From d9f316cf24bef0c6d73bf51f56895f6dd35dbe3f Mon Sep 17 00:00:00 2001 From: Wietse Venema Date: Fri, 22 Oct 2004 00:00:00 -0500 Subject: [PATCH] postfix-2.2-20041022 --- postfix/HISTORY | 41 +- postfix/README_FILES/ADDRESS_REWRITING_README | 30 +- postfix/RELEASE_NOTES | 65 ++- postfix/html/ADDRESS_REWRITING_README.html | 29 +- postfix/html/anvil.8.html | 1 + postfix/html/bounce.8.html | 1 + postfix/html/cleanup.8.html | 1 + postfix/html/discard.8.html | 1 + postfix/html/error.8.html | 1 + postfix/html/flush.8.html | 1 + postfix/html/lmtp.8.html | 3 +- postfix/html/local.8.html | 1 + postfix/html/oqmgr.8.html | 1 + postfix/html/pickup.8.html | 3 +- postfix/html/pipe.8.html | 1 + postfix/html/postconf.5.html | 56 ++- postfix/html/proxymap.8.html | 13 +- postfix/html/smtpd.8.html | 399 +++++++++--------- postfix/html/trivial-rewrite.8.html | 16 +- postfix/man/man5/postconf.5 | 71 +++- postfix/man/man8/anvil.8 | 1 + postfix/man/man8/bounce.8 | 1 + postfix/man/man8/cleanup.8 | 1 + postfix/man/man8/discard.8 | 1 + postfix/man/man8/error.8 | 1 + postfix/man/man8/flush.8 | 1 + postfix/man/man8/lmtp.8 | 7 +- postfix/man/man8/local.8 | 1 + postfix/man/man8/oqmgr.8 | 1 + postfix/man/man8/pickup.8 | 3 +- postfix/man/man8/pipe.8 | 1 + postfix/man/man8/proxymap.8 | 15 + postfix/man/man8/smtpd.8 | 15 +- postfix/man/man8/trivial-rewrite.8 | 11 +- postfix/proto/ADDRESS_REWRITING_README.html | 29 +- postfix/proto/postconf.proto | 56 ++- postfix/src/anvil/anvil.c | 1 + postfix/src/bounce/bounce.c | 1 + postfix/src/cleanup/cleanup.c | 1 + postfix/src/discard/discard.c | 1 + postfix/src/error/error.c | 1 + postfix/src/flush/flush.c | 1 + postfix/src/global/mail_params.h | 2 +- postfix/src/global/mail_version.h | 2 +- postfix/src/lmtp/lmtp.c | 7 +- postfix/src/lmtp/lmtp_proto.c | 2 +- postfix/src/local/local.c | 1 + postfix/src/oqmgr/qmgr.c | 1 + postfix/src/pickup/Makefile.in | 1 + postfix/src/pickup/pickup.c | 6 +- postfix/src/pipe/pipe.c | 1 + postfix/src/proxymap/proxymap.c | 11 + postfix/src/smtp/smtp_connect.c | 2 +- postfix/src/smtp/smtp_proto.c | 2 +- postfix/src/smtpd/smtpd.c | 52 ++- postfix/src/smtpd/smtpd.h | 16 +- postfix/src/smtpd/smtpd_check.c | 23 +- postfix/src/smtpd/smtpd_exp.ref | 1 - postfix/src/smtpd/smtpd_proxy.c | 2 +- postfix/src/smtpd/smtpd_xforward.c | 3 + postfix/src/trivial-rewrite/trivial-rewrite.c | 11 +- postfix/src/util/dict_db.c | 18 + postfix/src/util/dict_dbm.c | 18 + postfix/src/util/dict_nis.c | 6 + postfix/src/util/dict_nisplus.c | 46 +- postfix/src/util/sys_defs.h | 1 + 66 files changed, 725 insertions(+), 396 deletions(-) diff --git a/postfix/HISTORY b/postfix/HISTORY index cf842ac64..96384d9f7 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -9776,27 +9776,22 @@ Apologies for any names omitted. 20041014-21 - By default, Postfix no longer appends the local domain to - incomplete message header addresses from remote clients. - Thus, spam from badly written software no longer looks like - it came from a local user. - - Instead, Postfix either does not rewrite headers from remote - clients at all, or it appends the domain name that is - specified with the new invalid_rewrite_context_domain + Postfix no longer appends the local domain to header + addresses from remote clients. Instead, Postfix either + does not rewrite those headers at all, or it appends the + domain specified with the new remote_header_rewrite_domain parameter. Postfix still appends $@myorigin or .$mydomain to headers - in mail from Postfix sendmail, from clients listed with - the local_rewrite_context_clients parameter (default: + from the Postfix sendmail command, or from clients listed + with the new local_header_rewrite_clients parameter (default: permit_mynetworks, permit_sasl_authenticated). - The context specified with remote_rewrite_context_name is - used for all other clients. The default setting is backwards - compatible to avoid surprises. +20041016 - Postfix still appends $@myorigin or .$mydomain when rewriting - incomplete envelope addresses. + Bugfix: attr_clnt_request() did not properly skip hash + table arguments. Luc Pardon, Skopos Consulting. File: + util/attr_clnt.c. 20041018 @@ -9807,18 +9802,21 @@ Apologies for any names omitted. Support for Errors-To: is permanently removed. -Open problems: +20041022 - High: document master(5) for generic daemon options. + Bugfix: "smtp_connection_cache_on_demand=no" could crash + the SMTP client. File: smtp/smtp_connect.c. + + Robustness: extra sanity checks. Files: util/dict_db.c, + util/dict_dbm.c. + +Open problems: Low: reject HELO with any domain name that this MTA is final destination for. Low: should the Delivered-To: test in local(8) be configurable? - Low: append a different domain (like, address.invalid) for - mail from clients not in mynetworks. - Low: document propagate_unmatched_extensions in aliases(5) etc. @@ -9849,9 +9847,6 @@ Open problems: all MXes return a quick ECONNRESET or 4xx reply during the initial handshake. - Low: add msg_panic() guard to ensure that at least one of - DICT_FLAG_TRY1NULL or DICT_FLAG_TRY1NULL is set upon lookup. - Low: make post-install a "postfix-only script" so it can take data from the environment instead of main.cf. diff --git a/postfix/README_FILES/ADDRESS_REWRITING_README b/postfix/README_FILES/ADDRESS_REWRITING_README index b9b638080..502891cc1 100644 --- a/postfix/README_FILES/ADDRESS_REWRITING_README +++ b/postfix/README_FILES/ADDRESS_REWRITING_README @@ -166,6 +166,12 @@ table, it first rewrites the address to the standard rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the number of entries needed in lookup tables. +Postfix versions 2.2 and later do not rewrite message headers from remote SMTP +clients at all, unless a non-empty domain name is specified with the +remote_header_rewrite_domain configuration parameter. The +local_header_rewrite_clients parameter controls what SMTP clients Postfix +considers local. + The Postfix trivial-rewrite(8) daemon implements the following hard-coded address manipulations: @@ -193,6 +199,10 @@ address manipulations: of Postfix components expect that all addresses have the form "user@domain". + Postfix versions 2.2 and later do not rewrite message headers from + remote SMTP clients at all, or they append the domain name specified + with the remote_header_rewrite_domain configuration parameter. + If your machine is not the main machine for $myorigin and you wish to have some users delivered locally without going via that main machine, make an entry in the virtual alias table that redirects @@ -204,8 +214,12 @@ address manipulations: (default: yes). The purpose is to get consistent treatment of different forms of the same hostname. - Some will argue that rewriting "host" to "host.$mydomain" is bad. That - is why it can be turned off. Others like the convenience of having the + Postfix versions 2.2 and later do not rewrite message headers from + remote clients at all, or they append the domain name specified with + the remote_header_rewrite_domain configuration parameter. + + Some will argue that rewriting "host" to "host.domain" is bad. That is + why it can be turned off. Others like the convenience of having the local domain appended automatically. Rewrite "user@site." to "user@site" (without the trailing dot). @@ -219,6 +233,12 @@ message envelopes and in message headers. By default all header and envelope addresses are rewritten; this is controlled with the canonical_classes configuration parameter. +Postfix versions 2.2 and later do not rewrite message headers from remote +clients at all, unless a non-empty domain name is specified with the +remote_header_rewrite_domain configuration parameter. The +local_header_rewrite_clients parameter controls what SMTP clients Postfix +considers local. + Address rewriting is done for local and remote addresses. The mapping is useful to replace login names by "Firstname.Lastname" style addresses, or to clean up invalid domains in mail addresses produced by legacy mail systems. @@ -277,6 +297,12 @@ Address masquerading is a method to hide hosts inside a domain behind their mail gateway, and to make it appear as if the mail comes from the gateway itself, instead of from individual machines. +Postfix versions 2.2 and later do not rewrite message headers from remote SMTP +clients at all, unless a non-empty domain name is specified with the +remote_header_rewrite_domain configuration parameter. The +local_header_rewrite_clients parameter controls what SMTP clients Postfix +considers local. + Address masquerading is disabled by default, and is implemented by the cleanup (8) server. To enable, edit the masquerade_domains parameter in the main.cf file and specify one or more domain names separated by whitespace or commas. diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 26b78eade..07d1948d1 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -7,54 +7,53 @@ snapshot release). Patches are issued for the official release and change the patchlevel and the release date. Patches are never issued for snapshot releases. -Incompatible changes with snapshot Postfix-2.2-20041019 +Incompatible changes with snapshot Postfix-2.2-20041022 ======================================================= -You must reload or restart Postfix, because the protocol between -queue manager and delivery agents has changed. If you forget this, -mail will remain queued until you restart/reload Postfix. +You must reload or stop/start Postfix, because the queue manager +to delivery agent protocol has changed. If you forget this, mail +will remain queued until the queue manager is restarted. -Support for return addresses in the non-standard Errors-To: message -headers is removed. It was already disabled by default with Postfix -version 2.1. Since it is non-standard, there was no guarantee that -it would have effect on other MTAs. +Support for the non-standard Errors-To: return addresses is removed. +It was already disabled by default with Postfix version 2.1. Since +Errors-To: is non-standard, there was no guarantee that it would +have effect with other MTAs. -Major changes with snapshot Postfix-2.2-20041019 +Major changes with snapshot Postfix-2.2-20041022 ================================================ The NIS+ client by Geoff Gibbs is now part of the Postfix source tree. Details are given in the nisplus_table(5) manual page. -Message header address rewriting contexts. These control what -domains are appended to incomplete addresses in message headers, -and whether headers are rewritten at all. +By default, Postfix no longer appends the local domain to addresses +in message headers from remote clients. Thus, spam from poorly +written software no longer looks like it came from a local user. -- "local": Append the domain names in myorigin or mydomain to - incomplete addresses in message headers. +Postfix either does not rewrite remote message headers at all, or +it rewrites headers and appends the domain name that is specified +with the remote_header_rewrite_domain parameter (like "domain.invalid"). -- "invalid": append "domain.invalid" (or whatever is specified - with the invalid_header_rewrite_context_domain parameter) to - incomplete addresses in message headers, +To get the behavior of earlier Postfix versions specify -- "none": disable header address rewriting (don't even do canonical - mapping or address masquerading). +/etc/postfix/main.cf: + local_header_rewrite_clients = static:all -The "local" address rewriting context is used for mail submitted -with the Postfix sendmail command, for mail from clients that match -$local_header_rewrite_context_clients (default: $mynetworks), and -for mail from SASL authenticated clients. It is not automatically -used for pop-before-smtp clients; you'll have to specify their -lookup table via the local_header_rewrite_context_clients parameter. +Postfix always appends local domain information in message headers +from Postfix sendmail and from local clients. -The smtpd_remote_header_rewrite_context parameter specifies the -address rewriting context for remote mail. The backwards compatible -default is "local". Purists will specify "none", so that Postfix -does not modify headers (not even with canonical mappings or address -masquerading). +By default, Postfix considers a client local when its address +matches mynetworks, or when it is SASL or TLS authenticated. If +you want to include a pop-before-smtp table, then you have to +specify that via the new local_header_rewrite_clients parameter: -Postix always uses the "local" context for envelope addresses, -because an unqualified address is effectively local when someone -attempts to reply to it. +/etc/postfix/main.cf: + local_header_rewrite_clients = permit_mynetworks, + permit_sasl_authenticated, permit_tls_clientcerts, + check_address_map hash:/etc/postfix/pop-before-smtp + +As before, Postfix appends local domain information to envelope +addresses, because an unqualified address is effectively local when +someone attempts to reply to it. Incompatible changes with snapshot Postfix-2.2-20041009 ======================================================= diff --git a/postfix/html/ADDRESS_REWRITING_README.html b/postfix/html/ADDRESS_REWRITING_README.html index e9e5e5515..ece7cac24 100644 --- a/postfix/html/ADDRESS_REWRITING_README.html +++ b/postfix/html/ADDRESS_REWRITING_README.html @@ -339,6 +339,12 @@ mapping lookup table, it first rewrites the address to the standard form is to reduce the number of entries needed in lookup tables.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

The Postfix trivial-rewrite(8) daemon implements the following hard-coded address manipulations:

@@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature, because a lot of Postfix components expect that all addresses have the form "user@domain".

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, or they append the domain name +specified with the remote_header_rewrite_domain configuration +parameter.

+

If your machine is not the main machine for $myorigin and you wish to have some users delivered locally without going via that main machine, make an entry in the virtual @@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$mydomain -

Some will argue that rewriting "host" to "host.$mydomain" +

Postfix versions 2.2 and later do not rewrite message headers +from remote clients at all, or they append the domain name specified +with the remote_header_rewrite_domain configuration parameter.

+ +

Some will argue that rewriting "host" to "host.domain" is bad. That is why it can be turned off. Others like the convenience of having the local domain appended automatically.

@@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default all header and envelope addresses are rewritten; this is controlled with the canonical_classes configuration parameter.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

Address rewriting is done for local and remote addresses. The mapping is useful to replace login names by "Firstname.Lastname" style addresses, or to @@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail comes from the gateway itself, instead of from individual machines.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

Address masquerading is disabled by default, and is implemented by the cleanup(8) server. To enable, edit the masquerade_domains parameter in the main.cf file and specify one or more domain names diff --git a/postfix/html/anvil.8.html b/postfix/html/anvil.8.html index b214680ae..4446dce87 100644 --- a/postfix/html/anvil.8.html +++ b/postfix/html/anvil.8.html @@ -196,6 +196,7 @@ ANVIL(8) ANVIL(8) SEE ALSO smtpd(8), Postfix SMTP server postconf(5), configuration parameters + master(5), generic daemon options README FILES TUNING_README, performance tuning diff --git a/postfix/html/bounce.8.html b/postfix/html/bounce.8.html index 8d1e23b93..91c72787f 100644 --- a/postfix/html/bounce.8.html +++ b/postfix/html/bounce.8.html @@ -147,6 +147,7 @@ BOUNCE(8) BOUNCE(8) SEE ALSO qmgr(8), queue manager postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html index f45cc39ff..ad3718215 100644 --- a/postfix/html/cleanup.8.html +++ b/postfix/html/cleanup.8.html @@ -363,6 +363,7 @@ CLEANUP(8) CLEANUP(8) canonical(5), canonical address lookup table format virtual(5), virtual alias lookup table format postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/discard.8.html b/postfix/html/discard.8.html index 3cf8db671..fe54b33bc 100644 --- a/postfix/html/discard.8.html +++ b/postfix/html/discard.8.html @@ -104,6 +104,7 @@ DISCARD(8) DISCARD(8) bounce(8), delivery status reports error(8), Postfix error delivery agent postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/error.8.html b/postfix/html/error.8.html index e66fa3b39..50b5fd231 100644 --- a/postfix/html/error.8.html +++ b/postfix/html/error.8.html @@ -118,6 +118,7 @@ ERROR(8) ERROR(8) bounce(8), delivery status reports discard(8), Postfix discard delivery agent postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/flush.8.html b/postfix/html/flush.8.html index aee26b667..b353ac1f2 100644 --- a/postfix/html/flush.8.html +++ b/postfix/html/flush.8.html @@ -157,6 +157,7 @@ FLUSH(8) FLUSH(8) smtpd(8), SMTP server qmgr(8), queue manager postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/lmtp.8.html b/postfix/html/lmtp.8.html index ed5795446..8045dc0b7 100644 --- a/postfix/html/lmtp.8.html +++ b/postfix/html/lmtp.8.html @@ -197,7 +197,7 @@ LMTP(8) LMTP(8) The LMTP client time limit for sending the LMTP ".", and for receiving the server response. - lmtp_rset_timeout (120s) + lmtp_rset_timeout (20s) The LMTP client time limit for sending the RSET command, and for receiving the server response. @@ -260,6 +260,7 @@ LMTP(8) LMTP(8) bounce(8), delivery status reports qmgr(8), queue manager postconf(5), configuration parameters + master(5), generic daemon options services(4), Internet services and aliases master(8), process manager syslogd(8), system logging diff --git a/postfix/html/local.8.html b/postfix/html/local.8.html index aaf1769c9..0bd88a80a 100644 --- a/postfix/html/local.8.html +++ b/postfix/html/local.8.html @@ -526,6 +526,7 @@ LOCAL(8) LOCAL(8) postalias(1), create/update alias database aliases(5), format of alias database postconf(5), configuration parameters + master(5), generic daemon options syslogd(8), system logging LICENSE diff --git a/postfix/html/oqmgr.8.html b/postfix/html/oqmgr.8.html index 9849bd95b..5cb185143 100644 --- a/postfix/html/oqmgr.8.html +++ b/postfix/html/oqmgr.8.html @@ -312,6 +312,7 @@ OQMGR(8) OQMGR(8) trivial-rewrite(8), address routing bounce(8), delivery status reports postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8) system logging diff --git a/postfix/html/pickup.8.html b/postfix/html/pickup.8.html index 7688047f4..76d623da0 100644 --- a/postfix/html/pickup.8.html +++ b/postfix/html/pickup.8.html @@ -58,7 +58,7 @@ PICKUP(8) PICKUP(8) receive_override_options (empty) Enable or disable recipient validation, built-in - content filtering, or address rewriting. + content filtering, or address mapping. MISCELLANEOUS CONTROLS config_directory (see 'postconf -d' output) @@ -113,6 +113,7 @@ PICKUP(8) PICKUP(8) sendmail(1), Sendmail-compatible interface postdrop(1), mail posting agent postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/pipe.8.html b/postfix/html/pipe.8.html index 2f9795c15..13a4166c7 100644 --- a/postfix/html/pipe.8.html +++ b/postfix/html/pipe.8.html @@ -350,6 +350,7 @@ PIPE(8) PIPE(8) qmgr(8), queue manager bounce(8), delivery status reports postconf(5), configuration parameters + master(5), generic daemon options master(8), process manager syslogd(8), system logging diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html index 3c8f5d415..d19f324b8 100644 --- a/postfix/html/postconf.5.html +++ b/postfix/html/postconf.5.html @@ -3075,9 +3075,10 @@ into concurrency per domain.

local_header_rewrite_clients (default: see "postconf -d" output)
-

Append the domain name in $myorigin or $mydomain to incomplete -message header addresses from these clients; append -$remote_header_rewrite_domain for all other clients.

+

Append the domain name in $myorigin or $mydomain to message +header addresses from these clients only; either don't rewrite +message headers from other clients at all, or append the domain +specified with the remote_header_rewrite_domain parameter.

Specify a list of zero or more of the following:

@@ -3124,9 +3125,27 @@ for pop-before-smtp lookup tables.

Examples:

+

The backwards compatible setting: always rewrite message headers, +and always append my own domain to incomplete header addresses.

+ 
-local_header_rewrite_clients = static:all
-local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated
+    local_header_rewrite_clients = static:all
+
+ +

The default setting: rewrite headers and append my own domain +only with mail from local or authorized clients.

+ +
+    local_header_rewrite_clients = permit_mynetworks,
+        permit_sasl_authenticated permit_tls_clientcerts
+
+ +

Include clients that are pop-before-smtp authenticated:

+ +
+    local_header_rewrite_clients = permit_mynetworks,
+        permit_sasl_authenticated permit_tls_clientcerts
+        check_address_map hash:/etc/postfix/pop-before-smtp
@@ -5046,13 +5065,28 @@ Examples:
remote_header_rewrite_domain -(default: domain.invalid)
+(default: empty)
-

Append this domain name to incomplete message header addresses -from remote clients; when this domain name is empty, don't rewrite -remote message headers at all. Both stop Postfix from appending -your own domain to addresses in spam from poorly written software. -

+

Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite remote message headers +and append the specified domain name to incomplete addresses.

+ +

Examples:

+ +

The safe setting: append "domain.invalid" to incomplete header +addresses from remote SMTP clients, so that those addresses cannot +be confused with local addresses.

+ +
+    remote_header_rewrite_domain = domain.invalid
+
+ +

The default, purist, setting: don't rewrite headers from remote +clients at all.

+ +
+    remote_header_rewrite_domain =
+
diff --git a/postfix/html/proxymap.8.html b/postfix/html/proxymap.8.html index 6d5afdc93..2a5f6f486 100644 --- a/postfix/html/proxymap.8.html +++ b/postfix/html/proxymap.8.html @@ -88,8 +88,8 @@ PROXYMAP(8) PROXYMAP(8) latency lookups. CONFIGURATION PARAMETERS - On busy mail systems a long time may pass before prox- - ymap(8) relevant changes to main.cf are picked up. Use the + On busy mail systems a long time may pass before prox- + ymap(8) relevant changes to main.cf are picked up. Use the command "postfix reload" to speed up a change. The text below provides only a parameter summary. See @@ -129,8 +129,15 @@ PROXYMAP(8) PROXYMAP(8) The lookup tables that the proxymap(8) server is allowed to access. +SEE ALSO + postconf(5), configuration parameters + master(5), generic daemon options + +README FILES + DATABASE_README, Postfix lookup table overview + LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. HISTORY diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index 2621c1efc..5eaa0d80f 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -112,37 +112,38 @@ SMTPD(8) SMTPD(8) local_header_rewrite_clients (see 'postconf -d' output) Append the domain name in $myorigin or $mydomain to - incomplete message header addresses from these - clients; append $remote_header_rewrite_domain for - all other clients. + message header addresses from these clients only; + either don't rewrite message headers from other + clients at all, or append the domain specified with + the remote_header_rewrite_domain parameter. - remote_header_rewrite_domain (domain.invalid) - Append this domain name to incomplete message - header addresses from remote clients; when this - domain name is empty, don't rewrite remote message - headers at all. + remote_header_rewrite_domain (empty) + Don't rewrite message headers from remote clients + at all when this parameter is empty; otherwise, + rewrite remote message headers and append the spec- + ified domain name to incomplete addresses. AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS - As of version 1.0, Postfix can be configured to send new - mail to an external content filter AFTER the mail is - queued. This content filter is expected to inject mail - back into a (Postfix or other) MTA for further delivery. + As of version 1.0, Postfix can be configured to send new + mail to an external content filter AFTER the mail is + queued. This content filter is expected to inject mail + back into a (Postfix or other) MTA for further delivery. See the FILTER_README document for details. content_filter (empty) - The name of a mail delivery transport that filters + The name of a mail delivery transport that filters mail after it is queued. BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS - As of version 2.1, the Postfix SMTP server can be config- - ured to send incoming mail to a real-time SMTP-based con- + As of version 2.1, the Postfix SMTP server can be config- + ured to send incoming mail to a real-time SMTP-based con- tent filter BEFORE mail is queued. This content filter is - expected to inject mail back into Postfix. See the - SMTPD_PROXY_README document for details on how to config- + expected to inject mail back into Postfix. See the + SMTPD_PROXY_README document for details on how to config- ure and operate this feature. smtpd_proxy_filter (empty) - The hostname and TCP port of the mail filtering + The hostname and TCP port of the mail filtering proxy server. smtpd_proxy_ehlo ($myhostname) @@ -154,42 +155,42 @@ SMTPD(8) SMTPD(8) for sending or receiving information. GENERAL CONTENT INSPECTION CONTROLS - The following parameters are applicable for both built-in + The following parameters are applicable for both built-in and external content filters. Available in Postfix version 2.1 and later: receive_override_options (empty) - Enable or disable recipient validation, built-in + Enable or disable recipient validation, built-in content filtering, or address mapping. EXTERNAL CONTENT INSPECTION CONTROLS - The following parameters are applicable for both before- + The following parameters are applicable for both before- queue and after-queue content filtering. Available in Postfix version 2.1 and later: smtpd_authorized_xforward_hosts (empty) - What SMTP clients are allowed to use the XFORWARD + What SMTP clients are allowed to use the XFORWARD feature. SASL AUTHENTICATION CONTROLS - Postfix SASL support (RFC 2554) can be used to authenti- - cate remote SMTP clients to the Postfix SMTP server, and - to authenticate the Postfix SMTP client to a remote SMTP + Postfix SASL support (RFC 2554) can be used to authenti- + cate remote SMTP clients to the Postfix SMTP server, and + to authenticate the Postfix SMTP client to a remote SMTP server. See the SASL_README document for details. broken_sasl_auth_clients (no) - Enable inter-operability with SMTP clients that - implement an obsolete version of the AUTH command + Enable inter-operability with SMTP clients that + implement an obsolete version of the AUTH command (RFC 2554). smtpd_sasl_auth_enable (no) - Enable SASL authentication in the Postfix SMTP + Enable SASL authentication in the Postfix SMTP server. smtpd_sasl_application_name (smtpd) - The application name used for SASL server initial- + The application name used for SASL server initial- ization. smtpd_sasl_local_domain (empty) @@ -200,69 +201,69 @@ SMTPD(8) SMTPD(8) SMTP server will offer to the client. smtpd_sender_login_maps (empty) - Optional lookup table with the SASL login names + Optional lookup table with the SASL login names that own sender (MAIL FROM) addresses. Available in Postfix version 2.1 and later: smtpd_sasl_exceptions_networks (empty) - What SMTP clients Postfix will not offer AUTH sup- + What SMTP clients Postfix will not offer AUTH sup- port to. VERP SUPPORT CONTROLS - With VERP style delivery, each recipient of a message + With VERP style delivery, each recipient of a message receives a customized copy of the message with his/her own - recipient address encoded in the envelope sender address. + recipient address encoded in the envelope sender address. The VERP_README file describes configuration and operation - details of Postfix support for variable envelope return + details of Postfix support for variable envelope return path addresses. VERP style delivery is requested with the - SMTP XVERP command or with the "sendmail -V" command-line - option and is available in Postfix version 1.1 and later. + SMTP XVERP command or with the "sendmail -V" command-line + option and is available in Postfix version 1.1 and later. default_verp_delimiters (+=) The two default VERP delimiter characters. verp_delimiter_filter (-=+) - The characters Postfix accepts as VERP delimiter - characters on the Postfix sendmail(1) command line + The characters Postfix accepts as VERP delimiter + characters on the Postfix sendmail(1) command line and in SMTP commands. Available in Postfix version 1.1 and 2.0: authorized_verp_clients ($mynetworks) - What SMTP clients are allowed to specify the XVERP + What SMTP clients are allowed to specify the XVERP command. Available in Postfix version 2.1 and later: smtpd_authorized_verp_clients ($authorized_verp_clients) - What SMTP clients are allowed to specify the XVERP + What SMTP clients are allowed to specify the XVERP command. TROUBLE SHOOTING CONTROLS - The DEBUG_README document describes how to debug parts of - the Postfix mail system. The methods vary from making the - software log a lot of detail, to running some daemon pro- + The DEBUG_README document describes how to debug parts of + the Postfix mail system. The methods vary from making the + software log a lot of detail, to running some daemon pro- cesses under control of a call tracer or debugger. debug_peer_level (2) - The increment in verbose logging level when a - remote client or server matches a pattern in the + The increment in verbose logging level when a + remote client or server matches a pattern in the debug_peer_list parameter. debug_peer_list (empty) - Optional list of remote client or server hostname - or network address patterns that cause the verbose - logging level to increase by the amount specified + Optional list of remote client or server hostname + or network address patterns that cause the verbose + logging level to increase by the amount specified in $debug_peer_level. error_notice_recipient (postmaster) - The recipient of postmaster notifications about - mail delivery problems that are caused by policy, + The recipient of postmaster notifications about + mail delivery problems that are caused by policy, resource, software or protocol errors. notify_classes (resource, software) - The list of error classes that are reported to the + The list of error classes that are reported to the postmaster. soft_bounce (no) @@ -272,22 +273,22 @@ SMTPD(8) SMTPD(8) Available in Postfix version 2.1 and later: smtpd_authorized_xclient_hosts (empty) - What SMTP clients are allowed to use the XCLIENT + What SMTP clients are allowed to use the XCLIENT feature. KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS - As of Postfix version 2.0, the SMTP server rejects mail - for unknown recipients. This prevents the mail queue from - clogging up with undeliverable MAILER-DAEMON messages. - Additional information on this topic is in the + As of Postfix version 2.0, the SMTP server rejects mail + for unknown recipients. This prevents the mail queue from + clogging up with undeliverable MAILER-DAEMON messages. + Additional information on this topic is in the LOCAL_RECIPIENT_README and ADDRESS_CLASS_README documents. show_user_unknown_table_name (yes) - Display the name of the recipient table in the + Display the name of the recipient table in the "User unknown" responses. canonical_maps (empty) - Optional address mapping lookup tables for message + Optional address mapping lookup tables for message headers and envelopes. recipient_canonical_maps (empty) @@ -298,7 +299,7 @@ SMTPD(8) SMTPD(8) mydestination ($myhostname, localhost.$mydomain, local- host) - The list of domains that are delivered via the + The list of domains that are delivered via the $local_transport mail delivery transport. inet_interfaces (all) @@ -307,185 +308,185 @@ SMTPD(8) SMTPD(8) proxy_interfaces (empty) The network interface addresses that this mail sys- - tem receives mail on by way of a proxy or network + tem receives mail on by way of a proxy or network address translation unit. local_recipient_maps (proxy:unix:passwd.byname $alias_maps) - Lookup tables with all names or addresses of local - recipients: a recipient address is local when its - domain matches $mydestination, $inet_interfaces or + Lookup tables with all names or addresses of local + recipients: a recipient address is local when its + domain matches $mydestination, $inet_interfaces or $proxy_interfaces. unknown_local_recipient_reject_code (550) - The numerical Postfix SMTP server response code - when a recipient address is local, and - $local_recipient_maps specifies a list of lookup + The numerical Postfix SMTP server response code + when a recipient address is local, and + $local_recipient_maps specifies a list of lookup tables that does not match the recipient. - Parameters concerning known/unknown recipients of relay + Parameters concerning known/unknown recipients of relay destinations: relay_domains ($mydestination) - What destination domains (and subdomains thereof) + What destination domains (and subdomains thereof) this system will relay mail to. relay_recipient_maps (empty) - Optional lookup tables with all valid addresses in + Optional lookup tables with all valid addresses in the domains that match $relay_domains. unknown_relay_recipient_reject_code (550) The numerical Postfix SMTP server reply code when a - recipient address matches $relay_domains, and - relay_recipient_maps specifies a list of lookup + recipient address matches $relay_domains, and + relay_recipient_maps specifies a list of lookup tables that does not match the recipient address. - Parameters concerning known/unknown recipients in virtual + Parameters concerning known/unknown recipients in virtual alias domains: virtual_alias_domains ($virtual_alias_maps) Postfix is final destination for the specified list - of virtual alias domains, that is, domains for - which all addresses are aliased to addresses in + of virtual alias domains, that is, domains for + which all addresses are aliased to addresses in other local or remote domains. virtual_alias_maps ($virtual_maps) - Optional lookup tables that alias specific mail - addresses or domains to other local or remote + Optional lookup tables that alias specific mail + addresses or domains to other local or remote address. unknown_virtual_alias_reject_code (550) The SMTP server reply code when a recipient address - matches $virtual_alias_domains, and $vir- - tual_alias_maps specifies a list of lookup tables + matches $virtual_alias_domains, and $vir- + tual_alias_maps specifies a list of lookup tables that does not match the recipient address. - Parameters concerning known/unknown recipients in virtual + Parameters concerning known/unknown recipients in virtual mailbox domains: virtual_mailbox_domains ($virtual_mailbox_maps) Postfix is final destination for the specified list - of domains; mail is delivered via the $vir- + of domains; mail is delivered via the $vir- tual_transport mail delivery transport. virtual_mailbox_maps (empty) - Optional lookup tables with all valid addresses in + Optional lookup tables with all valid addresses in the domains that match $virtual_mailbox_domains. unknown_virtual_mailbox_reject_code (550) The SMTP server reply code when a recipient address - matches $virtual_mailbox_domains, and $vir- + matches $virtual_mailbox_domains, and $vir- tual_mailbox_maps specifies a list of lookup tables that does not match the recipient address. RESOURCE AND RATE CONTROLS - The following parameters limit resource usage by the SMTP + The following parameters limit resource usage by the SMTP server and/or control client request rates. line_length_limit (2048) - Upon input, long lines are chopped up into pieces - of at most this length; upon delivery, long lines + Upon input, long lines are chopped up into pieces + of at most this length; upon delivery, long lines are reconstructed. queue_minfree (0) - The minimal amount of free space in bytes in the + The minimal amount of free space in bytes in the queue file system that is needed to receive mail. message_size_limit (10240000) - The maximal size in bytes of a message, including + The maximal size in bytes of a message, including envelope information. smtpd_recipient_limit (1000) - The maximal number of recipients that the Postfix + The maximal number of recipients that the Postfix SMTP server accepts per message delivery request. smtpd_timeout (300s) - The time limit for sending a Postfix SMTP server - response and for receiving a remote SMTP client + The time limit for sending a Postfix SMTP server + response and for receiving a remote SMTP client request. smtpd_history_flush_threshold (100) - The maximal number of lines in the Postfix SMTP - server command history before it is flushed upon + The maximal number of lines in the Postfix SMTP + server command history before it is flushed upon receipt of EHLO, RSET, or end of DATA. The per SMTP client connection count and request rate lim- its are implemented in co-operation with the anvil(8) ser- - vice, and are available in Postfix version 2.2 and later. + vice, and are available in Postfix version 2.2 and later. smtpd_client_connection_count_limit (50) - How many simultaneous connections any client is + How many simultaneous connections any client is allowed to make to this service. smtpd_client_connection_rate_limit (0) The maximal number of connection attempts any - client is allowed to make to this service per time + client is allowed to make to this service per time unit. smtpd_client_message_rate_limit (0) - The maximal number of message delivery requests - that any client is allowed to make to this service + The maximal number of message delivery requests + that any client is allowed to make to this service per time unit, regardless of whether or not Postfix actually accepts those messages. smtpd_client_recipient_rate_limit (0) - The maximal number of recipient addresses that any - client is allowed to send to this service per time + The maximal number of recipient addresses that any + client is allowed to send to this service per time unit, regardless of whether or not Postfix actually accepts those recipients. smtpd_client_event_limit_exceptions ($mynetworks) - Clients that are excluded from connection count, - connection rate, message rate or recipient rate + Clients that are excluded from connection count, + connection rate, message rate or recipient rate restrictions. TARPIT CONTROLS - When a remote SMTP client makes errors, the Postfix SMTP - server can insert delays before responding. This can help - to slow down run-away software. The behavior is con- - trolled by an error counter that counts the number of - errors within an SMTP session that a client makes without + When a remote SMTP client makes errors, the Postfix SMTP + server can insert delays before responding. This can help + to slow down run-away software. The behavior is con- + trolled by an error counter that counts the number of + errors within an SMTP session that a client makes without delivering mail. smtpd_error_sleep_time (1s) - With Postfix 2.1 and later: the SMTP server - response delay after a client has made more than - $smtpd_soft_error_limit errors, and fewer than - $smtpd_hard_error_limit errors, without delivering + With Postfix 2.1 and later: the SMTP server + response delay after a client has made more than + $smtpd_soft_error_limit errors, and fewer than + $smtpd_hard_error_limit errors, without delivering mail. smtpd_soft_error_limit (10) - The number of errors a remote SMTP client is - allowed to make without delivering mail before the + The number of errors a remote SMTP client is + allowed to make without delivering mail before the Postfix SMTP server slows down all its responses. smtpd_hard_error_limit (20) - The maximal number of errors a remote SMTP client + The maximal number of errors a remote SMTP client is allowed to make without delivering mail. smtpd_junk_command_limit (100) - The number of junk commands (NOOP, VRFY, ETRN or + The number of junk commands (NOOP, VRFY, ETRN or RSET) that a remote SMTP client can send before the - Postfix SMTP server starts to increment the error + Postfix SMTP server starts to increment the error counter with each junk command. Available in Postfix version 2.1 and later: smtpd_recipient_overshoot_limit (1000) - The number of recipients that a remote SMTP client - can send in excess of the limit specified with + The number of recipients that a remote SMTP client + can send in excess of the limit specified with $smtpd_recipient_limit, before the Postfix SMTP - server increments the per-session error count for + server increments the per-session error count for each excess recipient. ACCESS POLICY DELEGATION CONTROLS - As of version 2.1, Postfix can be configured to delegate - access policy decisions to an external server that runs - outside Postfix. See the file SMTPD_POLICY_README for + As of version 2.1, Postfix can be configured to delegate + access policy decisions to an external server that runs + outside Postfix. See the file SMTPD_POLICY_README for more information. smtpd_policy_service_max_idle (300s) - The time after which an idle SMTPD policy service + The time after which an idle SMTPD policy service connection is closed. smtpd_policy_service_max_ttl (1000s) @@ -493,154 +494,154 @@ SMTPD(8) SMTPD(8) connection is closed. smtpd_policy_service_timeout (100s) - The time limit for connecting to, writing to or + The time limit for connecting to, writing to or receiving from a delegated SMTPD policy server. ACCESS CONTROLS - The SMTPD_ACCESS_README document gives an introduction to + The SMTPD_ACCESS_README document gives an introduction to all the SMTP server access control features. smtpd_delay_reject (yes) - Wait until the RCPT TO command before evaluating + Wait until the RCPT TO command before evaluating $smtpd_client_restrictions, $smtpd_helo_restric- tions and $smtpd_sender_restrictions, or wait until - the ETRN command before evaluating + the ETRN command before evaluating $smtpd_client_restrictions and $smtpd_helo_restric- tions. - parent_domain_matches_subdomains (see 'postconf -d' out- + parent_domain_matches_subdomains (see 'postconf -d' out- put) What Postfix features match subdomains of "domain.tld" automatically, instead of requiring an explicit ".domain.tld" pattern. smtpd_client_restrictions (empty) - Optional SMTP server access restrictions in the + Optional SMTP server access restrictions in the context of a client SMTP connection request. smtpd_helo_required (no) Require that a remote SMTP client introduces itself - at the beginning of an SMTP session with the HELO + at the beginning of an SMTP session with the HELO or EHLO command. smtpd_helo_restrictions (empty) - Optional restrictions that the Postfix SMTP server + Optional restrictions that the Postfix SMTP server applies in the context of the SMTP HELO command. smtpd_sender_restrictions (empty) - Optional restrictions that the Postfix SMTP server + Optional restrictions that the Postfix SMTP server applies in the context of the MAIL FROM command. smtpd_recipient_restrictions (permit_mynetworks, reject_unauth_destination) The access restrictions that the Postfix SMTP - server applies in the context of the RCPT TO com- + server applies in the context of the RCPT TO com- mand. smtpd_etrn_restrictions (empty) - Optional SMTP server access restrictions in the + Optional SMTP server access restrictions in the context of a client ETRN request. allow_untrusted_routing (no) - Forward mail with sender-specified routing - (user[@%!]remote[@%!]site) from untrusted clients + Forward mail with sender-specified routing + (user[@%!]remote[@%!]site) from untrusted clients to destinations matching $relay_domains. smtpd_restriction_classes (empty) - User-defined aliases for groups of access restric- + User-defined aliases for groups of access restric- tions. smtpd_null_access_lookup_key (<>) - The lookup key to be used in SMTP access(5) tables + The lookup key to be used in SMTP access(5) tables instead of the null sender address. permit_mx_backup_networks (empty) Restrict the use of the permit_mx_backup SMTP - access feature to only domains whose primary MX + access feature to only domains whose primary MX hosts match the listed networks. Available in Postfix version 2.0 and later: smtpd_data_restrictions (empty) - Optional access restrictions that the Postfix SMTP + Optional access restrictions that the Postfix SMTP server applies in the context of the SMTP DATA com- mand. smtpd_expansion_filter (see 'postconf -d' output) - What characters are allowed in $name expansions of + What characters are allowed in $name expansions of RBL reply templates. Available in Postfix version 2.1 and later: smtpd_reject_unlisted_sender (no) - Request that the Postfix SMTP server rejects mail - from unknown sender addresses, even when no - explicit reject_unlisted_sender access restriction + Request that the Postfix SMTP server rejects mail + from unknown sender addresses, even when no + explicit reject_unlisted_sender access restriction is specified. smtpd_reject_unlisted_recipient (yes) - Request that the Postfix SMTP server rejects mail + Request that the Postfix SMTP server rejects mail for unknown recipient addresses, even when no - explicit reject_unlisted_recipient access restric- + explicit reject_unlisted_recipient access restric- tion is specified. SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS - Postfix version 2.1 introduces sender and recipient - address verification. This feature is implemented by - sending probe email messages that are not actually deliv- - ered. This feature is requested via the reject_unveri- - fied_sender and reject_unverified_recipient access - restrictions. The status of verification probes is main- + Postfix version 2.1 introduces sender and recipient + address verification. This feature is implemented by + sending probe email messages that are not actually deliv- + ered. This feature is requested via the reject_unveri- + fied_sender and reject_unverified_recipient access + restrictions. The status of verification probes is main- tained by the verify(8) server. See the file ADDRESS_VER- - IFICATION_README for information about how to configure + IFICATION_README for information about how to configure and operate the Postfix sender/recipient address verifica- tion service. address_verify_poll_count (3) - How many times to query the verify(8) service for - the completion of an address verification request + How many times to query the verify(8) service for + the completion of an address verification request in progress. address_verify_poll_delay (3s) - The delay between queries for the completion of an + The delay between queries for the completion of an address verification request in progress. address_verify_sender (postmaster) - The sender address to use in address verification + The sender address to use in address verification probes. unverified_sender_reject_code (450) - The numerical Postfix SMTP server response code - when a recipient address is rejected by the + The numerical Postfix SMTP server response code + when a recipient address is rejected by the reject_unverified_sender restriction. unverified_recipient_reject_code (450) - The numerical Postfix SMTP server response when a + The numerical Postfix SMTP server response when a recipient address is rejected by the reject_unveri- fied_recipient restriction. ACCESS CONTROL RESPONSES - The following parameters control numerical SMTP reply + The following parameters control numerical SMTP reply codes and/or text responses. access_map_reject_code (554) - The numerical Postfix SMTP server response code - when a client is rejected by an access(5) map + The numerical Postfix SMTP server response code + when a client is rejected by an access(5) map restriction. defer_code (450) - The numerical Postfix SMTP server response code - when a remote SMTP client request is rejected by + The numerical Postfix SMTP server response code + when a remote SMTP client request is rejected by the "defer" restriction. invalid_hostname_reject_code (501) - The numerical Postfix SMTP server response code - when the client HELO or EHLO command parameter is - rejected by the reject_invalid_hostname restric- + The numerical Postfix SMTP server response code + when the client HELO or EHLO command parameter is + rejected by the reject_invalid_hostname restric- tion. maps_rbl_reject_code (554) - The numerical Postfix SMTP server response code + The numerical Postfix SMTP server response code when a remote SMTP client request is blocked by the reject_rbl_client, reject_rhsbl_client, reject_rhsbl_sender or reject_rhsbl_recipient @@ -648,47 +649,47 @@ SMTPD(8) SMTPD(8) non_fqdn_reject_code (504) The numerical Postfix SMTP server reply code when a - client request is rejected by the + client request is rejected by the reject_non_fqdn_hostname, reject_non_fqdn_sender or reject_non_fqdn_recipient restriction. reject_code (554) - The numerical Postfix SMTP server response code - when a remote SMTP client request is rejected by + The numerical Postfix SMTP server response code + when a remote SMTP client request is rejected by the "reject" restriction. relay_domains_reject_code (554) - The numerical Postfix SMTP server response code - when a client request is rejected by the + The numerical Postfix SMTP server response code + when a client request is rejected by the reject_unauth_destination recipient restriction. unknown_address_reject_code (450) - The numerical Postfix SMTP server response code - when a sender or recipient address is rejected by + The numerical Postfix SMTP server response code + when a sender or recipient address is rejected by the reject_unknown_sender_domain or reject_unknown_recipient_domain restriction. unknown_client_reject_code (450) - The numerical Postfix SMTP server response code - when a client without valid address <=> name map- - ping is rejected by the reject_unknown_client + The numerical Postfix SMTP server response code + when a client without valid address <=> name map- + ping is rejected by the reject_unknown_client restriction. unknown_hostname_reject_code (450) - The numerical Postfix SMTP server response code - when the hostname specified with the HELO or EHLO - command is rejected by the reject_unknown_hostname + The numerical Postfix SMTP server response code + when the hostname specified with the HELO or EHLO + command is rejected by the reject_unknown_hostname restriction. Available in Postfix version 2.0 and later: default_rbl_reply (see 'postconf -d' output) - The default SMTP server response template for a - request that is rejected by an RBL-based restric- + The default SMTP server response template for a + request that is rejected by an RBL-based restric- tion. multi_recipient_bounce_reject_code (550) - The numerical Postfix SMTP server response code + The numerical Postfix SMTP server response code when a remote SMTP client request is blocked by the reject_multi_recipient_bounce restriction. @@ -697,16 +698,16 @@ SMTPD(8) SMTPD(8) MISCELLANEOUS CONTROLS config_directory (see 'postconf -d' output) - The default location of the Postfix main.cf and + The default location of the Postfix main.cf and master.cf configuration files. daemon_timeout (18000s) - How much time a Postfix daemon process may take to - handle a request before it is terminated by a + How much time a Postfix daemon process may take to + handle a request before it is terminated by a built-in watchdog timer. command_directory (see 'postconf -d' output) - The location of all postfix administrative com- + The location of all postfix administrative com- mands. double_bounce_sender (double-bounce) @@ -727,36 +728,36 @@ SMTPD(8) SMTPD(8) and most Postfix daemon processes. max_idle (100s) - The maximum amount of time that an idle Postfix - daemon process waits for the next service request + The maximum amount of time that an idle Postfix + daemon process waits for the next service request before exiting. max_use (100) - The maximal number of connection requests before a + The maximal number of connection requests before a Postfix daemon process terminates. myhostname (see 'postconf -d' output) The internet hostname of this mail system. mynetworks (see 'postconf -d' output) - The list of "trusted" SMTP clients that have more + The list of "trusted" SMTP clients that have more privileges than "strangers". myorigin ($myhostname) The domain name that locally-posted mail appears to - come from, and that locally posted mail is deliv- + come from, and that locally posted mail is deliv- ered to. process_id (read-only) - The process ID of a Postfix command or daemon pro- + The process ID of a Postfix command or daemon pro- cess. process_name (read-only) - The process name of a Postfix command or daemon + The process name of a Postfix command or daemon process. queue_directory (see 'postconf -d' output) - The location of the Postfix top-level queue direc- + The location of the Postfix top-level queue direc- tory. recipient_delimiter (empty) @@ -764,14 +765,14 @@ SMTPD(8) SMTPD(8) sions (user+foo). smtpd_banner ($myhostname ESMTP $mail_name) - The text that follows the 220 status code in the + The text that follows the 220 status code in the SMTP greeting banner. syslog_facility (mail) The syslog facility of Postfix logging. syslog_name (postfix) - The mail system name that is prepended to the pro- + The mail system name that is prepended to the pro- cess name in syslog records, so that "smtpd" becomes, for example, "postfix/smtpd". @@ -797,7 +798,7 @@ SMTPD(8) SMTPD(8) XFORWARD_README, Postfix XFORWARD extension LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html index 6c295cdb2..27e5b0f7b 100644 --- a/postfix/html/trivial-rewrite.8.html +++ b/postfix/html/trivial-rewrite.8.html @@ -21,17 +21,14 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8) Rewrite an address to standard form, according to the address rewriting context: - local - - none Append the domain names specified with $myo- + local Append the domain names specified with $myo- rigin or $mydomain to incomplete addresses; do swap_bangpath and allow_percent_hack pro- cessing as described below, and strip source routed addresses (@site,@site:user@domain) to user@domain form. - invalid - Append the domain name specified with + remote Append the domain name specified with $remote_header_rewrite_domain to incomplete addresses. Otherwise the result is identical to that of the local address rewriting con- @@ -135,10 +132,11 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8) Available in Postfix 2.2 and later: - remote_header_rewrite_domain (domain.invalid) - Append this domain to incomplete message header - addresses from remote clients; when the domain is - empty, don't rewrite remote message headers at all. + remote_header_rewrite_domain (empty) + Don't rewrite message headers from remote clients + at all when this parameter is empty; otherwise, + rewrite remote message headers and append the spec- + ified domain name to incomplete addresses. ROUTING CONTROLS The following is applicable to Postfix version 2.0 and diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5 index 74e0f7c78..435a7468f 100644 --- a/postfix/man/man5/postconf.5 +++ b/postfix/man/man5/postconf.5 @@ -1561,9 +1561,10 @@ Setting this parameter to a value > 1 changes the meaning of local_destination_concurrency_limit from concurrency per recipient into concurrency per domain. .SH local_header_rewrite_clients (default: see "postconf -d" output) -Append the domain name in $myorigin or $mydomain to incomplete -message header addresses from these clients; append -$remote_header_rewrite_domain for all other clients. +Append the domain name in $myorigin or $mydomain to message +header addresses from these clients only; either don't rewrite +message headers from other clients at all, or append the domain +specified with the remote_header_rewrite_domain parameter. .PP Specify a list of zero or more of the following: .IP "\fB permit_mynetworks \fR" @@ -1595,11 +1596,37 @@ for pop-before-smtp lookup tables. .PP Examples: .PP +The backwards compatible setting: always rewrite message headers, +and always append my own domain to incomplete header addresses. +.PP .nf .na .ft C -local_header_rewrite_clients = static:all -local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated + local_header_rewrite_clients = static:all +.fi +.ad +.ft R +.PP +The default setting: rewrite headers and append my own domain +only with mail from local or authorized clients. +.PP +.nf +.na +.ft C + local_header_rewrite_clients = permit_mynetworks, + permit_sasl_authenticated permit_tls_clientcerts +.fi +.ad +.ft R +.PP +Include clients that are pop-before-smtp authenticated: +.PP +.nf +.na +.ft C + local_header_rewrite_clients = permit_mynetworks, + permit_sasl_authenticated permit_tls_clientcerts + check_address_map hash:/etc/postfix/pop-before-smtp .fi .ad .ft R @@ -2676,11 +2703,35 @@ relocated_maps = hash:/etc/postfix/relocated .fi .ad .ft R -.SH remote_header_rewrite_domain (default: domain.invalid) -Append this domain name to incomplete message header addresses -from remote clients; when this domain name is empty, don't rewrite -remote message headers at all. Both stop Postfix from appending -your own domain to addresses in spam from poorly written software. +.SH remote_header_rewrite_domain (default: empty) +Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite remote message headers +and append the specified domain name to incomplete addresses. +.PP +Examples: +.PP +The safe setting: append "domain.invalid" to incomplete header +addresses from remote SMTP clients, so that those addresses cannot +be confused with local addresses. +.PP +.nf +.na +.ft C + remote_header_rewrite_domain = domain.invalid +.fi +.ad +.ft R +.PP +The default, purist, setting: don't rewrite headers from remote +clients at all. +.PP +.nf +.na +.ft C + remote_header_rewrite_domain = +.fi +.ad +.ft R .SH require_home_directory (default: no) Whether or not a local(8) recipient's home directory must exist before mail delivery is attempted. By default this test is disabled. diff --git a/postfix/man/man8/anvil.8 b/postfix/man/man8/anvil.8 index 7bcaa9c4b..7f0b4fd5c 100644 --- a/postfix/man/man8/anvil.8 +++ b/postfix/man/man8/anvil.8 @@ -215,6 +215,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". .nf smtpd(8), Postfix SMTP server postconf(5), configuration parameters +master(5), generic daemon options .SH "README FILES" .na .nf diff --git a/postfix/man/man8/bounce.8 b/postfix/man/man8/bounce.8 index b021104eb..2ec0b5911 100644 --- a/postfix/man/man8/bounce.8 +++ b/postfix/man/man8/bounce.8 @@ -123,6 +123,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". .nf qmgr(8), queue manager postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "LICENSE" diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8 index ef5690e7b..3110a9c08 100644 --- a/postfix/man/man8/cleanup.8 +++ b/postfix/man/man8/cleanup.8 @@ -299,6 +299,7 @@ body_checks(5), body parts content inspection canonical(5), canonical address lookup table format virtual(5), virtual alias lookup table format postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "README FILES" diff --git a/postfix/man/man8/discard.8 b/postfix/man/man8/discard.8 index ec6ae9dda..0c534b93a 100644 --- a/postfix/man/man8/discard.8 +++ b/postfix/man/man8/discard.8 @@ -92,6 +92,7 @@ qmgr(8), queue manager bounce(8), delivery status reports error(8), Postfix error delivery agent postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "LICENSE" diff --git a/postfix/man/man8/error.8 b/postfix/man/man8/error.8 index 35d4c7d7a..140758c85 100644 --- a/postfix/man/man8/error.8 +++ b/postfix/man/man8/error.8 @@ -101,6 +101,7 @@ qmgr(8), queue manager bounce(8), delivery status reports discard(8), Postfix discard delivery agent postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "LICENSE" diff --git a/postfix/man/man8/flush.8 b/postfix/man/man8/flush.8 index c6ddbbf5c..52fabee0d 100644 --- a/postfix/man/man8/flush.8 +++ b/postfix/man/man8/flush.8 @@ -136,6 +136,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". smtpd(8), SMTP server qmgr(8), queue manager postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "README FILES" diff --git a/postfix/man/man8/lmtp.8 b/postfix/man/man8/lmtp.8 index b9f7d1407..ff803afc6 100644 --- a/postfix/man/man8/lmtp.8 +++ b/postfix/man/man8/lmtp.8 @@ -181,9 +181,9 @@ The LMTP client time limit for sending the LMTP message content. .IP "\fBlmtp_data_done_timeout (600s)\fR" The LMTP client time limit for sending the LMTP ".", and for receiving the server response. -.IP "\fBlmtp_rset_timeout (120s)\fR" -The LMTP client time limit for sending the RSET command, and for -receiving the server response. +.IP "\fBlmtp_rset_timeout (20s)\fR" +The LMTP client time limit for sending the RSET command, and +for receiving the server response. .IP "\fBlmtp_quit_timeout (300s)\fR" The LMTP client time limit for sending the QUIT command, and for receiving the server response. @@ -228,6 +228,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". bounce(8), delivery status reports qmgr(8), queue manager postconf(5), configuration parameters +master(5), generic daemon options services(4), Internet services and aliases master(8), process manager syslogd(8), system logging diff --git a/postfix/man/man8/local.8 b/postfix/man/man8/local.8 index 6d56a7727..c205d2dd5 100644 --- a/postfix/man/man8/local.8 +++ b/postfix/man/man8/local.8 @@ -509,6 +509,7 @@ newaliases(1), create/update alias database postalias(1), create/update alias database aliases(5), format of alias database postconf(5), configuration parameters +master(5), generic daemon options syslogd(8), system logging .SH "LICENSE" .na diff --git a/postfix/man/man8/oqmgr.8 b/postfix/man/man8/oqmgr.8 index faaa90cda..2e01bbc50 100644 --- a/postfix/man/man8/oqmgr.8 +++ b/postfix/man/man8/oqmgr.8 @@ -287,6 +287,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". trivial-rewrite(8), address routing bounce(8), delivery status reports postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8) system logging .SH "README FILES" diff --git a/postfix/man/man8/pickup.8 b/postfix/man/man8/pickup.8 index ccc89e32c..eaa693802 100644 --- a/postfix/man/man8/pickup.8 +++ b/postfix/man/man8/pickup.8 @@ -67,7 +67,7 @@ The name of a mail delivery transport that filters mail after it is queued. .IP "\fBreceive_override_options (empty)\fR" Enable or disable recipient validation, built-in content -filtering, or address rewriting. +filtering, or address mapping. .SH "MISCELLANEOUS CONTROLS" .na .nf @@ -109,6 +109,7 @@ cleanup(8), message canonicalization sendmail(1), Sendmail-compatible interface postdrop(1), mail posting agent postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "LICENSE" diff --git a/postfix/man/man8/pipe.8 b/postfix/man/man8/pipe.8 index 208136367..adb0b2a93 100644 --- a/postfix/man/man8/pipe.8 +++ b/postfix/man/man8/pipe.8 @@ -297,6 +297,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd". qmgr(8), queue manager bounce(8), delivery status reports postconf(5), configuration parameters +master(5), generic daemon options master(8), process manager syslogd(8), system logging .SH "LICENSE" diff --git a/postfix/man/man8/proxymap.8 b/postfix/man/man8/proxymap.8 index 21efe69ba..ab8c99b79 100644 --- a/postfix/man/man8/proxymap.8 +++ b/postfix/man/man8/proxymap.8 @@ -122,6 +122,21 @@ The process ID of a Postfix command or daemon process. The process name of a Postfix command or daemon process. .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR" The lookup tables that the proxymap(8) server is allowed to access. +.SH "SEE ALSO" +.na +.nf +postconf(5), configuration parameters +master(5), generic daemon options +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +DATABASE_README, Postfix lookup table overview .SH "LICENSE" .na .nf diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index b78991467..5c1fed6d3 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -113,13 +113,14 @@ filtering, or address mapping. .PP Available in Postfix version 2.2 and later: .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR" -Append the domain name in $myorigin or $mydomain to incomplete -message header addresses from these clients; append -$remote_header_rewrite_domain for all other clients. -.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" -Append this domain name to incomplete message header addresses -from remote clients; when this domain name is empty, don't rewrite -remote message headers at all. +Append the domain name in $myorigin or $mydomain to message +header addresses from these clients only; either don't rewrite +message headers from other clients at all, or append the domain +specified with the remote_header_rewrite_domain parameter. +.IP "\fBremote_header_rewrite_domain (empty)\fR" +Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite remote message headers +and append the specified domain name to incomplete addresses. .SH "AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS" .na .nf diff --git a/postfix/man/man8/trivial-rewrite.8 b/postfix/man/man8/trivial-rewrite.8 index 79755bd30..73b030d75 100644 --- a/postfix/man/man8/trivial-rewrite.8 +++ b/postfix/man/man8/trivial-rewrite.8 @@ -19,13 +19,12 @@ Rewrite an address to standard form, according to the address rewriting context: .RS .IP \fBlocal\fR -.IP \fBnone\fR Append the domain names specified with \fB$myorigin\fR or \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR and \fBallow_percent_hack\fR processing as described below, and strip source routed addresses (\fI@site,@site:user@domain\fR) to \fIuser@domain\fR form. -.IP \fBinvalid\fR +.IP \fBremote\fR Append the domain name specified with \fB$remote_header_rewrite_domain\fR to incomplete addresses. Otherwise the result is identical to that of @@ -127,10 +126,10 @@ The separator between user names and address extensions (user+foo). Enable the rewriting of "site!user" into "user@site". .PP Available in Postfix 2.2 and later: -.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" -Append this domain to incomplete message header addresses from -remote clients; when the domain is empty, don't rewrite remote message -headers at all. +.IP "\fBremote_header_rewrite_domain (empty)\fR" +Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite remote message headers +and append the specified domain name to incomplete addresses. .SH "ROUTING CONTROLS" .na .nf diff --git a/postfix/proto/ADDRESS_REWRITING_README.html b/postfix/proto/ADDRESS_REWRITING_README.html index 45141c743..33d4a8c0d 100644 --- a/postfix/proto/ADDRESS_REWRITING_README.html +++ b/postfix/proto/ADDRESS_REWRITING_README.html @@ -339,6 +339,12 @@ trivial-rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the number of entries needed in lookup tables.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

The Postfix trivial-rewrite(8) daemon implements the following hard-coded address manipulations:

@@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature, because a lot of Postfix components expect that all addresses have the form "user@domain".

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, or they append the domain name +specified with the remote_header_rewrite_domain configuration +parameter.

+

If your machine is not the main machine for $myorigin and you wish to have some users delivered locally without going via that main machine, make an entry in the virtual @@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$mydomain" parameter (default: yes). The purpose is to get consistent treatment of different forms of the same hostname.

-

Some will argue that rewriting "host" to "host.$mydomain" +

Postfix versions 2.2 and later do not rewrite message headers +from remote clients at all, or they append the domain name specified +with the remote_header_rewrite_domain configuration parameter.

+ +

Some will argue that rewriting "host" to "host.domain" is bad. That is why it can be turned off. Others like the convenience of having the local domain appended automatically.

@@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default all header and envelope addresses are rewritten; this is controlled with the canonical_classes configuration parameter.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

Address rewriting is done for local and remote addresses. The mapping is useful to replace login names by "Firstname.Lastname" style addresses, or to @@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail comes from the gateway itself, instead of from individual machines.

+

Postfix versions 2.2 and later do not rewrite message headers +from remote SMTP clients at all, unless a non-empty domain name is +specified with the remote_header_rewrite_domain configuration +parameter. The local_header_rewrite_clients parameter controls +what SMTP clients Postfix considers local.

+

Address masquerading is disabled by default, and is implemented by the cleanup(8) server. To enable, edit the masquerade_domains parameter in the main.cf file and specify one or more domain names diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto index 99021200b..a985cae0b 100644 --- a/postfix/proto/postconf.proto +++ b/postfix/proto/postconf.proto @@ -7218,19 +7218,35 @@ is already bounded by $max_idle.

session cache hit and miss rates for logical destinations and for physical endpoints.

-%PARAM remote_header_rewrite_domain domain.invalid +%PARAM remote_header_rewrite_domain -

Append this domain name to incomplete message header addresses -from remote clients; when this domain name is empty, don't rewrite -remote message headers at all. Both stop Postfix from appending -your own domain to addresses in spam from poorly written software. -

+

Don't rewrite message headers from remote clients at all when +this parameter is empty; otherwise, rewrite remote message headers +and append the specified domain name to incomplete addresses.

+ +

Examples:

+ +

The safe setting: append "domain.invalid" to incomplete header +addresses from remote SMTP clients, so that those addresses cannot +be confused with local addresses.

+ +
 
+    remote_header_rewrite_domain = domain.invalid
+
+ +

The default, purist, setting: don't rewrite headers from remote +clients at all.

+ +
+    remote_header_rewrite_domain =
+
%PARAM local_header_rewrite_clients see "postconf -d" output -

Append the domain name in $myorigin or $mydomain to incomplete -message header addresses from these clients; append -$remote_header_rewrite_domain for all other clients.

+

Append the domain name in $myorigin or $mydomain to message +header addresses from these clients only; either don't rewrite +message headers from other clients at all, or append the domain +specified with the remote_header_rewrite_domain parameter.

Specify a list of zero or more of the following:

@@ -7277,7 +7293,25 @@ for pop-before-smtp lookup tables.

Examples:

+

The backwards compatible setting: always rewrite message headers, +and always append my own domain to incomplete header addresses.

+ 
 
-local_header_rewrite_clients = static:all
-local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated 
+    local_header_rewrite_clients = static:all
+
+ +

The default setting: rewrite headers and append my own domain +only with mail from local or authorized clients.

+ +
+    local_header_rewrite_clients = permit_mynetworks, 
+        permit_sasl_authenticated permit_tls_clientcerts
+
+ +

Include clients that are pop-before-smtp authenticated:

+ +
+    local_header_rewrite_clients = permit_mynetworks, 
+        permit_sasl_authenticated permit_tls_clientcerts
+        check_address_map hash:/etc/postfix/pop-before-smtp
diff --git a/postfix/src/anvil/anvil.c b/postfix/src/anvil/anvil.c index 3894dadb6..07099543a 100644 --- a/postfix/src/anvil/anvil.c +++ b/postfix/src/anvil/anvil.c @@ -193,6 +193,7 @@ /* SEE ALSO /* smtpd(8), Postfix SMTP server /* postconf(5), configuration parameters +/* master(5), generic daemon options /* README FILES /* .ad /* .fi diff --git a/postfix/src/bounce/bounce.c b/postfix/src/bounce/bounce.c index e271ef732..a1066ec31 100644 --- a/postfix/src/bounce/bounce.c +++ b/postfix/src/bounce/bounce.c @@ -107,6 +107,7 @@ /* SEE ALSO /* qmgr(8), queue manager /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* LICENSE diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c index ebb34a07b..d06458a7c 100644 --- a/postfix/src/cleanup/cleanup.c +++ b/postfix/src/cleanup/cleanup.c @@ -267,6 +267,7 @@ /* canonical(5), canonical address lookup table format /* virtual(5), virtual alias lookup table format /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* README FILES diff --git a/postfix/src/discard/discard.c b/postfix/src/discard/discard.c index 0d3b87260..142dea5e6 100644 --- a/postfix/src/discard/discard.c +++ b/postfix/src/discard/discard.c @@ -76,6 +76,7 @@ /* bounce(8), delivery status reports /* error(8), Postfix error delivery agent /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* LICENSE diff --git a/postfix/src/error/error.c b/postfix/src/error/error.c index fc8d2986f..f2cf4a9ab 100644 --- a/postfix/src/error/error.c +++ b/postfix/src/error/error.c @@ -85,6 +85,7 @@ /* bounce(8), delivery status reports /* discard(8), Postfix discard delivery agent /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* LICENSE diff --git a/postfix/src/flush/flush.c b/postfix/src/flush/flush.c index 84eee6559..190a2630a 100644 --- a/postfix/src/flush/flush.c +++ b/postfix/src/flush/flush.c @@ -118,6 +118,7 @@ /* smtpd(8), SMTP server /* qmgr(8), queue manager /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* README FILES diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h index ce0a8bca6..ab1844154 100644 --- a/postfix/src/global/mail_params.h +++ b/postfix/src/global/mail_params.h @@ -2092,7 +2092,7 @@ extern char *var_anvil_service; * What domain names to assume when no valid domain context exists. */ #define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain" -#define DEF_REM_RWR_DOMAIN "domain.invalid" +#define DEF_REM_RWR_DOMAIN "" extern char *var_remote_rwr_domain; #define CHECK_ADDR_MAP "check_address_map" diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 82b858b60..b6ada4c52 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only. */ -#define MAIL_RELEASE_DATE "20041021" +#define MAIL_RELEASE_DATE "20041022" #define MAIL_VERSION_NUMBER "2.2" #define VAR_MAIL_VERSION "mail_version" diff --git a/postfix/src/lmtp/lmtp.c b/postfix/src/lmtp/lmtp.c index 5bacd3cb3..64bd981ce 100644 --- a/postfix/src/lmtp/lmtp.c +++ b/postfix/src/lmtp/lmtp.c @@ -157,9 +157,9 @@ /* .IP "\fBlmtp_data_done_timeout (600s)\fR" /* The LMTP client time limit for sending the LMTP ".", and for /* receiving the server response. -/* .IP "\fBlmtp_rset_timeout (120s)\fR" -/* The LMTP client time limit for sending the RSET command, and for -/* receiving the server response. +/* .IP "\fBlmtp_rset_timeout (20s)\fR" +/* The LMTP client time limit for sending the RSET command, and +/* for receiving the server response. /* .IP "\fBlmtp_quit_timeout (300s)\fR" /* The LMTP client time limit for sending the QUIT command, and for /* receiving the server response. @@ -200,6 +200,7 @@ /* bounce(8), delivery status reports /* qmgr(8), queue manager /* postconf(5), configuration parameters +/* master(5), generic daemon options /* services(4), Internet services and aliases /* master(8), process manager /* syslogd(8), system logging diff --git a/postfix/src/lmtp/lmtp_proto.c b/postfix/src/lmtp/lmtp_proto.c index 8c8426917..afdaf4a20 100644 --- a/postfix/src/lmtp/lmtp_proto.c +++ b/postfix/src/lmtp/lmtp_proto.c @@ -425,7 +425,7 @@ static int lmtp_loop(LMTP_STATE *state, NOCLOBBER int send_state, DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ? XFORWARD_UNAVAILABLE : strcmp(request->rewrite_context, REWRITE_LOCAL) ? - XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE); + XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL ); next_state = LMTP_STATE_MAIL; break; diff --git a/postfix/src/local/local.c b/postfix/src/local/local.c index 3cc7dc011..c225e173f 100644 --- a/postfix/src/local/local.c +++ b/postfix/src/local/local.c @@ -465,6 +465,7 @@ /* postalias(1), create/update alias database /* aliases(5), format of alias database /* postconf(5), configuration parameters +/* master(5), generic daemon options /* syslogd(8), system logging /* LICENSE /* .ad diff --git a/postfix/src/oqmgr/qmgr.c b/postfix/src/oqmgr/qmgr.c index f65ca4966..b3148b034 100644 --- a/postfix/src/oqmgr/qmgr.c +++ b/postfix/src/oqmgr/qmgr.c @@ -249,6 +249,7 @@ /* trivial-rewrite(8), address routing /* bounce(8), delivery status reports /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8) system logging /* README FILES diff --git a/postfix/src/pickup/Makefile.in b/postfix/src/pickup/Makefile.in index 8d832721e..741bae6c4 100644 --- a/postfix/src/pickup/Makefile.in +++ b/postfix/src/pickup/Makefile.in @@ -76,4 +76,5 @@ pickup.o: ../../include/record.h pickup.o: ../../include/rec_type.h pickup.o: ../../include/lex_822.h pickup.o: ../../include/input_transp.h +pickup.o: ../../include/rewrite_clnt.h pickup.o: ../../include/mail_server.h diff --git a/postfix/src/pickup/pickup.c b/postfix/src/pickup/pickup.c index a876c6193..090690407 100644 --- a/postfix/src/pickup/pickup.c +++ b/postfix/src/pickup/pickup.c @@ -49,7 +49,7 @@ /* it is queued. /* .IP "\fBreceive_override_options (empty)\fR" /* Enable or disable recipient validation, built-in content -/* filtering, or address rewriting. +/* filtering, or address mapping. /* MISCELLANEOUS CONTROLS /* .ad /* .fi @@ -87,6 +87,7 @@ /* sendmail(1), Sendmail-compatible interface /* postdrop(1), mail posting agent /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* LICENSE @@ -137,6 +138,7 @@ #include #include #include +#include /* XXX */ /* Single-threaded server skeleton. */ @@ -292,6 +294,8 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup, */ rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s", MAIL_ATTR_ORIGIN, MAIL_ATTR_ORG_LOCAL); + rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s", + MAIL_ATTR_RWR_CTXT_NAME, REWRITE_LOCAL); /* * Copy the message envelope segment. Allow only those records that we diff --git a/postfix/src/pipe/pipe.c b/postfix/src/pipe/pipe.c index 3eb2d4a2d..0b6e3ca07 100644 --- a/postfix/src/pipe/pipe.c +++ b/postfix/src/pipe/pipe.c @@ -275,6 +275,7 @@ /* qmgr(8), queue manager /* bounce(8), delivery status reports /* postconf(5), configuration parameters +/* master(5), generic daemon options /* master(8), process manager /* syslogd(8), system logging /* LICENSE diff --git a/postfix/src/proxymap/proxymap.c b/postfix/src/proxymap/proxymap.c index e0f670e3a..5ca342ad5 100644 --- a/postfix/src/proxymap/proxymap.c +++ b/postfix/src/proxymap/proxymap.c @@ -106,6 +106,17 @@ /* The process name of a Postfix command or daemon process. /* .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR" /* The lookup tables that the proxymap(8) server is allowed to access. +/* SEE ALSO +/* postconf(5), configuration parameters +/* master(5), generic daemon options +/* README FILES +/* .ad +/* .fi +/* Use "\fBpostconf readme_directory\fR" or +/* "\fBpostconf html_directory\fR" to locate this information. +/* .na +/* .nf +/* DATABASE_README, Postfix lookup table overview /* LICENSE /* .ad /* .fi diff --git a/postfix/src/smtp/smtp_connect.c b/postfix/src/smtp/smtp_connect.c index 8ae3dcfa4..564b8d42d 100644 --- a/postfix/src/smtp/smtp_connect.c +++ b/postfix/src/smtp/smtp_connect.c @@ -527,7 +527,7 @@ int smtp_connect(SMTP_STATE *state) * high volume of mail in the active queue. */ if (cpp == sites->argv - && ((request->flags & DEL_REQ_FLAG_SCACHE) != 0 + && ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0) || (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) { sess_flags |= SMTP_SESS_FLAG_CACHE; SET_NEXTHOP_STATE(state, lookup_mx, domain, port); diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c index e4ddb557d..70184dc71 100644 --- a/postfix/src/smtp/smtp_proto.c +++ b/postfix/src/smtp/smtp_proto.c @@ -646,7 +646,7 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state, DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ? XFORWARD_UNAVAILABLE : strcmp(request->rewrite_context, REWRITE_LOCAL) ? - XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE); + XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL ); next_state = SMTP_STATE_MAIL; break; diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c index 85c9a9efe..538590fab 100644 --- a/postfix/src/smtpd/smtpd.c +++ b/postfix/src/smtpd/smtpd.c @@ -95,13 +95,14 @@ /* .PP /* Available in Postfix version 2.2 and later: /* .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR" -/* Append the domain name in $myorigin or $mydomain to incomplete -/* message header addresses from these clients; append -/* $remote_header_rewrite_domain for all other clients. -/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" -/* Append this domain name to incomplete message header addresses -/* from remote clients; when this domain name is empty, don't rewrite -/* remote message headers at all. +/* Append the domain name in $myorigin or $mydomain to message +/* header addresses from these clients only; either don't rewrite +/* message headers from other clients at all, or append the domain +/* specified with the remote_header_rewrite_domain parameter. +/* .IP "\fBremote_header_rewrite_domain (empty)\fR" +/* Don't rewrite message headers from remote clients at all when +/* this parameter is empty; otherwise, rewrite remote message headers +/* and append the specified domain name to incomplete addresses. /* AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS /* .ad /* .fi @@ -1073,21 +1074,21 @@ static void mail_open_stream(SMTPD_STATE *state) if (*var_filter_xport) rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport); rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", - MAIL_ATTR_RWR_CTXT_NAME, state->rewrite_context_name); - } + MAIL_ATTR_RWR_CTXT_NAME, FORWARD_DOMAIN(state)); #ifdef USE_SASL_AUTH - if (var_smtpd_sasl_enable) { - if (state->sasl_method) - rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", - MAIL_ATTR_SASL_METHOD, state->sasl_method); - if (state->sasl_username) - rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", - MAIL_ATTR_SASL_USERNAME, state->sasl_username); - if (state->sasl_sender) - rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", - MAIL_ATTR_SASL_SENDER, state->sasl_sender); - } + if (var_smtpd_sasl_enable) { + if (state->sasl_method) + rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", + MAIL_ATTR_SASL_METHOD, state->sasl_method); + if (state->sasl_username) + rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", + MAIL_ATTR_SASL_USERNAME, state->sasl_username); + if (state->sasl_sender) + rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", + MAIL_ATTR_SASL_SENDER, state->sasl_sender); + } #endif + } rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender); if (state->encoding != 0) rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", @@ -1537,7 +1538,8 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) * we have a valid recipient address. */ if (state->proxy == 0 && state->cleanup == 0) { - smtpd_check_rewrite(state); + if (!SMTPD_STAND_ALONE(state)) + smtpd_check_rewrite(state); if (state->proxy_mail) { if (smtpd_proxy_open(state, var_smtpd_proxy_filt, var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo, @@ -2383,13 +2385,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv) XFORWARD_DOMAIN, attr_value); return (-1); } - if (state->rewrite_context_name - && strcmp(state->rewrite_context_name, - context_name[context_code])) { - myfree(state->rewrite_context_name); - state->rewrite_context_name = - mystrdup(context_name[context_code]); - } + UPDATE_STR(state->xforward.domain, context_name[context_code]); break; /* diff --git a/postfix/src/smtpd/smtpd.h b/postfix/src/smtpd/smtpd.h index 890be0b6f..e00b76382 100644 --- a/postfix/src/smtpd/smtpd.h +++ b/postfix/src/smtpd/smtpd.h @@ -53,6 +53,7 @@ typedef struct { char *protocol; /* email protocol */ char *helo_name; /* helo/ehlo parameter */ char *ident; /* message identifier */ + char *domain; /* rewrite context */ } SMTPD_XFORWARD_ATTR; typedef struct SMTPD_STATE { @@ -175,6 +176,7 @@ extern void smtpd_state_reset(SMTPD_STATE *); #define CLIENT_HELO_UNKNOWN 0 #define CLIENT_PROTO_UNKNOWN CLIENT_ATTR_UNKNOWN #define CLIENT_IDENT_UNKNOWN 0 +#define CLIENT_DOMAIN_UNKNOWN 0 #define IS_AVAIL_CLIENT_ATTR(v) ((v) && strcmp((v), CLIENT_ATTR_UNKNOWN)) @@ -184,6 +186,7 @@ extern void smtpd_state_reset(SMTPD_STATE *); #define IS_AVAIL_CLIENT_HELO(v) ((v) != 0) #define IS_AVAIL_CLIENT_PROTO(v) IS_AVAIL_CLIENT_ATTR(v) #define IS_AVAIL_CLIENT_IDENT(v) ((v) != 0) +#define IS_AVAIL_CLIENT_DOMAIN(v) ((v) != 0) /* * If running in stand-alone mode, do not try to talk to Postfix daemons but @@ -230,16 +233,19 @@ extern void smtpd_peer_reset(SMTPD_STATE *state); (((s)->xforward.flags & SMTPD_STATE_XFORWARD_CLIENT_MASK) ? \ (s)->xforward.a : (s)->a) -#define FORWARD_IDENT_ATTR(s) \ - (((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \ - (s)->queue_id : (s)->ident) - #define FORWARD_ADDR(s) FORWARD_CLIENT_ATTR((s), addr) #define FORWARD_NAME(s) FORWARD_CLIENT_ATTR((s), name) #define FORWARD_NAMADDR(s) FORWARD_CLIENT_ATTR((s), namaddr) #define FORWARD_PROTO(s) FORWARD_CLIENT_ATTR((s), protocol) #define FORWARD_HELO(s) FORWARD_CLIENT_ATTR((s), helo_name) -#define FORWARD_IDENT(s) FORWARD_IDENT_ATTR(s) + +#define FORWARD_IDENT(s) \ + (((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \ + (s)->queue_id : (s)->ident) + +#define FORWARD_DOMAIN(s) \ + (((s)->xforward.flags & SMTPD_STATE_XFORWARD_DOMAIN) ? \ + (s)->xforward.domain : (s)->rewrite_context_name) extern void smtpd_xforward_init(SMTPD_STATE *); extern void smtpd_xforward_preset(SMTPD_STATE *); diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index 077834d23..e140c7cb1 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -323,7 +323,6 @@ static int check_rcpt_maps(SMTPD_STATE *, const char *, const char *); #define SMTPD_NAME_RECIPIENT "Recipient address" #define SMTPD_NAME_ETRN "Etrn command" #define SMTPD_NAME_DATA "Data command" -#define SMTPD_NAME_REWRITE "Local address rewriting" /* * YASLM. @@ -3397,8 +3396,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state) DICT *dict; /* - * We don't use generic_checks() because it produces results that - * aren't applicable such as DEFER or REJECT. + * We don't use generic_checks() because it produces results that aren't + * applicable such as DEFER or REJECT. */ for (cpp = local_rewrite_clients->argv; *cpp != 0; cpp++) { if (msg_verbose) @@ -3430,6 +3429,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state) continue; } if (status == SMTPD_CHECK_OK) { + if (state->rewrite_context_name) + myfree(state->rewrite_context_name); state->rewrite_context_name = mystrdup(REWRITE_LOCAL); return; } @@ -4063,7 +4064,7 @@ char *var_def_rbl_reply; char *var_relay_rcpt_maps; char *var_verify_sender; char *var_smtpd_sasl_opts; -char *var_remote_rwr_name; +char *var_remote_rwr_domain; char *var_local_rwr_clients; typedef struct { @@ -4105,7 +4106,7 @@ static STRING_TABLE string_table[] = { VAR_VERIFY_SENDER, DEF_VERIFY_SENDER, &var_verify_sender, VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts, - VAR_REM_RWR_NAME, DEF_REM_RWR_NAME, &var_remote_rwr_name, + VAR_REM_RWR_DOMAIN, DEF_REM_RWR_DOMAIN, &var_remote_rwr_domain, VAR_LOC_RWR_CLIENTS, DEF_LOC_RWR_CLIENTS, &var_local_rwr_clients, 0, }; @@ -4171,6 +4172,8 @@ int var_verify_poll_delay; int var_smtpd_policy_tmout; int var_smtpd_policy_idle; int var_smtpd_policy_ttl; +int var_smtpd_rej_unl_from; +int var_smtpd_rej_unl_rcpt; static INT_TABLE int_table[] = { "msg_verbose", 0, &msg_verbose, @@ -4195,6 +4198,8 @@ static INT_TABLE int_table[] = { VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code, VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table, VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count, + VAR_SMTPD_REJ_UNL_FROM, DEF_SMTPD_REJ_UNL_FROM, &var_smtpd_rej_unl_from, + VAR_SMTPD_REJ_UNL_RCPT, DEF_SMTPD_REJ_UNL_RCPT, &var_smtpd_rej_unl_rcpt, 0, }; @@ -4411,7 +4416,7 @@ int main(int argc, char **argv) string_init(); int_init(); smtpd_check_init(); - smtpd_state_init(&state, VSTREAM_IN); + smtpd_state_init(&state, VSTREAM_IN, "smtpd"); state.queue_id = ""; /* @@ -4589,11 +4594,17 @@ int main(int argc, char **argv) * Show commands. */ default: + if (strcasecmp(args->argv[0], "check_rewrite") == 0) { + smtpd_check_rewrite(&state); + resp = state.rewrite_context_name; + break; + } resp = "Commands...\n\ client
[]\n\ helo \n\ sender
\n\ recipient
\n\ + check_rewrite\n\ msg_verbose \n\ client_restrictions \n\ helo_restrictions \n\ diff --git a/postfix/src/smtpd/smtpd_exp.ref b/postfix/src/smtpd/smtpd_exp.ref index e9e825efe..fcee7f2a3 100644 --- a/postfix/src/smtpd/smtpd_exp.ref +++ b/postfix/src/smtpd/smtpd_exp.ref @@ -123,7 +123,6 @@ OK >>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access OK >>> mail foo@pls.net.au -./smtpd_check: warning: numeric domain name in resource data of MX record for pls.net.au: 203.3.110.241 OK >>> #mail foo@verisign-wildcard.com >>> mail foo@verisign.com diff --git a/postfix/src/smtpd/smtpd_proxy.c b/postfix/src/smtpd/smtpd_proxy.c index 2030d2705..bede77c82 100644 --- a/postfix/src/smtpd/smtpd_proxy.c +++ b/postfix/src/smtpd/smtpd_proxy.c @@ -340,7 +340,7 @@ int smtpd_proxy_open(SMTPD_STATE *state, const char *service, FORWARD_PROTO(state)))) && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN) || !(bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1, - STREQ(state->rewrite_context_name, REWRITE_LOCAL) ? + STREQ(FORWARD_DOMAIN(state), REWRITE_LOCAL) ? XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE)))) bad = smtpd_xforward_flush(state, buf); vstring_free(buf); diff --git a/postfix/src/smtpd/smtpd_xforward.c b/postfix/src/smtpd/smtpd_xforward.c index 84ee3ec90..d6a9638f7 100644 --- a/postfix/src/smtpd/smtpd_xforward.c +++ b/postfix/src/smtpd/smtpd_xforward.c @@ -59,6 +59,7 @@ void smtpd_xforward_init(SMTPD_STATE *state) state->xforward.protocol = 0; state->xforward.helo_name = 0; state->xforward.ident = 0; + state->xforward.domain = 0; } /* smtpd_xforward_preset - set xforward attributes to "unknown" */ @@ -85,6 +86,7 @@ void smtpd_xforward_preset(SMTPD_STATE *state) /* Leave helo at zero. */ state->xforward.protocol = mystrdup(CLIENT_PROTO_UNKNOWN); /* Leave ident at zero. */ + /* Leave domain context at zero. */ } /* smtpd_xforward_reset - reset XCLIENT attributes */ @@ -100,4 +102,5 @@ void smtpd_xforward_reset(SMTPD_STATE *state) FREE_AND_WIPE(state->xforward.protocol); FREE_AND_WIPE(state->xforward.helo_name); FREE_AND_WIPE(state->xforward.ident); + FREE_AND_WIPE(state->xforward.domain); } diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c index bf0b73988..182851f5b 100644 --- a/postfix/src/trivial-rewrite/trivial-rewrite.c +++ b/postfix/src/trivial-rewrite/trivial-rewrite.c @@ -13,13 +13,12 @@ /* address rewriting context: /* .RS /* .IP \fBlocal\fR -/* .IP \fBnone\fR /* Append the domain names specified with \fB$myorigin\fR or /* \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR /* and \fBallow_percent_hack\fR processing as described below, and /* strip source routed addresses (\fI@site,@site:user@domain\fR) /* to \fIuser@domain\fR form. -/* .IP \fBinvalid\fR +/* .IP \fBremote\fR /* Append the domain name specified with /* \fB$remote_header_rewrite_domain\fR to incomplete /* addresses. Otherwise the result is identical to that of @@ -107,10 +106,10 @@ /* Enable the rewriting of "site!user" into "user@site". /* .PP /* Available in Postfix 2.2 and later: -/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" -/* Append this domain to incomplete message header addresses from -/* remote clients; when the domain is empty, don't rewrite remote message -/* headers at all. +/* .IP "\fBremote_header_rewrite_domain (empty)\fR" +/* Don't rewrite message headers from remote clients at all when +/* this parameter is empty; otherwise, rewrite remote message headers +/* and append the specified domain name to incomplete addresses. /* ROUTING CONTROLS /* .ad /* .fi diff --git a/postfix/src/util/dict_db.c b/postfix/src/util/dict_db.c index edf6a2906..4322add03 100644 --- a/postfix/src/util/dict_db.c +++ b/postfix/src/util/dict_db.c @@ -167,6 +167,12 @@ static const char *dict_db_lookup(DICT *dict, const char *name) static VSTRING *buf; const char *result = 0; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_db_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + dict_errno = 0; memset(&db_key, 0, sizeof(db_key)); memset(&db_value, 0, sizeof(db_value)); @@ -231,6 +237,12 @@ static void dict_db_update(DICT *dict, const char *name, const char *value) DBT db_value; int status; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_db_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + memset(&db_key, 0, sizeof(db_key)); memset(&db_value, 0, sizeof(db_value)); db_key.data = (void *) name; @@ -302,6 +314,12 @@ static int dict_db_delete(DICT *dict, const char *name) int status = 1; int flags = 0; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_db_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + memset(&db_key, 0, sizeof(db_key)); /* diff --git a/postfix/src/util/dict_dbm.c b/postfix/src/util/dict_dbm.c index 1afb46b0d..a1e326fb9 100644 --- a/postfix/src/util/dict_dbm.c +++ b/postfix/src/util/dict_dbm.c @@ -78,6 +78,12 @@ static const char *dict_dbm_lookup(DICT *dict, const char *name) static VSTRING *buf; const char *result = 0; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_dbm_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + dict_errno = 0; /* @@ -137,6 +143,12 @@ static void dict_dbm_update(DICT *dict, const char *name, const char *value) datum dbm_value; int status; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_dbm_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + dbm_key.dptr = (void *) name; dbm_value.dptr = (void *) value; dbm_key.dsize = strlen(name); @@ -202,6 +214,12 @@ static int dict_dbm_delete(DICT *dict, const char *name) int status = 1; int flags = 0; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_dbm_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + /* * Acquire an exclusive lock. */ diff --git a/postfix/src/util/dict_nis.c b/postfix/src/util/dict_nis.c index 2290ecd35..104fa8f14 100644 --- a/postfix/src/util/dict_nis.c +++ b/postfix/src/util/dict_nis.c @@ -143,6 +143,12 @@ static const char *dict_nis_lookup(DICT *dict, const char *key) int err; static VSTRING *buf; + /* + * Sanity check. + */ + if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0) + msg_panic("dict_nis_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag"); + dict_errno = 0; if (dict_nis_domain == dict_nis_disabled) return (0); diff --git a/postfix/src/util/dict_nisplus.c b/postfix/src/util/dict_nisplus.c index 7ac002149..2f1a45772 100644 --- a/postfix/src/util/dict_nisplus.c +++ b/postfix/src/util/dict_nisplus.c @@ -119,10 +119,11 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key) DICT_NISPLUS *dict_nisplus = (DICT_NISPLUS *) dict; static VSTRING *quoted_key; static VSTRING *query; - static VSTRING *reply; - nis_result *nis_alias; + static VSTRING *retval; + nis_result *reply; int count; const char *cp; + int last_col; int ch; /* @@ -131,7 +132,7 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key) dict_errno = 0; if (quoted_key == 0) { query = vstring_alloc(100); - reply = vstring_alloc(100); + retval = vstring_alloc(100); quoted_key = vstring_alloc(100); } @@ -168,29 +169,35 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key) * addresses (in envelopes or in headers) have a finite length. */ vstring_sprintf(query, dict_nisplus->template, STR(quoted_key)); - nis_alias = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL); + reply = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL); /* - * When lookup succeeds, the result may be unusable because it is - * ambiguous. + * When lookup succeeds, the result may be ambiguous, or the requested + * column may not exist. */ - if (nis_alias->status == NIS_SUCCESS) { - if ((count = NIS_RES_NUMOBJ(nis_alias)) != 1) { + if (reply->status == NIS_SUCCESS) { + if ((count = NIS_RES_NUMOBJ(reply)) != 1) { msg_warn("ambiguous match (%d results) for %s in NIS+ map %s:" " ignoring this request", count, key, dict_nisplus->dict.name); - nis_freeresult(nis_alias); + nis_freeresult(reply); return (0); } else { - vstring_strcpy(reply, - NIS_RES_OBJECT(nis_alias)->zo_data.objdata_u + last_col = NIS_RES_OBJECT(reply)->zo_data + .objdata_u.en_data.en_cols.en_cols_len - 1; + if (dict_nisplus->column > last_col) + msg_fatal("requested column %d > max column %d in table %s", + dict_nisplus->column, last_col, + dict_nisplus->dict.name); + vstring_strcpy(retval, + NIS_RES_OBJECT(reply)->zo_data.objdata_u .en_data.en_cols.en_cols_val[dict_nisplus->column] .ec_value.ec_value_val); if (msg_verbose) msg_info("%s: %s, column %d -> %s", myname, STR(query), - dict_nisplus->column, STR(reply)); - nis_freeresult(nis_alias); - return (STR(reply)); + dict_nisplus->column, STR(retval)); + nis_freeresult(reply); + return (STR(retval)); } } @@ -200,14 +207,17 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key) * the problem and fix it. */ else { - if (nis_alias->status != NIS_NOTFOUND - && nis_alias->status != NIS_PARTIAL) { + if (reply->status != NIS_NOTFOUND + && reply->status != NIS_PARTIAL) { msg_warn("lookup %s, NIS+ map %s: %s", key, dict_nisplus->dict.name, - nis_sperrno(nis_alias->status)); + nis_sperrno(reply->status)); dict_errno = DICT_ERR_RETRY; + } else { + if (msg_verbose) + msg_info("%s: not found: query %s", myname, STR(query)); } - nis_freeresult(nis_alias); + nis_freeresult(reply); return (0); } } diff --git a/postfix/src/util/sys_defs.h b/postfix/src/util/sys_defs.h index 59b8875f9..1d443961a 100644 --- a/postfix/src/util/sys_defs.h +++ b/postfix/src/util/sys_defs.h @@ -296,6 +296,7 @@ extern int opterr; #define DEF_DB_TYPE "dbm" #define ALIAS_DB_MAP "dbm:/etc/mail/aliases" #define HAS_NIS +#define HAS_NISPLUS #define USE_SYS_SOCKIO_H /* Solaris 2.5, changed sys/ioctl.h */ #define GETTIMEOFDAY(t) gettimeofday(t) #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb"