mirror of
https://github.com/vdukhovni/postfix
synced 2025-08-29 05:07:58 +00:00
postfix-3.8-20221228
This commit is contained in:
parent
a5b41e7bef
commit
a10976dc9b
@ -26721,3 +26721,16 @@ Apologies for any names omitted.
|
|||||||
proto/pgsql_table, proto/ldap_table.
|
proto/pgsql_table, proto/ldap_table.
|
||||||
|
|
||||||
Typofixes for changes made 20221207. File: tls/tls_fprint.c.
|
Typofixes for changes made 20221207. File: tls/tls_fprint.c.
|
||||||
|
|
||||||
|
20221228
|
||||||
|
|
||||||
|
Long ago, a committee decided that "grep -E" and "grep -F"
|
||||||
|
are better than "egrep" and "fgrep". This could not be an
|
||||||
|
optimization for ease of use: the new command syntax requires
|
||||||
|
mixed case for common usage, and the new command is longer.
|
||||||
|
To make things better, some implementation now warns when
|
||||||
|
the "obsolete" syntax is used. To address this, all Postfix
|
||||||
|
code and documentation has been converted; a script
|
||||||
|
auxiliary/fix-grep/fix-grep.sh can revert the syntax if you
|
||||||
|
want to build Postfix on an older platform. Files: too many
|
||||||
|
to mention here.
|
||||||
|
@ -829,7 +829,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -879,7 +879,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -919,7 +919,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -1151,7 +1151,7 @@ Hopefully, the number of problems will be small, but it is a good idea to run
|
|||||||
every night before the syslog files are rotated:
|
every night before the syslog files are rotated:
|
||||||
|
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
* The first line (postfix check) causes Postfix to report file permission/
|
* The first line (postfix check) causes Postfix to report file permission/
|
||||||
ownership discrepancies.
|
ownership discrepancies.
|
||||||
|
@ -369,7 +369,7 @@ Hopefully, the number of problems will be small, but it is a good idea to run
|
|||||||
every night before the syslog files are rotated:
|
every night before the syslog files are rotated:
|
||||||
|
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
* The first line (postfix check) causes Postfix to report file permission/
|
* The first line (postfix check) causes Postfix to report file permission/
|
||||||
ownership discrepancies.
|
ownership discrepancies.
|
||||||
|
@ -46,7 +46,7 @@ Postfix logs all failed and successful deliveries to a logfile.
|
|||||||
When Postfix does not receive or deliver mail, the first order of business is
|
When Postfix does not receive or deliver mail, the first order of business is
|
||||||
to look for errors that prevent Postfix from working properly:
|
to look for errors that prevent Postfix from working properly:
|
||||||
|
|
||||||
% eeggrreepp ''((wwaarrnniinngg||eerrrroorr||ffaattaall||ppaanniicc))::'' //ssoommee//lloogg//ffiillee || mmoorree
|
% ggrreepp --EE ''((wwaarrnniinngg||eerrrroorr||ffaattaall||ppaanniicc))::'' //ssoommee//lloogg//ffiillee || mmoorree
|
||||||
|
|
||||||
Note: the most important message is near the BEGINNING of the output. Error
|
Note: the most important message is near the BEGINNING of the output. Error
|
||||||
messages that come later are less useful.
|
messages that come later are less useful.
|
||||||
|
@ -829,7 +829,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -879,7 +879,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -919,7 +919,7 @@ and watch your maillog file for any error messages. The pathname is /var/log/
|
|||||||
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
maillog, /var/log/mail, /var/log/syslog, or something else. Typically, the
|
||||||
pathname is defined in the /etc/syslog.conf file.
|
pathname is defined in the /etc/syslog.conf file.
|
||||||
|
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
Note: the most important error message is logged first. Later messages are not
|
Note: the most important error message is logged first. Later messages are not
|
||||||
as useful.
|
as useful.
|
||||||
@ -1151,7 +1151,7 @@ Hopefully, the number of problems will be small, but it is a good idea to run
|
|||||||
every night before the syslog files are rotated:
|
every night before the syslog files are rotated:
|
||||||
|
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
|
|
||||||
* The first line (postfix check) causes Postfix to report file permission/
|
* The first line (postfix check) causes Postfix to report file permission/
|
||||||
ownership discrepancies.
|
ownership discrepancies.
|
||||||
|
@ -117,25 +117,25 @@ recent messages pertaining to the domains in question.
|
|||||||
# Find deliveries to example.com
|
# Find deliveries to example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': to=<.*@example\.com>,' |
|
grep -E -i ': to=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
|
|
||||||
# Find messages from example.com
|
# Find messages from example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': from=<.*@example\.com>,' |
|
grep -E -i ': from=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
|
|
||||||
You may want to drill in on some specific queue ids:
|
You may want to drill in on some specific queue ids:
|
||||||
|
|
||||||
# Find all messages for a specific queue id.
|
# Find all messages for a specific queue id.
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog | egrep ': 2B2173FF68: '
|
$ tail -10000 /var/log/maillog | grep -E ': 2B2173FF68: '
|
||||||
|
|
||||||
Also look for queue manager warning messages in the log. These warnings can
|
Also look for queue manager warning messages in the log. These warnings can
|
||||||
suggest strategies to reduce congestion.
|
suggest strategies to reduce congestion.
|
||||||
|
|
||||||
$ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
$ grep -E 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
||||||
|
|
||||||
When all else fails try the Postfix mailing list for help, but please don't
|
When all else fails try the Postfix mailing list for help, but please don't
|
||||||
forget to include the top 10 or 20 lines of qshape(1) output.
|
forget to include the top 10 or 20 lines of qshape(1) output.
|
||||||
|
@ -2227,7 +2227,7 @@ If you're willing to revert your settings to the defaults and switch to a
|
|||||||
"stock" opportunistic TLS configuration, then you can: erase all the SMTP
|
"stock" opportunistic TLS configuration, then you can: erase all the SMTP
|
||||||
client TLS settings and then enable client TLS:
|
client TLS settings and then enable client TLS:
|
||||||
|
|
||||||
# postconf -X `postconf -nH | egrep '^smtp(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtp(_|_enforce_|_use_)tls'`
|
||||||
# postfix tls enable-client
|
# postfix tls enable-client
|
||||||
# postfix reload
|
# postfix reload
|
||||||
|
|
||||||
@ -2251,7 +2251,7 @@ If you're willing to revert your settings to the defaults and switch to a
|
|||||||
"stock" server TLS configuration, then you can: erase all the SMTP server TLS
|
"stock" server TLS configuration, then you can: erase all the SMTP server TLS
|
||||||
settings and then enable server TLS:
|
settings and then enable server TLS:
|
||||||
|
|
||||||
# postconf -X `postconf -nH | egrep '^smtpd(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtpd(_|_enforce_|_use_)tls'`
|
||||||
# postfix tls enable-server
|
# postfix tls enable-server
|
||||||
# postfix reload
|
# postfix reload
|
||||||
|
|
||||||
|
@ -44,6 +44,14 @@ Please see https://www.postfix.org/announcements/postfix-3.7.3 for
|
|||||||
instructions to identify falsely flagged messages in the Postfix
|
instructions to identify falsely flagged messages in the Postfix
|
||||||
queue, and what actions may be taken.
|
queue, and what actions may be taken.
|
||||||
|
|
||||||
|
Incompatible changes with snapshot 20221228
|
||||||
|
===========================================
|
||||||
|
|
||||||
|
Postfix documentation and code have been converted to use "grep -E"
|
||||||
|
and "grep -F" instead of the historical forms egrep and fgrep. To
|
||||||
|
build Postfix on a system that supports only the historical forms,
|
||||||
|
run the script auxiliary/fix-grep/fix-grep.sh to revert this change.
|
||||||
|
|
||||||
Incompatible changes with snapshot 20220507
|
Incompatible changes with snapshot 20220507
|
||||||
===========================================
|
===========================================
|
||||||
|
|
||||||
|
11
postfix/auxiliary/fix-grep/fix-grep.sh
Executable file
11
postfix/auxiliary/fix-grep/fix-grep.sh
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
# Fix grep -[EF] for systems that require the historical forms egrep
|
||||||
|
# and fgrep. Run this script in the top-level Postfix directory as
|
||||||
|
# sh auxiliary/fix-grep/fix-grep.sh
|
||||||
|
|
||||||
|
# Use only historical grep syntax.
|
||||||
|
find * -type f | xargs grep -l 'grep -[EF]' | xargs perl -pi -e '
|
||||||
|
s/grep -E/egrep/g;
|
||||||
|
s/grep -F/fgrep/g;
|
||||||
|
'
|
@ -328,7 +328,7 @@ check-warn)
|
|||||||
# Check Postfix mail_owner-owned directory tree owner.
|
# Check Postfix mail_owner-owned directory tree owner.
|
||||||
|
|
||||||
find `ls -d $queue_directory/* | \
|
find `ls -d $queue_directory/* | \
|
||||||
egrep '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
|
grep -E '/(saved|incoming|active|defer|deferred|bounce|hold|trace|corrupt|public|private|flush)$'` \
|
||||||
! \( -type p -o -type s \) ! -user $mail_owner \
|
! \( -type p -o -type s \) ! -user $mail_owner \
|
||||||
-exec $WARN not owned by $mail_owner: {} \;
|
-exec $WARN not owned by $mail_owner: {} \;
|
||||||
|
|
||||||
|
@ -178,9 +178,7 @@
|
|||||||
# .IP "\fBsmtp_tls_loglevel (0)\fR"
|
# .IP "\fBsmtp_tls_loglevel (0)\fR"
|
||||||
# Enable additional Postfix SMTP client logging of TLS activity.
|
# Enable additional Postfix SMTP client logging of TLS activity.
|
||||||
# .IP "\fBsmtp_tls_security_level (empty)\fR"
|
# .IP "\fBsmtp_tls_security_level (empty)\fR"
|
||||||
# The default SMTP TLS security level for the Postfix SMTP client;
|
# The default SMTP TLS security level for the Postfix SMTP client.
|
||||||
# when a non-empty value is specified, this overrides the obsolete
|
|
||||||
# parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
|
|
||||||
# .IP "\fBsmtp_tls_session_cache_database (empty)\fR"
|
# .IP "\fBsmtp_tls_session_cache_database (empty)\fR"
|
||||||
# Name of the file containing the optional Postfix SMTP client
|
# Name of the file containing the optional Postfix SMTP client
|
||||||
# TLS session cache.
|
# TLS session cache.
|
||||||
@ -333,7 +331,7 @@ $postconf -T compile-version | grep . >/dev/null || {
|
|||||||
}
|
}
|
||||||
rsa=
|
rsa=
|
||||||
ecdsa=
|
ecdsa=
|
||||||
for _algo in `$postconf -T public-key-algorithms | egrep '^(rsa|ecdsa)$'`
|
for _algo in `$postconf -T public-key-algorithms | grep -E '^(rsa|ecdsa)$'`
|
||||||
do
|
do
|
||||||
eval $_algo=$_algo
|
eval $_algo=$_algo
|
||||||
done
|
done
|
||||||
@ -415,7 +413,7 @@ pubkey_dgst() {
|
|||||||
for cmd in ec rsa; do
|
for cmd in ec rsa; do
|
||||||
$openssl $cmd -passin "pass:umask 077" -in "$1" -pubout |
|
$openssl $cmd -passin "pass:umask 077" -in "$1" -pubout |
|
||||||
$openssl $cmd -pubin -outform DER |
|
$openssl $cmd -pubin -outform DER |
|
||||||
hex_sha256 | egrep -v "${null256}" && return 0
|
hex_sha256 | grep -E -v "${null256}" && return 0
|
||||||
done 2>/dev/null
|
done 2>/dev/null
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
@ -429,7 +427,7 @@ cert_pubkey_dgst() {
|
|||||||
for cmd in ec rsa; do
|
for cmd in ec rsa; do
|
||||||
$openssl x509 -pubkey -noout -in "$1" |
|
$openssl x509 -pubkey -noout -in "$1" |
|
||||||
$openssl $cmd -pubin -outform DER |
|
$openssl $cmd -pubin -outform DER |
|
||||||
hex_sha256 | egrep -v "${null256}" && return 0
|
hex_sha256 | grep -E -v "${null256}" && return 0
|
||||||
done 2>/dev/null
|
done 2>/dev/null
|
||||||
return 1
|
return 1
|
||||||
}
|
}
|
||||||
|
@ -523,7 +523,7 @@ idea to run every night before the syslog files are rotated: </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -92,7 +92,7 @@ properly: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
% <b>egrep '(warning|error|fatal|panic):' /some/log/file | more</b>
|
% <b>grep -E '(warning|error|fatal|panic):' /some/log/file | more</b>
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -1185,7 +1185,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1266,7 +1266,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1331,7 +1331,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1650,7 +1650,7 @@ idea to run every night before the syslog files are rotated: </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -187,13 +187,13 @@ question. </p>
|
|||||||
# Find deliveries to example.com
|
# Find deliveries to example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': to=<.*@example\.com>,' |
|
grep -E -i ': to=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
|
|
||||||
# Find messages from example.com
|
# Find messages from example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': from=<.*@example\.com>,' |
|
grep -E -i ': from=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
@ -204,7 +204,7 @@ $ tail -10000 /var/log/maillog |
|
|||||||
<pre>
|
<pre>
|
||||||
# Find all messages for a specific queue id.
|
# Find all messages for a specific queue id.
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog | egrep ': 2B2173FF68: '
|
$ tail -10000 /var/log/maillog | grep -E ': 2B2173FF68: '
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -213,7 +213,7 @@ warnings can suggest strategies to reduce congestion. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
$ grep -E 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -2908,7 +2908,7 @@ erase all the SMTP client TLS settings and then enable client TLS: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postconf -X `postconf -nH | egrep '^smtp(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtp(_|_enforce_|_use_)tls'`
|
||||||
# <a href="postfix-tls.1.html">postfix tls</a> enable-client
|
# <a href="postfix-tls.1.html">postfix tls</a> enable-client
|
||||||
# postfix reload
|
# postfix reload
|
||||||
</pre>
|
</pre>
|
||||||
@ -2941,7 +2941,7 @@ all the SMTP server TLS settings and then enable server TLS: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postconf -X `postconf -nH | egrep '^smtpd(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtpd(_|_enforce_|_use_)tls'`
|
||||||
# <a href="postfix-tls.1.html">postfix tls</a> enable-server
|
# <a href="postfix-tls.1.html">postfix tls</a> enable-server
|
||||||
# postfix reload
|
# postfix reload
|
||||||
</pre>
|
</pre>
|
||||||
|
@ -182,10 +182,7 @@ POSTFIX-TLS(1) POSTFIX-TLS(1)
|
|||||||
Enable additional Postfix SMTP client logging of TLS activity.
|
Enable additional Postfix SMTP client logging of TLS activity.
|
||||||
|
|
||||||
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
|
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
|
||||||
The default SMTP TLS security level for the Postfix SMTP client;
|
The default SMTP TLS security level for the Postfix SMTP client.
|
||||||
when a non-empty value is specified, this overrides the obsolete
|
|
||||||
parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and
|
|
||||||
<a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
|
|
||||||
|
|
||||||
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
|
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
|
||||||
Name of the file containing the optional Postfix SMTP client TLS
|
Name of the file containing the optional Postfix SMTP client TLS
|
||||||
|
@ -206,6 +206,10 @@ do
|
|||||||
esac
|
esac
|
||||||
done || exit 1
|
done || exit 1
|
||||||
|
|
||||||
|
# Suggest a fix for systems without grep -E or -F flags.
|
||||||
|
(echo foo | grep -E foo 2>/dev/null | grep -F foo >/dev/null 2>/dev/null) ||
|
||||||
|
error "No grep -[EF] support. See auxiliary/fix-grep for a conversion tool."
|
||||||
|
|
||||||
# Emit system-dependent Makefile macro definitions to standard output.
|
# Emit system-dependent Makefile macro definitions to standard output.
|
||||||
|
|
||||||
echo "#----------------------------------------------------------------"
|
echo "#----------------------------------------------------------------"
|
||||||
|
@ -186,9 +186,7 @@ The location of the OpenSSL command line program \fBopenssl\fR(1).
|
|||||||
.IP "\fBsmtp_tls_loglevel (0)\fR"
|
.IP "\fBsmtp_tls_loglevel (0)\fR"
|
||||||
Enable additional Postfix SMTP client logging of TLS activity.
|
Enable additional Postfix SMTP client logging of TLS activity.
|
||||||
.IP "\fBsmtp_tls_security_level (empty)\fR"
|
.IP "\fBsmtp_tls_security_level (empty)\fR"
|
||||||
The default SMTP TLS security level for the Postfix SMTP client;
|
The default SMTP TLS security level for the Postfix SMTP client.
|
||||||
when a non\-empty value is specified, this overrides the obsolete
|
|
||||||
parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
|
|
||||||
.IP "\fBsmtp_tls_session_cache_database (empty)\fR"
|
.IP "\fBsmtp_tls_session_cache_database (empty)\fR"
|
||||||
Name of the file containing the optional Postfix SMTP client
|
Name of the file containing the optional Postfix SMTP client
|
||||||
TLS session cache.
|
TLS session cache.
|
||||||
|
@ -5,4 +5,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
find src -name '*.[hc]' | xargs cat | comment | mantools/deroff | mantools/find-double | fgrep -vxf proto/stop.double-cc
|
find src -name '*.[hc]' | xargs cat | comment | mantools/deroff | mantools/find-double | grep -F -vxf proto/stop.double-cc
|
||||||
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
sed '1,/^2022/d' HISTORY | mantools/find-double | fgrep -vxf proto/stop.double-history
|
sed '1,/^2022/d' HISTORY | mantools/find-double | grep -F -vxf proto/stop.double-history
|
||||||
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
(ls *install* proto/* | egrep -v 'stop|Makefile|html|\.proto' | xargs mantools/deroff; cat RELEASE_NOTES) | mantools/find-double | fgrep -vxf proto/stop.double-install-proto-text
|
(ls *install* proto/* | grep -E -v 'stop|Makefile|html|\.proto' | xargs mantools/deroff; cat RELEASE_NOTES) | mantools/find-double | grep -F -vxf proto/stop.double-install-proto-text
|
||||||
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
ls proto/*.html proto/*.proto | xargs mantools/dehtml | mantools/find-double | fgrep -vxf proto/stop.double-proto-html
|
ls proto/*.html proto/*.proto | xargs mantools/dehtml | mantools/find-double | grep -F -vxf proto/stop.double-proto-html
|
||||||
|
@ -18,7 +18,7 @@ awk -F: '
|
|||||||
|
|
||||||
# Create a list of expected names, excluding files that aren't installed.
|
# Create a list of expected names, excluding files that aren't installed.
|
||||||
|
|
||||||
(ls man/man?/* html/*.html |sed 's/.*\///' | egrep -v '^makedefs.1
|
(ls man/man?/* html/*.html |sed 's/.*\///' | grep -E -v '^makedefs.1
|
||||||
^posttls-finger.1
|
^posttls-finger.1
|
||||||
^qmqp-sink.1
|
^qmqp-sink.1
|
||||||
^qmqp-source.1
|
^qmqp-source.1
|
||||||
|
@ -54,4 +54,4 @@ EOF
|
|||||||
|
|
||||||
# Report names from postconf that have no rule in mantools/postlink.
|
# Report names from postconf that have no rule in mantools/postlink.
|
||||||
|
|
||||||
comm -23 postconf.tmp postlink.tmp | fgrep -vx -f stoplist.tmp
|
comm -23 postconf.tmp postlink.tmp | grep -F -vx -f stoplist.tmp
|
||||||
|
@ -5,4 +5,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
find . -name *.[hc] | xargs cat | comment | mantools/deroff | spell | fgrep -vxf proto/stop | fgrep -vxf proto/stop.spell-cc
|
find . -name *.[hc] | xargs cat | comment | mantools/deroff | spell | grep -F -vxf proto/stop | grep -F -vxf proto/stop.spell-cc
|
||||||
|
@ -4,6 +4,6 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
sed '1,/^2022/d' HISTORY | spell | fgrep -vxf proto/stop | \
|
sed '1,/^2022/d' HISTORY | spell | grep -F -vxf proto/stop | \
|
||||||
fgrep -vxf proto/stop.spell-cc | \
|
grep -F -vxf proto/stop.spell-cc | \
|
||||||
fgrep -vxf proto/stop.spell-history
|
grep -F -vxf proto/stop.spell-history
|
||||||
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
(ls *install* proto/* | egrep -v 'stop|Makefile|html|\.proto' | mantools/deroff; cat RELEASE_NOTES) | spell | fgrep -vxf proto/stop
|
(ls *install* proto/* | grep -E -v 'stop|Makefile|html|\.proto' | mantools/deroff; cat RELEASE_NOTES) | spell | grep -F -vxf proto/stop
|
||||||
|
@ -4,4 +4,4 @@
|
|||||||
|
|
||||||
LANG=C; export LANG
|
LANG=C; export LANG
|
||||||
|
|
||||||
mantools/dehtml proto/*html proto/*.proto | spell | fgrep -vxf proto/stop | fgrep -vxf proto/stop.spell-proto-html
|
mantools/dehtml proto/*html proto/*.proto | spell | grep -F -vxf proto/stop | grep -F -vxf proto/stop.spell-proto-html
|
||||||
|
@ -161,5 +161,5 @@ grep -n . "$@" | sed -n '
|
|||||||
p
|
p
|
||||||
d
|
d
|
||||||
}
|
}
|
||||||
' | egrep -v ':[a-z][_a-z0-9-]*\([0-9]\),' |
|
' | grep -E -v ':[a-z][_a-z0-9-]*\([0-9]\),' |
|
||||||
fgrep -vf mantools/manlint.stop
|
grep -F -vf mantools/manlint.stop
|
||||||
|
@ -3,5 +3,5 @@
|
|||||||
for file
|
for file
|
||||||
do
|
do
|
||||||
echo ==== $file ====
|
echo ==== $file ====
|
||||||
deroff $file | spell | fgrep -vf proto/stop
|
deroff $file | spell | grep -F -vf proto/stop
|
||||||
done
|
done
|
||||||
|
@ -6,5 +6,5 @@ export LC_ALL
|
|||||||
for i in $*
|
for i in $*
|
||||||
do
|
do
|
||||||
echo === $i ===
|
echo === $i ===
|
||||||
mantools/html2readme $i | col -b | spell | fgrep -vxf proto/stop
|
mantools/html2readme $i | col -b | spell | grep -F -vxf proto/stop
|
||||||
done
|
done
|
||||||
|
@ -523,7 +523,7 @@ idea to run every night before the syslog files are rotated: </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -92,7 +92,7 @@ properly: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
% <b>egrep '(warning|error|fatal|panic):' /some/log/file | more</b>
|
% <b>grep -E '(warning|error|fatal|panic):' /some/log/file | more</b>
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -1185,7 +1185,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1266,7 +1266,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1331,7 +1331,7 @@ file. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
$ grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -1650,7 +1650,7 @@ idea to run every night before the syslog files are rotated: </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postfix check
|
# postfix check
|
||||||
# egrep '(reject|warning|error|fatal|panic):' /some/log/file
|
# grep -E '(reject|warning|error|fatal|panic):' /some/log/file
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -187,13 +187,13 @@ question. </p>
|
|||||||
# Find deliveries to example.com
|
# Find deliveries to example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': to=<.*@example\.com>,' |
|
grep -E -i ': to=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
|
|
||||||
# Find messages from example.com
|
# Find messages from example.com
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog |
|
$ tail -10000 /var/log/maillog |
|
||||||
egrep -i ': from=<.*@example\.com>,' |
|
grep -E -i ': from=<.*@example\.com>,' |
|
||||||
less
|
less
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
@ -204,7 +204,7 @@ $ tail -10000 /var/log/maillog |
|
|||||||
<pre>
|
<pre>
|
||||||
# Find all messages for a specific queue id.
|
# Find all messages for a specific queue id.
|
||||||
#
|
#
|
||||||
$ tail -10000 /var/log/maillog | egrep ': 2B2173FF68: '
|
$ tail -10000 /var/log/maillog | grep -E ': 2B2173FF68: '
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
@ -213,7 +213,7 @@ warnings can suggest strategies to reduce congestion. </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
$ egrep 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
$ grep -E 'qmgr.*(panic|fatal|error|warning):' /var/log/maillog
|
||||||
</pre>
|
</pre>
|
||||||
</blockquote>
|
</blockquote>
|
||||||
|
|
||||||
|
@ -2908,7 +2908,7 @@ erase all the SMTP client TLS settings and then enable client TLS: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postconf -X `postconf -nH | egrep '^smtp(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtp(_|_enforce_|_use_)tls'`
|
||||||
# postfix tls enable-client
|
# postfix tls enable-client
|
||||||
# postfix reload
|
# postfix reload
|
||||||
</pre>
|
</pre>
|
||||||
@ -2941,7 +2941,7 @@ all the SMTP server TLS settings and then enable server TLS: </p>
|
|||||||
|
|
||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
# postconf -X `postconf -nH | egrep '^smtpd(_|_enforce_|_use_)tls'`
|
# postconf -X `postconf -nH | grep -E '^smtpd(_|_enforce_|_use_)tls'`
|
||||||
# postfix tls enable-server
|
# postfix tls enable-server
|
||||||
# postfix reload
|
# postfix reload
|
||||||
</pre>
|
</pre>
|
||||||
|
@ -241,7 +241,7 @@ cd
|
|||||||
chmod
|
chmod
|
||||||
config
|
config
|
||||||
defs
|
defs
|
||||||
egrep
|
grep -E
|
||||||
ifdef
|
ifdef
|
||||||
init
|
init
|
||||||
libexec
|
libexec
|
||||||
@ -1568,3 +1568,5 @@ mkmap
|
|||||||
Brendel
|
Brendel
|
||||||
Bugfix
|
Bugfix
|
||||||
https
|
https
|
||||||
|
egrep
|
||||||
|
fgrep
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
* Patches change both the patchlevel and the release date. Snapshots have no
|
* Patches change both the patchlevel and the release date. Snapshots have no
|
||||||
* patchlevel; they change the release date only.
|
* patchlevel; they change the release date only.
|
||||||
*/
|
*/
|
||||||
#define MAIL_RELEASE_DATE "20221227"
|
#define MAIL_RELEASE_DATE "20221228"
|
||||||
#define MAIL_VERSION_NUMBER "3.8"
|
#define MAIL_VERSION_NUMBER "3.8"
|
||||||
|
|
||||||
#ifdef SNAPSHOT
|
#ifdef SNAPSHOT
|
||||||
|
@ -40,7 +40,7 @@ $(PROG): $(OBJS) $(LIBS)
|
|||||||
(echo "# DO NOT EDIT THIS FILE. EDIT THE MAIN.CF FILE INSTEAD. THE"; \
|
(echo "# DO NOT EDIT THIS FILE. EDIT THE MAIN.CF FILE INSTEAD. THE"; \
|
||||||
echo "# TEXT HERE JUST SHOWS DEFAULT SETTINGS BUILT INTO POSTFIX."; \
|
echo "# TEXT HERE JUST SHOWS DEFAULT SETTINGS BUILT INTO POSTFIX."; \
|
||||||
echo "#"; $(SHLIB_ENV) $(VALGRIND) ./$(PROG) -d -c ../../conf) | \
|
echo "#"; $(SHLIB_ENV) $(VALGRIND) ./$(PROG) -d -c ../../conf) | \
|
||||||
egrep -v '^(myhostname|mydomain|mynetworks|process_name|process_id) ' >$@
|
grep -E -v '^(myhostname|mydomain|mynetworks|process_name|process_id) ' >$@
|
||||||
|
|
||||||
$(OBJS): ../../conf/makedefs.out
|
$(OBJS): ../../conf/makedefs.out
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ update: ../../libexec/$(PROG)
|
|||||||
smtp.o: smtp.c smtp_params.c lmtp_params.c
|
smtp.o: smtp.c smtp_params.c lmtp_params.c
|
||||||
|
|
||||||
lmtp_params.c: smtp_params.c
|
lmtp_params.c: smtp_params.c
|
||||||
egrep -v -f smtp-only smtp_params.c | \
|
grep -E -v -f smtp-only smtp_params.c | \
|
||||||
sed 's/SMTP/LMTP/g; s/smtp_\([a-z]*_table\)/lmtp_\1/' >$@
|
sed 's/SMTP/LMTP/g; s/smtp_\([a-z]*_table\)/lmtp_\1/' >$@
|
||||||
|
|
||||||
printfck: $(OBJS) $(PROG)
|
printfck: $(OBJS) $(PROG)
|
||||||
|
@ -71,7 +71,7 @@ tls_certkey_tests: test
|
|||||||
done; \
|
done; \
|
||||||
for pem in bad-*.pem; do \
|
for pem in bad-*.pem; do \
|
||||||
$(SHLIB_ENV) $(VALGRIND) ./tls_certkey $$pem > $$pem.out 2>&1 && exit 1 || : ok; \
|
$(SHLIB_ENV) $(VALGRIND) ./tls_certkey $$pem > $$pem.out 2>&1 && exit 1 || : ok; \
|
||||||
egrep -v 'TLS library problem' $$pem.out | diff $$pem.ref - || \
|
grep -E -v 'TLS library problem' $$pem.out | diff $$pem.ref - || \
|
||||||
exit 1; \
|
exit 1; \
|
||||||
echo " $$pem: OK"; \
|
echo " $$pem: OK"; \
|
||||||
done
|
done
|
||||||
|
Loading…
x
Reference in New Issue
Block a user