diff --git a/postfix/HISTORY b/postfix/HISTORY
index e8117e769..33fbcc620 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -13396,3 +13396,22 @@ Apologies for any names omitted.
 	Workaround: Eric Raymond's man page formatters don't handle
 	low-level *roff .in or .ti controls. We now use .nf and .fi
 	instead. Files: many.
+
+20070331
+
+	Bugfix (introduced Postfix 2.3): segfault with HOLD action
+	in header/body_checks on 64-bit platforms. File:
+	cleanup/cleanup_api.c.
+
+20070402
+
+	Portability (introduced 20070325): the fix for hardlinks
+	and symlinks in postfix-install forgot to work around shells
+	where "IFS=/ command" makes the IFS setting permanent.  This
+	is allowed by some broken standard, and affects Solaris.
+	File: postfix-install.
+
+	Portability (introduced 20070212): the workaround for
+	non-existent library bugs with descriptors >= FD_SETSIZE
+	broke with "fcntl F_DUPFD: Invalid argument" on 64-bit
+	Solaris.  Files: master/multi_server.c, *qmgr/qmgr_transport.c.
diff --git a/postfix/README_FILES/BUILTIN_FILTER_README b/postfix/README_FILES/BUILTIN_FILTER_README
index 662a2d3ea..e0c73526b 100644
--- a/postfix/README_FILES/BUILTIN_FILTER_README
+++ b/postfix/README_FILES/BUILTIN_FILTER_README
@@ -18,8 +18,8 @@ application is given in the BACKSCATTER_README document.
 Because the built-in filter is optimized for stopping specific worms and virus
 outbreaks, it has limitations that make it NOT suitable for general junk email
 and virus detection. For that, you should use one of the external content
-inspection methods that are described in the FILTER_README and
-SMTPD_PROXY_README documents.
+inspection methods that are described in the FILTER_README, SMTPD_PROXY_README
+and MILTER_README documents.
 
 The following diagram gives an over-all picture of how Postfix built-in content
 inspection works:
diff --git a/postfix/README_FILES/SMTPD_PROXY_README b/postfix/README_FILES/SMTPD_PROXY_README
index d92a9f9e6..407fa0de8 100644
--- a/postfix/README_FILES/SMTPD_PROXY_README
+++ b/postfix/README_FILES/SMTPD_PROXY_README
@@ -12,7 +12,9 @@ TThhee PPoossttffiixx bbeeffoorree--qquueeuuee ccoonnt
 
 As of version 2.1, the Postfix SMTP server can forward all incoming mail to a
 content filtering proxy server that inspects all mail BEFORE it is stored in
-the Postfix mail queue.
+the Postfix mail queue. It is roughly equivalent in capabilities to the
+approach described in MILTER_README, except that the latter uses a dedicated
+protocol instead of SMTP.
 
 The before-queue content filter is meant to be used as follows:
 
diff --git a/postfix/RELEASE_NOTES_2.3 b/postfix/RELEASE_NOTES_2.3
new file mode 100644
index 000000000..a1ac8c040
--- /dev/null
+++ b/postfix/RELEASE_NOTES_2.3
@@ -0,0 +1,761 @@
+The stable Postfix release is called postfix-2.3.x where 2=major
+release number, 3=minor release number, x=patchlevel.  The stable
+release never changes except for patches that address bugs or
+emergencies. Patches change the patchlevel and the release date.
+
+New features are developed in snapshot releases. These are called
+postfix-2.4-yyyymmdd where yyyymmdd is the release date (yyyy=year,
+mm=month, dd=day).  Patches are never issued for snapshot releases;
+instead, a new snapshot is released.
+
+The mail_release_date configuration parameter (format: yyyymmdd)
+specifies the release date of a stable release or snapshot release.
+
+Critical notes
+--------------
+
+See RELEASE_NOTES_2.2 if you upgrade from Postfix 2.1 or earlier.
+
+Some Postfix internal protocols have changed.  You need to "postfix
+reload" or restart Postfix, otherwise many servers will log warning
+messages like "unexpected attribute xxx" or "problem talking to
+service yyy", and mail will not be delivered.
+
+The Sendmail-compatible Milter support introduces three new queue
+file record types. As long as you leave this feature turned off,
+you can still go back to Postfix version 2.2 without losing mail
+that was received by Postfix 2.3.
+
+Major changes - DNS lookups
+---------------------------
+
+[Incompat 20050726] Name server replies that contain a malformed
+hostname are now flagged as permanent errors instead of transient
+errors. This change works around a questionable proposal to use
+syntactically invalid hostnames in MX records.
+
+Major changes - DSN
+-------------------
+
+[Feature 20050615] DSN support as described in RFC 3461 .. RFC 3464.
+This gives senders control over successful and failed delivery
+notifications.  DSN involves extra parameters to the SMTP "MAIL
+FROM" and "RCPT TO" commands, as well as extra Postfix sendmail
+command line options for mail submission.
+
+See DSN_README for details. Some implementation notes can be found
+in implementation-notes/DSN.
+
+[Incompat 20050615] The new DSN support conflicts with VERP support.
+For Sendmail compatibility, Postfix now uses the sendmail -V command
+line option for DSN.  To request VERP style delivery, you must now
+specify -XV instead of -V.  The Postfix sendmail command will
+recognize if you try to use -V for VERP-style delivery.  It will
+usually do the right thing, and remind you of the new syntax.
+
+[Incompat 20050828] Postfix no longer sends DSN SUCCESS notification
+after virtual alias expansions when the cleanup server rejects the
+content or size of mail that was submitted with the Postfix sendmail
+command, mail that was forwarded with the local(8) delivery agent,
+or mail that was re-queued with "postsuper -r". Since all the
+recipients are reported as failed, the SUCCESS notification seems
+redundant.
+
+Major changes - LMTP client
+---------------------------
+
+See the "SASL authentication" and "TLS" sections for changes related
+to SASL authentication and TLS support, respectively.
+
+[Feature 20051208] The SMTP client now implements the LMTP protocol.
+Most but not all smtp_xxx parameters now have an lmtp_xxx equivalent.
+This means there are lot of new LMTP features, including support
+for TLS and for the shared connection cache. See the "SMTP client"
+section for details.
+
+[Incompat 20051208] The LMTP client now reports the server as
+"myhostname[/path/name]".  With the real server hostname in delivery
+status reports, the information will be more useful.
+
+Major changes - Milter support
+------------------------------
+
+[Feature 20060515] Milter (mail filter) application support,
+compatible with Sendmail version 8.13.6 and earlier. This allows
+you to run a large number of plug-ins to reject unwanted mail, and
+to sign mail with for example domain keys. All Milter functions are
+implemented except replacing the message body, which will be added
+later. Milters are before-queue filters, so they don't change the
+queue ID.
+
+See the MILTER_README document for a discussion of how to use Milter
+support with Postfix, and limitations of the current implementation.
+
+The Sendmail-compatible Milter support introduces three new queue
+file record types. As long as you leave this feature turned off,
+you can still go back to Postfix version 2.2 without losing mail
+that was received by Postfix 2.3.
+
+[Incompat 20060515] Milter support introduces new logfile event
+types: milter-reject, milter-discard and milter-hold, that identify
+actions from Milter applications. This may affect logfile processing
+software.
+
+Major changes - SASL authentication
+-----------------------------------
+
+[Feature 20051220] Plug-in support for SASL authentication in the
+SMTP server and in the SMTP/LMTP client. With this, Postfix can
+support multiple SASL implementations without source code patches.
+Some distributors may even make SASL support a run-time linking
+option, just like they already do with Postfix lookup tables.
+
+Hints and tips for plug-in developers are in the xsasl/README file.
+
+For backwards compatibility the default plug-in type is Cyrus SASL,
+so everything should behave like it did before. Some error messages
+are slightly different, but these are generally improvements.
+
+The "postconf -a" command shows what plug-in implementations are
+available for the SMTP server, and "postconf -A" does the same for
+the SMTP/LMTP client.  Plug-in implementations are selected with
+the smtpd_sasl_type, smtp_sasl_type and lmtp_sasl_type configuration
+parameters.
+
+Other new configuration parameters are smtpd_sasl_path, smtp_sasl_path
+and lmtp_sasl_path. These are better left alone; they are introduced
+for the convenience of other SASL implementations.
+
+[Feature 20051222] Dovecot SASL support (SMTP server only). Details
+can be found in the SASL_README document.
+
+[Incompat 20051220] The Postfix-with-Cyrus-SASL build procedure has
+changed. You now need to specify -DUSE_CYRUS_SASL in addition to
+-DUSE_SASL_AUTH or else you end up without any Cyrus SASL support.
+The error messages are:
+
+    unsupported SASL server implementation: cyrus
+    unsupported SASL client implementation: cyrus
+
+[Feature 20051125] This snapshot adds support for sender-dependent
+ISP accounts.
+
+- Sender-dependent smarthost lookup tables.  The maps are searched
+  with the sender address and with the sender @domain.  The result
+  overrides the global relayhost setting, but otherwise has identical
+  behavior. See the postconf(5) manual page for more details.
+
+  Example:
+    /etc/postfix/main.cf:
+	sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
+
+- Sender-dependent SASL authentication support. This disables SMTP
+  connection caching to ensure that mail from different senders
+  will use the correct authentication credentials. The SMTP SASL
+  password file is first searched by sender address, and then by
+  the remote domain and hostname as usual.
+
+  Example:
+    /etc/postfix/main.cf:
+	smtp_sasl_auth_enable = yes
+	smtp_sender_dependent_authentication = yes
+	smtp_sasl_password_maps = hash:/etc/postfix/sasl_pass
+
+[Incompat 20060707] The SMTP/LMTP client now defers delivery when
+a SASL password exists but the server does not announce support for
+SASL authentication.  This can happen with servers that announce
+SASL support only when TLS is turned on.  When an opportunistic TLS
+handshake fails, Postfix >= 2.3 retries delivery in plaintext, and
+the remote server rejects mail from the unauthenticated client.
+Specify "smtp_sasl_auth_enforce = no" to deliver mail anyway.
+
+Major changes - SMTP client
+---------------------------
+
+See the "SASL authentication" and "TLS" sections for changes related
+to SASL authentication and TLS support, respectively.
+
+[Feature 20051208] The SMTP client now implements the LMTP protocol.
+Most but not all smtp_xxx parameters now have an lmtp_xxx equivalent.
+This means there are lot of new LMTP features, including support
+for TLS and for the shared connection cache.
+
+[Incompat 20060112] The Postfix SMTP/LMTP client by default no
+longer allows DNS CNAME records to override the server hostname
+that is used for logging, SASL password lookup, TLS policy selection
+and TLS server certificate verification. Specify
+"smtp_cname_overrides_servername = yes" to get the old behavior.
+
+[Incompat 20060103] The Postfix SMTP/LMTP client no longer defers
+mail delivery when it receives a malformed SMTP server reply in a
+session with command pipelining.  When helpful warnings are enabled,
+it will suggest that command pipelining be disabled for the affected
+destination.
+
+[Incompat 20051208] The fallback_relay feature is renamed to
+smtp_fallback_relay, to make clear that the combined SMTP/LMTP
+client uses this setting only for SMTP deliveries. The old name
+still works.
+
+[Incompat 20051106] The relay=... logging has changed and now
+includes the remote SMTP server port number as hostname[hostaddr]:port.
+
+[Incompat 20051026] The smtp_connection_cache_reuse_limit parameter
+(which limits the number of deliveries per SMTP connection) is
+replaced by the new smtp_connection_reuse_time_limit parameter (the
+time after which a connection is no longer stored into the connection
+cache).
+
+[Feature 20051026] This snapshot addresses a performance stability
+problem with remote SMTP servers. The problem is not specific to
+Postfix: it can happen when any MTA sends large amounts of SMTP
+email to a site that has multiple MX hosts. The insight that led
+to the solution, as well as an initial implementation, are due to
+Victor Duchovni.
+
+The problem starts when one of a set of MX hosts becomes slower
+than the rest.  Even though SMTP clients connect to fast and slow
+MX hosts with equal probability, the slow MX host ends up with more
+simultaneous inbound connections than the faster MX hosts, because
+the slow MX host needs more time to serve each client request.
+
+The slow MX host becomes a connection attractor.  If one MX host
+becomes N times slower than the rest, it dominates mail delivery
+latency unless there are more than N fast MX hosts to counter the
+effect. And if the number of MX hosts is smaller than N, the mail
+delivery latency becomes effectively that of the slowest MX host
+divided by the total number of MX hosts.
+
+The solution uses connection caching in a way that differs from
+Postfix 2.2.  By limiting the amount of time during which a connection
+can be used repeatedly (instead of limiting the number of deliveries
+over that connection), Postfix not only restores fairness in the
+distribution of simultaneous connections across a set of MX hosts,
+it also favors deliveries over connections that perform well, which
+is exactly what we want.
+
+The smtp_connection_reuse_time_limit feature implements the connection
+reuse time limit as discussed above.  It limits the amount of time
+after which an SMTP connection is no longer stored into the connection
+cache. The default limit, 300s, can result in a huge number of
+deliveries over a single connection.
+
+This solution will be complete when Postfix logging is updated to
+include information about the number of times that a connection was
+used. This information is needed to diagnose inter-operability
+problems with servers that exhibit bugs when they receive multiple
+messages over the same connection.
+
+[Incompat 20050627] The Postfix SMTP client no longer applies the
+smtp_mx_session_limit to non-permanent errors during the TCP, SMTP,
+HELO or TLS handshake.  Previous versions did that only with TCP
+and SMTP handshake errors.
+
+[Incompat 20050622] The Postfix SMTP client by default limits the
+number of MX server addresses to smtp_mx_address_limit=5. Previously
+this limit was disabled by default. The new limit prevents Postfix
+from spending lots of time trying to connect to lots of bogus MX
+servers.
+
+Major changes - SMTP server
+---------------------------
+
+See the "SASL authentication" and "TLS" sections for changes related
+to SASL authentication and TLS support, respectively.
+
+[Feature 20051222] To accept the non-compliant user@ipaddress form,
+specify "resolve_numeric_domain = yes".  Postfix will deliver the
+mail to user@[ipaddress] instead.
+
+[Incompat 20051202] The Postfix SMTP server now refuses to receive
+mail from the network if it isn't running with postfix mail_owner
+privileges.  This prevents surprises when, for example, "sendmail
+-bs" is configured to run as root from xinetd.
+
+[Incompat 20051121] Although the permit_mx_backup feature still
+accepts mail for authorized destinations (see permit_mx_backup for
+definition), with all other destinations it now requires that the
+local MTA is listed as non-primary MX server. This prevents mail
+loop problems when someone points their primary MX record at a
+Postfix system.
+
+[Feature 20051011] Optional suppression of remote SMTP client
+hostname lookup and hostname verification. Specify "smtpd_peername_lookup
+= no" to eliminate DNS lookup latencies, but do so only under extreme
+conditions, as it makes Postfix logging less informative.
+
+[Feature 20050724] SMTPD Access control based on the existence of
+an address->name mapping, with reject_unknown_reverse_client_hostname.
+There is no corresponding access table lookup feature, because the
+name is not validated in any way (except that it has proper syntax).
+
+Several confusing SMTPD access restrictions were renamed:
+
+    reject_unknown_client -> reject_unknown_client_hostname,
+    reject_unknown_hostname -> reject_unknown_helo_hostname,
+    reject_invalid_hostname -> reject_invalid_helo_hostname,
+    reject_non_fqdn_hostname -> reject_non_fqdn_helo_hostname.
+
+The old names are still recognized and documented.
+
+Major changes - TLS
+-------------------
+
+Major revisions were made to Postfix TLS support; see TLS_README
+for the details. For backwards compatibility, the old TLS policy
+user interface will be kept intact for a few releases so that sites
+can upgrade Postfix without being forced to use a different TLS
+policy mechanism.
+
+[Feature 20060614] New concept: TLS security levels ("none", "may",
+"encrypt", "verify" or "secure") in the Postfix SMTP client.  You
+can specify the TLS security level via the smtp_tls_security_level
+parameter.  This is more convenient than controlling TLS with the
+multiple smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername,
+parameters.
+
+[Feature 20060709] TLS security levels ("none", "may", "encrypt")
+in the Postfix SMTP server. You specify the security level with the
+smtpd_tls_security_level parameter. This overrides the multiple
+smtpd_use_tls and smtpd_enforce_tls parameters.  When one of the
+unimplemented "verify" or "secure" levels is specified, the Postfix
+SMTP server logs a warning and uses "encrypt" instead.
+
+[Feature 20060123] A new per-site TLS policy mechanism for the
+Postfix SMTP client that supports the new TLS security levels,
+and that eliminates DNS spoofing attacks more effectively.
+
+[Feature 20060626] Both the Postfix SMTP client and server can be
+configured without a client or server certificate. An SMTP server
+without certificate can use only anonymous ciphers, and will not
+inter-operate with most clients.
+
+The Postfix SMTP server supports anonymous ciphers when 1) no client
+certificates are requested or required, and 2) the administrator
+has not excluded the "aNULL" OpenSSL cipher type with the
+smtpd_tls_exclude_ciphers parameter.
+
+The Postfix SMTP client supports anonymous ciphers when 1) no server
+certificate is required and 2) the administrator has not excluded
+the "aNULL" OpenSSL cipher type with the smtp_tls_exclude_ciphers
+parameter.
+
+[Incompat 20060707] The SMTPD policy client now encodes the
+ccert_subject and ccert_issuer attributes as xtext. Some characters
+are represented by +XX, where XX is the two-digit hexadecimal
+representation of the character value.
+
+[Feature 20060614] The smtpd_tls_protocols parameter restricts the
+list of TLS protocols supported by the SMTP server.  This is
+recommended for use with MSA configurations only.  It should not
+be used with MX hosts that receive mail from the Internet, as it
+reduces inter-operability.
+
+[Incompat 20060614] The smtp_tls_cipherlist parameter only applies
+when TLS is mandatory.  It is ignored with opportunistic TLS sessions.
+
+[Incompat 20060614] At (lmtp|smtp|smtpd)_tls_loglevel >= 2, Postfix
+now also logs TLS session cache activity. Use level 2 and higher
+for debugging only; use levels 0 or 1 as production settings.
+
+[Incompat 20060207] The Postfix SMTP server no longer complains
+when TLS support is not compiled in while permit_tls_clientcerts,
+permit_tls_all_clientcerts, or check_ccert_access are specified in
+main.cf. These features now are effectively ignored.  However, the
+reject_plaintext_session feature is not ignored and will reject
+plain-text mail.
+
+[Feature 20060123] Some obscure behavior was eliminated from the
+smtp_tls_per_site feature, without changes to the user interface.
+Some Postfix internals had to be re-structured for the new TLS
+policy mechanism; for this, smtp_tls_per_site had to be re-implemented.
+The obscure behavior was found during compatibility testing.
+
+[Feature 20051011] Optional protection against SMTP clients that
+hammer the server with too many new (i.e. uncached) SMTP-over-TLS
+sessions. Cached sessions are much less expensive in terms of CPU
+cycles. Use the smtpd_client_new_tls_session_rate_limit parameter
+to specify a limit that is at least the inbound client concurrency
+limit, or else you may deny legitimate service requests.
+
+Major changes - VERP
+--------------------
+
+[Incompat 20050615] The new DSN support conflicts with VERP support.
+For Sendmail compatibility, Postfix now uses the sendmail -V command
+line option for DSN.  In order to request VERP style delivery, you
+must now specify -XV instead of -V.  The Postfix sendmail command
+will recognize if you try to use -V for VERP-style delivery.  It
+will do the right thing and will remind you of the new syntax.
+
+Major changes - XCLIENT and XFORWARD
+------------------------------------
+
+[Incompat 20060611] The SMTP server XCLIENT implementation has
+changed. The SMTP server now resets state to the initial server
+greeting stage, immediately before the EHLO/HELO greeting.  This
+was needed to correctly simulate the effect of connection-level
+access restrictions.  Without this change, XCLIENT would not work
+at all with Milter applications.
+
+[Incompat 20060611] The SMTP server XCLIENT and XFORWARD commands
+now expect that attributes are xtext encoded (RFC 1891). For backwards
+compatibility they will also accept unencoded attribute values. The
+XFORWARD client code in the SMTP client and in the SMTPD_PROXY
+client now always encode attribute values. This change will have a
+visible effect only for malformed hostname and helo parameter values.
+
+For more details, see the XCLIENT_README and XFORWARD_README
+documents.
+
+Major changes - address manipulation
+------------------------------------
+
+[Incompat 20060123] Postfix now preserves uppercase information
+while mapping addresses with canonical, virtual, relocated or generic
+maps; this happens even with $number substitutions in regular
+expression maps. However, the local(8) and virtual(8) delivery
+agents still fold addresses to lower case.
+
+As a side effect, Postfix now also does a better job at being case
+insensitive where it should be, for example while searching per-host
+TLS policies or SASL passwords.
+
+By default, Postfix now folds the search string to lowercase only
+with tables that have fixed-case lookup fields such as btree:,
+hash:, dbm:, ldap:, or *sql:. The search string is no longer case
+folded with tables whose lookup fields can match both upper or lower
+case, such as regexp:, pcre:, or cidr:.
+
+For safety reasons, Postfix no longer allows $number substitution
+in regexp: or pcre: transport tables or per-sender relayhost tables.
+
+Major changes - bounce message templates
+----------------------------------------
+
+[Feature 20051113] Configurable bounce messages, based on a format
+that was developed by Nicolas Riendeau. The file with templates is
+specified with the bounce_template_file parameter. Details are in
+the bounce(5) manual page, and examples of the built-in templates
+can be found in $config_directory/bounce.cf.default. The template
+for the default bounce message looks like this:
+
+    failure_template = <<EOF
+    Charset: us-ascii
+    From: MAILER-DAEMON (Mail Delivery System)
+    Subject: Undelivered Mail Returned to Sender
+    Postmaster-Subject: Postmaster Copy: Undelivered Mail
+
+    This is the $mail_name program at host $myhostname.
+
+    I'm sorry to have to inform you that your message could not
+    be delivered to one or more recipients. It's attached below.
+
+    For further assistance, please send mail to <postmaster>
+
+    If you do so, please include this problem report. You can
+    delete your own text from the attached returned message.
+
+                            The $mail_name program
+    EOF
+
+Major changes - built-in filters
+--------------------------------
+
+[Feature 20050828] Configurable filters to reject or remove unwanted
+characters in email content. The message_reject_characters and
+message_strip_characters parameters understand the usual C-like
+escape sequences: \a \b \f \n \r \t \v \ddd (up to three octal
+digits) and \\.
+
+[Incompat 20050828] When a header/body_checks rule or when
+message_reject_characters rejects mail that was submitted with the
+Postfix sendmail command (or re-queued with "postsuper -r"), the
+returned message is now limited to just the message headers, to
+avoid the risk of exposure to harmful content in the message body
+or attachments.
+
+Major changes - database support
+--------------------------------
+
+[Incompat 20060611] The PostgreSQL client was updated after the
+PostgreSQL developers made major database API changes in response
+to SQL injection problems.  This breaks support for PGSQL versions
+prior to 8.1.4, 8.0.8, 7.4.13, and 7.3.15. Support for these requires
+major code changes which are not possible in the time that is left
+for completing the Postfix 2.3 stable release.
+
+Major changes - enhanced status codes
+-------------------------------------
+
+[Feature 20050328] This release introduces support for RFC 3463
+enhanced status codes.  For example, status code 5.1.1 means
+"recipient unknown". Postfix recognizes enhanced status codes in
+remote server replies, generates enhanced status codes while handling
+email, and reports enhanced status codes in non-delivery notifications.
+This improves the user experience with mail clients that translate
+enhanced status codes into text in the user's own language.
+
+You can, but don't have to, specify RFC 3463 enhanced status codes
+in the output from commands that receive mail from a pipe. If a
+command terminates with non-zero exit status, and an enhanced status
+code is present at the beginning of the command output, then that
+status code takes precedence over the non-zero exit status.
+
+You can, but don't have to, specify RFC 3463 enhanced status codes
+in Postfix access maps, header/body_checks REJECT actions, or in
+RBL replies.  For example:
+
+    REJECT 5.7.1 You can't go here from there
+
+The status 5.7.1 means "no authorization, message refused", and is
+the default for access maps, header/body_checks REJECT actions, and
+for RBL replies.
+
+[Feature 20050328] If you specify your own enhanced status code,
+the Postfix SMTP server will automatically change a leading '5'
+digit (hard error) into '4' where appropriate.  This is needed, for
+example, with soft_bounce=yes.
+
+[Feature 20050510] This release improves usability of enhanced
+status codes in Postfix access tables, RBL reply templates and in
+transport maps that use the error(8) delivery agent.
+
+- When the SMTP server rejects a sender address, it transforms a
+  recipient DSN status (e.g., 4.1.1-4.1.6) into the corresponding
+  sender DSN status, and vice versa.
+
+- When the SMTP server rejects non-address information (such as the
+  HELO command parameter or the client hostname/address), it
+  transforms a sender or recipient DSN status into a generic
+  non-address DSN status (e.g., 4.0.0).
+
+These transformations are needed when the same access table or RBL
+reply template are used for client, helo, sender, or recipient
+restrictions; or when the same error(8) mailer information is used
+for both senders and recipients.
+
+Major changes - local alias expansion
+-------------------------------------
+
+[Incompat 20051011] The Postfix local(8) delivery agent no longer
+updates its idea of the Delivered-To: address while it expands
+aliases or .forward files. With deeply nested aliases or .forward
+files, this can greatly reduce the number of queue files and cleanup
+process instances. To get the earlier behavior, specify
+"frozen_delivered_to = no".
+
+The frozen_delivered_to feature can help to alleviate a long-standing
+problem with multiple deliveries to recipients that are listed
+multiple times in a hierarchy of nested aliases. For this to work,
+only the top-level alias should have an owner- alias, and none of
+the subordinate aliases.
+
+Major changes - logging
+-----------------------
+
+[Incompat 20060515] Milter support introduces new logfile event
+types: milter-reject, milter-discard and milter-hold, that identify
+actions from Milter applications. This may affect logfile processing
+software.
+
+[Incompat 20051106] The relay=... logging has changed and now
+includes the remote SMTP server port number as hostname[hostaddr]:port.
+
+[Incompat 20060112] The Postfix SMTP/LMTP client by default no
+longer allows DNS CNAME records to override the server hostname
+that is used for logging, SASL password lookup, TLS policy selection
+and TLS server certificate verification. Specify
+"smtp_cname_overrides_servername = yes" to get the old behavior.
+
+[Incompat 20051105] All delay logging now has sub-second resolution,
+including the over-all "delay=nnn" logging.  A patch is available
+for pflogsumm (pflogsumm-conn-delays-dsn-patch). The qshape script
+has been updated (auxiliary/qshape/qshape.pl).
+
+[Feature 20051103] This release makes a beginning with a series of
+new attributes in Postfix logfile records.
+
+- Better insight into the nature of performance bottle necks, with
+  detailed logging of delays in various stages of message delivery.
+  Postfix logs additional delay information as "delays=a/b/c/d"
+  where a=time before queue manager, including message transmission;
+  b=time in queue manager; c=connection setup time including DNS,
+  HELO and TLS; d=message transmission time.
+
+- Logging of the connection reuse count when SMTP connections are
+  used for more than one message delivery.  This information is
+  needed because Postfix can now reuse connections hundreds of times
+  or more. Logging of the connection reuse count can help to diagnose
+  inter-operability problems with servers that suffer from memory
+  leaks or other resource leaks.
+
+At this point the Postfix logging for a recipient looks like this:
+
+    Nov  3 16:04:31 myname postfix/smtp[30840]: 19B6B2900FE:
+    to=<wietse@test.example.com>, orig_to=<wietse@test>,
+    relay=mail.example.com[1.2.3.4], conn_use=2, delay=0,
+    delays=0/0.01/0.05/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok)
+
+The following two logfile fields may or may not be present:
+
+    orig_to     This is omitted when the address did not change.
+    conn_use    This is omitted when a connection is used once.
+
+[Incompat 20050503] The format of some "warning:" messages in the
+maillog has changed so that they are easier to sort:
+
+- The logging now talks about "access table", instead of using three
+  different expressions "access table", "access map" and "SMTPD
+  access map" for the same thing.
+
+- "non-SMTP command" is now logged BEFORE the client name/address
+  and the offending client input, instead of at the end.
+
+[Incompat 20050328] The logging format has changed. Postfix delivery
+agents now log the RFC 3463 enhanced status code as "dsn=x.y.z"
+where y and z can be up to three digits each.
+
+[Incompat 20051208] The LMTP client now reports the server as
+"myhostname[/path/name]".  With the real server hostname in delivery
+status reports, the information will be more useful.
+
+Major changes - performance
+---------------------------
+
+[Incompat 20051105] All delay logging now has sub-second resolution,
+including the over-all "delay=nnn" logging.  A patch is available
+for pflogsumm (pflogsumm-conn-delays-dsn-patch). The qshape script
+has been updated (auxiliary/qshape/qshape.pl).
+
+[Incompat 20050622] The Postfix SMTP client by default limits the
+number of MX server addresses to smtp_mx_address_limit=5. Previously
+this limit was disabled by default. The new limit prevents Postfix
+from spending lots of time trying to connect to lots of bogus MX
+servers.
+
+[Feature 20051026] This snapshot addresses a performance stability
+problem with remote SMTP servers. The problem is not specific to
+Postfix: it can happen when any MTA sends large amounts of SMTP
+email to a site that has multiple MX hosts. The insight that led
+to the solution, as well as an initial implementation, are due to
+Victor Duchovni.
+
+The problem starts when one of a set of MX hosts becomes slower
+than the rest.  Even though SMTP clients connect to fast and slow
+MX hosts with equal probability, the slow MX host ends up with more
+simultaneous inbound connections than the faster MX hosts, because
+the slow MX host needs more time to serve each client request.
+
+The slow MX host becomes a connection attractor.  If one MX host
+becomes N times slower than the rest, it dominates mail delivery
+latency unless there are more than N fast MX hosts to counter the
+effect. And if the number of MX hosts is smaller than N, the mail
+delivery latency becomes effectively that of the slowest MX host
+divided by the total number of MX hosts.
+
+The solution uses connection caching in a way that differs from
+Postfix 2.2.  By limiting the amount of time during which a connection
+can be used repeatedly (instead of limiting the number of deliveries
+over that connection), Postfix not only restores fairness in the
+distribution of simultaneous connections across a set of MX hosts,
+it also favors deliveries over connections that perform well, which
+is exactly what we want.
+
+The smtp_connection_reuse_time_limit feature implements the connection
+reuse time limit as discussed above.  It limits the amount of time
+after which an SMTP connection is no longer stored into the connection
+cache. The default limit, 300s, can result in a huge number of
+deliveries over a single connection.
+
+This solution will be complete when Postfix logging is updated to
+include information about the number of times that a connection was
+used. This information is needed to diagnose inter-operability
+problems with servers that exhibit bugs when they receive multiple
+messages over the same connection.
+
+[Feature 20051011] Optional protection against SMTP clients that
+hammer the server with too many new (i.e. uncached) SMTP-over-TLS
+sessions. Cached sessions are much less expensive in terms of CPU
+cycles. Use the smtpd_client_new_tls_session_rate_limit parameter
+to specify a limit that is at least the inbound client concurrency
+limit, or else you may deny legitimate service requests.
+
+[Feature 20051011] Optional suppression of remote SMTP client
+hostname lookup and hostname verification. Specify "smtpd_peername_lookup
+= no" to eliminate DNS lookup latencies, but do so only under extreme
+conditions, as it makes Postfix logging less informative.
+
+Major changes - portability
+---------------------------
+
+[Incompat 20050716] Internal interfaces have changed; this may break
+third-party patches because the types of function arguments and of
+result values have changed.  The types of buffer lengths and offsets
+were changed from "int" or "unsigned int" (32 bit on 32-bit and
+LP64 systems) to "ssize_t" or "size_t" (64 bit on LP64 systems, 32
+bit on 32-bit systems).
+
+This change makes no difference in Postfix behavior on 32-bit
+systems. On LP64 systems, however, this change not only eliminates
+some obscure portability bugs, it also eliminates unnecessary
+conversions between 32/64 bit integer types, because many system
+library routines take "(s)size_t" arguments or return "(s)size_t"
+values.
+
+This change may break software on LP64 systems 1) when Postfix is
+linked with pre-compiled code that was compiled with old Postfix
+interface definitions and 2) when compiling Postfix source that was
+modified by a third-party patch: incorrect code will be generated
+when the patch passes the wrong integer argument type in contexts
+that disable automatic argument type conversions.  Examples of such
+contexts are formatting with printf-like arguments, and invoking
+functions that write Postfix request or reply attributes across
+inter-process communication channels.  Unfortunately, gcc reports
+"(unsigned) int" versus "(s)size_t" format string argument mis-matches
+only on LP64 systems.
+
+Major changes - safety
+----------------------
+
+[Incompat 20051121] Although the permit_mx_backup feature still
+accepts mail for authorized destinations (see permit_mx_backup for
+definition), with all other destinations it now requires that the
+local MTA is listed as non-primary MX. This prevents mail loop
+problems when someone points the primary MX record at a Postfix
+system.
+
+[Incompat 20051011] The Postfix local(8) delivery agent no longer
+updates its idea of the Delivered-To: address while it expands
+aliases or .forward files. With deeply nested aliases or .forward
+files, this can greatly reduce the number of queue files and cleanup
+process instances. To get the earlier behavior, specify
+"frozen_delivered_to = no".
+
+The frozen_delivered_to feature can help to alleviate a long-standing
+problem with multiple deliveries to recipients that are listed
+multiple times in a hierarchy of nested aliases. For this to work,
+only the top-level alias should have an owner- alias, and none of
+the subordinate aliases.
+
+[Incompat 20050828] When a header/body_checks rule or when
+message_reject_characters rejects mail that was submitted with the
+Postfix sendmail command (or re-queued with "postsuper -r"), the
+returned message is now limited to just the message headers, to
+avoid the risk of exposure to harmful content in the message body
+or attachments.
+
+[Incompat 20051202] The Postfix SMTP server now refuses to receive
+mail from the network if it isn't running with postfix mail_owner
+privileges.  This prevents surprises when, for example, "sendmail
+-bs" is configured to run as root from xinetd.
+
+[Incompat 20060123] For safety reasons, Postfix no longer allows
+$number substitution in regexp: or pcre: transport tables or
+per-sender relayhost tables.
+
+[Incompat 20060112] The Postfix SMTP/LMTP client by default no
+longer allows DNS CNAME records to override the server hostname
+that is used for logging, SASL password lookup, TLS policy selection
+and TLS server certificate verification. Specify
+"smtp_cname_overrides_servername = yes" to get the old behavior.
diff --git a/postfix/html/BUILTIN_FILTER_README.html b/postfix/html/BUILTIN_FILTER_README.html
index 322e35f0a..91a9aeeee 100644
--- a/postfix/html/BUILTIN_FILTER_README.html
+++ b/postfix/html/BUILTIN_FILTER_README.html
@@ -37,8 +37,8 @@ is given in the <a href="BACKSCATTER_README.html">BACKSCATTER_README</a> documen
 worms and virus outbreaks, it has <a href="#limitations">limitations</a>
 that make it NOT suitable for general junk email and virus detection.
 For that, you should use one of the external content inspection
-methods that are described in the <a href="FILTER_README.html">FILTER_README</a> and <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a>
-documents.  </p>
+methods that are described in the <a href="FILTER_README.html">FILTER_README</a>, <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a>
+and <a href="MILTER_README.html">MILTER_README</a> documents.  </p>
 
 <p> The following diagram gives an over-all picture of how Postfix
 built-in content inspection works: </p>
@@ -353,7 +353,7 @@ Postfix versions do not support the <a href="postconf.5.html#receive_override_op
 </p>
 
 <p> The easiest approach is to configure ONE Postfix instance with
-multiple SMTP server IP addresses in master.cf: </p>
+multiple SMTP server IP addresses in <a href="master.5.html">master.cf</a>: </p>
 
 <ul>
 
@@ -362,7 +362,7 @@ only, with header/body filtering turned off, and a local mail pickup
 service with header/body filtering turned off.  </p>
 
 <pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
     # ==================================================================
     # service      type  private unpriv  chroot  wakeup  maxproc command
     #                    (yes)   (yes)   (yes)   (never) (100)
@@ -376,10 +376,10 @@ service with header/body filtering turned off.  </p>
 </pre>
 
 <li> <p> One SMTP server address for mail from outside users with
-header/body filtering turned on via main.cf. </p>
+header/body filtering turned on via <a href="postconf.5.html">main.cf</a>. </p>
 
 <pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
     # =================================================================
     # service     type  private unpriv  chroot  wakeup  maxproc command
     #                   (yes)   (yes)   (yes)   (never) (100)
@@ -397,13 +397,13 @@ Postfix versions do not support the <a href="postconf.5.html#receive_override_op
 
 <p> If you are MX service provider and want to apply disable
 head/body checks for some domains, you can configure ONE Postfix
-instance with multiple SMTP server IP addresses in master.cf. Each
+instance with multiple SMTP server IP addresses in <a href="master.5.html">master.cf</a>. Each
 address provides a different service. </p>
 
 <blockquote>
 
 <pre>
-/etc/postfix.master.cf:
+/etc/postfix.<a href="master.5.html">master.cf</a>:
     # =================================================================
     # service     type  private unpriv  chroot  wakeup  maxproc command
     #                   (yes)   (yes)   (yes)   (never) (100)
diff --git a/postfix/html/SMTPD_PROXY_README.html b/postfix/html/SMTPD_PROXY_README.html
index 53fdb5a44..09f342797 100644
--- a/postfix/html/SMTPD_PROXY_README.html
+++ b/postfix/html/SMTPD_PROXY_README.html
@@ -27,8 +27,10 @@ href="#pros_cons">Pros and Cons</a>" section below for details.
 <h2>The Postfix before-queue content filter feature</h2>
 
 <p> As of version 2.1, the Postfix SMTP server can forward all
-incoming mail to a content filtering proxy server that inspects
-all mail BEFORE it is stored in the Postfix mail queue. </p>
+incoming mail to a content filtering proxy server that inspects all
+mail BEFORE it is stored in the Postfix mail queue. It is roughly
+equivalent in capabilities to the approach described in <a href="MILTER_README.html">MILTER_README</a>,
+except that the latter uses a dedicated protocol instead of SMTP.
 
 <p> The before-queue content filter is meant to be used as follows: </p>
 
diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html
index c90f9c545..f73bc3bef 100644
--- a/postfix/html/access.5.html
+++ b/postfix/html/access.5.html
@@ -20,8 +20,8 @@ ACCESS(5)                                                            ACCESS(5)
        This  document  describes  access  control  on remote SMTP
        client information: host  names,  network  addresses,  and
        envelope  sender or recipient addresses; it is implemented
-       by the  Postfix  SMTP  server.   See  <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5)  or
-       <b><a href="postconf.5.html#body_checks">body_checks</a></b>(5)  for access control on the content of email
+       by the  Postfix  SMTP  server.   See  <a href="header_checks.5.html"><b>header_checks</b>(5)</a>  or
+       <a href="header_checks.5.html"><b>body_checks</b>(5)</a>  for access control on the content of email
        messages.
 
        Normally, the <a href="access.5.html"><b>access</b>(5)</a> table is specified as a text  file
diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html
index 2cd0ceec3..ee7571c32 100644
--- a/postfix/html/cleanup.8.html
+++ b/postfix/html/cleanup.8.html
@@ -102,12 +102,12 @@ CLEANUP(8)                                                          CLEANUP(8)
 
        <b><a href="postconf.5.html#body_checks">body_checks</a> (empty)</b>
               Optional  lookup  tables  for content inspection as
-              specified in the <b><a href="postconf.5.html#body_checks">body_checks</a></b>(5) manual page.
+              specified in the <a href="header_checks.5.html"><b>body_checks</b>(5)</a> manual page.
 
        <b><a href="postconf.5.html#header_checks">header_checks</a> (empty)</b>
               Optional lookup tables for  content  inspection  of
               primary  non-MIME  message headers, as specified in
-              the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
+              the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual page.
 
        Available in Postfix version 2.0 and later:
 
@@ -119,12 +119,12 @@ CLEANUP(8)                                                          CLEANUP(8)
        <b><a href="postconf.5.html#mime_header_checks">mime_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
               Optional lookup tables for  content  inspection  of
               MIME  related  message headers, as described in the
-              <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
+              <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual page.
 
        <b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a> ($<a href="postconf.5.html#header_checks">header_checks</a>)</b>
               Optional lookup tables for  content  inspection  of
               non-MIME  message  headers in attached messages, as
-              described in the <b><a href="postconf.5.html#header_checks">header_checks</a></b>(5) manual page.
+              described in the <a href="header_checks.5.html"><b>header_checks</b>(5)</a> manual page.
 
        Available in Postfix version 2.3 and later:
 
diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html
index 18b17040e..0edb3fde2 100644
--- a/postfix/html/header_checks.5.html
+++ b/postfix/html/header_checks.5.html
@@ -21,7 +21,7 @@ HEADER_CHECKS(5)                                              HEADER_CHECKS(5)
 <b>DESCRIPTION</b>
        This  document  describes access control on the content of
        message headers and message body lines; it is  implemented
-       by  the  Postfix  <a href="cleanup.8.html">cleanup(8)</a> server before mail is queued.
+       by  the  Postfix  <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server before mail is queued.
        See <a href="access.5.html"><b>access</b>(5)</a> for access control  on  remote  SMTP  client
        information.
 
diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5
index 63d625376..a961476f8 100644
--- a/postfix/man/man5/header_checks.5
+++ b/postfix/man/man5/header_checks.5
@@ -22,7 +22,7 @@ Postfix built-in content inspection
 .fi
 This document describes access control on the content of
 message headers and message body lines; it is implemented
-by the Postfix cleanup(8) server before mail is queued.
+by the Postfix \fBcleanup\fR(8) server before mail is queued.
 See \fBaccess\fR(5) for access control on remote SMTP client
 information.
 
diff --git a/postfix/mantools/postlink b/postfix/mantools/postlink
index 77768dd57..4088d6982 100755
--- a/postfix/mantools/postlink
+++ b/postfix/mantools/postlink
@@ -677,6 +677,9 @@ while (<>) {
     s/[<bB>]*vir[-<\/bB>]*\n*[ <bB>]*tual[<\/bB>]*\(8\)/<a href="virtual.8.html">$&<\/a>/g;
     s/[<bB>]*cidr_ta[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="cidr_table.5.html">$&<\/a>/g;
     s/[<bB>]*tcp_ta[-<\/bB>]*\n*[ <bB>]*ble[<\/bB>]*\(5\)/<a href="tcp_table.5.html">$&<\/a>/g;
+    # Workaround...
+    s/<b><a href="postconf.5.html#body_checks">body_checks<\/a><\/b>\(5\)/<b>body_checks<\/b>(5)/;
+    s/<b><a href="postconf.5.html#header_checks">header_checks<\/a><\/b>\(5\)/<b>header_checks<\/b>(5)/;
     s/[<bB>]*body_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
     s/[<bB>]*header_checks[<\/bB>]*\(5\)/<a href="header_checks.5.html">$&<\/a>/g;
 
diff --git a/postfix/postfix-install b/postfix/postfix-install
index fac59dc2f..28258ea5d 100644
--- a/postfix/postfix-install
+++ b/postfix/postfix-install
@@ -686,22 +686,28 @@ do
 
      # Hard link. Skip files that are not installed.
 
-     h) eval echo $path | (IFS=/ read prefix file; test "$prefix" = "no" || (
-	    eval dest_path=$install_root$path
-	    check_parent $dest_path || exit 1
-	    eval source_path=$install_root$source
-	    compare_or_hardlink $source_path $dest_path || exit 1
-	)) || exit 1
+     h) eval echo $path | (
+	    IFS=/ read prefix file; IFS="$BACKUP_IFS"
+	    test "$prefix" = "no" || (
+		eval dest_path=$install_root$path
+		check_parent $dest_path || exit 1
+		eval source_path=$install_root$source
+		compare_or_hardlink $source_path $dest_path || exit 1
+	    )
+	) || exit 1
 	continue;;
 
      # Symbolic link. Skip files that are not installed.
 
-     l) eval echo $path | (IFS=/ read prefix file; test "$prefix" = "no" || (
-	    eval dest_path=$install_root$path
-	    check_parent $dest_path || exit 1
-	    eval source_path=$install_root$source
-	    compare_or_symlink $source_path $dest_path || exit 1
-	)) || exit 1
+     l) eval echo $path | (
+	    IFS=/ read prefix file; IFS="$BACKUP_IFS"
+	    test "$prefix" = "no" || (
+		eval dest_path=$install_root$path
+		check_parent $dest_path || exit 1
+		eval source_path=$install_root$source
+		compare_or_symlink $source_path $dest_path || exit 1
+	    )
+	) || exit 1
 	continue;;
 
      *) echo $0: Error: unknown type $type for $path in conf/postfix-files 1>&2
diff --git a/postfix/proto/BUILTIN_FILTER_README.html b/postfix/proto/BUILTIN_FILTER_README.html
index ca22737ac..dbda9519c 100644
--- a/postfix/proto/BUILTIN_FILTER_README.html
+++ b/postfix/proto/BUILTIN_FILTER_README.html
@@ -37,8 +37,8 @@ is given in the BACKSCATTER_README document.  </p>
 worms and virus outbreaks, it has <a href="#limitations">limitations</a>
 that make it NOT suitable for general junk email and virus detection.
 For that, you should use one of the external content inspection
-methods that are described in the FILTER_README and SMTPD_PROXY_README
-documents.  </p>
+methods that are described in the FILTER_README, SMTPD_PROXY_README
+and MILTER_README documents.  </p>
 
 <p> The following diagram gives an over-all picture of how Postfix
 built-in content inspection works: </p>
diff --git a/postfix/proto/SMTPD_PROXY_README.html b/postfix/proto/SMTPD_PROXY_README.html
index 0972052fb..114a1767e 100644
--- a/postfix/proto/SMTPD_PROXY_README.html
+++ b/postfix/proto/SMTPD_PROXY_README.html
@@ -27,8 +27,10 @@ href="#pros_cons">Pros and Cons</a>" section below for details.
 <h2>The Postfix before-queue content filter feature</h2>
 
 <p> As of version 2.1, the Postfix SMTP server can forward all
-incoming mail to a content filtering proxy server that inspects
-all mail BEFORE it is stored in the Postfix mail queue. </p>
+incoming mail to a content filtering proxy server that inspects all
+mail BEFORE it is stored in the Postfix mail queue. It is roughly
+equivalent in capabilities to the approach described in MILTER_README,
+except that the latter uses a dedicated protocol instead of SMTP.
 
 <p> The before-queue content filter is meant to be used as follows: </p>
 
diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks
index c59ecbeab..ae73e1df0 100644
--- a/postfix/proto/header_checks
+++ b/postfix/proto/header_checks
@@ -16,7 +16,7 @@
 # DESCRIPTION
 #	This document describes access control on the content of
 #	message headers and message body lines; it is implemented
-#	by the Postfix cleanup(8) server before mail is queued.
+#	by the Postfix \fBcleanup\fR(8) server before mail is queued.
 #	See \fBaccess\fR(5) for access control on remote SMTP client
 #	information.
 #
diff --git a/postfix/src/cleanup/cleanup_api.c b/postfix/src/cleanup/cleanup_api.c
index 4f402b6b7..ffcd93f80 100644
--- a/postfix/src/cleanup/cleanup_api.c
+++ b/postfix/src/cleanup/cleanup_api.c
@@ -297,8 +297,8 @@ int     cleanup_flush(CLEANUP_STATE *state)
 #endif
 	    mail_stream_ctl(state->handle,
 			    MAIL_STREAM_CTL_QUEUE, state->queue_name,
-			    MAIL_STREAM_CTL_CLASS, 0,
-			    MAIL_STREAM_CTL_SERVICE, 0,
+			    MAIL_STREAM_CTL_CLASS, (char *) 0,
+			    MAIL_STREAM_CTL_SERVICE, (char *) 0,
 #ifdef DELAY_ACTION
 			    MAIL_STREAM_CTL_DELAY, state->defer_delay,
 #endif
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index ca0172e06..ef6f87b4e 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20070328"
-#define MAIL_VERSION_NUMBER	"2.4.0"
+#define MAIL_RELEASE_DATE	"20070402"
+#define MAIL_VERSION_NUMBER	"2.4.1-RC1"
 
 #ifdef SNAPSHOT
 # define MAIL_VERSION_DATE	"-" MAIL_RELEASE_DATE
diff --git a/postfix/src/master/multi_server.c b/postfix/src/master/multi_server.c
index ede015d8b..9e69fd913 100644
--- a/postfix/src/master/multi_server.c
+++ b/postfix/src/master/multi_server.c
@@ -336,14 +336,17 @@ static void multi_server_wakeup(int fd)
     char   *tmp;
 
 #if defined(F_DUPFD) && (EVENTS_STYLE != EVENTS_STYLE_SELECT)
+#ifndef THRESHOLD_FD_WORKAROUND
+#define THRESHOLD_FD_WORKAROUND 128
+#endif
     int     new_fd;
 
     /*
      * Leave some handles < FD_SETSIZE for DBMS libraries, in the unlikely
      * case of a multi-server with a thousand clients.
      */
-    if (fd < FD_SETSIZE / 8) {
-	if ((new_fd = fcntl(fd, F_DUPFD, FD_SETSIZE / 8)) < 0)
+    if (fd < THRESHOLD_FD_WORKAROUND) {
+	if ((new_fd = fcntl(fd, F_DUPFD, THRESHOLD_FD_WORKAROUND)) < 0)
 	    msg_fatal("fcntl F_DUPFD: %m");
 	(void) close(fd);
 	fd = new_fd;
diff --git a/postfix/src/oqmgr/qmgr_transport.c b/postfix/src/oqmgr/qmgr_transport.c
index cc9fdebc4..ad036e8e9 100644
--- a/postfix/src/oqmgr/qmgr_transport.c
+++ b/postfix/src/oqmgr/qmgr_transport.c
@@ -342,8 +342,11 @@ void    qmgr_transport_alloc(QMGR_TRANSPORT *transport, QMGR_TRANSPORT_ALLOC_NOT
 	return;
     }
 #if (EVENTS_STYLE != EVENTS_STYLE_SELECT) && defined(VSTREAM_CTL_DUPFD)
+#ifndef THRESHOLD_FD_WORKAROUND
+#define THRESHOLD_FD_WORKAROUND 128
+#endif
     vstream_control(alloc->stream,
-		    VSTREAM_CTL_DUPFD, FD_SETSIZE / 8,
+		    VSTREAM_CTL_DUPFD, THRESHOLD_FD_WORKAROUND,
 		    VSTREAM_CTL_END);
 #endif
     event_enable_read(vstream_fileno(alloc->stream), qmgr_transport_event,
diff --git a/postfix/src/qmgr/qmgr_transport.c b/postfix/src/qmgr/qmgr_transport.c
index 3925a5437..f539a1754 100644
--- a/postfix/src/qmgr/qmgr_transport.c
+++ b/postfix/src/qmgr/qmgr_transport.c
@@ -347,8 +347,11 @@ void    qmgr_transport_alloc(QMGR_TRANSPORT *transport, QMGR_TRANSPORT_ALLOC_NOT
 	return;
     }
 #if (EVENTS_STYLE != EVENTS_STYLE_SELECT) && defined(VSTREAM_CTL_DUPFD)
+#ifndef THRESHOLD_FD_WORKAROUND
+#define THRESHOLD_FD_WORKAROUND 128
+#endif
     vstream_control(alloc->stream,
-		    VSTREAM_CTL_DUPFD, FD_SETSIZE / 8,
+		    VSTREAM_CTL_DUPFD, THRESHOLD_FD_WORKAROUND,
 		    VSTREAM_CTL_END);
 #endif
     event_enable_read(vstream_fileno(alloc->stream), qmgr_transport_event,