mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 21:55:20 +00:00
Code Issues Releases Wiki Activity

snapshot-20001118

Browse Source
This commit is contained in:
Wietse Venema
2000-11-18 00:00:00 -05:00
committed by Viktor Dukhovni
parent 5d6408c2f3
commit 8908b7e5da
40 changed files with 943 additions and 620 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
postfix/HISTORY
View File

@@ -4445,3 +4445,53 @@ Apologies for any names omitted.
Cleanup: changed prototype of internal function that did
not return a useful result. File: src/util/vstream_popen.c.
20001110
Workaround: the Debian post install script passes an open
file descriptor into the master server and waits forever.
Reported by Lamont Jones. File: master/master.c.
20001114
Compatibility: added sendmail -G (gateway submission) option
for compatibility with the sendmail rmail command. Requested
by David Gilbert, Velocet Communications.
20001116
Documentation: added MAILER-DAEMON to the list of sample
masquerade_exceptions settings in conf/sample-rewrite.cf.
Suggested by Karl O. Pinc, pop.artic.edu.
Performance: the slow start (gradually increase number of
parallel connections to the same site) was too gentle and
Postfix would back off too quickly. Files: qmgr/qmgr_queue.c
and nqmgr/qmgr_queue.c. Yup, changed the same code, again.
We now allow for a margin above the actual concurrency,
with the size of the initial destination concurrency.
Bugfix: the recipient home directory test broke mailbox_transport
support for non-UNIX recipients. File: local/recipient.c.
20001117
Robustness: additional integrity tests for the nqmgr by
Patrik Rak. File: nqmgr/qmgr_message.c.
20001118
Bugfix: the new LDAP client code did not work properly if
the new ldap_domain parameter was not specified. LaMont
Jones, HP. File: util/dict_ldap.c.
Feature: the soft_bounce safety net is extended to the SMTP
server. With "soft_bounce = yes", The SMTP server changes
all 5xx (reject) replies into 4xx (try again) replies.
Documentation: the virtual(5) man page now documents both
Postfix-style virtual domains and Sendmail-style virtual
domains, including their interaction with local usernames,
aliases and mailing lists. Hopefully, this ends some of
the confusion surrounding virtual domain support. Updated
several FAQ entries concerning virtual domain support.

4
postfix/SASL_README
View File

@@ -45,6 +45,10 @@ from:
IMPORTANT: if you install the Cyrus SASL libraries as per the default,
you will have to symlink /usr/lib/sasl -> /usr/local/lib/sasl.
Reportedly, Microsoft Internet Explorer version 5 requires the
non-standard SASL LOGIN authentication method. To enable this
authentication method, specify ``./configure --enable-login''.
Building Postfix with SASL authentication support
=================================================

16
postfix/conf/aliases
View File

@@ -43,7 +43,8 @@ decode: root
#
# DESCRIPTION
# The aliases file provides a system-wide mechanism to redi-
# rect mail for local recipients.
# rect mail for local recipients. The redirections are pro-
# cessed by the Postfix local(8) delivery agent.
#
# The file serves as input to the postalias(1) command. The
# result, an indexed file in dbm or db format, is used for
@@ -87,13 +88,12 @@ decode: root
#
# The value contains one or more of the following:
#
# address
# Mail is forwarded to address, which is compatible
#
# 1
#
# ALIASES(5) ALIASES(5)
#
# address
# Mail is forwarded to address, which is compatible
# with the RFC 822 standard.
#
# /file/name
@@ -145,14 +145,14 @@ decode: root
# Restrict the usage of mail delivery to external
# command.
#
# allow_mail_to_files
# Restrict the usage of mail delivery to external
# file.
#
# 2
#
# ALIASES(5) ALIASES(5)
#
# allow_mail_to_files
# Restrict the usage of mail delivery to external
# file.
#
# owner_request_special
# Give special treatment to owner-xxx and xxx-request
# addresses.

13
postfix/conf/canonical
View File

@@ -8,15 +8,16 @@
# postmap /etc/postfix/canonical
#
# DESCRIPTION
# The optional canonical file specifies an address mapping
# The optional canonical table specifies an address mapping
# for local and non-local addresses. The mapping is used by
# the cleanup(8) daemon. The address mapping is recursive.
#
# Normally, the file serves as input to the postmap(1) com-
# mand. The result, an indexed file in dbm or db format, is
# used for fast searching by the mail system. Execute the
# command postmap /etc/postfix/canonical in order to rebuild
# the indexed file after changing the canonical table.
# Normally, the canonical table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# postmap /etc/postfix/canonical in order to rebuild the
# indexed file after changing the text file.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary

1
postfix/conf/sample-rewrite.cf
View File

@@ -40,6 +40,7 @@ masquerade_domains =
#
# By default, address masquerading makes no exceptions.
#
#masquerade_exceptions = root,mailer-daemon
#masquerade_exceptions = root
masquerade_exceptions =

106
postfix/conf/virtual
View File

@@ -8,22 +8,23 @@
# postmap /etc/postfix/virtual
#
# DESCRIPTION
# The optional virtual table specifies redirections for
# local and non-local recipients or domains. The redirec-
# tions are used by the cleanup(8) daemon. The redirections
# are recursive.
# The optional virtual table specifies address redirections
# for local and non-local recipients or domains. The redi-
# rections are used by the cleanup(8) daemon. The redirec-
# tions are recursive.
#
# The virtual redirection is applied only to the recipient
# envelope address, and does not affect message headers.
# The virtual redirection is applied only to recipient enve-
# lope addresses, and does not affect message headers.
# Think Sendmail rule set S0, if you like. Use canonical(5)
# mapping to rewrite header and envelope addresses in gen-
# eral.
#
# Normally, the file serves as input to the postmap(1) com-
# mand. The result, an indexed file in dbm or db format, is
# used for fast searching by the mail system. Execute the
# command postmap /etc/postfix/virtual in order to rebuild
# the indexed file after changing the virtual table.
# Normally, the virtual table is specified as a text file
# that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# postmap /etc/postfix/virtual in order to rebuild the
# indexed file after changing the text file.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
@@ -34,19 +35,76 @@
# sions. In that case, the lookups are done in a slightly
# different way as described below.
#
# TABLE FORMAT
# Typical support for a virtual domain looks like the fol-
# lowing:
# POSTFIX-STYLE VIRTUAL DOMAINS
# With a Postfix-style virtual domain, the virtual domain
# has its own user name space. Local (i.e. non-virtual)
# usernames are not visible in a Postfix-style virtual
# domain. In particular, local aliases(5) and mailing lists
# are not visible in a Postfix-style virtual domain.
#
# Use a Sendmail-style virtual domain (see below) if local
# usernames, aliases(5) or mailing lists should be visible
# in that virtual domain.
#
# Support for a Postfix-style virtual domain looks like:
#
# /etc/postfix/virtual:
# virtual.domain anything (right-hand content does not matter)
# postmaster@virtual.domain postmaster
# user1@virtual.domain address1
# user2@virtual.domain address2, address3
#
# With this, the SMTP server accepts mail for virtual.domain
# and rejects mail for unknown@virtual.domain as undeliver-
# The virtual.domain anything entry is required for a
#
# 1
#
# VIRTUAL(5) VIRTUAL(5)
#
# Postfix-style virtual domain.
#
# Do not list the virtual domain in the main.cf mydestina-
# tion configuration parameter. Such an entry is required
# only for a Sendmail-style virtual domain.
#
# With a Postfix-style virtual domain, the Postfix SMTP
# server accepts mail for known-user@virtual.domain and
# rejects mail for unknown-user@virtual.domain as undeliver-
# able.
#
# SENDMAIL-STYLE VIRTUAL DOMAINS
# With a Sendmail-style virtual domain, every local (i.e.
# non-virtual) username is visible in the virtual domain. In
# particular, every local alias and mailing list is visible
# in a Sendmail-style virtual domain.
#
# Use a Postfix-style virtual domain (see above) if local
# usernames, aliases(5) or mailing lists should not be visi-
# ble in that virtual domain.
#
# Support for a Sendmail-style virtual domain looks like:
#
# /etc/postfix/main.cf:
# mydestination = $myhostname localhost.$mydomain $mydomain
# virtual.domain
#
# /etc/postfix/virtual:
# user1@virtual.domain address1
# user2@virtual.domain address2, address3
#
# The main.cf mydestination entry is required for a Send-
# mail-style virtual domain.
#
# Do not specify a virtual.domain whatever entry in the vir-
# tual table. Such an entry is required only with a Postfix-
# style virtual domain.
#
# With a Sendmail-style virtual domain, the Postfix local
# delivery agent delivers mail for an unknown user@vir-
# tual.domain to a local (i.e. non-virtual) user that has
# the same name; if no such recipient exists, the Postfix
# local delivery agent bounces the mail to the sender.
#
# TABLE FORMAT
# The format of the virtual table is as follows, mappings
# being tried in the order as listed in this manual page:
#
@@ -54,13 +112,14 @@
# Blank lines are ignored, as are lines beginning
# with `#'.
#
# 1
# leading whitespace
# Lines that begin with whitespace continue the
#
# 2
#
# VIRTUAL(5) VIRTUAL(5)
#
# leading whitespace
# Lines that begin with whitespace continue the pre-
# vious line.
# previous line.
#
# pattern result
# When pattern matches a mail address, replace it by
@@ -113,11 +172,12 @@
# constituent parts, nor is user+foo broken up into user and
# foo.
#
# 2
# Patterns are applied in the order as specified in the
#
# 3
#
# VIRTUAL(5) VIRTUAL(5)
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# string.
#
@@ -170,5 +230,5 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# 3
# 4
#

20
postfix/html/aliases.5.html
View File

@@ -13,7 +13,8 @@ ALIASES(5) ALIASES(5)
<b>DESCRIPTION</b>
The <b>aliases</b> file provides a system-wide mechanism to redi-
rect mail for local recipients.
rect mail for local recipients. The redirections are pro-
cessed by the Postfix <a href="local.8.html"><b>local</b>(8)</a> delivery agent.
The file serves as input to the <a href="postalias.1.html"><b>postalias</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
@@ -57,8 +58,7 @@ ALIASES(5) ALIASES(5)
The <i>value</i> contains one or more of the following:
<i>address</i>
Mail is forwarded to <i>address</i>, which is compatible
@@ -71,6 +71,8 @@ ALIASES(5) ALIASES(5)
ALIASES(5) ALIASES(5)
<i>address</i>
Mail is forwarded to <i>address</i>, which is compatible
with the <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> standard.
<i>/file/name</i>
@@ -122,9 +124,7 @@ ALIASES(5) ALIASES(5)
Restrict the usage of mail delivery to external
command.
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
Restrict the usage of mail delivery to external
file.
@@ -137,6 +137,10 @@ ALIASES(5) ALIASES(5)
ALIASES(5) ALIASES(5)
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
Restrict the usage of mail delivery to external
file.
<b>owner</b><i>_</i><b>request</b><i>_</i><b>special</b>
Give special treatment to <b>owner-</b><i>xxx</i> and <i>xxx</i><b>-request</b>
addresses.
@@ -185,10 +189,6 @@ ALIASES(5) ALIASES(5)

14
postfix/html/canonical.5.html
View File

@@ -12,15 +12,16 @@ CANONICAL(5) CANONICAL(5)
<b>postmap</b> <b>/etc/postfix/canonical</b>
<b>DESCRIPTION</b>
The optional <b>canonical</b> file specifies an address mapping
The optional <b>canonical</b> table specifies an address mapping
for local and non-local addresses. The mapping is used by
the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. The address mapping is recursive.
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
used for fast searching by the mail system. Execute the
command <b>postmap</b> <b>/etc/postfix/canonical</b> in order to rebuild
the indexed file after changing the canonical table.
Normally, the <b>canonical</b> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
<b>postmap</b> <b>/etc/postfix/canonical</b> in order to rebuild the
indexed file after changing the text file.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
@@ -61,7 +62,6 @@ CANONICAL(5) CANONICAL(5)
1

193
postfix/html/faq.html
View File

@@ -128,7 +128,7 @@ addresses</a>
<li><a href="#mobile">Relaying mail for mobile users</a>
<li><a href="#virtual_setup">Postfix refuses mail for virtual
<li><a href="#virtual_relay">Postfix refuses mail for virtual
domains with "relay access denied"</a>
<li><a href="#relay_restrict">Restricting what users can send mail to off-site destinations</a>
@@ -155,6 +155,8 @@ domains with "relay access denied"</a>
<li><a href="#root">Root's mail is delivered to nobody</a>
<li><a href="#biff">What does "biff_notify: Connection refused" mean?</a>
<li><a href="#bogus">Postfix accepts mail for non-existing local users</a>
<li><a href="#some_local">Delivering some users locally while
@@ -190,27 +192,24 @@ distribution list</a>
<li><a href="#owner-foo">Postfix ignores the owner-list alias</a>
<li><a href="#virtual_command">Commands and mailing lists don't work in Postfix virtual maps</a>
</ul>
<a name="virtual_domains"><h3>Virtual domains</h3>
<ul>
<li><a href="#virtual_setup">How to configure a Postfix virtual domain</a>
<li><a href="#unknown_virtual_accept">Postfix does not refuse mail for
unknown users in virtual domains</a>
<li><a href="#virtual_setup">Postfix does not refuse mail for
unknown virtual users</a>
<li><a href="#unknown_virtual_loop">Mail for unknown users in
virtual domains fails with "mail loops back to myself"</a>
<li><a href="#virtual_setup">Mail for unknown virtual users fails
with "mail loops back to myself"</a>
<li><a href="#virtual_setup">Postfix refuses mail for virtual
domains with "user unknown"</a>
<li><a href="#virtual_setup">Postfix refuses mail for virtual
<li><a href="#virtual_relay">Postfix refuses mail for virtual
domains with "relay access denied"</a>
<li><a href="#command">Commands don't work in Postfix virtual maps</a>
<li><a href="#virtual_command">Commands and mailing lists don't work in Postfix virtual maps</a>
<li><a href="#domain_mailbox">Receiving a virtual domain in a
mailbox</a>
@@ -1480,10 +1479,41 @@ To find out the location for your system, execute the command
<hr>
<a name="biff"><h3>What does "biff_notify: Connection refused" mean?</h3>
By default, the Postfix local delivery agent attempts to notify
local users of the arrival of new mail. This feature makes use of
the <b>comsat</b> network service, which is turned off on many UNIX
systems for performance and/or security reasons.
<p>
The warning message means that new mail notificiation failed because
the <b>comsat</b> network service is turned off.
<p>
To disable the <b>comsat</b> client code in the Postfix delivery agent,
specify:
<p>
<pre>
/etc/postfix/main.cf:
biff = no
</pre>
<p>
To enable the <b>comsat</b> network service, uncomment the
corresponding entry in the <b>inetd.conf</b> file.
<hr>
<a name="bogus"><h3>Postfix accepts mail for non-existing local users</h3>
See elsewhere for how to reject mail for <a href="#virtual_setup">unknown
virtual</a> users.
See elsewhere for how to reject mail for <a
href="#unknown_virtual_accept">unknown users in virtual domains</a>.
<p>
@@ -1527,9 +1557,9 @@ The only way to find out is to try.
<p>
By default, the Postfix SMTP server does know about Postfix <a
href="#virtual_setup">virtual</a> maps, and will reject mail for
<i>unknown@virtual.domain</i> without further configuration.
By default, the Postfix SMTP server is aware of Postfix <a
href="virtual.5.html">virtual</a> maps, and will accept mail for
<i>known-user@virtual.domain</i> without further configuration.
<hr>
@@ -1928,68 +1958,37 @@ sense to make it moderated.
<hr>
<a name="virtual_setup"><h3>How to configure a Postfix virtual domain</h3>
<a name="unknown_virtual_accept"><h3>Postfix does not refuse mail for
unknown users in virtual domains</h3></a>
Problem:
<a name="unknown_virtual_loop"><h3>Mail for unknown users in a
virtual domain fails with "mail loops back to myself"</h3></a>
<a name="virtual_relay"><h3>Postfix refuses mail for virtual
domains with "relay access denied"</h3></a>
Solution: specify a Postfix-style virtual domain or a Sendmail-style
virtual domain.
<p>
<ul>
<li>Postfix does not refuse mail for unknown virtual users.
<li>Mail for unknown virtual users fails with "mail loops back to
myself".
<li>Postfix refuses mail for virtual domains with "user unknown".
<li>Postfix refuses mail for virtual domains with "relay access
denied".
</ul>
<p>
Solution:
<p>
<ul>
<li> Add a magical entry to the Postfix virtual maps for
each Postfix virtual domain:
<p>
<pre>
/etc/postfix/virtual:
virtual.domain whatever
</pre>
<p>
<li> Do not list Postfix virtual domains in the <a
href="basic.html#mydestination">mydestination</a> parameter.
<li> Do not list Postfix virtual maps in the <b>local_recipient_maps</b>
parameter.
<li>As of Postfix version 19991226 it is no longer necessary to
specify virtual maps in the <a
href="uce.html#relay_domains">relay_domains</a> parameter. To find
out what Postfix version you have, execute the command <b>postconf
mail_version</b>.
</ul>
<p>
For more information on how to set up virtual domains, see the <a
href="virtual.5.html">virtual</a> manual page.
Be sure to follow instructions in the <a href="virtual.5.html">
virtual</a> manual page.
<hr>
<a name="command"><h3>Commands don't work in Postfix virtual maps</h3>
<a name="virtual_command"><h3>Commands and mailing lists don't work
in Postfix virtual maps</h3>
Short reply: specify a Sendmail-style <a href="virtual.5.html">virtual</a>
domain, and specify the command or mailing list in the local <a
href="aliases.5.html">aliases</a> file.
<p>
Long reply follows.
<p>
Delivering mail to a command is a security-sensitive operation,
because the command must be executed with the right privileges.
@@ -2003,56 +2002,6 @@ privileges where possible. In particular, Postfix virtual mapping
is done by an unprivileged daemon, so there is no secure way to
execute commands found in virtual maps.
<p>
Solution: specify a local alias instead. The Postfix local delivery
agent has sufficient privilege to execute commands with the right
privileges.
<p>
<ul>
<li>Set up a local alias that executes the command:
<p>
<pre>
/etc/aliases:
name-virtual.domain "|/some/where/command..."
</pre>
<p>
<li>Execute the command <b>newaliases</b> whenever you edit the
alias database.
<p>
<li>Forward mail for the virtual address to the local alias:
<p>
<pre>
/etc/postfix/virtual:
virtual.domain whatever
name@virtual.domain name-virtual.domain
</pre>
<p>
<li>Execute the command <b>postmap /etc/postfix/virtual</b> whenever
you edit the virtual database.
</ul>
<p>
Note: on some systems the alias database is not in <b>/etc/aliases</b>.
To find out the location for your system, execute the command
<b>postconf alias_maps</b>.
<hr>
<a name="domain_mailbox"><h3>Receiving a virtual domain in a mailbox</h3>

18
postfix/html/flush.8.html
View File

@@ -56,7 +56,7 @@ FLUSH(8) FLUSH(8)
<b>FLUSH</b><i>_</i><b>REQ</b><i>_</i><b>REFRESH</b> (completes in the background)
Refresh non-empty per-destination logfiles that
were not read in $<b>fast</b><i>_</i><b>flush</b><i>_</i><b>refresh</b><i>_</i><b>time</b> hours, by
were not read in <b>$fast</b><i>_</i><b>flush</b><i>_</i><b>refresh</b><i>_</i><b>time</b> hours, by
simulating send requests (see above) for the corre-
sponding destinations.
@@ -78,8 +78,8 @@ FLUSH(8) FLUSH(8)
Refresh all non-empty per-destination logfiles, by
simulating send requests (see above) for the corre-
sponding destinations. This can be incredibly
expensive when logging is enabled for all deferred
mail, and is not recommended.
expensive when logging is enabled for many destina-
tions, and is not recommended.
Delete empty per-destination logfiles that were not
updated in <b>fast</b><i>_</i><b>flush</b><i>_</i><b>purge</b><i>_</i><b>time</b> days.
@@ -115,12 +115,12 @@ FLUSH(8) FLUSH(8)
tion file.
Upon receipt of a request to deliver all mail for an eli-
gible destination, this server requests delivery of all
messages that are listed in that destination's logfile,
regardless of the recipients of those messages. This is
not an issue for mail that is sent to a <b>relay</b><i>_</i><b>domains</b> des-
tination because such mail typically only has recipients
in one domain.
gible destination, the <b>flush</b> server requests delivery of
all messages that are listed in that destination's log-
file, regardless of the recipients of those messages. This
is not an issue for mail that is sent to a <b>relay</b><i>_</i><b>domains</b>
destination because such mail typically only has recipi-
ents in one domain.
<b>FILES</b>
/var/spool/postfix/flush, location of "fast flush" logfiles.

34
postfix/html/local.8.html
View File

@@ -309,6 +309,9 @@ LOCAL(8) LOCAL(8)
<b>alias</b><i>_</i><b>maps</b>
List of alias databases.
<b>biff</b> Enable or disable notification of new mail via the
<b>comsat</b> network service.
<b>expand</b><i>_</i><b>owner</b><i>_</i><b>alias</b>
When delivering to an alias that has an owner- com-
panion alias, set the envelope sender address to
@@ -319,10 +322,7 @@ LOCAL(8) LOCAL(8)
Search list for .forward files. The names are sub-
ject to <i>$name</i> expansion.
<b>local</b><i>_</i><b>command</b><i>_</i><b>shell</b>
Shell to use for external command execution (for
example, /some/where/smrsh -c). When a shell is
specified, it is invoked even when the command
@@ -335,7 +335,11 @@ LOCAL(8) LOCAL(8)
LOCAL(8) LOCAL(8)
contains no shell built-in commands or meta charac-
<b>local</b><i>_</i><b>command</b><i>_</i><b>shell</b>
Shell to use for external command execution (for
example, /some/where/smrsh -c). When a shell is
specified, it is invoked even when the command con-
tains no shell built-in commands or meta charac-
ters.
<b>owner</b><i>_</i><b>request</b><i>_</i><b>special</b>
@@ -385,10 +389,6 @@ LOCAL(8) LOCAL(8)
<b>mailbox</b><i>_</i><b>transport</b>
Message transport to use for mailbox delivery to
all local recipients, whether or not they are found
in the UNIX passwd database. This parameter over-
rides all other configuration parameters that con-
trol mailbox delivery, including <b>luser</b><i>_</i><b>relay</b>.
@@ -401,6 +401,10 @@ LOCAL(8) LOCAL(8)
LOCAL(8) LOCAL(8)
in the UNIX passwd database. This parameter over-
rides all other configuration parameters that con-
trol mailbox delivery, including <b>luser</b><i>_</i><b>relay</b>.
<b>Locking</b> <b>controls</b>
<b>deliver</b><i>_</i><b>lock</b><i>_</i><b>attempts</b>
Limit the number of attempts to acquire an exclu-
@@ -450,10 +454,6 @@ LOCAL(8) LOCAL(8)
expansions of mailbox_command. Illegal characters
are replaced by underscores.
<b>default</b><i>_</i><b>privs</b>
Default rights for delivery to external file or
command.
@@ -467,6 +467,10 @@ LOCAL(8) LOCAL(8)
LOCAL(8) LOCAL(8)
<b>default</b><i>_</i><b>privs</b>
Default rights for delivery to external file or
command.
<b>forward</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
What characters are allowed to appear in $name
expansions of forward_path. Illegal characters are
@@ -515,10 +519,6 @@ LOCAL(8) LOCAL(8)

62
postfix/html/sendmail.1.html
View File

@@ -87,6 +87,10 @@ SENDMAIL(1) SENDMAIL(1)
Set the sender full name. This is used only with
messages that have no <b>From:</b> message header.
<b>-G</b> (ignored)
Gateway (relay) submission, as opposed to initial
user submission.
<b>-I</b> Initialize alias database. See the <b>newaliases</b> com-
mand above.
@@ -121,10 +125,6 @@ SENDMAIL(1) SENDMAIL(1)
dard output. This mode of operation is implemented
by running the <a href="smtpd.8.html"><b>smtpd</b>(8)</a> daemon.
<b>-f</b> <i>sender</i>
Set the envelope sender address. This is the
address where delivery problems are sent to, unless
the message contains an <b>Errors-To:</b> message header.
@@ -137,6 +137,11 @@ SENDMAIL(1) SENDMAIL(1)
SENDMAIL(1) SENDMAIL(1)
<b>-f</b> <i>sender</i>
Set the envelope sender address. This is the
address where delivery problems are sent to, unless
the message contains an <b>Errors-To:</b> message header.
<b>-h</b> <i>hop_count</i> (ignored)
Hop count limit. Use the <b>hopcount</b><i>_</i><b>limit</b> configura-
tion parameter instead.
@@ -185,12 +190,7 @@ SENDMAIL(1) SENDMAIL(1)
The interval between queue runs. Use the
<b>queue</b><i>_</i><b>run</b><i>_</i><b>delay</b> configuration parameter instead.
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. Depending on the desti-
nation, this uses "fast flush" service, or it has
the same effect as <b>sendmail</b> <b>-q</b>. This is imple-
mented by connecting to the local SMTP server. See
@@ -203,6 +203,12 @@ SENDMAIL(1) SENDMAIL(1)
SENDMAIL(1) SENDMAIL(1)
<b>-qR</b><i>site</i>
Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. Depending on the desti-
nation, this uses "fast flush" service, or it has
the same effect as <b>sendmail</b> <b>-q</b>. This is imple-
mented by connecting to the local SMTP server. See
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> for more information about the "fast
flush" service.
@@ -251,12 +257,6 @@ SENDMAIL(1) SENDMAIL(1)
<b>alias</b><i>_</i><b>database</b>
Default alias database(s) for <b>newaliases</b>. The
default value for this parameter is system-spe-
cific.
<b>bounce</b><i>_</i><b>size</b><i>_</i><b>limit</b>
The amount of original message context that is sent
along with a non-delivery notification.
@@ -269,6 +269,13 @@ SENDMAIL(1) SENDMAIL(1)
SENDMAIL(1) SENDMAIL(1)
default value for this parameter is system-spe-
cific.
<b>bounce</b><i>_</i><b>size</b><i>_</i><b>limit</b>
The amount of original message context that is sent
along with a non-delivery notification.
<b>database</b><i>_</i><b>type</b>
Default alias etc. database type. On many UNIX sys-
tems the default type is either <b>dbm</b> or <b>hash</b>.
@@ -316,13 +323,6 @@ SENDMAIL(1) SENDMAIL(1)
Directory with Postfix support commands (default:
<b>$program</b><i>_</i><b>directory</b>).
<b>daemon</b><i>_</i><b>directory</b>
Directory with Postfix daemon programs (default:
<b>$program</b><i>_</i><b>directory</b>).
<b>queue</b><i>_</i><b>directory</b>
Top-level directory of the Postfix queue. This is
also the root directory of Postfix daemons that run
@@ -335,6 +335,13 @@ SENDMAIL(1) SENDMAIL(1)
SENDMAIL(1) SENDMAIL(1)
<b>daemon</b><i>_</i><b>directory</b>
Directory with Postfix daemon programs (default:
<b>$program</b><i>_</i><b>directory</b>).
<b>queue</b><i>_</i><b>directory</b>
Top-level directory of the Postfix queue. This is
also the root directory of Postfix daemons that run
chrooted.
<b>queue</b><i>_</i><b>run</b><i>_</i><b>delay</b>
@@ -350,7 +357,7 @@ SENDMAIL(1) SENDMAIL(1)
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<a href="showq.8.html">showq(8)</a> list mail queue
<a href="smtpd.8.html">smtpd(8)</a> SMTP server
<a href="flushd.8.html">flushd(8)</a> fast flush service
flushd(8) fast flush service
syslogd(8) system logging
<b>LICENSE</b>
@@ -377,13 +384,6 @@ SENDMAIL(1) SENDMAIL(1)

36
postfix/html/smtpd.8.html
View File

@@ -181,16 +181,16 @@ SMTPD(8) SMTPD(8)
Limit the time to send a server response and to
receive a client request.
<b>soft</b><i>_</i><b>bounce</b>
Change hard (5xx) reject responses into soft (4xx)
reject responses. This can be useful for testing
purposes.
<b>Resource</b> <b>controls</b>
<b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
Limit the amount of memory in bytes used for the
handling of partial input lines.
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
Limit the total size in bytes of a message, includ-
ing on-disk storage for envelope information.
@@ -203,6 +203,10 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
<b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
Limit the total size in bytes of a message, includ-
ing on-disk storage for envelope information.
<b>queue</b><i>_</i><b>minfree</b>
Minimal amount of free space in bytes in the queue
file system for the SMTP server to accept any mail
@@ -253,10 +257,6 @@ SMTPD(8) SMTPD(8)
Restrict what domain names can be used in <b>ETRN</b> com-
mands, and what clients may issue <b>ETRN</b> commands.
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
Allow untrusted clients to specify addresses with
sender-specified routing. Enabling this opens up
nasty relay loopholes involving trusted backup MX
@@ -269,6 +269,10 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
Allow untrusted clients to specify addresses with
sender-specified routing. Enabling this opens up
nasty relay loopholes involving trusted backup MX
hosts.
<b>restriction</b><i>_</i><b>classes</b>
@@ -319,10 +323,6 @@ SMTPD(8) SMTPD(8)
Server response when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>hostname</b> restriction.
<b>SEE</b> <b>ALSO</b>
<a href="cleanup.8.html">cleanup(8)</a> message canonicalization
<a href="master.8.html">master(8)</a> process manager
syslogd(8) system logging
@@ -335,6 +335,11 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
<b>SEE</b> <b>ALSO</b>
<a href="cleanup.8.html">cleanup(8)</a> message canonicalization
<a href="master.8.html">master(8)</a> process manager
syslogd(8) system logging
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
software.
@@ -381,11 +386,6 @@ SMTPD(8) SMTPD(8)

128
postfix/html/virtual.5.html
View File

@@ -12,22 +12,23 @@ VIRTUAL(5) VIRTUAL(5)
<b>postmap</b> <b>/etc/postfix/virtual</b>
<b>DESCRIPTION</b>
The optional <b>virtual</b> table specifies redirections for
local and non-local recipients or domains. The redirec-
tions are used by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. The redirections
are recursive.
The optional <b>virtual</b> table specifies address redirections
for local and non-local recipients or domains. The redi-
rections are used by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon. The redirec-
tions are recursive.
The <b>virtual</b> redirection is applied only to the recipient
envelope address, and does not affect message headers.
The <b>virtual</b> redirection is applied only to recipient enve-
lope addresses, and does not affect message headers.
Think Sendmail rule set <b>S0</b>, if you like. Use <a href="canonical.5.html"><b>canonical</b>(5)</a>
mapping to rewrite header and envelope addresses in gen-
eral.
Normally, the file serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> com-
mand. The result, an indexed file in <b>dbm</b> or <b>db</b> format, is
used for fast searching by the mail system. Execute the
command <b>postmap</b> <b>/etc/postfix/virtual</b> in order to rebuild
the indexed file after changing the virtual table.
Normally, the <b>virtual</b> table is specified as a text file
that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
<b>postmap</b> <b>/etc/postfix/virtual</b> in order to rebuild the
indexed file after changing the text file.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
@@ -38,27 +39,26 @@ VIRTUAL(5) VIRTUAL(5)
sions. In that case, the lookups are done in a slightly
different way as described below.
<b>TABLE</b> <b>FORMAT</b>
Typical support for a virtual domain looks like the fol-
lowing:
<b>POSTFIX-STYLE</b> <b>VIRTUAL</b> <b>DOMAINS</b>
With a Postfix-style virtual domain, the virtual domain
has its own user name space. Local (i.e. non-virtual)
usernames are not visible in a Postfix-style virtual
domain. In particular, local <a href="aliases.5.html"><b>aliases</b>(5)</a> and mailing lists
are not visible in a Postfix-style virtual domain.
Use a Sendmail-style virtual domain (see below) if local
usernames, <a href="aliases.5.html"><b>aliases</b>(5)</a> or mailing lists should be visible
in that virtual domain.
Support for a Postfix-style virtual domain looks like:
/etc/postfix/virtual:
<i>virtual.domain</i> <i>anything</i> (right-hand content does not matter)
<i>postmaster@virtual.domain</i> <i>postmaster</i>
<i>user1@virtual.domain</i> <i>address1</i>
<i>user2@virtual.domain</i> <i>address2,</i> <i>address3</i>
With this, the SMTP server accepts mail for <i>virtual.domain</i>
and rejects mail for <i>unknown</i>@<i>virtual.domain</i> as undeliver-
able.
The format of the virtual table is as follows, mappings
being tried in the order as listed in this manual page:
blanks and comments
Blank lines are ignored, as are lines beginning
with `#'.
The <i>virtual.domain</i> <i>anything</i> entry is required for a
@@ -71,9 +71,73 @@ VIRTUAL(5) VIRTUAL(5)
VIRTUAL(5) VIRTUAL(5)
Postfix-style virtual domain.
Do not list the virtual domain in the <b>main.cf</b> <b>mydestina-</b>
<b>tion</b> configuration parameter. Such an entry is required
only for a Sendmail-style virtual domain.
With a Postfix-style virtual domain, the Postfix SMTP
server accepts mail for <i>known-user@virtual.domain</i> and
rejects mail for <i>unknown-user</i>@<i>virtual.domain</i> as undeliver-
able.
<b>SENDMAIL-STYLE</b> <b>VIRTUAL</b> <b>DOMAINS</b>
With a Sendmail-style virtual domain, every local (i.e.
non-virtual) username is visible in the virtual domain. In
particular, every local alias and mailing list is visible
in a Sendmail-style virtual domain.
Use a Postfix-style virtual domain (see above) if local
usernames, <a href="aliases.5.html"><b>aliases</b>(5)</a> or mailing lists should not be visi-
ble in that virtual domain.
Support for a Sendmail-style virtual domain looks like:
/etc/postfix/main.cf:
mydestination = $myhostname localhost.$mydomain $mydomain
<i>virtual.domain</i>
/etc/postfix/virtual:
<i>user1@virtual.domain</i> <i>address1</i>
<i>user2@virtual.domain</i> <i>address2,</i> <i>address3</i>
The <b>main.cf</b> <b>mydestination</b> entry is required for a Send-
mail-style virtual domain.
Do not specify a <i>virtual.domain</i> <i>whatever</i> entry in the vir-
tual table. Such an entry is required only with a Postfix-
style virtual domain.
With a Sendmail-style virtual domain, the Postfix local
delivery agent delivers mail for an unknown <i>user</i>@<i>vir-</i>
<i>tual.domain</i> to a local (i.e. non-virtual) user that has
the same name; if no such recipient exists, the Postfix
local delivery agent bounces the mail to the sender.
<b>TABLE</b> <b>FORMAT</b>
The format of the virtual table is as follows, mappings
being tried in the order as listed in this manual page:
blanks and comments
Blank lines are ignored, as are lines beginning
with `#'.
leading whitespace
Lines that begin with whitespace continue the pre-
vious line.
Lines that begin with whitespace continue the
2
VIRTUAL(5) VIRTUAL(5)
previous line.
<i>pattern</i> <i>result</i>
When <i>pattern</i> matches a mail address, replace it by
@@ -126,9 +190,11 @@ VIRTUAL(5) VIRTUAL(5)
constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and
<i>foo</i>.
Patterns are applied in the order as specified in the
2
3
@@ -137,7 +203,6 @@ VIRTUAL(5) VIRTUAL(5)
VIRTUAL(5) VIRTUAL(5)
Patterns are applied in the order as specified in the
table, until a pattern is found that matches the search
string.
@@ -194,7 +259,8 @@ VIRTUAL(5) VIRTUAL(5)
3
4
</pre> </body> </html>

2
postfix/man/man1/sendmail.1
View File

@@ -65,6 +65,8 @@ files are kept in \fB/etc/postfix\fR.
.IP "\fB-F \fIfull_name\fR
Set the sender full name. This is used only with messages that
have no \fBFrom:\fR message header.
.IP "\fB-G\fR (ignored)"
Gateway (relay) submission, as opposed to initial user submission.
.IP \fB-I\fR
Initialize alias database. See the \fBnewaliases\fR
command above.

3
postfix/man/man5/aliases.5
View File

@@ -14,7 +14,8 @@ format of the Postfix alias database
.ad
.fi
The \fBaliases\fR file provides a system-wide mechanism to
redirect mail for local recipients.
redirect mail for local recipients. The redirections are
processed by the Postfix \fBlocal\fR(8) delivery agent.
The file serves as input to the \fBpostalias\fR(1) command. The
result, an indexed file in \fBdbm\fR or \fBdb\fR format, is

7
postfix/man/man5/canonical.5
View File

@@ -12,15 +12,16 @@ format of Postfix canonical table
.SH DESCRIPTION
.ad
.fi
The optional \fBcanonical\fR file specifies an address mapping for
The optional \fBcanonical\fR table specifies an address mapping for
local and non-local addresses. The mapping is used by the
\fBcleanup\fR(8) daemon. The address mapping is recursive.
Normally, the file serves as input to the \fBpostmap\fR(1) command.
Normally, the \fBcanonical\fR table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
\fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed
file after changing the canonical table.
file after changing the text file.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.

91
postfix/man/man5/virtual.5
View File

@@ -12,20 +12,21 @@ format of Postfix virtual table
.SH DESCRIPTION
.ad
.fi
The optional \fBvirtual\fR table specifies redirections for local
and non-local recipients or domains. The redirections are used by
the \fBcleanup\fR(8) daemon. The redirections are recursive.
The optional \fBvirtual\fR table specifies address redirections for
local and non-local recipients or domains. The redirections are used
by the \fBcleanup\fR(8) daemon. The redirections are recursive.
The \fBvirtual\fR redirection is applied only to the recipient
envelope address, and does not affect message headers.
The \fBvirtual\fR redirection is applied only to recipient
envelope addresses, and does not affect message headers.
Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
mapping to rewrite header and envelope addresses in general.
Normally, the file serves as input to the \fBpostmap\fR(1) command.
Normally, the \fBvirtual\fR table is specified as a text file that
serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
\fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
file after changing the virtual table.
file after changing the text file.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
@@ -33,13 +34,24 @@ or SQL, the same lookups are done as for ordinary indexed files.
Alternatively, the table can be provided as a regular-expression
map where patterns are given as regular expressions. In that case,
the lookups are done in a slightly different way as described below.
.SH TABLE FORMAT
.SH POSTFIX-STYLE VIRTUAL DOMAINS
.na
.nf
.ad
.fi
Typical support for a virtual domain looks like the following:
With a Postfix-style virtual domain, the virtual domain has its
own user name space. Local (i.e. non-virtual) usernames are not
visible in a Postfix-style virtual domain. In particular, local
\fBaliases\fR(5) and mailing lists are not visible in a
Postfix-style virtual domain.
Use a Sendmail-style virtual domain (see below) if local usernames,
\fBaliases\fR(5) or mailing lists should be visible in that virtual
domain.
Support for a Postfix-style virtual domain looks like:
.sp
/etc/postfix/virtual:
.in +4
.nf
\fIvirtual.domain anything\fR (right-hand content does not matter)
@@ -49,9 +61,66 @@ Typical support for a virtual domain looks like the following:
.fi
.in -4
With this, the SMTP server accepts mail for \fIvirtual.domain\fR and
rejects mail for \fIunknown\fR@\fIvirtual.domain\fR as undeliverable.
The \fIvirtual.domain anything\fR entry is required for a
Postfix-style virtual domain.
Do not list the virtual domain in the \fBmain.cf mydestination\fR
configuration parameter. Such an entry is required only for a
Sendmail-style virtual domain.
With a Postfix-style virtual domain, the Postfix SMTP server
accepts mail for \fIknown-user@virtual.domain\fR and rejects
mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
.SH SENDMAIL-STYLE VIRTUAL DOMAINS
.na
.nf
.ad
.fi
With a Sendmail-style virtual domain, every local (i.e. non-virtual)
username is visible in the virtual domain. In particular, every
local alias and mailing list is visible in a Sendmail-style virtual
domain.
Use a Postfix-style virtual domain (see above) if local usernames,
\fBaliases\fR(5) or mailing lists should not be visible in that
virtual domain.
Support for a Sendmail-style virtual domain looks like:
.sp
/etc/postfix/main.cf:
.in +4
.nf
mydestination = $myhostname localhost.$mydomain $mydomain
.ti +4
\fIvirtual.domain\fR
.fi
.in -4
.sp
/etc/postfix/virtual:
.in +4
.nf
\fIuser1@virtual.domain address1\fR
\fIuser2@virtual.domain address2, address3\fR
.fi
.in -4
The \fBmain.cf mydestination\fR entry is required for a Sendmail-style
virtual domain.
Do not specify a \fIvirtual.domain whatever\fR entry in the
virtual table. Such an entry is required only with a
Postfix-style virtual domain.
With a Sendmail-style virtual domain, the Postfix local delivery
agent delivers mail for an unknown \fIuser\fR@\fIvirtual.domain\fR
to a local (i.e. non-virtual) user that has the same name; if no
such recipient exists, the Postfix local delivery agent bounces the
mail to the sender.
.SH TABLE FORMAT
.na
.nf
.ad
.fi
The format of the virtual table is as follows, mappings being
tried in the order as listed in this manual page:
.IP "blanks and comments"

8
postfix/man/man8/flush.8
View File

@@ -50,7 +50,7 @@ This wakeup request from the master is an alternative way to
request \fBFLUSH_REQ_REFRESH\fR.
.IP "\fBFLUSH_REQ_REFRESH\fR (completes in the background)"
Refresh non-empty per-destination logfiles that were not read in
$\fBfast_flush_refresh_time\fR hours, by simulating
\fB$fast_flush_refresh_time\fR hours, by simulating
send requests (see above) for the corresponding destinations.
.sp
Delete empty per-destination logfiles that were not updated in
@@ -59,7 +59,7 @@ Delete empty per-destination logfiles that were not updated in
Refresh all non-empty per-destination logfiles, by simulating
send requests (see above) for the corresponding destinations.
This can be incredibly expensive when logging is enabled for
all deferred mail, and is not recommended.
many destinations, and is not recommended.
.sp
Delete empty per-destination logfiles that were not updated in
\fBfast_flush_purge_time\fR days.
@@ -95,8 +95,8 @@ be automated with a suitable wakeup timer setting in the
\fBmaster.cf\fR configuration file.
Upon receipt of a request to deliver all mail for an eligible
destination, this server requests delivery of all messages that
are listed in that destination's logfile, regardless of the
destination, the \fBflush\fR server requests delivery of all messages
that are listed in that destination's logfile, regardless of the
recipients of those messages. This is not an issue for mail
that is sent to a \fBrelay_domains\fR destination because
such mail typically only has recipients in one domain.

3
postfix/man/man8/local.8
View File

@@ -284,6 +284,9 @@ a configuration change.
.fi
.IP \fBalias_maps\fR
List of alias databases.
.IP \fBbiff\fR
Enable or disable notification of new mail via the
\fBcomsat\fR network service.
.IP \fBexpand_owner_alias\fR
When delivering to an alias that has an owner- companion alias,
set the envelope sender address to the right-hand side of the

3
postfix/man/man8/smtpd.8
View File

@@ -138,6 +138,9 @@ per message delivery.
.IP \fBsmtpd_timeout\fR
Limit the time to send a server response and to receive a client
request.
.IP \fBsoft_bounce\fR
Change hard (5xx) reject responses into soft (4xx) reject responses.
This can be useful for testing purposes.
.SH "Resource controls"
.ad
.fi

3
postfix/proto/aliases
View File

@@ -8,7 +8,8 @@
# \fBnewaliases\fR
# DESCRIPTION
# The \fBaliases\fR file provides a system-wide mechanism to
# redirect mail for local recipients.
# redirect mail for local recipients. The redirections are
# processed by the Postfix \fBlocal\fR(8) delivery agent.
#
# The file serves as input to the \fBpostalias\fR(1) command. The
# result, an indexed file in \fBdbm\fR or \fBdb\fR format, is

7
postfix/proto/canonical
View File

@@ -6,15 +6,16 @@
# SYNOPSIS
# \fBpostmap /etc/postfix/canonical\fR
# DESCRIPTION
# The optional \fBcanonical\fR file specifies an address mapping for
# The optional \fBcanonical\fR table specifies an address mapping for
# local and non-local addresses. The mapping is used by the
# \fBcleanup\fR(8) daemon. The address mapping is recursive.
#
# Normally, the file serves as input to the \fBpostmap\fR(1) command.
# Normally, the \fBcanonical\fR table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
# \fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed
# file after changing the canonical table.
# file after changing the text file.
#
# When the table is provided via other means such as NIS, LDAP
# or SQL, the same lookups are done as for ordinary indexed files.

87
postfix/proto/virtual
View File

@@ -6,20 +6,21 @@
# SYNOPSIS
# \fBpostmap /etc/postfix/virtual\fR
# DESCRIPTION
# The optional \fBvirtual\fR table specifies redirections for local
# and non-local recipients or domains. The redirections are used by
# the \fBcleanup\fR(8) daemon. The redirections are recursive.
# The optional \fBvirtual\fR table specifies address redirections for
# local and non-local recipients or domains. The redirections are used
# by the \fBcleanup\fR(8) daemon. The redirections are recursive.
#
# The \fBvirtual\fR redirection is applied only to the recipient
# envelope address, and does not affect message headers.
# The \fBvirtual\fR redirection is applied only to recipient
# envelope addresses, and does not affect message headers.
# Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
# mapping to rewrite header and envelope addresses in general.
#
# Normally, the file serves as input to the \fBpostmap\fR(1) command.
# Normally, the \fBvirtual\fR table is specified as a text file that
# serves as input to the \fBpostmap\fR(1) command.
# The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
# is used for fast searching by the mail system. Execute the command
# \fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
# file after changing the virtual table.
# file after changing the text file.
#
# When the table is provided via other means such as NIS, LDAP
# or SQL, the same lookups are done as for ordinary indexed files.
@@ -27,11 +28,22 @@
# Alternatively, the table can be provided as a regular-expression
# map where patterns are given as regular expressions. In that case,
# the lookups are done in a slightly different way as described below.
# TABLE FORMAT
# POSTFIX-STYLE VIRTUAL DOMAINS
# .ad
# .fi
# Typical support for a virtual domain looks like the following:
# With a Postfix-style virtual domain, the virtual domain has its
# own user name space. Local (i.e. non-virtual) usernames are not
# visible in a Postfix-style virtual domain. In particular, local
# \fBaliases\fR(5) and mailing lists are not visible in a
# Postfix-style virtual domain.
#
# Use a Sendmail-style virtual domain (see below) if local usernames,
# \fBaliases\fR(5) or mailing lists should be visible in that virtual
# domain.
#
# Support for a Postfix-style virtual domain looks like:
# .sp
# /etc/postfix/virtual:
# .in +4
# .nf
# \fIvirtual.domain anything\fR (right-hand content does not matter)
@@ -41,9 +53,62 @@
# .fi
# .in -4
#
# With this, the SMTP server accepts mail for \fIvirtual.domain\fR and
# rejects mail for \fIunknown\fR@\fIvirtual.domain\fR as undeliverable.
# The \fIvirtual.domain anything\fR entry is required for a
# Postfix-style virtual domain.
#
# Do not list the virtual domain in the \fBmain.cf mydestination\fR
# configuration parameter. Such an entry is required only for a
# Sendmail-style virtual domain.
#
# With a Postfix-style virtual domain, the Postfix SMTP server
# accepts mail for \fIknown-user@virtual.domain\fR and rejects
# mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
# SENDMAIL-STYLE VIRTUAL DOMAINS
# .ad
# .fi
# With a Sendmail-style virtual domain, every local (i.e. non-virtual)
# username is visible in the virtual domain. In particular, every
# local alias and mailing list is visible in a Sendmail-style virtual
# domain.
#
# Use a Postfix-style virtual domain (see above) if local usernames,
# \fBaliases\fR(5) or mailing lists should not be visible in that
# virtual domain.
#
# Support for a Sendmail-style virtual domain looks like:
# .sp
# /etc/postfix/main.cf:
# .in +4
# .nf
# mydestination = $myhostname localhost.$mydomain $mydomain
# .ti +4
# \fIvirtual.domain\fR
# .fi
# .in -4
# .sp
# /etc/postfix/virtual:
# .in +4
# .nf
# \fIuser1@virtual.domain address1\fR
# \fIuser2@virtual.domain address2, address3\fR
# .fi
# .in -4
#
# The \fBmain.cf mydestination\fR entry is required for a Sendmail-style
# virtual domain.
#
# Do not specify a \fIvirtual.domain whatever\fR entry in the
# virtual table. Such an entry is required only with a
# Postfix-style virtual domain.
#
# With a Sendmail-style virtual domain, the Postfix local delivery
# agent delivers mail for an unknown \fIuser\fR@\fIvirtual.domain\fR
# to a local (i.e. non-virtual) user that has the same name; if no
# such recipient exists, the Postfix local delivery agent bounces the
# mail to the sender.
# TABLE FORMAT
# .ad
# .fi
# The format of the virtual table is as follows, mappings being
# tried in the order as listed in this manual page:
# .IP "blanks and comments"

2
postfix/src/global/mail_version.h
View File

@@ -15,7 +15,7 @@
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "Snapshot-20001109"
#define DEF_MAIL_VERSION "Snapshot-20001118"
extern char *var_mail_version;
/* LICENSE

3
postfix/src/local/local.c
View File

@@ -256,6 +256,9 @@
/* .fi
/* .IP \fBalias_maps\fR
/* List of alias databases.
/* .IP \fBbiff\fR
/* Enable or disable notification of new mail via the
/* \fBcomsat\fR network service.
/* .IP \fBexpand_owner_alias\fR
/* When delivering to an alias that has an owner- companion alias,
/* set the envelope sender address to the right-hand side of the

3
postfix/src/local/recipient.c
View File

@@ -177,9 +177,8 @@ static int deliver_switch(LOCAL_STATE state, USER_ATTR usr_attr)
* $HOME/.forward file, then mailbox delivery. Back off when the user's
* home directory does not exist.
*/
if ((mypwd = mypwnam(state.msg_attr.user)) == 0)
return (deliver_unknown(state, usr_attr));
if (var_stat_home_dir
&& (mypwd = mypwnam(state.msg_attr.user)) != 0
&& stat_as(mypwd->pw_dir, &st, mypwd->pw_uid, mypwd->pw_gid) < 0)
return (defer_append(BOUNCE_FLAG_KEEP,
BOUNCE_ATTR(state.msg_attr),

15
postfix/src/master/master.c
View File

@@ -143,6 +143,7 @@
#include <stringops.h>
#include <myflock.h>
#include <watchdog.h>
#include <clean_env.h>
/* Global library. */
@@ -183,6 +184,12 @@ int main(int argc, char **argv)
if (getenv(CONF_ENV_DEBUG))
debug_me = 1;
/*
* Ad-hoc environment filter, to enforce consistent behavior whether
* Postfix is started by hand, or at system boot time.
*/
clean_env();
/*
* Don't die when a process goes away unexpectedly.
*/
@@ -202,12 +209,16 @@ int main(int argc, char **argv)
* Some systems such as AIX have a huge per-process open file limit. In
* those cases, limit the search for potential file descriptor leaks to
* just the first couple hundred.
*
* The Debian post-installation script passes an open file descriptor into
* the master process and waits forever for someone to close it. Because
* of this we have to close descriptors > 2, and pray that doing so does
* not break things.
*/
if (fd_limit > 500)
fd_limit = 500;
for (fd = 3; fd < fd_limit; fd++)
if ((n = fcntl(fd, F_GETFD, 0)) >= 0 && (n & FD_CLOEXEC) == 0)
fcntl(fd, F_SETFD, n | FD_CLOEXEC);
(void) close(fd);
/*
* Initialize logging and exit handler.

7
postfix/src/nqmgr/qmgr_message.c
View File

@@ -51,7 +51,8 @@
/* structure members. A null result means that the file could not be
/* read or that the file contained incorrect information. Recipient
/* limit imposed this time is based on the position of the message
/* job(s) on corresponding transport job list(s).
/* job(s) on corresponding transport job list(s). It's considered
/* an error to call this when the recipient slots can't be allocated.
/*
/* qmgr_message_free() destroys an in-core message structure and makes
/* the resources available for reuse. It is an error to destroy
@@ -288,7 +289,7 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
/*
* If we re-open this file, skip over on-file recipient records that we
* already looked at, and reset the in-core recipient address list.
* already looked at, and refill the in-core recipient address list.
*
* For the first time, the message recipient limit is calculated from the
* global recipient limit. This is to avoid reading little recipients
@@ -302,6 +303,8 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
if (message->rcpt_offset) {
if (message->rcpt_list.len)
msg_panic("%s: recipient list not empty on recipient reload", message->queue_id);
if (message->rcpt_limit <= message->rcpt_count)
msg_panic("%s: no recipient slots available", message->queue_id);
if (vstream_fseek(message->fp, message->rcpt_offset, SEEK_SET) < 0)
msg_fatal("seek file %s: %m", VSTREAM_PATH(message->fp));
message->rcpt_offset = 0;

4
postfix/src/nqmgr/qmgr_peer.c
View File

@@ -116,7 +116,9 @@ QMGR_PEER *qmgr_peer_select(QMGR_JOB *job)
if (queue->window > queue->busy_refcount && peer->entry_list.next != 0) {
QMGR_LIST_ROTATE(job->peer_list, peer, peers);
if (msg_verbose)
msg_info("qmgr_peer_select: %s %s", job->message->queue_id, queue->name);
msg_info("qmgr_peer_select: %s %s %s (%d of %d)",
job->message->queue_id, queue->transport->name, queue->name,
queue->busy_refcount + 1, queue->window);
return (peer);
}
}

5
postfix/src/nqmgr/qmgr_queue.c
View File

@@ -141,11 +141,12 @@ void qmgr_queue_unthrottle(QMGR_QUEUE *queue)
/*
* Increase the destination's concurrency limit until we reach the
* transport's concurrency limit.
* transport's concurrency limit. Allow for a margin the size of the
* initial destination concurrency, so that we're not too gentle.
*/
if (transport->dest_concurrency_limit == 0
|| transport->dest_concurrency_limit > queue->window)
if (queue->window <= queue->busy_refcount)
if (queue->window <= queue->busy_refcount + transport->init_dest_concurrency)
queue->window++;
}

5
postfix/src/qmgr/qmgr_queue.c
View File

@@ -143,11 +143,12 @@ void qmgr_queue_unthrottle(QMGR_QUEUE *queue)
/*
* Increase the destination's concurrency limit until we reach the
* transport's concurrency limit.
* transport's concurrency limit. Allow for a margin the size of the
* initial destination concurrency, so that we're not too gentle.
*/
if (transport->dest_concurrency_limit == 0
|| transport->dest_concurrency_limit > queue->window)
if (queue->window <= queue->busy_refcount)
if (queue->window <= queue->busy_refcount + transport->init_dest_concurrency)
queue->window++;
}

6
postfix/src/sendmail/sendmail.c
View File

@@ -59,6 +59,8 @@
/* .IP "\fB-F \fIfull_name\fR
/* Set the sender full name. This is used only with messages that
/* have no \fBFrom:\fR message header.
/* .IP "\fB-G\fR (ignored)"
/* Gateway (relay) submission, as opposed to initial user submission.
/* .IP \fB-I\fR
/* Initialize alias database. See the \fBnewaliases\fR
/* command above.
@@ -791,7 +793,7 @@ int main(int argc, char **argv)
optind++;
continue;
}
if ((c = GETOPT(argc, argv, "B:C:F:IN:R:UX:b:ce:f:h:imno:p:r:q:tvx")) <= 0)
if ((c = GETOPT(argc, argv, "B:C:F:GIN:R:UX:b:ce:f:h:imno:p:r:q:tvx")) <= 0)
break;
switch (c) {
default:
@@ -805,6 +807,8 @@ int main(int argc, char **argv)
case 'F': /* full name */
full_name = optarg;
break;
case 'G': /* gateway submission */
break;
case 'I': /* newaliases */
mode = SM_MODE_NEWALIAS;
break;

13
postfix/src/smtpd/smtpd.c
View File

@@ -124,6 +124,9 @@
/* .IP \fBsmtpd_timeout\fR
/* Limit the time to send a server response and to receive a client
/* request.
/* .IP \fBsoft_bounce\fR
/* Change hard (5xx) reject responses into soft (4xx) reject responses.
/* This can be useful for testing purposes.
/* .SH "Resource controls"
/* .ad
/* .fi
@@ -861,6 +864,9 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
* XXX Force an empty record when the queue file content begins with
* whitespace, so that it won't be considered as being part of our own
* Received: header. What an ugly Kluge.
*
* XXX Deal with UNIX-style From_ lines at the start of message content
* because sendmail permits it.
*/
if (vstream_fflush(state->cleanup))
state->err = CLEANUP_STAT_WRITE;
@@ -873,11 +879,14 @@ static int data_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
start = vstring_str(state->buffer);
len = VSTRING_LEN(state->buffer);
if (first) {
if (strncmp(start + strspn(start, ">"), "From ", 5) == 0) {
rec_fprintf(state->cleanup, curr_rec_type,
"Mbox-Line: %s", start);
continue;
}
first = 0;
if (len > 0 && ISSPACE(start[0]))
rec_put(state->cleanup, REC_TYPE_NORM, "", 0);
else if (strncmp(start + strspn(start, ">"), "From ", 5) == 0)
continue;
}
if (prev_rec_type != REC_TYPE_CONT
&& *start == '.' && (++start, --len) == 0)

4
postfix/src/smtpd/smtpd_chat.c
View File

@@ -28,6 +28,8 @@
/*
/* smtpd_chat_reply() formats a server reply, sends it to the
/* client, and appends a copy to the SMTP transaction log.
/* When soft_bounce is enabled, all 5xx (reject) reponses are
/* replaced by 4xx (try again).
/*
/* smtpd_chat_notify() sends a copy of the SMTP transaction log
/* to the postmaster for review. The postmaster notice is sent only
@@ -138,6 +140,8 @@ void smtpd_chat_reply(SMTPD_STATE *state, char *format,...)
va_start(ap, format);
vstring_vsprintf(state->buffer, format, ap);
va_end(ap);
if (var_soft_bounce && STR(state->buffer)[0] == '5')
STR(state->buffer)[0] = '4';
smtp_chat_append(state, "Out: ");
if (msg_verbose)

75
postfix/src/smtpd/smtpd_check.c
View File

@@ -1956,52 +1956,45 @@ char *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
if (!resolve_local(domain))
SMTPD_CHECK_RCPT_RETURN(0);
/*
* Reject mail to unknown addresses in domains that match $mydestination
* or $inet_interfaces (Postfix local). Reject mail to unknown addresses
* in Postfix virtual domains (Postfix virtual). Accept mail to other
* domains. Toss any extension information found by the lookup routines.
*/
#define NOP ((char **) 0)
#define NOMATCH(map, rcpt) \
(mail_addr_find(map, rcpt, (char **) 0) == 0 && dict_errno == 0)
if (resolve_local(domain)) {
if (*var_virtual_maps
&& maps_find(virtual_maps, domain, 0)) {
msg_warn("virtual domain \"%s\" is listed in $mydestination",
domain);
msg_warn("the $local_recipient_maps feature requires that no");
msg_warn("virtual domains are listed in $mydestination");
msg_warn("be sure to specify the required \"%s whatever\"",
domain);
msg_warn("entry in the virtual map, as explained in the man");
msg_warn("page and in the FAQ entry for virtual domains");
SMTPD_CHECK_RCPT_RETURN(0);
}
dict_errno = 0;
if (*var_local_rcpt_maps
&& !mail_addr_find(rcpt_canon_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(canonical_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(relocated_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(local_rcpt_maps, STR(reply.recipient), NOP)) {
/*
* Reject mail to unknown addresses in Postfix-style virtual domains.
*/
if (*var_virtual_maps && maps_find(virtual_maps, domain, 0)) {
if (NOMATCH(rcpt_canon_maps, STR(reply.recipient))
&& NOMATCH(canonical_maps, STR(reply.recipient))
&& NOMATCH(relocated_maps, STR(reply.recipient))
&& NOMATCH(virtual_maps, STR(reply.recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown",
dict_errno ? 450 : 550, recipient);
SMTPD_CHECK_RCPT_RETURN(STR(error_text));
}
} else {
dict_errno = 0;
if (*var_virtual_maps
&& !mail_addr_find(rcpt_canon_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(canonical_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(relocated_maps, STR(reply.recipient), NOP)
&& !mail_addr_find(virtual_maps, STR(reply.recipient), NOP)
&& maps_find(virtual_maps, domain, 0)) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown",
dict_errno ? 450 : 550, recipient);
"%d <%s>: User unknown", 550, recipient);
SMTPD_CHECK_RCPT_RETURN(STR(error_text));
}
}
/*
* Reject mail to unknown addresses in local domains (domains that match
* $mydestination or $inet_interfaces). Accept mail for addresses in
* Sendmail-style virtual domains.
*/
if (*var_local_rcpt_maps && resolve_local(domain)) {
if (NOMATCH(relocated_maps, STR(reply.recipient))
&& NOMATCH(rcpt_canon_maps, STR(reply.recipient))
&& NOMATCH(canonical_maps, STR(reply.recipient))
&& NOMATCH(relocated_maps, STR(reply.recipient))
&& NOMATCH(virtual_maps, STR(reply.recipient))
&& NOMATCH(local_rcpt_maps, STR(reply.recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
SMTPD_CHECK_RCPT_RETURN(STR(error_text));
}
}
/*
* Accept all other addresses - including addresses that passed the above
* tests because of some table lookup problem.
*/
SMTPD_CHECK_RCPT_RETURN(0);
}

4
postfix/src/smtpd/smtpd_check.ref
View File

@@ -47,6 +47,8 @@ OK
>>> client foo 123.123.123.123
OK
>>> helo foo.
./smtpd_check: warning: valid_hostname: misplaced delimiter: foo.
./smtpd_check: warning: valid_hostname: misplaced delimiter: foo.
./smtpd_check: reject: HELO from foo[123.123.123.123]: 450 <foo.>: Helo command rejected: Host not found
450 <foo.>: Helo command rejected: Host not found
>>> helo foo
@@ -65,6 +67,8 @@ OK
OK
>>> helo 123.123.123.123
./smtpd_check: warning: valid_hostname: numeric hostname: 123.123.123.123
./smtpd_check: warning: valid_hostname: numeric hostname: 123.123.123.123
./smtpd_check: warning: valid_hostname: numeric hostname: 123.123.123.123
./smtpd_check: reject: HELO from foo[123.123.123.123]: 450 <123.123.123.123>: Helo command rejected: Host not found
450 <123.123.123.123>: Helo command rejected: Host not found
>>> helo_restrictions permit_naked_ip_address,reject_invalid_hostname,reject_unknown_hostname

2
postfix/src/smtpd/smtpd_check.ref2
View File

@@ -47,6 +47,8 @@ OK
>>> client foo 123.123.123.123
OK
>>> helo foo.
./smtpd_check: warning: valid_hostname: misplaced delimiter: foo.
./smtpd_check: warning: valid_hostname: misplaced delimiter: foo.
./smtpd_check: reject: HELO from foo[123.123.123.123]: 450 <foo.>: Helo command rejected: Host not found
450 <foo.>: Helo command rejected: Host not found
>>> helo foo

8
postfix/src/util/clean_env.c
View File

@@ -38,6 +38,8 @@
void clean_env(void)
{
char *TZ;
char *DISPLAY;
char *XAUTHORITY;
extern char **environ;
/*
@@ -45,6 +47,8 @@ void clean_env(void)
* configurable.
*/
TZ = getenv("TZ");
DISPLAY = getenv("DISPLAY");
XAUTHORITY = getenv("XAUTHORITY");
/*
* Truncate the process environment, if available. On some systems
@@ -58,6 +62,10 @@ void clean_env(void)
*/
if (TZ && setenv("TZ", TZ, 1))
msg_fatal("setenv: %m");
if (DISPLAY && setenv("DISPLAY", DISPLAY, 1))
msg_fatal("setenv: %m");
if (XAUTHORITY && setenv("XAUTHORITY", XAUTHORITY, 1))
msg_fatal("setenv: %m");
/*
* Update the process environment with configurable initial values.

6
postfix/src/util/dict_ldap.c
View File

@@ -676,15 +676,17 @@ DICT *dict_ldap_open(const char *ldapsource, int dummy, int dict_flags)
domainlist =
mystrdup((char *) get_mail_conf_str(vstring_str(config_param),
"", 0, 0));
if (domainlist) {
if (*domainlist) {
dict_ldap->domain = match_list_init(domainlist, 1, match_string);
if (dict_ldap->domain == NULL)
msg_warn("%s: domain match list creation using \"%s\" failed, will continue without it", myname, domainlist);
if (msg_verbose)
msg_info("%s: domain list created using \"%s\"", myname,
domainlist);
myfree(domainlist);
} else {
dict_ldap->domain = NULL;
}
myfree(domainlist);
/*
* get configured value of "ldapsource_timeout"; default to 10 seconds