From c302f4a4bf9d604bf4db1f21d3dd8ec09362a134 Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Tue, 15 Jun 2004 00:00:00 -0500
Subject: [PATCH] postfix-2.1.2

---
 postfix/HISTORY                               | 17 +++++
 postfix/README_FILES/SMTPD_POLICY_README      |  4 +-
 postfix/RELEASE_NOTES                         | 14 ++--
 postfix/conf/header_checks                    |  4 +-
 postfix/conf/main.cf                          |  2 +-
 postfix/html/SMTPD_POLICY_README.html         |  4 +-
 postfix/html/header_checks.5.html             |  4 +-
 postfix/html/pickup.8.html                    |  4 +-
 postfix/html/postconf.5.html                  | 21 ++----
 postfix/html/proxymap.8.html                  |  2 +-
 postfix/html/qmgr.8.html                      |  6 +-
 postfix/html/smtpd.8.html                     | 73 +++++++++----------
 postfix/html/spawn.8.html                     |  2 +-
 postfix/html/trivial-rewrite.8.html           | 14 ++--
 postfix/man/man5/header_checks.5              |  4 +-
 postfix/man/man5/postconf.5                   | 23 ++----
 postfix/man/man8/pickup.8                     |  2 +-
 postfix/man/man8/proxymap.8                   |  4 +-
 postfix/man/man8/qmgr.8                       |  4 +-
 postfix/man/man8/smtpd.8                      |  7 +-
 postfix/man/man8/spawn.8                      |  2 +-
 postfix/man/man8/trivial-rewrite.8            |  2 +-
 postfix/mantools/postconf2man                 |  2 +-
 postfix/proto/header_checks                   |  4 +-
 postfix/proto/postconf.proto                  | 21 ++----
 postfix/src/global/bounce.c                   | 18 +++--
 postfix/src/global/defer.c                    |  8 +-
 postfix/src/global/mail_version.h             |  4 +-
 postfix/src/global/sent.c                     | 13 +++-
 postfix/src/global/trace.c                    |  4 +-
 postfix/src/global/verify.c                   | 10 ++-
 postfix/src/pickup/pickup.c                   |  2 +-
 postfix/src/proxymap/proxymap.c               |  4 +-
 postfix/src/qmgr/qmgr.c                       |  4 +-
 postfix/src/smtp/smtp_connect.c               | 14 +++-
 postfix/src/smtpd/smtpd.c                     |  7 +-
 postfix/src/smtpd/smtpd_proxy.h               |  4 +-
 postfix/src/spawn/spawn.c                     |  2 +-
 postfix/src/trivial-rewrite/trivial-rewrite.c |  2 +-
 postfix/src/util/sys_defs.h                   |  9 ++-
 40 files changed, 183 insertions(+), 168 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index f3b1d1cbe..79e35685e 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -9356,3 +9356,20 @@ Apologies for any names omitted.
 
 	Bugfix: missing "sasl enabled" guard in the SMTPD policy
 	client.  File: smtpd/smtpd_check.c.
+
+20040614
+
+	Bugfix: the SMTP client did not reset per-session EHLO,
+	SASL, and history information when opening a connection to
+	an alternate SMTP server.  This is the result of abstraction
+	no longer matching function. Reported and diagnosed by
+	Victor Duchovni, Morgan Stanley.
+
+	Bugfix: non-portable reuse of variadic argument lists.
+	Fix by Victor Duchovni, Morgan Stanley. Files:  global/bounce.c,
+	global/defer.c, global/sent.c, global/trace.c, global/verify.c.
+
+	Portability: NetBSD 2.0 has changed from statfs to statvfs.
+	John Heasley. File: util/sys_defs.h.
+
+	Documentation: typo fixes by IKEDA Nozomu.
diff --git a/postfix/README_FILES/SMTPD_POLICY_README b/postfix/README_FILES/SMTPD_POLICY_README
index d962d8c87..b485acf95 100644
--- a/postfix/README_FILES/SMTPD_POLICY_README
+++ b/postfix/README_FILES/SMTPD_POLICY_README
@@ -145,7 +145,7 @@ NOTES:
   * Solaris UNIX-domain sockets do not work reliably. Use TCP sockets instead:
 
      1 /etc/postfix/master.cf:
-     2     127.0.0.1:9998  unix  -       n       n       -       -       spawn
+     2     127.0.0.1:9998  inet  n       n       n       -       -       spawn
      3       user=nobody argv=/some/where/policy-server
      4
      5 /etc/postfix/main.cf:
@@ -235,7 +235,7 @@ On Solaris you must use inet: style sockets instead of unix: style, as detailed
 in the "Policy client/server configuration" section above.
 
     1 /etc/postfix/master.cf:
-    2     127.0.0.1:9998  unix  -       n       n       -       -       spawn
+    2     127.0.0.1:9998  inet  n       n       n       -       -       spawn
     3       user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
     4
     5 /etc/postfix/main.cf:
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index 87e3d5b1d..d88b93e04 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -15,14 +15,12 @@ snapshot releases.
 Major changes - critical
 ------------------------
 
-If you run Postfix 1.x or earlier then you must stop Postfix before
-upgrading. This is because the master-child protocols have changed,
-and very little will work with the old master daemon process.
-
-[Incompat 20021119] You can upgrade Postfix 2.0 without stopping.
-After upgrading an existing Postfix 2.0 system you must use "postfix
-reload".  Some internal protocols have changed, but the master-child
-protocols are the same as with Postfix 2.0.
+If you run Postfix 2.0 or earlier then you must stop Postfix before
+upgrading. The master-child protocols have changed between Postfix
+1.1 and 2.0, and version 2.1 sometimes writes queue files that the
+2.0 and earlier queue managers complain about. If this happens move
+the files from the corrupt directory to the maildrop directory and
+give them another chance.
 
 [Incompat 20021119] The Postfix upgrade procedure will add two new
 services to your master.cf file: "trace" and "verify". These servers
diff --git a/postfix/conf/header_checks b/postfix/conf/header_checks
index dcb25d5ae..cc01dfd44 100644
--- a/postfix/conf/header_checks
+++ b/postfix/conf/header_checks
@@ -303,9 +303,9 @@
 #        exploit.
 # 
 #        /etc/postfix/main.cf:
-#            header_checks = regexp:/etc/postfix/header_checks
+#            body_checks = regexp:/etc/postfix/body_checks
 # 
-#        /etc/postfix/header_checks:
+#        /etc/postfix/body_checks:
 #            /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
 #                REJECT IFRAME vulnerability exploit
 # 
diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf
index 098bec500..272d98661 100644
--- a/postfix/conf/main.cf
+++ b/postfix/conf/main.cf
@@ -498,7 +498,7 @@ unknown_local_recipient_reject_code = 550
 # JUNK MAIL CONTROLS
 # 
 # The controls listed here are only a very small subset. The file
-# SPTMD_ACCESS_README provides an overview.
+# SMTPD_ACCESS_README provides an overview.
 
 # The header_checks parameter specifies an optional table with patterns
 # that each logical message header is matched against, including
diff --git a/postfix/html/SMTPD_POLICY_README.html b/postfix/html/SMTPD_POLICY_README.html
index 93081a54e..5f6903478 100644
--- a/postfix/html/SMTPD_POLICY_README.html
+++ b/postfix/html/SMTPD_POLICY_README.html
@@ -216,7 +216,7 @@ TCP sockets instead: </p>
 <blockquote>
 <pre>
  1 /etc/postfix/master.cf:
- 2     127.0.0.1:9998  unix  -       n       n       -       -       spawn
+ 2     127.0.0.1:9998  inet  n       n       n       -       -       spawn
  3       user=nobody argv=/some/where/policy-server
  4 
  5 /etc/postfix/main.cf:
@@ -340,7 +340,7 @@ client/server configuration</a>" section above.  </p>
 <blockquote>
 <pre>
 1 /etc/postfix/master.cf:
-2     127.0.0.1:9998  unix  -       n       n       -       -       spawn
+2     127.0.0.1:9998  inet  n       n       n       -       -       spawn
 3       user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
 4 
 5 /etc/postfix/main.cf:
diff --git a/postfix/html/header_checks.5.html b/postfix/html/header_checks.5.html
index f4580ce1d..5a0c26d92 100644
--- a/postfix/html/header_checks.5.html
+++ b/postfix/html/header_checks.5.html
@@ -309,9 +309,9 @@ HEADER_CHECKS(5)                                 HEADER_CHECKS(5)
        exploit.
 
        /etc/postfix/main.cf:
-           <a href="postconf.5.html#header_checks">header_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/header_checks
+           <a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks
 
-       /etc/postfix/header_checks:
+       /etc/postfix/body_checks:
            /^&lt;iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0&gt;$/
                REJECT IFRAME vulnerability exploit
 
diff --git a/postfix/html/pickup.8.html b/postfix/html/pickup.8.html
index ad7e6ac17..7688047f4 100644
--- a/postfix/html/pickup.8.html
+++ b/postfix/html/pickup.8.html
@@ -43,8 +43,8 @@ PICKUP(8)                                               PICKUP(8)
        unfiltered user data.
 
 <b>CONFIGURATION PARAMETERS</b>
-       As the pickup daemon is a relatively long-running process,
-       up  to  an  hour  may  pass  before a <b>main.cf</b> change takes
+       As the <a href="pickup.8.html">pickup(8)</a> daemon is a relatively long-running  pro-
+       cess, up to an hour may pass before a <b>main.cf</b> change takes
        effect.  Use the command "<b>postfix reload</b>" command to speed
        up a change.
 
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index d2836b4d5..47b03d4aa 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -733,6 +733,7 @@ below it),  "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patt
 pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
 is matched when a table entry matches a lookup string (the lookup
 result is ignored).  Continue long lines by starting the next line
+with whitespace. </p>
 
 
 </DD>
@@ -1546,7 +1547,7 @@ This feature is available in Postfix 2.0 and later.
 The names of message delivery transports that should not be delivered
 to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
 or more names of mail delivery transports names that appear in the
-first field of master.cf).
+first field of master.cf.
 </p>
 
 <p>
@@ -3852,7 +3853,7 @@ The error classes are:
 <dd>Send the postmaster copies of the headers of bounced mail, and
 send transcripts of SMTP sessions when Postfix rejects mail. The
 notification is sent to the address specified with the
-<a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter (default: postmaster)
+<a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter (default: postmaster).
 </dd>
 
 <dt><b>2bounce</b></dt>
@@ -4582,13 +4583,6 @@ recipient addresses with $<a href="postconf.5.html#relay_recipient_maps">relay_r
 recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
 <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
 
-<p> The list of domains that are by default delivered via the
-$<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport. By default this is the
-Postfix <a href="local.8.html">local(8)</a> delivery agent which looks up all recipients in
-/etc/passwd and /etc/aliases. The SMTP server validates recipient
-addresses with $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>. See also the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a>
-address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file.  </p>
-
 <p> NOTE: Postfix will not automatically forward mail for domains
 that list this system as their primary or backup MX host. See the
 <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page.  </p>
@@ -5245,7 +5239,7 @@ This feature is available in Postfix 2.1 and later.
 
 <p>
 The maximal length of message header and body lines that Postfix
-will send via SMTP.  Longer lines are longer are broken by inserting
+will send via SMTP.  Longer lines are broken by inserting
 "&lt;CR&gt;&lt;LF&gt;&lt;SPACE&gt;". This minimizes the damage to
 MIME formatted mail.
 </p>
@@ -5765,7 +5759,7 @@ restrictions.
 <p>
 By default, clients in trusted networks are excluded. Specify a
 list of network blocks, hostnames or .domain names (the initial
-initial dot causes the domain to match any name below it).
+dot causes the domain to match any name below it).
 </p>
 
 <p>
@@ -6407,7 +6401,7 @@ supposed to give the result to another Postfix SMTP server process.
 </p>
 
 <p> Specify host:port. The host can be specified as an IP address
-or was a symbolic name; no MX lookups are done. When no host or
+or as a symbolic name; no MX lookups are done. When no host or
 host:  are specified, the local machine is assumed.  </p>
 
 <p> This feature is available in Postfix 2.1 and later.  </p>
@@ -6606,8 +6600,7 @@ address. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_
 the response code for rejected requests (default: 450).  The response
 is always 450 in case of a temporary DNS error.</dd>
 
-<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b>
-(Postfix 2.0 name: check_recipient_maps)</dt>
+<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (Postfix 2.0 name: check_recipient_maps)</dt>
 
 <dd> Reject the request when the RCPT TO address is not listed in
 the list of valid recipients for its domain class. See the
diff --git a/postfix/html/proxymap.8.html b/postfix/html/proxymap.8.html
index 4c29654f3..6d5afdc93 100644
--- a/postfix/html/proxymap.8.html
+++ b/postfix/html/proxymap.8.html
@@ -44,7 +44,7 @@ PROXYMAP(8)                                           PROXYMAP(8)
               Open the table with type <i>maptype</i> and name  <i>mapname</i>,
               as controlled by <i>flags</i>. The reply includes the <i>map-</i>
               <i>type</i> dependent flags (to distinguish a fixed string
-              table from regular a expression table).
+              table from a regular expression table).
 
        <b>lookup</b> <i>maptype:mapname flags key</i>
               Look  up  the  data stored under the requested key.
diff --git a/postfix/html/qmgr.8.html b/postfix/html/qmgr.8.html
index 39af6a58e..fe9050aa7 100644
--- a/postfix/html/qmgr.8.html
+++ b/postfix/html/qmgr.8.html
@@ -63,8 +63,8 @@ QMGR(8)                                                   QMGR(8)
               <a href="defer.8.html"><b>defer</b>(8)</a> daemon.
 
        <b>trace</b>  Per-recipient status information as requested  with
-              the  Postfix  "<b>sendmail  -v</b>" or "<b>sendmail -bv" com-</b>
-              <b>mand</b>.  These files are maintained by  the  <a href="trace.8.html"><b>trace</b>(8)</a>
+              the  Postfix  "<b>sendmail  -v</b>" or "<b>sendmail -bv</b>" com-
+              mand.  These files are maintained by  the  <a href="trace.8.html"><b>trace</b>(8)</a>
               daemon.
 
        The  <b>qmgr</b>  daemon is responsible for asking the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
@@ -365,7 +365,7 @@ QMGR(8)                                                   QMGR(8)
 <b>SEE ALSO</b>
        <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing
        <a href="bounce.8.html">bounce(8)</a>, delivery status reports
-       <a href="postconf.5.html">postconf(5)</a> configuration parameters
+       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
        <a href="master.8.html">master(8)</a>, process manager
        syslogd(8) system logging
 
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 242c121c4..7744fe394 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -434,6 +434,8 @@ SMTPD(8)                                                 SMTPD(8)
               Postfix SMTP server starts to increment  the  error
               counter with each junk command.
 
+       Available in Postfix version 2.1 and later:
+
        <b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
               The  number of recipients that a remote SMTP client
               can send in excess  of  the  limit  specified  with
@@ -447,12 +449,8 @@ SMTPD(8)                                                 SMTPD(8)
        outside  Postfix.   See  the  file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
        more information.
 
-       <b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
-              The time limit for connecting  to,  writing  to  or
-              receiving from a delegated SMTPD policy server.
-
        <b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
-              The  time  after which an idle SMTPD policy service
+              The time after which an idle SMTPD  policy  service
               connection is closed.
 
        <b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b>
@@ -460,107 +458,108 @@ SMTPD(8)                                                 SMTPD(8)
               connection is closed.
 
        <b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
-              The  time  limit  for  connecting to, writing to or
+              The time limit for connecting  to,  writing  to  or
               receiving from a delegated SMTPD policy server.
 
 <b>ACCESS CONTROLS</b>
-       The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction  to
+       The  <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
        all the SMTP server access control features.
 
        <b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b>
-              Wait  until  the  RCPT TO command before evaluating
+              Wait until the RCPT TO  command  before  evaluating
               $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>,    $smtpd_helo_restric-
               tions and $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until
-              the     ETRN     command     before      evaluating
+              the      ETRN     command     before     evaluating
               $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $smtpd_helo_restric-
               tions.
 
-       <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf  -d'  out-</b>
+       <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a>  (see  'postconf -d' out-</b>
        <b>put)</b>
               What   Postfix   features   match   subdomains   of
               "domain.tld" automatically, instead of requiring an
               explicit ".domain.tld" pattern.
 
        <b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b>
-              Optional SMTP server  access  restrictions  in  the
+              Optional  SMTP  server  access  restrictions in the
               context of a client SMTP connection request.
 
        <b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b>
               Require that a remote SMTP client introduces itself
-              at the beginning of an SMTP session with  the  HELO
+              at  the  beginning of an SMTP session with the HELO
               or EHLO command.
 
        <b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b>
-              Optional  restrictions that the Postfix SMTP server
+              Optional restrictions that the Postfix SMTP  server
               applies in the context of the SMTP HELO command.
 
        <b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b>
-              Optional restrictions that the Postfix SMTP  server
+              Optional  restrictions that the Postfix SMTP server
               applies in the context of the MAIL FROM command.
 
        <b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a>           (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,</b>
        <b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b>
               The  access  restrictions  that  the  Postfix  SMTP
-              server applies in the context of the RCPT  TO  com-
+              server  applies  in the context of the RCPT TO com-
               mand.
 
        <b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b>
-              Optional  SMTP  server  access  restrictions in the
+              Optional SMTP server  access  restrictions  in  the
               context of a client ETRN request.
 
        <b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b>
-              Forward   mail   with   sender-specified    routing
-              (user[@%!]remote[@%!]site)  from  untrusted clients
+              Forward    mail   with   sender-specified   routing
+              (user[@%!]remote[@%!]site) from  untrusted  clients
               to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
 
        <b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b>
-              User-defined aliases for groups of access  restric-
+              User-defined  aliases for groups of access restric-
               tions.
 
        <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b>&lt;&gt;<b>)</b>
-              The  lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables
+              The lookup key to be used in SMTP <a href="access.5.html">access(5)</a>  tables
               instead of the null sender address.
 
        <b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
               Restrict  the  use  of  the  <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a>  SMTP
-              access  feature  to  only  domains whose primary MX
+              access feature to only  domains  whose  primary  MX
               hosts match the listed networks.
 
        Available in Postfix version 2.0 and later:
 
        <b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b>
-              Optional access restrictions that the Postfix  SMTP
+              Optional  access restrictions that the Postfix SMTP
               server applies in the context of the SMTP DATA com-
               mand.
 
        <b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b>
-              What characters are allowed in $name expansions  of
+              What  characters are allowed in $name expansions of
               RBL reply templates.
 
        Available in Postfix version 2.1 and later:
 
        <b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b>
-              Request  that  the Postfix SMTP server rejects mail
-              from  unknown  sender  addresses,  even   when   no
-              explicit  <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
+              Request that the Postfix SMTP server  rejects  mail
+              from   unknown   sender  addresses,  even  when  no
+              explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access  restriction
               is specified.
 
        <b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b>
-              Request that the Postfix SMTP server  rejects  mail
+              Request  that  the Postfix SMTP server rejects mail
               for  unknown  recipient  addresses,  even  when  no
-              explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access  restric-
+              explicit  <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
               tion is specified.
 
 <b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
-       Postfix  version 2.1 introduces sender and address verifi-
-       cation.  This feature  is  implemented  by  sending  probe
-       email messages that are not actually delivered.  This fea-
-       ture is requested  via  the  <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a>  and
-       <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access restrictions.  The sta-
-       tus of verification probes is maintained by the  <a href="verify.8.html">verify(8)</a>
-       server.   See  the  file  <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a>  for
-       information about how to configure and operate the Postfix
-       sender/recipient address verification service.
+       Postfix  version  2.1  introduces  sender  and   recipient
+       address  verification.   This  feature  is  implemented by
+       sending probe email messages that are not actually  deliv-
+       ered.   This  feature  is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
+       <a href="postconf.5.html#reject_unverified_sender">fied_sender</a>   and    <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>    access
+       restrictions.   The status of verification probes is main-
+       tained by the <a href="verify.8.html">verify(8)</a> server.  See the file ADDRESS_VER-
+       <a href="IFICATION_README.html">IFICATION_README</a>  for  information  about how to configure
+       and operate the Postfix sender/recipient address verifica-
+       tion service.
 
        <b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
               How  many  times to query the <a href="verify.8.html">verify(8)</a> service for
diff --git a/postfix/html/spawn.8.html b/postfix/html/spawn.8.html
index b1820ee7c..77e203a9b 100644
--- a/postfix/html/spawn.8.html
+++ b/postfix/html/spawn.8.html
@@ -66,7 +66,7 @@ SPAWN(8)                                                 SPAWN(8)
        data-driven attacks.
 
 <b>CONFIGURATION PARAMETERS</b>
-       Changes to <b>main.cf</b> are picked up automatically as <a href="smtpd.8.html">smtpd(8)</a>
+       Changes to <b>main.cf</b> are picked up automatically as <a href="spawn.8.html">spawn(8)</a>
        processes run for only a limited amount of time.  Use  the
        command "<b>postfix reload</b>" to speed up a change.
 
diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html
index f6e6ba824..bd3cfb7f1 100644
--- a/postfix/html/trivial-rewrite.8.html
+++ b/postfix/html/trivial-rewrite.8.html
@@ -156,13 +156,13 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
               destination).
 
 <b>ADDRESS VERIFICATION CONTROLS</b>
-       Postfix version 2.1 introduces sender and address  verifi-
-       cation.   This  feature  is  implemented  by sending probe
-       email  messages  that  are  not  actually  delivered.   By
-       default, address verification probes use the same route as
-       regular mail. To  override  specific  aspects  of  message
-       routing  for  address  verification probes, specify one or
-       more of the following:
+       Postfix  version  2.1  introduces  sender  and   recipient
+       address  verification.   This  feature  is  implemented by
+       sending probe email messages that are not actually  deliv-
+       ered.   By  default,  address  verification probes use the
+       same route as regular mail. To override  specific  aspects
+       of  message routing for address verification probes, spec-
+       ify one or more of the following:
 
        <b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
               Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for
diff --git a/postfix/man/man5/header_checks.5 b/postfix/man/man5/header_checks.5
index 246ecddfd..866d68831 100644
--- a/postfix/man/man5/header_checks.5
+++ b/postfix/man/man5/header_checks.5
@@ -292,9 +292,9 @@ Body pattern to stop a specific HTML browser vulnerability exploit.
 .nf
 /etc/postfix/main.cf:
 .ti +4
-header_checks = regexp:/etc/postfix/header_checks
+body_checks = regexp:/etc/postfix/body_checks
 
-/etc/postfix/header_checks:
+/etc/postfix/body_checks:
 .ti +4
 /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
 .ti +8
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 7379efd13..c207c546c 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -388,6 +388,7 @@ below it),  "/file/name" or "type:table" patterns.  A "/file/name"
 pattern is replaced by its contents; a "type:table" lookup table
 is matched when a table entry matches a lookup string (the lookup
 result is ignored).  Continue long lines by starting the next line
+with whitespace.
 .SH backwards_bounce_logfile_compatibility (default: yes)
 Produce additional bounce(8) logfile records that can be read by
 older Postfix versions. The current and more extensible "name =
@@ -796,7 +797,7 @@ This feature is available in Postfix 2.0 and later.
 The names of message delivery transports that should not be delivered
 to unless someone issues "\fBsendmail -q\fR" or equivalent. Specify zero
 or more names of mail delivery transports names that appear in the
-first field of master.cf).
+first field of master.cf.
 .PP
 Example:
 .PP
@@ -1969,7 +1970,7 @@ The error classes are:
 Send the postmaster copies of the headers of bounced mail, and
 send transcripts of SMTP sessions when Postfix rejects mail. The
 notification is sent to the address specified with the
-bounce_notice_recipient configuration parameter (default: postmaster)
+bounce_notice_recipient configuration parameter (default: postmaster).
 .IP "\fB2bounce\fR"
 Send undeliverable bounced mail to the postmaster. The notification
 is sent to the address specified with the 2bounce_notice_recipient
@@ -2365,13 +2366,6 @@ recipient addresses with $relay_recipient_maps and rejects non-existent
 recipients. See also the relay domains address class in the
 ADDRESS_CLASS_README file.
 .PP
-The list of domains that are by default delivered via the
-$local_transport mail delivery transport. By default this is the
-Postfix local(8) delivery agent which looks up all recipients in
-/etc/passwd and /etc/aliases. The SMTP server validates recipient
-addresses with $local_recipient_maps. See also the local domain
-address class in the ADDRESS_CLASS_README file.
-.PP
 NOTE: Postfix will not automatically forward mail for domains
 that list this system as their primary or backup MX host. See the
 permit_mx_backup restriction in the postconf(5) manual page.
@@ -2721,7 +2715,7 @@ Use the native service for hosts not found in the DNS.
 This feature is available in Postfix 2.1 and later.
 .SH smtp_line_length_limit (default: 990)
 The maximal length of message header and body lines that Postfix
-will send via SMTP.  Longer lines are longer are broken by inserting
+will send via SMTP.  Longer lines are broken by inserting
 "<CR><LF><SPACE>". This minimizes the damage to
 MIME formatted mail.
 .PP
@@ -2988,7 +2982,7 @@ restrictions.
 .PP
 By default, clients in trusted networks are excluded. Specify a
 list of network blocks, hostnames or .domain names (the initial
-initial dot causes the domain to match any name below it).
+dot causes the domain to match any name below it).
 .PP
 This feature is not part of the stable Postfix 2.1 release.
 .SH smtpd_client_connection_rate_limit (default: 0)
@@ -3370,7 +3364,7 @@ The proxy receives all mail from the Postfix SMTP server, and is
 supposed to give the result to another Postfix SMTP server process.
 .PP
 Specify host:port. The host can be specified as an IP address
-or was a symbolic name; no MX lookups are done. When no host or
+or as a symbolic name; no MX lookups are done. When no host or
 host:  are specified, the local machine is assumed.
 .PP
 This feature is available in Postfix 2.1 and later.
@@ -3507,9 +3501,8 @@ address.
 The unknown_address_reject_code parameter specifies
 the response code for rejected requests (default: 450).  The response
 is always 450 in case of a temporary DNS error.
-.IP "\fBreject_unlisted_recipient\fR
-(Postfix 2.0 name: check_recipient_maps)"
- Reject the request when the RCPT TO address is not listed in
+.IP "\fBreject_unlisted_recipient\fR (Postfix 2.0 name: check_recipient_maps)"
+Reject the request when the RCPT TO address is not listed in
 the list of valid recipients for its domain class. See the
 smtpd_reject_unlisted_recipient parameter description for details.
 This feature is available in Postfix 2.1 and later.
diff --git a/postfix/man/man8/pickup.8 b/postfix/man/man8/pickup.8
index b7890fd90..ccc89e32c 100644
--- a/postfix/man/man8/pickup.8
+++ b/postfix/man/man8/pickup.8
@@ -51,7 +51,7 @@ descriptor instead of file data, but then the already complex
 .nf
 .ad
 .fi
-As the pickup daemon is a relatively long-running process, up
+As the pickup(8) daemon is a relatively long-running process, up
 to an hour may pass before a \fBmain.cf\fR change takes effect.
 Use the command "\fBpostfix reload\fR" command to speed up a change.
 
diff --git a/postfix/man/man8/proxymap.8 b/postfix/man/man8/proxymap.8
index 582268d51..21efe69ba 100644
--- a/postfix/man/man8/proxymap.8
+++ b/postfix/man/man8/proxymap.8
@@ -42,8 +42,8 @@ The proxymap server implements the following requests:
 .IP "\fBopen\fR \fImaptype:mapname flags\fR"
 Open the table with type \fImaptype\fR and name \fImapname\fR,
 as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
-dependent flags (to distinguish a fixed string table from regular
-a expression table).
+dependent flags (to distinguish a fixed string table from a regular
+expression table).
 .IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
 Look up the data stored under the requested key.
 The reply is the request completion status code (below) and
diff --git a/postfix/man/man8/qmgr.8 b/postfix/man/man8/qmgr.8
index 68c1c1e17..b90e2ad98 100644
--- a/postfix/man/man8/qmgr.8
+++ b/postfix/man/man8/qmgr.8
@@ -60,7 +60,7 @@ Per-recipient status information about why mail is delayed.
 These files are maintained by the \fBdefer\fR(8) daemon.
 .IP \fBtrace\fR
 Per-recipient status information as requested with the
-Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv" command\fR.
+Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
 These files are maintained by the \fBtrace\fR(8) daemon.
 .PP
 The \fBqmgr\fR daemon is responsible for asking the
@@ -325,7 +325,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
 .nf
 trivial-rewrite(8), address routing
 bounce(8), delivery status reports
-postconf(5) configuration parameters
+postconf(5), configuration parameters
 master(8), process manager
 syslogd(8) system logging
 .SH "README FILES"
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index cf54f8704..059f42f94 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -374,6 +374,8 @@ make without delivering mail.
 The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
 SMTP client can send before the Postfix SMTP server starts to
 increment the error counter with each junk command.
+.PP
+Available in Postfix version 2.1 and later:
 .IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
 The number of recipients that a remote SMTP client can send in
 excess of the limit specified with $smtpd_recipient_limit, before
@@ -387,9 +389,6 @@ for each excess recipient.
 As of version 2.1, Postfix can be configured to delegate access
 policy decisions to an external server that runs outside Postfix.
 See the file SMTPD_POLICY_README for more information.
-.IP "\fBsmtpd_policy_service_timeout (100s)\fR"
-The time limit for connecting to, writing to or receiving from a
-delegated SMTPD policy server.
 .IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
 The time after which an idle SMTPD policy service connection is
 closed.
@@ -466,7 +465,7 @@ access restriction is specified.
 .nf
 .ad
 .fi
-Postfix version 2.1 introduces sender and address verification.
+Postfix version 2.1 introduces sender and recipient address verification.
 This feature is implemented by sending probe email messages that
 are not actually delivered.
 This feature is requested via the reject_unverified_sender and
diff --git a/postfix/man/man8/spawn.8 b/postfix/man/man8/spawn.8
index 2e42bd87f..6499fed80 100644
--- a/postfix/man/man8/spawn.8
+++ b/postfix/man/man8/spawn.8
@@ -69,7 +69,7 @@ and thus is not vulnerable to data-driven attacks.
 .nf
 .ad
 .fi
-Changes to \fBmain.cf\fR are picked up automatically as smtpd(8)
+Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
 processes run for only a limited amount of time. Use the command
 "\fBpostfix reload\fR" to speed up a change.
 
diff --git a/postfix/man/man8/trivial-rewrite.8 b/postfix/man/man8/trivial-rewrite.8
index 3243dfe43..8e997b510 100644
--- a/postfix/man/man8/trivial-rewrite.8
+++ b/postfix/man/man8/trivial-rewrite.8
@@ -144,7 +144,7 @@ Optional lookup tables with mappings from recipient address to
 .nf
 .ad
 .fi
-Postfix version 2.1 introduces sender and address verification.
+Postfix version 2.1 introduces sender and recipient address verification.
 This feature is implemented by sending probe email messages that
 are not actually delivered.
 By default, address verification probes use the same route
diff --git a/postfix/mantools/postconf2man b/postfix/mantools/postconf2man
index e1298282e..9d94c07d1 100755
--- a/postfix/mantools/postconf2man
+++ b/postfix/mantools/postconf2man
@@ -57,7 +57,7 @@ while(<>) {
     #$block =~ s/<\/ul>/\n.PP\n/g;
     $block =~ s/<\/dl>/\n/g;
     $block =~ s/<\/ul>/\n/g;
-    $block =~ s/<dd>/\n/g;
+    $block =~ s/<dd>\s*/\n/g;
     $block =~ s/<\/dd>/\n/g;
     $block =~ s/<li>\s*/\n.IP \\(bu\n/g;
     $block =~ s/<dt>\s*/\n.IP "/g;
diff --git a/postfix/proto/header_checks b/postfix/proto/header_checks
index f3a7f8359..6c46afe8c 100644
--- a/postfix/proto/header_checks
+++ b/postfix/proto/header_checks
@@ -272,9 +272,9 @@
 # .nf
 #	/etc/postfix/main.cf:
 # .ti +4
-#	header_checks = regexp:/etc/postfix/header_checks
+#	body_checks = regexp:/etc/postfix/body_checks
 #
-#	/etc/postfix/header_checks:
+#	/etc/postfix/body_checks:
 # .ti +4
 #	/^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
 # .ti +8
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index d07d2a83a..15658d663 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -1010,7 +1010,7 @@ Do not change this unless you have a complete understanding of RFC 821.
 The names of message delivery transports that should not be delivered
 to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
 or more names of mail delivery transports names that appear in the
-first field of master.cf).
+first field of master.cf.
 </p>
 
 <p>
@@ -2406,7 +2406,7 @@ The error classes are:
 <dd>Send the postmaster copies of the headers of bounced mail, and
 send transcripts of SMTP sessions when Postfix rejects mail. The
 notification is sent to the address specified with the
-bounce_notice_recipient configuration parameter (default: postmaster)
+bounce_notice_recipient configuration parameter (default: postmaster).
 </dd>
 
 <dt><b>2bounce</b></dt>
@@ -2829,13 +2829,6 @@ recipient addresses with $relay_recipient_maps and rejects non-existent
 recipients. See also the relay domains address class in the
 ADDRESS_CLASS_README file.  </p>
 
-<p> The list of domains that are by default delivered via the
-$local_transport mail delivery transport. By default this is the
-Postfix local(8) delivery agent which looks up all recipients in
-/etc/passwd and /etc/aliases. The SMTP server validates recipient
-addresses with $local_recipient_maps. See also the local domain
-address class in the ADDRESS_CLASS_README file.  </p>
-
 <p> NOTE: Postfix will not automatically forward mail for domains
 that list this system as their primary or backup MX host. See the
 permit_mx_backup restriction in the postconf(5) manual page.  </p>
@@ -3327,7 +3320,7 @@ This feature is available in Postfix 2.1 and later.
 
 <p>
 The maximal length of message header and body lines that Postfix
-will send via SMTP.  Longer lines are longer are broken by inserting
+will send via SMTP.  Longer lines are broken by inserting
 "&lt;CR&gt;&lt;LF&gt;&lt;SPACE&gt;". This minimizes the damage to
 MIME formatted mail.
 </p>
@@ -3611,6 +3604,7 @@ below it),  "/file/name" or "type:table" patterns.  A "/file/name"
 pattern is replaced by its contents; a "type:table" lookup table
 is matched when a table entry matches a lookup string (the lookup
 result is ignored).  Continue long lines by starting the next line
+with whitespace. </p>
 
 %PARAM smtpd_authorized_verp_clients $authorized_verp_clients
 
@@ -3742,7 +3736,7 @@ restrictions.
 <p>
 By default, clients in trusted networks are excluded. Specify a
 list of network blocks, hostnames or .domain names (the initial
-initial dot causes the domain to match any name below it).
+dot causes the domain to match any name below it).
 </p>
 
 <p>
@@ -4268,7 +4262,7 @@ supposed to give the result to another Postfix SMTP server process.
 </p>
 
 <p> Specify host:port. The host can be specified as an IP address
-or was a symbolic name; no MX lookups are done. When no host or
+or as a symbolic name; no MX lookups are done. When no host or
 host:  are specified, the local machine is assumed.  </p>
 
 <p> This feature is available in Postfix 2.1 and later.  </p>
@@ -4444,8 +4438,7 @@ address. <br> The unknown_address_reject_code parameter specifies
 the response code for rejected requests (default: 450).  The response
 is always 450 in case of a temporary DNS error.</dd>
 
-<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b>
-(Postfix 2.0 name: check_recipient_maps)</dt>
+<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (Postfix 2.0 name: check_recipient_maps)</dt>
 
 <dd> Reject the request when the RCPT TO address is not listed in
 the list of valid recipients for its domain class. See the
diff --git a/postfix/src/global/bounce.c b/postfix/src/global/bounce.c
index 2df58b6dc..6b121cedb 100644
--- a/postfix/src/global/bounce.c
+++ b/postfix/src/global/bounce.c
@@ -257,10 +257,11 @@ int     vbounce_append(int flags, const char *id, const char *orig_rcpt,
 			     ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
 				ATTR_TYPE_END) == 0
 	    && ((flags & DEL_REQ_FLAG_RECORD) == 0
-		|| vtrace_append(flags, id, orig_rcpt, recipient, relay,
-			      entry, dsn_code, dsn_action, fmt, ap) == 0)) {
-	    vlog_adhoc(id, orig_rcpt, recipient, relay,
-		       entry, log_status, fmt, ap);
+		|| trace_append(flags, id, orig_rcpt, recipient, relay,
+				entry, dsn_code, dsn_action,
+				"%s", vstring_str(why)) == 0)) {
+	    log_adhoc(id, orig_rcpt, recipient, relay,
+		      entry, log_status, "%s", vstring_str(why));
 	    status = (var_soft_bounce ? -1 : 0);
 	} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
 	    status = defer_append(flags, id, orig_rcpt, recipient, offset,
@@ -384,10 +385,11 @@ int     vbounce_one(int flags, const char *queue, const char *id,
 			     ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
 				ATTR_TYPE_END) == 0
 	    && ((flags & DEL_REQ_FLAG_RECORD) == 0
-		|| vtrace_append(flags, id, orig_rcpt, recipient, relay,
-				 entry, "5.0.0", "failed", fmt, ap) == 0)) {
-	    vlog_adhoc(id, orig_rcpt, recipient, relay,
-		       entry, "bounced", fmt, ap);
+		|| trace_append(flags, id, orig_rcpt, recipient, relay,
+				entry, "5.0.0", "failed",
+				"%s", vstring_str(why)) == 0)) {
+	    log_adhoc(id, orig_rcpt, recipient, relay,
+		      entry, "bounced", "%s", vstring_str(why));
 	    status = 0;
 	} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
 	    status = defer_append(flags, id, orig_rcpt, recipient, offset,
diff --git a/postfix/src/global/defer.c b/postfix/src/global/defer.c
index 5954ab215..f710d20b2 100644
--- a/postfix/src/global/defer.c
+++ b/postfix/src/global/defer.c
@@ -224,14 +224,16 @@ int     vdefer_append(int flags, const char *id, const char *orig_rcpt,
 			     ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
 				ATTR_TYPE_END) != 0)
 	    msg_warn("%s: %s service failure", id, var_defer_service);
-	vlog_adhoc(id, orig_rcpt, recipient, relay, entry, "deferred", fmt, ap);
+	log_adhoc(id, orig_rcpt, recipient, relay, entry, "deferred",
+		  "%s", vstring_str(why));
 
 	/*
 	 * Traced delivery.
 	 */
 	if (flags & DEL_REQ_FLAG_RECORD)
-	    if (vtrace_append(flags, id, orig_rcpt, recipient, relay,
-			      entry, "4.0.0", "deferred", fmt, ap) != 0)
+	    if (trace_append(flags, id, orig_rcpt, recipient, relay,
+			     entry, "4.0.0", "deferred",
+			     "%s", vstring_str(why)) != 0)
 		msg_warn("%s: %s service failure", id, var_trace_service);
 
 	/*
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 61f1eecc2..f5017ecec 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,8 +20,8 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only.
   */
-#define MAIL_RELEASE_DATE	"20040503"
-#define MAIL_VERSION_NUMBER	"2.1.1"
+#define MAIL_RELEASE_DATE	"20040615"
+#define MAIL_VERSION_NUMBER	"2.1.2"
 
 #define VAR_MAIL_VERSION	"mail_version"
 #ifdef SNAPSHOT
diff --git a/postfix/src/global/sent.c b/postfix/src/global/sent.c
index 15695ede2..4f845ed78 100644
--- a/postfix/src/global/sent.c
+++ b/postfix/src/global/sent.c
@@ -161,17 +161,22 @@ int     vsent(int flags, const char *id, const char *orig_rcpt,
      * Normal mail delivery. May also send a delivery record to the user.
      */
     else {
+	VSTRING *text = vstring_alloc(10);
+
+	vstring_vsprintf(text, fmt, ap);
 	if ((flags & DEL_REQ_FLAG_RECORD) == 0
-	    || vtrace_append(flags, id, orig_rcpt, recipient, relay,
-			     entry, "2.0.0", "delivered", fmt, ap) == 0) {
-	    vlog_adhoc(id, orig_rcpt, recipient, relay,
-		       entry, "sent", fmt, ap);
+	    || trace_append(flags, id, orig_rcpt, recipient, relay,
+			    entry, "2.0.0", "delivered",
+			    "%s", vstring_str(text)) == 0) {
+	    log_adhoc(id, orig_rcpt, recipient, relay,
+		      entry, "sent", "%s", vstring_str(text));
 	    status = 0;
 	} else {
 	    status = defer_append(flags, id, orig_rcpt, recipient, offset,
 				  relay, entry, "%s: %s service failed",
 				  id, var_trace_service);
 	}
+	vstring_free(text);
 	return (status);
     }
 }
diff --git a/postfix/src/global/trace.c b/postfix/src/global/trace.c
index 3ee21dbd0..cd9710c65 100644
--- a/postfix/src/global/trace.c
+++ b/postfix/src/global/trace.c
@@ -172,8 +172,8 @@ int     vtrace_append(int flags, const char *queue_id,
 	req_stat = -1;
     } else {
 	if (flags & DEL_REQ_FLAG_EXPAND)
-	    vlog_adhoc(queue_id, orig_rcpt, recipient, relay,
-		       entry, dsn_action, fmt, ap);
+	    log_adhoc(queue_id, orig_rcpt, recipient, relay,
+		      entry, dsn_action, "%s", vstring_str(why));
 	req_stat = 0;
     }
     vstring_free(why);
diff --git a/postfix/src/global/verify.c b/postfix/src/global/verify.c
index 6effb49d6..e2829406f 100644
--- a/postfix/src/global/verify.c
+++ b/postfix/src/global/verify.c
@@ -134,26 +134,30 @@ int     vverify_append(const char *queue_id, const char *orig_rcpt,
 		              time_t entry, const char *status,
 		              int rcpt_stat, const char *fmt, va_list ap)
 {
+    VSTRING *text = vstring_alloc(10);
     int     req_stat;
 
     /*
      * Impedance adaptor between bounce/defer/sent and verify_clnt.
      */
+    vstring_vsprintf(text, fmt, ap);
     if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) {
 	req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap);
 	if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0)
-	    req_stat = verify_clnt_vupdate(recipient, rcpt_stat, fmt, ap);
+	    req_stat = verify_clnt_update(recipient, rcpt_stat,
+					  "%s", vstring_str(text));
     } else {
 	status = "undeliverable-but-not-cached";
 	req_stat = VRFY_STAT_OK;
     }
     if (req_stat == VRFY_STAT_OK) {
-	vlog_adhoc(queue_id, orig_rcpt, recipient, relay,
-		   entry, status, fmt, ap);
+	log_adhoc(queue_id, orig_rcpt, recipient, relay,
+		  entry, status, "%s", vstring_str(text));
 	req_stat = 0;
     } else {
 	msg_warn("%s: %s service failure", queue_id, var_verify_service);
 	req_stat = -1;
     }
+    vstring_free(text);
     return (req_stat);
 }
diff --git a/postfix/src/pickup/pickup.c b/postfix/src/pickup/pickup.c
index d1f3427a2..a876c6193 100644
--- a/postfix/src/pickup/pickup.c
+++ b/postfix/src/pickup/pickup.c
@@ -35,7 +35,7 @@
 /* CONFIGURATION PARAMETERS
 /* .ad
 /* .fi
-/*	As the pickup daemon is a relatively long-running process, up
+/*	As the pickup(8) daemon is a relatively long-running process, up
 /*	to an hour may pass before a \fBmain.cf\fR change takes effect.
 /*	Use the command "\fBpostfix reload\fR" command to speed up a change.
 /*
diff --git a/postfix/src/proxymap/proxymap.c b/postfix/src/proxymap/proxymap.c
index 6eb222492..e0f670e3a 100644
--- a/postfix/src/proxymap/proxymap.c
+++ b/postfix/src/proxymap/proxymap.c
@@ -36,8 +36,8 @@
 /* .IP "\fBopen\fR \fImaptype:mapname flags\fR"
 /*	Open the table with type \fImaptype\fR and name \fImapname\fR,
 /*	as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
-/*	dependent flags (to distinguish a fixed string table from regular
-/*	a expression table).
+/*	dependent flags (to distinguish a fixed string table from a regular
+/*	expression table).
 /* .IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
 /*	Look up the data stored under the requested key.
 /*	The reply is the request completion status code (below) and
diff --git a/postfix/src/qmgr/qmgr.c b/postfix/src/qmgr/qmgr.c
index 2ee829e62..49c8bfd79 100644
--- a/postfix/src/qmgr/qmgr.c
+++ b/postfix/src/qmgr/qmgr.c
@@ -50,7 +50,7 @@
 /*	These files are maintained by the \fBdefer\fR(8) daemon.
 /* .IP \fBtrace\fR
 /*	Per-recipient status information as requested with the
-/*	Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv" command\fR.
+/*	Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
 /*	These files are maintained by the \fBtrace\fR(8) daemon.
 /* .PP
 /*	The \fBqmgr\fR daemon is responsible for asking the
@@ -283,7 +283,7 @@
 /* SEE ALSO
 /*	trivial-rewrite(8), address routing
 /*	bounce(8), delivery status reports
-/*	postconf(5) configuration parameters
+/*	postconf(5), configuration parameters
 /*	master(8), process manager
 /*	syslogd(8) system logging
 /* README FILES
diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c
index 2458bc3d0..604c90c64 100644
--- a/postfix/src/smtp/smtp_connect.c
+++ b/postfix/src/smtp/smtp_connect.c
@@ -349,6 +349,7 @@ int     smtp_connect(SMTP_STATE *state)
 	    if (++addr_count == var_smtp_mxaddr_limit)
 		next = 0;
 	    if ((state->session = smtp_connect_addr(addr, port, why)) != 0) {
+		state->features = 0;		/* XXX should be SESSION info */
 		if (++sess_count == var_smtp_mxsess_limit)
 		    next = 0;
 		state->final_server = (cpp[1] == 0 && next == 0);
@@ -356,13 +357,18 @@ int     smtp_connect(SMTP_STATE *state)
 		debug_peer_check(state->session->host, state->session->addr);
 		if (smtp_helo(state, misc_flags) == 0)
 		    smtp_xfer(state);
-		if (state->history != 0
-		    && (state->error_mask & name_mask(VAR_NOTIFY_CLASSES,
-				     mail_error_masks, var_notify_classes)))
-		    smtp_chat_notify(state);
+		if (state->history != 0) {
+		    if (state->error_mask & name_mask(VAR_NOTIFY_CLASSES,
+				      mail_error_masks, var_notify_classes))
+			smtp_chat_notify(state);
+		    smtp_chat_reset(state);
+		}
 		/* XXX smtp_xfer() may abort in the middle of DATA. */
 		smtp_session_free(state->session);
 		state->session = 0;
+#ifdef USE_SASL_AUTH
+		smtp_sasl_cleanup(state);
+#endif
 		debug_peer_restore();
 		smtp_rcpt_cleanup(state);
 	    } else {
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index c5f44b835..63fbc0d1e 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -338,6 +338,8 @@
 /*	The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
 /*	SMTP client can send before the Postfix SMTP server starts to
 /*	increment the error counter with each junk command.
+/* .PP
+/*	Available in Postfix version 2.1 and later:
 /* .IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
 /*	The number of recipients that a remote SMTP client can send in
 /*	excess of the limit specified with $smtpd_recipient_limit, before
@@ -349,9 +351,6 @@
 /*	As of version 2.1, Postfix can be configured to delegate access
 /*	policy decisions to an external server that runs outside Postfix.
 /*	See the file SMTPD_POLICY_README for more information.
-/* .IP "\fBsmtpd_policy_service_timeout (100s)\fR"
-/*	The time limit for connecting to, writing to or receiving from a
-/*	delegated SMTPD policy server.
 /* .IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
 /*	The time after which an idle SMTPD policy service connection is
 /*	closed.
@@ -424,7 +423,7 @@
 /* SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS
 /* .ad
 /* .fi
-/*	Postfix version 2.1 introduces sender and address verification.
+/*	Postfix version 2.1 introduces sender and recipient address verification.
 /*	This feature is implemented by sending probe email messages that
 /*	are not actually delivered.
 /*	This feature is requested via the reject_unverified_sender and
diff --git a/postfix/src/smtpd/smtpd_proxy.h b/postfix/src/smtpd/smtpd_proxy.h
index a55fe75ea..e91543117 100644
--- a/postfix/src/smtpd/smtpd_proxy.h
+++ b/postfix/src/smtpd/smtpd_proxy.h
@@ -24,9 +24,9 @@
 #define SMTPD_PROX_WANT_MORE	'3'	/* Expect 3XX reply */
 
 extern int smtpd_proxy_open(SMTPD_STATE *, const char *, int, const char *, const char *);
-extern int smtpd_proxy_cmd(SMTPD_STATE *, int, const char *,...);
+extern int PRINTFLIKE(3, 4) smtpd_proxy_cmd(SMTPD_STATE *, int, const char *,...);
 extern int smtpd_proxy_rec_put(VSTREAM *, int, const char *, int);
-extern int smtpd_proxy_rec_fprintf(VSTREAM *, int, const char *,...);
+extern int PRINTFLIKE(3, 4) smtpd_proxy_rec_fprintf(VSTREAM *, int, const char *,...);
 extern void smtpd_proxy_close(SMTPD_STATE *);
 
 /* LICENSE
diff --git a/postfix/src/spawn/spawn.c b/postfix/src/spawn/spawn.c
index b945b670f..ae0a501ab 100644
--- a/postfix/src/spawn/spawn.c
+++ b/postfix/src/spawn/spawn.c
@@ -53,7 +53,7 @@
 /* CONFIGURATION PARAMETERS
 /* .ad
 /* .fi
-/*	Changes to \fBmain.cf\fR are picked up automatically as smtpd(8)
+/*	Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
 /*	processes run for only a limited amount of time. Use the command
 /*	"\fBpostfix reload\fR" to speed up a change.
 /*
diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c
index 13d86f030..390824315 100644
--- a/postfix/src/trivial-rewrite/trivial-rewrite.c
+++ b/postfix/src/trivial-rewrite/trivial-rewrite.c
@@ -120,7 +120,7 @@
 /* ADDRESS VERIFICATION CONTROLS
 /* .ad
 /* .fi
-/*	Postfix version 2.1 introduces sender and address verification.
+/*	Postfix version 2.1 introduces sender and recipient address verification.
 /*	This feature is implemented by sending probe email messages that
 /*	are not actually delivered.
 /*	By default, address verification probes use the same route
diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h
index 4ca12a328..6e1a7da05 100644
--- a/postfix/src/util/sys_defs.h
+++ b/postfix/src/util/sys_defs.h
@@ -50,8 +50,13 @@
 #endif
 #define GETTIMEOFDAY(t)	gettimeofday(t,(struct timezone *) 0)
 #define ROOT_PATH	"/bin:/usr/bin:/sbin:/usr/sbin"
-#define USE_STATFS
-#define STATFS_IN_SYS_MOUNT_H
+#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 200040000)
+# define USE_STATVFS
+# define STATVFS_IN_SYS_STATVFS_H
+#else
+# define USE_STATFS
+# define STATFS_IN_SYS_MOUNT_H
+#endif
 #define HAS_POSIX_REGEXP
 #define HAS_ST_GEN	/* struct stat contains inode generation number */
 #define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"