postfix-3.9-20230529

2025-08-22 18:07:41 +00:00 · 2023-05-29 00:00:00 -05:00 · 2023-05-29 00:00:00 -05:00 · 96a97d3bdd
commit 96a97d3bdd
parent 20413638d5
22 changed files with 266 additions and 175 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -27210,7 +27210,7 @@ Apologies for any names omitted.

 20230523

-	Cleanup: use TLS_CLIENT_PARAMS to pass the OpensSSL 'init'
+	Cleanup: use TLS_CLIENT_PARAMS to pass the OpenSSL 'init'
 	configuration settings. These are global, i.e. apply to all
 	client TLS contexts, and they do not belong in tls_client_init()
 	or tls_client_start() calls. The tlsproxy(8) server uses
@ -27229,3 +27229,20 @@ Apologies for any names omitted.
 	and tls_config_name configuration parameters. Files:
 	smtp/smtp.c, smtpd/smtpd.c, tls/tls_client.c, tls/tls.h,
 	tls/tls_server.c, tlsproxy/tlsproxy.c,
+
+20230526
+
+	Documentation: clarified address class descriptions; added
+	the availability of back-ported OpenSSL INI file support
+	in stable releases. Files: proto/ADDRESS_CLASS_README.html,
+	proto/postconf.proto smtp/smtp.c, smtpd/smtpd.c,
+	tlsproxy/tlsproxy.c.
+
+	Security: in the Postfix SMTP daemon, improved pipelining
+	detection and reporting; and detect illegal command pipelining
+	before the server greeting. File: smtpd/smtpd.c.
+
+20230529
+
+	Cleanup: error handling for OpenSSL INI file support. Viktor
+	Dukhovni. Files: proto/postconf.proto, tls/tls_misc.c.
--- a/postfix/README_FILES/ADDRESS_CLASS_README
+++ b/postfix/README_FILES/ADDRESS_CLASS_README
@ -25,18 +25,23 @@ important for the operation of Postfix.

 An address class is defined by three items.

-  * The list of domains that are a member of that address class: for example,
-    all local domains, or all relay domains.
+  * The list of domains that are a member of that address class.

-  * The default delivery transport for that address class. For example, the
-    local, virtual or relay delivery transport (delivery transports are defined
-    in master.cf). This helps to keep Postfix configurations simple, by
-    avoiding the need for explicit routing information in transport maps.
+    Examples: all local domains, or all relay domains.

-  * The list of valid recipient addresses for that address class. The Postfix
-    SMTP server rejects invalid recipients with "User unknown in <name of
-    address class here> table". This helps to keep the Postfix queue free of
-    undeliverable MAILER-DAEMON messages.
+  * The default delivery transport for domains in that address class.
+
+    Examples: local_transport or relay_transport (these point to services
+    defined in master.cf).
+
+    Benefit: this avoids the need for explicit routing information in transport
+    maps.
+
+  * The list of valid recipient addresses for that address class.
+
+    Benefit: the Postfix SMTP server rejects an invalid recipient with "User
+    unknown in <name of address class> table", and avoids sending a MAILER-
+    DAEMON message with backscatter spam.

 WWhhaatt aaddddrreessss ccllaasssseess ddooeess PPoossttffiixx iimmpplleemmeenntt??

@ -56,11 +61,11 @@ The local domain class.
    also includes mail for user@[ipaddress] when the IP address is listed with
    the inet_interfaces or proxy_interfaces parameters.

-  * Valid recipient addresses are listed with the local_recipient_maps
-    parameter, as described in LOCAL_RECIPIENT_README. The Postfix SMTP server
-    rejects invalid recipients with "User unknown in local recipient table". If
-    the local_recipient_maps parameter value is empty, then the Postfix SMTP
-    server accepts any address in the local domain class.
+  * Valid recipient addresses for those domains are listed with the
+    local_recipient_maps parameter, as described in LOCAL_RECIPIENT_README. The
+    Postfix SMTP server rejects invalid recipients with "User unknown in local
+    recipient table". If the local_recipient_maps parameter value is empty,
+    then the Postfix SMTP server accepts any address in the local domain class.

  * The mail delivery transport is specified with the local_transport
    parameter. The default value is llooccaall::$$mmyyhhoossttnnaammee for delivery with the
@ -69,20 +74,23 @@ The local domain class.
 The virtual alias domain class.

  * Purpose: hosted domains where each recipient address is aliased to an
-    address in a different domain, for example, a local UNIX system account or
-    a remote address. A virtual alias example is given in the VIRTUAL_README
-    file.
+    address in a different domain class, for example, a local UNIX system
+    account or a remote address. A virtual alias example is given in the
+    VIRTUAL_README file.

  * Domain names are listed in virtual_alias_domains. The default value is
    $virtual_alias_maps for Postfix 1.1 compatibility.

-  * Valid recipient addresses are listed with the virtual_alias_maps parameter.
-    The Postfix SMTP server rejects invalid recipients with "User unknown in
-    virtual alias table". The default value is $virtual_maps for Postfix 1.1
-    compatibility.
+  * Valid recipient addresses for those domains are listed with the
+    virtual_alias_maps parameter. The Postfix SMTP server rejects invalid
+    recipients with "User unknown in virtual alias table". The default value is
+    $virtual_maps for Postfix 1.1 compatibility.

-  * There is no mail delivery transport parameter. Every address must be
-    aliased to an address in some other domain.
+        Note: for historical reasons, virtual_alias_maps apply to recipients in
+        all domain classes, not only the virtual alias domain class.
+
+  * There is no configurable mail delivery transport. Every address must be
+    aliased to an address in some other domain class.

 The virtual mailbox domain class.

@ -93,11 +101,11 @@ The virtual mailbox domain class.
  * Domain names are listed with the virtual_mailbox_domains parameter. The
    default value is $virtual_mailbox_maps for Postfix 1.1 compatibility.

-  * Valid recipient addresses are listed with the virtual_mailbox_maps
-    parameter. The Postfix SMTP server rejects invalid recipients with "User
-    unknown in virtual mailbox table". If this parameter value is empty, the
-    Postfix SMTP server accepts all recipients for domains listed in
-    $virtual_mailbox_domains.
+  * Valid recipient addresses for those domains are listed with the
+    virtual_mailbox_maps parameter. The Postfix SMTP server rejects invalid
+    recipients with "User unknown in virtual mailbox table". If this parameter
+    value is empty, the Postfix SMTP server accepts all recipients for domains
+    listed in $virtual_mailbox_domains.

  * The mail delivery transport is specified with the virtual_transport
    parameter. The default value is vviirrttuuaall for delivery with the virtual(8)
@ -113,11 +121,11 @@ The relay domain class.

  * Domain names are listed with the relay_domains parameter.

-  * Valid recipient addresses are listed with the relay_recipient_maps
-    parameter. The Postfix SMTP server rejects invalid recipients with "User
-    unknown in relay recipient table". If this parameter value is empty, the
-    Postfix SMTP server accepts all recipients for domains listed with the
-    relay_domains parameter.
+  * Valid recipient addresses for those domains are listed with the
+    relay_recipient_maps parameter. The Postfix SMTP server rejects invalid
+    recipients with "User unknown in relay recipient table". If this parameter
+    value is empty, the Postfix SMTP server accepts all recipients for domains
+    listed with the relay_domains parameter.

  * The mail delivery transport is specified with the relay_transport
    parameter. The default value is rreellaayy which is a clone of the smtp(8)
--- a/postfix/html/ADDRESS_CLASS_README.html
+++ b/postfix/html/ADDRESS_CLASS_README.html
@ -52,20 +52,25 @@ address classes are very important for the operation of Postfix. </p>
 <ul>

 <li> <p> The list of domains that are a member of that address
-class: for example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
+class. </p>

-<li> <p> The default delivery transport for that address class. For
-example, the local,
-virtual or relay delivery transport (delivery transports are defined
-in <a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations simple,
-by avoiding the need for explicit routing information in transport
-maps. </p>
+<p> Examples: all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
+
+<li> <p> The default delivery transport for domains in that address
+class. </p>
+
+<p> Examples: <a href="postconf.5.html#local_transport">local_transport</a> or <a href="postconf.5.html#relay_transport">relay_transport</a> (these point
+to services defined in <a href="master.5.html">master.cf</a>). </p>
+
+<p> Benefit: this avoids the need for explicit routing information
+in transport maps. </p>

 <li> <p> The list of valid recipient addresses for that address
-class. The Postfix SMTP server rejects invalid recipients with
-"User unknown in &lt;name of address class here&gt; table".  This
-helps to keep the Postfix queue free of undeliverable MAILER-DAEMON
-messages. </p>
+class. </p>
+
+<p> Benefit: the Postfix SMTP server rejects an invalid recipient
+with "User unknown in &lt;name of address class&gt; table", and
+avoids sending a MAILER-DAEMON message with backscatter spam. </p>

 </ul>

@ -92,12 +97,12 @@ This domain class also includes mail for <i>user@[ipaddress]</i>
 when the IP address is listed with the <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
 <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> parameters. </p>

-<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>
-parameter, as described in <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a>. The Postfix SMTP
-server rejects invalid recipients with "User unknown in local
-recipient table". If the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> parameter value is
-empty, then the Postfix SMTP server accepts any address in the
-<a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> class. </p>
+<li> <p> Valid recipient addresses for those domains are
+listed with the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> parameter, as described in
+<a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a>. The Postfix SMTP server rejects invalid recipients
+with "User unknown in local recipient table". If the <a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>
+parameter value is empty, then the Postfix SMTP server accepts any
+address in the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> class. </p>

 <li> <p> The mail delivery transport is specified with the
 <a href="postconf.5.html#local_transport">local_transport</a> parameter. The default value is <b><a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a></b>
@ -111,21 +116,25 @@ class. </p>
 <ul>

 <li> <p> Purpose: <a href="VIRTUAL_README.html#canonical">hosted domains</a> where each recipient address is
-aliased to an address in a different domain, for example, a local
-UNIX system account or a remote address.  A
+aliased to an address in a different domain class, for example, a
+local UNIX system account or a remote address. A
 <a href="VIRTUAL_README.html#virtual_alias">virtual alias example</a> is given in the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>

 <li> <p> Domain names are listed in <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>. The
 default value is $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> for Postfix 1.1 compatibility.
 </p>

-<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in virtual alias table".  The default value is
-$<a href="postconf.5.html#virtual_maps">virtual_maps</a> for Postfix 1.1 compatibility. </p>
+<li> <p> Valid recipient addresses for those domains are listed with the
+<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> parameter. The Postfix SMTP server rejects invalid
+recipients with "User unknown in virtual alias table". The default
+value is $<a href="postconf.5.html#virtual_maps">virtual_maps</a> for Postfix 1.1 compatibility. </p>

-<li> <p> There is no mail delivery transport parameter. Every
-address must be aliased to an address in some other domain. </p>
+<blockquote ><p> Note: for historical reasons, <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>
+apply to recipients in all domain classes, not only the virtual
+alias domain class. </p> </blockquote>
+
+<li> <p> There is no configurable mail delivery transport. Every
+address must be aliased to an address in some other domain class. </p>

 </ul>

@ -143,11 +152,12 @@ given in the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
 parameter. The default value is $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> for Postfix
 1.1 compatibility. </p>

-<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in virtual mailbox table". If this parameter value
-is empty, the Postfix SMTP server accepts all recipients for domains
-listed in $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.  </p>
+<li> <p> Valid recipient addresses for those domains are listed
+with the <a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> parameter. The Postfix SMTP server
+rejects invalid recipients with "User unknown in virtual mailbox
+table". If this parameter value is empty, the Postfix SMTP server
+accepts all recipients for domains listed in $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+</p>

 <li> <p> The mail delivery transport is specified with the
 <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter. The default value is <b>virtual</b>
@ -169,11 +179,12 @@ file. </p>
 <li> <p> Domain names are listed with the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter.
 </p>

-<li> <p> Valid recipient addresses are listed with the <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in relay recipient table". If this parameter value
-is empty, the Postfix SMTP server accepts all recipients for domains
-listed with the <a href="postconf.5.html#relay_domains">relay_domains</a> parameter. </p>
+<li> <p> Valid recipient addresses for those domains are listed
+with the <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> parameter. The Postfix SMTP server
+rejects invalid recipients with "User unknown in relay recipient
+table". If this parameter value is empty, the Postfix SMTP server
+accepts all recipients for domains listed with the <a href="postconf.5.html#relay_domains">relay_domains</a>
+parameter. </p>

 <li> <p> The mail delivery transport is specified with the
 <a href="postconf.5.html#relay_transport">relay_transport</a> parameter. The default value is <b>relay</b> which
--- a/postfix/html/lmtp.8.html
+++ b/postfix/html/lmtp.8.html
@ -715,7 +715,7 @@ SMTP(8)                                                                SMTP(8)
              (FFDHE) key exchange groups supported by the Postfix SMTP client
              and server.

-       Available in Postfix version 3.9 and later:
+       Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:

       <b><a href="postconf.5.html#tls_config_file">tls_config_file</a> (default)</b>
              Optional configuration file with baseline OpenSSL settings.
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@ -19297,11 +19297,10 @@ the default "openssl_conf" name. </dd>

 </dl>

-<p> Failures in processing of the built-in default configuration
-file, are silently ignored with OpenSSL prior to 1.1.1b.  With later
-OpenSSL releases, any errors in loading either the default or custom
-configuration file are detected by Postfix, and cause TLS support to
-be disabled.  </p>
+<p> Failures in processing of the built-in default configuration file,
+are silently ignored.  Any errors in loading a non-default configuration
+file are detected by Postfix, and cause TLS support to be disabled.
+</p>

 <p> The OpenSSL configuration file format is not documented here,
 beyond giving two examples. <p>
@ -19349,7 +19348,8 @@ MinProtocol = TLSv1
 </pre>
 </blockquote>

-<p> This feature is available in Postfix &ge; 3.9. </p>
+<p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
+3.6.10, and 3.5.20. </p>


 </DD>
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@ -715,7 +715,7 @@ SMTP(8)                                                                SMTP(8)
              (FFDHE) key exchange groups supported by the Postfix SMTP client
              and server.

-       Available in Postfix version 3.9 and later:
+       Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:

       <b><a href="postconf.5.html#tls_config_file">tls_config_file</a> (default)</b>
              Optional configuration file with baseline OpenSSL settings.
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@ -639,7 +639,7 @@ SMTPD(8)                                                              SMTPD(8)
              (FFDHE) key exchange groups supported by the Postfix SMTP client
              and server.

-       Available in Postfix version 3.9 and later:
+       Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:

       <b><a href="postconf.5.html#tls_config_file">tls_config_file</a> (default)</b>
              Optional configuration file with baseline OpenSSL settings.
--- a/postfix/html/tlsproxy.8.html
+++ b/postfix/html/tlsproxy.8.html
@ -160,7 +160,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
              (FFDHE) key exchange groups supported by the Postfix SMTP client
              and server.

-       Available in Postfix version 3.9 and later:
+       Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:

       <b><a href="postconf.5.html#tls_config_file">tls_config_file</a> (default)</b>
              Optional configuration file with baseline OpenSSL settings.
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@ -13668,11 +13668,9 @@ the default "openssl_conf" name.
 .br
 .br
 .PP
-Failures in processing of the built\-in default configuration
-file, are silently ignored with OpenSSL prior to 1.1.1b.  With later
-OpenSSL releases, any errors in loading either the default or custom
-configuration file are detected by Postfix, and cause TLS support to
-be disabled.
+Failures in processing of the built\-in default configuration file,
+are silently ignored.  Any errors in loading a non\-default configuration
+file are detected by Postfix, and cause TLS support to be disabled.
 .PP
 The OpenSSL configuration file format is not documented here,
 beyond giving two examples.
@ -13728,7 +13726,8 @@ MinProtocol = TLSv1
 .ft R
 .in -4
 .PP
-This feature is available in Postfix >= 3.9.
+This feature is available in Postfix >= 3.9, 3.8.1, 3.7.6,
+3.6.10, and 3.5.20.
 .SH tls_config_name (default: empty)
 The application name passed by Postfix to OpenSSL library
 initialization functions.  This name is used to select the desired
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@ -641,7 +641,7 @@ The prioritized list of finite\-field Diffie\-Hellman ephemeral
 (FFDHE) key exchange groups supported by the Postfix SMTP client and
 server.
 .PP
-Available in Postfix version 3.9 and later:
+Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 .IP "\fBtls_config_file (default)\fR"
 Optional configuration file with baseline OpenSSL settings.
 .IP "\fBtls_config_name (empty)\fR"
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@ -565,7 +565,7 @@ The prioritized list of finite\-field Diffie\-Hellman ephemeral
 (FFDHE) key exchange groups supported by the Postfix SMTP client and
 server.
 .PP
-Available in Postfix version 3.9 and later:
+Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 .IP "\fBtls_config_file (default)\fR"
 Optional configuration file with baseline OpenSSL settings.
 .IP "\fBtls_config_name (empty)\fR"
--- a/postfix/man/man8/tlsproxy.8
+++ b/postfix/man/man8/tlsproxy.8
@ -159,7 +159,7 @@ The prioritized list of finite\-field Diffie\-Hellman ephemeral
 (FFDHE) key exchange groups supported by the Postfix SMTP client and
 server.
 .PP
-Available in Postfix version 3.9 and later:
+Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 .IP "\fBtls_config_file (default)\fR"
 Optional configuration file with baseline OpenSSL settings.
 .IP "\fBtls_config_name (empty)\fR"
--- a/postfix/proto/ADDRESS_CLASS_README.html
+++ b/postfix/proto/ADDRESS_CLASS_README.html
@ -52,20 +52,25 @@ address classes are very important for the operation of Postfix. </p>
 <ul>

 <li> <p> The list of domains that are a member of that address
-class: for example, all local domains, or all relay domains. </p>
+class. </p>

-<li> <p> The default delivery transport for that address class. For
-example, the local,
-virtual or relay delivery transport (delivery transports are defined
-in master.cf). This helps to keep Postfix configurations simple,
-by avoiding the need for explicit routing information in transport
-maps. </p>
+<p> Examples: all local domains, or all relay domains. </p>
+
+<li> <p> The default delivery transport for domains in that address
+class. </p>
+
+<p> Examples: local_transport or relay_transport (these point
+to services defined in master.cf). </p>
+
+<p> Benefit: this avoids the need for explicit routing information
+in transport maps. </p>

 <li> <p> The list of valid recipient addresses for that address
-class. The Postfix SMTP server rejects invalid recipients with
-"User unknown in &lt;name of address class here&gt; table".  This
-helps to keep the Postfix queue free of undeliverable MAILER-DAEMON
-messages. </p>
+class. </p>
+
+<p> Benefit: the Postfix SMTP server rejects an invalid recipient
+with "User unknown in &lt;name of address class&gt; table", and
+avoids sending a MAILER-DAEMON message with backscatter spam. </p>

 </ul>

@ -92,12 +97,12 @@ This domain class also includes mail for <i>user@[ipaddress]</i>
 when the IP address is listed with the inet_interfaces or
 proxy_interfaces parameters. </p>

-<li> <p> Valid recipient addresses are listed with the local_recipient_maps
-parameter, as described in LOCAL_RECIPIENT_README. The Postfix SMTP
-server rejects invalid recipients with "User unknown in local
-recipient table". If the local_recipient_maps parameter value is
-empty, then the Postfix SMTP server accepts any address in the
-local domain class. </p>
+<li> <p> Valid recipient addresses for those domains are
+listed with the local_recipient_maps parameter, as described in
+LOCAL_RECIPIENT_README. The Postfix SMTP server rejects invalid recipients
+with "User unknown in local recipient table". If the local_recipient_maps
+parameter value is empty, then the Postfix SMTP server accepts any
+address in the local domain class. </p>

 <li> <p> The mail delivery transport is specified with the
 local_transport parameter. The default value is <b>local:$myhostname</b>
@ -111,21 +116,25 @@ class. </p>
 <ul>

 <li> <p> Purpose: hosted domains where each recipient address is
-aliased to an address in a different domain, for example, a local
-UNIX system account or a remote address.  A
+aliased to an address in a different domain class, for example, a
+local UNIX system account or a remote address. A
 virtual alias example is given in the VIRTUAL_README file. </p>

 <li> <p> Domain names are listed in virtual_alias_domains. The
 default value is $virtual_alias_maps for Postfix 1.1 compatibility.
 </p>

-<li> <p> Valid recipient addresses are listed with the virtual_alias_maps
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in virtual alias table".  The default value is
-$virtual_maps for Postfix 1.1 compatibility. </p>
+<li> <p> Valid recipient addresses for those domains are listed with the
+virtual_alias_maps parameter. The Postfix SMTP server rejects invalid
+recipients with "User unknown in virtual alias table". The default
+value is $virtual_maps for Postfix 1.1 compatibility. </p>

-<li> <p> There is no mail delivery transport parameter. Every
-address must be aliased to an address in some other domain. </p>
+<blockquote ><p> Note: for historical reasons, virtual_alias_maps
+apply to recipients in all domain classes, not only the virtual
+alias domain class. </p> </blockquote>
+
+<li> <p> There is no configurable mail delivery transport. Every
+address must be aliased to an address in some other domain class. </p>

 </ul>

@ -143,11 +152,12 @@ given in the VIRTUAL_README file. </p>
 parameter. The default value is $virtual_mailbox_maps for Postfix
 1.1 compatibility. </p>

-<li> <p> Valid recipient addresses are listed with the virtual_mailbox_maps
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in virtual mailbox table". If this parameter value
-is empty, the Postfix SMTP server accepts all recipients for domains
-listed in $virtual_mailbox_domains.  </p>
+<li> <p> Valid recipient addresses for those domains are listed
+with the virtual_mailbox_maps parameter. The Postfix SMTP server
+rejects invalid recipients with "User unknown in virtual mailbox
+table". If this parameter value is empty, the Postfix SMTP server
+accepts all recipients for domains listed in $virtual_mailbox_domains.
+</p>

 <li> <p> The mail delivery transport is specified with the
 virtual_transport parameter. The default value is <b>virtual</b>
@ -169,11 +179,12 @@ file. </p>
 <li> <p> Domain names are listed with the relay_domains parameter.
 </p>

-<li> <p> Valid recipient addresses are listed with the relay_recipient_maps
-parameter. The Postfix SMTP server rejects invalid recipients with
-"User unknown in relay recipient table". If this parameter value
-is empty, the Postfix SMTP server accepts all recipients for domains
-listed with the relay_domains parameter. </p>
+<li> <p> Valid recipient addresses for those domains are listed
+with the relay_recipient_maps parameter. The Postfix SMTP server
+rejects invalid recipients with "User unknown in relay recipient
+table". If this parameter value is empty, the Postfix SMTP server
+accepts all recipients for domains listed with the relay_domains
+parameter. </p>

 <li> <p> The mail delivery transport is specified with the
 relay_transport parameter. The default value is <b>relay</b> which
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@ -18793,11 +18793,10 @@ the default "openssl_conf" name. </dd>

 </dl>

-<p> Failures in processing of the built-in default configuration
-file, are silently ignored with OpenSSL prior to 1.1.1b.  With later
-OpenSSL releases, any errors in loading either the default or custom
-configuration file are detected by Postfix, and cause TLS support to
-be disabled.  </p>
+<p> Failures in processing of the built-in default configuration file,
+are silently ignored.  Any errors in loading a non-default configuration
+file are detected by Postfix, and cause TLS support to be disabled.
+</p>

 <p> The OpenSSL configuration file format is not documented here,
 beyond giving two examples. <p>
@ -18845,4 +18844,5 @@ MinProtocol = TLSv1
 </pre>
 </blockquote>

-<p> This feature is available in Postfix &ge; 3.9. </p>
+<p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
+3.6.10, and 3.5.20. </p>
--- a/postfix/proto/stop.double-history
+++ b/postfix/proto/stop.double-history
@ -12,7 +12,6 @@
 Fix by Viktor Dukhovni Files tls tls h tls tls_dane c 
 Discovered by Benny Pedersen File postscreen postscreen c 
 proto postconf proto src tlsproxy tlsproxy c src smtpd smtpd c 
- proto postconf proto src tlsproxy tlsproxy c src smtpd smtpd c 
 src tls tls h src tls tls_proxy_client_misc c src tls tls_misc c 
 src global mail_params h src smtp smtp c 
 attacks Fix by Viktor Dukhovni Files tls tls h tls_client c 
@ -25,16 +24,13 @@
 arguments Files src dns dns h src dns dns_rr_eq_sa c 
 only a subset of all arguments Files src dns dns h 
 global mail_params h smtp smtp c smtpd smtpd c tls tls_misc c 
- global mail_params h smtp smtp c smtpd smtpd c tls tls_misc c 
 tls tls_proxy_client_scan c tls tls_proxy h tlsproxy tlsproxy c 
 smtp smtp c smtpd smtpd c tls tls_misc c 
- smtp smtp c smtpd smtpd c tls tls_misc c 
 proto  proto SASL_README html proto SQLITE_README html 
 proto postconf proto global mail_params h smtp smtp c 
 smtpd smtpd c tls tls_misc c tls tls_proxy_client_misc c 
 tls tls_proxy h tlsproxy tlsproxy c 
 postfix postfix c postlog postlog c 
- postfix postfix c postlog postlog c 
 util net_mask_top hc smtpd smtpd c smtpd smtpd_peer c 
 util inet_prefix_top hc smtpd smtpd c smtpd smtpd_peer c 
 File smtp smtp h 
@ -43,8 +39,6 @@ proto  proto SASL_README html proto SQLITE_README html
 proto  proto ADDRESS_REWRITING_README html 
 proto postconf proto proto ADDRESS_REWRITING_README html 
 cleanup cleanup c local local c smtpd smtpd c 
- cleanup cleanup c local local c smtpd smtpd c 
- cleanup cleanup c local local c smtpd smtpd c 
 postfix postfix c 
 aliasing Files proto aliases proto virtual postfix postfix c 
 proto  proto aliases proto virtual proto ADDRESS_REWRITING_README html 
@ -53,3 +47,13 @@ proto  proto aliases proto virtual proto ADDRESS_REWRITING_README html
 posttls finger posttls finger c smtp smtp c smtp smtp_proto c 
 tls tls_client c tls tls h tls tls_misc c 
 tls tls_proxy h tls tls_server c tlsproxy tlsproxy c 
+ Cleanup removed some the the instances Files 
+ clients Files posttls finger posttls finger c smtp smtp c 
+ smtp smtp c smtp smtp_proto c tls tls_client c tls tls h 
+ smtp smtp c smtpd smtpd c tls tls_client c tls tls h 
+ smtp smtp_proto c tls tls h tls tls_proxy_client_misc c 
+ tls tls_server c tlsproxy tlsproxy c 
+ tlsproxy tlsproxy c 
+ proto postconf proto smtp smtp c smtpd smtpd c 
+ pipelining before the server greeting File smtpd smtpd c 
+ before the server greeting File smtpd smtpd c 
--- a/postfix/proto/stop.double-proto-html
+++ b/postfix/proto/stop.double-proto-html
@ -250,3 +250,5 @@ initial_ssl_settings  initial_ssl_settings
 postfix_settings  postfix_settings 
 postfix_ssl_settings  postfix_ssl_settings 
 baseline_postfix_settings  baseline_postfix_settings 
+ The and match and literally Without the the
+ The matches literally Without the the would
--- a/postfix/proto/stop.spell-history
+++ b/postfix/proto/stop.spell-history
@ -58,3 +58,4 @@ Piekert
 refactored
 Fumiyasu
 SATOH
+INI
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20230524"
+#define MAIL_RELEASE_DATE	"20230529"
 #define MAIL_VERSION_NUMBER	"3.9"

 #ifdef SNAPSHOT
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@ -607,7 +607,7 @@
 /*	(FFDHE) key exchange groups supported by the Postfix SMTP client and
 /*	server.
 /* .PP
-/*	Available in Postfix version 3.9 and later:
+/*	Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 /* .IP "\fBtls_config_file (default)\fR"
 /*	Optional configuration file with baseline OpenSSL settings.
 /* .IP "\fBtls_config_name (empty)\fR"
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@ -531,7 +531,7 @@
 /*	(FFDHE) key exchange groups supported by the Postfix SMTP client and
 /*	server.
 /* .PP
-/*	Available in Postfix version 3.9 and later:
+/*	Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 /* .IP "\fBtls_config_file (default)\fR"
 /*	Optional configuration file with baseline OpenSSL settings.
 /* .IP "\fBtls_config_name (empty)\fR"
@ -5448,6 +5448,32 @@ static SMTPD_CMD smtpd_cmd_table[] = {
 static STRING_LIST *smtpd_noop_cmds;
 static STRING_LIST *smtpd_forbid_cmds;

+/* smtpd_flag_ill_pipelining - flag pipelining protocol violation */
+
+static int smtpd_flag_ill_pipelining(SMTPD_STATE *state)
+{
+
+    /*
+     * This code will not return after I/O error, timeout, or EOF. VSTREAM
+     * exceptions must be enabled in advance with smtp_stream_setup().
+     */
+    if (vstream_peek(state->client) == 0
+	&& peekfd(vstream_fileno(state->client)) > 0)
+	(void) vstream_ungetc(state->client, smtp_fgetc(state->client));
+    if (vstream_peek(state->client) > 0) {
+	if (state->expand_buf == 0)
+	    state->expand_buf = vstring_alloc(100);
+	escape(state->expand_buf, vstream_peek_data(state->client),
+	       vstream_peek(state->client) < 100 ?
+	       vstream_peek(state->client) : 100);
+	msg_info("improper command pipelining after %s from %s: %s",
+		 state->where, state->namaddr, STR(state->expand_buf));
+	state->flags |= SMTPD_FLAG_ILL_PIPELINING;
+	return (1);
+    }
+    return (0);
+}
+
 /* smtpd_proto - talk the SMTP protocol */

 static void smtpd_proto(SMTPD_STATE *state)
@ -5589,6 +5615,16 @@ static void smtpd_proto(SMTPD_STATE *state)
 	}
 #endif

+	/*
+	 * If the client spoke before the server sends the initial greeting,
+	 * raise a flag and log the content of the protocol violation. This
+	 * check MUST NOT apply to TLS wrappermode connections.
+	 */
+	if (SMTPD_STAND_ALONE(state) == 0
+	    && vstream_context(state->client) == 0	/* not postscreen */
+	    && (state->flags & SMTPD_FLAG_ILL_PIPELINING) == 0)
+	    (void) smtpd_flag_ill_pipelining(state);
+
 	/*
 	 * XXX The client connection count/rate control must be consistent in
 	 * its use of client address information in connect and disconnect
@ -5824,18 +5860,8 @@ static void smtpd_proto(SMTPD_STATE *state)
 	    if (SMTPD_STAND_ALONE(state) == 0
 		&& (strcasecmp(state->protocol, MAIL_PROTO_ESMTP) != 0
 		    || (cmdp->flags & SMTPD_CMD_FLAG_LAST))
-		&& (state->flags & SMTPD_FLAG_ILL_PIPELINING) == 0
-		&& (vstream_peek(state->client) > 0
-		    || peekfd(vstream_fileno(state->client)) > 0)) {
-		if (state->expand_buf == 0)
-		    state->expand_buf = vstring_alloc(100);
-		escape(state->expand_buf, vstream_peek_data(state->client),
-		       vstream_peek(state->client) < 100 ?
-		       vstream_peek(state->client) : 100);
-		msg_info("improper command pipelining after %s from %s: %s",
-			 cmdp->name, state->namaddr, STR(state->expand_buf));
-		state->flags |= SMTPD_FLAG_ILL_PIPELINING;
-	    }
+		&& (state->flags & SMTPD_FLAG_ILL_PIPELINING) == 0)
+		(void) smtpd_flag_ill_pipelining(state);
 	    if (cmdp->action(state, argc, argv) != 0)
 		state->error_count++;
 	    else
--- a/postfix/src/tls/tls_misc.c
+++ b/postfix/src/tls/tls_misc.c
@ -702,7 +702,7 @@ void    tls_param_init(void)

 int     tls_library_init(void)
 {
-    OPENSSL_INIT_SETTINGS *init_settings = 0;
+    OPENSSL_INIT_SETTINGS *init_settings;
    char   *conf_name = *var_tls_cnf_name ? var_tls_cnf_name : 0;
    char   *conf_file = 0;
    unsigned long init_opts = 0;
@ -712,6 +712,10 @@ int     tls_library_init(void)
 		 "disabling TLS support");
 	return (0);
    }
+
+#define TLS_LIB_INIT_RETURN(x) \
+    do { OPENSSL_INIT_free(init_settings); return (x); } while(0)
+
 #if OPENSSL_VERSION_NUMBER < 0x1010102fL

    /*
@ -722,41 +726,49 @@ int     tls_library_init(void)
    if (strcmp(var_tls_cnf_file, "default") != 0) {
 	msg_warn("non-default %s = %s requires OpenSSL 1.1.1b or later, "
 	       "disabling TLS support", VAR_TLS_CNF_FILE, var_tls_cnf_file);
-	return (0);
+	TLS_LIB_INIT_RETURN(0);
    }
 #else
    {
-	unsigned long init_flags = 0;
+	unsigned long file_flags = 0;

 	/*-
 	 * OpenSSL 1.1.1b or later:
-	 * We can now choose a non-default or configuration file, or
+	 * We can now use a non-default configuration file, or
 	 * use none at all.  We can also request strict error
 	 * reporting.
 	 */
-	if (strcmp(var_tls_cnf_file, "default") == 0) {
-	    conf_file = 0;
-	    /* The default global config file is optional */
-	    init_flags |= CONF_MFLAGS_IGNORE_MISSING_FILE;
-	} else if (strcmp(var_tls_cnf_file, "none") == 0) {
+	if (strcmp(var_tls_cnf_file, "none") == 0) {
 	    init_opts |= OPENSSL_INIT_NO_LOAD_CONFIG;
+	} else if (strcmp(var_tls_cnf_file, "default") == 0) {
+
+	    /*
+	     * The default global config file is optional.  With "default"
+	     * initialization we don't insist on a match for the requested
+	     * application name, allowing fallback to the default application
+	     * name, even when a non-default application name is specified.
+	     * Errors in loading the default configuration are ignored.
+	     */
+	    conf_file = 0;
+	    file_flags |= CONF_MFLAGS_IGNORE_MISSING_FILE;
+	    file_flags |= CONF_MFLAGS_DEFAULT_SECTION;
+	    file_flags |= CONF_MFLAGS_IGNORE_RETURN_CODES | CONF_MFLAGS_SILENT;
 	} else if (*var_tls_cnf_file == '/') {
+
+	    /*
+	     * A custom config file must be present, error reporting is
+	     * strict and the configuration section for the requested
+	     * application name does not fall back to "openssl_conf" when
+	     * missing.
+	     */
 	    conf_file = var_tls_cnf_file;
 	} else {
 	    msg_warn("non-default %s = %s is not an absolute pathname, "
 	       "disabling TLS support", VAR_TLS_CNF_FILE, var_tls_cnf_file);
-	    return (0);
+	    TLS_LIB_INIT_RETURN(0);
 	}

-	/*
-	 * By not including CONF_MFLAGS_IGNORE_RETURN_CODES, we get strict
-	 * error reporting.  We don't insist on a match for the requested
-	 * application name, allowing fallback to the default application
-	 * name, even when a non-default application name is specified by
-	 * always setting the CONF_MFLAGS_DEFAULT_SECTION bit.
-	 */
-	init_flags |= CONF_MFLAGS_DEFAULT_SECTION;
-	OPENSSL_INIT_set_config_file_flags(init_settings, init_flags);
+	OPENSSL_INIT_set_config_file_flags(init_settings, file_flags);
    }
 #endif

@ -775,9 +787,9 @@ int     tls_library_init(void)
 	    msg_warn("error initializing the OpenSSL library, "
 		     "disabling TLS support");
 	tls_print_errors();
-	return (0);
+	TLS_LIB_INIT_RETURN(0);
    }
-    return (1);
+    TLS_LIB_INIT_RETURN(1);
 }

 /* tls_pre_jail_init - Load TLS related pre-jail tables */
--- a/postfix/src/tlsproxy/tlsproxy.c
+++ b/postfix/src/tlsproxy/tlsproxy.c
@ -143,7 +143,7 @@
 /*	(FFDHE) key exchange groups supported by the Postfix SMTP client and
 /*	server.
 /* .PP
-/*	Available in Postfix version 3.9 and later:
+/*	Available in Postfix 3.9, 3.8.1, 3.7.6, 3.6.10, 3.5.20 and later:
 /* .IP "\fBtls_config_file (default)\fR"
 /*	Optional configuration file with baseline OpenSSL settings.
 /* .IP "\fBtls_config_name (empty)\fR"