diff --git a/postfix/HISTORY b/postfix/HISTORY
index cdc9bdd67..9426fafe0 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -17865,3 +17865,15 @@ Apologies for any names omitted.
Bugfix (introduced: 20120531-617): in the postscreen module
for HAproxy sypport, a VSTREAM buffer size request was not
LP64-clean. File: postscreen/postscreen_haproxy.c.
+
+ Cleanup: avoid single-character reads in the postscreen
+ HAproxy module. File: postscreen/postscreen_haproxy.c.
+
+20120628
+
+ Workaround: heuristic to detect missing (ssize_t) type-cast
+ in VSTREAM buffer size requests. File: util/vstream.c.
+
+20120629
+
+ Workaround: "sendmail -bl" emulation. File: sendmail/sendmail.c.
diff --git a/postfix/WISHLIST b/postfix/WISHLIST
index 8f9941d39..f1121a6fb 100644
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@@ -9,16 +9,25 @@ Wish list:
Don't forget Apple's code donation for fetching mail from
IMAP server.
+ mem_pool module for frequently-allocated objects
+ such as postscreen VSTRINGS and STATE objects.
+ Operations: create, put, get, maybe destroy.
+ Call-backs: create, reset, and maybe destroy.
+
Make "rename" the default when postmapping a DB file
(later: use copy+rename for postmap -i, postmap -d).
"no-cache" option for selected postscreen tests?
- Need primitive to find out if a map has a local lock. If
- it doesn't (like memcache or proxied map), then postscreen
- etc. don't need to close a cache after "postfix reload".
- After a fork() it is OK to keep using a memcache or proxymap
- handle, because the parent exits immediately.
+ Need a new DICT flag to indicate that a map handle supports
+ locking. If it doesn't (as with memcache or proxymap
+ handles), then postscreen etc. don't need to close a cache
+ file after "postfix reload". After a fork() it is OK to
+ keep using a memcache or proxymap handle, because the parent
+ exits immediately. For this to work, the memcache client
+ needs to propagate the flag from a persistent backup map,
+ but the proxymap protocol should not propagate this to the
+ client.
Different TTL values for different DNSBL sources?
diff --git a/postfix/html/mailq.1.html b/postfix/html/mailq.1.html
index 619941b8f..7dc5ccb3d 100644
--- a/postfix/html/mailq.1.html
+++ b/postfix/html/mailq.1.html
@@ -93,85 +93,90 @@ SENDMAIL(1) SENDMAIL(1)
-bi Initialize alias database. See the newaliases com-
mand above.
- -bm Read mail from standard input and arrange for
+ -bl Go into daemon mode. To accept only local connec-
+ tions as with Sendmail's -bl option, specify
+ "inet_interfaces = loopback" in the Postfix main.cf
+ configuration file.
+
+ -bm Read mail from standard input and arrange for
delivery. This is the default mode of operation.
-bp List the mail queue. See the mailq command above.
- -bs Stand-alone SMTP server mode. Read SMTP commands
- from standard input, and write responses to stan-
+ -bs Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
dard output. In stand-alone SMTP server mode, mail
- relaying and other access controls are disabled by
- default. To enable them, run the process as the
+ relaying and other access controls are disabled by
+ default. To enable them, run the process as the
mail_owner user.
- This mode of operation is implemented by running
+ This mode of operation is implemented by running
the smtpd(8) daemon.
- -bv Do not collect or deliver a message. Instead, send
- an email report after verifying each recipient
- address. This is useful for testing address
+ -bv Do not collect or deliver a message. Instead, send
+ an email report after verifying each recipient
+ address. This is useful for testing address
rewriting and routing configurations.
- This feature is available in Postfix version 2.1
+ This feature is available in Postfix version 2.1
and later.
-C config_file
-C config_dir
- The path name of the Postfix main.cf file, or of
- its parent directory. This information is ignored
+ The path name of the Postfix main.cf file, or of
+ its parent directory. This information is ignored
with Postfix versions before 2.3.
With all Postfix versions, you can specify a direc-
tory pathname with the MAIL_CONFIG environment
- variable to override the location of configuration
+ variable to override the location of configuration
files.
-F full_name
- Set the sender full name. This overrides the NAME
- environment variable, and is used only with mes-
+ Set the sender full name. This overrides the NAME
+ environment variable, and is used only with mes-
sages that have no From: message header.
-f sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
- -G Gateway (relay) submission, as opposed to initial
- user submission. Either do not rewrite addresses
- at all, or update incomplete addresses with the
+ -G Gateway (relay) submission, as opposed to initial
+ user submission. Either do not rewrite addresses
+ at all, or update incomplete addresses with the
domain information specified with remote_header_re-
write_domain.
- This option is ignored before Postfix version 2.3.
+ This option is ignored before Postfix version 2.3.
-h hop_count (ignored)
- Hop count limit. Use the hopcount_limit configura-
+ Hop count limit. Use the hopcount_limit configura-
tion parameter instead.
- -I Initialize alias database. See the newaliases com-
+ -I Initialize alias database. See the newaliases com-
mand above.
- -i When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -i When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-L label (ignored)
- The logging label. Use the syslog_name configura-
+ The logging label. Use the syslog_name configura-
tion parameter instead.
-m (ignored)
Backwards compatibility.
-N dsn (default: 'delay, failure')
- Delivery status notification control. Specify
- either a comma-separated list with one or more of
- failure (send notification when delivery fails),
+ Delivery status notification control. Specify
+ either a comma-separated list with one or more of
+ failure (send notification when delivery fails),
delay (send notification when delivery is delayed),
- or success (send notification when the message is
- delivered); or specify never (don't send any noti-
+ or success (send notification when the message is
+ delivered); or specify never (don't send any noti-
fications at all).
This feature is available in Postfix 2.3 and later.
@@ -180,77 +185,77 @@ SENDMAIL(1) SENDMAIL(1)
Backwards compatibility.
-oAalias_database
- Non-default alias database. Specify pathname or
+ Non-default alias database. Specify pathname or
type:pathname. See postalias(1) for details.
-O option=value (ignored)
- Set the named option to value. Use the equivalent
+ Set the named option to value. Use the equivalent
configuration parameter in main.cf instead.
-o7 (ignored)
-o8 (ignored)
To send 8-bit or binary content, use an appropriate
- MIME encapsulation and specify the appropriate -B
+ MIME encapsulation and specify the appropriate -B
command-line option.
- -oi When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -oi When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-om (ignored)
- The sender is never eliminated from alias etc.
+ The sender is never eliminated from alias etc.
expansions.
-o x value (ignored)
- Set option x to value. Use the equivalent configu-
+ Set option x to value. Use the equivalent configu-
ration parameter in main.cf instead.
-r sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
-R return_limit (ignored)
- Limit the size of bounced mail. Use the
- bounce_size_limit configuration parameter instead.
+ Limit the size of bounced mail. Use the
+ bounce_size_limit configuration parameter instead.
- -q Attempt to deliver all queued mail. This is imple-
+ -q Attempt to deliver all queued mail. This is imple-
mented by executing the postqueue(1) command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
-qinterval (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
queue_run_delay configuration parameter instead.
-qIqueueid
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the postqueue(1) command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the postqueue(1) command, and is available
with Postfix version 2.4 and later.
-qRsite
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named site. This option accepts only
- site names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ site names that are eligible for the "fast flush"
+ service, and is implemented by executing the
postqueue(1) command. See flush(8) for more infor-
mation about the "fast flush" service.
-qSsite
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"sendmail -q" command instead.
- -t Extract recipients from message headers. These are
- added to any recipients specified on the command
+ -t Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
-U (ignored)
@@ -263,41 +268,41 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
-XV (Postfix 2.2 and earlier: -V)
- Variable Envelope Return Path. Given an envelope
- sender address of the form owner-listname@origin,
- each recipient user@domain receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form owner-listname@origin,
+ each recipient user@domain receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is owner-listname+user=domain@origin. The
- default + and = characters are configurable with
- the default_verp_delimiters configuration parame-
+ By default, the personalized envelope sender
+ address is owner-listname+user=domain@origin. The
+ default + and = characters are configurable with
+ the default_verp_delimiters configuration parame-
ter.
-XVxy (Postfix 2.2 and earlier: -Vxy)
- As -XV, but uses x and y as the VERP delimiter
- characters, instead of the characters specified
- with the default_verp_delimiters configuration
+ As -XV, but uses x and y as the VERP delimiter
+ characters, instead of the characters specified
+ with the default_verp_delimiters configuration
parameter.
- -v Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple -v
+ -v Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple -v
options are given, enable verbose logging for
debugging purposes.
-X log_file (ignored)
- Log mailer traffic. Use the debug_peer_list and
- debug_peer_level configuration parameters instead.
+ Log mailer traffic. Use the debug_peer_list and
+ debug_peer_level configuration parameters instead.
SECURITY
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
DIAGNOSTICS
- Problems are logged to syslogd(8) and to the standard
+ Problems are logged to syslogd(8) and to the standard
error stream.
ENVIRONMENT
@@ -309,29 +314,29 @@ SENDMAIL(1) SENDMAIL(1)
MAIL_DEBUG (value does not matter)
Enable debugging with an external command, as spec-
- ified with the debugger_command configuration
+ ified with the debugger_command configuration
parameter.
- NAME The sender full name. This is used only with mes-
- sages that have no From: message header. See also
+ NAME The sender full name. This is used only with mes-
+ sages that have no From: message header. See also
the -F option above.
CONFIGURATION PARAMETERS
- The following main.cf parameters are especially relevant
+ The following main.cf parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See postconf(5) for more details including exam-
+ summary. See postconf(5) for more details including exam-
ples.
COMPATIBILITY CONTROLS
Available with Postfix 2.9 and later:
sendmail_fix_line_endings (always)
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
TROUBLE SHOOTING CONTROLS
- The DEBUG_README file gives examples of how to trouble
+ The DEBUG_README file gives examples of how to trouble
shoot a Postfix system.
debugger_command (empty)
@@ -339,29 +344,29 @@ SENDMAIL(1) SENDMAIL(1)
mon program is invoked with the -D option.
debug_peer_level (2)
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
debug_peer_list parameter.
debug_peer_list (empty)
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $debug_peer_level.
ACCESS CONTROLS
Available in Postfix version 2.2 and later:
authorized_flush_users (static:anyone)
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
authorized_mailq_users (static:anyone)
List of users who are authorized to view the queue.
authorized_submit_users (static:anyone)
- List of users who are authorized to submit mail
- with the sendmail(1) command (and with the privi-
+ List of users who are authorized to submit mail
+ with the sendmail(1) command (and with the privi-
leged postdrop(1) helper command).
RESOURCE AND RATE CONTROLS
@@ -370,7 +375,7 @@ SENDMAIL(1) SENDMAIL(1)
sent in a non-delivery notification.
fork_attempts (5)
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
fork_delay (1s)
@@ -378,11 +383,11 @@ SENDMAIL(1) SENDMAIL(1)
process.
hopcount_limit (50)
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
queue_run_delay (300s)
- The time between deferred queue scans by the queue
+ The time between deferred queue scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
@@ -392,37 +397,37 @@ SENDMAIL(1) SENDMAIL(1)
fast_flush_domains ($relay_domains)
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
VERP CONTROLS
The VERP_README file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
default_verp_delimiters (+=)
The two default VERP delimiter characters.
verp_delimiter_filter (-=+)
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix sendmail(1) command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix sendmail(1) command line
and in SMTP commands.
MISCELLANEOUS CONTROLS
alias_database (see 'postconf -d' output)
- The alias databases for local(8) delivery that are
+ The alias databases for local(8) delivery that are
updated with "newaliases" or with "sendmail -bi".
command_directory (see 'postconf -d' output)
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
daemon_directory (see 'postconf -d' output)
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
default_database_type (see 'postconf -d' output)
@@ -430,16 +435,16 @@ SENDMAIL(1) SENDMAIL(1)
postalias(1) and postmap(1) commands.
delay_warning_time (0h)
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
enable_errors_to (no)
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
mail_owner (postfix)
@@ -447,21 +452,21 @@ SENDMAIL(1) SENDMAIL(1)
and most Postfix daemon processes.
queue_directory (see 'postconf -d' output)
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
remote_header_rewrite_domain (empty)
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
syslog_facility (mail)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
FILES
@@ -486,7 +491,7 @@ SENDMAIL(1) SENDMAIL(1)
VERP_README, Postfix VERP howto
LICENSE
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff --git a/postfix/html/newaliases.1.html b/postfix/html/newaliases.1.html
index 619941b8f..7dc5ccb3d 100644
--- a/postfix/html/newaliases.1.html
+++ b/postfix/html/newaliases.1.html
@@ -93,85 +93,90 @@ SENDMAIL(1) SENDMAIL(1)
-bi Initialize alias database. See the newaliases com-
mand above.
- -bm Read mail from standard input and arrange for
+ -bl Go into daemon mode. To accept only local connec-
+ tions as with Sendmail's -bl option, specify
+ "inet_interfaces = loopback" in the Postfix main.cf
+ configuration file.
+
+ -bm Read mail from standard input and arrange for
delivery. This is the default mode of operation.
-bp List the mail queue. See the mailq command above.
- -bs Stand-alone SMTP server mode. Read SMTP commands
- from standard input, and write responses to stan-
+ -bs Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
dard output. In stand-alone SMTP server mode, mail
- relaying and other access controls are disabled by
- default. To enable them, run the process as the
+ relaying and other access controls are disabled by
+ default. To enable them, run the process as the
mail_owner user.
- This mode of operation is implemented by running
+ This mode of operation is implemented by running
the smtpd(8) daemon.
- -bv Do not collect or deliver a message. Instead, send
- an email report after verifying each recipient
- address. This is useful for testing address
+ -bv Do not collect or deliver a message. Instead, send
+ an email report after verifying each recipient
+ address. This is useful for testing address
rewriting and routing configurations.
- This feature is available in Postfix version 2.1
+ This feature is available in Postfix version 2.1
and later.
-C config_file
-C config_dir
- The path name of the Postfix main.cf file, or of
- its parent directory. This information is ignored
+ The path name of the Postfix main.cf file, or of
+ its parent directory. This information is ignored
with Postfix versions before 2.3.
With all Postfix versions, you can specify a direc-
tory pathname with the MAIL_CONFIG environment
- variable to override the location of configuration
+ variable to override the location of configuration
files.
-F full_name
- Set the sender full name. This overrides the NAME
- environment variable, and is used only with mes-
+ Set the sender full name. This overrides the NAME
+ environment variable, and is used only with mes-
sages that have no From: message header.
-f sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
- -G Gateway (relay) submission, as opposed to initial
- user submission. Either do not rewrite addresses
- at all, or update incomplete addresses with the
+ -G Gateway (relay) submission, as opposed to initial
+ user submission. Either do not rewrite addresses
+ at all, or update incomplete addresses with the
domain information specified with remote_header_re-
write_domain.
- This option is ignored before Postfix version 2.3.
+ This option is ignored before Postfix version 2.3.
-h hop_count (ignored)
- Hop count limit. Use the hopcount_limit configura-
+ Hop count limit. Use the hopcount_limit configura-
tion parameter instead.
- -I Initialize alias database. See the newaliases com-
+ -I Initialize alias database. See the newaliases com-
mand above.
- -i When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -i When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-L label (ignored)
- The logging label. Use the syslog_name configura-
+ The logging label. Use the syslog_name configura-
tion parameter instead.
-m (ignored)
Backwards compatibility.
-N dsn (default: 'delay, failure')
- Delivery status notification control. Specify
- either a comma-separated list with one or more of
- failure (send notification when delivery fails),
+ Delivery status notification control. Specify
+ either a comma-separated list with one or more of
+ failure (send notification when delivery fails),
delay (send notification when delivery is delayed),
- or success (send notification when the message is
- delivered); or specify never (don't send any noti-
+ or success (send notification when the message is
+ delivered); or specify never (don't send any noti-
fications at all).
This feature is available in Postfix 2.3 and later.
@@ -180,77 +185,77 @@ SENDMAIL(1) SENDMAIL(1)
Backwards compatibility.
-oAalias_database
- Non-default alias database. Specify pathname or
+ Non-default alias database. Specify pathname or
type:pathname. See postalias(1) for details.
-O option=value (ignored)
- Set the named option to value. Use the equivalent
+ Set the named option to value. Use the equivalent
configuration parameter in main.cf instead.
-o7 (ignored)
-o8 (ignored)
To send 8-bit or binary content, use an appropriate
- MIME encapsulation and specify the appropriate -B
+ MIME encapsulation and specify the appropriate -B
command-line option.
- -oi When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -oi When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-om (ignored)
- The sender is never eliminated from alias etc.
+ The sender is never eliminated from alias etc.
expansions.
-o x value (ignored)
- Set option x to value. Use the equivalent configu-
+ Set option x to value. Use the equivalent configu-
ration parameter in main.cf instead.
-r sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
-R return_limit (ignored)
- Limit the size of bounced mail. Use the
- bounce_size_limit configuration parameter instead.
+ Limit the size of bounced mail. Use the
+ bounce_size_limit configuration parameter instead.
- -q Attempt to deliver all queued mail. This is imple-
+ -q Attempt to deliver all queued mail. This is imple-
mented by executing the postqueue(1) command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
-qinterval (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
queue_run_delay configuration parameter instead.
-qIqueueid
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the postqueue(1) command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the postqueue(1) command, and is available
with Postfix version 2.4 and later.
-qRsite
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named site. This option accepts only
- site names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ site names that are eligible for the "fast flush"
+ service, and is implemented by executing the
postqueue(1) command. See flush(8) for more infor-
mation about the "fast flush" service.
-qSsite
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"sendmail -q" command instead.
- -t Extract recipients from message headers. These are
- added to any recipients specified on the command
+ -t Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
-U (ignored)
@@ -263,41 +268,41 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
-XV (Postfix 2.2 and earlier: -V)
- Variable Envelope Return Path. Given an envelope
- sender address of the form owner-listname@origin,
- each recipient user@domain receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form owner-listname@origin,
+ each recipient user@domain receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is owner-listname+user=domain@origin. The
- default + and = characters are configurable with
- the default_verp_delimiters configuration parame-
+ By default, the personalized envelope sender
+ address is owner-listname+user=domain@origin. The
+ default + and = characters are configurable with
+ the default_verp_delimiters configuration parame-
ter.
-XVxy (Postfix 2.2 and earlier: -Vxy)
- As -XV, but uses x and y as the VERP delimiter
- characters, instead of the characters specified
- with the default_verp_delimiters configuration
+ As -XV, but uses x and y as the VERP delimiter
+ characters, instead of the characters specified
+ with the default_verp_delimiters configuration
parameter.
- -v Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple -v
+ -v Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple -v
options are given, enable verbose logging for
debugging purposes.
-X log_file (ignored)
- Log mailer traffic. Use the debug_peer_list and
- debug_peer_level configuration parameters instead.
+ Log mailer traffic. Use the debug_peer_list and
+ debug_peer_level configuration parameters instead.
SECURITY
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
DIAGNOSTICS
- Problems are logged to syslogd(8) and to the standard
+ Problems are logged to syslogd(8) and to the standard
error stream.
ENVIRONMENT
@@ -309,29 +314,29 @@ SENDMAIL(1) SENDMAIL(1)
MAIL_DEBUG (value does not matter)
Enable debugging with an external command, as spec-
- ified with the debugger_command configuration
+ ified with the debugger_command configuration
parameter.
- NAME The sender full name. This is used only with mes-
- sages that have no From: message header. See also
+ NAME The sender full name. This is used only with mes-
+ sages that have no From: message header. See also
the -F option above.
CONFIGURATION PARAMETERS
- The following main.cf parameters are especially relevant
+ The following main.cf parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See postconf(5) for more details including exam-
+ summary. See postconf(5) for more details including exam-
ples.
COMPATIBILITY CONTROLS
Available with Postfix 2.9 and later:
sendmail_fix_line_endings (always)
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
TROUBLE SHOOTING CONTROLS
- The DEBUG_README file gives examples of how to trouble
+ The DEBUG_README file gives examples of how to trouble
shoot a Postfix system.
debugger_command (empty)
@@ -339,29 +344,29 @@ SENDMAIL(1) SENDMAIL(1)
mon program is invoked with the -D option.
debug_peer_level (2)
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
debug_peer_list parameter.
debug_peer_list (empty)
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $debug_peer_level.
ACCESS CONTROLS
Available in Postfix version 2.2 and later:
authorized_flush_users (static:anyone)
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
authorized_mailq_users (static:anyone)
List of users who are authorized to view the queue.
authorized_submit_users (static:anyone)
- List of users who are authorized to submit mail
- with the sendmail(1) command (and with the privi-
+ List of users who are authorized to submit mail
+ with the sendmail(1) command (and with the privi-
leged postdrop(1) helper command).
RESOURCE AND RATE CONTROLS
@@ -370,7 +375,7 @@ SENDMAIL(1) SENDMAIL(1)
sent in a non-delivery notification.
fork_attempts (5)
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
fork_delay (1s)
@@ -378,11 +383,11 @@ SENDMAIL(1) SENDMAIL(1)
process.
hopcount_limit (50)
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
queue_run_delay (300s)
- The time between deferred queue scans by the queue
+ The time between deferred queue scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
@@ -392,37 +397,37 @@ SENDMAIL(1) SENDMAIL(1)
fast_flush_domains ($relay_domains)
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
VERP CONTROLS
The VERP_README file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
default_verp_delimiters (+=)
The two default VERP delimiter characters.
verp_delimiter_filter (-=+)
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix sendmail(1) command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix sendmail(1) command line
and in SMTP commands.
MISCELLANEOUS CONTROLS
alias_database (see 'postconf -d' output)
- The alias databases for local(8) delivery that are
+ The alias databases for local(8) delivery that are
updated with "newaliases" or with "sendmail -bi".
command_directory (see 'postconf -d' output)
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
daemon_directory (see 'postconf -d' output)
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
default_database_type (see 'postconf -d' output)
@@ -430,16 +435,16 @@ SENDMAIL(1) SENDMAIL(1)
postalias(1) and postmap(1) commands.
delay_warning_time (0h)
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
enable_errors_to (no)
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
mail_owner (postfix)
@@ -447,21 +452,21 @@ SENDMAIL(1) SENDMAIL(1)
and most Postfix daemon processes.
queue_directory (see 'postconf -d' output)
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
remote_header_rewrite_domain (empty)
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
syslog_facility (mail)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
FILES
@@ -486,7 +491,7 @@ SENDMAIL(1) SENDMAIL(1)
VERP_README, Postfix VERP howto
LICENSE
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 072b7be32..edf9e3d15 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -12969,8 +12969,8 @@ feature is available in Postfix 2.1 and later.
reject_invalid_helo_hostname (with Postfix < 2.3: reject_invalid_hostname)
-Reject the request when the HELO or EHLO hostname syntax is
-invalid. Note: specify "smtpd_helo_required = yes" to fully enforce
+Reject the request when the HELO or EHLO hostname is malformed.
+Note: specify "smtpd_helo_required = yes" to fully enforce
this restriction (without "smtpd_helo_required = yes", a client can simply
skip reject_invalid_helo_hostname by not sending HELO or EHLO).
The invalid_hostname_reject_code specifies the response code
diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html
index 619941b8f..7dc5ccb3d 100644
--- a/postfix/html/sendmail.1.html
+++ b/postfix/html/sendmail.1.html
@@ -93,85 +93,90 @@ SENDMAIL(1) SENDMAIL(1)
-bi Initialize alias database. See the newaliases com-
mand above.
- -bm Read mail from standard input and arrange for
+ -bl Go into daemon mode. To accept only local connec-
+ tions as with Sendmail's -bl option, specify
+ "inet_interfaces = loopback" in the Postfix main.cf
+ configuration file.
+
+ -bm Read mail from standard input and arrange for
delivery. This is the default mode of operation.
-bp List the mail queue. See the mailq command above.
- -bs Stand-alone SMTP server mode. Read SMTP commands
- from standard input, and write responses to stan-
+ -bs Stand-alone SMTP server mode. Read SMTP commands
+ from standard input, and write responses to stan-
dard output. In stand-alone SMTP server mode, mail
- relaying and other access controls are disabled by
- default. To enable them, run the process as the
+ relaying and other access controls are disabled by
+ default. To enable them, run the process as the
mail_owner user.
- This mode of operation is implemented by running
+ This mode of operation is implemented by running
the smtpd(8) daemon.
- -bv Do not collect or deliver a message. Instead, send
- an email report after verifying each recipient
- address. This is useful for testing address
+ -bv Do not collect or deliver a message. Instead, send
+ an email report after verifying each recipient
+ address. This is useful for testing address
rewriting and routing configurations.
- This feature is available in Postfix version 2.1
+ This feature is available in Postfix version 2.1
and later.
-C config_file
-C config_dir
- The path name of the Postfix main.cf file, or of
- its parent directory. This information is ignored
+ The path name of the Postfix main.cf file, or of
+ its parent directory. This information is ignored
with Postfix versions before 2.3.
With all Postfix versions, you can specify a direc-
tory pathname with the MAIL_CONFIG environment
- variable to override the location of configuration
+ variable to override the location of configuration
files.
-F full_name
- Set the sender full name. This overrides the NAME
- environment variable, and is used only with mes-
+ Set the sender full name. This overrides the NAME
+ environment variable, and is used only with mes-
sages that have no From: message header.
-f sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
- -G Gateway (relay) submission, as opposed to initial
- user submission. Either do not rewrite addresses
- at all, or update incomplete addresses with the
+ -G Gateway (relay) submission, as opposed to initial
+ user submission. Either do not rewrite addresses
+ at all, or update incomplete addresses with the
domain information specified with remote_header_re-
write_domain.
- This option is ignored before Postfix version 2.3.
+ This option is ignored before Postfix version 2.3.
-h hop_count (ignored)
- Hop count limit. Use the hopcount_limit configura-
+ Hop count limit. Use the hopcount_limit configura-
tion parameter instead.
- -I Initialize alias database. See the newaliases com-
+ -I Initialize alias database. See the newaliases com-
mand above.
- -i When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -i When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-L label (ignored)
- The logging label. Use the syslog_name configura-
+ The logging label. Use the syslog_name configura-
tion parameter instead.
-m (ignored)
Backwards compatibility.
-N dsn (default: 'delay, failure')
- Delivery status notification control. Specify
- either a comma-separated list with one or more of
- failure (send notification when delivery fails),
+ Delivery status notification control. Specify
+ either a comma-separated list with one or more of
+ failure (send notification when delivery fails),
delay (send notification when delivery is delayed),
- or success (send notification when the message is
- delivered); or specify never (don't send any noti-
+ or success (send notification when the message is
+ delivered); or specify never (don't send any noti-
fications at all).
This feature is available in Postfix 2.3 and later.
@@ -180,77 +185,77 @@ SENDMAIL(1) SENDMAIL(1)
Backwards compatibility.
-oAalias_database
- Non-default alias database. Specify pathname or
+ Non-default alias database. Specify pathname or
type:pathname. See postalias(1) for details.
-O option=value (ignored)
- Set the named option to value. Use the equivalent
+ Set the named option to value. Use the equivalent
configuration parameter in main.cf instead.
-o7 (ignored)
-o8 (ignored)
To send 8-bit or binary content, use an appropriate
- MIME encapsulation and specify the appropriate -B
+ MIME encapsulation and specify the appropriate -B
command-line option.
- -oi When reading a message from standard input, don't
- treat a line with only a . character as the end of
+ -oi When reading a message from standard input, don't
+ treat a line with only a . character as the end of
input.
-om (ignored)
- The sender is never eliminated from alias etc.
+ The sender is never eliminated from alias etc.
expansions.
-o x value (ignored)
- Set option x to value. Use the equivalent configu-
+ Set option x to value. Use the equivalent configu-
ration parameter in main.cf instead.
-r sender
Set the envelope sender address. This is the
- address where delivery problems are sent to. With
+ address where delivery problems are sent to. With
Postfix versions before 2.1, the Errors-To: message
header overrides the error return address.
-R return_limit (ignored)
- Limit the size of bounced mail. Use the
- bounce_size_limit configuration parameter instead.
+ Limit the size of bounced mail. Use the
+ bounce_size_limit configuration parameter instead.
- -q Attempt to deliver all queued mail. This is imple-
+ -q Attempt to deliver all queued mail. This is imple-
mented by executing the postqueue(1) command.
Warning: flushing undeliverable mail frequently
- will result in poor delivery performance of all
+ will result in poor delivery performance of all
other mail.
-qinterval (ignored)
- The interval between queue runs. Use the
+ The interval between queue runs. Use the
queue_run_delay configuration parameter instead.
-qIqueueid
Schedule immediate delivery of mail with the speci-
- fied queue ID. This option is implemented by exe-
- cuting the postqueue(1) command, and is available
+ fied queue ID. This option is implemented by exe-
+ cuting the postqueue(1) command, and is available
with Postfix version 2.4 and later.
-qRsite
- Schedule immediate delivery of all mail that is
+ Schedule immediate delivery of all mail that is
queued for the named site. This option accepts only
- site names that are eligible for the "fast flush"
- service, and is implemented by executing the
+ site names that are eligible for the "fast flush"
+ service, and is implemented by executing the
postqueue(1) command. See flush(8) for more infor-
mation about the "fast flush" service.
-qSsite
- This command is not implemented. Use the slower
+ This command is not implemented. Use the slower
"sendmail -q" command instead.
- -t Extract recipients from message headers. These are
- added to any recipients specified on the command
+ -t Extract recipients from message headers. These are
+ added to any recipients specified on the command
line.
- With Postfix versions prior to 2.1, this option
- requires that no recipient addresses are specified
+ With Postfix versions prior to 2.1, this option
+ requires that no recipient addresses are specified
on the command line.
-U (ignored)
@@ -263,41 +268,41 @@ SENDMAIL(1) SENDMAIL(1)
This feature is available in Postfix 2.3 and later.
-XV (Postfix 2.2 and earlier: -V)
- Variable Envelope Return Path. Given an envelope
- sender address of the form owner-listname@origin,
- each recipient user@domain receives mail with a
+ Variable Envelope Return Path. Given an envelope
+ sender address of the form owner-listname@origin,
+ each recipient user@domain receives mail with a
personalized envelope sender address.
- By default, the personalized envelope sender
- address is owner-listname+user=domain@origin. The
- default + and = characters are configurable with
- the default_verp_delimiters configuration parame-
+ By default, the personalized envelope sender
+ address is owner-listname+user=domain@origin. The
+ default + and = characters are configurable with
+ the default_verp_delimiters configuration parame-
ter.
-XVxy (Postfix 2.2 and earlier: -Vxy)
- As -XV, but uses x and y as the VERP delimiter
- characters, instead of the characters specified
- with the default_verp_delimiters configuration
+ As -XV, but uses x and y as the VERP delimiter
+ characters, instead of the characters specified
+ with the default_verp_delimiters configuration
parameter.
- -v Send an email report of the first delivery attempt
- (Postfix versions 2.1 and later). Mail delivery
- always happens in the background. When multiple -v
+ -v Send an email report of the first delivery attempt
+ (Postfix versions 2.1 and later). Mail delivery
+ always happens in the background. When multiple -v
options are given, enable verbose logging for
debugging purposes.
-X log_file (ignored)
- Log mailer traffic. Use the debug_peer_list and
- debug_peer_level configuration parameters instead.
+ Log mailer traffic. Use the debug_peer_list and
+ debug_peer_level configuration parameters instead.
SECURITY
- By design, this program is not set-user (or group) id.
- However, it must handle data from untrusted, possibly
- remote, users. Thus, the usual precautions need to be
+ By design, this program is not set-user (or group) id.
+ However, it must handle data from untrusted, possibly
+ remote, users. Thus, the usual precautions need to be
taken against malicious inputs.
DIAGNOSTICS
- Problems are logged to syslogd(8) and to the standard
+ Problems are logged to syslogd(8) and to the standard
error stream.
ENVIRONMENT
@@ -309,29 +314,29 @@ SENDMAIL(1) SENDMAIL(1)
MAIL_DEBUG (value does not matter)
Enable debugging with an external command, as spec-
- ified with the debugger_command configuration
+ ified with the debugger_command configuration
parameter.
- NAME The sender full name. This is used only with mes-
- sages that have no From: message header. See also
+ NAME The sender full name. This is used only with mes-
+ sages that have no From: message header. See also
the -F option above.
CONFIGURATION PARAMETERS
- The following main.cf parameters are especially relevant
+ The following main.cf parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See postconf(5) for more details including exam-
+ summary. See postconf(5) for more details including exam-
ples.
COMPATIBILITY CONTROLS
Available with Postfix 2.9 and later:
sendmail_fix_line_endings (always)
- Controls how the Postfix sendmail command converts
- email message line endings from <CR><LF> into UNIX
+ Controls how the Postfix sendmail command converts
+ email message line endings from <CR><LF> into UNIX
format (<LF>).
TROUBLE SHOOTING CONTROLS
- The DEBUG_README file gives examples of how to trouble
+ The DEBUG_README file gives examples of how to trouble
shoot a Postfix system.
debugger_command (empty)
@@ -339,29 +344,29 @@ SENDMAIL(1) SENDMAIL(1)
mon program is invoked with the -D option.
debug_peer_level (2)
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
debug_peer_list parameter.
debug_peer_list (empty)
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $debug_peer_level.
ACCESS CONTROLS
Available in Postfix version 2.2 and later:
authorized_flush_users (static:anyone)
- List of users who are authorized to flush the
+ List of users who are authorized to flush the
queue.
authorized_mailq_users (static:anyone)
List of users who are authorized to view the queue.
authorized_submit_users (static:anyone)
- List of users who are authorized to submit mail
- with the sendmail(1) command (and with the privi-
+ List of users who are authorized to submit mail
+ with the sendmail(1) command (and with the privi-
leged postdrop(1) helper command).
RESOURCE AND RATE CONTROLS
@@ -370,7 +375,7 @@ SENDMAIL(1) SENDMAIL(1)
sent in a non-delivery notification.
fork_attempts (5)
- The maximal number of attempts to fork() a child
+ The maximal number of attempts to fork() a child
process.
fork_delay (1s)
@@ -378,11 +383,11 @@ SENDMAIL(1) SENDMAIL(1)
process.
hopcount_limit (50)
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
queue_run_delay (300s)
- The time between deferred queue scans by the queue
+ The time between deferred queue scans by the queue
manager; prior to Postfix 2.4 the default value was
1000s.
@@ -392,37 +397,37 @@ SENDMAIL(1) SENDMAIL(1)
fast_flush_domains ($relay_domains)
Optional list of destinations that are eligible for
- per-destination logfiles with mail that is queued
+ per-destination logfiles with mail that is queued
to those destinations.
VERP CONTROLS
The VERP_README file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses.
default_verp_delimiters (+=)
The two default VERP delimiter characters.
verp_delimiter_filter (-=+)
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix sendmail(1) command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix sendmail(1) command line
and in SMTP commands.
MISCELLANEOUS CONTROLS
alias_database (see 'postconf -d' output)
- The alias databases for local(8) delivery that are
+ The alias databases for local(8) delivery that are
updated with "newaliases" or with "sendmail -bi".
command_directory (see 'postconf -d' output)
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
config_directory (see 'postconf -d' output)
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
daemon_directory (see 'postconf -d' output)
- The directory with Postfix support programs and
+ The directory with Postfix support programs and
daemon programs.
default_database_type (see 'postconf -d' output)
@@ -430,16 +435,16 @@ SENDMAIL(1) SENDMAIL(1)
postalias(1) and postmap(1) commands.
delay_warning_time (0h)
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
enable_errors_to (no)
- Report mail delivery errors to the address speci-
- fied with the non-standard Errors-To: message
- header, instead of the envelope sender address
- (this feature is removed with Postfix version 2.2,
- is turned off by default with Postfix version 2.1,
- and is always turned on with older Postfix ver-
+ Report mail delivery errors to the address speci-
+ fied with the non-standard Errors-To: message
+ header, instead of the envelope sender address
+ (this feature is removed with Postfix version 2.2,
+ is turned off by default with Postfix version 2.1,
+ and is always turned on with older Postfix ver-
sions).
mail_owner (postfix)
@@ -447,21 +452,21 @@ SENDMAIL(1) SENDMAIL(1)
and most Postfix daemon processes.
queue_directory (see 'postconf -d' output)
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
remote_header_rewrite_domain (empty)
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
syslog_facility (mail)
The syslog facility of Postfix logging.
syslog_name (see 'postconf -d' output)
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
FILES
@@ -486,7 +491,7 @@ SENDMAIL(1) SENDMAIL(1)
VERP_README, Postfix VERP howto
LICENSE
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
diff --git a/postfix/man/man1/sendmail.1 b/postfix/man/man1/sendmail.1
index 1c6e3ebd9..ae11e70e6 100644
--- a/postfix/man/man1/sendmail.1
+++ b/postfix/man/man1/sendmail.1
@@ -82,6 +82,11 @@ Postfix has no persistent host status database.
.IP \fB-bi\fR
Initialize alias database. See the \fBnewaliases\fR
command above.
+.IP \fB-bl\fR
+Go into daemon mode. To accept only local connections as
+with Sendmail\'s \fB-bl\fR option, specify "\fBinet_interfaces
+= loopback\fR" in the Postfix \fBmain.cf\fR configuration
+file.
.IP \fB-bm\fR
Read mail from standard input and arrange for delivery.
This is the default mode of operation.
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index ab0b7e31a..b8a6c2089 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -8158,8 +8158,8 @@ restriction (without "smtpd_helo_required = yes", a client can
simply skip check_helo_ns_access by not sending HELO or EHLO). This
feature is available in Postfix 2.1 and later.
.IP "\fBreject_invalid_helo_hostname\fR (with Postfix < 2.3: reject_invalid_hostname)"
-Reject the request when the HELO or EHLO hostname syntax is
-invalid. Note: specify "smtpd_helo_required = yes" to fully enforce
+Reject the request when the HELO or EHLO hostname is malformed.
+Note: specify "smtpd_helo_required = yes" to fully enforce
this restriction (without "smtpd_helo_required = yes", a client can simply
skip reject_invalid_helo_hostname by not sending HELO or EHLO).
.br
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 416ed5b4a..18c12fafc 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -5432,8 +5432,8 @@ feature is available in Postfix 2.1 and later.
reject_invalid_helo_hostname (with Postfix < 2.3: reject_invalid_hostname)
-Reject the request when the HELO or EHLO hostname syntax is
-invalid. Note: specify "smtpd_helo_required = yes" to fully enforce
+Reject the request when the HELO or EHLO hostname is malformed.
+Note: specify "smtpd_helo_required = yes" to fully enforce
this restriction (without "smtpd_helo_required = yes", a client can simply
skip reject_invalid_helo_hostname by not sending HELO or EHLO).
The invalid_hostname_reject_code specifies the response code
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index a287560b6..4479ab0e4 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20120627"
+#define MAIL_RELEASE_DATE "20120630"
#define MAIL_VERSION_NUMBER "2.10"
#ifdef SNAPSHOT
diff --git a/postfix/src/postscreen/postscreen_endpt.c b/postfix/src/postscreen/postscreen_endpt.c
index 44f332e77..c49f42530 100644
--- a/postfix/src/postscreen/postscreen_endpt.c
+++ b/postfix/src/postscreen/postscreen_endpt.c
@@ -6,11 +6,11 @@
/* SYNOPSIS
/* #include
/*
-/* void psc_endpt_lookup(smtp_client_stream,
-/* void *lookup_done(status, smtp_client_stream,
+/* void psc_endpt_lookup(smtp_client_stream, lookup_done)
+/* VSTREAM *smtp_client_stream;
+/* void (*lookup_done)(status, smtp_client_stream,
/* smtp_client_addr, smtp_client_port,
-/* smtp_server_addr, smtp_server_port))
-/* VSTRING *smtp_client_stream;
+/* smtp_server_addr, smtp_server_port)
/* int status;
/* MAI_HOSTADDR_STR *smtp_client_addr;
/* MAI_SERVPORT_STR *smtp_client_port;
@@ -18,13 +18,33 @@
/* MAI_SERVPORT_STR *smtp_server_port;
/* DESCRIPTION
/* psc_endpt_lookup() looks up remote and local connection
-/* endpoint information through local system calls or through
-/* a remote proxy protocol. The lookup_done() call-back routine
-/* passes the result status, address and port information. The
-/* result status is -1 in case of error, 0 in case of success.
-/* This function (and its supporting routines) logs a warning
-/* in case of error, and never communicates with a remote SMTP
-/* client.
+/* endpoint information, either through local system calls,
+/* or through an adapter for an up-stream proxy protocol.
+/*
+/* The following summarizes what the postscreen(8) server
+/* expects from a proxy protocol adapter routine.
+/* .IP \(bu
+/* Accept the same arguments as psc_endpt_lookup().
+/* .IP \(bu
+/* Validate protocol, address and port syntax. Permit only
+/* protocols that are configured with the main.cf:inet_protocols
+/* setting.
+/* .IP \(bu
+/* Convert IPv4-in-IPv6 address syntax to IPv4 syntax when
+/* both IPv6 and IPv4 support are enabled with main.cf:inet_protocols.
+/* .IP \(bu
+/* Log a clear warning message that explains why a request
+/* fails.
+/* .IP \(bu
+/* Never talk to the remote SMTP client.
+/* .PP
+/* Arguments:
+/* .IP client_stream
+/* A brand-new stream that is connected to the remote client.
+/* .IP lookup
+/* Call-back routine that reports the result status, address
+/* and port information. The result status is -1 in case of
+/* error, 0 in case of success.
/* LICENSE
/* .ad
/* .fi
diff --git a/postfix/src/postscreen/postscreen_haproxy.c b/postfix/src/postscreen/postscreen_haproxy.c
index 0bc7fd890..60fcbcab5 100644
--- a/postfix/src/postscreen/postscreen_haproxy.c
+++ b/postfix/src/postscreen/postscreen_haproxy.c
@@ -6,11 +6,11 @@
/* SYNOPSIS
/* #include
/*
-/* void psc_endpt_haproxy_lookup(smtp_client_stream,
-/* void *lookup_done(status, smtp_client_stream,
-/* smtp_client_addr, smtp_client_port,
-/* smtp_server_addr, smtp_server_port))
+/* void psc_endpt_haproxy_lookup(smtp_client_stream, lookup_done)
/* VSTRING *smtp_client_stream;
+/* void (*lookup_done)(status, smtp_client_stream,
+/* smtp_client_addr, smtp_client_port,
+/* smtp_server_addr, smtp_server_port)
/* int status;
/* MAI_HOSTADDR_STR *smtp_client_addr;
/* MAI_SERVPORT_STR *smtp_client_port;
@@ -20,16 +20,6 @@
/* psc_endpt_haproxy_lookup() looks up connection endpoint
/* information via the haproxy protocol. Arguments and results
/* conform to the postscreen_endpt(3) API.
-/*
-/* The following summarizes what the Postfix SMTP server expects
-/* from an up-stream proxy adapter.
-/* .IP \(bu
-/* Validate address and port syntax. Permit only protocols
-/* that are configured with the main.cf:inet_protocols
-/* setting.
-/* .IP \(bu
-/* Convert IPv4-in-IPv6 address syntax to IPv4 form, when both
-/* IPv4 and IPv6 support are enabled with main.cf:inet_protocols.
/* LICENSE
/* .ad
/* .fi
@@ -91,9 +81,16 @@ static void psc_endpt_haproxy_event(int event, char *context)
int last_char = 0;
const char *err;
VSTRING *escape_buf;
+ char read_buf[HAPROXY_MAX_LEN];
+ ssize_t read_len;
+ char *cp;
/*
- * Basic event processing.
+ * We must not read(2) past the that terminates the haproxy
+ * line. For efficiency reasons we read the entire haproxy line in one
+ * read(2) call when we know that the line is unfragmented. In the rare
+ * case that the line is fragmented, we fall back and read(2) it one
+ * character at a time.
*/
switch (event) {
case EVENT_TIME:
@@ -101,20 +98,35 @@ static void psc_endpt_haproxy_event(int event, char *context)
status = -1;
break;
case EVENT_READ:
- if ((last_char = VSTREAM_GETC(state->stream)) == VSTREAM_EOF) {
- if (vstream_ferror(state->stream))
- msg_warn("haproxy read: %m");
- else
- msg_warn("haproxy read: lost connection");
- status = -1;
- break;
+ /* Determine the initial VSTREAM read(2) buffer size. */
+ if (VSTRING_LEN(state->buffer) == 0) {
+ if ((read_len = recv(vstream_fileno(state->stream),
+ read_buf, sizeof(read_buf) - 1, MSG_PEEK)) > 0
+ && ((cp = memchr(read_buf, '\n', read_len)) != 0)) {
+ read_len = cp - read_buf + 1;
+ } else {
+ read_len = 1;
+ }
+ vstream_control(state->stream, VSTREAM_CTL_BUFSIZE, read_len,
+ VSTREAM_CTL_END);
}
- if (VSTRING_LEN(state->buffer) >= HAPROXY_MAX_LEN) {
- msg_warn("haproxy read: line too long");
- status = -1;
- break;
- }
- VSTRING_ADDCH(state->buffer, last_char);
+ /* Drain the VSTREAM buffer, otherwise this pseudo-thread will hang. */
+ do {
+ if ((last_char = VSTREAM_GETC(state->stream)) == VSTREAM_EOF) {
+ if (vstream_ferror(state->stream))
+ msg_warn("haproxy read: %m");
+ else
+ msg_warn("haproxy read: lost connection");
+ status = -1;
+ break;
+ }
+ if (VSTRING_LEN(state->buffer) >= HAPROXY_MAX_LEN) {
+ msg_warn("haproxy read: line too long");
+ status = -1;
+ break;
+ }
+ VSTRING_ADDCH(state->buffer, last_char);
+ } while (vstream_peek(state->stream) > 0);
break;
}
@@ -174,18 +186,6 @@ void psc_endpt_haproxy_lookup(VSTREAM *stream,
state->notify = notify;
state->buffer = vstring_alloc(100);
- /*
- * We don't assume that the haproxy line will be unfragmented. Therefore,
- * we use read(2) instead of recv(..., MSG_PEEK).
- *
- * We must not read(2) past the that terminates the haproxy line.
- * Therefore we force one-character read(2) calls.
- *
- * We want to (eventually) build this on top of a reusable line read
- * routine, once we have figured out an easy-to-use and efficient API.
- */
- vstream_control(stream, VSTREAM_CTL_BUFSIZE, 1, VSTREAM_CTL_END);
-
/*
* Read the haproxy line.
*/
diff --git a/postfix/src/sendmail/sendmail.c b/postfix/src/sendmail/sendmail.c
index 05406b81b..d0bc76dee 100644
--- a/postfix/src/sendmail/sendmail.c
+++ b/postfix/src/sendmail/sendmail.c
@@ -76,6 +76,11 @@
/* .IP \fB-bi\fR
/* Initialize alias database. See the \fBnewaliases\fR
/* command above.
+/* .IP \fB-bl\fR
+/* Go into daemon mode. To accept only local connections as
+/* with Sendmail\'s \fB-bl\fR option, specify "\fBinet_interfaces
+/* = loopback\fR" in the Postfix \fBmain.cf\fR configuration
+/* file.
/* .IP \fB-bm\fR
/* Read mail from standard input and arrange for delivery.
/* This is the default mode of operation.
@@ -1182,6 +1187,7 @@ int main(int argc, char **argv)
default:
msg_fatal_status(EX_USAGE, "unsupported: -%c%c", c, *optarg);
case 'd': /* daemon mode */
+ case 'l': /* daemon mode */
if (mode == SM_MODE_FLUSHQ)
msg_warn("ignoring -q option in daemon mode");
mode = SM_MODE_DAEMON;
diff --git a/postfix/src/smtpd/smtpd_haproxy.c b/postfix/src/smtpd/smtpd_haproxy.c
index d104d9dca..599e3ed42 100644
--- a/postfix/src/smtpd/smtpd_haproxy.c
+++ b/postfix/src/smtpd/smtpd_haproxy.c
@@ -15,12 +15,12 @@
/* The following summarizes what the Postfix SMTP server expects
/* from an up-stream proxy adapter.
/* .IP \(bu
-/* Validate address and port syntax. Permit only protocols
-/* that are configured with the main.cf:inet_protocols
+/* Validate protocol, address and port syntax. Permit only
+/* protocols that are configured with the main.cf:inet_protocols
/* setting.
/* .IP \(bu
-/* Convert IPv4-in-IPv6 address syntax to IPv4 syntax, when
-/* both IPv4 and IPv6 support are enabled with main.cf:inet_protocols.
+/* Convert IPv4-in-IPv6 address syntax to IPv4 syntax when
+/* both IPv6 and IPv4 support are enabled with main.cf:inet_protocols.
/* .IP \(bu
/* Update the following session context fields: addr, port,
/* rfc_addr, addr_family, dest_addr. The addr_family field
@@ -30,7 +30,10 @@
/* mystrdup(). In case of error, leave unassigned string fields
/* at their initial zero value.
/* .IP \(bu
-/* Log warnings in case of data format error.
+/* Log a clear warning message that explains why a request
+/* fails.
+/* .IP \(bu
+/* Never talk to the remote SMTP client.
/* .PP
/* Arguments:
/* .IP state
@@ -113,7 +116,7 @@ int smtpd_peer_from_haproxy(SMTPD_STATE *state)
case 0:
if (smtp_get(state->buffer, state->client, HAPROXY_MAX_LEN,
SMTP_GET_FLAG_NONE) != '\n') {
- msg_warn("haproxy line > %d characters", HAPROXY_MAX_LEN);
+ msg_warn("haproxy read: line > %d characters", HAPROXY_MAX_LEN);
return (-1);
}
if ((proxy_err = haproxy_srvr_parse(STR(state->buffer),
diff --git a/postfix/src/util/pass_accept.c b/postfix/src/util/pass_accept.c
index 3e1504986..d06926f8e 100644
--- a/postfix/src/util/pass_accept.c
+++ b/postfix/src/util/pass_accept.c
@@ -73,7 +73,7 @@ int pass_accept(int listen_fd)
}
}
-/* pass_accept_attr - accept attribute list and descriptor */
+/* pass_accept_attr - accept descriptor and attribute list */
int pass_accept_attr(int listen_fd, HTABLE **attr)
{
diff --git a/postfix/src/util/vstream.c b/postfix/src/util/vstream.c
index ee718b457..38eb02246 100644
--- a/postfix/src/util/vstream.c
+++ b/postfix/src/util/vstream.c
@@ -1478,8 +1478,9 @@ void vstream_control(VSTREAM *stream, int name,...)
*/
case VSTREAM_CTL_BUFSIZE:
req_bufsize = va_arg(ap, ssize_t);
- if (req_bufsize < 0)
- msg_panic("VSTREAM_CTL_BUFSIZE with negative size: %ld",
+ /* Heuristic to detect missing (ssize_t) type cast on LP64 hosts. */
+ if (req_bufsize < 0 || req_bufsize > INT_MAX)
+ msg_panic("unreasonable VSTREAM_CTL_BUFSIZE request: %ld",
(long) req_bufsize);
if (req_bufsize > 0 && stream != VSTREAM_ERR)
stream->req_bufsize = req_bufsize;