diff --git a/postfix/HISTORY b/postfix/HISTORY
index 7db3e2817..2169e9c81 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -4009,3 +4009,12 @@ Apologies for any names omitted.
feature uses the same filtering syntax as the header_checks
feature. File: cleanup/cleanup_message.c. See also the
conf/sample-filter.cf file.
+
+20000529
+
+ Feature: full content inspection through external software.
+ This uses existing interfaces for sending and receiving mail
+ from and to the content inspector. Currently, only the SMTP
+ server is suitable for receiving inspected mail. Details
+ in INSPECTION_README. Files: pickup/pickup.c, smtpd/smtpd.c,
+ qmgr/qmgr_message.c.
diff --git a/postfix/INSPECTION_README b/postfix/INSPECTION_README
new file mode 100644
index 000000000..e9968c185
--- /dev/null
+++ b/postfix/INSPECTION_README
@@ -0,0 +1,77 @@
+This is a very first implementation of Postfix content inspection.
+It involves an incompatible change to queue file formats. Older
+Postfix versions will move the mail aside to the "corrupt" mail
+queue subdirectory.
+
+The example uses content inspection software that can receive and
+deliver mail via SMTP. At present, Postfix can receive already
+inspected mail only via SMTP. In the future it may become possible
+to submit already filtered mail via the postdrop command. However,
+doing business over SMTP is much less inefficient.
+
+We will set up a content inspector program listening on localhost
+port 10025 that receives mail via the SMTP protocol, and that
+submits mail back into Postfix via localhost port 10026.
+
+ ..................................
+ . Postfix .
+ ------smtpd \ /local-----
+ . -cleanup->queue- .
+ -----pickup / ^ | \smtp------
+ . | v .
+ . smtpd smtp .
+ . 10026 | .
+ ......................|...........
+ ^ |
+ | v
+ ....|............
+ . | 10025 .
+ . inspector .
+ . .
+ .................
+
+To enable content inspection in this manner, specify in main.cf a
+new parameter:
+
+ /etc/postfix/main.cf:
+ content_inspector = smtp:localhost:10025
+
+This causes Postfix to add one extra content inspection record to
+each incoming mail message, with content smtp:localhost:10025.
+You can use the same syntax as in the right-hand side of a Postfix
+transport table. The content inspection records are added by the
+smtpd and pickup servers.
+
+When a queue file has content inspection information, the queue
+manager will deliver the mail to the specified content inspector
+regardless of its final destination.
+
+Setting up the content inspector could be done with the Postfix
+spawn service, to instantiate up to 10 processes on demand:
+
+ /etc/postfix/master.cf:
+ localhost:10025 inet - n n - 10 spawn
+ user=inspect argv=/some/where/inspect localhost 10026
+
+The spawn server is part of Postfix but is not installed by default.
+Edit the top-level Makefile.in file, run "make makefiles", "make",
+and "make install".
+
+The /some/where/inspect command is most likely a PERL script. PERL
+has modules that make talking SMTP easy. The command-line specifies
+that mail shouldbe sent back into Postfix via localhost port 10026.
+
+The job of the content inspector is to either bounce mail with a
+suitable diagnostic, or to feed the mail back into Postfix through
+a dedicated listener on port localhost 10026:
+
+ /etc/postfix/master.cf:
+ localhost:10026 inet n - n - 0 smtpd
+ -o content_inspector= myhostname=localhost.domain.name
+
+This is just another SMTP server. It is configured NOT to request
+content inspection for incoming mail, has no process limit (so
+Postfix will not deadlock), and is configured to use a different
+hostname in the greeting message (this is necessary for testing
+when I simply use no inspector program and let the SMTP content
+inspection interfaces talk directly to each other).
diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES
index 0a00de788..08047e365 100644
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -1,4 +1,24 @@
-Major changes with snapshot-20000526
+Incompatible changes with snapshot-20000529
+===========================================
+
+This version introduces an incompatible queue file format change
+when content inspection is enabled. Old Postfix queue files will
+work fine, but new queue files will not work with old Postfix
+versions. They log a warning and move incompatible queue files to
+the "corrupt" mail queue subdirectory.
+
+Major changes with snapshot-20000529
+====================================
+
+This version introduces full content inspection through an external
+process. This involves an incompatible change in queue file format.
+Mail is delivered to content inspection software via an existing
+mail delivery agent, and is re-injected into Postfix via an existing
+mail submission agent. Presently, only the Postfix SMTP server is
+suitable for receiving already inspected mail. Details in the
+INSPECTION_README file.
+
+Major changes with snapshot-20000528
====================================
Specify "body_checks = regexp:/etc/postfix/body_checks" for a quick
diff --git a/postfix/SASL_README b/postfix/SASL_README
index 7c9f18ef7..271487961 100644
--- a/postfix/SASL_README
+++ b/postfix/SASL_README
@@ -137,8 +137,8 @@ Enabling SASL authentication in the Postfix SMTP client
Turn on client-side SASL authentication, and specify a table with
per-host or per-destination username and password information.
Postfix first looks up the server hostname; if no entry is found,
-then Postfix looks up the destination domain name (the address
-remote part).
+then Postfix looks up the destination domain name (usually, the
+remote part of an email address).
/etc/postfix/main.cf:
smtp_sasl_auth_enable = yes
diff --git a/postfix/conf/sample-filter.cf b/postfix/conf/sample-filter.cf
index 5c27373d0..51903c68a 100644
--- a/postfix/conf/sample-filter.cf
+++ b/postfix/conf/sample-filter.cf
@@ -11,12 +11,15 @@
# When a pattern matches, and the associated action is REJECT, the
# entire message is rejected.
#
+# These patterns do not apply to MIME headers in the message body.
+#
header_checks = regexp:/etc/postfix/header_checks
# The body_checks parameter specifies an optional table with patterns
-# that each physical non-header line is matched against (including
-# MIME headers inside the message body). Lines are matched one at
-# a time. Long lines are matched in chunks of at most $line_length_limit
+# that each physical line in the message body is matched against
+# (including MIME headers inside the message body - Postfix does not
+# recognize multi-line MIME headers). Lines are matched one at a
+# time. Long lines are matched in chunks of at most $line_length_limit
# characters. Patterns are matched in the specified order, and the
# search stops upon the first match. When a pattern matches, and
# the associated action is REJECT, the entire message is rejected.
diff --git a/postfix/global/mail_params.h b/postfix/global/mail_params.h
index 0238a04a5..a802addf6 100644
--- a/postfix/global/mail_params.h
+++ b/postfix/global/mail_params.h
@@ -1045,6 +1045,14 @@ extern bool var_allow_min_user;
extern void mail_params_init(void);
+ /*
+ * Content inspection transport. The things we have to do because some
+ * over-paid peecee programmers could not do a proper job.
+ */
+#define VAR_INSPECT_XPORT "content_inspector"
+#define DEF_INSPECT_XPORT ""
+extern char *var_inspect_xport;
+
/* LICENSE
/* .ad
/* .fi
diff --git a/postfix/global/mail_version.h b/postfix/global/mail_version.h
index 3883d430d..56a44ccf6 100644
--- a/postfix/global/mail_version.h
+++ b/postfix/global/mail_version.h
@@ -15,7 +15,7 @@
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "Snapshot-20000528"
+#define DEF_MAIL_VERSION "Snapshot-20000529"
extern char *var_mail_version;
/* LICENSE
diff --git a/postfix/global/rec_type.c b/postfix/global/rec_type.c
index c03aa1dba..21684209c 100644
--- a/postfix/global/rec_type.c
+++ b/postfix/global/rec_type.c
@@ -43,6 +43,7 @@ REC_TYPE_NAME rec_type_names[] = {
REC_TYPE_SIZE, "message_size",
REC_TYPE_TIME, "time",
REC_TYPE_FULL, "fullname",
+ REC_TYPE_INSP, "content_inspector",
REC_TYPE_FROM, "sender",
REC_TYPE_DONE, "done",
REC_TYPE_RCPT, "recipient",
diff --git a/postfix/global/rec_type.h b/postfix/global/rec_type.h
index e0e32122e..135714bfe 100644
--- a/postfix/global/rec_type.h
+++ b/postfix/global/rec_type.h
@@ -28,6 +28,7 @@
#define REC_TYPE_SIZE 'C' /* first record, created by cleanup */
#define REC_TYPE_TIME 'T' /* time stamp, required */
#define REC_TYPE_FULL 'F' /* full name, optional */
+#define REC_TYPE_INSP 'I' /* inspector transport */
#define REC_TYPE_FROM 'S' /* sender, required */
#define REC_TYPE_DONE 'D' /* delivered recipient, optional */
#define REC_TYPE_RCPT 'R' /* todo recipient, optional */
@@ -51,7 +52,7 @@
* record groups. The first member in each set is the record type that
* indicates the end of that record group.
*/
-#define REC_TYPE_ENVELOPE "MCTFSDRW"
+#define REC_TYPE_ENVELOPE "MCTFISDRW"
#define REC_TYPE_CONTENT "XLN"
#define REC_TYPE_EXTRACT "EDRPre"
#define REC_TYPE_NOEXTRACT "E"
diff --git a/postfix/html/pickup.8.html b/postfix/html/pickup.8.html
index bf92b71f8..c372e6cfd 100644
--- a/postfix/html/pickup.8.html
+++ b/postfix/html/pickup.8.html
@@ -47,18 +47,18 @@ PICKUP(8) PICKUP(8)
details and for default values. Use the postfix reload
command after a configuration change.
+Content inspection controls
+ content_inspector
+ The name of a mail delivery transport that inspects
+ mail prior to delivery. This parameter uses the
+ same syntax as the right-hand side of a Postfix
+ transport table.
+
Miscellaneous
always_bcc
- Address to send a copy of each message that enters
+ Address to send a copy of each message that enters
the system.
- mail_owner
- The process privileges used while not opening a
- maildrop file.
-
- queue_directory
- Top-level directory of the Postfix queue.
-
@@ -71,13 +71,20 @@ PICKUP(8) PICKUP(8)
PICKUP(8) PICKUP(8)
+ mail_owner
+ The process privileges used while not opening a
+ maildrop file.
+
+ queue_directory
+ Top-level directory of the Postfix queue.
+
SEE ALSO
cleanup(8) message canonicalization
master(8) process manager
syslogd(8) system logging
LICENSE
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
AUTHOR(S)
@@ -113,13 +120,6 @@ PICKUP(8) PICKUP(8)
-
-
-
-
-
-
-
diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html
index 83c3aef76..05e2d06e6 100644
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@@ -155,9 +155,9 @@ SMTP(8) SMTP(8)
support.
smtp_sasl_password_maps
- Lookup tables with per-host name:password entries.
- No entry for a host means no attempt to authenti-
- cate.
+ Lookup tables with per-host or domain name:password
+ entries. No entry for a host means no attempt to
+ authenticate.
smtp_sasl_security_options
Zero or more of the following.
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index c61c758e9..f0a013531 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -80,10 +80,17 @@ SMTPD(8) SMTPD(8)
For example, allow RFC822-style address forms with
comments, like Sendmail does.
+Content inspection controls
+ content_inspector
+ The name of a mail delivery transport that inspects
+ mail prior to delivery. This parameter uses the
+ same syntax as the right-hand side of a Postfix
+ transport table.
+
Authenication controls
enable_sasl_authentication
- Enable per-session authentication as per RFC 2554
- (SASL). This functionality is available only when
+ Enable per-session authentication as per RFC 2554
+ (SASL). This functionality is available only when
explicitly selected at program build time and
explicitly enabled at runtime.
@@ -107,7 +114,7 @@ SMTPD(8) SMTPD(8)
Miscellaneous
always_bcc
- Address to send a copy of each message that enters
+ Address to send a copy of each message that enters
the system.
command_directory
@@ -115,17 +122,10 @@ SMTPD(8) SMTPD(8)
$program_directory).
debug_peer_level
- Increment in verbose logging level when a remote
+ Increment in verbose logging level when a remote
host matches a pattern in the debug_peer_list
parameter.
- debug_peer_list
- List of domain or network patterns. When a remote
- host matches a pattern, increase the verbose log-
- ging level by the amount specified in the
- debug_peer_level parameter.
-
-
2
@@ -137,59 +137,59 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
+ debug_peer_list
+ List of domain or network patterns. When a remote
+ host matches a pattern, increase the verbose log-
+ ging level by the amount specified in the
+ debug_peer_level parameter.
+
error_notice_recipient
- Recipient of protocol/policy/resource/software
+ Recipient of protocol/policy/resource/software
error notices.
hopcount_limit
Limit the number of Received: message headers.
local_recipient_maps
- List of maps with user names that are local to
+ List of maps with user names that are local to
$myorigin or $inet_interfaces. If this parameter is
- defined, then the SMTP server rejects mail for
+ defined, then the SMTP server rejects mail for
unknown local users.
notify_classes
List of error classes. Of special interest are:
- policy When a client violates any policy, mail a
+ policy When a client violates any policy, mail a
transcript of the entire SMTP session to the
postmaster.
protocol
- When a client violates the SMTP protocol or
+ When a client violates the SMTP protocol or
issues an unimplemented command, mail a
transcript of the entire SMTP session to the
postmaster.
smtpd_banner
- Text that follows the 220 status code in the SMTP
+ Text that follows the 220 status code in the SMTP
greeting banner.
smtpd_recipient_limit
- Restrict the number of recipients that the SMTP
+ Restrict the number of recipients that the SMTP
server accepts per message delivery.
smtpd_timeout
- Limit the time to send a server response and to
+ Limit the time to send a server response and to
receive a client request.
Resource controls
line_length_limit
- Limit the amount of memory in bytes used for the
+ Limit the amount of memory in bytes used for the
handling of partial input lines.
message_size_limit
Limit the total size in bytes of a message, includ-
ing on-disk storage for envelope information.
- queue_minfree
- Minimal amount of free space in bytes in the queue
- file system for the SMTP server to accept any mail
- at all.
-
-Tarpitting
@@ -203,23 +203,29 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
+ queue_minfree
+ Minimal amount of free space in bytes in the queue
+ file system for the SMTP server to accept any mail
+ at all.
+
+Tarpitting
smtpd_error_sleep_time
Time to wait in seconds before sending a 4xx or 5xx
server error response.
smtpd_soft_error_limit
When an SMTP client has made this number of errors,
- wait error_count seconds before responding to any
+ wait error_count seconds before responding to any
client request.
smtpd_hard_error_limit
- Disconnect after a client has made this number of
+ Disconnect after a client has made this number of
errors.
smtpd_junk_command_limit
Limit the number of times a client can issue a junk
- command such as NOOP, VRFY, ETRN or RSET in one
- SMTP session before it is penalized with tarpit
+ command such as NOOP, VRFY, ETRN or RSET in one
+ SMTP session before it is penalized with tarpit
delays.
UCE control restrictions
@@ -228,19 +234,19 @@ SMTPD(8) SMTPD(8)
tem.
smtpd_helo_required
- Require that clients introduce themselves at the
+ Require that clients introduce themselves at the
beginning of an SMTP session.
smtpd_helo_restrictions
- Restrict what client hostnames are allowed in HELO
+ Restrict what client hostnames are allowed in HELO
and EHLO commands.
smtpd_sender_restrictions
- Restrict what sender addresses are allowed in MAIL
+ Restrict what sender addresses are allowed in MAIL
FROM commands.
smtpd_recipient_restrictions
- Restrict what recipient addresses are allowed in
+ Restrict what recipient addresses are allowed in
RCPT TO commands.
smtpd_etrn_restrictions
@@ -248,15 +254,9 @@ SMTPD(8) SMTPD(8)
mands, and what clients may issue ETRN commands.
allow_untrusted_routing
- Allow untrusted clients to specify addresses with
- sender-specified routing. Enabling this opens up
- nasty relay loopholes involving trusted backup MX
- hosts.
-
- restriction_classes
- Declares the name of zero or more parameters that
- contain a list of UCE restrictions. The names of
- these parameters can then be used instead of the
+ Allow untrusted clients to specify addresses with
+ sender-specified routing. Enabling this opens up
+ nasty relay loopholes involving trusted backup MX
@@ -269,48 +269,54 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
+ hosts.
+
+ restriction_classes
+ Declares the name of zero or more parameters that
+ contain a list of UCE restrictions. The names of
+ these parameters can then be used instead of the
restriction lists that they represent.
maps_rbl_domains
- List of DNS domains that publish the addresses of
+ List of DNS domains that publish the addresses of
blacklisted hosts.
relay_domains
- Restrict what domains or networks this mail system
+ Restrict what domains or networks this mail system
will relay mail from or to.
UCE control responses
access_map_reject_code
- Server response when a client violates an access
+ Server response when a client violates an access
database restriction.
invalid_hostname_reject_code
- Server response when a client violates the
+ Server response when a client violates the
reject_invalid_hostname restriction.
maps_rbl_reject_code
- Server response when a client violates the
+ Server response when a client violates the
maps_rbl_domains restriction.
reject_code
- Response code when the client matches a reject
+ Response code when the client matches a reject
restriction.
relay_domains_reject_code
- Server response when a client attempts to violate
+ Server response when a client attempts to violate
the mail relay policy.
unknown_address_reject_code
- Server response when a client violates the
+ Server response when a client violates the
reject_unknown_address restriction.
unknown_client_reject_code
- Server response when a client without address to
- name mapping violates the reject_unknown_clients
+ Server response when a client without address to
+ name mapping violates the reject_unknown_clients
restriction.
unknown_hostname_reject_code
- Server response when a client violates the
+ Server response when a client violates the
reject_unknown_hostname restriction.
SEE ALSO
@@ -318,12 +324,6 @@ SMTPD(8) SMTPD(8)
master(8) process manager
syslogd(8) system logging
-LICENSE
- The Secure Mailer license must be distributed with this
- software.
-
-
-
5
@@ -335,6 +335,10 @@ SMTPD(8) SMTPD(8)
SMTPD(8) SMTPD(8)
+LICENSE
+ The Secure Mailer license must be distributed with this
+ software.
+
AUTHOR(S)
Wietse Venema
IBM T.J. Watson Research
@@ -383,10 +387,6 @@ SMTPD(8) SMTPD(8)
-
-
-
-
diff --git a/postfix/man/man8/pickup.8 b/postfix/man/man8/pickup.8
index a54291acf..9804d9a48 100644
--- a/postfix/man/man8/pickup.8
+++ b/postfix/man/man8/pickup.8
@@ -56,6 +56,12 @@ The following \fBmain.cf\fR parameters are especially relevant to
this program. See the Postfix \fBmain.cf\fR file for syntax details
and for default values. Use the \fBpostfix reload\fR command after
a configuration change.
+.SH "Content inspection controls"
+.IP \fBcontent_inspector\fR
+The name of a mail delivery transport that inspects mail prior
+to delivery.
+This parameter uses the same syntax as the right-hand side of
+a Postfix transport table.
.SH Miscellaneous
.ad
.fi
diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8
index c1177d3bb..bcf367a20 100644
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@@ -117,7 +117,7 @@ Numerical network address to bind to when making a connection.
Enable per-session authentication as per RFC 2554 (SASL).
By default, Postfix is built without SASL support.
.IP \fBsmtp_sasl_password_maps\fR
-Lookup tables with per-host \fIname\fR:\fIpassword\fR entries.
+Lookup tables with per-host or domain \fIname\fR:\fIpassword\fR entries.
No entry for a host means no attempt to authenticate.
.IP \fBsmtp_sasl_security_options\fR
Zero or more of the following.
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index 82aa2336e..dc974dd22 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -75,6 +75,12 @@ a configuration change.
.IP \fBstrict_rfc821_envelopes\fR
Disallow non-RFC 821 style addresses in envelopes. For example,
allow RFC822-style address forms with comments, like Sendmail does.
+.SH "Content inspection controls"
+.IP \fBcontent_inspector\fR
+The name of a mail delivery transport that inspects mail prior
+to delivery.
+This parameter uses the same syntax as the right-hand side of
+a Postfix transport table.
.SH "Authenication controls"
.IP \fBenable_sasl_authentication\fR
Enable per-session authentication as per RFC 2554 (SASL).
diff --git a/postfix/pickup/pickup.c b/postfix/pickup/pickup.c
index dca0bbb44..e5b09c956 100644
--- a/postfix/pickup/pickup.c
+++ b/postfix/pickup/pickup.c
@@ -40,6 +40,12 @@
/* this program. See the Postfix \fBmain.cf\fR file for syntax details
/* and for default values. Use the \fBpostfix reload\fR command after
/* a configuration change.
+/* .SH "Content inspection controls"
+/* .IP \fBcontent_inspector\fR
+/* The name of a mail delivery transport that inspects mail prior
+/* to delivery.
+/* This parameter uses the same syntax as the right-hand side of
+/* a Postfix transport table.
/* .SH Miscellaneous
/* .ad
/* .fi
@@ -106,6 +112,7 @@
/* Application-specific. */
char *var_always_bcc;
+char *var_inspect_xport;
/*
* Structure to bundle a bunch of information about a queue file.
@@ -173,6 +180,8 @@ static int copy_segment(VSTREAM *qfile, VSTREAM *cleanup, PICKUP_INFO *info,
info->rcpt = mystrdup(vstring_str(buf));
if (type == REC_TYPE_TIME)
continue;
+ if (type == REC_TYPE_INSP)
+ continue;
else {
/*
@@ -223,6 +232,12 @@ static int pickup_copy(VSTREAM *qfile, VSTREAM *cleanup,
*/
rec_fprintf(cleanup, REC_TYPE_TIME, "%ld", (long) info->st.st_mtime);
+ /*
+ * Add content inspection transport.
+ */
+ if (*var_inspect_xport)
+ rec_fprintf(cleanup, REC_TYPE_INSP, "%s", var_inspect_xport);
+
/*
* Copy the message envelope segment. Allow only those records that we
* expect to see in the envelope section. The envelope segment must
@@ -442,6 +457,7 @@ int main(int argc, char **argv)
{
static CONFIG_STR_TABLE str_table[] = {
VAR_ALWAYS_BCC, DEF_ALWAYS_BCC, &var_always_bcc, 0, 0,
+ VAR_INSPECT_XPORT, DEF_INSPECT_XPORT, &var_inspect_xport, 0, 0,
0,
};
diff --git a/postfix/qmgr/qmgr.h b/postfix/qmgr/qmgr.h
index c8cd69dec..faefcf888 100644
--- a/postfix/qmgr/qmgr.h
+++ b/postfix/qmgr/qmgr.h
@@ -229,6 +229,7 @@ struct QMGR_MESSAGE {
char *sender; /* complete address */
char *errors_to; /* error report address */
char *return_receipt; /* confirm receipt address */
+ char *inspect_xport; /* inspection transport */
long data_size; /* message content size */
long rcpt_offset; /* more recipients here */
QMGR_RCPT_LIST rcpt_list; /* complete addresses */
diff --git a/postfix/qmgr/qmgr_message.c b/postfix/qmgr/qmgr_message.c
index 5ca2fa057..29f5a760f 100644
--- a/postfix/qmgr/qmgr_message.c
+++ b/postfix/qmgr/qmgr_message.c
@@ -144,6 +144,7 @@ static QMGR_MESSAGE *qmgr_message_create(const char *queue_name,
message->sender = 0;
message->errors_to = 0;
message->return_receipt = 0;
+ message->inspect_xport = 0;
message->data_size = 0;
message->warn_offset = 0;
message->warn_time = 0;
@@ -246,6 +247,9 @@ static int qmgr_message_read(QMGR_MESSAGE *message)
} else if (rec_type == REC_TYPE_TIME) {
if (message->arrival_time == 0)
message->arrival_time = atol(start);
+ } else if (rec_type == REC_TYPE_INSP) {
+ if (message->inspect_xport == 0)
+ message->inspect_xport = mystrdup(start);
} else if (rec_type == REC_TYPE_FROM) {
if (message->sender == 0) {
message->sender = mystrdup(start);
@@ -428,6 +432,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
char **cpp;
char *domain;
const char *junk;
+ char *nexthop;
#define STREQ(x,y) (strcasecmp(x,y) == 0)
#define STR vstring_str
@@ -457,9 +462,14 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
* result address may differ from the one specified by the sender.
*/
resolve_clnt_query(recipient->address, &reply);
- if (!STREQ(recipient->address, STR(reply.recipient)))
- UPDATE(recipient->address, STR(reply.recipient));
-
+ if (message->inspect_xport) {
+ vstring_strcpy(reply.transport, message->inspect_xport);
+ if ((nexthop = split_at(STR(reply.transport), ':')) != 0)
+ vstring_strcpy(reply.nexthop, nexthop);
+ } else {
+ if (!STREQ(recipient->address, STR(reply.recipient)))
+ UPDATE(recipient->address, STR(reply.recipient));
+ }
/*
* Bounce recipients that have moved. We do it here instead of in the
@@ -692,6 +702,8 @@ void qmgr_message_free(QMGR_MESSAGE *message)
myfree(message->errors_to);
if (message->return_receipt)
myfree(message->return_receipt);
+ if (message->inspect_xport)
+ myfree(message->inspect_xport);
qmgr_rcpt_list_free(&message->rcpt_list);
qmgr_message_count--;
myfree((char *) message);
diff --git a/postfix/smtp/smtp.c b/postfix/smtp/smtp.c
index e7cfbb316..d9d54357e 100644
--- a/postfix/smtp/smtp.c
+++ b/postfix/smtp/smtp.c
@@ -101,7 +101,7 @@
/* Enable per-session authentication as per RFC 2554 (SASL).
/* By default, Postfix is built without SASL support.
/* .IP \fBsmtp_sasl_password_maps\fR
-/* Lookup tables with per-host \fIname\fR:\fIpassword\fR entries.
+/* Lookup tables with per-host or domain \fIname\fR:\fIpassword\fR entries.
/* No entry for a host means no attempt to authenticate.
/* .IP \fBsmtp_sasl_security_options\fR
/* Zero or more of the following.
diff --git a/postfix/smtpd/smtpd.c b/postfix/smtpd/smtpd.c
index 4ce6788ed..ecfde3440 100644
--- a/postfix/smtpd/smtpd.c
+++ b/postfix/smtpd/smtpd.c
@@ -59,6 +59,12 @@
/* .IP \fBstrict_rfc821_envelopes\fR
/* Disallow non-RFC 821 style addresses in envelopes. For example,
/* allow RFC822-style address forms with comments, like Sendmail does.
+/* .SH "Content inspection controls"
+/* .IP \fBcontent_inspector\fR
+/* The name of a mail delivery transport that inspects mail prior
+/* to delivery.
+/* This parameter uses the same syntax as the right-hand side of
+/* a Postfix transport table.
/* .SH "Authenication controls"
/* .IP \fBenable_sasl_authentication\fR
/* Enable per-session authentication as per RFC 2554 (SASL).
@@ -335,6 +341,7 @@ int var_smtpd_junk_cmd_limit;
bool var_smtpd_sasl_enable;
char *var_smtpd_sasl_opts;
char *var_smtpd_sasl_realm;
+char *var_inspect_xport;
/*
* Global state, for stand-alone mode queue file cleanup. When this is
@@ -660,6 +667,8 @@ static int mail_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
*/
rec_fprintf(state->cleanup, REC_TYPE_TIME, "%ld",
(long) time((time_t *) 0));
+ if (*var_inspect_xport)
+ rec_fprintf(state->cleanup, REC_TYPE_INSP, "%s", var_inspect_xport);
rec_fputs(state->cleanup, REC_TYPE_FROM, argv[2].strval);
state->sender = mystrdup(argv[2].strval);
smtpd_chat_reply(state, "250 Ok");
@@ -1425,6 +1434,7 @@ int main(int argc, char **argv)
VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0,
VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts, 0, 0,
VAR_SMTPD_SASL_REALM, DEF_SMTPD_SASL_REALM, &var_smtpd_sasl_realm, 1, 0,
+ VAR_INSPECT_XPORT, DEF_INSPECT_XPORT, &var_inspect_xport, 0, 0,
0,
};