diff --git a/postfix/FILTER_README b/postfix/FILTER_README index adb7d28fd..7190790fd 100644 --- a/postfix/FILTER_README +++ b/postfix/FILTER_README @@ -128,9 +128,9 @@ for transit mail that arrives and leaves via SMTP, provided that you create no temporary files. Each temporary file adds another factor to the performance loss. -We will set up a content filtering program listening on localhost -port 10025 that receives mail via the SMTP protocol, and that -submits mail back into Postfix via localhost port 10026. +We will set up a content filtering program that receives SMTP mail +via localhost port 10025, and that submits SMTP mail back into +Postfix via localhost port 10026. .................................. : Postfix : @@ -162,7 +162,7 @@ transport table. The content filtering records are added by the smtpd and pickup servers. When a queue file has content filtering information, the queue -manager will deliver the mail to the specified content filtering +manager will deliver the mail to the specified content filter regardless of its final destination. The content filter can be set up with the Postfix spawn service, @@ -183,6 +183,9 @@ you want to have your filter listening on port localhost:10025 instead of Postfix, then you must run your filter as a stand-alone program. +Note: the localhost port 10025 SMTP server filter should announce +itself as "220 localhost...", to silence warnings in the log. + The /some/where/filter command is most likely a PERL script. PERL has modules that make talking SMTP easy. The command-line specifies that mail should be sent back into Postfix via localhost port 10026. diff --git a/postfix/HISTORY b/postfix/HISTORY index d51dc47eb..5e509c65c 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -4960,3 +4960,31 @@ Apologies for any names omitted. Code cleanup: some queue/transport operations need to be moved, after the code cleanup of the recipient/concurrency limit handling. Patrik Rak. Files: *qmgr/qmgr_message.c. + +20010301 + + Feature: configurable name in syslog output (default: + "syslog_name = postfix") so that different Postfix instances + can be recognized by their logging. File: global/mail_task.c. + +20010313 + + Workaround for logic mismatch in nqmgr that was exposed + with the introduction of the asynchronous bounce client. + Patrik Rak. + +20010321 + + Workaround: LMTP connection caching never worked for + destinations starting with unix: or inet:. File: + lmtp/lmtp_connect.c. + +20010322 + + Portability: Solaris <2.6 does not have srandom() and + random() in libc. File: util/rand_sleep.c. It does not + have to be cryptographically strong. + + Bugfix: the fast ETRN flush server could not handle [ipaddr] + or domain names with one-character hostname part. It should + be OK now. File: flush/flush.c. diff --git a/postfix/INSTALL b/postfix/INSTALL index 20d58268c..a12ae5451 100644 --- a/postfix/INSTALL +++ b/postfix/INSTALL @@ -249,6 +249,8 @@ or, if you feel nostalgic, use the Postfix sendmail command: and watch your syslog file for any error messages. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. @@ -290,6 +292,8 @@ or, if you feel nostalgic, use the Postfix sendmail program: and watch your syslog file for any error messages. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. @@ -323,6 +327,8 @@ But the good old sendmail way works just as well: and watch the syslog file for any complaints from the mail system. + % egrep '(reject|warning|error|fatal|panic):' /some/log/file + When it is run for the first time, the Postfix startup shell script will create a bunch of subdirectories below the Postfix spool directory. diff --git a/postfix/LINUX_README b/postfix/LINUX_README index 1b0c41829..35a22a7a4 100644 --- a/postfix/LINUX_README +++ b/postfix/LINUX_README @@ -1,3 +1,9 @@ +LINUX PORTABILITY +================= + +On RedHat Linux 7.0, you must install the db3-devel RPM before you +can compile the Postfix source code. + LINUX SYSLOGD PERFORMANCE ========================= diff --git a/postfix/conf/access b/postfix/conf/access index 78f93f188..59a855eb3 100644 --- a/postfix/conf/access +++ b/postfix/conf/access @@ -76,7 +76,7 @@ # octets separated by ".". # # ACTIONS -# [45]XX text +# [45]NN text # Reject the address etc. that matches the pattern, # and respond with the numerical code and text. # @@ -86,7 +86,7 @@ # OK Accept the address etc. that matches the pattern. # # restriction... -# Apply the named UCE restriction (permit, reject, +# Apply the named UCE restriction(s) (permit, reject, # reject_unauth_destination, and so on). # # REGULAR EXPRESSION TABLES diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index ee1c90c70..fb75a55a2 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -226,14 +226,12 @@ mail_owner = postfix # $inet_interfaces. If this parameter is defined, then the SMTP server # will reject mail for unknown local users. # -# The local_recipient_maps parameter accepts tables with bare usernames -# such as unix:passwd.byname and alias maps. +# If you use the default Postfix local delivery agent for local +# delivery, uncomment the definition below. # # Beware: if the Postfix SMTP server runs chrooted, you may have to -# copy the passwd database into the jail. This is system dependent. -# -# FOR THIS TO WORK, DO NOT SPECIFY VIRTUAL DOMAINS IN MYDESTINATION. -# MYDESTINATION MUST LIST NON-VIRTUAL DOMAINS ONLY. +# copy the passwd (not shadow) database into the jail. This is +# system dependent. # #local_recipient_maps = $alias_maps unix:passwd.byname diff --git a/postfix/conf/postfix-script-nosgid b/postfix/conf/postfix-script-nosgid index 2c5d43ae2..d102a0e3b 100755 --- a/postfix/conf/postfix-script-nosgid +++ b/postfix/conf/postfix-script-nosgid @@ -35,7 +35,7 @@ case $daemon_directory in exit 1 esac -LOGGER="$command_directory/postlog -t postfix-script" +LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script" INFO="$LOGGER -p info" WARN="$LOGGER -p warn" ERROR="$LOGGER -p error" diff --git a/postfix/conf/postfix-script-sgid b/postfix/conf/postfix-script-sgid index a635ef679..d436e4df3 100755 --- a/postfix/conf/postfix-script-sgid +++ b/postfix/conf/postfix-script-sgid @@ -35,7 +35,7 @@ case $daemon_directory in exit 1 esac -LOGGER="$command_directory/postlog -t postfix-script" +LOGGER="$command_directory/postlog -t $MAIL_LOGTAG/postfix-script" INFO="$LOGGER -p info" WARN="$LOGGER -p warn" ERROR="$LOGGER -p error" diff --git a/postfix/conf/sample-compatibility.cf b/postfix/conf/sample-compatibility.cf index 329ee4cf3..868ee5df0 100644 --- a/postfix/conf/sample-compatibility.cf +++ b/postfix/conf/sample-compatibility.cf @@ -4,6 +4,16 @@ # This file contains example settings of Postfix configuration # parameters that control compatibility with broken software. +# The broken_sasl_auth_clients controls inter-operability with SMTP +# clients that do not recognize that Postfix supports RFC 2554 (AUTH +# command). Examples of such clients are MicroSoft Outlook Express +# version 4 and MicroSoft Exchange version 5.0. +# +# Specify broken_sasl_auth_clients=yes to have Postfix advertise +# AUTH support in a non-standard way. +# +broken_sasl_auth_clients = no + # The ignore_mx_lookup_error parameter controls what happens when a # name server fails to respond to an MX lookup request. By default, # Postfix defers delivery and tries again after some delay. Specify diff --git a/postfix/conf/sample-misc.cf b/postfix/conf/sample-misc.cf index 14f9e19b2..3e0d32d4b 100644 --- a/postfix/conf/sample-misc.cf +++ b/postfix/conf/sample-misc.cf @@ -360,6 +360,18 @@ relocated_maps = # syslog_facility = mail +# The syslog_name parameter specifies the mail system name that is +# prepended to the process name in syslog records headers, so that +# "smtpd" becomes "postfix/smtpd". +# +# Beware: a non-default syslog_name setting takes effect only +# after process initialization. Some initialization errors will be +# logged with the default name, especially errors while parsing +# the command line and errors while accessing the Postfix main.cf +# configuration file. +# +syslog_name = postfix + # The trigger_timeout parameter limits the time to send a trigger to # a Postfix daemon. This prevents programs from getting stuck when the # mail system is under heavy load. diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 0818d204c..89db2dcb3 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -87,7 +87,7 @@ ACCESS(5) ACCESS(5) octets separated by ".". ACTIONS - [45]XX text + [45]NN text Reject the address etc. that matches the pattern, and respond with the numerical code and text. @@ -97,7 +97,7 @@ ACCESS(5) ACCESS(5) OK Accept the address etc. that matches the pattern. restriction... - Apply the named UCE restriction (permit, reject, + Apply the named UCE restriction(s) (permit, reject, reject_unauth_destination, and so on). REGULAR EXPRESSION TABLES diff --git a/postfix/html/faq.html b/postfix/html/faq.html index d48c5be2f..d65089113 100644 --- a/postfix/html/faq.html +++ b/postfix/html/faq.html @@ -24,6 +24,8 @@
@@ -186,6 +198,8 @@ domains with "relay access denied"
+
+
+
+
+
+The envelope sender address is also the default value for the From:
+header address, when none is specified in the message.
+
+
+
+To fix, specify the envelope sender address on the sendmail command
+line:
+
+Problems with specific Operating Systems
+
+
+
+
+
+Problems with Compaq
+
+
+
+Problems with IRIX
+
+
+
POP or IMAP problems
@@ -970,6 +1014,30 @@ PERMISSION_SECURITY="secure local"
+sendmail: unable to find out your login name
+
+This message is logged when submitting mail from a process with a
+userid that does not exist in the UNIX password file. Postfix uses
+this information in order to set the envelope sender address.
+
+
+
+
+
+sendmail -f user@domain ...
+
+
+
Running hundreds of Postfix processes on FreeBSD
With hundreds of Postfix processes, the kernel will eventually
@@ -1112,32 +1180,41 @@ depending on the interface that it is supposed to handle.
Postfix responds slowly to incoming SMTP connections
-
-- My Postfix server is too slow. When I telnet to the SMTP port +My Postfix server is too slow. When I telnet to the SMTP port (telnet hostname 25), the response comes after 40 seconds. On the other hand, when I telnet to the the POP port (telnet hostname 110) the response comes with no delay. -
- -
- Answer: - -
- - -This is a DNS configuration problem. Postfix tries to resolve the -SMTP client IP address to a hostname. Apparently, your POP server -does not look up POP clients. +
-The fix is to properly configure the naming service. If you can't -have every host in the DNS, then configure the mail server to look -in /etc/hosts before the DNS, and specify the clients in /etc/hosts. +Answer: -
+ +You have a name service problem. + ++ +Postfix calls the C library routines gethostbyname() and +gethostbyaddr() in order to find out the SMTP client hostname. +These library routines use several system configuration files in +order to satisfy the request. They may in fact end up calling the +DNS for reasons that are not under control by Postfix. + +
+ +Depending on your system, these controlling files can be named +/etc/nsswitch.conf, /etc/svcorder, /etc/host.conf +or otherwise. Those files specify whether the C library routines +will use local /etc/hosts before or after DNS. + +
+ +Enabling chroot operation adds a non-trivial barrier for +system penetrators. + +
+ +Two solutions: + +
+ +
+Sendmail-style virtual domains are not supported in Postfix versions +released before 20001118. + +
+ Be sure to follow instructions in the virtual manual page. @@ -2909,6 +3020,36 @@ href="http://www.isc.org/"> http://www.isc.org/
.+ +Postfix sets the execute bit on a queue file to indicate that it +is done receiving a message. As long as a queue file does not have +the execute bit set, Postfix will ignore it as "mail still being +received". + +
+ +With enhanced security enabled, Compaq Tru64 UNIX has a feature +that disallows non-superuser attempts to set the execute bit on a +queuefile. Unfortunately, Postfix is never informed that such +attempts fail, and mail seems to disappear into a black hole. + +
+ +Postfix could be modified to use some other bit than the execute +bit, but that might equally well fail on other systems. Another +possibility is to allow non-superusers to set the execute bit on +files, and to mount the Postfix queue file system with the +noexec option or equivalent. + +