mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 05:07:58 +00:00
Code Issues Releases Wiki Activity

postfix-3.1-20150329

Browse Source
This commit is contained in:
Wietse Venema 2015-03-29 00:00:00 -05:00 committed by Viktor Dukhovni
parent 12cc17ea48
commit e78e9f3389
43 changed files with 541 additions and 318 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
postfix/HISTORY
View File

@ -17919,7 +17919,7 @@ Apologies for any names omitted.
20120824
Feature: support for "sendmail -R hdrs|full". Jan Kundrát.
Feature: support for "sendmail -R hdrs|full". Jan Kundr?t.
File: sendmail/sendmail.c.
20120902
@ -21631,3 +21631,65 @@ Apologies for any names omitted.
before re-evaluating the mail_task() syslog prefix. Files:
postalias/postalias.c, postdrop/postdrop.c, postmap/postmap.c,
postqueue/postqueue.c, postsuper/postsuper.c, sendmail/sendmail.c.
20150218
Documentation: header/body_checks additional text about
whether an action stops processing of the input stream.
actions stops further inspection of the input stream. File:
proto/header_checks.
Robustness: reject installation pathnames with whitespace.
File: postfix-install.
20150217
Cleanup: missing <string.h> include. File: util/allascii.c.
20150221
Bugfix: don't append '.' to the DNS resource record value,
when converting TXT records to the string form that is used
used by xxx_dns_reply_filter. File: dns/dns_strrecord.c.
20150313
Documentation: incorrect Postfix version number for
postscreen_dnsbl_timeout. Quanah Gibson-Mount. File:
postscreen/postscreen.c.
20150320
Cleanup: better sorting order for the default tls_*_cipherlist
settings. OpenSSL does not order "ALL" quite right: some
MEDIUM ciphers (SEED and IDEA) sneak up above some 128-bit
HIGH ciphers. Also previously, when we prefer "aNULL" we
moved MEDIUM with aNULL above same bit-length HIGH but not
aNULL. Viktor Dukhovni. File: global/mail_params.h.
20150324
Bugfix (introduced: Postfix 2.6): sender_dependent_relayhost_maps
ignored the relayhost setting in the case of a DUNNO lookup
result. It would use the recipient domain instead. Viktor
Dukhovni. Wietse took the pieces of code that enforce the
precedence of a sender-dependent relayhost, the global
relayhost, and the recipient domain, and put that code
together in once place so that it is easier to maintain.
File: trivial-rewrite/resolve.c.
20150326
Feature: lmtp_fallback_relay, limited to TCP destinations
only. Viktor Dukhovni. Wietse updated the postlink, smtp.c,
and smtp-only files, and added a warning when lmtp_fallback_relay
is specified for a non-TCP destination. Files: mantools/postlink,
smtp/smtp.c, smtp/smtp-only, smtp/smtp_connect.c,
smtp/smtp_params.c, global/mail_params.h, proto/postconf.proto.
20150328
Bugfix (introduced: Postfix 1.1.0): post-install expanded
macros in parameter values when trying to detect parameter
overrides. Julian Reich, Viktor Dukhovni, and Wietse. File:
conf/post-install.

14
postfix/README_FILES/COMPATIBILITY_README
View File

@ -161,10 +161,16 @@ domain names.
UUssiinngg bbaacckkwwaarrddss--ccoommppaattiibbllee ddeeffaauulltt sseettttiinngg ssmmttppuuttff88__eennaabbllee==nnoo
The smtputf8_enable default value has changed from "no" to "yes. As long as the
smtputf8_enable parameter is left at its implicit default value, and the
backwards-compatible default setting is turned on, Postfix logs a warning each
time an SMTP command uses a non-ASCII address localpart:
The smtputf8_enable default value has changed from "no" to "yes. With the new
"yes" setting, the Postfix SMTP server rejects non-ASCII addresses from clients
that don't request SMTPUTF8 support. With the old "no" setting, Postfix will
accept such addresses, even if such addresses are not permitted by traditional
SMTP standards.
As long as the smtputf8_enable parameter is left at its implicit default value,
and the backwards-compatible default setting is turned on, Postfix logs a
warning each time an SMTP command uses a non-ASCII address localpart without
requesting SMTPUTF8 support:
postfix/smtpd[27560]: using backwards-compatible default setting
smtputf8_enable=no to accept non-ASCII sender address

4
postfix/README_FILES/FORWARD_SECRECY_README
View File

@ -407,8 +407,8 @@ peer certificate with expected public-key or certificate fingerprint)
PPoossttffiixx SSMMTTPP sseerrvveerr:: The status is never "Verified", because the Postfix
SMTP server never verifies the remote SMTP client name against the names in
the client certificate, and because the Postfix SMTP does not expect a
specific fingerprint in the client public key or certificate.
the client certificate, and because the Postfix SMTP server does not expect
a specific fingerprint in the client public key or certificate.
CCrreeddiittss

3
postfix/README_FILES/SMTPUTF8_README
View File

@ -52,8 +52,7 @@ content filters (Amavisd), LMTP servers (Dovecot), and down-stream SMTP
servers.
Postfix SMTPUTF8 support is enabled by default, but it may be disabled as part
of a backwards-compatibility safety net (see the Postfix 3.0 RELEASE_NOTES
file).
of a backwards-compatibility safety net (see the COMPATIBILITY_README file).
SMTPUTF8 support is enabled by setting the smtputf8_enable parameter in
main.cf:

15
postfix/README_FILES/STRESS_README
View File

@ -97,13 +97,16 @@ The "stress" parameter value is the key to making main.cf parameter settings
stress adaptive. The following settings are the default with Postfix 2.6 and
later.
1 smtpd_timeout = ${stress?10}${stress:300}s
2 smtpd_hard_error_limit = ${stress?1}${stress:20}
3 smtpd_junk_command_limit = ${stress?1}${stress:100}
1 smtpd_timeout = ${stress?{10}:{300}}s
2 smtpd_hard_error_limit = ${stress?{1}:{20}}
3 smtpd_junk_command_limit = ${stress?{1}:{100}}
4 # Parameters added after Postfix 2.6:
5 smtpd_per_record_deadline = ${stress?yes}${stress:no}
6 smtpd_starttls_timeout = ${stress?10}${stress:300}s
7 address_verify_poll_count = ${stress?1}${stress:3}
5 smtpd_per_record_deadline = ${stress?{yes}:{no}}
6 smtpd_starttls_timeout = ${stress?{10}:{300}}s
7 address_verify_poll_count = ${stress?{1}:{3}}
With Postfix versions before 3.0, replace ${stress?{x}:{y}} with ${stress?x}$
{stress:y}.
Translation:

14
postfix/WISHLIST
View File

@ -10,11 +10,25 @@ Wish list:
Things to do after the stable release:
Generalize the daemon '-S' stand-alone mode, so that it can
be used with custom configuration files for request/reply
regression testing.
replace str*casecmp() calls with _utf8() equivalents
for trivial-rewrite lookups.
Update smtpd command count when rejecting input before
command-table lookup.
What is the best place to detect spaces in pathnames during
installation/upgrade/packaging? postfix-install for early
warning, and post-install as a safety net?
Automatically do the equivalent of syslog_name=postfix/mumble
when basename(mumble) differs from basename(program file).
This is especially desirable for mail delivery transports
(smtp versus relay) as it identifies what scheduler parameters
are in effect.
UTF8 DNS[BW]L domain name.

7
postfix/conf/access
View File

@ -355,10 +355,11 @@
# REDIRECT user@domain
# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
# recipient(s). When multiple REDIRECT actions fire,
# only the last one takes effect.
#
# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
# Note: this action overrides the FILTER action, and
# currently overrides all recipients of the message.
#
# This feature is available in Postfix 2.1 and later.
#

205
postfix/conf/header_checks
View File

@ -176,10 +176,11 @@
# case for consistency with other Postfix documentation.
#
# BCC user@domain
# Add the specified address as a BCC recipient. The
# address must have a local part and domain part. The
# number of BCC addresses that can be added is lim-
# ited only by the amount of available storage space.
# Add the specified address as a BCC recipient, and
# inspect the next input line. The address must have
# a local part and domain part. The number of BCC
# addresses that can be added is limited only by the
# amount of available storage space.
#
# Note 1: the BCC address is added as if it was spec-
# ified with NOTIFY=NONE. The sender will not be
@ -197,11 +198,12 @@
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
# message. Log the optional text if specified, oth-
# message. Do not inspect the remainder of the input
# message. Log the optional text if specified, oth-
# erwise log a generic message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients. To discard only one recip-
# ient without discarding the entire message, use the
# transport(5) table to direct mail to the discard(8)
@ -212,43 +214,45 @@
# This feature is not supported with smtp header/body
# checks.
#
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# DUNNO Pretend that the input line did not match any pat-
# tern, and inspect the next input line. This action
# can be used to shorten the table search.
#
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# For backwards compatibility reasons, Postfix also
# accepts OK but it is (and always has been) treated
# as DUNNO.
#
# This feature is available in Postfix 2.1 and later.
#
# FILTER transport:destination
# After the message is queued, send the entire mes-
# sage through the specified external content filter.
# The transport name specifies the first field of a
# mail delivery agent definition in master.cf; the
# syntax of the next-hop destination is described in
# the manual page of the corresponding delivery
# agent. More information about external content
# filters is in the Postfix FILTER_README file.
# Override the content_filter parameter setting, and
# inspect the next input line. After the message is
# queued, send the entire message through the speci-
# fied external content filter. The transport name
# specifies the first field of a mail delivery agent
# definition in master.cf; the syntax of the next-hop
# destination is described in the manual page of the
# corresponding delivery agent. More information
# about external content filters is in the Postfix
# FILTER_README file.
#
# Note 1: do not use $number regular expression sub-
# stitutions for transport or destination unless you
# Note 1: do not use $number regular expression sub-
# stitutions for transport or destination unless you
# know that the information has a trusted origin.
#
# Note 2: this action overrides the main.cf con-
# tent_filter setting, and affects all recipients of
# the message. In the case that multiple FILTER
# Note 2: this action overrides the main.cf con-
# tent_filter setting, and affects all recipients of
# the message. In the case that multiple FILTER
# actions fire, only the last one is executed.
#
# Note 3: the purpose of the FILTER command is to
# override message routing. To override the recipi-
# ent's transport but not the next-hop destination,
# specify an empty filter destination (Postfix 2.7
# Note 3: the purpose of the FILTER command is to
# override message routing. To override the recipi-
# ent's transport but not the next-hop destination,
# specify an empty filter destination (Postfix 2.7
# and later), or specify a transport:destination that
# delivers through a different Postfix instance
# (Postfix 2.6 and earlier). Other options are using
# the recipient-dependent transport_maps or the sen-
# delivers through a different Postfix instance
# (Postfix 2.6 and earlier). Other options are using
# the recipient-dependent transport_maps or the sen-
# der-dependent sender_dependent_default_transport-
# _maps features.
#
@ -258,23 +262,23 @@
# checks.
#
# HOLD optional text...
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# Arrange for the message to be placed on the hold
# queue, and inspect the next input line. The mes-
# sage remains on hold until someone either deletes
# it or releases it for delivery. Log the optional
# text if specified, otherwise log a generic message.
#
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# Mail that is placed on hold can be examined with
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# Note: use "postsuper -r" to release mail that was
# kept on hold for a significant fraction of $maxi-
# mal_queue_lifetime or $bounce_queue_lifetime, or
# longer. Use "postsuper -H" only for mail that will
# longer. Use "postsuper -H" only for mail that will
# not expire within a few delivery attempts.
#
# Note: this action affects all recipients of the
# Note: this action affects all recipients of the
# message.
#
# This feature is available in Postfix 2.0 and later.
@ -287,33 +291,33 @@
#
# INFO optional text...
# Log an "info:" record with the optional text... (or
# log a generic text), and inspect the next input
# line. This action is useful for routine logging or
# log a generic text), and inspect the next input
# line. This action is useful for routine logging or
# for debugging.
#
# This feature is available in Postfix 2.8 and later.
#
# PREPEND text...
# Prepend one line with the specified text, and
# Prepend one line with the specified text, and
# inspect the next input line.
#
# Notes:
#
# o The prepended text is output on a separate
# o The prepended text is output on a separate
# line, immediately before the input that
# triggered the PREPEND action.
#
# o The prepended text is not considered part of
# the input stream: it is not subject to
# the input stream: it is not subject to
# header/body checks or address rewriting, and
# it does not affect the way that Postfix adds
# missing message headers.
#
# o When prepending text before a message header
# line, the prepended text must begin with a
# line, the prepended text must begin with a
# valid message header label.
#
# o This action cannot be used to prepend
# o This action cannot be used to prepend
# multi-line text.
#
# This feature is available in Postfix 2.1 and later.
@ -322,14 +326,14 @@
# ter_header_checks.
#
# REDIRECT user@domain
# Write a message redirection request to the queue
# file, and inspect the next input line. After the
# Write a message redirection request to the queue
# file, and inspect the next input line. After the
# message is queued, it will be sent to the specified
# address instead of the intended recipient(s).
#
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# Note: this action overrides the FILTER action, and
# affects all recipients of the message. If multiple
# REDIRECT actions fire, only the last one is exe-
# cuted.
#
# This feature is available in Postfix 2.1 and later.
@ -338,33 +342,34 @@
# checks.
#
# REPLACE text...
# Replace the current line with the specified text,
# Replace the current line with the specified text,
# and inspect the next input line.
#
# This feature is available in Postfix 2.2 and later.
# The description below applies to Postfix 2.2.2 and
# The description below applies to Postfix 2.2.2 and
# later.
#
# Notes:
#
# o When replacing a message header line, the
# replacement text must begin with a valid
# o When replacing a message header line, the
# replacement text must begin with a valid
# header label.
#
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# o The replaced text remains part of the input
# stream. Unlike the result from the PREPEND
# action, a replaced message header may be
# subject to address rewriting and may affect
# the way that Postfix adds missing message
# headers.
#
# REJECT optional text...
# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# wise reply with a generic error message.
# Reject the entire message. Do not inspect the
# remainder of the input message. Reply with
# optional text... when the optional text is speci-
# fied, otherwise reply with a generic error message.
#
# Note: this action disables further header or
# body_checks inspection of the current message and
# Note: this action disables further header or
# body_checks inspection of the current message and
# affects all recipients.
#
# Postfix version 2.3 and later support enhanced sta-
@ -376,38 +381,38 @@
# checks.
#
# WARN optional text...
# Log a "warning:" record with the optional text...
# Log a "warning:" record with the optional text...
# (or log a generic text), and inspect the next input
# line. This action is useful for debugging and for
# testing a pattern before applying more drastic
# line. This action is useful for debugging and for
# testing a pattern before applying more drastic
# actions.
#
# BUGS
# Empty lines never match, because some map types mis-behave
# when given a zero-length search string. This limitation
# may be removed for regular expression tables in a future
# when given a zero-length search string. This limitation
# may be removed for regular expression tables in a future
# release.
#
# Many people overlook the main limitations of header and
# Many people overlook the main limitations of header and
# body_checks rules.
#
# o These rules operate on one logical message header
# o These rules operate on one logical message header
# or one body line at a time. A decision made for one
# line is not carried over to the next line.
#
# o If text in the message body is encoded (RFC 2045)
# o If text in the message body is encoded (RFC 2045)
# then the rules need to be specified for the encoded
# form.
#
# o Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the
# o Likewise, when message headers are encoded (RFC
# 2047) then the rules need to be specified for the
# encoded form.
#
# Message headers added by the cleanup(8) daemon itself are
# Message headers added by the cleanup(8) daemon itself are
# excluded from inspection. Examples of such message headers
# are From:, To:, Message-ID:, Date:.
#
# Message headers deleted by the cleanup(8) daemon will be
# Message headers deleted by the cleanup(8) daemon will be
# examined before they are deleted. Examples are: Bcc:, Con-
# tent-Length:, Return-Path:.
#
@ -415,11 +420,11 @@
# body_checks
# Lookup tables with content filter rules for message
# body lines. These filters see one physical line at
# a time, in chunks of at most $line_length_limit
# a time, in chunks of at most $line_length_limit
# bytes.
#
# body_checks_size_limit
# The amount of content per message body segment
# The amount of content per message body segment
# (attachment) that is subjected to $body_checks fil-
# tering.
#
@ -429,35 +434,35 @@
#
# nested_header_checks (default: $header_checks)
# Lookup tables with content filter rules for message
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# header lines: respectively, these are applied to
# the initial message headers (not including MIME
# headers), to the MIME headers anywhere in the mes-
# sage, and to the initial headers of attached mes-
# sages.
#
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# Note: these filters see one logical message header
# at a time, even when a message header spans multi-
# ple lines. Message headers that are longer than
# $header_size_limit characters are truncated.
#
# disable_mime_input_processing
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# While receiving mail, give no special treatment to
# MIME related message headers; all text after the
# initial message headers is considered to be part of
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# the message body. This means that header_checks is
# applied to all the initial message headers, and
# that body_checks is applied to the remainder of the
# message.
#
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# Note: when used in this manner, body_checks will
# process a multi-line message header one line at a
# time.
#
# EXAMPLES
# Header pattern to block attachments with bad file name
# extensions. For convenience, the PCRE /x flag is speci-
# fied, so that there is no need to collapse the pattern
# into a single line of text. The purpose of the
# Header pattern to block attachments with bad file name
# extensions. For convenience, the PCRE /x flag is speci-
# fied, so that there is no need to collapse the pattern
# into a single line of text. The purpose of the
# [[:xdigit:]] sub-expressions is to recognize Windows CLSID
# strings.
#
@ -496,7 +501,7 @@
# RFC 2047, message header encoding for non-ASCII text
#
# README FILES
# Use "postconf readme_directory" or "postconf html_direc-
# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# CONTENT_INSPECTION_README, Postfix content inspection overview
@ -504,7 +509,7 @@
# BACKSCATTER_README, blocking returned forged mail
#
# LICENSE
# The Secure Mailer license must be distributed with this
# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)

6
postfix/conf/post-install
View File

@ -447,10 +447,14 @@ do
esac
done
# XXX Maybe update main.cf only with first install, upgrade, set
# permissions, and what else? Should there be a warning otherwise?
override=
for name in $MOST_PARAMETERS
do
eval test \"\$$name\" = \"`$POSTCONF -c $config_directory -h $name`\" || {
eval junk=\"\$$name\"
test "$junk" = "`$POSTCONF -c $config_directory -h $name`" || {
override=1
break
}

9
postfix/html/COMPATIBILITY_README.html
View File

@ -267,10 +267,15 @@ explicit list of domain names. </p>
setting smtputf8_enable=no</a> </h2>
<p> The <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> default value has changed from "no" to "yes.
As long as the <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> parameter is left at its implicit
With the new "yes" setting, the Postfix SMTP server rejects non-ASCII
addresses from clients that don't request SMTPUTF8 support. With
the old "no" setting, Postfix will accept such addresses, even if
such addresses are not permitted by traditional SMTP standards. </p>
<p> As long as the <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> parameter is left at its implicit
default value, and the backwards-compatible default setting is
turned on, Postfix logs a warning each time an SMTP command uses a
non-ASCII address localpart: </p>
non-ASCII address localpart without requesting SMTPUTF8 support: </p>
<blockquote>
<pre>

4
postfix/html/FORWARD_SECRECY_README.html
View File

@ -551,8 +551,8 @@ signature. </p>
<p> <b> Postfix SMTP server:</b> The status is never "Verified",
because the Postfix SMTP server never verifies the remote SMTP
client name against the names in the client certificate, and because
the Postfix SMTP does not expect a specific fingerprint in the
client public key or certificate. </p>
the Postfix SMTP server does not expect a specific fingerprint in
the client public key or certificate. </p>
</dd>

2
postfix/html/SMTPUTF8_README.html
View File

@ -92,7 +92,7 @@ servers (Dovecot), and down-stream SMTP servers. </p>
<p> Postfix SMTPUTF8 support is enabled by default, but it may be
disabled as part of a backwards-compatibility safety net (see the
Postfix 3.0 RELEASE_NOTES file). </p>
<a href="COMPATIBILITY_README.html">COMPATIBILITY_README</a> file). </p>
<p> SMTPUTF8 support is enabled by setting the <a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a>
parameter in <a href="postconf.5.html">main.cf</a>:</p>

15
postfix/html/STRESS_README.html
View File

@ -158,16 +158,19 @@ default with Postfix 2.6 and later. </p>
<blockquote>
<pre>
1 <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> = ${stress?10}${stress:300}s
2 <a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> = ${stress?1}${stress:20}
3 <a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> = ${stress?1}${stress:100}
1 <a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> = ${stress?{10}:{300}}s
2 <a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> = ${stress?{1}:{20}}
3 <a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> = ${stress?{1}:{100}}
4 # Parameters added after Postfix 2.6:
5 <a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> = ${stress?yes}${stress:no}
6 <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> = ${stress?10}${stress:300}s
7 <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = ${stress?1}${stress:3}
5 <a href="postconf.5.html#smtpd_per_record_deadline">smtpd_per_record_deadline</a> = ${stress?{yes}:{no}}
6 <a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> = ${stress?{10}:{300}}s
7 <a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> = ${stress?{1}:{3}}
</pre>
</blockquote>
<p> With Postfix versions before 3.0, replace ${stress?{x}:{y}}
with ${stress?x}${stress:y}. </p>
<p> Translation: <p>
<ul>

75
postfix/html/access.5.html
View File

@ -326,83 +326,84 @@ ACCESS(5) ACCESS(5)
<b>REDIRECT</b> <i>user@domain</i>
After the message is queued, send the message to the specified
address instead of the intended recipient(s).
address instead of the intended recipient(s). When multiple <b>RE-</b>
<b>DIRECT</b> actions fire, only the last one takes effect.
Note: this action overrides the FILTER action, and currently
affects all recipients of the message.
Note: this action overrides the FILTER action, and currently
overrides all recipients of the message.
This feature is available in Postfix 2.1 and later.
<b>INFO</b> <i>optional text...</i>
Log an informational record with the optional text, together
with client information and if available, with helo, sender,
Log an informational record with the optional text, together
with client information and if available, with helo, sender,
recipient and protocol information.
This feature is available in Postfix 3.0 and later.
<b>WARN</b> <i>optional text...</i>
Log a warning with the optional text, together with client
information and if available, with helo, sender, recipient and
Log a warning with the optional text, together with client
information and if available, with helo, sender, recipient and
protocol information.
This feature is available in Postfix 2.1 and later.
<b>ENHANCED STATUS CODES</b>
Postfix version 2.3 and later support enhanced status codes as defined
in <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a>. When an enhanced status code is specified in an access
Postfix version 2.3 and later support enhanced status codes as defined
in <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a>. When an enhanced status code is specified in an access
table, it is subject to modification. The following transformations are
needed when the same access table is used for client, helo, sender, or
recipient access restrictions; they happen regardless of whether Post-
needed when the same access table is used for client, helo, sender, or
recipient access restrictions; they happen regardless of whether Post-
fix replies to a MAIL FROM, RCPT TO or other SMTP command.
<b>o</b> When a sender address matches a REJECT action, the Postfix SMTP
<b>o</b> When a sender address matches a REJECT action, the Postfix SMTP
server will transform a recipient DSN status (e.g., 4.1.1-4.1.6)
into the corresponding sender DSN status, and vice versa.
<b>o</b> When non-address information matches a REJECT action (such as
the HELO command argument or the client hostname/address), the
Postfix SMTP server will transform a sender or recipient DSN
<b>o</b> When non-address information matches a REJECT action (such as
the HELO command argument or the client hostname/address), the
Postfix SMTP server will transform a sender or recipient DSN
status into a generic non-address DSN status (e.g., 4.0.0).
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when the table is
given in the form of regular expressions. For a description of regular
This section describes how the table lookups change when the table is
given in the form of regular expressions. For a description of regular
expression lookup table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to the entire
Each pattern is a regular expression that is applied to the entire
string being looked up. Depending on the application, that string is an
entire client hostname, an entire client IP address, or an entire mail
address. Thus, no parent domain or parent network search is done,
<i>user@domain</i> mail addresses are not broken up into their <i>user@</i> and
<i>domain</i> constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
entire client hostname, an entire client IP address, or an entire mail
address. Thus, no parent domain or parent network search is done,
<i>user@domain</i> mail addresses are not broken up into their <i>user@</i> and
<i>domain</i> constituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the table, until a
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.
Actions are the same as with indexed file lookups, with the additional
feature that parenthesized substrings from the pattern can be interpo-
Actions are the same as with indexed file lookups, with the additional
feature that parenthesized substrings from the pattern can be interpo-
lated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when lookups are
directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not
This section describes how the table lookups change when lookups are
directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not
available up to and including Postfix version 2.4.
Each lookup operation uses the entire query string once. Depending on
the application, that string is an entire client hostname, an entire
client IP address, or an entire mail address. Thus, no parent domain
or parent network search is done, <i>user@domain</i> mail addresses are not
broken up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
Each lookup operation uses the entire query string once. Depending on
the application, that string is an entire client hostname, an entire
client IP address, or an entire mail address. Thus, no parent domain
or parent network search is done, <i>user@domain</i> mail addresses are not
broken up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
<i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Actions are the same as with indexed file lookups.
<b>EXAMPLE</b>
The following example uses an indexed file, so that the order of table
entries does not matter. The example permits access by the client at
The following example uses an indexed file, so that the order of table
entries does not matter. The example permits access by the client at
address 1.2.3.4 but rejects all other clients in 1.2.3.0/24. Instead of
<b>hash</b> lookup tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>hash</b> lookup tables, some systems use <b>dbm</b>. Use the command "<b>postconf</b>
<b>-m</b>" to find out what lookup tables Postfix supports on your system.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
@ -413,7 +414,7 @@ ACCESS(5) ACCESS(5)
1.2.3 REJECT
1.2.3.4 OK
Execute the command "<b>postmap /etc/postfix/access</b>" after editing the
Execute the command "<b>postmap /etc/postfix/access</b>" after editing the
file.
<b>BUGS</b>

110
postfix/html/header_checks.5.html
View File

@ -165,10 +165,10 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
consistency with other Postfix documentation.
<b>BCC</b> <i>user@domain</i>
Add the specified address as a BCC recipient. The address must
have a local part and domain part. The number of BCC addresses
that can be added is limited only by the amount of available
storage space.
Add the specified address as a BCC recipient, and inspect the
next input line. The address must have a local part and domain
part. The number of BCC addresses that can be added is limited
only by the amount of available storage space.
Note 1: the BCC address is added as if it was specified with
NOTIFY=NONE. The sender will not be notified when the BCC
@ -183,8 +183,9 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with smtp header/body checks.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the message. Log
the optional text if specified, otherwise log a generic message.
Claim successful delivery and silently discard the message. Do
not inspect the remainder of the input message. Log the
optional text if specified, otherwise log a generic message.
Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec-
tion of the current message and affects all recipients. To dis-
@ -206,30 +207,31 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is available in Postfix 2.1 and later.
<b>FILTER</b> <i>transport:destination</i>
After the message is queued, send the entire message through the
specified external content filter. The <i>transport</i> name specifies
the first field of a mail delivery agent definition in <a href="master.5.html">mas-
ter.cf</a>; the syntax of the next-hop <i>destination</i> is described in
the manual page of the corresponding delivery agent. More
information about external content filters is in the Postfix
<a href="FILTER_README.html">FILTER_README</a> file.
Override the <a href="postconf.5.html#content_filter">content_filter</a> parameter setting, and inspect the
next input line. After the message is queued, send the entire
message through the specified external content filter. The
<i>transport</i> name specifies the first field of a mail delivery
agent definition in <a href="master.5.html">master.cf</a>; the syntax of the next-hop <i>desti-</i>
<i>nation</i> is described in the manual page of the corresponding
delivery agent. More information about external content filters
is in the Postfix <a href="FILTER_README.html">FILTER_README</a> file.
Note 1: do not use $<i>number</i> regular expression substitutions for
<i>transport</i> or <i>destination</i> unless you know that the information
Note 1: do not use $<i>number</i> regular expression substitutions for
<i>transport</i> or <i>destination</i> unless you know that the information
has a trusted origin.
Note 2: this action overrides the <a href="postconf.5.html">main.cf</a> <b><a href="postconf.5.html#content_filter">content_filter</a></b> set-
ting, and affects all recipients of the message. In the case
that multiple <b>FILTER</b> actions fire, only the last one is exe-
Note 2: this action overrides the <a href="postconf.5.html">main.cf</a> <b><a href="postconf.5.html#content_filter">content_filter</a></b> set-
ting, and affects all recipients of the message. In the case
that multiple <b>FILTER</b> actions fire, only the last one is exe-
cuted.
Note 3: the purpose of the FILTER command is to override message
routing. To override the recipient's <i>transport</i> but not the
routing. To override the recipient's <i>transport</i> but not the
next-hop <i>destination</i>, specify an empty filter <i>destination</i> (Post-
fix 2.7 and later), or specify a <i>transport:destination</i> that
delivers through a different Postfix instance (Postfix 2.6 and
fix 2.7 and later), or specify a <i>transport:destination</i> that
delivers through a different Postfix instance (Postfix 2.6 and
earlier). Other options are using the recipient-dependent <b><a href="postconf.5.html#transport_maps">trans</a>-</b>
<b><a href="postconf.5.html#transport_maps">port_maps</a></b> or the sender-dependent <b><a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default-</b>
<b><a href="postconf.5.html#transport_maps">port_maps</a></b> or the sender-dependent <b><a href="postconf.5.html#sender_dependent_default_transport_maps">sender_dependent_default-</b>
<b>_transport_maps</a></b> features.
This feature is available in Postfix 2.0 and later.
@ -237,18 +239,18 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with smtp header/body checks.
<b>HOLD</b> <i>optional text...</i>
Arrange for the message to be placed on the <b>hold</b> queue, and
inspect the next input line. The message remains on <b>hold</b> until
someone either deletes it or releases it for delivery. Log the
Arrange for the message to be placed on the <b>hold</b> queue, and
inspect the next input line. The message remains on <b>hold</b> until
someone either deletes it or releases it for delivery. Log the
optional text if specified, otherwise log a generic message.
Mail that is placed on hold can be examined with the <a href="postcat.1.html"><b>postcat</b>(1)</a>
command, and can be destroyed or released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a>
Mail that is placed on hold can be examined with the <a href="postcat.1.html"><b>postcat</b>(1)</a>
command, and can be destroyed or released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a>
command.
Note: use "<b>postsuper -r</b>" to release mail that was kept on hold
for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b> or
<b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or longer. Use "<b>postsuper -H</b>" only for
Note: use "<b>postsuper -r</b>" to release mail that was kept on hold
for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_lifetime</a></b> or
<b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b>, or longer. Use "<b>postsuper -H</b>" only for
mail that will not expire within a few delivery attempts.
Note: this action affects all recipients of the message.
@ -257,32 +259,32 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with smtp header/body checks.
<b>IGNORE</b> Delete the current line from the input, and inspect the next
<b>IGNORE</b> Delete the current line from the input, and inspect the next
input line.
<b>INFO</b> <i>optional text...</i>
Log an "info:" record with the <i>optional text...</i> (or log a
generic text), and inspect the next input line. This action is
Log an "info:" record with the <i>optional text...</i> (or log a
generic text), and inspect the next input line. This action is
useful for routine logging or for debugging.
This feature is available in Postfix 2.8 and later.
<b>PREPEND</b> <i>text...</i>
Prepend one line with the specified text, and inspect the next
Prepend one line with the specified text, and inspect the next
input line.
Notes:
<b>o</b> The prepended text is output on a separate line, immedi-
<b>o</b> The prepended text is output on a separate line, immedi-
ately before the input that triggered the <b>PREPEND</b> action.
<b>o</b> The prepended text is not considered part of the input
stream: it is not subject to header/body checks or
address rewriting, and it does not affect the way that
<b>o</b> The prepended text is not considered part of the input
stream: it is not subject to header/body checks or
address rewriting, and it does not affect the way that
Postfix adds missing message headers.
<b>o</b> When prepending text before a message header line, the
prepended text must begin with a valid message header
<b>o</b> When prepending text before a message header line, the
prepended text must begin with a valid message header
label.
<b>o</b> This action cannot be used to prepend multi-line text.
@ -292,13 +294,13 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with <a href="postconf.5.html#milter_header_checks">milter_header_checks</a>.
<b>REDIRECT</b> <i>user@domain</i>
Write a message redirection request to the queue file, and
inspect the next input line. After the message is queued, it
will be sent to the specified address instead of the intended
Write a message redirection request to the queue file, and
inspect the next input line. After the message is queued, it
will be sent to the specified address instead of the intended
recipient(s).
Note: this action overrides the <b>FILTER</b> action, and affects all
recipients of the message. If multiple <b>REDIRECT</b> actions fire,
Note: this action overrides the <b>FILTER</b> action, and affects all
recipients of the message. If multiple <b>REDIRECT</b> actions fire,
only the last one is executed.
This feature is available in Postfix 2.1 and later.
@ -306,7 +308,7 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
This feature is not supported with smtp header/body checks.
<b>REPLACE</b> <i>text...</i>
Replace the current line with the specified text, and inspect
Replace the current line with the specified text, and inspect
the next input line.
This feature is available in Postfix 2.2 and later. The descrip-
@ -314,19 +316,19 @@ HEADER_CHECKS(5) HEADER_CHECKS(5)
Notes:
<b>o</b> When replacing a message header line, the replacement
<b>o</b> When replacing a message header line, the replacement
text must begin with a valid header label.
<b>o</b> The replaced text remains part of the input stream.
Unlike the result from the <b>PREPEND</b> action, a replaced
message header may be subject to address rewriting and
may affect the way that Postfix adds missing message
<b>o</b> The replaced text remains part of the input stream.
Unlike the result from the <b>PREPEND</b> action, a replaced
message header may be subject to address rewriting and
may affect the way that Postfix adds missing message
headers.
<b>REJECT</b> <i>optional text...</i>
Reject the entire message. Reply with <i>optional text...</i> when the
optional text is specified, otherwise reply with a generic error
message.
Reject the entire message. Do not inspect the remainder of the
input message. Reply with <i>optional text...</i> when the optional
text is specified, otherwise reply with a generic error message.
Note: this action disables further header or <a href="postconf.5.html#body_checks">body_checks</a> inspec-
tion of the current message and affects all recipients.

10
postfix/html/lmtp.8.html
View File

@ -327,8 +327,8 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
address when sender-dependent authentication is enabled.
name:password entry per sender, remote hostname or next-hop
domain.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
Postfix SMTP client SASL security options; as of Postfix 2.3 the
@ -845,6 +845,12 @@ SMTP(8) SMTP(8)
In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
Available with Postfix 3.1 and later:
<b><a href="postconf.5.html#lmtp_fallback_relay">lmtp_fallback_relay</a> (empty)</b>
Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable.
<b>SEE ALSO</b>
<a href="generic.5.html">generic(5)</a>, output address rewriting
<a href="header_checks.5.html">header_checks(5)</a>, message header content inspection

32
postfix/html/postconf.5.html
View File

@ -4401,6 +4401,29 @@ parameter. See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="lmtp_fallback_relay">lmtp_fallback_relay</a>
(default: empty)</b></DT><DD>
<p> Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable. In <a href="postconf.5.html">main.cf</a> elements are separated by
whitespace or commas. </p>
<p> By default, mail is returned to the sender when a destination is not
found, and delivery is deferred when a destination is unreachable. </p>
<p> The fallback relays must be TCP destinations, specified without
a leading "inet:" prefix. Specify a host or host:port. Since MX
lookups do not apply with LMTP, there is no need to use the "[host]" or
"[host]:port" forms. If you specify multiple LMTP destinations, Postfix
will try them in the specified order. </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>
</DD>
<DT><b><a name="lmtp_generic_maps">lmtp_generic_maps</a>
@ -11226,11 +11249,10 @@ Examples:
<p>
Optional Postfix SMTP client lookup tables with one username:password
entry
per remote hostname or domain, or sender address when sender-dependent
authentication is enabled. If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
entry per sender, remote hostname or next-hop domain. Per-sender
lookup is done only when sender-dependent authentication is enabled.
If no username:password entry is found, then the Postfix SMTP client
will not attempt to authenticate to the remote host.
</p>
<p>

12
postfix/html/postscreen.8.html
View File

@ -34,11 +34,11 @@ POSTSCREEN(8) POSTSCREEN(8)
Postfix SMTP server process. This minimizes the overhead for legitimate
mail.
By default, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> logs statistics and hands off every connec-
tion to a Postfix SMTP server process, while excluding clients in
<a href="postconf.5.html#mynetworks">mynetworks</a> from all tests (primarily, to avoid problems with non-stan-
dard SMTP implementations in network appliances). This mode is useful
for non-destructive testing.
By default, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> logs statistics and hands off each connection
to a Postfix SMTP server process, while excluding clients in <a href="postconf.5.html#mynetworks">mynetworks</a>
from all tests (primarily, to avoid problems with non-standard SMTP
implementations in network appliances). This default mode blocks no
clients, and is useful for non-destructive testing.
In a typical production setting, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> is configured to reject
mail from clients that fail one or more tests. <a href="postscreen.8.html"><b>postscreen</b>(8)</a> logs
@ -228,7 +228,7 @@ POSTSCREEN(8) POSTSCREEN(8)
greeting" protocol tests, based on its combined DNSBL score as
defined with the <a href="postconf.5.html#postscreen_dnsbl_sites">postscreen_dnsbl_sites</a> parameter.
Available in Postfix version 2.11 and later:
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#postscreen_dnsbl_timeout">postscreen_dnsbl_timeout</a> (10s)</b>
The time limit for DNSBL or DNSWL lookups.

10
postfix/html/smtp.8.html
View File

@ -327,8 +327,8 @@ SMTP(8) SMTP(8)
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
Optional Postfix SMTP client lookup tables with one user-
name:password entry per remote hostname or domain, or sender
address when sender-dependent authentication is enabled.
name:password entry per sender, remote hostname or next-hop
domain.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
Postfix SMTP client SASL security options; as of Postfix 2.3 the
@ -845,6 +845,12 @@ SMTP(8) SMTP(8)
In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
Available with Postfix 3.1 and later:
<b><a href="postconf.5.html#lmtp_fallback_relay">lmtp_fallback_relay</a> (empty)</b>
Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable.
<b>SEE ALSO</b>
<a href="generic.5.html">generic(5)</a>, output address rewriting
<a href="header_checks.5.html">header_checks(5)</a>, message header content inspection

7
postfix/man/man5/access.5
View File

@ -335,10 +335,11 @@ is received; it cannot execute in the context of
This feature is available in Postfix 2.1 and later.
.IP "\fBREDIRECT \fIuser@domain\fR"
After the message is queued, send the message to the specified
address instead of the intended recipient(s).
address instead of the intended recipient(s). When multiple
\fBREDIRECT\fR actions fire, only the last one takes effect.
.sp
Note: this action overrides the FILTER action, and currently affects
all recipients of the message.
Note: this action overrides the FILTER action, and currently
overrides all recipients of the message.
.sp
This feature is available in Postfix 2.1 and later.
.IP "\fBINFO \fIoptional text...\fR

13
postfix/man/man5/header_checks.5
View File

@ -185,7 +185,8 @@ available for negated patterns.
Action names are case insensitive. They are shown in upper case
for consistency with other Postfix documentation.
.IP "\fBBCC \fIuser@domain\fR"
Add the specified address as a BCC recipient. The address
Add the specified address as a BCC recipient, and inspect
the next input line. The address
must have a local part and domain part. The number of BCC
addresses that can be added is limited only by the amount
of available storage space.
@ -203,6 +204,7 @@ This feature is available in Postfix 3.0 and later.
This feature is not supported with smtp header/body checks.
.IP "\fBDISCARD \fIoptional text...\fR"
Claim successful delivery and silently discard the message.
Do not inspect the remainder of the input message.
Log the optional text if specified, otherwise log a generic
message.
.sp
@ -223,6 +225,8 @@ For backwards compatibility reasons, Postfix also accepts
.sp
This feature is available in Postfix 2.1 and later.
.IP "\fBFILTER \fItransport:destination\fR"
Override the content_filter parameter setting, and inspect
the next input line.
After the message is queued, send the entire message through
the specified external content filter. The \fItransport\fR
name specifies the first field of a mail delivery agent
@ -341,9 +345,10 @@ header may be subject to address rewriting and may affect
the way that Postfix adds missing message headers.
.RE
.IP "\fBREJECT \fIoptional text...\fR
Reject the entire message. Reply with \fIoptional text...\fR when
the optional text is specified, otherwise reply with a generic error
message.
Reject the entire message. Do not inspect the remainder of
the input message. Reply with \fIoptional text...\fR when
the optional text is specified, otherwise reply with a
generic error message.
.sp
Note: this action disables further header or body_checks inspection
of the current message and affects all recipients.

24
postfix/man/man5/postconf.5
View File

@ -2673,6 +2673,21 @@ The LMTP\-specific version of the smtp_enforce_tls configuration
parameter. See there for details.
.PP
This feature is available in Postfix 2.3 and later.
.SH lmtp_fallback_relay (default: empty)
Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable. In main.cf elements are separated by
whitespace or commas.
.PP
By default, mail is returned to the sender when a destination is not
found, and delivery is deferred when a destination is unreachable.
.PP
The fallback relays must be TCP destinations, specified without
a leading "inet:" prefix. Specify a host or host:port. Since MX
lookups do not apply with LMTP, there is no need to use the "[host]" or
"[host]:port" forms. If you specify multiple LMTP destinations, Postfix
will try them in the specified order.
.PP
This feature is available in Postfix 3.1 and later.
.SH lmtp_generic_maps (default: empty)
The LMTP\-specific version of the smtp_generic_maps configuration
parameter. See there for details.
@ -7035,11 +7050,10 @@ smtp_sasl_mechanism_filter = !gssapi, !login, static:rest
.ft R
.SH smtp_sasl_password_maps (default: empty)
Optional Postfix SMTP client lookup tables with one username:password
entry
per remote hostname or domain, or sender address when sender\-dependent
authentication is enabled. If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
entry per sender, remote hostname or next\-hop domain. Per\-sender
lookup is done only when sender\-dependent authentication is enabled.
If no username:password entry is found, then the Postfix SMTP client
will not attempt to authenticate to the remote host.
.PP
The Postfix SMTP client opens the lookup table before going to
chroot jail, so you can leave the password file in /etc/postfix.

8
postfix/man/man8/postscreen.8
View File

@ -36,11 +36,11 @@ off the connection immediately to a Postfix SMTP server
process. This minimizes the overhead for legitimate mail.
By default, \fBpostscreen\fR(8) logs statistics and hands
off every connection to a Postfix SMTP server process, while
off each connection to a Postfix SMTP server process, while
excluding clients in mynetworks from all tests (primarily,
to avoid problems with non\-standard SMTP implementations
in network appliances). This mode is useful for non\-destructive
testing.
in network appliances). This default mode blocks no clients,
and is useful for non\-destructive testing.
In a typical production setting, \fBpostscreen\fR(8) is
configured to reject mail from clients that fail one or
@ -249,7 +249,7 @@ Allow a remote SMTP client to skip "before" and "after 220
greeting" protocol tests, based on its combined DNSBL score as
defined with the postscreen_dnsbl_sites parameter.
.PP
Available in Postfix version 2.11 and later:
Available in Postfix version 3.0 and later:
.IP "\fBpostscreen_dnsbl_timeout (10s)\fR"
The time limit for DNSBL or DNSWL lookups.
.SH "AFTER 220 GREETING TESTS"

9
postfix/man/man8/smtp.8
View File

@ -314,9 +314,7 @@ EHLO response announces XFORWARD support.
Enable SASL authentication in the Postfix SMTP client.
.IP "\fBsmtp_sasl_password_maps (empty)\fR"
Optional Postfix SMTP client lookup tables with one username:password
entry
per remote hostname or domain, or sender address when sender\-dependent
authentication is enabled.
entry per sender, remote hostname or next\-hop domain.
.IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
Postfix SMTP client SASL security options; as of Postfix 2.3
the list of available
@ -735,6 +733,11 @@ Available with Postfix 3.0 and later:
.IP "\fBsmtp_address_verify_target (rcpt)\fR"
In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
.PP
Available with Postfix 3.1 and later:
.IP "\fBlmtp_fallback_relay (empty)\fR"
Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable.
.SH "SEE ALSO"
.na
.nf

1
postfix/mantools/postlink
View File

@ -633,6 +633,7 @@ while (<>) {
s;\bsmtp_enforce_tls\b;<a href="postconf.5.html#smtp_enforce_tls">$&</a>;g;
s;\bsmtp_fallback_relay\b;<a href="postconf.5.html#smtp_fallback_relay">$&</a>;g;
s;\blmtp_fallback_relay\b;<a href="postconf.5.html#lmtp_fallback_relay">$&</a>;g;
s;\bsmtp_[-</Bb>]*\n* *[<Bb>]*sasl_[-</Bb>]*\n* *[<Bb>]*tls_[-</Bb>]*\n* *[<Bb>]*secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_security_options">$&</a>;g;
s;\bsmtp_sasl_tls_verified_secu[-</Bb>]*\n* *[<Bb>]*rity_options\b;<a href="postconf.5.html#smtp_sasl_tls_verified_security_options">$&</a>;g;
s;\bsmtp_sasl_type\b;<a href="postconf.5.html#smtp_sasl_type">$&</a>;g;

11
postfix/postfix-install
View File

@ -592,6 +592,17 @@ do
esac
done
# Don't allow whitespace in parameter settings.
for name in $CONFIG_PARAMS sample_directory
do
eval junk=\$$name
case "$junk" in
*" "*|*" "*) echo $0: Error: $name value contains whitespace: "'$junk'" 1>&2
exit 1;;
esac
done
test -d $tempdir || mkdir -p $tempdir || exit 1
trap "rm -f $tempdir/junk" 0 1 2 3 15

9
postfix/proto/COMPATIBILITY_README.html
View File

@ -267,10 +267,15 @@ explicit list of domain names. </p>
setting smtputf8_enable=no</a> </h2>
<p> The smtputf8_enable default value has changed from "no" to "yes.
As long as the smtputf8_enable parameter is left at its implicit
With the new "yes" setting, the Postfix SMTP server rejects non-ASCII
addresses from clients that don't request SMTPUTF8 support. With
the old "no" setting, Postfix will accept such addresses, even if
such addresses are not permitted by traditional SMTP standards. </p>
<p> As long as the smtputf8_enable parameter is left at its implicit
default value, and the backwards-compatible default setting is
turned on, Postfix logs a warning each time an SMTP command uses a
non-ASCII address localpart: </p>
non-ASCII address localpart without requesting SMTPUTF8 support: </p>
<blockquote>
<pre>

4
postfix/proto/FORWARD_SECRECY_README.html
View File

@ -551,8 +551,8 @@ signature. </p>
<p> <b> Postfix SMTP server:</b> The status is never "Verified",
because the Postfix SMTP server never verifies the remote SMTP
client name against the names in the client certificate, and because
the Postfix SMTP does not expect a specific fingerprint in the
client public key or certificate. </p>
the Postfix SMTP server does not expect a specific fingerprint in
the client public key or certificate. </p>
</dd>

2
postfix/proto/SMTPUTF8_README.html
View File

@ -92,7 +92,7 @@ servers (Dovecot), and down-stream SMTP servers. </p>
<p> Postfix SMTPUTF8 support is enabled by default, but it may be
disabled as part of a backwards-compatibility safety net (see the
Postfix 3.0 RELEASE_NOTES file). </p>
COMPATIBILITY_README file). </p>
<p> SMTPUTF8 support is enabled by setting the smtputf8_enable
parameter in main.cf:</p>

15
postfix/proto/STRESS_README.html
View File

@ -158,16 +158,19 @@ default with Postfix 2.6 and later. </p>
<blockquote>
<pre>
1 smtpd_timeout = ${stress?10}${stress:300}s
2 smtpd_hard_error_limit = ${stress?1}${stress:20}
3 smtpd_junk_command_limit = ${stress?1}${stress:100}
1 smtpd_timeout = ${stress?{10}:{300}}s
2 smtpd_hard_error_limit = ${stress?{1}:{20}}
3 smtpd_junk_command_limit = ${stress?{1}:{100}}
4 # Parameters added after Postfix 2.6:
5 smtpd_per_record_deadline = ${stress?yes}${stress:no}
6 smtpd_starttls_timeout = ${stress?10}${stress:300}s
7 address_verify_poll_count = ${stress?1}${stress:3}
5 smtpd_per_record_deadline = ${stress?{yes}:{no}}
6 smtpd_starttls_timeout = ${stress?{10}:{300}}s
7 address_verify_poll_count = ${stress?{1}:{3}}
</pre>
</blockquote>
<p> With Postfix versions before 3.0, replace ${stress?{x}:{y}}
with ${stress?x}${stress:y}. </p>
<p> Translation: <p>
<ul>

7
postfix/proto/access
View File

@ -340,10 +340,11 @@
# This feature is available in Postfix 2.1 and later.
# .IP "\fBREDIRECT \fIuser@domain\fR"
# After the message is queued, send the message to the specified
# address instead of the intended recipient(s).
# address instead of the intended recipient(s). When multiple
# \fBREDIRECT\fR actions fire, only the last one takes effect.
# .sp
# Note: this action overrides the FILTER action, and currently affects
# all recipients of the message.
# Note: this action overrides the FILTER action, and currently
# overrides all recipients of the message.
# .sp
# This feature is available in Postfix 2.1 and later.
# .IP "\fBINFO \fIoptional text...\fR

13
postfix/proto/header_checks
View File

@ -163,7 +163,8 @@
# Action names are case insensitive. They are shown in upper case
# for consistency with other Postfix documentation.
# .IP "\fBBCC \fIuser@domain\fR"
# Add the specified address as a BCC recipient. The address
# Add the specified address as a BCC recipient, and inspect
# the next input line. The address
# must have a local part and domain part. The number of BCC
# addresses that can be added is limited only by the amount
# of available storage space.
@ -208,6 +209,7 @@
# \" This feature is available in Postfix 2.3 and later.
# .IP "\fBDISCARD \fIoptional text...\fR"
# Claim successful delivery and silently discard the message.
# Do not inspect the remainder of the input message.
# Log the optional text if specified, otherwise log a generic
# message.
# .sp
@ -228,6 +230,8 @@
# .sp
# This feature is available in Postfix 2.1 and later.
# .IP "\fBFILTER \fItransport:destination\fR"
# Override the content_filter parameter setting, and inspect
# the next input line.
# After the message is queued, send the entire message through
# the specified external content filter. The \fItransport\fR
# name specifies the first field of a mail delivery agent
@ -346,9 +350,10 @@
# the way that Postfix adds missing message headers.
# .RE
# .IP "\fBREJECT \fIoptional text...\fR
# Reject the entire message. Reply with \fIoptional text...\fR when
# the optional text is specified, otherwise reply with a generic error
# message.
# Reject the entire message. Do not inspect the remainder of
# the input message. Reply with \fIoptional text...\fR when
# the optional text is specified, otherwise reply with a
# generic error message.
# .sp
# Note: this action disables further header or body_checks inspection
# of the current message and affects all recipients.

28
postfix/proto/postconf.proto
View File

@ -1509,6 +1509,25 @@ as the right-hand side for backup or primary MX domain entries.
for destinations that it is MX host for.
</p>
%PARAM lmtp_fallback_relay
<p> Optional list of relay hosts for LMTP destinations that can't be
found or that are unreachable. In main.cf elements are separated by
whitespace or commas. </p>
<p> By default, mail is returned to the sender when a destination is not
found, and delivery is deferred when a destination is unreachable. </p>
<p> The fallback relays must be TCP destinations, specified without
a leading "inet:" prefix. Specify a host or host:port. Since MX
lookups do not apply with LMTP, there is no need to use the "[host]" or
"[host]:port" forms. If you specify multiple LMTP destinations, Postfix
will try them in the specified order. </p>
<p>
This feature is available in Postfix 3.1 and later.
</p>
%PARAM fast_flush_domains $relay_domains
<p>
@ -4493,11 +4512,10 @@ smtp_sasl_auth_enable = yes
<p>
Optional Postfix SMTP client lookup tables with one username:password
entry
per remote hostname or domain, or sender address when sender-dependent
authentication is enabled. If no username:password entry is found,
then the Postfix SMTP client will not
attempt to authenticate to the remote host.
entry per sender, remote hostname or next-hop domain. Per-sender
lookup is done only when sender-dependent authentication is enabled.
If no username:password entry is found, then the Postfix SMTP client
will not attempt to authenticate to the remote host.
</p>
<p>

6
postfix/src/dns/dns_strrecord.c
View File

@ -1,6 +1,6 @@
/*++
/* NAME
/* dns_strtype 3
/* dns_strrecord 3
/* SUMMARY
/* name service resource record printable forms
/* SYNOPSIS
@ -65,9 +65,11 @@ char *dns_strrecord(VSTRING *buf, DNS_RR *rr)
case T_MR:
case T_NS:
case T_PTR:
case T_TXT:
vstring_sprintf_append(buf, "%s.", rr->data);
break;
case T_TXT:
vstring_sprintf_append(buf, "%s", rr->data);
break;
case T_MX:
vstring_sprintf_append(buf, "%u %s.", rr->pref, rr->data);
break;

11
postfix/src/global/mail_params.h
View File

@ -216,7 +216,8 @@ extern char *var_null_relay_maps_key;
#define VAR_SMTP_FALLBACK "smtp_fallback_relay"
#define DEF_SMTP_FALLBACK "$fallback_relay"
#define VAR_LMTP_FALLBACK "smtp_fallback_relay"
#define VAR_LMTP_FALLBACK "lmtp_fallback_relay"
#define DEF_LMTP_FALLBACK ""
#define DEF_FALLBACK_RELAY ""
extern char *var_fallback_relay;
@ -3127,19 +3128,19 @@ extern bool var_smtp_cname_overr;
#endif
#define VAR_TLS_HIGH_CLIST "tls_high_cipherlist"
#define DEF_TLS_HIGH_CLIST PREFER_aNULL "ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH"
#define DEF_TLS_HIGH_CLIST PREFER_aNULL "HIGH:@STRENGTH"
extern char *var_tls_high_clist;
#define VAR_TLS_MEDIUM_CLIST "tls_medium_cipherlist"
#define DEF_TLS_MEDIUM_CLIST PREFER_aNULL "ALL:!EXPORT:!LOW:+RC4:@STRENGTH"
#define DEF_TLS_MEDIUM_CLIST PREFER_aNULL "HIGH:MEDIUM:+RC4:@STRENGTH"
extern char *var_tls_medium_clist;
#define VAR_TLS_LOW_CLIST "tls_low_cipherlist"
#define DEF_TLS_LOW_CLIST PREFER_aNULL "ALL:!EXPORT:+RC4:@STRENGTH"
#define DEF_TLS_LOW_CLIST PREFER_aNULL "HIGH:MEDIUM:LOW:+RC4:@STRENGTH"
extern char *var_tls_low_clist;
#define VAR_TLS_EXPORT_CLIST "tls_export_cipherlist"
#define DEF_TLS_EXPORT_CLIST PREFER_aNULL "ALL:+RC4:@STRENGTH"
#define DEF_TLS_EXPORT_CLIST PREFER_aNULL "HIGH:MEDIUM:LOW:EXPORT:+RC4:@STRENGTH"
extern char *var_tls_export_clist;
#define VAR_TLS_NULL_CLIST "tls_null_cipherlist"

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20150216"
#define MAIL_RELEASE_DATE "20150329"
#define MAIL_VERSION_NUMBER "3.1"
#ifdef SNAPSHOT

8
postfix/src/postscreen/postscreen.c
View File

@ -30,11 +30,11 @@
/* process. This minimizes the overhead for legitimate mail.
/*
/* By default, \fBpostscreen\fR(8) logs statistics and hands
/* off every connection to a Postfix SMTP server process, while
/* off each connection to a Postfix SMTP server process, while
/* excluding clients in mynetworks from all tests (primarily,
/* to avoid problems with non-standard SMTP implementations
/* in network appliances). This mode is useful for non-destructive
/* testing.
/* in network appliances). This default mode blocks no clients,
/* and is useful for non-destructive testing.
/*
/* In a typical production setting, \fBpostscreen\fR(8) is
/* configured to reject mail from clients that fail one or
@ -221,7 +221,7 @@
/* greeting" protocol tests, based on its combined DNSBL score as
/* defined with the postscreen_dnsbl_sites parameter.
/* .PP
/* Available in Postfix version 2.11 and later:
/* Available in Postfix version 3.0 and later:
/* .IP "\fBpostscreen_dnsbl_timeout (10s)\fR"
/* The time limit for DNSBL or DNSWL lookups.
/* AFTER 220 GREETING TESTS

1
postfix/src/smtp/lmtp_params.c
View File

@ -1,5 +1,6 @@
static const CONFIG_STR_TABLE lmtp_str_table[] = {
VAR_NOTIFY_CLASSES, DEF_NOTIFY_CLASSES, &var_notify_classes, 0, 0,
VAR_LMTP_FALLBACK, DEF_LMTP_FALLBACK, &var_fallback_relay, 0, 0,
VAR_BESTMX_TRANSP, DEF_BESTMX_TRANSP, &var_bestmx_transp, 0, 0,
VAR_ERROR_RCPT, DEF_ERROR_RCPT, &var_error_rcpt, 1, 0,
VAR_LMTP_SASL_PASSWD, DEF_LMTP_SASL_PASSWD, &var_smtp_sasl_passwd, 0, 0,

9
postfix/src/smtp/smtp.c
View File

@ -286,9 +286,7 @@
/* Enable SASL authentication in the Postfix SMTP client.
/* .IP "\fBsmtp_sasl_password_maps (empty)\fR"
/* Optional Postfix SMTP client lookup tables with one username:password
/* entry
/* per remote hostname or domain, or sender address when sender-dependent
/* authentication is enabled.
/* entry per sender, remote hostname or next-hop domain.
/* .IP "\fBsmtp_sasl_security_options (noplaintext, noanonymous)\fR"
/* Postfix SMTP client SASL security options; as of Postfix 2.3
/* the list of available
@ -695,6 +693,11 @@
/* .IP "\fBsmtp_address_verify_target (rcpt)\fR"
/* In the context of email address verification, the SMTP protocol
/* stage that determines whether an email address is deliverable.
/* .PP
/* Available with Postfix 3.1 and later:
/* .IP "\fBlmtp_fallback_relay (empty)\fR"
/* Optional list of relay hosts for LMTP destinations that can't be
/* found or that are unreachable.
/* SEE ALSO
/* generic(5), output address rewriting
/* header_checks(5), message header content inspection

42
postfix/src/smtp/smtp_connect.c
View File

@ -472,6 +472,13 @@ static void smtp_connect_local(SMTP_STATE *state, const char *path)
SMTP_SESSION *session;
DSN_BUF *why = state->why;
/*
* Do not silently ignore an unused setting.
*/
if (*var_fallback_relay)
msg_warn("ignoring \"%s = %s\" setting for non-TCP connections",
VAR_LMTP_FALLBACK, var_fallback_relay);
/*
* It's too painful to weave this code into the SMTP connection
* management routine.
@ -761,20 +768,15 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
}
/*
* First try to deliver to the indicated destination, then try to deliver
* to the optional fall-back relays.
*
* Future proofing: do a null destination sanity check in case we allow the
* primary destination to be a list (it could be just separators).
* Future proofing: do a null destination sanity check in case we allow
* the primary destination to be a list (it could be just separators).
*/
sites = argv_alloc(1);
argv_add(sites, nexthop, (char *) 0);
if (sites->argc == 0)
msg_panic("null destination: \"%s\"", nexthop);
non_fallback_sites = sites->argc;
/* When we are lmtp(8) var_fallback_relay is null */
if (smtp_mode)
argv_split_append(sites, var_fallback_relay, CHARS_COMMA_SP);
argv_split_append(sites, var_fallback_relay, CHARS_COMMA_SP);
/*
* Don't give up after a hard host lookup error until we have tried the
@ -815,9 +817,8 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
state->misc_flags |= SMTP_MISC_FLAG_FINAL_NEXTHOP;
/*
* Parse the destination. Default is to use the SMTP port. Look up
* the address instead of the mail exchanger when a quoted host is
* specified, or when DNS lookups are disabled.
* Parse the destination. If no TCP port is specified, use the port
* that is reserved for the protocol (SMTP or LMTP).
*/
dest_buf = smtp_parse_destination(dest, def_service, &domain, &port);
if (var_helpful_warnings && var_smtp_tls_wrappermode == 0
@ -832,8 +833,9 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
SMTP_ITER_INIT(iter, dest, NO_HOST, NO_ADDR, port, state);
/*
* Resolve an SMTP server. Skip mail exchanger lookups when a quoted
* host is specified, or when DNS lookups are disabled.
* Resolve an SMTP or LMTP server. In the case of SMTP, skip mail
* exchanger lookups when a quoted host is specified or when DNS
* lookups are disabled.
*/
if (msg_verbose)
msg_info("connecting to %s port %d", domain, ntohs(port));
@ -1072,7 +1074,7 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
* Pay attention to what could be configuration problems, and pretend
* that these are recoverable rather than bouncing the mail.
*/
else if (!SMTP_HAS_SOFT_DSN(why) && smtp_mode) {
else if (!SMTP_HAS_SOFT_DSN(why)) {
/*
* The fall-back destination did not resolve as expected, or it
@ -1087,8 +1089,13 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
/*
* The next-hop relayhost did not resolve as expected, or it is
* refusing to talk to us, or mail for it loops back to us.
*
* XXX There is no equivalent safety net for mis-configured
* sender-dependent relay hosts. The trivial-rewrite resolver
* would have to flag the result, and the queue manager would
* have to provide that information to delivery agents.
*/
else if (strcmp(sites->argv[0], var_relayhost) == 0) {
else if (smtp_mode && strcmp(sites->argv[0], var_relayhost) == 0) {
msg_warn("%s configuration problem", VAR_RELAYHOST);
vstring_strcpy(why->status, "4.3.5");
/* XXX Keep the diagnostic code and MTA. */
@ -1098,7 +1105,7 @@ static void smtp_connect_inet(SMTP_STATE *state, const char *nexthop,
* Mail for the next-hop destination loops back to myself. Pass
* the mail to the best_mx_transport or bounce it.
*/
else if (SMTP_HAS_LOOP_DSN(why) && *var_bestmx_transp) {
else if (smtp_mode && SMTP_HAS_LOOP_DSN(why) && *var_bestmx_transp) {
dsb_reset(why); /* XXX */
state->status = deliver_pass_all(MAIL_CLASS_PRIVATE,
var_bestmx_transp,
@ -1151,9 +1158,6 @@ int smtp_connect(SMTP_STATE *state)
}
/*
* With SMTP we can have indirection via MX host lookup, as well as an
* optional fall-back relayhost that we must avoid when we are MX host.
*
* XXX We don't add support for "unix:" or "inet:" prefixes in SMTP
* destinations, because that would break compatibility with existing
* Postfix configurations that have a host with such a name.

2
postfix/src/smtpd/smtpd.c
View File

@ -4341,7 +4341,7 @@ static void smtpd_start_tls(SMTPD_STATE *state)
* VSTREAMS, so that we don't lose all the user-configurable
* state->client attributes (such as longjump buffers or timeouts).
*
* As we implement tlsproy support in the Postfix SMTP client we should
* As we implement tlsproxy support in the Postfix SMTP client we should
* develop a usable abstraction that encapsulates this stream plumbing in
* a library module.
*/

13
postfix/src/trivial-rewrite/resolve.c
View File

@ -591,15 +591,20 @@ static void resolve_addr(RES_CONTEXT *rp, char *sender, char *addr,
if (*relay == 0) {
msg_warn("%s: ignoring null lookup result for %s",
rp->snd_relay_maps_name, sender_key);
relay = "DUNNO";
}
vstring_strcpy(nexthop, strcasecmp(relay, "DUNNO") == 0 ?
rcpt_domain : relay);
relay = 0;
} else if (strcasecmp_utf8(relay, "DUNNO") == 0)
relay = 0;
} else if (rp->snd_relay_info
&& rp->snd_relay_info->error != 0) {
msg_warn("%s lookup failure", rp->snd_relay_maps_name);
*flags |= RESOLVE_FLAG_FAIL;
FREE_MEMORY_AND_RETURN;
} else {
relay = 0;
}
/* Enforce all the relayhost precedences in one place. */
if (relay != 0) {
vstring_strcpy(nexthop, relay);
} else if (*RES_PARAM_VALUE(rp->relayhost))
vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost));
else

3
postfix/src/util/allascii.c
View File

@ -9,7 +9,7 @@
/* int allascii(buffer)
/* const char *buffer;
/*
/* int allascii_len(buffer len)
/* int allascii_len(buffer, len)
/* const char *buffer;
/* ssize_t len;
/* DESCRIPTION
@ -35,6 +35,7 @@
#include <sys_defs.h>
#include <ctype.h>
#include <string.h>
/* Utility library. */