snapshot-20010202

postfix/HISTORY

@@ -4848,3 +4848,15 @@ Apologies for any names omitted.
 	util/sane_time.[hc].
 
 	Bumped the default mailbox file size limits to 50MB.
+
+20010202
+
+	Bugfix: fixed the way the master resets the file size limit
+	to avoid problems when a Postfix daemon updates a queue
+	file.  The file size limit is now increased to INT_MAX if
+	it is smaller than INT_MAX, so that it is less likely to
+	interfere than the old setting of message_size_limit.
+
+	Feature: disable mailbox size limits for the local and
+	virtual delivery agents by setting mailbox_size_limit or
+	virtual_mailbox_limit to zero.

postfix/RELEASE_NOTES

@@ -1,15 +1,28 @@
 Apart from bugfixes this is expected to become the first non-beta
 Postfix release.
 
+Major changes with snapshot-20010202
+====================================
+
+The mailbox file size limits for the local and virtual delivery
+agents can be disabled by setting mailbox_size_limit and/or
+virtual_mailbox_limit to zero.
+
 Incompatible changes with snapshot-20010128
 ===========================================
 
+If this release does not work for you, you can go back to a previous
+Postfix version without losing your mail, subject to the "incompatible
+changes" listed for previous Postfix releases below.
+
 REJECT in header/body_checks is now flagged as policy violation
 rather than bounce, for consistency in postmaster notifications.
 
-The mailbox size limit for local delivery is no longer controlled
-by the message_size_limit paramater, but by a separate parameter
-called mailbox_size_limit (default: 20MBytes).
+New mailbox size limit for local delivery (default: 50MBytes). This
+limit affects all file write access by the local delivery agent or
+by a process run by the local delivery agent. The purpose of this
+parameter is to act as a safety for run-away software. It cannot
+be a substitute for a file quota management system.
 
 The default RBL (real-time blackhole lists) domain examples have
 been updated from *.vix.com to *.mail-abuse.org.
@@ -27,7 +40,7 @@ agent can deliver mail for any number of domains.  See the file
 VIRTUAL_README for detailed examples. This code is still new. Once
 it stops changing it will become part of the non-beta release.
 
-Many "valid_hostname" warnings were eliminated. The complaints that
+Many "valid_hostname" warnings were eliminated. The warnings that
 were not eliminated were replaced by something more informative.
 
 SASL support (RFC 2554) for the LMTP delivery agent. This is required

postfix/html/faq.html

@@ -1319,7 +1319,7 @@ be a broken PIX firewall.
 
 <h4>Cisco PIX "fixup protocol smtp" bug</h4>
 
-The Cisco PIX has have a bug when running software older than
+The Cisco PIX firewall has a bug when running software older than
 version 5.2(4) or 6.0(1).
 
 <p>
@@ -1333,7 +1333,7 @@ end of mail are sent in separate packets.
 How does one recognize a mailer behind a Cisco PIX with "fixup
 protocol smtp" enabled? As of version 5.1 and later, the fixup
 protocol smtp command changes the characters in the SMTP banner to
-asterisks except for the "2", "0", "0" and space characters. 
+asterisks except for the "2", "0" and "0 SPACE" characters. 
 
 <p>
 

postfix/html/local.8.html

@@ -451,9 +451,9 @@ LOCAL(8)                                                 LOCAL(8)
 
        <b>mailbox</b><i>_</i><b>size</b><i>_</i><b>limit</b>
               Limit the size of a mailbox  etc.  file  (any  file
-              that is written to upon delivery).
+              that  is written to upon delivery).  Set to zero to
+              disable the limit.
 
-<b>Security</b> <b>controls</b>
 
 
 
@@ -467,33 +467,34 @@ LOCAL(8)                                                 LOCAL(8)
 LOCAL(8)                                                 LOCAL(8)
 
 
+<b>Security</b> <b>controls</b>
        <b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>commands</b>
-              Restrict  the  usage  of  mail delivery to external
+              Restrict the usage of  mail  delivery  to  external
               command.
 
        <b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
-              Restrict the usage of  mail  delivery  to  external
+              Restrict  the  usage  of  mail delivery to external
               file.
 
        <b>command</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
-              What  characters  are  allowed  to  appear in $name
-              expansions of mailbox_command.  Illegal  characters
+              What characters are  allowed  to  appear  in  $name
+              expansions  of  mailbox_command. Illegal characters
               are replaced by underscores.
 
        <b>default</b><i>_</i><b>privs</b>
-              Default  rights  for  delivery  to external file or
+              Default rights for delivery  to  external  file  or
               command.
 
        <b>forward</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
-              What characters are  allowed  to  appear  in  $name
-              expansions  of forward_path. Illegal characters are
+              What  characters  are  allowed  to  appear in $name
+              expansions of forward_path. Illegal characters  are
               replaced by underscores.
 
 <b>HISTORY</b>
-       The <b>Delivered-To:</b> header appears in the  <b>qmail</b>  system  by
+       The  <b>Delivered-To:</b>  header  appears in the <b>qmail</b> system by
        Daniel Bernstein.
 
-       The  <i>maildir</i>  structure  appears  in  the  <b>qmail</b> system by
+       The <i>maildir</i> structure  appears  in  the  <b>qmail</b>  system  by
        Daniel Bernstein.
 
 <b>SEE</b> <b>ALSO</b>
@@ -504,7 +505,7 @@ LOCAL(8)                                                 LOCAL(8)
        <a href="qmgr.8.html">qmgr(8)</a> queue manager
 
 <b>LICENSE</b>
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 <b>AUTHOR(S)</b>
@@ -523,7 +524,6 @@ LOCAL(8)                                                 LOCAL(8)
 
 
 
-
                                                                 8
 
 

postfix/html/virtual.8.html

@@ -224,7 +224,7 @@ VIRTUAL(8)                                             VIRTUAL(8)
 
        <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
               The  maximal  size in bytes of a mailbox or maildir
-              file.
+              file.  Set to zero to disable the limit.
 
 <b>HISTORY</b>
        This agent was  originally  based  on  the  Postfix  local

postfix/man/man8/local.8

@@ -378,6 +378,7 @@ The default limit is taken from the
 .IP \fBmailbox_size_limit\fR
 Limit the size of a mailbox etc. file (any file that is
 written to upon delivery).
+Set to zero to disable the limit.
 .SH "Security controls"
 .ad
 .fi

postfix/man/man8/virtual.8

@@ -191,6 +191,7 @@ The default limit is taken from the
 The limit is enforced by the Postfix queue manager.
 .IP \fBvirtual_mailbox_limit\fR
 The maximal size in bytes of a mailbox or maildir file.
+Set to zero to disable the limit.
 .SH HISTORY
 .na
 .nf

postfix/src/global/mail_version.h

@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Snapshot-20010201"
+#define DEF_MAIL_VERSION	"Snapshot-20010202"
 extern char *var_mail_version;
 
 /* LICENSE

postfix/src/local/local.c

@@ -350,6 +350,7 @@
 /* .IP \fBmailbox_size_limit\fR
 /*	Limit the size of a mailbox etc. file (any file that is
 /*	written to upon delivery).
+/*	Set to zero to disable the limit.
 /* .SH "Security controls"
 /* .ad
 /* .fi
@@ -635,14 +636,20 @@ static void pre_init(char *unused_name, char **unused_argv)
      * size limit. XXX This still isn't accurate because the file size limit
      * also affects delivery to command.
      * 
+     * A file size limit protects the machine against runaway software errors.
+     * It is not suitable to enfoce mail quota, because users can get around
+     * mail quota by delivering to /file/name or to |command.
+     * 
      * We can't have mailbox size limit smaller than the message size limit,
      * because that prohibits the delivery agent from updating the queue
      * file.
      */
-    if (var_mailbox_limit < var_message_limit)
-	msg_fatal("main.cf configuration error: %s is smaller than %s",
-		  VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
-    set_file_limit(var_mailbox_limit);
+    if (var_mailbox_limit) {
+	if (var_mailbox_limit < var_message_limit)
+	    msg_fatal("main.cf configuration error: %s is smaller than %s",
+		      VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
+	set_file_limit(var_mailbox_limit);
+    }
 }
 
 /* main - pass control to the single-threaded skeleton */
@@ -655,7 +662,7 @@ int     main(int argc, char **argv)
     };
     static CONFIG_INT_TABLE int_table[] = {
 	VAR_DUP_FILTER_LIMIT, DEF_DUP_FILTER_LIMIT, &var_dup_filter_limit, 0, 0,
-	VAR_MAILBOX_LIMIT, DEF_MAILBOX_LIMIT, &var_mailbox_limit, 1, 0,
+	VAR_MAILBOX_LIMIT, DEF_MAILBOX_LIMIT, &var_mailbox_limit, 0, 0,
 	0,
     };
     static CONFIG_STR_TABLE str_table[] = {

postfix/src/master/master.c

@@ -134,6 +134,7 @@
 #include <unistd.h>
 #include <string.h>
 #include <fcntl.h>
+#include <limits.h>
 
 /* Utility library. */
 
@@ -288,11 +289,9 @@ int     main(int argc, char **argv)
     clean_env(import_env->argv);
     argv_free(import_env);
 
-    if ((inherited_limit = get_file_limit()) < (off_t) var_message_limit) {
-	msg_warn("file size limit %lu < message_size_limit %lu -- reset",
-	(unsigned long) inherited_limit, (unsigned long) var_message_limit);
-	set_file_limit(var_message_limit);
-    }
+    if ((inherited_limit = get_file_limit()) < (off_t) INT_MAX)
+	set_file_limit(INT_MAX);
+
     if (chdir(var_queue_dir))
 	msg_fatal("chdir %s: %m", var_queue_dir);
 

postfix/src/util/rand_sleep.c

@@ -67,7 +67,7 @@ void    rand_sleep(unsigned delay, unsigned variation)
      * Use the semi-crappy random number generator.
      */
     if (my_pid == 0)
-	srandom(my_pid = (getpid() ^ time((time_t *) 0)));
+	srandom((my_pid = getpid()) ^ time((time_t *) 0));
     usec = (delay - variation / 2) + variation * (double) random() / RAND_MAX;
     doze(usec);
 }

postfix/src/virtual/virtual.c

@@ -167,6 +167,7 @@
 /*	The limit is enforced by the Postfix queue manager.
 /* .IP \fBvirtual_mailbox_limit\fR
 /*	The maximal size in bytes of a mailbox or maildir file.
+/*	Set to zero to disable the limit.
 /* HISTORY
 /* .ad
 /* .fi
@@ -368,17 +369,18 @@ static void pre_init(char *unused_name, char **unused_argv)
 
     /*
      * Reset the file size limit from the message size limit to the mailbox
-     * size limit. XXX This still isn't accurate because the file size limit
-     * also affects delivery to command.
+     * size limit.
      * 
      * We can't have mailbox size limit smaller than the message size limit,
      * because that prohibits the delivery agent from updating the queue
      * file.
      */
-    if (var_virt_mailbox_limit < var_message_limit)
-	msg_fatal("main.cf configuration error: %s is smaller than %s",
-		  VAR_VIRT_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
-    set_file_limit(var_virt_mailbox_limit);
+    if (var_virt_mailbox_limit) {
+	if (var_virt_mailbox_limit < var_message_limit)
+	    msg_fatal("main.cf configuration error: %s is smaller than %s",
+		      VAR_VIRT_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
+	set_file_limit(var_virt_mailbox_limit);
+    }
 }
 
 /* main - pass control to the single-threaded skeleton */
@@ -387,7 +389,7 @@ int     main(int argc, char **argv)
 {
     static CONFIG_INT_TABLE int_table[] = {
 	VAR_VIRT_MINUID, DEF_VIRT_MINUID, &var_virt_minimum_uid, 1, 0,
-	VAR_VIRT_MAILBOX_LIMIT, DEF_VIRT_MAILBOX_LIMIT, &var_virt_mailbox_limit, 1, 0,
+	VAR_VIRT_MAILBOX_LIMIT, DEF_VIRT_MAILBOX_LIMIT, &var_virt_mailbox_limit, 0, 0,
 	0,
     };
     static CONFIG_STR_TABLE str_table[] = {