mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-30 05:38:06 +00:00
Code Issues Releases Wiki Activity

postfix-2.2-20041022

Browse Source
This commit is contained in:
Wietse Venema 2004-10-22 00:00:00 -05:00 committed by Viktor Dukhovni
parent f2ffad66ca
commit d9f316cf24
66 changed files with 725 additions and 396 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
postfix/HISTORY
View File

@ -9776,27 +9776,22 @@ Apologies for any names omitted.
20041014-21 20041014-21
By default, Postfix no longer appends the local domain to Postfix no longer appends the local domain to header
incomplete message header addresses from remote clients. addresses from remote clients. Instead, Postfix either
Thus, spam from badly written software no longer looks like does not rewrite those headers at all, or it appends the
it came from a local user. domain specified with the new remote_header_rewrite_domain
Instead, Postfix either does not rewrite headers from remote
clients at all, or it appends the domain name that is
specified with the new invalid_rewrite_context_domain
parameter. parameter.
Postfix still appends $@myorigin or .$mydomain to headers Postfix still appends $@myorigin or .$mydomain to headers
in mail from Postfix sendmail, from clients listed with from the Postfix sendmail command, or from clients listed
the local_rewrite_context_clients parameter (default: with the new local_header_rewrite_clients parameter (default:
permit_mynetworks, permit_sasl_authenticated). permit_mynetworks, permit_sasl_authenticated).
The context specified with remote_rewrite_context_name is 20041016
used for all other clients. The default setting is backwards
compatible to avoid surprises.
Postfix still appends $@myorigin or .$mydomain when rewriting Bugfix: attr_clnt_request() did not properly skip hash
incomplete envelope addresses. table arguments. Luc Pardon, Skopos Consulting. File:
util/attr_clnt.c.
20041018 20041018
@ -9807,18 +9802,21 @@ Apologies for any names omitted.
Support for Errors-To: is permanently removed. Support for Errors-To: is permanently removed.
Open problems: 20041022
High: document master(5) for generic daemon options. Bugfix: "smtp_connection_cache_on_demand=no" could crash
the SMTP client. File: smtp/smtp_connect.c.
Robustness: extra sanity checks. Files: util/dict_db.c,
util/dict_dbm.c.
Open problems:
Low: reject HELO with any domain name that this MTA is Low: reject HELO with any domain name that this MTA is
final destination for. final destination for.
Low: should the Delivered-To: test in local(8) be configurable? Low: should the Delivered-To: test in local(8) be configurable?
Low: append a different domain (like, address.invalid) for
mail from clients not in mynetworks.
Low: document propagate_unmatched_extensions in aliases(5) Low: document propagate_unmatched_extensions in aliases(5)
etc. etc.
@ -9849,9 +9847,6 @@ Open problems:
all MXes return a quick ECONNRESET or 4xx reply during the all MXes return a quick ECONNRESET or 4xx reply during the
initial handshake. initial handshake.
Low: add msg_panic() guard to ensure that at least one of
DICT_FLAG_TRY1NULL or DICT_FLAG_TRY1NULL is set upon lookup.
Low: make post-install a "postfix-only script" so it can Low: make post-install a "postfix-only script" so it can
take data from the environment instead of main.cf. take data from the environment instead of main.cf.

30
postfix/README_FILES/ADDRESS_REWRITING_README
View File

@ -166,6 +166,12 @@ table, it first rewrites the address to the standard
rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the rewrite(8) daemon. The purpose of rewriting to standard form is to reduce the
number of entries needed in lookup tables. number of entries needed in lookup tables.
Postfix versions 2.2 and later do not rewrite message headers from remote SMTP
clients at all, unless a non-empty domain name is specified with the
remote_header_rewrite_domain configuration parameter. The
local_header_rewrite_clients parameter controls what SMTP clients Postfix
considers local.
The Postfix trivial-rewrite(8) daemon implements the following hard-coded The Postfix trivial-rewrite(8) daemon implements the following hard-coded
address manipulations: address manipulations:
@ -193,6 +199,10 @@ address manipulations:
of Postfix components expect that all addresses have the form of Postfix components expect that all addresses have the form
"user@domain". "user@domain".
Postfix versions 2.2 and later do not rewrite message headers from
remote SMTP clients at all, or they append the domain name specified
with the remote_header_rewrite_domain configuration parameter.
If your machine is not the main machine for $myorigin and you wish to If your machine is not the main machine for $myorigin and you wish to
have some users delivered locally without going via that main machine, have some users delivered locally without going via that main machine,
make an entry in the virtual alias table that redirects make an entry in the virtual alias table that redirects
@ -204,8 +214,12 @@ address manipulations:
(default: yes). The purpose is to get consistent treatment of different (default: yes). The purpose is to get consistent treatment of different
forms of the same hostname. forms of the same hostname.
Some will argue that rewriting "host" to "host.$mydomain" is bad. That Postfix versions 2.2 and later do not rewrite message headers from
is why it can be turned off. Others like the convenience of having the remote clients at all, or they append the domain name specified with
the remote_header_rewrite_domain configuration parameter.
Some will argue that rewriting "host" to "host.domain" is bad. That is
why it can be turned off. Others like the convenience of having the
local domain appended automatically. local domain appended automatically.
Rewrite "user@site." to "user@site" (without the trailing dot). Rewrite "user@site." to "user@site" (without the trailing dot).
@ -219,6 +233,12 @@ message envelopes and in message headers. By default all header and envelope
addresses are rewritten; this is controlled with the canonical_classes addresses are rewritten; this is controlled with the canonical_classes
configuration parameter. configuration parameter.
Postfix versions 2.2 and later do not rewrite message headers from remote
clients at all, unless a non-empty domain name is specified with the
remote_header_rewrite_domain configuration parameter. The
local_header_rewrite_clients parameter controls what SMTP clients Postfix
considers local.
Address rewriting is done for local and remote addresses. The mapping is useful Address rewriting is done for local and remote addresses. The mapping is useful
to replace login names by "Firstname.Lastname" style addresses, or to clean up to replace login names by "Firstname.Lastname" style addresses, or to clean up
invalid domains in mail addresses produced by legacy mail systems. invalid domains in mail addresses produced by legacy mail systems.
@ -277,6 +297,12 @@ Address masquerading is a method to hide hosts inside a domain behind their
mail gateway, and to make it appear as if the mail comes from the gateway mail gateway, and to make it appear as if the mail comes from the gateway
itself, instead of from individual machines. itself, instead of from individual machines.
Postfix versions 2.2 and later do not rewrite message headers from remote SMTP
clients at all, unless a non-empty domain name is specified with the
remote_header_rewrite_domain configuration parameter. The
local_header_rewrite_clients parameter controls what SMTP clients Postfix
considers local.
Address masquerading is disabled by default, and is implemented by the cleanup Address masquerading is disabled by default, and is implemented by the cleanup
(8) server. To enable, edit the masquerade_domains parameter in the main.cf (8) server. To enable, edit the masquerade_domains parameter in the main.cf
file and specify one or more domain names separated by whitespace or commas. file and specify one or more domain names separated by whitespace or commas.

65
postfix/RELEASE_NOTES
View File

@ -7,54 +7,53 @@ snapshot release). Patches are issued for the official release
and change the patchlevel and the release date. Patches are never and change the patchlevel and the release date. Patches are never
issued for snapshot releases. issued for snapshot releases.
Incompatible changes with snapshot Postfix-2.2-20041019 Incompatible changes with snapshot Postfix-2.2-20041022
======================================================= =======================================================
You must reload or restart Postfix, because the protocol between You must reload or stop/start Postfix, because the queue manager
queue manager and delivery agents has changed. If you forget this, to delivery agent protocol has changed. If you forget this, mail
mail will remain queued until you restart/reload Postfix. will remain queued until the queue manager is restarted.
Support for return addresses in the non-standard Errors-To: message Support for the non-standard Errors-To: return addresses is removed.
headers is removed. It was already disabled by default with Postfix It was already disabled by default with Postfix version 2.1. Since
version 2.1. Since it is non-standard, there was no guarantee that Errors-To: is non-standard, there was no guarantee that it would
it would have effect on other MTAs. have effect with other MTAs.
Major changes with snapshot Postfix-2.2-20041019 Major changes with snapshot Postfix-2.2-20041022
================================================ ================================================
The NIS+ client by Geoff Gibbs is now part of the Postfix source The NIS+ client by Geoff Gibbs is now part of the Postfix source
tree. Details are given in the nisplus_table(5) manual page. tree. Details are given in the nisplus_table(5) manual page.
Message header address rewriting contexts. These control what By default, Postfix no longer appends the local domain to addresses
domains are appended to incomplete addresses in message headers, in message headers from remote clients. Thus, spam from poorly
and whether headers are rewritten at all. written software no longer looks like it came from a local user.
- "local": Append the domain names in myorigin or mydomain to Postfix either does not rewrite remote message headers at all, or
incomplete addresses in message headers. it rewrites headers and appends the domain name that is specified
with the remote_header_rewrite_domain parameter (like "domain.invalid").
- "invalid": append "domain.invalid" (or whatever is specified To get the behavior of earlier Postfix versions specify
with the invalid_header_rewrite_context_domain parameter) to
incomplete addresses in message headers,
- "none": disable header address rewriting (don't even do canonical /etc/postfix/main.cf:
mapping or address masquerading). local_header_rewrite_clients = static:all
The "local" address rewriting context is used for mail submitted Postfix always appends local domain information in message headers
with the Postfix sendmail command, for mail from clients that match from Postfix sendmail and from local clients.
$local_header_rewrite_context_clients (default: $mynetworks), and
for mail from SASL authenticated clients. It is not automatically
used for pop-before-smtp clients; you'll have to specify their
lookup table via the local_header_rewrite_context_clients parameter.
The smtpd_remote_header_rewrite_context parameter specifies the By default, Postfix considers a client local when its address
address rewriting context for remote mail. The backwards compatible matches mynetworks, or when it is SASL or TLS authenticated. If
default is "local". Purists will specify "none", so that Postfix you want to include a pop-before-smtp table, then you have to
does not modify headers (not even with canonical mappings or address specify that via the new local_header_rewrite_clients parameter:
masquerading).
Postix always uses the "local" context for envelope addresses, /etc/postfix/main.cf:
because an unqualified address is effectively local when someone local_header_rewrite_clients = permit_mynetworks,
attempts to reply to it. permit_sasl_authenticated, permit_tls_clientcerts,
check_address_map hash:/etc/postfix/pop-before-smtp
As before, Postfix appends local domain information to envelope
addresses, because an unqualified address is effectively local when
someone attempts to reply to it.
Incompatible changes with snapshot Postfix-2.2-20041009 Incompatible changes with snapshot Postfix-2.2-20041009
======================================================= =======================================================

29
postfix/html/ADDRESS_REWRITING_README.html
View File

@ -339,6 +339,12 @@ mapping lookup table, it first rewrites the address to the standard
form is to reduce the number of entries needed in lookup tables. form is to reduce the number of entries needed in lookup tables.
</p> </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, unless a non-empty domain name is
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
what SMTP clients Postfix considers local. </p>
<p> The Postfix <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon implements the following <p> The Postfix <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> daemon implements the following
hard-coded address manipulations: </p> hard-coded address manipulations: </p>
@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature,
because a lot of Postfix components expect that all addresses have because a lot of Postfix components expect that all addresses have
the form "user@domain". </p> the form "user@domain". </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, or they append the domain name
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
parameter. </p>
<p> If your machine is not the main machine for $<a href="postconf.5.html#myorigin">myorigin</a> and you <p> If your machine is not the main machine for $<a href="postconf.5.html#myorigin">myorigin</a> and you
wish to have some users delivered locally without going via that wish to have some users delivered locally without going via that
main machine, make an entry in the <a href="#virtual">virtual main machine, make an entry in the <a href="#virtual">virtual
@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$<a href="postconf.5.html#mydomain">mydomain</
parameter (default: yes). The purpose is to get consistent treatment parameter (default: yes). The purpose is to get consistent treatment
of different forms of the same hostname. </p> of different forms of the same hostname. </p>
<p> Some will argue that rewriting "host" to "host.$<a href="postconf.5.html#mydomain">mydomain</a>" <p> Postfix versions 2.2 and later do not rewrite message headers
from remote clients at all, or they append the domain name specified
with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter. </p>
<p> Some will argue that rewriting "host" to "host.domain"
is bad. That is why it can be turned off. Others like the convenience is bad. That is why it can be turned off. Others like the convenience
of having the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> appended automatically. </p> </dd> of having the <a href="ADDRESS_CLASS_README.html#local_domain_class">local domain</a> appended automatically. </p> </dd>
@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default
all header and envelope addresses are rewritten; this is controlled all header and envelope addresses are rewritten; this is controlled
with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> configuration parameter. </p> with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> configuration parameter. </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote clients at all, unless a non-empty domain name is
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
what SMTP clients Postfix considers local. </p>
<p> Address rewriting is <p> Address rewriting is
done for local and remote addresses. The mapping is useful to done for local and remote addresses. The mapping is useful to
replace login names by "Firstname.Lastname" style addresses, or to replace login names by "Firstname.Lastname" style addresses, or to
@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail
comes from the gateway itself, instead of from individual machines. comes from the gateway itself, instead of from individual machines.
</p> </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, unless a non-empty domain name is
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration
parameter. The <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> parameter controls
what SMTP clients Postfix considers local. </p>
<p> Address masquerading is disabled by default, and is implemented <p> Address masquerading is disabled by default, and is implemented
by the <a href="cleanup.8.html">cleanup(8)</a> server. To enable, edit the <a href="postconf.5.html#masquerade_domains">masquerade_domains</a> by the <a href="cleanup.8.html">cleanup(8)</a> server. To enable, edit the <a href="postconf.5.html#masquerade_domains">masquerade_domains</a>
parameter in the main.cf file and specify one or more domain names parameter in the main.cf file and specify one or more domain names

1
postfix/html/anvil.8.html
View File

@ -196,6 +196,7 @@ ANVIL(8) ANVIL(8)
<b>SEE ALSO</b> <b>SEE ALSO</b>
<a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server <a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<b>README FILES</b> <b>README FILES</b>
<a href="TUNING_README.html">TUNING_README</a>, performance tuning <a href="TUNING_README.html">TUNING_README</a>, performance tuning

1
postfix/html/bounce.8.html
View File

@ -147,6 +147,7 @@ BOUNCE(8) BOUNCE(8)
<b>SEE ALSO</b> <b>SEE ALSO</b>
<a href="qmgr.8.html">qmgr(8)</a>, queue manager <a href="qmgr.8.html">qmgr(8)</a>, queue manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/cleanup.8.html
View File

@ -363,6 +363,7 @@ CLEANUP(8) CLEANUP(8)
<a href="canonical.5.html">canonical(5)</a>, canonical address lookup table format <a href="canonical.5.html">canonical(5)</a>, canonical address lookup table format
<a href="virtual.5.html">virtual(5)</a>, virtual alias lookup table format <a href="virtual.5.html">virtual(5)</a>, virtual alias lookup table format
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/discard.8.html
View File

@ -104,6 +104,7 @@ DISCARD(8) DISCARD(8)
<a href="bounce.8.html">bounce(8)</a>, delivery status reports <a href="bounce.8.html">bounce(8)</a>, delivery status reports
<a href="error.8.html">error(8)</a>, Postfix error delivery agent <a href="error.8.html">error(8)</a>, Postfix error delivery agent
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/error.8.html
View File

@ -118,6 +118,7 @@ ERROR(8) ERROR(8)
<a href="bounce.8.html">bounce(8)</a>, delivery status reports <a href="bounce.8.html">bounce(8)</a>, delivery status reports
<a href="discard.8.html">discard(8)</a>, Postfix discard delivery agent <a href="discard.8.html">discard(8)</a>, Postfix discard delivery agent
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/flush.8.html
View File

@ -157,6 +157,7 @@ FLUSH(8) FLUSH(8)
<a href="smtpd.8.html">smtpd(8)</a>, SMTP server <a href="smtpd.8.html">smtpd(8)</a>, SMTP server
<a href="qmgr.8.html">qmgr(8)</a>, queue manager <a href="qmgr.8.html">qmgr(8)</a>, queue manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

3
postfix/html/lmtp.8.html
View File

@ -197,7 +197,7 @@ LMTP(8) LMTP(8)
The LMTP client time limit for sending the LMTP The LMTP client time limit for sending the LMTP
".", and for receiving the server response. ".", and for receiving the server response.
<b><a href="postconf.5.html#lmtp_rset_timeout">lmtp_rset_timeout</a> (120s)</b> <b><a href="postconf.5.html#lmtp_rset_timeout">lmtp_rset_timeout</a> (20s)</b>
The LMTP client time limit for sending the RSET The LMTP client time limit for sending the RSET
command, and for receiving the server response. command, and for receiving the server response.
@ -260,6 +260,7 @@ LMTP(8) LMTP(8)
<a href="bounce.8.html">bounce(8)</a>, delivery status reports <a href="bounce.8.html">bounce(8)</a>, delivery status reports
<a href="qmgr.8.html">qmgr(8)</a>, queue manager <a href="qmgr.8.html">qmgr(8)</a>, queue manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
services(4), Internet services and aliases services(4), Internet services and aliases
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/local.8.html
View File

@ -526,6 +526,7 @@ LOCAL(8) LOCAL(8)
<a href="postalias.1.html">postalias(1)</a>, create/update alias database <a href="postalias.1.html">postalias(1)</a>, create/update alias database
<a href="aliases.5.html">aliases(5)</a>, format of alias database <a href="aliases.5.html">aliases(5)</a>, format of alias database
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
syslogd(8), system logging syslogd(8), system logging
<b>LICENSE</b> <b>LICENSE</b>

1
postfix/html/oqmgr.8.html
View File

@ -312,6 +312,7 @@ OQMGR(8) OQMGR(8)
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address routing
<a href="bounce.8.html">bounce(8)</a>, delivery status reports <a href="bounce.8.html">bounce(8)</a>, delivery status reports
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8) system logging syslogd(8) system logging

3
postfix/html/pickup.8.html
View File

@ -58,7 +58,7 @@ PICKUP(8) PICKUP(8)
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b> <b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
Enable or disable recipient validation, built-in Enable or disable recipient validation, built-in
content filtering, or address rewriting. content filtering, or address mapping.
<b>MISCELLANEOUS CONTROLS</b> <b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
@ -113,6 +113,7 @@ PICKUP(8) PICKUP(8)
<a href="sendmail.1.html">sendmail(1)</a>, Sendmail-compatible interface <a href="sendmail.1.html">sendmail(1)</a>, Sendmail-compatible interface
<a href="postdrop.1.html">postdrop(1)</a>, mail posting agent <a href="postdrop.1.html">postdrop(1)</a>, mail posting agent
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/html/pipe.8.html
View File

@ -350,6 +350,7 @@ PIPE(8) PIPE(8)
<a href="qmgr.8.html">qmgr(8)</a>, queue manager <a href="qmgr.8.html">qmgr(8)</a>, queue manager
<a href="bounce.8.html">bounce(8)</a>, delivery status reports <a href="bounce.8.html">bounce(8)</a>, delivery status reports
<a href="postconf.5.html">postconf(5)</a>, configuration parameters <a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<a href="master.8.html">master(8)</a>, process manager <a href="master.8.html">master(8)</a>, process manager
syslogd(8), system logging syslogd(8), system logging

56
postfix/html/postconf.5.html
View File

@ -3075,9 +3075,10 @@ into concurrency per domain. </p>
<DT><b><a name="local_header_rewrite_clients">local_header_rewrite_clients</a> <DT><b><a name="local_header_rewrite_clients">local_header_rewrite_clients</a>
(default: see "postconf -d" output)</b></DT><DD> (default: see "postconf -d" output)</b></DT><DD>
<p> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to incomplete <p> Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to message
message header addresses from these clients; append header addresses from these clients only; either don't rewrite
$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> for all other clients. </p> message headers from other clients at all, or append the domain
specified with the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter. </p>
<p> Specify a list of zero or more of the following: </p> <p> Specify a list of zero or more of the following: </p>
@ -3124,9 +3125,27 @@ for pop-before-smtp lookup tables. </dd>
<p> Examples: </p> <p> Examples: </p>
<p> The backwards compatible setting: always rewrite message headers,
and always append my own domain to incomplete header addresses. </p>
<pre> <pre>
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all <a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = static:all
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> </pre>
<p> The default setting: rewrite headers and append my own domain
only with mail from local or authorized clients. </p>
<pre>
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
<a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
</pre>
<p> Include clients that are pop-before-smtp authenticated: </p>
<pre>
<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
<a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a> <a href="postconf.5.html#permit_tls_clientcerts">permit_tls_clientcerts</a>
<a href="postconf.5.html#check_address_map">check_address_map</a> hash:/etc/postfix/pop-before-smtp
</pre> </pre>
@ -5046,13 +5065,28 @@ Examples:
</DD> </DD>
<DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a> <DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
(default: domain.invalid)</b></DT><DD> (default: empty)</b></DT><DD>
<p> Append this domain name to incomplete message header addresses <p> Don't rewrite message headers from remote clients at all when
from remote clients; when this domain name is empty, don't rewrite this parameter is empty; otherwise, rewrite remote message headers
remote message headers at all. Both stop Postfix from appending and append the specified domain name to incomplete addresses. </p>
your own domain to addresses in spam from poorly written software.
</p> <p> Examples: </p>
<p> The safe setting: append "domain.invalid" to incomplete header
addresses from remote SMTP clients, so that those addresses cannot
be confused with local addresses. </p>
<pre>
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> = domain.invalid
</pre>
<p> The default, purist, setting: don't rewrite headers from remote
clients at all. </p>
<pre>
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> =
</pre>
</DD> </DD>

13
postfix/html/proxymap.8.html
View File

@ -88,8 +88,8 @@ PROXYMAP(8) PROXYMAP(8)
latency lookups. latency lookups.
<b>CONFIGURATION PARAMETERS</b> <b>CONFIGURATION PARAMETERS</b>
On busy mail systems a long time may pass before prox- On busy mail systems a long time may pass before <a href="proxymap.8.html">prox-</a>
ymap(8) relevant changes to <b>main.cf</b> are picked up. Use the <a href="proxymap.8.html">ymap(8)</a> relevant changes to <b>main.cf</b> are picked up. Use the
command "<b>postfix reload</b>" to speed up a change. command "<b>postfix reload</b>" to speed up a change.
The text below provides only a parameter summary. See The text below provides only a parameter summary. See
@ -129,8 +129,15 @@ PROXYMAP(8) PROXYMAP(8)
The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is The lookup tables that the <a href="proxymap.8.html">proxymap(8)</a> server is
allowed to access. allowed to access.
<b>SEE ALSO</b>
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="master.5.html">master(5)</a>, generic daemon options
<b>README FILES</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>HISTORY</b> <b>HISTORY</b>

399
postfix/html/smtpd.8.html
View File

@ -112,37 +112,38 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (see 'postconf -d' output)</b>
Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to Append the domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a> to
incomplete message header addresses from these message header addresses from these clients only;
clients; append $<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> for either don't rewrite message headers from other
all other clients. clients at all, or append the domain specified with
the <a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (domain.invalid)</b> <b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Append this domain name to incomplete message Don't rewrite message headers from remote clients
header addresses from remote clients; when this at all when this parameter is empty; otherwise,
domain name is empty, don't rewrite remote message rewrite remote message headers and append the spec-
headers at all. ified domain name to incomplete addresses.
<b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b> <b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
As of version 1.0, Postfix can be configured to send new As of version 1.0, Postfix can be configured to send new
mail to an external content filter AFTER the mail is mail to an external content filter AFTER the mail is
queued. This content filter is expected to inject mail queued. This content filter is expected to inject mail
back into a (Postfix or other) MTA for further delivery. back into a (Postfix or other) MTA for further delivery.
See the <a href="FILTER_README.html">FILTER_README</a> document for details. See the <a href="FILTER_README.html">FILTER_README</a> document for details.
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b> <b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
The name of a mail delivery transport that filters The name of a mail delivery transport that filters
mail after it is queued. mail after it is queued.
<b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b> <b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
As of version 2.1, the Postfix SMTP server can be config- As of version 2.1, the Postfix SMTP server can be config-
ured to send incoming mail to a real-time SMTP-based con- ured to send incoming mail to a real-time SMTP-based con-
tent filter BEFORE mail is queued. This content filter is tent filter BEFORE mail is queued. This content filter is
expected to inject mail back into Postfix. See the expected to inject mail back into Postfix. See the
<a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config- <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
ure and operate this feature. ure and operate this feature.
<b><a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a> (empty)</b> <b><a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a> (empty)</b>
The hostname and TCP port of the mail filtering The hostname and TCP port of the mail filtering
proxy server. proxy server.
<b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> <b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
@ -154,42 +155,42 @@ SMTPD(8) SMTPD(8)
for sending or receiving information. for sending or receiving information.
<b>GENERAL CONTENT INSPECTION CONTROLS</b> <b>GENERAL CONTENT INSPECTION CONTROLS</b>
The following parameters are applicable for both built-in The following parameters are applicable for both built-in
and external content filters. and external content filters.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b> <b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
Enable or disable recipient validation, built-in Enable or disable recipient validation, built-in
content filtering, or address mapping. content filtering, or address mapping.
<b>EXTERNAL CONTENT INSPECTION CONTROLS</b> <b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
The following parameters are applicable for both before- The following parameters are applicable for both before-
queue and after-queue content filtering. queue and after-queue content filtering.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b> <b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b>
What SMTP clients are allowed to use the XFORWARD What SMTP clients are allowed to use the XFORWARD
feature. feature.
<b>SASL AUTHENTICATION CONTROLS</b> <b>SASL AUTHENTICATION CONTROLS</b>
Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti- Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti-
cate remote SMTP clients to the Postfix SMTP server, and cate remote SMTP clients to the Postfix SMTP server, and
to authenticate the Postfix SMTP client to a remote SMTP to authenticate the Postfix SMTP client to a remote SMTP
server. See the <a href="SASL_README.html">SASL_README</a> document for details. server. See the <a href="SASL_README.html">SASL_README</a> document for details.
<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b> <b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b>
Enable inter-operability with SMTP clients that Enable inter-operability with SMTP clients that
implement an obsolete version of the AUTH command implement an obsolete version of the AUTH command
(<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>). (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>).
<b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b> <b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b>
Enable SASL authentication in the Postfix SMTP Enable SASL authentication in the Postfix SMTP
server. server.
<b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a> (smtpd)</b> <b><a href="postconf.5.html#smtpd_sasl_application_name">smtpd_sasl_application_name</a> (smtpd)</b>
The application name used for SASL server initial- The application name used for SASL server initial-
ization. ization.
<b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b> <b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b>
@ -200,69 +201,69 @@ SMTPD(8) SMTPD(8)
SMTP server will offer to the client. SMTP server will offer to the client.
<b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b> <b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b>
Optional lookup table with the SASL login names Optional lookup table with the SASL login names
that own sender (MAIL FROM) addresses. that own sender (MAIL FROM) addresses.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b> <b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b>
What SMTP clients Postfix will not offer AUTH sup- What SMTP clients Postfix will not offer AUTH sup-
port to. port to.
<b>VERP SUPPORT CONTROLS</b> <b>VERP SUPPORT CONTROLS</b>
With VERP style delivery, each recipient of a message With VERP style delivery, each recipient of a message
receives a customized copy of the message with his/her own receives a customized copy of the message with his/her own
recipient address encoded in the envelope sender address. recipient address encoded in the envelope sender address.
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
details of Postfix support for variable envelope return details of Postfix support for variable envelope return
path addresses. VERP style delivery is requested with the path addresses. VERP style delivery is requested with the
SMTP XVERP command or with the "sendmail -V" command-line SMTP XVERP command or with the "sendmail -V" command-line
option and is available in Postfix version 1.1 and later. option and is available in Postfix version 1.1 and later.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b> <b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters. The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b> <b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
The characters Postfix accepts as VERP delimiter The characters Postfix accepts as VERP delimiter
characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line characters on the Postfix <a href="sendmail.1.html">sendmail(1)</a> command line
and in SMTP commands. and in SMTP commands.
Available in Postfix version 1.1 and 2.0: Available in Postfix version 1.1 and 2.0:
<b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b> <b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
What SMTP clients are allowed to specify the XVERP What SMTP clients are allowed to specify the XVERP
command. command.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b> <b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b>
What SMTP clients are allowed to specify the XVERP What SMTP clients are allowed to specify the XVERP
command. command.
<b>TROUBLE SHOOTING CONTROLS</b> <b>TROUBLE SHOOTING CONTROLS</b>
The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of
the Postfix mail system. The methods vary from making the the Postfix mail system. The methods vary from making the
software log a lot of detail, to running some daemon pro- software log a lot of detail, to running some daemon pro-
cesses under control of a call tracer or debugger. cesses under control of a call tracer or debugger.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b> <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
The increment in verbose logging level when a The increment in verbose logging level when a
remote client or server matches a pattern in the remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter. <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b> <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
Optional list of remote client or server hostname Optional list of remote client or server hostname
or network address patterns that cause the verbose or network address patterns that cause the verbose
logging level to increase by the amount specified logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>. in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b> <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
The recipient of postmaster notifications about The recipient of postmaster notifications about
mail delivery problems that are caused by policy, mail delivery problems that are caused by policy,
resource, software or protocol errors. resource, software or protocol errors.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b> <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
The list of error classes that are reported to the The list of error classes that are reported to the
postmaster. postmaster.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b> <b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
@ -272,22 +273,22 @@ SMTPD(8) SMTPD(8)
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> (empty)</b> <b><a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> (empty)</b>
What SMTP clients are allowed to use the XCLIENT What SMTP clients are allowed to use the XCLIENT
feature. feature.
<b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b> <b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b>
As of Postfix version 2.0, the SMTP server rejects mail As of Postfix version 2.0, the SMTP server rejects mail
for unknown recipients. This prevents the mail queue from for unknown recipients. This prevents the mail queue from
clogging up with undeliverable MAILER-DAEMON messages. clogging up with undeliverable MAILER-DAEMON messages.
Additional information on this topic is in the Additional information on this topic is in the
<a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents. <a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents.
<b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b> <b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b>
Display the name of the recipient table in the Display the name of the recipient table in the
"User unknown" responses. "User unknown" responses.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b> <b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for message Optional address mapping lookup tables for message
headers and envelopes. headers and envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b> <b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
@ -298,7 +299,7 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, local-</b> <b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, local-</b>
<b>host)</b> <b>host)</b>
The list of domains that are delivered via the The list of domains that are delivered via the
$<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport. $<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b> <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
@ -307,185 +308,185 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b> <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail sys- The network interface addresses that this mail sys-
tem receives mail on by way of a proxy or network tem receives mail on by way of a proxy or network
address translation unit. address translation unit.
<b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> (<a href="proxymap.8.html">proxy</a>:unix:passwd.byname</b> <b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> (<a href="proxymap.8.html">proxy</a>:unix:passwd.byname</b>
<b>$<a href="postconf.5.html#alias_maps">alias_maps</a>)</b> <b>$<a href="postconf.5.html#alias_maps">alias_maps</a>)</b>
Lookup tables with all names or addresses of local Lookup tables with all names or addresses of local
recipients: a recipient address is local when its recipients: a recipient address is local when its
domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
<b><a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> (550)</b> <b><a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> (550)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a recipient address is local, and when a recipient address is local, and
$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup
tables that does not match the recipient. tables that does not match the recipient.
Parameters concerning known/unknown recipients of relay Parameters concerning known/unknown recipients of relay
destinations: destinations:
<b><a href="postconf.5.html#relay_domains">relay_domains</a> ($<a href="postconf.5.html#mydestination">mydestination</a>)</b> <b><a href="postconf.5.html#relay_domains">relay_domains</a> ($<a href="postconf.5.html#mydestination">mydestination</a>)</b>
What destination domains (and subdomains thereof) What destination domains (and subdomains thereof)
this system will relay mail to. this system will relay mail to.
<b><a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> (empty)</b> <b><a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> (empty)</b>
Optional lookup tables with all valid addresses in Optional lookup tables with all valid addresses in
the domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a>. the domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a>.
<b><a href="postconf.5.html#unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a> (550)</b> <b><a href="postconf.5.html#unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a> (550)</b>
The numerical Postfix SMTP server reply code when a The numerical Postfix SMTP server reply code when a
recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and
<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup
tables that does not match the recipient address. tables that does not match the recipient address.
Parameters concerning known/unknown recipients in virtual Parameters concerning known/unknown recipients in virtual
alias domains: alias domains:
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b> <b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
Postfix is final destination for the specified list Postfix is final destination for the specified list
of virtual alias domains, that is, domains for of virtual alias domains, that is, domains for
which all addresses are aliased to addresses in which all addresses are aliased to addresses in
other local or remote domains. other local or remote domains.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b> <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
Optional lookup tables that alias specific mail Optional lookup tables that alias specific mail
addresses or domains to other local or remote addresses or domains to other local or remote
address. address.
<b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b> <b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b>
The SMTP server reply code when a recipient address The SMTP server reply code when a recipient address
matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>- matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>-
<a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables <a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables
that does not match the recipient address. that does not match the recipient address.
Parameters concerning known/unknown recipients in virtual Parameters concerning known/unknown recipients in virtual
mailbox domains: mailbox domains:
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b> <b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
Postfix is final destination for the specified list Postfix is final destination for the specified list
of domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>- of domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
<a href="postconf.5.html#virtual_transport">tual_transport</a> mail delivery transport. <a href="postconf.5.html#virtual_transport">tual_transport</a> mail delivery transport.
<b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b> <b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
Optional lookup tables with all valid addresses in Optional lookup tables with all valid addresses in
the domains that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>. the domains that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
<b><a href="postconf.5.html#unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a> (550)</b> <b><a href="postconf.5.html#unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a> (550)</b>
The SMTP server reply code when a recipient address The SMTP server reply code when a recipient address
matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>- matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
<a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a> specifies a list of lookup tables <a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a> specifies a list of lookup tables
that does not match the recipient address. that does not match the recipient address.
<b>RESOURCE AND RATE CONTROLS</b> <b>RESOURCE AND RATE CONTROLS</b>
The following parameters limit resource usage by the SMTP The following parameters limit resource usage by the SMTP
server and/or control client request rates. server and/or control client request rates.
<b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b> <b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b>
Upon input, long lines are chopped up into pieces Upon input, long lines are chopped up into pieces
of at most this length; upon delivery, long lines of at most this length; upon delivery, long lines
are reconstructed. are reconstructed.
<b><a href="postconf.5.html#queue_minfree">queue_minfree</a> (0)</b> <b><a href="postconf.5.html#queue_minfree">queue_minfree</a> (0)</b>
The minimal amount of free space in bytes in the The minimal amount of free space in bytes in the
queue file system that is needed to receive mail. queue file system that is needed to receive mail.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b> <b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
The maximal size in bytes of a message, including The maximal size in bytes of a message, including
envelope information. envelope information.
<b><a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a> (1000)</b> <b><a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a> (1000)</b>
The maximal number of recipients that the Postfix The maximal number of recipients that the Postfix
SMTP server accepts per message delivery request. SMTP server accepts per message delivery request.
<b><a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> (300s)</b> <b><a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> (300s)</b>
The time limit for sending a Postfix SMTP server The time limit for sending a Postfix SMTP server
response and for receiving a remote SMTP client response and for receiving a remote SMTP client
request. request.
<b><a href="postconf.5.html#smtpd_history_flush_threshold">smtpd_history_flush_threshold</a> (100)</b> <b><a href="postconf.5.html#smtpd_history_flush_threshold">smtpd_history_flush_threshold</a> (100)</b>
The maximal number of lines in the Postfix SMTP The maximal number of lines in the Postfix SMTP
server command history before it is flushed upon server command history before it is flushed upon
receipt of EHLO, RSET, or end of DATA. receipt of EHLO, RSET, or end of DATA.
The per SMTP client connection count and request rate lim- The per SMTP client connection count and request rate lim-
its are implemented in co-operation with the <a href="anvil.8.html">anvil(8)</a> ser- its are implemented in co-operation with the <a href="anvil.8.html">anvil(8)</a> ser-
vice, and are available in Postfix version 2.2 and later. vice, and are available in Postfix version 2.2 and later.
<b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b> <b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b>
How many simultaneous connections any client is How many simultaneous connections any client is
allowed to make to this service. allowed to make to this service.
<b><a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (0)</b> <b><a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (0)</b>
The maximal number of connection attempts any The maximal number of connection attempts any
client is allowed to make to this service per time client is allowed to make to this service per time
unit. unit.
<b><a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (0)</b> <b><a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (0)</b>
The maximal number of message delivery requests The maximal number of message delivery requests
that any client is allowed to make to this service that any client is allowed to make to this service
per time unit, regardless of whether or not Postfix per time unit, regardless of whether or not Postfix
actually accepts those messages. actually accepts those messages.
<b><a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (0)</b> <b><a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (0)</b>
The maximal number of recipient addresses that any The maximal number of recipient addresses that any
client is allowed to send to this service per time client is allowed to send to this service per time
unit, regardless of whether or not Postfix actually unit, regardless of whether or not Postfix actually
accepts those recipients. accepts those recipients.
<b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b> <b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
Clients that are excluded from connection count, Clients that are excluded from connection count,
connection rate, message rate or recipient rate connection rate, message rate or recipient rate
restrictions. restrictions.
<b>TARPIT CONTROLS</b> <b>TARPIT CONTROLS</b>
When a remote SMTP client makes errors, the Postfix SMTP When a remote SMTP client makes errors, the Postfix SMTP
server can insert delays before responding. This can help server can insert delays before responding. This can help
to slow down run-away software. The behavior is con- to slow down run-away software. The behavior is con-
trolled by an error counter that counts the number of trolled by an error counter that counts the number of
errors within an SMTP session that a client makes without errors within an SMTP session that a client makes without
delivering mail. delivering mail.
<b><a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> (1s)</b> <b><a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> (1s)</b>
With Postfix 2.1 and later: the SMTP server With Postfix 2.1 and later: the SMTP server
response delay after a client has made more than response delay after a client has made more than
$<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than
$<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering
mail. mail.
<b><a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> (10)</b> <b><a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> (10)</b>
The number of errors a remote SMTP client is The number of errors a remote SMTP client is
allowed to make without delivering mail before the allowed to make without delivering mail before the
Postfix SMTP server slows down all its responses. Postfix SMTP server slows down all its responses.
<b><a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> (20)</b> <b><a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> (20)</b>
The maximal number of errors a remote SMTP client The maximal number of errors a remote SMTP client
is allowed to make without delivering mail. is allowed to make without delivering mail.
<b><a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> (100)</b> <b><a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> (100)</b>
The number of junk commands (NOOP, VRFY, ETRN or The number of junk commands (NOOP, VRFY, ETRN or
RSET) that a remote SMTP client can send before the RSET) that a remote SMTP client can send before the
Postfix SMTP server starts to increment the error Postfix SMTP server starts to increment the error
counter with each junk command. counter with each junk command.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b> <b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
The number of recipients that a remote SMTP client The number of recipients that a remote SMTP client
can send in excess of the limit specified with can send in excess of the limit specified with
$<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before the Postfix SMTP $<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before the Postfix SMTP
server increments the per-session error count for server increments the per-session error count for
each excess recipient. each excess recipient.
<b>ACCESS POLICY DELEGATION CONTROLS</b> <b>ACCESS POLICY DELEGATION CONTROLS</b>
As of version 2.1, Postfix can be configured to delegate As of version 2.1, Postfix can be configured to delegate
access policy decisions to an external server that runs access policy decisions to an external server that runs
outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
more information. more information.
<b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b> <b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
The time after which an idle SMTPD policy service The time after which an idle SMTPD policy service
connection is closed. connection is closed.
<b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b> <b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b>
@ -493,154 +494,154 @@ SMTPD(8) SMTPD(8)
connection is closed. connection is closed.
<b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b> <b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
The time limit for connecting to, writing to or The time limit for connecting to, writing to or
receiving from a delegated SMTPD policy server. receiving from a delegated SMTPD policy server.
<b>ACCESS CONTROLS</b> <b>ACCESS CONTROLS</b>
The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
all the SMTP server access control features. all the SMTP server access control features.
<b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b> <b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b>
Wait until the RCPT TO command before evaluating Wait until the RCPT TO command before evaluating
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $smtpd_helo_restric- $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $smtpd_helo_restric-
tions and $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until tions and $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until
the ETRN command before evaluating the ETRN command before evaluating
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $smtpd_helo_restric- $<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $smtpd_helo_restric-
tions. tions.
<b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b> <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b>
<b>put)</b> <b>put)</b>
What Postfix features match subdomains of What Postfix features match subdomains of
"domain.tld" automatically, instead of requiring an "domain.tld" automatically, instead of requiring an
explicit ".domain.tld" pattern. explicit ".domain.tld" pattern.
<b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b> <b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b>
Optional SMTP server access restrictions in the Optional SMTP server access restrictions in the
context of a client SMTP connection request. context of a client SMTP connection request.
<b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b> <b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b>
Require that a remote SMTP client introduces itself Require that a remote SMTP client introduces itself
at the beginning of an SMTP session with the HELO at the beginning of an SMTP session with the HELO
or EHLO command. or EHLO command.
<b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b> <b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server Optional restrictions that the Postfix SMTP server
applies in the context of the SMTP HELO command. applies in the context of the SMTP HELO command.
<b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b> <b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b>
Optional restrictions that the Postfix SMTP server Optional restrictions that the Postfix SMTP server
applies in the context of the MAIL FROM command. applies in the context of the MAIL FROM command.
<b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,</b> <b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,</b>
<b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b> <b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b>
The access restrictions that the Postfix SMTP The access restrictions that the Postfix SMTP
server applies in the context of the RCPT TO com- server applies in the context of the RCPT TO com-
mand. mand.
<b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b> <b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b>
Optional SMTP server access restrictions in the Optional SMTP server access restrictions in the
context of a client ETRN request. context of a client ETRN request.
<b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b> <b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b>
Forward mail with sender-specified routing Forward mail with sender-specified routing
(user[@%!]remote[@%!]site) from untrusted clients (user[@%!]remote[@%!]site) from untrusted clients
to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>. to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
<b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b> <b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b>
User-defined aliases for groups of access restric- User-defined aliases for groups of access restric-
tions. tions.
<b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b>&lt;&gt;<b>)</b> <b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b>&lt;&gt;<b>)</b>
The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables The lookup key to be used in SMTP <a href="access.5.html">access(5)</a> tables
instead of the null sender address. instead of the null sender address.
<b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b> <b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP
access feature to only domains whose primary MX access feature to only domains whose primary MX
hosts match the listed networks. hosts match the listed networks.
Available in Postfix version 2.0 and later: Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b> <b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b>
Optional access restrictions that the Postfix SMTP Optional access restrictions that the Postfix SMTP
server applies in the context of the SMTP DATA com- server applies in the context of the SMTP DATA com-
mand. mand.
<b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b>
What characters are allowed in $name expansions of What characters are allowed in $name expansions of
RBL reply templates. RBL reply templates.
Available in Postfix version 2.1 and later: Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b> <b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b>
Request that the Postfix SMTP server rejects mail Request that the Postfix SMTP server rejects mail
from unknown sender addresses, even when no from unknown sender addresses, even when no
explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
is specified. is specified.
<b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b> <b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b>
Request that the Postfix SMTP server rejects mail Request that the Postfix SMTP server rejects mail
for unknown recipient addresses, even when no for unknown recipient addresses, even when no
explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric- explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
tion is specified. tion is specified.
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b> <b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
Postfix version 2.1 introduces sender and recipient Postfix version 2.1 introduces sender and recipient
address verification. This feature is implemented by address verification. This feature is implemented by
sending probe email messages that are not actually deliv- sending probe email messages that are not actually deliv-
ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>- ered. This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access <a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
restrictions. The status of verification probes is main- restrictions. The status of verification probes is main-
tained by the <a href="verify.8.html">verify(8)</a> server. See the file ADDRESS_VER- tained by the <a href="verify.8.html">verify(8)</a> server. See the file ADDRESS_VER-
<a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure <a href="IFICATION_README.html">IFICATION_README</a> for information about how to configure
and operate the Postfix sender/recipient address verifica- and operate the Postfix sender/recipient address verifica-
tion service. tion service.
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b> <b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
How many times to query the <a href="verify.8.html">verify(8)</a> service for How many times to query the <a href="verify.8.html">verify(8)</a> service for
the completion of an address verification request the completion of an address verification request
in progress. in progress.
<b><a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> (3s)</b> <b><a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> (3s)</b>
The delay between queries for the completion of an The delay between queries for the completion of an
address verification request in progress. address verification request in progress.
<b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> (postmaster)</b> <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> (postmaster)</b>
The sender address to use in address verification The sender address to use in address verification
probes. probes.
<b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b> <b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a recipient address is rejected by the when a recipient address is rejected by the
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction. <a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
<b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b> <b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b>
The numerical Postfix SMTP server response when a The numerical Postfix SMTP server response when a
recipient address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unveri</a>- recipient address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_recipient">fied_recipient</a> restriction. <a href="postconf.5.html#reject_unverified_recipient">fied_recipient</a> restriction.
<b>ACCESS CONTROL RESPONSES</b> <b>ACCESS CONTROL RESPONSES</b>
The following parameters control numerical SMTP reply The following parameters control numerical SMTP reply
codes and/or text responses. codes and/or text responses.
<b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b> <b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a client is rejected by an <a href="access.5.html">access(5)</a> map when a client is rejected by an <a href="access.5.html">access(5)</a> map
restriction. restriction.
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b> <b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a remote SMTP client request is rejected by when a remote SMTP client request is rejected by
the "defer" restriction. the "defer" restriction.
<b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b> <b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when the client HELO or EHLO command parameter is when the client HELO or EHLO command parameter is
rejected by the <a href="postconf.5.html#reject_invalid_hostname">reject_invalid_hostname</a> restric- rejected by the <a href="postconf.5.html#reject_invalid_hostname">reject_invalid_hostname</a> restric-
tion. tion.
<b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b> <b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>, <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a> <a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a>
@ -648,47 +649,47 @@ SMTPD(8) SMTPD(8)
<b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b> <b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b>
The numerical Postfix SMTP server reply code when a The numerical Postfix SMTP server reply code when a
client request is rejected by the client request is rejected by the
<a href="postconf.5.html#reject_non_fqdn_hostname">reject_non_fqdn_hostname</a>, <a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or <a href="postconf.5.html#reject_non_fqdn_hostname">reject_non_fqdn_hostname</a>, <a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or
<a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction. <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a> restriction.
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b> <b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a remote SMTP client request is rejected by when a remote SMTP client request is rejected by
the "<b>reject</b>" restriction. the "<b>reject</b>" restriction.
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b> <b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a client request is rejected by the when a client request is rejected by the
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient restriction. <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient restriction.
<b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b> <b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a sender or recipient address is rejected by when a sender or recipient address is rejected by
the <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or the <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or
<a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> restriction. <a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> restriction.
<b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b> <b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a client without valid address &lt;=&gt; name map- when a client without valid address &lt;=&gt; name map-
ping is rejected by the <a href="postconf.5.html#reject_unknown_client">reject_unknown_client</a> ping is rejected by the <a href="postconf.5.html#reject_unknown_client">reject_unknown_client</a>
restriction. restriction.
<b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b> <b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when the hostname specified with the HELO or EHLO when the hostname specified with the HELO or EHLO
command is rejected by the <a href="postconf.5.html#reject_unknown_hostname">reject_unknown_hostname</a> command is rejected by the <a href="postconf.5.html#reject_unknown_hostname">reject_unknown_hostname</a>
restriction. restriction.
Available in Postfix version 2.0 and later: Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b>
The default SMTP server response template for a The default SMTP server response template for a
request that is rejected by an RBL-based restric- request that is rejected by an RBL-based restric-
tion. tion.
<b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b> <b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b>
The numerical Postfix SMTP server response code The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a> restriction. <a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a> restriction.
@ -697,16 +698,16 @@ SMTPD(8) SMTPD(8)
<b>MISCELLANEOUS CONTROLS</b> <b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
The default location of the Postfix main.cf and The default location of the Postfix main.cf and
master.cf configuration files. master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b> <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
How much time a Postfix daemon process may take to How much time a Postfix daemon process may take to
handle a request before it is terminated by a handle a request before it is terminated by a
built-in watchdog timer. built-in watchdog timer.
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
The location of all postfix administrative com- The location of all postfix administrative com-
mands. mands.
<b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b> <b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b>
@ -727,36 +728,36 @@ SMTPD(8) SMTPD(8)
and most Postfix daemon processes. and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b> <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
The maximum amount of time that an idle Postfix The maximum amount of time that an idle Postfix
daemon process waits for the next service request daemon process waits for the next service request
before exiting. before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b> <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The maximal number of connection requests before a The maximal number of connection requests before a
Postfix daemon process terminates. Postfix daemon process terminates.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
The internet hostname of this mail system. The internet hostname of this mail system.
<b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
The list of "trusted" SMTP clients that have more The list of "trusted" SMTP clients that have more
privileges than "strangers". privileges than "strangers".
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b> <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to The domain name that locally-posted mail appears to
come from, and that locally posted mail is deliv- come from, and that locally posted mail is deliv-
ered to. ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b> <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
The process ID of a Postfix command or daemon pro- The process ID of a Postfix command or daemon pro-
cess. cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b> <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
The process name of a Postfix command or daemon The process name of a Postfix command or daemon
process. process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b> <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix top-level queue direc- The location of the Postfix top-level queue direc-
tory. tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b> <b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
@ -764,14 +765,14 @@ SMTPD(8) SMTPD(8)
sions (user+foo). sions (user+foo).
<b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b> <b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
The text that follows the 220 status code in the The text that follows the 220 status code in the
SMTP greeting banner. SMTP greeting banner.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b> <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging. The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b> <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
The mail system name that is prepended to the pro- The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd" cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd". becomes, for example, "postfix/smtpd".
@ -797,7 +798,7 @@ SMTPD(8) SMTPD(8)
<a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension <a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
<b>LICENSE</b> <b>LICENSE</b>
The Secure Mailer license must be distributed with this The Secure Mailer license must be distributed with this
software. software.
<b>AUTHOR(S)</b> <b>AUTHOR(S)</b>

16
postfix/html/trivial-rewrite.8.html
View File

@ -21,17 +21,14 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
Rewrite an address to standard form, according to Rewrite an address to standard form, according to
the address rewriting context: the address rewriting context:
<b>local</b> <b>local</b> Append the domain names specified with <b>$<a href="postconf.5.html#myorigin">myo</a>-</b>
<b>none</b> Append the domain names specified with <b>$<a href="postconf.5.html#myorigin">myo</a>-</b>
<b><a href="postconf.5.html#myorigin">rigin</a></b> or <b>$<a href="postconf.5.html#mydomain">mydomain</a></b> to incomplete addresses; <b><a href="postconf.5.html#myorigin">rigin</a></b> or <b>$<a href="postconf.5.html#mydomain">mydomain</a></b> to incomplete addresses;
do <b><a href="postconf.5.html#swap_bangpath">swap_bangpath</a></b> and <b><a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a></b> pro- do <b><a href="postconf.5.html#swap_bangpath">swap_bangpath</a></b> and <b><a href="postconf.5.html#allow_percent_hack">allow_percent_hack</a></b> pro-
cessing as described below, and strip source cessing as described below, and strip source
routed addresses (<i>@site,@site:user@domain</i>) routed addresses (<i>@site,@site:user@domain</i>)
to <i>user@domain</i> form. to <i>user@domain</i> form.
<b>invalid</b> <b>remote</b> Append the domain name specified with
Append the domain name specified with
<b>$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a></b> to incomplete <b>$<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a></b> to incomplete
addresses. Otherwise the result is identical addresses. Otherwise the result is identical
to that of the <b>local</b> address rewriting con- to that of the <b>local</b> address rewriting con-
@ -135,10 +132,11 @@ TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
Available in Postfix 2.2 and later: Available in Postfix 2.2 and later:
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (domain.invalid)</b> <b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
Append this domain to incomplete message header Don't rewrite message headers from remote clients
addresses from remote clients; when the domain is at all when this parameter is empty; otherwise,
empty, don't rewrite remote message headers at all. rewrite remote message headers and append the spec-
ified domain name to incomplete addresses.
<b>ROUTING CONTROLS</b> <b>ROUTING CONTROLS</b>
The following is applicable to Postfix version 2.0 and The following is applicable to Postfix version 2.0 and

71
postfix/man/man5/postconf.5
View File

@ -1561,9 +1561,10 @@ Setting this parameter to a value > 1 changes the meaning of
local_destination_concurrency_limit from concurrency per recipient local_destination_concurrency_limit from concurrency per recipient
into concurrency per domain. into concurrency per domain.
.SH local_header_rewrite_clients (default: see "postconf -d" output) .SH local_header_rewrite_clients (default: see "postconf -d" output)
Append the domain name in $myorigin or $mydomain to incomplete Append the domain name in $myorigin or $mydomain to message
message header addresses from these clients; append header addresses from these clients only; either don't rewrite
$remote_header_rewrite_domain for all other clients. message headers from other clients at all, or append the domain
specified with the remote_header_rewrite_domain parameter.
.PP .PP
Specify a list of zero or more of the following: Specify a list of zero or more of the following:
.IP "\fB permit_mynetworks \fR" .IP "\fB permit_mynetworks \fR"
@ -1595,11 +1596,37 @@ for pop-before-smtp lookup tables.
.PP .PP
Examples: Examples:
.PP .PP
The backwards compatible setting: always rewrite message headers,
and always append my own domain to incomplete header addresses.
.PP
.nf .nf
.na .na
.ft C .ft C
local_header_rewrite_clients = static:all local_header_rewrite_clients = static:all
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated .fi
.ad
.ft R
.PP
The default setting: rewrite headers and append my own domain
only with mail from local or authorized clients.
.PP
.nf
.na
.ft C
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated permit_tls_clientcerts
.fi
.ad
.ft R
.PP
Include clients that are pop-before-smtp authenticated:
.PP
.nf
.na
.ft C
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated permit_tls_clientcerts
check_address_map hash:/etc/postfix/pop-before-smtp
.fi .fi
.ad .ad
.ft R .ft R
@ -2676,11 +2703,35 @@ relocated_maps = hash:/etc/postfix/relocated
.fi .fi
.ad .ad
.ft R .ft R
.SH remote_header_rewrite_domain (default: domain.invalid) .SH remote_header_rewrite_domain (default: empty)
Append this domain name to incomplete message header addresses Don't rewrite message headers from remote clients at all when
from remote clients; when this domain name is empty, don't rewrite this parameter is empty; otherwise, rewrite remote message headers
remote message headers at all. Both stop Postfix from appending and append the specified domain name to incomplete addresses.
your own domain to addresses in spam from poorly written software. .PP
Examples:
.PP
The safe setting: append "domain.invalid" to incomplete header
addresses from remote SMTP clients, so that those addresses cannot
be confused with local addresses.
.PP
.nf
.na
.ft C
remote_header_rewrite_domain = domain.invalid
.fi
.ad
.ft R
.PP
The default, purist, setting: don't rewrite headers from remote
clients at all.
.PP
.nf
.na
.ft C
remote_header_rewrite_domain =
.fi
.ad
.ft R
.SH require_home_directory (default: no) .SH require_home_directory (default: no)
Whether or not a local(8) recipient's home directory must exist Whether or not a local(8) recipient's home directory must exist
before mail delivery is attempted. By default this test is disabled. before mail delivery is attempted. By default this test is disabled.

1
postfix/man/man8/anvil.8
View File

@ -215,6 +215,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
.nf .nf
smtpd(8), Postfix SMTP server smtpd(8), Postfix SMTP server
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
.SH "README FILES" .SH "README FILES"
.na .na
.nf .nf

1
postfix/man/man8/bounce.8
View File

@ -123,6 +123,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
.nf .nf
qmgr(8), queue manager qmgr(8), queue manager
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"

1
postfix/man/man8/cleanup.8
View File

@ -299,6 +299,7 @@ body_checks(5), body parts content inspection
canonical(5), canonical address lookup table format canonical(5), canonical address lookup table format
virtual(5), virtual alias lookup table format virtual(5), virtual alias lookup table format
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "README FILES" .SH "README FILES"

1
postfix/man/man8/discard.8
View File

@ -92,6 +92,7 @@ qmgr(8), queue manager
bounce(8), delivery status reports bounce(8), delivery status reports
error(8), Postfix error delivery agent error(8), Postfix error delivery agent
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"

1
postfix/man/man8/error.8
View File

@ -101,6 +101,7 @@ qmgr(8), queue manager
bounce(8), delivery status reports bounce(8), delivery status reports
discard(8), Postfix discard delivery agent discard(8), Postfix discard delivery agent
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"

1
postfix/man/man8/flush.8
View File

@ -136,6 +136,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
smtpd(8), SMTP server smtpd(8), SMTP server
qmgr(8), queue manager qmgr(8), queue manager
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "README FILES" .SH "README FILES"

7
postfix/man/man8/lmtp.8
View File

@ -181,9 +181,9 @@ The LMTP client time limit for sending the LMTP message content.
.IP "\fBlmtp_data_done_timeout (600s)\fR" .IP "\fBlmtp_data_done_timeout (600s)\fR"
The LMTP client time limit for sending the LMTP ".", and for The LMTP client time limit for sending the LMTP ".", and for
receiving the server response. receiving the server response.
.IP "\fBlmtp_rset_timeout (120s)\fR" .IP "\fBlmtp_rset_timeout (20s)\fR"
The LMTP client time limit for sending the RSET command, and for The LMTP client time limit for sending the RSET command, and
receiving the server response. for receiving the server response.
.IP "\fBlmtp_quit_timeout (300s)\fR" .IP "\fBlmtp_quit_timeout (300s)\fR"
The LMTP client time limit for sending the QUIT command, and for The LMTP client time limit for sending the QUIT command, and for
receiving the server response. receiving the server response.
@ -228,6 +228,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
bounce(8), delivery status reports bounce(8), delivery status reports
qmgr(8), queue manager qmgr(8), queue manager
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
services(4), Internet services and aliases services(4), Internet services and aliases
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging

1
postfix/man/man8/local.8
View File

@ -509,6 +509,7 @@ newaliases(1), create/update alias database
postalias(1), create/update alias database postalias(1), create/update alias database
aliases(5), format of alias database aliases(5), format of alias database
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"
.na .na

1
postfix/man/man8/oqmgr.8
View File

@ -287,6 +287,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
trivial-rewrite(8), address routing trivial-rewrite(8), address routing
bounce(8), delivery status reports bounce(8), delivery status reports
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8) system logging syslogd(8) system logging
.SH "README FILES" .SH "README FILES"

3
postfix/man/man8/pickup.8
View File

@ -67,7 +67,7 @@ The name of a mail delivery transport that filters mail after
it is queued. it is queued.
.IP "\fBreceive_override_options (empty)\fR" .IP "\fBreceive_override_options (empty)\fR"
Enable or disable recipient validation, built-in content Enable or disable recipient validation, built-in content
filtering, or address rewriting. filtering, or address mapping.
.SH "MISCELLANEOUS CONTROLS" .SH "MISCELLANEOUS CONTROLS"
.na .na
.nf .nf
@ -109,6 +109,7 @@ cleanup(8), message canonicalization
sendmail(1), Sendmail-compatible interface sendmail(1), Sendmail-compatible interface
postdrop(1), mail posting agent postdrop(1), mail posting agent
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"

1
postfix/man/man8/pipe.8
View File

@ -297,6 +297,7 @@ records, so that "smtpd" becomes, for example, "postfix/smtpd".
qmgr(8), queue manager qmgr(8), queue manager
bounce(8), delivery status reports bounce(8), delivery status reports
postconf(5), configuration parameters postconf(5), configuration parameters
master(5), generic daemon options
master(8), process manager master(8), process manager
syslogd(8), system logging syslogd(8), system logging
.SH "LICENSE" .SH "LICENSE"

15
postfix/man/man8/proxymap.8
View File

@ -122,6 +122,21 @@ The process ID of a Postfix command or daemon process.
The process name of a Postfix command or daemon process. The process name of a Postfix command or daemon process.
.IP "\fBproxy_read_maps (see 'postconf -d' output)\fR" .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
The lookup tables that the proxymap(8) server is allowed to access. The lookup tables that the proxymap(8) server is allowed to access.
.SH "SEE ALSO"
.na
.nf
postconf(5), configuration parameters
master(5), generic daemon options
.SH "README FILES"
.na
.nf
.ad
.fi
Use "\fBpostconf readme_directory\fR" or
"\fBpostconf html_directory\fR" to locate this information.
.na
.nf
DATABASE_README, Postfix lookup table overview
.SH "LICENSE" .SH "LICENSE"
.na .na
.nf .nf

15
postfix/man/man8/smtpd.8
View File

@ -113,13 +113,14 @@ filtering, or address mapping.
.PP .PP
Available in Postfix version 2.2 and later: Available in Postfix version 2.2 and later:
.IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR" .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR"
Append the domain name in $myorigin or $mydomain to incomplete Append the domain name in $myorigin or $mydomain to message
message header addresses from these clients; append header addresses from these clients only; either don't rewrite
$remote_header_rewrite_domain for all other clients. message headers from other clients at all, or append the domain
.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" specified with the remote_header_rewrite_domain parameter.
Append this domain name to incomplete message header addresses .IP "\fBremote_header_rewrite_domain (empty)\fR"
from remote clients; when this domain name is empty, don't rewrite Don't rewrite message headers from remote clients at all when
remote message headers at all. this parameter is empty; otherwise, rewrite remote message headers
and append the specified domain name to incomplete addresses.
.SH "AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS" .SH "AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS"
.na .na
.nf .nf

11
postfix/man/man8/trivial-rewrite.8
View File

@ -19,13 +19,12 @@ Rewrite an address to standard form, according to the
address rewriting context: address rewriting context:
.RS .RS
.IP \fBlocal\fR .IP \fBlocal\fR
.IP \fBnone\fR
Append the domain names specified with \fB$myorigin\fR or Append the domain names specified with \fB$myorigin\fR or
\fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR
and \fBallow_percent_hack\fR processing as described below, and and \fBallow_percent_hack\fR processing as described below, and
strip source routed addresses (\fI@site,@site:user@domain\fR) strip source routed addresses (\fI@site,@site:user@domain\fR)
to \fIuser@domain\fR form. to \fIuser@domain\fR form.
.IP \fBinvalid\fR .IP \fBremote\fR
Append the domain name specified with Append the domain name specified with
\fB$remote_header_rewrite_domain\fR to incomplete \fB$remote_header_rewrite_domain\fR to incomplete
addresses. Otherwise the result is identical to that of addresses. Otherwise the result is identical to that of
@ -127,10 +126,10 @@ The separator between user names and address extensions (user+foo).
Enable the rewriting of "site!user" into "user@site". Enable the rewriting of "site!user" into "user@site".
.PP .PP
Available in Postfix 2.2 and later: Available in Postfix 2.2 and later:
.IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" .IP "\fBremote_header_rewrite_domain (empty)\fR"
Append this domain to incomplete message header addresses from Don't rewrite message headers from remote clients at all when
remote clients; when the domain is empty, don't rewrite remote message this parameter is empty; otherwise, rewrite remote message headers
headers at all. and append the specified domain name to incomplete addresses.
.SH "ROUTING CONTROLS" .SH "ROUTING CONTROLS"
.na .na
.nf .nf

29
postfix/proto/ADDRESS_REWRITING_README.html
View File

@ -339,6 +339,12 @@ trivial-rewrite(8) daemon. The purpose of rewriting to standard
form is to reduce the number of entries needed in lookup tables. form is to reduce the number of entries needed in lookup tables.
</p> </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, unless a non-empty domain name is
specified with the remote_header_rewrite_domain configuration
parameter. The local_header_rewrite_clients parameter controls
what SMTP clients Postfix considers local. </p>
<p> The Postfix trivial-rewrite(8) daemon implements the following <p> The Postfix trivial-rewrite(8) daemon implements the following
hard-coded address manipulations: </p> hard-coded address manipulations: </p>
@ -377,6 +383,11 @@ parameter (default: yes). You should never turn off this feature,
because a lot of Postfix components expect that all addresses have because a lot of Postfix components expect that all addresses have
the form "user@domain". </p> the form "user@domain". </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, or they append the domain name
specified with the remote_header_rewrite_domain configuration
parameter. </p>
<p> If your machine is not the main machine for $myorigin and you <p> If your machine is not the main machine for $myorigin and you
wish to have some users delivered locally without going via that wish to have some users delivered locally without going via that
main machine, make an entry in the <a href="#virtual">virtual main machine, make an entry in the <a href="#virtual">virtual
@ -393,7 +404,11 @@ Rewrite "user@host" to "user@host.$mydomain" </dt>
parameter (default: yes). The purpose is to get consistent treatment parameter (default: yes). The purpose is to get consistent treatment
of different forms of the same hostname. </p> of different forms of the same hostname. </p>
<p> Some will argue that rewriting "host" to "host.$mydomain" <p> Postfix versions 2.2 and later do not rewrite message headers
from remote clients at all, or they append the domain name specified
with the remote_header_rewrite_domain configuration parameter. </p>
<p> Some will argue that rewriting "host" to "host.domain"
is bad. That is why it can be turned off. Others like the convenience is bad. That is why it can be turned off. Others like the convenience
of having the local domain appended automatically. </p> </dd> of having the local domain appended automatically. </p> </dd>
@ -414,6 +429,12 @@ addresses in message envelopes and in message headers. By default
all header and envelope addresses are rewritten; this is controlled all header and envelope addresses are rewritten; this is controlled
with the canonical_classes configuration parameter. </p> with the canonical_classes configuration parameter. </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote clients at all, unless a non-empty domain name is
specified with the remote_header_rewrite_domain configuration
parameter. The local_header_rewrite_clients parameter controls
what SMTP clients Postfix considers local. </p>
<p> Address rewriting is <p> Address rewriting is
done for local and remote addresses. The mapping is useful to done for local and remote addresses. The mapping is useful to
replace login names by "Firstname.Lastname" style addresses, or to replace login names by "Firstname.Lastname" style addresses, or to
@ -491,6 +512,12 @@ behind their mail gateway, and to make it appear as if the mail
comes from the gateway itself, instead of from individual machines. comes from the gateway itself, instead of from individual machines.
</p> </p>
<p> Postfix versions 2.2 and later do not rewrite message headers
from remote SMTP clients at all, unless a non-empty domain name is
specified with the remote_header_rewrite_domain configuration
parameter. The local_header_rewrite_clients parameter controls
what SMTP clients Postfix considers local. </p>
<p> Address masquerading is disabled by default, and is implemented <p> Address masquerading is disabled by default, and is implemented
by the cleanup(8) server. To enable, edit the masquerade_domains by the cleanup(8) server. To enable, edit the masquerade_domains
parameter in the main.cf file and specify one or more domain names parameter in the main.cf file and specify one or more domain names

56
postfix/proto/postconf.proto
View File

@ -7218,19 +7218,35 @@ is already bounded by $max_idle. </p>
session cache hit and miss rates for logical destinations and for session cache hit and miss rates for logical destinations and for
physical endpoints. </p> physical endpoints. </p>
%PARAM remote_header_rewrite_domain domain.invalid %PARAM remote_header_rewrite_domain
<p> Append this domain name to incomplete message header addresses <p> Don't rewrite message headers from remote clients at all when
from remote clients; when this domain name is empty, don't rewrite this parameter is empty; otherwise, rewrite remote message headers
remote message headers at all. Both stop Postfix from appending and append the specified domain name to incomplete addresses. </p>
your own domain to addresses in spam from poorly written software.
</p> <p> Examples: </p>
<p> The safe setting: append "domain.invalid" to incomplete header
addresses from remote SMTP clients, so that those addresses cannot
be confused with local addresses. </p>
<pre>
remote_header_rewrite_domain = domain.invalid
</pre>
<p> The default, purist, setting: don't rewrite headers from remote
clients at all. </p>
<pre>
remote_header_rewrite_domain =
</pre>
%PARAM local_header_rewrite_clients see "postconf -d" output %PARAM local_header_rewrite_clients see "postconf -d" output
<p> Append the domain name in $myorigin or $mydomain to incomplete <p> Append the domain name in $myorigin or $mydomain to message
message header addresses from these clients; append header addresses from these clients only; either don't rewrite
$remote_header_rewrite_domain for all other clients. </p> message headers from other clients at all, or append the domain
specified with the remote_header_rewrite_domain parameter. </p>
<p> Specify a list of zero or more of the following: </p> <p> Specify a list of zero or more of the following: </p>
@ -7277,7 +7293,25 @@ for pop-before-smtp lookup tables. </dd>
<p> Examples: </p> <p> Examples: </p>
<p> The backwards compatible setting: always rewrite message headers,
and always append my own domain to incomplete header addresses. </p>
<pre> <pre>
local_header_rewrite_clients = static:all local_header_rewrite_clients = static:all
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated </pre>
<p> The default setting: rewrite headers and append my own domain
only with mail from local or authorized clients. </p>
<pre>
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated permit_tls_clientcerts
</pre>
<p> Include clients that are pop-before-smtp authenticated: </p>
<pre>
local_header_rewrite_clients = permit_mynetworks,
permit_sasl_authenticated permit_tls_clientcerts
check_address_map hash:/etc/postfix/pop-before-smtp
</pre> </pre>

1
postfix/src/anvil/anvil.c
View File

@ -193,6 +193,7 @@
/* SEE ALSO /* SEE ALSO
/* smtpd(8), Postfix SMTP server /* smtpd(8), Postfix SMTP server
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* README FILES /* README FILES
/* .ad /* .ad
/* .fi /* .fi

1
postfix/src/bounce/bounce.c
View File

@ -107,6 +107,7 @@
/* SEE ALSO /* SEE ALSO
/* qmgr(8), queue manager /* qmgr(8), queue manager
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE

1
postfix/src/cleanup/cleanup.c
View File

@ -267,6 +267,7 @@
/* canonical(5), canonical address lookup table format /* canonical(5), canonical address lookup table format
/* virtual(5), virtual alias lookup table format /* virtual(5), virtual alias lookup table format
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* README FILES /* README FILES

1
postfix/src/discard/discard.c
View File

@ -76,6 +76,7 @@
/* bounce(8), delivery status reports /* bounce(8), delivery status reports
/* error(8), Postfix error delivery agent /* error(8), Postfix error delivery agent
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE

1
postfix/src/error/error.c
View File

@ -85,6 +85,7 @@
/* bounce(8), delivery status reports /* bounce(8), delivery status reports
/* discard(8), Postfix discard delivery agent /* discard(8), Postfix discard delivery agent
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE

1
postfix/src/flush/flush.c
View File

@ -118,6 +118,7 @@
/* smtpd(8), SMTP server /* smtpd(8), SMTP server
/* qmgr(8), queue manager /* qmgr(8), queue manager
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* README FILES /* README FILES

2
postfix/src/global/mail_params.h
View File

@ -2092,7 +2092,7 @@ extern char *var_anvil_service;
* What domain names to assume when no valid domain context exists. * What domain names to assume when no valid domain context exists.
*/ */
#define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain" #define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain"
#define DEF_REM_RWR_DOMAIN "domain.invalid" #define DEF_REM_RWR_DOMAIN ""
extern char *var_remote_rwr_domain; extern char *var_remote_rwr_domain;
#define CHECK_ADDR_MAP "check_address_map" #define CHECK_ADDR_MAP "check_address_map"

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change the patchlevel and the release date. Snapshots change the * Patches change the patchlevel and the release date. Snapshots change the
* release date only. * release date only.
*/ */
#define MAIL_RELEASE_DATE "20041021" #define MAIL_RELEASE_DATE "20041022"
#define MAIL_VERSION_NUMBER "2.2" #define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version" #define VAR_MAIL_VERSION "mail_version"

7
postfix/src/lmtp/lmtp.c
View File

@ -157,9 +157,9 @@
/* .IP "\fBlmtp_data_done_timeout (600s)\fR" /* .IP "\fBlmtp_data_done_timeout (600s)\fR"
/* The LMTP client time limit for sending the LMTP ".", and for /* The LMTP client time limit for sending the LMTP ".", and for
/* receiving the server response. /* receiving the server response.
/* .IP "\fBlmtp_rset_timeout (120s)\fR" /* .IP "\fBlmtp_rset_timeout (20s)\fR"
/* The LMTP client time limit for sending the RSET command, and for /* The LMTP client time limit for sending the RSET command, and
/* receiving the server response. /* for receiving the server response.
/* .IP "\fBlmtp_quit_timeout (300s)\fR" /* .IP "\fBlmtp_quit_timeout (300s)\fR"
/* The LMTP client time limit for sending the QUIT command, and for /* The LMTP client time limit for sending the QUIT command, and for
/* receiving the server response. /* receiving the server response.
@ -200,6 +200,7 @@
/* bounce(8), delivery status reports /* bounce(8), delivery status reports
/* qmgr(8), queue manager /* qmgr(8), queue manager
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* services(4), Internet services and aliases /* services(4), Internet services and aliases
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging

2
postfix/src/lmtp/lmtp_proto.c
View File

@ -425,7 +425,7 @@ static int lmtp_loop(LMTP_STATE *state, NOCLOBBER int send_state,
DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ? DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ?
XFORWARD_UNAVAILABLE : XFORWARD_UNAVAILABLE :
strcmp(request->rewrite_context, REWRITE_LOCAL) ? strcmp(request->rewrite_context, REWRITE_LOCAL) ?
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE); XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL );
next_state = LMTP_STATE_MAIL; next_state = LMTP_STATE_MAIL;
break; break;

1
postfix/src/local/local.c
View File

@ -465,6 +465,7 @@
/* postalias(1), create/update alias database /* postalias(1), create/update alias database
/* aliases(5), format of alias database /* aliases(5), format of alias database
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE
/* .ad /* .ad

1
postfix/src/oqmgr/qmgr.c
View File

@ -249,6 +249,7 @@
/* trivial-rewrite(8), address routing /* trivial-rewrite(8), address routing
/* bounce(8), delivery status reports /* bounce(8), delivery status reports
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8) system logging /* syslogd(8) system logging
/* README FILES /* README FILES

1
postfix/src/pickup/Makefile.in
View File

@ -76,4 +76,5 @@ pickup.o: ../../include/record.h
pickup.o: ../../include/rec_type.h pickup.o: ../../include/rec_type.h
pickup.o: ../../include/lex_822.h pickup.o: ../../include/lex_822.h
pickup.o: ../../include/input_transp.h pickup.o: ../../include/input_transp.h
pickup.o: ../../include/rewrite_clnt.h
pickup.o: ../../include/mail_server.h pickup.o: ../../include/mail_server.h

6
postfix/src/pickup/pickup.c
View File

@ -49,7 +49,7 @@
/* it is queued. /* it is queued.
/* .IP "\fBreceive_override_options (empty)\fR" /* .IP "\fBreceive_override_options (empty)\fR"
/* Enable or disable recipient validation, built-in content /* Enable or disable recipient validation, built-in content
/* filtering, or address rewriting. /* filtering, or address mapping.
/* MISCELLANEOUS CONTROLS /* MISCELLANEOUS CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -87,6 +87,7 @@
/* sendmail(1), Sendmail-compatible interface /* sendmail(1), Sendmail-compatible interface
/* postdrop(1), mail posting agent /* postdrop(1), mail posting agent
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE
@ -137,6 +138,7 @@
#include <rec_type.h> #include <rec_type.h>
#include <lex_822.h> #include <lex_822.h>
#include <input_transp.h> #include <input_transp.h>
#include <rewrite_clnt.h> /* XXX */
/* Single-threaded server skeleton. */ /* Single-threaded server skeleton. */
@ -292,6 +294,8 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup,
*/ */
rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_ORIGIN, MAIL_ATTR_ORG_LOCAL); MAIL_ATTR_ORIGIN, MAIL_ATTR_ORG_LOCAL);
rec_fprintf(cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_RWR_CTXT_NAME, REWRITE_LOCAL);
/* /*
* Copy the message envelope segment. Allow only those records that we * Copy the message envelope segment. Allow only those records that we

1
postfix/src/pipe/pipe.c
View File

@ -275,6 +275,7 @@
/* qmgr(8), queue manager /* qmgr(8), queue manager
/* bounce(8), delivery status reports /* bounce(8), delivery status reports
/* postconf(5), configuration parameters /* postconf(5), configuration parameters
/* master(5), generic daemon options
/* master(8), process manager /* master(8), process manager
/* syslogd(8), system logging /* syslogd(8), system logging
/* LICENSE /* LICENSE

11
postfix/src/proxymap/proxymap.c
View File

@ -106,6 +106,17 @@
/* The process name of a Postfix command or daemon process. /* The process name of a Postfix command or daemon process.
/* .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR" /* .IP "\fBproxy_read_maps (see 'postconf -d' output)\fR"
/* The lookup tables that the proxymap(8) server is allowed to access. /* The lookup tables that the proxymap(8) server is allowed to access.
/* SEE ALSO
/* postconf(5), configuration parameters
/* master(5), generic daemon options
/* README FILES
/* .ad
/* .fi
/* Use "\fBpostconf readme_directory\fR" or
/* "\fBpostconf html_directory\fR" to locate this information.
/* .na
/* .nf
/* DATABASE_README, Postfix lookup table overview
/* LICENSE /* LICENSE
/* .ad /* .ad
/* .fi /* .fi

2
postfix/src/smtp/smtp_connect.c
View File

@ -527,7 +527,7 @@ int smtp_connect(SMTP_STATE *state)
* high volume of mail in the active queue. * high volume of mail in the active queue.
*/ */
if (cpp == sites->argv if (cpp == sites->argv
&& ((request->flags & DEL_REQ_FLAG_SCACHE) != 0 && ((var_smtp_cache_demand && (request->flags & DEL_REQ_FLAG_SCACHE) != 0)
|| (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) { || (smtp_cache_dest && string_list_match(smtp_cache_dest, domain)))) {
sess_flags |= SMTP_SESS_FLAG_CACHE; sess_flags |= SMTP_SESS_FLAG_CACHE;
SET_NEXTHOP_STATE(state, lookup_mx, domain, port); SET_NEXTHOP_STATE(state, lookup_mx, domain, port);

2
postfix/src/smtp/smtp_proto.c
View File

@ -646,7 +646,7 @@ static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ? DEL_REQ_ATTR_AVAIL(request->rewrite_context) == 0 ?
XFORWARD_UNAVAILABLE : XFORWARD_UNAVAILABLE :
strcmp(request->rewrite_context, REWRITE_LOCAL) ? strcmp(request->rewrite_context, REWRITE_LOCAL) ?
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE); XFORWARD_DOM_REMOTE : XFORWARD_DOM_LOCAL );
next_state = SMTP_STATE_MAIL; next_state = SMTP_STATE_MAIL;
break; break;

52
postfix/src/smtpd/smtpd.c
View File

@ -95,13 +95,14 @@
/* .PP /* .PP
/* Available in Postfix version 2.2 and later: /* Available in Postfix version 2.2 and later:
/* .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR" /* .IP "\fBlocal_header_rewrite_clients (see 'postconf -d' output)\fR"
/* Append the domain name in $myorigin or $mydomain to incomplete /* Append the domain name in $myorigin or $mydomain to message
/* message header addresses from these clients; append /* header addresses from these clients only; either don't rewrite
/* $remote_header_rewrite_domain for all other clients. /* message headers from other clients at all, or append the domain
/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" /* specified with the remote_header_rewrite_domain parameter.
/* Append this domain name to incomplete message header addresses /* .IP "\fBremote_header_rewrite_domain (empty)\fR"
/* from remote clients; when this domain name is empty, don't rewrite /* Don't rewrite message headers from remote clients at all when
/* remote message headers at all. /* this parameter is empty; otherwise, rewrite remote message headers
/* and append the specified domain name to incomplete addresses.
/* AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS /* AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
/* .ad /* .ad
/* .fi /* .fi
@ -1073,21 +1074,21 @@ static void mail_open_stream(SMTPD_STATE *state)
if (*var_filter_xport) if (*var_filter_xport)
rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport); rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport);
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_RWR_CTXT_NAME, state->rewrite_context_name); MAIL_ATTR_RWR_CTXT_NAME, FORWARD_DOMAIN(state));
}
#ifdef USE_SASL_AUTH #ifdef USE_SASL_AUTH
if (var_smtpd_sasl_enable) { if (var_smtpd_sasl_enable) {
if (state->sasl_method) if (state->sasl_method)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_SASL_METHOD, state->sasl_method); MAIL_ATTR_SASL_METHOD, state->sasl_method);
if (state->sasl_username) if (state->sasl_username)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_SASL_USERNAME, state->sasl_username); MAIL_ATTR_SASL_USERNAME, state->sasl_username);
if (state->sasl_sender) if (state->sasl_sender)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_SASL_SENDER, state->sasl_sender); MAIL_ATTR_SASL_SENDER, state->sasl_sender);
} }
#endif #endif
}
rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender); rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender);
if (state->encoding != 0) if (state->encoding != 0)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s", rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
@ -1537,7 +1538,8 @@ static int rcpt_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
* we have a valid recipient address. * we have a valid recipient address.
*/ */
if (state->proxy == 0 && state->cleanup == 0) { if (state->proxy == 0 && state->cleanup == 0) {
smtpd_check_rewrite(state); if (!SMTPD_STAND_ALONE(state))
smtpd_check_rewrite(state);
if (state->proxy_mail) { if (state->proxy_mail) {
if (smtpd_proxy_open(state, var_smtpd_proxy_filt, if (smtpd_proxy_open(state, var_smtpd_proxy_filt,
var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo, var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo,
@ -2383,13 +2385,7 @@ static int xforward_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
XFORWARD_DOMAIN, attr_value); XFORWARD_DOMAIN, attr_value);
return (-1); return (-1);
} }
if (state->rewrite_context_name UPDATE_STR(state->xforward.domain, context_name[context_code]);
&& strcmp(state->rewrite_context_name,
context_name[context_code])) {
myfree(state->rewrite_context_name);
state->rewrite_context_name =
mystrdup(context_name[context_code]);
}
break; break;
/* /*

16
postfix/src/smtpd/smtpd.h
View File

@ -53,6 +53,7 @@ typedef struct {
char *protocol; /* email protocol */ char *protocol; /* email protocol */
char *helo_name; /* helo/ehlo parameter */ char *helo_name; /* helo/ehlo parameter */
char *ident; /* message identifier */ char *ident; /* message identifier */
char *domain; /* rewrite context */
} SMTPD_XFORWARD_ATTR; } SMTPD_XFORWARD_ATTR;
typedef struct SMTPD_STATE { typedef struct SMTPD_STATE {
@ -175,6 +176,7 @@ extern void smtpd_state_reset(SMTPD_STATE *);
#define CLIENT_HELO_UNKNOWN 0 #define CLIENT_HELO_UNKNOWN 0
#define CLIENT_PROTO_UNKNOWN CLIENT_ATTR_UNKNOWN #define CLIENT_PROTO_UNKNOWN CLIENT_ATTR_UNKNOWN
#define CLIENT_IDENT_UNKNOWN 0 #define CLIENT_IDENT_UNKNOWN 0
#define CLIENT_DOMAIN_UNKNOWN 0
#define IS_AVAIL_CLIENT_ATTR(v) ((v) && strcmp((v), CLIENT_ATTR_UNKNOWN)) #define IS_AVAIL_CLIENT_ATTR(v) ((v) && strcmp((v), CLIENT_ATTR_UNKNOWN))
@ -184,6 +186,7 @@ extern void smtpd_state_reset(SMTPD_STATE *);
#define IS_AVAIL_CLIENT_HELO(v) ((v) != 0) #define IS_AVAIL_CLIENT_HELO(v) ((v) != 0)
#define IS_AVAIL_CLIENT_PROTO(v) IS_AVAIL_CLIENT_ATTR(v) #define IS_AVAIL_CLIENT_PROTO(v) IS_AVAIL_CLIENT_ATTR(v)
#define IS_AVAIL_CLIENT_IDENT(v) ((v) != 0) #define IS_AVAIL_CLIENT_IDENT(v) ((v) != 0)
#define IS_AVAIL_CLIENT_DOMAIN(v) ((v) != 0)
/* /*
* If running in stand-alone mode, do not try to talk to Postfix daemons but * If running in stand-alone mode, do not try to talk to Postfix daemons but
@ -230,16 +233,19 @@ extern void smtpd_peer_reset(SMTPD_STATE *state);
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_CLIENT_MASK) ? \ (((s)->xforward.flags & SMTPD_STATE_XFORWARD_CLIENT_MASK) ? \
(s)->xforward.a : (s)->a) (s)->xforward.a : (s)->a)
#define FORWARD_IDENT_ATTR(s) \
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \
(s)->queue_id : (s)->ident)
#define FORWARD_ADDR(s) FORWARD_CLIENT_ATTR((s), addr) #define FORWARD_ADDR(s) FORWARD_CLIENT_ATTR((s), addr)
#define FORWARD_NAME(s) FORWARD_CLIENT_ATTR((s), name) #define FORWARD_NAME(s) FORWARD_CLIENT_ATTR((s), name)
#define FORWARD_NAMADDR(s) FORWARD_CLIENT_ATTR((s), namaddr) #define FORWARD_NAMADDR(s) FORWARD_CLIENT_ATTR((s), namaddr)
#define FORWARD_PROTO(s) FORWARD_CLIENT_ATTR((s), protocol) #define FORWARD_PROTO(s) FORWARD_CLIENT_ATTR((s), protocol)
#define FORWARD_HELO(s) FORWARD_CLIENT_ATTR((s), helo_name) #define FORWARD_HELO(s) FORWARD_CLIENT_ATTR((s), helo_name)
#define FORWARD_IDENT(s) FORWARD_IDENT_ATTR(s)
#define FORWARD_IDENT(s) \
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_IDENT) ? \
(s)->queue_id : (s)->ident)
#define FORWARD_DOMAIN(s) \
(((s)->xforward.flags & SMTPD_STATE_XFORWARD_DOMAIN) ? \
(s)->xforward.domain : (s)->rewrite_context_name)
extern void smtpd_xforward_init(SMTPD_STATE *); extern void smtpd_xforward_init(SMTPD_STATE *);
extern void smtpd_xforward_preset(SMTPD_STATE *); extern void smtpd_xforward_preset(SMTPD_STATE *);

23
postfix/src/smtpd/smtpd_check.c
View File

@ -323,7 +323,6 @@ static int check_rcpt_maps(SMTPD_STATE *, const char *, const char *);
#define SMTPD_NAME_RECIPIENT "Recipient address" #define SMTPD_NAME_RECIPIENT "Recipient address"
#define SMTPD_NAME_ETRN "Etrn command" #define SMTPD_NAME_ETRN "Etrn command"
#define SMTPD_NAME_DATA "Data command" #define SMTPD_NAME_DATA "Data command"
#define SMTPD_NAME_REWRITE "Local address rewriting"
/* /*
* YASLM. * YASLM.
@ -3397,8 +3396,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state)
DICT *dict; DICT *dict;
/* /*
* We don't use generic_checks() because it produces results that * We don't use generic_checks() because it produces results that aren't
* aren't applicable such as DEFER or REJECT. * applicable such as DEFER or REJECT.
*/ */
for (cpp = local_rewrite_clients->argv; *cpp != 0; cpp++) { for (cpp = local_rewrite_clients->argv; *cpp != 0; cpp++) {
if (msg_verbose) if (msg_verbose)
@ -3430,6 +3429,8 @@ void smtpd_check_rewrite(SMTPD_STATE *state)
continue; continue;
} }
if (status == SMTPD_CHECK_OK) { if (status == SMTPD_CHECK_OK) {
if (state->rewrite_context_name)
myfree(state->rewrite_context_name);
state->rewrite_context_name = mystrdup(REWRITE_LOCAL); state->rewrite_context_name = mystrdup(REWRITE_LOCAL);
return; return;
} }
@ -4063,7 +4064,7 @@ char *var_def_rbl_reply;
char *var_relay_rcpt_maps; char *var_relay_rcpt_maps;
char *var_verify_sender; char *var_verify_sender;
char *var_smtpd_sasl_opts; char *var_smtpd_sasl_opts;
char *var_remote_rwr_name; char *var_remote_rwr_domain;
char *var_local_rwr_clients; char *var_local_rwr_clients;
typedef struct { typedef struct {
@ -4105,7 +4106,7 @@ static STRING_TABLE string_table[] = {
VAR_VERIFY_SENDER, DEF_VERIFY_SENDER, &var_verify_sender, VAR_VERIFY_SENDER, DEF_VERIFY_SENDER, &var_verify_sender,
VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name, VAR_MAIL_NAME, DEF_MAIL_NAME, &var_mail_name,
VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts, VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts,
VAR_REM_RWR_NAME, DEF_REM_RWR_NAME, &var_remote_rwr_name, VAR_REM_RWR_DOMAIN, DEF_REM_RWR_DOMAIN, &var_remote_rwr_domain,
VAR_LOC_RWR_CLIENTS, DEF_LOC_RWR_CLIENTS, &var_local_rwr_clients, VAR_LOC_RWR_CLIENTS, DEF_LOC_RWR_CLIENTS, &var_local_rwr_clients,
0, 0,
}; };
@ -4171,6 +4172,8 @@ int var_verify_poll_delay;
int var_smtpd_policy_tmout; int var_smtpd_policy_tmout;
int var_smtpd_policy_idle; int var_smtpd_policy_idle;
int var_smtpd_policy_ttl; int var_smtpd_policy_ttl;
int var_smtpd_rej_unl_from;
int var_smtpd_rej_unl_rcpt;
static INT_TABLE int_table[] = { static INT_TABLE int_table[] = {
"msg_verbose", 0, &msg_verbose, "msg_verbose", 0, &msg_verbose,
@ -4195,6 +4198,8 @@ static INT_TABLE int_table[] = {
VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code, VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code,
VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table, VAR_SHOW_UNK_RCPT_TABLE, DEF_SHOW_UNK_RCPT_TABLE, &var_show_unk_rcpt_table,
VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count, VAR_VERIFY_POLL_COUNT, DEF_VERIFY_POLL_COUNT, &var_verify_poll_count,
VAR_SMTPD_REJ_UNL_FROM, DEF_SMTPD_REJ_UNL_FROM, &var_smtpd_rej_unl_from,
VAR_SMTPD_REJ_UNL_RCPT, DEF_SMTPD_REJ_UNL_RCPT, &var_smtpd_rej_unl_rcpt,
0, 0,
}; };
@ -4411,7 +4416,7 @@ int main(int argc, char **argv)
string_init(); string_init();
int_init(); int_init();
smtpd_check_init(); smtpd_check_init();
smtpd_state_init(&state, VSTREAM_IN); smtpd_state_init(&state, VSTREAM_IN, "smtpd");
state.queue_id = "<queue id>"; state.queue_id = "<queue id>";
/* /*
@ -4589,11 +4594,17 @@ int main(int argc, char **argv)
* Show commands. * Show commands.
*/ */
default: default:
if (strcasecmp(args->argv[0], "check_rewrite") == 0) {
smtpd_check_rewrite(&state);
resp = state.rewrite_context_name;
break;
}
resp = "Commands...\n\ resp = "Commands...\n\
client <name> <address> [<code>]\n\ client <name> <address> [<code>]\n\
helo <hostname>\n\ helo <hostname>\n\
sender <address>\n\ sender <address>\n\
recipient <address>\n\ recipient <address>\n\
check_rewrite\n\
msg_verbose <level>\n\ msg_verbose <level>\n\
client_restrictions <restrictions>\n\ client_restrictions <restrictions>\n\
helo_restrictions <restrictions>\n\ helo_restrictions <restrictions>\n\

1
postfix/src/smtpd/smtpd_exp.ref
View File

@ -123,7 +123,6 @@ OK
>>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access >>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access
OK OK
>>> mail foo@pls.net.au >>> mail foo@pls.net.au
./smtpd_check: warning: numeric domain name in resource data of MX record for pls.net.au: 203.3.110.241
OK OK
>>> #mail foo@verisign-wildcard.com >>> #mail foo@verisign-wildcard.com
>>> mail foo@verisign.com >>> mail foo@verisign.com

2
postfix/src/smtpd/smtpd_proxy.c
View File

@ -340,7 +340,7 @@ int smtpd_proxy_open(SMTPD_STATE *state, const char *service,
FORWARD_PROTO(state)))) FORWARD_PROTO(state))))
&& (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN) && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN)
|| !(bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1, || !(bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1,
STREQ(state->rewrite_context_name, REWRITE_LOCAL) ? STREQ(FORWARD_DOMAIN(state), REWRITE_LOCAL) ?
XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE)))) XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE))))
bad = smtpd_xforward_flush(state, buf); bad = smtpd_xforward_flush(state, buf);
vstring_free(buf); vstring_free(buf);

3
postfix/src/smtpd/smtpd_xforward.c
View File

@ -59,6 +59,7 @@ void smtpd_xforward_init(SMTPD_STATE *state)
state->xforward.protocol = 0; state->xforward.protocol = 0;
state->xforward.helo_name = 0; state->xforward.helo_name = 0;
state->xforward.ident = 0; state->xforward.ident = 0;
state->xforward.domain = 0;
} }
/* smtpd_xforward_preset - set xforward attributes to "unknown" */ /* smtpd_xforward_preset - set xforward attributes to "unknown" */
@ -85,6 +86,7 @@ void smtpd_xforward_preset(SMTPD_STATE *state)
/* Leave helo at zero. */ /* Leave helo at zero. */
state->xforward.protocol = mystrdup(CLIENT_PROTO_UNKNOWN); state->xforward.protocol = mystrdup(CLIENT_PROTO_UNKNOWN);
/* Leave ident at zero. */ /* Leave ident at zero. */
/* Leave domain context at zero. */
} }
/* smtpd_xforward_reset - reset XCLIENT attributes */ /* smtpd_xforward_reset - reset XCLIENT attributes */
@ -100,4 +102,5 @@ void smtpd_xforward_reset(SMTPD_STATE *state)
FREE_AND_WIPE(state->xforward.protocol); FREE_AND_WIPE(state->xforward.protocol);
FREE_AND_WIPE(state->xforward.helo_name); FREE_AND_WIPE(state->xforward.helo_name);
FREE_AND_WIPE(state->xforward.ident); FREE_AND_WIPE(state->xforward.ident);
FREE_AND_WIPE(state->xforward.domain);
} }

11
postfix/src/trivial-rewrite/trivial-rewrite.c
View File

@ -13,13 +13,12 @@
/* address rewriting context: /* address rewriting context:
/* .RS /* .RS
/* .IP \fBlocal\fR /* .IP \fBlocal\fR
/* .IP \fBnone\fR
/* Append the domain names specified with \fB$myorigin\fR or /* Append the domain names specified with \fB$myorigin\fR or
/* \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR /* \fB$mydomain\fR to incomplete addresses; do \fBswap_bangpath\fR
/* and \fBallow_percent_hack\fR processing as described below, and /* and \fBallow_percent_hack\fR processing as described below, and
/* strip source routed addresses (\fI@site,@site:user@domain\fR) /* strip source routed addresses (\fI@site,@site:user@domain\fR)
/* to \fIuser@domain\fR form. /* to \fIuser@domain\fR form.
/* .IP \fBinvalid\fR /* .IP \fBremote\fR
/* Append the domain name specified with /* Append the domain name specified with
/* \fB$remote_header_rewrite_domain\fR to incomplete /* \fB$remote_header_rewrite_domain\fR to incomplete
/* addresses. Otherwise the result is identical to that of /* addresses. Otherwise the result is identical to that of
@ -107,10 +106,10 @@
/* Enable the rewriting of "site!user" into "user@site". /* Enable the rewriting of "site!user" into "user@site".
/* .PP /* .PP
/* Available in Postfix 2.2 and later: /* Available in Postfix 2.2 and later:
/* .IP "\fBremote_header_rewrite_domain (domain.invalid)\fR" /* .IP "\fBremote_header_rewrite_domain (empty)\fR"
/* Append this domain to incomplete message header addresses from /* Don't rewrite message headers from remote clients at all when
/* remote clients; when the domain is empty, don't rewrite remote message /* this parameter is empty; otherwise, rewrite remote message headers
/* headers at all. /* and append the specified domain name to incomplete addresses.
/* ROUTING CONTROLS /* ROUTING CONTROLS
/* .ad /* .ad
/* .fi /* .fi

18
postfix/src/util/dict_db.c
View File

@ -167,6 +167,12 @@ static const char *dict_db_lookup(DICT *dict, const char *name)
static VSTRING *buf; static VSTRING *buf;
const char *result = 0; const char *result = 0;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_db_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
dict_errno = 0; dict_errno = 0;
memset(&db_key, 0, sizeof(db_key)); memset(&db_key, 0, sizeof(db_key));
memset(&db_value, 0, sizeof(db_value)); memset(&db_value, 0, sizeof(db_value));
@ -231,6 +237,12 @@ static void dict_db_update(DICT *dict, const char *name, const char *value)
DBT db_value; DBT db_value;
int status; int status;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_db_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
memset(&db_key, 0, sizeof(db_key)); memset(&db_key, 0, sizeof(db_key));
memset(&db_value, 0, sizeof(db_value)); memset(&db_value, 0, sizeof(db_value));
db_key.data = (void *) name; db_key.data = (void *) name;
@ -302,6 +314,12 @@ static int dict_db_delete(DICT *dict, const char *name)
int status = 1; int status = 1;
int flags = 0; int flags = 0;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_db_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
memset(&db_key, 0, sizeof(db_key)); memset(&db_key, 0, sizeof(db_key));
/* /*

18
postfix/src/util/dict_dbm.c
View File

@ -78,6 +78,12 @@ static const char *dict_dbm_lookup(DICT *dict, const char *name)
static VSTRING *buf; static VSTRING *buf;
const char *result = 0; const char *result = 0;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_dbm_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
dict_errno = 0; dict_errno = 0;
/* /*
@ -137,6 +143,12 @@ static void dict_dbm_update(DICT *dict, const char *name, const char *value)
datum dbm_value; datum dbm_value;
int status; int status;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_dbm_update: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
dbm_key.dptr = (void *) name; dbm_key.dptr = (void *) name;
dbm_value.dptr = (void *) value; dbm_value.dptr = (void *) value;
dbm_key.dsize = strlen(name); dbm_key.dsize = strlen(name);
@ -202,6 +214,12 @@ static int dict_dbm_delete(DICT *dict, const char *name)
int status = 1; int status = 1;
int flags = 0; int flags = 0;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_dbm_delete: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
/* /*
* Acquire an exclusive lock. * Acquire an exclusive lock.
*/ */

6
postfix/src/util/dict_nis.c
View File

@ -143,6 +143,12 @@ static const char *dict_nis_lookup(DICT *dict, const char *key)
int err; int err;
static VSTRING *buf; static VSTRING *buf;
/*
* Sanity check.
*/
if ((dict->flags & (DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL)) == 0)
msg_panic("dict_nis_lookup: no DICT_FLAG_TRY1NULL | DICT_FLAG_TRY0NULL flag");
dict_errno = 0; dict_errno = 0;
if (dict_nis_domain == dict_nis_disabled) if (dict_nis_domain == dict_nis_disabled)
return (0); return (0);

46
postfix/src/util/dict_nisplus.c
View File

@ -119,10 +119,11 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
DICT_NISPLUS *dict_nisplus = (DICT_NISPLUS *) dict; DICT_NISPLUS *dict_nisplus = (DICT_NISPLUS *) dict;
static VSTRING *quoted_key; static VSTRING *quoted_key;
static VSTRING *query; static VSTRING *query;
static VSTRING *reply; static VSTRING *retval;
nis_result *nis_alias; nis_result *reply;
int count; int count;
const char *cp; const char *cp;
int last_col;
int ch; int ch;
/* /*
@ -131,7 +132,7 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
dict_errno = 0; dict_errno = 0;
if (quoted_key == 0) { if (quoted_key == 0) {
query = vstring_alloc(100); query = vstring_alloc(100);
reply = vstring_alloc(100); retval = vstring_alloc(100);
quoted_key = vstring_alloc(100); quoted_key = vstring_alloc(100);
} }
@ -168,29 +169,35 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
* addresses (in envelopes or in headers) have a finite length. * addresses (in envelopes or in headers) have a finite length.
*/ */
vstring_sprintf(query, dict_nisplus->template, STR(quoted_key)); vstring_sprintf(query, dict_nisplus->template, STR(quoted_key));
nis_alias = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL); reply = nis_list(STR(query), FOLLOW_LINKS | FOLLOW_PATH, NULL, NULL);
/* /*
* When lookup succeeds, the result may be unusable because it is * When lookup succeeds, the result may be ambiguous, or the requested
* ambiguous. * column may not exist.
*/ */
if (nis_alias->status == NIS_SUCCESS) { if (reply->status == NIS_SUCCESS) {
if ((count = NIS_RES_NUMOBJ(nis_alias)) != 1) { if ((count = NIS_RES_NUMOBJ(reply)) != 1) {
msg_warn("ambiguous match (%d results) for %s in NIS+ map %s:" msg_warn("ambiguous match (%d results) for %s in NIS+ map %s:"
" ignoring this request", " ignoring this request",
count, key, dict_nisplus->dict.name); count, key, dict_nisplus->dict.name);
nis_freeresult(nis_alias); nis_freeresult(reply);
return (0); return (0);
} else { } else {
vstring_strcpy(reply, last_col = NIS_RES_OBJECT(reply)->zo_data
NIS_RES_OBJECT(nis_alias)->zo_data.objdata_u .objdata_u.en_data.en_cols.en_cols_len - 1;
if (dict_nisplus->column > last_col)
msg_fatal("requested column %d > max column %d in table %s",
dict_nisplus->column, last_col,
dict_nisplus->dict.name);
vstring_strcpy(retval,
NIS_RES_OBJECT(reply)->zo_data.objdata_u
.en_data.en_cols.en_cols_val[dict_nisplus->column] .en_data.en_cols.en_cols_val[dict_nisplus->column]
.ec_value.ec_value_val); .ec_value.ec_value_val);
if (msg_verbose) if (msg_verbose)
msg_info("%s: %s, column %d -> %s", myname, STR(query), msg_info("%s: %s, column %d -> %s", myname, STR(query),
dict_nisplus->column, STR(reply)); dict_nisplus->column, STR(retval));
nis_freeresult(nis_alias); nis_freeresult(reply);
return (STR(reply)); return (STR(retval));
} }
} }
@ -200,14 +207,17 @@ static const char *dict_nisplus_lookup(DICT *dict, const char *key)
* the problem and fix it. * the problem and fix it.
*/ */
else { else {
if (nis_alias->status != NIS_NOTFOUND if (reply->status != NIS_NOTFOUND
&& nis_alias->status != NIS_PARTIAL) { && reply->status != NIS_PARTIAL) {
msg_warn("lookup %s, NIS+ map %s: %s", msg_warn("lookup %s, NIS+ map %s: %s",
key, dict_nisplus->dict.name, key, dict_nisplus->dict.name,
nis_sperrno(nis_alias->status)); nis_sperrno(reply->status));
dict_errno = DICT_ERR_RETRY; dict_errno = DICT_ERR_RETRY;
} else {
if (msg_verbose)
msg_info("%s: not found: query %s", myname, STR(query));
} }
nis_freeresult(nis_alias); nis_freeresult(reply);
return (0); return (0);
} }
} }

1
postfix/src/util/sys_defs.h
View File

@ -296,6 +296,7 @@ extern int opterr;
#define DEF_DB_TYPE "dbm" #define DEF_DB_TYPE "dbm"
#define ALIAS_DB_MAP "dbm:/etc/mail/aliases" #define ALIAS_DB_MAP "dbm:/etc/mail/aliases"
#define HAS_NIS #define HAS_NIS
#define HAS_NISPLUS
#define USE_SYS_SOCKIO_H /* Solaris 2.5, changed sys/ioctl.h */ #define USE_SYS_SOCKIO_H /* Solaris 2.5, changed sys/ioctl.h */
#define GETTIMEOFDAY(t) gettimeofday(t) #define GETTIMEOFDAY(t) gettimeofday(t)
#define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb" #define ROOT_PATH "/bin:/usr/bin:/sbin:/usr/sbin:/usr/ucb"