mirror of
https://github.com/vdukhovni/postfix
synced 2025-08-29 13:18:12 +00:00
postfix-2.2-20041022
This commit is contained in:
parent
f2ffad66ca
commit
d9f316cf24
@ -9776,27 +9776,22 @@ Apologies for any names omitted.
|
||||
|
||||
20041014-21
|
||||
|
||||
By default, Postfix no longer appends the local domain to
|
||||
incomplete message header addresses from remote clients.
|
||||
Thus, spam from badly written software no longer looks like
|
||||
it came from a local user.
|
||||
|
||||
Instead, Postfix either does not rewrite headers from remote
|
||||
clients at all, or it appends the domain name that is
|
||||
specified with the new invalid_rewrite_context_domain
|
||||
Postfix no longer appends the local domain to header
|
||||
addresses from remote clients. Instead, Postfix either
|
||||
does not rewrite those headers at all, or it appends the
|
||||
domain specified with the new remote_header_rewrite_domain
|
||||
parameter.
|
||||
|
||||
Postfix still appends $@myorigin or .$mydomain to headers
|
||||
in mail from Postfix sendmail, from clients listed with
|
||||
the local_rewrite_context_clients parameter (default:
|
||||
from the Postfix sendmail command, or from clients listed
|
||||
with the new local_header_rewrite_clients parameter (default:
|
||||
permit_mynetworks, permit_sasl_authenticated).
|
||||
|
||||
The context specified with remote_rewrite_context_name is
|
||||
used for all other clients. The default setting is backwards
|
||||
compatible to avoid surprises.
|
||||
20041016
|
||||
|
||||
Postfix still appends $@myorigin or .$mydomain when rewriting
|
||||
incomplete envelope addresses.
|
||||
Bugfix: attr_clnt_request() did not properly skip hash
|
||||
table arguments. Luc Pardon, Skopos Consulting. File:
|
||||
util/attr_clnt.c.
|
||||
|
||||
20041018
|
||||
|
||||
@ -9807,18 +9802,21 @@ Apologies for any names omitted.
|
||||
|
||||
Support for Errors-To: is permanently removed.
|
||||
|
||||
Open problems:
|
||||
20041022
|
||||
|
||||
High: document master(5) for generic daemon options.
|
||||
Bugfix: "smtp_connection_cache_on_demand=no" could crash
|
||||
the SMTP client. File: smtp/smtp_connect.c.
|
||||
|
||||
Robustness: extra sanity checks. Files: util/dict_db.c,
|
||||
util/dict_dbm.c.
|
||||
|
||||
Open problems:
|
||||
|
||||
Low: reject HELO with any domain name that this MTA is
|
||||
final destination for.
|
||||
|
||||
Low: should the Delivered-To: test in local(8) be configurable?
|
||||
|
||||
Low: append a different domain (like, address.invalid) for
|
||||
mail from clients not in mynetworks.
|
||||
|
||||
Low: document propagate_unmatched_extensions in aliases(5)
|
||||
etc.
|
||||
|
||||
@ -9849,9 +9847,6 @@ Open problems:
|
||||
all MXes return a quick ECONNRESET or 4xx reply during the
|
||||
initial handshake.
|
||||
|
||||
Low: add msg_panic() guard to ensure that at least one of
|
||||
DICT_FLAG_TRY1NULL or DICT_FLAG_TRY1NULL is set upon lookup.
|
||||
|
||||
Low: make post-install a "postfix-only script" so it can
|
||||
take data from the environment instead of main.cf.
|
||||
|
||||
|
@ -166,6 +166,12 @@ table, it first rewrites the address to the standard
|
||||
rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the
|
||||
number of entries needed in lookup tables.
|
||||
|
||||
Postfix versions 2.2 and later do not rewrite message headers from remote SMTP
|
||||
clients at all, unless a non-empty domain name is specified with the
|
||||
remote_header_rewrite_domain configuration parameter. The
|
||||
local_header_rewrite_clients parameter controls what SMTP clients Postfix
|
||||
considers local.
|
||||
|
||||
The Postfix trivial-rewrite(8) daemon implements the following hard-coded
|
||||
address manipulations:
|
||||
|
||||
@ -193,6 +199,10 @@ address manipulations:
|
||||
of Postfix components expect that all addresses have the form
|
||||
"user@domain".
|
||||
|
||||
Postfix versions 2.2 and later do not rewrite message headers from
|
||||
remote SMTP clients at all, or they append the domain name specified
|
||||
with the remote_header_rewrite_domain configuration parameter.
|
||||
|
||||
If your machine is not the main machine for $myorigin and you wish to
|
||||
have some users delivered locally without going via that main machine,
|
||||
make an entry in the virtual alias table that redirects
|
||||
@ -204,8 +214,12 @@ address manipulations:
|
||||
(default: yes). The purpose is to get consistent treatment of different
|
||||
forms of the same hostname.
|
||||
|
||||
Some will argue that rewriting "host" to "host.$mydomain" is bad. That
|
||||
is why it can be turned off. Others like the convenience of having the
|
||||
Postfix versions 2.2 and later do not rewrite message headers from
|
||||
remote clients at all, or they append the domain name specified with
|
||||
the remote_header_rewrite_domain configuration parameter.
|
||||
|
||||
Some will argue that rewriting "host" to "host.domain" is bad. That is
|
||||
why it can be turned off. Others like the convenience of having the
|
||||
local domain appended automatically.
|
||||
|
||||
Rewrite "user@site." to "user@site" (without the trailing dot).
|
||||
@ -219,6 +233,12 @@ message envelopes and in message headers. By default all header and envelope
|
||||
addresses are rewritten; this is controlled with the canonical_classes
|
||||
configuration parameter.
|
||||
|
||||
Postfix versions 2.2 and later do not rewrite message headers from remote
|
||||
clients at all, unless a non-empty domain name is specified with the
|
||||
remote_header_rewrite_domain configuration parameter. The
|
||||
local_header_rewrite_clients parameter controls what SMTP clients Postfix
|
||||
considers local.
|
||||
|
||||
Address rewriting is done for local and remote addresses. The mapping is useful
|
||||
to replace login names by "Firstname.Lastname" style addresses, or to clean up
|
||||
invalid domains in mail addresses produced by legacy mail systems.
|
||||
@ -277,6 +297,12 @@ Address masquerading is a method to hide hosts inside a domain behind their
|
||||
mail gateway, and to make it appear as if the mail comes from the gateway
|
||||
itself, instead of from individual machines.
|
||||
|
||||
Postfix versions 2.2 and later do not rewrite message headers from remote SMTP
|
||||
clients at all, unless a non-empty domain name is specified with the
|
||||
remote_header_rewrite_domain configuration parameter. The
|
||||
local_header_rewrite_clients parameter controls what SMTP clients Postfix
|
||||
considers local.
|
||||
|
||||
Address masquerading is disabled by default, and is implemented by the cleanup
|
||||
(8) server. To enable, edit the masquerade_domains parameter in the main.cf
|
||||
file and specify one or more domain names separated by whitespace or commas.
|
||||
|
@ -7,54 +7,53 @@ snapshot release). Patches are issued for the official release
|
||||
and change the patchlevel and the release date. Patches are never
|
||||
issued for snapshot releases.
|
||||
|
||||
Incompatible changes with snapshot Postfix-2.2-20041019
|
||||
Incompatible changes with snapshot Postfix-2.2-20041022
|
||||
=======================================================
|
||||
|
||||
You must reload or restart Postfix, because the protocol between
|
||||
queue manager and delivery agents has changed. If you forget this,
|
||||
mail will remain queued until you restart/reload Postfix.
|
||||
You must reload or stop/start Postfix, because the queue manager
|
||||
to delivery agent protocol has changed. If you forget this, mail
|
||||
will remain queued until the queue manager is restarted.
|
||||
|
||||
Support for return addresses in the non-standard Errors-To: message
|
||||
headers is removed. It was already disabled by default with Postfix
|
||||
version 2.1. Since it is non-standard, there was no guarantee that
|
||||
it would have effect on other MTAs.
|
||||
Support for the non-standard Errors-To: return addresses is removed.
|
||||
It was already disabled by default with Postfix version 2.1. Since
|
||||
Errors-To: is non-standard, there was no guarantee that it would
|
||||
have effect with other MTAs.
|
||||
|
||||
Major changes with snapshot Postfix-2.2-20041019
|
||||
Major changes with snapshot Postfix-2.2-20041022
|
||||
================================================
|
||||
|
||||
The NIS+ client by Geoff Gibbs is now part of the Postfix source
|
||||
tree. Details are given in the nisplus_table(5) manual page.
|
||||
|
||||
Message header address rewriting contexts. These control what
|
||||
domains are appended to incomplete addresses in message headers,
|
||||
and whether headers are rewritten at all.
|
||||
By default, Postfix no longer appends the local domain to addresses
|
||||
in message headers from remote clients. Thus, spam from poorly
|
||||
written software no longer looks like it came from a local user.
|
||||
|
||||
- "local": Append the domain names in myorigin or mydomain to
|
||||
incomplete addresses in message headers.
|
||||
Postfix either does not rewrite remote message headers at all, or
|
||||
it rewrites headers and appends the domain name that is specified
|
||||
with the remote_header_rewrite_domain parameter (like "domain.invalid").
|
||||
|
||||
- "invalid": append "domain.invalid" (or whatever is specified
|
||||
with the invalid_header_rewrite_context_domain parameter) to
|
||||
incomplete addresses in message headers,
|
||||
To get the behavior of earlier Postfix versions specify
|
||||
|
||||
- "none": disable header address rewriting (don't even do canonical
|
||||
mapping or address masquerading).
|
||||
/etc/postfix/main.cf:
|
||||
local_header_rewrite_clients = static:all
|
||||
|
||||
The "local" address rewriting context is used for mail submitted
|
||||
with the Postfix sendmail command, for mail from clients that match
|
||||
$local_header_rewrite_context_clients (default: $mynetworks), and
|
||||
for mail from SASL authenticated clients. It is not automatically
|
||||
used for pop-before-smtp clients; you'll have to specify their
|
||||
lookup table via the local_header_rewrite_context_clients parameter.
|
||||
Postfix always appends local domain information in message headers
|
||||
from Postfix sendmail and from local clients.
|
||||
|
||||
The smtpd_remote_header_rewrite_context parameter specifies the
|
||||
address rewriting context for remote mail. The backwards compatible
|
||||
default is "local". Purists will specify "none", so that Postfix
|
||||
does not modify headers (not even with canonical mappings or address
|
||||
masquerading).
|
||||
By default, Postfix considers a client local when its address
|
||||
matches mynetworks, or when it is SASL or TLS authenticated. If
|
||||
you want to include a pop-before-smtp table, then you have to
|
||||
specify that via the new local_header_rewrite_clients parameter:
|
||||
|
||||
Postix always uses the "local" context for envelope addresses,
|
||||
because an unqualified address is effectively local when someone
|
||||
attempts to reply to it.
|
||||
/etc/postfix/main.cf:
|
||||
local_header_rewrite_clients = permit_mynetworks,
|
||||
permit_sasl_authenticated, permit_tls_clientcerts,
|
||||
check_address_map hash:/etc/postfix/pop-before-smtp
|
||||
|
||||
As before, Postfix appends local domain information to envelope
|
||||
addresses, because an unqualified address is effectively local when
|
||||
someone attempts to reply to it.
|
||||
|
||||
Incompatible changes with snapshot Postfix-2.2-20041009
|
||||
=======================================================
|
||||
|
@ -339,6 +339,12 @@ mapping lookup table, it first rewrites the address to the standard
|
||||
form is to reduce the number of entries needed in lookup tables.
|
||||
</p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, unless a non-empty domain name is
|
||||
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
|
||||
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> The Postfix <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon implements the following
|
||||
hard-coded address manipulations: </p>
|
||||
|
||||
@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature,
|
||||
because a lot of Postfix components expect that all addresses have
|
||||
the form "user@domain". </p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, or they append the domain name
|
||||
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
|
||||
parameter. </p>
|
||||
|
||||
<p> If your machine is not the main machine for $<a href="postconf.5.html#myorigin">myorigin</a> and you
|
||||
wish to have some users delivered locally without going via that
|
||||
main machine, make an entry in the <a href="#virtual">virtual
|
||||
@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$<a href="postconf.5.html#mydomain">mydomain</
|
||||
parameter (default: yes). The purpose is to get consistent treatment
|
||||
of different forms of the same hostname. </p>
|
||||
|
||||
<p> Some will argue that rewriting "host" to "host.$<a href="postconf.5.html#mydomain">mydomain</a>"
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote clients at all, or they append the domain name specified
|
||||
with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter. </p>
|
||||
|
||||
<p> Some will argue that rewriting "host" to "host.domain"
|
||||
is bad. That is why it can be turned off. Others like the convenience
|
||||
of having the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> appended automatically. </p> </dd>
|
||||
|
||||
@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default
|
||||
all header and envelope addresses are rewritten; this is controlled
|
||||
with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> configuration parameter. </p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote clients at all, unless a non-empty domain name is
|
||||
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
|
||||
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> Address rewriting is
|
||||
done for local and remote addresses. The mapping is useful to
|
||||
replace login names by "Firstname.Lastname" style addresses, or to
|
||||
@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail
|
||||
comes from the gateway itself, instead of from individual machines.
|
||||
</p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, unless a non-empty domain name is
|
||||
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
|
||||
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> Address masquerading is disabled by default, and is implemented
|
||||
by the <a href="cleanup.8.html">cleanup(8)</a> server. To enable, edit the <a href="postconf.5.html#masquerade_domains">masquerade_domains</a>
|
||||
parameter in the main.cf file and specify one or more domain names
|
||||
|
@ -196,6 +196,7 @@ ANVIL(8) ANVIL(8)
|
||||
<b>SEE ALSO</b>
|
||||
<a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
|
||||
<b>README FILES</b>
|
||||
<a href="TUNING_README.html">TUNING_README</a>, performance tuning
|
||||
|
@ -147,6 +147,7 @@ BOUNCE(8) BOUNCE(8)
|
||||
<b>SEE ALSO</b>
|
||||
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -363,6 +363,7 @@ CLEANUP(8) CLEANUP(8)
|
||||
<a href="canonical.5.html">canonical(5)</a>, canonical address lookup table format
|
||||
<a href="virtual.5.html">virtual(5)</a>, virtual alias lookup table format
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -104,6 +104,7 @@ DISCARD(8) DISCARD(8)
|
||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||
<a href="error.8.html">error(8)</a>, Postfix error delivery agent
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -118,6 +118,7 @@ ERROR(8) ERROR(8)
|
||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||
<a href="discard.8.html">discard(8)</a>, Postfix discard delivery agent
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -157,6 +157,7 @@ FLUSH(8) FLUSH(8)
|
||||
<a href="smtpd.8.html">smtpd(8)</a>, SMTP server
|
||||
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -197,7 +197,7 @@ LMTP(8) LMTP(8)
|
||||
The LMTP client time limit for sending the LMTP
|
||||
".", and for receiving the server response.
|
||||
|
||||
<b><a href="postconf.5.html#lmtp_rset_timeout">lmtp_rset_timeout</a> (120s)</b>
|
||||
<b><a href="postconf.5.html#lmtp_rset_timeout">lmtp_rset_timeout</a> (20s)</b>
|
||||
The LMTP client time limit for sending the RSET
|
||||
command, and for receiving the server response.
|
||||
|
||||
@ -260,6 +260,7 @@ LMTP(8) LMTP(8)
|
||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
services(4), Internet services and aliases
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
@ -526,6 +526,7 @@ LOCAL(8) LOCAL(8)
|
||||
<a href="postalias.1.html">postalias(1)</a>, create/update alias database
|
||||
<a href="aliases.5.html">aliases(5)</a>, format of alias database
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
syslogd(8), system logging
|
||||
|
||||
<b>LICENSE</b>
|
||||
|
@ -312,6 +312,7 @@ OQMGR(8) OQMGR(8)
|
||||
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing
|
||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8) system logging
|
||||
|
||||
|
@ -58,7 +58,7 @@ PICKUP(8) PICKUP(8)
|
||||
|
||||
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
|
||||
Enable or disable recipient validation, built-in
|
||||
content filtering, or address rewriting.
|
||||
content filtering, or address mapping.
|
||||
|
||||
<b>MISCELLANEOUS CONTROLS</b>
|
||||
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
|
||||
@ -113,6 +113,7 @@ PICKUP(8) PICKUP(8)
|
||||
<a href="sendmail.1.html">sendmail(1)</a>, Sendmail-compatible interface
|
||||
<a href="postdrop.1.html">postdrop(1)</a>, mail posting agent
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -350,6 +350,7 @@ PIPE(8) PIPE(8)
|
||||
<a href="qmgr.8.html">qmgr(8)</a>, queue manager
|
||||
<a href="bounce.8.html">bounce(8)</a>, delivery status reports
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
<a href="master.8.html">master(8)</a>, process manager
|
||||
syslogd(8), system logging
|
||||
|
||||
|
@ -3075,9 +3075,10 @@ into concurrency per domain. </p>
|
||||
<DT><b><a name="local_header_rewrite_clients">local_header_rewrite_clients</a>
|
||||
(default: see "postconf -d" output)</b></DT><DD>
|
||||
|
||||
<p> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to incomplete
|
||||
message header addresses from these clients; append
|
||||
$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> for all other clients. </p>
|
||||
<p> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to message
|
||||
header addresses from these clients only; either don't rewrite
|
||||
message headers from other clients at all, or append the domain
|
||||
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter. </p>
|
||||
|
||||
<p> Specify a list of zero or more of the following: </p>
|
||||
|
||||
@ -3124,9 +3125,27 @@ for pop-before-smtp lookup tables. </dd>
|
||||
|
||||
<p> Examples: </p>
|
||||
|
||||
<p> The backwards compatible setting: always rewrite message headers,
|
||||
and always append my own domain to incomplete header addresses. </p>
|
||||
|
||||
<pre>
|
||||
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all
|
||||
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>
|
||||
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all
|
||||
</pre>
|
||||
|
||||
<p> The default setting: rewrite headers and append my own domain
|
||||
only with mail from local or authorized clients. </p>
|
||||
|
||||
<pre>
|
||||
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
|
||||
<a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
|
||||
</pre>
|
||||
|
||||
<p> Include clients that are pop-before-smtp authenticated: </p>
|
||||
|
||||
<pre>
|
||||
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
|
||||
<a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
|
||||
<a href="postconf.5.html#check_address_map">check_address_map</a> hash:/etc/postfix/pop-before-smtp
|
||||
</pre>
|
||||
|
||||
|
||||
@ -5046,13 +5065,28 @@ Examples:
|
||||
</DD>
|
||||
|
||||
<DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
|
||||
(default: domain.invalid)</b></DT><DD>
|
||||
(default: empty)</b></DT><DD>
|
||||
|
||||
<p> Append this domain name to incomplete message header addresses
|
||||
from remote clients; when this domain name is empty, don't rewrite
|
||||
remote message headers at all. Both stop Postfix from appending
|
||||
your own domain to addresses in spam from poorly written software.
|
||||
</p>
|
||||
<p> Don't rewrite message headers from remote clients at all when
|
||||
this parameter is empty; otherwise, rewrite remote message headers
|
||||
and append the specified domain name to incomplete addresses. </p>
|
||||
|
||||
<p> Examples: </p>
|
||||
|
||||
<p> The safe setting: append "domain.invalid" to incomplete header
|
||||
addresses from remote SMTP clients, so that those addresses cannot
|
||||
be confused with local addresses. </p>
|
||||
|
||||
<pre>
|
||||
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> = domain.invalid
|
||||
</pre>
|
||||
|
||||
<p> The default, purist, setting: don't rewrite headers from remote
|
||||
clients at all. </p>
|
||||
|
||||
<pre>
|
||||
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> =
|
||||
</pre>
|
||||
|
||||
|
||||
</DD>
|
||||
|
@ -88,8 +88,8 @@ PROXYMAP(8) PROXYMAP(8)
|
||||
latency lookups.
|
||||
|
||||
<b>CONFIGURATION PARAMETERS</b>
|
||||
On busy mail systems a long time may pass before prox-
|
||||
ymap(8) relevant changes to <b>main.cf</b> are picked up. Use the
|
||||
On busy mail systems a long time may pass before <a href="proxymap.8.html">prox-</a>
|
||||
<a href="proxymap.8.html">ymap(8)</a> relevant changes to <b>main.cf</b> are picked up. Use the
|
||||
command "<b>postfix reload</b>" to speed up a change.
|
||||
|
||||
The text below provides only a parameter summary. See
|
||||
@ -129,8 +129,15 @@ PROXYMAP(8) PROXYMAP(8)
|
||||
The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is
|
||||
allowed to access.
|
||||
|
||||
<b>SEE ALSO</b>
|
||||
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
|
||||
<a href="master.5.html">master(5)</a>, generic daemon options
|
||||
|
||||
<b>README FILES</b>
|
||||
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>HISTORY</b>
|
||||
|
@ -112,37 +112,38 @@ SMTPD(8) SMTPD(8)
|
||||
|
||||
<b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (see 'postconf -d' output)</b>
|
||||
Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to
|
||||
incomplete message header addresses from these
|
||||
clients; append $<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> for
|
||||
all other clients.
|
||||
message header addresses from these clients only;
|
||||
either don't rewrite message headers from other
|
||||
clients at all, or append the domain specified with
|
||||
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter.
|
||||
|
||||
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (domain.invalid)</b>
|
||||
Append this domain name to incomplete message
|
||||
header addresses from remote clients; when this
|
||||
domain name is empty, don't rewrite remote message
|
||||
headers at all.
|
||||
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
|
||||
Don't rewrite message headers from remote clients
|
||||
at all when this parameter is empty; otherwise,
|
||||
rewrite remote message headers and append the spec-
|
||||
ified domain name to incomplete addresses.
|
||||
|
||||
<b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
|
||||
As of version 1.0, Postfix can be configured to send new
|
||||
mail to an external content filter AFTER the mail is
|
||||
queued. This content filter is expected to inject mail
|
||||
back into a (Postfix or other) MTA for further delivery.
|
||||
As of version 1.0, Postfix can be configured to send new
|
||||
mail to an external content filter AFTER the mail is
|
||||
queued. This content filter is expected to inject mail
|
||||
back into a (Postfix or other) MTA for further delivery.
|
||||
See the <a href="FILTER_README.html">FILTER_README</a> document for details.
|
||||
|
||||
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
|
||||
The name of a mail delivery transport that filters
|
||||
The name of a mail delivery transport that filters
|
||||
mail after it is queued.
|
||||
|
||||
<b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
|
||||
As of version 2.1, the Postfix SMTP server can be config-
|
||||
ured to send incoming mail to a real-time SMTP-based con-
|
||||
As of version 2.1, the Postfix SMTP server can be config-
|
||||
ured to send incoming mail to a real-time SMTP-based con-
|
||||
tent filter BEFORE mail is queued. This content filter is
|
||||
expected to inject mail back into Postfix. See the
|
||||
<a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
|
||||
expected to inject mail back into Postfix. See the
|
||||
<a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
|
||||
ure and operate this feature.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a> (empty)</b>
|
||||
The hostname and TCP port of the mail filtering
|
||||
The hostname and TCP port of the mail filtering
|
||||
proxy server.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
|
||||
@ -154,42 +155,42 @@ SMTPD(8) SMTPD(8)
|
||||
for sending or receiving information.
|
||||
|
||||
<b>GENERAL CONTENT INSPECTION CONTROLS</b>
|
||||
The following parameters are applicable for both built-in
|
||||
The following parameters are applicable for both built-in
|
||||
and external content filters.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
|
||||
Enable or disable recipient validation, built-in
|
||||
Enable or disable recipient validation, built-in
|
||||
content filtering, or address mapping.
|
||||
|
||||
<b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
|
||||
The following parameters are applicable for both before-
|
||||
The following parameters are applicable for both before-
|
||||
queue and after-queue content filtering.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b>
|
||||
What SMTP clients are allowed to use the XFORWARD
|
||||
What SMTP clients are allowed to use the XFORWARD
|
||||
feature.
|
||||
|
||||
<b>SASL AUTHENTICATION CONTROLS</b>
|
||||
Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti-
|
||||
cate remote SMTP clients to the Postfix SMTP server, and
|
||||
to authenticate the Postfix SMTP client to a remote SMTP
|
||||
Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti-
|
||||
cate remote SMTP clients to the Postfix SMTP server, and
|
||||
to authenticate the Postfix SMTP client to a remote SMTP
|
||||
server. See the <a href="SASL_README.html">SASL_README</a> document for details.
|
||||
|
||||
<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b>
|
||||
Enable inter-operability with SMTP clients that
|
||||
implement an obsolete version of the AUTH command
|
||||
Enable inter-operability with SMTP clients that
|
||||
implement an obsolete version of the AUTH command
|
||||
(<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>).
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b>
|
||||
Enable SASL authentication in the Postfix SMTP
|
||||
Enable SASL authentication in the Postfix SMTP
|
||||
server.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a> (smtpd)</b>
|
||||
The application name used for SASL server initial-
|
||||
The application name used for SASL server initial-
|
||||
ization.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b>
|
||||
@ -200,69 +201,69 @@ SMTPD(8) SMTPD(8)
|
||||
SMTP server will offer to the client.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b>
|
||||
Optional lookup table with the SASL login names
|
||||
Optional lookup table with the SASL login names
|
||||
that own sender (MAIL FROM) addresses.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b>
|
||||
What SMTP clients Postfix will not offer AUTH sup-
|
||||
What SMTP clients Postfix will not offer AUTH sup-
|
||||
port to.
|
||||
|
||||
<b>VERP SUPPORT CONTROLS</b>
|
||||
With VERP style delivery, each recipient of a message
|
||||
With VERP style delivery, each recipient of a message
|
||||
receives a customized copy of the message with his/her own
|
||||
recipient address encoded in the envelope sender address.
|
||||
recipient address encoded in the envelope sender address.
|
||||
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
|
||||
details of Postfix support for variable envelope return
|
||||
details of Postfix support for variable envelope return
|
||||
path addresses. VERP style delivery is requested with the
|
||||
SMTP XVERP command or with the "sendmail -V" command-line
|
||||
option and is available in Postfix version 1.1 and later.
|
||||
SMTP XVERP command or with the "sendmail -V" command-line
|
||||
option and is available in Postfix version 1.1 and later.
|
||||
|
||||
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
|
||||
The two default VERP delimiter characters.
|
||||
|
||||
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
|
||||
The characters Postfix accepts as VERP delimiter
|
||||
characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
|
||||
The characters Postfix accepts as VERP delimiter
|
||||
characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
|
||||
and in SMTP commands.
|
||||
|
||||
Available in Postfix version 1.1 and 2.0:
|
||||
|
||||
<b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
|
||||
What SMTP clients are allowed to specify the XVERP
|
||||
What SMTP clients are allowed to specify the XVERP
|
||||
command.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b>
|
||||
What SMTP clients are allowed to specify the XVERP
|
||||
What SMTP clients are allowed to specify the XVERP
|
||||
command.
|
||||
|
||||
<b>TROUBLE SHOOTING CONTROLS</b>
|
||||
The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of
|
||||
the Postfix mail system. The methods vary from making the
|
||||
software log a lot of detail, to running some daemon pro-
|
||||
The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of
|
||||
the Postfix mail system. The methods vary from making the
|
||||
software log a lot of detail, to running some daemon pro-
|
||||
cesses under control of a call tracer or debugger.
|
||||
|
||||
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
|
||||
The increment in verbose logging level when a
|
||||
remote client or server matches a pattern in the
|
||||
The increment in verbose logging level when a
|
||||
remote client or server matches a pattern in the
|
||||
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
|
||||
|
||||
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
|
||||
Optional list of remote client or server hostname
|
||||
or network address patterns that cause the verbose
|
||||
logging level to increase by the amount specified
|
||||
Optional list of remote client or server hostname
|
||||
or network address patterns that cause the verbose
|
||||
logging level to increase by the amount specified
|
||||
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
|
||||
|
||||
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
|
||||
The recipient of postmaster notifications about
|
||||
mail delivery problems that are caused by policy,
|
||||
The recipient of postmaster notifications about
|
||||
mail delivery problems that are caused by policy,
|
||||
resource, software or protocol errors.
|
||||
|
||||
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
|
||||
The list of error classes that are reported to the
|
||||
The list of error classes that are reported to the
|
||||
postmaster.
|
||||
|
||||
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
|
||||
@ -272,22 +273,22 @@ SMTPD(8) SMTPD(8)
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> (empty)</b>
|
||||
What SMTP clients are allowed to use the XCLIENT
|
||||
What SMTP clients are allowed to use the XCLIENT
|
||||
feature.
|
||||
|
||||
<b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b>
|
||||
As of Postfix version 2.0, the SMTP server rejects mail
|
||||
for unknown recipients. This prevents the mail queue from
|
||||
clogging up with undeliverable MAILER-DAEMON messages.
|
||||
Additional information on this topic is in the
|
||||
As of Postfix version 2.0, the SMTP server rejects mail
|
||||
for unknown recipients. This prevents the mail queue from
|
||||
clogging up with undeliverable MAILER-DAEMON messages.
|
||||
Additional information on this topic is in the
|
||||
<a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents.
|
||||
|
||||
<b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b>
|
||||
Display the name of the recipient table in the
|
||||
Display the name of the recipient table in the
|
||||
"User unknown" responses.
|
||||
|
||||
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
|
||||
Optional address mapping lookup tables for message
|
||||
Optional address mapping lookup tables for message
|
||||
headers and envelopes.
|
||||
|
||||
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
|
||||
@ -298,7 +299,7 @@ SMTPD(8) SMTPD(8)
|
||||
|
||||
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, local-</b>
|
||||
<b>host)</b>
|
||||
The list of domains that are delivered via the
|
||||
The list of domains that are delivered via the
|
||||
$<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport.
|
||||
|
||||
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
|
||||
@ -307,185 +308,185 @@ SMTPD(8) SMTPD(8)
|
||||
|
||||
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
|
||||
The network interface addresses that this mail sys-
|
||||
tem receives mail on by way of a proxy or network
|
||||
tem receives mail on by way of a proxy or network
|
||||
address translation unit.
|
||||
|
||||
<b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> (<a href="proxymap.8.html">proxy</a>:unix:passwd.byname</b>
|
||||
<b>$<a href="postconf.5.html#alias_maps">alias_maps</a>)</b>
|
||||
Lookup tables with all names or addresses of local
|
||||
recipients: a recipient address is local when its
|
||||
domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
|
||||
Lookup tables with all names or addresses of local
|
||||
recipients: a recipient address is local when its
|
||||
domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
|
||||
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> (550)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a recipient address is local, and
|
||||
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup
|
||||
The numerical Postfix SMTP server response code
|
||||
when a recipient address is local, and
|
||||
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup
|
||||
tables that does not match the recipient.
|
||||
|
||||
Parameters concerning known/unknown recipients of relay
|
||||
Parameters concerning known/unknown recipients of relay
|
||||
destinations:
|
||||
|
||||
<b><a href="postconf.5.html#relay_domains">relay_domains</a> ($<a href="postconf.5.html#mydestination">mydestination</a>)</b>
|
||||
What destination domains (and subdomains thereof)
|
||||
What destination domains (and subdomains thereof)
|
||||
this system will relay mail to.
|
||||
|
||||
<b><a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> (empty)</b>
|
||||
Optional lookup tables with all valid addresses in
|
||||
Optional lookup tables with all valid addresses in
|
||||
the domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a>.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a> (550)</b>
|
||||
The numerical Postfix SMTP server reply code when a
|
||||
recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and
|
||||
<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup
|
||||
recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and
|
||||
<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup
|
||||
tables that does not match the recipient address.
|
||||
|
||||
Parameters concerning known/unknown recipients in virtual
|
||||
Parameters concerning known/unknown recipients in virtual
|
||||
alias domains:
|
||||
|
||||
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
|
||||
Postfix is final destination for the specified list
|
||||
of virtual alias domains, that is, domains for
|
||||
which all addresses are aliased to addresses in
|
||||
of virtual alias domains, that is, domains for
|
||||
which all addresses are aliased to addresses in
|
||||
other local or remote domains.
|
||||
|
||||
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
|
||||
Optional lookup tables that alias specific mail
|
||||
addresses or domains to other local or remote
|
||||
Optional lookup tables that alias specific mail
|
||||
addresses or domains to other local or remote
|
||||
address.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b>
|
||||
The SMTP server reply code when a recipient address
|
||||
matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>-
|
||||
<a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables
|
||||
matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>-
|
||||
<a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables
|
||||
that does not match the recipient address.
|
||||
|
||||
Parameters concerning known/unknown recipients in virtual
|
||||
Parameters concerning known/unknown recipients in virtual
|
||||
mailbox domains:
|
||||
|
||||
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
|
||||
Postfix is final destination for the specified list
|
||||
of domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
|
||||
of domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
|
||||
<a href="postconf.5.html#virtual_transport">tual_transport</a> mail delivery transport.
|
||||
|
||||
<b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
|
||||
Optional lookup tables with all valid addresses in
|
||||
Optional lookup tables with all valid addresses in
|
||||
the domains that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a> (550)</b>
|
||||
The SMTP server reply code when a recipient address
|
||||
matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
|
||||
matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
|
||||
<a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a> specifies a list of lookup tables
|
||||
that does not match the recipient address.
|
||||
|
||||
<b>RESOURCE AND RATE CONTROLS</b>
|
||||
The following parameters limit resource usage by the SMTP
|
||||
The following parameters limit resource usage by the SMTP
|
||||
server and/or control client request rates.
|
||||
|
||||
<b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b>
|
||||
Upon input, long lines are chopped up into pieces
|
||||
of at most this length; upon delivery, long lines
|
||||
Upon input, long lines are chopped up into pieces
|
||||
of at most this length; upon delivery, long lines
|
||||
are reconstructed.
|
||||
|
||||
<b><a href="postconf.5.html#queue_minfree">queue_minfree</a> (0)</b>
|
||||
The minimal amount of free space in bytes in the
|
||||
The minimal amount of free space in bytes in the
|
||||
queue file system that is needed to receive mail.
|
||||
|
||||
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
|
||||
The maximal size in bytes of a message, including
|
||||
The maximal size in bytes of a message, including
|
||||
envelope information.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a> (1000)</b>
|
||||
The maximal number of recipients that the Postfix
|
||||
The maximal number of recipients that the Postfix
|
||||
SMTP server accepts per message delivery request.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> (300s)</b>
|
||||
The time limit for sending a Postfix SMTP server
|
||||
response and for receiving a remote SMTP client
|
||||
The time limit for sending a Postfix SMTP server
|
||||
response and for receiving a remote SMTP client
|
||||
request.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_history_flush_threshold">smtpd_history_flush_threshold</a> (100)</b>
|
||||
The maximal number of lines in the Postfix SMTP
|
||||
server command history before it is flushed upon
|
||||
The maximal number of lines in the Postfix SMTP
|
||||
server command history before it is flushed upon
|
||||
receipt of EHLO, RSET, or end of DATA.
|
||||
|
||||
The per SMTP client connection count and request rate lim-
|
||||
its are implemented in co-operation with the <a href="anvil.8.html">anvil(8)</a> ser-
|
||||
vice, and are available in Postfix version 2.2 and later.
|
||||
vice, and are available in Postfix version 2.2 and later.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b>
|
||||
How many simultaneous connections any client is
|
||||
How many simultaneous connections any client is
|
||||
allowed to make to this service.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (0)</b>
|
||||
The maximal number of connection attempts any
|
||||
client is allowed to make to this service per time
|
||||
client is allowed to make to this service per time
|
||||
unit.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (0)</b>
|
||||
The maximal number of message delivery requests
|
||||
that any client is allowed to make to this service
|
||||
The maximal number of message delivery requests
|
||||
that any client is allowed to make to this service
|
||||
per time unit, regardless of whether or not Postfix
|
||||
actually accepts those messages.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (0)</b>
|
||||
The maximal number of recipient addresses that any
|
||||
client is allowed to send to this service per time
|
||||
The maximal number of recipient addresses that any
|
||||
client is allowed to send to this service per time
|
||||
unit, regardless of whether or not Postfix actually
|
||||
accepts those recipients.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
|
||||
Clients that are excluded from connection count,
|
||||
connection rate, message rate or recipient rate
|
||||
Clients that are excluded from connection count,
|
||||
connection rate, message rate or recipient rate
|
||||
restrictions.
|
||||
|
||||
<b>TARPIT CONTROLS</b>
|
||||
When a remote SMTP client makes errors, the Postfix SMTP
|
||||
server can insert delays before responding. This can help
|
||||
to slow down run-away software. The behavior is con-
|
||||
trolled by an error counter that counts the number of
|
||||
errors within an SMTP session that a client makes without
|
||||
When a remote SMTP client makes errors, the Postfix SMTP
|
||||
server can insert delays before responding. This can help
|
||||
to slow down run-away software. The behavior is con-
|
||||
trolled by an error counter that counts the number of
|
||||
errors within an SMTP session that a client makes without
|
||||
delivering mail.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> (1s)</b>
|
||||
With Postfix 2.1 and later: the SMTP server
|
||||
response delay after a client has made more than
|
||||
$<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than
|
||||
$<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering
|
||||
With Postfix 2.1 and later: the SMTP server
|
||||
response delay after a client has made more than
|
||||
$<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than
|
||||
$<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering
|
||||
mail.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> (10)</b>
|
||||
The number of errors a remote SMTP client is
|
||||
allowed to make without delivering mail before the
|
||||
The number of errors a remote SMTP client is
|
||||
allowed to make without delivering mail before the
|
||||
Postfix SMTP server slows down all its responses.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> (20)</b>
|
||||
The maximal number of errors a remote SMTP client
|
||||
The maximal number of errors a remote SMTP client
|
||||
is allowed to make without delivering mail.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> (100)</b>
|
||||
The number of junk commands (NOOP, VRFY, ETRN or
|
||||
The number of junk commands (NOOP, VRFY, ETRN or
|
||||
RSET) that a remote SMTP client can send before the
|
||||
Postfix SMTP server starts to increment the error
|
||||
Postfix SMTP server starts to increment the error
|
||||
counter with each junk command.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
|
||||
The number of recipients that a remote SMTP client
|
||||
can send in excess of the limit specified with
|
||||
The number of recipients that a remote SMTP client
|
||||
can send in excess of the limit specified with
|
||||
$<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before the Postfix SMTP
|
||||
server increments the per-session error count for
|
||||
server increments the per-session error count for
|
||||
each excess recipient.
|
||||
|
||||
<b>ACCESS POLICY DELEGATION CONTROLS</b>
|
||||
As of version 2.1, Postfix can be configured to delegate
|
||||
access policy decisions to an external server that runs
|
||||
outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
|
||||
As of version 2.1, Postfix can be configured to delegate
|
||||
access policy decisions to an external server that runs
|
||||
outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
|
||||
more information.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
|
||||
The time after which an idle SMTPD policy service
|
||||
The time after which an idle SMTPD policy service
|
||||
connection is closed.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b>
|
||||
@ -493,154 +494,154 @@ SMTPD(8) SMTPD(8)
|
||||
connection is closed.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
|
||||
The time limit for connecting to, writing to or
|
||||
The time limit for connecting to, writing to or
|
||||
receiving from a delegated SMTPD policy server.
|
||||
|
||||
<b>ACCESS CONTROLS</b>
|
||||
The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
|
||||
The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
|
||||
all the SMTP server access control features.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b>
|
||||
Wait until the RCPT TO command before evaluating
|
||||
Wait until the RCPT TO command before evaluating
|
||||
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $smtpd_helo_restric-
|
||||
tions and $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until
|
||||
the ETRN command before evaluating
|
||||
the ETRN command before evaluating
|
||||
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $smtpd_helo_restric-
|
||||
tions.
|
||||
|
||||
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b>
|
||||
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b>
|
||||
<b>put)</b>
|
||||
What Postfix features match subdomains of
|
||||
"domain.tld" automatically, instead of requiring an
|
||||
explicit ".domain.tld" pattern.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b>
|
||||
Optional SMTP server access restrictions in the
|
||||
Optional SMTP server access restrictions in the
|
||||
context of a client SMTP connection request.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b>
|
||||
Require that a remote SMTP client introduces itself
|
||||
at the beginning of an SMTP session with the HELO
|
||||
at the beginning of an SMTP session with the HELO
|
||||
or EHLO command.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b>
|
||||
Optional restrictions that the Postfix SMTP server
|
||||
Optional restrictions that the Postfix SMTP server
|
||||
applies in the context of the SMTP HELO command.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b>
|
||||
Optional restrictions that the Postfix SMTP server
|
||||
Optional restrictions that the Postfix SMTP server
|
||||
applies in the context of the MAIL FROM command.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,</b>
|
||||
<b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b>
|
||||
The access restrictions that the Postfix SMTP
|
||||
server applies in the context of the RCPT TO com-
|
||||
server applies in the context of the RCPT TO com-
|
||||
mand.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b>
|
||||
Optional SMTP server access restrictions in the
|
||||
Optional SMTP server access restrictions in the
|
||||
context of a client ETRN request.
|
||||
|
||||
<b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b>
|
||||
Forward mail with sender-specified routing
|
||||
(user[@%!]remote[@%!]site) from untrusted clients
|
||||
Forward mail with sender-specified routing
|
||||
(user[@%!]remote[@%!]site) from untrusted clients
|
||||
to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b>
|
||||
User-defined aliases for groups of access restric-
|
||||
User-defined aliases for groups of access restric-
|
||||
tions.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b><><b>)</b>
|
||||
The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables
|
||||
The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables
|
||||
instead of the null sender address.
|
||||
|
||||
<b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
|
||||
Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP
|
||||
access feature to only domains whose primary MX
|
||||
access feature to only domains whose primary MX
|
||||
hosts match the listed networks.
|
||||
|
||||
Available in Postfix version 2.0 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b>
|
||||
Optional access restrictions that the Postfix SMTP
|
||||
Optional access restrictions that the Postfix SMTP
|
||||
server applies in the context of the SMTP DATA com-
|
||||
mand.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b>
|
||||
What characters are allowed in $name expansions of
|
||||
What characters are allowed in $name expansions of
|
||||
RBL reply templates.
|
||||
|
||||
Available in Postfix version 2.1 and later:
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b>
|
||||
Request that the Postfix SMTP server rejects mail
|
||||
from unknown sender addresses, even when no
|
||||
explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
|
||||
Request that the Postfix SMTP server rejects mail
|
||||
from unknown sender addresses, even when no
|
||||
explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
|
||||
is specified.
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b>
|
||||
Request that the Postfix SMTP server rejects mail
|
||||
Request that the Postfix SMTP server rejects mail
|
||||
for unknown recipient addresses, even when no
|
||||
explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
|
||||
explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
|
||||
tion is specified.
|
||||
|
||||
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
|
||||
Postfix version 2.1 introduces sender and recipient
|
||||
address verification. This feature is implemented by
|
||||
sending probe email messages that are not actually deliv-
|
||||
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
|
||||
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
|
||||
restrictions. The status of verification probes is main-
|
||||
Postfix version 2.1 introduces sender and recipient
|
||||
address verification. This feature is implemented by
|
||||
sending probe email messages that are not actually deliv-
|
||||
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
|
||||
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
|
||||
restrictions. The status of verification probes is main-
|
||||
tained by the <a href="verify.8.html">verify(8)</a> server. See the file ADDRESS_VER-
|
||||
<a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
|
||||
<a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
|
||||
and operate the Postfix sender/recipient address verifica-
|
||||
tion service.
|
||||
|
||||
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
|
||||
How many times to query the <a href="verify.8.html">verify(8)</a> service for
|
||||
the completion of an address verification request
|
||||
How many times to query the <a href="verify.8.html">verify(8)</a> service for
|
||||
the completion of an address verification request
|
||||
in progress.
|
||||
|
||||
<b><a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> (3s)</b>
|
||||
The delay between queries for the completion of an
|
||||
The delay between queries for the completion of an
|
||||
address verification request in progress.
|
||||
|
||||
<b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> (postmaster)</b>
|
||||
The sender address to use in address verification
|
||||
The sender address to use in address verification
|
||||
probes.
|
||||
|
||||
<b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a recipient address is rejected by the
|
||||
The numerical Postfix SMTP server response code
|
||||
when a recipient address is rejected by the
|
||||
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
|
||||
|
||||
<b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response when a
|
||||
The numerical Postfix SMTP server response when a
|
||||
recipient address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unveri</a>-
|
||||
<a href="postconf.5.html#reject_unverified_recipient">fied_recipient</a> restriction.
|
||||
|
||||
<b>ACCESS CONTROL RESPONSES</b>
|
||||
The following parameters control numerical SMTP reply
|
||||
The following parameters control numerical SMTP reply
|
||||
codes and/or text responses.
|
||||
|
||||
<b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client is rejected by an <a href="access.5.html">access(5)</a> map
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client is rejected by an <a href="access.5.html">access(5)</a> map
|
||||
restriction.
|
||||
|
||||
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is rejected by
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is rejected by
|
||||
the "defer" restriction.
|
||||
|
||||
<b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when the client HELO or EHLO command parameter is
|
||||
rejected by the <a href="postconf.5.html#reject_invalid_hostname">reject_invalid_hostname</a> restric-
|
||||
The numerical Postfix SMTP server response code
|
||||
when the client HELO or EHLO command parameter is
|
||||
rejected by the <a href="postconf.5.html#reject_invalid_hostname">reject_invalid_hostname</a> restric-
|
||||
tion.
|
||||
|
||||
<b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is blocked by the
|
||||
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
|
||||
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a>
|
||||
@ -648,47 +649,47 @@ SMTPD(8) SMTPD(8)
|
||||
|
||||
<b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b>
|
||||
The numerical Postfix SMTP server reply code when a
|
||||
client request is rejected by the
|
||||
client request is rejected by the
|
||||
<a href="postconf.5.html#reject_non_fqdn_hostname">reject_non_fqdn_hostname</a>, <a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or
|
||||
<a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction.
|
||||
|
||||
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is rejected by
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is rejected by
|
||||
the "<b>reject</b>" restriction.
|
||||
|
||||
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client request is rejected by the
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client request is rejected by the
|
||||
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient restriction.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a sender or recipient address is rejected by
|
||||
The numerical Postfix SMTP server response code
|
||||
when a sender or recipient address is rejected by
|
||||
the <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or
|
||||
<a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> restriction.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client without valid address <=> name map-
|
||||
ping is rejected by the <a href="postconf.5.html#reject_unknown_client">reject_unknown_client</a>
|
||||
The numerical Postfix SMTP server response code
|
||||
when a client without valid address <=> name map-
|
||||
ping is rejected by the <a href="postconf.5.html#reject_unknown_client">reject_unknown_client</a>
|
||||
restriction.
|
||||
|
||||
<b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
when the hostname specified with the HELO or EHLO
|
||||
command is rejected by the <a href="postconf.5.html#reject_unknown_hostname">reject_unknown_hostname</a>
|
||||
The numerical Postfix SMTP server response code
|
||||
when the hostname specified with the HELO or EHLO
|
||||
command is rejected by the <a href="postconf.5.html#reject_unknown_hostname">reject_unknown_hostname</a>
|
||||
restriction.
|
||||
|
||||
Available in Postfix version 2.0 and later:
|
||||
|
||||
<b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b>
|
||||
The default SMTP server response template for a
|
||||
request that is rejected by an RBL-based restric-
|
||||
The default SMTP server response template for a
|
||||
request that is rejected by an RBL-based restric-
|
||||
tion.
|
||||
|
||||
<b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b>
|
||||
The numerical Postfix SMTP server response code
|
||||
The numerical Postfix SMTP server response code
|
||||
when a remote SMTP client request is blocked by the
|
||||
<a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a> restriction.
|
||||
|
||||
@ -697,16 +698,16 @@ SMTPD(8) SMTPD(8)
|
||||
|
||||
<b>MISCELLANEOUS CONTROLS</b>
|
||||
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
|
||||
The default location of the Postfix main.cf and
|
||||
The default location of the Postfix main.cf and
|
||||
master.cf configuration files.
|
||||
|
||||
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
|
||||
How much time a Postfix daemon process may take to
|
||||
handle a request before it is terminated by a
|
||||
How much time a Postfix daemon process may take to
|
||||
handle a request before it is terminated by a
|
||||
built-in watchdog timer.
|
||||
|
||||
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
|
||||
The location of all postfix administrative com-
|
||||
The location of all postfix administrative com-
|
||||
mands.
|
||||
|
||||
<b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b>
|
||||
@ -727,36 +728,36 @@ SMTPD(8) SMTPD(8)
|
||||
and most Postfix daemon processes.
|
||||
|
||||
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
|
||||
The maximum amount of time that an idle Postfix
|
||||
daemon process waits for the next service request
|
||||
The maximum amount of time that an idle Postfix
|
||||
daemon process waits for the next service request
|
||||
before exiting.
|
||||
|
||||
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
|
||||
The maximal number of connection requests before a
|
||||
The maximal number of connection requests before a
|
||||
Postfix daemon process terminates.
|
||||
|
||||
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
|
||||
The internet hostname of this mail system.
|
||||
|
||||
<b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
|
||||
The list of "trusted" SMTP clients that have more
|
||||
The list of "trusted" SMTP clients that have more
|
||||
privileges than "strangers".
|
||||
|
||||
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
|
||||
The domain name that locally-posted mail appears to
|
||||
come from, and that locally posted mail is deliv-
|
||||
come from, and that locally posted mail is deliv-
|
||||
ered to.
|
||||
|
||||
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
|
||||
The process ID of a Postfix command or daemon pro-
|
||||
The process ID of a Postfix command or daemon pro-
|
||||
cess.
|
||||
|
||||
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
|
||||
The process name of a Postfix command or daemon
|
||||
The process name of a Postfix command or daemon
|
||||
process.
|
||||
|
||||
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
|
||||
The location of the Postfix top-level queue direc-
|
||||
The location of the Postfix top-level queue direc-
|
||||
tory.
|
||||
|
||||
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
|
||||
@ -764,14 +765,14 @@ SMTPD(8) SMTPD(8)
|
||||
sions (user+foo).
|
||||
|
||||
<b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
|
||||
The text that follows the 220 status code in the
|
||||
The text that follows the 220 status code in the
|
||||
SMTP greeting banner.
|
||||
|
||||
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
|
||||
The syslog facility of Postfix logging.
|
||||
|
||||
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
|
||||
The mail system name that is prepended to the pro-
|
||||
The mail system name that is prepended to the pro-
|
||||
cess name in syslog records, so that "smtpd"
|
||||
becomes, for example, "postfix/smtpd".
|
||||
|
||||
@ -797,7 +798,7 @@ SMTPD(8) SMTPD(8)
|
||||
<a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
|
||||
|
||||
<b>LICENSE</b>
|
||||
The Secure Mailer license must be distributed with this
|
||||
The Secure Mailer license must be distributed with this
|
||||
software.
|
||||
|
||||
<b>AUTHOR(S)</b>
|
||||
|
@ -21,17 +21,14 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
|
||||
Rewrite an address to standard form, according to
|
||||
the address rewriting context:
|
||||
|
||||
<b>local</b>
|
||||
|
||||
<b>none</b> Append the domain names specified with <b>$<a href="postconf.5.html#myorigin">myo</a>-</b>
|
||||
<b>local</b> Append the domain names specified with <b>$<a href="postconf.5.html#myorigin">myo</a>-</b>
|
||||
<b><a href="postconf.5.html#myorigin">rigin</a></b> or <b>$<a href="postconf.5.html#mydomain">mydomain</a></b> to incomplete addresses;
|
||||
do <b><a href="postconf.5.html#swap_bangpath">swap_bangpath</a></b> and <b><a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a></b> pro-
|
||||
cessing as described below, and strip source
|
||||
routed addresses (<i>@site,@site:user@domain</i>)
|
||||
to <i>user@domain</i> form.
|
||||
|
||||
<b>invalid</b>
|
||||
Append the domain name specified with
|
||||
<b>remote</b> Append the domain name specified with
|
||||
<b>$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a></b> to incomplete
|
||||
addresses. Otherwise the result is identical
|
||||
to that of the <b>local</b> address rewriting con-
|
||||
@ -135,10 +132,11 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
|
||||
|
||||
Available in Postfix 2.2 and later:
|
||||
|
||||
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (domain.invalid)</b>
|
||||
Append this domain to incomplete message header
|
||||
addresses from remote clients; when the domain is
|
||||
empty, don't rewrite remote message headers at all.
|
||||
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
|
||||
Don't rewrite message headers from remote clients
|
||||
at all when this parameter is empty; otherwise,
|
||||
rewrite remote message headers and append the spec-
|
||||
ified domain name to incomplete addresses.
|
||||
|
||||
<b>ROUTING CONTROLS</b>
|
||||
The following is applicable to Postfix version 2.0 and
|
||||
|
@ -1561,9 +1561,10 @@ Setting this parameter to a value > 1 changes the meaning of
|
||||
local_destination_concurrency_limit from concurrency per recipient
|
||||
into concurrency per domain.
|
||||
.SH local_header_rewrite_clients (default: see "postconf -d" output)
|
||||
Append the domain name in $myorigin or $mydomain to incomplete
|
||||
message header addresses from these clients; append
|
||||
$remote_header_rewrite_domain for all other clients.
|
||||
Append the domain name in $myorigin or $mydomain to message
|
||||
header addresses from these clients only; either don't rewrite
|
||||
message headers from other clients at all, or append the domain
|
||||
specified with the remote_header_rewrite_domain parameter.
|
||||
.PP
|
||||
Specify a list of zero or more of the following:
|
||||
.IP "\fB permit_mynetworks \fR"
|
||||
@ -1595,11 +1596,37 @@ for pop-before-smtp lookup tables.
|
||||
.PP
|
||||
Examples:
|
||||
.PP
|
||||
The backwards compatible setting: always rewrite message headers,
|
||||
and always append my own domain to incomplete header addresses.
|
||||
.PP
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
local_header_rewrite_clients = static:all
|
||||
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated
|
||||
local_header_rewrite_clients = static:all
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
.PP
|
||||
The default setting: rewrite headers and append my own domain
|
||||
only with mail from local or authorized clients.
|
||||
.PP
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
local_header_rewrite_clients = permit_mynetworks,
|
||||
permit_sasl_authenticated permit_tls_clientcerts
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
.PP
|
||||
Include clients that are pop-before-smtp authenticated:
|
||||
.PP
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
local_header_rewrite_clients = permit_mynetworks,
|
||||
permit_sasl_authenticated permit_tls_clientcerts
|
||||
check_address_map hash:/etc/postfix/pop-before-smtp
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
@ -2676,11 +2703,35 @@ relocated_maps = hash:/etc/postfix/relocated
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
.SH remote_header_rewrite_domain (default: domain.invalid)
|
||||
Append this domain name to incomplete message header addresses
|
||||
from remote clients; when this domain name is empty, don't rewrite
|
||||
remote message headers at all. Both stop Postfix from appending
|
||||
your own domain to addresses in spam from poorly written software.
|
||||
.SH remote_header_rewrite_domain (default: empty)
|
||||
Don't rewrite message headers from remote clients at all when
|
||||
this parameter is empty; otherwise, rewrite remote message headers
|
||||
and append the specified domain name to incomplete addresses.
|
||||
.PP
|
||||
Examples:
|
||||
.PP
|
||||
The safe setting: append "domain.invalid" to incomplete header
|
||||
addresses from remote SMTP clients, so that those addresses cannot
|
||||
be confused with local addresses.
|
||||
.PP
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
remote_header_rewrite_domain = domain.invalid
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
.PP
|
||||
The default, purist, setting: don't rewrite headers from remote
|
||||
clients at all.
|
||||
.PP
|
||||
.nf
|
||||
.na
|
||||
.ft C
|
||||
remote_header_rewrite_domain =
|
||||
.fi
|
||||
.ad
|
||||
.ft R
|
||||
.SH require_home_directory (default: no)
|
||||
Whether or not a local(8) recipient's home directory must exist
|
||||
before mail delivery is attempted. By default this test is disabled.
|
||||
|
@ -215,6 +215,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
.nf
|
||||
smtpd(8), Postfix SMTP server
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
.SH "README FILES"
|
||||
.na
|
||||
.nf
|
||||
|
@ -123,6 +123,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
.nf
|
||||
qmgr(8), queue manager
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
|
@ -299,6 +299,7 @@ body_checks(5), body parts content inspection
|
||||
canonical(5), canonical address lookup table format
|
||||
virtual(5), virtual alias lookup table format
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "README FILES"
|
||||
|
@ -92,6 +92,7 @@ qmgr(8), queue manager
|
||||
bounce(8), delivery status reports
|
||||
error(8), Postfix error delivery agent
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
|
@ -101,6 +101,7 @@ qmgr(8), queue manager
|
||||
bounce(8), delivery status reports
|
||||
discard(8), Postfix discard delivery agent
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
|
@ -136,6 +136,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
smtpd(8), SMTP server
|
||||
qmgr(8), queue manager
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "README FILES"
|
||||
|
@ -181,9 +181,9 @@ The LMTP client time limit for sending the LMTP message content.
|
||||
.IP "\fBlmtp_data_done_timeout (600s)\fR"
|
||||
The LMTP client time limit for sending the LMTP ".", and for
|
||||
receiving the server response.
|
||||
.IP "\fBlmtp_rset_timeout (120s)\fR"
|
||||
The LMTP client time limit for sending the RSET command, and for
|
||||
receiving the server response.
|
||||
.IP "\fBlmtp_rset_timeout (20s)\fR"
|
||||
The LMTP client time limit for sending the RSET command, and
|
||||
for receiving the server response.
|
||||
.IP "\fBlmtp_quit_timeout (300s)\fR"
|
||||
The LMTP client time limit for sending the QUIT command, and for
|
||||
receiving the server response.
|
||||
@ -228,6 +228,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
bounce(8), delivery status reports
|
||||
qmgr(8), queue manager
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
services(4), Internet services and aliases
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
|
@ -509,6 +509,7 @@ newaliases(1), create/update alias database
|
||||
postalias(1), create/update alias database
|
||||
aliases(5), format of alias database
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
.na
|
||||
|
@ -287,6 +287,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
trivial-rewrite(8), address routing
|
||||
bounce(8), delivery status reports
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8) system logging
|
||||
.SH "README FILES"
|
||||
|
@ -67,7 +67,7 @@ The name of a mail delivery transport that filters mail after
|
||||
it is queued.
|
||||
.IP "\fBreceive_override_options (empty)\fR"
|
||||
Enable or disable recipient validation, built-in content
|
||||
filtering, or address rewriting.
|
||||
filtering, or address mapping.
|
||||
.SH "MISCELLANEOUS CONTROLS"
|
||||
.na
|
||||
.nf
|
||||
@ -109,6 +109,7 @@ cleanup(8), message canonicalization
|
||||
sendmail(1), Sendmail-compatible interface
|
||||
postdrop(1), mail posting agent
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
|
@ -297,6 +297,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
|
||||
qmgr(8), queue manager
|
||||
bounce(8), delivery status reports
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
master(8), process manager
|
||||
syslogd(8), system logging
|
||||
.SH "LICENSE"
|
||||
|
@ -122,6 +122,21 @@ The process ID of a Postfix command or daemon process.
|
||||
The process name of a Postfix command or daemon process.
|
||||
.IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
|
||||
The lookup tables that the proxymap(8) server is allowed to access.
|
||||
.SH "SEE ALSO"
|
||||
.na
|
||||
.nf
|
||||
postconf(5), configuration parameters
|
||||
master(5), generic daemon options
|
||||
.SH "README FILES"
|
||||
.na
|
||||
.nf
|
||||
.ad
|
||||
.fi
|
||||
Use "\fBpostconf readme_directory\fR" or
|
||||
"\fBpostconf html_directory\fR" to locate this information.
|
||||
.na
|
||||
.nf
|
||||
DATABASE_README, Postfix lookup table overview
|
||||
.SH "LICENSE"
|
||||
.na
|
||||
.nf
|
||||
|
@ -113,13 +113,14 @@ filtering, or address mapping.
|
||||
.PP
|
||||
Available in Postfix version 2.2 and later:
|
||||
.IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR"
|
||||
Append the domain name in $myorigin or $mydomain to incomplete
|
||||
message header addresses from these clients; append
|
||||
$remote_header_rewrite_domain for all other clients.
|
||||
.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR"
|
||||
Append this domain name to incomplete message header addresses
|
||||
from remote clients; when this domain name is empty, don't rewrite
|
||||
remote message headers at all.
|
||||
Append the domain name in $myorigin or $mydomain to message
|
||||
header addresses from these clients only; either don't rewrite
|
||||
message headers from other clients at all, or append the domain
|
||||
specified with the remote_header_rewrite_domain parameter.
|
||||
.IP "\fBremote_header_rewrite_domain (empty)\fR"
|
||||
Don't rewrite message headers from remote clients at all when
|
||||
this parameter is empty; otherwise, rewrite remote message headers
|
||||
and append the specified domain name to incomplete addresses.
|
||||
.SH "AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS"
|
||||
.na
|
||||
.nf
|
||||
|
@ -19,13 +19,12 @@ Rewrite an address to standard form, according to the
|
||||
address rewriting context:
|
||||
.RS
|
||||
.IP \fBlocal\fR
|
||||
.IP \fBnone\fR
|
||||
Append the domain names specified with \fB$myorigin\fR or
|
||||
\fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR
|
||||
and \fBallow_percent_hack\fR processing as described below, and
|
||||
strip source routed addresses (\fI@site,@site:user@domain\fR)
|
||||
to \fIuser@domain\fR form.
|
||||
.IP \fBinvalid\fR
|
||||
.IP \fBremote\fR
|
||||
Append the domain name specified with
|
||||
\fB$remote_header_rewrite_domain\fR to incomplete
|
||||
addresses. Otherwise the result is identical to that of
|
||||
@ -127,10 +126,10 @@ The separator between user names and address extensions (user+foo).
|
||||
Enable the rewriting of "site!user" into "user@site".
|
||||
.PP
|
||||
Available in Postfix 2.2 and later:
|
||||
.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR"
|
||||
Append this domain to incomplete message header addresses from
|
||||
remote clients; when the domain is empty, don't rewrite remote message
|
||||
headers at all.
|
||||
.IP "\fBremote_header_rewrite_domain (empty)\fR"
|
||||
Don't rewrite message headers from remote clients at all when
|
||||
this parameter is empty; otherwise, rewrite remote message headers
|
||||
and append the specified domain name to incomplete addresses.
|
||||
.SH "ROUTING CONTROLS"
|
||||
.na
|
||||
.nf
|
||||
|
@ -339,6 +339,12 @@ trivial-rewrite(8) daemon. The purpose of rewriting to standard
|
||||
form is to reduce the number of entries needed in lookup tables.
|
||||
</p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, unless a non-empty domain name is
|
||||
specified with the remote_header_rewrite_domain configuration
|
||||
parameter. The local_header_rewrite_clients parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> The Postfix trivial-rewrite(8) daemon implements the following
|
||||
hard-coded address manipulations: </p>
|
||||
|
||||
@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature,
|
||||
because a lot of Postfix components expect that all addresses have
|
||||
the form "user@domain". </p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, or they append the domain name
|
||||
specified with the remote_header_rewrite_domain configuration
|
||||
parameter. </p>
|
||||
|
||||
<p> If your machine is not the main machine for $myorigin and you
|
||||
wish to have some users delivered locally without going via that
|
||||
main machine, make an entry in the <a href="#virtual">virtual
|
||||
@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$mydomain" </dt>
|
||||
parameter (default: yes). The purpose is to get consistent treatment
|
||||
of different forms of the same hostname. </p>
|
||||
|
||||
<p> Some will argue that rewriting "host" to "host.$mydomain"
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote clients at all, or they append the domain name specified
|
||||
with the remote_header_rewrite_domain configuration parameter. </p>
|
||||
|
||||
<p> Some will argue that rewriting "host" to "host.domain"
|
||||
is bad. That is why it can be turned off. Others like the convenience
|
||||
of having the local domain appended automatically. </p> </dd>
|
||||
|
||||
@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default
|
||||
all header and envelope addresses are rewritten; this is controlled
|
||||
with the canonical_classes configuration parameter. </p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote clients at all, unless a non-empty domain name is
|
||||
specified with the remote_header_rewrite_domain configuration
|
||||
parameter. The local_header_rewrite_clients parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> Address rewriting is
|
||||
done for local and remote addresses. The mapping is useful to
|
||||
replace login names by "Firstname.Lastname" style addresses, or to
|
||||
@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail
|
||||
comes from the gateway itself, instead of from individual machines.
|
||||
</p>
|
||||
|
||||
<p> Postfix versions 2.2 and later do not rewrite message headers
|
||||
from remote SMTP clients at all, unless a non-empty domain name is
|
||||
specified with the remote_header_rewrite_domain configuration
|
||||
parameter. The local_header_rewrite_clients parameter controls
|
||||
what SMTP clients Postfix considers local. </p>
|
||||
|
||||
<p> Address masquerading is disabled by default, and is implemented
|
||||
by the cleanup(8) server. To enable, edit the masquerade_domains
|
||||
parameter in the main.cf file and specify one or more domain names
|
||||
|
@ -7218,19 +7218,35 @@ is already bounded by $max_idle. </p>
|
||||
session cache hit and miss rates for logical destinations and for
|
||||
physical endpoints. </p>
|
||||
|
||||
%PARAM remote_header_rewrite_domain domain.invalid
|
||||
%PARAM remote_header_rewrite_domain
|
||||
|
||||
<p> Append this domain name to incomplete message header addresses
|
||||
from remote clients; when this domain name is empty, don't rewrite
|
||||
remote message headers at all. Both stop Postfix from appending
|
||||
your own domain to addresses in spam from poorly written software.
|
||||
</p>
|
||||
<p> Don't rewrite message headers from remote clients at all when
|
||||
this parameter is empty; otherwise, rewrite remote message headers
|
||||
and append the specified domain name to incomplete addresses. </p>
|
||||
|
||||
<p> Examples: </p>
|
||||
|
||||
<p> The safe setting: append "domain.invalid" to incomplete header
|
||||
addresses from remote SMTP clients, so that those addresses cannot
|
||||
be confused with local addresses. </p>
|
||||
|
||||
<pre>
|
||||
remote_header_rewrite_domain = domain.invalid
|
||||
</pre>
|
||||
|
||||
<p> The default, purist, setting: don't rewrite headers from remote
|
||||
clients at all. </p>
|
||||
|
||||
<pre>
|
||||
remote_header_rewrite_domain =
|
||||
</pre>
|
||||
|
||||
%PARAM local_header_rewrite_clients see "postconf -d" output
|
||||
|
||||
<p> Append the domain name in $myorigin or $mydomain to incomplete
|
||||
message header addresses from these clients; append
|
||||
$remote_header_rewrite_domain for all other clients. </p>
|
||||
<p> Append the domain name in $myorigin or $mydomain to message
|
||||
header addresses from these clients only; either don't rewrite
|
||||
message headers from other clients at all, or append the domain
|
||||
specified with the remote_header_rewrite_domain parameter. </p>
|
||||
|
||||
<p> Specify a list of zero or more of the following: </p>
|
||||
|
||||
@ -7277,7 +7293,25 @@ for pop-before-smtp lookup tables. </dd>
|
||||
|
||||
<p> Examples: </p>
|
||||
|
||||
<p> The backwards compatible setting: always rewrite message headers,
|
||||
and always append my own domain to incomplete header addresses. </p>
|
||||
|
||||
<pre>
|
||||
local_header_rewrite_clients = static:all
|
||||
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated
|
||||
local_header_rewrite_clients = static:all
|
||||
</pre>
|
||||
|
||||
<p> The default setting: rewrite headers and append my own domain
|
||||
only with mail from local or authorized clients. </p>
|
||||
|
||||
<pre>
|
||||
local_header_rewrite_clients = permit_mynetworks,
|
||||
permit_sasl_authenticated permit_tls_clientcerts
|
||||
</pre>
|
||||
|
||||
<p> Include clients that are pop-before-smtp authenticated: </p>
|
||||
|
||||
<pre>
|
||||
local_header_rewrite_clients = permit_mynetworks,
|
||||
permit_sasl_authenticated permit_tls_clientcerts
|
||||
check_address_map hash:/etc/postfix/pop-before-smtp
|
||||
</pre>
|
||||
|
@ -193,6 +193,7 @@
|
||||
/* SEE ALSO
|
||||
/* smtpd(8), Postfix SMTP server
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* README FILES
|
||||
/* .ad
|
||||
/* .fi
|
||||
|
@ -107,6 +107,7 @@
|
||||
/* SEE ALSO
|
||||
/* qmgr(8), queue manager
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
|
@ -267,6 +267,7 @@
|
||||
/* canonical(5), canonical address lookup table format
|
||||
/* virtual(5), virtual alias lookup table format
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* README FILES
|
||||
|
@ -76,6 +76,7 @@
|
||||
/* bounce(8), delivery status reports
|
||||
/* error(8), Postfix error delivery agent
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
|
@ -85,6 +85,7 @@
|
||||
/* bounce(8), delivery status reports
|
||||
/* discard(8), Postfix discard delivery agent
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
|
@ -118,6 +118,7 @@
|
||||
/* smtpd(8), SMTP server
|
||||
/* qmgr(8), queue manager
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* README FILES
|
||||
|
@ -2092,7 +2092,7 @@ extern char *var_anvil_service;
|
||||
* What domain names to assume when no valid domain context exists.
|
||||
*/
|
||||
#define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain"
|
||||
#define DEF_REM_RWR_DOMAIN "domain.invalid"
|
||||
#define DEF_REM_RWR_DOMAIN ""
|
||||
extern char *var_remote_rwr_domain;
|
||||
|
||||
#define CHECK_ADDR_MAP "check_address_map"
|
||||
|
@ -20,7 +20,7 @@
|
||||
* Patches change the patchlevel and the release date. Snapshots change the
|
||||
* release date only.
|
||||
*/
|
||||
#define MAIL_RELEASE_DATE "20041021"
|
||||
#define MAIL_RELEASE_DATE "20041022"
|
||||
#define MAIL_VERSION_NUMBER "2.2"
|
||||
|
||||
#define VAR_MAIL_VERSION "mail_version"
|
||||
|
@ -157,9 +157,9 @@
|
||||
/* .IP "\fBlmtp_data_done_timeout (600s)\fR"
|
||||
/* The LMTP client time limit for sending the LMTP ".", and for
|
||||
/* receiving the server response.
|
||||
/* .IP "\fBlmtp_rset_timeout (120s)\fR"
|
||||
/* The LMTP client time limit for sending the RSET command, and for
|
||||
/* receiving the server response.
|
||||
/* .IP "\fBlmtp_rset_timeout (20s)\fR"
|
||||
/* The LMTP client time limit for sending the RSET command, and
|
||||
/* for receiving the server response.
|
||||
/* .IP "\fBlmtp_quit_timeout (300s)\fR"
|
||||
/* The LMTP client time limit for sending the QUIT command, and for
|
||||
/* receiving the server response.
|
||||
@ -200,6 +200,7 @@
|
||||
/* bounce(8), delivery status reports
|
||||
/* qmgr(8), queue manager
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* services(4), Internet services and aliases
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
|
@ -425,7 +425,7 @@ static int lmtp_loop(LMTP_STATE *state, NOCLOBBER int send_state,
|
||||
DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ?
|
||||
XFORWARD_UNAVAILABLE :
|
||||
strcmp(request->rewrite_context, REWRITE_LOCAL) ?
|
||||
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE);
|
||||
XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL );
|
||||
next_state = LMTP_STATE_MAIL;
|
||||
break;
|
||||
|
||||
|
@ -465,6 +465,7 @@
|
||||
/* postalias(1), create/update alias database
|
||||
/* aliases(5), format of alias database
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
/* .ad
|
||||
|
@ -249,6 +249,7 @@
|
||||
/* trivial-rewrite(8), address routing
|
||||
/* bounce(8), delivery status reports
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8) system logging
|
||||
/* README FILES
|
||||
|
@ -76,4 +76,5 @@ pickup.o: ../../include/record.h
|
||||
pickup.o: ../../include/rec_type.h
|
||||
pickup.o: ../../include/lex_822.h
|
||||
pickup.o: ../../include/input_transp.h
|
||||
pickup.o: ../../include/rewrite_clnt.h
|
||||
pickup.o: ../../include/mail_server.h
|
||||
|
@ -49,7 +49,7 @@
|
||||
/* it is queued.
|
||||
/* .IP "\fBreceive_override_options (empty)\fR"
|
||||
/* Enable or disable recipient validation, built-in content
|
||||
/* filtering, or address rewriting.
|
||||
/* filtering, or address mapping.
|
||||
/* MISCELLANEOUS CONTROLS
|
||||
/* .ad
|
||||
/* .fi
|
||||
@ -87,6 +87,7 @@
|
||||
/* sendmail(1), Sendmail-compatible interface
|
||||
/* postdrop(1), mail posting agent
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
@ -137,6 +138,7 @@
|
||||
#include <rec_type.h>
|
||||
#include <lex_822.h>
|
||||
#include <input_transp.h>
|
||||
#include <rewrite_clnt.h> /* XXX */
|
||||
|
||||
/* Single-threaded server skeleton. */
|
||||
|
||||
@ -292,6 +294,8 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup,
|
||||
*/
|
||||
rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_ORIGIN, MAIL_ATTR_ORG_LOCAL);
|
||||
rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_RWR_CTXT_NAME, REWRITE_LOCAL);
|
||||
|
||||
/*
|
||||
* Copy the message envelope segment. Allow only those records that we
|
||||
|
@ -275,6 +275,7 @@
|
||||
/* qmgr(8), queue manager
|
||||
/* bounce(8), delivery status reports
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* master(8), process manager
|
||||
/* syslogd(8), system logging
|
||||
/* LICENSE
|
||||
|
@ -106,6 +106,17 @@
|
||||
/* The process name of a Postfix command or daemon process.
|
||||
/* .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
|
||||
/* The lookup tables that the proxymap(8) server is allowed to access.
|
||||
/* SEE ALSO
|
||||
/* postconf(5), configuration parameters
|
||||
/* master(5), generic daemon options
|
||||
/* README FILES
|
||||
/* .ad
|
||||
/* .fi
|
||||
/* Use "\fBpostconf readme_directory\fR" or
|
||||
/* "\fBpostconf html_directory\fR" to locate this information.
|
||||
/* .na
|
||||
/* .nf
|
||||
/* DATABASE_README, Postfix lookup table overview
|
||||
/* LICENSE
|
||||
/* .ad
|
||||
/* .fi
|
||||
|
@ -527,7 +527,7 @@ int smtp_connect(SMTP_STATE *state)
|
||||
* high volume of mail in the active queue.
|
||||
*/
|
||||
if (cpp == sites->argv
|
||||
&& ((request->flags & DEL_REQ_FLAG_SCACHE) != 0
|
||||
&& ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0)
|
||||
|| (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) {
|
||||
sess_flags |= SMTP_SESS_FLAG_CACHE;
|
||||
SET_NEXTHOP_STATE(state, lookup_mx, domain, port);
|
||||
|
@ -646,7 +646,7 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
|
||||
DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ?
|
||||
XFORWARD_UNAVAILABLE :
|
||||
strcmp(request->rewrite_context, REWRITE_LOCAL) ?
|
||||
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE);
|
||||
XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL );
|
||||
next_state = SMTP_STATE_MAIL;
|
||||
break;
|
||||
|
||||
|
@ -95,13 +95,14 @@
|
||||
/* .PP
|
||||
/* Available in Postfix version 2.2 and later:
|
||||
/* .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR"
|
||||
/* Append the domain name in $myorigin or $mydomain to incomplete
|
||||
/* message header addresses from these clients; append
|
||||
/* $remote_header_rewrite_domain for all other clients.
|
||||
/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR"
|
||||
/* Append this domain name to incomplete message header addresses
|
||||
/* from remote clients; when this domain name is empty, don't rewrite
|
||||
/* remote message headers at all.
|
||||
/* Append the domain name in $myorigin or $mydomain to message
|
||||
/* header addresses from these clients only; either don't rewrite
|
||||
/* message headers from other clients at all, or append the domain
|
||||
/* specified with the remote_header_rewrite_domain parameter.
|
||||
/* .IP "\fBremote_header_rewrite_domain (empty)\fR"
|
||||
/* Don't rewrite message headers from remote clients at all when
|
||||
/* this parameter is empty; otherwise, rewrite remote message headers
|
||||
/* and append the specified domain name to incomplete addresses.
|
||||
/* AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
|
||||
/* .ad
|
||||
/* .fi
|
||||
@ -1073,21 +1074,21 @@ static void mail_open_stream(SMTPD_STATE *state)
|
||||
if (*var_filter_xport)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport);
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_RWR_CTXT_NAME, state->rewrite_context_name);
|
||||
}
|
||||
MAIL_ATTR_RWR_CTXT_NAME, FORWARD_DOMAIN(state));
|
||||
#ifdef USE_SASL_AUTH
|
||||
if (var_smtpd_sasl_enable) {
|
||||
if (state->sasl_method)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_METHOD, state->sasl_method);
|
||||
if (state->sasl_username)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_USERNAME, state->sasl_username);
|
||||
if (state->sasl_sender)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_SENDER, state->sasl_sender);
|
||||
}
|
||||
if (var_smtpd_sasl_enable) {
|
||||
if (state->sasl_method)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_METHOD, state->sasl_method);
|
||||
if (state->sasl_username)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_USERNAME, state->sasl_username);
|
||||
if (state->sasl_sender)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
MAIL_ATTR_SASL_SENDER, state->sasl_sender);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender);
|
||||
if (state->encoding != 0)
|
||||
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
|
||||
@ -1537,7 +1538,8 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
* we have a valid recipient address.
|
||||
*/
|
||||
if (state->proxy == 0 && state->cleanup == 0) {
|
||||
smtpd_check_rewrite(state);
|
||||
if (!SMTPD_STAND_ALONE(state))
|
||||
smtpd_check_rewrite(state);
|
||||
if (state->proxy_mail) {
|
||||
if (smtpd_proxy_open(state, var_smtpd_proxy_filt,
|
||||
var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo,
|
||||
@ -2383,13 +2385,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
|
||||
XFORWARD_DOMAIN, attr_value);
|
||||
return (-1);
|
||||
}
|
||||
if (state->rewrite_context_name
|
||||
&& strcmp(state->rewrite_context_name,
|
||||
context_name[context_code])) {
|
||||
myfree(state->rewrite_context_name);
|
||||
state->rewrite_context_name =
|
||||
mystrdup(context_name[context_code]);
|
||||
}
|
||||
UPDATE_STR(state->xforward.domain, context_name[context_code]);
|
||||
break;
|
||||
|
||||
/*
|
||||
|
@ -53,6 +53,7 @@ typedef struct {
|
||||
char *protocol; /* email protocol */
|
||||
char *helo_name; /* helo/ehlo parameter */
|
||||
char *ident; /* message identifier */
|
||||
char *domain; /* rewrite context */
|
||||
} SMTPD_XFORWARD_ATTR;
|
||||
|
||||
typedef struct SMTPD_STATE {
|
||||
@ -175,6 +176,7 @@ extern void smtpd_state_reset(SMTPD_STATE *);
|
||||
#define CLIENT_HELO_UNKNOWN 0
|
||||
#define CLIENT_PROTO_UNKNOWN CLIENT_ATTR_UNKNOWN
|
||||
#define CLIENT_IDENT_UNKNOWN 0
|
||||
#define CLIENT_DOMAIN_UNKNOWN 0
|
||||
|
||||
#define IS_AVAIL_CLIENT_ATTR(v) ((v) && strcmp((v), CLIENT_ATTR_UNKNOWN))
|
||||
|
||||
@ -184,6 +186,7 @@ extern void smtpd_state_reset(SMTPD_STATE *);
|
||||
#define IS_AVAIL_CLIENT_HELO(v) ((v) != 0)
|
||||
#define IS_AVAIL_CLIENT_PROTO(v) IS_AVAIL_CLIENT_ATTR(v)
|
||||
#define IS_AVAIL_CLIENT_IDENT(v) ((v) != 0)
|
||||
#define IS_AVAIL_CLIENT_DOMAIN(v) ((v) != 0)
|
||||
|
||||
/*
|
||||
* If running in stand-alone mode, do not try to talk to Postfix daemons but
|
||||
@ -230,16 +233,19 @@ extern void smtpd_peer_reset(SMTPD_STATE *state);
|
||||
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_CLIENT_MASK) ? \
|
||||
(s)->xforward.a : (s)->a)
|
||||
|
||||
#define FORWARD_IDENT_ATTR(s) \
|
||||
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \
|
||||
(s)->queue_id : (s)->ident)
|
||||
|
||||
#define FORWARD_ADDR(s) FORWARD_CLIENT_ATTR((s), addr)
|
||||
#define FORWARD_NAME(s) FORWARD_CLIENT_ATTR((s), name)
|
||||
#define FORWARD_NAMADDR(s) FORWARD_CLIENT_ATTR((s), namaddr)
|
||||
#define FORWARD_PROTO(s) FORWARD_CLIENT_ATTR((s), protocol)
|
||||
#define FORWARD_HELO(s) FORWARD_CLIENT_ATTR((s), helo_name)
|
||||
#define FORWARD_IDENT(s) FORWARD_IDENT_ATTR(s)
|
||||
|
||||
#define FORWARD_IDENT(s) \
|
||||
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \
|
||||
(s)->queue_id : (s)->ident)
|
||||
|
||||
#define FORWARD_DOMAIN(s) \
|
||||
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_DOMAIN) ? \
|
||||
(s)->xforward.domain : (s)->rewrite_context_name)
|
||||
|
||||
extern void smtpd_xforward_init(SMTPD_STATE *);
|
||||
extern void smtpd_xforward_preset(SMTPD_STATE *);
|
||||
|
@ -323,7 +323,6 @@ static int check_rcpt_maps(SMTPD_STATE *, const char *, const char *);
|
||||
#define SMTPD_NAME_RECIPIENT "Recipient address"
|
||||
#define SMTPD_NAME_ETRN "Etrn command"
|
||||
#define SMTPD_NAME_DATA "Data command"
|
||||
#define SMTPD_NAME_REWRITE "Local address rewriting"
|
||||
|
||||
/*
|
||||
* YASLM.
|
||||
@ -3397,8 +3396,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state)
|
||||
DICT *dict;
|
||||
|
||||
/*
|
||||
* We don't use generic_checks() because it produces results that
|
||||
* aren't applicable such as DEFER or REJECT.
|
||||
* We don't use generic_checks() because it produces results that aren't
|
||||
* applicable such as DEFER or REJECT.
|
||||
*/
|
||||
for (cpp = local_rewrite_clients->argv; *cpp != 0; cpp++) {
|
||||
if (msg_verbose)
|
||||
@ -3430,6 +3429,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state)
|
||||
continue;
|
||||
}
|
||||
if (status == SMTPD_CHECK_OK) {
|
||||
if (state->rewrite_context_name)
|
||||
myfree(state->rewrite_context_name);
|
||||
state->rewrite_context_name = mystrdup(REWRITE_LOCAL);
|
||||
return;
|
||||
}
|
||||
@ -4063,7 +4064,7 @@ char *var_def_rbl_reply;
|
||||
char *var_relay_rcpt_maps;
|
||||
char *var_verify_sender;
|
||||
char *var_smtpd_sasl_opts;
|
||||
char *var_remote_rwr_name;
|
||||
char *var_remote_rwr_domain;
|
||||
char *var_local_rwr_clients;
|
||||
|
||||
typedef struct {
|
||||
@ -4105,7 +4106,7 @@ static STRING_TABLE string_table[] = {
|
||||
VAR_VERIFY_SENDER, DEF_VERIFY_SENDER, &var_verify_sender,
|
||||
VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name,
|
||||
VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts,
|
||||
VAR_REM_RWR_NAME, DEF_REM_RWR_NAME, &var_remote_rwr_name,
|
||||
VAR_REM_RWR_DOMAIN, DEF_REM_RWR_DOMAIN, &var_remote_rwr_domain,
|
||||
VAR_LOC_RWR_CLIENTS, DEF_LOC_RWR_CLIENTS, &var_local_rwr_clients,
|
||||
0,
|
||||
};
|
||||
@ -4171,6 +4172,8 @@ int var_verify_poll_delay;
|
||||
int var_smtpd_policy_tmout;
|
||||
int var_smtpd_policy_idle;
|
||||
int var_smtpd_policy_ttl;
|
||||
int var_smtpd_rej_unl_from;
|
||||
int var_smtpd_rej_unl_rcpt;
|
||||
|
||||
static INT_TABLE int_table[] = {
|
||||
"msg_verbose", 0, &msg_verbose,
|
||||
@ -4195,6 +4198,8 @@ static INT_TABLE int_table[] = {
|
||||
VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code,
|
||||
VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table,
|
||||
VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count,
|
||||
VAR_SMTPD_REJ_UNL_FROM, DEF_SMTPD_REJ_UNL_FROM, &var_smtpd_rej_unl_from,
|
||||
VAR_SMTPD_REJ_UNL_RCPT, DEF_SMTPD_REJ_UNL_RCPT, &var_smtpd_rej_unl_rcpt,
|
||||
0,
|
||||
};
|
||||
|
||||
@ -4411,7 +4416,7 @@ int main(int argc, char **argv)
|
||||
string_init();
|
||||
int_init();
|
||||
smtpd_check_init();
|
||||
smtpd_state_init(&state, VSTREAM_IN);
|
||||
smtpd_state_init(&state, VSTREAM_IN, "smtpd");
|
||||
state.queue_id = "<queue id>";
|
||||
|
||||
/*
|
||||
@ -4589,11 +4594,17 @@ int main(int argc, char **argv)
|
||||
* Show commands.
|
||||
*/
|
||||
default:
|
||||
if (strcasecmp(args->argv[0], "check_rewrite") == 0) {
|
||||
smtpd_check_rewrite(&state);
|
||||
resp = state.rewrite_context_name;
|
||||
break;
|
||||
}
|
||||
resp = "Commands...\n\
|
||||
client <name> <address> [<code>]\n\
|
||||
helo <hostname>\n\
|
||||
sender <address>\n\
|
||||
recipient <address>\n\
|
||||
check_rewrite\n\
|
||||
msg_verbose <level>\n\
|
||||
client_restrictions <restrictions>\n\
|
||||
helo_restrictions <restrictions>\n\
|
||||
|
@ -123,7 +123,6 @@ OK
|
||||
>>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access
|
||||
OK
|
||||
>>> mail foo@pls.net.au
|
||||
./smtpd_check: warning: numeric domain name in resource data of MX record for pls.net.au: 203.3.110.241
|
||||
OK
|
||||
>>> #mail foo@verisign-wildcard.com
|
||||
>>> mail foo@verisign.com
|
||||
|
@ -340,7 +340,7 @@ int smtpd_proxy_open(SMTPD_STATE *state, const char *service,
|
||||
FORWARD_PROTO(state))))
|
||||
&& (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN)
|
||||
|| !(bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1,
|
||||
STREQ(state->rewrite_context_name, REWRITE_LOCAL) ?
|
||||
STREQ(FORWARD_DOMAIN(state), REWRITE_LOCAL) ?
|
||||
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE))))
|
||||
bad = smtpd_xforward_flush(state, buf);
|
||||
vstring_free(buf);
|
||||
|
@ -59,6 +59,7 @@ void smtpd_xforward_init(SMTPD_STATE *state)
|
||||
state->xforward.protocol = 0;
|
||||
state->xforward.helo_name = 0;
|
||||
state->xforward.ident = 0;
|
||||
state->xforward.domain = 0;
|
||||
}
|
||||
|
||||
/* smtpd_xforward_preset - set xforward attributes to "unknown" */
|
||||
@ -85,6 +86,7 @@ void smtpd_xforward_preset(SMTPD_STATE *state)
|
||||
/* Leave helo at zero. */
|
||||
state->xforward.protocol = mystrdup(CLIENT_PROTO_UNKNOWN);
|
||||
/* Leave ident at zero. */
|
||||
/* Leave domain context at zero. */
|
||||
}
|
||||
|
||||
/* smtpd_xforward_reset - reset XCLIENT attributes */
|
||||
@ -100,4 +102,5 @@ void smtpd_xforward_reset(SMTPD_STATE *state)
|
||||
FREE_AND_WIPE(state->xforward.protocol);
|
||||
FREE_AND_WIPE(state->xforward.helo_name);
|
||||
FREE_AND_WIPE(state->xforward.ident);
|
||||
FREE_AND_WIPE(state->xforward.domain);
|
||||
}
|
||||
|
@ -13,13 +13,12 @@
|
||||
/* address rewriting context:
|
||||
/* .RS
|
||||
/* .IP \fBlocal\fR
|
||||
/* .IP \fBnone\fR
|
||||
/* Append the domain names specified with \fB$myorigin\fR or
|
||||
/* \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR
|
||||
/* and \fBallow_percent_hack\fR processing as described below, and
|
||||
/* strip source routed addresses (\fI@site,@site:user@domain\fR)
|
||||
/* to \fIuser@domain\fR form.
|
||||
/* .IP \fBinvalid\fR
|
||||
/* .IP \fBremote\fR
|
||||
/* Append the domain name specified with
|
||||
/* \fB$remote_header_rewrite_domain\fR to incomplete
|
||||
/* addresses. Otherwise the result is identical to that of
|
||||
@ -107,10 +106,10 @@
|
||||
/* Enable the rewriting of "site!user" into "user@site".
|
||||
/* .PP
|
||||
/* Available in Postfix 2.2 and later:
|
||||
/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR"
|
||||
/* Append this domain to incomplete message header addresses from
|
||||
/* remote clients; when the domain is empty, don't rewrite remote message
|
||||
/* headers at all.
|
||||
/* .IP "\fBremote_header_rewrite_domain (empty)\fR"
|
||||
/* Don't rewrite message headers from remote clients at all when
|
||||
/* this parameter is empty; otherwise, rewrite remote message headers
|
||||
/* and append the specified domain name to incomplete addresses.
|
||||
/* ROUTING CONTROLS
|
||||
/* .ad
|
||||
/* .fi
|
||||
|
@ -167,6 +167,12 @@ static const char *dict_db_lookup(DICT *dict, const char *name)
|
||||
static VSTRING *buf;
|
||||
const char *result = 0;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_db_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
dict_errno = 0;
|
||||
memset(&db_key, 0, sizeof(db_key));
|
||||
memset(&db_value, 0, sizeof(db_value));
|
||||
@ -231,6 +237,12 @@ static void dict_db_update(DICT *dict, const char *name, const char *value)
|
||||
DBT db_value;
|
||||
int status;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_db_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
memset(&db_key, 0, sizeof(db_key));
|
||||
memset(&db_value, 0, sizeof(db_value));
|
||||
db_key.data = (void *) name;
|
||||
@ -302,6 +314,12 @@ static int dict_db_delete(DICT *dict, const char *name)
|
||||
int status = 1;
|
||||
int flags = 0;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_db_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
memset(&db_key, 0, sizeof(db_key));
|
||||
|
||||
/*
|
||||
|
@ -78,6 +78,12 @@ static const char *dict_dbm_lookup(DICT *dict, const char *name)
|
||||
static VSTRING *buf;
|
||||
const char *result = 0;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_dbm_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
dict_errno = 0;
|
||||
|
||||
/*
|
||||
@ -137,6 +143,12 @@ static void dict_dbm_update(DICT *dict, const char *name, const char *value)
|
||||
datum dbm_value;
|
||||
int status;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_dbm_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
dbm_key.dptr = (void *) name;
|
||||
dbm_value.dptr = (void *) value;
|
||||
dbm_key.dsize = strlen(name);
|
||||
@ -202,6 +214,12 @@ static int dict_dbm_delete(DICT *dict, const char *name)
|
||||
int status = 1;
|
||||
int flags = 0;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_dbm_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
/*
|
||||
* Acquire an exclusive lock.
|
||||
*/
|
||||
|
@ -143,6 +143,12 @@ static const char *dict_nis_lookup(DICT *dict, const char *key)
|
||||
int err;
|
||||
static VSTRING *buf;
|
||||
|
||||
/*
|
||||
* Sanity check.
|
||||
*/
|
||||
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
|
||||
msg_panic("dict_nis_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
|
||||
|
||||
dict_errno = 0;
|
||||
if (dict_nis_domain == dict_nis_disabled)
|
||||
return (0);
|
||||
|
@ -119,10 +119,11 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
|
||||
DICT_NISPLUS *dict_nisplus = (DICT_NISPLUS *) dict;
|
||||
static VSTRING *quoted_key;
|
||||
static VSTRING *query;
|
||||
static VSTRING *reply;
|
||||
nis_result *nis_alias;
|
||||
static VSTRING *retval;
|
||||
nis_result *reply;
|
||||
int count;
|
||||
const char *cp;
|
||||
int last_col;
|
||||
int ch;
|
||||
|
||||
/*
|
||||
@ -131,7 +132,7 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
|
||||
dict_errno = 0;
|
||||
if (quoted_key == 0) {
|
||||
query = vstring_alloc(100);
|
||||
reply = vstring_alloc(100);
|
||||
retval = vstring_alloc(100);
|
||||
quoted_key = vstring_alloc(100);
|
||||
}
|
||||
|
||||
@ -168,29 +169,35 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
|
||||
* addresses (in envelopes or in headers) have a finite length.
|
||||
*/
|
||||
vstring_sprintf(query, dict_nisplus->template, STR(quoted_key));
|
||||
nis_alias = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL);
|
||||
reply = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL);
|
||||
|
||||
/*
|
||||
* When lookup succeeds, the result may be unusable because it is
|
||||
* ambiguous.
|
||||
* When lookup succeeds, the result may be ambiguous, or the requested
|
||||
* column may not exist.
|
||||
*/
|
||||
if (nis_alias->status == NIS_SUCCESS) {
|
||||
if ((count = NIS_RES_NUMOBJ(nis_alias)) != 1) {
|
||||
if (reply->status == NIS_SUCCESS) {
|
||||
if ((count = NIS_RES_NUMOBJ(reply)) != 1) {
|
||||
msg_warn("ambiguous match (%d results) for %s in NIS+ map %s:"
|
||||
" ignoring this request",
|
||||
count, key, dict_nisplus->dict.name);
|
||||
nis_freeresult(nis_alias);
|
||||
nis_freeresult(reply);
|
||||
return (0);
|
||||
} else {
|
||||
vstring_strcpy(reply,
|
||||
NIS_RES_OBJECT(nis_alias)->zo_data.objdata_u
|
||||
last_col = NIS_RES_OBJECT(reply)->zo_data
|
||||
.objdata_u.en_data.en_cols.en_cols_len - 1;
|
||||
if (dict_nisplus->column > last_col)
|
||||
msg_fatal("requested column %d > max column %d in table %s",
|
||||
dict_nisplus->column, last_col,
|
||||
dict_nisplus->dict.name);
|
||||
vstring_strcpy(retval,
|
||||
NIS_RES_OBJECT(reply)->zo_data.objdata_u
|
||||
.en_data.en_cols.en_cols_val[dict_nisplus->column]
|
||||
.ec_value.ec_value_val);
|
||||
if (msg_verbose)
|
||||
msg_info("%s: %s, column %d -> %s", myname, STR(query),
|
||||
dict_nisplus->column, STR(reply));
|
||||
nis_freeresult(nis_alias);
|
||||
return (STR(reply));
|
||||
dict_nisplus->column, STR(retval));
|
||||
nis_freeresult(reply);
|
||||
return (STR(retval));
|
||||
}
|
||||
}
|
||||
|
||||
@ -200,14 +207,17 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
|
||||
* the problem and fix it.
|
||||
*/
|
||||
else {
|
||||
if (nis_alias->status != NIS_NOTFOUND
|
||||
&& nis_alias->status != NIS_PARTIAL) {
|
||||
if (reply->status != NIS_NOTFOUND
|
||||
&& reply->status != NIS_PARTIAL) {
|
||||
msg_warn("lookup %s, NIS+ map %s: %s",
|
||||
key, dict_nisplus->dict.name,
|
||||
nis_sperrno(nis_alias->status));
|
||||
nis_sperrno(reply->status));
|
||||
dict_errno = DICT_ERR_RETRY;
|
||||
} else {
|
||||
if (msg_verbose)
|
||||
msg_info("%s: not found: query %s", myname, STR(query));
|
||||
}
|
||||
nis_freeresult(nis_alias);
|
||||
nis_freeresult(reply);
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
|
@ -296,6 +296,7 @@ extern int opterr;
|
||||
#define DEF_DB_TYPE "dbm"
|
||||
#define ALIAS_DB_MAP "dbm:/etc/mail/aliases"
|
||||
#define HAS_NIS
|
||||
#define HAS_NISPLUS
|
||||
#define USE_SYS_SOCKIO_H /* Solaris 2.5, changed sys/ioctl.h */
|
||||
#define GETTIMEOFDAY(t) gettimeofday(t)
|
||||
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb"
|
||||
|
Loading…
x
Reference in New Issue
Block a user