pseudo-cohorts(*) reports connection or
handshake failure.
(*) A pseudo-cohort is a number of delivery requests equal to a
destination's delivery concurrency.
The drawbacks of the old +/-1 feedback scheduler are a) overshoot
due to exponential delivery concurrency growth with each pseudo-cohort(*)
(5-10-20...); b) throttling down to zero concurrency after a single
pseudo-cohort(*) failure. The latter was especially an issue with
low-concurrency channels where a single failure could be sufficient
to mark a destination as "dead", and suspend further deliveries.
New configuration parameters: destination_concurrency_feedback_debug,
default_destination_concurrency_positive_feedback,
default_destination_concurrency_negative_feedback,
default_destination_concurrency_failed_cohort_limit, as well as
transport-specific versions of the same. See postconf(5) for
extensive descriptions, and SCHEDULER_README for background information
on the theory and practice of how these settings work.
The default parameter settings are backwards compatible with older
Postfix versions. This may change after better defaults are field
tested.
The SCHEDULER_README document describes the new concurrency scheduler,
as well as Patrik Rak's preemptive job scheduler.
Major changes - small/home office
---------------------------------
[Feature 20080115] Preliminary SOHO_README document that combines
bits and pieces from other document in one place, so that it is
easier to find. This document describes the "mail sending" side
only.
[Feature 20071202] Output rate control in the queue manager. For
example, specify "smtp_delivery_rate_delay = 5m", to pause five
minutes between message deliveries. More information in the postconf(5)
manual under "default_delivery_rate_delay".
Major changes - smtp client
---------------------------
[Incompat 20080114] The Postfix SMTP client now by default defers
mail after a remote SMTP server rejects a SASL authentication
attempt. Specify "smtp_sasl_auth_soft_bounce = no" for the old
behavior.
[Feature 20080114] The Postfix SMTP client can now avoid making
repeated SASL login failures with the same server, username and
password. To enable this safety feature, specify for example
"smtp_sasl_auth_cache_name = proxy:btree:/var/lib/postfix/sasl_auth_cache"
(access through the proxy service is required). Instead of trying
to SASL authenticate, the Postfix SMTP client defers or bounces
mail as controlled with the new smtp_sasl_auth_soft_bounce configuration
parameter.
[Feature 20071111] Header/body checks are now available in the SMTP
client, after the implementation was moved from the cleanup server
to a library module. The SMTP client provides only actions that
don't change the message delivery time or destination: warn, replace,
prepend, ignore, dunno, ok.
[Incompat 20070614] By default, the Postfix Cyrus SASL client no
longer sends a SASL authoriZation ID (authzid); it sends only the
SASL authentiCation ID (authcid) plus the authcid's password. Specify
"send_cyrus_sasl_authzid = yes" to get the old behavior.
Major changes - smtp server
---------------------------
[Feature 20070724] Not really major. New support for RFC 3848
(Received: headers with ESMTPS, ESMTPA, or ESMTPSA); updated SASL
support according to RFC 4954, resulting in small changes to SMTP
reply codes and (DSN) enhanced status codes.
Major changes - milter
----------------------
[Incompat 20071224] The protocol to send Milter information from
smtpd(8) to cleanup(8) processes was cleaned up. If you use the
Milter feature, and upgrade a live Postfix system, you may see an
"unexpected record type" warning from a cleanup(8) server process.
To prevent this, execute the command "postfix reload". The
incompatibility affects only systems that use the Milter feature.
It does not cause loss of mail, just a minor delay until the remote
SMTP client retries.
[Feature 20071221] Support for most of the Sendmail 8.14 Milter
protocol features.
To enable the new features specify "milter_protocol = 6" and link
the filter application with a libmilter library from Sendmail 8.14
or later.
Sendmail 8.14 Milter features supported at this time:
- NR_CONN, NR_HELO, NR_MAIL, NR_RCPT, NR_DATA, NR_UNKN, NR_HDR,
NR_EOH, NR_BODY: The filter can tell Postfix that it won't reply
to some of the SMTP events that Postfix sends. This makes the
protocol less chatty and improves performance.
- SKIP: The filter can tell Postfix to skip sending the rest of
the message body, which also improves performance.
- HDR_LEADSPC: The filter can request that Postfix does not delete
the first space character between header name and header value
when sending a header to the filter, and that Postfix does not
insert a space character between header name and header value
when receiving a header from the filter. This fixes a limitation
in the old Milter protocol that can break DKIM and DK signatures.
- SETSYMLIST: The filter can override one or more of the main.cf
milter_xxx_macros parameter settings.
Sendmail 8.14 Milter features not supported at this time:
- RCPT_REJ: report rejected recipients to the mail filter.
- CHGFROM: replace sender, with optional ESMTP command parameters.
- ADDRCPT_PAR: add recipient, with optional ESMTP command parameters.
It is unclear when (if ever) the missing features will be implemented.
SMFIP_RCPT_REJ requires invasive changes in the SMTP server recipient
processing and error handling. SMFIR_CHGFROM and SMFIR_ADDRCPT_PAR
require ESMTP command-line parsing in the cleanup server. Unfortunately,
Sendmail's documentation does not specify what ESMTP options are
supported, but only discusses examples of things that don't work.
Major changes - address verification
------------------------------------
[Incompat 20070514] The default sender address for address verification
probes was changed from "postmaster" to "double-bounce", so that
the Postfix SMTP server no longer causes surprising behavior by
excluding "postmaster" from SMTP server access controls.
Major changes - ldap
--------------------
[Incompat 20071216] Due to an incompatible API change between
OpenLDAP 2.0.11 and 2.0.12, an LDAP client compiled for OpenLDAP
version <= 2.0.11 will refuse to work with an OpenLDAP library
version >= 2.0.12 and vice versa.
Major changes - logging
-----------------------
[Incompat 20080109] TLS logging output has changed to make it more
useful. Existing logfile parser regular expressions may need
adjustment.
- More log entries include the "hostnamename[ipaddress]" of the
remote SMTP peer.
- Certificate trust chain error reports show only the first
error certificate (closest to the trust chain root), and the
reporting is more human-readable for the most likely errors.
- After the completion of the TLS handshake, the session is logged
with TLS loglevel >= 1 as either "Untrusted", "Trusted" or
"Verified" (SMTP client only).
- "Untrusted" means that the certificate trust chain is invalid,
or that the root CA is not trusted.
- "Trusted" means that the certificate trust chain is valid, and
that the root CA is trusted.
- "Verified" means that the certificate meets the SMTP client's
matching criteria for the destination:
- In the case of a destination name match, "Verified" also
implies "Trusted".
- In the case of a fingerprint match, CA trust is not applicable.
- The logging of protocol states with TLS loglevel >= 2 no longer
reports bogus error conditions when OpenSSL asks Postfix to refill
(or flush) network I/O buffers. This loglevel is for debugging
only; use 0 or 1 in production configurations.
[Incompat 20071216] The SMTP "transcript of session" email now
includes the remote SMTP server TCP port number.
Major changes - loop detection
------------------------------
[Incompat 20070422] [Incompat 20070422] When the pipe(8) delivery
agent is configured to create the optional Delivered-To: header,
it now first checks if that same header is already present in the
message. If so, the message is returned as undeliverable. This test
should have been included with Postfix 2.0 when Delivered-To: support
was added to the pipe(8) delivery agent.

4
postfix/WISHLIST
View File

@@ -1,5 +1,9 @@
Wish list:
Collect random bits and pieces in one SOHO_README document:
smtp_generic_maps, sender_dependent_mumble,
smtp_sasl_auth_cache_name/time.
See if "pickup =o content_filter=smtp:127.0.0.1" can be
made a viable alternative to the use of non_smtpd_milters.

132
postfix/html/SASL_README.html
View File

@@ -79,6 +79,9 @@ Postfix SMTP server</a></li>
<li><a href="#client_sasl">Enabling SASL authentication in the
Postfix SMTP client</a></li>
<li><a href="#client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></li>
<li><a href="#credits">Credits</a>
</ul>
@@ -636,42 +639,57 @@ table. </p>
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
<a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> = cyrus
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
foo.com username:password
bar.com username
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
</pre>
</blockquote>
<p> The Postfix SMTP client opens the SASL client password file
before entering the optional chroot jail, so you can keep the file
in /etc/postfix and set permissions read / write only for root to
keep the username:password combinations away from other system
<p> Notes: </p>
<ul>
<li> <p> The "submission" destination port tells Postfix to send
mail via TCP network port 587, which is normally reserved for email
clients. The default is to send mail to the "smtp" destination port
(TCP port 25), which is used for receiving mail across the internet.
If you use an explicit destination port in <a href="postconf.5.html">main.cf</a>, then you must
use the same form also in the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
<li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
"wrappermode" protocol). See <a href="TLS_README.html">TLS_README</a> for a solution that uses the
"stunnel" command. </p>
<li> <p> The "[" and "]" prevent Postfix from looking up the MX
(mail exchanger) records for the enclosed name. If you use this
form in <a href="postconf.5.html">main.cf</a>, then you must use the same form also in the
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
<li> <p> The Postfix SMTP client opens the SASL client password
file before entering the optional chroot jail, so you can keep the
file in /etc/postfix and set permissions read / write only for root
to keep the username:password combinations away from other system
users. </p>
<p> Postfix version 2.3 supports-per-sender SASL password
information. To search the Postfix SASL password by sender
before it searches by destination, specify: </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
/etc/postfix/sasl_passwd:
user@example.com username:password
bar.com username
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
</pre>
</blockquote>
</ul>
<p> Note: some remote SMTP servers support PLAIN or LOGIN authentication
only.
<p> Workarounds: </p>
<ul>
<li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
By default, the Postfix SMTP client does not use authentication
methods that send plaintext passwords, and defers delivery with
the following error message: "Authentication failed: cannot SASL
@@ -685,7 +703,7 @@ for example: </p>
</pre>
</blockquote>
<p> Note: some remote SMTP servers announce authentication mechanisms
<li> <p> Some remote SMTP servers announce authentication mechanisms
that don't actually work. It is possible via the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
parameter to restrict the list of server mechanisms that the Postfix
SMTP client will take into consideration: </p>
@@ -701,11 +719,73 @@ SMTP client will take into consideration: </p>
use mechanisms
that require special infrastructure such as Kerberos or TLS. </p>
<p> The Postfix SMTP client is backwards compatible with SMTP
<li> <p> The Postfix SMTP client is backwards compatible with SMTP
servers that use the non-standard "AUTH=method..." syntax in response
to the EHLO command; there is no Postfix client configuration needed
to work around it. </p>
</ul>
<h2><a name="client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></h2>
<p> Postfix version 2.3 supports multiple ISP accounts. This can
be useful when one person uses the same machine for work and for
personal use, or when people with different ISP accounts share the
same Postfix server. To make this possible, Postfix 2.3 supports
per-sender SASL passwords and per-sender relay hosts. In the example
below, Postfix will search the SASL password file by sender before
it searches that same file by destination. Likewise, Postfix will
search the per-sender <a href="postconf.5.html#relayhost">relayhost</a> file, and use the default <a href="postconf.5.html#relayhost">relayhost</a>
only as a final resort. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> = hash:/etc/postfix/sender_relay
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user2@example.net username2:password2
# Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
/etc/postfix/sender_relay:
# Per-sender provider; see also /etc/postfix/sasl_passwd.
user1@example.com [mail.example.com]:submission
user2@example.net [mail.example.net]
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> If you are creative, then you can try to combine the two
tables into one single MySQL database, and configure different
Postfix queries to extract the appropriate information. </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
whenever you change the sender_relay table. </p>
</ul>
<h2><a name="credits">Credits</a></h2>
<ul>

385
postfix/html/SOHO_README.html Normal file
View File

@@ -0,0 +1,385 @@
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix Small/Home Office Hints and Tips</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Small/Home Office Hints and Tips</h1>
<hr>
<h2>Overview</h2>
<p> This document combines hints and tips for "small office/home
office" applications into one document so that they are easier to
find. The text describes the mail sending side only. If your machine
does not receive mail directly (i.e. it does not have its own
Internet domain name and its own fixed IP address), then you will
need a solution such as "fetchmail", which is outside the scope of
the Postfix documentation. </p>
<ul>
<li> <p> Selected topics from the <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> document: </p>
<ul>
<li><a href="#stand_alone">Postfix on a stand-alone Internet host</a>
<li><a href="#fantasy">Postfix on hosts without a real
Internet hostname</a>
</ul>
<p> Selected topics from the <a href="SASL_README.html">SASL_README</a> document: </p>
<ul>
<li><a href="#client_sasl">Enabling SASL authentication in the
Postfix SMTP client</a></li>
<li><a href="#client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></li>
</ul>
</ul>
<p> See the <a href="SASL_README.html">SASL_README</a> and <a href="STANDARD_CONFIGURATION_README.html">STANDARD_CONFIGURATION_README</a> documents for
further information on these topics. </p>
<h2><a name="stand_alone">Postfix on a stand-alone Internet host</a></h2>
<p> Postfix should work out of the box without change on a stand-alone
machine that has direct Internet access. At least, that is how
Postfix installs when you download the Postfix source code via
<a href="http://www.postfix.org/">http://www.postfix.org/</a>. </p>
<p> You can use the command "<b>postconf -n</b>" to find out what
settings are overruled by your <a href="postconf.5.html">main.cf</a>. Besides a few pathname
settings, few parameters should be set on a stand-alone box, beyond
what is covered in the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURATION_README</a> document: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
# Optional: send mail as user@domainname instead of user@hostname.
#<a href="postconf.5.html#myorigin">myorigin</a> = $<a href="postconf.5.html#mydomain">mydomain</a>
# Optional: specify NAT/proxy external address.
#<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
# Alternative 1: don't relay mail from other hosts.
<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host
<a href="postconf.5.html#relay_domains">relay_domains</a> =
# Alternative 2: relay mail from local clients only.
# <a href="postconf.5.html#mynetworks">mynetworks</a> = 192.168.1.0/28
# <a href="postconf.5.html#relay_domains">relay_domains</a> =
</pre>
</blockquote>
<p> See also the section "<a href="#fantasy">Postfix on hosts without
a real Internet hostname</a>" if this is applicable to your configuration.
</p>
<h2><a name="fantasy">Postfix on hosts without a real Internet
hostname</a></h2>
<p> This section is for hosts that don't have their own Internet
hostname. Typically these are systems that get a dynamic IP address
via DHCP or via dialup. Postfix will let you send and receive mail
just fine between accounts on a machine with a fantasy name. However,
you cannot use a fantasy hostname in your email address when sending
mail into the Internet, because no-one would be able to reply to
your mail. In fact, more and more sites refuse mail addresses with
non-existent domain names. </p>
<p> Note: the following information is Postfix version dependent.
To find out what Postfix version you have, execute the command
"<b>postconf <a href="postconf.5.html#mail_version">mail_version</a></b>". </p>
<h3>Solution 1: Postfix version 2.2 and later </h3>
<p> Postfix 2.2 uses the <a href="generic.5.html">generic(5)</a> address mapping to replace
local fantasy email addresses by valid Internet addresses. This
mapping happens ONLY when mail leaves the machine; not when you
send mail between users on the same machine. </p>
<p> The following example presents additional configuration. You
need to combine this with basic configuration information as
discussed the first half of this document. </p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a> = hash:/etc/postfix/generic
3
4 /etc/postfix/generic:
5 his@localdomain.local hisaccount@hisisp.example
6 her@localdomain.local heraccount@herisp.example
7 @localdomain.local hisaccount+local@hisisp.example
</pre>
</blockquote>
<p> When mail is sent to a remote host via SMTP: </p>
<ul>
<li> <p> Line 5 replaces <i>his@localdomain.local</i> by his ISP
mail address, </p>
<li> <p> Line 6 replaces <i>her@localdomain.local</i> by her ISP
mail address, and </p>
<li> <p> Line 7 replaces other local addresses by his ISP account,
with an address extension of +<i>local</i> (this example assumes
that the ISP supports "+" style address extensions). </p>
</ul>
<p>Specify <b>dbm</b> instead of <b>hash</b> if your system uses
<b>dbm</b> files instead of <b>db</b> files. To find out what lookup
tables Postfix supports, use the command "<b>postconf -m</b>". </p>
<p> Execute the command "<b>postmap /etc/postfix/generic</b>"
whenever you change the generic table. </p>
<h3>Solution 2: Postfix version 2.1 and earlier </h3>
<p> The solution with older Postfix systems is to use valid
Internet addresses where possible, and to let Postfix map valid
Internet addresses to local fantasy addresses. With this, you can
send mail to the Internet and to local fantasy addresses, including
mail to local fantasy addresses that don't have a valid Internet
address of their own.</p>
<p> The following example presents additional configuration. You
need to combine this with basic configuration information as
discussed the first half of this document. </p>
<blockquote>
<pre>
1 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
2 <a href="postconf.5.html#myhostname">myhostname</a> = hostname.localdomain
3 <a href="postconf.5.html#mydomain">mydomain</a> = localdomain
4
5 <a href="postconf.5.html#canonical_maps">canonical_maps</a> = hash:/etc/postfix/canonical
6
7 <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
8
9 /etc/postfix/canonical:
10 your-login-name your-account@your-isp.com
11
12 /etc/postfix/<a href="virtual.8.html">virtual</a>:
13 your-account@your-isp.com your-login-name
</pre>
</blockquote>
<p> Translation: </p>
<ul>
<li> <p> Lines 2-3: Substitute your fantasy hostname here. Do not
use a domain name that is already in use by real organizations
on the Internet. See <a href="http://tools.ietf.org/html/rfc2606">RFC 2606</a> for examples of domain
names that are guaranteed not to be owned by anyone. </p>
<li> <p> Lines 5, 9, 10: This provides the mapping from
"your-login-name@hostname.localdomain" to "your-account@your-isp.com".
This part is required. </p>
<li> <p> Lines 7, 12, 13: Deliver mail for "your-account@your-isp.com"
locally, instead of sending it to the ISP. This part is not required
but is convenient.
</ul>
<p>Specify <b>dbm</b> instead of <b>hash</b> if your system uses
<b>dbm</b> files instead of <b>db</b> files. To find out what lookup
tables Postfix supports, use the command "<b>postconf -m</b>". </p>
<p> Execute the command "<b>postmap /etc/postfix/canonical</b>"
whenever you change the canonical table. </p>
<p> Execute the command "<b>postmap /etc/postfix/virtual</b>"
whenever you change the virtual table. </p>
<h2><a name="client_sasl">Enabling SASL authentication in the
Postfix SMTP client</a></h2>
<p> Turn on client-side SASL authentication, and specify a table
with per-host or per-destination username and password information.
The Postfix SMTP client first searches the table for an entry with
the remote SMTP server hostname; if no entry is found, then the
Postfix SMTP client searches the table for
an entry with the next-hop destination. Usually, that is the
right-hand part of an email address, but it can also be the information
that is specified with the <a href="postconf.5.html#relayhost">relayhost</a> parameter or with a <a href="transport.5.html">transport(5)</a>
table. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
<a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> = cyrus
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> The "submission" destination port tells Postfix to send
mail via TCP network port 587, which is normally reserved for email
clients. The default is to send mail to the "smtp" destination port
(TCP port 25), which is used for receiving mail across the internet.
If you use an explicit destination port in <a href="postconf.5.html">main.cf</a>, then you must
use the same form also in the <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
<li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
"wrappermode" protocol). See <a href="TLS_README.html">TLS_README</a> for a solution that uses the
"stunnel" command. </p>
<li> <p> The "[" and "]" prevent Postfix from looking up the MX
(mail exchanger) records for the enclosed name. If you use this
form in <a href="postconf.5.html">main.cf</a>, then you must use the same form also in the
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> file. </p>
<li> <p> The Postfix SMTP client opens the SASL client password
file before entering the optional chroot jail, so you can keep the
file in /etc/postfix and set permissions read / write only for root
to keep the username:password combinations away from other system
users. </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
</ul>
<p> Workarounds: </p>
<ul>
<li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
By default, the Postfix SMTP client does not use authentication
methods that send plaintext passwords, and defers delivery with
the following error message: "Authentication failed: cannot SASL
authenticate to server". To enable plaintext authentication specify,
for example: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> = noanonymous
</pre>
</blockquote>
<li> <p> Some remote SMTP servers announce authentication mechanisms
that don't actually work. It is possible via the <a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
parameter to restrict the list of server mechanisms that the Postfix
SMTP client will take into consideration: </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> = !gssapi, !external, static:all
</pre>
</blockquote>
<p> In the above example, the Postfix SMTP client will decline to
use mechanisms
that require special infrastructure such as Kerberos or TLS. </p>
<li> <p> The Postfix SMTP client is backwards compatible with SMTP
servers that use the non-standard "AUTH=method..." syntax in response
to the EHLO command; there is no Postfix client configuration needed
to work around it. </p>
</ul>
<h2><a name="client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></h2>
<p> Postfix version 2.3 supports multiple ISP accounts. This can
be useful when one person uses the same machine for work and for
personal use, or when people with different ISP accounts share the
same Postfix server. To make this possible, Postfix 2.3 supports
per-sender SASL passwords and per-sender relay hosts. In the example
below, Postfix will search the SASL password file by sender before
it searches that same file by destination. Likewise, Postfix will
search the per-sender <a href="postconf.5.html#relayhost">relayhost</a> file, and use the default <a href="postconf.5.html#relayhost">relayhost</a>
only as a final resort. </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> = yes
<a href="postconf.5.html#sender_dependent_relayhost_maps">sender_dependent_relayhost_maps</a> = hash:/etc/postfix/sender_relay
<a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> = yes
<a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> = hash:/etc/postfix/sasl_passwd
<a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]
# Alternative form:
# <a href="postconf.5.html#relayhost">relayhost</a> = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user2@example.net username2:password2
# Login information for the default <a href="postconf.5.html#relayhost">relayhost</a>.
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
/etc/postfix/sender_relay:
# Per-sender provider; see also /etc/postfix/sasl_passwd.
user1@example.com [mail.example.com]:submission
user2@example.net [mail.example.net]
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> If you are creative, then you can try to combine the two
tables into one single MySQL database, and configure different
Postfix queries to extract the appropriate information. </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
whenever you change the sender_relay table. </p>
</ul>
</body>
</html>

8
postfix/html/STANDARD_CONFIGURATION_README.html
View File

@@ -81,9 +81,13 @@ what is covered in the <a href="BASIC_CONFIGURATION_README.html">BASIC_CONFIGURA
# Optional: specify NAT/proxy external address.
#<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> = 1.2.3.4
# Don't relay mail from other hosts.
# Alternative 1: don't relay mail from other hosts.
<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = host
<a href="postconf.5.html#relay_domains">relay_domains</a> =
# Alternative 2: relay mail from local clients only.
# <a href="postconf.5.html#mynetworks">mynetworks</a> = 192.168.1.0/28
# <a href="postconf.5.html#relay_domains">relay_domains</a> =
</pre>
</blockquote>
@@ -789,7 +793,7 @@ discussed the first half of this document. </p>
<li> <p> Lines 2-3: Substitute your fantasy hostname here. Do not
use a domain name that is already in use by real organizations
on the Internet. See <a href="http://www.faqs.org/rfcs/rfc2606.html">RFC 2606</a> for examples of domain
on the Internet. See <a href="http://tools.ietf.org/html/rfc2606">RFC 2606</a> for examples of domain
names that are guaranteed not to be owned by anyone. </p>
<li> <p> Lines 5, 9, 10: This provides the mapping from

14
postfix/html/index.html
View File

@@ -28,6 +28,8 @@
<li> <a href="BASIC_CONFIGURATION_README.html"> Basic configuration
</a>
<li> <a href="SOHO_README.html"> Small/home office hints and tips </a>
<li> <a href="STANDARD_CONFIGURATION_README.html"> Standard
configuration examples </a>
@@ -74,6 +76,14 @@ overview </a>
<li> <a href="BUILTIN_FILTER_README.html"> Built-in content inspection </a>
</ul>
</td>
<td width="30%" align="left" valign="top">
<ul>
<li> <a href="FILTER_README.html"> After-queue content filter </a>
<li> <a href="SMTPD_PROXY_README.html"> Before-queue content
@@ -84,10 +94,6 @@ filter </a>
</ul>
</td>
<td width="30%" align="left" valign="top">
<p><strong>SMTP Relay and access control </strong></p>
<ul>

6
postfix/html/postconf.5.html
View File

@@ -8205,6 +8205,12 @@ same server, username and password, and instead bounces or defers
mail as controlled with the <a href="postconf.5.html#smtp_sasl_auth_soft_bounce">smtp_sasl_auth_soft_bounce</a> configuration
parameter. </p>
<p> Use a per-destination delivery concurrency of 1 (for example,
"<a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> = 1",
"<a href="postconf.5.html#relay_destination_concurrency_limit">relay_destination_concurrency_limit</a> = 1", etc.), otherwise multiple
delivery agents may experience a login failure at the same time.
</p>
<p> The table must be accessed via the proxywrite service, i.e. the
map name must start with "<a href="proxymap.8.html">proxy</a>:". The table should be stored under
the directory specified with the <a href="postconf.5.html#data_directory">data_directory</a> parameter. </p>

4
postfix/implementation-notes/MILTER
View File

@@ -248,3 +248,7 @@ or backward compatibility.
It does mean, however, that a pointer record can easily exceed the
length of a header record. This is why we go through the trouble
of record relocation and dummy records.
In Postfix 2.4 we fixed this by adding padding to short message
header records so that we can always write a pointer record over a
message header. This immensly simplifies the code.

5
postfix/man/man5/postconf.5
View File

@@ -4616,6 +4616,11 @@ same server, username and password, and instead bounces or defers
mail as controlled with the smtp_sasl_auth_soft_bounce configuration
parameter.
.PP
Use a per-destination delivery concurrency of 1 (for example,
"smtp_destination_concurrency_limit = 1",
"relay_destination_concurrency_limit = 1", etc.), otherwise multiple
delivery agents may experience a login failure at the same time.
.PP
The table must be accessed via the proxywrite service, i.e. the
map name must start with "proxy:". The table should be stored under
the directory specified with the data_directory parameter.

84
postfix/mantools/make_soho_readme Executable file
View File

@@ -0,0 +1,84 @@
#!/bin/sh
cat <<'EOF'
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Postfix Small/Home Office Hints and Tips</title>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body>
<h1><img src="postfix-logo.jpg" width="203" height="98" ALT="">Postfix Small/Home Office Hints and Tips</h1>
<hr>
<h2>Overview</h2>
<p> This document combines hints and tips for "small office/home
office" applications into one document so that they are easier to
find. The text describes the mail sending side only. If your machine
does not receive mail directly (i.e. it does not have its own
Internet domain name and its own fixed IP address), then you will
need a solution such as "fetchmail", which is outside the scope of
the Postfix documentation. </p>
<ul>
<li> <p> Selected topics from the STANDARD_CONFIGURATION_README document: </p>
<ul>
<li><a href="#stand_alone">Postfix on a stand-alone Internet host</a>
<li><a href="#fantasy">Postfix on hosts without a real
Internet hostname</a>
</ul>
<p> Selected topics from the SASL_README document: </p>
<ul>
<li><a href="#client_sasl">Enabling SASL authentication in the
Postfix SMTP client</a></li>
<li><a href="#client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></li>
</ul>
</ul>
<p> See the SASL_README and STANDARD_CONFIGURATION_README documents for
further information on these topics. </p>
EOF
sed -n '/^<h2><a name="stand_alone">/,${
/^<h2><a name="null_client">/q
p
}' STANDARD_CONFIGURATION_README.html
sed -n '/^<h2><a name="fantasy">/,${
/^<\/body>/q
p
}' STANDARD_CONFIGURATION_README.html
sed -n '/^<h2><a name="client_sasl">/,${
/^<h2><a name="credits/q
p
}' SASL_README.html
cat <<'EOF'
</body>
</html>
EOF

10
postfix/proto/Makefile.in
View File

@@ -33,6 +33,7 @@ HTML = ../html/ADDRESS_CLASS_README.html \
../html/SCHEDULER_README.html ../html/SMTPD_ACCESS_README.html \
../html/SMTPD_POLICY_README.html \
../html/SMTPD_PROXY_README.html \
../html/SOHO_README.html \
../html/STANDARD_CONFIGURATION_README.html \
../html/STRESS_README.html \
../html/TLS_README.html ../html/TLS_LEGACY_README.html \
@@ -69,6 +70,7 @@ README = ../README_FILES/ADDRESS_CLASS_README \
../README_FILES/SASL_README ../README_FILES/SCHEDULER_README \
../README_FILES/SMTPD_ACCESS_README \
../README_FILES/SMTPD_POLICY_README ../README_FILES/SMTPD_PROXY_README \
../README_FILES/SOHO_README \
../README_FILES/STANDARD_CONFIGURATION_README \
../README_FILES/STRESS_README \
../README_FILES/TLS_README ../README_FILES/TLS_LEGACY_README \
@@ -85,6 +87,8 @@ SRCTOMAN= ../mantools/srctoman
POSTLINK= ../mantools/postlink
HT2READ = ../mantools/html2readme
MAKEAAA = ../mantools/makereadme
MAKESOHO= ../mantools/make_soho_readme
DEPSOHO = SASL_README.html STANDARD_CONFIGURATION_README.html
update: $(CONFIG) $(HTML) $(README) $(MAN)
@@ -234,6 +238,9 @@ clobber:
../html/SMTPD_PROXY_README.html: SMTPD_PROXY_README.html
$(POSTLINK) $? >$@
../html/SOHO_README.html: $(MAKESOHO) $(DEPSOHO)
$(MAKESOHO) | $(POSTLINK) >$@
../html/STANDARD_CONFIGURATION_README.html: STANDARD_CONFIGURATION_README.html
$(POSTLINK) $? >$@
@@ -378,6 +385,9 @@ clobber:
../README_FILES/SMTPD_PROXY_README: SMTPD_PROXY_README.html
$(HT2READ) $? >$@
../README_FILES/SOHO_README: $(MAKESOHO) $(DEPSOHO)
$(MAKESOHO) | $(HT2READ) >$@
../README_FILES/STANDARD_CONFIGURATION_README: STANDARD_CONFIGURATION_README.html
$(HT2READ) $? >$@

132
postfix/proto/SASL_README.html
View File

@@ -79,6 +79,9 @@ Postfix SMTP server</a></li>
<li><a href="#client_sasl">Enabling SASL authentication in the
Postfix SMTP client</a></li>
<li><a href="#client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></li>
<li><a href="#credits">Credits</a>
</ul>
@@ -636,42 +639,57 @@ table. </p>
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_type = cyrus
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
foo.com username:password
bar.com username
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
</pre>
</blockquote>
<p> The Postfix SMTP client opens the SASL client password file
before entering the optional chroot jail, so you can keep the file
in /etc/postfix and set permissions read / write only for root to
keep the username:password combinations away from other system
<p> Notes: </p>
<ul>
<li> <p> The "submission" destination port tells Postfix to send
mail via TCP network port 587, which is normally reserved for email
clients. The default is to send mail to the "smtp" destination port
(TCP port 25), which is used for receiving mail across the internet.
If you use an explicit destination port in main.cf, then you must
use the same form also in the smtp_sasl_password_maps file. </p>
<li> <p> Postfix does not deliver mail via TCP port 465 (the obsolete
"wrappermode" protocol). See TLS_README for a solution that uses the
"stunnel" command. </p>
<li> <p> The "[" and "]" prevent Postfix from looking up the MX
(mail exchanger) records for the enclosed name. If you use this
form in main.cf, then you must use the same form also in the
smtp_sasl_password_maps file. </p>
<li> <p> The Postfix SMTP client opens the SASL client password
file before entering the optional chroot jail, so you can keep the
file in /etc/postfix and set permissions read / write only for root
to keep the username:password combinations away from other system
users. </p>
<p> Postfix version 2.3 supports-per-sender SASL password
information. To search the Postfix SASL password by sender
before it searches by destination, specify: </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<blockquote>
<pre>
/etc/postfix/main.cf:
smtp_sender_dependent_authentication = yes
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
/etc/postfix/sasl_passwd:
user@example.com username:password
bar.com username
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
</pre>
</blockquote>
</ul>
<p> Note: some remote SMTP servers support PLAIN or LOGIN authentication
only.
<p> Workarounds: </p>
<ul>
<li> <p> Some remote SMTP servers support PLAIN or LOGIN authentication only.
By default, the Postfix SMTP client does not use authentication
methods that send plaintext passwords, and defers delivery with
the following error message: "Authentication failed: cannot SASL
@@ -685,7 +703,7 @@ for example: </p>
</pre>
</blockquote>
<p> Note: some remote SMTP servers announce authentication mechanisms
<li> <p> Some remote SMTP servers announce authentication mechanisms
that don't actually work. It is possible via the smtp_sasl_mechanism_filter
parameter to restrict the list of server mechanisms that the Postfix
SMTP client will take into consideration: </p>
@@ -701,11 +719,73 @@ SMTP client will take into consideration: </p>
use mechanisms
that require special infrastructure such as Kerberos or TLS. </p>
<p> The Postfix SMTP client is backwards compatible with SMTP
<li> <p> The Postfix SMTP client is backwards compatible with SMTP
servers that use the non-standard "AUTH=method..." syntax in response
to the EHLO command; there is no Postfix client configuration needed
to work around it. </p>
</ul>
<h2><a name="client_sasl_sender">Supporting multiple ISP accounts
in the Postfix SMTP client</a></h2>
<p> Postfix version 2.3 supports multiple ISP accounts. This can
be useful when one person uses the same machine for work and for
personal use, or when people with different ISP accounts share the
same Postfix server. To make this possible, Postfix 2.3 supports
per-sender SASL passwords and per-sender relay hosts. In the example
below, Postfix will search the SASL password file by sender before
it searches that same file by destination. Likewise, Postfix will
search the per-sender relayhost file, and use the default relayhost
only as a final resort. </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
smtp_sender_dependent_authentication = yes
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
relayhost = [mail.myisp.net]
# Alternative form:
# relayhost = [mail.myisp.net]:submission
/etc/postfix/sasl_passwd:
# Per-sender authentication; see also /etc/postfix/sender_relay.
user1@example.com username2:password2
user2@example.net username2:password2
# Login information for the default relayhost.
[mail.myisp.net] username:password
[mail.myisp.net]:submission username:password
/etc/postfix/sender_relay:
# Per-sender provider; see also /etc/postfix/sasl_passwd.
user1@example.com [mail.example.com]:submission
user2@example.net [mail.example.net]
</pre>
</blockquote>
<p> Notes: </p>
<ul>
<li> <p> If you are creative, then you can try to combine the two
tables into one single MySQL database, and configure different
Postfix queries to extract the appropriate information. </p>
<li> <p> Specify <b>dbm</b> instead of <b>hash</b> if your system
uses <b>dbm</b> files instead of <b>db</b> files. To find out what
lookup tables Postfix supports, use the command "<b>postconf -m</b>".
</p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sasl_passwd</b>"
whenever you change the sasl_passwd table. </p>
<li> <p> Execute the command "<b>postmap /etc/postfix/sender_relay</b>"
whenever you change the sender_relay table. </p>
</ul>
<h2><a name="credits">Credits</a></h2>
<ul>

6
postfix/proto/STANDARD_CONFIGURATION_README.html
View File

@@ -81,9 +81,13 @@ what is covered in the BASIC_CONFIGURATION_README document: </p>
# Optional: specify NAT/proxy external address.
#proxy_interfaces = 1.2.3.4
# Don't relay mail from other hosts.
# Alternative 1: don't relay mail from other hosts.
mynetworks_style = host
relay_domains =
# Alternative 2: relay mail from local clients only.
# mynetworks = 192.168.1.0/28
# relay_domains =
</pre>
</blockquote>

6
postfix/proto/postconf.proto
View File

@@ -11466,6 +11466,12 @@ same server, username and password, and instead bounces or defers
mail as controlled with the smtp_sasl_auth_soft_bounce configuration
parameter. </p>
<p> Use a per-destination delivery concurrency of 1 (for example,
"smtp_destination_concurrency_limit = 1",
"relay_destination_concurrency_limit = 1", etc.), otherwise multiple
delivery agents may experience a login failure at the same time.
</p>
<p> The table must be accessed via the proxywrite service, i.e. the
map name must start with "proxy:". The table should be stored under
the directory specified with the data_directory parameter. </p>

4
postfix/src/global/mail_version.h
View File

@@ -20,8 +20,8 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20080114"
#define MAIL_VERSION_NUMBER "2.5"
#define MAIL_RELEASE_DATE "20080115"
#define MAIL_VERSION_NUMBER "2.6"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE

4
postfix/src/smtp/smtp_sasl_auth_cache.c
View File

@@ -133,8 +133,8 @@ SMTP_SASL_AUTH_CACHE *smtp_sasl_auth_cache_init(const char *map, int ttl)
#define CACHE_DICT_OPEN_FLAGS \
(DICT_FLAG_DUP_REPLACE | DICT_FLAG_SYNC_UPDATE)
if (strncmp(map, DICT_TYPE_PROXY, sizeof(DICT_TYPE_PROXY)) - 1 != 0
&& map[sizeof(DICT_TYPE_PROXY) - 1] != ':')
if (strncmp(map, DICT_TYPE_PROXY, sizeof(DICT_TYPE_PROXY) - 1) != 0
|| map[sizeof(DICT_TYPE_PROXY) - 1] != ':')
msg_fatal("SASL authentication cache name \"%s\" must start with \""
DICT_TYPE_PROXY "\":", map);