mirror of
https://github.com/vdukhovni/postfix
synced 2025-08-30 13:48:06 +00:00
postfix-2.1.2
This commit is contained in:
committed by
Viktor Dukhovni
parent
f77f70552b
commit
c302f4a4bf
@@ -9356,3 +9356,20 @@ Apologies for any names omitted.
|
|||||||
|
|
||||||
Bugfix: missing "sasl enabled" guard in the SMTPD policy
|
Bugfix: missing "sasl enabled" guard in the SMTPD policy
|
||||||
client. File: smtpd/smtpd_check.c.
|
client. File: smtpd/smtpd_check.c.
|
||||||
|
|
||||||
|
20040614
|
||||||
|
|
||||||
|
Bugfix: the SMTP client did not reset per-session EHLO,
|
||||||
|
SASL, and history information when opening a connection to
|
||||||
|
an alternate SMTP server. This is the result of abstraction
|
||||||
|
no longer matching function. Reported and diagnosed by
|
||||||
|
Victor Duchovni, Morgan Stanley.
|
||||||
|
|
||||||
|
Bugfix: non-portable reuse of variadic argument lists.
|
||||||
|
Fix by Victor Duchovni, Morgan Stanley. Files: global/bounce.c,
|
||||||
|
global/defer.c, global/sent.c, global/trace.c, global/verify.c.
|
||||||
|
|
||||||
|
Portability: NetBSD 2.0 has changed from statfs to statvfs.
|
||||||
|
John Heasley. File: util/sys_defs.h.
|
||||||
|
|
||||||
|
Documentation: typo fixes by IKEDA Nozomu.
|
||||||
|
@@ -145,7 +145,7 @@ NOTES:
|
|||||||
* Solaris UNIX-domain sockets do not work reliably. Use TCP sockets instead:
|
* Solaris UNIX-domain sockets do not work reliably. Use TCP sockets instead:
|
||||||
|
|
||||||
1 /etc/postfix/master.cf:
|
1 /etc/postfix/master.cf:
|
||||||
2 127.0.0.1:9998 unix - n n - - spawn
|
2 127.0.0.1:9998 inet n n n - - spawn
|
||||||
3 user=nobody argv=/some/where/policy-server
|
3 user=nobody argv=/some/where/policy-server
|
||||||
4
|
4
|
||||||
5 /etc/postfix/main.cf:
|
5 /etc/postfix/main.cf:
|
||||||
@@ -235,7 +235,7 @@ On Solaris you must use inet: style sockets instead of unix: style, as detailed
|
|||||||
in the "Policy client/server configuration" section above.
|
in the "Policy client/server configuration" section above.
|
||||||
|
|
||||||
1 /etc/postfix/master.cf:
|
1 /etc/postfix/master.cf:
|
||||||
2 127.0.0.1:9998 unix - n n - - spawn
|
2 127.0.0.1:9998 inet n n n - - spawn
|
||||||
3 user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
|
3 user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
|
||||||
4
|
4
|
||||||
5 /etc/postfix/main.cf:
|
5 /etc/postfix/main.cf:
|
||||||
|
@@ -15,14 +15,12 @@ snapshot releases.
|
|||||||
Major changes - critical
|
Major changes - critical
|
||||||
------------------------
|
------------------------
|
||||||
|
|
||||||
If you run Postfix 1.x or earlier then you must stop Postfix before
|
If you run Postfix 2.0 or earlier then you must stop Postfix before
|
||||||
upgrading. This is because the master-child protocols have changed,
|
upgrading. The master-child protocols have changed between Postfix
|
||||||
and very little will work with the old master daemon process.
|
1.1 and 2.0, and version 2.1 sometimes writes queue files that the
|
||||||
|
2.0 and earlier queue managers complain about. If this happens move
|
||||||
[Incompat 20021119] You can upgrade Postfix 2.0 without stopping.
|
the files from the corrupt directory to the maildrop directory and
|
||||||
After upgrading an existing Postfix 2.0 system you must use "postfix
|
give them another chance.
|
||||||
reload". Some internal protocols have changed, but the master-child
|
|
||||||
protocols are the same as with Postfix 2.0.
|
|
||||||
|
|
||||||
[Incompat 20021119] The Postfix upgrade procedure will add two new
|
[Incompat 20021119] The Postfix upgrade procedure will add two new
|
||||||
services to your master.cf file: "trace" and "verify". These servers
|
services to your master.cf file: "trace" and "verify". These servers
|
||||||
|
@@ -303,9 +303,9 @@
|
|||||||
# exploit.
|
# exploit.
|
||||||
#
|
#
|
||||||
# /etc/postfix/main.cf:
|
# /etc/postfix/main.cf:
|
||||||
# header_checks = regexp:/etc/postfix/header_checks
|
# body_checks = regexp:/etc/postfix/body_checks
|
||||||
#
|
#
|
||||||
# /etc/postfix/header_checks:
|
# /etc/postfix/body_checks:
|
||||||
# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
||||||
# REJECT IFRAME vulnerability exploit
|
# REJECT IFRAME vulnerability exploit
|
||||||
#
|
#
|
||||||
|
@@ -498,7 +498,7 @@ unknown_local_recipient_reject_code = 550
|
|||||||
# JUNK MAIL CONTROLS
|
# JUNK MAIL CONTROLS
|
||||||
#
|
#
|
||||||
# The controls listed here are only a very small subset. The file
|
# The controls listed here are only a very small subset. The file
|
||||||
# SPTMD_ACCESS_README provides an overview.
|
# SMTPD_ACCESS_README provides an overview.
|
||||||
|
|
||||||
# The header_checks parameter specifies an optional table with patterns
|
# The header_checks parameter specifies an optional table with patterns
|
||||||
# that each logical message header is matched against, including
|
# that each logical message header is matched against, including
|
||||||
|
@@ -216,7 +216,7 @@ TCP sockets instead: </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
1 /etc/postfix/master.cf:
|
1 /etc/postfix/master.cf:
|
||||||
2 127.0.0.1:9998 unix - n n - - spawn
|
2 127.0.0.1:9998 inet n n n - - spawn
|
||||||
3 user=nobody argv=/some/where/policy-server
|
3 user=nobody argv=/some/where/policy-server
|
||||||
4
|
4
|
||||||
5 /etc/postfix/main.cf:
|
5 /etc/postfix/main.cf:
|
||||||
@@ -340,7 +340,7 @@ client/server configuration</a>" section above. </p>
|
|||||||
<blockquote>
|
<blockquote>
|
||||||
<pre>
|
<pre>
|
||||||
1 /etc/postfix/master.cf:
|
1 /etc/postfix/master.cf:
|
||||||
2 127.0.0.1:9998 unix - n n - - spawn
|
2 127.0.0.1:9998 inet n n n - - spawn
|
||||||
3 user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
|
3 user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
|
||||||
4
|
4
|
||||||
5 /etc/postfix/main.cf:
|
5 /etc/postfix/main.cf:
|
||||||
|
@@ -309,9 +309,9 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
|
|||||||
exploit.
|
exploit.
|
||||||
|
|
||||||
/etc/postfix/main.cf:
|
/etc/postfix/main.cf:
|
||||||
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/header_checks
|
<a href="postconf.5.html#body_checks">body_checks</a> = <a href="regexp_table.5.html">regexp</a>:/etc/postfix/body_checks
|
||||||
|
|
||||||
/etc/postfix/header_checks:
|
/etc/postfix/body_checks:
|
||||||
/^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
/^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
||||||
REJECT IFRAME vulnerability exploit
|
REJECT IFRAME vulnerability exploit
|
||||||
|
|
||||||
|
@@ -43,8 +43,8 @@ PICKUP(8) PICKUP(8)
|
|||||||
unfiltered user data.
|
unfiltered user data.
|
||||||
|
|
||||||
<b>CONFIGURATION PARAMETERS</b>
|
<b>CONFIGURATION PARAMETERS</b>
|
||||||
As the pickup daemon is a relatively long-running process,
|
As the <a href="pickup.8.html">pickup(8)</a> daemon is a relatively long-running pro-
|
||||||
up to an hour may pass before a <b>main.cf</b> change takes
|
cess, up to an hour may pass before a <b>main.cf</b> change takes
|
||||||
effect. Use the command "<b>postfix reload</b>" command to speed
|
effect. Use the command "<b>postfix reload</b>" command to speed
|
||||||
up a change.
|
up a change.
|
||||||
|
|
||||||
|
@@ -733,6 +733,7 @@ below it), "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patt
|
|||||||
pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
|
pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table
|
||||||
is matched when a table entry matches a lookup string (the lookup
|
is matched when a table entry matches a lookup string (the lookup
|
||||||
result is ignored). Continue long lines by starting the next line
|
result is ignored). Continue long lines by starting the next line
|
||||||
|
with whitespace. </p>
|
||||||
|
|
||||||
|
|
||||||
</DD>
|
</DD>
|
||||||
@@ -1546,7 +1547,7 @@ This feature is available in Postfix 2.0 and later.
|
|||||||
The names of message delivery transports that should not be delivered
|
The names of message delivery transports that should not be delivered
|
||||||
to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
|
to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
|
||||||
or more names of mail delivery transports names that appear in the
|
or more names of mail delivery transports names that appear in the
|
||||||
first field of master.cf).
|
first field of master.cf.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
@@ -3852,7 +3853,7 @@ The error classes are:
|
|||||||
<dd>Send the postmaster copies of the headers of bounced mail, and
|
<dd>Send the postmaster copies of the headers of bounced mail, and
|
||||||
send transcripts of SMTP sessions when Postfix rejects mail. The
|
send transcripts of SMTP sessions when Postfix rejects mail. The
|
||||||
notification is sent to the address specified with the
|
notification is sent to the address specified with the
|
||||||
<a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter (default: postmaster)
|
<a href="postconf.5.html#bounce_notice_recipient">bounce_notice_recipient</a> configuration parameter (default: postmaster).
|
||||||
</dd>
|
</dd>
|
||||||
|
|
||||||
<dt><b>2bounce</b></dt>
|
<dt><b>2bounce</b></dt>
|
||||||
@@ -4582,13 +4583,6 @@ recipient addresses with $<a href="postconf.5.html#relay_recipient_maps">relay_r
|
|||||||
recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
|
recipients. See also the <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a> address class in the
|
||||||
<a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file. </p>
|
<a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file. </p>
|
||||||
|
|
||||||
<p> The list of domains that are by default delivered via the
|
|
||||||
$<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport. By default this is the
|
|
||||||
Postfix <a href="local.8.html">local(8)</a> delivery agent which looks up all recipients in
|
|
||||||
/etc/passwd and /etc/aliases. The SMTP server validates recipient
|
|
||||||
addresses with $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>. See also the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a>
|
|
||||||
address class in the <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> file. </p>
|
|
||||||
|
|
||||||
<p> NOTE: Postfix will not automatically forward mail for domains
|
<p> NOTE: Postfix will not automatically forward mail for domains
|
||||||
that list this system as their primary or backup MX host. See the
|
that list this system as their primary or backup MX host. See the
|
||||||
<a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page. </p>
|
<a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> restriction in the <a href="postconf.5.html">postconf(5)</a> manual page. </p>
|
||||||
@@ -5245,7 +5239,7 @@ This feature is available in Postfix 2.1 and later.
|
|||||||
|
|
||||||
<p>
|
<p>
|
||||||
The maximal length of message header and body lines that Postfix
|
The maximal length of message header and body lines that Postfix
|
||||||
will send via SMTP. Longer lines are longer are broken by inserting
|
will send via SMTP. Longer lines are broken by inserting
|
||||||
"<CR><LF><SPACE>". This minimizes the damage to
|
"<CR><LF><SPACE>". This minimizes the damage to
|
||||||
MIME formatted mail.
|
MIME formatted mail.
|
||||||
</p>
|
</p>
|
||||||
@@ -5765,7 +5759,7 @@ restrictions.
|
|||||||
<p>
|
<p>
|
||||||
By default, clients in trusted networks are excluded. Specify a
|
By default, clients in trusted networks are excluded. Specify a
|
||||||
list of network blocks, hostnames or .domain names (the initial
|
list of network blocks, hostnames or .domain names (the initial
|
||||||
initial dot causes the domain to match any name below it).
|
dot causes the domain to match any name below it).
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
@@ -6407,7 +6401,7 @@ supposed to give the result to another Postfix SMTP server process.
|
|||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p> Specify host:port. The host can be specified as an IP address
|
<p> Specify host:port. The host can be specified as an IP address
|
||||||
or was a symbolic name; no MX lookups are done. When no host or
|
or as a symbolic name; no MX lookups are done. When no host or
|
||||||
host: are specified, the local machine is assumed. </p>
|
host: are specified, the local machine is assumed. </p>
|
||||||
|
|
||||||
<p> This feature is available in Postfix 2.1 and later. </p>
|
<p> This feature is available in Postfix 2.1 and later. </p>
|
||||||
@@ -6606,8 +6600,7 @@ address. <br> The <a href="postconf.5.html#unknown_address_reject_code">unknown_
|
|||||||
the response code for rejected requests (default: 450). The response
|
the response code for rejected requests (default: 450). The response
|
||||||
is always 450 in case of a temporary DNS error.</dd>
|
is always 450 in case of a temporary DNS error.</dd>
|
||||||
|
|
||||||
<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b>
|
<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (Postfix 2.0 name: check_recipient_maps)</dt>
|
||||||
(Postfix 2.0 name: check_recipient_maps)</dt>
|
|
||||||
|
|
||||||
<dd> Reject the request when the RCPT TO address is not listed in
|
<dd> Reject the request when the RCPT TO address is not listed in
|
||||||
the list of valid recipients for its domain class. See the
|
the list of valid recipients for its domain class. See the
|
||||||
|
@@ -44,7 +44,7 @@ PROXYMAP(8) PROXYMAP(8)
|
|||||||
Open the table with type <i>maptype</i> and name <i>mapname</i>,
|
Open the table with type <i>maptype</i> and name <i>mapname</i>,
|
||||||
as controlled by <i>flags</i>. The reply includes the <i>map-</i>
|
as controlled by <i>flags</i>. The reply includes the <i>map-</i>
|
||||||
<i>type</i> dependent flags (to distinguish a fixed string
|
<i>type</i> dependent flags (to distinguish a fixed string
|
||||||
table from regular a expression table).
|
table from a regular expression table).
|
||||||
|
|
||||||
<b>lookup</b> <i>maptype:mapname flags key</i>
|
<b>lookup</b> <i>maptype:mapname flags key</i>
|
||||||
Look up the data stored under the requested key.
|
Look up the data stored under the requested key.
|
||||||
|
@@ -63,8 +63,8 @@ QMGR(8) QMGR(8)
|
|||||||
<a href="defer.8.html"><b>defer</b>(8)</a> daemon.
|
<a href="defer.8.html"><b>defer</b>(8)</a> daemon.
|
||||||
|
|
||||||
<b>trace</b> Per-recipient status information as requested with
|
<b>trace</b> Per-recipient status information as requested with
|
||||||
the Postfix "<b>sendmail -v</b>" or "<b>sendmail -bv" com-</b>
|
the Postfix "<b>sendmail -v</b>" or "<b>sendmail -bv</b>" com-
|
||||||
<b>mand</b>. These files are maintained by the <a href="trace.8.html"><b>trace</b>(8)</a>
|
mand. These files are maintained by the <a href="trace.8.html"><b>trace</b>(8)</a>
|
||||||
daemon.
|
daemon.
|
||||||
|
|
||||||
The <b>qmgr</b> daemon is responsible for asking the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
|
The <b>qmgr</b> daemon is responsible for asking the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
|
||||||
@@ -365,7 +365,7 @@ QMGR(8) QMGR(8)
|
|||||||
<b>SEE ALSO</b>
|
<b>SEE ALSO</b>
|
||||||
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing
|
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing
|
||||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||||
<a href="postconf.5.html">postconf(5)</a> configuration parameters
|
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||||
<a href="master.8.html">master(8)</a>, process manager
|
<a href="master.8.html">master(8)</a>, process manager
|
||||||
syslogd(8) system logging
|
syslogd(8) system logging
|
||||||
|
|
||||||
|
@@ -434,6 +434,8 @@ SMTPD(8) SMTPD(8)
|
|||||||
Postfix SMTP server starts to increment the error
|
Postfix SMTP server starts to increment the error
|
||||||
counter with each junk command.
|
counter with each junk command.
|
||||||
|
|
||||||
|
Available in Postfix version 2.1 and later:
|
||||||
|
|
||||||
<b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
|
<b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
|
||||||
The number of recipients that a remote SMTP client
|
The number of recipients that a remote SMTP client
|
||||||
can send in excess of the limit specified with
|
can send in excess of the limit specified with
|
||||||
@@ -447,10 +449,6 @@ SMTPD(8) SMTPD(8)
|
|||||||
outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
|
outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
|
||||||
more information.
|
more information.
|
||||||
|
|
||||||
<b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
|
|
||||||
The time limit for connecting to, writing to or
|
|
||||||
receiving from a delegated SMTPD policy server.
|
|
||||||
|
|
||||||
<b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
|
<b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
|
||||||
The time after which an idle SMTPD policy service
|
The time after which an idle SMTPD policy service
|
||||||
connection is closed.
|
connection is closed.
|
||||||
@@ -552,15 +550,16 @@ SMTPD(8) SMTPD(8)
|
|||||||
tion is specified.
|
tion is specified.
|
||||||
|
|
||||||
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
|
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
|
||||||
Postfix version 2.1 introduces sender and address verifi-
|
Postfix version 2.1 introduces sender and recipient
|
||||||
cation. This feature is implemented by sending probe
|
address verification. This feature is implemented by
|
||||||
email messages that are not actually delivered. This fea-
|
sending probe email messages that are not actually deliv-
|
||||||
ture is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> and
|
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
|
||||||
<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access restrictions. The sta-
|
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
|
||||||
tus of verification probes is maintained by the <a href="verify.8.html">verify(8)</a>
|
restrictions. The status of verification probes is main-
|
||||||
server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VERIFICATION_README</a> for
|
tained by the <a href="verify.8.html">verify(8)</a> server. See the file ADDRESS_VER-
|
||||||
information about how to configure and operate the Postfix
|
<a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
|
||||||
sender/recipient address verification service.
|
and operate the Postfix sender/recipient address verifica-
|
||||||
|
tion service.
|
||||||
|
|
||||||
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
|
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
|
||||||
How many times to query the <a href="verify.8.html">verify(8)</a> service for
|
How many times to query the <a href="verify.8.html">verify(8)</a> service for
|
||||||
|
@@ -66,7 +66,7 @@ SPAWN(8) SPAWN(8)
|
|||||||
data-driven attacks.
|
data-driven attacks.
|
||||||
|
|
||||||
<b>CONFIGURATION PARAMETERS</b>
|
<b>CONFIGURATION PARAMETERS</b>
|
||||||
Changes to <b>main.cf</b> are picked up automatically as <a href="smtpd.8.html">smtpd(8)</a>
|
Changes to <b>main.cf</b> are picked up automatically as <a href="spawn.8.html">spawn(8)</a>
|
||||||
processes run for only a limited amount of time. Use the
|
processes run for only a limited amount of time. Use the
|
||||||
command "<b>postfix reload</b>" to speed up a change.
|
command "<b>postfix reload</b>" to speed up a change.
|
||||||
|
|
||||||
|
@@ -156,13 +156,13 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
|
|||||||
destination).
|
destination).
|
||||||
|
|
||||||
<b>ADDRESS VERIFICATION CONTROLS</b>
|
<b>ADDRESS VERIFICATION CONTROLS</b>
|
||||||
Postfix version 2.1 introduces sender and address verifi-
|
Postfix version 2.1 introduces sender and recipient
|
||||||
cation. This feature is implemented by sending probe
|
address verification. This feature is implemented by
|
||||||
email messages that are not actually delivered. By
|
sending probe email messages that are not actually deliv-
|
||||||
default, address verification probes use the same route as
|
ered. By default, address verification probes use the
|
||||||
regular mail. To override specific aspects of message
|
same route as regular mail. To override specific aspects
|
||||||
routing for address verification probes, specify one or
|
of message routing for address verification probes, spec-
|
||||||
more of the following:
|
ify one or more of the following:
|
||||||
|
|
||||||
<b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
|
<b><a href="postconf.5.html#address_verify_local_transport">address_verify_local_transport</a> ($<a href="postconf.5.html#local_transport">local_transport</a>)</b>
|
||||||
Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for
|
Overrides the <a href="postconf.5.html#local_transport">local_transport</a> parameter setting for
|
||||||
|
@@ -292,9 +292,9 @@ Body pattern to stop a specific HTML browser vulnerability exploit.
|
|||||||
.nf
|
.nf
|
||||||
/etc/postfix/main.cf:
|
/etc/postfix/main.cf:
|
||||||
.ti +4
|
.ti +4
|
||||||
header_checks = regexp:/etc/postfix/header_checks
|
body_checks = regexp:/etc/postfix/body_checks
|
||||||
|
|
||||||
/etc/postfix/header_checks:
|
/etc/postfix/body_checks:
|
||||||
.ti +4
|
.ti +4
|
||||||
/^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
/^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
||||||
.ti +8
|
.ti +8
|
||||||
|
@@ -388,6 +388,7 @@ below it), "/file/name" or "type:table" patterns. A "/file/name"
|
|||||||
pattern is replaced by its contents; a "type:table" lookup table
|
pattern is replaced by its contents; a "type:table" lookup table
|
||||||
is matched when a table entry matches a lookup string (the lookup
|
is matched when a table entry matches a lookup string (the lookup
|
||||||
result is ignored). Continue long lines by starting the next line
|
result is ignored). Continue long lines by starting the next line
|
||||||
|
with whitespace.
|
||||||
.SH backwards_bounce_logfile_compatibility (default: yes)
|
.SH backwards_bounce_logfile_compatibility (default: yes)
|
||||||
Produce additional bounce(8) logfile records that can be read by
|
Produce additional bounce(8) logfile records that can be read by
|
||||||
older Postfix versions. The current and more extensible "name =
|
older Postfix versions. The current and more extensible "name =
|
||||||
@@ -796,7 +797,7 @@ This feature is available in Postfix 2.0 and later.
|
|||||||
The names of message delivery transports that should not be delivered
|
The names of message delivery transports that should not be delivered
|
||||||
to unless someone issues "\fBsendmail -q\fR" or equivalent. Specify zero
|
to unless someone issues "\fBsendmail -q\fR" or equivalent. Specify zero
|
||||||
or more names of mail delivery transports names that appear in the
|
or more names of mail delivery transports names that appear in the
|
||||||
first field of master.cf).
|
first field of master.cf.
|
||||||
.PP
|
.PP
|
||||||
Example:
|
Example:
|
||||||
.PP
|
.PP
|
||||||
@@ -1969,7 +1970,7 @@ The error classes are:
|
|||||||
Send the postmaster copies of the headers of bounced mail, and
|
Send the postmaster copies of the headers of bounced mail, and
|
||||||
send transcripts of SMTP sessions when Postfix rejects mail. The
|
send transcripts of SMTP sessions when Postfix rejects mail. The
|
||||||
notification is sent to the address specified with the
|
notification is sent to the address specified with the
|
||||||
bounce_notice_recipient configuration parameter (default: postmaster)
|
bounce_notice_recipient configuration parameter (default: postmaster).
|
||||||
.IP "\fB2bounce\fR"
|
.IP "\fB2bounce\fR"
|
||||||
Send undeliverable bounced mail to the postmaster. The notification
|
Send undeliverable bounced mail to the postmaster. The notification
|
||||||
is sent to the address specified with the 2bounce_notice_recipient
|
is sent to the address specified with the 2bounce_notice_recipient
|
||||||
@@ -2365,13 +2366,6 @@ recipient addresses with $relay_recipient_maps and rejects non-existent
|
|||||||
recipients. See also the relay domains address class in the
|
recipients. See also the relay domains address class in the
|
||||||
ADDRESS_CLASS_README file.
|
ADDRESS_CLASS_README file.
|
||||||
.PP
|
.PP
|
||||||
The list of domains that are by default delivered via the
|
|
||||||
$local_transport mail delivery transport. By default this is the
|
|
||||||
Postfix local(8) delivery agent which looks up all recipients in
|
|
||||||
/etc/passwd and /etc/aliases. The SMTP server validates recipient
|
|
||||||
addresses with $local_recipient_maps. See also the local domain
|
|
||||||
address class in the ADDRESS_CLASS_README file.
|
|
||||||
.PP
|
|
||||||
NOTE: Postfix will not automatically forward mail for domains
|
NOTE: Postfix will not automatically forward mail for domains
|
||||||
that list this system as their primary or backup MX host. See the
|
that list this system as their primary or backup MX host. See the
|
||||||
permit_mx_backup restriction in the postconf(5) manual page.
|
permit_mx_backup restriction in the postconf(5) manual page.
|
||||||
@@ -2721,7 +2715,7 @@ Use the native service for hosts not found in the DNS.
|
|||||||
This feature is available in Postfix 2.1 and later.
|
This feature is available in Postfix 2.1 and later.
|
||||||
.SH smtp_line_length_limit (default: 990)
|
.SH smtp_line_length_limit (default: 990)
|
||||||
The maximal length of message header and body lines that Postfix
|
The maximal length of message header and body lines that Postfix
|
||||||
will send via SMTP. Longer lines are longer are broken by inserting
|
will send via SMTP. Longer lines are broken by inserting
|
||||||
"<CR><LF><SPACE>". This minimizes the damage to
|
"<CR><LF><SPACE>". This minimizes the damage to
|
||||||
MIME formatted mail.
|
MIME formatted mail.
|
||||||
.PP
|
.PP
|
||||||
@@ -2988,7 +2982,7 @@ restrictions.
|
|||||||
.PP
|
.PP
|
||||||
By default, clients in trusted networks are excluded. Specify a
|
By default, clients in trusted networks are excluded. Specify a
|
||||||
list of network blocks, hostnames or .domain names (the initial
|
list of network blocks, hostnames or .domain names (the initial
|
||||||
initial dot causes the domain to match any name below it).
|
dot causes the domain to match any name below it).
|
||||||
.PP
|
.PP
|
||||||
This feature is not part of the stable Postfix 2.1 release.
|
This feature is not part of the stable Postfix 2.1 release.
|
||||||
.SH smtpd_client_connection_rate_limit (default: 0)
|
.SH smtpd_client_connection_rate_limit (default: 0)
|
||||||
@@ -3370,7 +3364,7 @@ The proxy receives all mail from the Postfix SMTP server, and is
|
|||||||
supposed to give the result to another Postfix SMTP server process.
|
supposed to give the result to another Postfix SMTP server process.
|
||||||
.PP
|
.PP
|
||||||
Specify host:port. The host can be specified as an IP address
|
Specify host:port. The host can be specified as an IP address
|
||||||
or was a symbolic name; no MX lookups are done. When no host or
|
or as a symbolic name; no MX lookups are done. When no host or
|
||||||
host: are specified, the local machine is assumed.
|
host: are specified, the local machine is assumed.
|
||||||
.PP
|
.PP
|
||||||
This feature is available in Postfix 2.1 and later.
|
This feature is available in Postfix 2.1 and later.
|
||||||
@@ -3507,8 +3501,7 @@ address.
|
|||||||
The unknown_address_reject_code parameter specifies
|
The unknown_address_reject_code parameter specifies
|
||||||
the response code for rejected requests (default: 450). The response
|
the response code for rejected requests (default: 450). The response
|
||||||
is always 450 in case of a temporary DNS error.
|
is always 450 in case of a temporary DNS error.
|
||||||
.IP "\fBreject_unlisted_recipient\fR
|
.IP "\fBreject_unlisted_recipient\fR (Postfix 2.0 name: check_recipient_maps)"
|
||||||
(Postfix 2.0 name: check_recipient_maps)"
|
|
||||||
Reject the request when the RCPT TO address is not listed in
|
Reject the request when the RCPT TO address is not listed in
|
||||||
the list of valid recipients for its domain class. See the
|
the list of valid recipients for its domain class. See the
|
||||||
smtpd_reject_unlisted_recipient parameter description for details.
|
smtpd_reject_unlisted_recipient parameter description for details.
|
||||||
|
@@ -51,7 +51,7 @@ descriptor instead of file data, but then the already complex
|
|||||||
.nf
|
.nf
|
||||||
.ad
|
.ad
|
||||||
.fi
|
.fi
|
||||||
As the pickup daemon is a relatively long-running process, up
|
As the pickup(8) daemon is a relatively long-running process, up
|
||||||
to an hour may pass before a \fBmain.cf\fR change takes effect.
|
to an hour may pass before a \fBmain.cf\fR change takes effect.
|
||||||
Use the command "\fBpostfix reload\fR" command to speed up a change.
|
Use the command "\fBpostfix reload\fR" command to speed up a change.
|
||||||
|
|
||||||
|
@@ -42,8 +42,8 @@ The proxymap server implements the following requests:
|
|||||||
.IP "\fBopen\fR \fImaptype:mapname flags\fR"
|
.IP "\fBopen\fR \fImaptype:mapname flags\fR"
|
||||||
Open the table with type \fImaptype\fR and name \fImapname\fR,
|
Open the table with type \fImaptype\fR and name \fImapname\fR,
|
||||||
as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
|
as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
|
||||||
dependent flags (to distinguish a fixed string table from regular
|
dependent flags (to distinguish a fixed string table from a regular
|
||||||
a expression table).
|
expression table).
|
||||||
.IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
|
.IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
|
||||||
Look up the data stored under the requested key.
|
Look up the data stored under the requested key.
|
||||||
The reply is the request completion status code (below) and
|
The reply is the request completion status code (below) and
|
||||||
|
@@ -60,7 +60,7 @@ Per-recipient status information about why mail is delayed.
|
|||||||
These files are maintained by the \fBdefer\fR(8) daemon.
|
These files are maintained by the \fBdefer\fR(8) daemon.
|
||||||
.IP \fBtrace\fR
|
.IP \fBtrace\fR
|
||||||
Per-recipient status information as requested with the
|
Per-recipient status information as requested with the
|
||||||
Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv" command\fR.
|
Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
|
||||||
These files are maintained by the \fBtrace\fR(8) daemon.
|
These files are maintained by the \fBtrace\fR(8) daemon.
|
||||||
.PP
|
.PP
|
||||||
The \fBqmgr\fR daemon is responsible for asking the
|
The \fBqmgr\fR daemon is responsible for asking the
|
||||||
@@ -325,7 +325,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
|||||||
.nf
|
.nf
|
||||||
trivial-rewrite(8), address routing
|
trivial-rewrite(8), address routing
|
||||||
bounce(8), delivery status reports
|
bounce(8), delivery status reports
|
||||||
postconf(5) configuration parameters
|
postconf(5), configuration parameters
|
||||||
master(8), process manager
|
master(8), process manager
|
||||||
syslogd(8) system logging
|
syslogd(8) system logging
|
||||||
.SH "README FILES"
|
.SH "README FILES"
|
||||||
|
@@ -374,6 +374,8 @@ make without delivering mail.
|
|||||||
The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
|
The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
|
||||||
SMTP client can send before the Postfix SMTP server starts to
|
SMTP client can send before the Postfix SMTP server starts to
|
||||||
increment the error counter with each junk command.
|
increment the error counter with each junk command.
|
||||||
|
.PP
|
||||||
|
Available in Postfix version 2.1 and later:
|
||||||
.IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
|
.IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
|
||||||
The number of recipients that a remote SMTP client can send in
|
The number of recipients that a remote SMTP client can send in
|
||||||
excess of the limit specified with $smtpd_recipient_limit, before
|
excess of the limit specified with $smtpd_recipient_limit, before
|
||||||
@@ -387,9 +389,6 @@ for each excess recipient.
|
|||||||
As of version 2.1, Postfix can be configured to delegate access
|
As of version 2.1, Postfix can be configured to delegate access
|
||||||
policy decisions to an external server that runs outside Postfix.
|
policy decisions to an external server that runs outside Postfix.
|
||||||
See the file SMTPD_POLICY_README for more information.
|
See the file SMTPD_POLICY_README for more information.
|
||||||
.IP "\fBsmtpd_policy_service_timeout (100s)\fR"
|
|
||||||
The time limit for connecting to, writing to or receiving from a
|
|
||||||
delegated SMTPD policy server.
|
|
||||||
.IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
|
.IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
|
||||||
The time after which an idle SMTPD policy service connection is
|
The time after which an idle SMTPD policy service connection is
|
||||||
closed.
|
closed.
|
||||||
@@ -466,7 +465,7 @@ access restriction is specified.
|
|||||||
.nf
|
.nf
|
||||||
.ad
|
.ad
|
||||||
.fi
|
.fi
|
||||||
Postfix version 2.1 introduces sender and address verification.
|
Postfix version 2.1 introduces sender and recipient address verification.
|
||||||
This feature is implemented by sending probe email messages that
|
This feature is implemented by sending probe email messages that
|
||||||
are not actually delivered.
|
are not actually delivered.
|
||||||
This feature is requested via the reject_unverified_sender and
|
This feature is requested via the reject_unverified_sender and
|
||||||
|
@@ -69,7 +69,7 @@ and thus is not vulnerable to data-driven attacks.
|
|||||||
.nf
|
.nf
|
||||||
.ad
|
.ad
|
||||||
.fi
|
.fi
|
||||||
Changes to \fBmain.cf\fR are picked up automatically as smtpd(8)
|
Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
|
||||||
processes run for only a limited amount of time. Use the command
|
processes run for only a limited amount of time. Use the command
|
||||||
"\fBpostfix reload\fR" to speed up a change.
|
"\fBpostfix reload\fR" to speed up a change.
|
||||||
|
|
||||||
|
@@ -144,7 +144,7 @@ Optional lookup tables with mappings from recipient address to
|
|||||||
.nf
|
.nf
|
||||||
.ad
|
.ad
|
||||||
.fi
|
.fi
|
||||||
Postfix version 2.1 introduces sender and address verification.
|
Postfix version 2.1 introduces sender and recipient address verification.
|
||||||
This feature is implemented by sending probe email messages that
|
This feature is implemented by sending probe email messages that
|
||||||
are not actually delivered.
|
are not actually delivered.
|
||||||
By default, address verification probes use the same route
|
By default, address verification probes use the same route
|
||||||
|
@@ -57,7 +57,7 @@ while(<>) {
|
|||||||
#$block =~ s/<\/ul>/\n.PP\n/g;
|
#$block =~ s/<\/ul>/\n.PP\n/g;
|
||||||
$block =~ s/<\/dl>/\n/g;
|
$block =~ s/<\/dl>/\n/g;
|
||||||
$block =~ s/<\/ul>/\n/g;
|
$block =~ s/<\/ul>/\n/g;
|
||||||
$block =~ s/<dd>/\n/g;
|
$block =~ s/<dd>\s*/\n/g;
|
||||||
$block =~ s/<\/dd>/\n/g;
|
$block =~ s/<\/dd>/\n/g;
|
||||||
$block =~ s/<li>\s*/\n.IP \\(bu\n/g;
|
$block =~ s/<li>\s*/\n.IP \\(bu\n/g;
|
||||||
$block =~ s/<dt>\s*/\n.IP "/g;
|
$block =~ s/<dt>\s*/\n.IP "/g;
|
||||||
|
@@ -272,9 +272,9 @@
|
|||||||
# .nf
|
# .nf
|
||||||
# /etc/postfix/main.cf:
|
# /etc/postfix/main.cf:
|
||||||
# .ti +4
|
# .ti +4
|
||||||
# header_checks = regexp:/etc/postfix/header_checks
|
# body_checks = regexp:/etc/postfix/body_checks
|
||||||
#
|
#
|
||||||
# /etc/postfix/header_checks:
|
# /etc/postfix/body_checks:
|
||||||
# .ti +4
|
# .ti +4
|
||||||
# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
# /^<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>$/
|
||||||
# .ti +8
|
# .ti +8
|
||||||
|
@@ -1010,7 +1010,7 @@ Do not change this unless you have a complete understanding of RFC 821.
|
|||||||
The names of message delivery transports that should not be delivered
|
The names of message delivery transports that should not be delivered
|
||||||
to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
|
to unless someone issues "<b>sendmail -q</b>" or equivalent. Specify zero
|
||||||
or more names of mail delivery transports names that appear in the
|
or more names of mail delivery transports names that appear in the
|
||||||
first field of master.cf).
|
first field of master.cf.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
@@ -2406,7 +2406,7 @@ The error classes are:
|
|||||||
<dd>Send the postmaster copies of the headers of bounced mail, and
|
<dd>Send the postmaster copies of the headers of bounced mail, and
|
||||||
send transcripts of SMTP sessions when Postfix rejects mail. The
|
send transcripts of SMTP sessions when Postfix rejects mail. The
|
||||||
notification is sent to the address specified with the
|
notification is sent to the address specified with the
|
||||||
bounce_notice_recipient configuration parameter (default: postmaster)
|
bounce_notice_recipient configuration parameter (default: postmaster).
|
||||||
</dd>
|
</dd>
|
||||||
|
|
||||||
<dt><b>2bounce</b></dt>
|
<dt><b>2bounce</b></dt>
|
||||||
@@ -2829,13 +2829,6 @@ recipient addresses with $relay_recipient_maps and rejects non-existent
|
|||||||
recipients. See also the relay domains address class in the
|
recipients. See also the relay domains address class in the
|
||||||
ADDRESS_CLASS_README file. </p>
|
ADDRESS_CLASS_README file. </p>
|
||||||
|
|
||||||
<p> The list of domains that are by default delivered via the
|
|
||||||
$local_transport mail delivery transport. By default this is the
|
|
||||||
Postfix local(8) delivery agent which looks up all recipients in
|
|
||||||
/etc/passwd and /etc/aliases. The SMTP server validates recipient
|
|
||||||
addresses with $local_recipient_maps. See also the local domain
|
|
||||||
address class in the ADDRESS_CLASS_README file. </p>
|
|
||||||
|
|
||||||
<p> NOTE: Postfix will not automatically forward mail for domains
|
<p> NOTE: Postfix will not automatically forward mail for domains
|
||||||
that list this system as their primary or backup MX host. See the
|
that list this system as their primary or backup MX host. See the
|
||||||
permit_mx_backup restriction in the postconf(5) manual page. </p>
|
permit_mx_backup restriction in the postconf(5) manual page. </p>
|
||||||
@@ -3327,7 +3320,7 @@ This feature is available in Postfix 2.1 and later.
|
|||||||
|
|
||||||
<p>
|
<p>
|
||||||
The maximal length of message header and body lines that Postfix
|
The maximal length of message header and body lines that Postfix
|
||||||
will send via SMTP. Longer lines are longer are broken by inserting
|
will send via SMTP. Longer lines are broken by inserting
|
||||||
"<CR><LF><SPACE>". This minimizes the damage to
|
"<CR><LF><SPACE>". This minimizes the damage to
|
||||||
MIME formatted mail.
|
MIME formatted mail.
|
||||||
</p>
|
</p>
|
||||||
@@ -3611,6 +3604,7 @@ below it), "/file/name" or "type:table" patterns. A "/file/name"
|
|||||||
pattern is replaced by its contents; a "type:table" lookup table
|
pattern is replaced by its contents; a "type:table" lookup table
|
||||||
is matched when a table entry matches a lookup string (the lookup
|
is matched when a table entry matches a lookup string (the lookup
|
||||||
result is ignored). Continue long lines by starting the next line
|
result is ignored). Continue long lines by starting the next line
|
||||||
|
with whitespace. </p>
|
||||||
|
|
||||||
%PARAM smtpd_authorized_verp_clients $authorized_verp_clients
|
%PARAM smtpd_authorized_verp_clients $authorized_verp_clients
|
||||||
|
|
||||||
@@ -3742,7 +3736,7 @@ restrictions.
|
|||||||
<p>
|
<p>
|
||||||
By default, clients in trusted networks are excluded. Specify a
|
By default, clients in trusted networks are excluded. Specify a
|
||||||
list of network blocks, hostnames or .domain names (the initial
|
list of network blocks, hostnames or .domain names (the initial
|
||||||
initial dot causes the domain to match any name below it).
|
dot causes the domain to match any name below it).
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
@@ -4268,7 +4262,7 @@ supposed to give the result to another Postfix SMTP server process.
|
|||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p> Specify host:port. The host can be specified as an IP address
|
<p> Specify host:port. The host can be specified as an IP address
|
||||||
or was a symbolic name; no MX lookups are done. When no host or
|
or as a symbolic name; no MX lookups are done. When no host or
|
||||||
host: are specified, the local machine is assumed. </p>
|
host: are specified, the local machine is assumed. </p>
|
||||||
|
|
||||||
<p> This feature is available in Postfix 2.1 and later. </p>
|
<p> This feature is available in Postfix 2.1 and later. </p>
|
||||||
@@ -4444,8 +4438,7 @@ address. <br> The unknown_address_reject_code parameter specifies
|
|||||||
the response code for rejected requests (default: 450). The response
|
the response code for rejected requests (default: 450). The response
|
||||||
is always 450 in case of a temporary DNS error.</dd>
|
is always 450 in case of a temporary DNS error.</dd>
|
||||||
|
|
||||||
<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b>
|
<dt><b><a name="reject_unlisted_recipient">reject_unlisted_recipient</a></b> (Postfix 2.0 name: check_recipient_maps)</dt>
|
||||||
(Postfix 2.0 name: check_recipient_maps)</dt>
|
|
||||||
|
|
||||||
<dd> Reject the request when the RCPT TO address is not listed in
|
<dd> Reject the request when the RCPT TO address is not listed in
|
||||||
the list of valid recipients for its domain class. See the
|
the list of valid recipients for its domain class. See the
|
||||||
|
@@ -257,10 +257,11 @@ int vbounce_append(int flags, const char *id, const char *orig_rcpt,
|
|||||||
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
||||||
ATTR_TYPE_END) == 0
|
ATTR_TYPE_END) == 0
|
||||||
&& ((flags & DEL_REQ_FLAG_RECORD) == 0
|
&& ((flags & DEL_REQ_FLAG_RECORD) == 0
|
||||||
|| vtrace_append(flags, id, orig_rcpt, recipient, relay,
|
|| trace_append(flags, id, orig_rcpt, recipient, relay,
|
||||||
entry, dsn_code, dsn_action, fmt, ap) == 0)) {
|
entry, dsn_code, dsn_action,
|
||||||
vlog_adhoc(id, orig_rcpt, recipient, relay,
|
"%s", vstring_str(why)) == 0)) {
|
||||||
entry, log_status, fmt, ap);
|
log_adhoc(id, orig_rcpt, recipient, relay,
|
||||||
|
entry, log_status, "%s", vstring_str(why));
|
||||||
status = (var_soft_bounce ? -1 : 0);
|
status = (var_soft_bounce ? -1 : 0);
|
||||||
} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
|
} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
|
||||||
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
||||||
@@ -384,10 +385,11 @@ int vbounce_one(int flags, const char *queue, const char *id,
|
|||||||
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
||||||
ATTR_TYPE_END) == 0
|
ATTR_TYPE_END) == 0
|
||||||
&& ((flags & DEL_REQ_FLAG_RECORD) == 0
|
&& ((flags & DEL_REQ_FLAG_RECORD) == 0
|
||||||
|| vtrace_append(flags, id, orig_rcpt, recipient, relay,
|
|| trace_append(flags, id, orig_rcpt, recipient, relay,
|
||||||
entry, "5.0.0", "failed", fmt, ap) == 0)) {
|
entry, "5.0.0", "failed",
|
||||||
vlog_adhoc(id, orig_rcpt, recipient, relay,
|
"%s", vstring_str(why)) == 0)) {
|
||||||
entry, "bounced", fmt, ap);
|
log_adhoc(id, orig_rcpt, recipient, relay,
|
||||||
|
entry, "bounced", "%s", vstring_str(why));
|
||||||
status = 0;
|
status = 0;
|
||||||
} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
|
} else if ((flags & BOUNCE_FLAG_CLEAN) == 0) {
|
||||||
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
||||||
|
@@ -224,14 +224,16 @@ int vdefer_append(int flags, const char *id, const char *orig_rcpt,
|
|||||||
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
ATTR_TYPE_STR, MAIL_ATTR_WHY, vstring_str(why),
|
||||||
ATTR_TYPE_END) != 0)
|
ATTR_TYPE_END) != 0)
|
||||||
msg_warn("%s: %s service failure", id, var_defer_service);
|
msg_warn("%s: %s service failure", id, var_defer_service);
|
||||||
vlog_adhoc(id, orig_rcpt, recipient, relay, entry, "deferred", fmt, ap);
|
log_adhoc(id, orig_rcpt, recipient, relay, entry, "deferred",
|
||||||
|
"%s", vstring_str(why));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Traced delivery.
|
* Traced delivery.
|
||||||
*/
|
*/
|
||||||
if (flags & DEL_REQ_FLAG_RECORD)
|
if (flags & DEL_REQ_FLAG_RECORD)
|
||||||
if (vtrace_append(flags, id, orig_rcpt, recipient, relay,
|
if (trace_append(flags, id, orig_rcpt, recipient, relay,
|
||||||
entry, "4.0.0", "deferred", fmt, ap) != 0)
|
entry, "4.0.0", "deferred",
|
||||||
|
"%s", vstring_str(why)) != 0)
|
||||||
msg_warn("%s: %s service failure", id, var_trace_service);
|
msg_warn("%s: %s service failure", id, var_trace_service);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@@ -20,8 +20,8 @@
|
|||||||
* Patches change the patchlevel and the release date. Snapshots change the
|
* Patches change the patchlevel and the release date. Snapshots change the
|
||||||
* release date only.
|
* release date only.
|
||||||
*/
|
*/
|
||||||
#define MAIL_RELEASE_DATE "20040503"
|
#define MAIL_RELEASE_DATE "20040615"
|
||||||
#define MAIL_VERSION_NUMBER "2.1.1"
|
#define MAIL_VERSION_NUMBER "2.1.2"
|
||||||
|
|
||||||
#define VAR_MAIL_VERSION "mail_version"
|
#define VAR_MAIL_VERSION "mail_version"
|
||||||
#ifdef SNAPSHOT
|
#ifdef SNAPSHOT
|
||||||
|
@@ -161,17 +161,22 @@ int vsent(int flags, const char *id, const char *orig_rcpt,
|
|||||||
* Normal mail delivery. May also send a delivery record to the user.
|
* Normal mail delivery. May also send a delivery record to the user.
|
||||||
*/
|
*/
|
||||||
else {
|
else {
|
||||||
|
VSTRING *text = vstring_alloc(10);
|
||||||
|
|
||||||
|
vstring_vsprintf(text, fmt, ap);
|
||||||
if ((flags & DEL_REQ_FLAG_RECORD) == 0
|
if ((flags & DEL_REQ_FLAG_RECORD) == 0
|
||||||
|| vtrace_append(flags, id, orig_rcpt, recipient, relay,
|
|| trace_append(flags, id, orig_rcpt, recipient, relay,
|
||||||
entry, "2.0.0", "delivered", fmt, ap) == 0) {
|
entry, "2.0.0", "delivered",
|
||||||
vlog_adhoc(id, orig_rcpt, recipient, relay,
|
"%s", vstring_str(text)) == 0) {
|
||||||
entry, "sent", fmt, ap);
|
log_adhoc(id, orig_rcpt, recipient, relay,
|
||||||
|
entry, "sent", "%s", vstring_str(text));
|
||||||
status = 0;
|
status = 0;
|
||||||
} else {
|
} else {
|
||||||
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
status = defer_append(flags, id, orig_rcpt, recipient, offset,
|
||||||
relay, entry, "%s: %s service failed",
|
relay, entry, "%s: %s service failed",
|
||||||
id, var_trace_service);
|
id, var_trace_service);
|
||||||
}
|
}
|
||||||
|
vstring_free(text);
|
||||||
return (status);
|
return (status);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@@ -172,8 +172,8 @@ int vtrace_append(int flags, const char *queue_id,
|
|||||||
req_stat = -1;
|
req_stat = -1;
|
||||||
} else {
|
} else {
|
||||||
if (flags & DEL_REQ_FLAG_EXPAND)
|
if (flags & DEL_REQ_FLAG_EXPAND)
|
||||||
vlog_adhoc(queue_id, orig_rcpt, recipient, relay,
|
log_adhoc(queue_id, orig_rcpt, recipient, relay,
|
||||||
entry, dsn_action, fmt, ap);
|
entry, dsn_action, "%s", vstring_str(why));
|
||||||
req_stat = 0;
|
req_stat = 0;
|
||||||
}
|
}
|
||||||
vstring_free(why);
|
vstring_free(why);
|
||||||
|
@@ -134,26 +134,30 @@ int vverify_append(const char *queue_id, const char *orig_rcpt,
|
|||||||
time_t entry, const char *status,
|
time_t entry, const char *status,
|
||||||
int rcpt_stat, const char *fmt, va_list ap)
|
int rcpt_stat, const char *fmt, va_list ap)
|
||||||
{
|
{
|
||||||
|
VSTRING *text = vstring_alloc(10);
|
||||||
int req_stat;
|
int req_stat;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Impedance adaptor between bounce/defer/sent and verify_clnt.
|
* Impedance adaptor between bounce/defer/sent and verify_clnt.
|
||||||
*/
|
*/
|
||||||
|
vstring_vsprintf(text, fmt, ap);
|
||||||
if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) {
|
if (var_verify_neg_cache || rcpt_stat == DEL_RCPT_STAT_OK) {
|
||||||
req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap);
|
req_stat = verify_clnt_vupdate(orig_rcpt, rcpt_stat, fmt, ap);
|
||||||
if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0)
|
if (req_stat == VRFY_STAT_OK && strcasecmp(recipient, orig_rcpt) != 0)
|
||||||
req_stat = verify_clnt_vupdate(recipient, rcpt_stat, fmt, ap);
|
req_stat = verify_clnt_update(recipient, rcpt_stat,
|
||||||
|
"%s", vstring_str(text));
|
||||||
} else {
|
} else {
|
||||||
status = "undeliverable-but-not-cached";
|
status = "undeliverable-but-not-cached";
|
||||||
req_stat = VRFY_STAT_OK;
|
req_stat = VRFY_STAT_OK;
|
||||||
}
|
}
|
||||||
if (req_stat == VRFY_STAT_OK) {
|
if (req_stat == VRFY_STAT_OK) {
|
||||||
vlog_adhoc(queue_id, orig_rcpt, recipient, relay,
|
log_adhoc(queue_id, orig_rcpt, recipient, relay,
|
||||||
entry, status, fmt, ap);
|
entry, status, "%s", vstring_str(text));
|
||||||
req_stat = 0;
|
req_stat = 0;
|
||||||
} else {
|
} else {
|
||||||
msg_warn("%s: %s service failure", queue_id, var_verify_service);
|
msg_warn("%s: %s service failure", queue_id, var_verify_service);
|
||||||
req_stat = -1;
|
req_stat = -1;
|
||||||
}
|
}
|
||||||
|
vstring_free(text);
|
||||||
return (req_stat);
|
return (req_stat);
|
||||||
}
|
}
|
||||||
|
@@ -35,7 +35,7 @@
|
|||||||
/* CONFIGURATION PARAMETERS
|
/* CONFIGURATION PARAMETERS
|
||||||
/* .ad
|
/* .ad
|
||||||
/* .fi
|
/* .fi
|
||||||
/* As the pickup daemon is a relatively long-running process, up
|
/* As the pickup(8) daemon is a relatively long-running process, up
|
||||||
/* to an hour may pass before a \fBmain.cf\fR change takes effect.
|
/* to an hour may pass before a \fBmain.cf\fR change takes effect.
|
||||||
/* Use the command "\fBpostfix reload\fR" command to speed up a change.
|
/* Use the command "\fBpostfix reload\fR" command to speed up a change.
|
||||||
/*
|
/*
|
||||||
|
@@ -36,8 +36,8 @@
|
|||||||
/* .IP "\fBopen\fR \fImaptype:mapname flags\fR"
|
/* .IP "\fBopen\fR \fImaptype:mapname flags\fR"
|
||||||
/* Open the table with type \fImaptype\fR and name \fImapname\fR,
|
/* Open the table with type \fImaptype\fR and name \fImapname\fR,
|
||||||
/* as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
|
/* as controlled by \fIflags\fR. The reply includes the \fImaptype\fR
|
||||||
/* dependent flags (to distinguish a fixed string table from regular
|
/* dependent flags (to distinguish a fixed string table from a regular
|
||||||
/* a expression table).
|
/* expression table).
|
||||||
/* .IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
|
/* .IP "\fBlookup\fR \fImaptype:mapname flags key\fR"
|
||||||
/* Look up the data stored under the requested key.
|
/* Look up the data stored under the requested key.
|
||||||
/* The reply is the request completion status code (below) and
|
/* The reply is the request completion status code (below) and
|
||||||
|
@@ -50,7 +50,7 @@
|
|||||||
/* These files are maintained by the \fBdefer\fR(8) daemon.
|
/* These files are maintained by the \fBdefer\fR(8) daemon.
|
||||||
/* .IP \fBtrace\fR
|
/* .IP \fBtrace\fR
|
||||||
/* Per-recipient status information as requested with the
|
/* Per-recipient status information as requested with the
|
||||||
/* Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv" command\fR.
|
/* Postfix "\fBsendmail -v\fR" or "\fBsendmail -bv\fR" command.
|
||||||
/* These files are maintained by the \fBtrace\fR(8) daemon.
|
/* These files are maintained by the \fBtrace\fR(8) daemon.
|
||||||
/* .PP
|
/* .PP
|
||||||
/* The \fBqmgr\fR daemon is responsible for asking the
|
/* The \fBqmgr\fR daemon is responsible for asking the
|
||||||
@@ -283,7 +283,7 @@
|
|||||||
/* SEE ALSO
|
/* SEE ALSO
|
||||||
/* trivial-rewrite(8), address routing
|
/* trivial-rewrite(8), address routing
|
||||||
/* bounce(8), delivery status reports
|
/* bounce(8), delivery status reports
|
||||||
/* postconf(5) configuration parameters
|
/* postconf(5), configuration parameters
|
||||||
/* master(8), process manager
|
/* master(8), process manager
|
||||||
/* syslogd(8) system logging
|
/* syslogd(8) system logging
|
||||||
/* README FILES
|
/* README FILES
|
||||||
|
@@ -349,6 +349,7 @@ int smtp_connect(SMTP_STATE *state)
|
|||||||
if (++addr_count == var_smtp_mxaddr_limit)
|
if (++addr_count == var_smtp_mxaddr_limit)
|
||||||
next = 0;
|
next = 0;
|
||||||
if ((state->session = smtp_connect_addr(addr, port, why)) != 0) {
|
if ((state->session = smtp_connect_addr(addr, port, why)) != 0) {
|
||||||
|
state->features = 0; /* XXX should be SESSION info */
|
||||||
if (++sess_count == var_smtp_mxsess_limit)
|
if (++sess_count == var_smtp_mxsess_limit)
|
||||||
next = 0;
|
next = 0;
|
||||||
state->final_server = (cpp[1] == 0 && next == 0);
|
state->final_server = (cpp[1] == 0 && next == 0);
|
||||||
@@ -356,13 +357,18 @@ int smtp_connect(SMTP_STATE *state)
|
|||||||
debug_peer_check(state->session->host, state->session->addr);
|
debug_peer_check(state->session->host, state->session->addr);
|
||||||
if (smtp_helo(state, misc_flags) == 0)
|
if (smtp_helo(state, misc_flags) == 0)
|
||||||
smtp_xfer(state);
|
smtp_xfer(state);
|
||||||
if (state->history != 0
|
if (state->history != 0) {
|
||||||
&& (state->error_mask & name_mask(VAR_NOTIFY_CLASSES,
|
if (state->error_mask & name_mask(VAR_NOTIFY_CLASSES,
|
||||||
mail_error_masks, var_notify_classes)))
|
mail_error_masks, var_notify_classes))
|
||||||
smtp_chat_notify(state);
|
smtp_chat_notify(state);
|
||||||
|
smtp_chat_reset(state);
|
||||||
|
}
|
||||||
/* XXX smtp_xfer() may abort in the middle of DATA. */
|
/* XXX smtp_xfer() may abort in the middle of DATA. */
|
||||||
smtp_session_free(state->session);
|
smtp_session_free(state->session);
|
||||||
state->session = 0;
|
state->session = 0;
|
||||||
|
#ifdef USE_SASL_AUTH
|
||||||
|
smtp_sasl_cleanup(state);
|
||||||
|
#endif
|
||||||
debug_peer_restore();
|
debug_peer_restore();
|
||||||
smtp_rcpt_cleanup(state);
|
smtp_rcpt_cleanup(state);
|
||||||
} else {
|
} else {
|
||||||
|
@@ -338,6 +338,8 @@
|
|||||||
/* The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
|
/* The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote
|
||||||
/* SMTP client can send before the Postfix SMTP server starts to
|
/* SMTP client can send before the Postfix SMTP server starts to
|
||||||
/* increment the error counter with each junk command.
|
/* increment the error counter with each junk command.
|
||||||
|
/* .PP
|
||||||
|
/* Available in Postfix version 2.1 and later:
|
||||||
/* .IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
|
/* .IP "\fBsmtpd_recipient_overshoot_limit (1000)\fR"
|
||||||
/* The number of recipients that a remote SMTP client can send in
|
/* The number of recipients that a remote SMTP client can send in
|
||||||
/* excess of the limit specified with $smtpd_recipient_limit, before
|
/* excess of the limit specified with $smtpd_recipient_limit, before
|
||||||
@@ -349,9 +351,6 @@
|
|||||||
/* As of version 2.1, Postfix can be configured to delegate access
|
/* As of version 2.1, Postfix can be configured to delegate access
|
||||||
/* policy decisions to an external server that runs outside Postfix.
|
/* policy decisions to an external server that runs outside Postfix.
|
||||||
/* See the file SMTPD_POLICY_README for more information.
|
/* See the file SMTPD_POLICY_README for more information.
|
||||||
/* .IP "\fBsmtpd_policy_service_timeout (100s)\fR"
|
|
||||||
/* The time limit for connecting to, writing to or receiving from a
|
|
||||||
/* delegated SMTPD policy server.
|
|
||||||
/* .IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
|
/* .IP "\fBsmtpd_policy_service_max_idle (300s)\fR"
|
||||||
/* The time after which an idle SMTPD policy service connection is
|
/* The time after which an idle SMTPD policy service connection is
|
||||||
/* closed.
|
/* closed.
|
||||||
@@ -424,7 +423,7 @@
|
|||||||
/* SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS
|
/* SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS
|
||||||
/* .ad
|
/* .ad
|
||||||
/* .fi
|
/* .fi
|
||||||
/* Postfix version 2.1 introduces sender and address verification.
|
/* Postfix version 2.1 introduces sender and recipient address verification.
|
||||||
/* This feature is implemented by sending probe email messages that
|
/* This feature is implemented by sending probe email messages that
|
||||||
/* are not actually delivered.
|
/* are not actually delivered.
|
||||||
/* This feature is requested via the reject_unverified_sender and
|
/* This feature is requested via the reject_unverified_sender and
|
||||||
|
@@ -24,9 +24,9 @@
|
|||||||
#define SMTPD_PROX_WANT_MORE '3' /* Expect 3XX reply */
|
#define SMTPD_PROX_WANT_MORE '3' /* Expect 3XX reply */
|
||||||
|
|
||||||
extern int smtpd_proxy_open(SMTPD_STATE *, const char *, int, const char *, const char *);
|
extern int smtpd_proxy_open(SMTPD_STATE *, const char *, int, const char *, const char *);
|
||||||
extern int smtpd_proxy_cmd(SMTPD_STATE *, int, const char *,...);
|
extern int PRINTFLIKE(3, 4) smtpd_proxy_cmd(SMTPD_STATE *, int, const char *,...);
|
||||||
extern int smtpd_proxy_rec_put(VSTREAM *, int, const char *, int);
|
extern int smtpd_proxy_rec_put(VSTREAM *, int, const char *, int);
|
||||||
extern int smtpd_proxy_rec_fprintf(VSTREAM *, int, const char *,...);
|
extern int PRINTFLIKE(3, 4) smtpd_proxy_rec_fprintf(VSTREAM *, int, const char *,...);
|
||||||
extern void smtpd_proxy_close(SMTPD_STATE *);
|
extern void smtpd_proxy_close(SMTPD_STATE *);
|
||||||
|
|
||||||
/* LICENSE
|
/* LICENSE
|
||||||
|
@@ -53,7 +53,7 @@
|
|||||||
/* CONFIGURATION PARAMETERS
|
/* CONFIGURATION PARAMETERS
|
||||||
/* .ad
|
/* .ad
|
||||||
/* .fi
|
/* .fi
|
||||||
/* Changes to \fBmain.cf\fR are picked up automatically as smtpd(8)
|
/* Changes to \fBmain.cf\fR are picked up automatically as spawn(8)
|
||||||
/* processes run for only a limited amount of time. Use the command
|
/* processes run for only a limited amount of time. Use the command
|
||||||
/* "\fBpostfix reload\fR" to speed up a change.
|
/* "\fBpostfix reload\fR" to speed up a change.
|
||||||
/*
|
/*
|
||||||
|
@@ -120,7 +120,7 @@
|
|||||||
/* ADDRESS VERIFICATION CONTROLS
|
/* ADDRESS VERIFICATION CONTROLS
|
||||||
/* .ad
|
/* .ad
|
||||||
/* .fi
|
/* .fi
|
||||||
/* Postfix version 2.1 introduces sender and address verification.
|
/* Postfix version 2.1 introduces sender and recipient address verification.
|
||||||
/* This feature is implemented by sending probe email messages that
|
/* This feature is implemented by sending probe email messages that
|
||||||
/* are not actually delivered.
|
/* are not actually delivered.
|
||||||
/* By default, address verification probes use the same route
|
/* By default, address verification probes use the same route
|
||||||
|
@@ -50,8 +50,13 @@
|
|||||||
#endif
|
#endif
|
||||||
#define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0)
|
#define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0)
|
||||||
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin"
|
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin"
|
||||||
|
#if (defined(__NetBSD_Version__) && __NetBSD_Version__ > 200040000)
|
||||||
|
# define USE_STATVFS
|
||||||
|
# define STATVFS_IN_SYS_STATVFS_H
|
||||||
|
#else
|
||||||
# define USE_STATFS
|
# define USE_STATFS
|
||||||
# define STATFS_IN_SYS_MOUNT_H
|
# define STATFS_IN_SYS_MOUNT_H
|
||||||
|
#endif
|
||||||
#define HAS_POSIX_REGEXP
|
#define HAS_POSIX_REGEXP
|
||||||
#define HAS_ST_GEN /* struct stat contains inode generation number */
|
#define HAS_ST_GEN /* struct stat contains inode generation number */
|
||||||
#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
|
#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
|
||||||
|
Reference in New Issue
Block a user