postfix-2.3-RC8

2025-08-29 21:27:57 +00:00 · 2006-07-07 00:00:00 -05:00 · 2006-07-07 00:00:00 -05:00 · cc94e64f58
commit cc94e64f58
parent 05249da535
25 changed files with 441 additions and 324 deletions
--- a/postfix/AAAREADME
+++ b/postfix/AAAREADME
@ -47,7 +47,6 @@ Web sites:
 Mail addresses (PLEASE send questions to the mailing list)
    postfix-users@postfix.org		Postfix users mailing list
    wietse@porcupine.org		the original author
 In order to subscribe to the mailing list, see http://www.postfix.org/.
@ -162,8 +161,9 @@ Miscellaneous:
    auxiliary/		Auxiliary software etc.
    bin/		Postfix command executables
    conf/		Configuration files, run-time scripts
-    include/		Installed include files
+    include/		Include files
-    lib/		Installed object libraries
+    implementation-notes/ Background information
    lib/		Object libraries
    libexec/		Postfix daemon executables
-    mantools/		Manual page utilities
+    mantools/		Documentation utilities
    proto/		Documentation source
--- a/postfix/COMPATIBILITY
+++ b/postfix/COMPATIBILITY
@ -8,12 +8,13 @@ address probing	yes (optional persistent database)
 aliases		yes (can enable/disable mail to /file or |command)
 bare newlines	yes (but will send CRLF)
 blacklisting	yes (client name/addr; helo hostname; mail from; rcpt to)
-connection caching yes (SMTP shared cache; LMTP in-process cache)
+connection caching yes (SMTP shared cache; LMTP shared cache)
 content filter	yes (before and after queue, internal and external)
 db tables	yes (compile time option)
 dbm tables	yes (compile time option)
 delivered-to	yes (configurable with prepend_delivered_header)
-dsn		almost (supports enhanced status codes and DSN format bounces)
+dsn		yes
 enhanced status codes	yes
 errors-to:	no (removed with Postfix 2.2)
 esmtp		yes
 etrn support	yes (per-destination log for authorized destinations only)
@ -23,9 +24,9 @@ genericstable	yes (Postfix 2.2 generic(5) table)
 greylist	yes (delegated policy script)
 home mailbox	yes
 ident lookup	no
-ipv6	        yes (compatibility for ipv4-only kernels/libraries)
+ipv6	        yes (compatibility for ipv4-only systems)
 ldap tables	yes (contributed)
-lmtp support	yes (client)
+lmtp support	yes (client only)
 luser relay	yes
 m4 config	no
 mail to command	yes (configurable for .forward, aliases, :include:)
@ -34,6 +35,7 @@ maildir		yes (in home, system mailspool, /file/name/ alias)
 mailertable	yes (it's called transport)
 mailq		yes
 majordomo	yes (edit approve script to delete /^delivered-to:/i)
 milter		yes (except body replacement)
 mime		yes (including 8bit to quoted-printable conversion)
 mysql tables	yes (contributed)
 netinfo tables	yes (contributed)
@ -42,11 +44,11 @@ nis tables	yes
 nis+ tables	yes (contributed)
 no <> in smtp	yes (most common address forms)
 pgsql tables	yes (contributed)
-pipeline option	yes (server and client)
+pipeline option	yes (SMTP server and client; LMTP client)
-pop/imap	yes (with third-party daemons that use mailbox or maildir)
+pop/imap	no
 qmqp server	yes (with verp support)
 rbl support	yes
-return-receipt:	no
+return-receipt:	no (use DSN NOTIFY=SUCCESS)
 rhsbl support	yes
 sasl support	yes (compile time option)
 sendmail -bt	no
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -12461,6 +12461,24 @@ Apologies for any names omitted.
 	Cleanup: comments, error messages, and crumbling interfaces.
 20060707
 	Workaround: apparently, Solaris gettimeofday() can return
 	out-of range microsecond values.  File: src/global/log_adhoc.c.
 	Robustness: the SMTPD policy client now encodes the
 	ccert_subject and ccert-issuer attributes as xtext.  Some
 	characters are replaced by +XX, where XX is the two-digit
 	hexadecimal code for the character value.  File:
 	smtpd/smtpd_check.c.
 	Safety: the SMTP/LMTP client now defers delivery when a
 	SASL password exists but the server does not offer SASL
 	authentication. Mail could be rejected otherwise. This
 	may become an issue now that Postfix retries delivery in
 	plaintext after an opportunistic TLS handshake fails. Specify
 	"smtp_sasl_auth_enforce = no" to deliver mail anyway.
 Wish list:
 	The usage of TLScontext->cache_type is unclear. It specifies
@ -12474,37 +12492,27 @@ Wish list:
 	around as pointers. TLScontext->cache_type is a case in
 	point.
 	In the SMTPD policy client (encode or strip) non-printable
 	non-ASCII in (TLS or all) attributes.
 	Are transport:nexthop null fields the same as in the case
 	of default_transport etc. parameters?
 	Introduce structured API for tls_server_mumble() just like
 	with smtp(8): this eliminates ever-growing lists of arguments.
 	Defer delivery when a SASL password exists but the server
 	does not offer SASL authentication, as mail might otherwise
 	be bounced. This may become an issue now that Postfix will
 	retry in plaintext after optional TLS fails. Make this
 	configurable so people can get the old behavior.
 	Don't lose bits when converting st_dev into maildir file
 	name. It's 64 bits on Linux. Found with the BEAM source
-	code analyzer.
+	code analyzer. Is this really a problem, or are they just
 	using 64 bits for upwards compatibility with LP64 systems?
 	Do or don't introduce unknown_reverse_client_reject_code.
-	mail_addr/rcpt_addr should be externalized as they are in
+	In Milter events, mail_addr/rcpt_addr should be externalized
-	Sendmail. Likewise, addresses in add/delete requests should
+	as they are in Sendmail. Likewise, addresses in add/delete
-	be internalized before updating the queue file.
+	requests should be internalized before updating the queue
 	file.
 	Check that "UINT32 == unsigned int" choice is ok (i.e. LP64
 	UNIX).
 	Fix milter_argv() so it does not forget how much memory it
 	has.
 	Tempfail when a Milter application wants content access,
 	while it is configured in an SMTP server that runs before
 	the smtpd_proxy filter.
@ -12531,8 +12539,8 @@ Wish list:
 	Eliminate the (incoming,deferred)->active rename operation.
 	Softbounce fallback-to-ISP for SOHO users. This requires
-	playing with with the soft_error test in the smtp_trouble.c
+	playing with the soft_error test in the smtp_trouble.c
-	module, and a way to avoid trying direct-to-backup-MX.
+	module, and avoiding delivery to backup MX hosts.
 	select -> kqueue, epoll, /dev/poll, poll() ...
--- a/postfix/README_FILES/SMTPD_POLICY_README
+++ b/postfix/README_FILES/SMTPD_POLICY_README
@ -58,7 +58,7 @@ a delegated SMTPD access policy request:
    sasl_sender=
    size=12345
    ccert_subject=solaris9.porcupine.org
-    ccert_issuer=Wietse Venema
+    ccert_issuer=Wietse+20Venema
    ccert_fingerprint=C2:9D:F4:87:71:73:73:D9:18:E7:C2:F3:C1:DA:6E:04
    PPoossttffiixx vveerrssiioonn 22..33 aanndd llaatteerr::
    encryption_protocol=TLSv1/SSLv3
@ -114,7 +114,9 @@ Notes:
  * The "ccert_*" attributes (Postfix 2.2 and later) specify information about
    how the client was authenticated via TLS. These attributes are empty in
-    case of no certificate authentication.
+    case of no certificate authentication. As of Postfix 2.2.11 these attribute
    values are encoded as xtext: some characters are represented by +XX, where
    XX is the two-digit hecadecimal representation of the character value.
  * The "encryption_*" attributes (Postfix 2.3 and later) specify information
    about how the connection is encrypted. With plaintext connections the
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@ -11,20 +11,19 @@ instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
-Major changes - critical
+Critical notes
------------------------
+--------------
 See RELEASE_NOTES_2.2 if you upgrade from Postfix 2.1 or earlier.
-Postfix internal protocols have has changed.  You need to "postfix
+Some Postfix internal protocols have changed.  You need to "postfix
 reload" or restart Postfix, otherwise many servers will log warning
 messages with "unexpected attribute" or "problem talking to service
 rewrite: Unknown error: 0", and mail will not be delivered.
-[Incompat 20060515] Milter support introduces a three new queue
+The Sendmail-compatible Milter support introduces three new queue
-file record types. Queue files created with this Postfix version
+file record types. As long as you leave this feature turned off,
-will be understood by older Postfix versions ONLY if Milter support
+you can still go back to Postfix version 2.2 without losing mail.
 is turned off, which is the default.
 Major changes - DNS lookups
 ---------------------------
@ -41,19 +40,11 @@ Major changes - DSN
 This gives senders control over successful and failed delivery
 notifications.  DSN involves extra parameters to the SMTP MAIL FROM
 and RCPT TO commands, as well as extra Postfix sendmail command
-line options that provide a sub-set of the functions of those extra
+line options for mail submission.
 SMTP command parameters.
 See DSN_README for details. Some implementation notes are in
 implementation-notes/DSN.
 [Incompat 20050828] When the cleanup server rejects the content or
 size of mail that was submitted with the Postfix sendmail command,
 forwarded with the local(8) delivery agent, or that was re-queued
 with "postsuper -r", Postfix no longer sends DSN SUCCESS notification
 of virtual alias expansions. Since all the recipients are reported
 as failed, the SUCCESS notification seems redundant.
 [Incompat 20050615] The new DSN support conflicts with VERP support.
 For Sendmail compatibility, Postfix now uses the sendmail -V command
 line option for DSN.  In order to request VERP style delivery, you
@ -61,16 +52,23 @@ must now specify -XV instead of -V.  The Postfix sendmail command
 will recognize if you try to use -V for VERP-style delivery.  It
 will do the right thing and will remind you of the new syntax.
 [Incompat 20050828] When the cleanup server rejects the content or
 size of mail that was submitted with the Postfix sendmail command,
 that was forwarded with the local(8) delivery agent, or that was
 re-queued with "postsuper -r", Postfix no longer sends DSN SUCCESS
 notification after virtual alias expansions. Since all the recipients
 are reported as failed, the SUCCESS notification seems redundant.
 Major changes - LMTP client
 ---------------------------
-[Feature 20051208] The SMTP client now implements the LMTP protocol.
+See the "SASL authentication" and "TLS" sections for changes related
-Most but not all smtp_xxx parameters have an lmtp_xxx "ghost"
+to SASL authentication and TLS support, respectively.
 parameter.  This means there are lot of new LMTP features, including
 support for TLS and for the shared connection cache.
-[Feature 20060614] The unified SMTP/LMTP client now has complete
+[Feature 20051208] The SMTP client now implements the LMTP protocol.
-sets of configuration parameters for each protocol.
+Most but not all smtp_xxx parameters now have an lmtp_xxx equivalent.
 This means there are lot of new LMTP features, including support
 for TLS and for the shared connection cache.
 [Incompat 20051208] The LMTP client now reports the server as
 "myhostname[/path/name]".  With the real server hostname in delivery
@ -81,19 +79,18 @@ Major changes - Milter support
 [Feature 20060515] Milter (mail filter) application support,
 compatible with Sendmail version 8.13.6 and earlier. This allows
-you to run a large number of plug-ins to reject unwanted mail and
+you to run a large number of plug-ins to reject unwanted mail, and
-to sign mail with, for example, domain keys. All Milter functions
+to sign mail with for example domain keys. All Milter functions are
-are implemented except replacing the message body, which will be
+implemented except replacing the message body, which will be added
-added later. Milters are before-queue filters, so they don't change
+later. Milters are before-queue filters, so they don't change the
-the queue ID.
+queue ID.
 See the MILTER_README document for a discussion of how to use Milter
-support with Postfix.
+support with Postfix, and limitations of the current implementation.
-[Incompat 20060515] Milter support introduces a three new queue
+[Incompat 20060515] Milter support introduces three new queue file
-file record types. Queue files created with this Postfix version
+record types. As long as you leave this feature turned off, you can
-will be understood by older Postfix versions ONLY if Milter support
+still go back to Postfix version 2.2 without losing mail.
 is turned off, which is the default.
 [Incompat 20060515] Milter support introduces new logfile event
 types: milter-reject, milter-discard and milter-hold, that identify
@ -103,8 +100,15 @@ software.
 Major changes - SASL authentication
 -----------------------------------
 [Incompat 20060707] The SMTP/LMTP client now defers delivery when
 a SASL password exists but the server does not offer SASL authentication.
 Otherwise, the server could reject the mail. This may become an
 issue now that Postfix retries delivery in plaintext after an
 opportunistic TLS handshake fails. Specify "smtp_sasl_auth_enforce
 = no" to deliver mail anyway.
 [Feature 20051220] Plug-in support for SASL authentication in the
-SMTP server and in the SMTP+LMTP client. With this, Postfix can
+SMTP server and in the SMTP/LMTP client. With this, Postfix can
 support multiple SASL implementations without source code patches.
 Some distributors may even make SASL support a run-time linking
 option, just like they already do with Postfix lookup tables.
@ -117,7 +121,7 @@ are slightly different, but these are generally improvements.
 The "postconf -a" command shows what plug-in implementations are
 available for the SMTP server, and "postconf -A" does the same for
-the SMTP+LMTP client.  Plug-in implementations are selected with
+the SMTP/LMTP client.  Plug-in implementations are selected with
 the smtpd_sasl_type, smtp_sasl_type and lmtp_sasl_type configuration
 parameters.
@ -163,15 +167,13 @@ ISP accounts.
 Major changes - SMTP client
 ---------------------------
-[Feature 20051208] The SMTP client now implements the LMTP protocol.
+See the "SASL authentication" and "TLS" sections for changes related
-Most but not all smtp_xxx parameters have an lmtp_xxx "ghost"
+to SASL authentication and TLS support, respectively.
 parameter.  This means there are lot of new LMTP features, including
 support for TLS and for the shared connection cache. There are no
 lmtp_xxx "ghost" parameters for the HELO or EHLO commands, because
 those commands exist only in SMTP.
-[Feature 20060614] The unified SMTP/LMTP client now has complete
+[Feature 20051208] The SMTP client now implements the LMTP protocol.
-sets of configuration parameters for each protocol.
+Most but not all smtp_xxx parameters now have an lmtp_xxx equivalent.
 This means there are lot of new LMTP features, including support
 for TLS and for the shared connection cache.
 [Incompat 20060112] The Postfix SMTP/LMTP client by default no
 longer allows DNS CNAME records to override the server hostname
@ -180,13 +182,13 @@ and TLS server certificate verification. Specify
 "smtp_cname_overrides_servername = yes" to get the old behavior.
 [Incompat 20060103] The Postfix SMTP/LMTP client no longer defers
-mail when it receives a malformed SMTP server reply in a session
+mail delivery when it receives a malformed SMTP server reply in a
-with command pipelining.  When helpful warnings are enabled, it
+session with command pipelining.  When helpful warnings are enabled,
-will suggest that command pipelining be disabled for the affected
+it will suggest that command pipelining be disabled for the affected
 destination.
 [Incompat 20051208] The fallback_relay feature is renamed to
-smtp_fallback_relay, to make clear that the combined SMTP+LMTP
+smtp_fallback_relay, to make clear that the combined SMTP/LMTP
 client uses this setting only for SMTP deliveries. The old name
 still works.
@ -274,29 +276,27 @@ this limit was disabled by default. The new limit prevents Postfix
 from spending lots of time trying to connect to lots of bogus MX
 servers.
 [Incompat 20050622] The Postfix SMTP handling of [45]XX server
 greetings was cleaned up. The server reply is now properly reported.
 Major changes - SMTP server
 ---------------------------
-[Incompat 20060207] The Postfix SMTP server no longer complains
+See the "SASL authentication" and "TLS" sections for changes related
-when TLS support is not compiled in, but permit_tls_clientcerts,
+to SASL authentication and TLS support, respectively.
 permit_tls_all_clientcerts, or check_ccert_access are used. These
 features now are effectively ignored.  However, the
 reject_plaintext_session feature is not ignored and will reject
 mail.
-[Incompat 20051202] The Postfix SMTP daemon will not receive mail
+[Feature 20051222] You can now use "resolve_numeric_domain = yes"
-from the network if it isn't running with postfix mail_owner
+to stop Postfix from rejecting user@ipaddress as an invalid
 destination. It will deliver the mail to user@[ipaddress] instead.
 [Incompat 20051202] The Postfix SMTP server now refuses to receive
 mail from the network if it isn't running with postfix mail_owner
 privileges.  This prevents surprises when, for example, "sendmail
 -bs" is configured to run as root from xinetd.
-[Incompat 20051121] The permit_mx_backup feature still accepts mail
+[Incompat 20051121] Although the permit_mx_backup feature still
-for authorized destinations (see permit_mx_backup for definition),
+accepts mail for authorized destinations (see permit_mx_backup for
-but with other destinations it requires that the local MTA is listed
+definition), with all other destinations it now requires that the
-as non-primary MX. This prevents mail loop problems when someone
+local MTA is listed as non-primary MX. This prevents mail loop
-points the primary MX record at Postfix.
+problems when someone points the primary MX record at a Postfix
 system.
 [Feature 20051011] Optional protection against SMTP clients that
 hammer the server with too many new (i.e. uncached) SMTP-over-TLS
@ -339,8 +339,8 @@ parameters.  The old parameters are still supported but will be
 removed in a future Postfix release.
 [Feature 20060614] New smtpd_tls_protocols parameter complements
-the smtp_tls_mandatory_protocols parameter, only recommended for
+the smtp_tls_mandatory_protocols parameter. This recommended for
-MSA configurations, not MX hosts.
+MSA configurations, not for MX for hosts that face the Internet.
 [Feature 20060626] Both the SMTP client and server can be configured
 without a client or server certificate. An SMTP server without
@ -356,11 +356,15 @@ is required (notably Postfix 2.3 in "opportunistic" mode) and the
 administrator has not excluded the "aNULL" OpenSSL cipher type with
 smtp_tls_exclude_ciphers.
-[Feature 20060626] You can specify cipher grades with the
+[Feature 20060626] You can specify cipher grades (instead of cipher
-smtp_tls_mandatory_ciphers, lmtp_tls_mandatory_ciphers and
+names) with the smtp_tls_mandatory_ciphers, lmtp_tls_mandatory_ciphers
-smtpd_tls_ciphers parameters. Specify
+and smtpd_tls_ciphers parameters. Specify one of "high", "medium",
-one of "high", "medium", "low", "export" or "null". See TLS_README
+"low", "export" or "null". See TLS_README for details.
-for details.
+
 [Incompat 20060707] The SMTPD policy client now encodes the
 ccert_subject and ccert_issuer attributes as xtext. Some characters
 are represented by +XX, where XX is the two-digit hexadecimal
 representation of the character value.
 [Incompat 20060614] The smtp_sasl_tls_verified_security_options
 feature is not yet complete, and will therefore not appear in the
@ -378,9 +382,9 @@ now also logs TLS session cache activity. Use level 2 and higher
 for debugging only, use levels 0 or 1 as production settings.
 [Incompat 20060207] The Postfix SMTP server no longer complains
-when TLS support is not compiled in, but permit_tls_clientcerts,
+when TLS support is not compiled in while permit_tls_clientcerts,
-permit_tls_all_clientcerts, or check_ccert_access are used. These
+permit_tls_all_clientcerts, or check_ccert_access are specified in
-features now are effectively ignored.  However, the
+main.cf. These features now are effectively ignored.  However, the
 reject_plaintext_session feature is not ignored and will reject
 mail.
@ -388,7 +392,8 @@ mail.
 smtp_tls_per_site feature, without changes to the user interface.
 Some Postfix internals had to be re-structured in preparation for
 a more general TLS policy mechanism; this required that smtp_tls_per_site
-be re-implemented from scratch.
+be re-implemented from scratch. The obscure behavior was found
 during compatibility testing.
 [Feature 20051011] Optional protection against SMTP clients that
 hammer the server with too many new (i.e. uncached) SMTP-over-TLS
@ -412,13 +417,14 @@ Major changes - XCLIENT and XFORWARD
 [Incompat 20060611] The SMTP server XCLIENT implementation has
 changed. The SMTP server now resets state to the initial server
-greeting stage, so that it can accurately simulate the effect of
+greeting stage, immediately before the EHLO/HELO greeting.  This
-connection-level access restrictions.  Without this change, XCLIENT
+was needed to correctly simulate the effect of connection-level
-will not work at all with Milter applications.
+access restrictions.  Without this change, XCLIENT would not work
 with Milter applications.
 [Incompat 20060611] The SMTP server XCLIENT and XFORWARD commands
 now expect that attributes are xtext encoded (RFC 1891). For backwards
-compatibility they will accept unencoded attribute values. The
+compatibility they will also accept unencoded attribute values. The
 XFORWARD client code in the SMTP client and in the SMTPD_PROXY
 client will always encode attribute values. This change will have
 effect only for malformed hostname and helo parameter values.
@ -426,8 +432,8 @@ effect only for malformed hostname and helo parameter values.
 For more details, see the XCLIENT_README and XFORWARD_README
 documents.
-Major changes - address rewriting
+Major changes - address manipulation
---------------------------------
+------------------------------------
 [Incompat 20060123] Postfix now preserves uppercase information
 while mapping addresses with canonical, virtual, relocated or generic
@ -435,6 +441,10 @@ maps; this happens even with $number substitutions in regular
 expression maps. However, the local(8) and virtual(8) delivery
 agents still fold addresses to lower case.
 As a side effect, Postfix now also does a better job at being case
 insensitive where it should be, for example while searching per-host
 TLS policies or SASL passwords.
 By default, Postfix now folds the search string to lowercase only
 with tables that have fixed-case lookup fields such as btree:,
 hash:, dbm:, ldap:, or *sql:. The search string is no longer case
@ -444,13 +454,6 @@ case, such as regexp:, pcre:, or cidr:.
 For safety reasons, Postfix no longer allows $number substitution
 in regexp: or pcre: transport tables or per-sender relayhost tables.
 [Feature 20060123] Postfix now does a better job at preserving
 upper/lower case information while transforming addresses.  The
 table lookup code was revised, and is now more careful about when
 it folds search strings to lower case.  As a side effect, Postfix
 now also does a better job at being case insensitive where it should,
 for example while searching per-host TLS policies or SASL passwords.
 Major changes - bounce message templates
 ----------------------------------------
@ -481,13 +484,6 @@ this:
                            The $mail_name program
    EOF
 Major changes - broken SMTP clients
 -----------------------------------
 [Feature 20051222] You can now use "resolve_numeric_domain = yes"
 to stop Postfix from rejecting user@ipaddress as an invalid
 destination. It will deliver the mail to user@[ipaddress] instead.
 Major changes - built-in filters
 --------------------------------
@ -503,55 +499,6 @@ command (or re-queued with "postsuper -r"), the returned message
 is now limited to just the message headers, to avoid the risk of
 exposure to harmful content in the message body or attachments.
 Major changes - connection caching
 ----------------------------------
 [Incompat 20051026] The smtp_connection_cache_reuse_limit parameter
 (which limits the number of deliveries per SMTP connection) is
 replaced by the new smtp_connection_reuse_time_limit parameter (the
 time after which a connection is no longer stored into the connection
 cache).
 [Feature 20051026] This snapshot addresses a performance stability
 problem with remote SMTP servers. The problem is not specific to
 Postfix: it can happen when any MTA sends large amounts of SMTP
 email to a site that has multiple MX hosts. The insight that led
 to the solution, as well as an initial implementation, are due to
 Victor Duchovni.
 The problem starts when one of a set of MX hosts becomes slower
 than the rest.  Even though SMTP clients connect to fast and slow
 MX hosts with equal probability, the slow MX host ends up with more
 simultaneous inbound connections than the faster MX hosts, because
 the slow MX host needs more time to serve each client request.
 The slow MX host becomes a connection attractor.  If one MX host
 becomes N times slower than the rest, it dominates mail delivery
 latency unless there are more than N fast MX hosts to counter the
 effect. And if the number of MX hosts is smaller than N, the mail
 delivery latency becomes effectively that of the slowest MX host
 divided by the total number of MX hosts.
 The solution uses connection caching in a way that differs from
 Postfix 2.2.  By limiting the amount of time during which a connection
 can be used repeatedly (instead of limiting the number of deliveries
 over that connection), Postfix not only restores fairness in the
 distribution of simultaneous connections across a set of MX hosts,
 it also favors deliveries over connections that perform well, which
 is exactly what we want.
 The smtp_connection_reuse_time_limit feature implements the connection
 reuse time limit as discussed above.  It limits the amount of time
 after which an SMTP connection is no longer stored into the connection
 cache. The default limit, 300s, can result in a huge number of
 deliveries over a single connection.
 This solution will be complete when Postfix logging is updated to
 include information about the number of times that a connection was
 used. This information is needed to diagnose inter-operability
 problems with servers that exhibit bugs when they receive multiple
 messages over the same connection.
 Major changes - database support
 --------------------------------
@ -639,18 +586,17 @@ software.
 [Incompat 20051106] The relay=... logging has changed and now
 includes the remote SMTP server port number as hostname[hostaddr]:port.
 [Incompat 20060112] The Postfix SMTP/LMTP client by default no
 longer allows DNS CNAME records to override the server hostname
 that is used for logging, SASL password lookup, TLS policy selection
 and TLS server certificate verification. Specify
 "smtp_cname_overrides_servername = yes" to get the old behavior.
 [Incompat 20051105] All delay logging now has sub-second resolution,
 including the over-all "delay=nnn" logging.  A patch is available
 for pflogsumm (pflogsumm-conn-delays-dsn-patch). The qshape script
 has been updated (auxiliary/qshape/qshape.pl).
 At this point the Postfix logging for a recipient looks like this:
    Nov  3 16:04:31 myname postfix/smtp[30840]: 19B6B2900FE:
    to=<wietse@test.example.com>, orig_to=<wietse@test>,
    relay=mail.example.com[1.2.3.4], conn_use=2, delay=0.22,
    delays=0.04/0.01/0.05/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok)
 [Feature 20051103] This release makes a beginning with a series of
 new attributes in Postfix logfile records.
@ -664,8 +610,9 @@ new attributes in Postfix logfile records.
 - Logging of the connection reuse count when SMTP connections are
  used for more than one message delivery.  This information is
  needed because Postfix can now reuse connections hundreds of times
-  or more, and can help to diagnose inter-operability problems with
+  or more. Logging of the connection reuse count can help to diagnose
-  servers that suffer from memory leaks or other resource leaks.
+  inter-operability problems with servers that suffer from memory
  leaks or other resource leaks.
 At this point the Postfix logging for a recipient looks like this:
@ -696,6 +643,12 @@ where y and z can be up to three digits each.
 Major changes - performance
 ---------------------------
 [Incompat 20050622] The Postfix SMTP client by default limits the
 number of MX server addresses to smtp_mx_address_limit=5. Previously
 this limit was disabled by default. The new limit prevents Postfix
 from spending lots of time trying to connect to lots of bogus MX
 servers.
 [Feature 20051026] This snapshot addresses a performance stability
 problem with remote SMTP servers. The problem is not specific to
 Postfix: it can happen when any MTA sends large amounts of SMTP
@ -752,42 +705,41 @@ Major changes - portability
 ---------------------------
 [Incompat 20050716] Internal interfaces have changed; this may break
-third-party patches because the text of function argument and result
+third-party patches because the types of function arguments and of
-type definitions has changed.  The type of buffer lengths and offsets
+result values have changed.  The types of buffer lengths and offsets
-were changed from "(unsigned) int" (32 bit on 32-bit and LP64
+were changed from "int" or "unsigned int" (32 bit on 32-bit and
-systems) to "(s)size_t" (64 bit on LP64 systems, 32 bit on 32-bit
+LP64 systems) to "ssize_t" or "size_t" (64 bit on LP64 systems, 32
-systems).
+bit on 32-bit systems).
-Otherwise, this change makes no difference on 32-bit systems. On
+This change makes no difference in Postfix behavior on 32-bit
-LP64 systems, however, software may mis-behave 1) when Postfix is
+systems. On LP64 systems, however, this change not only eliminates
 some obscure portability bugs, it also eliminates unnecessary
 conversions between 32/64 bit integer types, because many system
 library routines take "(s)size_t" arguments or return "(s)size_t"
 values.
 This change may break software on LP64 systems 1) when Postfix is
 linked with pre-compiled code that was compiled with old Postfix
 interface definitions and 2) when compiling Postfix source that was
-modified by a third-party patch: incorrect code may be generated
+modified by a third-party patch: incorrect code will be generated
 when the patch passes the wrong integer argument type in contexts
 that disable automatic argument type conversions.  Examples of such
 contexts are formatting with printf-like arguments, and invoking
 functions that write Postfix request or reply attributes across
 inter-process communication channels.  Unfortunately, gcc does not
 report "(unsigned) int" versus "(s)size_t" format string argument
-mis-matches on 32-bit systems; they can be found only on 64-bit
+mis-matches on 32-bit systems; it reports them only on 64-bit
 systems.
 [Feature 20050716] Improved portability to LP64 systems, by converting
 the type of buffer lengths and offsets from "(unsigned) int" to
 "(s)size_t".  This change has zero effect on 32-bit systems. On
 LP64 platforms, however, this change not only eliminates some obscure
 portability bugs, it also eliminates unnecessary conversions between
 32/64 bit integer types, because many system library routines take
 "(s)size_t" arguments or return "(s)size_t" values.
 Major changes - safety
 ----------------------
-[Incompat 20051121] The permit_mx_backup feature still accepts mail
+[Incompat 20051121] Although the permit_mx_backup feature still
-for authorized destinations (see permit_mx_backup for definition),
+accepts mail for authorized destinations (see permit_mx_backup for
-but with other destinations it requires that the local MTA is listed
+definition), with all other destinations it now requires that the
-as non-primary MX. This prevents mail loop problems when someone
+local MTA is listed as non-primary MX. This prevents mail loop
-points the primary MX record at Postfix.
+problems when someone points the primary MX record at a Postfix
 system.
 [Incompat 20051011] The Postfix local(8) delivery agent no longer
 updates its idea of the Delivered-To: address while it expands
@ -808,8 +760,17 @@ command (or re-queued with "postsuper -r"), the returned message
 is now limited to just the message headers, to avoid the risk of
 exposure to harmful content in the message body or attachments.
-[Incompat 20051202] The Postfix SMTP daemon will not receive mail
+[Incompat 20051202] The Postfix SMTP server now refuses to receive
-from the network if it isn't running with postfix mail_owner
+mail from the network if it isn't running with postfix mail_owner
 privileges.  This prevents surprises when, for example, "sendmail
 -bs" is configured to run as root from xinetd.
 [Incompat 20060123] For safety reasons, Postfix no longer allows
 $number substitution in regexp: or pcre: transport tables or
 per-sender relayhost tables.
 [Incompat 20060112] The Postfix SMTP/LMTP client by default no
 longer allows DNS CNAME records to override the server hostname
 that is used for logging, SASL password lookup, TLS policy selection
 and TLS server certificate verification. Specify
 "smtp_cname_overrides_servername = yes" to get the old behavior.
--- a/postfix/html/SMTPD_POLICY_README.html
+++ b/postfix/html/SMTPD_POLICY_README.html
@ -90,7 +90,7 @@ sasl_username=you
 sasl_sender=
 size=12345
 ccert_subject=solaris9.porcupine.org
-ccert_issuer=Wietse Venema
+ccert_issuer=Wietse+20Venema
 ccert_fingerprint=C2:9D:F4:87:71:73:73:D9:18:E7:C2:F3:C1:DA:6E:04
 <b>Postfix version 2.3 and later:</b>
 encryption_protocol=TLSv1/SSLv3
@ -161,6 +161,9 @@ etrn_domain=
    <li> <p> The "ccert_*" attributes (Postfix 2.2 and later) specify
    information about how the client was authenticated via TLS.
    These attributes are empty in case of no certificate authentication.
    As of Postfix 2.2.11 these attribute values are encoded as
    xtext: some characters are represented by +XX, where XX is the
    two-digit hecadecimal representation of the character value.
    </p>
    <li> <p> The "encryption_*" attributes (Postfix 2.3 and later)
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@ -3528,6 +3528,17 @@ Enable SASL authentication in the Postfix LMTP client.
 </p>
 </DD>
 <DT><b><a name="lmtp_sasl_auth_enforce">lmtp_sasl_auth_enforce</a>
 (default: yes)</b></DT><DD>
 <p> The LMTP-specific version of the <a href="postconf.5.html#smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a>
 configuration parameter.  See there for details. </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
 </DD>
 <DT><b><a name="lmtp_sasl_mechanism_filter">lmtp_sasl_mechanism_filter</a>
@ -7550,6 +7561,18 @@ Example:
 </pre>
 </DD>
 <DT><b><a name="smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a>
 (default: yes)</b></DT><DD>
 <p> Defer mail delivery when an SMTP server does not support SASL
 authentication, while <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> contains SASL
 login/password information for that server. </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
 </DD>
 <DT><b><a name="smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a>
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@ -293,60 +293,66 @@ SMTP(8)                                                                SMTP(8)
       Available in Postfix version 2.3 and later:
       <b><a href="postconf.5.html#smtp_sasl_auth_enforce">smtp_sasl_auth_enforce</a> (yes)</b>
              Defer mail delivery when an SMTP  server  does  not
              support  SASL authentication, while <a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_pass</a>-
              <a href="postconf.5.html#smtp_sasl_password_maps">word_maps</a> contains SASL login/password  information
              for that server.
       <b><a href="postconf.5.html#smtp_sender_dependent_authentication">smtp_sender_dependent_authentication</a> (no)</b>
-              Enable sender-dependent authentication in the  SMTP
+              Enable  sender-dependent authentication in the SMTP
-              client;  this is available only with SASL authenti-
+              client; this is available only with SASL  authenti-
-              cation, and disables  SMTP  connection  caching  to
+              cation,  and  disables  SMTP  connection caching to
-              ensure  that  mail  from different senders will use
+              ensure that mail from different  senders  will  use
              the appropriate credentials.
       <b><a href="postconf.5.html#smtp_sasl_path">smtp_sasl_path</a> (empty)</b>
-              Implementation-specific information that is  passed
+              Implementation-specific  information that is passed
-              through  to the SASL plug-in implementation that is
+              through to the SASL plug-in implementation that  is
              selected with <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>.
       <b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a> (cyrus)</b>
-              The SASL plug-in type that the Postfix SMTP  client
+              The  SASL plug-in type that the Postfix SMTP client
              should use for authentication.
 <b>STARTTLS SUPPORT CONTROLS</b>
-       Detailed  information  about STARTTLS configuration may be
+       Detailed information about STARTTLS configuration  may  be
       found in the <a href="TLS_README.html">TLS_README</a> document.
       <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
-              The default SMTP TLS security level for all  desti-
+              The  default SMTP TLS security level for all desti-
-              nations;  when a non-empty value is specified, this
+              nations; when a non-empty value is specified,  this
              overrides  the  obsolete  parameters  <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>,
              <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
       <b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>           ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b>
       <b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b>
-              The  SASL  authentication security options that the
+              The SASL authentication security options  that  the
-              Postfix SMTP client uses  for  TLS  encrypted  SMTP
+              Postfix  SMTP  client  uses  for TLS encrypted SMTP
              sessions.
       <b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
-              Time  limit  for Postfix SMTP client write and read
+              Time limit for Postfix SMTP client write  and  read
-              operations during TLS startup  and  shutdown  hand-
+              operations  during  TLS  startup and shutdown hand-
              shake procedures.
       <b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
-              The  file with the certificate of the certification
+              The file with the certificate of the  certification
-              authority (CA) that issued the Postfix SMTP  client
+              authority  (CA) that issued the Postfix SMTP client
              certificate.
       <b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
-              Directory  with  PEM  format  certificate authority
+              Directory with  PEM  format  certificate  authority
-              certificates that the Postfix SMTP client  uses  to
+              certificates  that  the Postfix SMTP client uses to
              verify a remote SMTP server certificate.
       <b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b>
-              File  with  the Postfix SMTP client RSA certificate
+              File with the Postfix SMTP client  RSA  certificate
              in PEM format.
       <b><a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> (medium)</b>
-              The minimum SMTP client TLS cipher  grade  that  is
+              The  minimum  SMTP  client TLS cipher grade that is
-              strong  enough  to be used with the "encrypt" secu-
+              strong enough to be used with the  "encrypt"  secu-
              rity level and higher.
       <b><a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> (empty)</b>
@ -355,43 +361,43 @@ SMTP(8)                                                                SMTP(8)
       <b><a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> (empty)</b>
              List of ciphers or cipher types to exclude from the
-              SMTP client cipher list at the mandatory TLS  secu-
+              SMTP  client cipher list at the mandatory TLS secu-
              rity levels: "encrypt", "verify" and "secure".
       <b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
-              File  with  the Postfix SMTP client DSA certificate
+              File with the Postfix SMTP client  DSA  certificate
              in PEM format.
       <b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b>
-              File with the Postfix SMTP client DSA  private  key
+              File  with  the Postfix SMTP client DSA private key
              in PEM format.
       <b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b>
-              File  with  the Postfix SMTP client RSA private key
+              File with the Postfix SMTP client RSA  private  key
              in PEM format.
       <b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b>
-              Enable additional Postfix SMTP  client  logging  of
+              Enable  additional  Postfix  SMTP client logging of
              TLS activity.
       <b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
-              Log  the  hostname  of  a  remote  SMTP server that
+              Log the hostname  of  a  remote  SMTP  server  that
-              offers STARTTLS, when TLS is  not  already  enabled
+              offers  STARTTLS,  when  TLS is not already enabled
              for that server.
       <b><a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> (empty)</b>
              Optional lookup tables with the Postfix SMTP client
              TLS security policy by next-hop destination; when a
-              non-empty  value  is  specified, this overrides the
+              non-empty value is specified,  this  overrides  the
              obsolete <a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> parameter.
       <b><a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> (SSLv3, TLSv1)</b>
-              List of  TLS  protocol  versions  that  are  secure
+              List  of  TLS  protocol  versions  that  are secure
              enough to be used with the "encrypt" security level
              and higher.
       <b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
-              The verification depth for remote SMTP server  cer-
+              The  verification depth for remote SMTP server cer-
              tificates.
       <b><a href="postconf.5.html#smtp_tls_secure_cert_match">smtp_tls_secure_cert_match</a> (nexthop, dot-nexthop)</b>
@ -399,7 +405,7 @@ SMTP(8)                                                                SMTP(8)
              for the "secure" TLS security level.
       <b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
-              Name of the file containing  the  optional  Postfix
+              Name  of  the  file containing the optional Postfix
              SMTP client TLS session cache.
       <b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
@ -411,9 +417,9 @@ SMTP(8)                                                                SMTP(8)
              for the "verify" TLS security level.
       <b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
-              The  number  of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+              The number of pseudo-random bytes that  an  <a href="smtp.8.html"><b>smtp</b>(8)</a>
-              or <a href="smtpd.8.html"><b>smtpd</b>(8)</a> process  requests  from  the  <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
+              or  <a href="smtpd.8.html"><b>smtpd</b>(8)</a>  process  requests  from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
-              server  in order to seed its internal pseudo random
+              server in order to seed its internal pseudo  random
              number generator (PRNG).
       <b><a href="postconf.5.html#tls_high_cipherlist">tls_high_cipherlist</a></b>
@ -425,7 +431,7 @@ SMTP(8)                                                                SMTP(8)
              ciphers.
       <b><a href="postconf.5.html#tls_low_cipherlist">tls_low_cipherlist</a> (!EXPORT:ALL:+RC4:@STRENGTH)</b>
-              The  OpenSSL  cipherlist  for "LOW" or higher grade
+              The OpenSSL cipherlist for "LOW"  or  higher  grade
              ciphers.
       <b><a href="postconf.5.html#tls_export_cipherlist">tls_export_cipherlist</a> (ALL:+RC4:@STRENGTH)</b>
@ -433,66 +439,66 @@ SMTP(8)                                                                SMTP(8)
              ciphers.
       <b><a href="postconf.5.html#tls_null_cipherlist">tls_null_cipherlist</a> (!aNULL:eNULL+kRSA)</b>
-              The  OpenSSL  cipherlist  for  "NULL" grade ciphers
+              The OpenSSL cipherlist  for  "NULL"  grade  ciphers
              that provide authentication without encryption.
       Available in Postfix version 2.4 and later:
       <b><a href="postconf.5.html#smtp_sasl_tls_verified_security_options">smtp_sasl_tls_verified_security_options</a></b>
       <b>($<a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a>)</b>
-              The SASL authentication security options  that  the
+              The  SASL  authentication security options that the
-              Postfix  SMTP  client  uses  for TLS encrypted SMTP
+              Postfix SMTP client uses  for  TLS  encrypted  SMTP
              sessions with a verified server certificate.
 <b>OBSOLETE STARTTLS CONTROLS</b>
-       The following configuration parameters exist for  compati-
+       The  following configuration parameters exist for compati-
       bility with Postfix versions before 2.3. Support for these
       will be removed in a future release.
       <b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
-              Opportunistic mode: use  TLS  when  a  remote  SMTP
+              Opportunistic  mode:  use  TLS  when  a remote SMTP
-              server  announces  STARTTLS support, otherwise send
+              server announces STARTTLS support,  otherwise  send
              the mail in the clear.
       <b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
-              Enforcement mode: require that remote SMTP  servers
+              Enforcement  mode: require that remote SMTP servers
-              use  TLS  encryption,  and  never  send mail in the
+              use TLS encryption, and  never  send  mail  in  the
              clear.
       <b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
-              When TLS encryption is enforced, require  that  the
+              When  TLS  encryption is enforced, require that the
              remote SMTP server hostname matches the information
              in the remote SMTP server certificate.
       <b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
              Optional lookup tables with the Postfix SMTP client
-              TLS  usage  policy  by  next-hop destination and by
+              TLS usage policy by  next-hop  destination  and  by
              remote SMTP server hostname.
 <b>RESOURCE AND RATE CONTROLS</b>
       <b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a>      ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
       <b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
-              The maximal number of parallel  deliveries  to  the
+              The  maximal  number  of parallel deliveries to the
-              same  destination  via  the  smtp  message delivery
+              same destination  via  the  smtp  message  delivery
              transport.
       <b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a>        ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
       <b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
-              The maximal number of recipients per  delivery  via
+              The  maximal  number of recipients per delivery via
              the smtp message delivery transport.
       <b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
-              The  SMTP  client  time  limit for completing a TCP
+              The SMTP client time limit  for  completing  a  TCP
              connection,  or  zero  (use  the  operating  system
              built-in time limit).
       <b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
-              The  SMTP client time limit for sending the HELO or
+              The SMTP client time limit for sending the HELO  or
-              EHLO command, and for receiving the initial  server
+              EHLO  command, and for receiving the initial server
              response.
       <b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
-              The  LMTP  client  time  limit for sending the LHLO
+              The LMTP client time limit  for  sending  the  LHLO
              command,  and  for  receiving  the  initial  server
              response.
@ -501,30 +507,30 @@ SMTP(8)                                                                SMTP(8)
              command, and for receiving the server response.
       <b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
-              The SMTP client time limit  for  sending  the  MAIL
+              The  SMTP  client  time  limit for sending the MAIL
-              FROM   command,   and   for  receiving  the  server
+              FROM  command,  and  for   receiving   the   server
              response.
       <b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
-              The SMTP client time limit  for  sending  the  SMTP
+              The  SMTP  client  time  limit for sending the SMTP
-              RCPT  TO  command,  and  for  receiving  the server
+              RCPT TO  command,  and  for  receiving  the  server
              response.
       <b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
-              The SMTP client time limit  for  sending  the  SMTP
+              The  SMTP  client  time  limit for sending the SMTP
-              DATA   command,   and   for  receiving  the  server
+              DATA  command,  and  for   receiving   the   server
              response.
       <b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
-              The SMTP client time limit  for  sending  the  SMTP
+              The  SMTP  client  time  limit for sending the SMTP
              message content.
       <b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
-              The  SMTP  client  time  limit for sending the SMTP
+              The SMTP client time limit  for  sending  the  SMTP
              ".", and for receiving the server response.
       <b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b>
-              The SMTP client time limit  for  sending  the  QUIT
+              The  SMTP  client  time  limit for sending the QUIT
              command, and for receiving the server response.
       Available in Postfix version 2.1 and later:
@ -535,12 +541,12 @@ SMTP(8)                                                                SMTP(8)
              lookups, or zero (no limit).
       <b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
-              The  maximal  number  of SMTP sessions per delivery
+              The maximal number of SMTP  sessions  per  delivery
-              request before giving up or delivering to  a  fall-
+              request  before  giving up or delivering to a fall-
              back <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
       <b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
-              The  SMTP  client  time  limit for sending the RSET
+              The SMTP client time limit  for  sending  the  RSET
              command, and for receiving the server response.
       Available in Postfix version 2.2 and earlier:
@ -552,11 +558,11 @@ SMTP(8)                                                                SMTP(8)
       Available in Postfix version 2.2 and later:
       <b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
-              Permanently  enable SMTP connection caching for the
+              Permanently enable SMTP connection caching for  the
              specified destinations.
       <b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
-              Temporarily enable SMTP connection caching while  a
+              Temporarily  enable SMTP connection caching while a
              destination has a high volume of mail in the active
              queue.
@ -566,57 +572,57 @@ SMTP(8)                                                                SMTP(8)
       <b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b>
              When SMTP connection caching is enabled, the amount
-              of time that an unused SMTP client socket  is  kept
+              of  time  that an unused SMTP client socket is kept
              open before it is closed.
       Available in Postfix version 2.3 and later:
       <b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
-              Time  limit  for  connection cache connect, send or
+              Time limit for connection cache  connect,  send  or
              receive operations.
 <b>TROUBLE SHOOTING CONTROLS</b>
       <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
-              The increment  in  verbose  logging  level  when  a
+              The  increment  in  verbose  logging  level  when a
-              remote  client  or  server matches a pattern in the
+              remote client or server matches a  pattern  in  the
              <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
       <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
-              Optional list of remote client or  server  hostname
+              Optional  list  of remote client or server hostname
-              or  network address patterns that cause the verbose
+              or network address patterns that cause the  verbose
-              logging level to increase by the  amount  specified
+              logging  level  to increase by the amount specified
              in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
       <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
-              The  recipient  of  postmaster  notifications about
+              The recipient  of  postmaster  notifications  about
-              mail delivery problems that are caused  by  policy,
+              mail  delivery  problems that are caused by policy,
              resource, software or protocol errors.
       <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
-              The  list of error classes that are reported to the
+              The list of error classes that are reported to  the
              postmaster.
 <b>MISCELLANEOUS CONTROLS</b>
       <b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
-              Where the Postfix SMTP client should  deliver  mail
+              Where  the  Postfix SMTP client should deliver mail
              when it detects a "mail loops back to myself" error
              condition.
       <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
-              The default location of  the  Postfix  <a href="postconf.5.html">main.cf</a>  and
+              The  default  location  of  the Postfix <a href="postconf.5.html">main.cf</a> and
              <a href="master.5.html">master.cf</a> configuration files.
       <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
-              How  much time a Postfix daemon process may take to
+              How much time a Postfix daemon process may take  to
-              handle a request  before  it  is  terminated  by  a
+              handle  a  request  before  it  is  terminated by a
              built-in watchdog timer.
       <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
-              The  maximal  number  of  digits  after the decimal
+              The maximal number  of  digits  after  the  decimal
              point when logging sub-second delay values.
       <b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
-              Disable DNS lookups in the Postfix  SMTP  and  LMTP
+              Disable  DNS  lookups  in the Postfix SMTP and LMTP
              clients.
       <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
@ -624,7 +630,7 @@ SMTP(8)                                                                SMTP(8)
              tem receives mail on.
       <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
-              The Internet protocols Postfix will attempt to  use
+              The  Internet protocols Postfix will attempt to use
              when making or accepting connections.
       <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
@ -632,74 +638,74 @@ SMTP(8)                                                                SMTP(8)
              over an internal communication channel.
       <b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
-              The default TCP port that the Postfix  LMTP  client
+              The  default  TCP port that the Postfix LMTP client
              connects to.
       <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
-              The  maximum  amount  of  time that an idle Postfix
+              The maximum amount of time  that  an  idle  Postfix
-              daemon process waits for the next  service  request
+              daemon  process  waits for the next service request
              before exiting.
       <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
-              The  maximal number of connection requests before a
+              The maximal number of connection requests before  a
              Postfix daemon process terminates.
       <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
-              The process ID  of  a  Postfix  command  or  daemon
+              The  process  ID  of  a  Postfix  command or daemon
              process.
       <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
-              The  process  name  of  a Postfix command or daemon
+              The process name of a  Postfix  command  or  daemon
              process.
       <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
              The network interface addresses that this mail sys-
-              tem  receives  mail on by way of a proxy or network
+              tem receives mail on by way of a proxy  or  network
              address translation unit.
       <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
              An optional numerical network address that the SMTP
-              client  should  bind to when making an IPv4 connec-
+              client should bind to when making an  IPv4  connec-
              tion.
       <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
              An optional numerical network address that the SMTP
-              client  should  bind to when making an IPv6 connec-
+              client should bind to when making an  IPv6  connec-
              tion.
       <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
-              The hostname to send in the SMTP EHLO or HELO  com-
+              The  hostname to send in the SMTP EHLO or HELO com-
              mand.
       <b><a href="postconf.5.html#lmtp_lhloname">lmtp_lhlo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
              The hostname to send in the LMTP LHLO command.
       <b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
-              What  mechanisms  when the SMTP client uses to look
+              What mechanisms when the SMTP client uses  to  look
              up a host's IP address.
       <b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
-              Randomize the order  of  equal-preference  MX  host
+              Randomize  the  order  of  equal-preference MX host
              addresses.
       <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
              The syslog facility of Postfix logging.
       <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
-              The  mail  system  name  that  is  prepended to the
+              The mail system  name  that  is  prepended  to  the
-              process name in syslog  records,  so  that  "smtpd"
+              process  name  in  syslog  records, so that "smtpd"
              becomes, for example, "postfix/smtpd".
       Available with Postfix 2.2 and earlier:
       <b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
-              Optional  list of relay hosts for SMTP destinations
+              Optional list of relay hosts for SMTP  destinations
              that can't be found or that are unreachable.
       Available with Postfix 2.3 and later:
       <b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
-              Optional list of relay hosts for SMTP  destinations
+              Optional  list of relay hosts for SMTP destinations
              that can't be found or that are unreachable.
 <b>SEE ALSO</b>
@ -717,7 +723,7 @@ SMTP(8)                                                                SMTP(8)
       <a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
       software.
 <b>AUTHOR(S)</b>
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@ -1883,6 +1883,11 @@ Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
 The default time unit is s (seconds).
 .SH lmtp_sasl_auth_enable (default: no)
 Enable SASL authentication in the Postfix LMTP client.
 .SH lmtp_sasl_auth_enforce (default: yes)
 The LMTP-specific version of the smtp_sasl_auth_enforce
 configuration parameter.  See there for details.
 .PP
 This feature is available in Postfix 2.3 and later.
 .SH lmtp_sasl_mechanism_filter (default: empty)
 The LMTP-specific version of the smtp_sasl_mechanism_filter
 configuration parameter.  See there for details.
@ -4194,6 +4199,12 @@ smtp_sasl_auth_enable = yes
 .fi
 .ad
 .ft R
 .SH smtp_sasl_auth_enforce (default: yes)
 Defer mail delivery when an SMTP server does not support SASL
 authentication, while smtp_sasl_password_maps contains SASL
 login/password information for that server.
 .PP
 This feature is available in Postfix 2.3 and later.
 .SH smtp_sasl_mechanism_filter (default: empty)
 If non-empty, a Postfix SMTP client filter for the remote SMTP
 server's list of offered SASL mechanisms.  Different client and
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@ -262,6 +262,10 @@ If non-empty, a Postfix SMTP client filter for the remote SMTP
 server's list of offered SASL mechanisms.
 .PP
 Available in Postfix version 2.3 and later:
 .IP "\fBsmtp_sasl_auth_enforce (yes)\fR"
 Defer mail delivery when an SMTP server does not support SASL
 authentication, while smtp_sasl_password_maps contains SASL
 login/password information for that server.
 .IP "\fBsmtp_sender_dependent_authentication (no)\fR"
 Enable sender-dependent authentication in the SMTP client; this is
 available only with SASL authentication, and disables SMTP connection
--- a/postfix/mantools/postlink
+++ b/postfix/mantools/postlink
@ -252,6 +252,7 @@ while (<>) {
    s;\blmtp_rcpt_timeout\b;<a href="postconf.5.html#lmtp_rcpt_timeout">$&</a>;g;
    s;\blmtp_rset_timeout\b;<a href="postconf.5.html#lmtp_rset_timeout">$&</a>;g;
    s;\blmtp_sasl_auth_enable\b;<a href="postconf.5.html#lmtp_sasl_auth_enable">$&</a>;g;
    s;\blmtp_sasl_auth_enforce\b;<a href="postconf.5.html#lmtp_sasl_auth_enforce">$&</a>;g;
    s;\blmtp_sasl_password_maps\b;<a href="postconf.5.html#lmtp_sasl_password_maps">$&</a>;g;
    s;\blmtp_sasl_security_options\b;<a href="postconf.5.html#lmtp_sasl_security_options">$&</a>;g;
    s;\blmtp_sasl_type\b;<a href="postconf.5.html#lmtp_sasl_type">$&</a>;g;
@ -418,7 +419,7 @@ while (<>) {
    s;\bsmtp_rset_timeout\b;<a href="postconf.5.html#smtp_rset_timeout">$&</a>;g;
    s;\bsmtp_sasl_auth_enable\b;<a href="postconf.5.html#smtp_sasl_auth_enable">$&</a>;g;
    s;\bsmtp_sasl_mechanism_filter\b;<a href="postconf.5.html#smtp_sasl_mechanism_filter">$&</a>;g;
-    s;\bsmtp_sasl_password_maps\b;<a href="postconf.5.html#smtp_sasl_password_maps">$&</a>;g;
+    s;\bsmtp_sasl_pass[-</Bb>]*\n* *[<Bb>]*word_maps\b;<a href="postconf.5.html#smtp_sasl_password_maps">$&</a>;g;
    s;\bsmtp_sasl_path\b;<a href="postconf.5.html#smtp_sasl_path">$&</a>;g;
    s;\bsmtp_sasl_secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_security_options">$&</a>;g;
    s;\bsmtp_send_xforward_command\b;<a href="postconf.5.html#smtp_send_xforward_command">$&</a>;g;
@ -524,6 +525,7 @@ while (<>) {
    s;\bsmtp_[-</Bb>]*\n* *[<Bb>]*sasl_[-</Bb>]*\n* *[<Bb>]*tls_[-</Bb>]*\n* *[<Bb>]*secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_security_options">$&</a>;g;
    s;\bsmtp_sasl_tls_verified_secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_verified_security_options">$&</a>;g;
    s;\bsmtp_sasl_type\b;<a href="postconf.5.html#smtp_sasl_type">$&</a>;g;
    s;\bsmtp_sasl_auth_enforce\b;<a href="postconf.5.html#smtp_sasl_auth_enforce">$&</a>;g;
    s;\bsmtp_starttls_timeout\b;<a href="postconf.5.html#smtp_starttls_timeout">$&</a>;g;
    s;\bsmtp_tls_CAfile\b;<a href="postconf.5.html#smtp_tls_CAfile">$&</a>;g;
    s;\bsmtp_tls_CApath\b;<a href="postconf.5.html#smtp_tls_CApath">$&</a>;g;
--- a/postfix/proto/SMTPD_POLICY_README.html
+++ b/postfix/proto/SMTPD_POLICY_README.html
@ -90,7 +90,7 @@ sasl_username=you
 sasl_sender=
 size=12345
 ccert_subject=solaris9.porcupine.org
-ccert_issuer=Wietse Venema
+ccert_issuer=Wietse+20Venema
 ccert_fingerprint=C2:9D:F4:87:71:73:73:D9:18:E7:C2:F3:C1:DA:6E:04
 <b>Postfix version 2.3 and later:</b>
 encryption_protocol=TLSv1/SSLv3
@ -161,6 +161,9 @@ etrn_domain=
    <li> <p> The "ccert_*" attributes (Postfix 2.2 and later) specify
    information about how the client was authenticated via TLS.
    These attributes are empty in case of no certificate authentication.
    As of Postfix 2.2.11 these attribute values are encoded as
    xtext: some characters are represented by +XX, where XX is the
    two-digit hecadecimal representation of the character value.
    </p>
    <li> <p> The "encryption_*" attributes (Postfix 2.3 and later)
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@ -10345,3 +10345,18 @@ configuration parameter.  See there for details. </p>
 configuration parameter.  See there for details. </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
 %PARAM smtp_sasl_auth_enforce   yes
 <p> Defer mail delivery when an SMTP server does not support SASL
 authentication, while smtp_sasl_password_maps contains SASL
 login/password information for that server. </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
 %PARAM lmtp_sasl_auth_enforce   yes
 <p> The LMTP-specific version of the smtp_sasl_auth_enforce
 configuration parameter.  See there for details. </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
--- a/postfix/src/cleanup/cleanup_milter.c
+++ b/postfix/src/cleanup/cleanup_milter.c
@ -1187,6 +1187,11 @@ static const char *cleanup_milter_eval(const char *name, void *ptr)
 {
    CLEANUP_STATE *state = (CLEANUP_STATE *) ptr;
    /*
     * Note: if we use XFORWARD attributes here, then consistency requires
     * that we forward all Sendmail macros via XFORWARD.
     */
    /*
     * Canonicalize the name.
     */
--- a/postfix/src/global/log_adhoc.c
+++ b/postfix/src/global/log_adhoc.c
@ -133,15 +133,22 @@ void    log_adhoc(const char *id, MSG_STATS *stats, RECIPIENT *recipient,
     * 
     * Don't compute the sdelay (connection setup latency) if there is no time
     * stamp for connection setup completion.
     * 
     * XXX Apparently, Solaris gettimeofday() can return out-of-range
     * microsecond values.
     */
 #define DELTA(x, y, z) \
    do { \
 	(x).dt_sec = (y).tv_sec - (z).tv_sec; \
 	(x).dt_usec = (y).tv_usec - (z).tv_usec; \
-	if ((x).dt_usec < 0) { \
+	while ((x).dt_usec < 0) { \
 	    (x).dt_usec += 1000000; \
 	    (x).dt_sec -= 1; \
 	} \
 	while ((x).dt_usec >= 1000000) { \
 	    (x).dt_usec -= 1000000; \
 	    (x).dt_sec += 1; \
 	} \
 	if ((x).dt_sec < 0) \
 	    (x).dt_sec = (x).dt_usec = 0; \
    } while (0)
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@ -1384,6 +1384,10 @@ extern bool var_smtp_sasl_enable;
 #define DEF_SMTP_SASL_PASSWD	""
 extern char *var_smtp_sasl_passwd;
 #define VAR_SMTP_SASL_ENFORCE	"smtp_sasl_auth_enforce"
 #define DEF_SMTP_SASL_ENFORCE	1
 extern bool var_smtp_sasl_enforce;
 #define VAR_SMTP_SASL_OPTS	"smtp_sasl_security_options"
 #define DEF_SMTP_SASL_OPTS	"noplaintext, noanonymous"
 extern char *var_smtp_sasl_opts;
@ -1479,6 +1483,9 @@ extern bool var_lmtp_sasl_enable;
 #define DEF_LMTP_SASL_PASSWD	""
 extern char *var_lmtp_sasl_passwd;
 #define VAR_LMTP_SASL_ENFORCE	"lmtp_sasl_auth_enforce"
 #define DEF_LMTP_SASL_ENFORCE	1
 #define VAR_LMTP_SASL_OPTS	"lmtp_sasl_security_options"
 #define DEF_LMTP_SASL_OPTS	"noplaintext, noanonymous"
 extern char *var_lmtp_sasl_opts;
--- a/postfix/src/global/mail_proto.h
+++ b/postfix/src/global/mail_proto.h
@ -135,7 +135,7 @@ extern char *mail_pathname(const char *, const char *);
 #define MAIL_ATTR_LABEL		"label"
 #define MAIL_ATTR_PROP		"property"
 #define MAIL_ATTR_CCERT_SUBJECT	"ccert_subject"
-#define MAIL_ATTR_CCERT_ISSSUER	"ccert_issuer"
+#define MAIL_ATTR_CCERT_ISSUER	"ccert_issuer"
 #define MAIL_ATTR_CCERT_FINGERPRINT "ccert_fingerprint"
 #define MAIL_ATTR_CRYPTO_PROTOCOL "encryption_protocol"
 #define MAIL_ATTR_CRYPTO_CIPHER	"encryption_cipher"
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,8 +20,8 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20060706"
+#define MAIL_RELEASE_DATE	"20060707"
-#define MAIL_VERSION_NUMBER	"2.3-RC7"
+#define MAIL_VERSION_NUMBER	"2.3-RC8"
 #define VAR_MAIL_VERSION	"mail_version"
 #define DEF_MAIL_VERSION	MAIL_VERSION_NUMBER
--- a/postfix/src/smtp/lmtp_params.c
+++ b/postfix/src/smtp/lmtp_params.c
@ -95,5 +95,6 @@
 #endif
 	VAR_LMTP_SENDER_AUTH, DEF_LMTP_SENDER_AUTH, &var_smtp_sender_auth,
 	VAR_LMTP_CNAME_OVERR, DEF_LMTP_CNAME_OVERR, &var_smtp_cname_overr,
 	VAR_LMTP_SASL_ENFORCE, DEF_LMTP_SASL_ENFORCE, &var_smtp_sasl_enforce,
 	0,
    };
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@ -234,6 +234,10 @@
 /*	server's list of offered SASL mechanisms.
 /* .PP
 /*	Available in Postfix version 2.3 and later:
 /* .IP "\fBsmtp_sasl_auth_enforce (yes)\fR"
 /*	Defer mail delivery when an SMTP server does not support SASL
 /*	authentication, while smtp_sasl_password_maps contains SASL
 /*	login/password information for that server.
 /* .IP "\fBsmtp_sender_dependent_authentication (no)\fR"
 /*	Enable sender-dependent authentication in the SMTP client; this is
 /*	available only with SASL authentication, and disables SMTP connection
@ -691,6 +695,7 @@ bool    var_smtp_sender_auth;
 char   *var_lmtp_tcp_port;
 int     var_scache_proto_tmout;
 bool    var_smtp_cname_overr;
 bool    var_smtp_sasl_enforce;
 /*
  * Global variables.
--- a/postfix/src/smtp/smtp_params.c
+++ b/postfix/src/smtp/smtp_params.c
@ -99,5 +99,6 @@
 #endif
 	VAR_SMTP_SENDER_AUTH, DEF_SMTP_SENDER_AUTH, &var_smtp_sender_auth,
 	VAR_SMTP_CNAME_OVERR, DEF_SMTP_CNAME_OVERR, &var_smtp_cname_overr,
 	VAR_SMTP_SASL_ENFORCE, DEF_SMTP_SASL_ENFORCE, &var_smtp_sasl_enforce,
 	0,
    };
--- a/postfix/src/smtp/smtp_proto.c
+++ b/postfix/src/smtp/smtp_proto.c
@ -600,6 +600,15 @@ int     smtp_helo(SMTP_STATE *state)
 #ifdef USE_SASL_AUTH
    if (var_smtp_sasl_enable && (session->features & SMTP_FEATURE_AUTH))
 	return (smtp_sasl_helo_login(state));
    else if (var_smtp_sasl_enable
 	     && *var_smtp_sasl_passwd
 	     && var_smtp_sasl_enforce
 	     && smtp_sasl_passwd_lookup(session) != 0)
 	return (smtp_site_fail(state, DSN_BY_LOCAL_MTA,
 			       SMTP_RESP_FAKE(&fake, "4.7.0"),
 			       "SASL login/password exists, but host %s "
 			       "does not announce SASL authentication support",
 			       session->namaddr));
 #endif
    return (0);
--- a/postfix/src/smtpd/Makefile.in
+++ b/postfix/src/smtpd/Makefile.in
@ -286,6 +286,7 @@ smtpd_check.o: ../../include/vbuf.h
 smtpd_check.o: ../../include/verify_clnt.h
 smtpd_check.o: ../../include/vstream.h
 smtpd_check.o: ../../include/vstring.h
 smtpd_check.o: ../../include/xtext.h
 smtpd_check.o: smtpd.h
 smtpd_check.o: smtpd_check.c
 smtpd_check.o: smtpd_check.h
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@ -236,6 +236,7 @@
 #include <valid_mailhost_addr.h>
 #include <dsn_util.h>
 #include <conv_time.h>
 #include <xtext.h>
 /* Application-specific. */
@ -3251,6 +3252,15 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
    static VSTRING *action = 0;
    ATTR_CLNT *policy_clnt;
 #ifdef USE_TLS
    VSTRING *subject_buf;
    VSTRING *issuer_buf;
    const char *subject;
    const char *issuer;
 #endif
    int     ret;
    /*
     * Sanity check.
     */
@ -3265,6 +3275,23 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
    if (action == 0)
 	action = vstring_alloc(10);
 #ifdef USE_TLS
 #define ENCODE_CN(coded_CN, coded_CN_buf, CN) do { \
 	if (state->tls_context == 0 \
 	    || state->tls_context->peer_verified == 0 || (CN) == 0) { \
 	    coded_CN_buf = 0; \
 	    coded_CN = ""; \
 	} else { \
 	    coded_CN_buf = vstring_alloc(strlen(CN)); \
 	    xtext_quote(coded_CN_buf, CN, ""); \
 	    coded_CN = STR(coded_CN_buf); \
 	} \
    } while (0);
    ENCODE_CN(subject, subject_buf, state->tls_context->peer_CN);
    ENCODE_CN(issuer, issuer_buf, state->tls_context->issuer_CN);
 #endif
    if (attr_clnt_request(policy_clnt,
 			  ATTR_FLAG_NONE,	/* Query attributes. */
 			ATTR_TYPE_STR, MAIL_ATTR_REQ, "smtpd_access_policy",
@ -3308,10 +3335,8 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
 #define IF_VERIFIED(x) \
    ((state->tls_context && \
      state->tls_context->peer_verified && ((x) != 0)) ? (x) : "")
-			  ATTR_TYPE_STR, MAIL_ATTR_CCERT_SUBJECT,
+			  ATTR_TYPE_STR, MAIL_ATTR_CCERT_SUBJECT, subject,
-			  IF_VERIFIED(state->tls_context->peer_CN),
+			  ATTR_TYPE_STR, MAIL_ATTR_CCERT_ISSUER, issuer,
 			  ATTR_TYPE_STR, MAIL_ATTR_CCERT_ISSSUER,
 			  IF_VERIFIED(state->tls_context->issuer_CN),
 			  ATTR_TYPE_STR, MAIL_ATTR_CCERT_FINGERPRINT,
 			  IF_VERIFIED(state->tls_context->peer_fingerprint),
 #define IF_ENCRYPTED(x, y) ((state->tls_context && ((x) != 0)) ? (x) : (y))
@ -3326,19 +3351,26 @@ static int check_policy_service(SMTPD_STATE *state, const char *server,
 			  ATTR_FLAG_MISSING,	/* Reply attributes. */
 			  ATTR_TYPE_STR, MAIL_ATTR_ACTION, action,
 			  ATTR_TYPE_END) != 1) {
-	return (smtpd_check_reject(state, MAIL_ERROR_POLICY,
+	ret = smtpd_check_reject(state, MAIL_ERROR_POLICY,
-				   451, "4.3.5",
+				 451, "4.3.5",
-				   "Server configuration problem"));
+				 "Server configuration problem");
    } else {
 	/*
 	 * XXX This produces bogus error messages when the reply is
 	 * malformed.
 	 */
-	return (check_table_result(state, server, STR(action),
+	ret = check_table_result(state, server, STR(action),
-				   "policy query", reply_name,
+				 "policy query", reply_name,
-				   reply_class, def_acl));
+				 reply_class, def_acl);
    }
 #ifdef USE_TLS
    if (subject_buf)
 	vstring_free(subject_buf);
    if (issuer_buf)
 	vstring_free(issuer_buf);
 #endif
    return (ret);
 }
 /* is_map_command - restriction has form: check_xxx_access type:name */
--- a/postfix/src/smtpd/smtpd_peer.c
+++ b/postfix/src/smtpd/smtpd_peer.c
@ -138,6 +138,15 @@ void    smtpd_peer_init(SMTPD_STATE *state)
    /*
     * Look up the peer address information.
     * 
     * XXX If we make local endpoint (getsockname) information available to
     * Milter applications as {if_name} and {if_addr}, then we also must be
     * able to provide this via the XCLIENT command for Milter testing.
     * 
     * XXX If support were to be added for Milter applications in down-stream
     * MTAs, then consistency demands that we propagate a lot of Sendmail
     * macro information via the XFORWARD command. Otherwise we could end up
     * with a very confusing situation.
     */
    if (getpeername(vstream_fileno(state->client), sa, &sa_length) >= 0) {
 	errno = 0;