mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 13:48:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.0.14-20030728

Browse Source
This commit is contained in:
Wietse Venema
2003-07-28 00:00:00 -05:00
committed by Viktor Dukhovni
parent 9212761d9f
commit 880c54775b
26 changed files with 365 additions and 537 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
postfix/HISTORY
View File

@@ -8405,6 +8405,20 @@ Apologies for any names omitted.
Documentation: corrected the command time limit parameter
syntax in the spawn(8) manual page.
Feature: defer_if_permit and defer_if_reject actions in
access tables, mainly for use by the delegated policy
server. Files: smtpd/smtpd_check.c, proto/access.
20030725
The dict_pgsql module did not use dict_alloc() and dict_free(),
causing improper initialization and a memory leak. Leandro
Santi. File: util/dict_pgsql.c.
Cleanup: added open_flags sanity checks to the dict_pgsql
and dict_mysql modules. These maps must be opened in
read-only mode.
Open problems:
Low: smtp-source may block when sending large test messages.

8
postfix/README_FILES/SMTPD_POLICY_README
View File

@@ -267,12 +267,14 @@ sub smtpd_access_policy {
update_database($key, $time_stamp);
}
# Specify DUNNO instead of OK so that the check_policy_service restriction
# can be used in the middle of a restriction list.
# In case of success, return DUNNO instead of OK so that the
# check_policy_service restriction can be followed by other restrictions.
# In case of failure, specify DEFER_IF_PERMIT so that mail can
# still be blocked by other access restrictions.
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
return "dunno";
} else {
return "450 Service is unavailable";
return "defer_if_permit Service is unavailable";
}
}

249
postfix/conf/access
View File

@@ -1,249 +0,0 @@
# ACCESS(5) ACCESS(5)
#
# NAME
# access - format of Postfix access table
#
# SYNOPSIS
# postmap /etc/postfix/access
#
# postmap -q "string" /etc/postfix/access
#
# postmap -q - /etc/postfix/access <inputfile
#
# DESCRIPTION
# The optional access table directs the Postfix SMTP server
# to selectively reject or accept mail. Access can be
# allowed or denied for specific host names, domain names,
# networks, host network addresses or mail addresses.
#
# Normally, the access table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# postmap /etc/postfix/access in order to rebuild the
# indexed file after changing the access table.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# that case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# and "TCP-BASED TABLES".
#
# TABLE FORMAT
# The format of the access table is as follows:
#
# pattern action
# When pattern matches a mail address, domain or host
# address, perform the corresponding action.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# EMAIL ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# user@domain
# Matches the specified mail address.
#
# domain.tld
# Matches domain.tld as the domain part of an email
# address.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# mains.
#
# user@ Matches all mail addresses with the specified user
# part.
#
# Note: lookup of the null sender address is not possible
# with some types of lookup table. By default, Postfix uses
# <> as the lookup key for such addresses. The value is
# specified with the smtpd_null_access_lookup_key parameter
# in the Postfix main.cf file.
#
# EMAIL ADDRESS EXTENSION
# When a mail address localpart contains the optional recip-
# ient delimiter (e.g., user+foo@domain), the lookup order
# becomes: user+foo@domain, user@domain, domain, user+foo@,
# and user@.
#
# HOST NAME/ADDRESS PATTERNS
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, the following
# lookup patterns are examined in the order as listed:
#
# domain.tld
# Matches domain.tld.
#
# The pattern domain.tld also matches subdomains, but
# only when the string smtpd_access_maps is listed in
# the Postfix parent_domain_matches_subdomains con-
# figuration setting. Otherwise, specify .domain.tld
# (note the initial dot) in order to match subdo-
# mains.
#
# net.work.addr.ess
#
# net.work.addr
#
# net.work
#
# net Matches any host address in the specified network.
# A network address is a sequence of one or more
# octets separated by ".".
#
# NOTE: use the cidr lookup table type to specify
# network/netmask patterns. See cidr_table(5) for
# details.
#
# ACTIONS
# [45]NN text
# Reject the address etc. that matches the pattern,
# and respond with the numerical code and text.
#
# REJECT
#
# REJECT optional text...
# Reject the address etc. that matches the pattern.
# Reply with $reject_code optional text... when the
# optional text is specified, otherwise reply with a
# generic error response message.
#
# OK Accept the address etc. that matches the pattern.
#
# all-numerical
# An all-numerical result is treated as OK. This for-
# mat is generated by address-based relay authoriza-
# tion schemes.
#
# DUNNO Pretend that the lookup key was not found in this
# table. This prevents Postfix from trying substrings
# of the lookup key (such as a subdomain name, or a
# network address subnetwork).
#
# HOLD
#
# HOLD optional text...
# Place the message on the hold queue, where it will
# sit until someone either deletes it or releases it
# for delivery. Log the optional text if specified,
# otherwise log a generic message.
#
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
# Note: this action currently affects all recipients
# of the message.
#
# DISCARD
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
# Note: this action currently affects all recipients
# of the message.
#
# FILTER transport:destination
# After the message is queued, send the entire mes-
# sage through a content filter. More information
# about content filters is in the Postfix FIL-
# TER_README file.
#
# Note: this action overrides the main.cf con-
# tent_filter setting, and currently affects all
# recipients of the message.
#
# REDIRECT user@domain
# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
#
# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
#
# restriction...
# Apply the named UCE restriction(s) (permit, reject,
# reject_unauth_destination, and so on).
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
# cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
# user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
# Actions are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
# tcp_table(5).
#
# Each lookup operation uses the entire query string once.
# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
# mail address. Thus, no parent domain or parent network
# search is done, user@domain mail addresses are not broken
# up into their user@ and domain constituent parts, nor is
# user+foo broken up into user and foo.
#
# Actions are the same as with indexed file lookups.
#
# BUGS
# The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1) create lookup table
# smtpd(8) smtp server
# cidr_table(5) format of CIDR tables
# pcre_table(5) format of PCRE tables
# regexp_table(5) format of POSIX regular expression tables
# tcp_table(5) TCP client/server table lookup protocol
#
# LICENSE
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# Wietse Venema
# IBM T.J. Watson Research
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# ACCESS(5)

36
postfix/conf/sample-smtpd.cf
View File

@@ -312,14 +312,7 @@ mynetworks_style = subnet
# check_client_access maptype:mapname
# look up client name, parent domains, client address,
# or networks obtained by stripping octets.
# Skip this lookup table if the result is DUNNO.
# Reject the SMTP client if the result is REJECT text... or "[45]xx text"
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
# Filter the message if the result is FILTER transport:nexthop.
# Redirect the message if the result is REDIRECT user@domain.
# Permit the SMTP client if the result is OK or all numerical.
# see access(5) for possible lookup results.
# reject_rbl_client domain.tld: reject if the reversed client IP address
# is listed in an A record under domain.tld.
# Append e.g., "=127.0.0.2" to the RBL domain name to select a specific
@@ -366,14 +359,7 @@ smtpd_helo_required = no
# reject_non_fqdn_hostname: reject HELO hostname that is not in FQDN form
# check_helo_access maptype:mapname
# look up HELO hostname or parent domains.
# Skip this lookup table if the result is DUNNO.
# Reject the HELO command if the result is REJECT text... or "[45]xx text"
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
# Filter the message if the result is FILTER transport:nexthop.
# Redirect the message if the result is REDIRECT user@domain.
# Permit the HELO command if the result is OK or all numerical.
# see access(5) for possible lookup results.
# check_policy_service transport:endpoint: delegate the decision to
# an external policy server. See SMTPD_POLICY_README for details.
# reject: reject the request. Place this at the end of a restriction.
@@ -407,14 +393,7 @@ smtpd_helo_restrictions =
# in an A record under domain.tld.
# check_sender_access maptype:mapname
# look up sender address, parent domain, or localpart@.
# Skip this lookup table if the result is DUNNO.
# Reject the sender if the result is REJECT text... or "[45]xx text"
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
# Filter the message if the result is FILTER transport:nexthop.
# Redirect the message if the result is REDIRECT user@domain.
# Permit the sender if the result is OK or all numerical.
# see access(5) for possible lookup results.
# reject_sender_login_mismatch: reject if $smtpd_sender_login_maps specifies
# a MAIL FROM address owner, but the client is not (SASL) logged in as
# that MAIL FROM address owner; or if the client is (SASL) logged in, but
@@ -485,14 +464,7 @@ smtpd_sender_restrictions =
# reject_unknown_recipient_domain: reject domains without A or MX record.
# check_recipient_access maptype:mapname
# look up recipient address, parent domain, or localpart@.
# Skip this lookup table if the result is DUNNO.
# Reject the recipient if the result is REJECT text... or "[45]xx text"
# Discard the message if the result is DISCARD text...
# Hold the message in the queue if the result is HOLD text...
# Release mail "on hold" with the postsuper(1) command.
# Filter the message if the result is FILTER transport:nexthop.
# Redirect the message if the result is REDIRECT user@domain.
# Permit the recipient if the result is OK or all numerical.
# see access(5) for possible lookup results.
# reject_non_fqdn_recipient: reject recipient address that is not in FQDN form
# check_policy_service transport:endpoint: delegate the decision to
# an external policy server. See SMTPD_POLICY_README for details.

14
postfix/examples/smtpd-policy/smtpd-policy.pl
View File

@@ -26,8 +26,10 @@ use Sys::Syslog qw(:DEFAULT setlogsock);
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
#
# smtpd_recipient_restrictions =
# ... reject_unauth_destination
# check_policy_service unix:private/policy ...
# ...
# reject_unauth_destination
# check_policy_service unix:private/policy
# ...
#
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
@@ -98,13 +100,15 @@ sub smtpd_access_policy {
update_database($key, $time_stamp);
}
# Specify DUNNO instead of OK so that the check_policy_service restriction
# can be followed by other restrictions.
# In case of success, return DUNNO instead of OK so that the
# check_policy_service restriction can be followed by other restrictions.
# In case of failure, specify DEFER_IF_PERMIT so that mail can
# still be blocked by other access restrictions.
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
return "dunno";
} else {
return "450 Service is unavailable";
return "defer_if_permit Service is unavailable";
}
}

38
postfix/html/access.5.html
View File

@@ -65,8 +65,8 @@ ACCESS(5) ACCESS(5)
address.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
only when the string <b>smtpd_access_maps</b> is listed in
the Postfix <b>parent_domain_matches_subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
(note the initial dot) in order to match subdo-
mains.
@@ -77,7 +77,7 @@ ACCESS(5) ACCESS(5)
Note: lookup of the null sender address is not possible
with some types of lookup table. By default, Postfix uses
&lt;&gt; as the lookup key for such addresses. The value is
specified with the <b>smtpd</b><i>_</i><b>null</b><i>_</i><b>access</b><i>_</i><b>lookup</b><i>_</i><b>key</b> parameter
specified with the <b>smtpd_null_access_lookup_key</b> parameter
in the Postfix <b>main.cf</b> file.
<b>EMAIL ADDRESS EXTENSION</b>
@@ -95,8 +95,8 @@ ACCESS(5) ACCESS(5)
Matches <i>domain.tld</i>.
The pattern <i>domain.tld</i> also matches subdomains, but
only when the string <b>smtpd</b><i>_</i><b>access</b><i>_</i><b>maps</b> is listed in
the Postfix <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> con-
only when the string <b>smtpd_access_maps</b> is listed in
the Postfix <b>parent_domain_matches_subdomains</b> con-
figuration setting. Otherwise, specify <i>.domain.tld</i>
(note the initial dot) in order to match subdo-
mains.
@@ -124,10 +124,28 @@ ACCESS(5) ACCESS(5)
<b>REJECT</b> <i>optional text...</i>
Reject the address etc. that matches the pattern.
Reply with <i>$reject_code optional text...</i> when the
Reply with <i>$reject</i><b>_</b><i>code optional text...</i> when the
optional text is specified, otherwise reply with a
generic error response message.
<b>DEFER_IF_REJECT</b>
<b>DEFER_IF_REJECT</b> <i>optional text...</i>
Defer the request if some later restriction would
result in a REJECT action. Reply with "<b>450</b> <i>optional</i>
<i>text...</i> when the optional text is specified, other-
wise reply with a generic error response message.
<b>DEFER_IF_PERMIT</b>
<b>DEFER_IF_PERMIT</b> <i>optional text...</i>
Defer the request if some later restriction would
result in a PERMIT action (there is an implied PER-
MIT at the end of each restriction list). Reply
with "<b>450</b> <i>optional text...</i> when the optional text
is specified, otherwise reply with a generic error
response message.
<b>OK</b> Accept the address etc. that matches the pattern.
<i>all-numerical</i>
@@ -172,7 +190,7 @@ ACCESS(5) ACCESS(5)
TER_README file.
Note: this action overrides the <b>main.cf con-</b>
<b>tent</b><i>_</i><b>filter</b> setting, and currently affects all
<b>tent_filter</b> setting, and currently affects all
recipients of the message.
<b>REDIRECT</b> <i>user@domain</i>
@@ -185,13 +203,13 @@ ACCESS(5) ACCESS(5)
<i>restriction...</i>
Apply the named UCE restriction(s) (<b>permit</b>, <b>reject</b>,
<b>reject</b><i>_</i><b>unauth</b><i>_</i><b>destination</b>, and so on).
<b>reject_unauth_destination</b>, and so on).
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
@@ -214,7 +232,7 @@ ACCESS(5) ACCESS(5)
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see
<b>tcp</b><i>_</i><b>table</b>(5).
<a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
Each lookup operation uses the entire query string once.
Depending on the application, that string is an entire

64
postfix/html/postalias.1.html
View File

@@ -5,8 +5,8 @@ POSTALIAS(1) POSTALIAS(1)
postalias - Postfix alias database maintenance
<b>SYNOPSIS</b>
<b>postalias</b> [<b>-Nfinoprvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file_type</i>:]<i>file_name</i> ...
<b>postalias</b> [<b>-Nfinoprvw</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file</i><b>_</b><i>type</i>:]<i>file</i><b>_</b><i>name</i> ...
<b>DESCRIPTION</b>
The <b>postalias</b> command creates or queries one or more Post-
@@ -29,32 +29,32 @@ POSTALIAS(1) POSTALIAS(1)
Options:
<b>-N</b> Include the terminating null character that termi-
nates lookup keys and values. By default, Postfix
does whatever is the default for the host operating
system.
<b>-c</b> <i>config_dir</i>
Read the <b>main.cf</b> configuration file in the named
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
Read the <b>main.cf</b> configuration file in the named
directory instead of the default configuration
directory.
<b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
entry per map. The exit status is zero when the
<b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
entry per map. The exit status is zero when the
requested information was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream. The exit
status is zero when at least one of the requested
status is zero when at least one of the requested
keys was found.
<b>-f</b> Do not fold the lookup key to lower case while cre-
ating or querying a map.
<b>-i</b> Incremental mode. Read entries from standard input
<b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
default, <b>postalias</b> creates a new database from the
entries in <i>file_name</i>.
default, <b>postalias</b> creates a new database from the
entries in <i>file</i><b>_</b><i>name</i>.
<b>-N</b> Include the terminating null character that termi-
nates lookup keys and values. By default, Postfix
does whatever is the default for the host operating
system.
<b>-n</b> Don't include the terminating null character that
terminates lookup keys and values. By default,
@@ -78,7 +78,7 @@ POSTALIAS(1) POSTALIAS(1)
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream and
prints one line of <i>key:</i> <i>value</i> output for each key
prints one line of <i>key: value</i> output for each key
that was found. The exit status is zero when at
least one of the requested keys was found.
@@ -94,32 +94,32 @@ POSTALIAS(1) POSTALIAS(1)
Arguments:
<i>file_type</i>
<i>file</i><b>_</b><i>type</i>
The type of database to be produced.
<b>btree</b> The output is a btree file, named
<i>file_name</i><b>.db</b>. This is available only on
<i>file</i><b>_</b><i>name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
<b>dbm</b> The output consists of two files, named
<i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
<i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
available only on systems with support for
<b>dbm</b> databases.
<b>hash</b> The output is a hashed file, named
<i>file_name</i><b>.db</b>. This is available only on
<i>file</i><b>_</b><i>name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
Use the command <b>postconf</b> <b>-m</b> to find out what types
Use the command <b>postconf -m</b> to find out what types
of database your Postfix installation can support.
When no <i>file_type</i> is specified, the software uses
When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
the database type specified via the
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b> configuration parameter. The
<b>default_database_type</b> configuration parameter. The
default value for this parameter depends on the
host environment.
<i>file_name</i>
<i>file</i><b>_</b><i>name</i>
The name of the alias database source file when
creating a database.
@@ -129,37 +129,37 @@ POSTALIAS(1) POSTALIAS(1)
skipped and are flagged with a warning.
<b>postalias</b> terminates with zero exit status in case of suc-
cess (including successful <b>postalias</b> <b>-q</b> lookup) and termi-
cess (including successful <b>postalias -q</b> lookup) and termi-
nates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
<b>MAIL</b><i>_</i><b>CONFIG</b>
<b>MAIL_CONFIG</b>
Directory with Postfix configuration files.
<b>MAIL</b><i>_</i><b>VERBOSE</b>
<b>MAIL_VERBOSE</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values.
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b>
<b>default_database_type</b>
Default database type. On many UNIX systems, the
default type is either <b>dbm</b> or <b>hash</b>.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>create</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
<b>berkeley_db_create_buffer_size</b>
Amount of buffer memory to be used when creating a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>read</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
<b>berkeley_db_read_buffer_size</b>
Amount of buffer memory to be used when reading a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.
<b>STANDARDS</b>
<a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> (ARPA Internet Text Messages)
<b>SEE</b> <b>ALSO</b>
<b>SEE ALSO</b>
<a href="aliases.5.html">aliases(5)</a> format of alias database input file.
local(5) Postfix local delivery agent.
<a href="sendmail.1.html">sendmail(1)</a> mail posting and compatibility interface.

68
postfix/html/postmap.1.html
View File

@@ -5,15 +5,15 @@ POSTMAP(1) POSTMAP(1)
postmap - Postfix lookup table management
<b>SYNOPSIS</b>
<b>postmap</b> [<b>-Nfinoprvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file_type</i>:]<i>file_name</i> ...
<b>postmap</b> [<b>-Nfinoprvw</b>] [<b>-c</b> <i>config</i><b>_</b><i>dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file</i><b>_</b><i>type</i>:]<i>file</i><b>_</b><i>name</i> ...
<b>DESCRIPTION</b>
The <b>postmap</b> command creates or queries one or more Postfix
lookup tables, or updates an existing one. The input and
output file formats are expected to be compatible with:
<b>makemap</b> <i>file_type</i> <i>file_name</i> &lt; <i>file_name</i>
<b>makemap</b> <i>file</i><b>_</b><i>type file</i><b>_</b><i>name</i> &lt; <i>file</i><b>_</b><i>name</i>
If the result files do not exist they will be created with
the same group and other read permissions as the source
@@ -24,7 +24,7 @@ POSTMAP(1) POSTMAP(1)
the entire table, in order to avoid surprises in spectator
programs.
<b>INPUT</b> <b>FILE</b> <b>FORMAT</b>
<b>INPUT FILE FORMAT</b>
The format of a lookup table input file is as follows:
<b>o</b> A table entry has the form
@@ -46,33 +46,33 @@ POSTMAP(1) POSTMAP(1)
whitespace. The <i>key</i> is mapped to lowercase to make mapping
lookups case insensitive.
<b>COMMAND-LINE</b> <b>ARGUMENTS</b>
<b>-N</b> Include the terminating null character that termi-
nates lookup keys and values. By default, Postfix
does whatever is the default for the host operating
system.
<b>-c</b> <i>config_dir</i>
Read the <b>main.cf</b> configuration file in the named
<b>COMMAND-LINE ARGUMENTS</b>
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
Read the <b>main.cf</b> configuration file in the named
directory instead of the default configuration
directory.
<b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
entry per map. The exit status is zero when the
<b>-d</b> <i>key</i> Search the specified maps for <i>key</i> and remove one
entry per map. The exit status is zero when the
requested information was found.
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream. The exit
status is zero when at least one of the requested
status is zero when at least one of the requested
keys was found.
<b>-f</b> Do not fold the lookup key to lower case while cre-
ating or querying a map.
<b>-i</b> Incremental mode. Read entries from standard input
<b>-i</b> Incremental mode. Read entries from standard input
and do not truncate an existing database. By
default, <b>postmap</b> creates a new database from the
entries in <b>file</b><i>_</i><b>name</b>.
default, <b>postmap</b> creates a new database from the
entries in <b>file_name</b>.
<b>-N</b> Include the terminating null character that termi-
nates lookup keys and values. By default, Postfix
does whatever is the default for the host operating
system.
<b>-n</b> Don't include the terminating null character that
terminates lookup keys and values. By default,
@@ -96,7 +96,7 @@ POSTMAP(1) POSTMAP(1)
If a key value of <b>-</b> is specified, the program reads
key values from the standard input stream and
prints one line of <i>key</i> <i>value</i> output for each key
prints one line of <i>key value</i> output for each key
that was found. The exit status is zero when at
least one of the requested keys was found.
@@ -112,30 +112,30 @@ POSTMAP(1) POSTMAP(1)
Arguments:
<i>file_type</i>
<i>file</i><b>_</b><i>type</i>
The type of database to be produced.
<b>btree</b> The output file is a btree file, named
<i>file_name</i><b>.db</b>. This is available only on
<i>file</i><b>_</b><i>name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
<b>dbm</b> The output consists of two files, named
<i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
<i>file</i><b>_</b><i>name</i><b>.pag</b> and <i>file</i><b>_</b><i>name</i><b>.dir</b>. This is
available only on systems with support for
<b>dbm</b> databases.
<b>hash</b> The output file is a hashed file, named
<i>file_name</i><b>.db</b>. This is available only on
<i>file</i><b>_</b><i>name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
Use the command <b>postconf</b> <b>-m</b> to find out what types
Use the command <b>postconf -m</b> to find out what types
of database your Postfix installation can support.
When no <i>file_type</i> is specified, the software uses
When no <i>file</i><b>_</b><i>type</i> is specified, the software uses
the database type specified via the
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b> configuration parameter.
<b>default_database_type</b> configuration parameter.
<i>file_name</i>
<i>file</i><b>_</b><i>name</i>
The name of the lookup table source file when
rebuilding a database.
@@ -145,27 +145,27 @@ POSTMAP(1) POSTMAP(1)
skipped and are flagged with a warning.
<b>postmap</b> terminates with zero exit status in case of suc-
cess (including successful <b>postmap</b> <b>-q</b> lookup) and termi-
cess (including successful <b>postmap -q</b> lookup) and termi-
nates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
<b>MAIL</b><i>_</i><b>CONFIG</b>
<b>MAIL_CONFIG</b>
Directory with Postfix configuration files.
<b>MAIL</b><i>_</i><b>VERBOSE</b>
<b>MAIL_VERBOSE</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
<b>default</b><i>_</i><b>database</b><i>_</i><b>type</b>
<b>CONFIGURATION PARAMETERS</b>
<b>default_database_type</b>
Default output database type. On many UNIX sys-
tems, the default database type is either <b>hash</b> or
<b>dbm</b>.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>create</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
<b>berkeley_db_create_buffer_size</b>
Amount of buffer memory to be used when creating a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.
<b>berkeley</b><i>_</i><b>db</b><i>_</i><b>read</b><i>_</i><b>buffer</b><i>_</i><b>size</b>
<b>berkeley_db_read_buffer_size</b>
Amount of buffer memory to be used when reading a
Berkeley DB <b>hash</b> or <b>btree</b> lookup table.

8
postfix/html/uce.html
View File

@@ -1127,13 +1127,7 @@ hash:/etc/postfix/etrn_access, reject</b>
<dt> <i>maptype</i>:<i>mapname</i> <dd> Search the named <a
href="access.5.html">access database</a> for the domain specified
in the ETRN command, or its parent domains. Reject the request if
the result is <b>REJECT</b> <i>text...</i> or "[<b>45</b>]<i>XX
text</i>". Permit
the request if the result is <b>OK</b> or <b>RELAY</b> or
all-numerical. Otherwise, treat the result as another list of UCE
restrictions. The <b>access_map_reject_code </b> parameter specifies
the result code for rejected requests (default: <b>554</b>).
in the ETRN command, or its parent domains.
<p>

258
postfix/html/virtual.8.html
View File

@@ -20,26 +20,26 @@ VIRTUAL(8) VIRTUAL(8)
etc., must be configured via virtual_alias maps or via
similar lookup mechanisms.
<b>MAILBOX</b> <b>LOCATION</b>
The mailbox location is controlled by the <b>virtual</b><i>_</i><b>mail-</b>
<b>box</b><i>_</i><b>base</b> and <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> configuration parameters
(see below). The <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b> table is indexed by
<b>MAILBOX LOCATION</b>
The mailbox location is controlled by the <b>virtual_mail-</b>
<b>box_base</b> and <b>virtual_mailbox_maps</b> configuration parameters
(see below). The <b>virtual_mailbox_maps</b> table is indexed by
the recipient address as described under TABLE SEARCH
ORDER below.
The mailbox pathname is constructed as follows:
<b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base/$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps(</b><i>recipient</i><b>)</b>
<b>$virtual_mailbox_base/$virtual_mailbox_maps(</b><i>recipient</i><b>)</b>
where <i>recipient</i> is the full recipient address.
<b>UNIX</b> <b>MAILBOX</b> <b>FORMAT</b>
<b>UNIX MAILBOX FORMAT</b>
When the mailbox location does not end in <b>/</b>, the message
is delivered in UNIX mailbox format. This format stores
multiple messages in one textfile.
The <b>virtual</b> delivery agent prepends a "<b>From</b> <i>sender</i>
<i>time_stamp</i>" envelope header to each message, prepends a
<i>time</i><b>_</b><i>stamp</i>" envelope header to each message, prepends a
<b>Delivered-To:</b> message header with the envelope recipient
address, prepends an <b>X-Original-To:</b> header with the recip-
ient address as given to Postfix, prepends a <b>Return-Path:</b>
@@ -51,7 +51,7 @@ VIRTUAL(8) VIRTUAL(8)
is in progress. In case of problems, an attempt is made to
truncate the mailbox to its original length.
<b>QMAIL</b> <b>MAILDIR</b> <b>FORMAT</b>
<b>QMAIL MAILDIR FORMAT</b>
When the mailbox location ends in <b>/</b>, the message is deliv-
ered in qmail <b>maildir</b> format. This format stores one mes-
sage per file.
@@ -62,30 +62,30 @@ VIRTUAL(8) VIRTUAL(8)
address as given to Postfix, and prepends a <b>Return-Path:</b>
message header with the envelope sender address.
By definition, <b>maildir</b> format does not require file lock-
ing during mail delivery or retrieval.
By definition, <b>maildir</b> format does not require applica-
tion-level file locking during mail delivery or retrieval.
<b>MAILBOX</b> <b>OWNERSHIP</b>
Mailbox ownership is controlled by the <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
and <b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b> lookup tables, which are indexed with
the full recipient address. Each table provides a string
<b>MAILBOX OWNERSHIP</b>
Mailbox ownership is controlled by the <b>virtual_uid_maps</b>
and <b>virtual_gid_maps</b> lookup tables, which are indexed with
the full recipient address. Each table provides a string
with the numerical user and group ID, respectively.
The <b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b> parameter imposes a lower bound on
The <b>virtual_minimum_uid</b> parameter imposes a lower bound on
numerical user ID values that may be specified in any <b>vir-</b>
<b>tual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>.
<b>tual_uid_maps</b>.
<b>TABLE</b> <b>SEARCH</b> <b>ORDER</b>
Normally, a lookup table is specified as a text file that
serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The result, an
<b>TABLE SEARCH ORDER</b>
Normally, a lookup table is specified as a text file that
serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The result, an
indexed file in <b>dbm</b> or <b>db</b> format, is used for fast search-
ing by the mail system.
The canonical search order is as follows. The search stops
upon the first successful lookup.
<b>o</b> When the recipient has an optional address exten-
sion the <i>user+extension@domain.tld</i> address is
<b>o</b> When the recipient has an optional address exten-
sion the <i>user+extension@domain.tld</i> address is
looked up first.
<b>o</b> The <i>user@domain.tld</i> address, without address exten-
@@ -93,19 +93,19 @@ VIRTUAL(8) VIRTUAL(8)
<b>o</b> Finally, the recipient <i>@domain</i> is looked up.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
indexed files.
Alternatively, a table can be provided as a regular-
Alternatively, a table can be provided as a regular-
expression map where patterns are given as regular expres-
sions. In that case, only the full recipient address is
sions. In that case, only the full recipient address is
given to the regular-expression map.
<b>SECURITY</b>
The virtual delivery agent is not security sensitive, pro-
vided that the lookup tables with recipient user/group ID
information are adequately protected. This program is not
vided that the lookup tables with recipient user/group ID
information are adequately protected. This program is not
designed to run chrooted.
<b>STANDARDS</b>
@@ -116,46 +116,82 @@ VIRTUAL(8) VIRTUAL(8)
recipient is over disk quota. In all other cases, mail for
an existing recipient is deferred and a warning is logged.
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
rupted message files are marked so that the queue manager
Problems and transactions are logged to <b>syslogd</b>(8). Cor-
rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue afterwards.
Depending on the setting of the <b>notify</b><i>_</i><b>classes</b> parameter,
the postmaster is notified of bounces and of other trou-
Depending on the setting of the <b>notify_classes</b> parameter,
the postmaster is notified of bounces and of other trou-
ble.
<b>BUGS</b>
This delivery agent supports address extensions in email
This delivery agent supports address extensions in email
addresses and in lookup table keys, but does not propagate
address extension information to the result of table
address extension information to the result of table
lookup.
Postfix should have lookup tables that can return multiple
result attributes. In order to avoid the inconvenience of
result attributes. In order to avoid the inconvenience of
maintaining three tables, use an LDAP or MYSQL database.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix</b> <b>reload</b>
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant
to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values. Use the <b>postfix reload</b>
command after a configuration change.
<b>Mailbox</b> <b>delivery</b>
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base</b>
Specifies a path that is prepended to all mailbox
or maildir paths. This is a safety measure to
ensure that an out of control map in <b>virtual</b><i>_</i><b>mail-</b>
<b>box</b><i>_</i><b>maps</b> doesn't litter the filesystem with mail-
boxes. While it could be set to "/", this setting
<b>Mailbox delivery</b>
<b>virtual_mailbox_base</b>
Specifies a path that is prepended to all mailbox
or maildir paths. This is a safety measure to
ensure that an out of control map in <b>virtual_mail-</b>
<b>box_maps</b> doesn't litter the filesystem with mail-
boxes. While it could be set to "/", this setting
isn't recommended.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>maps</b>
<b>virtual_mailbox_maps</b>
Recipients are looked up in these maps to determine
the path to their mailbox or maildir. If the
returned path ends in a slash ("/"), maildir-style
delivery is carried out, otherwise the path is
the path to their mailbox or maildir. If the
returned path ends in a slash ("/"), maildir-style
delivery is carried out, otherwise the path is
assumed to specify a UNIX-style mailbox file.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
Note that <b>virtual_mailbox_base</b> is unconditionally
prepended to this path.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>virtual_mailbox_domains</b>
The list of domains that should be delivered via
the Postfix virtual delivery agent. This uses the
same syntax as the <b>mydestination</b> configuration
parameter.
<b>virtual_minimum_uid</b>
Specifies a minimum uid that will be accepted as a
return from a <b>virtual_uid_maps</b> lookup. Returned
values less than this will be rejected, and the
message will be deferred.
<b>virtual_uid_maps</b>
Recipients are looked up in these maps to determine
the user ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
@@ -164,131 +200,95 @@ VIRTUAL(8) VIRTUAL(8)
domain that does not have a specific
<i>user@domain.tld</i> entry.
Note that <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>base</b> is unconditionally
prepended to this path.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
The list of domains that should be delivered via
the Postfix virtual delivery agent. This uses the
same syntax as the <b>mydestination</b> configuration
parameter.
<b>virtual</b><i>_</i><b>minimum</b><i>_</i><b>uid</b>
Specifies a minimum uid that will be accepted as a
return from a <b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b> lookup. Returned
values less than this will be rejected, and the
message will be deferred.
<b>virtual</b><i>_</i><b>uid</b><i>_</i><b>maps</b>
<b>virtual_gid_maps</b>
Recipients are looked up in these maps to determine
the user ID to be used when writing to the target
the group ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>virtual</b><i>_</i><b>gid</b><i>_</i><b>maps</b>
Recipients are looked up in these maps to determine
the group ID to be used when writing to the target
mailbox.
While searching a lookup table, an address exten-
sion (<i>user+foo@domain.tld</i>) is ignored.
In a lookup table, specify a left-hand side of
<i>@domain.tld</i> to match any user in the specified
domain that does not have a specific
<i>user@domain.tld</i> entry.
For security reasons, regular expression maps are
allowed but regular expression substitution of $1
etc. is disallowed, because that would open a secu-
rity hole.
For security reasons, proxied table lookup is not
allowed, because that would open a security hole.
<b>Locking</b> <b>controls</b>
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>lock</b>
How to lock UNIX-style mailboxes: one or more of
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
requires that the recipient UID or GID has write
<b>Locking controls</b>
<b>virtual_mailbox_lock</b>
How to lock UNIX-style mailboxes: one or more of
<b>flock</b>, <b>fcntl</b> or <b>dotlock</b>. The <b>dotlock</b> method
requires that the recipient UID or GID has write
access to the parent directory of the mailbox file.
This setting is ignored with <b>maildir</b> style deliv-
This setting is ignored with <b>maildir</b> style deliv-
ery, because such deliveries are safe without
explicit locks.
Use the command <b>postconf</b> <b>-l</b> to find out what lock-
Use the command <b>postconf -l</b> to find out what lock-
ing methods are available on your system.
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>attempts</b>
Limit the number of attempts to acquire an exclu-
<b>deliver_lock_attempts</b>
Limit the number of attempts to acquire an exclu-
sive lock on a UNIX-style mailbox file.
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>delay</b>
<b>deliver_lock_delay</b>
Time (default: seconds) between successive attempts
to acquire an exclusive lock on a UNIX-style mail-
box file. The actual delay is slightly randomized.
to acquire an exclusive lock on a UNIX-style mail-
box file. The actual delay is slightly randomized.
<b>stale</b><i>_</i><b>lock</b><i>_</i><b>time</b>
Limit the time after which a stale lockfile is
removed (applicable to UNIX-style mailboxes only).
<b>stale_lock_time</b>
Limit the time after which a stale lockfile is
removed (applicable to UNIX-style mailboxes only).
<b>Resource</b> <b>controls</b>
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
<b>Resource controls</b>
<b>virtual_destination_concurrency_limit</b>
Limit the number of parallel deliveries to the same
domain via the <b>virtual</b> delivery agent. The default
limit is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>concur-</b>
<b>rency</b><i>_</i><b>limit</b> parameter. The limit is enforced by
limit is taken from the <b>default_destination_concur-</b>
<b>rency_limit</b> parameter. The limit is enforced by
the Postfix queue manager.
<b>virtual</b><i>_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
<b>virtual_destination_recipient_limit</b>
Limit the number of recipients per message delivery
via the <b>virtual</b> delivery agent. The default limit
is taken from the <b>default</b><i>_</i><b>destination</b><i>_</i><b>recipi-</b>
<b>ent</b><i>_</i><b>limit</b> parameter. The limit is enforced by the
via the <b>virtual</b> delivery agent. The default limit
is taken from the <b>default_destination_recipi-</b>
<b>ent_limit</b> parameter. The limit is enforced by the
Postfix queue manager.
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
The maximal size in bytes of a mailbox or maildir
<b>virtual_mailbox_limit</b>
The maximal size in bytes of a mailbox or maildir
file. Set to zero to disable the limit.
<b>HISTORY</b>
This agent was originally based on the Postfix local
This agent was originally based on the Postfix local
delivery agent. Modifications mainly consisted of removing
code that either was not applicable or that was not safe
in this context: aliases, ~user/.forward files, delivery
code that either was not applicable or that was not safe
in this context: aliases, ~user/.forward files, delivery
to "|command" or to /file/name.
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
Daniel Bernstein.
The <b>maildir</b> structure appears in the <b>qmail</b> system by
The <b>maildir</b> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>SEE</b> <b>ALSO</b>
<b>SEE ALSO</b>
<a href="regexp_table.5.html">regexp_table(5)</a> POSIX regular expression table format
<a href="pcre_table.5.html">pcre_table(5)</a> Perl Compatible Regular Expression table format
<a href="bounce.8.html">bounce(8)</a> non-delivery status reports
@@ -296,7 +296,7 @@ VIRTUAL(8) VIRTUAL(8)
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

8
postfix/man/man1/postalias.1
View File

@@ -32,10 +32,6 @@ The format of Postfix alias input files is described in
\fBaliases\fR(5).
Options:
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
and values. By default, Postfix does whatever is the default for
the host operating system.
.IP "\fB-c \fIconfig_dir\fR"
Read the \fBmain.cf\fR configuration file in the named directory
instead of the default configuration directory.
@@ -53,6 +49,10 @@ a map.
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostalias\fR creates
a new database from the entries in \fIfile_name\fR.
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
and values. By default, Postfix does whatever is the default for
the host operating system.
.IP \fB-n\fR
Don't include the terminating null character that terminates lookup
keys and values. By default, Postfix does whatever is the default for

8
postfix/man/man1/postmap.1
View File

@@ -57,10 +57,6 @@ to lowercase to make mapping lookups case insensitive.
.nf
.ad
.fi
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
and values. By default, Postfix does whatever is the default for
the host operating system.
.IP "\fB-c \fIconfig_dir\fR"
Read the \fBmain.cf\fR configuration file in the named directory
instead of the default configuration directory.
@@ -78,6 +74,10 @@ a map.
Incremental mode. Read entries from standard input and do not
truncate an existing database. By default, \fBpostmap\fR creates
a new database from the entries in \fBfile_name\fR.
.IP \fB-N\fR
Include the terminating null character that terminates lookup keys
and values. By default, Postfix does whatever is the default for
the host operating system.
.IP \fB-n\fR
Don't include the terminating null character that terminates lookup
keys and values. By default, Postfix does whatever is the default for

13
postfix/man/man5/access.5
View File

@@ -124,6 +124,19 @@ the numerical code and text.
Reject the address etc. that matches the pattern. Reply with
\fI$reject_code optional text...\fR when the optional text is
specified, otherwise reply with a generic error response message.
.IP \fBDEFER_IF_REJECT\fR
.IP "\fBDEFER_IF_REJECT \fIoptional text...\fR
Defer the request if some later restriction would result in a
REJECT action. Reply with "\fB450\fI optional text...\fR when the
optional text is specified, otherwise reply with a generic error
response message.
.IP \fBDEFER_IF_PERMIT\fR
.IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR
Defer the request if some later restriction would result in a
PERMIT action (there is an implied PERMIT at the end of each
restriction list). Reply with "\fB450\fI optional text...\fR when the
optional text is specified, otherwise reply with a generic error
response message.
.IP \fBOK\fR
Accept the address etc. that matches the pattern.
.IP \fIall-numerical\fR

4
postfix/man/man8/virtual.8
View File

@@ -73,8 +73,8 @@ prepends an \fBX-Original-To:\fR header with the recipient address as
given to Postfix, and prepends a
\fBReturn-Path:\fR message header with the envelope sender address.
By definition, \fBmaildir\fR format does not require file locking
during mail delivery or retrieval.
By definition, \fBmaildir\fR format does not require application-level
file locking during mail delivery or retrieval.
.SH MAILBOX OWNERSHIP
.na
.nf

13
postfix/proto/access
View File

@@ -108,6 +108,19 @@
# Reject the address etc. that matches the pattern. Reply with
# \fI$reject_code optional text...\fR when the optional text is
# specified, otherwise reply with a generic error response message.
# .IP \fBDEFER_IF_REJECT\fR
# .IP "\fBDEFER_IF_REJECT \fIoptional text...\fR
# Defer the request if some later restriction would result in a
# REJECT action. Reply with "\fB450\fI optional text...\fR when the
# optional text is specified, otherwise reply with a generic error
# response message.
# .IP \fBDEFER_IF_PERMIT\fR
# .IP "\fBDEFER_IF_PERMIT \fIoptional text...\fR
# Defer the request if some later restriction would result in a
# PERMIT action (there is an implied PERMIT at the end of each
# restriction list). Reply with "\fB450\fI optional text...\fR when the
# optional text is specified, otherwise reply with a generic error
# response message.
# .IP \fBOK\fR
# Accept the address etc. that matches the pattern.
# .IP \fIall-numerical\fR

1
postfix/src/global/Makefile.in
View File

@@ -331,6 +331,7 @@ rewrite_clnt_test: rewrite_clnt rewrite_clnt.in rewrite_clnt.ref
# Requires: Postfix, root, relayhost=$mydomain, no transport map
resolve_clnt_test: resolve_clnt resolve_clnt.in resolve_clnt.ref
echo 'This test requires relayhost=$mydomain and no transport map'
sed -e "s/MYDOMAIN/`postconf -h mydomain`/g" \
-e "s/MYHOSTNAME/`postconf -h myhostname`/g" \
resolve_clnt.in | ./resolve_clnt >resolve_clnt.tmp

2
postfix/src/global/mail_version.h
View File

@@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
#define MAIL_RELEASE_DATE "20030717"
#define MAIL_RELEASE_DATE "20030728"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.14-" MAIL_RELEASE_DATE

8
postfix/src/postalias/postalias.c
View File

@@ -26,10 +26,6 @@
/* \fBaliases\fR(5).
/*
/* Options:
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
/* and values. By default, Postfix does whatever is the default for
/* the host operating system.
/* .IP "\fB-c \fIconfig_dir\fR"
/* Read the \fBmain.cf\fR configuration file in the named directory
/* instead of the default configuration directory.
@@ -47,6 +43,10 @@
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostalias\fR creates
/* a new database from the entries in \fIfile_name\fR.
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
/* and values. By default, Postfix does whatever is the default for
/* the host operating system.
/* .IP \fB-n\fR
/* Don't include the terminating null character that terminates lookup
/* keys and values. By default, Postfix does whatever is the default for

8
postfix/src/postmap/postmap.c
View File

@@ -47,10 +47,6 @@
/* COMMAND-LINE ARGUMENTS
/* .ad
/* .fi
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
/* and values. By default, Postfix does whatever is the default for
/* the host operating system.
/* .IP "\fB-c \fIconfig_dir\fR"
/* Read the \fBmain.cf\fR configuration file in the named directory
/* instead of the default configuration directory.
@@ -68,6 +64,10 @@
/* Incremental mode. Read entries from standard input and do not
/* truncate an existing database. By default, \fBpostmap\fR creates
/* a new database from the entries in \fBfile_name\fR.
/* .IP \fB-N\fR
/* Include the terminating null character that terminates lookup keys
/* and values. By default, Postfix does whatever is the default for
/* the host operating system.
/* .IP \fB-n\fR
/* Don't include the terminating null character that terminates lookup
/* keys and values. By default, Postfix does whatever is the default for

2
postfix/src/smtp/smtp_chat.c
View File

@@ -193,7 +193,7 @@ SMTP_RESP *smtp_chat_resp(SMTP_STATE *state)
msg_warn("%s: response longer than %d: %.30s...",
session->namaddr, var_line_limit, STR(state->buffer));
if (msg_verbose)
msg_info("< %s: %s", session->namaddr, STR(state->buffer));
msg_info("< %s: %.100s", session->namaddr, STR(state->buffer));
/*
* Defend against a denial of service attack by limiting the amount

24
postfix/src/smtpd/smtpd_check.c
View File

@@ -1901,6 +1901,30 @@ static int check_table_result(SMTPD_STATE *state, const char *table,
}
}
/*
* DEFER_IF_PERMIT means NO, eventually. Use optional text or generate a
* generic error response.
*/
if (STREQUAL(value, DEFER_IF_PERMIT, cmd_len)) {
DEFER_IF_PERMIT3(state, MAIL_ERROR_POLICY,
"450 <%s>: %s rejected: %s",
reply_name, reply_class,
*cmd_text ? cmd_text : "Service unavailable");
return (SMTPD_CHECK_DUNNO);
}
/*
* DEFER_IF_REJECT means NO, eventually. Use optional text or generate a
* generic error response.
*/
if (STREQUAL(value, DEFER_IF_REJECT, cmd_len)) {
DEFER_IF_REJECT3(state, MAIL_ERROR_POLICY,
"450 <%s>: %s rejected: %s",
reply_name, reply_class,
*cmd_text ? cmd_text : "Service unavailable");
return (SMTPD_CHECK_DUNNO);
}
/*
* All-numeric result probably means OK - some out-of-band authentication
* mechanism uses this as time stamp.

2
postfix/src/smtpd/smtpd_proxy.c
View File

@@ -347,7 +347,7 @@ int smtpd_proxy_cmd(SMTPD_STATE *state, int expect, const char *fmt,...)
VSTREAM_PATH(state->proxy), var_line_limit,
STR(state->proxy_buffer));
if (msg_verbose)
msg_info("< %s: %s", VSTREAM_PATH(state->proxy),
msg_info("< %s: %.100s", VSTREAM_PATH(state->proxy),
STR(state->proxy_buffer));
/*

1
postfix/src/trivial-rewrite/resolve.c
View File

@@ -260,6 +260,7 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
if (saved_domain)
tok822_free_tree(saved_domain);
saved_domain = domain;
domain = 0; /* safety for future change */
}
/*

21
postfix/src/util/dict_mysql.c
View File

@@ -7,10 +7,10 @@
/* #include <dict.h>
/* #include <dict_mysql.h>
/*
/* DICT *dict_mysql_open(name, dummy, unused_dict_flags)
/* DICT *dict_mysql_open(name, open_flags, dict_flags)
/* const char *name;
/* int dummy;
/* int unused_dict_flags;
/* int open_flags;
/* int dict_flags;
/* DESCRIPTION
/* dict_mysql_open() creates a dictionary of type 'mysql'. This
/* dictionary is an interface for the postfix key->value mappings
@@ -46,8 +46,10 @@
/*
/* .IP other_name
/* reference for outside use.
/* .IP unusued_flags
/* unused flags
/* .IP open_flags
/* Must be O_RDONLY.
/* .IP dict_flags
/* See dict_open(3).
/* SEE ALSO
/* dict(3) generic dictionary manager
/* AUTHOR(S)
@@ -358,11 +360,18 @@ static void plmysql_down_host(HOST *host)
* parse the map's config file
* allocate memory
**********************************************************************/
DICT *dict_mysql_open(const char *name, int unused_open_flags, int dict_flags)
DICT *dict_mysql_open(const char *name, int open_flags, int dict_flags)
{
DICT_MYSQL *dict_mysql;
int connections;
/*
* Sanity checks.
*/
if (open_flags != O_RDONLY)
msg_fatal("%s:%s map requires O_RDONLY access mode",
DICT_TYPE_MYSQL, name);
dict_mysql = (DICT_MYSQL *) dict_alloc(DICT_TYPE_MYSQL, name,
sizeof(DICT_MYSQL));
dict_mysql->dict.lookup = dict_mysql_lookup;

26
postfix/src/util/dict_pgsql.c
View File

@@ -6,10 +6,10 @@
/* SYNOPSIS
/* #include <dict_pgsql.h>
/*
/* DICT *dict_pgsql_open(name, unused_open_flags, unused_dict_flags)
/* DICT *dict_pgsql_open(name, open_flags, dict_flags)
/* const char *name;
/* int unused_open_flags;
/* int unused_dict_flags;
/* int open_flags;
/* int dict_flags;
/* DESCRIPTION
/* dict_pgsql_open() creates a dictionary of type 'pgsql'. This
/* dictionary is an interface for the postfix key->value mappings
@@ -48,8 +48,10 @@
/*
/* .IP other_name
/* reference for outside use.
/* .IP unusued_flags
/* unused flags
/* .IP open_flags
/* Must be O_RDONLY.
/* .IP dict_flags
/* See dict_open(3).
/* SEE ALSO
/* dict(3) generic dictionary manager
/* AUTHOR(S)
@@ -489,16 +491,25 @@ static void plpgsql_down_host(HOST *host)
* parse the map's config file
* allocate memory
**********************************************************************/
DICT *dict_pgsql_open(const char *name, int unused_flags, int unused_dict_flags)
DICT *dict_pgsql_open(const char *name, int open_flags, int dict_flags)
{
DICT_PGSQL *dict_pgsql;
dict_pgsql = (DICT_PGSQL *) mymalloc(sizeof(DICT_PGSQL));
/*
* Sanity checks.
*/
if (open_flags != O_RDONLY)
msg_fatal("%s:%s map requires O_RDONLY access mode",
DICT_TYPE_PGSQL, name);
dict_pgsql = (DICT_PGSQL *) dict_alloc(DICT_TYPE_PGSQL, name,
sizeof(DICT_PGSQL));
dict_pgsql->dict.lookup = dict_pgsql_lookup;
dict_pgsql->dict.close = dict_pgsql_close;
dict_pgsql->name = pgsqlname_parse(name);
dict_pgsql->pldb = plpgsql_init(dict_pgsql->name->hostnames,
dict_pgsql->name->len_hosts);
dict_pgsql->dict.flags = dict_flags | DICT_FLAG_FIXED;
if (dict_pgsql->pldb == NULL)
msg_fatal("couldn't intialize pldb!\n");
dict_register(name, (DICT *) dict_pgsql);
@@ -701,6 +712,7 @@ static void dict_pgsql_close(DICT *dict)
}
myfree((char *) dict_pgsql->name->hostnames);
myfree((char *) dict_pgsql->name);
dict_free(dict);
}
/* plpgsql_dealloc - free memory associated with PLPGSQL close databases */

4
postfix/src/virtual/virtual.c
View File

@@ -61,8 +61,8 @@
/* given to Postfix, and prepends a
/* \fBReturn-Path:\fR message header with the envelope sender address.
/*
/* By definition, \fBmaildir\fR format does not require file locking
/* during mail delivery or retrieval.
/* By definition, \fBmaildir\fR format does not require application-level
/* file locking during mail delivery or retrieval.
/* MAILBOX OWNERSHIP
/* .ad
/* .fi