From 880c54775b691ce56dbe77ec49a77579e18fc60c Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Mon, 28 Jul 2003 00:00:00 -0500 Subject: [PATCH] postfix-2.0.14-20030728 --- postfix/HISTORY | 14 + postfix/README_FILES/SMTPD_POLICY_README | 8 +- postfix/conf/access | 249 ----------------- postfix/conf/sample-smtpd.cf | 36 +-- postfix/examples/smtpd-policy/smtpd-policy.pl | 14 +- postfix/html/access.5.html | 38 ++- postfix/html/postalias.1.html | 64 ++--- postfix/html/postmap.1.html | 68 ++--- postfix/html/uce.html | 8 +- postfix/html/virtual.8.html | 258 +++++++++--------- postfix/man/man1/postalias.1 | 8 +- postfix/man/man1/postmap.1 | 8 +- postfix/man/man5/access.5 | 13 + postfix/man/man8/virtual.8 | 4 +- postfix/proto/access | 13 + postfix/src/global/Makefile.in | 1 + postfix/src/global/mail_version.h | 2 +- postfix/src/postalias/postalias.c | 8 +- postfix/src/postmap/postmap.c | 8 +- postfix/src/smtp/smtp_chat.c | 2 +- postfix/src/smtpd/smtpd_check.c | 24 ++ postfix/src/smtpd/smtpd_proxy.c | 2 +- postfix/src/trivial-rewrite/resolve.c | 1 + postfix/src/util/dict_mysql.c | 21 +- postfix/src/util/dict_pgsql.c | 26 +- postfix/src/virtual/virtual.c | 4 +- 26 files changed, 365 insertions(+), 537 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index 45dcf3d8c..836bc1e80 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -8405,6 +8405,20 @@ Apologies for any names omitted. Documentation: corrected the command time limit parameter syntax in the spawn(8) manual page. + Feature: defer_if_permit and defer_if_reject actions in + access tables, mainly for use by the delegated policy + server. Files: smtpd/smtpd_check.c, proto/access. + +20030725 + + The dict_pgsql module did not use dict_alloc() and dict_free(), + causing improper initialization and a memory leak. Leandro + Santi. File: util/dict_pgsql.c. + + Cleanup: added open_flags sanity checks to the dict_pgsql + and dict_mysql modules. These maps must be opened in + read-only mode. + Open problems: Low: smtp-source may block when sending large test messages. diff --git a/postfix/README_FILES/SMTPD_POLICY_README b/postfix/README_FILES/SMTPD_POLICY_README index e3800d9f5..8275acb6a 100644 --- a/postfix/README_FILES/SMTPD_POLICY_README +++ b/postfix/README_FILES/SMTPD_POLICY_README @@ -267,12 +267,14 @@ sub smtpd_access_policy { update_database($key, $time_stamp); } - # Specify DUNNO instead of OK so that the check_policy_service restriction - # can be used in the middle of a restriction list. + # In case of success, return DUNNO instead of OK so that the + # check_policy_service restriction can be followed by other restrictions. + # In case of failure, specify DEFER_IF_PERMIT so that mail can + # still be blocked by other access restrictions. syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose; if ($now - $time_stamp > $greylist_delay) { return "dunno"; } else { - return "450 Service is unavailable"; + return "defer_if_permit Service is unavailable"; } } diff --git a/postfix/conf/access b/postfix/conf/access index 7eb324c91..e69de29bb 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -1,249 +0,0 @@ -# ACCESS(5) ACCESS(5) -# -# NAME -# access - format of Postfix access table -# -# SYNOPSIS -# postmap /etc/postfix/access -# -# postmap -q "string" /etc/postfix/access -# -# postmap -q - /etc/postfix/access as the lookup key for such addresses. The value is -# specified with the smtpd_null_access_lookup_key parameter -# in the Postfix main.cf file. -# -# EMAIL ADDRESS EXTENSION -# When a mail address localpart contains the optional recip- -# ient delimiter (e.g., user+foo@domain), the lookup order -# becomes: user+foo@domain, user@domain, domain, user+foo@, -# and user@. -# -# HOST NAME/ADDRESS PATTERNS -# With lookups from indexed files such as DB or DBM, or from -# networked tables such as NIS, LDAP or SQL, the following -# lookup patterns are examined in the order as listed: -# -# domain.tld -# Matches domain.tld. -# -# The pattern domain.tld also matches subdomains, but -# only when the string smtpd_access_maps is listed in -# the Postfix parent_domain_matches_subdomains con- -# figuration setting. Otherwise, specify .domain.tld -# (note the initial dot) in order to match subdo- -# mains. -# -# net.work.addr.ess -# -# net.work.addr -# -# net.work -# -# net Matches any host address in the specified network. -# A network address is a sequence of one or more -# octets separated by ".". -# -# NOTE: use the cidr lookup table type to specify -# network/netmask patterns. See cidr_table(5) for -# details. -# -# ACTIONS -# [45]NN text -# Reject the address etc. that matches the pattern, -# and respond with the numerical code and text. -# -# REJECT -# -# REJECT optional text... -# Reject the address etc. that matches the pattern. -# Reply with $reject_code optional text... when the -# optional text is specified, otherwise reply with a -# generic error response message. -# -# OK Accept the address etc. that matches the pattern. -# -# all-numerical -# An all-numerical result is treated as OK. This for- -# mat is generated by address-based relay authoriza- -# tion schemes. -# -# DUNNO Pretend that the lookup key was not found in this -# table. This prevents Postfix from trying substrings -# of the lookup key (such as a subdomain name, or a -# network address subnetwork). -# -# HOLD -# -# HOLD optional text... -# Place the message on the hold queue, where it will -# sit until someone either deletes it or releases it -# for delivery. Log the optional text if specified, -# otherwise log a generic message. -# -# Mail that is placed on hold can be examined with -# the postcat(1) command, and can be destroyed or -# released with the postsuper(1) command. -# -# Note: this action currently affects all recipients -# of the message. -# -# DISCARD -# -# DISCARD optional text... -# Claim successful delivery and silently discard the -# message. Log the optional text if specified, oth- -# erwise log a generic message. -# -# Note: this action currently affects all recipients -# of the message. -# -# FILTER transport:destination -# After the message is queued, send the entire mes- -# sage through a content filter. More information -# about content filters is in the Postfix FIL- -# TER_README file. -# -# Note: this action overrides the main.cf con- -# tent_filter setting, and currently affects all -# recipients of the message. -# -# REDIRECT user@domain -# After the message is queued, send the message to -# the specified address instead of the intended -# recipient(s). -# -# Note: this action overrides the FILTER action, and -# currently affects all recipients of the message. -# -# restriction... -# Apply the named UCE restriction(s) (permit, reject, -# reject_unauth_destination, and so on). -# -# REGULAR EXPRESSION TABLES -# This section describes how the table lookups change when -# the table is given in the form of regular expressions. For -# a description of regular expression lookup table syntax, -# see regexp_table(5) or pcre_table(5). -# -# Each pattern is a regular expression that is applied to -# the entire string being looked up. Depending on the appli- -# cation, that string is an entire client hostname, an -# entire client IP address, or an entire mail address. Thus, -# no parent domain or parent network search is done, -# user@domain mail addresses are not broken up into their -# user@ and domain constituent parts, nor is user+foo broken -# up into user and foo. -# -# Patterns are applied in the order as specified in the -# table, until a pattern is found that matches the search -# string. -# -# Actions are the same as with indexed file lookups, with -# the additional feature that parenthesized substrings from -# the pattern can be interpolated as $1, $2 and so on. -# -# TCP-BASED TABLES -# This section describes how the table lookups change when -# lookups are directed to a TCP-based server. For a descrip- -# tion of the TCP client/server lookup protocol, see -# tcp_table(5). -# -# Each lookup operation uses the entire query string once. -# Depending on the application, that string is an entire -# client hostname, an entire client IP address, or an entire -# mail address. Thus, no parent domain or parent network -# search is done, user@domain mail addresses are not broken -# up into their user@ and domain constituent parts, nor is -# user+foo broken up into user and foo. -# -# Actions are the same as with indexed file lookups. -# -# BUGS -# The table format does not understand quoting conventions. -# -# SEE ALSO -# postmap(1) create lookup table -# smtpd(8) smtp server -# cidr_table(5) format of CIDR tables -# pcre_table(5) format of PCRE tables -# regexp_table(5) format of POSIX regular expression tables -# tcp_table(5) TCP client/server table lookup protocol -# -# LICENSE -# The Secure Mailer license must be distributed with this -# software. -# -# AUTHOR(S) -# Wietse Venema -# IBM T.J. Watson Research -# P.O. Box 704 -# Yorktown Heights, NY 10598, USA -# -# ACCESS(5) diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf index a03938158..b2d5168ad 100644 --- a/postfix/conf/sample-smtpd.cf +++ b/postfix/conf/sample-smtpd.cf @@ -312,14 +312,7 @@ mynetworks_style = subnet # check_client_access maptype:mapname # look up client name, parent domains, client address, # or networks obtained by stripping octets. -# Skip this lookup table if the result is DUNNO. -# Reject the SMTP client if the result is REJECT text... or "[45]xx text" -# Discard the message if the result is DISCARD text... -# Hold the message in the queue if the result is HOLD text... -# Release mail "on hold" with the postsuper(1) command. -# Filter the message if the result is FILTER transport:nexthop. -# Redirect the message if the result is REDIRECT user@domain. -# Permit the SMTP client if the result is OK or all numerical. +# see access(5) for possible lookup results. # reject_rbl_client domain.tld: reject if the reversed client IP address # is listed in an A record under domain.tld. # Append e.g., "=127.0.0.2" to the RBL domain name to select a specific @@ -366,14 +359,7 @@ smtpd_helo_required = no # reject_non_fqdn_hostname: reject HELO hostname that is not in FQDN form # check_helo_access maptype:mapname # look up HELO hostname or parent domains. -# Skip this lookup table if the result is DUNNO. -# Reject the HELO command if the result is REJECT text... or "[45]xx text" -# Discard the message if the result is DISCARD text... -# Hold the message in the queue if the result is HOLD text... -# Release mail "on hold" with the postsuper(1) command. -# Filter the message if the result is FILTER transport:nexthop. -# Redirect the message if the result is REDIRECT user@domain. -# Permit the HELO command if the result is OK or all numerical. +# see access(5) for possible lookup results. # check_policy_service transport:endpoint: delegate the decision to # an external policy server. See SMTPD_POLICY_README for details. # reject: reject the request. Place this at the end of a restriction. @@ -407,14 +393,7 @@ smtpd_helo_restrictions = # in an A record under domain.tld. # check_sender_access maptype:mapname # look up sender address, parent domain, or localpart@. -# Skip this lookup table if the result is DUNNO. -# Reject the sender if the result is REJECT text... or "[45]xx text" -# Discard the message if the result is DISCARD text... -# Hold the message in the queue if the result is HOLD text... -# Release mail "on hold" with the postsuper(1) command. -# Filter the message if the result is FILTER transport:nexthop. -# Redirect the message if the result is REDIRECT user@domain. -# Permit the sender if the result is OK or all numerical. +# see access(5) for possible lookup results. # reject_sender_login_mismatch: reject if $smtpd_sender_login_maps specifies # a MAIL FROM address owner, but the client is not (SASL) logged in as # that MAIL FROM address owner; or if the client is (SASL) logged in, but @@ -485,14 +464,7 @@ smtpd_sender_restrictions = # reject_unknown_recipient_domain: reject domains without A or MX record. # check_recipient_access maptype:mapname # look up recipient address, parent domain, or localpart@. -# Skip this lookup table if the result is DUNNO. -# Reject the recipient if the result is REJECT text... or "[45]xx text" -# Discard the message if the result is DISCARD text... -# Hold the message in the queue if the result is HOLD text... -# Release mail "on hold" with the postsuper(1) command. -# Filter the message if the result is FILTER transport:nexthop. -# Redirect the message if the result is REDIRECT user@domain. -# Permit the recipient if the result is OK or all numerical. +# see access(5) for possible lookup results. # reject_non_fqdn_recipient: reject recipient address that is not in FQDN form # check_policy_service transport:endpoint: delegate the decision to # an external policy server. See SMTPD_POLICY_README for details. diff --git a/postfix/examples/smtpd-policy/smtpd-policy.pl b/postfix/examples/smtpd-policy/smtpd-policy.pl index f3f9c7a64..1b9f9f22f 100755 --- a/postfix/examples/smtpd-policy/smtpd-policy.pl +++ b/postfix/examples/smtpd-policy/smtpd-policy.pl @@ -26,8 +26,10 @@ use Sys::Syslog qw(:DEFAULT setlogsock); # To use this from Postfix SMTPD, use in /etc/postfix/main.cf: # # smtpd_recipient_restrictions = -# ... reject_unauth_destination -# check_policy_service unix:private/policy ... +# ... +# reject_unauth_destination +# check_policy_service unix:private/policy +# ... # # NOTE: specify check_policy_service AFTER reject_unauth_destination # or else your system can become an open relay. @@ -98,13 +100,15 @@ sub smtpd_access_policy { update_database($key, $time_stamp); } - # Specify DUNNO instead of OK so that the check_policy_service restriction - # can be followed by other restrictions. + # In case of success, return DUNNO instead of OK so that the + # check_policy_service restriction can be followed by other restrictions. + # In case of failure, specify DEFER_IF_PERMIT so that mail can + # still be blocked by other access restrictions. syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose; if ($now - $time_stamp > $greylist_delay) { return "dunno"; } else { - return "450 Service is unavailable"; + return "defer_if_permit Service is unavailable"; } } diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 1170783a7..2c290f818 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -65,8 +65,8 @@ ACCESS(5) ACCESS(5) address. The pattern domain.tld also matches subdomains, but - only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- + only when the string smtpd_access_maps is listed in + the Postfix parent_domain_matches_subdomains con- figuration setting. Otherwise, specify .domain.tld (note the initial dot) in order to match subdo- mains. @@ -77,7 +77,7 @@ ACCESS(5) ACCESS(5) Note: lookup of the null sender address is not possible with some types of lookup table. By default, Postfix uses <> as the lookup key for such addresses. The value is - specified with the smtpd_null_access_lookup_key parameter + specified with the smtpd_null_access_lookup_key parameter in the Postfix main.cf file. EMAIL ADDRESS EXTENSION @@ -95,8 +95,8 @@ ACCESS(5) ACCESS(5) Matches domain.tld. The pattern domain.tld also matches subdomains, but - only when the string smtpd_access_maps is listed in - the Postfix parent_domain_matches_subdomains con- + only when the string smtpd_access_maps is listed in + the Postfix parent_domain_matches_subdomains con- figuration setting. Otherwise, specify .domain.tld (note the initial dot) in order to match subdo- mains. @@ -124,10 +124,28 @@ ACCESS(5) ACCESS(5) REJECT optional text... Reject the address etc. that matches the pattern. - Reply with $reject_code optional text... when the + Reply with $reject_code optional text... when the optional text is specified, otherwise reply with a generic error response message. + DEFER_IF_REJECT + + DEFER_IF_REJECT optional text... + Defer the request if some later restriction would + result in a REJECT action. Reply with "450 optional + text... when the optional text is specified, other- + wise reply with a generic error response message. + + DEFER_IF_PERMIT + + DEFER_IF_PERMIT optional text... + Defer the request if some later restriction would + result in a PERMIT action (there is an implied PER- + MIT at the end of each restriction list). Reply + with "450 optional text... when the optional text + is specified, otherwise reply with a generic error + response message. + OK Accept the address etc. that matches the pattern. all-numerical @@ -172,7 +190,7 @@ ACCESS(5) ACCESS(5) TER_README file. Note: this action overrides the main.cf con- - tent_filter setting, and currently affects all + tent_filter setting, and currently affects all recipients of the message. REDIRECT user@domain @@ -185,13 +203,13 @@ ACCESS(5) ACCESS(5) restriction... Apply the named UCE restriction(s) (permit, reject, - reject_unauth_destination, and so on). + reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES This section describes how the table lookups change when the table is given in the form of regular expressions. For a description of regular expression lookup table syntax, - see regexp_table(5) or pcre_table(5). + see regexp_table(5) or pcre_table(5). Each pattern is a regular expression that is applied to the entire string being looked up. Depending on the appli- @@ -214,7 +232,7 @@ ACCESS(5) ACCESS(5) This section describes how the table lookups change when lookups are directed to a TCP-based server. For a descrip- tion of the TCP client/server lookup protocol, see - tcp_table(5). + tcp_table(5). Each lookup operation uses the entire query string once. Depending on the application, that string is an entire diff --git a/postfix/html/postalias.1.html b/postfix/html/postalias.1.html index e8a582d77..09a3169c1 100644 --- a/postfix/html/postalias.1.html +++ b/postfix/html/postalias.1.html @@ -5,8 +5,8 @@ POSTALIAS(1) POSTALIAS(1) postalias - Postfix alias database maintenance SYNOPSIS - postalias [-Nfinoprvw] [-c config_dir] [-d key] [-q key] - [file_type:]file_name ... + postalias [-Nfinoprvw] [-c config_dir] [-d key] [-q key] + [file_type:]file_name ... DESCRIPTION The postalias command creates or queries one or more Post- @@ -29,32 +29,32 @@ POSTALIAS(1) POSTALIAS(1) Options: - -N Include the terminating null character that termi- - nates lookup keys and values. By default, Postfix - does whatever is the default for the host operating - system. - - -c config_dir - Read the main.cf configuration file in the named + -c config_dir + Read the main.cf configuration file in the named directory instead of the default configuration directory. - -d key Search the specified maps for key and remove one - entry per map. The exit status is zero when the + -d key Search the specified maps for key and remove one + entry per map. The exit status is zero when the requested information was found. If a key value of - is specified, the program reads key values from the standard input stream. The exit - status is zero when at least one of the requested + status is zero when at least one of the requested keys was found. -f Do not fold the lookup key to lower case while cre- ating or querying a map. - -i Incremental mode. Read entries from standard input + -i Incremental mode. Read entries from standard input and do not truncate an existing database. By - default, postalias creates a new database from the - entries in file_name. + default, postalias creates a new database from the + entries in file_name. + + -N Include the terminating null character that termi- + nates lookup keys and values. By default, Postfix + does whatever is the default for the host operating + system. -n Don't include the terminating null character that terminates lookup keys and values. By default, @@ -78,7 +78,7 @@ POSTALIAS(1) POSTALIAS(1) If a key value of - is specified, the program reads key values from the standard input stream and - prints one line of key: value output for each key + prints one line of key: value output for each key that was found. The exit status is zero when at least one of the requested keys was found. @@ -94,32 +94,32 @@ POSTALIAS(1) POSTALIAS(1) Arguments: - file_type + file_type The type of database to be produced. btree The output is a btree file, named - file_name.db. This is available only on + file_name.db. This is available only on systems with support for db databases. dbm The output consists of two files, named - file_name.pag and file_name.dir. This is + file_name.pag and file_name.dir. This is available only on systems with support for dbm databases. hash The output is a hashed file, named - file_name.db. This is available only on + file_name.db. This is available only on systems with support for db databases. - Use the command postconf -m to find out what types + Use the command postconf -m to find out what types of database your Postfix installation can support. - When no file_type is specified, the software uses + When no file_type is specified, the software uses the database type specified via the - default_database_type configuration parameter. The + default_database_type configuration parameter. The default value for this parameter depends on the host environment. - file_name + file_name The name of the alias database source file when creating a database. @@ -129,37 +129,37 @@ POSTALIAS(1) POSTALIAS(1) skipped and are flagged with a warning. postalias terminates with zero exit status in case of suc- - cess (including successful postalias -q lookup) and termi- + cess (including successful postalias -q lookup) and termi- nates with non-zero exit status in case of failure. ENVIRONMENT - MAIL_CONFIG + MAIL_CONFIG Directory with Postfix configuration files. - MAIL_VERBOSE + MAIL_VERBOSE Enable verbose logging for debugging purposes. -CONFIGURATION PARAMETERS +CONFIGURATION PARAMETERS The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax details and for default values. - default_database_type + default_database_type Default database type. On many UNIX systems, the default type is either dbm or hash. - berkeley_db_create_buffer_size + berkeley_db_create_buffer_size Amount of buffer memory to be used when creating a Berkeley DB hash or btree lookup table. - berkeley_db_read_buffer_size + berkeley_db_read_buffer_size Amount of buffer memory to be used when reading a Berkeley DB hash or btree lookup table. STANDARDS RFC 822 (ARPA Internet Text Messages) -SEE ALSO +SEE ALSO aliases(5) format of alias database input file. local(5) Postfix local delivery agent. sendmail(1) mail posting and compatibility interface. diff --git a/postfix/html/postmap.1.html b/postfix/html/postmap.1.html index 0873220c9..b5a5c97a9 100644 --- a/postfix/html/postmap.1.html +++ b/postfix/html/postmap.1.html @@ -5,15 +5,15 @@ POSTMAP(1) POSTMAP(1) postmap - Postfix lookup table management SYNOPSIS - postmap [-Nfinoprvw] [-c config_dir] [-d key] [-q key] - [file_type:]file_name ... + postmap [-Nfinoprvw] [-c config_dir] [-d key] [-q key] + [file_type:]file_name ... DESCRIPTION The postmap command creates or queries one or more Postfix lookup tables, or updates an existing one. The input and output file formats are expected to be compatible with: - makemap file_type file_name < file_name + makemap file_type file_name < file_name If the result files do not exist they will be created with the same group and other read permissions as the source @@ -24,7 +24,7 @@ POSTMAP(1) POSTMAP(1) the entire table, in order to avoid surprises in spectator programs. -INPUT FILE FORMAT +INPUT FILE FORMAT The format of a lookup table input file is as follows: o A table entry has the form @@ -46,33 +46,33 @@ POSTMAP(1) POSTMAP(1) whitespace. The key is mapped to lowercase to make mapping lookups case insensitive. -COMMAND-LINE ARGUMENTS - -N Include the terminating null character that termi- - nates lookup keys and values. By default, Postfix - does whatever is the default for the host operating - system. - - -c config_dir - Read the main.cf configuration file in the named +COMMAND-LINE ARGUMENTS + -c config_dir + Read the main.cf configuration file in the named directory instead of the default configuration directory. - -d key Search the specified maps for key and remove one - entry per map. The exit status is zero when the + -d key Search the specified maps for key and remove one + entry per map. The exit status is zero when the requested information was found. If a key value of - is specified, the program reads key values from the standard input stream. The exit - status is zero when at least one of the requested + status is zero when at least one of the requested keys was found. -f Do not fold the lookup key to lower case while cre- ating or querying a map. - -i Incremental mode. Read entries from standard input + -i Incremental mode. Read entries from standard input and do not truncate an existing database. By - default, postmap creates a new database from the - entries in file_name. + default, postmap creates a new database from the + entries in file_name. + + -N Include the terminating null character that termi- + nates lookup keys and values. By default, Postfix + does whatever is the default for the host operating + system. -n Don't include the terminating null character that terminates lookup keys and values. By default, @@ -96,7 +96,7 @@ POSTMAP(1) POSTMAP(1) If a key value of - is specified, the program reads key values from the standard input stream and - prints one line of key value output for each key + prints one line of key value output for each key that was found. The exit status is zero when at least one of the requested keys was found. @@ -112,30 +112,30 @@ POSTMAP(1) POSTMAP(1) Arguments: - file_type + file_type The type of database to be produced. btree The output file is a btree file, named - file_name.db. This is available only on + file_name.db. This is available only on systems with support for db databases. dbm The output consists of two files, named - file_name.pag and file_name.dir. This is + file_name.pag and file_name.dir. This is available only on systems with support for dbm databases. hash The output file is a hashed file, named - file_name.db. This is available only on + file_name.db. This is available only on systems with support for db databases. - Use the command postconf -m to find out what types + Use the command postconf -m to find out what types of database your Postfix installation can support. - When no file_type is specified, the software uses + When no file_type is specified, the software uses the database type specified via the - default_database_type configuration parameter. + default_database_type configuration parameter. - file_name + file_name The name of the lookup table source file when rebuilding a database. @@ -145,27 +145,27 @@ POSTMAP(1) POSTMAP(1) skipped and are flagged with a warning. postmap terminates with zero exit status in case of suc- - cess (including successful postmap -q lookup) and termi- + cess (including successful postmap -q lookup) and termi- nates with non-zero exit status in case of failure. ENVIRONMENT - MAIL_CONFIG + MAIL_CONFIG Directory with Postfix configuration files. - MAIL_VERBOSE + MAIL_VERBOSE Enable verbose logging for debugging purposes. -CONFIGURATION PARAMETERS - default_database_type +CONFIGURATION PARAMETERS + default_database_type Default output database type. On many UNIX sys- tems, the default database type is either hash or dbm. - berkeley_db_create_buffer_size + berkeley_db_create_buffer_size Amount of buffer memory to be used when creating a Berkeley DB hash or btree lookup table. - berkeley_db_read_buffer_size + berkeley_db_read_buffer_size Amount of buffer memory to be used when reading a Berkeley DB hash or btree lookup table. diff --git a/postfix/html/uce.html b/postfix/html/uce.html index ec9d020cf..556006555 100644 --- a/postfix/html/uce.html +++ b/postfix/html/uce.html @@ -1127,13 +1127,7 @@ hash:/etc/postfix/etrn_access, reject
maptype:mapname
Search the named access database for the domain specified -in the ETRN command, or its parent domains. Reject the request if -the result is REJECT text... or "[45]XX -text". Permit -the request if the result is OK or RELAY or -all-numerical. Otherwise, treat the result as another list of UCE -restrictions. The access_map_reject_code parameter specifies -the result code for rejected requests (default: 554). +in the ETRN command, or its parent domains.

diff --git a/postfix/html/virtual.8.html b/postfix/html/virtual.8.html index 550e4712d..b074db1e4 100644 --- a/postfix/html/virtual.8.html +++ b/postfix/html/virtual.8.html @@ -20,26 +20,26 @@ VIRTUAL(8) VIRTUAL(8) etc., must be configured via virtual_alias maps or via similar lookup mechanisms. -MAILBOX LOCATION - The mailbox location is controlled by the virtual_mail- - box_base and virtual_mailbox_maps configuration parameters - (see below). The virtual_mailbox_maps table is indexed by +MAILBOX LOCATION + The mailbox location is controlled by the virtual_mail- + box_base and virtual_mailbox_maps configuration parameters + (see below). The virtual_mailbox_maps table is indexed by the recipient address as described under TABLE SEARCH ORDER below. The mailbox pathname is constructed as follows: - $virtual_mailbox_base/$virtual_mailbox_maps(recipient) + $virtual_mailbox_base/$virtual_mailbox_maps(recipient) where recipient is the full recipient address. -UNIX MAILBOX FORMAT +UNIX MAILBOX FORMAT When the mailbox location does not end in /, the message is delivered in UNIX mailbox format. This format stores multiple messages in one textfile. The virtual delivery agent prepends a "From sender - time_stamp" envelope header to each message, prepends a + time_stamp" envelope header to each message, prepends a Delivered-To: message header with the envelope recipient address, prepends an X-Original-To: header with the recip- ient address as given to Postfix, prepends a Return-Path: @@ -51,7 +51,7 @@ VIRTUAL(8) VIRTUAL(8) is in progress. In case of problems, an attempt is made to truncate the mailbox to its original length. -QMAIL MAILDIR FORMAT +QMAIL MAILDIR FORMAT When the mailbox location ends in /, the message is deliv- ered in qmail maildir format. This format stores one mes- sage per file. @@ -62,30 +62,30 @@ VIRTUAL(8) VIRTUAL(8) address as given to Postfix, and prepends a Return-Path: message header with the envelope sender address. - By definition, maildir format does not require file lock- - ing during mail delivery or retrieval. + By definition, maildir format does not require applica- + tion-level file locking during mail delivery or retrieval. -MAILBOX OWNERSHIP - Mailbox ownership is controlled by the virtual_uid_maps - and virtual_gid_maps lookup tables, which are indexed with - the full recipient address. Each table provides a string +MAILBOX OWNERSHIP + Mailbox ownership is controlled by the virtual_uid_maps + and virtual_gid_maps lookup tables, which are indexed with + the full recipient address. Each table provides a string with the numerical user and group ID, respectively. - The virtual_minimum_uid parameter imposes a lower bound on + The virtual_minimum_uid parameter imposes a lower bound on numerical user ID values that may be specified in any vir- - tual_uid_maps. + tual_uid_maps. -TABLE SEARCH ORDER - Normally, a lookup table is specified as a text file that - serves as input to the postmap(1) command. The result, an +TABLE SEARCH ORDER + Normally, a lookup table is specified as a text file that + serves as input to the postmap(1) command. The result, an indexed file in dbm or db format, is used for fast search- ing by the mail system. The canonical search order is as follows. The search stops upon the first successful lookup. - o When the recipient has an optional address exten- - sion the user+extension@domain.tld address is + o When the recipient has an optional address exten- + sion the user+extension@domain.tld address is looked up first. o The user@domain.tld address, without address exten- @@ -93,19 +93,19 @@ VIRTUAL(8) VIRTUAL(8) o Finally, the recipient @domain is looked up. - When the table is provided via other means such as NIS, - LDAP or SQL, the same lookups are done as for ordinary + When the table is provided via other means such as NIS, + LDAP or SQL, the same lookups are done as for ordinary indexed files. - Alternatively, a table can be provided as a regular- + Alternatively, a table can be provided as a regular- expression map where patterns are given as regular expres- - sions. In that case, only the full recipient address is + sions. In that case, only the full recipient address is given to the regular-expression map. SECURITY The virtual delivery agent is not security sensitive, pro- - vided that the lookup tables with recipient user/group ID - information are adequately protected. This program is not + vided that the lookup tables with recipient user/group ID + information are adequately protected. This program is not designed to run chrooted. STANDARDS @@ -116,46 +116,82 @@ VIRTUAL(8) VIRTUAL(8) recipient is over disk quota. In all other cases, mail for an existing recipient is deferred and a warning is logged. - Problems and transactions are logged to syslogd(8). Cor- - rupted message files are marked so that the queue manager + Problems and transactions are logged to syslogd(8). Cor- + rupted message files are marked so that the queue manager can move them to the corrupt queue afterwards. - Depending on the setting of the notify_classes parameter, - the postmaster is notified of bounces and of other trou- + Depending on the setting of the notify_classes parameter, + the postmaster is notified of bounces and of other trou- ble. BUGS - This delivery agent supports address extensions in email + This delivery agent supports address extensions in email addresses and in lookup table keys, but does not propagate - address extension information to the result of table + address extension information to the result of table lookup. Postfix should have lookup tables that can return multiple - result attributes. In order to avoid the inconvenience of + result attributes. In order to avoid the inconvenience of maintaining three tables, use an LDAP or MYSQL database. -CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload +CONFIGURATION PARAMETERS + The following main.cf parameters are especially relevant + to this program. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. -Mailbox delivery - virtual_mailbox_base - Specifies a path that is prepended to all mailbox - or maildir paths. This is a safety measure to - ensure that an out of control map in virtual_mail- - box_maps doesn't litter the filesystem with mail- - boxes. While it could be set to "/", this setting +Mailbox delivery + virtual_mailbox_base + Specifies a path that is prepended to all mailbox + or maildir paths. This is a safety measure to + ensure that an out of control map in virtual_mail- + box_maps doesn't litter the filesystem with mail- + boxes. While it could be set to "/", this setting isn't recommended. - virtual_mailbox_maps + virtual_mailbox_maps Recipients are looked up in these maps to determine - the path to their mailbox or maildir. If the - returned path ends in a slash ("/"), maildir-style - delivery is carried out, otherwise the path is + the path to their mailbox or maildir. If the + returned path ends in a slash ("/"), maildir-style + delivery is carried out, otherwise the path is assumed to specify a UNIX-style mailbox file. + While searching a lookup table, an address exten- + sion (user+foo@domain.tld) is ignored. + + In a lookup table, specify a left-hand side of + @domain.tld to match any user in the specified + domain that does not have a specific + user@domain.tld entry. + + Note that virtual_mailbox_base is unconditionally + prepended to this path. + + For security reasons, regular expression maps are + allowed but regular expression substitution of $1 + etc. is disallowed, because that would open a secu- + rity hole. + + For security reasons, proxied table lookup is not + allowed, because that would open a security hole. + + virtual_mailbox_domains + The list of domains that should be delivered via + the Postfix virtual delivery agent. This uses the + same syntax as the mydestination configuration + parameter. + + virtual_minimum_uid + Specifies a minimum uid that will be accepted as a + return from a virtual_uid_maps lookup. Returned + values less than this will be rejected, and the + message will be deferred. + + virtual_uid_maps + Recipients are looked up in these maps to determine + the user ID to be used when writing to the target + mailbox. + While searching a lookup table, an address exten- sion (user+foo@domain.tld) is ignored. @@ -164,131 +200,95 @@ VIRTUAL(8) VIRTUAL(8) domain that does not have a specific user@domain.tld entry. - Note that virtual_mailbox_base is unconditionally - prepended to this path. - - For security reasons, regular expression maps are - allowed but regular expression substitution of $1 + For security reasons, regular expression maps are + allowed but regular expression substitution of $1 etc. is disallowed, because that would open a secu- rity hole. - For security reasons, proxied table lookup is not + For security reasons, proxied table lookup is not allowed, because that would open a security hole. - virtual_mailbox_domains - The list of domains that should be delivered via - the Postfix virtual delivery agent. This uses the - same syntax as the mydestination configuration - parameter. - - virtual_minimum_uid - Specifies a minimum uid that will be accepted as a - return from a virtual_uid_maps lookup. Returned - values less than this will be rejected, and the - message will be deferred. - - virtual_uid_maps + virtual_gid_maps Recipients are looked up in these maps to determine - the user ID to be used when writing to the target + the group ID to be used when writing to the target mailbox. - While searching a lookup table, an address exten- + While searching a lookup table, an address exten- sion (user+foo@domain.tld) is ignored. - In a lookup table, specify a left-hand side of - @domain.tld to match any user in the specified - domain that does not have a specific + In a lookup table, specify a left-hand side of + @domain.tld to match any user in the specified + domain that does not have a specific user@domain.tld entry. - For security reasons, regular expression maps are - allowed but regular expression substitution of $1 + For security reasons, regular expression maps are + allowed but regular expression substitution of $1 etc. is disallowed, because that would open a secu- rity hole. - For security reasons, proxied table lookup is not + For security reasons, proxied table lookup is not allowed, because that would open a security hole. - virtual_gid_maps - Recipients are looked up in these maps to determine - the group ID to be used when writing to the target - mailbox. - - While searching a lookup table, an address exten- - sion (user+foo@domain.tld) is ignored. - - In a lookup table, specify a left-hand side of - @domain.tld to match any user in the specified - domain that does not have a specific - user@domain.tld entry. - - For security reasons, regular expression maps are - allowed but regular expression substitution of $1 - etc. is disallowed, because that would open a secu- - rity hole. - - For security reasons, proxied table lookup is not - allowed, because that would open a security hole. - -Locking controls - virtual_mailbox_lock - How to lock UNIX-style mailboxes: one or more of - flock, fcntl or dotlock. The dotlock method - requires that the recipient UID or GID has write +Locking controls + virtual_mailbox_lock + How to lock UNIX-style mailboxes: one or more of + flock, fcntl or dotlock. The dotlock method + requires that the recipient UID or GID has write access to the parent directory of the mailbox file. - This setting is ignored with maildir style deliv- + This setting is ignored with maildir style deliv- ery, because such deliveries are safe without explicit locks. - Use the command postconf -l to find out what lock- + Use the command postconf -l to find out what lock- ing methods are available on your system. - deliver_lock_attempts - Limit the number of attempts to acquire an exclu- + deliver_lock_attempts + Limit the number of attempts to acquire an exclu- sive lock on a UNIX-style mailbox file. - deliver_lock_delay + deliver_lock_delay Time (default: seconds) between successive attempts - to acquire an exclusive lock on a UNIX-style mail- - box file. The actual delay is slightly randomized. + to acquire an exclusive lock on a UNIX-style mail- + box file. The actual delay is slightly randomized. - stale_lock_time - Limit the time after which a stale lockfile is - removed (applicable to UNIX-style mailboxes only). + stale_lock_time + Limit the time after which a stale lockfile is + removed (applicable to UNIX-style mailboxes only). -Resource controls - virtual_destination_concurrency_limit +Resource controls + virtual_destination_concurrency_limit Limit the number of parallel deliveries to the same domain via the virtual delivery agent. The default - limit is taken from the default_destination_concur- - rency_limit parameter. The limit is enforced by + limit is taken from the default_destination_concur- + rency_limit parameter. The limit is enforced by the Postfix queue manager. - virtual_destination_recipient_limit + virtual_destination_recipient_limit Limit the number of recipients per message delivery - via the virtual delivery agent. The default limit - is taken from the default_destination_recipi- - ent_limit parameter. The limit is enforced by the + via the virtual delivery agent. The default limit + is taken from the default_destination_recipi- + ent_limit parameter. The limit is enforced by the Postfix queue manager. - virtual_mailbox_limit - The maximal size in bytes of a mailbox or maildir + virtual_mailbox_limit + The maximal size in bytes of a mailbox or maildir file. Set to zero to disable the limit. HISTORY - This agent was originally based on the Postfix local + This agent was originally based on the Postfix local delivery agent. Modifications mainly consisted of removing - code that either was not applicable or that was not safe - in this context: aliases, ~user/.forward files, delivery + code that either was not applicable or that was not safe + in this context: aliases, ~user/.forward files, delivery to "|command" or to /file/name. - The Delivered-To: header appears in the qmail system by + The Delivered-To: header appears in the qmail system by Daniel Bernstein. - The maildir structure appears in the qmail system by + The maildir structure appears in the qmail system by Daniel Bernstein. -SEE ALSO +SEE ALSO regexp_table(5) POSIX regular expression table format pcre_table(5) Perl Compatible Regular Expression table format bounce(8) non-delivery status reports @@ -296,7 +296,7 @@ VIRTUAL(8) VIRTUAL(8) qmgr(8) queue manager LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/man/man1/postalias.1 b/postfix/man/man1/postalias.1 index 5ad1dae2e..e03d69862 100644 --- a/postfix/man/man1/postalias.1 +++ b/postfix/man/man1/postalias.1 @@ -32,10 +32,6 @@ The format of Postfix alias input files is described in \fBaliases\fR(5). Options: -.IP \fB-N\fR -Include the terminating null character that terminates lookup keys -and values. By default, Postfix does whatever is the default for -the host operating system. .IP "\fB-c \fIconfig_dir\fR" Read the \fBmain.cf\fR configuration file in the named directory instead of the default configuration directory. @@ -53,6 +49,10 @@ a map. Incremental mode. Read entries from standard input and do not truncate an existing database. By default, \fBpostalias\fR creates a new database from the entries in \fIfile_name\fR. +.IP \fB-N\fR +Include the terminating null character that terminates lookup keys +and values. By default, Postfix does whatever is the default for +the host operating system. .IP \fB-n\fR Don't include the terminating null character that terminates lookup keys and values. By default, Postfix does whatever is the default for diff --git a/postfix/man/man1/postmap.1 b/postfix/man/man1/postmap.1 index b66ec181a..f9426a3c0 100644 --- a/postfix/man/man1/postmap.1 +++ b/postfix/man/man1/postmap.1 @@ -57,10 +57,6 @@ to lowercase to make mapping lookups case insensitive. .nf .ad .fi -.IP \fB-N\fR -Include the terminating null character that terminates lookup keys -and values. By default, Postfix does whatever is the default for -the host operating system. .IP "\fB-c \fIconfig_dir\fR" Read the \fBmain.cf\fR configuration file in the named directory instead of the default configuration directory. @@ -78,6 +74,10 @@ a map. Incremental mode. Read entries from standard input and do not truncate an existing database. By default, \fBpostmap\fR creates a new database from the entries in \fBfile_name\fR. +.IP \fB-N\fR +Include the terminating null character that terminates lookup keys +and values. By default, Postfix does whatever is the default for +the host operating system. .IP \fB-n\fR Don't include the terminating null character that terminates lookup keys and values. By default, Postfix does whatever is the default for diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index e7b0a21df..2a174c219 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -124,6 +124,19 @@ the numerical code and text. Reject the address etc. that matches the pattern. Reply with \fI$reject_code optional text...\fR when the optional text is specified, otherwise reply with a generic error response message. +.IP \fBDEFER_IF_REJECT\fR +.IP "\fBDEFER_IF_REJECT \fIoptional text...\fR +Defer the request if some later restriction would result in a +REJECT action. Reply with "\fB450\fI optional text...\fR when the +optional text is specified, otherwise reply with a generic error +response message. +.IP \fBDEFER_IF_PERMIT\fR +.IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR +Defer the request if some later restriction would result in a +PERMIT action (there is an implied PERMIT at the end of each +restriction list). Reply with "\fB450\fI optional text...\fR when the +optional text is specified, otherwise reply with a generic error +response message. .IP \fBOK\fR Accept the address etc. that matches the pattern. .IP \fIall-numerical\fR diff --git a/postfix/man/man8/virtual.8 b/postfix/man/man8/virtual.8 index 04708e798..38bb618fb 100644 --- a/postfix/man/man8/virtual.8 +++ b/postfix/man/man8/virtual.8 @@ -73,8 +73,8 @@ prepends an \fBX-Original-To:\fR header with the recipient address as given to Postfix, and prepends a \fBReturn-Path:\fR message header with the envelope sender address. -By definition, \fBmaildir\fR format does not require file locking -during mail delivery or retrieval. +By definition, \fBmaildir\fR format does not require application-level +file locking during mail delivery or retrieval. .SH MAILBOX OWNERSHIP .na .nf diff --git a/postfix/proto/access b/postfix/proto/access index 81f7e8a7b..c330b9375 100644 --- a/postfix/proto/access +++ b/postfix/proto/access @@ -108,6 +108,19 @@ # Reject the address etc. that matches the pattern. Reply with # \fI$reject_code optional text...\fR when the optional text is # specified, otherwise reply with a generic error response message. +# .IP \fBDEFER_IF_REJECT\fR +# .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR +# Defer the request if some later restriction would result in a +# REJECT action. Reply with "\fB450\fI optional text...\fR when the +# optional text is specified, otherwise reply with a generic error +# response message. +# .IP \fBDEFER_IF_PERMIT\fR +# .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR +# Defer the request if some later restriction would result in a +# PERMIT action (there is an implied PERMIT at the end of each +# restriction list). Reply with "\fB450\fI optional text...\fR when the +# optional text is specified, otherwise reply with a generic error +# response message. # .IP \fBOK\fR # Accept the address etc. that matches the pattern. # .IP \fIall-numerical\fR diff --git a/postfix/src/global/Makefile.in b/postfix/src/global/Makefile.in index c69bc804c..4c3761634 100644 --- a/postfix/src/global/Makefile.in +++ b/postfix/src/global/Makefile.in @@ -331,6 +331,7 @@ rewrite_clnt_test: rewrite_clnt rewrite_clnt.in rewrite_clnt.ref # Requires: Postfix, root, relayhost=$mydomain, no transport map resolve_clnt_test: resolve_clnt resolve_clnt.in resolve_clnt.ref + echo 'This test requires relayhost=$mydomain and no transport map' sed -e "s/MYDOMAIN/`postconf -h mydomain`/g" \ -e "s/MYHOSTNAME/`postconf -h myhostname`/g" \ resolve_clnt.in | ./resolve_clnt >resolve_clnt.tmp diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 302e6f98f..f72a39535 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "20030717" +#define MAIL_RELEASE_DATE "20030728" #define VAR_MAIL_VERSION "mail_version" #define DEF_MAIL_VERSION "2.0.14-" MAIL_RELEASE_DATE diff --git a/postfix/src/postalias/postalias.c b/postfix/src/postalias/postalias.c index 82364b8ad..f7f95666a 100644 --- a/postfix/src/postalias/postalias.c +++ b/postfix/src/postalias/postalias.c @@ -26,10 +26,6 @@ /* \fBaliases\fR(5). /* /* Options: -/* .IP \fB-N\fR -/* Include the terminating null character that terminates lookup keys -/* and values. By default, Postfix does whatever is the default for -/* the host operating system. /* .IP "\fB-c \fIconfig_dir\fR" /* Read the \fBmain.cf\fR configuration file in the named directory /* instead of the default configuration directory. @@ -47,6 +43,10 @@ /* Incremental mode. Read entries from standard input and do not /* truncate an existing database. By default, \fBpostalias\fR creates /* a new database from the entries in \fIfile_name\fR. +/* .IP \fB-N\fR +/* Include the terminating null character that terminates lookup keys +/* and values. By default, Postfix does whatever is the default for +/* the host operating system. /* .IP \fB-n\fR /* Don't include the terminating null character that terminates lookup /* keys and values. By default, Postfix does whatever is the default for diff --git a/postfix/src/postmap/postmap.c b/postfix/src/postmap/postmap.c index 2c425e5c4..98341f4f2 100644 --- a/postfix/src/postmap/postmap.c +++ b/postfix/src/postmap/postmap.c @@ -47,10 +47,6 @@ /* COMMAND-LINE ARGUMENTS /* .ad /* .fi -/* .IP \fB-N\fR -/* Include the terminating null character that terminates lookup keys -/* and values. By default, Postfix does whatever is the default for -/* the host operating system. /* .IP "\fB-c \fIconfig_dir\fR" /* Read the \fBmain.cf\fR configuration file in the named directory /* instead of the default configuration directory. @@ -68,6 +64,10 @@ /* Incremental mode. Read entries from standard input and do not /* truncate an existing database. By default, \fBpostmap\fR creates /* a new database from the entries in \fBfile_name\fR. +/* .IP \fB-N\fR +/* Include the terminating null character that terminates lookup keys +/* and values. By default, Postfix does whatever is the default for +/* the host operating system. /* .IP \fB-n\fR /* Don't include the terminating null character that terminates lookup /* keys and values. By default, Postfix does whatever is the default for diff --git a/postfix/src/smtp/smtp_chat.c b/postfix/src/smtp/smtp_chat.c index 1eafdd73f..e3d036765 100644 --- a/postfix/src/smtp/smtp_chat.c +++ b/postfix/src/smtp/smtp_chat.c @@ -193,7 +193,7 @@ SMTP_RESP *smtp_chat_resp(SMTP_STATE *state) msg_warn("%s: response longer than %d: %.30s...", session->namaddr, var_line_limit, STR(state->buffer)); if (msg_verbose) - msg_info("< %s: %s", session->namaddr, STR(state->buffer)); + msg_info("< %s: %.100s", session->namaddr, STR(state->buffer)); /* * Defend against a denial of service attack by limiting the amount diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 5857d5865..b2e8a3dcf 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -1901,6 +1901,30 @@ static int check_table_result(SMTPD_STATE *state, const char *table, } } + /* + * DEFER_IF_PERMIT means NO, eventually. Use optional text or generate a + * generic error response. + */ + if (STREQUAL(value, DEFER_IF_PERMIT, cmd_len)) { + DEFER_IF_PERMIT3(state, MAIL_ERROR_POLICY, + "450 <%s>: %s rejected: %s", + reply_name, reply_class, + *cmd_text ? cmd_text : "Service unavailable"); + return (SMTPD_CHECK_DUNNO); + } + + /* + * DEFER_IF_REJECT means NO, eventually. Use optional text or generate a + * generic error response. + */ + if (STREQUAL(value, DEFER_IF_REJECT, cmd_len)) { + DEFER_IF_REJECT3(state, MAIL_ERROR_POLICY, + "450 <%s>: %s rejected: %s", + reply_name, reply_class, + *cmd_text ? cmd_text : "Service unavailable"); + return (SMTPD_CHECK_DUNNO); + } + /* * All-numeric result probably means OK - some out-of-band authentication * mechanism uses this as time stamp. diff --git a/postfix/src/smtpd/smtpd_proxy.c b/postfix/src/smtpd/smtpd_proxy.c index 6ba94a55c..0d00537d0 100644 --- a/postfix/src/smtpd/smtpd_proxy.c +++ b/postfix/src/smtpd/smtpd_proxy.c @@ -347,7 +347,7 @@ int smtpd_proxy_cmd(SMTPD_STATE *state, int expect, const char *fmt,...) VSTREAM_PATH(state->proxy), var_line_limit, STR(state->proxy_buffer)); if (msg_verbose) - msg_info("< %s: %s", VSTREAM_PATH(state->proxy), + msg_info("< %s: %.100s", VSTREAM_PATH(state->proxy), STR(state->proxy_buffer)); /* diff --git a/postfix/src/trivial-rewrite/resolve.c b/postfix/src/trivial-rewrite/resolve.c index 8fa0ac8f2..8e6f88b0a 100644 --- a/postfix/src/trivial-rewrite/resolve.c +++ b/postfix/src/trivial-rewrite/resolve.c @@ -260,6 +260,7 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr, if (saved_domain) tok822_free_tree(saved_domain); saved_domain = domain; + domain = 0; /* safety for future change */ } /* diff --git a/postfix/src/util/dict_mysql.c b/postfix/src/util/dict_mysql.c index baecfb85b..65eab343e 100644 --- a/postfix/src/util/dict_mysql.c +++ b/postfix/src/util/dict_mysql.c @@ -7,10 +7,10 @@ /* #include /* #include /* -/* DICT *dict_mysql_open(name, dummy, unused_dict_flags) +/* DICT *dict_mysql_open(name, open_flags, dict_flags) /* const char *name; -/* int dummy; -/* int unused_dict_flags; +/* int open_flags; +/* int dict_flags; /* DESCRIPTION /* dict_mysql_open() creates a dictionary of type 'mysql'. This /* dictionary is an interface for the postfix key->value mappings @@ -46,8 +46,10 @@ /* /* .IP other_name /* reference for outside use. -/* .IP unusued_flags -/* unused flags +/* .IP open_flags +/* Must be O_RDONLY. +/* .IP dict_flags +/* See dict_open(3). /* SEE ALSO /* dict(3) generic dictionary manager /* AUTHOR(S) @@ -358,11 +360,18 @@ static void plmysql_down_host(HOST *host) * parse the map's config file * allocate memory **********************************************************************/ -DICT *dict_mysql_open(const char *name, int unused_open_flags, int dict_flags) +DICT *dict_mysql_open(const char *name, int open_flags, int dict_flags) { DICT_MYSQL *dict_mysql; int connections; + /* + * Sanity checks. + */ + if (open_flags != O_RDONLY) + msg_fatal("%s:%s map requires O_RDONLY access mode", + DICT_TYPE_MYSQL, name); + dict_mysql = (DICT_MYSQL *) dict_alloc(DICT_TYPE_MYSQL, name, sizeof(DICT_MYSQL)); dict_mysql->dict.lookup = dict_mysql_lookup; diff --git a/postfix/src/util/dict_pgsql.c b/postfix/src/util/dict_pgsql.c index 97289c045..35117b690 100644 --- a/postfix/src/util/dict_pgsql.c +++ b/postfix/src/util/dict_pgsql.c @@ -6,10 +6,10 @@ /* SYNOPSIS /* #include /* -/* DICT *dict_pgsql_open(name, unused_open_flags, unused_dict_flags) +/* DICT *dict_pgsql_open(name, open_flags, dict_flags) /* const char *name; -/* int unused_open_flags; -/* int unused_dict_flags; +/* int open_flags; +/* int dict_flags; /* DESCRIPTION /* dict_pgsql_open() creates a dictionary of type 'pgsql'. This /* dictionary is an interface for the postfix key->value mappings @@ -48,8 +48,10 @@ /* /* .IP other_name /* reference for outside use. -/* .IP unusued_flags -/* unused flags +/* .IP open_flags +/* Must be O_RDONLY. +/* .IP dict_flags +/* See dict_open(3). /* SEE ALSO /* dict(3) generic dictionary manager /* AUTHOR(S) @@ -489,16 +491,25 @@ static void plpgsql_down_host(HOST *host) * parse the map's config file * allocate memory **********************************************************************/ -DICT *dict_pgsql_open(const char *name, int unused_flags, int unused_dict_flags) +DICT *dict_pgsql_open(const char *name, int open_flags, int dict_flags) { DICT_PGSQL *dict_pgsql; - dict_pgsql = (DICT_PGSQL *) mymalloc(sizeof(DICT_PGSQL)); + /* + * Sanity checks. + */ + if (open_flags != O_RDONLY) + msg_fatal("%s:%s map requires O_RDONLY access mode", + DICT_TYPE_PGSQL, name); + + dict_pgsql = (DICT_PGSQL *) dict_alloc(DICT_TYPE_PGSQL, name, + sizeof(DICT_PGSQL)); dict_pgsql->dict.lookup = dict_pgsql_lookup; dict_pgsql->dict.close = dict_pgsql_close; dict_pgsql->name = pgsqlname_parse(name); dict_pgsql->pldb = plpgsql_init(dict_pgsql->name->hostnames, dict_pgsql->name->len_hosts); + dict_pgsql->dict.flags = dict_flags | DICT_FLAG_FIXED; if (dict_pgsql->pldb == NULL) msg_fatal("couldn't intialize pldb!\n"); dict_register(name, (DICT *) dict_pgsql); @@ -701,6 +712,7 @@ static void dict_pgsql_close(DICT *dict) } myfree((char *) dict_pgsql->name->hostnames); myfree((char *) dict_pgsql->name); + dict_free(dict); } /* plpgsql_dealloc - free memory associated with PLPGSQL close databases */ diff --git a/postfix/src/virtual/virtual.c b/postfix/src/virtual/virtual.c index 3a22ecd20..ab3e6a5c6 100644 --- a/postfix/src/virtual/virtual.c +++ b/postfix/src/virtual/virtual.c @@ -61,8 +61,8 @@ /* given to Postfix, and prepends a /* \fBReturn-Path:\fR message header with the envelope sender address. /* -/* By definition, \fBmaildir\fR format does not require file locking -/* during mail delivery or retrieval. +/* By definition, \fBmaildir\fR format does not require application-level +/* file locking during mail delivery or retrieval. /* MAILBOX OWNERSHIP /* .ad /* .fi