mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 13:18:12 +00:00
Code Issues Releases Wiki Activity

postfix-2.3-20051124

Browse Source
This commit is contained in:
Wietse Venema 2005-11-24 00:00:00 -05:00 committed by Viktor Dukhovni
parent c6d6830caf
commit a1fca514ef
35 changed files with 875 additions and 416 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
postfix/HISTORY
View File

@ -11436,6 +11436,26 @@ Apologies for any names omitted.
sites that used permit_mx_backup to authorize all their
incoming mail.
20051122
Feature: sender_relayhost_maps, lookup tables that specify
a per-sender override for the relayhost parameter setting.
This is an extended version of a patch by Mathias Hasselmann.
Files: trivial-rewrite/resolve.c, trivial-rewrite/transport.c,
*qmgr/qmgr_message.c.
Feature: address_verify_sender_relayhost_maps, for consistency
with the other address_verify_mumble parameters.
20051124
Feature: smtp_per_sender_auth, to enable per-sender SASL
authentication. This disables SMTP connection caching to
ensure that mail from different senders will be delivered
with the appropriate credentials. This is an extended version
of a patch by Mathias Hasselmann. Files: smtp/smtp_connect.c,
smtp/smtp_sasl_glue.c.
Open problems:
"postsuper -r" no longer resets the message arrival time,
@ -11548,15 +11568,16 @@ Open problems:
Med: separate ulimit for delivery to command?
Med: option to open queue file early, after MAIL FROM.
Low: log xdelay (esp. for SMTP and delivery to command).
Med: option to open queue file early, after MAIL FROM. This
would allow correlation of rejected RCPT TO requests with
accepted requests for the same mail transaction.
Med: silly queue file bit so that the queue manager doesn't
skip files when fast flush is requested while a queue scan
is in progress. The bit is set by the flush server and is
reset when the mail is deferred, so that it survives queue
manager restart.
manager restart. It's not clear, however, how one would
unthrottle disabled transports or queues.
Med: postsuper -r should do something with recipients in
bounce logfiles.

18
postfix/RELEASE_NOTES
View File

@ -17,6 +17,24 @@ Incompatibility with Postfix 2.1 and earlier
If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
before proceeding.
Major changes with snapshot 20051124
====================================
This snapshot adds support for sender-dependent ISP accounts.
- Per-sender relayhost support, with the sender_relayhost_maps
feature. The maps are searched with the sender address and with
the sender @domain. The result overrides the global relayhost
setting, but otherwise has identical behavior.
Example: sender_relayhost_maps = hash:/etc/postfix/sender_relay
- Per-sender SASL authentication support. This disables SMTP
connection caching to ensure that mail from different senders
will use the correct authentication credentials.
Example: smtp_per_sender_authentication = yes
Incompatibility with snapshot 20051121
======================================

211
postfix/conf/transport
View File

@ -1,4 +1,4 @@
# TRANSPORT(5) TRANSPORT(5)
# TRANSPORT(5) TRANSPORT(5)
#
# NAME
# transport - Postfix transport table format
@ -12,46 +12,55 @@
#
# DESCRIPTION
# The optional transport(5) table specifies a mapping from
# email addresses to message delivery transports and/or
# relay hosts. The mapping is used by the trivial-rewrite(8)
# email addresses to message delivery transports and next-
# hop hosts. The table is searched by the trivial-rewrite(8)
# daemon.
#
# This mapping overrides the default routing that is built
# into Postfix:
# This mapping overrides the default transport:nexthop
# selection that is built into Postfix:
#
# mydestination
# A list of domains that is by default delivered via
# $local_transport. This also includes domains that
# match $inet_interfaces or $proxy_interfaces.
# local_transport (default: local:$myhostname)
# This is the default for final delivery to domains
# listed with mydestination, and for [ipaddress] des-
# tinations that match $inet_interfaces or
# $proxy_interfaces. The default nexthop destination
# is the MTA hostname.
#
# virtual_mailbox_domains
# A list of domains that is by default delivered via
# $virtual_transport.
# virtual_transport (default: virtual:)
# This is the default for final delivery to domains
# listed with virtual_mailbox_domains. The default
# nexthop destination is the recipient domain.
#
# relay_domains
# A list of domains that is by default delivered via
# $relay_transport.
# relay_transport (default: relay:)
# This is the default for remote delivery to domains
# listed with relay_domains. In order of decreasing
# precedence, the nexthop destination is taken from
# relay_transport, sender_relayhost_maps, relayhost,
# or from the recipient domain.
#
# any other destination
# Mail for any other destination is by default deliv-
# ered via $default_transport.
# default_transport (default: smtp:)
# This is the default for remote delivery to other
# destinations. In order of decreasing precedence,
# the nexthop destination is taken from
# default_transport, sender_relayhost_maps, relay-
# host, or from the recipient domain.
#
# Normally, the transport(5) table is specified as a text
# file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# "postmap /etc/postfix/transport" in order to rebuild the
# Normally, the transport(5) table is specified as a text
# file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command
# "postmap /etc/postfix/transport" in order to rebuild the
# indexed file after changing the transport table.
#
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary
# indexed files.
#
# Alternatively, the table can be provided as a regular-
# Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In
# that case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# sions, or lookups can be directed to TCP-based server. In
# that case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES"
# and "TCP-BASED TABLES".
#
# TABLE FORMAT
@ -62,125 +71,125 @@
# domain, use the corresponding result.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character
# is a `#'.
#
# multi-line text
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi-
# cal line.
#
# The pattern specifies an email address, a domain name, or
# a domain name hierarchy, as described in section "TABLE
# The pattern specifies an email address, a domain name, or
# a domain name hierarchy, as described in section "TABLE
# LOOKUP".
#
# The result is of the form transport:nexthop and specifies
# The result is of the form transport:nexthop and specifies
# how or where to deliver mail. This is described in section
# "RESULT FORMAT".
#
# TABLE SEARCH ORDER
# With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, patterns are
# networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below:
#
# user+extension@domain transport:nexthop
# Deliver mail for user+extension@domain through
# Deliver mail for user+extension@domain through
# transport to nexthop.
#
# user@domain transport:nexthop
# Deliver mail for user@domain through transport to
# Deliver mail for user@domain through transport to
# nexthop.
#
# domain transport:nexthop
# Deliver mail for domain through transport to nex-
# Deliver mail for domain through transport to nex-
# thop.
#
# .domain transport:nexthop
# Deliver mail for any subdomain of domain through
# transport to nexthop. This applies only when the
# string transport_maps is not listed in the par-
# ent_domain_matches_subdomains configuration set-
# ting. Otherwise, a domain name matches itself and
# Deliver mail for any subdomain of domain through
# transport to nexthop. This applies only when the
# string transport_maps is not listed in the par-
# ent_domain_matches_subdomains configuration set-
# ting. Otherwise, a domain name matches itself and
# its subdomains.
#
# Note 1: the special pattern * represents any address (i.e.
# it functions as the wild-card pattern).
#
# Note 2: the null recipient address is looked up as
# Note 2: the null recipient address is looked up as
# $empty_address_recipient@$myhostname (default: mailer-dae-
# mon@hostname).
#
# Note 3: user@domain or user+extension@domain lookup is
# Note 3: user@domain or user+extension@domain lookup is
# available in Postfix 2.0 and later.
#
# RESULT FORMAT
# The lookup result is of the form transport:nexthop. The
# transport field specifies a mail delivery transport such
# as smtp or local. The nexthop field specifies where and
# The lookup result is of the form transport:nexthop. The
# transport field specifies a mail delivery transport such
# as smtp or local. The nexthop field specifies where and
# how to deliver mail.
#
# The transport field specifies the name of a mail delivery
# The transport field specifies the name of a mail delivery
# transport (the first name of a mail delivery service entry
# in the Postfix master.cf file).
#
# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify a service on a
# non-default port as host:service, and disable MX (mail
# exchanger) DNS lookups with [host] or [host]:port. The []
# The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify a service on a
# non-default port as host:service, and disable MX (mail
# exchanger) DNS lookups with [host] or [host]:port. The []
# form is required when you specify an IP address instead of
# a hostname.
#
# A null transport and null nexthop result means "do not
# change": use the delivery transport and nexthop informa-
# tion that would be used when the entire transport table
# A null transport and null nexthop result means "do not
# change": use the delivery transport and nexthop informa-
# tion that would be used when the entire transport table
# did not exist.
#
# A non-null transport field with a null nexthop field
# A non-null transport field with a null nexthop field
# resets the nexthop information to the recipient domain.
#
# A null transport field with non-null nexthop field does
# A null transport field with non-null nexthop field does
# not modify the transport information.
#
# EXAMPLES
# In order to deliver internal mail directly, while using a
# mail relay for all other mail, specify a null entry for
# internal destinations (do not change the delivery trans-
# port or the nexthop information) and specify a wildcard
# In order to deliver internal mail directly, while using a
# mail relay for all other mail, specify a null entry for
# internal destinations (do not change the delivery trans-
# port or the nexthop information) and specify a wildcard
# for all other destinations.
#
# my.domain :
# .my.domain :
# * smtp:outbound-relay.my.domain
#
# In order to send mail for example.com and its subdomains
# In order to send mail for example.com and its subdomains
# via the uucp transport to the UUCP host named example:
#
# example.com uucp:example
# .example.com uucp:example
#
# When no nexthop host name is specified, the destination
# domain name is used instead. For example, the following
# directs mail for user@example.com via the slow transport
# to a mail exchanger for example.com. The slow transport
# When no nexthop host name is specified, the destination
# domain name is used instead. For example, the following
# directs mail for user@example.com via the slow transport
# to a mail exchanger for example.com. The slow transport
# could be configured to run at most one delivery process at
# a time:
#
# example.com slow:
#
# When no transport is specified, Postfix uses the transport
# that matches the address domain class (see DESCRIPTION
# above). The following sends all mail for example.com and
# that matches the address domain class (see DESCRIPTION
# above). The following sends all mail for example.com and
# its subdomains to host gateway.example.com:
#
# example.com :[gateway.example.com]
# .example.com :[gateway.example.com]
#
# In the above example, the [] suppress MX lookups. This
# prevents mail routing loops when your machine is primary
# In the above example, the [] suppress MX lookups. This
# prevents mail routing loops when your machine is primary
# MX host for example.com.
#
# In the case of delivery via SMTP, one may specify host-
# In the case of delivery via SMTP, one may specify host-
# name:service instead of just a host:
#
# example.com smtp:bar.example:2025
@ -192,57 +201,57 @@
#
# The error mailer can be used to bounce mail:
#
# .example.com error:mail for *.example.com is not
# .example.com error:mail for *.example.com is not
# deliverable
#
# This causes all mail for user@anything.example.com to be
# This causes all mail for user@anything.example.com to be
# bounced.
#
# REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax,
# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus,
# some.domain.hierarchy is not looked up via its parent
# domains, nor is user+foo@domain looked up as user@domain.
# Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus,
# some.domain.hierarchy is not looked up via its parent
# domains, nor is user+foo@domain looked up as user@domain.
#
# Patterns are applied in the order as specified in the
# table, until a pattern is found that matches the search
# Patterns are applied in the order as specified in the ta-
# ble, until a pattern is found that matches the search
# string.
#
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
# This section describes how the table lookups change when
# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see
# tcp_table(5). This feature is not available up to and
# including Postfix version 2.2.
# tion of the TCP client/server lookup protocol, see tcp_ta-
# ble(5). This feature is not available up to and including
# Postfix version 2.2.
#
# Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via
# its parent domains, nor is user+foo@domain looked up as
# Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via
# its parent domains, nor is user+foo@domain looked up as
# user@domain.
#
# Results are the same as with indexed file lookups.
#
# CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See
# The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See
# postconf(5) for more details including examples.
#
# empty_address_recipient
# The address that is looked up instead of the null
# The address that is looked up instead of the null
# sender address.
#
# parent_domain_matches_subdomains
# List of Postfix features that use domain.tld pat-
# terns to match sub.domain.tld (as opposed to
# List of Postfix features that use domain.tld pat-
# terns to match sub.domain.tld (as opposed to
# requiring .domain.tld patterns).
#
# transport_maps
@ -254,13 +263,13 @@
# postmap(1), Postfix lookup table manager
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# FILTER_README, external content filter
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
@ -269,4 +278,4 @@
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
# TRANSPORT(5)
# TRANSPORT(5)

64
postfix/html/postconf.5.html
View File

@ -371,6 +371,21 @@ This feature is available in Postfix 2.1 and later.
</p>
</DD>
<DT><b><a name="address_verify_sender_relayhost_maps">address_verify_sender_relayhost_maps</a>
(default: empty)</b></DT><DD>
<p>
Overrides the <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> parameter setting for address
verification probes.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD>
<DT><b><a name="address_verify_service_name">address_verify_service_name</a>
@ -3539,7 +3554,7 @@ Examples:
</DD>
<DT><b><a name="local_transport">local_transport</a>
(default: local:$<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
(default: <a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
<p> The default mail delivery transport for domains that match
$<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. This
@ -5645,7 +5660,8 @@ The name of the directory with example Postfix configuration files.
(default: no)</b></DT><DD>
<p>
This parameter should not be used.
This parameter should not be used. It was replaced by <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a>
in Postfix 2.3.
</p>
@ -5754,6 +5770,20 @@ Example:
</pre>
</DD>
<DT><b><a name="sender_relayhost_maps">sender_relayhost_maps</a>
(default: empty)</b></DT><DD>
<p> A sender-specific override for the global <a href="postconf.5.html#relayhost">relayhost</a> parameter
setting. The tables are searched by the sender address and by the
sender @domain. </p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD>
<DT><b><a name="sendmail_path">sendmail_path</a>
@ -5946,15 +5976,15 @@ or pseudo-destinations: </p>
<ul>
<li> if mail is sent without a relay host: a domain name (the
<li> if mail is sent without a <a href="postconf.5.html#relayhost">relay host</a>: a domain name (the
right-hand side of an email address, without the [] around a numeric
IP address),
<li> if mail is sent via a relay host: a relay host name (without
<li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
[] or non-default TCP port), as specified in main.cf or in the
transport map,
<li> a /file/name with domain names and/or relay host names as
<li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
defined above,
<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay hosts name on
@ -6384,7 +6414,7 @@ This feature is available in Postfix 2.1 and later.
(default: 2)</b></DT><DD>
<p> The maximal number of SMTP sessions per delivery request before
giving up or delivering to a fall-back relay host, or zero (no
giving up or delivering to a fall-back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no
limit). This restriction ignores sessions that fail to complete the
SMTP initial handshake (Postfix 2.2 and earlier) or that fail to
complete the EHLO and TLS handshake (Postfix 2.3 and later). </p>
@ -6401,6 +6431,23 @@ complete the EHLO and TLS handshake (Postfix 2.3 and later). </p>
<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter. </p>
</DD>
<DT><b><a name="smtp_per_sender_authentication">smtp_per_sender_authentication</a>
(default: no)</b></DT><DD>
<p>
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD>
<DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
@ -6585,8 +6632,9 @@ Examples:
<p>
Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no
username:password entry, then the Postfix SMTP client will not
per remote hostname or domain (or per sender address, when per-sender
authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
</p>

179
postfix/html/smtp.8.html
View File

@ -188,99 +188,110 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional SMTP client lookup tables with one user-
name:password entry per remote hostname or domain.
name:password entry per remote hostname or domain
(or per sender, when per-sender authentication is
enabled).
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
What authentication mechanisms the Postfix SMTP
What authentication mechanisms the Postfix SMTP
client is allowed to use.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, a Postfix SMTP client filter for the
remote SMTP server's list of offered SASL mecha-
If non-empty, a Postfix SMTP client filter for the
remote SMTP server's list of offered SASL mecha-
nisms.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_per_sender_authentication">smtp_per_sender_authentication</a> (no)</b>
Enable per-sender authentication in the SMTP
client; this is available only with SASL authenti-
cation, and disables SMTP connection caching to
ensure that mail from different senders will use
the appropriate credentials.
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be
Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
Opportunistic mode: use TLS when a remote SMTP
server announces STARTTLS support, otherwise send
Opportunistic mode: use TLS when a remote SMTP
server announces STARTTLS support, otherwise send
the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
Enforcement mode: require that remote SMTP servers
use TLS encryption, and never send mail in the
Enforcement mode: require that remote SMTP servers
use TLS encryption, and never send mail in the
clear.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b>
The SASL authentication security options that the
Postfix SMTP client uses for TLS encrypted SMTP
The SASL authentication security options that the
Postfix SMTP client uses for TLS encrypted SMTP
sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
Time limit for Postfix SMTP client write and read
operations during TLS startup and shutdown hand-
Time limit for Postfix SMTP client write and read
operations during TLS startup and shutdown hand-
shake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
The file with the certificate of the certification
authority (CA) that issued the Postfix SMTP client
The file with the certificate of the certification
authority (CA) that issued the Postfix SMTP client
certificate.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
Directory with PEM format certificate authority
certificates that the Postfix SMTP client uses to
Directory with PEM format certificate authority
certificates that the Postfix SMTP client uses to
verify a remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b>
File with the Postfix SMTP client RSA certificate
File with the Postfix SMTP client RSA certificate
in PEM format.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
Controls the Postfix SMTP client TLS cipher selec-
Controls the Postfix SMTP client TLS cipher selec-
tion scheme.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
File with the Postfix SMTP client DSA certificate
File with the Postfix SMTP client DSA certificate
in PEM format.
<b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b>
File with the Postfix SMTP client DSA private key
File with the Postfix SMTP client DSA private key
in PEM format.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
When TLS encryption is enforced, require that the
When TLS encryption is enforced, require that the
remote SMTP server hostname matches the information
in the remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b>
File with the Postfix SMTP client RSA private key
File with the Postfix SMTP client RSA private key
in PEM format.
<b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b>
Enable additional Postfix SMTP client logging of
Enable additional Postfix SMTP client logging of
TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
Log the hostname of a remote SMTP server that
offers STARTTLS, when TLS is not already enabled
Log the hostname of a remote SMTP server that
offers STARTTLS, when TLS is not already enabled
for that server.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client
TLS usage policy by next-hop domain name and by
TLS usage policy by next-hop domain name and by
remote SMTP server hostname.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
The verification depth for remote SMTP server cer-
The verification depth for remote SMTP server cer-
tificates.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
Name of the file containing the optional Postfix
Name of the file containing the optional Postfix
SMTP client TLS session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
@ -288,31 +299,31 @@ SMTP(8) SMTP(8)
sion cache information.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
server in order to seed its internal pseudo random
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
server in order to seed its internal pseudo random
number generator (PRNG).
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
The maximal number of parallel deliveries to the
same destination via the smtp message delivery
The maximal number of parallel deliveries to the
same destination via the smtp message delivery
transport.
<b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
The maximal number of recipients per delivery via
The maximal number of recipients per delivery via
the smtp message delivery transport.
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
The SMTP client time limit for completing a TCP
The SMTP client time limit for completing a TCP
connection, or zero (use the operating system
built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
The SMTP client time limit for sending the HELO or
EHLO command, and for receiving the initial server
The SMTP client time limit for sending the HELO or
EHLO command, and for receiving the initial server
response.
<b><a href="postconf.5.html#smtp_xforward_timeout">smtp_xforward_timeout</a> (300s)</b>
@ -320,30 +331,30 @@ SMTP(8) SMTP(8)
command, and for receiving the server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
The SMTP client time limit for sending the MAIL
FROM command, and for receiving the server
The SMTP client time limit for sending the MAIL
FROM command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
The SMTP client time limit for sending the SMTP
RCPT TO command, and for receiving the server
The SMTP client time limit for sending the SMTP
RCPT TO command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
The SMTP client time limit for sending the SMTP
DATA command, and for receiving the server
The SMTP client time limit for sending the SMTP
DATA command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
The SMTP client time limit for sending the SMTP
The SMTP client time limit for sending the SMTP
message content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
The SMTP client time limit for sending the SMTP
The SMTP client time limit for sending the SMTP
".", and for receiving the server response.
<b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b>
The SMTP client time limit for sending the QUIT
The SMTP client time limit for sending the QUIT
command, and for receiving the server response.
Available in Postfix version 2.1 and later:
@ -354,22 +365,22 @@ SMTP(8) SMTP(8)
lookups, or zero (no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
The maximal number of SMTP sessions per delivery
request before giving up or delivering to a fall-
back relay host, or zero (no limit).
The maximal number of SMTP sessions per delivery
request before giving up or delivering to a fall-
back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
The SMTP client time limit for sending the RSET
The SMTP client time limit for sending the RSET
command, and for receiving the server response.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
Permanently enable SMTP connection caching for the
Permanently enable SMTP connection caching for the
specified destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
Temporarily enable SMTP connection caching while a
Temporarily enable SMTP connection caching while a
destination has a high volume of mail in the active
queue.
@ -379,55 +390,55 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b>
When SMTP connection caching is enabled, the amount
of time that an unused SMTP client socket is kept
of time that an unused SMTP client socket is kept
open before it is closed.
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a
remote client or server matches a pattern in the
The increment in verbose logging level when a
remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname
or network address patterns that cause the verbose
logging level to increase by the amount specified
Optional list of remote client or server hostname
or network address patterns that cause the verbose
logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about
mail delivery problems that are caused by policy,
The recipient of postmaster notifications about
mail delivery problems that are caused by policy,
resource, software or protocol errors.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
The list of error classes that are reported to the
The list of error classes that are reported to the
postmaster.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
Where the Postfix SMTP client should deliver mail
Where the Postfix SMTP client should deliver mail
when it detects a "mail loops back to myself" error
condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and
The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
How much time a Postfix daemon process may take to
handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal
The maximal number of digits after the decimal
point when logging sub-second delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP
Disable DNS lookups in the Postfix SMTP and LMTP
clients.
<b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
Optional list of relay hosts for SMTP destinations
Optional list of relay hosts for SMTP destinations
that can't be found or that are unreachable.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
@ -435,7 +446,7 @@ SMTP(8) SMTP(8)
tem receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
The Internet protocols Postfix will attempt to use
The Internet protocols Postfix will attempt to use
when making or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
@ -443,55 +454,55 @@ SMTP(8) SMTP(8)
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
The maximum amount of time that an idle Postfix
daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The maximal number of connection requests before a
The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon
The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon
The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail sys-
tem receives mail on by way of a proxy or network
tem receives mail on by way of a proxy or network
address translation unit.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
An optional numerical network address that the SMTP
client should bind to when making an IPv4 connec-
client should bind to when making an IPv4 connec-
tion.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
An optional numerical network address that the SMTP
client should bind to when making an IPv6 connec-
client should bind to when making an IPv6 connec-
tion.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The hostname to send in the SMTP EHLO or HELO com-
The hostname to send in the SMTP EHLO or HELO com-
mand.
<b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
What mechanisms when the SMTP client uses to look
What mechanisms when the SMTP client uses to look
up a host's IP address.
<b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
Randomize the order of equal-preference MX host
Randomize the order of equal-preference MX host
addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
The mail system name that is prepended to the
process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
@ -509,7 +520,7 @@ SMTP(8) SMTP(8)
<a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

199
postfix/html/transport.5.html
View File

@ -18,46 +18,55 @@ TRANSPORT(5) TRANSPORT(5)
<b>DESCRIPTION</b>
The optional <a href="transport.5.html"><b>transport</b>(5)</a> table specifies a mapping from
email addresses to message delivery transports and/or
relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
email addresses to message delivery transports and next-
hop hosts. The table is searched by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
daemon.
This mapping overrides the default routing that is built
into Postfix:
This mapping overrides the default <i>transport</i>:<i>nexthop</i>
selection that is built into Postfix:
<b><a href="postconf.5.html#mydestination">mydestination</a></b>
A list of domains that is by default delivered via
<b>$<a href="postconf.5.html#local_transport">local_transport</a></b>. This also includes domains that
match <b>$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or <b>$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>.
<b><a href="postconf.5.html#local_transport">local_transport</a> (default: <a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b>
This is the default for final delivery to domains
listed with <b><a href="postconf.5.html#mydestination">mydestination</a></b>, and for [<i>ipaddress</i>] des-
tinations that match <b>$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or
<b>$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>. The default <i>nexthop</i> destination
is the MTA hostname.
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a></b>
A list of domains that is by default delivered via
<b>$<a href="postconf.5.html#virtual_transport">virtual_transport</a></b>.
<b><a href="postconf.5.html#virtual_transport">virtual_transport</a> (default: <a href="virtual.8.html">virtual</a>:)</b>
This is the default for final delivery to domains
listed with <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a></b>. The default
<i>nexthop</i> destination is the recipient domain.
<b><a href="postconf.5.html#relay_domains">relay_domains</a></b>
A list of domains that is by default delivered via
<b>$<a href="postconf.5.html#relay_transport">relay_transport</a></b>.
<b><a href="postconf.5.html#relay_transport">relay_transport</a> (default: relay:)</b>
This is the default for remote delivery to domains
listed with <b><a href="postconf.5.html#relay_domains">relay_domains</a></b>. In order of decreasing
precedence, the <i>nexthop</i> destination is taken from
<b><a href="postconf.5.html#relay_transport">relay_transport</a></b>, <b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a></b>, <b><a href="postconf.5.html#relayhost">relayhost</a></b>,
or from the recipient domain.
any other destination
Mail for any other destination is by default deliv-
ered via <b>$<a href="postconf.5.html#default_transport">default_transport</a></b>.
<b><a href="postconf.5.html#default_transport">default_transport</a> (default: <a href="smtp.8.html">smtp</a>:)</b>
This is the default for remote delivery to other
destinations. In order of decreasing precedence,
the <i>nexthop</i> destination is taken from
<b><a href="postconf.5.html#default_transport">default_transport</a></b>, <b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a></b>, <b><a href="postconf.5.html#relayhost">relay</a>-</b>
<b><a href="postconf.5.html#relayhost">host</a></b>, or from the recipient domain.
Normally, the <a href="transport.5.html"><b>transport</b>(5)</a> table is specified as a text
file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
"<b>postmap /etc/postfix/transport</b>" in order to rebuild the
Normally, the <a href="transport.5.html"><b>transport</b>(5)</a> table is specified as a text
file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command
"<b>postmap /etc/postfix/transport</b>" in order to rebuild the
indexed file after changing the transport table.
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary
indexed files.
Alternatively, the table can be provided as a regular-
Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres-
sions, or lookups can be directed to TCP-based server. In
that case, the lookups are done in a slightly different
way as described below under "REGULAR EXPRESSION TABLES"
sions, or lookups can be directed to TCP-based server. In
that case, the lookups are done in a slightly different
way as described below under "REGULAR EXPRESSION TABLES"
and "TCP-BASED TABLES".
<b>TABLE FORMAT</b>
@ -68,125 +77,125 @@ TRANSPORT(5) TRANSPORT(5)
domain, use the corresponding <i>result</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character
is a `#'.
multi-line text
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi-
cal line.
The <i>pattern</i> specifies an email address, a domain name, or
a domain name hierarchy, as described in section "TABLE
The <i>pattern</i> specifies an email address, a domain name, or
a domain name hierarchy, as described in section "TABLE
LOOKUP".
The <i>result</i> is of the form <i>transport:nexthop</i> and specifies
The <i>result</i> is of the form <i>transport:nexthop</i> and specifies
how or where to deliver mail. This is described in section
"RESULT FORMAT".
<b>TABLE SEARCH ORDER</b>
With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, patterns are
networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below:
<i>user+extension@domain transport</i>:<i>nexthop</i>
Deliver mail for <i>user+extension@domain</i> through
Deliver mail for <i>user+extension@domain</i> through
<i>transport</i> to <i>nexthop</i>.
<i>user@domain transport</i>:<i>nexthop</i>
Deliver mail for <i>user@domain</i> through <i>transport</i> to
Deliver mail for <i>user@domain</i> through <i>transport</i> to
<i>nexthop</i>.
<i>domain transport</i>:<i>nexthop</i>
Deliver mail for <i>domain</i> through <i>transport</i> to <i>nex-</i>
Deliver mail for <i>domain</i> through <i>transport</i> to <i>nex-</i>
<i>thop</i>.
<i>.domain transport</i>:<i>nexthop</i>
Deliver mail for any subdomain of <i>domain</i> through
<i>transport</i> to <i>nexthop</i>. This applies only when the
string <b><a href="postconf.5.html#transport_maps">transport_maps</a></b> is not listed in the <b>par-</b>
<b>ent_domain_matches_subdomains</b> configuration set-
ting. Otherwise, a domain name matches itself and
Deliver mail for any subdomain of <i>domain</i> through
<i>transport</i> to <i>nexthop</i>. This applies only when the
string <b><a href="postconf.5.html#transport_maps">transport_maps</a></b> is not listed in the <b>par-</b>
<b>ent_domain_matches_subdomains</b> configuration set-
ting. Otherwise, a domain name matches itself and
its subdomains.
Note 1: the special pattern <b>*</b> represents any address (i.e.
it functions as the wild-card pattern).
Note 2: the null recipient address is looked up as
Note 2: the null recipient address is looked up as
<b>$<a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>@<b>$<a href="postconf.5.html#myhostname">myhostname</a></b> (default: mailer-dae-
mon@hostname).
Note 3: <i>user@domain</i> or <i>user+extension@domain</i> lookup is
Note 3: <i>user@domain</i> or <i>user+extension@domain</i> lookup is
available in Postfix 2.0 and later.
<b>RESULT FORMAT</b>
The lookup result is of the form <i>transport</i><b>:</b><i>nexthop</i>. The
<i>transport</i> field specifies a mail delivery transport such
as <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and
The lookup result is of the form <i>transport</i><b>:</b><i>nexthop</i>. The
<i>transport</i> field specifies a mail delivery transport such
as <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and
how to deliver mail.
The transport field specifies the name of a mail delivery
The transport field specifies the name of a mail delivery
transport (the first name of a mail delivery service entry
in the Postfix <b>master.cf</b> file).
The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify a service on a
non-default port as <i>host</i>:<i>service</i>, and disable MX (mail
exchanger) DNS lookups with [<i>host</i>] or [<i>host</i>]:<i>port</i>. The []
The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify a service on a
non-default port as <i>host</i>:<i>service</i>, and disable MX (mail
exchanger) DNS lookups with [<i>host</i>] or [<i>host</i>]:<i>port</i>. The []
form is required when you specify an IP address instead of
a hostname.
A null <i>transport</i> and null <i>nexthop</i> result means "do not
change": use the delivery transport and nexthop informa-
tion that would be used when the entire transport table
A null <i>transport</i> and null <i>nexthop</i> result means "do not
change": use the delivery transport and nexthop informa-
tion that would be used when the entire transport table
did not exist.
A non-null <i>transport</i> field with a null <i>nexthop</i> field
A non-null <i>transport</i> field with a null <i>nexthop</i> field
resets the nexthop information to the recipient domain.
A null <i>transport</i> field with non-null <i>nexthop</i> field does
A null <i>transport</i> field with non-null <i>nexthop</i> field does
not modify the transport information.
<b>EXAMPLES</b>
In order to deliver internal mail directly, while using a
mail relay for all other mail, specify a null entry for
internal destinations (do not change the delivery trans-
port or the nexthop information) and specify a wildcard
In order to deliver internal mail directly, while using a
mail relay for all other mail, specify a null entry for
internal destinations (do not change the delivery trans-
port or the nexthop information) and specify a wildcard
for all other destinations.
<b>my.domain :</b>
<b>.my.domain :</b>
<b>* <a href="smtp.8.html">smtp</a>:outbound-relay.my.domain</b>
In order to send mail for <b>example.com</b> and its subdomains
In order to send mail for <b>example.com</b> and its subdomains
via the <b>uucp</b> transport to the UUCP host named <b>example</b>:
<b>example.com uucp:example</b>
<b>.example.com uucp:example</b>
When no nexthop host name is specified, the destination
domain name is used instead. For example, the following
directs mail for <i>user</i>@<b>example.com</b> via the <b>slow</b> transport
to a mail exchanger for <b>example.com</b>. The <b>slow</b> transport
When no nexthop host name is specified, the destination
domain name is used instead. For example, the following
directs mail for <i>user</i>@<b>example.com</b> via the <b>slow</b> transport
to a mail exchanger for <b>example.com</b>. The <b>slow</b> transport
could be configured to run at most one delivery process at
a time:
<b>example.com slow:</b>
When no transport is specified, Postfix uses the transport
that matches the address domain class (see DESCRIPTION
above). The following sends all mail for <b>example.com</b> and
that matches the address domain class (see DESCRIPTION
above). The following sends all mail for <b>example.com</b> and
its subdomains to host <b>gateway.example.com</b>:
<b>example.com :[gateway.example.com]</b>
<b>.example.com :[gateway.example.com]</b>
In the above example, the [] suppress MX lookups. This
prevents mail routing loops when your machine is primary
In the above example, the [] suppress MX lookups. This
prevents mail routing loops when your machine is primary
MX host for <b>example.com</b>.
In the case of delivery via SMTP, one may specify <i>host-</i>
In the case of delivery via SMTP, one may specify <i>host-</i>
<i>name</i>:<i>service</i> instead of just a host:
<b>example.com <a href="smtp.8.html">smtp</a>:bar.example:2025</b>
@ -198,57 +207,57 @@ TRANSPORT(5) TRANSPORT(5)
The error mailer can be used to bounce mail:
<b>.example.com <a href="error.8.html">error</a>:mail for *.example.com is not</b>
<b>.example.com <a href="error.8.html">error</a>:mail for *.example.com is not</b>
<b>deliverable</b>
This causes all mail for <i>user</i>@<i>anything</i><b>.example.com</b> to be
This causes all mail for <i>user</i>@<i>anything</i><b>.example.com</b> to be
bounced.
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax,
a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus,
<i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
Each pattern is a regular expression that is applied to
the entire address being looked up. Thus,
<i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
Patterns are applied in the order as specified in the ta-
ble, until a pattern is found that matches the search
Patterns are applied in the order as specified in the ta-
ble, until a pattern is found that matches the search
string.
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when
This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
<a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
Postfix version 2.2.
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
its parent domains, nor is <i>user+foo@domain</i> looked up as
Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via
its parent domains, nor is <i>user+foo@domain</i> looked up as
<i>user@domain</i>.
Results are the same as with indexed file lookups.
<b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>
The address that is looked up instead of the null
The address that is looked up instead of the null
sender address.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b>
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b><a href="postconf.5.html#transport_maps">transport_maps</a></b>
@ -264,7 +273,7 @@ TRANSPORT(5) TRANSPORT(5)
<a href="FILTER_README.html">FILTER_README</a>, external content filter
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>

30
postfix/html/trivial-rewrite.8.html
View File

@ -144,7 +144,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<a href="postconf.5.html#virtual_transport">tual_transport</a>, <a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>,
<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> or <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
<b><a href="postconf.5.html#local_transport">local_transport</a> (local:$<a href="postconf.5.html#myhostname">myhostname</a>)</b>
<b><a href="postconf.5.html#local_transport">local_transport</a> (<a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The default mail delivery transport for domains
that match $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
@ -181,13 +181,19 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address to (message delivery transport, next-hop
destination).
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> (empty)</b>
A sender-specific override for the global <a href="postconf.5.html#relayhost">relayhost</a>
parameter setting.
<b>ADDRESS VERIFICATION CONTROLS</b>
Postfix version 2.1 introduces sender and recipient
address verification. This feature is implemented by
sending probe email messages that are not actually deliv-
ered. By default, address verification probes use the
same route as regular mail. To override specific aspects
of message routing for address verification probes, spec-
Postfix version 2.1 introduces sender and recipient
address verification. This feature is implemented by
sending probe email messages that are not actually deliv-
ered. By default, address verification probes use the
same route as regular mail. To override specific aspects
of message routing for address verification probes, spec-
ify one or more of the following:
<b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
@ -195,7 +201,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address verification probes.
<b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b>
Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting
Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting
for address verification probes.
<b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b>
@ -203,13 +209,17 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address verification probes.
<b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b>
Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting
Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting
for address verification probes.
<b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b>
Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for
Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for
address verification probes.
<b><a href="postconf.5.html#address_verify_sender_relayhost_maps">address_verify_sender_relayhost_maps</a> (empty)</b>
Overrides the <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> parameter set-
ting for address verification probes.
<b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b>
Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for
address verification probes.

26
postfix/man/man5/postconf.5
View File

@ -197,6 +197,11 @@ address_verify_sender = postmaster@my.domain
.ft R
.PP
This feature is available in Postfix 2.1 and later.
.SH address_verify_sender_relayhost_maps (default: empty)
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
.PP
This feature is available in Postfix 2.3 and later.
.SH address_verify_service_name (default: verify)
The name of the \fBverify\fR(8) address verification service. This service
maintains the status of sender and/or recipient address verification
@ -3149,7 +3154,8 @@ This feature is available in Postfix 2.0 and later.
.SH sample_directory (default: /etc/postfix)
The name of the directory with example Postfix configuration files.
.SH sender_based_routing (default: no)
This parameter should not be used.
This parameter should not be used. It was replaced by sender_relayhost_maps
in Postfix 2.3.
.SH sender_bcc_maps (default: empty)
Optional BCC (blind carbon-copy) address lookup tables, indexed
by sender address. The BCC address (multiple results are not
@ -3222,6 +3228,12 @@ sender_canonical_maps = hash:/etc/postfix/sender_canonical
.fi
.ad
.ft R
.SH sender_relayhost_maps (default: empty)
A sender-specific override for the global relayhost parameter
setting. The tables are searched by the sender address and by the
sender @domain.
.PP
This feature is available in Postfix 2.3 and later.
.SH sendmail_path (default: see "postconf -d" output)
A Sendmail compatibility feature that specifies the location of
the Postfix \fBsendmail\fR(1) command. This command can be used to
@ -3582,6 +3594,13 @@ This feature is available in Postfix 2.1 and later.
.SH smtp_never_send_ehlo (default: no)
Never send EHLO at the start of an SMTP session. See also the
smtp_always_send_ehlo parameter.
.SH smtp_per_sender_authentication (default: no)
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
.PP
This feature is available in Postfix 2.3 and later.
.SH smtp_pix_workaround_delay_time (default: 10s)
How long the Postfix SMTP client pauses before sending
".<CR><LF>" in order to work around the PIX firewall
@ -3684,8 +3703,9 @@ smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
.ft R
.SH smtp_sasl_password_maps (default: empty)
Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no
username:password entry, then the Postfix SMTP client will not
per remote hostname or domain (or per sender address, when per-sender
authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
.PP
The Postfix SMTP client opens the lookup table before going to

43
postfix/man/man5/transport.5
View File

@ -17,24 +17,33 @@ Postfix transport table format
.ad
.fi
The optional \fBtransport\fR(5) table specifies a mapping from email
addresses to message delivery transports and/or relay hosts. The
mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
addresses to message delivery transports and next-hop hosts. The
table is searched by the \fBtrivial-rewrite\fR(8) daemon.
This mapping overrides the default routing that is built into
Postfix:
.IP \fBmydestination\fR
A list of domains that is by default delivered via
\fB$local_transport\fR. This also includes domains
that match \fB$inet_interfaces\fR or \fB$proxy_interfaces\fR.
.IP \fBvirtual_mailbox_domains\fR
A list of domains that is by default delivered via
\fB$virtual_transport\fR.
.IP \fBrelay_domains\fR
A list of domains that is by default delivered via
\fB$relay_transport\fR.
.IP "any other destination"
Mail for any other destination is by default delivered via
\fB$default_transport\fR.
This mapping overrides the default \fItransport\fR:\fInexthop\fR
selection that is built into Postfix:
.IP "\fBlocal_transport (default: local:$myhostname)\fR"
This is the default for final delivery to domains listed
with \fBmydestination\fR, and for [\fIipaddress\fR]
destinations that match \fB$inet_interfaces\fR or
\fB$proxy_interfaces\fR. The default \fInexthop\fR destination
is the MTA hostname.
.IP "\fBvirtual_transport (default: virtual:)\fR"
This is the default for final delivery to domains listed
with \fBvirtual_mailbox_domains\fR. The default \fInexthop\fR
destination is the recipient domain.
.IP "\fBrelay_transport (default: relay:)\fR"
This is the default for remote delivery to domains listed
with \fBrelay_domains\fR. In order of decreasing precedence,
the \fInexthop\fR destination is taken from \fBrelay_transport\fR,
\fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
recipient domain.
.IP "\fBdefault_transport (default: smtp:)\fR"
This is the default for remote delivery to other destinations.
In order of decreasing precedence, the \fInexthop\fR
destination is taken from \fBdefault_transport\fR,
\fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
recipient domain.
.PP
Normally, the \fBtransport\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.

10
postfix/man/man8/smtp.8
View File

@ -176,7 +176,8 @@ response announces XFORWARD support.
Enable SASL authentication in the Postfix SMTP client.
.IP "\fBsmtp_sasl_password_maps (empty)\fR"
Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain.
per remote hostname or domain (or per sender, when per-sender
authentication is enabled).
.IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
What authentication mechanisms the Postfix SMTP client is allowed
to use.
@ -185,6 +186,13 @@ Available in Postfix version 2.2 and later:
.IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms.
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsmtp_per_sender_authentication (no)\fR"
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
.SH "STARTTLS SUPPORT CONTROLS"
.na
.nf

8
postfix/man/man8/trivial-rewrite.8
View File

@ -162,6 +162,11 @@ in the optional \fBtransport\fR(5) table.
.IP "\fBtransport_maps (empty)\fR"
Optional lookup tables with mappings from recipient address to
(message delivery transport, next-hop destination).
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsender_relayhost_maps (empty)\fR"
A sender-specific override for the global relayhost parameter
setting.
.SH "ADDRESS VERIFICATION CONTROLS"
.na
.nf
@ -189,6 +194,9 @@ verification probes.
.IP "\fBaddress_verify_relayhost ($relayhost)\fR"
Overrides the relayhost parameter setting for address verification
probes.
.IP "\fBaddress_verify_sender_relayhost_maps (empty)\fR"
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
.IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
Overrides the transport_maps parameter setting for address verification
probes.

15
postfix/mantools/postlink
View File

@ -77,7 +77,8 @@ while (<>) {
s;\baddress_verify_positive_expire_time\b;<a href="postconf.5.html#address_verify_positive_expire_time">$&</a>;g;
s;\baddress_verify_positive_refresh_time\b;<a href="postconf.5.html#address_verify_positive_refresh_time">$&</a>;g;
s;\baddress_verify_relay_transport\b;<a href="postconf.5.html#address_verify_relay_transport">$&</a>;g;
s;\baddress_verify_relayhost\b;<a href="postconf.5.html#address_verify_relayhost">$&</a>;g;
s;\baddress_verify_relay[-</bB>]*\n*[ <bB>]*host\b;<a href="postconf.5.html#address_verify_relayhost">$&</a>;g;
s;\baddress_verify_sender_relay[-</bB>]*\n*[ <bB>]*host_maps\b;<a href="postconf.5.html#address_verify_sender_relayhost_maps">$&</a>;g;
s;\baddress_verify_sender\b;<a href="postconf.5.html#address_verify_sender">$&</a>;g;
s;\baddress_verify_service_name\b;<a href="postconf.5.html#address_verify_service_name">$&</a>;g;
s;\baddress_verify_transport_maps\b;<a href="postconf.5.html#address_verify_transport_maps">$&</a>;g;
@ -183,7 +184,7 @@ while (<>) {
s;\bignore_mx_lookup_error\b;<a href="postconf.5.html#ignore_mx_lookup_error">$&</a>;g;
s;\bimport_environment\b;<a href="postconf.5.html#import_environment">$&</a>;g;
s;\bin_flow_delay\b;<a href="postconf.5.html#in_flow_delay">$&</a>;g;
s;\binet_interfaces\b;<a href="postconf.5.html#inet_interfaces">$&</a>;g;
s;\binet_inter[-</bB>]*\n*[ <bB>]*faces\b;<a href="postconf.5.html#inet_interfaces">$&</a>;g;
s;\binet_protocols\b;<a href="postconf.5.html#inet_protocols">$&</a>;g;
s;\binitial_destination_concurrency\b;<a href="postconf.5.html#initial_destination_concurrency">$&</a>;g;
s;\binvalid_hostname_reject_code\b;<a href="postconf.5.html#invalid_hostname_reject_code">$&</a>;g;
@ -263,7 +264,7 @@ while (<>) {
s;\bprocess_id_directory\b;<a href="postconf.5.html#process_id_directory">$&</a>;g;
s;\bprocess_name\b;<a href="postconf.5.html#process_name">$&</a>;g;
s;\bpropagate_unmatched_extensions\b;<a href="postconf.5.html#propagate_unmatched_extensions">$&</a>;g;
s;\bproxy_interfaces\b;<a href="postconf.5.html#proxy_interfaces">$&</a>;g;
s;\bproxy_inter[-</bB>]*\n* *[<bB>]*faces\b;<a href="postconf.5.html#proxy_interfaces">$&</a>;g;
s;\bproxy_read_maps\b;<a href="postconf.5.html#proxy_read_maps">$&</a>;g;
s;\bqmgr_clog_warn_time\b;<a href="postconf.5.html#qmgr_clog_warn_time">$&</a>;g;
s;\bqmgr_fudge_factor\b;<a href="postconf.5.html#qmgr_fudge_factor">$&</a>;g;
@ -295,7 +296,7 @@ while (<>) {
s;\brelay_domains_reject_code\b;<a href="postconf.5.html#relay_domains_reject_code">$&</a>;g;
s;\brelay_recipi[-</bB>]*\n*[ <bB>]*ent_maps\b;<a href="postconf.5.html#relay_recipient_maps">$&</a>;g;
s;\brelay_transport\b;<a href="postconf.5.html#relay_transport">$&</a>;g;
s;\brelayhost\b;<a href="postconf.5.html#relayhost">$&</a>;g;
s;\brelay[-</bB>]*\n*[ <bB>]*host\b;<a href="postconf.5.html#relayhost">$&</a>;g;
s;\brelocated_maps\b;<a href="postconf.5.html#relocated_maps">$&</a>;g;
s;\brequire_home_directory\b;<a href="postconf.5.html#require_home_directory">$&</a>;g;
s;\bresolve_dequoted_address\b;<a href="postconf.5.html#resolve_dequoted_address">$&</a>;g;
@ -305,6 +306,7 @@ while (<>) {
s;\bsender_bcc_maps\b;<a href="postconf.5.html#sender_bcc_maps">$&</a>;g;
s;\bsender_canonical_classes\b;<a href="postconf.5.html#sender_canonical_classes">$&</a>;g;
s;\bsender_canonical_maps\b;<a href="postconf.5.html#sender_canonical_maps">$&</a>;g;
s;\bsender_relay[-</bB>]*\n*[ <bB>]*host_maps\b;<a href="postconf.5.html#sender_relayhost_maps">$&</a>;g;
s;\bsendmail_path\b;<a href="postconf.5.html#sendmail_path">$&</a>;g;
s;\bservice_throttle_time\b;<a href="postconf.5.html#service_throttle_time">$&</a>;g;
s;\bsetgid_group\b;<a href="postconf.5.html#setgid_group">$&</a>;g;
@ -350,6 +352,7 @@ while (<>) {
s;\bsmtp_mx_address_limit\b;<a href="postconf.5.html#smtp_mx_address_limit">$&</a>;g;
s;\bsmtp_mx_session_limit\b;<a href="postconf.5.html#smtp_mx_session_limit">$&</a>;g;
s;\bsmtp_never_send_ehlo\b;<a href="postconf.5.html#smtp_never_send_ehlo">$&</a>;g;
s;\bsmtp_per_sender_authentication\b;<a href="postconf.5.html#smtp_per_sender_authentication">$&</a>;g;
s;\bsmtp_pix_workaround_delay_time\b;<a href="postconf.5.html#smtp_pix_workaround_delay_time">$&</a>;g;
s;\bsmtp_pix_workaround_threshold_time\b;<a href="postconf.5.html#smtp_pix_workaround_threshold_time">$&</a>;g;
s;\bsmtp_quit_timeout\b;<a href="postconf.5.html#smtp_quit_timeout">$&</a>;g;
@ -540,7 +543,7 @@ while (<>) {
s/[<bB>]*tlsmgr[<\/bB>]*\(8\)/<a href="tlsmgr.8.html">$&<\/a>/g;
s/[<bB>]*trace[<\/bB>]*\(8\)/<a href="trace.8.html">$&<\/a>/g;
s/[<bB>]*trivial- *<br> *rewrite[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g;
s/[<bB>]*triv[-<\/bB>]*\n* *[<bB>]*ial-[<\/bB>]*\n* *[<bB>]*rewrite[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g;
s/[<bB>]*triv[-<\/bB>]*\n* *[<bB>]*ial-[<\/bB>]*\n* *[<bB>]*re[-<\/bB>]*\n*[ <bB>]*write[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g;
s/[<bB>]*mailq[<\/bB>]*\(1\)/<a href="mailq.1.html">$&<\/a>/g;
s/[<bB>]*newaliases[<\/bB>]*\(1\)/<a href="newaliases.1.html">$&<\/a>/g;
s/[<bB>]*postalias[<\/bB>]*\(1\)/<a href="postalias.1.html">$&<\/a>/g;
@ -725,6 +728,8 @@ while (<>) {
s/\b(error):/<a href="error.8.html">$1<\/a>:/g;
s/\b(smtp):/<a href="smtp.8.html">$1<\/a>:/g;
s/\b(lmtp):/<a href="lmtp.8.html">$1<\/a>:/g;
s/\b(local):/<a href="local.8.html">$1<\/a>:/g;
s/\b(virtual):/<a href="virtual.8.html">$1<\/a>:/g;
}
continue {
if ($printit)

42
postfix/proto/postconf.proto
View File

@ -4002,8 +4002,9 @@ smtp_sasl_auth_enable = yes
<p>
Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no
username:password entry, then the Postfix SMTP client will not
per remote hostname or domain (or per sender address, when per-sender
authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
</p>
@ -7112,7 +7113,8 @@ The name of the directory with example Postfix configuration files.
%PARAM sender_based_routing no
<p>
This parameter should not be used.
This parameter should not be used. It was replaced by sender_relayhost_maps
in Postfix 2.3.
</p>
%PARAM sendmail_path see "postconf -d" output
@ -8704,3 +8706,37 @@ is placed into the Postfix configuration directory. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM sender_relayhost_maps empty
<p> A sender-specific override for the global relayhost parameter
setting. The tables are searched by the sender address and by the
sender @domain. </p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
%PARAM address_verify_sender_relayhost_maps empty
<p>
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
%PARAM smtp_per_sender_authentication no
<p>
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>

49
postfix/proto/transport
View File

@ -11,24 +11,33 @@
# \fBpostmap -q - /etc/postfix/transport <\fIinputfile\fR
# DESCRIPTION
# The optional \fBtransport\fR(5) table specifies a mapping from email
# addresses to message delivery transports and/or relay hosts. The
# mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
# addresses to message delivery transports and next-hop hosts. The
# table is searched by the \fBtrivial-rewrite\fR(8) daemon.
#
# This mapping overrides the default routing that is built into
# Postfix:
# .IP \fBmydestination\fR
# A list of domains that is by default delivered via
# \fB$local_transport\fR. This also includes domains
# that match \fB$inet_interfaces\fR or \fB$proxy_interfaces\fR.
# .IP \fBvirtual_mailbox_domains\fR
# A list of domains that is by default delivered via
# \fB$virtual_transport\fR.
# .IP \fBrelay_domains\fR
# A list of domains that is by default delivered via
# \fB$relay_transport\fR.
# .IP "any other destination"
# Mail for any other destination is by default delivered via
# \fB$default_transport\fR.
# This mapping overrides the default \fItransport\fR:\fInexthop\fR
# selection that is built into Postfix:
# .IP "\fBlocal_transport (default: local:$myhostname)\fR"
# This is the default for final delivery to domains listed
# with \fBmydestination\fR, and for [\fIipaddress\fR]
# destinations that match \fB$inet_interfaces\fR or
# \fB$proxy_interfaces\fR. The default \fInexthop\fR destination
# is the MTA hostname.
# .IP "\fBvirtual_transport (default: virtual:)\fR"
# This is the default for final delivery to domains listed
# with \fBvirtual_mailbox_domains\fR. The default \fInexthop\fR
# destination is the recipient domain.
# .IP "\fBrelay_transport (default: relay:)\fR"
# This is the default for remote delivery to domains listed
# with \fBrelay_domains\fR. In order of decreasing precedence,
# the \fInexthop\fR destination is taken from \fBrelay_transport\fR,
# \fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
# recipient domain.
# .IP "\fBdefault_transport (default: smtp:)\fR"
# This is the default for remote delivery to other destinations.
# In order of decreasing precedence, the \fInexthop\fR
# destination is taken from \fBdefault_transport\fR,
# \fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
# recipient domain.
# .PP
# Normally, the \fBtransport\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command.
@ -223,9 +232,9 @@
# CONFIGURATION PARAMETERS
# .ad
# .fi
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
# \fBpostconf\fR(5) for more details including examples.
# The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See
# \fBpostconf\fR(5) for more details including examples.
# .IP \fBempty_address_recipient\fR
# The address that is looked up instead of the null sender address.
# .IP \fBparent_domain_matches_subdomains\fR

15
postfix/src/global/mail_params.h
View File

@ -185,6 +185,10 @@ extern char *var_masq_classes;
#define DEF_RELAYHOST ""
extern char *var_relayhost;
#define VAR_SND_RELAY_MAPS "sender_relayhost_maps"
#define DEF_SND_RELAY_MAPS ""
extern char *var_snd_relay_maps;
#define VAR_FALLBACK_RELAY "fallback_relay"
#define DEF_FALLBACK_RELAY ""
extern char *var_fallback_relay;
@ -2152,6 +2156,10 @@ extern char *var_vrfy_def_xport;
#define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST
extern char *var_vrfy_relayhost;
#define VAR_VRFY_RELAY_MAPS "address_verify_sender_relayhost_maps"
#define DEF_VRFY_RELAY_MAPS "$" VAR_SND_RELAY_MAPS
extern char *var_vrfy_relay_maps;
#define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps"
#define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS
extern char *var_vrfy_xport_maps;
@ -2404,6 +2412,13 @@ extern int var_delay_max_res;
#define DEF_BOUNCE_TMPL ""
extern char *var_bounce_tmpl;
/*
* Per-sender authentication.
*/
#define VAR_SMTP_SENDER_AUTH "smtp_per_sender_authentication"
#define DEF_SMTP_SENDER_AUTH 0
extern bool var_smtp_sender_auth;
/* LICENSE
/* .ad
/* .fi

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20051121"
#define MAIL_RELEASE_DATE "20051124"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT

3
postfix/src/global/resolve_clnt.c
View File

@ -59,6 +59,9 @@
/* The address resolved to something that has invalid syntax.
/* .IP RESOLVE_FLAG_FAIL
/* The request could not be completed.
/* .IP RESOLVE_FLAG_SMARTHOST
/* The client may override the next-hop host with per-sender
/* relay host information.
/* .PP
/* In addition, the address domain class is returned by setting
/* one of the following flags (this is preliminary code awaiting

1
postfix/src/global/resolve_clnt.h
View File

@ -26,6 +26,7 @@
#define RESOLVE_FLAG_ROUTED (1<<1) /* routed destination */
#define RESOLVE_FLAG_ERROR (1<<2) /* bad destination syntax */
#define RESOLVE_FLAG_FAIL (1<<3) /* request failed */
#define RESOLVE_FLAG_SMARTHOST (1<<4) /* smarthost route */
#define RESOLVE_CLASS_LOCAL (1<<8) /* mydestination/inet_interfaces */
#define RESOLVE_CLASS_ALIAS (1<<9) /* virtual_alias_domains */

33
postfix/src/oqmgr/Makefile.in
View File

@ -74,6 +74,7 @@ qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/mail_queue.h
qmgr.o: ../../include/mail_server.h
qmgr.o: ../../include/maps.h
qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/msg.h
qmgr.o: ../../include/recipient_list.h
@ -85,10 +86,12 @@ qmgr.o: ../../include/vstring.h
qmgr.o: qmgr.c
qmgr.o: qmgr.h
qmgr_active.o: ../../include/abounce.h
qmgr_active.o: ../../include/argv.h
qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/bounce.h
qmgr_active.o: ../../include/defer.h
qmgr_active.o: ../../include/deliver_request.h
qmgr_active.o: ../../include/dict.h
qmgr_active.o: ../../include/dsn.h
qmgr_active.o: ../../include/dsn_buf.h
qmgr_active.o: ../../include/dsn_mask.h
@ -96,6 +99,7 @@ qmgr_active.o: ../../include/events.h
qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/maps.h
qmgr_active.o: ../../include/msg.h
qmgr_active.o: ../../include/msg_stats.h
qmgr_active.o: ../../include/mymalloc.h
@ -110,12 +114,15 @@ qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vstring.h
qmgr_active.o: qmgr.h
qmgr_active.o: qmgr_active.c
qmgr_bounce.o: ../../include/argv.h
qmgr_bounce.o: ../../include/attr.h
qmgr_bounce.o: ../../include/bounce.h
qmgr_bounce.o: ../../include/deliver_completed.h
qmgr_bounce.o: ../../include/deliver_request.h
qmgr_bounce.o: ../../include/dict.h
qmgr_bounce.o: ../../include/dsn.h
qmgr_bounce.o: ../../include/dsn_buf.h
qmgr_bounce.o: ../../include/maps.h
qmgr_bounce.o: ../../include/msg_stats.h
qmgr_bounce.o: ../../include/recipient_list.h
qmgr_bounce.o: ../../include/scan_dir.h
@ -125,12 +132,15 @@ qmgr_bounce.o: ../../include/vstream.h
qmgr_bounce.o: ../../include/vstring.h
qmgr_bounce.o: qmgr.h
qmgr_bounce.o: qmgr_bounce.c
qmgr_defer.o: ../../include/argv.h
qmgr_defer.o: ../../include/attr.h
qmgr_defer.o: ../../include/bounce.h
qmgr_defer.o: ../../include/defer.h
qmgr_defer.o: ../../include/deliver_request.h
qmgr_defer.o: ../../include/dict.h
qmgr_defer.o: ../../include/dsn.h
qmgr_defer.o: ../../include/dsn_buf.h
qmgr_defer.o: ../../include/maps.h
qmgr_defer.o: ../../include/msg.h
qmgr_defer.o: ../../include/msg_stats.h
qmgr_defer.o: ../../include/recipient_list.h
@ -141,8 +151,10 @@ qmgr_defer.o: ../../include/vstream.h
qmgr_defer.o: ../../include/vstring.h
qmgr_defer.o: qmgr.h
qmgr_defer.o: qmgr_defer.c
qmgr_deliver.o: ../../include/argv.h
qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/dict.h
qmgr_deliver.o: ../../include/dsb_scan.h
qmgr_deliver.o: ../../include/dsn.h
qmgr_deliver.o: ../../include/dsn_buf.h
@ -152,6 +164,7 @@ qmgr_deliver.o: ../../include/iostuff.h
qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/mail_queue.h
qmgr_deliver.o: ../../include/maps.h
qmgr_deliver.o: ../../include/msg.h
qmgr_deliver.o: ../../include/msg_stats.h
qmgr_deliver.o: ../../include/recipient_list.h
@ -165,8 +178,11 @@ qmgr_deliver.o: ../../include/vstring.h
qmgr_deliver.o: ../../include/vstring_vstream.h
qmgr_deliver.o: qmgr.h
qmgr_deliver.o: qmgr_deliver.c
qmgr_enable.o: ../../include/argv.h
qmgr_enable.o: ../../include/dict.h
qmgr_enable.o: ../../include/dsn.h
qmgr_enable.o: ../../include/dsn_buf.h
qmgr_enable.o: ../../include/maps.h
qmgr_enable.o: ../../include/msg.h
qmgr_enable.o: ../../include/recipient_list.h
qmgr_enable.o: ../../include/scan_dir.h
@ -176,12 +192,15 @@ qmgr_enable.o: ../../include/vstream.h
qmgr_enable.o: ../../include/vstring.h
qmgr_enable.o: qmgr.h
qmgr_enable.o: qmgr_enable.c
qmgr_entry.o: ../../include/argv.h
qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: ../../include/deliver_request.h
qmgr_entry.o: ../../include/dict.h
qmgr_entry.o: ../../include/dsn.h
qmgr_entry.o: ../../include/dsn_buf.h
qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/maps.h
qmgr_entry.o: ../../include/msg.h
qmgr_entry.o: ../../include/msg_stats.h
qmgr_entry.o: ../../include/mymalloc.h
@ -205,9 +224,11 @@ qmgr_message.o: ../../include/dsn_attr_map.h
qmgr_message.o: ../../include/dsn_buf.h
qmgr_message.o: ../../include/dsn_mask.h
qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/mail_addr_find.h
qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/maps.h
qmgr_message.o: ../../include/msg.h
qmgr_message.o: ../../include/msg_stats.h
qmgr_message.o: ../../include/myflock.h
@ -232,10 +253,13 @@ qmgr_message.o: ../../include/vstream.h
qmgr_message.o: ../../include/vstring.h
qmgr_message.o: qmgr.h
qmgr_message.o: qmgr_message.c
qmgr_move.o: ../../include/argv.h
qmgr_move.o: ../../include/dict.h
qmgr_move.o: ../../include/dsn.h
qmgr_move.o: ../../include/dsn_buf.h
qmgr_move.o: ../../include/mail_queue.h
qmgr_move.o: ../../include/mail_scan_dir.h
qmgr_move.o: ../../include/maps.h
qmgr_move.o: ../../include/msg.h
qmgr_move.o: ../../include/recipient_list.h
qmgr_move.o: ../../include/scan_dir.h
@ -245,11 +269,14 @@ qmgr_move.o: ../../include/vstream.h
qmgr_move.o: ../../include/vstring.h
qmgr_move.o: qmgr.h
qmgr_move.o: qmgr_move.c
qmgr_queue.o: ../../include/argv.h
qmgr_queue.o: ../../include/dict.h
qmgr_queue.o: ../../include/dsn.h
qmgr_queue.o: ../../include/dsn_buf.h
qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/maps.h
qmgr_queue.o: ../../include/msg.h
qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/recipient_list.h
@ -260,9 +287,12 @@ qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vstring.h
qmgr_queue.o: qmgr.h
qmgr_queue.o: qmgr_queue.c
qmgr_scan.o: ../../include/argv.h
qmgr_scan.o: ../../include/dict.h
qmgr_scan.o: ../../include/dsn.h
qmgr_scan.o: ../../include/dsn_buf.h
qmgr_scan.o: ../../include/mail_scan_dir.h
qmgr_scan.o: ../../include/maps.h
qmgr_scan.o: ../../include/msg.h
qmgr_scan.o: ../../include/mymalloc.h
qmgr_scan.o: ../../include/recipient_list.h
@ -273,7 +303,9 @@ qmgr_scan.o: ../../include/vstream.h
qmgr_scan.o: ../../include/vstring.h
qmgr_scan.o: qmgr.h
qmgr_scan.o: qmgr_scan.c
qmgr_transport.o: ../../include/argv.h
qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/dict.h
qmgr_transport.o: ../../include/dsn.h
qmgr_transport.o: ../../include/dsn_buf.h
qmgr_transport.o: ../../include/events.h
@ -282,6 +314,7 @@ qmgr_transport.o: ../../include/iostuff.h
qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/mail_proto.h
qmgr_transport.o: ../../include/maps.h
qmgr_transport.o: ../../include/msg.h
qmgr_transport.o: ../../include/mymalloc.h
qmgr_transport.o: ../../include/recipient_list.h

15
postfix/src/oqmgr/qmgr.c
View File

@ -328,12 +328,16 @@ int var_local_rcpt_lim; /* XXX */
int var_local_con_lim; /* XXX */
int var_proc_limit;
bool var_verp_bounce_off;
bool var_sender_routing;
int var_qmgr_clog_warn_time;
char *var_snd_relay_maps;
char *var_vrfy_relay_maps;
static QMGR_SCAN *qmgr_incoming;
static QMGR_SCAN *qmgr_deferred;
MAPS *qmgr_snd_relay_maps;
MAPS *qmgr_vrfy_relay_maps;
/* qmgr_deferred_run_event - queue manager heartbeat */
static void qmgr_deferred_run_event(int unused_event, char *dummy)
@ -484,6 +488,12 @@ static void pre_accept(char *unused_name, char **unused_argv)
static void qmgr_pre_init(char *unused_name, char **unused_argv)
{
flush_init();
if (*var_snd_relay_maps)
qmgr_snd_relay_maps =
maps_create(VAR_SND_RELAY_MAPS, var_snd_relay_maps, 0);
if (*var_vrfy_relay_maps)
qmgr_vrfy_relay_maps =
maps_create(VAR_VRFY_RELAY_MAPS, var_vrfy_relay_maps, 0);
}
/* qmgr_post_init - post-jail initialization */
@ -532,6 +542,8 @@ int main(int argc, char **argv)
{
static CONFIG_STR_TABLE str_table[] = {
VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
VAR_SND_RELAY_MAPS, DEF_SND_RELAY_MAPS, &var_snd_relay_maps, 0, 0,
VAR_VRFY_RELAY_MAPS, DEF_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0, 0,
0,
};
static CONFIG_TIME_TABLE time_table[] = {
@ -559,7 +571,6 @@ int main(int argc, char **argv)
static CONFIG_BOOL_TABLE bool_table[] = {
VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user,
VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off,
VAR_SENDER_ROUTING, DEF_SENDER_ROUTING, &var_sender_routing,
0,
};

7
postfix/src/oqmgr/qmgr.h
View File

@ -25,6 +25,7 @@
*/
#include <recipient_list.h>
#include <dsn.h>
#include <maps.h> /* Grr.. sender relay maps */
/*
* The queue manager is built around lots of mutually-referring structures.
@ -320,6 +321,12 @@ extern QMGR_SCAN *qmgr_scan_create(const char *);
extern void qmgr_scan_request(QMGR_SCAN *, int);
extern char *qmgr_scan_next(QMGR_SCAN *);
/*
* qmgr.c
*/
extern MAPS *qmgr_snd_relay_maps;
extern MAPS *qmgr_vrfy_relay_maps;
/* LICENSE
/* .ad
/* .fi

61
postfix/src/oqmgr/qmgr_message.c
View File

@ -126,6 +126,7 @@
#include <split_addr.h>
#include <dsn_mask.h>
#include <dsn_attr_map.h>
#include <mail_addr_find.h>
/* Client stubs. */
@ -844,14 +845,23 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
/* qmgr_resolve_one - resolve or skip one recipient */
static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
const char *addr, RESOLVE_REPLY *reply)
const char *addr, RESOLVE_REPLY *reply,
int do_snd_relay_maps)
{
MAPS *snd_relay_maps;
const char *smarthost;
DSN dsn;
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0)
#define NO_SENDER_RELAY_MAPS 0
#define DO_SENDER_RELAY_MAPS 1
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) {
snd_relay_maps = qmgr_snd_relay_maps;
resolve_clnt_query(addr, reply);
else
} else {
snd_relay_maps = qmgr_vrfy_relay_maps;
resolve_clnt_verify(addr, reply);
}
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
@ -865,6 +875,31 @@ static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
"bad address syntax"));
return (-1);
} else {
/*
* The next-hop destination may be replaced by the per-sender relay
* host.
*
* XXX This violates the principle that qmgr does no map lookups. Map
* changes require process restart which is bad for queue manager
* performance.
*/
if ((reply->flags & RESOLVE_FLAG_SMARTHOST) && do_snd_relay_maps
&& message->sender[0] && snd_relay_maps) {
if ((smarthost = mail_addr_find(snd_relay_maps, message->sender,
(char **) 0)) != 0) {
if (msg_verbose)
msg_info("using smart host %s for sender %s",
smarthost, message->sender);
vstring_strcpy(reply->nexthop, smarthost);
} else if (dict_errno != 0) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
"451 address resolver failure",
"address resolver failure"));
return (-1);
}
}
return (0);
}
}
@ -910,7 +945,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
reply.recipient);
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0)
recipient->address, &reply,
NO_SENDER_RELAY_MAPS) < 0)
continue;
if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
@ -920,6 +956,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Content filtering overrides the address resolver.
*/
else if (message->filter_xport) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0
|| *nexthop == 0)
@ -932,25 +969,15 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Resolve the destination to (transport, nexthop, address). The
* result address may differ from the one specified by the sender.
*/
else if (var_sender_routing == 0) {
else {
if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0)
recipient->address, &reply,
DO_SENDER_RELAY_MAPS) < 0)
continue;
if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
}
/*
* XXX Sender-based routing does not work very well, because it has
* problems with sending bounces.
*/
else {
if (qmgr_resolve_one(message, recipient,
message->sender, &reply) < 0)
continue;
vstring_strcpy(reply.recipient, recipient->address);
}
/*
* Bounce null recipients. This should never happen, but is most
* likely the result of a fault in a different program, so aborting

39
postfix/src/qmgr/Makefile.in
View File

@ -76,6 +76,7 @@ qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/mail_queue.h
qmgr.o: ../../include/mail_server.h
qmgr.o: ../../include/maps.h
qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/msg.h
qmgr.o: ../../include/recipient_list.h
@ -87,10 +88,12 @@ qmgr.o: ../../include/vstring.h
qmgr.o: qmgr.c
qmgr.o: qmgr.h
qmgr_active.o: ../../include/abounce.h
qmgr_active.o: ../../include/argv.h
qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/bounce.h
qmgr_active.o: ../../include/defer.h
qmgr_active.o: ../../include/deliver_request.h
qmgr_active.o: ../../include/dict.h
qmgr_active.o: ../../include/dsn.h
qmgr_active.o: ../../include/dsn_buf.h
qmgr_active.o: ../../include/dsn_mask.h
@ -98,6 +101,7 @@ qmgr_active.o: ../../include/events.h
qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/maps.h
qmgr_active.o: ../../include/msg.h
qmgr_active.o: ../../include/msg_stats.h
qmgr_active.o: ../../include/mymalloc.h
@ -112,12 +116,15 @@ qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vstring.h
qmgr_active.o: qmgr.h
qmgr_active.o: qmgr_active.c
qmgr_bounce.o: ../../include/argv.h
qmgr_bounce.o: ../../include/attr.h
qmgr_bounce.o: ../../include/bounce.h
qmgr_bounce.o: ../../include/deliver_completed.h
qmgr_bounce.o: ../../include/deliver_request.h
qmgr_bounce.o: ../../include/dict.h
qmgr_bounce.o: ../../include/dsn.h
qmgr_bounce.o: ../../include/dsn_buf.h
qmgr_bounce.o: ../../include/maps.h
qmgr_bounce.o: ../../include/msg_stats.h
qmgr_bounce.o: ../../include/recipient_list.h
qmgr_bounce.o: ../../include/scan_dir.h
@ -127,12 +134,15 @@ qmgr_bounce.o: ../../include/vstream.h
qmgr_bounce.o: ../../include/vstring.h
qmgr_bounce.o: qmgr.h
qmgr_bounce.o: qmgr_bounce.c
qmgr_defer.o: ../../include/argv.h
qmgr_defer.o: ../../include/attr.h
qmgr_defer.o: ../../include/bounce.h
qmgr_defer.o: ../../include/defer.h
qmgr_defer.o: ../../include/deliver_request.h
qmgr_defer.o: ../../include/dict.h
qmgr_defer.o: ../../include/dsn.h
qmgr_defer.o: ../../include/dsn_buf.h
qmgr_defer.o: ../../include/maps.h
qmgr_defer.o: ../../include/msg.h
qmgr_defer.o: ../../include/msg_stats.h
qmgr_defer.o: ../../include/recipient_list.h
@ -143,8 +153,10 @@ qmgr_defer.o: ../../include/vstream.h
qmgr_defer.o: ../../include/vstring.h
qmgr_defer.o: qmgr.h
qmgr_defer.o: qmgr_defer.c
qmgr_deliver.o: ../../include/argv.h
qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/dict.h
qmgr_deliver.o: ../../include/dsb_scan.h
qmgr_deliver.o: ../../include/dsn.h
qmgr_deliver.o: ../../include/dsn_buf.h
@ -154,6 +166,7 @@ qmgr_deliver.o: ../../include/iostuff.h
qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/mail_queue.h
qmgr_deliver.o: ../../include/maps.h
qmgr_deliver.o: ../../include/msg.h
qmgr_deliver.o: ../../include/msg_stats.h
qmgr_deliver.o: ../../include/recipient_list.h
@ -167,8 +180,11 @@ qmgr_deliver.o: ../../include/vstring.h
qmgr_deliver.o: ../../include/vstring_vstream.h
qmgr_deliver.o: qmgr.h
qmgr_deliver.o: qmgr_deliver.c
qmgr_enable.o: ../../include/argv.h
qmgr_enable.o: ../../include/dict.h
qmgr_enable.o: ../../include/dsn.h
qmgr_enable.o: ../../include/dsn_buf.h
qmgr_enable.o: ../../include/maps.h
qmgr_enable.o: ../../include/msg.h
qmgr_enable.o: ../../include/recipient_list.h
qmgr_enable.o: ../../include/scan_dir.h
@ -178,12 +194,15 @@ qmgr_enable.o: ../../include/vstream.h
qmgr_enable.o: ../../include/vstring.h
qmgr_enable.o: qmgr.h
qmgr_enable.o: qmgr_enable.c
qmgr_entry.o: ../../include/argv.h
qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: ../../include/deliver_request.h
qmgr_entry.o: ../../include/dict.h
qmgr_entry.o: ../../include/dsn.h
qmgr_entry.o: ../../include/dsn_buf.h
qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/maps.h
qmgr_entry.o: ../../include/msg.h
qmgr_entry.o: ../../include/msg_stats.h
qmgr_entry.o: ../../include/mymalloc.h
@ -195,9 +214,12 @@ qmgr_entry.o: ../../include/vstream.h
qmgr_entry.o: ../../include/vstring.h
qmgr_entry.o: qmgr.h
qmgr_entry.o: qmgr_entry.c
qmgr_job.o: ../../include/argv.h
qmgr_job.o: ../../include/dict.h
qmgr_job.o: ../../include/dsn.h
qmgr_job.o: ../../include/dsn_buf.h
qmgr_job.o: ../../include/htable.h
qmgr_job.o: ../../include/maps.h
qmgr_job.o: ../../include/msg.h
qmgr_job.o: ../../include/mymalloc.h
qmgr_job.o: ../../include/recipient_list.h
@ -221,9 +243,11 @@ qmgr_message.o: ../../include/dsn_attr_map.h
qmgr_message.o: ../../include/dsn_buf.h
qmgr_message.o: ../../include/dsn_mask.h
qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/mail_addr_find.h
qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/maps.h
qmgr_message.o: ../../include/msg.h
qmgr_message.o: ../../include/msg_stats.h
qmgr_message.o: ../../include/myflock.h
@ -249,10 +273,13 @@ qmgr_message.o: ../../include/vstream.h
qmgr_message.o: ../../include/vstring.h
qmgr_message.o: qmgr.h
qmgr_message.o: qmgr_message.c
qmgr_move.o: ../../include/argv.h
qmgr_move.o: ../../include/dict.h
qmgr_move.o: ../../include/dsn.h
qmgr_move.o: ../../include/dsn_buf.h
qmgr_move.o: ../../include/mail_queue.h
qmgr_move.o: ../../include/mail_scan_dir.h
qmgr_move.o: ../../include/maps.h
qmgr_move.o: ../../include/msg.h
qmgr_move.o: ../../include/recipient_list.h
qmgr_move.o: ../../include/scan_dir.h
@ -262,9 +289,12 @@ qmgr_move.o: ../../include/vstream.h
qmgr_move.o: ../../include/vstring.h
qmgr_move.o: qmgr.h
qmgr_move.o: qmgr_move.c
qmgr_peer.o: ../../include/argv.h
qmgr_peer.o: ../../include/dict.h
qmgr_peer.o: ../../include/dsn.h
qmgr_peer.o: ../../include/dsn_buf.h
qmgr_peer.o: ../../include/htable.h
qmgr_peer.o: ../../include/maps.h
qmgr_peer.o: ../../include/msg.h
qmgr_peer.o: ../../include/mymalloc.h
qmgr_peer.o: ../../include/recipient_list.h
@ -275,11 +305,14 @@ qmgr_peer.o: ../../include/vstream.h
qmgr_peer.o: ../../include/vstring.h
qmgr_peer.o: qmgr.h
qmgr_peer.o: qmgr_peer.c
qmgr_queue.o: ../../include/argv.h
qmgr_queue.o: ../../include/dict.h
qmgr_queue.o: ../../include/dsn.h
qmgr_queue.o: ../../include/dsn_buf.h
qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/maps.h
qmgr_queue.o: ../../include/msg.h
qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/recipient_list.h
@ -290,9 +323,12 @@ qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vstring.h
qmgr_queue.o: qmgr.h
qmgr_queue.o: qmgr_queue.c
qmgr_scan.o: ../../include/argv.h
qmgr_scan.o: ../../include/dict.h
qmgr_scan.o: ../../include/dsn.h
qmgr_scan.o: ../../include/dsn_buf.h
qmgr_scan.o: ../../include/mail_scan_dir.h
qmgr_scan.o: ../../include/maps.h
qmgr_scan.o: ../../include/msg.h
qmgr_scan.o: ../../include/mymalloc.h
qmgr_scan.o: ../../include/recipient_list.h
@ -303,7 +339,9 @@ qmgr_scan.o: ../../include/vstream.h
qmgr_scan.o: ../../include/vstring.h
qmgr_scan.o: qmgr.h
qmgr_scan.o: qmgr_scan.c
qmgr_transport.o: ../../include/argv.h
qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/dict.h
qmgr_transport.o: ../../include/dsn.h
qmgr_transport.o: ../../include/dsn_buf.h
qmgr_transport.o: ../../include/events.h
@ -312,6 +350,7 @@ qmgr_transport.o: ../../include/iostuff.h
qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/mail_proto.h
qmgr_transport.o: ../../include/maps.h
qmgr_transport.o: ../../include/msg.h
qmgr_transport.o: ../../include/mymalloc.h
qmgr_transport.o: ../../include/recipient_list.h

15
postfix/src/qmgr/qmgr.c
View File

@ -375,12 +375,16 @@ int var_local_con_lim;
int var_local_rcpt_lim;
int var_proc_limit;
bool var_verp_bounce_off;
bool var_sender_routing;
int var_qmgr_clog_warn_time;
char *var_snd_relay_maps;
char *var_vrfy_relay_maps;
static QMGR_SCAN *qmgr_incoming;
static QMGR_SCAN *qmgr_deferred;
MAPS *qmgr_snd_relay_maps;
MAPS *qmgr_vrfy_relay_maps;
/* qmgr_deferred_run_event - queue manager heartbeat */
static void qmgr_deferred_run_event(int unused_event, char *dummy)
@ -528,6 +532,12 @@ static void pre_accept(char *unused_name, char **unused_argv)
static void qmgr_pre_init(char *unused_name, char **unused_argv)
{
flush_init();
if (*var_snd_relay_maps)
qmgr_snd_relay_maps =
maps_create(VAR_SND_RELAY_MAPS, var_snd_relay_maps, 0);
if (*var_vrfy_relay_maps)
qmgr_vrfy_relay_maps =
maps_create(VAR_VRFY_RELAY_MAPS, var_vrfy_relay_maps, 0);
}
/* qmgr_post_init - post-jail initialization */
@ -586,6 +596,8 @@ int main(int argc, char **argv)
{
static CONFIG_STR_TABLE str_table[] = {
VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
VAR_SND_RELAY_MAPS, DEF_SND_RELAY_MAPS, &var_snd_relay_maps, 0, 0,
VAR_VRFY_RELAY_MAPS, DEF_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0, 0,
0,
};
static CONFIG_TIME_TABLE time_table[] = {
@ -619,7 +631,6 @@ int main(int argc, char **argv)
static CONFIG_BOOL_TABLE bool_table[] = {
VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user,
VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off,
VAR_SENDER_ROUTING, DEF_SENDER_ROUTING, &var_sender_routing,
0,
};

7
postfix/src/qmgr/qmgr.h
View File

@ -25,6 +25,7 @@
*/
#include <recipient_list.h>
#include <dsn.h>
#include <maps.h> /* Grr.. sender relay maps */
/*
* The queue manager is built around lots of mutually-referring structures.
@ -422,6 +423,12 @@ extern QMGR_SCAN *qmgr_scan_create(const char *);
extern void qmgr_scan_request(QMGR_SCAN *, int);
extern char *qmgr_scan_next(QMGR_SCAN *);
/*
* qmgr.c
*/
extern MAPS *qmgr_snd_relay_maps;
extern MAPS *qmgr_vrfy_relay_maps;
/* LICENSE
/* .ad
/* .fi

61
postfix/src/qmgr/qmgr_message.c
View File

@ -135,6 +135,7 @@
#include <split_addr.h>
#include <dsn_mask.h>
#include <dsn_attr_map.h>
#include <mail_addr_find.h>
/* Client stubs. */
@ -886,14 +887,23 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
/* qmgr_resolve_one - resolve or skip one recipient */
static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
const char *addr, RESOLVE_REPLY *reply)
const char *addr, RESOLVE_REPLY *reply,
int do_snd_relay_maps)
{
MAPS *snd_relay_maps;
const char *smarthost;
DSN dsn;
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0)
#define NO_SENDER_RELAY_MAPS 0
#define DO_SENDER_RELAY_MAPS 1
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) {
snd_relay_maps = qmgr_snd_relay_maps;
resolve_clnt_query(addr, reply);
else
} else {
snd_relay_maps = qmgr_vrfy_relay_maps;
resolve_clnt_verify(addr, reply);
}
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
@ -907,6 +917,31 @@ static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
"bad address syntax"));
return (-1);
} else {
/*
* The next-hop destination may be replaced by the per-sender relay
* host.
*
* XXX This violates the principle that qmgr does no map lookups. Map
* changes require process restart which is bad for queue manager
* performance.
*/
if ((reply->flags & RESOLVE_FLAG_SMARTHOST) && do_snd_relay_maps
&& message->sender[0] && snd_relay_maps) {
if ((smarthost = mail_addr_find(snd_relay_maps, message->sender,
(char **) 0)) != 0) {
if (msg_verbose)
msg_info("using smart host %s for sender %s",
smarthost, message->sender);
vstring_strcpy(reply->nexthop, smarthost);
} else if (dict_errno != 0) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
"451 address resolver failure",
"address resolver failure"));
return (-1);
}
}
return (0);
}
}
@ -952,7 +987,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
reply.recipient);
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0)
recipient->address, &reply,
NO_SENDER_RELAY_MAPS) < 0)
continue;
if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
@ -962,6 +998,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Content filtering overrides the address resolver.
*/
else if (message->filter_xport) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0
|| *nexthop == 0)
@ -974,25 +1011,15 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Resolve the destination to (transport, nexthop, address). The
* result address may differ from the one specified by the sender.
*/
else if (var_sender_routing == 0) {
else {
if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0)
recipient->address, &reply,
DO_SENDER_RELAY_MAPS) < 0)
continue;
if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
}
/*
* XXX Sender-based routing does not work very well, because it has
* problems with sending bounces.
*/
else {
if (qmgr_resolve_one(message, recipient,
message->sender, &reply) < 0)
continue;
vstring_strcpy(reply.recipient, recipient->address);
}
/*
* Bounce null recipients. This should never happen, but is most
* likely the result of a fault in a different program, so aborting

12
postfix/src/smtp/smtp.c
View File

@ -152,7 +152,8 @@
/* Enable SASL authentication in the Postfix SMTP client.
/* .IP "\fBsmtp_sasl_password_maps (empty)\fR"
/* Optional SMTP client lookup tables with one username:password entry
/* per remote hostname or domain.
/* per remote hostname or domain (or per sender, when per-sender
/* authentication is enabled).
/* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
/* What authentication mechanisms the Postfix SMTP client is allowed
/* to use.
@ -161,6 +162,13 @@
/* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
/* If non-empty, a Postfix SMTP client filter for the remote SMTP
/* server's list of offered SASL mechanisms.
/* .PP
/* Available in Postfix version 2.3 and later:
/* .IP "\fBsmtp_per_sender_authentication (no)\fR"
/* Enable per-sender authentication in the SMTP client; this is available
/* only with SASL authentication, and disables SMTP connection caching
/* to ensure that mail from different senders will use the appropriate
/* credentials.
/* STARTTLS SUPPORT CONTROLS
/* .ad
/* .fi
@ -507,6 +515,7 @@ bool var_smtp_tls_note_starttls_offer;
char *var_smtp_generic_maps;
char *var_prop_extension;
bool var_smtp_sender_auth;
/*
* Global variables. smtp_errno is set by the address lookup routines and by
@ -800,6 +809,7 @@ int main(int argc, char **argv)
VAR_SMTP_TLS_ENFORCE_PN, DEF_SMTP_TLS_ENFORCE_PN, &var_smtp_tls_enforce_peername,
VAR_SMTP_TLS_NOTEOFFER, DEF_SMTP_TLS_NOTEOFFER, &var_smtp_tls_note_starttls_offer,
#endif
VAR_SMTP_SENDER_AUTH, DEF_SMTP_SENDER_AUTH, &var_smtp_sender_auth,
0,
};

6
postfix/src/smtp/smtp_connect.c
View File

@ -625,8 +625,14 @@ int smtp_connect(SMTP_STATE *state)
* Opportunistic (a.k.a. on-demand) session caching on request by the
* queue manager. This is turned temporarily when a destination has a
* high volume of mail in the active queue.
*
* XXX Disable connection caching when per-sender credentials are
* enabled. We must not send someone elses mail over an authenticated
* connection, and we must not send mail that requires authentication
* over a connection that wasn't authenticated.
*/
if (cpp == sites->argv
&& !var_smtp_sender_auth
&& ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0)
|| (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) {
sess_flags |= SMTP_SESS_FLAG_CACHE;

10
postfix/src/smtp/smtp_sasl_glue.c
View File

@ -116,6 +116,7 @@
#include <mail_params.h>
#include <string_list.h>
#include <maps.h>
#include <mail_addr_find.h>
/*
* Application-specific
@ -329,7 +330,10 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session)
* but didn't canonicalize the TCP port, and did not append the port to
* the MX hostname.
*/
if ((value = maps_find(smtp_sasl_passwd_map, session->host, 0)) != 0
if ((var_sender_auth
&& (value = mail_addr_find(smtp_sasl_passwd_map,
state->request->sender, (char **) 0)) != 0)
|| (value = maps_find(smtp_sasl_passwd_map, session->host, 0)) != 0
|| (value = maps_find(smtp_sasl_passwd_map, session->dest, 0)) != 0) {
session->sasl_username = mystrdup(value);
passwd = split_at(session->sasl_username, ':');
@ -341,8 +345,8 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session)
return (1);
} else {
if (msg_verbose)
msg_info("%s: host `%s' no auth info found",
myname, session->host);
msg_info("%s: no auth info found (sender=`%s', host=`%s')",
myname, state->request->sender, session->host);
return (0);
}
}

4
postfix/src/trivial-rewrite/Makefile.in
View File

@ -94,11 +94,14 @@ resolve.o: ../../include/vstring_vstream.h
resolve.o: resolve.c
resolve.o: transport.h
resolve.o: trivial-rewrite.h
rewrite.o: ../../include/argv.h
rewrite.o: ../../include/attr.h
rewrite.o: ../../include/dict.h
rewrite.o: ../../include/iostuff.h
rewrite.o: ../../include/mail_conf.h
rewrite.o: ../../include/mail_params.h
rewrite.o: ../../include/mail_proto.h
rewrite.o: ../../include/maps.h
rewrite.o: ../../include/msg.h
rewrite.o: ../../include/resolve_clnt.h
rewrite.o: ../../include/resolve_local.h
@ -122,6 +125,7 @@ transport.o: ../../include/match_ops.h
transport.o: ../../include/match_parent_style.h
transport.o: ../../include/msg.h
transport.o: ../../include/mymalloc.h
transport.o: ../../include/resolve_clnt.h
transport.o: ../../include/split_at.h
transport.o: ../../include/stringops.h
transport.o: ../../include/strip_addr.h

18
postfix/src/trivial-rewrite/resolve.c
View File

@ -395,7 +395,8 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* highest precedence to transport associated nexthop information.
*
* Otherwise, with relay or other non-local destinations, the relayhost
* setting overrides the destination domain name.
* setting overrides the recipient domain name, and the per-sender
* relayhost overrides both.
*
* XXX Nag if the recipient domain is listed in multiple domain lists. The
* result is implementation defined, and may break when internals change.
@ -489,8 +490,15 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
}
/*
* With off-host delivery, relayhost overrides recipient domain.
* With off-host delivery, per-sender or global relayhost
* override the recipient domain. The per-sender override is done
* in the client, and permission to do so is is signaled with the
* SMARTHOST flag. This is technically incorrect, but avoids the
* need to change the resolver client protocol for something that
* is irrelevant for most resolver clients, and that most Postfix
* sites will never need.
*/
*flags |= RESOLVE_FLAG_SMARTHOST;
if (*RES_PARAM_VALUE(rp->relayhost))
vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost));
else
@ -529,8 +537,10 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* force mail for any domain in $mydestination/${proxy,inet}_interfaces
* to share the same queue.
*/
if ((destination = split_at(STR(channel), ':')) != 0 && *destination)
if ((destination = split_at(STR(channel), ':')) != 0 && *destination) {
vstring_strcpy(nexthop, destination);
*flags &= ~RESOLVE_FLAG_SMARTHOST;
}
/*
* Sanity checks.
@ -574,7 +584,7 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* XXX Don't override the virtual alias class (error:User unknown) result.
*/
if (rp->transport_info && !(*flags & RESOLVE_CLASS_ALIAS)) {
if (transport_lookup(rp->transport_info, STR(nextrcpt),
if (transport_lookup(rp->transport_info, flags, STR(nextrcpt),
rcpt_domain, channel, nexthop) == 0
&& dict_errno != 0) {
msg_warn("%s lookup failure", rp->transport_maps_name);

46
postfix/src/trivial-rewrite/transport.c
View File

@ -13,8 +13,10 @@
/* void transport_post_init(info)
/* TRANSPORT_INFO *info;
/*
/* int transport_lookup(info, address, rcpt_domain, channel, nexthop)
/* int transport_lookup(info, res_flags, address, rcpt_domain,
/* channel, nexthop)
/* TRANSPORT_INFO *info;
/* int *res_flags;
/* const char *address;
/* const char *rcpt_domain;
/* VSTRING *channel;
@ -35,7 +37,8 @@
/*
/* transport_lookup() finds the channel and nexthop for the given
/* domain, and returns 1 if something was found. Otherwise, 0
/* is returned.
/* is returned. The res_flags SMARTHOST bit is reset when the nexthop
/* information is updated.
/* DIAGNOSTICS
/* The global \fIdict_errno\fR is non-zero when the lookup
/* should be tried again.
@ -77,6 +80,7 @@
#include <maps.h>
#include <match_parent_style.h>
#include <mail_proto.h>
#include <resolve_clnt.h>
/* Application-specific. */
@ -128,7 +132,7 @@ void transport_free(TRANSPORT_INFO *tp)
static void update_entry(const char *new_channel, const char *new_nexthop,
const char *rcpt_domain, VSTRING *channel,
VSTRING *nexthop)
VSTRING *nexthop, int *res_flags)
{
/*
@ -137,8 +141,10 @@ static void update_entry(const char *new_channel, const char *new_nexthop,
* side of ":" is the transport table equivalent of a NOOP.
*/
if (*new_channel == 0) { /* :[nexthop] */
if (*new_nexthop != 0)
if (*new_nexthop != 0) {
vstring_strcpy(nexthop, new_nexthop);
*res_flags &= ~RESOLVE_FLAG_SMARTHOST;
}
}
/*
@ -153,14 +159,18 @@ static void update_entry(const char *new_channel, const char *new_nexthop,
vstring_strcpy(nexthop, rcpt_domain);
else
vstring_strcpy(nexthop, "Address is undeliverable");
*res_flags &= ~RESOLVE_FLAG_SMARTHOST;
}
}
/* find_transport_entry - look up and parse transport table entry */
static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
const char *rcpt_domain, int flags,
VSTRING *channel, VSTRING *nexthop)
static int find_transport_entry(TRANSPORT_INFO *tp, int *res_flags,
const char *key,
const char *rcpt_domain,
int map_flags,
VSTRING *channel,
VSTRING *nexthop)
{
char *saved_value;
const char *host;
@ -179,7 +189,7 @@ static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
*
* XXX Should report lookup failure status to caller instead of aborting.
*/
if ((value = maps_find(tp->transport_path, key, flags)) == 0)
if ((value = maps_find(tp->transport_path, key, map_flags)) == 0)
return (NOTFOUND);
/*
@ -193,7 +203,7 @@ static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
saved_value = mystrdup(value);
host = split_at(saved_value, ':');
update_entry(saved_value, host ? host : "", rcpt_domain,
channel, nexthop);
channel, nexthop, res_flags);
myfree(saved_value);
return (FOUND);
}
@ -205,6 +215,7 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
{
VSTRING *channel = vstring_alloc(10);
VSTRING *nexthop = vstring_alloc(10);
int dummy;
/*
* Technically, the wildcard lookup pattern is redundant. A static map
@ -220,7 +231,8 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
#define FULL 0
#define PARTIAL DICT_FLAG_FIXED
if (find_transport_entry(tp, WILDCARD, "", FULL, channel, nexthop)) {
if (find_transport_entry(tp, &dummy, WILDCARD, "",
FULL, channel, nexthop)) {
tp->transport_errno = 0;
if (tp->wildcard_channel)
vstring_free(tp->wildcard_channel);
@ -240,7 +252,7 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
/* transport_lookup - map a transport domain */
int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
int transport_lookup(TRANSPORT_INFO *tp, int *res_flags, const char *addr,
const char *rcpt_domain,
VSTRING *channel, VSTRING *nexthop)
{
@ -279,7 +291,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
if ((ratsign = strrchr(full_addr, '@')) == 0 || ratsign[1] == 0)
msg_panic("transport_lookup: bad address: \"%s\"", full_addr);
if (find_transport_entry(tp, full_addr, rcpt_domain, FULL, channel, nexthop))
if (find_transport_entry(tp, res_flags, full_addr, rcpt_domain,
FULL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
@ -291,8 +304,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
*/
if ((stripped_addr = strip_addr(full_addr, DISCARD_EXTENSION,
*var_rcpt_delim)) != 0) {
found = find_transport_entry(tp, stripped_addr, rcpt_domain, PARTIAL,
channel, nexthop);
found = find_transport_entry(tp, res_flags, stripped_addr, rcpt_domain,
PARTIAL, channel, nexthop);
myfree(stripped_addr);
if (found)
@ -318,7 +331,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
* with regular expressions.
*/
for (name = ratsign + 1; *name != 0; name = next) {
if (find_transport_entry(tp, name, rcpt_domain, PARTIAL, channel, nexthop))
if (find_transport_entry(tp, res_flags, name, rcpt_domain,
PARTIAL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
@ -338,7 +352,7 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
RETURN_FREE(NOTFOUND);
} else if (tp->wildcard_channel) {
update_entry(STR(tp->wildcard_channel), STR(tp->wildcard_nexthop),
rcpt_domain, channel, nexthop);
rcpt_domain, channel, nexthop, res_flags);
RETURN_FREE(FOUND);
}

2
postfix/src/trivial-rewrite/transport.h
View File

@ -30,7 +30,7 @@ typedef struct TRANSPORT_INFO {
extern TRANSPORT_INFO *transport_pre_init(const char *, const char *);
extern void transport_post_init(TRANSPORT_INFO *);
extern int transport_lookup(TRANSPORT_INFO *, const char *, const char *, VSTRING *, VSTRING *);
extern int transport_lookup(TRANSPORT_INFO *, int *, const char *, const char *, VSTRING *, VSTRING *);
extern void transport_free(TRANSPORT_INFO *);
/* LICENSE

8
postfix/src/trivial-rewrite/trivial-rewrite.c
View File

@ -140,6 +140,11 @@
/* .IP "\fBtransport_maps (empty)\fR"
/* Optional lookup tables with mappings from recipient address to
/* (message delivery transport, next-hop destination).
/* .PP
/* Available in Postfix version 2.3 and later:
/* .IP "\fBsender_relayhost_maps (empty)\fR"
/* A sender-specific override for the global relayhost parameter
/* setting.
/* ADDRESS VERIFICATION CONTROLS
/* .ad
/* .fi
@ -165,6 +170,9 @@
/* .IP "\fBaddress_verify_relayhost ($relayhost)\fR"
/* Overrides the relayhost parameter setting for address verification
/* probes.
/* .IP "\fBaddress_verify_sender_relayhost_maps (empty)\fR"
/* Overrides the sender_relayhost_maps parameter setting for address
/* verification probes.
/* .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
/* Overrides the transport_maps parameter setting for address verification
/* probes.

3
postfix/src/trivial-rewrite/trivial-rewrite.h
View File

@ -18,6 +18,7 @@
* Global library.
*/
#include <tok822.h>
#include <maps.h>
/*
* Connection management.
@ -32,7 +33,7 @@ typedef struct {
char **origin; /* default origin */
const char *domain_name; /* name of variable */
char **domain; /* default domain */
} RWR_CONTEXT;
} RWR_CONTEXT;
#define REW_PARAM_VALUE(x) (*(x)) /* make it easy to do it right */