diff --git a/postfix/HISTORY b/postfix/HISTORY
index d2844ae3b..6f3dd54ae 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -22339,3 +22339,31 @@ Apologies for any names omitted.
Cleanup: made parsing of '!' operators in regexp and pcre
tables consistent with cidr tables. Files: util/dict_regexp.c,
util/dict_pcre.c.
+
+20160605
+
+ Cleanup: integer wrap-around detection in the MySQL and
+ PostgreSQL clients. This is totally non-critical because
+ Postfix strings are size-limited by design. Files:
+ global/dict_mysqql.c, global/dict_pgsql.c.
+
+20160607
+
+ Documentation: dnsblog.
+
+20160609
+
+ Documentation: postsuper(1) manpage text for multiple -[dhH]
+ options. File: postsuper/postsuper.c.
+
+20160611
+
+ Cleanup: Postfix SMTP server local IP address and port
+ attributes in the policy delegation protocol (attribute
+ names: server_address, server_port), in the Milter protocol
+ (macro names: {daemon_addr}, {daemon_port}) and in the
+ XCLIENT protocol (attribute names: DESTADDR, DESTPORT).
+ Files: proto/MILTER_README.html, proto/SMTPD_POLICY_README.html,
+ cleanup/cleanup.h, cleanup/cleanup_milter.c, global/mail_proto.h,
+ milter/milter.h, smtpd/smtpd.c, smtpd/smtpd.h, smtpd/smtpd_check.c,
+ smtpd/smtpd_haproxy.c, smtpd/smtpd_milter.c, smtpd/smtpd_peer.c.
diff --git a/postfix/README_FILES/MILTER_README b/postfix/README_FILES/MILTER_README
index 730aa5b00..e56a7d5ea 100644
--- a/postfix/README_FILES/MILTER_README
+++ b/postfix/README_FILES/MILTER_README
@@ -375,7 +375,7 @@ Sendmail. See the workarounds section below for solutions.
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
|{auth_type} |MAIL, DATA, EOH, EOM |SASL login method |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
- |{client_addr} |Always |Client IP address |
+ |{client_addr} |Always |Remote client IP address |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
| | |Connection concurrency for|
| | |this client (zero if the |
@@ -383,13 +383,13 @@ Sendmail. See the workarounds section below for solutions.
| | |all smtpd_client_* |
| | |limits). |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
- | | |Client hostname |
+ | | |Remote client hostname |
| | |When address -> name |
|{client_name} |Always |lookup or name -> address |
| | |verification fails: |
| | |"unknown" |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
- |{client_port} |Always (Postfix >=2.5) |Client TCP port |
+ |{client_port} |Always (Postfix >=2.5) |Remote client TCP port |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
| | |Client name from address -|
|{client_ptr} |CONNECT, HELO, MAIL, DATA|> name lookup |
@@ -408,9 +408,13 @@ Sendmail. See the workarounds section below for solutions.
|{cipher} |HELO, MAIL, DATA, EOH, |TLS cipher |
| |EOM | |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
+ |{daemon_addr} |Always (Postfix >=3.2) |Local server IP address |
+ |_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
|{daemon_name} |Always |value of |
| | |milter_macro_daemon_name |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
+ |{daemon_port} |Always (Postfix >=3.2) |Local server TCP port |
+ |_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
|{mail_addr} |MAIL |Sender address |
|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _�|_� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� _� |
|{mail_host} |MAIL (Postfix >= 2.6, |Sender next-hop |
@@ -499,8 +503,8 @@ W�Wo�or�rk�ka�ar�ro�ou�un�nd�ds�s
-o smtp_generic_maps=
* Some Milter applications use the "{if_addr}" macro to recognize local mail;
- this macro does not exist in Postfix. Workaround: use the "{client_addr}"
- macro instead.
+ this macro does not exist in Postfix. Workaround: use the "{daemon_addr}"
+ (Postfix >= 3.2) or "{client_addr}" macro instead.
* Some Milter applications log a warning that looks like this:
diff --git a/postfix/README_FILES/POSTSCREEN_README b/postfix/README_FILES/POSTSCREEN_README
index e8d56621d..0931ba3ce 100644
--- a/postfix/README_FILES/POSTSCREEN_README
+++ b/postfix/README_FILES/POSTSCREEN_README
@@ -67,11 +67,11 @@ get worse before things improve, if ever. Without a tool like postscreen(8)
that keeps the zombies away, Postfix would be spending most of its resources
not receiving email.
-The main challenge for postscreen(8) is to make an is-it-a-zombie decision
-based on a single measurement. This is necessary because many zombies try to
-fly under the radar and avoid spamming the same site repeatedly. Once
-postscreen(8) decides that a client is not-a-zombie, it whitelists the client
-temporarily to avoid further delays for legitimate mail.
+The main challenge for postscreen(8) is to make an is-a-zombie decision based
+on a single measurement. This is necessary because many zombies try to fly
+under the radar and avoid spamming the same site repeatedly. Once postscreen(8)
+decides that a client is not-a-zombie, it whitelists the client temporarily to
+avoid further delays for legitimate mail.
Zombies have challenges too: they have only a limited amount of time to deliver
spam before their IP address becomes blacklisted. To speed up spam deliveries,
@@ -82,14 +82,14 @@ continue sending mail even when the server tells them to go away.
postscreen(8) uses a variety of measurements to recognize zombies. First,
postscreen(8) determines if the remote SMTP client IP address is blacklisted.
Second, postscreen(8) looks for protocol compromises that are made to speed up
-delivery. These are good indicators for making is-it-a-zombie decisions based
-on single measurements.
+delivery. These are good indicators for making is-a-zombie decisions based on
+single measurements.
postscreen(8) does not inspect message content. Message content can vary from
one delivery to the next, especially with clients that (also) send legitimate
-email. Content is not a good indicator for making is-it-a-zombie decisions
-based on single measurements, and that is the problem that postscreen(8) is
-focused on.
+email. Content is not a good indicator for making is-a-zombie decisions based
+on single measurements, and that is the problem that postscreen(8) is focused
+on.
G�Ge�en�ne�er�ra�al�l o�op�pe�er�ra�at�ti�io�on�n
@@ -767,7 +767,7 @@ By default, the temporary whitelist is not shared between multiple postscreen
* A non-persistent memcache: temporary whitelist can be shared between
postscreen(8) daemons on the same host or different hosts. Disable cache
cleanup (postscreen_cache_cleanup_interval = 0) in all postscreen(8)
- daemons because memcache: does not implement this (but see example 4 below
+ daemons because memcache: has no first-next API (but see example 4 below
for memcache: with persistent backup). This requires Postfix 2.9 or later.
# Example 1: non-persistent memcache: whitelist.
diff --git a/postfix/README_FILES/SMTPD_POLICY_README b/postfix/README_FILES/SMTPD_POLICY_README
index 51c1df2c4..2458776de 100644
--- a/postfix/README_FILES/SMTPD_POLICY_README
+++ b/postfix/README_FILES/SMTPD_POLICY_README
@@ -78,6 +78,9 @@ a delegated SMTPD access policy request:
client_port=1234
P�Po�os�st�tf�fi�ix�x v�ve�er�rs�si�io�on�n 3�3.�.1�1 a�an�nd�d l�la�at�te�er�r:�:
policy_context=submission
+ P�Po�os�st�tf�fi�ix�x v�ve�er�rs�si�io�on�n 3�3.�.2�2 a�an�nd�d l�la�at�te�er�r:�:
+ server_address=10.3.2.1
+ server_port=54321
[empty line]
Notes:
@@ -103,8 +106,11 @@ Notes:
the "DATA" and "END-OF-MESSAGE" stages. It specifies the number of
recipients that Postfix accepted for the current message.
- * The client address is an IPv4 dotted quad in the form 1.2.3.4 or it is an
- IPv6 address in the form 1:2:3::4:5:6.
+ * The remote client or local server IP address is an IPv4 dotted quad in the
+ form 1.2.3.4 or it is an IPv6 address in the form 1:2:3::4:5:6.
+
+ * The remote client or local server port is a decimal number in the range 0-
+ 65535.
* For a discussion of the differences between reverse and verified
client_name information, see the reject_unknown_client_hostname discussion
diff --git a/postfix/README_FILES/XCLIENT_README b/postfix/README_FILES/XCLIENT_README
index ecee27b5e..439dd4aa7 100644
--- a/postfix/README_FILES/XCLIENT_README
+++ b/postfix/README_FILES/XCLIENT_README
@@ -56,20 +56,29 @@ are in fact case insensitive.
* Attribute values are xtext encoded as per RFC 1891.
- * The NAME attribute specifies an SMTP client hostname (not an SMTP client
- address), [UNAVAILABLE] when client hostname lookup failed due to a
+ * The NAME attribute specifies a remote SMTP client hostname (not an SMTP
+ client address), [UNAVAILABLE] when client hostname lookup failed due to a
permanent error, or [TEMPUNAVAIL] when the lookup error condition was
transient.
- * The ADDR attribute specifies an SMTP client numerical IPv4 network address,
- an IPv6 address prefixed with IPV6:, or [UNAVAILABLE] when the address
- information is unavailable. Address information is not enclosed with [].
+ * The ADDR attribute specifies a remote SMTP client numerical IPv4 network
+ address, an IPv6 address prefixed with IPV6:, or [UNAVAILABLE] when the
+ address information is unavailable. Address information is not enclosed
+ with [].
- * The PORT attribute specifies the SMTP client TCP port number as a decimal
- number, or [UNAVAILABLE] when the information is unavailable.
+ * The PORT attribute specifies a remote SMTP client TCP port number as a
+ decimal number, or [UNAVAILABLE] when the information is unavailable.
* The PROTO attribute specifies either SMTP or ESMTP.
+ * The DESTADDR attribute specifies a local SMTP server numerical IPv4 network
+ address, an IPv6 address prefixed with IPV6:, or [UNAVAILABLE] when the
+ address information is unavailable. Address information is not enclosed
+ with [].
+
+ * The DESTPORT attribute specifies a local SMTP server TCP port number as a
+ decimal number, or [UNAVAILABLE] when the information is unavailable.
+
* The HELO attribute specifies an SMTP HELO parameter value, or the value
[UNAVAILABLE] when the information is unavailable.
diff --git a/postfix/WISHLIST b/postfix/WISHLIST
index cf2f0de82..488e361a1 100644
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@@ -6,10 +6,25 @@ Wish list:
Disable -DSNAPSHOT and -DNONPROD in makedefs.
+ Propagate SMTPD_PEER_CODE_XXX from smtpd(8) to cleanup(8),
+ so that {client_resolve} and {_} produce consistent results.
+
Modeline support in config files to enable/disable trailing
#comment, and to give hints about how to handle an LHS or
RHS.
+ The cleanup daemon searches canonical_maps and virtual_alias_maps
+ with quoted address forms. The address local part should
+ be in unquoted form before it is split into name and
+ extension. Note, however, that although quoting is done
+ over the entire localpart, unquoting is not simply a matter
+ of removing the outer quotes. The fix will require careful
+ consideration of the responsibilities of mail_addr_map(),
+ mail_addr_find(), and mail_addr_crunch(), and making sure
+ that the callers can handle quoted results. For example,
+ sender_bcc_maps and recipient_bcc_maps invoke mail_addr_find()
+ with unquoted forms and expects an unquoted result, and so on.
+
Maintainability: replace lengthy libmilter-API argument lists
with named parameters, as with the libtls API.
diff --git a/postfix/html/MILTER_README.html b/postfix/html/MILTER_README.html
index 7494e592b..ee46ad452 100644
--- a/postfix/html/MILTER_README.html
+++ b/postfix/html/MILTER_README.html
@@ -601,19 +601,19 @@ sender
| {auth_type} | MAIL, DATA, EOH, EOM | SASL
login method |
- | {client_addr} | Always | Client IP
-address |
+ | {client_addr} | Always | Remote client
+IP address |
| {client_connections} | CONNECT |
Connection concurrency for this client (zero if the client is
excluded from all smtpd_client_* limits). |
- | {client_name} | Always | Client hostname
-
When address → name lookup or name → address
+ |
| {client_name} | Always | Remote client
+hostname
When address → name lookup or name → address
verification fails: "unknown" |
| {client_port} | Always (Postfix ≥2.5) |
- Client TCP port |
+ Remote client TCP port |
| {client_ptr} | CONNECT, HELO, MAIL, DATA |
Client name from address → name lookup
When address
@@ -631,9 +631,15 @@ TLS session key size |
| {cipher} | HELO, MAIL, DATA, EOH, EOM | TLS
cipher |
+ | {daemon_addr} | Always (Postfix ≥3.2) |
+ Local server IP address |
+
| {daemon_name} | Always | value of
milter_macro_daemon_name |
+ | {daemon_port} | Always (Postfix ≥3.2) |
+ Local server TCP port |
+
| {mail_addr} | MAIL | Sender address
|
@@ -748,7 +754,8 @@ example.
Some Milter applications use the "{if_addr}" macro
to recognize local mail; this macro does not exist in Postfix.
-Workaround: use the "{client_addr}" macro instead.
+Workaround: use the "{daemon_addr}" (Postfix &ge 3.2) or
+"{client_addr}" macro instead.
Some Milter applications log a warning that looks like
this:
diff --git a/postfix/html/POSTSCREEN_README.html b/postfix/html/POSTSCREEN_README.html
index 81c432d7b..d326fcf19 100644
--- a/postfix/html/POSTSCREEN_README.html
+++ b/postfix/html/POSTSCREEN_README.html
@@ -106,7 +106,7 @@ problem will get worse before things improve, if ever. Without a
tool like postscreen(8) that keeps the zombies away, Postfix would be
spending most of its resources not receiving email.
- The main challenge for postscreen(8) is to make an is-it-a-zombie
+
The main challenge for postscreen(8) is to make an is-a-zombie
decision based on a single measurement. This is necessary because
many zombies try to fly under the radar and avoid spamming the same
site repeatedly. Once postscreen(8) decides that a client is
@@ -124,13 +124,13 @@ mail even when the server tells them to go away.
zombies. First, postscreen(8) determines if the remote SMTP client
IP address is blacklisted. Second, postscreen(8) looks for protocol
compromises that are made to speed up delivery. These are good
-indicators for making is-it-a-zombie decisions based on single
+indicators for making is-a-zombie decisions based on single
measurements.
postscreen(8) does not inspect message content. Message content
can vary from one delivery to the next, especially with clients
that (also) send legitimate email. Content is not a good indicator
-for making is-it-a-zombie decisions based on single measurements,
+for making is-a-zombie decisions based on single measurements,
and that is the problem that postscreen(8) is focused on.
@@ -1072,8 +1072,8 @@ of the following options:
A non-persistent memcache: temporary whitelist can be shared
between postscreen(8) daemons on the same host or different
hosts. Disable cache cleanup (postscreen_cache_cleanup_interval
- = 0) in all postscreen(8) daemons because memcache: does not
- implement this (but see example 4 below for memcache: with
+ = 0) in all postscreen(8) daemons because memcache: has no
+ first-next API (but see example 4 below for memcache: with
persistent backup). This requires Postfix 2.9 or later.
diff --git a/postfix/html/SMTPD_POLICY_README.html b/postfix/html/SMTPD_POLICY_README.html
index 81885fa22..b5893a0eb 100644
--- a/postfix/html/SMTPD_POLICY_README.html
+++ b/postfix/html/SMTPD_POLICY_README.html
@@ -110,6 +110,9 @@ ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
client_port=1234
Postfix version 3.1 and later:
policy_context=submission
+Postfix version 3.2 and later:
+server_address=10.3.2.1
+server_port=54321
[empty line]
@@ -144,9 +147,12 @@ policy_context=submission
specifies the number of recipients that Postfix accepted for
the current message.
- The client address is an IPv4 dotted quad in the form
- 1.2.3.4 or it is an IPv6 address in the form 1:2:3::4:5:6.
-
+ The remote client or local server IP address is an
+ IPv4 dotted quad in the form 1.2.3.4 or it is an IPv6 address
+ in the form 1:2:3::4:5:6.
+
+ The remote client or local server port is a decimal
+ number in the range 0-65535.
For a discussion of the differences between reverse
and verified client_name information, see the
diff --git a/postfix/html/XCLIENT_README.html b/postfix/html/XCLIENT_README.html
index 11b1ca269..60724dd36 100644
--- a/postfix/html/XCLIENT_README.html
+++ b/postfix/html/XCLIENT_README.html
@@ -92,23 +92,32 @@ names are shown in upper case, they are in fact case insensitive.
Attribute values are xtext encoded as per RFC 1891.
- The NAME attribute specifies an SMTP client hostname
- (not an SMTP client address), [UNAVAILABLE] when client hostname
- lookup failed due to a permanent error, or [TEMPUNAVAIL] when
- the lookup error condition was transient.
+ The NAME attribute specifies a remote SMTP client
+ hostname (not an SMTP client address), [UNAVAILABLE] when client
+ hostname lookup failed due to a permanent error, or [TEMPUNAVAIL]
+ when the lookup error condition was transient.
- The ADDR attribute specifies an SMTP client numerical
- IPv4 network address, an IPv6 address prefixed with IPV6:, or
- [UNAVAILABLE] when the address information is unavailable.
- Address information is not enclosed with [].
+ The ADDR attribute specifies a remote SMTP client
+ numerical IPv4 network address, an IPv6 address prefixed with
+ IPV6:, or [UNAVAILABLE] when the address information is
+ unavailable. Address information is not enclosed with [].
- The PORT attribute specifies the SMTP client TCP port
- number as a decimal number, or [UNAVAILABLE] when the information
- is unavailable.
+ The PORT attribute specifies a remote SMTP client TCP
+ port number as a decimal number, or [UNAVAILABLE] when the
+ information is unavailable.
The PROTO attribute specifies either SMTP or ESMTP.
+ The DESTADDR attribute specifies a local SMTP server
+ numerical IPv4 network address, an IPv6 address prefixed with
+ IPV6:, or [UNAVAILABLE] when the address information is
+ unavailable. Address information is not enclosed with [].
+
+ The DESTPORT attribute specifies a local SMTP server
+ TCP port number as a decimal number, or [UNAVAILABLE] when the
+ information is unavailable.
+
The HELO attribute specifies an SMTP HELO parameter
value, or the value [UNAVAILABLE] when the information is
unavailable.
diff --git a/postfix/html/dnsblog.8.html b/postfix/html/dnsblog.8.html
index 6b29cccb8..e12f8311d 100644
--- a/postfix/html/dnsblog.8.html
+++ b/postfix/html/dnsblog.8.html
@@ -24,8 +24,9 @@ DNSBLOG(8) DNSBLOG(8)
match and replies with the query arguments plus an address list with
the resulting IP addresses, separated by whitespace, and the reply TTL.
Otherwise it replies with the query arguments plus an empty address
- list and the reply TTL (-1 if unavailable). Finally, The dnsblog(8)
- server closes the connection.
+ list and the reply TTL; the reply TTL is -1 if no reply is received, or
+ a negative reply without SOA record. Finally, The dnsblog(8) server
+ closes the connection.
DIAGNOSTICS
Problems and transactions are logged to syslogd(8).
@@ -35,15 +36,15 @@ DNSBLOG(8) DNSBLOG(8)
run for only a limited amount of time. Use the command "postfix reload"
to speed up a change.
- The text below provides only a parameter summary. See postconf(5) for
+ The text below provides only a parameter summary. See postconf(5) for
more details including examples.
config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and master.cf con-
+ The default location of the Postfix main.cf and master.cf con-
figuration files.
daemon_timeout (18000s)
- How much time a Postfix daemon process may take to handle a
+ How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
postscreen_dnsbl_sites (empty)
@@ -51,7 +52,7 @@ DNSBLOG(8) DNSBLOG(8)
factors.
ipc_timeout (3600s)
- The time limit for sending or receiving information over an
+ The time limit for sending or receiving information over an
internal communication channel.
process_id (read-only)
@@ -67,8 +68,8 @@ DNSBLOG(8) DNSBLOG(8)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the process name in
- syslog records, so that "smtpd" becomes, for example, "post-
+ The mail system name that is prepended to the process name in
+ syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
SEE ALSO
diff --git a/postfix/html/postsuper.1.html b/postfix/html/postsuper.1.html
index 13d778500..b121209c5 100644
--- a/postfix/html/postsuper.1.html
+++ b/postfix/html/postsuper.1.html
@@ -36,9 +36,10 @@ POSTSUPER(1) POSTSUPER(1)
Delete one message with the named queue ID from the named mail
queue(s) (default: hold, incoming, active and deferred).
- If a queue_id of - is specified, the program reads queue IDs
- from standard input. For example, to delete all mail with
- exactly one recipient user@example.com:
+ To delete multiple files, specify the -d option multiple times,
+ or specify a queue_id of - to read queue IDs from standard
+ input. For example, to delete all mail with exactly one recipi-
+ ent user@example.com:
mailq | tail +2 | grep -v '^ *(' | awk 'BEGIN { RS = "" }
# $7=sender, $8=recipient1, $9=recipient2
@@ -46,60 +47,61 @@ POSTSUPER(1) POSTSUPER(1)
print $1 }
' | tr -d '*!' | postsuper -d -
- Specify "-d ALL" to remove all messages; for example, specify
- "-d ALL deferred" to delete all mail in the deferred queue. As
- a safety measure, the word ALL must be specified in upper case.
+ Specify "-d ALL" to remove all messages; for example, specify
+ "-d ALL deferred" to delete all mail in the deferred queue. As
+ a safety measure, the word ALL must be specified in upper case.
- Warning: Postfix queue IDs are reused (always with Postfix <=
- 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
- There is a very small possibility that postsuper deletes the
- wrong message file when it is executed while the Postfix mail
+ Warning: Postfix queue IDs are reused (always with Postfix <=
+ 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
+ There is a very small possibility that postsuper deletes the
+ wrong message file when it is executed while the Postfix mail
system is delivering mail.
The scenario is as follows:
- 1) The Postfix queue manager deletes the message that post-
- super(1) is asked to delete, because Postfix is finished
- with the message (it is delivered, or it is returned to
+ 1) The Postfix queue manager deletes the message that post-
+ super(1) is asked to delete, because Postfix is finished
+ with the message (it is delivered, or it is returned to
the sender).
- 2) New mail arrives, and the new message is given the same
- queue ID as the message that postsuper(1) is supposed to
- delete. The probability for reusing a deleted queue ID
- is about 1 in 2**15 (the number of different microsecond
- values that the system clock can distinguish within a
+ 2) New mail arrives, and the new message is given the same
+ queue ID as the message that postsuper(1) is supposed to
+ delete. The probability for reusing a deleted queue ID
+ is about 1 in 2**15 (the number of different microsecond
+ values that the system clock can distinguish within a
second).
- 3) postsuper(1) deletes the new message, instead of the old
+ 3) postsuper(1) deletes the new message, instead of the old
message that it should have deleted.
-h queue_id
- Put mail "on hold" so that no attempt is made to deliver it.
- Move one message with the named queue ID from the named mail
- queue(s) (default: incoming, active and deferred) to the hold
+ Put mail "on hold" so that no attempt is made to deliver it.
+ Move one message with the named queue ID from the named mail
+ queue(s) (default: incoming, active and deferred) to the hold
queue.
- If a queue_id of - is specified, the program reads queue IDs
- from standard input.
+ To hold multiple files, specify the -h option multiple times, or
+ specify a queue_id of - to read queue IDs from standard input.
- Specify "-h ALL" to hold all messages; for example, specify "-h
- ALL deferred" to hold all mail in the deferred queue. As a
+ Specify "-h ALL" to hold all messages; for example, specify "-h
+ ALL deferred" to hold all mail in the deferred queue. As a
safety measure, the word ALL must be specified in upper case.
- Note: while mail is "on hold" it will not expire when its time
- in the queue exceeds the maximal_queue_lifetime or
- bounce_queue_lifetime setting. It becomes subject to expiration
+ Note: while mail is "on hold" it will not expire when its time
+ in the queue exceeds the maximal_queue_lifetime or
+ bounce_queue_lifetime setting. It becomes subject to expiration
after it is released from "hold".
This feature is available in Postfix 2.0 and later.
-H queue_id
- Release mail that was put "on hold". Move one message with the
- named queue ID from the named mail queue(s) (default: hold) to
+ Release mail that was put "on hold". Move one message with the
+ named queue ID from the named mail queue(s) (default: hold) to
the deferred queue.
- If a queue_id of - is specified, the program reads queue IDs
- from standard input.
+ To release multiple files, specify the -H option multiple times,
+ or specify a queue_id of - to read queue IDs from standard
+ input.
Note: specify "postsuper -r" to release mail that was kept on
hold for a significant fraction of $maximal_queue_lifetime or
@@ -115,63 +117,62 @@ POSTSUPER(1) POSTSUPER(1)
-r queue_id
Requeue the message with the named queue ID from the named mail
- queue(s) (default: hold, incoming, active and deferred). To
- requeue multiple messages, specify multiple -r command-line
- options.
+ queue(s) (default: hold, incoming, active and deferred).
- Alternatively, if a queue_id of - is specified, the program
- reads queue IDs from standard input.
+ To requeue multiple files, specify the -r option multiple times,
+ or specify a queue_id of - to read queue IDs from standard
+ input.
- Specify "-r ALL" to requeue all messages. As a safety measure,
+ Specify "-r ALL" to requeue all messages. As a safety measure,
the word ALL must be specified in upper case.
A requeued message is moved to the maildrop queue, from where it
is copied by the pickup(8) and cleanup(8) daemons to a new queue
- file. In many respects its handling differs from that of a new
+ file. In many respects its handling differs from that of a new
local submission.
- o The message is not subjected to the smtpd_milters or
+ o The message is not subjected to the smtpd_milters or
non_smtpd_milters settings. When mail has passed through
- an external content filter, this would produce incorrect
- results with Milter applications that depend on original
+ an external content filter, this would produce incorrect
+ results with Milter applications that depend on original
SMTP connection state information.
- o The message is subjected again to mail address rewriting
+ o The message is subjected again to mail address rewriting
and substitution. This is useful when rewriting rules or
virtual mappings have changed.
- The address rewriting context (local or remote) is the
+ The address rewriting context (local or remote) is the
same as when the message was received.
- o The message is subjected to the same content_filter set-
- tings (if any) as used for new local mail submissions.
+ o The message is subjected to the same content_filter set-
+ tings (if any) as used for new local mail submissions.
This is useful when content_filter settings have changed.
- Warning: Postfix queue IDs are reused (always with Postfix <=
- 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
+ Warning: Postfix queue IDs are reused (always with Postfix <=
+ 2.8; and with Postfix >= 2.9 when enable_long_queue_ids=no).
There is a very small possibility that postsuper(1) requeues the
- wrong message file when it is executed while the Postfix mail
+ wrong message file when it is executed while the Postfix mail
system is running, but no harm should be done.
This feature is available in Postfix 1.1 and later.
- -s Structure check and structure repair. This should be done once
+ -s Structure check and structure repair. This should be done once
before Postfix startup.
- o Rename files whose name does not match the message file
+ o Rename files whose name does not match the message file
inode number. This operation is necessary after restoring
- a mail queue from a different machine or from backup,
+ a mail queue from a different machine or from backup,
when queue files were created with Postfix <= 2.8 or with
"enable_long_queue_ids = no".
- o Move queue files that are in the wrong place in the file
- system hierarchy and remove subdirectories that are no
- longer needed. File position rearrangements are neces-
+ o Move queue files that are in the wrong place in the file
+ system hierarchy and remove subdirectories that are no
+ longer needed. File position rearrangements are neces-
sary after a change in the hash_queue_names and/or
hash_queue_depth configuration parameters.
- o Rename queue files created with "enable_long_queue_ids =
- yes" to short names, for migration to Postfix <= 2.8.
+ o Rename queue files created with "enable_long_queue_ids =
+ yes" to short names, for migration to Postfix <= 2.8.
The procedure is as follows:
# postfix stop
@@ -181,19 +182,19 @@ POSTSUPER(1) POSTSUPER(1)
Run postsuper(1) repeatedly until it stops reporting file
name changes.
- -S A redundant version of -s that requires that long file names
+ -S A redundant version of -s that requires that long file names
also match the message file inode number. This option exists for
testing purposes, and is available with Postfix 2.9 and later.
- -v Enable verbose logging for debugging purposes. Multiple -v
+ -v Enable verbose logging for debugging purposes. Multiple -v
options make the software increasingly verbose.
DIAGNOSTICS
Problems are reported to the standard error stream and to syslogd(8).
postsuper(1) reports the number of messages deleted with -d, the number
- of messages requeued with -r, and the number of messages whose queue
- file name was fixed with -s. The report is written to the standard
+ of messages requeued with -r, and the number of messages whose queue
+ file name was fixed with -s. The report is written to the standard
error stream and to syslogd(8).
ENVIRONMENT
@@ -205,20 +206,20 @@ POSTSUPER(1) POSTSUPER(1)
cannot be placed "on hold".
CONFIGURATION PARAMETERS
- The following main.cf parameters are especially relevant to this pro-
- gram. The text below provides only a parameter summary. See post-
+ The following main.cf parameters are especially relevant to this pro-
+ gram. The text below provides only a parameter summary. See post-
conf(5) for more details including examples.
config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and master.cf con-
+ The default location of the Postfix main.cf and master.cf con-
figuration files.
hash_queue_depth (1)
- The number of subdirectory levels for queue directories listed
+ The number of subdirectory levels for queue directories listed
with the hash_queue_names parameter.
hash_queue_names (deferred, defer)
- The names of queue directories that are split across multiple
+ The names of queue directories that are split across multiple
subdirectory levels.
queue_directory (see 'postconf -d' output)
@@ -228,8 +229,8 @@ POSTSUPER(1) POSTSUPER(1)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the process name in
- syslog records, so that "smtpd" becomes, for example, "post-
+ The mail system name that is prepended to the process name in
+ syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available in Postfix version 2.9 and later:
diff --git a/postfix/man/man1/postsuper.1 b/postfix/man/man1/postsuper.1
index 5e03fa3b1..82111e660 100644
--- a/postfix/man/man1/postsuper.1
+++ b/postfix/man/man1/postsuper.1
@@ -38,8 +38,9 @@ Delete one message with the named queue ID from the named
mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
\fBdeferred\fR).
-If a \fIqueue_id\fR of \fB\-\fR is specified, the program reads
-queue IDs from standard input. For example, to delete all mail
+To delete multiple files, specify the \fB\-d\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input. For example, to delete all mail
with exactly one recipient \fBuser@example.com\fR:
.sp
.nf
@@ -83,8 +84,9 @@ Move one message with the named queue ID from the named
mail queue(s) (default: \fBincoming\fR, \fBactive\fR and
\fBdeferred\fR) to the \fBhold\fR queue.
-If a \fIqueue_id\fR of \fB\-\fR is specified, the program reads
-queue IDs from standard input.
+To hold multiple files, specify the \fB\-h\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
.sp
Specify "\fB\-h ALL\fR" to hold all messages; for example, specify
"\fB\-h ALL deferred\fR" to hold all mail in the \fBdeferred\fR queue.
@@ -102,8 +104,9 @@ Release mail that was put "on hold".
Move one message with the named queue ID from the named
mail queue(s) (default: \fBhold\fR) to the \fBdeferred\fR queue.
-If a \fIqueue_id\fR of \fB\-\fR is specified, the program reads
-queue IDs from standard input.
+To release multiple files, specify the \fB\-H\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
.sp
Note: specify "\fBpostsuper \-r\fR" to release mail that was kept on
hold for a significant fraction of \fB$maximal_queue_lifetime\fR
@@ -121,11 +124,10 @@ software crashes.
Requeue the message with the named queue ID from the named
mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
\fBdeferred\fR).
-To requeue multiple messages, specify multiple \fB\-r\fR
-command\-line options.
-Alternatively, if a \fIqueue_id\fR of \fB\-\fR is specified,
-the program reads queue IDs from standard input.
+To requeue multiple files, specify the \fB\-r\fR option multiple
+times, or specify a \fIqueue_id\fR of \fB\-\fR to read queue IDs
+from standard input.
.sp
Specify "\fB\-r ALL\fR" to requeue all messages. As a safety
measure, the word \fBALL\fR must be specified in upper case.
diff --git a/postfix/man/man8/dnsblog.8 b/postfix/man/man8/dnsblog.8
index b3c7c9b00..38c5a2474 100644
--- a/postfix/man/man8/dnsblog.8
+++ b/postfix/man/man8/dnsblog.8
@@ -28,8 +28,9 @@ If the IP address is listed under the DNS white/blacklist, the
query arguments plus an address list with the resulting IP
addresses, separated by whitespace, and the reply TTL.
Otherwise it replies with the query arguments plus an empty
-address list and the reply TTL (\-1 if unavailable). Finally,
-The \fBdnsblog\fR(8) server closes the connection.
+address list and the reply TTL; the reply TTL is \-1 if no
+reply is received, or a negative reply without SOA record.
+Finally, The \fBdnsblog\fR(8) server closes the connection.
.SH DIAGNOSTICS
.ad
.fi
@@ -81,9 +82,9 @@ syslogd(5), system logging
.ad
.fi
The Secure Mailer license must be distributed with this software.
-.SH "HISTORY"
-.na
-.nf
+.SH HISTORY
+.ad
+.fi
.ad
.fi
This service was introduced with Postfix version 2.8.
diff --git a/postfix/proto/MILTER_README.html b/postfix/proto/MILTER_README.html
index c7031d48e..eb6873569 100644
--- a/postfix/proto/MILTER_README.html
+++ b/postfix/proto/MILTER_README.html
@@ -601,19 +601,19 @@ sender
| {auth_type} | MAIL, DATA, EOH, EOM | SASL
login method |
- | {client_addr} | Always | Client IP
-address |
+ | {client_addr} | Always | Remote client
+IP address |
| {client_connections} | CONNECT |
Connection concurrency for this client (zero if the client is
excluded from all smtpd_client_* limits). |
- | {client_name} | Always | Client hostname
-
When address → name lookup or name → address
+ |
| {client_name} | Always | Remote client
+hostname
When address → name lookup or name → address
verification fails: "unknown" |
| {client_port} | Always (Postfix ≥2.5) |
- Client TCP port |
+ Remote client TCP port |
| {client_ptr} | CONNECT, HELO, MAIL, DATA |
Client name from address → name lookup
When address
@@ -631,9 +631,15 @@ TLS session key size |
| {cipher} | HELO, MAIL, DATA, EOH, EOM | TLS
cipher |
+ | {daemon_addr} | Always (Postfix ≥3.2) |
+ Local server IP address |
+
| {daemon_name} | Always | value of
milter_macro_daemon_name |
+ | {daemon_port} | Always (Postfix ≥3.2) |
+ Local server TCP port |
+
| {mail_addr} | MAIL | Sender address
|
@@ -748,7 +754,8 @@ example.
Some Milter applications use the "{if_addr}" macro
to recognize local mail; this macro does not exist in Postfix.
-Workaround: use the "{client_addr}" macro instead.
+Workaround: use the "{daemon_addr}" (Postfix &ge 3.2) or
+"{client_addr}" macro instead.
Some Milter applications log a warning that looks like
this:
diff --git a/postfix/proto/POSTSCREEN_README.html b/postfix/proto/POSTSCREEN_README.html
index d0ad3e7fc..072022c67 100644
--- a/postfix/proto/POSTSCREEN_README.html
+++ b/postfix/proto/POSTSCREEN_README.html
@@ -106,7 +106,7 @@ problem will get worse before things improve, if ever. Without a
tool like postscreen(8) that keeps the zombies away, Postfix would be
spending most of its resources not receiving email.
- The main challenge for postscreen(8) is to make an is-it-a-zombie
+
The main challenge for postscreen(8) is to make an is-a-zombie
decision based on a single measurement. This is necessary because
many zombies try to fly under the radar and avoid spamming the same
site repeatedly. Once postscreen(8) decides that a client is
@@ -124,13 +124,13 @@ mail even when the server tells them to go away.
zombies. First, postscreen(8) determines if the remote SMTP client
IP address is blacklisted. Second, postscreen(8) looks for protocol
compromises that are made to speed up delivery. These are good
-indicators for making is-it-a-zombie decisions based on single
+indicators for making is-a-zombie decisions based on single
measurements.
postscreen(8) does not inspect message content. Message content
can vary from one delivery to the next, especially with clients
that (also) send legitimate email. Content is not a good indicator
-for making is-it-a-zombie decisions based on single measurements,
+for making is-a-zombie decisions based on single measurements,
and that is the problem that postscreen(8) is focused on.
@@ -1072,8 +1072,8 @@ of the following options:
A non-persistent memcache: temporary whitelist can be shared
between postscreen(8) daemons on the same host or different
hosts. Disable cache cleanup (postscreen_cache_cleanup_interval
- = 0) in all postscreen(8) daemons because memcache: does not
- implement this (but see example 4 below for memcache: with
+ = 0) in all postscreen(8) daemons because memcache: has no
+ first-next API (but see example 4 below for memcache: with
persistent backup). This requires Postfix 2.9 or later.
diff --git a/postfix/proto/SMTPD_POLICY_README.html b/postfix/proto/SMTPD_POLICY_README.html
index b38a759ea..d7a495ccb 100644
--- a/postfix/proto/SMTPD_POLICY_README.html
+++ b/postfix/proto/SMTPD_POLICY_README.html
@@ -110,6 +110,9 @@ ccert_pubkey_fingerprint=68:B3:29:DA:98:93:E3:40:99:C7:D8:AD:5C:B9:C9:40
client_port=1234
Postfix version 3.1 and later:
policy_context=submission
+Postfix version 3.2 and later:
+server_address=10.3.2.1
+server_port=54321
[empty line]
@@ -144,9 +147,12 @@ policy_context=submission
specifies the number of recipients that Postfix accepted for
the current message.
- The client address is an IPv4 dotted quad in the form
- 1.2.3.4 or it is an IPv6 address in the form 1:2:3::4:5:6.
-
+ The remote client or local server IP address is an
+ IPv4 dotted quad in the form 1.2.3.4 or it is an IPv6 address
+ in the form 1:2:3::4:5:6.
+
+ The remote client or local server port is a decimal
+ number in the range 0-65535.
For a discussion of the differences between reverse
and verified client_name information, see the
diff --git a/postfix/proto/XCLIENT_README.html b/postfix/proto/XCLIENT_README.html
index d53e295c7..5873662f7 100644
--- a/postfix/proto/XCLIENT_README.html
+++ b/postfix/proto/XCLIENT_README.html
@@ -92,23 +92,32 @@ names are shown in upper case, they are in fact case insensitive.
Attribute values are xtext encoded as per RFC 1891.
- The NAME attribute specifies an SMTP client hostname
- (not an SMTP client address), [UNAVAILABLE] when client hostname
- lookup failed due to a permanent error, or [TEMPUNAVAIL] when
- the lookup error condition was transient.
+ The NAME attribute specifies a remote SMTP client
+ hostname (not an SMTP client address), [UNAVAILABLE] when client
+ hostname lookup failed due to a permanent error, or [TEMPUNAVAIL]
+ when the lookup error condition was transient.
- The ADDR attribute specifies an SMTP client numerical
- IPv4 network address, an IPv6 address prefixed with IPV6:, or
- [UNAVAILABLE] when the address information is unavailable.
- Address information is not enclosed with [].
+ The ADDR attribute specifies a remote SMTP client
+ numerical IPv4 network address, an IPv6 address prefixed with
+ IPV6:, or [UNAVAILABLE] when the address information is
+ unavailable. Address information is not enclosed with [].
- The PORT attribute specifies the SMTP client TCP port
- number as a decimal number, or [UNAVAILABLE] when the information
- is unavailable.
+ The PORT attribute specifies a remote SMTP client TCP
+ port number as a decimal number, or [UNAVAILABLE] when the
+ information is unavailable.
The PROTO attribute specifies either SMTP or ESMTP.
+ The DESTADDR attribute specifies a local SMTP server
+ numerical IPv4 network address, an IPv6 address prefixed with
+ IPV6:, or [UNAVAILABLE] when the address information is
+ unavailable. Address information is not enclosed with [].
+
+ The DESTPORT attribute specifies a local SMTP server
+ TCP port number as a decimal number, or [UNAVAILABLE] when the
+ information is unavailable.
+
The HELO attribute specifies an SMTP HELO parameter
value, or the value [UNAVAILABLE] when the information is
unavailable.
diff --git a/postfix/src/cleanup/Makefile.in b/postfix/src/cleanup/Makefile.in
index e61794a20..e425f3ec2 100644
--- a/postfix/src/cleanup/Makefile.in
+++ b/postfix/src/cleanup/Makefile.in
@@ -1087,6 +1087,7 @@ cleanup_milter.o: ../../include/dsn_util.h
cleanup_milter.o: ../../include/header_body_checks.h
cleanup_milter.o: ../../include/header_opts.h
cleanup_milter.o: ../../include/htable.h
+cleanup_milter.o: ../../include/inet_proto.h
cleanup_milter.o: ../../include/iostuff.h
cleanup_milter.o: ../../include/is_header.h
cleanup_milter.o: ../../include/lex_822.h
diff --git a/postfix/src/cleanup/cleanup.h b/postfix/src/cleanup/cleanup.h
index 51c551b08..21e0b9141 100644
--- a/postfix/src/cleanup/cleanup.h
+++ b/postfix/src/cleanup/cleanup.h
@@ -112,6 +112,8 @@ typedef struct CLEANUP_STATE {
const char *client_addr; /* real or ersatz client */
int client_af; /* real or ersatz client */
const char *client_port; /* real or ersatz client */
+ const char *server_addr; /* real or ersatz server */
+ const char *server_port; /* real or ersatz server */
VSTRING *milter_ext_from; /* externalized sender */
VSTRING *milter_ext_rcpt; /* externalized recipient */
VSTRING *milter_err_text; /* milter call-back reply */
@@ -355,4 +357,9 @@ extern void cleanup_body_edit_free(CLEANUP_STATE *);
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
diff --git a/postfix/src/cleanup/cleanup_milter.c b/postfix/src/cleanup/cleanup_milter.c
index c349e72c6..55cfb539a 100644
--- a/postfix/src/cleanup/cleanup_milter.c
+++ b/postfix/src/cleanup/cleanup_milter.c
@@ -96,6 +96,7 @@
#include
#include
#include
+#include
/* Global library. */
@@ -1821,6 +1822,7 @@ static const char *cleanup_milter_eval(const char *name, void *ptr)
*/
#ifndef CLIENT_ATTR_UNKNOWN
#define CLIENT_ATTR_UNKNOWN "unknown"
+#define SERVER_ATTR_UNKNOWN "unknown"
#endif
if (strcmp(name, S8_MAC__) == 0) {
@@ -1842,6 +1844,13 @@ static const char *cleanup_milter_eval(const char *name, void *ptr)
state->client_port : "0");
if (strcmp(name, S8_MAC_CLIENT_PTR) == 0)
return (state->reverse_name);
+ /* XXX S8_MAC_CLIENT_RES needs SMTPD_PEER_CODE_XXX from smtpd. */
+ if (strcmp(name, S8_MAC_DAEMON_ADDR) == 0)
+ return (state->server_addr);
+ if (strcmp(name, S8_MAC_DAEMON_PORT) == 0)
+ return (state->server_port
+ && strcmp(state->server_port, SERVER_ATTR_UNKNOWN) ?
+ state->server_port : "0");
/*
* MAIL FROM macros.
@@ -2005,6 +2014,7 @@ static const char *cleanup_milter_apply(CLEANUP_STATE *state, const char *event,
static void cleanup_milter_client_init(CLEANUP_STATE *state)
{
+ static INET_PROTO_INFO *proto_info;
const char *proto_attr;
/*
@@ -2019,19 +2029,34 @@ static void cleanup_milter_client_init(CLEANUP_STATE *state)
state->client_addr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_ADDR);
state->client_port = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_PORT);
proto_attr = nvtable_find(state->attr, MAIL_ATTR_ACT_CLIENT_AF);
+ state->server_addr = nvtable_find(state->attr, MAIL_ATTR_ACT_SERVER_ADDR);
+ state->server_port = nvtable_find(state->attr, MAIL_ATTR_ACT_SERVER_PORT);
if (state->client_name == 0 || state->client_addr == 0 || proto_attr == 0
|| !alldig(proto_attr)) {
state->client_name = "localhost";
- state->client_addr = "127.0.0.1";
- state->client_af = AF_INET;
+#ifdef AF_INET6
+ if (proto_info == 0)
+ proto_info = inet_proto_info();
+ if (proto_info->sa_family_list[0] == PF_INET6) {
+ state->client_addr = "::1";
+ state->client_af = AF_INET6;
+ } else
+#endif
+ {
+ state->client_addr = "127.0.0.1";
+ state->client_af = AF_INET;
+ }
+ state->server_addr = state->client_addr;
} else
state->client_af = atoi(proto_attr);
if (state->reverse_name == 0)
state->reverse_name = state->client_name;
/* Compatibility with pre-2.5 queue files. */
- if (state->client_port == 0)
+ if (state->client_port == 0) {
state->client_port = NO_CLIENT_PORT;
+ state->server_port = state->client_port;
+ }
}
/* cleanup_milter_inspect - run message through mail filter */
diff --git a/postfix/src/cleanup/cleanup_state.c b/postfix/src/cleanup/cleanup_state.c
index 17a46172b..0103bf09c 100644
--- a/postfix/src/cleanup/cleanup_state.c
+++ b/postfix/src/cleanup/cleanup_state.c
@@ -125,6 +125,8 @@ CLEANUP_STATE *cleanup_state_alloc(VSTREAM *src)
state->client_addr = 0;
state->client_af = 0;
state->client_port = 0;
+ state->server_addr = 0;
+ state->server_port = 0;
state->milter_ext_from = 0;
state->milter_ext_rcpt = 0;
state->milter_err_text = 0;
diff --git a/postfix/src/dnsblog/dnsblog.c b/postfix/src/dnsblog/dnsblog.c
index 29a987b6d..37265f12b 100644
--- a/postfix/src/dnsblog/dnsblog.c
+++ b/postfix/src/dnsblog/dnsblog.c
@@ -20,8 +20,9 @@
/* query arguments plus an address list with the resulting IP
/* addresses, separated by whitespace, and the reply TTL.
/* Otherwise it replies with the query arguments plus an empty
-/* address list and the reply TTL (-1 if unavailable). Finally,
-/* The \fBdnsblog\fR(8) server closes the connection.
+/* address list and the reply TTL; the reply TTL is -1 if no
+/* reply is received, or a negative reply without SOA record.
+/* Finally, The \fBdnsblog\fR(8) server closes the connection.
/* DIAGNOSTICS
/* Problems and transactions are logged to \fBsyslogd\fR(8).
/* CONFIGURATION PARAMETERS
diff --git a/postfix/src/global/dict_mysql.c b/postfix/src/global/dict_mysql.c
index 54ec0016f..a0279f4f1 100644
--- a/postfix/src/global/dict_mysql.c
+++ b/postfix/src/global/dict_mysql.c
@@ -186,6 +186,7 @@
#include
#include
#include
+#include
#ifdef STRCASECMP_IN_STRINGS_H
#include
@@ -288,14 +289,15 @@ static void dict_mysql_quote(DICT *dict, const char *name, VSTRING *result)
{
DICT_MYSQL *dict_mysql = (DICT_MYSQL *) dict;
int len = strlen(name);
- int buflen = 2 * len + 1;
+ int buflen;
/*
* We won't get integer overflows in 2*len + 1, because Postfix input
* keys have reasonable size limits, better safe than sorry.
*/
- if (buflen < len)
+ if (len > (INT_MAX - 1) / 2)
msg_panic("dict_mysql_quote: integer overflow in 2*%d+1", len);
+ buflen = 2 * len + 1;
VSTRING_SPACE(result, buflen);
#if defined(MYSQL_VERSION_ID) && MYSQL_VERSION_ID >= 40000
diff --git a/postfix/src/global/dict_pgsql.c b/postfix/src/global/dict_pgsql.c
index df835f1b0..68de3f291 100644
--- a/postfix/src/global/dict_pgsql.c
+++ b/postfix/src/global/dict_pgsql.c
@@ -241,7 +241,7 @@ static void dict_pgsql_quote(DICT *dict, const char *name, VSTRING *result)
HOST *active_host = dict_pgsql->active_host;
char *myname = "dict_pgsql_quote";
size_t len = strlen(name);
- size_t buflen = 2 * len + 1;
+ size_t buflen;
int err = 1;
if (active_host == 0)
@@ -251,9 +251,11 @@ static void dict_pgsql_quote(DICT *dict, const char *name, VSTRING *result)
* We won't get arithmetic overflows in 2*len + 1, because Postfix input
* keys have reasonable size limits, better safe than sorry.
*/
- if (buflen <= len)
- msg_panic("%s: arithmetic overflow in 2*%lu+1",
- myname, (unsigned long) len);
+ if (len > (SSIZE_T_MAX - VSTRING_LEN(result) - 1) / 2)
+ msg_panic("%s: arithmetic overflow in %lu+2*%lu+1",
+ myname, (unsigned long) VSTRING_LEN(result),
+ (unsigned long) len);
+ buflen = 2 * len + 1;
/*
* XXX Workaround: stop further processing when PQescapeStringConn()
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 8f56c64b5..3cd73fbc0 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -3255,7 +3255,7 @@ extern char *var_cleanup_milters;
extern char *var_milt_def_action;
#define VAR_MILT_CONN_MACROS "milter_connect_macros"
-#define DEF_MILT_CONN_MACROS "j {daemon_name} v"
+#define DEF_MILT_CONN_MACROS "j {daemon_name} {daemon_addr} v"
extern char *var_milt_conn_macros;
#define VAR_MILT_HELO_MACROS "milter_helo_macros"
diff --git a/postfix/src/global/mail_proto.h b/postfix/src/global/mail_proto.h
index 1e427975a..363bc71ec 100644
--- a/postfix/src/global/mail_proto.h
+++ b/postfix/src/global/mail_proto.h
@@ -242,6 +242,8 @@ extern char *mail_pathname(const char *, const char *);
#define XCLIENT_PROTO "PROTO" /* client protocol */
#define XCLIENT_HELO "HELO" /* client helo */
#define XCLIENT_LOGIN "LOGIN" /* SASL login name */
+#define XCLIENT_DESTADDR "DESTADDR" /* server address */
+#define XCLIENT_DESTPORT "DESTPORT" /* server port */
#define XCLIENT_UNAVAILABLE "[UNAVAILABLE]" /* permanently unavailable */
#define XCLIENT_TEMPORARY "[TEMPUNAVAIL]" /* temporarily unavailable */
@@ -307,6 +309,11 @@ extern char *mail_pathname(const char *, const char *);
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
#endif
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index b6f8b3b0f..94268b98a 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20160604"
+#define MAIL_RELEASE_DATE "20160611"
#define MAIL_VERSION_NUMBER "3.2"
#ifdef SNAPSHOT
diff --git a/postfix/src/milter/milter.h b/postfix/src/milter/milter.h
index 9ce7f40ae..f744910d7 100644
--- a/postfix/src/milter/milter.h
+++ b/postfix/src/milter/milter.h
@@ -164,7 +164,7 @@ extern void milter_free(MILTERS *);
/*
* Sendmail 8 macro names. We support forms with and without the {}.
*/
-#define S8_MAC__ "{_}" /* sender resolve */
+#define S8_MAC__ "{_}" /* sender host, see client_resolve */
#define S8_MAC_J "{j}" /* myhostname */
#define S8_MAC_V "{v}" /* mail_name + mail_version */
@@ -179,6 +179,9 @@ extern void milter_free(MILTERS *);
#define S8_MAC_CLIENT_PTR "{client_ptr}"
#define S8_MAC_CLIENT_RES "{client_resolve}"
+#define S8_MAC_DAEMON_ADDR "{daemon_addr}"
+#define S8_MAC_DAEMON_PORT "{daemon_port}"
+
#define S8_MAC_TLS_VERSION "{tls_version}"
#define S8_MAC_CIPHER "{cipher}"
#define S8_MAC_CIPHER_BITS "{cipher_bits}"
diff --git a/postfix/src/milter/test-milter.c b/postfix/src/milter/test-milter.c
index e67cc4375..a835880cf 100644
--- a/postfix/src/milter/test-milter.c
+++ b/postfix/src/milter/test-milter.c
@@ -185,7 +185,9 @@ static const char *macro_names[] = {
"{client_port}",
"{client_ptr}",
"{client_resolve}",
+ "{daemon_addr}",
"{daemon_name}",
+ "{daemon_port}",
"{if_addr}",
"{if_name}",
"{mail_addr}",
diff --git a/postfix/src/postsuper/postsuper.c b/postfix/src/postsuper/postsuper.c
index f243a23d6..34c17d5ce 100644
--- a/postfix/src/postsuper/postsuper.c
+++ b/postfix/src/postsuper/postsuper.c
@@ -32,8 +32,9 @@
/* mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
/* \fBdeferred\fR).
/*
-/* If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
-/* queue IDs from standard input. For example, to delete all mail
+/* To delete multiple files, specify the \fB-d\fR option multiple
+/* times, or specify a \fIqueue_id\fR of \fB-\fR to read queue IDs
+/* from standard input. For example, to delete all mail
/* with exactly one recipient \fBuser@example.com\fR:
/* .sp
/* .nf
@@ -77,8 +78,9 @@
/* mail queue(s) (default: \fBincoming\fR, \fBactive\fR and
/* \fBdeferred\fR) to the \fBhold\fR queue.
/*
-/* If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
-/* queue IDs from standard input.
+/* To hold multiple files, specify the \fB-h\fR option multiple
+/* times, or specify a \fIqueue_id\fR of \fB-\fR to read queue IDs
+/* from standard input.
/* .sp
/* Specify "\fB-h ALL\fR" to hold all messages; for example, specify
/* "\fB-h ALL deferred\fR" to hold all mail in the \fBdeferred\fR queue.
@@ -96,8 +98,9 @@
/* Move one message with the named queue ID from the named
/* mail queue(s) (default: \fBhold\fR) to the \fBdeferred\fR queue.
/*
-/* If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
-/* queue IDs from standard input.
+/* To release multiple files, specify the \fB-H\fR option multiple
+/* times, or specify a \fIqueue_id\fR of \fB-\fR to read queue IDs
+/* from standard input.
/* .sp
/* Note: specify "\fBpostsuper -r\fR" to release mail that was kept on
/* hold for a significant fraction of \fB$maximal_queue_lifetime\fR
@@ -115,11 +118,10 @@
/* Requeue the message with the named queue ID from the named
/* mail queue(s) (default: \fBhold\fR, \fBincoming\fR, \fBactive\fR and
/* \fBdeferred\fR).
-/* To requeue multiple messages, specify multiple \fB-r\fR
-/* command-line options.
/*
-/* Alternatively, if a \fIqueue_id\fR of \fB-\fR is specified,
-/* the program reads queue IDs from standard input.
+/* To requeue multiple files, specify the \fB-r\fR option multiple
+/* times, or specify a \fIqueue_id\fR of \fB-\fR to read queue IDs
+/* from standard input.
/* .sp
/* Specify "\fB-r ALL\fR" to requeue all messages. As a safety
/* measure, the word \fBALL\fR must be specified in upper case.
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 0758aab2f..1365e7d8b 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -1850,7 +1850,9 @@ static int ehlo_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
" " XCLIENT_NAME " " XCLIENT_ADDR
" " XCLIENT_PROTO " " XCLIENT_HELO
" " XCLIENT_REVERSE_NAME " " XCLIENT_PORT
- XCLIENT_LOGIN_KLUDGE);
+ XCLIENT_LOGIN_KLUDGE
+ " " XCLIENT_DESTADDR
+ " " XCLIENT_DESTPORT);
else if (xclient_hosts && xclient_hosts->error)
cant_announce_feature(state, XCLIENT_CMD);
}
@@ -2131,6 +2133,10 @@ static int mail_open_stream(SMTPD_STATE *state)
MAIL_ATTR_ACT_CLIENT_ADDR, state->addr);
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_ACT_CLIENT_PORT, state->port);
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_ACT_SERVER_ADDR, state->dest_addr);
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_ACT_SERVER_PORT, state->dest_port);
if (state->helo_name)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_ACT_HELO_NAME, state->helo_name);
@@ -4032,6 +4038,43 @@ static int xclient_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
}
#endif
+ /*
+ * DESTADDR=substitute SMTP server network address.
+ */
+ else if (STREQ(attr_name, XCLIENT_DESTADDR)) {
+ if (STREQ(attr_value, XCLIENT_UNAVAILABLE)) {
+ attr_value = SERVER_ADDR_UNKNOWN;
+ bare_value = attr_value;
+ } else {
+ if ((bare_value = valid_mailhost_addr(attr_value, DONT_GRIPE)) == 0) {
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
+ XCLIENT_DESTADDR, attr_value);
+ return (-1);
+ }
+ }
+ UPDATE_STR(state->dest_addr, bare_value);
+ /* XXX Require same address family as client address. */
+ }
+
+ /*
+ * DESTPORT=substitute SMTP server port number.
+ */
+ else if (STREQ(attr_name, XCLIENT_DESTPORT)) {
+ if (STREQ(attr_value, XCLIENT_UNAVAILABLE)) {
+ attr_value = SERVER_PORT_UNKNOWN;
+ } else {
+ if (!alldig(attr_value)
+ || strlen(attr_value) > sizeof("65535") - 1) {
+ state->error_mask |= MAIL_ERROR_PROTOCOL;
+ smtpd_chat_reply(state, "501 5.5.4 Bad %s syntax: %s",
+ XCLIENT_DESTPORT, attr_value);
+ return (-1);
+ }
+ }
+ UPDATE_STR(state->dest_port, attr_value);
+ }
+
/*
* Unknown attribute name. Complain.
*/
diff --git a/postfix/src/smtpd/smtpd.h b/postfix/src/smtpd/smtpd.h
index cdc890cfe..13ea8fc1b 100644
--- a/postfix/src/smtpd/smtpd.h
+++ b/postfix/src/smtpd/smtpd.h
@@ -79,7 +79,8 @@ typedef struct {
char *namaddr; /* name[address]:port */
char *rfc_addr; /* address for RFC 2821 */
int addr_family; /* address family */
- char *dest_addr; /* for Dovecot AUTH */
+ char *dest_addr; /* Dovecot AUTH, Milter {daemon_addr} */
+ char *dest_port; /* Milter {daemon_port} */
struct sockaddr_storage sockaddr; /* binary client endpoint */
SOCKADDR_SIZE sockaddr_len; /* binary client endpoint */
int name_status; /* 2=ok 4=soft 5=hard 6=forged */
@@ -279,6 +280,11 @@ extern void smtpd_state_reset(SMTPD_STATE *);
#define CLIENT_DOMAIN_UNKNOWN 0
#define CLIENT_LOGIN_UNKNOWN 0
+#define SERVER_ATTR_UNKNOWN "unknown"
+
+#define SERVER_ADDR_UNKNOWN SERVER_ATTR_UNKNOWN
+#define SERVER_PORT_UNKNOWN SERVER_ATTR_UNKNOWN
+
#define IS_AVAIL_CLIENT_ATTR(v) ((v) && strcmp((v), CLIENT_ATTR_UNKNOWN))
#define IS_AVAIL_CLIENT_NAME(v) IS_AVAIL_CLIENT_ATTR(v)
@@ -397,6 +403,11 @@ extern double smtpd_space_multf;
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
+/*
/* TLS support originally by:
/* Lutz Jaenicke
/* BTU Cottbus
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index db583fbeb..a0287725e 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -160,6 +160,11 @@
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
+/*
/* TLS support originally by:
/* Lutz Jaenicke
/* BTU Cottbus
@@ -3919,6 +3924,10 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
SEND_ATTR_STR(MAIL_ATTR_ACT_CLIENT_PORT, state->port),
SEND_ATTR_STR(MAIL_ATTR_ACT_REVERSE_CLIENT_NAME,
state->reverse_name),
+ SEND_ATTR_STR(MAIL_ATTR_ACT_SERVER_ADDR,
+ state->dest_addr),
+ SEND_ATTR_STR(MAIL_ATTR_ACT_SERVER_PORT,
+ state->dest_port),
SEND_ATTR_STR(MAIL_ATTR_ACT_HELO_NAME,
state->helo_name ? state->helo_name : ""),
SEND_ATTR_STR(MAIL_ATTR_SENDER,
diff --git a/postfix/src/smtpd/smtpd_haproxy.c b/postfix/src/smtpd/smtpd_haproxy.c
index a4c527ce3..300bce44a 100644
--- a/postfix/src/smtpd/smtpd_haproxy.c
+++ b/postfix/src/smtpd/smtpd_haproxy.c
@@ -23,8 +23,8 @@
/* both IPv6 and IPv4 support are enabled with main.cf:inet_protocols.
/* .IP \(bu
/* Update the following session context fields: addr, port,
-/* rfc_addr, addr_family, dest_addr. The addr_family field
-/* applies to the client address.
+/* rfc_addr, addr_family, dest_addr, dest_port. The addr_family
+/* field applies to the client address.
/* .IP \(bu
/* Dynamically allocate storage for string information with
/* mystrdup(). In case of error, leave unassigned string fields
@@ -52,6 +52,11 @@
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
/* System library. */
@@ -147,9 +152,10 @@ int smtpd_peer_from_haproxy(SMTPD_STATE *state)
state->port = mystrdup(smtp_client_port.buf);
/*
- * Avoid surprises in the Dovecot authentication server.
+ * The Dovecot authentication server needs the server IP address.
*/
state->dest_addr = mystrdup(smtp_server_addr.buf);
+ state->dest_port = mystrdup(smtp_server_port.buf);
/*
* Enable normal buffering.
diff --git a/postfix/src/smtpd/smtpd_milter.c b/postfix/src/smtpd/smtpd_milter.c
index 5e421e9ca..463097e82 100644
--- a/postfix/src/smtpd/smtpd_milter.c
+++ b/postfix/src/smtpd/smtpd_milter.c
@@ -113,6 +113,11 @@ const char *smtpd_milter_eval(const char *name, void *ptr)
state->name_status == SMTPD_PEER_CODE_FORGED ? "FORGED" :
state->name_status == SMTPD_PEER_CODE_TEMP ? "TEMP" : "FAIL");
+ if (strcmp(name, S8_MAC_DAEMON_ADDR) == 0)
+ return (state->dest_addr);
+ if (strcmp(name, S8_MAC_DAEMON_PORT) == 0)
+ return (state->dest_port);
+
/*
* HELO macros.
*/
diff --git a/postfix/src/smtpd/smtpd_peer.c b/postfix/src/smtpd/smtpd_peer.c
index 90cfd7eea..f1f80e921 100644
--- a/postfix/src/smtpd/smtpd_peer.c
+++ b/postfix/src/smtpd/smtpd_peer.c
@@ -49,7 +49,12 @@
/* String of the form "ipv4addr" or "ipv6:ipv6addr" for use
/* in Received: message headers.
/* .IP dest_addr
-/* Server address, used by the Dovecot authentication server.
+/* Server address, used by the Dovecot authentication server,
+/* available as Milter {daemon_addr} macro, and as server_address
+/* policy delegation attribute.
+/* .IP dest_port
+/* Server port, available as Milter {daemon_port} macro, and
+/* as server_port policy delegation attribute.
/* .IP name_status
/* The name_status result field specifies how the name
/* information should be interpreted:
@@ -97,6 +102,11 @@
/* IBM T.J. Watson Research
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
+/*
+/* Wietse Venema
+/* Google, Inc.
+/* 111 8th Avenue
+/* New York, NY 10011, USA
/*--*/
/* System library. */
@@ -135,14 +145,6 @@
static INET_PROTO_INFO *proto_info;
/*
- * XXX If we make local endpoint (getsockname) information available to
- * Milter applications as {if_name} and {if_addr}, then we also must be able
- * to provide this via the XCLIENT command for Milter testing.
- *
- * XXX If we make local port information available to policy servers or Milter
- * applications, then we must also make this testable with the XCLIENT
- * command, otherwise there will be confusion.
- *
* XXX If we make local port information available via logging, then we must
* also support these attributes with the XFORWARD command.
*
@@ -412,6 +414,9 @@ static void smtpd_peer_not_inet(SMTPD_STATE *state)
state->name_status = SMTPD_PEER_CODE_OK;
state->reverse_name_status = SMTPD_PEER_CODE_OK;
state->port = mystrdup("0"); /* XXX bogus. */
+
+ state->dest_addr = mystrdup(state->addr); /* XXX bogus. */
+ state->dest_port = mystrdup(state->port); /* XXX bogus. */
}
/* smtpd_peer_no_client - peer went away, or peer info unavailable */
@@ -427,6 +432,9 @@ static void smtpd_peer_no_client(SMTPD_STATE *state)
state->name_status = SMTPD_PEER_CODE_PERM;
state->reverse_name_status = SMTPD_PEER_CODE_PERM;
state->port = mystrdup(CLIENT_PORT_UNKNOWN);
+
+ state->dest_addr = mystrdup(SERVER_ADDR_UNKNOWN);
+ state->dest_port = mystrdup(SERVER_PORT_UNKNOWN);
}
/* smtpd_peer_from_pass_attr - initialize from attribute hash */
@@ -461,14 +469,20 @@ static void smtpd_peer_from_pass_attr(SMTPD_STATE *state)
state->port = mystrdup(cp);
/*
- * Avoid surprises in the Dovecot authentication server.
+ * The Dovecot authentication server needs the server IP address.
*/
if ((cp = htable_find(attr, MAIL_ATTR_ACT_SERVER_ADDR)) == 0)
msg_fatal("missing server address from proxy");
if (valid_hostaddr(cp, DO_GRIPE) == 0)
- msg_fatal("bad IPv6 client address syntax from proxy: %s", cp);
+ msg_fatal("bad IPv6 server address syntax from proxy: %s", cp);
state->dest_addr = mystrdup(cp);
+ if ((cp = htable_find(attr, MAIL_ATTR_ACT_SERVER_PORT)) == 0)
+ msg_fatal("missing server port from proxy");
+ if (valid_hostport(cp, DO_GRIPE) == 0)
+ msg_fatal("bad TCP server port number syntax from proxy: %s", cp);
+ state->dest_port = mystrdup(cp);
+
/*
* Convert the client address from string to binary form.
*/
@@ -556,6 +570,7 @@ void smtpd_peer_init(SMTPD_STATE *state)
state->rfc_addr = 0;
state->port = 0;
state->dest_addr = 0;
+ state->dest_port = 0;
/*
* Determine the remote SMTP client address and port.
@@ -608,4 +623,6 @@ void smtpd_peer_reset(SMTPD_STATE *state)
myfree(state->port);
if (state->dest_addr)
myfree(state->dest_addr);
+ if (state->dest_port)
+ myfree(state->dest_port);
}