diff --git a/postfix/HISTORY b/postfix/HISTORY
index bc68e68ed..c220acc03 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -11424,6 +11424,18 @@ Apologies for any names omitted.
 	code that handles unavailable transports or destinations.
 	Files: *qmgr/qmgr_deliver.c.
 
+20051121
+
+	Workaround: do not build the bounce.cf.default template
+	while compiling Postfix  - it breaks when the default
+	mail_owner etc. accounts don't exist.  Reported by Liviu
+	Daia.
+
+	Compatibility: added permit_auth_destination emulation to
+	the permit_mx_backup feature. This avoids surprises with
+	sites that used permit_mx_backup to authorize all their
+	incoming mail.
+
 Open problems:
 
 	"postsuper -r" no longer resets the message arrival time,
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index a5f0336fd..044ddf565 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -17,6 +17,14 @@ Incompatibility with Postfix 2.1 and earlier
 If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
 before proceeding.
 
+Incompatibility with snapshot 20051121
+======================================
+
+For compatibility reasons, the permit_mx_backup feature will accept
+mail for authorized destinations (see permit_mx_backup for definition).
+Only with other destinations will it require that the local MTA is
+listed as non-primary MX.
+
 Incompatibility with snapshot 20051120
 ======================================
 
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 242d8643e..c9084d6e4 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -8299,22 +8299,28 @@ contains no sender-specified routing (user@elsewhere@domain).
 
 <dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
 
-<dd>Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain).  Use the optional
-<a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> parameter to require that the primary
-MX hosts match a list of network blocks. <br> NOTE: prior to
-Postfix version 2.0, use of <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
+<dd>Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
 
-<br> NOTE: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> requires
-that the local MTA is not listed as primary MX for the recipient
-domain.  This is for safety reasons.
+<ul>
 
-<br> NOTE: use of <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> is not recommended without
-restricting its use with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>. </dd>
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> can be vulnerable to mis-use when
+access is not restricted with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>.
+
+<li> Safety: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain.  Exception: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> accepts the address
+when it specifies an authorized destination (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
+for definition).
+
+<li> Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
+
+</ul></dd>
 
 <dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
 
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 14fe1e75b..34f297472 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -4769,24 +4769,24 @@ matches $mydestination, $inet_interfaces, $proxy_interfaces,
 $virtual_alias_domains, or $virtual_mailbox_domains, and the address
 contains no sender-specified routing (user@elsewhere@domain).
 .IP "\fBpermit_mx_backup\fR"
-Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain).  Use the optional
-permit_mx_backup_networks parameter to require that the primary
-MX hosts match a list of network blocks.
-.br
-NOTE: prior to
-Postfix version 2.0, use of permit_mx_backup is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
-.br
-NOTE: as of Postfix version 2.3, permit_mx_backup requires
-that the local MTA is not listed as primary MX for the recipient
-domain.  This is for safety reasons.
-.br
-NOTE: use of permit_mx_backup is not recommended without
-restricting its use with permit_mx_backup_networks.
+Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see permit_auth_destination for definition).
+.IP \(bu
+Safety: permit_mx_backup does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+.IP \(bu
+Safety: permit_mx_backup can be vulnerable to mis-use when
+access is not restricted with permit_mx_backup_networks.
+.IP \(bu
+Safety: as of Postfix version 2.3, permit_mx_backup no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain.  Exception: permit_mx_backup accepts the address
+when it specifies an authorized destination (see permit_auth_destination
+for definition).
+.IP \(bu
+Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
 .IP "\fBreject_non_fqdn_recipient\fR"
 Reject the request when the RCPT TO address is not in
 fully-qualified domain form, as required by the RFC.
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index fb3172d14..1bb8b407e 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -5192,22 +5192,28 @@ contains no sender-specified routing (user@elsewhere@domain).
 
 <dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
 
-<dd>Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain).  Use the optional
-permit_mx_backup_networks parameter to require that the primary
-MX hosts match a list of network blocks. <br> NOTE: prior to
-Postfix version 2.0, use of permit_mx_backup is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
+<dd>Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see permit_auth_destination for definition).
 
-<br> NOTE: as of Postfix version 2.3, permit_mx_backup requires
-that the local MTA is not listed as primary MX for the recipient
-domain.  This is for safety reasons.
+<ul>
 
-<br> NOTE: use of permit_mx_backup is not recommended without
-restricting its use with permit_mx_backup_networks. </dd>
+<li> Safety: permit_mx_backup does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+
+<li> Safety: permit_mx_backup can be vulnerable to mis-use when
+access is not restricted with permit_mx_backup_networks.
+
+<li> Safety: as of Postfix version 2.3, permit_mx_backup no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain.  Exception: permit_mx_backup accepts the address
+when it specifies an authorized destination (see permit_auth_destination
+for definition).
+
+<li> Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
+
+</ul></dd>
 
 <dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
 
diff --git a/postfix/src/bounce/Makefile.in b/postfix/src/bounce/Makefile.in
index 9535f27cc..2c0fe4982 100644
--- a/postfix/src/bounce/Makefile.in
+++ b/postfix/src/bounce/Makefile.in
@@ -19,16 +19,19 @@ LIBS	= ../../lib/libmaster.a ../../lib/libglobal.a ../../lib/libutil.a
 
 .c.o:;  $(CC) $(CFLAGS) -c $*.c
 
+all:	$(PROG) ../../conf/bounce.cf.default
+
 $(PROG):	$(OBJS) $(LIBS)
 	$(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS)
 
-# Avoid dependency on installed Postfix.
-../../conf/bounce.cf.default: $(PROG) annotate.pl main.cf
+# Eliminate dependency on installed Postfix.
+../../conf/bounce.cf.default: template_test.ref annotate.pl
 	rm -f $@
-	MAIL_CONFIG=. ./$(PROG) -SVzndump_templates | perl annotate.pl >$@
+	perl annotate.pl <template_test.ref >$@
 
 main.cf:
 	echo queue_directory=. >main.cf
+	echo myhostname=example.com >>main.cf
 
 $(OBJS): ../../conf/makedefs.out
 
@@ -62,6 +65,7 @@ clean:
 tidy:	clean
 
 # Avoid dependency on installed Postfix.
+# XXX This still requires that default_privs, mail_owner etc. accounts exist.
 template_test: $(PROG) main.cf template_test.ref
 	MAIL_CONFIG=. ./$(PROG) -SVzndump_templates >template_test.tmp
 	diff template_test.ref template_test.tmp
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 95a6c3009..0d800ba09 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20051120"
+#define MAIL_RELEASE_DATE	"20051121"
 #define MAIL_VERSION_NUMBER	"2.3"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index 0d9b1c6fa..e37c956d2 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -1560,26 +1560,23 @@ static int permit_mx_backup(SMTPD_STATE *state, const char *recipient,
 	reject_dict_retry(state, recipient);
 
     /*
-     * If the destination is local, it is acceptable, because we are
-     * supposedly MX for our own address.
+     * For backwards compatibility, emulate permit_auth_destination. However,
+     * old permit_mx_backup implementations allow source routing with local
+     * address class.
      */
     if ((domain = strrchr(CONST_STR(reply->recipient), '@')) == 0)
 	return (SMTPD_CHECK_OK);
     domain += 1;
+#if 0
     if (reply->flags & RESOLVE_CLASS_LOCAL)
 	return (SMTPD_CHECK_OK);
-
-    /*
-     * Skip source-routed non-local or virtual mail (uncertain destination).
-     */
+#endif
     if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
 	return (SMTPD_CHECK_DUNNO);
-
-    /*
-     * The destination is local, or it is a local virtual destination.
-     */
     if (reply->flags & RESOLVE_CLASS_FINAL)
 	return (SMTPD_CHECK_OK);
+    if (reply->flags & RESOLVE_CLASS_RELAY)
+	return (SMTPD_CHECK_OK);
 
     if (msg_verbose)
 	msg_info("%s: not local: %s", myname, recipient);
@@ -1617,7 +1614,7 @@ static int permit_mx_backup(SMTPD_STATE *state, const char *recipient,
      */
     mx_list = dns_rr_sort(mx_list, dns_rr_compare_pref);
     for (middle = mx_list; /* see below */ ; middle = rest) {
-	rest = middle->next; 
+	rest = middle->next;
 	if (rest == 0)
 	    break;
 	if (rest->pref != mx_list->pref) {