mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-3.4-20181125

Browse Source
This commit is contained in:
Wietse Venema 2018-11-25 00:00:00 -05:00 committed by Viktor Dukhovni
parent 3525c001ea
commit d5f04c8f9e
20 changed files with 236 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
postfix/HISTORY
View File

@ -23842,3 +23842,15 @@ Apologies for any names omitted.
tls_client_init request specifies an unexpected client
identity, and the test for that condition is now moved to
the right place. File: tlsproxy/tlsproxy.c.
20181124
Documentation: clarified the behavior of whitespace within
"{}". Files: proto/DATABASE_README.html, proto/postconf.proto,
pipe/pipe.c, postconf/postconf.c,
20181125
Cleanup: dict_file_to_xxx() takes a list of file names
separated by CHARS_COMMA_SP. Shoe-horned into the existing
API, make it nicer when there is time. File: util/dict_file.c.

12
postfix/README_FILES/DATABASE_README
View File

@ -215,9 +215,11 @@ To find out what database types your Postfix system supports, use the "ppooss
iinnlliinnee (read-only)
A non-shared, in-memory lookup table. Example: "inline:{ key=value,
{ key = text with whitespace or comma }}". Key-value pairs are
separated by whitespace or comma; whitespace after "{" and before "}"
is ignored. Inline tables eliminate the need to create a database file
for just a few fixed elements. See also the static: map type.
separated by whitespace or comma; with a key-value pair inside "{}",
whitespace is ignored after the opening "{", around the "=" between key
and value, and before the closing "}". Inline tables eliminate the need
to create a database file for just a few fixed elements. See also the
static: map type.
iinntteerrnnaall
A non-shared, in-memory hash table. Its content are lost when a process
terminates.
@ -289,8 +291,8 @@ To find out what database types your Postfix system supports, use the "ppooss
A table that always returns its name as the lookup result. For example,
"static:foobar" always returns the string "foobar" as lookup result.
Specify "static:{ text with whitespace }" when the result contains
whitespace; this form ignores whitespace after "{" and before "}". See
also the inline: map type.
whitespace; this form ignores whitespace after the opening "{" and
before the closing "}". See also the inline: map type.
ttccpp
TCP/IP client. The protocol is described in tcp_table(5). The lookup
table name is "tcp:host:port" where "host" specifies a symbolic

7
postfix/WISHLIST
View File

@ -1,7 +1,10 @@
Wish list:
With DICT_FLAG_RHS_IS_FILE, RHS is list of files (insert
newline for robustness).
Declumsify code that calls vstream_fread() to read data
into VSTRING buffer. This needs vstream_fread_buf(VSTREAM *,
VSTRING *, ssize_t) which calls VSTRING_SPACE(), appends
data to the buffer, and calls VSTRING_AT_OFFSET(). Current
code is error-prone.
With DICT_FLAG_RHS_IS_FILE, should dict_update() open a
file? base64-encode the value?

9
postfix/html/DATABASE_README.html
View File

@ -317,8 +317,10 @@ name as used in "<a href="DATABASE_README.html#types">hash</a>:table" is the dat
<dd> A non-shared, in-memory lookup table. Example: "<a href="DATABASE_README.html#types">inline</a>:{
<i>key=value</i>, { <i>key = text with whitespace or comma</i> }}".
Key-value pairs are separated by whitespace or comma; whitespace
after "{" and before "}" is ignored. Inline tables eliminate the
Key-value pairs are separated by whitespace or comma; with a key-value
pair inside "{}", whitespace is ignored after the opening "{",
around the "=" between key and value, and before the closing "}".
Inline tables eliminate the
need to create a database file for just a few fixed elements. See
also the <a href="DATABASE_README.html#types">static</a>: map type. </dd>
@ -436,7 +438,8 @@ server. See <a href="socketmap_table.5.html">socketmap_table(5)</a> for details.
For example, "<a href="DATABASE_README.html#types">static</a>:foobar" always returns the string "foobar" as
lookup result. Specify "<a href="DATABASE_README.html#types">static</a>:{ <i>text with whitespace</i> }"
when the result contains whitespace; this form ignores whitespace
after "{" and before "}". See also the <a href="DATABASE_README.html#types">inline</a>: map type. </dd>
after the opening "{" and before the closing "}". See also the
<a href="DATABASE_README.html#types">inline</a>: map type. </dd>
<dt> <b>tcp</b> </dt>

4
postfix/html/pipe.8.html
View File

@ -192,8 +192,8 @@ PIPE(8) PIPE(8)
interpreter.
Specify "{" and "}" around command arguments that contain white-
space (Postfix 3.0 and later). Whitespace after "{" and before
"}" is ignored.
space (Postfix 3.0 and later). Whitespace after the opening "{"
and before the closing "}" is ignored.
In the command argument vector, the following macros are recog-
nized and replaced with corresponding information from the Post-

195
postfix/html/postconf.1.html
View File

@ -243,19 +243,20 @@ POSTCONF(1) POSTCONF(1)
A non-shared, in-memory lookup table. Example: "<b><a href="DATABASE_README.html#types">inline</a>:{</b>
<i>key</i><b>=</b><i>value</i><b>, {</b> <i>key</i> <b>=</b> <i>text with whitespace or comma</i> <b>}}</b>".
Key-value pairs are separated by whitespace or comma;
whitespace after "<b>{</b>" and before "<b>}</b>" is ignored. Inline
tables eliminate the need to create a database file for
just a few fixed elements. See also the <i><a href="DATABASE_README.html#types">static</a>:</i> map
type.
with a key-value pair inside "<b>{}</b>", whitespace is ignored
after the opening "<b>{</b>", around the "<b>=</b>" between key and
value, and before the closing "<b>}</b>". Inline tables elimi-
nate the need to create a database file for just a few
fixed elements. See also the <i><a href="DATABASE_README.html#types">static</a>:</i> map type.
This feature is available with Postfix 3.0 and later.
<b>internal</b>
A non-shared, in-memory hash table. Its content are lost
A non-shared, in-memory hash table. Its content are lost
when a process terminates.
<b>lmdb</b> OpenLDAP LMDB database (a memory-mapped, persistent
file). Available on systems with support for LMDB data-
<b>lmdb</b> OpenLDAP LMDB database (a memory-mapped, persistent
file). Available on systems with support for LMDB data-
bases. This is described in <a href="lmdb_table.5.html"><b>lmdb_table</b>(5)</a>.
This feature is available with Postfix 2.11 and later.
@ -264,57 +265,57 @@ POSTCONF(1) POSTCONF(1)
LDAP database client. This is described in <a href="ldap_table.5.html"><b>ldap_table</b>(5)</a>.
<b>memcache</b>
Memcache database client. This is described in <a href="memcache_table.5.html"><b>mem-</b></a>
Memcache database client. This is described in <a href="memcache_table.5.html"><b>mem-</b></a>
<a href="memcache_table.5.html"><b>cache_table</b>(5)</a>.
This feature is available with Postfix 2.9 and later.
<b>mysql</b> (read-only)
MySQL database client. Available on systems with support
for MySQL databases. This is described in <a href="mysql_table.5.html"><b>mysql_ta-</b></a>
for MySQL databases. This is described in <a href="mysql_table.5.html"><b>mysql_ta-</b></a>
<a href="mysql_table.5.html"><b>ble</b>(5)</a>.
<b>pcre</b> (read-only)
A lookup table based on Perl Compatible Regular Expres-
A lookup table based on Perl Compatible Regular Expres-
sions. The file format is described in <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
<b>pgsql</b> (read-only)
PostgreSQL database client. This is described in
PostgreSQL database client. This is described in
<a href="pgsql_table.5.html"><b>pgsql_table</b>(5)</a>.
This feature is available with Postfix 2.1 and later.
<b>pipemap</b> (read-only)
A lookup table that constructs a pipeline of tables.
Example: "<b><a href="DATABASE_README.html#types">pipemap</a>:{</b><i>type</i><b>_</b><i>1:name</i><b>_</b><i>1, ..., type</i><b>_</b><i>n:name</i><b>_</b><i>n</i><b>}</b>".
Each "<a href="DATABASE_README.html#types">pipemap</a>:" query is given to the first table. Each
A lookup table that constructs a pipeline of tables.
Example: "<b><a href="DATABASE_README.html#types">pipemap</a>:{</b><i>type</i><b>_</b><i>1:name</i><b>_</b><i>1, ..., type</i><b>_</b><i>n:name</i><b>_</b><i>n</i><b>}</b>".
Each "<a href="DATABASE_README.html#types">pipemap</a>:" query is given to the first table. Each
lookup result becomes the query for the next table in the
pipeline, and the last table produces the final result.
When any table lookup produces no result, the pipeline
produces no result. The first and last characters of the
pipeline, and the last table produces the final result.
When any table lookup produces no result, the pipeline
produces no result. The first and last characters of the
"<a href="DATABASE_README.html#types">pipemap</a>:" table name must be "<b>{</b>" and "<b>}</b>". Within these,
individual maps are separated with comma or whitespace.
This feature is available with Postfix 3.0 and later.
<b>proxy</b> Postfix <a href="proxymap.8.html"><b>proxymap</b>(8)</a> client for shared access to Postfix
<b>proxy</b> Postfix <a href="proxymap.8.html"><b>proxymap</b>(8)</a> client for shared access to Postfix
databases. The table name syntax is <i>type</i><b>:</b><i>name</i>.
This feature is available with Postfix 2.0 and later.
<b>randmap</b> (read-only)
An in-memory table that performs random selection. Exam-
An in-memory table that performs random selection. Exam-
ple: "<b><a href="DATABASE_README.html#types">randmap</a>:{</b><i>result</i><b>_</b><i>1, ..., result</i><b>_</b><i>n</i><b>}</b>". Each table
query returns a random choice from the specified results.
The first and last characters of the "<a href="DATABASE_README.html#types">randmap</a>:" table
name must be "<b>{</b>" and "<b>}</b>". Within these, individual
The first and last characters of the "<a href="DATABASE_README.html#types">randmap</a>:" table
name must be "<b>{</b>" and "<b>}</b>". Within these, individual
results are separated with comma or whitespace. To give a
specific result more weight, specify it multiple times.
This feature is available with Postfix 3.0 and later.
<b>regexp</b> (read-only)
A lookup table based on regular expressions. The file
A lookup table based on regular expressions. The file
format is described in <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a>.
<b>sdbm</b> An indexed file type based on hashing. Available on sys-
@ -323,9 +324,9 @@ POSTCONF(1) POSTCONF(1)
This feature is available with Postfix 2.2 and later.
<b>socketmap</b> (read-only)
Sendmail-style socketmap client. The table name is
<b>inet</b>:<i>host</i>:<i>port</i>:<i>name</i> for a TCP/IP server, or <b>unix</b>:<i>path-</i>
<i>name</i>:<i>name</i> for a UNIX-domain server. This is described in
Sendmail-style socketmap client. The table name is
<b>inet</b>:<i>host</i>:<i>port</i>:<i>name</i> for a TCP/IP server, or <b>unix</b>:<i>path-</i>
<i>name</i>:<i>name</i> for a UNIX-domain server. This is described in
<a href="socketmap_table.5.html"><b>socketmap_table</b>(5)</a>.
This feature is available with Postfix 2.10 and later.
@ -336,12 +337,12 @@ POSTCONF(1) POSTCONF(1)
This feature is available with Postfix 2.8 and later.
<b>static</b> (read-only)
A table that always returns its name as lookup result.
A table that always returns its name as lookup result.
For example, <b><a href="DATABASE_README.html#types">static</a>:foobar</b> always returns the string <b>foo-</b>
<b>bar</b> as lookup result. Specify "<b><a href="DATABASE_README.html#types">static</a>:{</b> <i>text with white-</i>
<i>space</i> <b>}</b>" when the result contains whitespace; this form
ignores whitespace after "<b>{</b>" and before "<b>}</b>". See also the
<i><a href="DATABASE_README.html#types">inline</a>:</i> map.
<b>bar</b> as lookup result. Specify "<b><a href="DATABASE_README.html#types">static</a>:{</b> <i>text with white-</i>
<i>space</i> <b>}</b>" when the result contains whitespace; this form
ignores whitespace after the opening "<b>{</b>" and before the
closing "<b>}</b>". See also the <i><a href="DATABASE_README.html#types">inline</a>:</i> map.
The form "<b><a href="DATABASE_README.html#types">static</a>:{</b><i>text</i><b>}</b> is available with Postfix 3.0 and
later.
@ -350,58 +351,58 @@ POSTCONF(1) POSTCONF(1)
TCP/IP client. The protocol is described in <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.
<b>texthash</b> (read-only)
Produces similar results as <a href="DATABASE_README.html#types">hash</a>: files, except that you
don't need to run the <a href="postmap.1.html"><b>postmap</b>(1)</a> command before you can
use the file, and that it does not detect changes after
Produces similar results as <a href="DATABASE_README.html#types">hash</a>: files, except that you
don't need to run the <a href="postmap.1.html"><b>postmap</b>(1)</a> command before you can
use the file, and that it does not detect changes after
the file is read.
This feature is available with Postfix 2.8 and later.
<b>unionmap</b> (read-only)
A table that sends each query to multiple lookup tables
and that concatenates all found results, separated by
A table that sends each query to multiple lookup tables
and that concatenates all found results, separated by
comma. The table name syntax is the same as for <b>pipemap</b>.
This feature is available with Postfix 3.0 and later.
<b>unix</b> (read-only)
A limited view of the UNIX authentication database. The
A limited view of the UNIX authentication database. The
following tables are implemented:
<b>unix:passwd.byname</b>
The table is the UNIX password database. The key
is a login name. The result is a password file
The table is the UNIX password database. The key
is a login name. The result is a password file
entry in <b>passwd</b>(5) format.
<b>unix:group.byname</b>
The table is the UNIX group database. The key is a
group name. The result is a group file entry in
group name. The result is a group file entry in
<b>group</b>(5) format.
Other table types may exist depending on how Postfix was built.
Other table types may exist depending on how Postfix was built.
<b>-M</b> Show <a href="master.5.html"><b>master.cf</b></a> file contents instead of <a href="postconf.5.html"><b>main.cf</b></a> file contents.
<b>-M</b> Show <a href="master.5.html"><b>master.cf</b></a> file contents instead of <a href="postconf.5.html"><b>main.cf</b></a> file contents.
Specify <b>-Mf</b> to fold long lines for human readability.
Specify zero or more arguments, each with a <i>service-name</i> or <i>ser-</i>
<i>vice-name/service-type</i> pair, where <i>service-name</i> is the first
field of a <a href="master.5.html">master.cf</a> entry and <i>service-type</i> is one of (<b>inet</b>,
<i>vice-name/service-type</i> pair, where <i>service-name</i> is the first
field of a <a href="master.5.html">master.cf</a> entry and <i>service-type</i> is one of (<b>inet</b>,
<b>unix</b>, <b>fifo</b>, or <b>pass</b>).
If <i>service-name</i> or <i>service-name/service-type</i> is specified, only
the matching <a href="master.5.html">master.cf</a> entries will be output. For example,
"<b>postconf -Mf smtp</b>" will output all services named "smtp", and
"<b>postconf -Mf smtp/inet</b>" will output only the smtp service that
listens on the network. Trailing service type fields that are
If <i>service-name</i> or <i>service-name/service-type</i> is specified, only
the matching <a href="master.5.html">master.cf</a> entries will be output. For example,
"<b>postconf -Mf smtp</b>" will output all services named "smtp", and
"<b>postconf -Mf smtp/inet</b>" will output only the smtp service that
listens on the network. Trailing service type fields that are
omitted will be handled as "*" wildcard fields.
This feature is available with Postfix 2.9 and later. The syntax
was changed from "<i>name.type</i>" to "<i>name/type</i>", and "*" wildcard
was changed from "<i>name.type</i>" to "<i>name/type</i>", and "*" wildcard
support was added with Postfix 2.11.
<b>-n</b> Show only configuration parameters that have explicit <i>name=value</i>
settings in <a href="postconf.5.html"><b>main.cf</b></a>. Specify <b>-nf</b> to fold long lines for human
readability (Postfix 2.9 and later). To show settings that dif-
settings in <a href="postconf.5.html"><b>main.cf</b></a>. Specify <b>-nf</b> to fold long lines for human
readability (Postfix 2.9 and later). To show settings that dif-
fer from built-in defaults only, use the following bash syntax:
comm -23 &lt;(postconf -n) &lt;(postconf -d)
Replace "-23" with "-12" to show settings that duplicate
@ -416,38 +417,38 @@ POSTCONF(1) POSTCONF(1)
This feature is available with Postfix 2.11 and later.
<b>-P</b> Show <a href="master.5.html"><b>master.cf</b></a> service parameter settings (by default all ser-
vices and all parameters), formatted as "<i>service/type/parame-</i>
<b>-P</b> Show <a href="master.5.html"><b>master.cf</b></a> service parameter settings (by default all ser-
vices and all parameters), formatted as "<i>service/type/parame-</i>
<i>ter=value</i>", one per line. Specify <b>-Pf</b> to fold long lines.
Specify one or more "<i>service/type/parameter</i>" instances on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line to limit the output to parameters of
interest. Trailing parameter name or service type fields that
Specify one or more "<i>service/type/parameter</i>" instances on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line to limit the output to parameters of
interest. Trailing parameter name or service type fields that
are omitted will be handled as "*" wildcard fields.
This feature is available with Postfix 2.11 and later.
<b>-t</b> [<i>template</i><b>_</b><i>file</i>]
Display the templates for text that appears at the beginning of
delivery status notification (DSN) messages, without expanding
Display the templates for text that appears at the beginning of
delivery status notification (DSN) messages, without expanding
$<b>name</b> expressions.
To override the <b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a></b> parameter setting, specify
a template file name at the end of the "<b>postconf -t</b>" command
line. Specify an empty file name to display built-in templates
To override the <b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a></b> parameter setting, specify
a template file name at the end of the "<b>postconf -t</b>" command
line. Specify an empty file name to display built-in templates
(in shell language: "").
This feature is available with Postfix 2.3 and later.
<b>-T</b> <i>mode</i>
If Postfix is compiled without TLS support, the <b>-T</b> option pro-
duces no output. Otherwise, if an invalid <i>mode</i> is specified,
the <b>-T</b> option reports an error and exits with a non-zero status
If Postfix is compiled without TLS support, the <b>-T</b> option pro-
duces no output. Otherwise, if an invalid <i>mode</i> is specified,
the <b>-T</b> option reports an error and exits with a non-zero status
code. The valid modes are:
<b>compile-version</b>
Output the OpenSSL version that Postfix was compiled with
(i.e. the OpenSSL version in a header file). The output
(i.e. the OpenSSL version in a header file). The output
format is the same as with the command "<b>openssl version</b>".
<b>run-version</b>
@ -455,59 +456,59 @@ POSTCONF(1) POSTCONF(1)
runtime (i.e. the OpenSSL version in a shared library).
<b>public-key-algorithms</b>
Output the lower-case names of the supported public-key
Output the lower-case names of the supported public-key
algorithms, one per-line.
This feature is available with Postfix 3.1 and later.
<b>-v</b> Enable verbose logging for debugging purposes. Multiple <b>-v</b>
<b>-v</b> Enable verbose logging for debugging purposes. Multiple <b>-v</b>
options make the software increasingly verbose.
<b>-x</b> Expand <i>$name</i> in <a href="postconf.5.html"><b>main.cf</b></a> or <a href="master.5.html"><b>master.cf</b></a> parameter values. The
<b>-x</b> Expand <i>$name</i> in <a href="postconf.5.html"><b>main.cf</b></a> or <a href="master.5.html"><b>master.cf</b></a> parameter values. The
expansion is recursive.
This feature is available with Postfix 2.10 and later.
<b>-X</b> Edit the <a href="postconf.5.html"><b>main.cf</b></a> configuration file, and remove the parameters
<b>-X</b> Edit the <a href="postconf.5.html"><b>main.cf</b></a> configuration file, and remove the parameters
named on the <a href="postconf.1.html"><b>postconf</b>(1)</a> command line. Specify a list of param-
eter names, not "<i>name=value</i>" pairs.
With <b>-M</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and remove one
or more service entries as specified with "<i>service/type</i>" on the
With <b>-M</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and remove one
or more service entries as specified with "<i>service/type</i>" on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
With <b>-P</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and remove one
With <b>-P</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and remove one
or more service parameter settings (-o parameter=value settings)
as specified with "<i>service/type/parameter</i>" on the <a href="postconf.1.html"><b>postconf</b>(1)</a>
as specified with "<i>service/type/parameter</i>" on the <a href="postconf.1.html"><b>postconf</b>(1)</a>
command line.
In all cases the file is copied to a temporary file then renamed
into place. Specify quotes to protect special characters on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
There is no <a href="postconf.1.html"><b>postconf</b>(1)</a> command to perform the reverse opera-
tion.
This feature is available with Postfix 2.10 and later. Support
for -M and -P was added with Postfix 2.11.
<b>-#</b> Edit the <a href="postconf.5.html"><b>main.cf</b></a> configuration file, and comment out the parame-
ters named on the <a href="postconf.1.html"><b>postconf</b>(1)</a> command line, so that those param-
eters revert to their default values. Specify a list of parame-
ter names, not "<i>name=value</i>" pairs.
With <b>-M</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and comment out
one or more service entries as specified with "<i>service/type</i>" on
the <a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
In all cases the file is copied to a temporary file then renamed
into place. Specify quotes to protect special characters on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
There is no <a href="postconf.1.html"><b>postconf</b>(1)</a> command to perform the reverse opera-
tion.
This feature is available with Postfix 2.6 and later. Support
This feature is available with Postfix 2.10 and later. Support
for -M and -P was added with Postfix 2.11.
<b>-#</b> Edit the <a href="postconf.5.html"><b>main.cf</b></a> configuration file, and comment out the parame-
ters named on the <a href="postconf.1.html"><b>postconf</b>(1)</a> command line, so that those param-
eters revert to their default values. Specify a list of parame-
ter names, not "<i>name=value</i>" pairs.
With <b>-M</b>, edit the <a href="master.5.html"><b>master.cf</b></a> configuration file, and comment out
one or more service entries as specified with "<i>service/type</i>" on
the <a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
In all cases the file is copied to a temporary file then renamed
into place. Specify quotes to protect special characters on the
<a href="postconf.1.html"><b>postconf</b>(1)</a> command line.
There is no <a href="postconf.1.html"><b>postconf</b>(1)</a> command to perform the reverse opera-
tion.
This feature is available with Postfix 2.6 and later. Support
for -M was added with Postfix 2.11.
<b>DIAGNOSTICS</b>
@ -518,18 +519,18 @@ POSTCONF(1) POSTCONF(1)
Directory with Postfix configuration files.
<b>CONFIGURATION PARAMETERS</b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this pro-
gram.
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
The text below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for
more details including examples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#bounce_template_file">bounce_template_file</a> (empty)</b>
Pathname of a configuration file with bounce message templates.
Pathname of a configuration file with bounce message templates.
<b>FILES</b>
/etc/postfix/<a href="postconf.5.html">main.cf</a>, Postfix configuration parameters

6
postfix/html/postconf.5.html
View File

@ -3308,7 +3308,8 @@ time keeping on System-V-ish systems.
<p>
Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later. </p>
@ -3885,7 +3886,8 @@ environment. Examples of relevant parameters: </p>
<p> Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later. </p>

9
postfix/man/man1/postconf.1
View File

@ -274,8 +274,10 @@ with support for Berkeley DB databases.
A non\-shared, in\-memory lookup table. Example: "\fBinline:{
\fIkey\fB=\fIvalue\fB, { \fIkey\fB = \fItext with whitespace
or comma\fB }}\fR". Key\-value pairs are separated by
whitespace or comma; whitespace after "\fB{\fR" and before "\fB}\fR"
is ignored. Inline tables eliminate the need to create a
whitespace or comma; with a key\-value pair inside "\fB{}\fR",
whitespace is ignored after the opening "\fB{\fR", around
the "\fB=\fR" between key and value, and before the closing
"\fB}\fR". Inline tables eliminate the need to create a
database file for just a few fixed elements. See also the
\fIstatic:\fR map type.
@ -359,7 +361,8 @@ A table that always returns its name as lookup result. For
example, \fBstatic:foobar\fR always returns the string
\fBfoobar\fR as lookup result. Specify "\fBstatic:{ \fItext
with whitespace\fB }\fR" when the result contains whitespace;
this form ignores whitespace after "\fB{\fR" and before
this form ignores whitespace after the opening "\fB{\fR"
and before the closing
"\fB}\fR". See also the \fIinline:\fR map.
The form "\fBstatic:{\fItext\fB}\fR is available with Postfix

6
postfix/man/man5/postconf.5
View File

@ -2071,7 +2071,8 @@ time keeping on System\-V\-ish systems.
.PP
Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later.
@ -2409,7 +2410,8 @@ Needed to make "\fBpostfix \-c\fR" work.
.PP
Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later.

2
postfix/man/man8/pipe.8
View File

@ -201,7 +201,7 @@ shell meta characters by a shell command interpreter.
.sp
Specify "{" and "}" around command arguments that contain
whitespace (Postfix 3.0 and later). Whitespace
after "{" and before "}" is ignored.
after the opening "{" and before the closing "}" is ignored.
.sp
In the command argument vector, the following macros are recognized
and replaced with corresponding information from the Postfix queue

9
postfix/proto/DATABASE_README.html
View File

@ -317,8 +317,10 @@ name as used in "hash:table" is the database file name without the
<dd> A non-shared, in-memory lookup table. Example: "inline:{
<i>key=value</i>, { <i>key = text with whitespace or comma</i> }}".
Key-value pairs are separated by whitespace or comma; whitespace
after "{" and before "}" is ignored. Inline tables eliminate the
Key-value pairs are separated by whitespace or comma; with a key-value
pair inside "{}", whitespace is ignored after the opening "{",
around the "=" between key and value, and before the closing "}".
Inline tables eliminate the
need to create a database file for just a few fixed elements. See
also the static: map type. </dd>
@ -436,7 +438,8 @@ server. See socketmap_table(5) for details. </dd>
For example, "static:foobar" always returns the string "foobar" as
lookup result. Specify "static:{ <i>text with whitespace</i> }"
when the result contains whitespace; this form ignores whitespace
after "{" and before "}". See also the inline: map type. </dd>
after the opening "{" and before the closing "}". See also the
inline: map type. </dd>
<dt> <b>tcp</b> </dt>

6
postfix/proto/postconf.proto
View File

@ -1447,7 +1447,8 @@ time keeping on System-V-ish systems.
<p>
Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later. </p>
@ -1918,7 +1919,8 @@ environment. Examples of relevant parameters: </p>
<p> Specify a list of names and/or name=value pairs, separated by
whitespace or comma. Specify "{ name=value }" to protect whitespace
or comma in parameter values (whitespace after "{" and before "}"
or comma in parameter values (whitespace after the opening "{" and
before the closing "}"
is ignored). The form name=value is supported with Postfix version
2.1 and later; the use of {} is supported with Postfix 3.0 and
later. </p>

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20181123"
#define MAIL_RELEASE_DATE "20181125"
#define MAIL_VERSION_NUMBER "3.4"
#ifdef SNAPSHOT

2
postfix/src/pipe/pipe.c
View File

@ -191,7 +191,7 @@
/* .sp
/* Specify "{" and "}" around command arguments that contain
/* whitespace (Postfix 3.0 and later). Whitespace
/* after "{" and before "}" is ignored.
/* after the opening "{" and before the closing "}" is ignored.
/* .sp
/* In the command argument vector, the following macros are recognized
/* and replaced with corresponding information from the Postfix queue

9
postfix/src/postconf/postconf.c
View File

@ -268,8 +268,10 @@
/* A non-shared, in-memory lookup table. Example: "\fBinline:{
/* \fIkey\fB=\fIvalue\fB, { \fIkey\fB = \fItext with whitespace
/* or comma\fB }}\fR". Key-value pairs are separated by
/* whitespace or comma; whitespace after "\fB{\fR" and before "\fB}\fR"
/* is ignored. Inline tables eliminate the need to create a
/* whitespace or comma; with a key-value pair inside "\fB{}\fR",
/* whitespace is ignored after the opening "\fB{\fR", around
/* the "\fB=\fR" between key and value, and before the closing
/* "\fB}\fR". Inline tables eliminate the need to create a
/* database file for just a few fixed elements. See also the
/* \fIstatic:\fR map type.
/*
@ -353,7 +355,8 @@
/* example, \fBstatic:foobar\fR always returns the string
/* \fBfoobar\fR as lookup result. Specify "\fBstatic:{ \fItext
/* with whitespace\fB }\fR" when the result contains whitespace;
/* this form ignores whitespace after "\fB{\fR" and before
/* this form ignores whitespace after the opening "\fB{\fR"
/* and before the closing
/* "\fB}\fR". See also the \fIinline:\fR map.
/*
/* The form "\fBstatic:{\fItext\fB}\fR is available with Postfix

27
postfix/src/tlsproxy/tlsproxy.c
View File

@ -1026,10 +1026,10 @@ static int tlsp_client_init(TLS_APPL_STATE **client_appl_state,
/*
* Use one TLS_APPL_STATE object for all requests that specify the same
* TLS_CLIENT_INIT_PROPS. Each TLS_APPL_STATE owns an SSL_CTX, which is
* expensive.
* expensive to create.
*
* First, compute the TLS_APPL_STATE cache lookup key. Save a copy of the
* key that corresponds to the pre-jail internal call, which uses the
* key that corresponds to the pre-jail internal request, which uses the
* tlsproxy_client_* settings.
*/
buf = vstring_alloc(100);
@ -1042,9 +1042,9 @@ static int tlsp_client_init(TLS_APPL_STATE **client_appl_state,
/*
* Log a warning if a post-jail request differs from the tlsproxy_client_*
* settings AND the request specifies file or directory arguments. Those
* are problematic after chroot (pathname resolution) and after dropping
* privileges (key files must be root read-only).
* settings AND the request specifies file/directory pathname arguments.
* Those are problematic after chroot (pathname resolution) and after
* dropping privileges (key files must be root read-only).
*
* We can eliminate this complication by adding code that opens a cert/key
* lookup table at pre-jail time, and by reading cert/key info on-the-fly
@ -1410,17 +1410,20 @@ static void pre_jail_init(char *unused_name, char **unused_argv)
* for the minority of sites that want to use TLS connection caching with
* multiple TLS client identities. To alert the operator, tlsproxy will
* log a warning when a TLS_CLIENT_INIT message specifies a different
* configuration with cert or key pathnames. The workaround is to have
* one tlsproxy process per TLS client identity.
* configuration than the tlsproxy pre-jail client configuration, and
* that different configuration specifies file/directory pathname
* arguments. The workaround is to have one tlsproxy process per TLS
* client identity.
*
* The general solution for single-identity or multi-identity clients is to
* stop loading certs and keys from individual files. Instead, have a
* cert/key map, indexed by client identity, read-only by root. After
* opening the map at pre-jail time, tlsproxy can read certs/keys
* on-the-fly at post-jail time. This is the approach that was already
* proposed for server-side SNI support, and it could be reused here. It
* would also end the proliferation of RSA cert/key parameters, DSA
* cert/key parameters, EC cert/key parameters, and so on.
* opening the map as root at pre-jail time, tlsproxy can read certs/keys
* on-the-fly as an unprivileged process at post-jail time. This is the
* approach that was already proposed for server-side SNI support, and it
* could be reused here. It would also end the proliferation of RSA
* cert/key parameters, DSA cert/key parameters, EC cert/key parameters,
* and so on.
*
* Horror: In order to create the same pre-jail TLS client context as the
* one used in the Postfix SMTP client, we have to duplicate intricate

75
postfix/src/util/dict_file.c
View File

@ -8,11 +8,11 @@
/*
/* VSTRING *dict_file_to_buf(
/* DICT *dict,
/* const char *pathname)
/* const char *pathnames)
/*
/* VSTRING *dict_file_to_b64(
/* DICT *dict,
/* const char *pathname)
/* const char *pathnames)
/*
/* VSTRING *dict_file_from_b64(
/* DICT *dict,
@ -24,11 +24,15 @@
/* void dict_file_purge_buffers(
/* DICT *dict)
/* DESCRIPTION
/* dict_file_to_buf() reads the content of the specified file.
/* dict_file_to_buf() reads the content of the specified
/* files, with names separated by CHARS_COMMA_SP, while inserting
/* a gratuitous newline character between files.
/* It returns a pointer to a buffer which is owned by the DICT,
/* or a null pointer in case of error.
/*
/* dict_file_to_b64() reads the content of the specified file,
/* dict_file_to_b64() reads the content of the specified
/* files, with names separated by CHARS_COMMA_SP, while inserting
/* a gratuitous newline character between files,
/* and converts the result to base64.
/* It returns a pointer to a buffer which is owned by the DICT,
/* or a null pointer in case of error.
@ -81,50 +85,71 @@
#define STR(x) vstring_str(x)
#define LEN(x) VSTRING_LEN(x)
/* dict_file_to_buf - read a file into a buffer */
/* dict_file_to_buf - read files into a buffer */
VSTRING *dict_file_to_buf(DICT *dict, const char *pathname)
VSTRING *dict_file_to_buf(DICT *dict, const char *pathnames)
{
struct stat st;
VSTREAM *fp;
VSTREAM *fp = 0;
ARGV *argv;
char **cpp;
/* dict_file_to_buf() postcondition: dict->file_buf exists. */
if (dict->file_buf == 0)
dict->file_buf = vstring_alloc(100);
if ((fp = vstream_fopen(pathname, O_RDONLY, 0)) == 0
|| fstat(vstream_fileno(fp), &st) < 0) {
vstring_sprintf(dict->file_buf, "open %s: %m", pathname);
if (fp)
vstream_fclose(fp);
return (0);
#define DICT_FILE_ERR_RETURN do { \
argv_free(argv); \
if (fp) vstream_fclose(fp); \
return (0); \
} while (0);
argv = argv_split(pathnames, CHARS_COMMA_SP);
if (argv->argc == 0) {
vstring_sprintf(dict->file_buf, "empty pathname list: >>%s<<'",
pathnames);
DICT_FILE_ERR_RETURN;
}
VSTRING_RESET(dict->file_buf);
VSTRING_SPACE(dict->file_buf, st.st_size);
if (vstream_fread(fp, STR(dict->file_buf), st.st_size) != st.st_size) {
vstring_sprintf(dict->file_buf, "read %s: %m", pathname);
vstream_fclose(fp);
return (0);
for (cpp = argv->argv; *cpp; cpp++) {
if ((fp = vstream_fopen(*cpp, O_RDONLY, 0)) == 0
|| fstat(vstream_fileno(fp), &st) < 0) {
vstring_sprintf(dict->file_buf, "open %s: %m", *cpp);
DICT_FILE_ERR_RETURN;
}
if (st.st_size > SSIZE_T_MAX - LEN(dict->file_buf)) {
vstring_sprintf(dict->file_buf, "file too large: %s", pathnames);
DICT_FILE_ERR_RETURN;
}
VSTRING_SPACE(dict->file_buf, st.st_size);
if (vstream_fread(fp, STR(dict->file_buf) + LEN(dict->file_buf),
st.st_size) != st.st_size) {
vstring_sprintf(dict->file_buf, "read %s: %m", *cpp);
DICT_FILE_ERR_RETURN;
}
(void) vstream_fclose(fp);
VSTRING_AT_OFFSET(dict->file_buf, LEN(dict->file_buf) + st.st_size);
if (cpp[1] != 0)
VSTRING_ADDCH(dict->file_buf, '\n');
}
(void) vstream_fclose(fp);
VSTRING_AT_OFFSET(dict->file_buf, st.st_size);
argv_free(argv);
VSTRING_TERMINATE(dict->file_buf);
return (dict->file_buf);
}
/* dict_file_to_b64 - read a file into a base64-encoded buffer */
/* dict_file_to_b64 - read files into a base64-encoded buffer */
VSTRING *dict_file_to_b64(DICT *dict, const char *pathname)
VSTRING *dict_file_to_b64(DICT *dict, const char *pathnames)
{
ssize_t helper;
if (dict_file_to_buf(dict, pathname) == 0)
if (dict_file_to_buf(dict, pathnames) == 0)
return (0);
if (dict->file_b64 == 0)
dict->file_b64 = vstring_alloc(100);
helper = (VSTRING_LEN(dict->file_buf) + 2) / 3;
helper = (LEN(dict->file_buf) + 2) / 3;
if (helper > SSIZE_T_MAX / 4) {
vstring_sprintf(dict->file_buf, "file too large: %s", pathname);
vstring_sprintf(dict->file_buf, "file too large: %s", pathnames);
return (0);
}
VSTRING_RESET(dict->file_b64);

1
postfix/src/util/dict_pcre_file.in
View File

@ -1,3 +1,4 @@
get file1
get file2
get file3
get files12

3
postfix/src/util/dict_pcre_file.map
View File

@ -1,3 +1,6 @@
/file1/ dict_pcre_file1
/file2/ dict_pcre_file2
/file3/ dict_pcre_file3
/files12/ dict_pcre_file1, dict_pcre_file2
/files13/ dict_pcre_file1, dict_pcre_file3
/file-comma/ ,

4
postfix/src/util/dict_pcre_file.ref
View File

@ -1,4 +1,6 @@
./dict_open: warning: pcre map dict_pcre_file.map, line 3: open dict_pcre_file3: No such file or directory: skipping this rule
./dict_open: warning: pcre map dict_pcre_file.map, line 5: open dict_pcre_file3: No such file or directory: skipping this rule
./dict_open: warning: pcre map dict_pcre_file.map, line 6: empty pathname list: >>,<<': skipping this rule
owner=untrusted (uid=USER)
> get file1
file1=dGhpcy1pcy1maWxlMQo=
@ -6,3 +8,5 @@ file1=dGhpcy1pcy1maWxlMQo=
file2=dGhpcy1pcy1maWxlMgo=
> get file3
file3: not found
> get files12
files12=dGhpcy1pcy1maWxlMQoKdGhpcy1pcy1maWxlMgo=