snapshot-20000104

postfix/HISTORY

@@ -3515,3 +3515,31 @@ Apologies for any names omitted.
 	to enable LMTP delivery over UNIX-domain sockets. The goal
 	is to simplify the experimental LMTP delivery agent by
 	ripping out the privileged code that forks the LMTP server.
+
+20000102
+
+	Clarified documentation after early feedback on the 19991231
+	release by Drew Derbyshire, Ollivier Robert, Khetan Gajjar.
+
+	Sanity check: a common error is to list Postfix virtual
+	domains in the mydestination parameter. This causes the
+	new optional local_recipient_maps feature to reject mail
+	for virtual users.  The SMTP server now explicitly tests
+	for this common error and logs a warning instead of refusing
+	the mail.  File:  smtpd/smtpd_check.c.
+
+20000104
+
+	Bugfix: a case sensitivity bug had slipped through in the
+	anti-relaying code, causing mail for USER@VIRTUAL.DOMAIN
+	to be rejected with "relay access denied". This was found
+	by Jim Maenpaa @ jmm.com.
+
+	Questionable feature: set "smtp_skip_5xx_greeting = yes"
+	to make Postfix more sendmail compatible, even though this
+	is wrong, IMNSHO. File: smtp/smtp_connect.c.
+
+	Portability: Ultrix patch from Simon Burge @ thistledown.com.au.
+
+	Portability: Siemens Pyramid (dcosx) patch by Thomas D.
+	Knox @ vushta.com.

postfix/RELEASE_NOTES

@@ -1,3 +1,14 @@
+Incompatible changes with snapshot-20000104
+===========================================
+
+None sofar.
+
+Major changes with snapshot-20000104
+====================================
+
+Questionable feature: with "smtp_skip_5xx_greeting = yes", Postfix
+emulates brain damage found in some other MTAs.
+
 Incompatible changes with postfix-19991231:
 ===========================================
 
@@ -76,10 +87,10 @@ installation can be done without write access to the build tree.
 - The SMTP server now rejects mail for unknown users in virtual
 domains that are defined by Postfix virtual maps.
 
-- The SMTP server optionally rejects mail for unknown local users.
+- The SMTP server can reject mail for unknown local users.  Specify
-Use "local_recipient_maps = $alias_maps, unix:passwd.byname" if
+"local_recipient_maps = $relocated_maps, $alias_maps, unix:passwd.byname"
-your local mail is delivered by a UNIX-style local delivery agent.
+if your local mail is delivered by a UNIX-style local delivery
-See example in conf/main.cf.
+agent.  See example in conf/main.cf.
 
 - Use "disable_vrfy_command = yes" to disable the SMTP VRFY command.
 This prevents some forms of address harvesting.

postfix/conf/access

@@ -10,12 +10,21 @@
 #	to selectively reject or accept mail from or to specific hosts,
 #	domains, networks, host addresses or mail addresses.
 #
-#	The table serves as input to the \fBpostmap\fR(1) command. The
+#	Normally, the table serves as input to the \fBpostmap\fR(1) command.
-#	result, an indexed file in \fBdbm\fR or \fBdb\fR format,
+#	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 #	is used for fast searching by the mail system. After an update
 #	it may take a minute or so before the change becomes visible.
 #	Issue a \fBpostfix reload\fR command to eliminate the delay.
 #
+#	When the table is provided via other means such as NIS, LDAP
+#	or SQL, the same lookups are done as for ordinary indexed files.
+#
+#	Alternatively, the table can be provided as a regular-expression
+#	map where patterns are given as regular expressions. In that case,
+#	the lookups are done in a slightly different way as described below.
+# TABLE FORMAT
+# .ad
+# .fi
 #	The format of the access table is as follows:
 # .IP "blanks and comments"
 #	Blank lines are ignored, as are lines beginning with `#'.
@@ -23,14 +32,15 @@
 #	When \fIpattern\fR matches a mail address, domain or host address,
 #	perform the corresponding \fIaction\fR.
 # PATTERNS
-#	Patterns are tried in the order as listed below:
 # .ad
 # .fi
+#	With lookups from indexed files, patterns are tried in the order as
+#	listed below:
 # .IP \fIuser\fR@\fIdomain\fR
 #	Matches the specified mail address.
 # .IP \fIdomain.name\fR
-#	Matches the \fIdomain.name\fR itself and any subdomain thereof, 
+#	Matches the \fIdomain.name\fR itself and any subdomain thereof,
-#	either in hostnames or in mail addresses. Top-level domains will 
+#	either in hostnames or in mail addresses. Top-level domains will
 #	never be matched.
 # .IP \fIuser\fR@
 #	Matches all mail addresses with the specified user part.
@@ -52,11 +62,34 @@
 # .IP \fBOK\fR
 # .IP "\fIAny other text\fR"
 #	Accept the address etc. that matches the pattern.
+# REGULAR EXPRESSION TABLES
+# .ad
+# .fi
+#	This section describes how the table lookups change when the table
+#	is given in the form of regular expressions. For a description of
+#	regular expression lookup table syntax, see \fBregexp_table\fR(5)
+#	or \fBpcre_table\fR(5).
+#
+#	Patterns become regular expressions that are applied to the entire
+#	string being looked up. Depending on the application, that string
+#	is an entire client hostname, an entire client IP address, or an
+#	entire mail address.
+#
+#	In contrast to the normal lookups from indexed files, no parent
+#	domain or network search is done, and \fIuser@domain\fR mail
+#	addresses are not broken up into their \fIuser@\fR and \fIdomain\fR
+#	constituent parts.
+#
+#	Actions are the same as with normal indexed file lookups, with
+#	the additional feature that parenthesized substrings from the
+#	pattern can be interpolated as \fB$1\fR, \fB$2\fR and so on.
 # BUGS
 #	The table format does not understand quoting conventions.
 # SEE ALSO
 #	postmap(1) create mapping table
 #	smtpd(8) smtp server
+#	pcre_table(5) format of PCRE tables
+#	regexp_table(5) format of POSIX regexp tables
 # LICENSE
 # .ad
 # .fi

postfix/conf/main.cf

@@ -125,7 +125,10 @@ mail_owner = postfix
 # Beware: if the Postfix SMTP server runs chrooted, you may have to
 # copy the passwd database into the jail. This is system dependent.
 #
-#local_recipient_maps = $alias_maps unix:passwd.byname
+# FOR THIS TO WORK, DO NOT SPECIFY VIRTUAL DOMAINS IN MYDESTINATION.
+# MYDESTINATION MUST LIST NON-VIRTUAL DOMAINS ONLY.
+#
+#local_recipient_maps = $relocated_maps $alias_maps unix:passwd.byname
 
 # ADDRESS REWRITING
 #

postfix/global/mail_params.h

@@ -576,6 +576,10 @@ extern int var_smtp_quit_tmout;
 #define DEF_SMTP_SKIP_4XX	0
 extern bool var_smtp_skip_4xx_greeting;
 
+#define VAR_SMTP_SKIP_5XX	"smtp_skip_5xx_greeting"
+#define DEF_SMTP_SKIP_5XX	0
+extern bool var_smtp_skip_5xx_greeting;
+
 #define VAR_IGN_MX_LOOKUP_ERR	"ignore_mx_lookup_error"
 #define DEF_IGN_MX_LOOKUP_ERR	0
 extern bool var_ign_mx_lookup_err;

postfix/global/mail_version.h

@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Postfix-19991231"
+#define DEF_MAIL_VERSION	"Snapshot-20000104"
 extern char *var_mail_version;
 
 /* LICENSE

postfix/html/faq.html

@@ -28,9 +28,9 @@
 
 <li><a href="#relaying">Mail relaying</a>
 
-<li><a href="#remote_delivery">Delivery to remote systems</a>
+<li><a href="#remote_delivery">Remote delivery</a>
 
-<li><a href="#local_delivery">Delivery to local (non-virtual) addresses</a>
+<li><a href="#local_delivery">Local (non-virtual) delivery</a>
 
 <li><a href="#mailing_lists">Mailing lists</a>
 
@@ -87,6 +87,8 @@ distribution list</a>
 
 <li><a href="#majordomo-approve">Postfix breaks the majordomo "approve" command</a>
 
+<li><a href="#skip_greeting">Postfix does not try all the MX addresses</a>
+
 </ul>
 
 <a name="relaying"><h3>Mail relaying</h3>
@@ -97,22 +99,24 @@ distribution list</a>
 
 <li><a href="#mobile">Relaying mail for mobile users</a>
 
-<li><a href="#relay_virtual">Postfix refuses to receive mail for some
+<li><a href="#virtual_setup">Postfix refuses mail for virtual
-virtual domains</a>
+domains with "relay access denied"</a>
 
 <li><a href="#relay_restrict">Restricting what users can send mail to off-site destinations</a>
 
 </ul>
 
-<a name="remote_delivery"><h3>Delivery to remote systems</h3>
+<a name="remote_delivery"><h3>Remote delivery</h3>
 
 <ul>
 
 <li><a href="#timeouts">Mail fails consistently with timeout or lost connection</a>
 
+<li><a href="#skip_greeting">Postfix does not try all the MX addresses</a>
+
 </ul>
 
-<a name="local_delivery"><h3>Delivery to local (non-virtual) addresses</h3>
+<a name="local_delivery"><h3>Local (non-virtual) delivery</h3>
 
 <ul>
 
@@ -155,12 +159,24 @@ distribution list</a>
 
 <ul>
 
+<li><a href="#virtual_setup">How to configure a Postfix virtual domain</a>
+
+<li><a href="#virtual_setup">Postfix does not refuse mail for
+unknown virtual users</a>
+
+<li><a href="#virtual_setup">Mail for unknown virtual users fails
+with "mail loops back to myself"</a>
+
+<li><a href="#virtual_setup">Postfix refuses mail for virtual
+domains with "user unknown"</a>
+
+<li><a href="#virtual_setup">Postfix refuses mail for virtual
+domains with "relay access denied"</a>
+
 <li><a href="#command">Commands don't work in Postfix virtual maps</a>
 
-<li><a href="#unknown_virtual">Rejecting mail for unknown virtual users</a>
+<li><a href="#domain_mailbox">Receiving a virtual domain in a
-
+mailbox</a>
-<li><a href="#relay_virtual">Postfix refuses to receive mail for some
-virtual domains</a>
 
 </ul>
 
@@ -200,7 +216,7 @@ virtual domains</a>
 
 <li><a href="#dbm_dirfno">Undefined symbols: dbm_pagfno, dbm_dirfno etc.</a>
 
-<li><a href="#db">Using DB libraries on Solaris etc.</a>
+<li><a href="#db">Using third-party DB libraries</a>
 
 </ul>
 
@@ -234,7 +250,7 @@ needs tweaking only if you have a very slow or a very fast net/machine.
 
 Workstation:
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         myorigin = $mydomain
 </pre>
 
@@ -242,7 +258,7 @@ Workstation:
 
 Server:
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         myorigin = $mydomain
         mydestination = $myhostname, localhost.$mydomain, $mydomain
 </pre>
@@ -259,7 +275,7 @@ workstation:
 
 Server:
 <pre>
-    <b>/etc/aliases</b>:
+    /etc/aliases:
         joe:    joe@joes.workstation
         jane:   jane@janes.workstation
 </pre>
@@ -287,11 +303,11 @@ domain.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         myorigin = $mydomain
         relayhost = $mydomain
 
-    <b>/etc/postfix/master.cf</b>:
+    /etc/postfix/master.cf:
         Comment out the SMTP server entry
         Comment out the local delivery agent entry
 </pre>
@@ -318,7 +334,7 @@ to let that mail gateway take care of forwarding.
 because it allows users to change machines without hassle.
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         myorigin = $mydomain
 </pre>
 
@@ -330,7 +346,7 @@ for mail for the local machine:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         relayhost = $mydomain
 </pre>
 
@@ -347,7 +363,7 @@ specify the intranet mail gateway host itself:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         relayhost = host.my.domain
 </pre>
 
@@ -359,7 +375,7 @@ DNS lookups as well:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         disable_dns_lookups = yes
 </pre>
 
@@ -378,13 +394,13 @@ href="transport.5.html">transport</a> table lookups.
 <p>
 
 <pre>
-    <b>/etc/postfix/transport</b>:
+    /etc/postfix/transport:
         my.domain               smtp:
         .my.domain              smtp:
-        thishost.my.domain      local:        <blink>!important!</blink>
+        thishost.my.domain      local:        !!!important!!!
-        localhost.my.domain     local:        <blink>!important!</blink>
+        localhost.my.domain     local:        !!!important!!!
 
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         transport_maps = hash:/etc/postfix/transport
 </pre>
 
@@ -395,8 +411,9 @@ else mail will bounce with a "mail loops to myself" condition.
 
 <p>
 
-Specify <b>dbm:/etc/postfix/transport</b> if your system
+Specify <b>dbm:/etc/postfix/transport</b> if your system uses
-uses <b>dbm</b> files instead of <b>db</b>.
+<b>dbm</b> files instead of <b>db</b>. To find out what map types
+Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -438,23 +455,24 @@ route mail for <i>my.domain</i> to the inside machine:
 <p>
 
 <pre>
-<b>/etc/postfix/main.cf</b>:
+/etc/postfix/main.cf:
     mydestination = $myhostname, my.domain, localhost.my.domain
     relay_domains =
     transport_maps = hash:/etc/postfix/transport
 
-<b>/etc/postfix/transport</b>:
+/etc/postfix/transport:
     my.domain   smtp:inside-gateway.my.domain   (forwards user@domain)
     .my.domain  smtp:inside-gateway.my.domain   (forwards user@firewall)
 
-<b>/etc/postfix/master.cf</b>:
+/etc/postfix/master.cf:
     Comment out the local delivery agent
 </pre>
 
 <p>
 
-Specify <b>dbm:/etc/postfix/transport</b> if your system uses <b>dbm</b>
+Specify <b>dbm:/etc/postfix/transport</b> if your system uses
-files instead of <b>db</b>.
+<b>dbm</b> files instead of <b>db</b>. To find out what map types
+Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -498,7 +516,7 @@ that is connected all the time.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf:</b>
+    /etc/postfix/main.cf:
         relayhost = smtprelay.someprovider.com
 </pre>
 
@@ -518,7 +536,7 @@ calls from being placed, disable spontaneous SMTP mail deliveries.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf:</b>
+    /etc/postfix/main.cf:
         defer_transports = smtp (Only for systems that use on-demand dialup IP)
 </pre>
 
@@ -537,7 +555,7 @@ To prevent these delays, disable all SMTP client DNS lookups.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         disable_dns_lookups = yes (Only for delivery across LANs that are disconnected most of the time)
 </pre>
 
@@ -644,7 +662,7 @@ four hours, specify:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>
+    /etc/postfix/main.cf:
 	delay_warning_time = 4
 </pre>
 
@@ -731,6 +749,8 @@ mail for arbitrary non-local destinations:
 <p>
 
 Don't Panic!  Upgrade to a Postfix version of 19991227 or later.
+To find out what Postfix version you have, execute the command
+<b>postconf mail_version</b>.
 
 <p>
 
@@ -816,12 +836,12 @@ ahead of the other SMTPD recipient restrictions:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions = 
 	    regexp:/etc/postfix/regexp_access
-	    <i>...other restrictions...</i>
+	    ...other restrictions...
 
-    <b>/etc/postfix/regexp_access</b>:
+    /etc/postfix/regexp_access:
         /[%!@].*[%!@]/ 550 Sender specified routing is not supported here.
 </pre>
 
@@ -858,13 +878,13 @@ a Postfix-compatible access table with client IP address information:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions =
             permit_mynetworks
             check_client_access hash:/etc/postfix/client_access
             check_relay_domains
 
-    <b>/etc/postfix/client_access</b>:
+    /etc/postfix/client_access:
         4.3.2.1         OK
         5.4.3.2         987654321
 </pre>
@@ -872,7 +892,8 @@ a Postfix-compatible access table with client IP address information:
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -893,18 +914,18 @@ spammer ever finds out the address of your users.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions =
             permit_mynetworks
             check_client_access hash:/etc/postfix/client_access
             check_sender_access hash:/etc/postfix/sender_access
             check_relay_domains
 
-    <b>/etc/postfix/client_access</b>:
+    /etc/postfix/client_access:
         11.22.33                OK
         dialup.isp.com          OK
 
-    <b>/etc/postfix/sender_access</b>:
+    /etc/postfix/sender_access:
         joe@my.domain           OK
         blow@my.domain          OK
 </pre>
@@ -955,7 +976,7 @@ LDAP or SQL.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions =
             hash:/etc/postfix/restricted_senders
             ...other stuff...
@@ -963,11 +984,11 @@ LDAP or SQL.
         restriction_classes = local_only
         local_only = check_recipient_access hash:/etc/postfix/local_domains, reject
 
-    <b>/etc/postfix/restricted_senders</b>:
+    /etc/postfix/restricted_senders:
         foo@domain      local_only
         bar@domain      local_only
 
-    <b>/etc/postfix/local_domains</b>:
+    /etc/postfix/local_domains:
         this.domain     OK      (matches this.domain and subdomains)
         that.domain     OK      (matches that.domain and subdomains)
 </pre>
@@ -975,7 +996,8 @@ LDAP or SQL.
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -1077,6 +1099,66 @@ and convince the person responsible for it to fix the configuration.
 
 <hr>
 
+<a name="skip_greeting"><h3>Postfix does not try all the MX
+addresses</h3>
+
+When delivering mail, Postfix tries all MX addresses in order of
+preference, and stops at the first server that speaks SMTP.
+
+<p>
+
+If the first server that speaks SMTP rejects the connection by
+greeting the client with a 5xx status code, which means "I will
+never accept your mail", Postfix gives up and bounces the message
+to the sender.
+
+<p>
+
+If the first server that speaks SMTP rejects the connection by
+greeting the client with a 4xx status code, which means "come back
+later", Postfix backs off and defers delivery until later.
+
+<p>
+
+Some people will argue that Postfix should contact the other MX
+addresses even when the server greets with 4xx or 5xx, if only
+because that is what Sendmail does, and of course we know that
+everything Sendmail does is right.
+
+<p>
+
+Unfortunately, some people configure their infrastructure badly.
+Their most preferred MX server is visible to the world but it
+rejects connections from outside with a 5xx or 4xx greeting. Just
+because Sendmail goes to the second-best MX server, these people
+assume that every mailer will do so.
+
+<p>
+
+If such configurations are a problem for you, below are some controls
+that work around them.
+
+<p>
+
+<pre>
+    /etc/postfix/main.cf:
+	smtp_skip_4xx_greeting = yes
+	smtp_skip_5xx_greeting = yes
+</pre>
+
+<p>
+
+The <b>smtp_skip_5xx_greeting</b> is present in Postfix releases
+later than 20000104. To find out what Postfix version you have,
+use the command <b>postconf mail_version</b>.
+
+<p>
+
+Execute the command <b>postfix reload</b> to make the change
+effective immediately.
+
+<hr>
+
 <a name="root"> <h3>Root's mail is delivered to nobody</h3>
 
 If you use <a href="#procmail">procmail</a> (or some other command)
@@ -1101,7 +1183,7 @@ real user.
 <p>
 
 <pre>
-<b>/etc/aliases:</b>
+/etc/aliases:
     root:       you
 </pre>
 
@@ -1122,12 +1204,17 @@ To find out the location for your system, execute the command
 
 <a name="bogus"><h3>Postfix accepts mail for non-existing local users</h3>
 
-The information in this section applies to Postfix versions 19991216
+See elsewhere for how to reject mail for <a href="#virtual_setup">unknown
-and later. See elsewhere for <a href="#unknown_virtual">unknown
 virtual</a> users.
 
 <p>
 
+The information in this section applies to Postfix versions 19991216
+and later.  To find out what Postfix version you have, execute the
+command <b>postconf mail_version</b>.
+
+<p>
+
 By default, the Postfix SMTP server does not know what local users
 exist, and will happily accept mail for <i>unknown@your.site</i>.
 The reason is that different local delivery agents have different
@@ -1139,27 +1226,31 @@ Of course mail for a non-existent local user will eventually bounce
 as undeliverable, but why accept such mail in the first place? You
 can tell the Postfix SMTP server how to find out if a user exists by
 listing all tables with local addresses in the <b>local_recipient_maps</b>
-parameter:
+parameter. 
+
+<p>
+
+For example, if you use the default Postfix local delivery agent
+in <b>/etc/postfix/master.cf</b>, specify:
 
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
-	local_recipient_maps = $alias_maps, unix:passwd.byname
+	local_recipient_maps = $relocated_maps $alias_maps, unix:passwd.byname
 </pre>
 
 <p>
 
-The above should work on UNIX systems, provided that you use the
+However, if you run the Postfix SMTP server chrooted, on some
-Postfix local delivery agent. However, if you run the Postfix SMTP
+systems it will be necessary to have a copy of the passwd file
-server chrooted, on some systems it will be necessary to have a
+inside the chroot jail (typically: in <b>/var/spool/postfix/etc</b>).
-copy of the passwd file inside the chroot jail (typically: in
+The only way to find out is to try.
-<b>/var/spool/postfix/etc</b>).
 
 <p>
 
 By default, the Postfix SMTP server does know about Postfix <a
-href="virtual.5.html">virtual</a> maps, and will reject mail for
+href="#virtual_setup">virtual</a> maps, and will reject mail for
 <i>unknown@virtual.domain</i> without further configuration.
 
 <hr>
@@ -1175,7 +1266,7 @@ domain is to be appended to addresses that do not have a domain:
 <p>
 
 <pre>
-<b>/etc/postfix/main.cf</b>:
+/etc/postfix/main.cf:
     myorigin = domain.name
 </pre>
 
@@ -1188,10 +1279,10 @@ destinations:
 <p>
 
 <pre>
-<b>/etc/postfix/main.cf</b>:
+/etc/postfix/main.cf:
     virtual_maps = hash:/etc/postfix/virtual
 
-<b>/etc/postfix/virtual</b>:
+/etc/postfix/virtual:
     root        root@localhost
     postmaster  postmaster@localhost
 </pre>
@@ -1199,7 +1290,8 @@ destinations:
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -1225,7 +1317,7 @@ for example:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         home_mailbox = Maildir/
 </pre>
 
@@ -1259,10 +1351,10 @@ For example:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         mailbox_command = /path/to/procmail
 
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         mailbox_command = /path/to/procmail -a $EXTENSION
 </pre>
 
@@ -1351,29 +1443,16 @@ expression-based filter at the SMTP port:
 
 <p>
 
-<dl>
+<pre>
+    /etc/postfix/main.cf:
+	smtpd_recipient_restrictions = 
+	    ... regexp:/etc/postfix/access_regexp ...
+	smtpd_recipient_restrictions = 
+	    ... pcre:/etc/postfix/access_regexp ...
 
-<dt><b>/etc/postfix/main.cf:</b>
+    /etc/postfix/access_regexp:
-
+	/^(.*)-outgoing@(.*)/   554 Use $1@$2 instead
-<dl>
+</pre>
-
-<dt><tt>smtpd_recipient_restrictions = ... regexp:/etc/postfix/access_regexp ...</tt>
-
-<dt><tt>smtpd_recipient_restrictions = ... pcre:/etc/postfix/access_regexp ...</tt>
-
-</dl>
-
-<p>
-
-<dt><b>/etc/postfix/access_regexp:</b>
-
-<dl>
-
-<dt><tt>/^(.*)-outgoing@(.*)/   554 Use $1@$2 instead</tt>
-
-</dl>
-
-</dl>
 
 <p>
 
@@ -1418,11 +1497,10 @@ script to strip any header lines that match:
 
 <p>
 
-<dl>
+<pre>
+    /delivered-to/i
 
-<dd><b>/delivered-to/i</b>
+</pre>
-
-</dl>
 
 <p>
 
@@ -1456,19 +1534,20 @@ to IP spoofing.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions =
             hash:/etc/postfix/access
             ..the usual stuff...
 
-    <b>/etc/postfix/access</b>:
+    /etc/postfix/access:
         all     permit_mynetworks,reject
 </pre>
 
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -1492,7 +1571,7 @@ therefore is subject to SMTP sender spoofing.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         smtpd_recipient_restrictions =
             hash:/etc/postfix/protected_destinations
             ..the usual stuff...
@@ -1500,11 +1579,11 @@ therefore is subject to SMTP sender spoofing.
         smtpd_restriction_classes = insiders_only
         insiders_only = check_sender_access hash:/etc/postfix/insiders, reject
 
-    <b>/etc/postfix/protected_destinations</b>:
+    /etc/postfix/protected_destinations:
         all@my.domain   insiders_only
         all@my.hostname insiders_only
 
-    <b>/etc/postfix/insiders</b>:
+    /etc/postfix/insiders:
         my.domain       OK
         another.domain  OK
 </pre>
@@ -1527,6 +1606,67 @@ sense to make it moderated.
 
 <hr>
 
+<a name="virtual_setup"><h3>How to configure a Postfix virtual domain</h3>
+
+Problem:
+
+<p> 
+
+<ul>
+
+<li>Postfix does not refuse mail for unknown virtual users.
+
+<li>Mail for unknown virtual users fails with "mail loops back to
+myself".
+
+<li>Postfix refuses mail for virtual domains with "user unknown".
+
+<li>Postfix refuses mail for virtual domains with "relay access
+denied".
+
+</ul>
+
+<p>
+
+Solution:
+
+<p>
+
+<ul>
+
+<li> Add a magical entry to the Postfix virtual maps for
+each Postfix virtual domain:
+
+<p>
+
+<pre>
+    /etc/postfix/virtual:
+        virtual.domain whatever
+</pre>
+
+<p>
+
+<li> Do not list Postfix virtual domains in the <a
+href="basic.html#mydestination">mydestination</a> parameter.
+
+<li> Do not list Postfix virtual maps in the <b>local_recipient_maps</b>
+parameter.
+
+<li>As of Postfix version 19991226 it is no longer necessary to
+specify virtual maps in the <a
+href="uce.html#relay_domains">relay_domains</a> parameter.  To find
+out what Postfix version you have, execute the command <b>postconf
+mail_version</b>.
+
+</ul>
+
+<p>
+
+For more information on how to set up virtual domains, see the <a
+href="virtual.5.html">virtual</a> manual page.
+
+<hr>
+
 <a name="command"><h3>Commands don't work in Postfix virtual maps</h3>
 
 Delivering mail to a command is a security-sensitive operation,
@@ -1556,7 +1696,7 @@ privileges.
 <p>
 
 <pre>
-    <b>/etc/aliases</b>:
+    /etc/aliases:
         name-virtual.domain     "|/some/where/command..."
 </pre>
 
@@ -1572,7 +1712,7 @@ alias database.
 <p>
 
 <pre>
-    <b>/etc/postfix/virtual</b>:
+    /etc/postfix/virtual:
         virtual.domain          whatever
         name@virtual.domain     name-virtual.domain
 </pre>
@@ -1593,67 +1733,69 @@ To find out the location for your system, execute the command
 
 <hr>
 
-<a name="unknown_virtual"><h3>Rejecting mail for unknown virtual users</h3>
+<a name="domain_mailbox"><h3>Receiving a virtual domain in a mailbox</h3>
 
-Problem: mail for an unknown virtual user is misdelivered to a local
+Question: how to receive all mail for a domain in a mailbox without
-user with the same name.
+losing the original recipient information? The Postfix Delivered-To:
+mail header shows only the mailbox owner, not the virtual address
+that the mail was sent to.
 
 <p>
 
-Problem: mail for an unknown virtual user results in an ugly "mail
+Answer: I hope we all agree that delivering a domain to a mailbox
-loops back to myself" error from Postfix.
+is disgusting practice. Forwarding mail via SMTP or UUCP would be
+a much better choice.  Unfortunately, neither SMTP nor UUCP are a
+usable alternative for legions of windows users.
 
 <p>
 
-Solution: add a magical entry to the Postfix virtual database:
+That said, it is possible to propagate the original virtual recipient
+information to the Delivered-To: header. The trick is to use a
+virtual map that uses regular expressions instead of the more
+traditional indexed files.
+
+<p>
+
+The following delivers <i>username@virtual.domain</i> with a
+Delivered-To: message header that contains <i>joe+username@your.domain</i>.
+Postfix already puts the envelope sender address in the Return-Path:
+header.  The information in the Delivered-To: and Return-Path:
+headers is sufficient to reliably implement a domain in a mailbox.
 
 <p>
 
 <pre>
-    <b>/etc/postfix/virtual</b>:
+    /etc/postfix/main.cf:
-        virtual.domain whatever
+	recipient_delimiter = +
+	virtual_maps = 
+	    ...non-regexp virtual maps...
+	    regexp:/etc/postfix/virtual_regexp
+
+    /etc/postfix/virtual_regexp:
+	/^virtual\.domain$/		whatever
+	/^(.*\)@virtual\.domain$/	joe+$1
 </pre>
 
 <p>
 
-This entry will also fix the problem that the Postfix SMTP server
+Notes:
-refuses to <a href="#relay_virtual">receive</a> mail for the virtual
-domain.
-
-<p>
-
-For more information on how to set up virtual domains, see the <a
-href="virtual.5.html">virtual</a> manual page.
-
-<hr>
-
-<a name="relay_virtual"><h3>Postfix refuses to receive mail for some
-virtual domains </h3>
-
-In order to receive mail for virtual domains, the Postfix SMTP server
-needs to know that the domain is OK.
-
-<p>
 
 <ul>
 
-<li>Create an entry in the virtual map that lists the virtual
+<li> Be sure to specify the <b>^</b> and <b>\</b> and <b>$</b> or
-domain name:
+else you may have false hits.
 
-<p>
+<li> Maps with regular expressions are searched sequentially. This
+can be expensive when you list many domains in regular expression
+maps.
 
-<pre>
+<li> Postfix has <b>regexp </b> map support only on modern UNIXes.
-    <b>/etc/postfix/virtual</b>:
+Instead of <b>regexp </b> maps your Postfix system may also support
-        virtual.domain      whatever
+<b>pcre</b> maps which have a similar syntax. To find out what maps
-</pre>
+your system supports, use the command <b>postconf -m</b>.
 
 </ul>
 
-<p>
-
-For more details, see the <a href="virtual.5.html">virtual</a>
-manual page.
-
 <hr>
 
 <a name="masquerade"><h3>Address masquerading with exceptions</h3></a>
@@ -1675,7 +1817,7 @@ coming from <i>user@my.domain</i>, specify:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         masquerade_domains = $mydomain
 </pre>
 
@@ -1702,7 +1844,7 @@ such as <b>root</b>, specify:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         masquerade_exceptions = root
 </pre>
 
@@ -1714,7 +1856,7 @@ such as <b>root</b>, specify:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         masquerade_domains = somehost.my.domain otherhost.my.domain $mydomain
 </pre>
 
@@ -1760,7 +1902,7 @@ Examples:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         mailbox_command = /some/program ...
 </pre>
 
@@ -1768,14 +1910,14 @@ Examples:
 
 This example specifies a command that delivers all local mail to
 mailbox.  See the sample <b>main.cf</b> file for examples. In
-<b>/etc/aliases</i>, you must specify an alias for <b>root</b> that
+<b>/etc/aliases</b>, you must specify an alias for <b>root</b> that
 directs mail to a real person, otherwise mail sent to <b>root</b>
 will not work as expected.
 
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         mailbox_transport = foo
 </pre>
 
@@ -1801,7 +1943,7 @@ host.
 
 <li>You need an <b>rmail</b> program that extracts the sender
 address from mail that arrives via UUCP, and that feeds the mail
-into the Postfix <b>sendmail<b> command.  Most UNIX systems come
+into the Postfix <b>sendmail</b> command.  Most UNIX systems come
 with an <b>rmail</b> utility. If you're in a pinch, try the one
 bundled with the Postfix source code in the <b>auxiliary</b>
 directory. Some day Postfix may have its own <b>rmail</b> command.
@@ -1814,7 +1956,7 @@ be delivered via UUCP, for example, to a host named <i>uucp-host</i>:
 <p>
 
 <pre>
-    <b>/etc/postfix/transport</b>:
+    /etc/postfix/transport:
         some.domain     uucp:uucp-host
         .some.domain    uucp:uucp-host
 </pre>
@@ -1836,21 +1978,22 @@ you change the <b>transport</b> file.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         transport_maps = hash:/etc/postfix/transport
 </pre>
 
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
 <li>Define a mail transport for delivery via UUCP:
 
 <pre>
-    <b>/etc/postfix/master.cf</b>:
+    /etc/postfix/master.cf:
         uucp      unix  -       n       n       -       -       pipe
           flags=F user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
 </pre>
@@ -1870,7 +2013,7 @@ is willing to relay mail for.
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         relay_domains = some.domain $mydestination ...
 </pre>
 
@@ -1908,7 +2051,7 @@ mail transport to your UUCP gateway host, say, <i>uucp-gateway</i>:
 <p>
 
 <pre>
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         relayhost = uucp-gateway
         default_transport = uucp
 </pre>
@@ -1920,7 +2063,7 @@ mail transport to your UUCP gateway host, say, <i>uucp-gateway</i>:
 <p>
 
 <pre>
-    <b>/etc/postfix/master.cf</b>:
+    /etc/postfix/master.cf:
         uucp      unix  -       n       n       -       -       pipe
           flags=F user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
 </pre>
@@ -1953,21 +2096,22 @@ HylaFax. Here's the setup used:
 <p>
 
 <pre>
-    <b>/etc/postfix/master.cf</b>:
+    /etc/postfix/master.cf:
         fax       unix  -       n       n       -       -       pipe
             flags= user=fax argv=/usr/bin/faxmail -d -n ${user}
 
-    <b>/etc/postfix/transport</b>:
+    /etc/postfix/transport:
         fax.your.domain   fax:localhost
 
-    <b>/etc/postfix/main.cf</b>:
+    /etc/postfix/main.cf:
         transport_maps = hash:/etc/postfix/transport
 </pre>
 
 <p>
 
 Specify <B>dbm</b> instead of <b>hash</b> if your system uses
-<b>dbm</b> files instead of <b>db</b> files.
+<b>dbm</b> files instead of <b>db</b> files. To find out what map
+types Postfix supports, use the command <b>postconf -m</b>.
 
 <p>
 
@@ -2031,7 +2175,7 @@ Fix: get rid of the third-party ndbm.h include file.
 
 <hr>
 
-<a name="db"><h3>Using DB libraries on Solaris etc.</h3> </a>
+<a name="db"><h3>Using third-party DB libraries</h3> </a>
 
 The old <b>dbm</b> UNIX database has severe limitations when you
 try to store lots of information. It breaks when the number of hash
@@ -2049,9 +2193,10 @@ version</a> which has a db-1.85 compatible interface.
 
 <p>
 
-Use the following commands in the Postfix top-level directory.
+To build with a third-party DB library, use the following commands
-The LD_LIBRARY_PATH unset commands may be required to avoid linking
+in the Postfix top-level directory.
-in the wrong libraries.
+On Solaris, the LD_LIBRARY_PATH unset commands may be required to
+avoid linking in the wrong libraries.
 
 <p>
 

postfix/makedefs

@@ -51,6 +51,11 @@ ARFL=rv
 
 SYSTEM=`(uname -s) 2>/dev/null`
 RELEASE=`(uname -r) 2>/dev/null`
+VERSION=`(uname -v) 2>/dev/null`
+
+case "$VERSION" in
+ dcosx*) SYSTEM=$VERSION;;
+esac
 
 case "$SYSTEM.$RELEASE" in
   UnixWare.5*)	SYSTYPE=UW7
@@ -195,6 +200,11 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix543
 		: ${CC=cc}
 		AWK=gawk
 		;;
+    dcosx.1*)	SYSTYPE=DCOSX1
+		RANLIB=echo
+		SYSLIBS="-lresolv -lsocket -lnsl -lc -lrpcsvc -L/usr/ucblib -lucb"
+		;;
+
 	 ".")	if [ -d /NextApps ]; then
 		    SYSTYPE=`hostinfo | sed -n \
 			's/^.*NeXT Mach 3.*$/NEXTSTEP3/;/NEXTSTEP3/{p;q;}'`

postfix/master/master_status.c

@@ -41,7 +41,6 @@
 /* System libraries. */
 
 #include <sys_defs.h>
-#include <sys/socket.h>
 #include <unistd.h>
 
 /* Utility library. */
@@ -155,10 +154,10 @@ void    master_status_init(MASTER_SERV *serv)
 
     /*
      * Make the read end of this service's status pipe non-blocking so that
-     * we can detect partial writes on the child side. We use a socket pair,
+     * we can detect partial writes on the child side. We use a duplex pipe
      * so that the child side becomes readable when the master goes away.
      */
-    if (socketpair(AF_UNIX, SOCK_STREAM, 0, serv->status_fd) < 0)
+    if (duplex_pipe(serv->status_fd) < 0)
 	msg_fatal("pipe: %m");
     non_blocking(serv->status_fd[0], BLOCKING);
     close_on_exec(serv->status_fd[0], CLOSE_ON_EXEC);

postfix/smtp/smtp.c

@@ -87,6 +87,8 @@
 /*	postmaster with transcripts of SMTP sessions with protocol errors.
 /* .IP \fBsmtp_skip_4xx_greeting\fR
 /*	Skip servers that greet us with a 4xx status code.
+/* .IP \fBsmtp_skip_5xx_greeting\fR
+/*	Skip servers that greet us with a 5xx status code.
 /* .IP \fBsmtp_skip_quit_response\fR
 /*	Do not wait for the server response after sending QUIT.
 /* .SH "Resource controls"
@@ -199,6 +201,7 @@ char   *var_debug_peer_list;
 int     var_debug_peer_level;
 char   *var_notify_classes;
 int     var_smtp_skip_4xx_greeting;
+int     var_smtp_skip_5xx_greeting;
 int     var_ign_mx_lookup_err;
 int     var_skip_quit_resp;
 char   *var_fallback_relay;
@@ -350,6 +353,7 @@ int     main(int argc, char **argv)
     };
     static CONFIG_BOOL_TABLE bool_table[] = {
 	VAR_SMTP_SKIP_4XX, DEF_SMTP_SKIP_4XX, &var_smtp_skip_4xx_greeting,
+	VAR_SMTP_SKIP_5XX, DEF_SMTP_SKIP_5XX, &var_smtp_skip_5xx_greeting,
 	VAR_IGN_MX_LOOKUP_ERR, DEF_IGN_MX_LOOKUP_ERR, &var_ign_mx_lookup_err,
 	VAR_SKIP_QUIT_RESP, DEF_SKIP_QUIT_RESP, &var_skip_quit_resp,
 	0,

postfix/smtp/smtp_connect.c

@@ -227,6 +227,17 @@ static SMTP_SESSION *smtp_connect_addr(DNS_RR *addr, unsigned port,
 	vstream_fclose(stream);
 	return (0);
     }
+
+    /*
+     * Skip this host if it sends a 5xx greeting.
+     */
+    if (ch == '5' && var_smtp_skip_5xx_greeting) {
+	vstring_sprintf(why, "connect to %s[%s]: server refused mail service",
+			addr->name, inet_ntoa(sin.sin_addr));
+	smtp_errno = SMTP_RETRY;
+	vstream_fclose(stream);
+	return (0);
+    }
     vstream_ungetc(stream, ch);
     return (smtp_session_alloc(stream, addr->name, inet_ntoa(sin.sin_addr)));
 }

postfix/smtpd/smtpd_check.c

@@ -811,6 +811,7 @@ static int permit_auth_destination(char *recipient)
      */
     canon_addr_internal(query, recipient);
     resolve_clnt_query(STR(query), &reply);
+    lowercase(STR(reply.recipient));
 
     /*
      * Handle special case that is not supposed to happen.
@@ -947,6 +948,7 @@ static int permit_mx_backup(SMTPD_STATE *unused_state, const char *recipient)
      */
     canon_addr_internal(query, recipient);
     resolve_clnt_query(STR(query), &reply);
+    lowercase(STR(reply.recipient));
 
     /*
      * If the destination is local, it is acceptable, because we are
@@ -1088,6 +1090,7 @@ static int reject_unknown_address(SMTPD_STATE *state, char *addr,
      */
     canon_addr_internal(query, addr);
     resolve_clnt_query(STR(query), &reply);
+    lowercase(STR(reply.recipient));
 
     /*
      * Skip local destinations and non-DNS forms.
@@ -1369,6 +1372,7 @@ static int check_mail_access(SMTPD_STATE *state, char *table, char *addr,
      */
     canon_addr_internal(query, addr);
     resolve_clnt_query(STR(query), &reply);
+    lowercase(STR(reply.recipient));
 
     /*
      * Garbage in, garbage out. Every address from canon_addr_internal() and
@@ -1929,6 +1933,7 @@ char   *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
      */
     canon_addr_internal(query, recipient);
     resolve_clnt_query(STR(query), &reply);
+    lowercase(STR(reply.recipient));
 
     /*
      * Skip non-DNS forms. Skip non-local numerical forms.
@@ -1949,6 +1954,18 @@ char   *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
 #define NOP ((char **) 0)
 
     if (resolve_local(domain)) {
+	if (*var_virtual_maps
+	    && maps_find(virtual_maps, domain, 0)) {
+	    msg_warn("virtual domain \"%s\" is listed in $mydestination",
+		     domain);
+	    msg_warn("the $local_recipient_maps feature requires that no");
+	    msg_warn("virtual domains are listed in $mydestination");
+	    msg_warn("be sure to specify the required \"%s whatever\"",
+		     domain);
+	    msg_warn("entry in the virtual map, as explained in the man");
+	    msg_warn("page and in the FAQ entry for virtual domains");
+	    SMTPD_CHECK_RCPT_RETURN(0);
+	}
 	if (*var_local_rcpt_maps
 	    && !mail_addr_find(rcpt_canon_maps, STR(reply.recipient), NOP)
 	    && !mail_addr_find(canonical_maps, STR(reply.recipient), NOP)

postfix/util/Makefile.in

@@ -20,7 +20,7 @@ SRCS	= argv.c argv_split.c attr.c basename.c binhash.c chroot_uid.c \
 	vstream.c vstream_popen.c vstring.c vstring_vstream.c writable.c \
 	write_buf.c write_wait.c dict_unix.c dict_pcre.c stream_listen.c \
 	stream_connect.c stream_trigger.c dict_regexp.c mac_expand.c \
-	clean_env.c watchdog.c spawn_command.c
+	clean_env.c watchdog.c spawn_command.c duplex_pipe.c
 OBJS	= argv.o argv_split.o attr.o basename.o binhash.o chroot_uid.o \
 	close_on_exec.o concatenate.o dict.o dict_db.o dict_dbm.o \
 	dict_env.o dict_ht.o dict_ldap.o dict_mysql.o dict_ni.o dict_nis.o \
@@ -42,7 +42,7 @@ OBJS	= argv.o argv_split.o attr.o basename.o binhash.o chroot_uid.o \
 	vstream.o vstream_popen.o vstring.o vstring_vstream.o writable.o \
 	write_buf.o write_wait.o dict_unix.o dict_pcre.o stream_listen.o \
 	stream_connect.o stream_trigger.o dict_regexp.o mac_expand.o \
-	clean_env.o watchdog.o spawn_command.o
+	clean_env.o watchdog.o spawn_command.o duplex_pipe.o
 HDRS	= argv.h attr.h binhash.h chroot_uid.h connect.h dict.h dict_db.h \
 	dict_dbm.h dict_env.h dict_ht.h dict_ldap.h dict_mysql.h \
 	dict_ni.h dict_nis.h dict_nisplus.h dir_forest.h events.h \
@@ -439,6 +439,9 @@ doze.o: doze.c
 doze.o: sys_defs.h
 doze.o: msg.h
 doze.o: iostuff.h
+duplex_pipe.o: duplex_pipe.c
+duplex_pipe.o: sys_defs.h
+duplex_pipe.o: iostuff.h
 environ.o: environ.c
 environ.o: sys_defs.h
 events.o: events.c
@@ -863,6 +866,7 @@ vstream_popen.o: vbuf.h
 vstream_popen.o: argv.h
 vstream_popen.o: set_ugid.h
 vstream_popen.o: clean_env.h
+vstream_popen.o: iostuff.h
 vstring.o: vstring.c
 vstring.o: sys_defs.h
 vstring.o: mymalloc.h

postfix/util/duplex_pipe.c

@@ -0,0 +1,47 @@
+/*++
+/* NAME
+/*	duplex_pipe 3
+/* SUMMARY
+/*	local IPD
+/* SYNOPSIS
+/*	#include <iostuff.h>
+/*
+/*	int	duplex_pipe(fds)
+/*	int	*fds;
+/* DESCRIPTION
+/*	duplex_pipe() uses whatever local primitive it takes
+/*	to get a two-way I/O channel.
+/* DIAGNOSTICS
+/*	A null result means success. In case of error, the result
+/*	is -1 and errno is set to the appropriate number.
+/* LICENSE
+/* .ad
+/* .fi
+/*	The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/*	Wietse Venema
+/*	IBM T.J. Watson Research
+/*	P.O. Box 704
+/*	Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System libraries */
+
+#include <sys_defs.h>
+#include <sys/socket.h>
+
+/* Utility library. */
+
+#include "iostuff.h"
+
+/* duplex_pipe - give me a duplex pipe or bust */
+
+int     duplex_pipe(int *fds)
+{
+#ifdef HAS_DUPLEX_PIPE
+    return (pipe(fds));
+#else
+    return (socketpair(AF_UNIX, SOCK_STREAM, 0, fds));
+#endif
+}
+

postfix/util/iostuff.h

@@ -25,6 +25,7 @@ extern int read_wait(int, int);
 extern int write_wait(int, int);
 extern int write_buf(int, const char *, int, int);
 extern void doze(unsigned);
+extern int duplex_pipe(int *);
 
 #define BLOCKING	0
 #define NON_BLOCKING	1

postfix/util/safe_open.c

@@ -45,6 +45,14 @@
 /*	A safe open routine was discussed by Casper Dik in article
 /*	<2rdb0s$568@mail.fwi.uva.nl>, posted to comp.security.unix
 /*	(May 18, 1994).
+/*
+/*	Olaf Kirch discusses how the lstat()/open()+stat() test can
+/*	be fooled by delaying the open() until the inode found with
+/*	lstat() has been re-used for a sensitive file (article
+/*	<20000103212443.A5807@monad.swb.de> posted to bugtraq on
+/*	Jan 3, 2000).  This can be a concern for set-uid processes
+/*	that run under the control of a user and this can be
+/*	manipulated with start/stop signals.
 /* LICENSE
 /* .ad
 /* .fi
@@ -107,11 +115,17 @@ static VSTREAM *safe_open_exist(const char *path, int flags, VSTRING *why)
      * either we followed a symlink while opening an existing file, someone
      * quickly changed the number of hard links, or someone replaced the file
      * after the open() call. The link and mode tests aren't really necessary
-     * but the additional cost is low.
+     * in daemon processes. Set-uid programs, on the other hand, can be
+     * slowed down by arbitrary amounts, and there it would make sense to
+     * compare even more file attributes, such as the inode generation number
+     * on systems that have one.
      */
     else if (lstat(path, &lstat_st) < 0
 	     || fstat_st.st_dev != lstat_st.st_dev
 	     || fstat_st.st_ino != lstat_st.st_ino
+#ifdef HAS_ST_GEN
+	     || fstat_st.st_gen != lstat_st.st_gen
+#endif
 	     || fstat_st.st_nlink != lstat_st.st_nlink
 	     || fstat_st.st_mode != lstat_st.st_mode) {
 	vstring_sprintf(why, "file %s: status has changed", path);

postfix/util/sys_defs.h

@@ -21,7 +21,7 @@
   */
 #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
     || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
-    || defined(OPENBSD2) || defined(NETBSD1) || defined(RHAPSODY5)
+    || defined(OPENBSD2) || defined(NETBSD1)
 #define SUPPORTED
 #include <sys/types.h>
 #define USE_PATHS_H
@@ -37,9 +37,14 @@
 #define USE_STATFS
 #define STATFS_IN_SYS_MOUNT_H
 #define HAS_POSIX_REGEXP
+#define HAS_ST_GEN	/* struct stat contains inode generation number */
 #endif
 
-#if defined(OPENBSD2)
+#if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4)
+#define HAS_DUPLEX_PIPE
+#endif
+
+#if defined(OPENBSD2) || defined(FREEBSD3) || defined(FREEBSD4)
 #define HAS_ISSETUGID
 #endif
 
@@ -48,6 +53,21 @@
 #endif
 
 #if defined(RHAPSODY5)
+#define SUPPORTED
+#include <sys/types.h>
+#define USE_PATHS_H
+#define USE_FLOCK_LOCK
+#define HAS_SUN_LEN
+#define HAS_FSYNC
+#define HAS_DB
+#define HAS_SA_LEN
+#define DEF_DB_TYPE	"hash"
+#define ALIAS_DB_MAP	"hash:/etc/aliases"
+#define GETTIMEOFDAY(t) gettimeofday(t,(struct timezone *) 0)
+#define ROOT_PATH	"/bin:/usr/bin:/sbin:/usr/sbin"
+#define USE_STATFS
+#define STATFS_IN_SYS_MOUNT_H
+#define HAS_POSIX_REGEXP
 #define NORETURN	void
 #define HAS_NETINFO
 #endif
@@ -62,8 +82,8 @@
 #define UNSAFE_CTYPE			/* XXX verify */
 #define _PATH_MAILDIR	"/var/spool/mail"
 #define _PATH_BSHELL	"/bin/sh"
-#define _PATH_DEFPATH	"/usr/bin:/usr/ucb"
+#define _PATH_DEFPATH	"/bin:/usr/bin:/usr/ucb"
-#define _PATH_STDPATH	"/usr/bin:/usr/etc:/usr/ucb"
+#define _PATH_STDPATH	"/bin:/usr/bin:/usr/etc:/usr/ucb"
 #define USE_FLOCK_LOCK
 #define USE_DOT_LOCK
 #define HAS_FSYNC
@@ -79,6 +99,7 @@
 extern int optind;
 extern char *optarg;
 extern int opterr;
+extern int h_errno;
 
 #define MISSING_STRFTIME_E
 #define HAS_NIS
@@ -554,6 +575,34 @@ extern int opterr;			/* XXX use <getopt.h> */
 #define USE_STATVFS
 #define STATVFS_IN_SYS_STATVFS_H
 #define MISSING_USLEEP
+#endif
+
+#ifdef DCOSX1				/* Siemens Pyramid */
+#define SUPPORTED
+#include <sys/types.h>
+#define _PATH_MAILDIR	"/var/mail"
+#define _PATH_BSHELL	"/bin/sh"
+#define _PATH_DEFPATH	"/usr/bin:/usr/ucb"
+#define _PATH_STDPATH	"/usr/bin:/usr/sbin:/usr/ucb"
+#define MISSING_SETENV
+#define USE_FCNTL_LOCK
+#define USE_DOT_LOCK
+#define HAS_FSYNC
+#define DEF_DB_TYPE	"hash"
+#define ALIAS_DB_MAP	"hash:/etc/aliases"
+/* Uncomment the following line if you have NIS package installed */
+/* #define HAS_NIS */
+#define USE_SYS_SOCKIO_H
+#define GETTIMEOFDAY(t) gettimeofday(t,NULL)
+#define ROOT_PATH	"/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb"
+#define FIONREAD_IN_SYS_FILIO_H
+#define DBM_NO_TRAILING_NULL
+#define USE_STATVFS
+#define STATVFS_IN_SYS_STATVFS_H
+#define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT
+#ifndef S_ISSOCK
+#define S_ISSOCK(mode)	((mode&0xF000) == 0xC000)
+#endif
 #endif
 
  /*
@@ -721,7 +770,7 @@ typedef int pid_t;
 
  /*
   * Making the ctype.h macros not more expensive than necessary. On some
-  * systems, ctype.h misbehaves badly with signed characters.
+  * systems, ctype.h misbehaves with non-ASCII and/or negative characters.
   */
 #define _UCHAR_(c)	((unsigned char)(c))
 #ifdef UNSAFE_CTYPE

postfix/util/vstream_popen.c

@@ -20,7 +20,7 @@
 /*	\fIcommand\fR, which is executed by a child process. The \fIflags\fR
 /*	argument is as with vstream_fopen(). The child's standard input and
 /*	standard output are redirected to the stream, which is based on a
-/*	socketpair.
+/*	socketpair or other suitable local IPC.
 /*
 /*	vstream_popen_vargs() offers the user more control over the
 /*	child process and over how it is managed. The key argument
@@ -90,7 +90,6 @@
 /* System library. */
 
 #include <sys_defs.h>
-#include <sys/socket.h>
 #include <sys/wait.h>
 #include <unistd.h>
 #include <stdlib.h>
@@ -108,6 +107,7 @@
 #include <argv.h>
 #include <set_ugid.h>
 #include <clean_env.h>
+#include <iostuff.h>
 
 /* Application-specific. */
 
@@ -207,7 +207,7 @@ VSTREAM *vstream_popen_vargs(int flags,...)
     if (args.command == 0)
 	args.command = args.argv[0];
 
-    if (socketpair(AF_UNIX, SOCK_STREAM, 0, sockfd) < 0)
+    if (duplex_pipe(sockfd) < 0)
 	return (0);
 
     switch (pid = fork()) {