mirror of
https://github.com/vdukhovni/postfix
synced 2025-08-29 13:18:12 +00:00
postfix-2.12-20140105
This commit is contained in:
parent
4a25a6b519
commit
b3a48ba3a8
@ -2,6 +2,13 @@ PPoossttffiixx OOppeennLLDDAAPP LLMMDDBB HHoowwttoo
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
|
||||
NNoottee
|
||||
|
||||
LMDB is not supported in the stable Postfix release. It will spontaneously
|
||||
terminate a Postfix daemon process without allowing Postfix to 1) report the
|
||||
problem to the maillog file, and to 2) provide reduced service where this is
|
||||
appropriate.
|
||||
|
||||
IInnttrroodduuccttiioonn
|
||||
|
||||
Postfix uses databases of various kinds to store and look up information.
|
||||
@ -72,7 +79,7 @@ NNoonn--oobbvviioouuss rreeccoovveerryy wwiitthh ppoos
|
||||
ccoorrrruupptteedd ddaattaabbaassee..
|
||||
|
||||
Problem:
|
||||
A corrupted LMDB database cann't be rebuilt simply by re-running postmap(1)
|
||||
A corrupted LMDB database can't be rebuilt simply by re-running postmap(1)
|
||||
or postalias(1), or by waiting until a tlsmgr(8) daemon restarts. This
|
||||
problem does not exist with other Postfix databases.
|
||||
|
||||
|
@ -1,269 +1,17 @@
|
||||
This is the Postfix 2.11 (experimental) branch.
|
||||
This is the Postfix 2.12 (experimental) branch.
|
||||
|
||||
The stable Postfix release is called postfix-2.10.x where 2=major
|
||||
release number, 10=minor release number, x=patchlevel. The stable
|
||||
The stable Postfix release is called postfix-2.11.x where 2=major
|
||||
release number, 11=minor release number, x=patchlevel. The stable
|
||||
release never changes except for patches that address bugs or
|
||||
emergencies. Patches change the patchlevel and the release date.
|
||||
|
||||
New features are developed in snapshot releases. These are called
|
||||
postfix-2.11-yyyymmdd where yyyymmdd is the release date (yyyy=year,
|
||||
postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year,
|
||||
mm=month, dd=day). Patches are never issued for snapshot releases;
|
||||
instead, a new snapshot is released.
|
||||
|
||||
The mail_release_date configuration parameter (format: yyyymmdd)
|
||||
specifies the release date of a stable release or snapshot release.
|
||||
|
||||
If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10
|
||||
If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
|
||||
before proceeding.
|
||||
|
||||
Incompatible changes with snapshot 20131217
|
||||
===========================================
|
||||
|
||||
The master_service_disable syntax has changed: use "service/type"
|
||||
instead of "service.type". The new form is consistent with master.cf
|
||||
parameter namespaces. The old form is still supported to avoid
|
||||
breaking existing configurations.
|
||||
|
||||
Major changes with with snapshot 20131217
|
||||
=========================================
|
||||
|
||||
Support for advanced master.cf query and update operations. This
|
||||
was implemented primarily to support automated system management
|
||||
tools.
|
||||
|
||||
The goal is to make all Postfix master.cf details accessible as
|
||||
lists of "name=value" pairs, where the names are organized into
|
||||
structured name spaces. This allows other programs to query
|
||||
information or request updates, without having to worry about the
|
||||
exact layout of master.cf files.
|
||||
|
||||
Managing master.cf service attributes
|
||||
-------------------------------------
|
||||
|
||||
First, an example that shows the smtp/inet service in the traditional
|
||||
form:
|
||||
|
||||
$ postconf -M smtp/inet
|
||||
smtp inet n - n - - smtpd
|
||||
|
||||
Different variants of this command show different amounts of output.
|
||||
For example, "postconf -M smtp" enumerates all services that have
|
||||
a name "smtp" and any service type ("inet", "unix", etc.), and
|
||||
"postconf -M" enumerates all master.cf services.
|
||||
|
||||
General rule: each name component that is not present becomes a "*"
|
||||
wildcard.
|
||||
|
||||
Coming back to the above example, the postconf -F option can now
|
||||
enumerate the smtp/inet service fields as follows:
|
||||
|
||||
$ postconf -F smtp/inet
|
||||
smtp/inet/service = smtp
|
||||
smtp/inet/type = inet
|
||||
smtp/inet/private = n
|
||||
smtp/inet/unprivileged = -
|
||||
smtp/inet/chroot = n
|
||||
smtp/inet/wakeup = -
|
||||
smtp/inet/process_limit = -
|
||||
smtp/inet/command = smtpd
|
||||
|
||||
This form makes it very easy to change one field in master.cf.
|
||||
For example to turn on chroot on the smtp/inet service you use:
|
||||
|
||||
$ postconf -F smtp/inet/chroot=y
|
||||
$ postfix reload
|
||||
|
||||
Moreover, with "-F" you can specify "*" for service name or service
|
||||
type to get a wild-card match. For example, to turn off chroot on
|
||||
all Postfix daemons, use this:
|
||||
|
||||
$ postconf -F '*/*/chroot=n'
|
||||
$ postfix reload
|
||||
|
||||
Managing master.cf service "-o parameter=value" settings
|
||||
--------------------------------------------------------
|
||||
|
||||
For a second example, let's look at the submission service. This
|
||||
service typically has multiple "-o parameter=value" overrides. First
|
||||
the traditional view:
|
||||
|
||||
$ postconf -Mf submission
|
||||
submission inet n - n - - smtpd
|
||||
-o smtpd_tls_security_level=encrypt
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
...
|
||||
|
||||
The postconf -P option can now enumerate these parameters as follows:
|
||||
|
||||
$ postconf -P submission
|
||||
submission/inet/smtpd_sasl_auth_enable = yes
|
||||
submission/inet/smtpd_tls_security_level = encrypt
|
||||
...
|
||||
|
||||
Again, this form makes it very easy to modify one parameter
|
||||
setting. For example, to change the smtpd_tls_security_level setting
|
||||
for the submission/inet service:
|
||||
|
||||
$ postconf -P 'submission/inet/smtpd_tls_security_level=may'
|
||||
|
||||
You can create or remove a parametername=parametervalue setting:
|
||||
|
||||
Create:
|
||||
$ postconf -P 'submission/inet/parametername=parametervalue'
|
||||
|
||||
Remove:
|
||||
$ postconf -PX submission/inet/parametername
|
||||
|
||||
Finally, always execute "postfix reload" after updating master.cf.
|
||||
|
||||
Managing master.cf service entries
|
||||
----------------------------------
|
||||
|
||||
Finally, adding master.cf entries is possible, but currently this
|
||||
does not yet have "advanced" support. It can only be done at the
|
||||
level of the traditional master.cf file format.
|
||||
|
||||
Suppose that you need to configure a Postfix SMTP client that will
|
||||
handle slow email deliveries. To implement this you need to clone
|
||||
the smtp/unix service settings and create a new delay/unix service.
|
||||
|
||||
First, you would enumerate the smtp/unix service like this:
|
||||
|
||||
$ postconf -M smtp/unix
|
||||
smtp unix - - n - - smtp
|
||||
|
||||
Then you would copy those fields (except the first field) by hand
|
||||
to create the delay/unix service:
|
||||
|
||||
$ postconf -M delay/unix="delay unix - - n - - smtp"
|
||||
|
||||
To combine the above steps in one command:
|
||||
|
||||
$ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`"
|
||||
|
||||
This is perhaps not super-convenient for manual cloning, but it
|
||||
should be sufficient for programmatic configuration management.
|
||||
|
||||
Again, always execute "postfix reload" after updating master.cf.
|
||||
|
||||
Deleting or commenting out master.cf entries
|
||||
--------------------------------------------
|
||||
|
||||
The -X (delete entry) and -# (comment out entry) options already
|
||||
exist for main.cf, and they now also work work for entire master.cf
|
||||
entries:
|
||||
|
||||
Remove main.cf or master.cf entry:
|
||||
$ postconf -X parametername
|
||||
$ postconf -MX delay/unix
|
||||
|
||||
Comment out main.cf or master.cf entry:
|
||||
$ postconf -# parametername
|
||||
$ postconf -M# delay/unix
|
||||
|
||||
As with main.cf, there is no support to "undo" master.cf changes
|
||||
that are made with -X or -#.
|
||||
|
||||
Again, always execute "postfix reload" after updating master.cf.
|
||||
|
||||
Major changes with snapshot 20131031
|
||||
====================================
|
||||
|
||||
LMDB support is enabled after changes to LMDB lock management. This
|
||||
includes creating databases with postmap(1) and postalias(1);
|
||||
read/write access by postscreen(8), proxymap(8), verify(8), and
|
||||
tlsmgr(8); and database sharing between privileged writer processes
|
||||
and unprivileged reader processes without world-writable files.
|
||||
|
||||
Major changes with snapshot 20130929
|
||||
====================================
|
||||
|
||||
Support to create LMDB databases is no longer available for the
|
||||
postmap(1) and postalias(1) commands. Instead, consider using cdb:
|
||||
to manage root-owned databases under the root-owned config_directory
|
||||
(default: /etc/postfix) such as access(5), virtual(5), transport(5).
|
||||
|
||||
The reason is that LMDB applications require write access even when
|
||||
the application itself is read-only. This violates the principle
|
||||
of least privilege, and causes all kinds of problems when a non-root
|
||||
process needs to query a root-owned database.
|
||||
|
||||
Support to create LMDB databases is available only for unprivileged
|
||||
Postfix daemon processes such as postscreen(8), tlsmgr(8) and
|
||||
verify(8) that manage postfix-owned databases under the postfix-owned
|
||||
data_directory (default: /var/lib/postfix).
|
||||
|
||||
Major changes with snapshot 20130927
|
||||
====================================
|
||||
|
||||
Postfix now handles LMDB "database full" errors automatically. When
|
||||
a database becomes full, its size limit is doubled, and other
|
||||
processes automatically pick up the new size limit. The lmdb_map_size
|
||||
parameter is now mostly irrelevant, and may be removed in the future.
|
||||
|
||||
Major changes with snapshot 20130602
|
||||
====================================
|
||||
|
||||
Support for PKI-less TLS server certificate verification, where the
|
||||
CA public key is identified via DNSSEC lookup.
|
||||
|
||||
This feature introduces a new TLS security level called "dane"
|
||||
(DNS-based Authentication of Named Entities) that uses DNSSEC to
|
||||
look up CA information for a server TLS certificate. The details
|
||||
of DANE core protocols are still evolving, as are the details of
|
||||
how DANE should be used in the context of SMTP. Postfix implements
|
||||
what appears to be a "rational" subset of the DANE profiles.
|
||||
|
||||
The problem with PKI is that there are literally hundreds of
|
||||
organizations world-wide that can provide a certificate in anyone's
|
||||
name. There have been widely-published incidents in recent history
|
||||
where a certificate authority gave out an inappropriate certificate
|
||||
(e.g., a certificate in the name of Microsoft to someone who did
|
||||
not represent Microsoft), where a CA was compromised (e.g., DigiNotar,
|
||||
Comodo), or where a CA made operational mistakes (e.g., TURKTRUST).
|
||||
Another concern is that a legitimate CA might be coerced to provide
|
||||
a certificate that allows its government to play man-in-the-middle
|
||||
on TLS traffic and observe the plaintext.
|
||||
|
||||
Major changes with snapshot 20130512
|
||||
====================================
|
||||
|
||||
Allow an SMTP client to skip postscreen(8) tests based on its
|
||||
postscreen_dnsbl_sites score.
|
||||
|
||||
Specify a negative "postscreen_dnsbl_whitelist_threshold" to enable
|
||||
this feature. When a client passes the threshold value without
|
||||
having failed other tests, all pending or disabled tests are flagged
|
||||
as completed.
|
||||
|
||||
Major changes with snapshot 20130405
|
||||
====================================
|
||||
|
||||
The recipient_delimiter parameter can now specify a set of characters.
|
||||
A user name is now separated from its address extension by the first
|
||||
character that matches the recipient_delimiter set.
|
||||
|
||||
For example, specify "recipient_delimiter = +-" to support both the
|
||||
Postfix-style "+" and the qmail-style "-" extension delimiter.
|
||||
|
||||
As before, this implementation recognizes one delimiter character
|
||||
per email address, and one address extension per email address.
|
||||
|
||||
Major changes with snapshot 20130319
|
||||
====================================
|
||||
|
||||
Postfix support for LMDB databases is suspended due to the existence
|
||||
of a hard limit (an "out of storage" failure mode that cannot be
|
||||
resolved by increasing the database size).
|
||||
|
||||
Postfix may support LMDB again when it no longer limits the size
|
||||
of Postfix transactions, whether the limit is built into LMDB itself,
|
||||
or implicit by requiring an unbounded amount of memory to handle a
|
||||
large transaction.
|
||||
|
||||
Major changes with snapshot 20130315
|
||||
====================================
|
||||
|
||||
LMDB support by Howard Chu. This implementation has unexpected
|
||||
failure modes that don't exist with other Postfix databases, so
|
||||
don't just yet abandon CDB. See LMDB_README for details.
|
||||
|
256
postfix/RELEASE_NOTES-2.11
Normal file
256
postfix/RELEASE_NOTES-2.11
Normal file
@ -0,0 +1,256 @@
|
||||
The stable Postfix release is called postfix-2.11.x where 2=major
|
||||
release number, 11=minor release number, x=patchlevel. The stable
|
||||
release never changes except for patches that address bugs or
|
||||
emergencies. Patches change the patchlevel and the release date.
|
||||
|
||||
New features are developed in snapshot releases. These are called
|
||||
postfix-2.12-yyyymmdd where yyyymmdd is the release date (yyyy=year,
|
||||
mm=month, dd=day). Patches are never issued for snapshot releases;
|
||||
instead, a new snapshot is released.
|
||||
|
||||
The mail_release_date configuration parameter (format: yyyymmdd)
|
||||
specifies the release date of a stable release or snapshot release.
|
||||
|
||||
If you upgrade from Postfix 2.9 or earlier, read RELEASE_NOTES-2.10
|
||||
before proceeding.
|
||||
|
||||
Major changes - tls
|
||||
-------------------
|
||||
|
||||
[Documentation 20131218] The new FORWARD_SECRECY_README document
|
||||
conveniently presents all information about Postfix "perfect" forward
|
||||
secrecy support in one place: what forward secrecy is, how to tweak
|
||||
settings, and what you can expect to see when Postfix uses ciphers
|
||||
with forward secrecy.
|
||||
|
||||
[Feature 20130602] Support for PKI-less TLS server certificate
|
||||
verification, where the CA public key or the server certificate is
|
||||
identified via DNSSEC lookup.
|
||||
|
||||
This feature introduces a new TLS security level called "dane"
|
||||
(DNS-based Authentication of Named Entities) that uses DNSSEC to
|
||||
look up CA information for a server TLS certificate. The details
|
||||
of DANE core protocols are still evolving, as are the details of
|
||||
how DANE should be used in the context of SMTP. Postfix implements
|
||||
what appears to be a "rational" subset of the DANE profiles.
|
||||
|
||||
The problem with PKI is that there are literally hundreds of
|
||||
organizations world-wide that can provide a certificate in anyone's
|
||||
name. There have been widely-published incidents in recent history
|
||||
where a certificate authority gave out an inappropriate certificate
|
||||
(e.g., a certificate in the name of Microsoft to someone who did
|
||||
not represent Microsoft), where a CA was compromised (e.g., DigiNotar,
|
||||
Comodo), or where a CA made operational mistakes (e.g., TURKTRUST).
|
||||
Another concern is that a legitimate CA might be coerced to provide
|
||||
a certificate that allows its government to play man-in-the-middle
|
||||
on TLS traffic and observe the plaintext.
|
||||
|
||||
Major changes - postscreen whitelisting
|
||||
---------------------------------------
|
||||
|
||||
[Feature 20130512] Allow an SMTP client to skip postscreen(8) tests
|
||||
based on its postscreen_dnsbl_sites score.
|
||||
|
||||
Specify a negative "postscreen_dnsbl_whitelist_threshold" to enable
|
||||
this feature. When a client passes the threshold value without
|
||||
having failed other tests, all pending or disabled tests are flagged
|
||||
as completed.
|
||||
|
||||
Major changes - recipient_delimiter
|
||||
-----------------------------------
|
||||
|
||||
[Feature 20130405] The recipient_delimiter parameter can now specify
|
||||
a set of characters. A user name is now separated from its address
|
||||
extension by the first character that matches the recipient_delimiter
|
||||
set.
|
||||
|
||||
For example, specify "recipient_delimiter = +-" to support both the
|
||||
Postfix-style "+" and the qmail-style "-" extension delimiter.
|
||||
|
||||
As before, this implementation recognizes one delimiter character
|
||||
per email address, and one address extension per email address.
|
||||
|
||||
Major changes - smtpd access control
|
||||
------------------------------------
|
||||
|
||||
[Feature 20131031] The check_sasl_access feature can be used to
|
||||
block hijacked logins. Like other check_mumble_acces features it
|
||||
queries a lookup table (in this case with the SASL login name), and
|
||||
it supports the same actions as any Postfix access(5) table.
|
||||
|
||||
[Feature 20130924] The reject_known_sender_login_mismatch feature
|
||||
applies reject_sender_login_mismatch only to MAIL FROM addresses
|
||||
that are known in $smtpd_sender_login_maps.
|
||||
|
||||
Major changes - MacOS X
|
||||
-----------------------
|
||||
|
||||
[Feature 20130325] Full support for kqueue() event handling which
|
||||
scales better with large numbers of file handles, plus a workaround
|
||||
for timeout handling on file handles (such as /dev/urandom) that
|
||||
still do not correctly support poll().
|
||||
|
||||
Major changes - master
|
||||
----------------------
|
||||
|
||||
[Incompat 20131217] The master_service_disable parameter value
|
||||
syntax has changed: use "service/type" instead of "service.type".
|
||||
The new form is consistent with postconf(1) namespaces for master.cf.
|
||||
The old form is still supported to avoid breaking existing
|
||||
configurations.
|
||||
|
||||
Major changes - milter
|
||||
----------------------
|
||||
|
||||
[Feature 20131126] Support for ESMTP parameters NOTIFY and ORCPT
|
||||
in the SMFIR_ADDRCPT_PAR (add recipient) request. Credits: Andrew
|
||||
Ayer.
|
||||
|
||||
Major changes - mysql
|
||||
---------------------
|
||||
|
||||
[Feature 20131117] MySQL client support for option_file, option_group,
|
||||
tls_cert_file, tls_key_file, tls_CAfile, tls_CApath, tls_verify_cert.
|
||||
Credits: Gareth Palmer.
|
||||
|
||||
Major changes - postconf
|
||||
------------------------
|
||||
|
||||
[Feature 20131217] Support for advanced master.cf query and update
|
||||
operations. This was implemented primarily to support automated
|
||||
system management tools.
|
||||
|
||||
The goal is to make all Postfix master.cf details accessible as
|
||||
lists of "name=value" pairs, where the names are organized into
|
||||
structured name spaces. This allows other programs to query
|
||||
information or request updates, without having to worry about the
|
||||
exact layout of master.cf files.
|
||||
|
||||
Managing master.cf service attributes
|
||||
-------------------------------------
|
||||
|
||||
First, an example that shows the smtp/inet service in the traditional
|
||||
form:
|
||||
|
||||
$ postconf -M smtp/inet
|
||||
smtp inet n - n - - smtpd
|
||||
|
||||
Different variants of this command show different amounts of output.
|
||||
For example, "postconf -M smtp" enumerates all services that have
|
||||
a name "smtp" and any service type ("inet", "unix", etc.), and
|
||||
"postconf -M" enumerates all master.cf services.
|
||||
|
||||
General rule: each name component that is not present becomes a "*"
|
||||
wildcard.
|
||||
|
||||
Coming back to the above example, the postconf -F option can now
|
||||
enumerate the smtp/inet service fields as follows:
|
||||
|
||||
$ postconf -F smtp/inet
|
||||
smtp/inet/service = smtp
|
||||
smtp/inet/type = inet
|
||||
smtp/inet/private = n
|
||||
smtp/inet/unprivileged = -
|
||||
smtp/inet/chroot = n
|
||||
smtp/inet/wakeup = -
|
||||
smtp/inet/process_limit = -
|
||||
smtp/inet/command = smtpd
|
||||
|
||||
This form makes it very easy to change one field in master.cf.
|
||||
For example to turn on chroot on the smtp/inet service you use:
|
||||
|
||||
$ postconf -F smtp/inet/chroot=y
|
||||
$ postfix reload
|
||||
|
||||
Moreover, with "-F" you can specify "*" for service name or service
|
||||
type to get a wild-card match. For example, to turn off chroot on
|
||||
all Postfix daemons, use this:
|
||||
|
||||
$ postconf -F '*/*/chroot=n'
|
||||
$ postfix reload
|
||||
|
||||
Managing master.cf service "-o parameter=value" settings
|
||||
--------------------------------------------------------
|
||||
|
||||
For a second example, let's look at the submission service. This
|
||||
service typically has multiple "-o parameter=value" overrides. First
|
||||
the traditional view:
|
||||
|
||||
$ postconf -Mf submission
|
||||
submission inet n - n - - smtpd
|
||||
-o smtpd_tls_security_level=encrypt
|
||||
-o smtpd_sasl_auth_enable=yes
|
||||
...
|
||||
|
||||
The postconf -P option can now enumerate these parameters as follows:
|
||||
|
||||
$ postconf -P submission
|
||||
submission/inet/smtpd_sasl_auth_enable = yes
|
||||
submission/inet/smtpd_tls_security_level = encrypt
|
||||
...
|
||||
|
||||
Again, this form makes it very easy to modify one parameter
|
||||
setting. For example, to change the smtpd_tls_security_level setting
|
||||
for the submission/inet service:
|
||||
|
||||
$ postconf -P 'submission/inet/smtpd_tls_security_level=may'
|
||||
|
||||
You can create or remove a parametername=parametervalue setting:
|
||||
|
||||
Create:
|
||||
$ postconf -P 'submission/inet/parametername=parametervalue'
|
||||
|
||||
Remove:
|
||||
$ postconf -PX submission/inet/parametername
|
||||
|
||||
Finally, always execute "postfix reload" after updating master.cf.
|
||||
|
||||
Managing master.cf service entries
|
||||
----------------------------------
|
||||
|
||||
Finally, adding master.cf entries is possible, but currently this
|
||||
does not yet have "advanced" support. It can only be done at the
|
||||
level of the traditional master.cf file format.
|
||||
|
||||
Suppose that you need to configure a Postfix SMTP client that will
|
||||
handle slow email deliveries. To implement this you need to clone
|
||||
the smtp/unix service settings and create a new delay/unix service.
|
||||
|
||||
First, you would enumerate the smtp/unix service like this:
|
||||
|
||||
$ postconf -M smtp/unix
|
||||
smtp unix - - n - - smtp
|
||||
|
||||
Then you would copy those fields (except the first field) by hand
|
||||
to create the delay/unix service:
|
||||
|
||||
$ postconf -M delay/unix="delay unix - - n - - smtp"
|
||||
|
||||
To combine the above steps in one command:
|
||||
|
||||
$ postconf -M delay/unix="`postconf -M smtp/unix|awk '{$1 = "delay"}'`"
|
||||
|
||||
This is perhaps not super-convenient for manual cloning, but it
|
||||
should be sufficient for programmatic configuration management.
|
||||
|
||||
Again, always execute "postfix reload" after updating master.cf.
|
||||
|
||||
Deleting or commenting out master.cf entries
|
||||
--------------------------------------------
|
||||
|
||||
The -X (delete entry) and -# (comment out entry) options already
|
||||
exist for main.cf, and they now also work work for entire master.cf
|
||||
entries:
|
||||
|
||||
Remove main.cf or master.cf entry:
|
||||
$ postconf -X parametername
|
||||
$ postconf -MX delay/unix
|
||||
|
||||
Comment out main.cf or master.cf entry:
|
||||
$ postconf -# parametername
|
||||
$ postconf -M# delay/unix
|
||||
|
||||
As with main.cf, there is no support to "undo" master.cf changes
|
||||
that are made with -X or -#.
|
||||
|
||||
Again, always execute "postfix reload" after updating master.cf.
|
@ -1,13 +1,22 @@
|
||||
Wish list:
|
||||
|
||||
Things to do before the stable release:
|
||||
|
||||
Spell-check, double-word check, and HTML validator check.
|
||||
|
||||
Remove this file from the stable release.
|
||||
|
||||
Things to do after the stable release:
|
||||
|
||||
Discourage the use of "after 220" tests in POSTSCREEN_README
|
||||
and the documentation of individual parameter settings.
|
||||
|
||||
To un-break "make tests" under src/smtpd, make tests
|
||||
independent from the DNS and native routines for host
|
||||
name/address lookup.
|
||||
|
||||
Incorporate 3rd-party code such as dynamic_maps.
|
||||
|
||||
Support 3rd-party extension with /etc/postfix/postfix-files.d
|
||||
|
||||
Make been_here flag BH_FLAG_FOLD configurable for masochists.
|
||||
|
||||
Replace some redundant TLS_README sections with pointers
|
||||
@ -15,24 +24,18 @@ Wish list:
|
||||
|
||||
Move html/index.html source to proto/.
|
||||
|
||||
How hard is it to follow canonical or virtual mapping
|
||||
for the purpose of address validation? We must never
|
||||
reject a valid address.
|
||||
|
||||
Preserve case in smtpd_resolve_addr() and add a structure
|
||||
member for the case-folded address.
|
||||
member for the case-folded address. IIRC some Milter macro
|
||||
needs to show the unfolded address.
|
||||
|
||||
Per SASL account rate limits. This requires new infrastructure
|
||||
that maintains stats by SASL account.
|
||||
|
||||
Watchdog timer to postmap/postalias.
|
||||
|
||||
Things to do before the stable release:
|
||||
|
||||
Spell-check, double-word check, and HTML validator check.
|
||||
|
||||
Discourage the use of "after 220" tests in POSTSCREEN_README
|
||||
and the documentation of individual parameter settings.
|
||||
|
||||
Remove this file from the stable release.
|
||||
|
||||
Things to do after the stable release:
|
||||
Watchdog timer in postmap/postalias.
|
||||
|
||||
Begin code revision, after DANE support stabilizes. This
|
||||
should be one pass that changes only names and no code.
|
||||
|
@ -17,6 +17,13 @@
|
||||
|
||||
<hr>
|
||||
|
||||
<h2>Note</h2>
|
||||
|
||||
<p> LMDB is not supported in the stable Postfix release. It will
|
||||
spontaneously terminate a Postfix daemon process without allowing
|
||||
Postfix to 1) report the problem to the maillog file, and to 2)
|
||||
provide reduced service where this is appropriate. </p>
|
||||
|
||||
<h2>Introduction</h2>
|
||||
|
||||
<p> Postfix uses databases of various kinds to store and look up
|
||||
@ -294,7 +301,7 @@ sure that <a href="postconf.5.html#lmdb_map_size">lmdb_map_size</a> > 3x the
|
||||
|
||||
<dl>
|
||||
|
||||
<dt> Problem: </dt> <dd> <p> A corrupted LMDB database cann't be
|
||||
<dt> Problem: </dt> <dd> <p> A corrupted LMDB database can't be
|
||||
rebuilt simply by re-running <a href="postmap.1.html">postmap(1)</a> or <a href="postalias.1.html">postalias(1)</a>, or by
|
||||
waiting until a <a href="tlsmgr.8.html">tlsmgr(8)</a> daemon restarts. This problem does not
|
||||
exist with other Postfix databases. </p> </dd>
|
||||
|
@ -1071,7 +1071,8 @@ of the following options: </p>
|
||||
key_format = postscreen:%s
|
||||
</pre>
|
||||
|
||||
<li> <p> A persistent <a href="lmdb_table.5.html">lmdb</a>: temporary whitelist can be shared between
|
||||
<li> <p>
|
||||
A persistent <a href="lmdb_table.5.html">lmdb</a>: temporary whitelist can be shared between
|
||||
<a href="postscreen.8.html">postscreen(8)</a> daemons that run under the same <a href="master.8.html">master(8)</a> daemon,
|
||||
or under different <a href="master.8.html">master(8)</a> daemons on the same host. Disable
|
||||
cache cleanup (<a href="postconf.5.html#postscreen_cache_cleanup_interval">postscreen_cache_cleanup_interval</a> = 0) in all
|
||||
|
@ -20,38 +20,43 @@ LMDB_TABLE(5) LMDB_TABLE(5)
|
||||
<b>postmap -q - <a href="lmdb_table.5.html">lmdb</a>:/etc/postfix/</b><i>filename</i> <<i>inputfile</i>
|
||||
|
||||
<b>DESCRIPTION</b>
|
||||
The Postfix LMDB adapter provides access to a persistent, memory-
|
||||
LMDB is not supported in the stable Postfix release. It will sponta-
|
||||
neously terminate a Postfix daemon process without allowing Postfix to
|
||||
1) report the problem to the maillog file, and to 2) provide reduced
|
||||
service where this is appropriate.
|
||||
|
||||
The Postfix LMDB adapter provides access to a persistent, memory-
|
||||
mapped, key-value store. The database size is limited only by the size
|
||||
of the memory address space and file system.
|
||||
|
||||
<b>REQUESTS</b>
|
||||
The LMDB adapter supports all Postfix lookup table operations. This
|
||||
makes LMDB suitable for Postfix address rewriting, routing, access
|
||||
policies, caches, or any information that can be stored under a fixed
|
||||
The LMDB adapter supports all Postfix lookup table operations. This
|
||||
makes LMDB suitable for Postfix address rewriting, routing, access
|
||||
policies, caches, or any information that can be stored under a fixed
|
||||
lookup key.
|
||||
|
||||
When a transaction fails due to a full database, Postfix resizes the
|
||||
When a transaction fails due to a full database, Postfix resizes the
|
||||
database and retries the transaction.
|
||||
|
||||
Postfix access, address mapping and routing table lookups may generate
|
||||
partial search keys such as domain names without one or more subdo-
|
||||
mains, network addresses without one or more least-significant octets,
|
||||
or email addresses without the localpart, address extension or domain
|
||||
portion. This behavior is also found with <a href="DATABASE_README.html#types">btree</a>:, <a href="DATABASE_README.html#types">hash</a>:, or <a href="ldap_table.5.html">ldap</a>:
|
||||
Postfix access, address mapping and routing table lookups may generate
|
||||
partial search keys such as domain names without one or more subdo-
|
||||
mains, network addresses without one or more least-significant octets,
|
||||
or email addresses without the localpart, address extension or domain
|
||||
portion. This behavior is also found with <a href="DATABASE_README.html#types">btree</a>:, <a href="DATABASE_README.html#types">hash</a>:, or <a href="ldap_table.5.html">ldap</a>:
|
||||
tables.
|
||||
|
||||
Unlike other flat-file based Postfix databases, changes to an LMDB
|
||||
Unlike other flat-file based Postfix databases, changes to an LMDB
|
||||
database do not trigger automatic daemon program restart.
|
||||
|
||||
<b>RELIABILITY</b>
|
||||
LMDB's copy-on-write architecture achieves reliable updates, at the
|
||||
cost of using more space than some other flat-file databases. Read
|
||||
operations are memory-mapped for speed. Write operations are not mem-
|
||||
LMDB's copy-on-write architecture achieves reliable updates, at the
|
||||
cost of using more space than some other flat-file databases. Read
|
||||
operations are memory-mapped for speed. Write operations are not mem-
|
||||
ory-mapped to avoid silent curruption due stray pointer bugs.
|
||||
|
||||
The Postfix LMDB adapter implements locking with fcntl(2) locks at
|
||||
whole-file granularity. LMDB's native locking scheme would require
|
||||
world-writable lockfiles and would therefore violate the Postfix secu-
|
||||
The Postfix LMDB adapter implements locking with fcntl(2) locks at
|
||||
whole-file granularity. LMDB's native locking scheme would require
|
||||
world-writable lockfiles and would therefore violate the Postfix secu-
|
||||
rity model.
|
||||
|
||||
Multiple processes can safely update an LMDB database without serializ-
|
||||
@ -59,8 +64,8 @@ LMDB_TABLE(5) LMDB_TABLE(5)
|
||||
as a shared cache for <a href="verify.8.html">verify(8)</a> or <a href="postscreen.8.html">postscreen(8)</a> services.
|
||||
|
||||
<b>CONFIGURATION PARAMETERS</b>
|
||||
Short-lived programs automatically pick up changes to <a href="postconf.5.html">main.cf</a>. With
|
||||
long-running daemon programs, Use the command "<b>postfix reload</b>" after a
|
||||
Short-lived programs automatically pick up changes to <a href="postconf.5.html">main.cf</a>. With
|
||||
long-running daemon programs, Use the command "<b>postfix reload</b>" after a
|
||||
configuration change.
|
||||
|
||||
<b><a href="postconf.5.html#lmdb_map_size">lmdb_map_size</a> (default: 16777216)</b>
|
||||
|
@ -5888,7 +5888,7 @@ Examples:
|
||||
|
||||
<p> Selectively disable <a href="master.8.html">master(8)</a> listener ports by service type
|
||||
or by service name and type. Specify a list of service types
|
||||
("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
|
||||
("inet", "unix", "fifo", or "pass") or "name/type" tuples, where
|
||||
"name" is the first field of a <a href="master.5.html">master.cf</a> entry and "type" is a
|
||||
service type. As with other Postfix matchlists, a search stops at
|
||||
the first match. Specify "!pattern" to exclude a service from the
|
||||
@ -5901,14 +5901,15 @@ is intentional. </p>
|
||||
<p> Examples: </p>
|
||||
|
||||
<pre>
|
||||
# With Postfix 2.6..2.10 use '.' instead of '/'.
|
||||
# Turn on all <a href="master.8.html">master(8)</a> listener ports (the default).
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> =
|
||||
# Turn off only the main SMTP listener port.
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> = smtp.inet
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> = smtp/inet
|
||||
# Turn off all TCP/IP listener ports.
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> = inet
|
||||
# Turn off all TCP/IP listener ports except "foo".
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> = !foo.inet, inet
|
||||
<a href="postconf.5.html#master_service_disable">master_service_disable</a> = !foo/inet, inet
|
||||
</pre>
|
||||
|
||||
<p> This feature is available in Postfix 2.6 and later. </p>
|
||||
|
@ -22,6 +22,12 @@ Postfix LMDB adapter
|
||||
.SH DESCRIPTION
|
||||
.ad
|
||||
.fi
|
||||
LMDB is not supported in the stable Postfix release. It
|
||||
will spontaneously terminate a Postfix daemon process without
|
||||
allowing Postfix to 1) report the problem to the maillog
|
||||
file, and to 2) provide reduced service where this is
|
||||
appropriate.
|
||||
|
||||
The Postfix LMDB adapter provides access to a persistent,
|
||||
memory-mapped, key-value store. The database size is limited
|
||||
only by the size of the memory address space and file system.
|
||||
|
@ -3430,7 +3430,7 @@ masquerade_exceptions = root
|
||||
.SH master_service_disable (default: empty)
|
||||
Selectively disable \fBmaster\fR(8) listener ports by service type
|
||||
or by service name and type. Specify a list of service types
|
||||
("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
|
||||
("inet", "unix", "fifo", or "pass") or "name/type" tuples, where
|
||||
"name" is the first field of a master.cf entry and "type" is a
|
||||
service type. As with other Postfix matchlists, a search stops at
|
||||
the first match. Specify "!pattern" to exclude a service from the
|
||||
@ -3445,14 +3445,15 @@ Examples:
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
# With Postfix 2.6..2.10 use '.' instead of '/'.
|
||||
# Turn on all \fBmaster\fR(8) listener ports (the default).
|
||||
master_service_disable =
|
||||
# Turn off only the main SMTP listener port.
|
||||
master_service_disable = smtp.inet
|
||||
master_service_disable = smtp/inet
|
||||
# Turn off all TCP/IP listener ports.
|
||||
master_service_disable = inet
|
||||
# Turn off all TCP/IP listener ports except "foo".
|
||||
master_service_disable = !foo.inet, inet
|
||||
master_service_disable = !foo/inet, inet
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
|
@ -17,6 +17,13 @@
|
||||
|
||||
<hr>
|
||||
|
||||
<h2>Note</h2>
|
||||
|
||||
<p> LMDB is not supported in the stable Postfix release. It will
|
||||
spontaneously terminate a Postfix daemon process without allowing
|
||||
Postfix to 1) report the problem to the maillog file, and to 2)
|
||||
provide reduced service where this is appropriate. </p>
|
||||
|
||||
<h2>Introduction</h2>
|
||||
|
||||
<p> Postfix uses databases of various kinds to store and look up
|
||||
@ -294,7 +301,7 @@ tlsmgr(8) from a corrupted database. </strong></p>
|
||||
|
||||
<dl>
|
||||
|
||||
<dt> Problem: </dt> <dd> <p> A corrupted LMDB database cann't be
|
||||
<dt> Problem: </dt> <dd> <p> A corrupted LMDB database can't be
|
||||
rebuilt simply by re-running postmap(1) or postalias(1), or by
|
||||
waiting until a tlsmgr(8) daemon restarts. This problem does not
|
||||
exist with other Postfix databases. </p> </dd>
|
||||
|
@ -1071,7 +1071,8 @@ of the following options: </p>
|
||||
key_format = postscreen:%s
|
||||
</pre>
|
||||
|
||||
<li> <p> A persistent lmdb: temporary whitelist can be shared between
|
||||
<li> <p>
|
||||
A persistent lmdb: temporary whitelist can be shared between
|
||||
postscreen(8) daemons that run under the same master(8) daemon,
|
||||
or under different master(8) daemons on the same host. Disable
|
||||
cache cleanup (postscreen_cache_cleanup_interval = 0) in all
|
||||
|
@ -16,6 +16,12 @@
|
||||
# .br
|
||||
# \fBpostmap -q - lmdb:/etc/postfix/\fIfilename\fB <\fIinputfile\fR
|
||||
# DESCRIPTION
|
||||
# LMDB is not supported in the stable Postfix release. It
|
||||
# will spontaneously terminate a Postfix daemon process without
|
||||
# allowing Postfix to 1) report the problem to the maillog
|
||||
# file, and to 2) provide reduced service where this is
|
||||
# appropriate.
|
||||
#
|
||||
# The Postfix LMDB adapter provides access to a persistent,
|
||||
# memory-mapped, key-value store. The database size is limited
|
||||
# only by the size of the memory address space and file system.
|
||||
|
@ -13020,7 +13020,7 @@ This service is normally implemented by the proxymap(8) daemon.
|
||||
|
||||
<p> Selectively disable master(8) listener ports by service type
|
||||
or by service name and type. Specify a list of service types
|
||||
("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
|
||||
("inet", "unix", "fifo", or "pass") or "name/type" tuples, where
|
||||
"name" is the first field of a master.cf entry and "type" is a
|
||||
service type. As with other Postfix matchlists, a search stops at
|
||||
the first match. Specify "!pattern" to exclude a service from the
|
||||
@ -13033,14 +13033,15 @@ is intentional. </p>
|
||||
<p> Examples: </p>
|
||||
|
||||
<pre>
|
||||
# With Postfix 2.6..2.10 use '.' instead of '/'.
|
||||
# Turn on all master(8) listener ports (the default).
|
||||
master_service_disable =
|
||||
# Turn off only the main SMTP listener port.
|
||||
master_service_disable = smtp.inet
|
||||
master_service_disable = smtp/inet
|
||||
# Turn off all TCP/IP listener ports.
|
||||
master_service_disable = inet
|
||||
# Turn off all TCP/IP listener ports except "foo".
|
||||
master_service_disable = !foo.inet, inet
|
||||
master_service_disable = !foo/inet, inet
|
||||
</pre>
|
||||
|
||||
<p> This feature is available in Postfix 2.6 and later. </p>
|
||||
|
@ -20,8 +20,8 @@
|
||||
* Patches change both the patchlevel and the release date. Snapshots have no
|
||||
* patchlevel; they change the release date only.
|
||||
*/
|
||||
#define MAIL_RELEASE_DATE "20140104"
|
||||
#define MAIL_VERSION_NUMBER "2.11"
|
||||
#define MAIL_RELEASE_DATE "20140105"
|
||||
#define MAIL_VERSION_NUMBER "2.12"
|
||||
|
||||
#ifdef SNAPSHOT
|
||||
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
|
||||
|
19
postfix/src/util/lmdb_cache_test.sh
Normal file
19
postfix/src/util/lmdb_cache_test.sh
Normal file
@ -0,0 +1,19 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
rm -f foo.lmdb
|
||||
|
||||
./dict_cache <<EOF
|
||||
cache lmdb:foo
|
||||
update x ${1-2000}
|
||||
run
|
||||
update y ${1-2000}
|
||||
purge x
|
||||
run
|
||||
purge y
|
||||
run
|
||||
EOF
|
||||
|
||||
../../bin/postmap -s lmdb:foo | diff /dev/null -
|
||||
rm -f foo.lmdb
|
@ -288,6 +288,7 @@ static void slmdb_cursor_close(SLMDB *slmdb)
|
||||
static void slmdb_saved_key_init(SLMDB *slmdb)
|
||||
{
|
||||
slmdb->saved_key.mv_data = 0;
|
||||
slmdb->saved_key.mv_size = 0;
|
||||
slmdb->saved_key_size = 0;
|
||||
}
|
||||
|
||||
@ -296,8 +297,7 @@ static void slmdb_saved_key_init(SLMDB *slmdb)
|
||||
static void slmdb_saved_key_free(SLMDB *slmdb)
|
||||
{
|
||||
free(slmdb->saved_key.mv_data);
|
||||
slmdb->saved_key.mv_data = 0;
|
||||
slmdb->saved_key_size = 0;
|
||||
slmdb_saved_key_init(slmdb);
|
||||
}
|
||||
|
||||
#define HAVE_SLMDB_SAVED_KEY(s) ((s)->saved_key.mv_data != 0)
|
||||
@ -318,7 +318,7 @@ static int slmdb_saved_key_assign(SLMDB *slmdb, MDB_val *key_val)
|
||||
slmdb->saved_key.mv_data =
|
||||
realloc(slmdb->saved_key.mv_data, key_val->mv_size);
|
||||
if (slmdb->saved_key.mv_data == 0) {
|
||||
slmdb->saved_key_size = 0;
|
||||
slmdb_saved_key_init(slmdb);
|
||||
return (ENOMEM);
|
||||
} else {
|
||||
slmdb->saved_key_size = key_val->mv_size;
|
||||
@ -374,7 +374,7 @@ static int slmdb_recover(SLMDB *slmdb, int status)
|
||||
|
||||
/*
|
||||
* Close the cursor and its read transaction before changing the memory
|
||||
* map size. We can restore it later with the saved key information.
|
||||
* map size. We can restore it later from the saved key information.
|
||||
*/
|
||||
if (slmdb->cursor != 0)
|
||||
slmdb_cursor_close(slmdb);
|
||||
@ -588,7 +588,7 @@ int slmdb_del(SLMDB *slmdb, MDB_val *mdb_key)
|
||||
|
||||
/*
|
||||
* Before doing a non-bulk write transaction in MDB_NOLOCK mode, close a
|
||||
* cursor and its read transaction. We can restore it later with the
|
||||
* cursor and its read transaction. We can restore it later from the
|
||||
* saved key information.
|
||||
*/
|
||||
if (slmdb->cursor != 0 && slmdb->txn == 0
|
||||
@ -639,7 +639,7 @@ int slmdb_cursor_get(SLMDB *slmdb, MDB_val *mdb_key,
|
||||
}
|
||||
|
||||
/*
|
||||
* Restore the cursor to the saved key position.
|
||||
* Restore the cursor position from the saved key information.
|
||||
*/
|
||||
if (HAVE_SLMDB_SAVED_KEY(slmdb) && op != MDB_FIRST) {
|
||||
if ((status = mdb_cursor_get(slmdb->cursor, &slmdb->saved_key,
|
||||
@ -740,7 +740,7 @@ int slmdb_close(SLMDB *slmdb)
|
||||
mdb_env_close(slmdb->env);
|
||||
|
||||
/*
|
||||
* Clean up the saved key position.
|
||||
* Clean up the saved key information.
|
||||
*/
|
||||
if (HAVE_SLMDB_SAVED_KEY(slmdb))
|
||||
slmdb_saved_key_free(slmdb);
|
||||
|
Loading…
x
Reference in New Issue
Block a user