mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.3-20051124

Browse Source
This commit is contained in:
Wietse Venema 2005-11-24 00:00:00 -05:00 committed by Viktor Dukhovni
parent c6d6830caf
commit a1fca514ef
35 changed files with 875 additions and 416 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
postfix/HISTORY
View File

@ -11436,6 +11436,26 @@ Apologies for any names omitted.
sites that used permit_mx_backup to authorize all their sites that used permit_mx_backup to authorize all their
incoming mail. incoming mail.
20051122
Feature: sender_relayhost_maps, lookup tables that specify
a per-sender override for the relayhost parameter setting.
This is an extended version of a patch by Mathias Hasselmann.
Files: trivial-rewrite/resolve.c, trivial-rewrite/transport.c,
*qmgr/qmgr_message.c.
Feature: address_verify_sender_relayhost_maps, for consistency
with the other address_verify_mumble parameters.
20051124
Feature: smtp_per_sender_auth, to enable per-sender SASL
authentication. This disables SMTP connection caching to
ensure that mail from different senders will be delivered
with the appropriate credentials. This is an extended version
of a patch by Mathias Hasselmann. Files: smtp/smtp_connect.c,
smtp/smtp_sasl_glue.c.
Open problems: Open problems:
"postsuper -r" no longer resets the message arrival time, "postsuper -r" no longer resets the message arrival time,
@ -11548,15 +11568,16 @@ Open problems:
Med: separate ulimit for delivery to command? Med: separate ulimit for delivery to command?
Med: option to open queue file early, after MAIL FROM. Med: option to open queue file early, after MAIL FROM. This
would allow correlation of rejected RCPT TO requests with
Low: log xdelay (esp. for SMTP and delivery to command). accepted requests for the same mail transaction.
Med: silly queue file bit so that the queue manager doesn't Med: silly queue file bit so that the queue manager doesn't
skip files when fast flush is requested while a queue scan skip files when fast flush is requested while a queue scan
is in progress. The bit is set by the flush server and is is in progress. The bit is set by the flush server and is
reset when the mail is deferred, so that it survives queue reset when the mail is deferred, so that it survives queue
manager restart. manager restart. It's not clear, however, how one would
unthrottle disabled transports or queues.
Med: postsuper -r should do something with recipients in Med: postsuper -r should do something with recipients in
bounce logfiles. bounce logfiles.

18
postfix/RELEASE_NOTES
View File

@ -17,6 +17,24 @@ Incompatibility with Postfix 2.1 and earlier
If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2 If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
before proceeding. before proceeding.
Major changes with snapshot 20051124
====================================
This snapshot adds support for sender-dependent ISP accounts.
- Per-sender relayhost support, with the sender_relayhost_maps
feature. The maps are searched with the sender address and with
the sender @domain. The result overrides the global relayhost
setting, but otherwise has identical behavior.
Example: sender_relayhost_maps = hash:/etc/postfix/sender_relay
- Per-sender SASL authentication support. This disables SMTP
connection caching to ensure that mail from different senders
will use the correct authentication credentials.
Example: smtp_per_sender_authentication = yes
Incompatibility with snapshot 20051121 Incompatibility with snapshot 20051121
====================================== ======================================

211
postfix/conf/transport
View File

@ -1,4 +1,4 @@
# TRANSPORT(5) TRANSPORT(5) # TRANSPORT(5) TRANSPORT(5)
# #
# NAME # NAME
# transport - Postfix transport table format # transport - Postfix transport table format
@ -12,46 +12,55 @@
# #
# DESCRIPTION # DESCRIPTION
# The optional transport(5) table specifies a mapping from # The optional transport(5) table specifies a mapping from
# email addresses to message delivery transports and/or # email addresses to message delivery transports and next-
# relay hosts. The mapping is used by the trivial-rewrite(8) # hop hosts. The table is searched by the trivial-rewrite(8)
# daemon. # daemon.
# #
# This mapping overrides the default routing that is built # This mapping overrides the default transport:nexthop
# into Postfix: # selection that is built into Postfix:
# #
# mydestination # local_transport (default: local:$myhostname)
# A list of domains that is by default delivered via # This is the default for final delivery to domains
# $local_transport. This also includes domains that # listed with mydestination, and for [ipaddress] des-
# match $inet_interfaces or $proxy_interfaces. # tinations that match $inet_interfaces or
# $proxy_interfaces. The default nexthop destination
# is the MTA hostname.
# #
# virtual_mailbox_domains # virtual_transport (default: virtual:)
# A list of domains that is by default delivered via # This is the default for final delivery to domains
# $virtual_transport. # listed with virtual_mailbox_domains. The default
# nexthop destination is the recipient domain.
# #
# relay_domains # relay_transport (default: relay:)
# A list of domains that is by default delivered via # This is the default for remote delivery to domains
# $relay_transport. # listed with relay_domains. In order of decreasing
# precedence, the nexthop destination is taken from
# relay_transport, sender_relayhost_maps, relayhost,
# or from the recipient domain.
# #
# any other destination # default_transport (default: smtp:)
# Mail for any other destination is by default deliv- # This is the default for remote delivery to other
# ered via $default_transport. # destinations. In order of decreasing precedence,
# the nexthop destination is taken from
# default_transport, sender_relayhost_maps, relay-
# host, or from the recipient domain.
# #
# Normally, the transport(5) table is specified as a text # Normally, the transport(5) table is specified as a text
# file that serves as input to the postmap(1) command. The # file that serves as input to the postmap(1) command. The
# result, an indexed file in dbm or db format, is used for # result, an indexed file in dbm or db format, is used for
# fast searching by the mail system. Execute the command # fast searching by the mail system. Execute the command
# "postmap /etc/postfix/transport" in order to rebuild the # "postmap /etc/postfix/transport" in order to rebuild the
# indexed file after changing the transport table. # indexed file after changing the transport table.
# #
# When the table is provided via other means such as NIS, # When the table is provided via other means such as NIS,
# LDAP or SQL, the same lookups are done as for ordinary # LDAP or SQL, the same lookups are done as for ordinary
# indexed files. # indexed files.
# #
# Alternatively, the table can be provided as a regular- # Alternatively, the table can be provided as a regular-
# expression map where patterns are given as regular expres- # expression map where patterns are given as regular expres-
# sions, or lookups can be directed to TCP-based server. In # sions, or lookups can be directed to TCP-based server. In
# that case, the lookups are done in a slightly different # that case, the lookups are done in a slightly different
# way as described below under "REGULAR EXPRESSION TABLES" # way as described below under "REGULAR EXPRESSION TABLES"
# and "TCP-BASED TABLES". # and "TCP-BASED TABLES".
# #
# TABLE FORMAT # TABLE FORMAT
@ -62,125 +71,125 @@
# domain, use the corresponding result. # domain, use the corresponding result.
# #
# blank lines and comments # blank lines and comments
# Empty lines and whitespace-only lines are ignored, # Empty lines and whitespace-only lines are ignored,
# as are lines whose first non-whitespace character # as are lines whose first non-whitespace character
# is a `#'. # is a `#'.
# #
# multi-line text # multi-line text
# A logical line starts with non-whitespace text. A # A logical line starts with non-whitespace text. A
# line that starts with whitespace continues a logi- # line that starts with whitespace continues a logi-
# cal line. # cal line.
# #
# The pattern specifies an email address, a domain name, or # The pattern specifies an email address, a domain name, or
# a domain name hierarchy, as described in section "TABLE # a domain name hierarchy, as described in section "TABLE
# LOOKUP". # LOOKUP".
# #
# The result is of the form transport:nexthop and specifies # The result is of the form transport:nexthop and specifies
# how or where to deliver mail. This is described in section # how or where to deliver mail. This is described in section
# "RESULT FORMAT". # "RESULT FORMAT".
# #
# TABLE SEARCH ORDER # TABLE SEARCH ORDER
# With lookups from indexed files such as DB or DBM, or from # With lookups from indexed files such as DB or DBM, or from
# networked tables such as NIS, LDAP or SQL, patterns are # networked tables such as NIS, LDAP or SQL, patterns are
# tried in the order as listed below: # tried in the order as listed below:
# #
# user+extension@domain transport:nexthop # user+extension@domain transport:nexthop
# Deliver mail for user+extension@domain through # Deliver mail for user+extension@domain through
# transport to nexthop. # transport to nexthop.
# #
# user@domain transport:nexthop # user@domain transport:nexthop
# Deliver mail for user@domain through transport to # Deliver mail for user@domain through transport to
# nexthop. # nexthop.
# #
# domain transport:nexthop # domain transport:nexthop
# Deliver mail for domain through transport to nex- # Deliver mail for domain through transport to nex-
# thop. # thop.
# #
# .domain transport:nexthop # .domain transport:nexthop
# Deliver mail for any subdomain of domain through # Deliver mail for any subdomain of domain through
# transport to nexthop. This applies only when the # transport to nexthop. This applies only when the
# string transport_maps is not listed in the par- # string transport_maps is not listed in the par-
# ent_domain_matches_subdomains configuration set- # ent_domain_matches_subdomains configuration set-
# ting. Otherwise, a domain name matches itself and # ting. Otherwise, a domain name matches itself and
# its subdomains. # its subdomains.
# #
# Note 1: the special pattern * represents any address (i.e. # Note 1: the special pattern * represents any address (i.e.
# it functions as the wild-card pattern). # it functions as the wild-card pattern).
# #
# Note 2: the null recipient address is looked up as # Note 2: the null recipient address is looked up as
# $empty_address_recipient@$myhostname (default: mailer-dae- # $empty_address_recipient@$myhostname (default: mailer-dae-
# mon@hostname). # mon@hostname).
# #
# Note 3: user@domain or user+extension@domain lookup is # Note 3: user@domain or user+extension@domain lookup is
# available in Postfix 2.0 and later. # available in Postfix 2.0 and later.
# #
# RESULT FORMAT # RESULT FORMAT
# The lookup result is of the form transport:nexthop. The # The lookup result is of the form transport:nexthop. The
# transport field specifies a mail delivery transport such # transport field specifies a mail delivery transport such
# as smtp or local. The nexthop field specifies where and # as smtp or local. The nexthop field specifies where and
# how to deliver mail. # how to deliver mail.
# #
# The transport field specifies the name of a mail delivery # The transport field specifies the name of a mail delivery
# transport (the first name of a mail delivery service entry # transport (the first name of a mail delivery service entry
# in the Postfix master.cf file). # in the Postfix master.cf file).
# #
# The interpretation of the nexthop field is transport # The interpretation of the nexthop field is transport
# dependent. In the case of SMTP, specify a service on a # dependent. In the case of SMTP, specify a service on a
# non-default port as host:service, and disable MX (mail # non-default port as host:service, and disable MX (mail
# exchanger) DNS lookups with [host] or [host]:port. The [] # exchanger) DNS lookups with [host] or [host]:port. The []
# form is required when you specify an IP address instead of # form is required when you specify an IP address instead of
# a hostname. # a hostname.
# #
# A null transport and null nexthop result means "do not # A null transport and null nexthop result means "do not
# change": use the delivery transport and nexthop informa- # change": use the delivery transport and nexthop informa-
# tion that would be used when the entire transport table # tion that would be used when the entire transport table
# did not exist. # did not exist.
# #
# A non-null transport field with a null nexthop field # A non-null transport field with a null nexthop field
# resets the nexthop information to the recipient domain. # resets the nexthop information to the recipient domain.
# #
# A null transport field with non-null nexthop field does # A null transport field with non-null nexthop field does
# not modify the transport information. # not modify the transport information.
# #
# EXAMPLES # EXAMPLES
# In order to deliver internal mail directly, while using a # In order to deliver internal mail directly, while using a
# mail relay for all other mail, specify a null entry for # mail relay for all other mail, specify a null entry for
# internal destinations (do not change the delivery trans- # internal destinations (do not change the delivery trans-
# port or the nexthop information) and specify a wildcard # port or the nexthop information) and specify a wildcard
# for all other destinations. # for all other destinations.
# #
# my.domain : # my.domain :
# .my.domain : # .my.domain :
# * smtp:outbound-relay.my.domain # * smtp:outbound-relay.my.domain
# #
# In order to send mail for example.com and its subdomains # In order to send mail for example.com and its subdomains
# via the uucp transport to the UUCP host named example: # via the uucp transport to the UUCP host named example:
# #
# example.com uucp:example # example.com uucp:example
# .example.com uucp:example # .example.com uucp:example
# #
# When no nexthop host name is specified, the destination # When no nexthop host name is specified, the destination
# domain name is used instead. For example, the following # domain name is used instead. For example, the following
# directs mail for user@example.com via the slow transport # directs mail for user@example.com via the slow transport
# to a mail exchanger for example.com. The slow transport # to a mail exchanger for example.com. The slow transport
# could be configured to run at most one delivery process at # could be configured to run at most one delivery process at
# a time: # a time:
# #
# example.com slow: # example.com slow:
# #
# When no transport is specified, Postfix uses the transport # When no transport is specified, Postfix uses the transport
# that matches the address domain class (see DESCRIPTION # that matches the address domain class (see DESCRIPTION
# above). The following sends all mail for example.com and # above). The following sends all mail for example.com and
# its subdomains to host gateway.example.com: # its subdomains to host gateway.example.com:
# #
# example.com :[gateway.example.com] # example.com :[gateway.example.com]
# .example.com :[gateway.example.com] # .example.com :[gateway.example.com]
# #
# In the above example, the [] suppress MX lookups. This # In the above example, the [] suppress MX lookups. This
# prevents mail routing loops when your machine is primary # prevents mail routing loops when your machine is primary
# MX host for example.com. # MX host for example.com.
# #
# In the case of delivery via SMTP, one may specify host- # In the case of delivery via SMTP, one may specify host-
# name:service instead of just a host: # name:service instead of just a host:
# #
# example.com smtp:bar.example:2025 # example.com smtp:bar.example:2025
@ -192,57 +201,57 @@
# #
# The error mailer can be used to bounce mail: # The error mailer can be used to bounce mail:
# #
# .example.com error:mail for *.example.com is not # .example.com error:mail for *.example.com is not
# deliverable # deliverable
# #
# This causes all mail for user@anything.example.com to be # This causes all mail for user@anything.example.com to be
# bounced. # bounced.
# #
# REGULAR EXPRESSION TABLES # REGULAR EXPRESSION TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# the table is given in the form of regular expressions. For # the table is given in the form of regular expressions. For
# a description of regular expression lookup table syntax, # a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5). # see regexp_table(5) or pcre_table(5).
# #
# Each pattern is a regular expression that is applied to # Each pattern is a regular expression that is applied to
# the entire address being looked up. Thus, # the entire address being looked up. Thus,
# some.domain.hierarchy is not looked up via its parent # some.domain.hierarchy is not looked up via its parent
# domains, nor is user+foo@domain looked up as user@domain. # domains, nor is user+foo@domain looked up as user@domain.
# #
# Patterns are applied in the order as specified in the # Patterns are applied in the order as specified in the ta-
# table, until a pattern is found that matches the search # ble, until a pattern is found that matches the search
# string. # string.
# #
# Results are the same as with indexed file lookups, with # Results are the same as with indexed file lookups, with
# the additional feature that parenthesized substrings from # the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on. # the pattern can be interpolated as $1, $2 and so on.
# #
# TCP-BASED TABLES # TCP-BASED TABLES
# This section describes how the table lookups change when # This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip- # lookups are directed to a TCP-based server. For a descrip-
# tion of the TCP client/server lookup protocol, see # tion of the TCP client/server lookup protocol, see tcp_ta-
# tcp_table(5). This feature is not available up to and # ble(5). This feature is not available up to and including
# including Postfix version 2.2. # Postfix version 2.2.
# #
# Each lookup operation uses the entire recipient address # Each lookup operation uses the entire recipient address
# once. Thus, some.domain.hierarchy is not looked up via # once. Thus, some.domain.hierarchy is not looked up via
# its parent domains, nor is user+foo@domain looked up as # its parent domains, nor is user+foo@domain looked up as
# user@domain. # user@domain.
# #
# Results are the same as with indexed file lookups. # Results are the same as with indexed file lookups.
# #
# CONFIGURATION PARAMETERS # CONFIGURATION PARAMETERS
# The following main.cf parameters are especially relevant. # The following main.cf parameters are especially relevant.
# The text below provides only a parameter summary. See # The text below provides only a parameter summary. See
# postconf(5) for more details including examples. # postconf(5) for more details including examples.
# #
# empty_address_recipient # empty_address_recipient
# The address that is looked up instead of the null # The address that is looked up instead of the null
# sender address. # sender address.
# #
# parent_domain_matches_subdomains # parent_domain_matches_subdomains
# List of Postfix features that use domain.tld pat- # List of Postfix features that use domain.tld pat-
# terns to match sub.domain.tld (as opposed to # terns to match sub.domain.tld (as opposed to
# requiring .domain.tld patterns). # requiring .domain.tld patterns).
# #
# transport_maps # transport_maps
@ -254,13 +263,13 @@
# postmap(1), Postfix lookup table manager # postmap(1), Postfix lookup table manager
# #
# README FILES # README FILES
# Use "postconf readme_directory" or "postconf html_direc- # Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information. # tory" to locate this information.
# DATABASE_README, Postfix lookup table overview # DATABASE_README, Postfix lookup table overview
# FILTER_README, external content filter # FILTER_README, external content filter
# #
# LICENSE # LICENSE
# The Secure Mailer license must be distributed with this # The Secure Mailer license must be distributed with this
# software. # software.
# #
# AUTHOR(S) # AUTHOR(S)
@ -269,4 +278,4 @@
# P.O. Box 704 # P.O. Box 704
# Yorktown Heights, NY 10598, USA # Yorktown Heights, NY 10598, USA
# #
# TRANSPORT(5) # TRANSPORT(5)

64
postfix/html/postconf.5.html
View File

@ -371,6 +371,21 @@ This feature is available in Postfix 2.1 and later.
</p> </p>
</DD>
<DT><b><a name="address_verify_sender_relayhost_maps">address_verify_sender_relayhost_maps</a>
(default: empty)</b></DT><DD>
<p>
Overrides the <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> parameter setting for address
verification probes.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD> </DD>
<DT><b><a name="address_verify_service_name">address_verify_service_name</a> <DT><b><a name="address_verify_service_name">address_verify_service_name</a>
@ -3539,7 +3554,7 @@ Examples:
</DD> </DD>
<DT><b><a name="local_transport">local_transport</a> <DT><b><a name="local_transport">local_transport</a>
(default: local:$<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD> (default: <a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b></DT><DD>
<p> The default mail delivery transport for domains that match <p> The default mail delivery transport for domains that match
$<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. This $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. This
@ -5645,7 +5660,8 @@ The name of the directory with example Postfix configuration files.
(default: no)</b></DT><DD> (default: no)</b></DT><DD>
<p> <p>
This parameter should not be used. This parameter should not be used. It was replaced by <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a>
in Postfix 2.3.
</p> </p>
@ -5754,6 +5770,20 @@ Example:
</pre> </pre>
</DD>
<DT><b><a name="sender_relayhost_maps">sender_relayhost_maps</a>
(default: empty)</b></DT><DD>
<p> A sender-specific override for the global <a href="postconf.5.html#relayhost">relayhost</a> parameter
setting. The tables are searched by the sender address and by the
sender @domain. </p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD> </DD>
<DT><b><a name="sendmail_path">sendmail_path</a> <DT><b><a name="sendmail_path">sendmail_path</a>
@ -5946,15 +5976,15 @@ or pseudo-destinations: </p>
<ul> <ul>
<li> if mail is sent without a relay host: a domain name (the <li> if mail is sent without a <a href="postconf.5.html#relayhost">relay host</a>: a domain name (the
right-hand side of an email address, without the [] around a numeric right-hand side of an email address, without the [] around a numeric
IP address), IP address),
<li> if mail is sent via a relay host: a relay host name (without <li> if mail is sent via a <a href="postconf.5.html#relayhost">relay host</a>: a <a href="postconf.5.html#relayhost">relay host</a> name (without
[] or non-default TCP port), as specified in main.cf or in the [] or non-default TCP port), as specified in main.cf or in the
transport map, transport map,
<li> a /file/name with domain names and/or relay host names as <li> a /file/name with domain names and/or <a href="postconf.5.html#relayhost">relay host</a> names as
defined above, defined above,
<li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay hosts name on <li> a "<a href="DATABASE_README.html">type:table</a>" with domain names and/or relay hosts name on
@ -6384,7 +6414,7 @@ This feature is available in Postfix 2.1 and later.
(default: 2)</b></DT><DD> (default: 2)</b></DT><DD>
<p> The maximal number of SMTP sessions per delivery request before <p> The maximal number of SMTP sessions per delivery request before
giving up or delivering to a fall-back relay host, or zero (no giving up or delivering to a fall-back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no
limit). This restriction ignores sessions that fail to complete the limit). This restriction ignores sessions that fail to complete the
SMTP initial handshake (Postfix 2.2 and earlier) or that fail to SMTP initial handshake (Postfix 2.2 and earlier) or that fail to
complete the EHLO and TLS handshake (Postfix 2.3 and later). </p> complete the EHLO and TLS handshake (Postfix 2.3 and later). </p>
@ -6401,6 +6431,23 @@ complete the EHLO and TLS handshake (Postfix 2.3 and later). </p>
<a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter. </p> <a href="postconf.5.html#smtp_always_send_ehlo">smtp_always_send_ehlo</a> parameter. </p>
</DD>
<DT><b><a name="smtp_per_sender_authentication">smtp_per_sender_authentication</a>
(default: no)</b></DT><DD>
<p>
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
</DD> </DD>
<DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a> <DT><b><a name="smtp_pix_workaround_delay_time">smtp_pix_workaround_delay_time</a>
@ -6585,8 +6632,9 @@ Examples:
<p> <p>
Optional SMTP client lookup tables with one username:password entry Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no per remote hostname or domain (or per sender address, when per-sender
username:password entry, then the Postfix SMTP client will not authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host. attempt to authenticate to the remote host.
</p> </p>

179
postfix/html/smtp.8.html
View File

@ -188,99 +188,110 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b> <b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional SMTP client lookup tables with one user- Optional SMTP client lookup tables with one user-
name:password entry per remote hostname or domain. name:password entry per remote hostname or domain
(or per sender, when per-sender authentication is
enabled).
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b> <b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
What authentication mechanisms the Postfix SMTP What authentication mechanisms the Postfix SMTP
client is allowed to use. client is allowed to use.
Available in Postfix version 2.2 and later: Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b> <b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
If non-empty, a Postfix SMTP client filter for the If non-empty, a Postfix SMTP client filter for the
remote SMTP server's list of offered SASL mecha- remote SMTP server's list of offered SASL mecha-
nisms. nisms.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtp_per_sender_authentication">smtp_per_sender_authentication</a> (no)</b>
Enable per-sender authentication in the SMTP
client; this is available only with SASL authenti-
cation, and disables SMTP connection caching to
ensure that mail from different senders will use
the appropriate credentials.
<b>STARTTLS SUPPORT CONTROLS</b> <b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document. found in the <a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b> <b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
Opportunistic mode: use TLS when a remote SMTP Opportunistic mode: use TLS when a remote SMTP
server announces STARTTLS support, otherwise send server announces STARTTLS support, otherwise send
the mail in the clear. the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b> <b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
Enforcement mode: require that remote SMTP servers Enforcement mode: require that remote SMTP servers
use TLS encryption, and never send mail in the use TLS encryption, and never send mail in the
clear. clear.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b> <b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b> <b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b>
The SASL authentication security options that the The SASL authentication security options that the
Postfix SMTP client uses for TLS encrypted SMTP Postfix SMTP client uses for TLS encrypted SMTP
sessions. sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
Time limit for Postfix SMTP client write and read Time limit for Postfix SMTP client write and read
operations during TLS startup and shutdown hand- operations during TLS startup and shutdown hand-
shake procedures. shake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
The file with the certificate of the certification The file with the certificate of the certification
authority (CA) that issued the Postfix SMTP client authority (CA) that issued the Postfix SMTP client
certificate. certificate.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
Directory with PEM format certificate authority Directory with PEM format certificate authority
certificates that the Postfix SMTP client uses to certificates that the Postfix SMTP client uses to
verify a remote SMTP server certificate. verify a remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b>
File with the Postfix SMTP client RSA certificate File with the Postfix SMTP client RSA certificate
in PEM format. in PEM format.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
Controls the Postfix SMTP client TLS cipher selec- Controls the Postfix SMTP client TLS cipher selec-
tion scheme. tion scheme.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
File with the Postfix SMTP client DSA certificate File with the Postfix SMTP client DSA certificate
in PEM format. in PEM format.
<b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b> <b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b>
File with the Postfix SMTP client DSA private key File with the Postfix SMTP client DSA private key
in PEM format. in PEM format.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b> <b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
When TLS encryption is enforced, require that the When TLS encryption is enforced, require that the
remote SMTP server hostname matches the information remote SMTP server hostname matches the information
in the remote SMTP server certificate. in the remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b> <b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b>
File with the Postfix SMTP client RSA private key File with the Postfix SMTP client RSA private key
in PEM format. in PEM format.
<b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b> <b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b>
Enable additional Postfix SMTP client logging of Enable additional Postfix SMTP client logging of
TLS activity. TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b> <b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
Log the hostname of a remote SMTP server that Log the hostname of a remote SMTP server that
offers STARTTLS, when TLS is not already enabled offers STARTTLS, when TLS is not already enabled
for that server. for that server.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client Optional lookup tables with the Postfix SMTP client
TLS usage policy by next-hop domain name and by TLS usage policy by next-hop domain name and by
remote SMTP server hostname. remote SMTP server hostname.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b> <b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
The verification depth for remote SMTP server cer- The verification depth for remote SMTP server cer-
tificates. tificates.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b> <b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
Name of the file containing the optional Postfix Name of the file containing the optional Postfix
SMTP client TLS session cache. SMTP client TLS session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b> <b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
@ -288,31 +299,31 @@ SMTP(8) SMTP(8)
sion cache information. sion cache information.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b> <b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a> The number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a> or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
server in order to seed its internal pseudo random server in order to seed its internal pseudo random
number generator (PRNG). number generator (PRNG).
<b>RESOURCE AND RATE CONTROLS</b> <b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b> <b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b> <b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
The maximal number of parallel deliveries to the The maximal number of parallel deliveries to the
same destination via the smtp message delivery same destination via the smtp message delivery
transport. transport.
<b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b> <b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b> <b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
The maximal number of recipients per delivery via The maximal number of recipients per delivery via
the smtp message delivery transport. the smtp message delivery transport.
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b> <b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
The SMTP client time limit for completing a TCP The SMTP client time limit for completing a TCP
connection, or zero (use the operating system connection, or zero (use the operating system
built-in time limit). built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
The SMTP client time limit for sending the HELO or The SMTP client time limit for sending the HELO or
EHLO command, and for receiving the initial server EHLO command, and for receiving the initial server
response. response.
<b><a href="postconf.5.html#smtp_xforward_timeout">smtp_xforward_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_xforward_timeout">smtp_xforward_timeout</a> (300s)</b>
@ -320,30 +331,30 @@ SMTP(8) SMTP(8)
command, and for receiving the server response. command, and for receiving the server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
The SMTP client time limit for sending the MAIL The SMTP client time limit for sending the MAIL
FROM command, and for receiving the server FROM command, and for receiving the server
response. response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
The SMTP client time limit for sending the SMTP The SMTP client time limit for sending the SMTP
RCPT TO command, and for receiving the server RCPT TO command, and for receiving the server
response. response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b> <b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
The SMTP client time limit for sending the SMTP The SMTP client time limit for sending the SMTP
DATA command, and for receiving the server DATA command, and for receiving the server
response. response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b> <b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
The SMTP client time limit for sending the SMTP The SMTP client time limit for sending the SMTP
message content. message content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b> <b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
The SMTP client time limit for sending the SMTP The SMTP client time limit for sending the SMTP
".", and for receiving the server response. ".", and for receiving the server response.
<b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b>
The SMTP client time limit for sending the QUIT The SMTP client time limit for sending the QUIT
command, and for receiving the server response. command, and for receiving the server response.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
@ -354,22 +365,22 @@ SMTP(8) SMTP(8)
lookups, or zero (no limit). lookups, or zero (no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b> <b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
The maximal number of SMTP sessions per delivery The maximal number of SMTP sessions per delivery
request before giving up or delivering to a fall- request before giving up or delivering to a fall-
back relay host, or zero (no limit). back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b> <b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
The SMTP client time limit for sending the RSET The SMTP client time limit for sending the RSET
command, and for receiving the server response. command, and for receiving the server response.
Available in Postfix version 2.2 and later: Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b> <b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
Permanently enable SMTP connection caching for the Permanently enable SMTP connection caching for the
specified destinations. specified destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b> <b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
Temporarily enable SMTP connection caching while a Temporarily enable SMTP connection caching while a
destination has a high volume of mail in the active destination has a high volume of mail in the active
queue. queue.
@ -379,55 +390,55 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b> <b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b>
When SMTP connection caching is enabled, the amount When SMTP connection caching is enabled, the amount
of time that an unused SMTP client socket is kept of time that an unused SMTP client socket is kept
open before it is closed. open before it is closed.
<b>TROUBLE SHOOTING CONTROLS</b> <b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b> <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a The increment in verbose logging level when a
remote client or server matches a pattern in the remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter. <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b> <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname Optional list of remote client or server hostname
or network address patterns that cause the verbose or network address patterns that cause the verbose
logging level to increase by the amount specified logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>. in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b> <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about The recipient of postmaster notifications about
mail delivery problems that are caused by policy, mail delivery problems that are caused by policy,
resource, software or protocol errors. resource, software or protocol errors.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b> <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
The list of error classes that are reported to the The list of error classes that are reported to the
postmaster. postmaster.
<b>MISCELLANEOUS CONTROLS</b> <b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b> <b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
Where the Postfix SMTP client should deliver mail Where the Postfix SMTP client should deliver mail
when it detects a "mail loops back to myself" error when it detects a "mail loops back to myself" error
condition. condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and The default location of the Postfix main.cf and
master.cf configuration files. master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to How much time a Postfix daemon process may take to
handle a request before it is terminated by a handle a request before it is terminated by a
built-in watchdog timer. built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b> <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
The maximal number of digits after the decimal The maximal number of digits after the decimal
point when logging sub-second delay values. point when logging sub-second delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b> <b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP Disable DNS lookups in the Postfix SMTP and LMTP
clients. clients.
<b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b> <b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
Optional list of relay hosts for SMTP destinations Optional list of relay hosts for SMTP destinations
that can't be found or that are unreachable. that can't be found or that are unreachable.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b> <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
@ -435,7 +446,7 @@ SMTP(8) SMTP(8)
tem receives mail on. tem receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b> <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
The Internet protocols Postfix will attempt to use The Internet protocols Postfix will attempt to use
when making or accepting connections. when making or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b> <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
@ -443,55 +454,55 @@ SMTP(8) SMTP(8)
over an internal communication channel. over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix The maximum amount of time that an idle Postfix
daemon process waits for the next service request daemon process waits for the next service request
before exiting. before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b> <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The maximal number of connection requests before a The maximal number of connection requests before a
Postfix daemon process terminates. Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon The process ID of a Postfix command or daemon
process. process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon The process name of a Postfix command or daemon
process. process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b> <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail sys- The network interface addresses that this mail sys-
tem receives mail on by way of a proxy or network tem receives mail on by way of a proxy or network
address translation unit. address translation unit.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b> <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
An optional numerical network address that the SMTP An optional numerical network address that the SMTP
client should bind to when making an IPv4 connec- client should bind to when making an IPv4 connec-
tion. tion.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b> <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
An optional numerical network address that the SMTP An optional numerical network address that the SMTP
client should bind to when making an IPv6 connec- client should bind to when making an IPv6 connec-
tion. tion.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The hostname to send in the SMTP EHLO or HELO com- The hostname to send in the SMTP EHLO or HELO com-
mand. mand.
<b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b> <b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
What mechanisms when the SMTP client uses to look What mechanisms when the SMTP client uses to look
up a host's IP address. up a host's IP address.
<b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b> <b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
Randomize the order of equal-preference MX host Randomize the order of equal-preference MX host
addresses. addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging. The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b> <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the The mail system name that is prepended to the
process name in syslog records, so that "smtpd" process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd". becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b> <b>SEE ALSO</b>
@ -509,7 +520,7 @@ SMTP(8) SMTP(8)
<a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto <a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>

199
postfix/html/transport.5.html
View File

@ -18,46 +18,55 @@ TRANSPORT(5) TRANSPORT(5)
<b>DESCRIPTION</b> <b>DESCRIPTION</b>
The optional <a href="transport.5.html"><b>transport</b>(5)</a> table specifies a mapping from The optional <a href="transport.5.html"><b>transport</b>(5)</a> table specifies a mapping from
email addresses to message delivery transports and/or email addresses to message delivery transports and next-
relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a> hop hosts. The table is searched by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
daemon. daemon.
This mapping overrides the default routing that is built This mapping overrides the default <i>transport</i>:<i>nexthop</i>
into Postfix: selection that is built into Postfix:
<b><a href="postconf.5.html#mydestination">mydestination</a></b> <b><a href="postconf.5.html#local_transport">local_transport</a> (default: <a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b>
A list of domains that is by default delivered via This is the default for final delivery to domains
<b>$<a href="postconf.5.html#local_transport">local_transport</a></b>. This also includes domains that listed with <b><a href="postconf.5.html#mydestination">mydestination</a></b>, and for [<i>ipaddress</i>] des-
match <b>$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or <b>$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>. tinations that match <b>$<a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or
<b>$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>. The default <i>nexthop</i> destination
is the MTA hostname.
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a></b> <b><a href="postconf.5.html#virtual_transport">virtual_transport</a> (default: <a href="virtual.8.html">virtual</a>:)</b>
A list of domains that is by default delivered via This is the default for final delivery to domains
<b>$<a href="postconf.5.html#virtual_transport">virtual_transport</a></b>. listed with <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a></b>. The default
<i>nexthop</i> destination is the recipient domain.
<b><a href="postconf.5.html#relay_domains">relay_domains</a></b> <b><a href="postconf.5.html#relay_transport">relay_transport</a> (default: relay:)</b>
A list of domains that is by default delivered via This is the default for remote delivery to domains
<b>$<a href="postconf.5.html#relay_transport">relay_transport</a></b>. listed with <b><a href="postconf.5.html#relay_domains">relay_domains</a></b>. In order of decreasing
precedence, the <i>nexthop</i> destination is taken from
<b><a href="postconf.5.html#relay_transport">relay_transport</a></b>, <b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a></b>, <b><a href="postconf.5.html#relayhost">relayhost</a></b>,
or from the recipient domain.
any other destination <b><a href="postconf.5.html#default_transport">default_transport</a> (default: <a href="smtp.8.html">smtp</a>:)</b>
Mail for any other destination is by default deliv- This is the default for remote delivery to other
ered via <b>$<a href="postconf.5.html#default_transport">default_transport</a></b>. destinations. In order of decreasing precedence,
the <i>nexthop</i> destination is taken from
<b><a href="postconf.5.html#default_transport">default_transport</a></b>, <b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a></b>, <b><a href="postconf.5.html#relayhost">relay</a>-</b>
<b><a href="postconf.5.html#relayhost">host</a></b>, or from the recipient domain.
Normally, the <a href="transport.5.html"><b>transport</b>(5)</a> table is specified as a text Normally, the <a href="transport.5.html"><b>transport</b>(5)</a> table is specified as a text
file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The file that serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The
result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for result, an indexed file in <b>dbm</b> or <b>db</b> format, is used for
fast searching by the mail system. Execute the command fast searching by the mail system. Execute the command
"<b>postmap /etc/postfix/transport</b>" in order to rebuild the "<b>postmap /etc/postfix/transport</b>" in order to rebuild the
indexed file after changing the transport table. indexed file after changing the transport table.
When the table is provided via other means such as NIS, When the table is provided via other means such as NIS,
LDAP or SQL, the same lookups are done as for ordinary LDAP or SQL, the same lookups are done as for ordinary
indexed files. indexed files.
Alternatively, the table can be provided as a regular- Alternatively, the table can be provided as a regular-
expression map where patterns are given as regular expres- expression map where patterns are given as regular expres-
sions, or lookups can be directed to TCP-based server. In sions, or lookups can be directed to TCP-based server. In
that case, the lookups are done in a slightly different that case, the lookups are done in a slightly different
way as described below under "REGULAR EXPRESSION TABLES" way as described below under "REGULAR EXPRESSION TABLES"
and "TCP-BASED TABLES". and "TCP-BASED TABLES".
<b>TABLE FORMAT</b> <b>TABLE FORMAT</b>
@ -68,125 +77,125 @@ TRANSPORT(5) TRANSPORT(5)
domain, use the corresponding <i>result</i>. domain, use the corresponding <i>result</i>.
blank lines and comments blank lines and comments
Empty lines and whitespace-only lines are ignored, Empty lines and whitespace-only lines are ignored,
as are lines whose first non-whitespace character as are lines whose first non-whitespace character
is a `#'. is a `#'.
multi-line text multi-line text
A logical line starts with non-whitespace text. A A logical line starts with non-whitespace text. A
line that starts with whitespace continues a logi- line that starts with whitespace continues a logi-
cal line. cal line.
The <i>pattern</i> specifies an email address, a domain name, or The <i>pattern</i> specifies an email address, a domain name, or
a domain name hierarchy, as described in section "TABLE a domain name hierarchy, as described in section "TABLE
LOOKUP". LOOKUP".
The <i>result</i> is of the form <i>transport:nexthop</i> and specifies The <i>result</i> is of the form <i>transport:nexthop</i> and specifies
how or where to deliver mail. This is described in section how or where to deliver mail. This is described in section
"RESULT FORMAT". "RESULT FORMAT".
<b>TABLE SEARCH ORDER</b> <b>TABLE SEARCH ORDER</b>
With lookups from indexed files such as DB or DBM, or from With lookups from indexed files such as DB or DBM, or from
networked tables such as NIS, LDAP or SQL, patterns are networked tables such as NIS, LDAP or SQL, patterns are
tried in the order as listed below: tried in the order as listed below:
<i>user+extension@domain transport</i>:<i>nexthop</i> <i>user+extension@domain transport</i>:<i>nexthop</i>
Deliver mail for <i>user+extension@domain</i> through Deliver mail for <i>user+extension@domain</i> through
<i>transport</i> to <i>nexthop</i>. <i>transport</i> to <i>nexthop</i>.
<i>user@domain transport</i>:<i>nexthop</i> <i>user@domain transport</i>:<i>nexthop</i>
Deliver mail for <i>user@domain</i> through <i>transport</i> to Deliver mail for <i>user@domain</i> through <i>transport</i> to
<i>nexthop</i>. <i>nexthop</i>.
<i>domain transport</i>:<i>nexthop</i> <i>domain transport</i>:<i>nexthop</i>
Deliver mail for <i>domain</i> through <i>transport</i> to <i>nex-</i> Deliver mail for <i>domain</i> through <i>transport</i> to <i>nex-</i>
<i>thop</i>. <i>thop</i>.
<i>.domain transport</i>:<i>nexthop</i> <i>.domain transport</i>:<i>nexthop</i>
Deliver mail for any subdomain of <i>domain</i> through Deliver mail for any subdomain of <i>domain</i> through
<i>transport</i> to <i>nexthop</i>. This applies only when the <i>transport</i> to <i>nexthop</i>. This applies only when the
string <b><a href="postconf.5.html#transport_maps">transport_maps</a></b> is not listed in the <b>par-</b> string <b><a href="postconf.5.html#transport_maps">transport_maps</a></b> is not listed in the <b>par-</b>
<b>ent_domain_matches_subdomains</b> configuration set- <b>ent_domain_matches_subdomains</b> configuration set-
ting. Otherwise, a domain name matches itself and ting. Otherwise, a domain name matches itself and
its subdomains. its subdomains.
Note 1: the special pattern <b>*</b> represents any address (i.e. Note 1: the special pattern <b>*</b> represents any address (i.e.
it functions as the wild-card pattern). it functions as the wild-card pattern).
Note 2: the null recipient address is looked up as Note 2: the null recipient address is looked up as
<b>$<a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>@<b>$<a href="postconf.5.html#myhostname">myhostname</a></b> (default: mailer-dae- <b>$<a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>@<b>$<a href="postconf.5.html#myhostname">myhostname</a></b> (default: mailer-dae-
mon@hostname). mon@hostname).
Note 3: <i>user@domain</i> or <i>user+extension@domain</i> lookup is Note 3: <i>user@domain</i> or <i>user+extension@domain</i> lookup is
available in Postfix 2.0 and later. available in Postfix 2.0 and later.
<b>RESULT FORMAT</b> <b>RESULT FORMAT</b>
The lookup result is of the form <i>transport</i><b>:</b><i>nexthop</i>. The The lookup result is of the form <i>transport</i><b>:</b><i>nexthop</i>. The
<i>transport</i> field specifies a mail delivery transport such <i>transport</i> field specifies a mail delivery transport such
as <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and as <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where and
how to deliver mail. how to deliver mail.
The transport field specifies the name of a mail delivery The transport field specifies the name of a mail delivery
transport (the first name of a mail delivery service entry transport (the first name of a mail delivery service entry
in the Postfix <b>master.cf</b> file). in the Postfix <b>master.cf</b> file).
The interpretation of the nexthop field is transport The interpretation of the nexthop field is transport
dependent. In the case of SMTP, specify a service on a dependent. In the case of SMTP, specify a service on a
non-default port as <i>host</i>:<i>service</i>, and disable MX (mail non-default port as <i>host</i>:<i>service</i>, and disable MX (mail
exchanger) DNS lookups with [<i>host</i>] or [<i>host</i>]:<i>port</i>. The [] exchanger) DNS lookups with [<i>host</i>] or [<i>host</i>]:<i>port</i>. The []
form is required when you specify an IP address instead of form is required when you specify an IP address instead of
a hostname. a hostname.
A null <i>transport</i> and null <i>nexthop</i> result means "do not A null <i>transport</i> and null <i>nexthop</i> result means "do not
change": use the delivery transport and nexthop informa- change": use the delivery transport and nexthop informa-
tion that would be used when the entire transport table tion that would be used when the entire transport table
did not exist. did not exist.
A non-null <i>transport</i> field with a null <i>nexthop</i> field A non-null <i>transport</i> field with a null <i>nexthop</i> field
resets the nexthop information to the recipient domain. resets the nexthop information to the recipient domain.
A null <i>transport</i> field with non-null <i>nexthop</i> field does A null <i>transport</i> field with non-null <i>nexthop</i> field does
not modify the transport information. not modify the transport information.
<b>EXAMPLES</b> <b>EXAMPLES</b>
In order to deliver internal mail directly, while using a In order to deliver internal mail directly, while using a
mail relay for all other mail, specify a null entry for mail relay for all other mail, specify a null entry for
internal destinations (do not change the delivery trans- internal destinations (do not change the delivery trans-
port or the nexthop information) and specify a wildcard port or the nexthop information) and specify a wildcard
for all other destinations. for all other destinations.
<b>my.domain :</b> <b>my.domain :</b>
<b>.my.domain :</b> <b>.my.domain :</b>
<b>* <a href="smtp.8.html">smtp</a>:outbound-relay.my.domain</b> <b>* <a href="smtp.8.html">smtp</a>:outbound-relay.my.domain</b>
In order to send mail for <b>example.com</b> and its subdomains In order to send mail for <b>example.com</b> and its subdomains
via the <b>uucp</b> transport to the UUCP host named <b>example</b>: via the <b>uucp</b> transport to the UUCP host named <b>example</b>:
<b>example.com uucp:example</b> <b>example.com uucp:example</b>
<b>.example.com uucp:example</b> <b>.example.com uucp:example</b>
When no nexthop host name is specified, the destination When no nexthop host name is specified, the destination
domain name is used instead. For example, the following domain name is used instead. For example, the following
directs mail for <i>user</i>@<b>example.com</b> via the <b>slow</b> transport directs mail for <i>user</i>@<b>example.com</b> via the <b>slow</b> transport
to a mail exchanger for <b>example.com</b>. The <b>slow</b> transport to a mail exchanger for <b>example.com</b>. The <b>slow</b> transport
could be configured to run at most one delivery process at could be configured to run at most one delivery process at
a time: a time:
<b>example.com slow:</b> <b>example.com slow:</b>
When no transport is specified, Postfix uses the transport When no transport is specified, Postfix uses the transport
that matches the address domain class (see DESCRIPTION that matches the address domain class (see DESCRIPTION
above). The following sends all mail for <b>example.com</b> and above). The following sends all mail for <b>example.com</b> and
its subdomains to host <b>gateway.example.com</b>: its subdomains to host <b>gateway.example.com</b>:
<b>example.com :[gateway.example.com]</b> <b>example.com :[gateway.example.com]</b>
<b>.example.com :[gateway.example.com]</b> <b>.example.com :[gateway.example.com]</b>
In the above example, the [] suppress MX lookups. This In the above example, the [] suppress MX lookups. This
prevents mail routing loops when your machine is primary prevents mail routing loops when your machine is primary
MX host for <b>example.com</b>. MX host for <b>example.com</b>.
In the case of delivery via SMTP, one may specify <i>host-</i> In the case of delivery via SMTP, one may specify <i>host-</i>
<i>name</i>:<i>service</i> instead of just a host: <i>name</i>:<i>service</i> instead of just a host:
<b>example.com <a href="smtp.8.html">smtp</a>:bar.example:2025</b> <b>example.com <a href="smtp.8.html">smtp</a>:bar.example:2025</b>
@ -198,57 +207,57 @@ TRANSPORT(5) TRANSPORT(5)
The error mailer can be used to bounce mail: The error mailer can be used to bounce mail:
<b>.example.com <a href="error.8.html">error</a>:mail for *.example.com is not</b> <b>.example.com <a href="error.8.html">error</a>:mail for *.example.com is not</b>
<b>deliverable</b> <b>deliverable</b>
This causes all mail for <i>user</i>@<i>anything</i><b>.example.com</b> to be This causes all mail for <i>user</i>@<i>anything</i><b>.example.com</b> to be
bounced. bounced.
<b>REGULAR EXPRESSION TABLES</b> <b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
the table is given in the form of regular expressions. For the table is given in the form of regular expressions. For
a description of regular expression lookup table syntax, a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to Each pattern is a regular expression that is applied to
the entire address being looked up. Thus, the entire address being looked up. Thus,
<i>some.domain.hierarchy</i> is not looked up via its parent <i>some.domain.hierarchy</i> is not looked up via its parent
domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>. domains, nor is <i>user+foo@domain</i> looked up as <i>user@domain</i>.
Patterns are applied in the order as specified in the ta- Patterns are applied in the order as specified in the ta-
ble, until a pattern is found that matches the search ble, until a pattern is found that matches the search
string. string.
Results are the same as with indexed file lookups, with Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on. the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b> <b>TCP-BASED TABLES</b>
This section describes how the table lookups change when This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip- lookups are directed to a TCP-based server. For a descrip-
tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a> tion of the TCP client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_ta-</b></a>
<a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including <a href="tcp_table.5.html"><b>ble</b>(5)</a>. This feature is not available up to and including
Postfix version 2.2. Postfix version 2.2.
Each lookup operation uses the entire recipient address Each lookup operation uses the entire recipient address
once. Thus, <i>some.domain.hierarchy</i> is not looked up via once. Thus, <i>some.domain.hierarchy</i> is not looked up via
its parent domains, nor is <i>user+foo@domain</i> looked up as its parent domains, nor is <i>user+foo@domain</i> looked up as
<i>user@domain</i>. <i>user@domain</i>.
Results are the same as with indexed file lookups. Results are the same as with indexed file lookups.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
The following <b>main.cf</b> parameters are especially relevant. The following <b>main.cf</b> parameters are especially relevant.
The text below provides only a parameter summary. See The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples. <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b> <b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a></b>
The address that is looked up instead of the null The address that is looked up instead of the null
sender address. sender address.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b> <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a></b>
List of Postfix features that use <i>domain.tld</i> pat- List of Postfix features that use <i>domain.tld</i> pat-
terns to match <i>sub.domain.tld</i> (as opposed to terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns). requiring <i>.domain.tld</i> patterns).
<b><a href="postconf.5.html#transport_maps">transport_maps</a></b> <b><a href="postconf.5.html#transport_maps">transport_maps</a></b>
@ -264,7 +273,7 @@ TRANSPORT(5) TRANSPORT(5)
<a href="FILTER_README.html">FILTER_README</a>, external content filter <a href="FILTER_README.html">FILTER_README</a>, external content filter
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>

30
postfix/html/trivial-rewrite.8.html
View File

@ -144,7 +144,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<a href="postconf.5.html#virtual_transport">tual_transport</a>, <a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, <a href="postconf.5.html#virtual_transport">tual_transport</a>, <a href="postconf.5.html#relay_transport">relay_transport</a>, <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>,
<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> or <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. <a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> or <a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
<b><a href="postconf.5.html#local_transport">local_transport</a> (local:$<a href="postconf.5.html#myhostname">myhostname</a>)</b> <b><a href="postconf.5.html#local_transport">local_transport</a> (<a href="local.8.html">local</a>:$<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The default mail delivery transport for domains The default mail delivery transport for domains
that match $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or that match $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
@ -181,13 +181,19 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address to (message delivery transport, next-hop address to (message delivery transport, next-hop
destination). destination).
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> (empty)</b>
A sender-specific override for the global <a href="postconf.5.html#relayhost">relayhost</a>
parameter setting.
<b>ADDRESS VERIFICATION CONTROLS</b> <b>ADDRESS VERIFICATION CONTROLS</b>
Postfix version 2.1 introduces sender and recipient Postfix version 2.1 introduces sender and recipient
address verification. This feature is implemented by address verification. This feature is implemented by
sending probe email messages that are not actually deliv- sending probe email messages that are not actually deliv-
ered. By default, address verification probes use the ered. By default, address verification probes use the
same route as regular mail. To override specific aspects same route as regular mail. To override specific aspects
of message routing for address verification probes, spec- of message routing for address verification probes, spec-
ify one or more of the following: ify one or more of the following:
<b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b> <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
@ -195,7 +201,7 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address verification probes. address verification probes.
<b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b> <b><a href="postconf.5.html#address_verify_virtual_transport">address_verify_virtual_transport</a> ($<a href="postconf.5.html#virtual_transport">virtual_transport</a>)</b>
Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting Overrides the <a href="postconf.5.html#virtual_transport">virtual_transport</a> parameter setting
for address verification probes. for address verification probes.
<b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b> <b><a href="postconf.5.html#address_verify_relay_transport">address_verify_relay_transport</a> ($<a href="postconf.5.html#relay_transport">relay_transport</a>)</b>
@ -203,13 +209,17 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
address verification probes. address verification probes.
<b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b> <b><a href="postconf.5.html#address_verify_default_transport">address_verify_default_transport</a> ($<a href="postconf.5.html#default_transport">default_transport</a>)</b>
Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting Overrides the <a href="postconf.5.html#default_transport">default_transport</a> parameter setting
for address verification probes. for address verification probes.
<b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b> <b><a href="postconf.5.html#address_verify_relayhost">address_verify_relayhost</a> ($<a href="postconf.5.html#relayhost">relayhost</a>)</b>
Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for Overrides the <a href="postconf.5.html#relayhost">relayhost</a> parameter setting for
address verification probes. address verification probes.
<b><a href="postconf.5.html#address_verify_sender_relayhost_maps">address_verify_sender_relayhost_maps</a> (empty)</b>
Overrides the <a href="postconf.5.html#sender_relayhost_maps">sender_relayhost_maps</a> parameter set-
ting for address verification probes.
<b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b> <b><a href="postconf.5.html#address_verify_transport_maps">address_verify_transport_maps</a> ($<a href="postconf.5.html#transport_maps">transport_maps</a>)</b>
Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for Overrides the <a href="postconf.5.html#transport_maps">transport_maps</a> parameter setting for
address verification probes. address verification probes.

26
postfix/man/man5/postconf.5
View File

@ -197,6 +197,11 @@ address_verify_sender = postmaster@my.domain
.ft R .ft R
.PP .PP
This feature is available in Postfix 2.1 and later. This feature is available in Postfix 2.1 and later.
.SH address_verify_sender_relayhost_maps (default: empty)
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
.PP
This feature is available in Postfix 2.3 and later.
.SH address_verify_service_name (default: verify) .SH address_verify_service_name (default: verify)
The name of the \fBverify\fR(8) address verification service. This service The name of the \fBverify\fR(8) address verification service. This service
maintains the status of sender and/or recipient address verification maintains the status of sender and/or recipient address verification
@ -3149,7 +3154,8 @@ This feature is available in Postfix 2.0 and later.
.SH sample_directory (default: /etc/postfix) .SH sample_directory (default: /etc/postfix)
The name of the directory with example Postfix configuration files. The name of the directory with example Postfix configuration files.
.SH sender_based_routing (default: no) .SH sender_based_routing (default: no)
This parameter should not be used. This parameter should not be used. It was replaced by sender_relayhost_maps
in Postfix 2.3.
.SH sender_bcc_maps (default: empty) .SH sender_bcc_maps (default: empty)
Optional BCC (blind carbon-copy) address lookup tables, indexed Optional BCC (blind carbon-copy) address lookup tables, indexed
by sender address. The BCC address (multiple results are not by sender address. The BCC address (multiple results are not
@ -3222,6 +3228,12 @@ sender_canonical_maps = hash:/etc/postfix/sender_canonical
.fi .fi
.ad .ad
.ft R .ft R
.SH sender_relayhost_maps (default: empty)
A sender-specific override for the global relayhost parameter
setting. The tables are searched by the sender address and by the
sender @domain.
.PP
This feature is available in Postfix 2.3 and later.
.SH sendmail_path (default: see "postconf -d" output) .SH sendmail_path (default: see "postconf -d" output)
A Sendmail compatibility feature that specifies the location of A Sendmail compatibility feature that specifies the location of
the Postfix \fBsendmail\fR(1) command. This command can be used to the Postfix \fBsendmail\fR(1) command. This command can be used to
@ -3582,6 +3594,13 @@ This feature is available in Postfix 2.1 and later.
.SH smtp_never_send_ehlo (default: no) .SH smtp_never_send_ehlo (default: no)
Never send EHLO at the start of an SMTP session. See also the Never send EHLO at the start of an SMTP session. See also the
smtp_always_send_ehlo parameter. smtp_always_send_ehlo parameter.
.SH smtp_per_sender_authentication (default: no)
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
.PP
This feature is available in Postfix 2.3 and later.
.SH smtp_pix_workaround_delay_time (default: 10s) .SH smtp_pix_workaround_delay_time (default: 10s)
How long the Postfix SMTP client pauses before sending How long the Postfix SMTP client pauses before sending
".<CR><LF>" in order to work around the PIX firewall ".<CR><LF>" in order to work around the PIX firewall
@ -3684,8 +3703,9 @@ smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
.ft R .ft R
.SH smtp_sasl_password_maps (default: empty) .SH smtp_sasl_password_maps (default: empty)
Optional SMTP client lookup tables with one username:password entry Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no per remote hostname or domain (or per sender address, when per-sender
username:password entry, then the Postfix SMTP client will not authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host. attempt to authenticate to the remote host.
.PP .PP
The Postfix SMTP client opens the lookup table before going to The Postfix SMTP client opens the lookup table before going to

43
postfix/man/man5/transport.5
View File

@ -17,24 +17,33 @@ Postfix transport table format
.ad .ad
.fi .fi
The optional \fBtransport\fR(5) table specifies a mapping from email The optional \fBtransport\fR(5) table specifies a mapping from email
addresses to message delivery transports and/or relay hosts. The addresses to message delivery transports and next-hop hosts. The
mapping is used by the \fBtrivial-rewrite\fR(8) daemon. table is searched by the \fBtrivial-rewrite\fR(8) daemon.
This mapping overrides the default routing that is built into This mapping overrides the default \fItransport\fR:\fInexthop\fR
Postfix: selection that is built into Postfix:
.IP \fBmydestination\fR .IP "\fBlocal_transport (default: local:$myhostname)\fR"
A list of domains that is by default delivered via This is the default for final delivery to domains listed
\fB$local_transport\fR. This also includes domains with \fBmydestination\fR, and for [\fIipaddress\fR]
that match \fB$inet_interfaces\fR or \fB$proxy_interfaces\fR. destinations that match \fB$inet_interfaces\fR or
.IP \fBvirtual_mailbox_domains\fR \fB$proxy_interfaces\fR. The default \fInexthop\fR destination
A list of domains that is by default delivered via is the MTA hostname.
\fB$virtual_transport\fR. .IP "\fBvirtual_transport (default: virtual:)\fR"
.IP \fBrelay_domains\fR This is the default for final delivery to domains listed
A list of domains that is by default delivered via with \fBvirtual_mailbox_domains\fR. The default \fInexthop\fR
\fB$relay_transport\fR. destination is the recipient domain.
.IP "any other destination" .IP "\fBrelay_transport (default: relay:)\fR"
Mail for any other destination is by default delivered via This is the default for remote delivery to domains listed
\fB$default_transport\fR. with \fBrelay_domains\fR. In order of decreasing precedence,
the \fInexthop\fR destination is taken from \fBrelay_transport\fR,
\fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
recipient domain.
.IP "\fBdefault_transport (default: smtp:)\fR"
This is the default for remote delivery to other destinations.
In order of decreasing precedence, the \fInexthop\fR
destination is taken from \fBdefault_transport\fR,
\fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
recipient domain.
.PP .PP
Normally, the \fBtransport\fR(5) table is specified as a text file Normally, the \fBtransport\fR(5) table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command. that serves as input to the \fBpostmap\fR(1) command.

10
postfix/man/man8/smtp.8
View File

@ -176,7 +176,8 @@ response announces XFORWARD support.
Enable SASL authentication in the Postfix SMTP client. Enable SASL authentication in the Postfix SMTP client.
.IP "\fBsmtp_sasl_password_maps (empty)\fR" .IP "\fBsmtp_sasl_password_maps (empty)\fR"
Optional SMTP client lookup tables with one username:password entry Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. per remote hostname or domain (or per sender, when per-sender
authentication is enabled).
.IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR" .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
What authentication mechanisms the Postfix SMTP client is allowed What authentication mechanisms the Postfix SMTP client is allowed
to use. to use.
@ -185,6 +186,13 @@ Available in Postfix version 2.2 and later:
.IP "\fBsmtp_sasl_mechanism_filter (empty)\fR" .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
If non-empty, a Postfix SMTP client filter for the remote SMTP If non-empty, a Postfix SMTP client filter for the remote SMTP
server's list of offered SASL mechanisms. server's list of offered SASL mechanisms.
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsmtp_per_sender_authentication (no)\fR"
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
.SH "STARTTLS SUPPORT CONTROLS" .SH "STARTTLS SUPPORT CONTROLS"
.na .na
.nf .nf

8
postfix/man/man8/trivial-rewrite.8
View File

@ -162,6 +162,11 @@ in the optional \fBtransport\fR(5) table.
.IP "\fBtransport_maps (empty)\fR" .IP "\fBtransport_maps (empty)\fR"
Optional lookup tables with mappings from recipient address to Optional lookup tables with mappings from recipient address to
(message delivery transport, next-hop destination). (message delivery transport, next-hop destination).
.PP
Available in Postfix version 2.3 and later:
.IP "\fBsender_relayhost_maps (empty)\fR"
A sender-specific override for the global relayhost parameter
setting.
.SH "ADDRESS VERIFICATION CONTROLS" .SH "ADDRESS VERIFICATION CONTROLS"
.na .na
.nf .nf
@ -189,6 +194,9 @@ verification probes.
.IP "\fBaddress_verify_relayhost ($relayhost)\fR" .IP "\fBaddress_verify_relayhost ($relayhost)\fR"
Overrides the relayhost parameter setting for address verification Overrides the relayhost parameter setting for address verification
probes. probes.
.IP "\fBaddress_verify_sender_relayhost_maps (empty)\fR"
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
.IP "\fBaddress_verify_transport_maps ($transport_maps)\fR" .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
Overrides the transport_maps parameter setting for address verification Overrides the transport_maps parameter setting for address verification
probes. probes.

15
postfix/mantools/postlink
View File

@ -77,7 +77,8 @@ while (<>) {
s;\baddress_verify_positive_expire_time\b;<a href="postconf.5.html#address_verify_positive_expire_time">$&</a>;g; s;\baddress_verify_positive_expire_time\b;<a href="postconf.5.html#address_verify_positive_expire_time">$&</a>;g;
s;\baddress_verify_positive_refresh_time\b;<a href="postconf.5.html#address_verify_positive_refresh_time">$&</a>;g; s;\baddress_verify_positive_refresh_time\b;<a href="postconf.5.html#address_verify_positive_refresh_time">$&</a>;g;
s;\baddress_verify_relay_transport\b;<a href="postconf.5.html#address_verify_relay_transport">$&</a>;g; s;\baddress_verify_relay_transport\b;<a href="postconf.5.html#address_verify_relay_transport">$&</a>;g;
s;\baddress_verify_relayhost\b;<a href="postconf.5.html#address_verify_relayhost">$&</a>;g; s;\baddress_verify_relay[-</bB>]*\n*[ <bB>]*host\b;<a href="postconf.5.html#address_verify_relayhost">$&</a>;g;
s;\baddress_verify_sender_relay[-</bB>]*\n*[ <bB>]*host_maps\b;<a href="postconf.5.html#address_verify_sender_relayhost_maps">$&</a>;g;
s;\baddress_verify_sender\b;<a href="postconf.5.html#address_verify_sender">$&</a>;g; s;\baddress_verify_sender\b;<a href="postconf.5.html#address_verify_sender">$&</a>;g;
s;\baddress_verify_service_name\b;<a href="postconf.5.html#address_verify_service_name">$&</a>;g; s;\baddress_verify_service_name\b;<a href="postconf.5.html#address_verify_service_name">$&</a>;g;
s;\baddress_verify_transport_maps\b;<a href="postconf.5.html#address_verify_transport_maps">$&</a>;g; s;\baddress_verify_transport_maps\b;<a href="postconf.5.html#address_verify_transport_maps">$&</a>;g;
@ -183,7 +184,7 @@ while (<>) {
s;\bignore_mx_lookup_error\b;<a href="postconf.5.html#ignore_mx_lookup_error">$&</a>;g; s;\bignore_mx_lookup_error\b;<a href="postconf.5.html#ignore_mx_lookup_error">$&</a>;g;
s;\bimport_environment\b;<a href="postconf.5.html#import_environment">$&</a>;g; s;\bimport_environment\b;<a href="postconf.5.html#import_environment">$&</a>;g;
s;\bin_flow_delay\b;<a href="postconf.5.html#in_flow_delay">$&</a>;g; s;\bin_flow_delay\b;<a href="postconf.5.html#in_flow_delay">$&</a>;g;
s;\binet_interfaces\b;<a href="postconf.5.html#inet_interfaces">$&</a>;g; s;\binet_inter[-</bB>]*\n*[ <bB>]*faces\b;<a href="postconf.5.html#inet_interfaces">$&</a>;g;
s;\binet_protocols\b;<a href="postconf.5.html#inet_protocols">$&</a>;g; s;\binet_protocols\b;<a href="postconf.5.html#inet_protocols">$&</a>;g;
s;\binitial_destination_concurrency\b;<a href="postconf.5.html#initial_destination_concurrency">$&</a>;g; s;\binitial_destination_concurrency\b;<a href="postconf.5.html#initial_destination_concurrency">$&</a>;g;
s;\binvalid_hostname_reject_code\b;<a href="postconf.5.html#invalid_hostname_reject_code">$&</a>;g; s;\binvalid_hostname_reject_code\b;<a href="postconf.5.html#invalid_hostname_reject_code">$&</a>;g;
@ -263,7 +264,7 @@ while (<>) {
s;\bprocess_id_directory\b;<a href="postconf.5.html#process_id_directory">$&</a>;g; s;\bprocess_id_directory\b;<a href="postconf.5.html#process_id_directory">$&</a>;g;
s;\bprocess_name\b;<a href="postconf.5.html#process_name">$&</a>;g; s;\bprocess_name\b;<a href="postconf.5.html#process_name">$&</a>;g;
s;\bpropagate_unmatched_extensions\b;<a href="postconf.5.html#propagate_unmatched_extensions">$&</a>;g; s;\bpropagate_unmatched_extensions\b;<a href="postconf.5.html#propagate_unmatched_extensions">$&</a>;g;
s;\bproxy_interfaces\b;<a href="postconf.5.html#proxy_interfaces">$&</a>;g; s;\bproxy_inter[-</bB>]*\n* *[<bB>]*faces\b;<a href="postconf.5.html#proxy_interfaces">$&</a>;g;
s;\bproxy_read_maps\b;<a href="postconf.5.html#proxy_read_maps">$&</a>;g; s;\bproxy_read_maps\b;<a href="postconf.5.html#proxy_read_maps">$&</a>;g;
s;\bqmgr_clog_warn_time\b;<a href="postconf.5.html#qmgr_clog_warn_time">$&</a>;g; s;\bqmgr_clog_warn_time\b;<a href="postconf.5.html#qmgr_clog_warn_time">$&</a>;g;
s;\bqmgr_fudge_factor\b;<a href="postconf.5.html#qmgr_fudge_factor">$&</a>;g; s;\bqmgr_fudge_factor\b;<a href="postconf.5.html#qmgr_fudge_factor">$&</a>;g;
@ -295,7 +296,7 @@ while (<>) {
s;\brelay_domains_reject_code\b;<a href="postconf.5.html#relay_domains_reject_code">$&</a>;g; s;\brelay_domains_reject_code\b;<a href="postconf.5.html#relay_domains_reject_code">$&</a>;g;
s;\brelay_recipi[-</bB>]*\n*[ <bB>]*ent_maps\b;<a href="postconf.5.html#relay_recipient_maps">$&</a>;g; s;\brelay_recipi[-</bB>]*\n*[ <bB>]*ent_maps\b;<a href="postconf.5.html#relay_recipient_maps">$&</a>;g;
s;\brelay_transport\b;<a href="postconf.5.html#relay_transport">$&</a>;g; s;\brelay_transport\b;<a href="postconf.5.html#relay_transport">$&</a>;g;
s;\brelayhost\b;<a href="postconf.5.html#relayhost">$&</a>;g; s;\brelay[-</bB>]*\n*[ <bB>]*host\b;<a href="postconf.5.html#relayhost">$&</a>;g;
s;\brelocated_maps\b;<a href="postconf.5.html#relocated_maps">$&</a>;g; s;\brelocated_maps\b;<a href="postconf.5.html#relocated_maps">$&</a>;g;
s;\brequire_home_directory\b;<a href="postconf.5.html#require_home_directory">$&</a>;g; s;\brequire_home_directory\b;<a href="postconf.5.html#require_home_directory">$&</a>;g;
s;\bresolve_dequoted_address\b;<a href="postconf.5.html#resolve_dequoted_address">$&</a>;g; s;\bresolve_dequoted_address\b;<a href="postconf.5.html#resolve_dequoted_address">$&</a>;g;
@ -305,6 +306,7 @@ while (<>) {
s;\bsender_bcc_maps\b;<a href="postconf.5.html#sender_bcc_maps">$&</a>;g; s;\bsender_bcc_maps\b;<a href="postconf.5.html#sender_bcc_maps">$&</a>;g;
s;\bsender_canonical_classes\b;<a href="postconf.5.html#sender_canonical_classes">$&</a>;g; s;\bsender_canonical_classes\b;<a href="postconf.5.html#sender_canonical_classes">$&</a>;g;
s;\bsender_canonical_maps\b;<a href="postconf.5.html#sender_canonical_maps">$&</a>;g; s;\bsender_canonical_maps\b;<a href="postconf.5.html#sender_canonical_maps">$&</a>;g;
s;\bsender_relay[-</bB>]*\n*[ <bB>]*host_maps\b;<a href="postconf.5.html#sender_relayhost_maps">$&</a>;g;
s;\bsendmail_path\b;<a href="postconf.5.html#sendmail_path">$&</a>;g; s;\bsendmail_path\b;<a href="postconf.5.html#sendmail_path">$&</a>;g;
s;\bservice_throttle_time\b;<a href="postconf.5.html#service_throttle_time">$&</a>;g; s;\bservice_throttle_time\b;<a href="postconf.5.html#service_throttle_time">$&</a>;g;
s;\bsetgid_group\b;<a href="postconf.5.html#setgid_group">$&</a>;g; s;\bsetgid_group\b;<a href="postconf.5.html#setgid_group">$&</a>;g;
@ -350,6 +352,7 @@ while (<>) {
s;\bsmtp_mx_address_limit\b;<a href="postconf.5.html#smtp_mx_address_limit">$&</a>;g; s;\bsmtp_mx_address_limit\b;<a href="postconf.5.html#smtp_mx_address_limit">$&</a>;g;
s;\bsmtp_mx_session_limit\b;<a href="postconf.5.html#smtp_mx_session_limit">$&</a>;g; s;\bsmtp_mx_session_limit\b;<a href="postconf.5.html#smtp_mx_session_limit">$&</a>;g;
s;\bsmtp_never_send_ehlo\b;<a href="postconf.5.html#smtp_never_send_ehlo">$&</a>;g; s;\bsmtp_never_send_ehlo\b;<a href="postconf.5.html#smtp_never_send_ehlo">$&</a>;g;
s;\bsmtp_per_sender_authentication\b;<a href="postconf.5.html#smtp_per_sender_authentication">$&</a>;g;
s;\bsmtp_pix_workaround_delay_time\b;<a href="postconf.5.html#smtp_pix_workaround_delay_time">$&</a>;g; s;\bsmtp_pix_workaround_delay_time\b;<a href="postconf.5.html#smtp_pix_workaround_delay_time">$&</a>;g;
s;\bsmtp_pix_workaround_threshold_time\b;<a href="postconf.5.html#smtp_pix_workaround_threshold_time">$&</a>;g; s;\bsmtp_pix_workaround_threshold_time\b;<a href="postconf.5.html#smtp_pix_workaround_threshold_time">$&</a>;g;
s;\bsmtp_quit_timeout\b;<a href="postconf.5.html#smtp_quit_timeout">$&</a>;g; s;\bsmtp_quit_timeout\b;<a href="postconf.5.html#smtp_quit_timeout">$&</a>;g;
@ -540,7 +543,7 @@ while (<>) {
s/[<bB>]*tlsmgr[<\/bB>]*\(8\)/<a href="tlsmgr.8.html">$&<\/a>/g; s/[<bB>]*tlsmgr[<\/bB>]*\(8\)/<a href="tlsmgr.8.html">$&<\/a>/g;
s/[<bB>]*trace[<\/bB>]*\(8\)/<a href="trace.8.html">$&<\/a>/g; s/[<bB>]*trace[<\/bB>]*\(8\)/<a href="trace.8.html">$&<\/a>/g;
s/[<bB>]*trivial- *<br> *rewrite[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g; s/[<bB>]*trivial- *<br> *rewrite[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g;
s/[<bB>]*triv[-<\/bB>]*\n* *[<bB>]*ial-[<\/bB>]*\n* *[<bB>]*rewrite[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g; s/[<bB>]*triv[-<\/bB>]*\n* *[<bB>]*ial-[<\/bB>]*\n* *[<bB>]*re[-<\/bB>]*\n*[ <bB>]*write[<\/bB>]*\(8\)/<a href="trivial-rewrite.8.html">$&<\/a>/g;
s/[<bB>]*mailq[<\/bB>]*\(1\)/<a href="mailq.1.html">$&<\/a>/g; s/[<bB>]*mailq[<\/bB>]*\(1\)/<a href="mailq.1.html">$&<\/a>/g;
s/[<bB>]*newaliases[<\/bB>]*\(1\)/<a href="newaliases.1.html">$&<\/a>/g; s/[<bB>]*newaliases[<\/bB>]*\(1\)/<a href="newaliases.1.html">$&<\/a>/g;
s/[<bB>]*postalias[<\/bB>]*\(1\)/<a href="postalias.1.html">$&<\/a>/g; s/[<bB>]*postalias[<\/bB>]*\(1\)/<a href="postalias.1.html">$&<\/a>/g;
@ -725,6 +728,8 @@ while (<>) {
s/\b(error):/<a href="error.8.html">$1<\/a>:/g; s/\b(error):/<a href="error.8.html">$1<\/a>:/g;
s/\b(smtp):/<a href="smtp.8.html">$1<\/a>:/g; s/\b(smtp):/<a href="smtp.8.html">$1<\/a>:/g;
s/\b(lmtp):/<a href="lmtp.8.html">$1<\/a>:/g; s/\b(lmtp):/<a href="lmtp.8.html">$1<\/a>:/g;
s/\b(local):/<a href="local.8.html">$1<\/a>:/g;
s/\b(virtual):/<a href="virtual.8.html">$1<\/a>:/g;
} }
continue { continue {
if ($printit) if ($printit)

42
postfix/proto/postconf.proto
View File

@ -4002,8 +4002,9 @@ smtp_sasl_auth_enable = yes
<p> <p>
Optional SMTP client lookup tables with one username:password entry Optional SMTP client lookup tables with one username:password entry
per remote hostname or domain. If a remote host or domain has no per remote hostname or domain (or per sender address, when per-sender
username:password entry, then the Postfix SMTP client will not authentication is enabled). If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host. attempt to authenticate to the remote host.
</p> </p>
@ -7112,7 +7113,8 @@ The name of the directory with example Postfix configuration files.
%PARAM sender_based_routing no %PARAM sender_based_routing no
<p> <p>
This parameter should not be used. This parameter should not be used. It was replaced by sender_relayhost_maps
in Postfix 2.3.
</p> </p>
%PARAM sendmail_path see "postconf -d" output %PARAM sendmail_path see "postconf -d" output
@ -8704,3 +8706,37 @@ is placed into the Postfix configuration directory. </p>
<p> This feature is available in Postfix 2.3 and later. </p> <p> This feature is available in Postfix 2.3 and later. </p>
%PARAM sender_relayhost_maps empty
<p> A sender-specific override for the global relayhost parameter
setting. The tables are searched by the sender address and by the
sender @domain. </p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
%PARAM address_verify_sender_relayhost_maps empty
<p>
Overrides the sender_relayhost_maps parameter setting for address
verification probes.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>
%PARAM smtp_per_sender_authentication no
<p>
Enable per-sender authentication in the SMTP client; this is available
only with SASL authentication, and disables SMTP connection caching
to ensure that mail from different senders will use the appropriate
credentials.
</p>
<p>
This feature is available in Postfix 2.3 and later.
</p>

49
postfix/proto/transport
View File

@ -11,24 +11,33 @@
# \fBpostmap -q - /etc/postfix/transport <\fIinputfile\fR # \fBpostmap -q - /etc/postfix/transport <\fIinputfile\fR
# DESCRIPTION # DESCRIPTION
# The optional \fBtransport\fR(5) table specifies a mapping from email # The optional \fBtransport\fR(5) table specifies a mapping from email
# addresses to message delivery transports and/or relay hosts. The # addresses to message delivery transports and next-hop hosts. The
# mapping is used by the \fBtrivial-rewrite\fR(8) daemon. # table is searched by the \fBtrivial-rewrite\fR(8) daemon.
# #
# This mapping overrides the default routing that is built into # This mapping overrides the default \fItransport\fR:\fInexthop\fR
# Postfix: # selection that is built into Postfix:
# .IP \fBmydestination\fR # .IP "\fBlocal_transport (default: local:$myhostname)\fR"
# A list of domains that is by default delivered via # This is the default for final delivery to domains listed
# \fB$local_transport\fR. This also includes domains # with \fBmydestination\fR, and for [\fIipaddress\fR]
# that match \fB$inet_interfaces\fR or \fB$proxy_interfaces\fR. # destinations that match \fB$inet_interfaces\fR or
# .IP \fBvirtual_mailbox_domains\fR # \fB$proxy_interfaces\fR. The default \fInexthop\fR destination
# A list of domains that is by default delivered via # is the MTA hostname.
# \fB$virtual_transport\fR. # .IP "\fBvirtual_transport (default: virtual:)\fR"
# .IP \fBrelay_domains\fR # This is the default for final delivery to domains listed
# A list of domains that is by default delivered via # with \fBvirtual_mailbox_domains\fR. The default \fInexthop\fR
# \fB$relay_transport\fR. # destination is the recipient domain.
# .IP "any other destination" # .IP "\fBrelay_transport (default: relay:)\fR"
# Mail for any other destination is by default delivered via # This is the default for remote delivery to domains listed
# \fB$default_transport\fR. # with \fBrelay_domains\fR. In order of decreasing precedence,
# the \fInexthop\fR destination is taken from \fBrelay_transport\fR,
# \fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
# recipient domain.
# .IP "\fBdefault_transport (default: smtp:)\fR"
# This is the default for remote delivery to other destinations.
# In order of decreasing precedence, the \fInexthop\fR
# destination is taken from \fBdefault_transport\fR,
# \fBsender_relayhost_maps\fR, \fBrelayhost\fR, or from the
# recipient domain.
# .PP # .PP
# Normally, the \fBtransport\fR(5) table is specified as a text file # Normally, the \fBtransport\fR(5) table is specified as a text file
# that serves as input to the \fBpostmap\fR(1) command. # that serves as input to the \fBpostmap\fR(1) command.
@ -223,9 +232,9 @@
# CONFIGURATION PARAMETERS # CONFIGURATION PARAMETERS
# .ad # .ad
# .fi # .fi
# The following \fBmain.cf\fR parameters are especially relevant. # The following \fBmain.cf\fR parameters are especially relevant.
# The text below provides only a parameter summary. See # The text below provides only a parameter summary. See
# \fBpostconf\fR(5) for more details including examples. # \fBpostconf\fR(5) for more details including examples.
# .IP \fBempty_address_recipient\fR # .IP \fBempty_address_recipient\fR
# The address that is looked up instead of the null sender address. # The address that is looked up instead of the null sender address.
# .IP \fBparent_domain_matches_subdomains\fR # .IP \fBparent_domain_matches_subdomains\fR

15
postfix/src/global/mail_params.h
View File

@ -185,6 +185,10 @@ extern char *var_masq_classes;
#define DEF_RELAYHOST "" #define DEF_RELAYHOST ""
extern char *var_relayhost; extern char *var_relayhost;
#define VAR_SND_RELAY_MAPS "sender_relayhost_maps"
#define DEF_SND_RELAY_MAPS ""
extern char *var_snd_relay_maps;
#define VAR_FALLBACK_RELAY "fallback_relay" #define VAR_FALLBACK_RELAY "fallback_relay"
#define DEF_FALLBACK_RELAY "" #define DEF_FALLBACK_RELAY ""
extern char *var_fallback_relay; extern char *var_fallback_relay;
@ -2152,6 +2156,10 @@ extern char *var_vrfy_def_xport;
#define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST #define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST
extern char *var_vrfy_relayhost; extern char *var_vrfy_relayhost;
#define VAR_VRFY_RELAY_MAPS "address_verify_sender_relayhost_maps"
#define DEF_VRFY_RELAY_MAPS "$" VAR_SND_RELAY_MAPS
extern char *var_vrfy_relay_maps;
#define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps" #define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps"
#define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS #define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS
extern char *var_vrfy_xport_maps; extern char *var_vrfy_xport_maps;
@ -2404,6 +2412,13 @@ extern int var_delay_max_res;
#define DEF_BOUNCE_TMPL "" #define DEF_BOUNCE_TMPL ""
extern char *var_bounce_tmpl; extern char *var_bounce_tmpl;
/*
* Per-sender authentication.
*/
#define VAR_SMTP_SENDER_AUTH "smtp_per_sender_authentication"
#define DEF_SMTP_SENDER_AUTH 0
extern bool var_smtp_sender_auth;
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no * Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only. * patchlevel; they change the release date only.
*/ */
#define MAIL_RELEASE_DATE "20051121" #define MAIL_RELEASE_DATE "20051124"
#define MAIL_VERSION_NUMBER "2.3" #define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT #ifdef SNAPSHOT

3
postfix/src/global/resolve_clnt.c
View File

@ -59,6 +59,9 @@
/* The address resolved to something that has invalid syntax. /* The address resolved to something that has invalid syntax.
/* .IP RESOLVE_FLAG_FAIL /* .IP RESOLVE_FLAG_FAIL
/* The request could not be completed. /* The request could not be completed.
/* .IP RESOLVE_FLAG_SMARTHOST
/* The client may override the next-hop host with per-sender
/* relay host information.
/* .PP /* .PP
/* In addition, the address domain class is returned by setting /* In addition, the address domain class is returned by setting
/* one of the following flags (this is preliminary code awaiting /* one of the following flags (this is preliminary code awaiting

1
postfix/src/global/resolve_clnt.h
View File

@ -26,6 +26,7 @@
#define RESOLVE_FLAG_ROUTED (1<<1) /* routed destination */ #define RESOLVE_FLAG_ROUTED (1<<1) /* routed destination */
#define RESOLVE_FLAG_ERROR (1<<2) /* bad destination syntax */ #define RESOLVE_FLAG_ERROR (1<<2) /* bad destination syntax */
#define RESOLVE_FLAG_FAIL (1<<3) /* request failed */ #define RESOLVE_FLAG_FAIL (1<<3) /* request failed */
#define RESOLVE_FLAG_SMARTHOST (1<<4) /* smarthost route */
#define RESOLVE_CLASS_LOCAL (1<<8) /* mydestination/inet_interfaces */ #define RESOLVE_CLASS_LOCAL (1<<8) /* mydestination/inet_interfaces */
#define RESOLVE_CLASS_ALIAS (1<<9) /* virtual_alias_domains */ #define RESOLVE_CLASS_ALIAS (1<<9) /* virtual_alias_domains */

33
postfix/src/oqmgr/Makefile.in
View File

@ -74,6 +74,7 @@ qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/mail_proto.h qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/mail_queue.h qmgr.o: ../../include/mail_queue.h
qmgr.o: ../../include/mail_server.h qmgr.o: ../../include/mail_server.h
qmgr.o: ../../include/maps.h
qmgr.o: ../../include/master_proto.h qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/msg.h qmgr.o: ../../include/msg.h
qmgr.o: ../../include/recipient_list.h qmgr.o: ../../include/recipient_list.h
@ -85,10 +86,12 @@ qmgr.o: ../../include/vstring.h
qmgr.o: qmgr.c qmgr.o: qmgr.c
qmgr.o: qmgr.h qmgr.o: qmgr.h
qmgr_active.o: ../../include/abounce.h qmgr_active.o: ../../include/abounce.h
qmgr_active.o: ../../include/argv.h
qmgr_active.o: ../../include/attr.h qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/bounce.h qmgr_active.o: ../../include/bounce.h
qmgr_active.o: ../../include/defer.h qmgr_active.o: ../../include/defer.h
qmgr_active.o: ../../include/deliver_request.h qmgr_active.o: ../../include/deliver_request.h
qmgr_active.o: ../../include/dict.h
qmgr_active.o: ../../include/dsn.h qmgr_active.o: ../../include/dsn.h
qmgr_active.o: ../../include/dsn_buf.h qmgr_active.o: ../../include/dsn_buf.h
qmgr_active.o: ../../include/dsn_mask.h qmgr_active.o: ../../include/dsn_mask.h
@ -96,6 +99,7 @@ qmgr_active.o: ../../include/events.h
qmgr_active.o: ../../include/mail_open_ok.h qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_params.h qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/mail_queue.h qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/maps.h
qmgr_active.o: ../../include/msg.h qmgr_active.o: ../../include/msg.h
qmgr_active.o: ../../include/msg_stats.h qmgr_active.o: ../../include/msg_stats.h
qmgr_active.o: ../../include/mymalloc.h qmgr_active.o: ../../include/mymalloc.h
@ -110,12 +114,15 @@ qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vstring.h qmgr_active.o: ../../include/vstring.h
qmgr_active.o: qmgr.h qmgr_active.o: qmgr.h
qmgr_active.o: qmgr_active.c qmgr_active.o: qmgr_active.c
qmgr_bounce.o: ../../include/argv.h
qmgr_bounce.o: ../../include/attr.h qmgr_bounce.o: ../../include/attr.h
qmgr_bounce.o: ../../include/bounce.h qmgr_bounce.o: ../../include/bounce.h
qmgr_bounce.o: ../../include/deliver_completed.h qmgr_bounce.o: ../../include/deliver_completed.h
qmgr_bounce.o: ../../include/deliver_request.h qmgr_bounce.o: ../../include/deliver_request.h
qmgr_bounce.o: ../../include/dict.h
qmgr_bounce.o: ../../include/dsn.h qmgr_bounce.o: ../../include/dsn.h
qmgr_bounce.o: ../../include/dsn_buf.h qmgr_bounce.o: ../../include/dsn_buf.h
qmgr_bounce.o: ../../include/maps.h
qmgr_bounce.o: ../../include/msg_stats.h qmgr_bounce.o: ../../include/msg_stats.h
qmgr_bounce.o: ../../include/recipient_list.h qmgr_bounce.o: ../../include/recipient_list.h
qmgr_bounce.o: ../../include/scan_dir.h qmgr_bounce.o: ../../include/scan_dir.h
@ -125,12 +132,15 @@ qmgr_bounce.o: ../../include/vstream.h
qmgr_bounce.o: ../../include/vstring.h qmgr_bounce.o: ../../include/vstring.h
qmgr_bounce.o: qmgr.h qmgr_bounce.o: qmgr.h
qmgr_bounce.o: qmgr_bounce.c qmgr_bounce.o: qmgr_bounce.c
qmgr_defer.o: ../../include/argv.h
qmgr_defer.o: ../../include/attr.h qmgr_defer.o: ../../include/attr.h
qmgr_defer.o: ../../include/bounce.h qmgr_defer.o: ../../include/bounce.h
qmgr_defer.o: ../../include/defer.h qmgr_defer.o: ../../include/defer.h
qmgr_defer.o: ../../include/deliver_request.h qmgr_defer.o: ../../include/deliver_request.h
qmgr_defer.o: ../../include/dict.h
qmgr_defer.o: ../../include/dsn.h qmgr_defer.o: ../../include/dsn.h
qmgr_defer.o: ../../include/dsn_buf.h qmgr_defer.o: ../../include/dsn_buf.h
qmgr_defer.o: ../../include/maps.h
qmgr_defer.o: ../../include/msg.h qmgr_defer.o: ../../include/msg.h
qmgr_defer.o: ../../include/msg_stats.h qmgr_defer.o: ../../include/msg_stats.h
qmgr_defer.o: ../../include/recipient_list.h qmgr_defer.o: ../../include/recipient_list.h
@ -141,8 +151,10 @@ qmgr_defer.o: ../../include/vstream.h
qmgr_defer.o: ../../include/vstring.h qmgr_defer.o: ../../include/vstring.h
qmgr_defer.o: qmgr.h qmgr_defer.o: qmgr.h
qmgr_defer.o: qmgr_defer.c qmgr_defer.o: qmgr_defer.c
qmgr_deliver.o: ../../include/argv.h
qmgr_deliver.o: ../../include/attr.h qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/deliver_request.h qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/dict.h
qmgr_deliver.o: ../../include/dsb_scan.h qmgr_deliver.o: ../../include/dsb_scan.h
qmgr_deliver.o: ../../include/dsn.h qmgr_deliver.o: ../../include/dsn.h
qmgr_deliver.o: ../../include/dsn_buf.h qmgr_deliver.o: ../../include/dsn_buf.h
@ -152,6 +164,7 @@ qmgr_deliver.o: ../../include/iostuff.h
qmgr_deliver.o: ../../include/mail_params.h qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/mail_proto.h qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/mail_queue.h qmgr_deliver.o: ../../include/mail_queue.h
qmgr_deliver.o: ../../include/maps.h
qmgr_deliver.o: ../../include/msg.h qmgr_deliver.o: ../../include/msg.h
qmgr_deliver.o: ../../include/msg_stats.h qmgr_deliver.o: ../../include/msg_stats.h
qmgr_deliver.o: ../../include/recipient_list.h qmgr_deliver.o: ../../include/recipient_list.h
@ -165,8 +178,11 @@ qmgr_deliver.o: ../../include/vstring.h
qmgr_deliver.o: ../../include/vstring_vstream.h qmgr_deliver.o: ../../include/vstring_vstream.h
qmgr_deliver.o: qmgr.h qmgr_deliver.o: qmgr.h
qmgr_deliver.o: qmgr_deliver.c qmgr_deliver.o: qmgr_deliver.c
qmgr_enable.o: ../../include/argv.h
qmgr_enable.o: ../../include/dict.h
qmgr_enable.o: ../../include/dsn.h qmgr_enable.o: ../../include/dsn.h
qmgr_enable.o: ../../include/dsn_buf.h qmgr_enable.o: ../../include/dsn_buf.h
qmgr_enable.o: ../../include/maps.h
qmgr_enable.o: ../../include/msg.h qmgr_enable.o: ../../include/msg.h
qmgr_enable.o: ../../include/recipient_list.h qmgr_enable.o: ../../include/recipient_list.h
qmgr_enable.o: ../../include/scan_dir.h qmgr_enable.o: ../../include/scan_dir.h
@ -176,12 +192,15 @@ qmgr_enable.o: ../../include/vstream.h
qmgr_enable.o: ../../include/vstring.h qmgr_enable.o: ../../include/vstring.h
qmgr_enable.o: qmgr.h qmgr_enable.o: qmgr.h
qmgr_enable.o: qmgr_enable.c qmgr_enable.o: qmgr_enable.c
qmgr_entry.o: ../../include/argv.h
qmgr_entry.o: ../../include/attr.h qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: ../../include/deliver_request.h qmgr_entry.o: ../../include/deliver_request.h
qmgr_entry.o: ../../include/dict.h
qmgr_entry.o: ../../include/dsn.h qmgr_entry.o: ../../include/dsn.h
qmgr_entry.o: ../../include/dsn_buf.h qmgr_entry.o: ../../include/dsn_buf.h
qmgr_entry.o: ../../include/events.h qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/mail_params.h qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/maps.h
qmgr_entry.o: ../../include/msg.h qmgr_entry.o: ../../include/msg.h
qmgr_entry.o: ../../include/msg_stats.h qmgr_entry.o: ../../include/msg_stats.h
qmgr_entry.o: ../../include/mymalloc.h qmgr_entry.o: ../../include/mymalloc.h
@ -205,9 +224,11 @@ qmgr_message.o: ../../include/dsn_attr_map.h
qmgr_message.o: ../../include/dsn_buf.h qmgr_message.o: ../../include/dsn_buf.h
qmgr_message.o: ../../include/dsn_mask.h qmgr_message.o: ../../include/dsn_mask.h
qmgr_message.o: ../../include/iostuff.h qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/mail_addr_find.h
qmgr_message.o: ../../include/mail_params.h qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/mail_proto.h qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/mail_queue.h qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/maps.h
qmgr_message.o: ../../include/msg.h qmgr_message.o: ../../include/msg.h
qmgr_message.o: ../../include/msg_stats.h qmgr_message.o: ../../include/msg_stats.h
qmgr_message.o: ../../include/myflock.h qmgr_message.o: ../../include/myflock.h
@ -232,10 +253,13 @@ qmgr_message.o: ../../include/vstream.h
qmgr_message.o: ../../include/vstring.h qmgr_message.o: ../../include/vstring.h
qmgr_message.o: qmgr.h qmgr_message.o: qmgr.h
qmgr_message.o: qmgr_message.c qmgr_message.o: qmgr_message.c
qmgr_move.o: ../../include/argv.h
qmgr_move.o: ../../include/dict.h
qmgr_move.o: ../../include/dsn.h qmgr_move.o: ../../include/dsn.h
qmgr_move.o: ../../include/dsn_buf.h qmgr_move.o: ../../include/dsn_buf.h
qmgr_move.o: ../../include/mail_queue.h qmgr_move.o: ../../include/mail_queue.h
qmgr_move.o: ../../include/mail_scan_dir.h qmgr_move.o: ../../include/mail_scan_dir.h
qmgr_move.o: ../../include/maps.h
qmgr_move.o: ../../include/msg.h qmgr_move.o: ../../include/msg.h
qmgr_move.o: ../../include/recipient_list.h qmgr_move.o: ../../include/recipient_list.h
qmgr_move.o: ../../include/scan_dir.h qmgr_move.o: ../../include/scan_dir.h
@ -245,11 +269,14 @@ qmgr_move.o: ../../include/vstream.h
qmgr_move.o: ../../include/vstring.h qmgr_move.o: ../../include/vstring.h
qmgr_move.o: qmgr.h qmgr_move.o: qmgr.h
qmgr_move.o: qmgr_move.c qmgr_move.o: qmgr_move.c
qmgr_queue.o: ../../include/argv.h
qmgr_queue.o: ../../include/dict.h
qmgr_queue.o: ../../include/dsn.h qmgr_queue.o: ../../include/dsn.h
qmgr_queue.o: ../../include/dsn_buf.h qmgr_queue.o: ../../include/dsn_buf.h
qmgr_queue.o: ../../include/events.h qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/maps.h
qmgr_queue.o: ../../include/msg.h qmgr_queue.o: ../../include/msg.h
qmgr_queue.o: ../../include/mymalloc.h qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/recipient_list.h qmgr_queue.o: ../../include/recipient_list.h
@ -260,9 +287,12 @@ qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vstring.h qmgr_queue.o: ../../include/vstring.h
qmgr_queue.o: qmgr.h qmgr_queue.o: qmgr.h
qmgr_queue.o: qmgr_queue.c qmgr_queue.o: qmgr_queue.c
qmgr_scan.o: ../../include/argv.h
qmgr_scan.o: ../../include/dict.h
qmgr_scan.o: ../../include/dsn.h qmgr_scan.o: ../../include/dsn.h
qmgr_scan.o: ../../include/dsn_buf.h qmgr_scan.o: ../../include/dsn_buf.h
qmgr_scan.o: ../../include/mail_scan_dir.h qmgr_scan.o: ../../include/mail_scan_dir.h
qmgr_scan.o: ../../include/maps.h
qmgr_scan.o: ../../include/msg.h qmgr_scan.o: ../../include/msg.h
qmgr_scan.o: ../../include/mymalloc.h qmgr_scan.o: ../../include/mymalloc.h
qmgr_scan.o: ../../include/recipient_list.h qmgr_scan.o: ../../include/recipient_list.h
@ -273,7 +303,9 @@ qmgr_scan.o: ../../include/vstream.h
qmgr_scan.o: ../../include/vstring.h qmgr_scan.o: ../../include/vstring.h
qmgr_scan.o: qmgr.h qmgr_scan.o: qmgr.h
qmgr_scan.o: qmgr_scan.c qmgr_scan.o: qmgr_scan.c
qmgr_transport.o: ../../include/argv.h
qmgr_transport.o: ../../include/attr.h qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/dict.h
qmgr_transport.o: ../../include/dsn.h qmgr_transport.o: ../../include/dsn.h
qmgr_transport.o: ../../include/dsn_buf.h qmgr_transport.o: ../../include/dsn_buf.h
qmgr_transport.o: ../../include/events.h qmgr_transport.o: ../../include/events.h
@ -282,6 +314,7 @@ qmgr_transport.o: ../../include/iostuff.h
qmgr_transport.o: ../../include/mail_conf.h qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/mail_proto.h qmgr_transport.o: ../../include/mail_proto.h
qmgr_transport.o: ../../include/maps.h
qmgr_transport.o: ../../include/msg.h qmgr_transport.o: ../../include/msg.h
qmgr_transport.o: ../../include/mymalloc.h qmgr_transport.o: ../../include/mymalloc.h
qmgr_transport.o: ../../include/recipient_list.h qmgr_transport.o: ../../include/recipient_list.h

15
postfix/src/oqmgr/qmgr.c
View File

@ -328,12 +328,16 @@ int var_local_rcpt_lim; /* XXX */
int var_local_con_lim; /* XXX */ int var_local_con_lim; /* XXX */
int var_proc_limit; int var_proc_limit;
bool var_verp_bounce_off; bool var_verp_bounce_off;
bool var_sender_routing;
int var_qmgr_clog_warn_time; int var_qmgr_clog_warn_time;
char *var_snd_relay_maps;
char *var_vrfy_relay_maps;
static QMGR_SCAN *qmgr_incoming; static QMGR_SCAN *qmgr_incoming;
static QMGR_SCAN *qmgr_deferred; static QMGR_SCAN *qmgr_deferred;
MAPS *qmgr_snd_relay_maps;
MAPS *qmgr_vrfy_relay_maps;
/* qmgr_deferred_run_event - queue manager heartbeat */ /* qmgr_deferred_run_event - queue manager heartbeat */
static void qmgr_deferred_run_event(int unused_event, char *dummy) static void qmgr_deferred_run_event(int unused_event, char *dummy)
@ -484,6 +488,12 @@ static void pre_accept(char *unused_name, char **unused_argv)
static void qmgr_pre_init(char *unused_name, char **unused_argv) static void qmgr_pre_init(char *unused_name, char **unused_argv)
{ {
flush_init(); flush_init();
if (*var_snd_relay_maps)
qmgr_snd_relay_maps =
maps_create(VAR_SND_RELAY_MAPS, var_snd_relay_maps, 0);
if (*var_vrfy_relay_maps)
qmgr_vrfy_relay_maps =
maps_create(VAR_VRFY_RELAY_MAPS, var_vrfy_relay_maps, 0);
} }
/* qmgr_post_init - post-jail initialization */ /* qmgr_post_init - post-jail initialization */
@ -532,6 +542,8 @@ int main(int argc, char **argv)
{ {
static CONFIG_STR_TABLE str_table[] = { static CONFIG_STR_TABLE str_table[] = {
VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0, VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
VAR_SND_RELAY_MAPS, DEF_SND_RELAY_MAPS, &var_snd_relay_maps, 0, 0,
VAR_VRFY_RELAY_MAPS, DEF_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0, 0,
0, 0,
}; };
static CONFIG_TIME_TABLE time_table[] = { static CONFIG_TIME_TABLE time_table[] = {
@ -559,7 +571,6 @@ int main(int argc, char **argv)
static CONFIG_BOOL_TABLE bool_table[] = { static CONFIG_BOOL_TABLE bool_table[] = {
VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user, VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user,
VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off, VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off,
VAR_SENDER_ROUTING, DEF_SENDER_ROUTING, &var_sender_routing,
0, 0,
}; };

7
postfix/src/oqmgr/qmgr.h
View File

@ -25,6 +25,7 @@
*/ */
#include <recipient_list.h> #include <recipient_list.h>
#include <dsn.h> #include <dsn.h>
#include <maps.h> /* Grr.. sender relay maps */
/* /*
* The queue manager is built around lots of mutually-referring structures. * The queue manager is built around lots of mutually-referring structures.
@ -320,6 +321,12 @@ extern QMGR_SCAN *qmgr_scan_create(const char *);
extern void qmgr_scan_request(QMGR_SCAN *, int); extern void qmgr_scan_request(QMGR_SCAN *, int);
extern char *qmgr_scan_next(QMGR_SCAN *); extern char *qmgr_scan_next(QMGR_SCAN *);
/*
* qmgr.c
*/
extern MAPS *qmgr_snd_relay_maps;
extern MAPS *qmgr_vrfy_relay_maps;
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi

61
postfix/src/oqmgr/qmgr_message.c
View File

@ -126,6 +126,7 @@
#include <split_addr.h> #include <split_addr.h>
#include <dsn_mask.h> #include <dsn_mask.h>
#include <dsn_attr_map.h> #include <dsn_attr_map.h>
#include <mail_addr_find.h>
/* Client stubs. */ /* Client stubs. */
@ -844,14 +845,23 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
/* qmgr_resolve_one - resolve or skip one recipient */ /* qmgr_resolve_one - resolve or skip one recipient */
static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient, static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
const char *addr, RESOLVE_REPLY *reply) const char *addr, RESOLVE_REPLY *reply,
int do_snd_relay_maps)
{ {
MAPS *snd_relay_maps;
const char *smarthost;
DSN dsn; DSN dsn;
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) #define NO_SENDER_RELAY_MAPS 0
#define DO_SENDER_RELAY_MAPS 1
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) {
snd_relay_maps = qmgr_snd_relay_maps;
resolve_clnt_query(addr, reply); resolve_clnt_query(addr, reply);
else } else {
snd_relay_maps = qmgr_vrfy_relay_maps;
resolve_clnt_verify(addr, reply); resolve_clnt_verify(addr, reply);
}
if (reply->flags & RESOLVE_FLAG_FAIL) { if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0", DSN_SMTP(&dsn, "4.3.0",
@ -865,6 +875,31 @@ static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
"bad address syntax")); "bad address syntax"));
return (-1); return (-1);
} else { } else {
/*
* The next-hop destination may be replaced by the per-sender relay
* host.
*
* XXX This violates the principle that qmgr does no map lookups. Map
* changes require process restart which is bad for queue manager
* performance.
*/
if ((reply->flags & RESOLVE_FLAG_SMARTHOST) && do_snd_relay_maps
&& message->sender[0] && snd_relay_maps) {
if ((smarthost = mail_addr_find(snd_relay_maps, message->sender,
(char **) 0)) != 0) {
if (msg_verbose)
msg_info("using smart host %s for sender %s",
smarthost, message->sender);
vstring_strcpy(reply->nexthop, smarthost);
} else if (dict_errno != 0) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
"451 address resolver failure",
"address resolver failure"));
return (-1);
}
}
return (0); return (0);
} }
} }
@ -910,7 +945,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
reply.recipient); reply.recipient);
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
if (qmgr_resolve_one(message, recipient, if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0) recipient->address, &reply,
NO_SENDER_RELAY_MAPS) < 0)
continue; continue;
if (!STREQ(recipient->address, STR(reply.recipient))) if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
@ -920,6 +956,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Content filtering overrides the address resolver. * Content filtering overrides the address resolver.
*/ */
else if (message->filter_xport) { else if (message->filter_xport) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport); vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0 if ((nexthop = split_at(STR(reply.transport), ':')) == 0
|| *nexthop == 0) || *nexthop == 0)
@ -932,25 +969,15 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Resolve the destination to (transport, nexthop, address). The * Resolve the destination to (transport, nexthop, address). The
* result address may differ from the one specified by the sender. * result address may differ from the one specified by the sender.
*/ */
else if (var_sender_routing == 0) { else {
if (qmgr_resolve_one(message, recipient, if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0) recipient->address, &reply,
DO_SENDER_RELAY_MAPS) < 0)
continue; continue;
if (!STREQ(recipient->address, STR(reply.recipient))) if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
} }
/*
* XXX Sender-based routing does not work very well, because it has
* problems with sending bounces.
*/
else {
if (qmgr_resolve_one(message, recipient,
message->sender, &reply) < 0)
continue;
vstring_strcpy(reply.recipient, recipient->address);
}
/* /*
* Bounce null recipients. This should never happen, but is most * Bounce null recipients. This should never happen, but is most
* likely the result of a fault in a different program, so aborting * likely the result of a fault in a different program, so aborting

39
postfix/src/qmgr/Makefile.in
View File

@ -76,6 +76,7 @@ qmgr.o: ../../include/mail_params.h
qmgr.o: ../../include/mail_proto.h qmgr.o: ../../include/mail_proto.h
qmgr.o: ../../include/mail_queue.h qmgr.o: ../../include/mail_queue.h
qmgr.o: ../../include/mail_server.h qmgr.o: ../../include/mail_server.h
qmgr.o: ../../include/maps.h
qmgr.o: ../../include/master_proto.h qmgr.o: ../../include/master_proto.h
qmgr.o: ../../include/msg.h qmgr.o: ../../include/msg.h
qmgr.o: ../../include/recipient_list.h qmgr.o: ../../include/recipient_list.h
@ -87,10 +88,12 @@ qmgr.o: ../../include/vstring.h
qmgr.o: qmgr.c qmgr.o: qmgr.c
qmgr.o: qmgr.h qmgr.o: qmgr.h
qmgr_active.o: ../../include/abounce.h qmgr_active.o: ../../include/abounce.h
qmgr_active.o: ../../include/argv.h
qmgr_active.o: ../../include/attr.h qmgr_active.o: ../../include/attr.h
qmgr_active.o: ../../include/bounce.h qmgr_active.o: ../../include/bounce.h
qmgr_active.o: ../../include/defer.h qmgr_active.o: ../../include/defer.h
qmgr_active.o: ../../include/deliver_request.h qmgr_active.o: ../../include/deliver_request.h
qmgr_active.o: ../../include/dict.h
qmgr_active.o: ../../include/dsn.h qmgr_active.o: ../../include/dsn.h
qmgr_active.o: ../../include/dsn_buf.h qmgr_active.o: ../../include/dsn_buf.h
qmgr_active.o: ../../include/dsn_mask.h qmgr_active.o: ../../include/dsn_mask.h
@ -98,6 +101,7 @@ qmgr_active.o: ../../include/events.h
qmgr_active.o: ../../include/mail_open_ok.h qmgr_active.o: ../../include/mail_open_ok.h
qmgr_active.o: ../../include/mail_params.h qmgr_active.o: ../../include/mail_params.h
qmgr_active.o: ../../include/mail_queue.h qmgr_active.o: ../../include/mail_queue.h
qmgr_active.o: ../../include/maps.h
qmgr_active.o: ../../include/msg.h qmgr_active.o: ../../include/msg.h
qmgr_active.o: ../../include/msg_stats.h qmgr_active.o: ../../include/msg_stats.h
qmgr_active.o: ../../include/mymalloc.h qmgr_active.o: ../../include/mymalloc.h
@ -112,12 +116,15 @@ qmgr_active.o: ../../include/vstream.h
qmgr_active.o: ../../include/vstring.h qmgr_active.o: ../../include/vstring.h
qmgr_active.o: qmgr.h qmgr_active.o: qmgr.h
qmgr_active.o: qmgr_active.c qmgr_active.o: qmgr_active.c
qmgr_bounce.o: ../../include/argv.h
qmgr_bounce.o: ../../include/attr.h qmgr_bounce.o: ../../include/attr.h
qmgr_bounce.o: ../../include/bounce.h qmgr_bounce.o: ../../include/bounce.h
qmgr_bounce.o: ../../include/deliver_completed.h qmgr_bounce.o: ../../include/deliver_completed.h
qmgr_bounce.o: ../../include/deliver_request.h qmgr_bounce.o: ../../include/deliver_request.h
qmgr_bounce.o: ../../include/dict.h
qmgr_bounce.o: ../../include/dsn.h qmgr_bounce.o: ../../include/dsn.h
qmgr_bounce.o: ../../include/dsn_buf.h qmgr_bounce.o: ../../include/dsn_buf.h
qmgr_bounce.o: ../../include/maps.h
qmgr_bounce.o: ../../include/msg_stats.h qmgr_bounce.o: ../../include/msg_stats.h
qmgr_bounce.o: ../../include/recipient_list.h qmgr_bounce.o: ../../include/recipient_list.h
qmgr_bounce.o: ../../include/scan_dir.h qmgr_bounce.o: ../../include/scan_dir.h
@ -127,12 +134,15 @@ qmgr_bounce.o: ../../include/vstream.h
qmgr_bounce.o: ../../include/vstring.h qmgr_bounce.o: ../../include/vstring.h
qmgr_bounce.o: qmgr.h qmgr_bounce.o: qmgr.h
qmgr_bounce.o: qmgr_bounce.c qmgr_bounce.o: qmgr_bounce.c
qmgr_defer.o: ../../include/argv.h
qmgr_defer.o: ../../include/attr.h qmgr_defer.o: ../../include/attr.h
qmgr_defer.o: ../../include/bounce.h qmgr_defer.o: ../../include/bounce.h
qmgr_defer.o: ../../include/defer.h qmgr_defer.o: ../../include/defer.h
qmgr_defer.o: ../../include/deliver_request.h qmgr_defer.o: ../../include/deliver_request.h
qmgr_defer.o: ../../include/dict.h
qmgr_defer.o: ../../include/dsn.h qmgr_defer.o: ../../include/dsn.h
qmgr_defer.o: ../../include/dsn_buf.h qmgr_defer.o: ../../include/dsn_buf.h
qmgr_defer.o: ../../include/maps.h
qmgr_defer.o: ../../include/msg.h qmgr_defer.o: ../../include/msg.h
qmgr_defer.o: ../../include/msg_stats.h qmgr_defer.o: ../../include/msg_stats.h
qmgr_defer.o: ../../include/recipient_list.h qmgr_defer.o: ../../include/recipient_list.h
@ -143,8 +153,10 @@ qmgr_defer.o: ../../include/vstream.h
qmgr_defer.o: ../../include/vstring.h qmgr_defer.o: ../../include/vstring.h
qmgr_defer.o: qmgr.h qmgr_defer.o: qmgr.h
qmgr_defer.o: qmgr_defer.c qmgr_defer.o: qmgr_defer.c
qmgr_deliver.o: ../../include/argv.h
qmgr_deliver.o: ../../include/attr.h qmgr_deliver.o: ../../include/attr.h
qmgr_deliver.o: ../../include/deliver_request.h qmgr_deliver.o: ../../include/deliver_request.h
qmgr_deliver.o: ../../include/dict.h
qmgr_deliver.o: ../../include/dsb_scan.h qmgr_deliver.o: ../../include/dsb_scan.h
qmgr_deliver.o: ../../include/dsn.h qmgr_deliver.o: ../../include/dsn.h
qmgr_deliver.o: ../../include/dsn_buf.h qmgr_deliver.o: ../../include/dsn_buf.h
@ -154,6 +166,7 @@ qmgr_deliver.o: ../../include/iostuff.h
qmgr_deliver.o: ../../include/mail_params.h qmgr_deliver.o: ../../include/mail_params.h
qmgr_deliver.o: ../../include/mail_proto.h qmgr_deliver.o: ../../include/mail_proto.h
qmgr_deliver.o: ../../include/mail_queue.h qmgr_deliver.o: ../../include/mail_queue.h
qmgr_deliver.o: ../../include/maps.h
qmgr_deliver.o: ../../include/msg.h qmgr_deliver.o: ../../include/msg.h
qmgr_deliver.o: ../../include/msg_stats.h qmgr_deliver.o: ../../include/msg_stats.h
qmgr_deliver.o: ../../include/recipient_list.h qmgr_deliver.o: ../../include/recipient_list.h
@ -167,8 +180,11 @@ qmgr_deliver.o: ../../include/vstring.h
qmgr_deliver.o: ../../include/vstring_vstream.h qmgr_deliver.o: ../../include/vstring_vstream.h
qmgr_deliver.o: qmgr.h qmgr_deliver.o: qmgr.h
qmgr_deliver.o: qmgr_deliver.c qmgr_deliver.o: qmgr_deliver.c
qmgr_enable.o: ../../include/argv.h
qmgr_enable.o: ../../include/dict.h
qmgr_enable.o: ../../include/dsn.h qmgr_enable.o: ../../include/dsn.h
qmgr_enable.o: ../../include/dsn_buf.h qmgr_enable.o: ../../include/dsn_buf.h
qmgr_enable.o: ../../include/maps.h
qmgr_enable.o: ../../include/msg.h qmgr_enable.o: ../../include/msg.h
qmgr_enable.o: ../../include/recipient_list.h qmgr_enable.o: ../../include/recipient_list.h
qmgr_enable.o: ../../include/scan_dir.h qmgr_enable.o: ../../include/scan_dir.h
@ -178,12 +194,15 @@ qmgr_enable.o: ../../include/vstream.h
qmgr_enable.o: ../../include/vstring.h qmgr_enable.o: ../../include/vstring.h
qmgr_enable.o: qmgr.h qmgr_enable.o: qmgr.h
qmgr_enable.o: qmgr_enable.c qmgr_enable.o: qmgr_enable.c
qmgr_entry.o: ../../include/argv.h
qmgr_entry.o: ../../include/attr.h qmgr_entry.o: ../../include/attr.h
qmgr_entry.o: ../../include/deliver_request.h qmgr_entry.o: ../../include/deliver_request.h
qmgr_entry.o: ../../include/dict.h
qmgr_entry.o: ../../include/dsn.h qmgr_entry.o: ../../include/dsn.h
qmgr_entry.o: ../../include/dsn_buf.h qmgr_entry.o: ../../include/dsn_buf.h
qmgr_entry.o: ../../include/events.h qmgr_entry.o: ../../include/events.h
qmgr_entry.o: ../../include/mail_params.h qmgr_entry.o: ../../include/mail_params.h
qmgr_entry.o: ../../include/maps.h
qmgr_entry.o: ../../include/msg.h qmgr_entry.o: ../../include/msg.h
qmgr_entry.o: ../../include/msg_stats.h qmgr_entry.o: ../../include/msg_stats.h
qmgr_entry.o: ../../include/mymalloc.h qmgr_entry.o: ../../include/mymalloc.h
@ -195,9 +214,12 @@ qmgr_entry.o: ../../include/vstream.h
qmgr_entry.o: ../../include/vstring.h qmgr_entry.o: ../../include/vstring.h
qmgr_entry.o: qmgr.h qmgr_entry.o: qmgr.h
qmgr_entry.o: qmgr_entry.c qmgr_entry.o: qmgr_entry.c
qmgr_job.o: ../../include/argv.h
qmgr_job.o: ../../include/dict.h
qmgr_job.o: ../../include/dsn.h qmgr_job.o: ../../include/dsn.h
qmgr_job.o: ../../include/dsn_buf.h qmgr_job.o: ../../include/dsn_buf.h
qmgr_job.o: ../../include/htable.h qmgr_job.o: ../../include/htable.h
qmgr_job.o: ../../include/maps.h
qmgr_job.o: ../../include/msg.h qmgr_job.o: ../../include/msg.h
qmgr_job.o: ../../include/mymalloc.h qmgr_job.o: ../../include/mymalloc.h
qmgr_job.o: ../../include/recipient_list.h qmgr_job.o: ../../include/recipient_list.h
@ -221,9 +243,11 @@ qmgr_message.o: ../../include/dsn_attr_map.h
qmgr_message.o: ../../include/dsn_buf.h qmgr_message.o: ../../include/dsn_buf.h
qmgr_message.o: ../../include/dsn_mask.h qmgr_message.o: ../../include/dsn_mask.h
qmgr_message.o: ../../include/iostuff.h qmgr_message.o: ../../include/iostuff.h
qmgr_message.o: ../../include/mail_addr_find.h
qmgr_message.o: ../../include/mail_params.h qmgr_message.o: ../../include/mail_params.h
qmgr_message.o: ../../include/mail_proto.h qmgr_message.o: ../../include/mail_proto.h
qmgr_message.o: ../../include/mail_queue.h qmgr_message.o: ../../include/mail_queue.h
qmgr_message.o: ../../include/maps.h
qmgr_message.o: ../../include/msg.h qmgr_message.o: ../../include/msg.h
qmgr_message.o: ../../include/msg_stats.h qmgr_message.o: ../../include/msg_stats.h
qmgr_message.o: ../../include/myflock.h qmgr_message.o: ../../include/myflock.h
@ -249,10 +273,13 @@ qmgr_message.o: ../../include/vstream.h
qmgr_message.o: ../../include/vstring.h qmgr_message.o: ../../include/vstring.h
qmgr_message.o: qmgr.h qmgr_message.o: qmgr.h
qmgr_message.o: qmgr_message.c qmgr_message.o: qmgr_message.c
qmgr_move.o: ../../include/argv.h
qmgr_move.o: ../../include/dict.h
qmgr_move.o: ../../include/dsn.h qmgr_move.o: ../../include/dsn.h
qmgr_move.o: ../../include/dsn_buf.h qmgr_move.o: ../../include/dsn_buf.h
qmgr_move.o: ../../include/mail_queue.h qmgr_move.o: ../../include/mail_queue.h
qmgr_move.o: ../../include/mail_scan_dir.h qmgr_move.o: ../../include/mail_scan_dir.h
qmgr_move.o: ../../include/maps.h
qmgr_move.o: ../../include/msg.h qmgr_move.o: ../../include/msg.h
qmgr_move.o: ../../include/recipient_list.h qmgr_move.o: ../../include/recipient_list.h
qmgr_move.o: ../../include/scan_dir.h qmgr_move.o: ../../include/scan_dir.h
@ -262,9 +289,12 @@ qmgr_move.o: ../../include/vstream.h
qmgr_move.o: ../../include/vstring.h qmgr_move.o: ../../include/vstring.h
qmgr_move.o: qmgr.h qmgr_move.o: qmgr.h
qmgr_move.o: qmgr_move.c qmgr_move.o: qmgr_move.c
qmgr_peer.o: ../../include/argv.h
qmgr_peer.o: ../../include/dict.h
qmgr_peer.o: ../../include/dsn.h qmgr_peer.o: ../../include/dsn.h
qmgr_peer.o: ../../include/dsn_buf.h qmgr_peer.o: ../../include/dsn_buf.h
qmgr_peer.o: ../../include/htable.h qmgr_peer.o: ../../include/htable.h
qmgr_peer.o: ../../include/maps.h
qmgr_peer.o: ../../include/msg.h qmgr_peer.o: ../../include/msg.h
qmgr_peer.o: ../../include/mymalloc.h qmgr_peer.o: ../../include/mymalloc.h
qmgr_peer.o: ../../include/recipient_list.h qmgr_peer.o: ../../include/recipient_list.h
@ -275,11 +305,14 @@ qmgr_peer.o: ../../include/vstream.h
qmgr_peer.o: ../../include/vstring.h qmgr_peer.o: ../../include/vstring.h
qmgr_peer.o: qmgr.h qmgr_peer.o: qmgr.h
qmgr_peer.o: qmgr_peer.c qmgr_peer.o: qmgr_peer.c
qmgr_queue.o: ../../include/argv.h
qmgr_queue.o: ../../include/dict.h
qmgr_queue.o: ../../include/dsn.h qmgr_queue.o: ../../include/dsn.h
qmgr_queue.o: ../../include/dsn_buf.h qmgr_queue.o: ../../include/dsn_buf.h
qmgr_queue.o: ../../include/events.h qmgr_queue.o: ../../include/events.h
qmgr_queue.o: ../../include/htable.h qmgr_queue.o: ../../include/htable.h
qmgr_queue.o: ../../include/mail_params.h qmgr_queue.o: ../../include/mail_params.h
qmgr_queue.o: ../../include/maps.h
qmgr_queue.o: ../../include/msg.h qmgr_queue.o: ../../include/msg.h
qmgr_queue.o: ../../include/mymalloc.h qmgr_queue.o: ../../include/mymalloc.h
qmgr_queue.o: ../../include/recipient_list.h qmgr_queue.o: ../../include/recipient_list.h
@ -290,9 +323,12 @@ qmgr_queue.o: ../../include/vstream.h
qmgr_queue.o: ../../include/vstring.h qmgr_queue.o: ../../include/vstring.h
qmgr_queue.o: qmgr.h qmgr_queue.o: qmgr.h
qmgr_queue.o: qmgr_queue.c qmgr_queue.o: qmgr_queue.c
qmgr_scan.o: ../../include/argv.h
qmgr_scan.o: ../../include/dict.h
qmgr_scan.o: ../../include/dsn.h qmgr_scan.o: ../../include/dsn.h
qmgr_scan.o: ../../include/dsn_buf.h qmgr_scan.o: ../../include/dsn_buf.h
qmgr_scan.o: ../../include/mail_scan_dir.h qmgr_scan.o: ../../include/mail_scan_dir.h
qmgr_scan.o: ../../include/maps.h
qmgr_scan.o: ../../include/msg.h qmgr_scan.o: ../../include/msg.h
qmgr_scan.o: ../../include/mymalloc.h qmgr_scan.o: ../../include/mymalloc.h
qmgr_scan.o: ../../include/recipient_list.h qmgr_scan.o: ../../include/recipient_list.h
@ -303,7 +339,9 @@ qmgr_scan.o: ../../include/vstream.h
qmgr_scan.o: ../../include/vstring.h qmgr_scan.o: ../../include/vstring.h
qmgr_scan.o: qmgr.h qmgr_scan.o: qmgr.h
qmgr_scan.o: qmgr_scan.c qmgr_scan.o: qmgr_scan.c
qmgr_transport.o: ../../include/argv.h
qmgr_transport.o: ../../include/attr.h qmgr_transport.o: ../../include/attr.h
qmgr_transport.o: ../../include/dict.h
qmgr_transport.o: ../../include/dsn.h qmgr_transport.o: ../../include/dsn.h
qmgr_transport.o: ../../include/dsn_buf.h qmgr_transport.o: ../../include/dsn_buf.h
qmgr_transport.o: ../../include/events.h qmgr_transport.o: ../../include/events.h
@ -312,6 +350,7 @@ qmgr_transport.o: ../../include/iostuff.h
qmgr_transport.o: ../../include/mail_conf.h qmgr_transport.o: ../../include/mail_conf.h
qmgr_transport.o: ../../include/mail_params.h qmgr_transport.o: ../../include/mail_params.h
qmgr_transport.o: ../../include/mail_proto.h qmgr_transport.o: ../../include/mail_proto.h
qmgr_transport.o: ../../include/maps.h
qmgr_transport.o: ../../include/msg.h qmgr_transport.o: ../../include/msg.h
qmgr_transport.o: ../../include/mymalloc.h qmgr_transport.o: ../../include/mymalloc.h
qmgr_transport.o: ../../include/recipient_list.h qmgr_transport.o: ../../include/recipient_list.h

15
postfix/src/qmgr/qmgr.c
View File

@ -375,12 +375,16 @@ int var_local_con_lim;
int var_local_rcpt_lim; int var_local_rcpt_lim;
int var_proc_limit; int var_proc_limit;
bool var_verp_bounce_off; bool var_verp_bounce_off;
bool var_sender_routing;
int var_qmgr_clog_warn_time; int var_qmgr_clog_warn_time;
char *var_snd_relay_maps;
char *var_vrfy_relay_maps;
static QMGR_SCAN *qmgr_incoming; static QMGR_SCAN *qmgr_incoming;
static QMGR_SCAN *qmgr_deferred; static QMGR_SCAN *qmgr_deferred;
MAPS *qmgr_snd_relay_maps;
MAPS *qmgr_vrfy_relay_maps;
/* qmgr_deferred_run_event - queue manager heartbeat */ /* qmgr_deferred_run_event - queue manager heartbeat */
static void qmgr_deferred_run_event(int unused_event, char *dummy) static void qmgr_deferred_run_event(int unused_event, char *dummy)
@ -528,6 +532,12 @@ static void pre_accept(char *unused_name, char **unused_argv)
static void qmgr_pre_init(char *unused_name, char **unused_argv) static void qmgr_pre_init(char *unused_name, char **unused_argv)
{ {
flush_init(); flush_init();
if (*var_snd_relay_maps)
qmgr_snd_relay_maps =
maps_create(VAR_SND_RELAY_MAPS, var_snd_relay_maps, 0);
if (*var_vrfy_relay_maps)
qmgr_vrfy_relay_maps =
maps_create(VAR_VRFY_RELAY_MAPS, var_vrfy_relay_maps, 0);
} }
/* qmgr_post_init - post-jail initialization */ /* qmgr_post_init - post-jail initialization */
@ -586,6 +596,8 @@ int main(int argc, char **argv)
{ {
static CONFIG_STR_TABLE str_table[] = { static CONFIG_STR_TABLE str_table[] = {
VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0, VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
VAR_SND_RELAY_MAPS, DEF_SND_RELAY_MAPS, &var_snd_relay_maps, 0, 0,
VAR_VRFY_RELAY_MAPS, DEF_VRFY_RELAY_MAPS, &var_vrfy_relay_maps, 0, 0,
0, 0,
}; };
static CONFIG_TIME_TABLE time_table[] = { static CONFIG_TIME_TABLE time_table[] = {
@ -619,7 +631,6 @@ int main(int argc, char **argv)
static CONFIG_BOOL_TABLE bool_table[] = { static CONFIG_BOOL_TABLE bool_table[] = {
VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user, VAR_ALLOW_MIN_USER, DEF_ALLOW_MIN_USER, &var_allow_min_user,
VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off, VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off,
VAR_SENDER_ROUTING, DEF_SENDER_ROUTING, &var_sender_routing,
0, 0,
}; };

7
postfix/src/qmgr/qmgr.h
View File

@ -25,6 +25,7 @@
*/ */
#include <recipient_list.h> #include <recipient_list.h>
#include <dsn.h> #include <dsn.h>
#include <maps.h> /* Grr.. sender relay maps */
/* /*
* The queue manager is built around lots of mutually-referring structures. * The queue manager is built around lots of mutually-referring structures.
@ -422,6 +423,12 @@ extern QMGR_SCAN *qmgr_scan_create(const char *);
extern void qmgr_scan_request(QMGR_SCAN *, int); extern void qmgr_scan_request(QMGR_SCAN *, int);
extern char *qmgr_scan_next(QMGR_SCAN *); extern char *qmgr_scan_next(QMGR_SCAN *);
/*
* qmgr.c
*/
extern MAPS *qmgr_snd_relay_maps;
extern MAPS *qmgr_vrfy_relay_maps;
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi

61
postfix/src/qmgr/qmgr_message.c
View File

@ -135,6 +135,7 @@
#include <split_addr.h> #include <split_addr.h>
#include <dsn_mask.h> #include <dsn_mask.h>
#include <dsn_attr_map.h> #include <dsn_attr_map.h>
#include <mail_addr_find.h>
/* Client stubs. */ /* Client stubs. */
@ -886,14 +887,23 @@ static void qmgr_message_sort(QMGR_MESSAGE *message)
/* qmgr_resolve_one - resolve or skip one recipient */ /* qmgr_resolve_one - resolve or skip one recipient */
static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient, static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
const char *addr, RESOLVE_REPLY *reply) const char *addr, RESOLVE_REPLY *reply,
int do_snd_relay_maps)
{ {
MAPS *snd_relay_maps;
const char *smarthost;
DSN dsn; DSN dsn;
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) #define NO_SENDER_RELAY_MAPS 0
#define DO_SENDER_RELAY_MAPS 1
if ((message->tflags & DEL_REQ_FLAG_MTA_VRFY) == 0) {
snd_relay_maps = qmgr_snd_relay_maps;
resolve_clnt_query(addr, reply); resolve_clnt_query(addr, reply);
else } else {
snd_relay_maps = qmgr_vrfy_relay_maps;
resolve_clnt_verify(addr, reply); resolve_clnt_verify(addr, reply);
}
if (reply->flags & RESOLVE_FLAG_FAIL) { if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0", DSN_SMTP(&dsn, "4.3.0",
@ -907,6 +917,31 @@ static int qmgr_resolve_one(QMGR_MESSAGE *message, RECIPIENT *recipient,
"bad address syntax")); "bad address syntax"));
return (-1); return (-1);
} else { } else {
/*
* The next-hop destination may be replaced by the per-sender relay
* host.
*
* XXX This violates the principle that qmgr does no map lookups. Map
* changes require process restart which is bad for queue manager
* performance.
*/
if ((reply->flags & RESOLVE_FLAG_SMARTHOST) && do_snd_relay_maps
&& message->sender[0] && snd_relay_maps) {
if ((smarthost = mail_addr_find(snd_relay_maps, message->sender,
(char **) 0)) != 0) {
if (msg_verbose)
msg_info("using smart host %s for sender %s",
smarthost, message->sender);
vstring_strcpy(reply->nexthop, smarthost);
} else if (dict_errno != 0) {
qmgr_defer_recipient(message, recipient,
DSN_SMTP(&dsn, "4.3.0",
"451 address resolver failure",
"address resolver failure"));
return (-1);
}
}
return (0); return (0);
} }
} }
@ -952,7 +987,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
reply.recipient); reply.recipient);
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
if (qmgr_resolve_one(message, recipient, if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0) recipient->address, &reply,
NO_SENDER_RELAY_MAPS) < 0)
continue; continue;
if (!STREQ(recipient->address, STR(reply.recipient))) if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
@ -962,6 +998,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Content filtering overrides the address resolver. * Content filtering overrides the address resolver.
*/ */
else if (message->filter_xport) { else if (message->filter_xport) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport); vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0 if ((nexthop = split_at(STR(reply.transport), ':')) == 0
|| *nexthop == 0) || *nexthop == 0)
@ -974,25 +1011,15 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* Resolve the destination to (transport, nexthop, address). The * Resolve the destination to (transport, nexthop, address). The
* result address may differ from the one specified by the sender. * result address may differ from the one specified by the sender.
*/ */
else if (var_sender_routing == 0) { else {
if (qmgr_resolve_one(message, recipient, if (qmgr_resolve_one(message, recipient,
recipient->address, &reply) < 0) recipient->address, &reply,
DO_SENDER_RELAY_MAPS) < 0)
continue; continue;
if (!STREQ(recipient->address, STR(reply.recipient))) if (!STREQ(recipient->address, STR(reply.recipient)))
RECIPIENT_UPDATE(recipient->address, STR(reply.recipient)); RECIPIENT_UPDATE(recipient->address, STR(reply.recipient));
} }
/*
* XXX Sender-based routing does not work very well, because it has
* problems with sending bounces.
*/
else {
if (qmgr_resolve_one(message, recipient,
message->sender, &reply) < 0)
continue;
vstring_strcpy(reply.recipient, recipient->address);
}
/* /*
* Bounce null recipients. This should never happen, but is most * Bounce null recipients. This should never happen, but is most
* likely the result of a fault in a different program, so aborting * likely the result of a fault in a different program, so aborting

12
postfix/src/smtp/smtp.c
View File

@ -152,7 +152,8 @@
/* Enable SASL authentication in the Postfix SMTP client. /* Enable SASL authentication in the Postfix SMTP client.
/* .IP "\fBsmtp_sasl_password_maps (empty)\fR" /* .IP "\fBsmtp_sasl_password_maps (empty)\fR"
/* Optional SMTP client lookup tables with one username:password entry /* Optional SMTP client lookup tables with one username:password entry
/* per remote hostname or domain. /* per remote hostname or domain (or per sender, when per-sender
/* authentication is enabled).
/* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR" /* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
/* What authentication mechanisms the Postfix SMTP client is allowed /* What authentication mechanisms the Postfix SMTP client is allowed
/* to use. /* to use.
@ -161,6 +162,13 @@
/* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR" /* .IP "\fBsmtp_sasl_mechanism_filter (empty)\fR"
/* If non-empty, a Postfix SMTP client filter for the remote SMTP /* If non-empty, a Postfix SMTP client filter for the remote SMTP
/* server's list of offered SASL mechanisms. /* server's list of offered SASL mechanisms.
/* .PP
/* Available in Postfix version 2.3 and later:
/* .IP "\fBsmtp_per_sender_authentication (no)\fR"
/* Enable per-sender authentication in the SMTP client; this is available
/* only with SASL authentication, and disables SMTP connection caching
/* to ensure that mail from different senders will use the appropriate
/* credentials.
/* STARTTLS SUPPORT CONTROLS /* STARTTLS SUPPORT CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -507,6 +515,7 @@ bool var_smtp_tls_note_starttls_offer;
char *var_smtp_generic_maps; char *var_smtp_generic_maps;
char *var_prop_extension; char *var_prop_extension;
bool var_smtp_sender_auth;
/* /*
* Global variables. smtp_errno is set by the address lookup routines and by * Global variables. smtp_errno is set by the address lookup routines and by
@ -800,6 +809,7 @@ int main(int argc, char **argv)
VAR_SMTP_TLS_ENFORCE_PN, DEF_SMTP_TLS_ENFORCE_PN, &var_smtp_tls_enforce_peername, VAR_SMTP_TLS_ENFORCE_PN, DEF_SMTP_TLS_ENFORCE_PN, &var_smtp_tls_enforce_peername,
VAR_SMTP_TLS_NOTEOFFER, DEF_SMTP_TLS_NOTEOFFER, &var_smtp_tls_note_starttls_offer, VAR_SMTP_TLS_NOTEOFFER, DEF_SMTP_TLS_NOTEOFFER, &var_smtp_tls_note_starttls_offer,
#endif #endif
VAR_SMTP_SENDER_AUTH, DEF_SMTP_SENDER_AUTH, &var_smtp_sender_auth,
0, 0,
}; };

6
postfix/src/smtp/smtp_connect.c
View File

@ -625,8 +625,14 @@ int smtp_connect(SMTP_STATE *state)
* Opportunistic (a.k.a. on-demand) session caching on request by the * Opportunistic (a.k.a. on-demand) session caching on request by the
* queue manager. This is turned temporarily when a destination has a * queue manager. This is turned temporarily when a destination has a
* high volume of mail in the active queue. * high volume of mail in the active queue.
*
* XXX Disable connection caching when per-sender credentials are
* enabled. We must not send someone elses mail over an authenticated
* connection, and we must not send mail that requires authentication
* over a connection that wasn't authenticated.
*/ */
if (cpp == sites->argv if (cpp == sites->argv
&& !var_smtp_sender_auth
&& ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0) && ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0)
|| (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) { || (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) {
sess_flags |= SMTP_SESS_FLAG_CACHE; sess_flags |= SMTP_SESS_FLAG_CACHE;

10
postfix/src/smtp/smtp_sasl_glue.c
View File

@ -116,6 +116,7 @@
#include <mail_params.h> #include <mail_params.h>
#include <string_list.h> #include <string_list.h>
#include <maps.h> #include <maps.h>
#include <mail_addr_find.h>
/* /*
* Application-specific * Application-specific
@ -329,7 +330,10 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session)
* but didn't canonicalize the TCP port, and did not append the port to * but didn't canonicalize the TCP port, and did not append the port to
* the MX hostname. * the MX hostname.
*/ */
if ((value = maps_find(smtp_sasl_passwd_map, session->host, 0)) != 0 if ((var_sender_auth
&& (value = mail_addr_find(smtp_sasl_passwd_map,
state->request->sender, (char **) 0)) != 0)
|| (value = maps_find(smtp_sasl_passwd_map, session->host, 0)) != 0
|| (value = maps_find(smtp_sasl_passwd_map, session->dest, 0)) != 0) { || (value = maps_find(smtp_sasl_passwd_map, session->dest, 0)) != 0) {
session->sasl_username = mystrdup(value); session->sasl_username = mystrdup(value);
passwd = split_at(session->sasl_username, ':'); passwd = split_at(session->sasl_username, ':');
@ -341,8 +345,8 @@ int smtp_sasl_passwd_lookup(SMTP_SESSION *session)
return (1); return (1);
} else { } else {
if (msg_verbose) if (msg_verbose)
msg_info("%s: host `%s' no auth info found", msg_info("%s: no auth info found (sender=`%s', host=`%s')",
myname, session->host); myname, state->request->sender, session->host);
return (0); return (0);
} }
} }

4
postfix/src/trivial-rewrite/Makefile.in
View File

@ -94,11 +94,14 @@ resolve.o: ../../include/vstring_vstream.h
resolve.o: resolve.c resolve.o: resolve.c
resolve.o: transport.h resolve.o: transport.h
resolve.o: trivial-rewrite.h resolve.o: trivial-rewrite.h
rewrite.o: ../../include/argv.h
rewrite.o: ../../include/attr.h rewrite.o: ../../include/attr.h
rewrite.o: ../../include/dict.h
rewrite.o: ../../include/iostuff.h rewrite.o: ../../include/iostuff.h
rewrite.o: ../../include/mail_conf.h rewrite.o: ../../include/mail_conf.h
rewrite.o: ../../include/mail_params.h rewrite.o: ../../include/mail_params.h
rewrite.o: ../../include/mail_proto.h rewrite.o: ../../include/mail_proto.h
rewrite.o: ../../include/maps.h
rewrite.o: ../../include/msg.h rewrite.o: ../../include/msg.h
rewrite.o: ../../include/resolve_clnt.h rewrite.o: ../../include/resolve_clnt.h
rewrite.o: ../../include/resolve_local.h rewrite.o: ../../include/resolve_local.h
@ -122,6 +125,7 @@ transport.o: ../../include/match_ops.h
transport.o: ../../include/match_parent_style.h transport.o: ../../include/match_parent_style.h
transport.o: ../../include/msg.h transport.o: ../../include/msg.h
transport.o: ../../include/mymalloc.h transport.o: ../../include/mymalloc.h
transport.o: ../../include/resolve_clnt.h
transport.o: ../../include/split_at.h transport.o: ../../include/split_at.h
transport.o: ../../include/stringops.h transport.o: ../../include/stringops.h
transport.o: ../../include/strip_addr.h transport.o: ../../include/strip_addr.h

18
postfix/src/trivial-rewrite/resolve.c
View File

@ -395,7 +395,8 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* highest precedence to transport associated nexthop information. * highest precedence to transport associated nexthop information.
* *
* Otherwise, with relay or other non-local destinations, the relayhost * Otherwise, with relay or other non-local destinations, the relayhost
* setting overrides the destination domain name. * setting overrides the recipient domain name, and the per-sender
* relayhost overrides both.
* *
* XXX Nag if the recipient domain is listed in multiple domain lists. The * XXX Nag if the recipient domain is listed in multiple domain lists. The
* result is implementation defined, and may break when internals change. * result is implementation defined, and may break when internals change.
@ -489,8 +490,15 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
} }
/* /*
* With off-host delivery, relayhost overrides recipient domain. * With off-host delivery, per-sender or global relayhost
* override the recipient domain. The per-sender override is done
* in the client, and permission to do so is is signaled with the
* SMARTHOST flag. This is technically incorrect, but avoids the
* need to change the resolver client protocol for something that
* is irrelevant for most resolver clients, and that most Postfix
* sites will never need.
*/ */
*flags |= RESOLVE_FLAG_SMARTHOST;
if (*RES_PARAM_VALUE(rp->relayhost)) if (*RES_PARAM_VALUE(rp->relayhost))
vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost)); vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost));
else else
@ -529,8 +537,10 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* force mail for any domain in $mydestination/${proxy,inet}_interfaces * force mail for any domain in $mydestination/${proxy,inet}_interfaces
* to share the same queue. * to share the same queue.
*/ */
if ((destination = split_at(STR(channel), ':')) != 0 && *destination) if ((destination = split_at(STR(channel), ':')) != 0 && *destination) {
vstring_strcpy(nexthop, destination); vstring_strcpy(nexthop, destination);
*flags &= ~RESOLVE_FLAG_SMARTHOST;
}
/* /*
* Sanity checks. * Sanity checks.
@ -574,7 +584,7 @@ static void resolve_addr(RES_CONTEXT *rp, char *addr,
* XXX Don't override the virtual alias class (error:User unknown) result. * XXX Don't override the virtual alias class (error:User unknown) result.
*/ */
if (rp->transport_info && !(*flags & RESOLVE_CLASS_ALIAS)) { if (rp->transport_info && !(*flags & RESOLVE_CLASS_ALIAS)) {
if (transport_lookup(rp->transport_info, STR(nextrcpt), if (transport_lookup(rp->transport_info, flags, STR(nextrcpt),
rcpt_domain, channel, nexthop) == 0 rcpt_domain, channel, nexthop) == 0
&& dict_errno != 0) { && dict_errno != 0) {
msg_warn("%s lookup failure", rp->transport_maps_name); msg_warn("%s lookup failure", rp->transport_maps_name);

46
postfix/src/trivial-rewrite/transport.c
View File

@ -13,8 +13,10 @@
/* void transport_post_init(info) /* void transport_post_init(info)
/* TRANSPORT_INFO *info; /* TRANSPORT_INFO *info;
/* /*
/* int transport_lookup(info, address, rcpt_domain, channel, nexthop) /* int transport_lookup(info, res_flags, address, rcpt_domain,
/* channel, nexthop)
/* TRANSPORT_INFO *info; /* TRANSPORT_INFO *info;
/* int *res_flags;
/* const char *address; /* const char *address;
/* const char *rcpt_domain; /* const char *rcpt_domain;
/* VSTRING *channel; /* VSTRING *channel;
@ -35,7 +37,8 @@
/* /*
/* transport_lookup() finds the channel and nexthop for the given /* transport_lookup() finds the channel and nexthop for the given
/* domain, and returns 1 if something was found. Otherwise, 0 /* domain, and returns 1 if something was found. Otherwise, 0
/* is returned. /* is returned. The res_flags SMARTHOST bit is reset when the nexthop
/* information is updated.
/* DIAGNOSTICS /* DIAGNOSTICS
/* The global \fIdict_errno\fR is non-zero when the lookup /* The global \fIdict_errno\fR is non-zero when the lookup
/* should be tried again. /* should be tried again.
@ -77,6 +80,7 @@
#include <maps.h> #include <maps.h>
#include <match_parent_style.h> #include <match_parent_style.h>
#include <mail_proto.h> #include <mail_proto.h>
#include <resolve_clnt.h>
/* Application-specific. */ /* Application-specific. */
@ -128,7 +132,7 @@ void transport_free(TRANSPORT_INFO *tp)
static void update_entry(const char *new_channel, const char *new_nexthop, static void update_entry(const char *new_channel, const char *new_nexthop,
const char *rcpt_domain, VSTRING *channel, const char *rcpt_domain, VSTRING *channel,
VSTRING *nexthop) VSTRING *nexthop, int *res_flags)
{ {
/* /*
@ -137,8 +141,10 @@ static void update_entry(const char *new_channel, const char *new_nexthop,
* side of ":" is the transport table equivalent of a NOOP. * side of ":" is the transport table equivalent of a NOOP.
*/ */
if (*new_channel == 0) { /* :[nexthop] */ if (*new_channel == 0) { /* :[nexthop] */
if (*new_nexthop != 0) if (*new_nexthop != 0) {
vstring_strcpy(nexthop, new_nexthop); vstring_strcpy(nexthop, new_nexthop);
*res_flags &= ~RESOLVE_FLAG_SMARTHOST;
}
} }
/* /*
@ -153,14 +159,18 @@ static void update_entry(const char *new_channel, const char *new_nexthop,
vstring_strcpy(nexthop, rcpt_domain); vstring_strcpy(nexthop, rcpt_domain);
else else
vstring_strcpy(nexthop, "Address is undeliverable"); vstring_strcpy(nexthop, "Address is undeliverable");
*res_flags &= ~RESOLVE_FLAG_SMARTHOST;
} }
} }
/* find_transport_entry - look up and parse transport table entry */ /* find_transport_entry - look up and parse transport table entry */
static int find_transport_entry(TRANSPORT_INFO *tp, const char *key, static int find_transport_entry(TRANSPORT_INFO *tp, int *res_flags,
const char *rcpt_domain, int flags, const char *key,
VSTRING *channel, VSTRING *nexthop) const char *rcpt_domain,
int map_flags,
VSTRING *channel,
VSTRING *nexthop)
{ {
char *saved_value; char *saved_value;
const char *host; const char *host;
@ -179,7 +189,7 @@ static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
* *
* XXX Should report lookup failure status to caller instead of aborting. * XXX Should report lookup failure status to caller instead of aborting.
*/ */
if ((value = maps_find(tp->transport_path, key, flags)) == 0) if ((value = maps_find(tp->transport_path, key, map_flags)) == 0)
return (NOTFOUND); return (NOTFOUND);
/* /*
@ -193,7 +203,7 @@ static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
saved_value = mystrdup(value); saved_value = mystrdup(value);
host = split_at(saved_value, ':'); host = split_at(saved_value, ':');
update_entry(saved_value, host ? host : "", rcpt_domain, update_entry(saved_value, host ? host : "", rcpt_domain,
channel, nexthop); channel, nexthop, res_flags);
myfree(saved_value); myfree(saved_value);
return (FOUND); return (FOUND);
} }
@ -205,6 +215,7 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
{ {
VSTRING *channel = vstring_alloc(10); VSTRING *channel = vstring_alloc(10);
VSTRING *nexthop = vstring_alloc(10); VSTRING *nexthop = vstring_alloc(10);
int dummy;
/* /*
* Technically, the wildcard lookup pattern is redundant. A static map * Technically, the wildcard lookup pattern is redundant. A static map
@ -220,7 +231,8 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
#define FULL 0 #define FULL 0
#define PARTIAL DICT_FLAG_FIXED #define PARTIAL DICT_FLAG_FIXED
if (find_transport_entry(tp, WILDCARD, "", FULL, channel, nexthop)) { if (find_transport_entry(tp, &dummy, WILDCARD, "",
FULL, channel, nexthop)) {
tp->transport_errno = 0; tp->transport_errno = 0;
if (tp->wildcard_channel) if (tp->wildcard_channel)
vstring_free(tp->wildcard_channel); vstring_free(tp->wildcard_channel);
@ -240,7 +252,7 @@ static void transport_wildcard_init(TRANSPORT_INFO *tp)
/* transport_lookup - map a transport domain */ /* transport_lookup - map a transport domain */
int transport_lookup(TRANSPORT_INFO *tp, const char *addr, int transport_lookup(TRANSPORT_INFO *tp, int *res_flags, const char *addr,
const char *rcpt_domain, const char *rcpt_domain,
VSTRING *channel, VSTRING *nexthop) VSTRING *channel, VSTRING *nexthop)
{ {
@ -279,7 +291,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
if ((ratsign = strrchr(full_addr, '@')) == 0 || ratsign[1] == 0) if ((ratsign = strrchr(full_addr, '@')) == 0 || ratsign[1] == 0)
msg_panic("transport_lookup: bad address: \"%s\"", full_addr); msg_panic("transport_lookup: bad address: \"%s\"", full_addr);
if (find_transport_entry(tp, full_addr, rcpt_domain, FULL, channel, nexthop)) if (find_transport_entry(tp, res_flags, full_addr, rcpt_domain,
FULL, channel, nexthop))
RETURN_FREE(FOUND); RETURN_FREE(FOUND);
if (dict_errno != 0) if (dict_errno != 0)
RETURN_FREE(NOTFOUND); RETURN_FREE(NOTFOUND);
@ -291,8 +304,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
*/ */
if ((stripped_addr = strip_addr(full_addr, DISCARD_EXTENSION, if ((stripped_addr = strip_addr(full_addr, DISCARD_EXTENSION,
*var_rcpt_delim)) != 0) { *var_rcpt_delim)) != 0) {
found = find_transport_entry(tp, stripped_addr, rcpt_domain, PARTIAL, found = find_transport_entry(tp, res_flags, stripped_addr, rcpt_domain,
channel, nexthop); PARTIAL, channel, nexthop);
myfree(stripped_addr); myfree(stripped_addr);
if (found) if (found)
@ -318,7 +331,8 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
* with regular expressions. * with regular expressions.
*/ */
for (name = ratsign + 1; *name != 0; name = next) { for (name = ratsign + 1; *name != 0; name = next) {
if (find_transport_entry(tp, name, rcpt_domain, PARTIAL, channel, nexthop)) if (find_transport_entry(tp, res_flags, name, rcpt_domain,
PARTIAL, channel, nexthop))
RETURN_FREE(FOUND); RETURN_FREE(FOUND);
if (dict_errno != 0) if (dict_errno != 0)
RETURN_FREE(NOTFOUND); RETURN_FREE(NOTFOUND);
@ -338,7 +352,7 @@ int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
RETURN_FREE(NOTFOUND); RETURN_FREE(NOTFOUND);
} else if (tp->wildcard_channel) { } else if (tp->wildcard_channel) {
update_entry(STR(tp->wildcard_channel), STR(tp->wildcard_nexthop), update_entry(STR(tp->wildcard_channel), STR(tp->wildcard_nexthop),
rcpt_domain, channel, nexthop); rcpt_domain, channel, nexthop, res_flags);
RETURN_FREE(FOUND); RETURN_FREE(FOUND);
} }

2
postfix/src/trivial-rewrite/transport.h
View File

@ -30,7 +30,7 @@ typedef struct TRANSPORT_INFO {
extern TRANSPORT_INFO *transport_pre_init(const char *, const char *); extern TRANSPORT_INFO *transport_pre_init(const char *, const char *);
extern void transport_post_init(TRANSPORT_INFO *); extern void transport_post_init(TRANSPORT_INFO *);
extern int transport_lookup(TRANSPORT_INFO *, const char *, const char *, VSTRING *, VSTRING *); extern int transport_lookup(TRANSPORT_INFO *, int *, const char *, const char *, VSTRING *, VSTRING *);
extern void transport_free(TRANSPORT_INFO *); extern void transport_free(TRANSPORT_INFO *);
/* LICENSE /* LICENSE

8
postfix/src/trivial-rewrite/trivial-rewrite.c
View File

@ -140,6 +140,11 @@
/* .IP "\fBtransport_maps (empty)\fR" /* .IP "\fBtransport_maps (empty)\fR"
/* Optional lookup tables with mappings from recipient address to /* Optional lookup tables with mappings from recipient address to
/* (message delivery transport, next-hop destination). /* (message delivery transport, next-hop destination).
/* .PP
/* Available in Postfix version 2.3 and later:
/* .IP "\fBsender_relayhost_maps (empty)\fR"
/* A sender-specific override for the global relayhost parameter
/* setting.
/* ADDRESS VERIFICATION CONTROLS /* ADDRESS VERIFICATION CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -165,6 +170,9 @@
/* .IP "\fBaddress_verify_relayhost ($relayhost)\fR" /* .IP "\fBaddress_verify_relayhost ($relayhost)\fR"
/* Overrides the relayhost parameter setting for address verification /* Overrides the relayhost parameter setting for address verification
/* probes. /* probes.
/* .IP "\fBaddress_verify_sender_relayhost_maps (empty)\fR"
/* Overrides the sender_relayhost_maps parameter setting for address
/* verification probes.
/* .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR" /* .IP "\fBaddress_verify_transport_maps ($transport_maps)\fR"
/* Overrides the transport_maps parameter setting for address verification /* Overrides the transport_maps parameter setting for address verification
/* probes. /* probes.

3
postfix/src/trivial-rewrite/trivial-rewrite.h
View File

@ -18,6 +18,7 @@
* Global library. * Global library.
*/ */
#include <tok822.h> #include <tok822.h>
#include <maps.h>
/* /*
* Connection management. * Connection management.
@ -32,7 +33,7 @@ typedef struct {
char **origin; /* default origin */ char **origin; /* default origin */
const char *domain_name; /* name of variable */ const char *domain_name; /* name of variable */
char **domain; /* default domain */ char **domain; /* default domain */
} RWR_CONTEXT; } RWR_CONTEXT;
#define REW_PARAM_VALUE(x) (*(x)) /* make it easy to do it right */ #define REW_PARAM_VALUE(x) (*(x)) /* make it easy to do it right */