mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.2-20050210

Browse Source
This commit is contained in:
Wietse Venema
2005-02-10 00:00:00 -05:00
committed by Viktor Dukhovni
parent 340bbfff6b
commit 86521899ec
24 changed files with 402 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
postfix/HISTORY
View File

@@ -10336,11 +10336,31 @@ Apologies for any names omitted.
Cleanup: documented the myorigin/mydomain address rewriting Cleanup: documented the myorigin/mydomain address rewriting
in canonical, generics and virtual alias maps. in canonical, generics and virtual alias maps.
20050210
Bugfix: spurious fallback_relay warnings after 20050202.
Victor Duchovni. File: smtp/smtp_connect.c.
Bugfix: (introduced while adopting Postfix/TLS patch) the
TLS cache scan stopped after expiring one entry. Victor
Duchovni. File: tls/tls_scache.c.
Safety: delete-behind when removing expired entries from
TLS session caches. Some maps mis-behave when the current
entry is deleted. File: tls/tls_scache.c.
Open problems: Open problems:
Med: local and remote source port and IP address for smtpd Med: local and remote source port and IP address for smtpd
policy hook. policy hook.
Med: should "generics" be "generic", for consistency with
"canonical" and "virtual".
Med: canonical/generic/virtual mapping always append
myorigin/mydomain and never remote_header_rewrite_domain;
this needs to be clear from documentation.
Med: disable address rewriting after XCLIENT? Introduce a Med: disable address rewriting after XCLIENT? Introduce a
better concept of original submission? better concept of original submission?

2
postfix/README_FILES/SMTPD_POLICY_README
View File

@@ -273,7 +273,7 @@ found at http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in.
5 reject_unauth_destination 5 reject_unauth_destination
6 check_sender_access hash:/etc/postfix/sender_access 6 check_sender_access hash:/etc/postfix/sender_access
7 ... 7 ...
8 restriction_classes = greylist 8 smtpd_restriction_classes = greylist
9 greylist = check_policy_service unix:private/policy 9 greylist = check_policy_service unix:private/policy
10 10
11 /etc/postfix/sender_access: 11 /etc/postfix/sender_access:

77
postfix/conf/canonical
View File

@@ -102,63 +102,66 @@
# o When the result has the form @otherdomain, the # o When the result has the form @otherdomain, the
# result becomes the same user in otherdomain. # result becomes the same user in otherdomain.
# #
# o The result is rewritten as specified with # o When "append_at_myorigin=yes", append "@$myorigin"
# append_at_myorigin or with append_dot_mydomain. # to addresses without "@domain".
#
# o When "append_dot_mydomain=yes", append ".$mydomain"
# to addresses without ".domain".
# #
# ADDRESS EXTENSION # ADDRESS EXTENSION
# When a mail address localpart contains the optional recip- # When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order # ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and # becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain. # @domain.
# #
# The propagate_unmatched_extensions parameter controls # The propagate_unmatched_extensions parameter controls
# whether an unmatched address extension (+foo) is propa- # whether an unmatched address extension (+foo) is propa-
# gated to the result of table lookup. # gated to the result of table lookup.
# #
# REGULAR EXPRESSION TABLES # REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For # the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax, # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5). # see regexp_table(5) or pcre_table(5).
# #
# Each pattern is a regular expression that is applied to # Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail # the entire address being looked up. Thus, user@domain mail
# addresses are not broken up into their user and @domain # addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and # constituent parts, nor is user+foo broken up into user and
# foo. # foo.
# #
# Patterns are applied in the order as specified in the # Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search # table, until a pattern is found that matches the search
# string. # string.
# #
# Results are the same as with indexed file lookups, with # Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on. # the pattern can be interpolated as $1, $2 and so on.
# #
# TCP-BASED TABLES # TCP-BASED TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip- # lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see # tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available up to and # tcp_table(5). This feature is not available up to and
# including Postfix version 2.2. # including Postfix version 2.2.
# #
# Each lookup operation uses the entire address once. Thus, # Each lookup operation uses the entire address once. Thus,
# user@domain mail addresses are not broken up into their # user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken # user and @domain constituent parts, nor is user+foo broken
# up into user and foo. # up into user and foo.
# #
# Results are the same as with indexed file lookups. # Results are the same as with indexed file lookups.
# #
# BUGS # BUGS
# The table format does not understand quoting conventions. # The table format does not understand quoting conventions.
# #
# CONFIGURATION PARAMETERS # CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant. # The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See # The text below provides only a parameter summary. See
# postconf(5) for more details including examples. # postconf(5) for more details including examples.
# #
# canonical_classes # canonical_classes
# What addresses are subject to canonical address # What addresses are subject to canonical address
# mapping. # mapping.
# #
# canonical_maps # canonical_maps
@@ -173,24 +176,16 @@
# header sender addresses. # header sender addresses.
# #
# propagate_unmatched_extensions # propagate_unmatched_extensions
# A list of address rewriting or forwarding mecha- # A list of address rewriting or forwarding mecha-
# nisms that propagate an address extension from the # nisms that propagate an address extension from the
# original address to the result. Specify zero or # original address to the result. Specify zero or
# more of canonical, virtual, alias, forward, # more of canonical, virtual, alias, forward,
# include, or generics. # include, or generics.
# #
# Other parameters of interest: # Other parameters of interest:
# #
# append_at_myorigin
# Do or don't append "@$myorigin" to addresses with-
# out domain. This must be turned on in Postfix.
#
# append_dot_mydomain
# Do or don't append ".$mydomain" to addresses with-
# out "." on the right-hand side of the @.
#
# inet_interfaces # inet_interfaces
# The network interface addresses that this system # The network interface addresses that this system
# receives mail on. You need to stop and start Post- # receives mail on. You need to stop and start Post-
# fix when this parameter changes. # fix when this parameter changes.
# #
@@ -200,20 +195,20 @@
# tor. # tor.
# #
# masquerade_classes # masquerade_classes
# List of address classes subject to masquerading: # List of address classes subject to masquerading:
# zero or more of envelope_sender, envelope_recipi- # zero or more of envelope_sender, envelope_recipi-
# ent, header_sender, header_recipient. # ent, header_sender, header_recipient.
# #
# masquerade_domains # masquerade_domains
# List of domains that hide their subdomain struc- # List of domains that hide their subdomain struc-
# ture. # ture.
# #
# masquerade_exceptions # masquerade_exceptions
# List of user names that are not subject to address # List of user names that are not subject to address
# masquerading. # masquerading.
# #
# mydestination # mydestination
# List of domains that this mail system considers # List of domains that this mail system considers
# local. # local.
# #
# myorigin # myorigin
@@ -230,13 +225,13 @@
# virtual(5), virtual aliasing # virtual(5), virtual aliasing
# #
# README FILES # README FILES
# Use "postconf readme_directory" or "postconf html_direc- # Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information. # tory" to locate this information.
# DATABASE_README, Postfix lookup table overview # DATABASE_README, Postfix lookup table overview
# ADDRESS_REWRITING_README, address rewriting guide # ADDRESS_REWRITING_README, address rewriting guide
# #
# LICENSE # LICENSE
# The Secure Mailer license must be distributed with this # The Secure Mailer license must be distributed with this
# software. # software.
# #
# AUTHOR(S) # AUTHOR(S)

87
postfix/conf/generics
View File

@@ -89,60 +89,63 @@
# o When the result has the form @otherdomain, the # o When the result has the form @otherdomain, the
# result becomes the same user in otherdomain. # result becomes the same user in otherdomain.
# #
# o The result is rewritten as specified with # o When "append_at_myorigin=yes", append "@$myorigin"
# append_at_myorigin or with append_dot_mydomain. # to addresses without "@domain".
#
# o When "append_dot_mydomain=yes", append ".$mydomain"
# to addresses without ".domain".
# #
# ADDRESS EXTENSION # ADDRESS EXTENSION
# When a mail address localpart contains the optional recip- # When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order # ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and # becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain. # @domain.
# #
# The propagate_unmatched_extensions parameter controls # The propagate_unmatched_extensions parameter controls
# whether an unmatched address extension (+foo) is propa- # whether an unmatched address extension (+foo) is propa-
# gated to the result of table lookup. # gated to the result of table lookup.
# #
# REGULAR EXPRESSION TABLES # REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For # the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax, # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5). # see regexp_table(5) or pcre_table(5).
# #
# Each pattern is a regular expression that is applied to # Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail # the entire address being looked up. Thus, user@domain mail
# addresses are not broken up into their user and @domain # addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and # constituent parts, nor is user+foo broken up into user and
# foo. # foo.
# #
# Patterns are applied in the order as specified in the # Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search # table, until a pattern is found that matches the search
# string. # string.
# #
# Results are the same as with indexed file lookups, with # Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on. # the pattern can be interpolated as $1, $2 and so on.
# #
# TCP-BASED TABLES # TCP-BASED TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip- # lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see # tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available up to and # tcp_table(5). This feature is not available up to and
# including Postfix version 2.2. # including Postfix version 2.2.
# #
# Each lookup operation uses the entire address once. Thus, # Each lookup operation uses the entire address once. Thus,
# user@domain mail addresses are not broken up into their # user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken # user and @domain constituent parts, nor is user+foo broken
# up into user and foo. # up into user and foo.
# #
# Results are the same as with indexed file lookups. # Results are the same as with indexed file lookups.
# #
# EXAMPLE # EXAMPLE
# The following shows a generic mapping with an indexed # The following shows a generic mapping with an indexed
# file. When mail is sent to a remote host via SMTP, this # file. When mail is sent to a remote host via SMTP, this
# replaces his@localdomain.local by his ISP mail address, # replaces his@localdomain.local by his ISP mail address,
# replaces her@localdomain.local by her ISP mail address, # replaces her@localdomain.local by her ISP mail address,
# and replaces other local addresses by his ISP account, # and replaces other local addresses by his ISP account,
# with an address extension of +local (this example assumes # with an address extension of +local (this example assumes
# that the ISP supports "+" style address extensions). # that the ISP supports "+" style address extensions).
# #
# /etc/postfix/main.cf: # /etc/postfix/main.cf:
@@ -153,43 +156,35 @@
# her@localdomain.local heraccount@herisp.example # her@localdomain.local heraccount@herisp.example
# @localdomain.local hisaccount+local@hisisp.example # @localdomain.local hisaccount+local@hisisp.example
# #
# Execute the command "postmap /etc/postfix/generics" when- # Execute the command "postmap /etc/postfix/generics" when-
# ever the table is changed. Instead of hash, some systems # ever the table is changed. Instead of hash, some systems
# use dbm database files. To find out what tables your sys- # use dbm database files. To find out what tables your sys-
# tem supports use the command "postconf -m". # tem supports use the command "postconf -m".
# #
# BUGS # BUGS
# The table format does not understand quoting conventions. # The table format does not understand quoting conventions.
# #
# CONFIGURATION PARAMETERS # CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant. # The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See # The text below provides only a parameter summary. See
# postconf(5) for more details including examples. # postconf(5) for more details including examples.
# #
# smtp_generics_maps # smtp_generics_maps
# Address mapping lookup table for envelope and # Address mapping lookup table for envelope and
# header sender and recipient addresses while deliv- # header sender and recipient addresses while deliv-
# ering mail via SMTP. # ering mail via SMTP.
# #
# propagate_unmatched_extensions # propagate_unmatched_extensions
# A list of address rewriting or forwarding mecha- # A list of address rewriting or forwarding mecha-
# nisms that propagate an address extension from the # nisms that propagate an address extension from the
# original address to the result. Specify zero or # original address to the result. Specify zero or
# more of canonical, virtual, alias, forward, # more of canonical, virtual, alias, forward,
# include, or generics. # include, or generics.
# #
# Other parameters of interest: # Other parameters of interest:
# #
# append_at_myorigin
# Do or don't append "@$myorigin" to addresses with-
# out domain. This must be turned on in Postfix.
#
# append_dot_mydomain
# Do or don't append ".$mydomain" to addresses with-
# out "." on the right-hand side of the @.
#
# inet_interfaces # inet_interfaces
# The network interface addresses that this system # The network interface addresses that this system
# receives mail on. You need to stop and start Post- # receives mail on. You need to stop and start Post-
# fix when this parameter changes. # fix when this parameter changes.
# #
@@ -199,7 +194,7 @@
# tor. # tor.
# #
# mydestination # mydestination
# List of domains that this mail system considers # List of domains that this mail system considers
# local. # local.
# #
# myorigin # myorigin
@@ -215,13 +210,13 @@
# smtp(8), Postfix SMTP client # smtp(8), Postfix SMTP client
# #
# README FILES # README FILES
# Use "postconf readme_directory" or "postconf html_direc- # Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information. # tory" to locate this information.
# DATABASE_README, Postfix lookup table overview # DATABASE_README, Postfix lookup table overview
# ADDRESS_REWRITING_README, address rewriting guide # ADDRESS_REWRITING_README, address rewriting guide
# #
# LICENSE # LICENSE
# The Secure Mailer license must be distributed with this # The Secure Mailer license must be distributed with this
# software. # software.
# #
# HISTORY # HISTORY

107
postfix/conf/virtual
View File

@@ -103,34 +103,37 @@
# works only for the first address in a multi-address # works only for the first address in a multi-address
# lookup result. # lookup result.
# #
# o The result is rewritten as specified with # o When "append_at_myorigin=yes", append "@$myorigin"
# append_at_myorigin or with append_dot_mydomain. # to addresses without "@domain".
#
# o When "append_dot_mydomain=yes", append ".$mydomain"
# to addresses without ".domain".
# #
# ADDRESS EXTENSION # ADDRESS EXTENSION
# When a mail address localpart contains the optional recip- # When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order # ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, user+foo, user, and # becomes: user+foo@domain, user@domain, user+foo, user, and
# @domain. # @domain.
# #
# The propagate_unmatched_extensions parameter controls # The propagate_unmatched_extensions parameter controls
# whether an unmatched address extension (+foo) is propa- # whether an unmatched address extension (+foo) is propa-
# gated to the result of table lookup. # gated to the result of table lookup.
# #
# VIRTUAL ALIAS DOMAINS # VIRTUAL ALIAS DOMAINS
# Besides virtual aliases, the virtual alias table can also # Besides virtual aliases, the virtual alias table can also
# be used to implement virtual alias domains. With a virtual # be used to implement virtual alias domains. With a virtual
# alias domain, all recipient addresses are aliased to # alias domain, all recipient addresses are aliased to
# addresses in other domains. # addresses in other domains.
# #
# Virtual alias domains are not to be confused with the vir- # Virtual alias domains are not to be confused with the vir-
# tual mailbox domains that are implemented with the Postfix # tual mailbox domains that are implemented with the Postfix
# virtual(8) mail delivery agent. With virtual mailbox # virtual(8) mail delivery agent. With virtual mailbox
# domains, each recipient address can have its own mailbox. # domains, each recipient address can have its own mailbox.
# #
# With a virtual alias domain, the virtual domain has its # With a virtual alias domain, the virtual domain has its
# own user name space. Local (i.e. non-virtual) usernames # own user name space. Local (i.e. non-virtual) usernames
# are not visible in a virtual alias domain. In particular, # are not visible in a virtual alias domain. In particular,
# local aliases(5) and local mailing lists are not visible # local aliases(5) and local mailing lists are not visible
# as localname@virtual-alias.domain. # as localname@virtual-alias.domain.
# #
# Support for a virtual alias domain looks like: # Support for a virtual alias domain looks like:
@@ -138,7 +141,7 @@
# /etc/postfix/main.cf: # /etc/postfix/main.cf:
# virtual_alias_maps = hash:/etc/postfix/virtual # virtual_alias_maps = hash:/etc/postfix/virtual
# #
# Note: some systems use dbm databases instead of hash. # Note: some systems use dbm databases instead of hash.
# See the output from "postconf -m" for available # See the output from "postconf -m" for available
# database types. # database types.
# #
@@ -148,103 +151,95 @@
# user1@virtual-alias.domain address1 # user1@virtual-alias.domain address1
# user2@virtual-alias.domain address2, address3 # user2@virtual-alias.domain address2, address3
# #
# The virtual-alias.domain anything entry is required for a # The virtual-alias.domain anything entry is required for a
# virtual alias domain. Without this entry, mail is rejected # virtual alias domain. Without this entry, mail is rejected
# with "relay access denied", or bounces with "mail loops # with "relay access denied", or bounces with "mail loops
# back to myself". # back to myself".
# #
# Do not specify virtual alias domain names in the main.cf # Do not specify virtual alias domain names in the main.cf
# mydestination or relay_domains configuration parameters. # mydestination or relay_domains configuration parameters.
# #
# With a virtual alias domain, the Postfix SMTP server # With a virtual alias domain, the Postfix SMTP server
# accepts mail for known-user@virtual-alias.domain, and # accepts mail for known-user@virtual-alias.domain, and
# rejects mail for unknown-user@virtual-alias.domain as # rejects mail for unknown-user@virtual-alias.domain as
# undeliverable. # undeliverable.
# #
# Instead of specifying the virtual alias domain name via # Instead of specifying the virtual alias domain name via
# the virtual_alias_maps table, you may also specify it via # the virtual_alias_maps table, you may also specify it via
# the main.cf virtual_alias_domains configuration parameter. # the main.cf virtual_alias_domains configuration parameter.
# This latter parameter uses the same syntax as the main.cf # This latter parameter uses the same syntax as the main.cf
# mydestination configuration parameter. # mydestination configuration parameter.
# #
# REGULAR EXPRESSION TABLES # REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For # the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax, # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5). # see regexp_table(5) or pcre_table(5).
# #
# Each pattern is a regular expression that is applied to # Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, user@domain mail # the entire address being looked up. Thus, user@domain mail
# addresses are not broken up into their user and @domain # addresses are not broken up into their user and @domain
# constituent parts, nor is user+foo broken up into user and # constituent parts, nor is user+foo broken up into user and
# foo. # foo.
# #
# Patterns are applied in the order as specified in the # Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search # table, until a pattern is found that matches the search
# string. # string.
# #
# Results are the same as with indexed file lookups, with # Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on. # the pattern can be interpolated as $1, $2 and so on.
# #
# TCP-BASED TABLES # TCP-BASED TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip- # lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see # tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available up to and # tcp_table(5). This feature is not available up to and
# including Postfix version 2.2. # including Postfix version 2.2.
# #
# Each lookup operation uses the entire address once. Thus, # Each lookup operation uses the entire address once. Thus,
# user@domain mail addresses are not broken up into their # user@domain mail addresses are not broken up into their
# user and @domain constituent parts, nor is user+foo broken # user and @domain constituent parts, nor is user+foo broken
# up into user and foo. # up into user and foo.
# #
# Results are the same as with indexed file lookups. # Results are the same as with indexed file lookups.
# #
# BUGS # BUGS
# The table format does not understand quoting conventions. # The table format does not understand quoting conventions.
# #
# CONFIGURATION PARAMETERS # CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant # The following main.cf parameters are especially relevant
# to this topic. See the Postfix main.cf file for syntax # to this topic. See the Postfix main.cf file for syntax
# details and for default values. Use the "postfix reload" # details and for default values. Use the "postfix reload"
# command after a configuration change. # command after a configuration change.
# #
# virtual_alias_maps # virtual_alias_maps
# List of virtual aliasing tables. # List of virtual aliasing tables.
# #
# virtual_alias_domains # virtual_alias_domains
# List of virtual alias domains. This uses the same # List of virtual alias domains. This uses the same
# syntax as the mydestination parameter. # syntax as the mydestination parameter.
# #
# propagate_unmatched_extensions # propagate_unmatched_extensions
# A list of address rewriting or forwarding mecha- # A list of address rewriting or forwarding mecha-
# nisms that propagate an address extension from the # nisms that propagate an address extension from the
# original address to the result. Specify zero or # original address to the result. Specify zero or
# more of canonical, virtual, alias, forward, # more of canonical, virtual, alias, forward,
# include, or generics. # include, or generics.
# #
# Other parameters of interest: # Other parameters of interest:
# #
# append_at_myorigin
# Do or don't append "@$myorigin" to addresses with-
# out domain. This must be turned on in Postfix.
#
# append_dot_mydomain
# Do or don't append ".$mydomain" to addresses with-
# out "." on the right-hand side of the @.
#
# inet_interfaces # inet_interfaces
# The network interface addresses that this system # The network interface addresses that this system
# receives mail on. You need to stop and start Post- # receives mail on. You need to stop and start Post-
# fix when this parameter changes. # fix when this parameter changes.
# #
# mydestination # mydestination
# List of domains that this mail system considers # List of domains that this mail system considers
# local. # local.
# #
# myorigin # myorigin
# The domain that is appended to any address that # The domain that is appended to any address that
# does not have a domain. # does not have a domain.
# #
# owner_request_special # owner_request_special
@@ -263,14 +258,14 @@
# canonical(5), canonical address mapping # canonical(5), canonical address mapping
# #
# README FILES # README FILES
# Use "postconf readme_directory" or "postconf html_direc- # Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information. # tory" to locate this information.
# DATABASE_README, Postfix lookup table overview # DATABASE_README, Postfix lookup table overview
# ADDRESS_REWRITING_README, address rewriting guide # ADDRESS_REWRITING_README, address rewriting guide
# VIRTUAL_README, domain hosting guide # VIRTUAL_README, domain hosting guide
# #
# LICENSE # LICENSE
# The Secure Mailer license must be distributed with this # The Secure Mailer license must be distributed with this
# software. # software.
# #
# AUTHOR(S) # AUTHOR(S)

2
postfix/html/SMTPD_POLICY_README.html
View File

@@ -386,7 +386,7 @@ forged MAIL FROM domains can be found at
5 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> 5 <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
6 <a href="postconf.5.html#check_sender_access">check_sender_access</a> hash:/etc/postfix/sender_access 6 <a href="postconf.5.html#check_sender_access">check_sender_access</a> hash:/etc/postfix/sender_access
7 ... 7 ...
8 restriction_classes = greylist 8 <a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> = greylist
9 greylist = <a href="postconf.5.html#check_policy_service">check_policy_service</a> unix:private/policy 9 greylist = <a href="postconf.5.html#check_policy_service">check_policy_service</a> unix:private/policy
10 10
11 /etc/postfix/sender_access: 11 /etc/postfix/sender_access:

75
postfix/html/canonical.5.html
View File

@@ -108,63 +108,66 @@ CANONICAL(5) CANONICAL(5)
<b>o</b> When the result has the form @<i>otherdomain</i>, the <b>o</b> When the result has the form @<i>otherdomain</i>, the
result becomes the same <i>user</i> in <i>otherdomain</i>. result becomes the same <i>user</i> in <i>otherdomain</i>.
<b>o</b> The result is rewritten as specified with <b>o</b> When "<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>=yes</b>", append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>"
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b> or with <b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>. to addresses without "@domain".
<b>o</b> When "<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>", append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>"
to addresses without ".domain".
<b>ADDRESS EXTENSION</b> <b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip- When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>. @<i>domain</i>.
The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls
whether an unmatched address extension (<i>+foo</i>) is propa- whether an unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup. gated to the result of table lookup.
<b>REGULAR EXPRESSION TABLES</b> <b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
the table is given in the form of regular expressions. For the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax, a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail the entire address being looked up. Thus, <i>user@domain</i> mail
addresses are not broken up into their <i>user</i> and <i>@domain</i> addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>. <i>foo</i>.
Patterns are applied in the order as specified in the Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search table, until a pattern is found that matches the search
string. string.
Results are the same as with indexed file lookups, with Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on. the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b> <b>TCP-BASED TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip- lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
including Postfix version 2.2. including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus, Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>. up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups. Results are the same as with indexed file lookups.
<b>BUGS</b> <b>BUGS</b>
The table format does not understand quoting conventions. The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant. The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples. <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#canonical_classes">canonical_classes</a></b> <b><a href="postconf.5.html#canonical_classes">canonical_classes</a></b>
What addresses are subject to canonical address What addresses are subject to canonical address
mapping. mapping.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a></b> <b><a href="postconf.5.html#canonical_maps">canonical_maps</a></b>
@@ -179,24 +182,16 @@ CANONICAL(5) CANONICAL(5)
header sender addresses. header sender addresses.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b>
A list of address rewriting or forwarding mecha- A list of address rewriting or forwarding mecha-
nisms that propagate an address extension from the nisms that propagate an address extension from the
original address to the result. Specify zero or original address to the result. Specify zero or
more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>, more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>,
<b>include</b>, or <b>generics</b>. <b>include</b>, or <b>generics</b>.
Other parameters of interest: Other parameters of interest:
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b>
Do or don't append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>" to addresses with-
out domain. This must be turned on in Postfix.
<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>
Do or don't append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>" to addresses with-
out "." on the right-hand side of the @.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
The network interface addresses that this system The network interface addresses that this system
receives mail on. You need to stop and start Post- receives mail on. You need to stop and start Post-
fix when this parameter changes. fix when this parameter changes.
@@ -206,20 +201,20 @@ CANONICAL(5) CANONICAL(5)
tor. tor.
<b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a></b> <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a></b>
List of address classes subject to masquerading: List of address classes subject to masquerading:
zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b> zero or more of <b>envelope_sender</b>, <b>envelope_recipi-</b>
<b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>. <b>ent</b>, <b>header_sender</b>, <b>header_recipient</b>.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a></b> <b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a></b>
List of domains that hide their subdomain struc- List of domains that hide their subdomain struc-
ture. ture.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a></b> <b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a></b>
List of user names that are not subject to address List of user names that are not subject to address
masquerading. masquerading.
<b><a href="postconf.5.html#mydestination">mydestination</a></b> <b><a href="postconf.5.html#mydestination">mydestination</a></b>
List of domains that this mail system considers List of domains that this mail system considers
local. local.
<b><a href="postconf.5.html#myorigin">myorigin</a></b> <b><a href="postconf.5.html#myorigin">myorigin</a></b>
@@ -240,7 +235,7 @@ CANONICAL(5) CANONICAL(5)
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>

85
postfix/html/generics.5.html
View File

@@ -95,60 +95,63 @@ GENERICS(5) GENERICS(5)
<b>o</b> When the result has the form @<i>otherdomain</i>, the <b>o</b> When the result has the form @<i>otherdomain</i>, the
result becomes the same <i>user</i> in <i>otherdomain</i>. result becomes the same <i>user</i> in <i>otherdomain</i>.
<b>o</b> The result is rewritten as specified with <b>o</b> When "<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>=yes</b>", append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>"
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b> or with <b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>. to addresses without "@domain".
<b>o</b> When "<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>", append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>"
to addresses without ".domain".
<b>ADDRESS EXTENSION</b> <b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip- When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>. @<i>domain</i>.
The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls
whether an unmatched address extension (<i>+foo</i>) is propa- whether an unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup. gated to the result of table lookup.
<b>REGULAR EXPRESSION TABLES</b> <b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
the table is given in the form of regular expressions. For the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax, a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail the entire address being looked up. Thus, <i>user@domain</i> mail
addresses are not broken up into their <i>user</i> and <i>@domain</i> addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>. <i>foo</i>.
Patterns are applied in the order as specified in the Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search table, until a pattern is found that matches the search
string. string.
Results are the same as with indexed file lookups, with Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on. the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b> <b>TCP-BASED TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip- lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
including Postfix version 2.2. including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus, Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>. up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups. Results are the same as with indexed file lookups.
<b>EXAMPLE</b> <b>EXAMPLE</b>
The following shows a generic mapping with an indexed The following shows a generic mapping with an indexed
file. When mail is sent to a remote host via SMTP, this file. When mail is sent to a remote host via SMTP, this
replaces <i>his@localdomain.local</i> by his ISP mail address, replaces <i>his@localdomain.local</i> by his ISP mail address,
replaces <i>her@localdomain.local</i> by her ISP mail address, replaces <i>her@localdomain.local</i> by her ISP mail address,
and replaces other local addresses by his ISP account, and replaces other local addresses by his ISP account,
with an address extension of <i>+local</i> (this example assumes with an address extension of <i>+local</i> (this example assumes
that the ISP supports "+" style address extensions). that the ISP supports "+" style address extensions).
/etc/postfix/main.cf: /etc/postfix/main.cf:
@@ -159,43 +162,35 @@ GENERICS(5) GENERICS(5)
her@localdomain.local heraccount@herisp.example her@localdomain.local heraccount@herisp.example
@localdomain.local hisaccount+local@hisisp.example @localdomain.local hisaccount+local@hisisp.example
Execute the command "<b>postmap /etc/postfix/generics</b>" when- Execute the command "<b>postmap /etc/postfix/generics</b>" when-
ever the table is changed. Instead of <b>hash</b>, some systems ever the table is changed. Instead of <b>hash</b>, some systems
use <b>dbm</b> database files. To find out what tables your sys- use <b>dbm</b> database files. To find out what tables your sys-
tem supports use the command "<b>postconf -m</b>". tem supports use the command "<b>postconf -m</b>".
<b>BUGS</b> <b>BUGS</b>
The table format does not understand quoting conventions. The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant. The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples. <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a></b> <b><a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a></b>
Address mapping lookup table for envelope and Address mapping lookup table for envelope and
header sender and recipient addresses while deliv- header sender and recipient addresses while deliv-
ering mail via SMTP. ering mail via SMTP.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b>
A list of address rewriting or forwarding mecha- A list of address rewriting or forwarding mecha-
nisms that propagate an address extension from the nisms that propagate an address extension from the
original address to the result. Specify zero or original address to the result. Specify zero or
more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>, more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>,
<b>include</b>, or <b>generics</b>. <b>include</b>, or <b>generics</b>.
Other parameters of interest: Other parameters of interest:
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b>
Do or don't append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>" to addresses with-
out domain. This must be turned on in Postfix.
<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>
Do or don't append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>" to addresses with-
out "." on the right-hand side of the @.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
The network interface addresses that this system The network interface addresses that this system
receives mail on. You need to stop and start Post- receives mail on. You need to stop and start Post-
fix when this parameter changes. fix when this parameter changes.
@@ -205,7 +200,7 @@ GENERICS(5) GENERICS(5)
tor. tor.
<b><a href="postconf.5.html#mydestination">mydestination</a></b> <b><a href="postconf.5.html#mydestination">mydestination</a></b>
List of domains that this mail system considers List of domains that this mail system considers
local. local.
<b><a href="postconf.5.html#myorigin">myorigin</a></b> <b><a href="postconf.5.html#myorigin">myorigin</a></b>
@@ -225,7 +220,7 @@ GENERICS(5) GENERICS(5)
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>HISTORY</b> <b>HISTORY</b>

105
postfix/html/virtual.5.html
View File

@@ -109,34 +109,37 @@ VIRTUAL(5) VIRTUAL(5)
works only for the first address in a multi-address works only for the first address in a multi-address
lookup result. lookup result.
<b>o</b> The result is rewritten as specified with <b>o</b> When "<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>=yes</b>", append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>"
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b> or with <b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>. to addresses without "@domain".
<b>o</b> When "<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>", append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>"
to addresses without ".domain".
<b>ADDRESS EXTENSION</b> <b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recip- When a mail address localpart contains the optional recip-
ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order ient delimiter (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order
becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and becomes: <i>user+foo</i>@<i>domain</i>, <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and
@<i>domain</i>. @<i>domain</i>.
The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls
whether an unmatched address extension (<i>+foo</i>) is propa- whether an unmatched address extension (<i>+foo</i>) is propa-
gated to the result of table lookup. gated to the result of table lookup.
<b>VIRTUAL ALIAS DOMAINS</b> <b>VIRTUAL ALIAS DOMAINS</b>
Besides virtual aliases, the virtual alias table can also Besides virtual aliases, the virtual alias table can also
be used to implement <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>. With a virtual be used to implement <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>. With a virtual
alias domain, all recipient addresses are aliased to alias domain, all recipient addresses are aliased to
addresses in other domains. addresses in other domains.
Virtual alias domains are not to be confused with the vir- Virtual alias domains are not to be confused with the vir-
tual mailbox domains that are implemented with the Postfix tual mailbox domains that are implemented with the Postfix
<a href="virtual.8.html"><b>virtual</b>(8)</a> mail delivery agent. With virtual mailbox <a href="virtual.8.html"><b>virtual</b>(8)</a> mail delivery agent. With virtual mailbox
domains, each recipient address can have its own mailbox. domains, each recipient address can have its own mailbox.
With a virtual alias domain, the virtual domain has its With a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>, the virtual domain has its
own user name space. Local (i.e. non-virtual) usernames own user name space. Local (i.e. non-virtual) usernames
are not visible in a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>. In particular, are not visible in a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>. In particular,
local <a href="aliases.5.html"><b>aliases</b>(5)</a> and local mailing lists are not visible local <a href="aliases.5.html"><b>aliases</b>(5)</a> and local mailing lists are not visible
as <i>localname@virtual-alias.domain</i>. as <i>localname@virtual-alias.domain</i>.
Support for a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> looks like: Support for a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> looks like:
@@ -144,7 +147,7 @@ VIRTUAL(5) VIRTUAL(5)
/etc/postfix/main.cf: /etc/postfix/main.cf:
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = hash:/etc/postfix/virtual
Note: some systems use <b>dbm</b> databases instead of <b>hash</b>. Note: some systems use <b>dbm</b> databases instead of <b>hash</b>.
See the output from "<b>postconf -m</b>" for available See the output from "<b>postconf -m</b>" for available
database types. database types.
@@ -154,103 +157,95 @@ VIRTUAL(5) VIRTUAL(5)
<i>user1@virtual-alias.domain address1</i> <i>user1@virtual-alias.domain address1</i>
<i>user2@virtual-alias.domain address2, address3</i> <i>user2@virtual-alias.domain address2, address3</i>
The <i>virtual-alias.domain anything</i> entry is required for a The <i>virtual-alias.domain anything</i> entry is required for a
<a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>. <b>Without this entry, mail is rejected</b> <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>. <b>Without this entry, mail is rejected</b>
<b>with "relay access denied", or bounces with "mail loops</b> <b>with "relay access denied", or bounces with "mail loops</b>
<b>back to myself".</b> <b>back to myself".</b>
Do not specify <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> names in the <b>main.cf</b> Do not specify <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> names in the <b>main.cf</b>
<b><a href="postconf.5.html#mydestination">mydestination</a></b> or <b><a href="postconf.5.html#relay_domains">relay_domains</a></b> configuration parameters. <b><a href="postconf.5.html#mydestination">mydestination</a></b> or <b><a href="postconf.5.html#relay_domains">relay_domains</a></b> configuration parameters.
With a virtual alias domain, the Postfix SMTP server With a virtual alias domain, the Postfix SMTP server
accepts mail for <i>known-user@virtual-alias.domain</i>, and accepts mail for <i>known-user@virtual-alias.domain</i>, and
rejects mail for <i>unknown-user</i>@<i>virtual-alias.domain</i> as rejects mail for <i>unknown-user</i>@<i>virtual-alias.domain</i> as
undeliverable. undeliverable.
Instead of specifying the virtual alias domain name via Instead of specifying the <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> name via
the <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a></b> table, you may also specify it via the <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a></b> table, you may also specify it via
the <b>main.cf <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a></b> configuration parameter. the <b>main.cf <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a></b> configuration parameter.
This latter parameter uses the same syntax as the <b>main.cf</b> This latter parameter uses the same syntax as the <b>main.cf</b>
<b><a href="postconf.5.html#mydestination">mydestination</a></b> configuration parameter. <b><a href="postconf.5.html#mydestination">mydestination</a></b> configuration parameter.
<b>REGULAR EXPRESSION TABLES</b> <b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
the table is given in the form of regular expressions. For the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax, a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, <i>user@domain</i> mail the entire address being looked up. Thus, <i>user@domain</i> mail
addresses are not broken up into their <i>user</i> and <i>@domain</i> addresses are not broken up into their <i>user</i> and <i>@domain</i>
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>. <i>foo</i>.
Patterns are applied in the order as specified in the Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search table, until a pattern is found that matches the search
string. string.
Results are the same as with indexed file lookups, with Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on. the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b> <b>TCP-BASED TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip- lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see tion of the TCP client/server lookup protocol, see
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available up to and
including Postfix version 2.2. including Postfix version 2.2.
Each lookup operation uses the entire address once. Thus, Each lookup operation uses the entire address once. Thus,
<i>user@domain</i> mail addresses are not broken up into their <i>user@domain</i> mail addresses are not broken up into their
<i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>. up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups. Results are the same as with indexed file lookups.
<b>BUGS</b> <b>BUGS</b>
The table format does not understand quoting conventions. The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant The following <b>main.cf</b> parameters are especially relevant
to this topic. See the Postfix <b>main.cf</b> file for syntax to this topic. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the "<b>postfix reload</b>" details and for default values. Use the "<b>postfix reload</b>"
command after a configuration change. command after a configuration change.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a></b> <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a></b>
List of virtual aliasing tables. List of virtual aliasing tables.
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a></b> <b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a></b>
List of <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>. This uses the same List of <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>. This uses the same
syntax as the <b><a href="postconf.5.html#mydestination">mydestination</a></b> parameter. syntax as the <b><a href="postconf.5.html#mydestination">mydestination</a></b> parameter.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b>
A list of address rewriting or forwarding mecha- A list of address rewriting or forwarding mecha-
nisms that propagate an address extension from the nisms that propagate an address extension from the
original address to the result. Specify zero or original address to the result. Specify zero or
more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>, more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>, <b>forward</b>,
<b>include</b>, or <b>generics</b>. <b>include</b>, or <b>generics</b>.
Other parameters of interest: Other parameters of interest:
<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a></b>
Do or don't append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>" to addresses with-
out domain. This must be turned on in Postfix.
<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a></b>
Do or don't append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>" to addresses with-
out "." on the right-hand side of the @.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
The network interface addresses that this system The network interface addresses that this system
receives mail on. You need to stop and start Post- receives mail on. You need to stop and start Post-
fix when this parameter changes. fix when this parameter changes.
<b><a href="postconf.5.html#mydestination">mydestination</a></b> <b><a href="postconf.5.html#mydestination">mydestination</a></b>
List of domains that this mail system considers List of domains that this mail system considers
local. local.
<b><a href="postconf.5.html#myorigin">myorigin</a></b> <b><a href="postconf.5.html#myorigin">myorigin</a></b>
The domain that is appended to any address that The domain that is appended to any address that
does not have a domain. does not have a domain.
<b><a href="postconf.5.html#owner_request_special">owner_request_special</a></b> <b><a href="postconf.5.html#owner_request_special">owner_request_special</a></b>
@@ -274,7 +269,7 @@ VIRTUAL(5) VIRTUAL(5)
<a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting guide <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting guide
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>

13
postfix/man/man5/canonical.5
View File

@@ -104,8 +104,11 @@ The lookup result is subject to address rewriting:
When the result has the form @\fIotherdomain\fR, the When the result has the form @\fIotherdomain\fR, the
result becomes the same \fIuser\fR in \fIotherdomain\fR. result becomes the same \fIuser\fR in \fIotherdomain\fR.
.IP \(bu .IP \(bu
The result is rewritten as specified with \fBappend_at_myorigin\fR When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
or with \fBappend_dot_mydomain\fR. to addresses without "@domain".
.IP \(bu
When "\fBappend_dot_mydomain=yes\fR", append
"\fB.$mydomain\fR" to addresses without ".domain".
.SH "ADDRESS EXTENSION" .SH "ADDRESS EXTENSION"
.na .na
.nf .nf
@@ -185,12 +188,6 @@ Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
\fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
.PP .PP
Other parameters of interest: Other parameters of interest:
.IP \fBappend_at_myorigin\fR
Do or don't append "\fB@$myorigin\fR" to addresses without domain.
This must be turned on in Postfix.
.IP \fBappend_dot_mydomain\fR
Do or don't append "\fB.$mydomain\fR" to addresses without "." on
the right-hand side of the @.
.IP \fBinet_interfaces\fR .IP \fBinet_interfaces\fR
The network interface addresses that this system receives mail on. The network interface addresses that this system receives mail on.
You need to stop and start Postfix when this parameter changes. You need to stop and start Postfix when this parameter changes.

13
postfix/man/man5/generics.5
View File

@@ -94,8 +94,11 @@ The lookup result is subject to address rewriting:
When the result has the form @\fIotherdomain\fR, the When the result has the form @\fIotherdomain\fR, the
result becomes the same \fIuser\fR in \fIotherdomain\fR. result becomes the same \fIuser\fR in \fIotherdomain\fR.
.IP \(bu .IP \(bu
The result is rewritten as specified with \fBappend_at_myorigin\fR When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
or with \fBappend_dot_mydomain\fR. to addresses without "@domain".
.IP \(bu
When "\fBappend_dot_mydomain=yes\fR", append
"\fB.$mydomain\fR" to addresses without ".domain".
.SH "ADDRESS EXTENSION" .SH "ADDRESS EXTENSION"
.na .na
.nf .nf
@@ -202,12 +205,6 @@ Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
\fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
.PP .PP
Other parameters of interest: Other parameters of interest:
.IP \fBappend_at_myorigin\fR
Do or don't append "\fB@$myorigin\fR" to addresses without domain.
This must be turned on in Postfix.
.IP \fBappend_dot_mydomain\fR
Do or don't append "\fB.$mydomain\fR" to addresses without "." on
the right-hand side of the @.
.IP \fBinet_interfaces\fR .IP \fBinet_interfaces\fR
The network interface addresses that this system receives mail on. The network interface addresses that this system receives mail on.
You need to stop and start Postfix when this parameter changes. You need to stop and start Postfix when this parameter changes.

13
postfix/man/man5/virtual.5
View File

@@ -102,8 +102,11 @@ result becomes the same \fIuser\fR in \fIotherdomain\fR.
This works only for the first address in a multi-address This works only for the first address in a multi-address
lookup result. lookup result.
.IP \(bu .IP \(bu
The result is rewritten as specified with \fBappend_at_myorigin\fR When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
or with \fBappend_dot_mydomain\fR. to addresses without "@domain".
.IP \(bu
When "\fBappend_dot_mydomain=yes\fR", append
"\fB.$mydomain\fR" to addresses without ".domain".
.SH "ADDRESS EXTENSION" .SH "ADDRESS EXTENSION"
.na .na
.nf .nf
@@ -238,12 +241,6 @@ Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
\fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
.PP .PP
Other parameters of interest: Other parameters of interest:
.IP \fBappend_at_myorigin\fR
Do or don't append "\fB@$myorigin\fR" to addresses without domain.
This must be turned on in Postfix.
.IP \fBappend_dot_mydomain\fR
Do or don't append "\fB.$mydomain\fR" to addresses without "." on
the right-hand side of the @.
.IP \fBinet_interfaces\fR .IP \fBinet_interfaces\fR
The network interface addresses that this system receives mail on. The network interface addresses that this system receives mail on.
You need to stop and start Postfix when this parameter changes. You need to stop and start Postfix when this parameter changes.

2
postfix/proto/SMTPD_POLICY_README.html
View File

@@ -386,7 +386,7 @@ http://www.monkeys.com/anti-spam/filtering/sender-domain-validate.in.
5 reject_unauth_destination 5 reject_unauth_destination
6 check_sender_access hash:/etc/postfix/sender_access 6 check_sender_access hash:/etc/postfix/sender_access
7 ... 7 ...
8 restriction_classes = greylist 8 smtpd_restriction_classes = greylist
9 greylist = check_policy_service unix:private/policy 9 greylist = check_policy_service unix:private/policy
10 10
11 /etc/postfix/sender_access: 11 /etc/postfix/sender_access:

13
postfix/proto/canonical
View File

@@ -92,8 +92,11 @@
# When the result has the form @\fIotherdomain\fR, the # When the result has the form @\fIotherdomain\fR, the
# result becomes the same \fIuser\fR in \fIotherdomain\fR. # result becomes the same \fIuser\fR in \fIotherdomain\fR.
# .IP \(bu # .IP \(bu
# The result is rewritten as specified with \fBappend_at_myorigin\fR # When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
# or with \fBappend_dot_mydomain\fR. # to addresses without "@domain".
# .IP \(bu
# When "\fBappend_dot_mydomain=yes\fR", append
# "\fB.$mydomain\fR" to addresses without ".domain".
# ADDRESS EXTENSION # ADDRESS EXTENSION
# .fi # .fi
# .ad # .ad
@@ -163,12 +166,6 @@
# \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. # \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
# .PP # .PP
# Other parameters of interest: # Other parameters of interest:
# .IP \fBappend_at_myorigin\fR
# Do or don't append "\fB@$myorigin\fR" to addresses without domain.
# This must be turned on in Postfix.
# .IP \fBappend_dot_mydomain\fR
# Do or don't append "\fB.$mydomain\fR" to addresses without "." on
# the right-hand side of the @.
# .IP \fBinet_interfaces\fR # .IP \fBinet_interfaces\fR
# The network interface addresses that this system receives mail on. # The network interface addresses that this system receives mail on.
# You need to stop and start Postfix when this parameter changes. # You need to stop and start Postfix when this parameter changes.

13
postfix/proto/generics
View File

@@ -82,8 +82,11 @@
# When the result has the form @\fIotherdomain\fR, the # When the result has the form @\fIotherdomain\fR, the
# result becomes the same \fIuser\fR in \fIotherdomain\fR. # result becomes the same \fIuser\fR in \fIotherdomain\fR.
# .IP \(bu # .IP \(bu
# The result is rewritten as specified with \fBappend_at_myorigin\fR # When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
# or with \fBappend_dot_mydomain\fR. # to addresses without "@domain".
# .IP \(bu
# When "\fBappend_dot_mydomain=yes\fR", append
# "\fB.$mydomain\fR" to addresses without ".domain".
# ADDRESS EXTENSION # ADDRESS EXTENSION
# .fi # .fi
# .ad # .ad
@@ -178,12 +181,6 @@
# \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. # \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
# .PP # .PP
# Other parameters of interest: # Other parameters of interest:
# .IP \fBappend_at_myorigin\fR
# Do or don't append "\fB@$myorigin\fR" to addresses without domain.
# This must be turned on in Postfix.
# .IP \fBappend_dot_mydomain\fR
# Do or don't append "\fB.$mydomain\fR" to addresses without "." on
# the right-hand side of the @.
# .IP \fBinet_interfaces\fR # .IP \fBinet_interfaces\fR
# The network interface addresses that this system receives mail on. # The network interface addresses that this system receives mail on.
# You need to stop and start Postfix when this parameter changes. # You need to stop and start Postfix when this parameter changes.

13
postfix/proto/virtual
View File

@@ -90,8 +90,11 @@
# This works only for the first address in a multi-address # This works only for the first address in a multi-address
# lookup result. # lookup result.
# .IP \(bu # .IP \(bu
# The result is rewritten as specified with \fBappend_at_myorigin\fR # When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
# or with \fBappend_dot_mydomain\fR. # to addresses without "@domain".
# .IP \(bu
# When "\fBappend_dot_mydomain=yes\fR", append
# "\fB.$mydomain\fR" to addresses without ".domain".
# ADDRESS EXTENSION # ADDRESS EXTENSION
# .fi # .fi
# .ad # .ad
@@ -214,12 +217,6 @@
# \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR. # \fBforward\fR, \fBinclude\fR, or \fBgenerics\fR.
# .PP # .PP
# Other parameters of interest: # Other parameters of interest:
# .IP \fBappend_at_myorigin\fR
# Do or don't append "\fB@$myorigin\fR" to addresses without domain.
# This must be turned on in Postfix.
# .IP \fBappend_dot_mydomain\fR
# Do or don't append "\fB.$mydomain\fR" to addresses without "." on
# the right-hand side of the @.
# .IP \fBinet_interfaces\fR # .IP \fBinet_interfaces\fR
# The network interface addresses that this system receives mail on. # The network interface addresses that this system receives mail on.
# You need to stop and start Postfix when this parameter changes. # You need to stop and start Postfix when this parameter changes.

2
postfix/src/global/mail_version.h
View File

@@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the * Patches change the patchlevel and the release date. Snapshots change the
* release date only. * release date only.
*/ */
#define MAIL_RELEASE_DATE "20050209" #define MAIL_RELEASE_DATE "20050210"
#define MAIL_VERSION_NUMBER "2.2" #define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version" #define VAR_MAIL_VERSION "mail_version"

2
postfix/src/smtp/smtp_connect.c
View File

@@ -558,7 +558,7 @@ int smtp_connect(SMTP_STATE *state)
* getting lost in the complexity. * getting lost in the complexity.
*/ */
#define IS_FALLBACK_RELAY(cpp, sites, non_fallback_sites) \ #define IS_FALLBACK_RELAY(cpp, sites, non_fallback_sites) \
((cpp) >= (sites)->argv + (non_fallback_sites)) (*(cpp) && (cpp) >= (sites)->argv + (non_fallback_sites))
for (cpp = sites->argv; SMTP_RCPT_LEFT(state) > 0 && (dest = *cpp) != 0; cpp++) { for (cpp = sites->argv; SMTP_RCPT_LEFT(state) > 0 && (dest = *cpp) != 0; cpp++) {
if (i_am_mx && IS_FALLBACK_RELAY(cpp, sites, non_fallback_sites)) if (i_am_mx && IS_FALLBACK_RELAY(cpp, sites, non_fallback_sites))

1
postfix/src/smtp/smtp_map11.c
View File

@@ -162,6 +162,7 @@ int main(int argc, char **argv)
msg_info("-- end %s --", *argv); msg_info("-- end %s --", *argv);
} }
vstring_free(buf); vstring_free(buf);
maps_free(maps);
return (0); return (0);
} }

2
postfix/src/tls/Makefile.in
View File

@@ -25,7 +25,7 @@ MAKES =
all: $(LIB) all: $(LIB)
Makefile: Makefile.in Makefile: Makefile.in
(echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../../makedefs && cat $?) >$@ (echo "# DO NOT EDIT"; tail +2 ../../conf/makedefs.out; cat $?) >$@
test: $(TESTPROG) test: $(TESTPROG)

66
postfix/src/tls/tls_scache.c
View File

@@ -372,7 +372,8 @@ int tls_scache_lookup(TLS_SCACHE *cp, const char *cache_id,
/* /*
* Initialize. Don't leak data. * Initialize. Don't leak data.
*/ */
VSTRING_RESET(session); if (session)
VSTRING_RESET(session);
/* /*
* Search the cache database. * Search the cache database.
@@ -446,30 +447,66 @@ int tls_scache_sequence(TLS_SCACHE *cp, int first_next,
{ {
const char *member; const char *member;
const char *value; const char *value;
char *saved_member; char *saved_cursor;
int seq_status;
/*
* XXX Deleting entries while enumerating a map can he tricky. Some map
* types have a concept of cursor and support a "delete the current
* element" operation. Some map types without cursors don't behave well
* when the current first/next entry is deleted (example: Berkeley DB <
* 2). To avoid trouble, we delete an expired entry after advancing the
* current first/next position beyond it, and ignore client requests to
* delete the current entry.
*/
/* /*
* Find the first or next database entry. * Find the first or next database entry.
*/ */
if (dict_seq(cp->db, first_next, &member, &value) != 0) seq_status = dict_seq(cp->db, first_next, &member, &value);
/*
* Delete behind. This is a no-op if an expired cache entry was updated
* in the mean time.
*/
if (cp->flags & TLS_SCACHE_FLAG_DEL_CURSOR) {
cp->flags &= ~TLS_SCACHE_FLAG_DEL_CURSOR;
saved_cursor = cp->saved_cursor;
cp->saved_cursor = 0;
tls_scache_lookup(cp, saved_cursor, TLS_SCACHE_ANY_OPENSSL_VSN,
TLS_SCACHE_ANY_FLAGS, (long *) 0, (int *) 0,
(VSTRING *) 0);
myfree(saved_cursor);
} else {
if (cp->saved_cursor)
myfree(cp->saved_cursor);
cp->saved_cursor = 0;
}
/*
* Did we find a first or next database entry?
*/
if (seq_status != 0)
return (0); /* End of list reached */ return (0); /* End of list reached */
/*
* Safety against client requests to delete the current first/next entry.
*/
cp->saved_cursor = mystrdup(member);
/* /*
* Activate the passivated cache entry and check the version and time * Activate the passivated cache entry and check the version and time
* stamp information. * stamp information. Schedule it for deletion if it is bad or too old.
*/ */
if (tls_scache_decode(cp, member, value, strlen(value), openssl_version, if (tls_scache_decode(cp, member, value, strlen(value), openssl_version,
flags, out_openssl_version, out_flags, flags, out_openssl_version, out_flags,
out_session) == 0) { out_session) == 0) {
saved_member = mystrdup(member); cp->flags |= TLS_SCACHE_FLAG_DEL_CURSOR;
tls_scache_delete(cp, saved_member);
myfree(saved_member);
return (0);
} else { } else {
if (out_cache_id) if (out_cache_id)
*out_cache_id = mystrdup(member); *out_cache_id = mystrdup(member);
return (1);
} }
return (1);
} }
/* tls_scache_delete - delete session from cache */ /* tls_scache_delete - delete session from cache */
@@ -484,9 +521,12 @@ int tls_scache_delete(TLS_SCACHE *cp, const char *cache_id)
msg_info("delete %s session id=%s", cp->cache_label, cache_id); msg_info("delete %s session id=%s", cp->cache_label, cache_id);
/* /*
* Do it. * Do it, unless we would delete the current first/next entry. Some map
* types don't have cursors, and some of those don't behave when the
* "current" entry is deleted.
*/ */
return (dict_del(cp->db, cache_id) == 0); return ((cp->saved_cursor != 0 && strcmp(cp->saved_cursor, cache_id) == 0)
|| dict_del(cp->db, cache_id) == 0);
} }
/* tls_scache_open - open TLS session cache file */ /* tls_scache_open - open TLS session cache file */
@@ -537,10 +577,12 @@ TLS_SCACHE *tls_scache_open(const char *dbname, const char *cache_label,
* Create the TLS_SCACHE object. * Create the TLS_SCACHE object.
*/ */
cp = (TLS_SCACHE *) mymalloc(sizeof(*cp)); cp = (TLS_SCACHE *) mymalloc(sizeof(*cp));
cp->flags = 0;
cp->db = dict; cp->db = dict;
cp->cache_label = mystrdup(cache_label); cp->cache_label = mystrdup(cache_label);
cp->log_level = log_level; cp->log_level = log_level;
cp->timeout = timeout; cp->timeout = timeout;
cp->saved_cursor = 0;
return (cp); return (cp);
} }
@@ -561,6 +603,8 @@ void tls_scache_close(TLS_SCACHE *cp)
*/ */
dict_close(cp->db); dict_close(cp->db);
myfree(cp->cache_label); myfree(cp->cache_label);
if (cp->saved_cursor)
myfree(cp->saved_cursor);
myfree((char *) cp); myfree((char *) cp);
} }

4
postfix/src/tls/tls_scache.h
View File

@@ -21,12 +21,16 @@
* External interface. * External interface.
*/ */
typedef struct { typedef struct {
int flags; /* see below */
DICT *db; /* database handle */ DICT *db; /* database handle */
char *cache_label; /* "client" or "server" */ char *cache_label; /* "client" or "server" */
int log_level; /* smtp(d)_tls_log_level */ int log_level; /* smtp(d)_tls_log_level */
int timeout; /* smtp(d)_tls_session_cache_timeout */ int timeout; /* smtp(d)_tls_session_cache_timeout */
char *saved_cursor; /* cursor cache ID */
} TLS_SCACHE; } TLS_SCACHE;
#define TLS_SCACHE_FLAG_DEL_CURSOR (1<<0)
extern TLS_SCACHE *tls_scache_open(const char *, const char *, int, int); extern TLS_SCACHE *tls_scache_open(const char *, const char *, int, int);
extern void tls_scache_close(TLS_SCACHE *); extern void tls_scache_close(TLS_SCACHE *);
extern int tls_scache_lookup(TLS_SCACHE *, const char *, long, int, long *, int *, VSTRING *); extern int tls_scache_lookup(TLS_SCACHE *, const char *, long, int, long *, int *, VSTRING *);

8
postfix/src/util/dict_db.c
View File

@@ -393,17 +393,19 @@ static int dict_db_sequence(DICT *dict, int function,
dict_errno = 0; dict_errno = 0;
memset(&db_key, 0, sizeof(db_key)); memset(&db_key, 0, sizeof(db_key));
memset(&db_value, 0, sizeof(db_value)); memset(&db_value, 0, sizeof(db_value));
if (dict_db->cursor == 0)
db->cursor(db, NULL, &(dict_db->cursor), 0);
/* /*
* Determine the function. * Determine the function.
*/ */
switch (function) { switch (function) {
case DICT_SEQ_FUN_FIRST: case DICT_SEQ_FUN_FIRST:
if (dict_db->cursor == 0)
db->cursor(db, NULL, &(dict_db->cursor), 0);
db_function = DB_FIRST; db_function = DB_FIRST;
break; break;
case DICT_SEQ_FUN_NEXT: case DICT_SEQ_FUN_NEXT:
if (dict_db->cursor == 0)
msg_panic("%s: no cursor", myname);
db_function = DB_NEXT; db_function = DB_NEXT;
break; break;
default: default:
@@ -421,7 +423,7 @@ static int dict_db_sequence(DICT *dict, int function,
* Database lookup. * Database lookup.
*/ */
status = status =
dict_db->cursor->c_get(dict_db->cursor, &db_key, &db_value, DB_NEXT); dict_db->cursor->c_get(dict_db->cursor, &db_key, &db_value, db_function);
if (status != 0 && status != DB_NOTFOUND) if (status != 0 && status != DB_NOTFOUND)
msg_fatal("error [%d] seeking %s: %m", status, dict_db->dict.name); msg_fatal("error [%d] seeking %s: %m", status, dict_db->dict.name);

36
postfix/src/util/dict_open.c
View File

@@ -84,7 +84,7 @@
/* With file-based maps, flush I/O buffers to file after each update. /* With file-based maps, flush I/O buffers to file after each update.
/* Thus feature is not supported with some file-based dictionaries. /* Thus feature is not supported with some file-based dictionaries.
/* .IP DICT_FLAG_NO_REGSUB /* .IP DICT_FLAG_NO_REGSUB
/* Disallow regular expression substitution from left-hand side data /* Disallow regular expression substitution from left-hand side data
/* into the right-hand side. /* into the right-hand side.
/* .IP DICT_FLAG_NO_PROXY /* .IP DICT_FLAG_NO_PROXY
/* Disallow access through the \fBproxymap\fR service. /* Disallow access through the \fBproxymap\fR service.
@@ -143,7 +143,7 @@
/* /*
/* dict_open_register() adds support for a new dictionary type. /* dict_open_register() adds support for a new dictionary type.
/* /*
/* dict_mapnames() returns a sorted list with the names of all available /* dict_mapnames() returns a sorted list with the names of all available
/* dictionary types. /* dictionary types.
/* DIAGNOSTICS /* DIAGNOSTICS
/* Fatal error: open error, unsupported dictionary type, attempt to /* Fatal error: open error, unsupported dictionary type, attempt to
@@ -380,7 +380,7 @@ int main(int argc, char **argv)
int open_flags; int open_flags;
char *bufp; char *bufp;
char *cmd; char *cmd;
char *key; const char *key;
const char *value; const char *value;
int ch; int ch;
@@ -408,18 +408,24 @@ int main(int argc, char **argv)
else else
msg_fatal("unknown access mode: %s", argv[2]); msg_fatal("unknown access mode: %s", argv[2]);
dict_name = argv[optind]; dict_name = argv[optind];
dict = dict_open(dict_name, open_flags, DICT_FLAG_LOCK); dict = dict_open(dict_name, open_flags, DICT_FLAG_LOCK | DICT_FLAG_DUP_REPLACE);
dict_register(dict_name, dict); dict_register(dict_name, dict);
while (vstring_fgets_nonl(inbuf, VSTREAM_IN)) { while (vstring_fgets_nonl(inbuf, VSTREAM_IN)) {
bufp = vstring_str(inbuf); bufp = vstring_str(inbuf);
if ((cmd = mystrtok(&bufp, " ")) == 0 || *bufp == 0) { if (!isatty(0)) {
vstream_printf("usage: del key|get key|put key=value\n"); vstream_printf("> %s\n", bufp);
vstream_fflush(VSTREAM_OUT);
}
if (*bufp == '#')
continue;
if ((cmd = mystrtok(&bufp, " ")) == 0) {
vstream_printf("usage: del key|get key|put key=value|first|next\n");
vstream_fflush(VSTREAM_OUT); vstream_fflush(VSTREAM_OUT);
continue; continue;
} }
if (dict_changed_name()) if (dict_changed_name())
msg_warn("dictionary has changed"); msg_warn("dictionary has changed");
key = vstring_str(unescape(keybuf, mystrtok(&bufp, " ="))); key = *bufp ? vstring_str(unescape(keybuf, mystrtok(&bufp, " ="))) : 0;
value = mystrtok(&bufp, " ="); value = mystrtok(&bufp, " =");
if (strcmp(cmd, "del") == 0 && key && !value) { if (strcmp(cmd, "del") == 0 && key && !value) {
if (dict_del(dict, key)) if (dict_del(dict, key))
@@ -437,8 +443,22 @@ int main(int argc, char **argv)
} else if (strcmp(cmd, "put") == 0 && key && value) { } else if (strcmp(cmd, "put") == 0 && key && value) {
dict_put(dict, key, value); dict_put(dict, key, value);
vstream_printf("%s=%s\n", key, value); vstream_printf("%s=%s\n", key, value);
} else if (strcmp(cmd, "first") == 0 && !key && !value) {
if (dict_seq(dict, DICT_SEQ_FUN_FIRST, &key, &value) == 0)
vstream_printf("%s=%s\n", key, value);
else
vstream_printf("%s\n",
dict_errno == DICT_ERR_RETRY ?
"soft error" : "not found");
} else if (strcmp(cmd, "next") == 0 && !key && !value) {
if (dict_seq(dict, DICT_SEQ_FUN_NEXT, &key, &value) == 0)
vstream_printf("%s=%s\n", key, value);
else
vstream_printf("%s\n",
dict_errno == DICT_ERR_RETRY ?
"soft error" : "not found");
} else { } else {
vstream_printf("usage: del key|get key|put key=value\n"); vstream_printf("usage: del key|get key|put key=value|first|next\n");
} }
vstream_fflush(VSTREAM_OUT); vstream_fflush(VSTREAM_OUT);
} }