postfix-2.7-20090511

2025-08-30 13:48:06 +00:00 · 2009-05-11 00:00:00 -05:00
parent cf182ff67b
commit e9d644422e
14 changed files with 574 additions and 480 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -15039,7 +15039,7 @@ Apologies for any names omitted.
 	Cleanup: OpenLDAP now provides a sane solution for conflicts
 	with PAM ldap-over-tls. Victor Duchovni.  File: global/dict_ldap.c.
-20900304
+20090304
 	Cleanup: skip over suspended or throttled queues while
 	looking for delivery requests. File: *qmgr/qmgr_transport.c.
@@ -15214,3 +15214,9 @@ Apologies for any names omitted.
 	This avoids hard to debug errors from some Milter applications.
 	Files: cleanup/cleanup_envelope.c, cleanup/cleanup_extracted.c,
 	cleanup/cleanup_addr.c.
 20090511
 	Code cleanups: don't clobber -o command-line arguments so
 	that Linux people can debug daemon command lines more easily.
 	Files: master/*server.c.
--- a/postfix/README_FILES/MILTER_README
+++ b/postfix/README_FILES/MILTER_README
@@ -88,24 +88,20 @@ deals with C applications only. For these, you need an object library that
 implements the Sendmail 8 Milter protocol. Postfix currently does not provide
 such a library, but Sendmail does.
-On some Linux and *BSD distributions, the Sendmail libmilter library is
+  * The first option is to use a pre-compiled library. Some systems install the
-installed by default. With this, applications such as dkim-milter and sid-
+    Sendmail libmilter library by default. With other systems, libmilter may be
-milter build out of the box without requiring any tinkering:
+    provided by a package (called "sendmail-devel" on some Linux systems).
-    $ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
+    Once libmilter is installed, applications such as dkim-milter and sid-
-    $ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
+    milter build out of the box without requiring any tinkering:
    $ mmaakkee
    [...lots of output omitted...]
-On other platforms you have two options:
+        $ ggzzccaatt ddkkiimm--mmiilltteerr--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
        $ ccdd ddkkiimm--mmiilltteerr--xx..yy..zz
        $ mmaakkee
        [...lots of output omitted...]
-  * Install the Sendmail libmilter object library and include files. On Linux
+  * The other option is to build the libmilter library from Sendmail source
-    systems, libmilter may be provided by the sendmail-devel package. After
+    code:
    installing libmilter, build the Milter applications as described in the
    preceding paragraph.
  * Don't install the Sendmail libmilter library, but build the library from
    Sendmail source code instead:
        $ ggzzccaatt sseennddmmaaiill--xx..yy..zz..ttaarr..ggzz || ttaarr xxff --
        $ ccdd sseennddmmaaiill--xx..yy..zz//lliibbmmiilltteerr
@@ -299,7 +295,7 @@ table shows the timeout settings and the corresponding protocol stages (EOH =
 end of headers; EOM = end of message).
     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
-    |PPaarraammeetteerr             |TTiimmee lliimmiitt|PPrroottooccooll ssttaaggee                 |
+    |PPoossttffiixx ppaarraammeetteerr     |TTiimmee lliimmiitt|MMiilltteerr pprroottooccooll ssttaaggee          |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
    |milter_connect_timeout|30s       |CONNECT                        |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
@@ -318,16 +314,17 @@ SSeennddmmaaiill mmaaccrroo eemmuullaattiioonn
 Postfix emulates a limited number of Sendmail macros, as shown in the table.
 Some macro values depend on whether a recipient is rejected (rejected
 recipients are available on request by the Milter application). Different
-macros are available at different SMTP protocol stages (EOH = end-of-header,
+macros are available at different Milter protocol stages (EOH = end-of-header,
 EOM = end-of-message); their availability is not always the same as in
 Sendmail. See the workarounds section below for solutions.
     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
-    |NNaammee                |AAvvaaiillaabbiilliittyy             |DDeessccrriippttiioonn               |
+    |SSeennddmmaaiill mmaaccrroo      |MMiilltteerr pprroottooccooll ssttaaggee    |DDeessccrriippttiioonn               |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |i                   |DATA, EOH, EOM           |Queue ID                  |
+    |i                   |DATA, EOH, EOM           |Queue ID, also Postfix    |
    |                    |                         |queue file name           |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |j                   |Always                   |value of myhostname       |
+    |j                   |Always                   |Value of myhostname       |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
    |_                   |Always                   |The validated client name |
    |                    |                         |and address               |
@@ -385,7 +382,7 @@ Sendmail. See the workarounds section below for solutions.
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
    |                    |                         |Recipient next-hop        |
    |{rcpt_host}         |RCPT (Postfix >= 2.6,    |destination               |
-    |                    |only with smtpd_milters) |With rejected recpient:   |
+    |                    |only with smtpd_milters) |With rejected recipient:  |
    |                    |                         |enhanced status code      |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
    |                    |                         |Recipient mail delivery   |
@@ -399,45 +396,52 @@ Sendmail. See the workarounds section below for solutions.
    |v                   |Always                   |value of milter_macro_v   |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-Postfix sends specific sets of macros at different SMTP protocol stages. The
+Postfix sends specific sets of macros at different Milter protocol stages. The
 sets are configured with the parameters as described in the table (EOH = end of
 headers; EOM = end of message). The protocol version is a number that Postfix
 sends at the beginning of the Milter protocol handshake.
 As of Sendmail 8.14.0, Milter applications can specify what macros they want to
-receive at different protocol stages. In that case, the application-specified
+receive at different Milter protocol stages. An application-specified list
-list takes precedence over Postfix configuration.
+takes precedence over a Postfix-specified list.
-     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
+     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
-    |PPaarraammeetteerr nnaammee               |PPrroottooccooll vveerrssiioonn|PPrroottooccooll ssttaaggee |
+    |PPoossttffiixx ppaarraammeetteerr            |MMiilltteerr pprroottooccooll|MMiilltteerr pprroottooccooll ssttaaggee|
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |                             |vveerrssiioonn        |                     |
-    |milter_connect_macros        |2 or higher     |CONNECT        |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_connect_macros        |2 or higher    |CONNECT              |
-    |milter_helo_macros           |2 or higher     |HELO/EHLO      |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_helo_macros           |2 or higher    |HELO/EHLO            |
-    |milter_mail_macros           |2 or higher     |MAIL FROM      |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_mail_macros           |2 or higher    |MAIL FROM            |
-    |milter_rcpt_macros           |2 or higher     |RCPT TO        |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_rcpt_macros           |2 or higher    |RCPT TO              |
-    |milter_data_macros           |4 or higher     |DATA           |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_data_macros           |4 or higher    |DATA                 |
-    |milter_end_of_header_macros  |6 or higher     |EOH            |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_end_of_header_macros  |6 or higher    |EOH                  |
-    |milter_end_of_data_macros    |2 or higher     |EOM            |
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_end_of_data_macros    |2 or higher    |EOM                  |
-    |milter_unknown_command_macros|3 or higher     |unknown command|
+    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
+    |milter_unknown_command_macros|3 or higher    |unknown command      |
    |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
 WWoorrkkaarroouunnddss
-Content filters may break DKIM etc. signatures. If you use an SMTP-based
+  * To avoid breaking DKIM etc. signatures with an SMTP-based content filter,
-content filter, then you should add a line to master.cf with "-
+    update the before-filter SMTP client in master.cf, and add a line with "-
-o disable_mime_output_conversion=yes" (note: no spaces around the "="), as
+    o disable_mime_output_conversion=yes" (note: no spaces around the "="). For
-described in the advanced content filter example.
+    details, see the advanced content filter example.
-Sendmail Milter applications were originally developed for the Sendmail version
+    /etc/postfix/master.cf:
-8 MTA, which has a different architecture than Postfix. The result is that some
+        # =============================================================
-Milter applications make assumptions that aren't true in a Postfix environment.
+        # service type  private unpriv  chroot  wakeup  maxproc command
        #               (yes)   (yes)   (yes)   (never) (100)
        # =============================================================
        scan      unix  -       -       n       -       10      smtp
            -o smtp_send_xforward_command=yes
            -o disable_mime_output_conversion=yes
            -o smtp_generic_maps=
  * Some Milter applications use the "{if_addr}" macro to recognize local mail;
    this macro does not exist in Postfix. Workaround: use the "{client_addr}"
@@ -452,49 +456,47 @@ Milter applications make assumptions that aren't true in a Postfix environment.
        X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com <unknown-
        msgid>
-    This happens because those Milter applications expect that the queue ID is
+    The problem is that Milter applications expect that the queue ID is known
-    known before the MTA accepts the MAIL FROM (sender) command. Postfix, on
+    before the MTA accepts the MAIL FROM (sender) command. Postfix does not
-    the other hand, does not choose a queue file name until after it accepts
+    choose a queue ID, which is used as the queue file name, until after it
-    the first valid RCPT TO (recipient) command (Postfix queue file names must
+    accepts the first valid RCPT TO (recipient) command.
    be unique across multiple directories, so the name can't be chosen before
    the file is created; if multiple messages were to use the same queue ID
    simultaneously, mail would be lost).
-If you experience the ugly header problem, see if a recent version of the
+    If you experience the ugly header problem, see if a recent version of the
-Milter application fixes it. For example, current versions of dkim-filter and
+    Milter application fixes it. For example, current versions of dkim-filter
-dk-filter already have code that looks up the Postfix queue ID at a later
+    and dk-filter already have code that looks up the Postfix queue ID at a
-protocol stage, and sid-filter version 1.0.0 no longer includes the queue ID in
+    later protocol stage, and sid-filter version 1.0.0 no longer includes the
-the message header.
+    queue ID in the message header.
-To fix the ugly message header with other Milter applications, you will need to
+    To fix the ugly message header, you will need to add code that looks up the
-do something like this:
+    Postfix queue ID at some later point im time. The example below adds the
    lookup after the end-of-message.
-  * Edit the filter source file (typically named xxx-filter/xxx-filter.c or
+      o Edit the filter source file (typically named xxx-filter/xxx-filter.c or
-    similar).
+        similar).
-  * Look up the mlfi_eom() function and add code near the top shown as bboolldd
+      o Look up the mlfi_eom() function and add code near the top shown as bboolldd
-    text below:
+        text below:
-    dfc = cc->cctx_msg;
+        dfc = cc->cctx_msg;
-    assert(dfc != NULL);
+        assert(dfc != NULL);
-    //** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
+        //** DDeetteerrmmiinnee tthhee jjoobb IIDD ffoorr llooggggiinngg.. **//
-    iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00)) {{
+        iiff ((ddffcc-->>mmccttxx__jjoobbiidd ==== 00 |||| ssttrrccmmpp((ddffcc-->>mmccttxx__jjoobbiidd,, JJOOBBIIDDUUNNKKNNOOWWNN)) ==== 00))
-            cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
+        {{
-            iiff ((jjoobbiidd !!== 00))
+                cchhaarr **jjoobbiidd == ssmmffii__ggeettssyymmvvaall((ccttxx,, ""ii""));;
-                    ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
+                iiff ((jjoobbiidd !!== 00))
-    }}
+                        ddffcc-->>mmccttxx__jjoobbiidd == jjoobbiidd;;
        }}
-    /* get hostname; used in the X header and in new MIME boundaries */
+    NOTES:
-NOTES:
+      o Different mail filters use slightly different names for variables. If
        the above code does not compile, look elsewhere in the mail filter
        source file for code that looks up the "i" macro value, and copy that
        code.
-  * Different mail filters use slightly different names for variables. If the
+      o This change fixes only the ugly message header, but not the WARNING
-    above code does not compile, look for the code at the start of the mlfi_eoh
+        message. Fortunately, many Milters log that message only once.
    () routine.
  * This fixes only the ugly message header, but not the WARNING message.
    Fortunately, many Milters log that message only once.
 LLiimmiittaattiioonnss
@@ -509,7 +511,7 @@ the CONTENT_INSPECTION_README document for a discussion.
     _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
    |PPoossttffiixx|SSuuppppoorrtteedd MMiilltteerr rreeqquueessttss                                       |
    |_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
-    |   2.6 |All Milter requests of Sendmail 8.14.0.                         |
+    |   2.6 |All Milter requests of Sendmail 8.14.0 (see notes below).       |
    |_ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
    |       |All Milter requests of Sendmail 8.14.0, except:                 |
    |       |SMFIP_RCPT_REJ (report rejected recipients to the mail filter), |
@@ -526,7 +528,7 @@ the CONTENT_INSPECTION_README document for a discussion.
  * For Milter applications that are written in C, you need to use the Sendmail
    libmilter library.
-  * There are TWO sets of mail filters: filters that are used for SMTP mail
+  * Postfix has TWO sets of mail filters: filters that are used for SMTP mail
    only (specified with the smtpd_milters parameter), and filters for non-SMTP
    mail (specified with the non_smtpd_milters parameter). The non-SMTP filters
    are primarily for local submissions.
@@ -549,14 +551,15 @@ the CONTENT_INSPECTION_README document for a discussion.
  * Postfix 2.6 ignores the optional ESMTP parameters in requests to replace
    the sender (SMFIR_CHGFROM) or to append a recipient (SMFIR_ADDRCPT_PAR).
-    When a Milter application supplies such ESMTP parameters, Postfix will log
+    Postfix logs a warning message when a Milter application supplies such
-    a warning:
+    ESMTP parameters:
    warning: queue-id: cleanup_chg_from: ignoring ESMTP arguments "whatever"
    warning: queue-id: cleanup_add_rcpt: ignoring ESMTP arguments "whatever"
  * Postfix 2.3 does not implement requests to replace the message body. Milter
-    applications that need this unsupported operation will log a warning:
+    applications log a warning message when they need this unsupported
    operation:
    st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@@ -1,244 +1,15 @@
-The stable Postfix release is called postfix-2.5.x where 2=major
+The stable Postfix release is called postfix-2.6.x where 2=major
-release number, 5=minor release number, x=patchlevel.  The stable
+release number, 6=minor release number, x=patchlevel.  The stable
 release never changes except for patches that address bugs or
 emergencies. Patches change the patchlevel and the release date.
 New features are developed in snapshot releases. These are called
-postfix-2.6-yyyymmdd where yyyymmdd is the release date (yyyy=year,
+postfix-2.7-yyyymmdd where yyyymmdd is the release date (yyyy=year,
 mm=month, dd=day).  Patches are never issued for snapshot releases;
 instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
-Incompatibility with snapshot 20090428
+If you upgrade from Postfix 2.5 or earlier, read RELEASE_NOTES-2.6
 ======================================
 The Postfix SMTP client(!) no longer tries to use the obsolete SSLv2
 protocol by default, as this may prevent the use of modern SSL
 features.  Lack of SSLv2 support should never be a problem, since
 SSLv3 was defined in 1996, and TLSv1 in 1999. You can undo the
 change by specifying empty main.cf values for smtp_tls_protocols
 and lmtp_tls_protocols. The Postfix SMTP server maintains SSLv2
 support for backwards compatibility with ancient clients.
 The default milter_protocol setting is increased from 2 to 6; this
 enables all available features up to and including Sendmail 8.14.0.
 The new milter_protocol setting may break compatibility with older
 Milter libraries or applications, and may cause Postfix to log
 warning messages such as:
    warning: milter inet:host:port: can't read packet header: Unknown error : 0
    warning: milter inet:host:port: can't read packet header: Success
    warning: milter inet:host:port: can't read SMFIC_DATA reply
    packet header: No such file or directory
 To restore compatibility, specify "milter_protocol = 2" in main.cf.
 Major changes with snapshot 20090428
 ====================================
 The following improvements have been made to the Milter implementation:
 - Improved compatibility of the {mail_addr} and {rcpt_addr} macros.
 - Support for the {mail_host}, {mail_mailer}, {rcpt_host} and
 {rcpt_mailer} macros.
 - Milter applications can now request rejected recipients with the
 SMFIP_RCPT_REJ feature. Rejected recipients are reported with
 {rcpt_mailer} = "error", {rcpt_host} = enhanced status code, and
 {rcpt_addr} = descriptive text. This feature requires "milter_protocol
 = 6" or higher (default as of Postfix 2.6).
 - Milters can now replace the envelope sender address with the
 SMFIR_CHGFROM request, and can add recipients with SMFIR_ADDRCPT_PAR.
 These implementations currently ignore ESMTP command parameters
 and log a warning message as follows:
    warning: 100B22B3293: cleanup_chg_from: ignoring ESMTP arguments "whatever"
 Incompatibility with snapshot 20090330
 ======================================
 Postfix now adds (Resent-) From:, Date:, Message-ID: or To: headers
 only when clients match $local_header_rewrite_clients.  Specify
 "always_add_missing_headers = yes" for backwards compatibility.
 Adding such headers can break DKIM signatures that cover headers
 that are not present.
 This changes the appearance of Postfix logging: to preserve
 compatibility with existing logfile processing software, Postfix
 will log ``message-id=<>'' for messages without Message-Id header.
 Major changes with snapshot 20090212
 ====================================
 Stress-dependent behavior by default. Under conditions of overload,
 smtpd_timeout is reduced from 300s to to 10s, smtpd_hard_error_limit
 is reduced from 20 to 1, and smtpd_junk_command_limit is reduced
 from 100 to 1. This will reduce the delays for most legitimate mail.
 Major changes with snapshot 20090121
 ====================================
 Plug-in support for managing multiple Postfix instances.  This can
 automatically apply your "postfix start" etc. command to multiple
 Postfix instances, including upgrades to new Postfix versions.
 Multi-instance support allows you to do the following and more:
 - Simplify post-queue content filter configuration by using separate
  Postfix instances before and after the filter. This simplifies
  trouble shooting and performance tuning.
 - Implement per-user content filters (or no filter) via transport
  map lookups instead of content_filter settings. Mail for some
  users can be sent directly from the before-filter instance to the
  after-filter instance.
 - Test new configuration settings (on a different server IP address
  or TCP port) without disturbing production instances.
 - Each additional Postfix instance uses a few files and directories,
  plus memory for an extra master daemon and queue manager. The
  pickup daemon is needed only if you use local submission or
  "postsuper -r".
 Best of all, nothing changes when you use only one Postfix instance.
 The postfix-wrapper script (in the daemon directory) implements a
 simple but useful multi-instance manager, with instructions. The
 plug-in API itself is described in the postfix-wrapper(5) manpage.
 A more sophisticated multi-instance manager called postmulti(1) is
 approaching completion. A prototype version has been used internally
 at Morgan Stanley. This version will be adapted to the new plug-in
 API which makes some simplification possible.
 Major changes with snapshot 20090109
 ====================================
 Support to selectively disable master(8) listener ports by service
 type or by service name + type. Specify a list of service types
 ("inet", "unix", "fifo", or "pass") or "name.type" tuples, where
 "name" is the first field of a master.cf entry and "type" is a
 service type. Examples: to turn off the main SMTP listener port,
 use "master_service_disable = smtp.inet"; to turn off all TCP/IP
 listeners, use "master_service_disable = inet". Changing this
 parameter requires "postfix reload".
 Specify "tcp_windowsize = 65535" (or less) to work around routers
 with broken TCP window scaling implementations.  This is perhaps
 more convenient than collecting tcpdump output and tuning kernel
 parameters by hand.  With Postfix TCP servers (smtpd(8), qmqpd(8)),
 this feature is implemented by the Postfix master(8) daemon.
 To change this parameter without stopping Postfix, you need to first
 terminate all Postfix TCP servers:
    # postconf -e master_service_disable=inet
    # postfix reload
 This immediately terminates all processes that accept network
 connections.  Then you enable Postfix TCP servers with the updated
 tcp_windowsize setting:
    # postconf -e tcp_windowsize=65535 master_service_disable=
    # postfix reload
 If you skip these steps with a running Postfix system, then the
 tcp_windowsize change will work only for Postfix TCP clients (smtp(8),
 lmtp(8)).
 Of course you can also do "postfix stop" and "postfix start",
 but that is more disruptive.
 Major changes with snapshot 20081010
 ====================================
 Controls for the protocols and ciphers that Postfix will use with
 opportunistic TLS. The smtp_tls_protocols, smtp_tls_ciphers, and
 equivalent parameters for lmtp and smtpd provide global settings;
 the SMTP client TLS policy table provides ciphers and protocols
 settings for specific peers.  Code by Victor Duchovni. Details are
 given in the TLS_README and postconf(5) documents.
 Incompatibility with snapshot 20080814
 ======================================
 When a mailbox file is not owned by its recipient, the local and
 virtual delivery agents now log a warning and defer delivery.
 Specify "strict_mailbox_ownership = no" to ignore such ownership
 discrepancies.
 Incompatibility with snapshot 20080629
 ======================================
 When TLS support is not compiled in, the Postfix SMTP server no
 longer ignores the "smtpd_tls_auth_only = yes" parameter setting.
 Earlier Postfix SMTP server versions would announce SASL support,
 and would accept SASL login or sender information.
 Incompatibility with snapshot 20080726
 ======================================
 When a mailbox file is not owned by its recipient, the local and
 virtual delivery agents now log a warning and defer delivery.
 Specify "strict_mailbox_ownership = no" to ignore such ownership
 discrepancies.
 Major changes with snapshot 20080629
 ====================================
 The Postfix SMTP server's SASL authentication was re-structured.
 With "smtpd_tls_auth_only = yes", SASL support is now activated
 only after a successful TLS handshake. Earlier Postfix SMTP server
 versions could complain about unavailable SASL mechanisms during
 the plaintext phase of the SMTP protocol.
 Incompatibility with snapshot 20080510
 ======================================
 In the policy delegation protocol, certificate common name attributes
 are now xtext encoded UTF-8. The xtext decoded attributes may contain
 any UTF-8 value except non-printable ASCII characters.
 Incompatibility with snapshot 20080428
 ======================================
 Postfix SMTP server replies for address verification have changed.
 unverified_recipient_reject_code and unverified_sender_reject_code
 now handle "5XX" rejects only. The "4XX" rejects are now controlled
 with unverified_sender_defer_code and unverified_recipient_defer_code.
 Major changes with snapshot 20080428
 ====================================
 Finer control over the way that Postfix reports address verification
 failures are reported to remote SMTP clients.
 - unverified_sender/recipient_defer_code: the numerical Postfix
  SMTP server reply code when address verification failed due
  to some temporary error.
 - unverified_sender/recipient_reject_reason: fixed text that Postfix
  will send to the remote SMTP client, instead of sending actual
  address verification details.
 Incompatible changes with snapshot 20080207
 ===========================================
 According to discussions on the mailing list, too many people are
 breaking newly installed Postfix by overwriting the new /etc/postfix
 files with versions from an older release, and end up with a broken
 configuration that cannot repair itself. For this reason, postfix-script,
 postfix-files and post-install are moved away from /etc/postfix to
 $daemon_directory.
 Incompatible changes with Postfix 2.5.0
 =======================================
 If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
 before proceeding.
--- a/postfix/RELEASE_NOTES-2.6
+++ b/postfix/RELEASE_NOTES-2.6
@@ -0,0 +1,305 @@
 The stable Postfix release is called postfix-2.6.x where 2=major
 release number, 6=minor release number, x=patchlevel.  The stable
 release never changes except for patches that address bugs or
 emergencies. Patches change the patchlevel and the release date.
 New features are developed in snapshot releases. These are called
 postfix-2.7-yyyymmdd where yyyymmdd is the release date (yyyy=year,
 mm=month, dd=day).  Patches are never issued for snapshot releases;
 instead, a new snapshot is released.
 The mail_release_date configuration parameter (format: yyyymmdd)
 specifies the release date of a stable release or snapshot release.
 If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
 before proceeding.
 Major changes - multi-instance support
 --------------------------------------
 [Feature 20090121] Support for managing multiple Postfix instances.
 This can automatically apply your "postfix start" etc.  command to
 multiple Postfix instances, including upgrades to new Postfix
 versions.  Multi-instance support allows you to do the following
 and more:
 - Simplify post-queue content filter configuration by using separate
  Postfix instances before and after the filter. This simplifies
  trouble shooting and performance tuning.
 - Implement per-user content filters (or no filter) via transport
  map lookups instead of content_filter settings. Mail for some
  users can be sent directly from the before-filter instance to the
  after-filter instance.
 - Test new configuration settings (on a different server IP address
  or TCP port) without disturbing production instances.
 - Each additional Postfix instance uses a few files and directories,
  plus memory for an extra master daemon and queue manager. The
  pickup daemon is needed only if you use local submission or
  "postsuper -r".
 Best of all, nothing changes when you use only one Postfix instance.
 The postfix-wrapper script (in the daemon directory) implements a
 simple but useful multi-instance manager, with instructions. The
 plug-in API itself is described in the postfix-wrapper(5) manpage.
 A more sophisticated multi-instance manager called postmulti(1) is
 approaching completion. A prototype version has been used internally
 at Morgan Stanley. This version will be adapted to the new plug-in
 API which makes some simplification possible.
 Major changes - milter support
 ------------------------------
 [Feature 20090428] The following improvements have been made to the
 Milter implementation:
 - Improved compatibility of the {mail_addr} and {rcpt_addr} macros.
 - Support for the {mail_host}, {mail_mailer}, {rcpt_host} and
 {rcpt_mailer} macros.
 - Milter applications can now request rejected recipients with the
 SMFIP_RCPT_REJ feature. Rejected recipients are reported with
 {rcpt_mailer} = "error", {rcpt_host} = enhanced status code, and
 {rcpt_addr} = descriptive text. This feature requires "milter_protocol
 = 6" or higher (default as of Postfix 2.6).
 - Milters can now replace the envelope sender address with the
 SMFIR_CHGFROM request, and can add recipients with SMFIR_ADDRCPT_PAR.
 These implementations ignore ESMTP command parameters and log a
 warning message as follows:
    warning: 100B22B3293: cleanup_chg_from: ignoring ESMTP arguments "whatever"
    warning: 100B22B3293: cleanup_add_rcpt: ignoring ESMTP arguments "whatever"
 [Incompat 20090428] The default milter_protocol setting is increased
 from 2 to 6; this enables all available features up to and including
 Sendmail 8.14.0.  The new milter_protocol setting may break
 compatibility with older Milter libraries or applications, and may
 cause Postfix to log warning messages such as:
    warning: milter inet:host:port: can't read packet header: Unknown error : 0
    warning: milter inet:host:port: can't read packet header: Success
    warning: milter inet:host:port: can't read SMFIC_DATA reply
    packet header: No such file or directory
 To restore compatibility, specify "milter_protocol = 2" in main.cf.
 Major changes - security
 ------------------------
 [Incompat 20080726] When a mailbox file is not owned by its recipient,
 the local and virtual delivery agents now log a warning and defer
 delivery.  Specify "strict_mailbox_ownership = no" to ignore such
 ownership discrepancies.
 Major changes - smtp server
 ---------------------------
 [Feature 20080212] check_reverse_client_hostname_access, to make
 access decisions based on the unverified client hostname.  For
 safety reasons an OK result is not allowed.
 [Feature 20090210] With "reject_tempfail_action = defer", the Postfix
 SMTP server immediately replies with a 4xx status after some temporary
 error, instead of executing an implicit "defer_if_permit" action.
 [Feature 20090215] The Postfix SMTP server automatically hangs up
 after replying with "521". This makes overload handling more
 effective.  See also RFC 1846 for prior art on this topic.
 [Feature 20090228] The Postfix SMTP server maintains a per-session
 "improper command pipelining detected" flag. This flag can be tested
 at any time with reject_unauth_pipelining, and is raised whenever
 a client command is followed by unexpected commands or message
 content. The Postfix SMTP server logs the first command pipelining
 transgression as "improper command pipelining after <command> from
 <hostname>[<hostaddress>]".
 [Feature 20090212] Stress-dependent behavior is enabled by default.
 Under conditions of overload, smtpd_timeout is reduced from 300s
 to 10s, smtpd_hard_error_limit is reduced from 20 to 1, and
 smtpd_junk_command_limit is reduced from 100 to 1. This will reduce
 the impact of overload for most legitimate mail.
 [Feature 20080629] The Postfix SMTP server's SASL authentication
 was re-structured.  With "smtpd_tls_auth_only = yes", SASL support
 is now activated only after a successful TLS handshake. Earlier
 Postfix SMTP server versions could complain about unavailable SASL
 mechanisms during the plaintext phase of the SMTP protocol.
 [Incompat 20080510] In the policy delegation protocol, certificate
 common name attributes are now xtext encoded UTF-8. The xtext decoded
 attributes may contain any UTF-8 value except non-printable ASCII
 characters.
 Major changes - performance
 ---------------------------
 [Feature 20090215] The Postfix SMTP server automatically hangs up
 after replying with "521". This makes overload handling more
 effective.  See also RFC 1846 for prior art on this topic.
 [Feature 20090212] Stress-dependent behavior is enabled by default.
 Under conditions of overload, smtpd_timeout is reduced from 300s
 to 10s, smtpd_hard_error_limit is reduced from 20 to 1, and
 smtpd_junk_command_limit is reduced from 100 to 1. This will reduce
 the negative impact of server overload for most legitimate mail.
 [Feature 20090109] Specify "tcp_windowsize = 65535" (or less) to
 work around routers with broken TCP window scaling implementations.
 This is perhaps more convenient than collecting tcpdump output and
 tuning kernel parameters by hand.  With Postfix TCP servers (smtpd(8),
 qmqpd(8)), this feature is implemented by the Postfix master(8)
 daemon.
 To change this parameter without stopping Postfix, you need to first
 terminate all Postfix TCP servers:
    # postconf -e master_service_disable=inet
    # postfix reload
 This immediately terminates all processes that accept network
 connections.  Then you enable Postfix TCP servers with the updated
 tcp_windowsize setting:
    # postconf -e tcp_windowsize=65535 master_service_disable=
    # postfix reload
 If you skip these steps with a running Postfix system, then the
 tcp_windowsize change will work only for Postfix TCP clients (smtp(8),
 lmtp(8)).
 Of course you can also do "postfix stop" and "postfix start",
 but that is more disruptive.
 Major changes - tls
 -------------------
 [Incompat 20090428] The Postfix SMTP client(!) no longer tries to
 use the obsolete SSLv2 protocol by default, as this may prevent the
 use of modern SSL features.  Lack of SSLv2 support should never be
 a problem, since SSLv3 was defined in 1996, and TLSv1 in 1999. You
 can undo the change by specifying empty main.cf values for
 smtp_tls_protocols and lmtp_tls_protocols. The Postfix SMTP server
 maintains SSLv2 support for backwards compatibility with ancient
 clients.
 [Feature 20081010] Controls for the protocols and ciphers that
 Postfix will use with opportunistic TLS. The smtp_tls_protocols,
 smtp_tls_ciphers, and equivalent parameters for lmtp and smtpd
 provide global settings; the SMTP client TLS policy table provides
 ciphers and protocols settings for specific peers.  Code by Victor
 Duchovni. Details are given in the TLS_README and postconf(5)
 documents.
 [Feature 20081108] Elliptic curve support. This requires OpenSSL
 version 0.9.9 or later.
 Major changes - address verification
 ------------------------------------
 [Incompat 20080428] Postfix SMTP server replies for address
 verification have changed.  unverified_recipient_reject_code and
 unverified_sender_reject_code now handle "5XX" rejects only. The
 "4XX" rejects are now controlled with unverified_sender_defer_code
 and unverified_recipient_defer_code.
 [Feature 20080428] Finer control over the way Postfix reports address
 verification failures to remote SMTP clients.
 - unverified_sender/recipient_defer_code: the numerical Postfix
  SMTP server reply code when address verification failed due
  to some temporary error.
 - unverified_sender/recipient_reject_reason: fixed text that Postfix
  will send to the remote SMTP client, instead of sending actual
  address verification details.
 Major changes - dsn
 -------------------
 [Feature 20090307] New "lmtp_assume_final = yes" flag to send correct
 DSN "success" notifications when LMTP delivery is "final" as opposed
 to delivery into a content filter.
 Major changes - file organization
 ---------------------------------
 [Incompat 20080207] According to discussions on the mailing list,
 too many people are breaking newly installed Postfix by overwriting
 the new /etc/postfix files with versions from an older release, and
 end up with a broken configuration that cannot repair itself. For
 this reason, postfix-script, postfix-files and post-install are
 moved away from /etc/postfix to $daemon_directory.
 Major changes - header rewriting
 --------------------------------
 [Incompat 20090330] Postfix now adds (Resent-) From:, Date:,
 Message-ID: or To: headers only when clients match
 $local_header_rewrite_clients.  Specify "always_add_missing_headers
 = yes" for backwards compatibility.  Adding such headers can break
 DKIM signatures that cover headers that are not present.
 compatibility with existing logfile processing software, Postfix
 will log ``message-id=<>'' for messages without Message-Id header.
 Major changes - lmtp client
 ---------------------------
 [Feature 20090307] New "lmtp_assume_final = yes" flag to send correct
 DSN "success" notifications when LMTP delivery is "final" as opposed
 to delivery into a content filter.
 Major changes - logging
 -----------------------
 [Incompat 20090330] Postfix now adds (Resent-) From:, Date:,
 Message-ID: or To: headers only when clients match
 $local_header_rewrite_clients.  Specify "always_add_missing_headers
 = yes" for backwards compatibility.  Adding such headers can break
 DKIM signatures that cover headers that are not present.
 This changes the appearance of Postfix logging: to preserve
 compatibility with existing logfile processing software, Postfix
 will log ``message-id=<>'' for messages without Message-Id header.
 Major changes - mime
 --------------------
 [Feature 20080324] When the "postmap -q -" command reads lookup
 keys from standard input, it now understands RFC822 and MIME message
 format.  Specify -h or -b to use headers or body lines as lookup
 keys, and specify -hm or -bm to simulate header_checks or body_checks.
 Major changes - miscellaneous
 -----------------------------
 [Feature 20090109] Support to selectively disable master(8) listener
 ports by service type or by service name + type. Specify a list of
 service types ("inet", "unix", "fifo", or "pass") or "name.type"
 tuples, where "name" is the first field of a master.cf entry and
 "type" is a service type. Examples: to turn off the main SMTP
 listener port, use "master_service_disable = smtp.inet"; to turn
 off all TCP/IP listeners, use "master_service_disable = inet".
 Changing this parameter requires "postfix reload".
 Major changes - sasl
 --------------------
 [Feature 20090418] The Postfix SMTP server passes more information
 to the Dovecot authentication server: the "TLS is active" flag, the
 server IP address, and the client IP address.
 [Feature 20080629] The Postfix SMTP server's SASL authentication
 was re-structured.  With "smtpd_tls_auth_only = yes", SASL support
 is now activated only after a successful TLS handshake. Earlier
 Postfix SMTP server versions could complain about unavailable SASL
 mechanisms during the plaintext phase of the SMTP protocol.
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@@ -5,6 +5,9 @@ Wish list:
 	Need to sign delivery status notifications, to avoid surprises
 	when eventually people start enforcing DKIM etc. signatures.
 	Either document or remove the internal_mail_filter_classes
 	feature (it's disabled by default).
 	"postconf -N" option to print user-defined parameter names
 	(these have no defaults, since they exist only when 
 	specified in main.cf or with "-o name=value").
@@ -31,6 +34,9 @@ Wish list:
 	SMTP server: make the server_addr and server_port available
 	to policy server, Dovecot, and perhaps Milters.
 	Med: local and remote source port and IP address for smtpd
 	policy hook.
 	Maybe change maps_rbl_reject_code default to 521, and
 	update wording in STRESS_README.
@@ -149,13 +155,6 @@ Wish list:
 	Update FILTER_README with mailing list suggestions to tag
 	with a badness indicator and then filter down-stream.
 	Either document or remove the internal_mail_filter_classes
 	feature (it's disabled by default).
 	Build a command-line test driver for the cleanup engine.
 	This allows us to test it with arbitrary record sequences
 	without having to use a live mail queue.
 	Make null local-part handling configurable: either expand
 	into mailer-daemon (current bahavior) or disallow (strict
 	behavior, currently implemented only in the SMTP server).
@@ -213,10 +212,16 @@ Wish list:
 	features.
 	Eliminate the (incoming,deferred)->active rename operation.
 	This requires an in-memory hash of queue file names to avoid 
 	duplicate open() operations.
-	Softbounce fallback-to-ISP for SOHO users. This requires
+	Softbounce fallback-to-ISP for SOHO users. This heuristic
-	playing with the soft_error test in the smtp_trouble.c
+	assumes that when direct-to-MX delivery fails with 5XX,
-	module, and avoiding delivery to backup MX hosts.
+	delivery via the ISP may still succeed.  This could be
 	implemented by enabling soft bounces for destinations other
 	than the smtp_fallback_relay. So the only benefit of this
 	over the existing soft_bounce feature is that it has no
 	effect on smtp_fallback_relay deliveries.
 	Centralize main.cf parameter input so that defaults work
 	consistently. What about parameter names that are prefixed
@@ -247,13 +252,10 @@ Wish list:
 	server stat() the maildrop directory before searching it.
 	Low: replace_sender/replace_recipient actions in access
-	maps?
+	maps, so they can be used in policy servers?
 	Low: configurable order of local(8) delivery methods.
 	Med: local and remote source port and IP address for smtpd
 	policy hook.
 	Med: smtp_connect_timeout_budget (default: 3x smtp_connect_timeout)
 	to limit the total time spent trying to connect.
@@ -280,9 +282,6 @@ Wish list:
 	really try all the possibilities that one might expect to
 	be tried. For now, this gotcha is documented in access(5).
 	Med: the TLS certificate verification depth parameters never
 	worked.
 	Low: reject HELO with any domain name or IP address that
 	this MTA is the final destination for.
--- a/postfix/html/MILTER_README.html
+++ b/postfix/html/MILTER_README.html
@@ -204,10 +204,16 @@ an object library that implements the Sendmail 8 Milter protocol.
 Postfix currently does not provide such a library, but Sendmail
 does. </p>
-<p> On some Linux and *BSD distributions, the Sendmail libmilter
+<ul>
-library is installed by default. With this, applications such as
+
-<a href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a>
+<li> <p> The first option is to use a pre-compiled library. Some
-and <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
+systems install the Sendmail libmilter library by default.  With
 other systems, libmilter may be provided by a package (called
 "sendmail-devel" on some Linux systems).  </p>
 <p> Once libmilter is installed, applications such as <a
 href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a> and
 <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
 build out of the box without requiring any tinkering:</p>
 <blockquote>
@@ -219,17 +225,8 @@ $ <b>make</b>
 </pre>
 </blockquote>
-<p> On other platforms you have two options: </p>
+<li> <p> The other option is to build the libmilter library from
-
+Sendmail source code: </p>
 <ul>
 <li> <p>Install the Sendmail libmilter object library and include
 files.  On Linux systems, libmilter may be provided by the
 sendmail-devel package.  After installing libmilter, build the
 Milter applications as described in the preceding paragraph.  </p>
 <li> <p>Don't install the Sendmail libmilter library, but build the
 library from Sendmail source code instead: </p>
 <blockquote>
 <pre>
@@ -496,8 +493,8 @@ protocol stages
 <table border="1">
-<tr> <th> Parameter </th> <th> Time limit </th> <th> Protocol
+<tr> <th> Postfix parameter </th> <th> Time limit </th> <th> Milter
-stage</th> </tr>
+protocol stage</th> </tr>
 <tr> <td> <a href="postconf.5.html#milter_connect_timeout">milter_connect_timeout</a> </td> <td> 30s </td> <td> CONNECT
 </td> </tr>
@@ -523,7 +520,7 @@ filtering. </p>
 <p> Postfix emulates a limited number of Sendmail macros, as shown
 in the table. Some macro values depend on whether a recipient is
 rejected (rejected recipients are available on request by the Milter
-application). Different macros are available at different SMTP
+application). Different macros are available at different Milter
 protocol stages (EOH = end-of-header, EOM = end-of-message); their
 availability is not
 always the same as in Sendmail. See the <a
@@ -534,12 +531,13 @@ href="#workarounds">workarounds</a> section below for solutions.
 <table border="1">
-<tr> <th> Name </th> <th> Availability </th> <th> Description </th>
+<tr> <th> Sendmail macro </th> <th> Milter protocol stage </th>
-</tr>
+<th> Description </th> </tr>
-<tr> <td> i </td> <td> DATA, EOH, EOM </td> <td> Queue ID </td> </tr>
+<tr> <td> i </td> <td> DATA, EOH, EOM </td> <td> Queue ID, also
 Postfix queue file name </td> </tr>
-<tr> <td> j </td> <td> Always </td> <td> value of <a href="postconf.5.html#myhostname">myhostname</a> </td>
+<tr> <td> j </td> <td> Always </td> <td> Value of <a href="postconf.5.html#myhostname">myhostname</a> </td>
 </tr>
 <tr> <td> _ </td> <td> Always </td> <td> The validated client name
@@ -600,7 +598,7 @@ cipher </td> </tr>
 <tr> <td> {rcpt_host} </td> <td> RCPT (Postfix &ge; 2.6, only with
 <a href="postconf.5.html#smtpd_milters">smtpd_milters</a>) </td> <td> Recipient next-hop destination <br> With
-rejected recpient: enhanced status code </td> </tr>
+rejected recipient: enhanced status code </td> </tr>
 <tr> <td> {rcpt_mailer} </td> <td> RCPT (Postfix &ge; 2.6, only with
 <a href="postconf.5.html#smtpd_milters">smtpd_milters</a>) </td> <td> Recipient mail delivery transport <br>
@@ -616,23 +614,23 @@ With rejected recipient: "error" </td> </tr>
 </blockquote>
-<p> Postfix sends specific sets of macros at different SMTP protocol
+<p> Postfix sends specific sets of macros at different Milter protocol
 stages.  The sets are configured with the parameters as described
 in the table (EOH = end of headers; EOM = end of message). The
 protocol version is a number that Postfix sends at the beginning
 of the Milter protocol handshake. </p>
 <p> As of Sendmail 8.14.0, Milter applications can specify what
-macros they want to receive at different protocol stages. In that
+macros they want to receive at different Milter protocol stages.
-case, the application-specified list takes precedence over Postfix
+An application-specified list takes precedence over a Postfix-specified
-configuration. </p>
+list. </p>
 <blockquote>
 <table border="1">
-<tr> <th> Parameter name </th> <th> Protocol version </th> <th>
+<tr> <th> Postfix parameter </th> <th> Milter protocol version </th>
-Protocol stage </th> </tr>
+<th> Milter protocol stage </th> </tr>
 <tr> <td> <a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> </td> <td> 2 or higher </td> <td>
 CONNECT </td> </tr>
@@ -664,19 +662,26 @@ TO </td> </tr>
 <h2><a name="workarounds">Workarounds</a></h2>
-<p> Content filters may break DKIM etc. signatures. If you
+<ul>
-use an SMTP-based content filter, then you should add a line to
+
-<a href="master.5.html">master.cf</a> with "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes" (note: no
+<li> <p> To avoid breaking DKIM etc. signatures with an SMTP-based
-spaces around the "="), as described in the <a
+content filter, update the before-filter SMTP client in <a href="master.5.html">master.cf</a>,
 and add a line with "-o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes" (note:
 no spaces around the "="). For details, see the <a
 href="FILTER_README.html#advanced_filter">advanced content filter</a>
 example. </p>
-<p> Sendmail Milter applications were originally developed for the
+<pre>
-Sendmail version 8 MTA, which has a different architecture than
+/etc/postfix/<a href="master.5.html">master.cf</a>:
-Postfix.  The result is that some Milter applications make assumptions
+    # =============================================================
-that aren't true in a Postfix environment. </p>
+    # service type  private unpriv  chroot  wakeup  maxproc command
-
+    #               (yes)   (yes)   (yes)   (never) (100)
-<ul>
+    # =============================================================
    scan      unix  -       -       n       -       10      smtp
        -o <a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a>=yes
        -o <a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a>=yes
        -o <a href="postconf.5.html#smtp_generic_maps">smtp_generic_maps</a>=
 </pre>
 <li> <p> Some Milter applications use the "<tt>{if_addr}</tt>" macro
 to recognize local mail; this macro does not exist in Postfix.
@@ -699,16 +704,11 @@ X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com &lt;unknown-msgid&
 </pre>
 </blockquote>
-<p> This happens because those Milter applications expect that the
+<p> The problem is that Milter applications expect that the queue
-queue ID is known <i>before</i> the MTA accepts the MAIL FROM
+ID is known <i>before</i> the MTA accepts the MAIL FROM (sender)
-(sender) command.  Postfix, on the other hand, does not choose a
+command.  Postfix does not choose a queue ID, which is used as the
-queue file name until <i>after</i> it accepts the first valid RCPT
+queue file name, until <i>after</i> it accepts the first valid RCPT
-TO (recipient) command (Postfix queue file names must be unique
+TO (recipient) command. </p>
 across multiple directories, so the name can't be chosen before the
 file is created; if multiple messages were to use the same queue
 ID <i>simultaneously</i>, mail would be lost).  </p>
 </ul>
 <p> If you experience the ugly header problem, see if a recent
 version of the Milter application fixes it. For example, current
@@ -717,8 +717,9 @@ up the Postfix queue ID at a later protocol stage, and sid-filter
 version 1.0.0 no longer includes the queue ID in the message header.
 </p>
-<p> To fix the ugly message header with other Milter applications,
+<p> To fix the ugly message header, you will need to add code that
-you will need to do something like this: </p>
+looks up the Postfix queue ID at some later point im time. The
 example below adds the lookup after the end-of-message.  </p>
 <ul>
@@ -741,8 +742,6 @@ if (dfc->mctx_jobid == 0 || strcmp(dfc->mctx_jobid, JOBIDUNKNOWN) == 0) {
        if (jobid != 0)
                dfc->mctx_jobid = jobid;
 }</b>
 /* get hostname; used in the X header and in new MIME boundaries */
 </pre>
 </blockquote>
@@ -751,11 +750,15 @@ if (dfc->mctx_jobid == 0 || strcmp(dfc->mctx_jobid, JOBIDUNKNOWN) == 0) {
 <ul>
 <li> <p> Different mail filters use slightly different names for
-variables. If the above code does not compile, look for the code
+variables. If the above code does not compile, look elsewhere in
-at the start of the <tt>mlfi_eoh()</tt> routine. </p>
+the mail filter source file for code that looks up the "i" macro
 value, and copy that code.  </p>
-<li> <p> This fixes only the ugly message header, but not the WARNING
+<li> <p> This change fixes only the ugly message header, but not
-message.  Fortunately, many Milters log that message only once. </p>
+the WARNING message.  Fortunately, many Milters log that message
 only once. </p>
 </ul>
 </ul>
@@ -778,7 +781,7 @@ different Postfix versions implement different feature sets. </p>
 </tr>
 <tr> <td align="center"> 2.6 </td> <td> All Milter requests of
-Sendmail 8.14.0.  </td> </tr>
+Sendmail 8.14.0 (see notes below).  </td> </tr>
 <tr> <td align="center"> 2.5 </td> <td> All Milter requests of
 Sendmail 8.14.0, except: <br> SMFIP_RCPT_REJ (report rejected
@@ -791,14 +794,13 @@ Sendmail 8.13.0.  </td> </tr>
 <tr> <td align="center"> 2.3 </td> <td> All Milter requests of
 Sendmail 8.13.0, except: <br> SMFIR_REPLBODY (replace message body).
 </p>
 </table>
 <li> <p> For Milter applications that are written in C, you need
 to use the Sendmail libmilter library. </p>
-<li> <p> There are TWO sets of mail filters: filters that are used
+<li> <p> Postfix has TWO sets of mail filters: filters that are used
 for SMTP mail only (specified with the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> parameter),
 and filters for non-SMTP mail (specified with the <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>
 parameter).  The non-SMTP filters are primarily for local submissions.
@@ -825,8 +827,8 @@ or to the envelope. </p>
 <li> <p> Postfix 2.6 ignores the optional ESMTP parameters in
 requests to replace the sender (SMFIR_CHGFROM) or to append a
-recipient (SMFIR_ADDRCPT_PAR). When a Milter application supplies
+recipient (SMFIR_ADDRCPT_PAR). Postfix logs a warning message when
-such ESMTP parameters, Postfix will log a warning: </p>
+a Milter application supplies such ESMTP parameters: </p>
 <pre>
 warning: <i>queue-id</i>: cleanup_chg_from: ignoring ESMTP arguments "<i>whatever</i>"
@@ -834,8 +836,8 @@ warning: <i>queue-id</i>: cleanup_add_rcpt: ignoring ESMTP arguments "<i>whateve
 </pre>
 <li> <p> Postfix 2.3 does not implement requests to replace the
-message body. Milter applications that need this unsupported operation
+message body. Milter applications log a warning message when they
-will log a warning:
+need this unsupported operation: </p>
 <pre>
 st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
--- a/postfix/html/STRESS_README.html
+++ b/postfix/html/STRESS_README.html
@@ -512,7 +512,7 @@ services that accept remote connections. </p>
 </pre>
 </blockquote>
-<h2><a name="other"> Other measures to off-load zombies </h2>
+<h2><a name="other"> Other measures to off-load zombies </a> </h2>
 <p> OpenBSD <a href="http://www.openbsd.org/spamd/">spamd</a>
 implements a daemon that handles all connections from "new" clients.
--- a/postfix/html/postfix-logo.jpg
+++ b/postfix/html/postfix-logo.jpg
--- a/postfix/proto/MILTER_README.html
+++ b/postfix/proto/MILTER_README.html
@@ -204,10 +204,16 @@ an object library that implements the Sendmail 8 Milter protocol.
 Postfix currently does not provide such a library, but Sendmail
 does. </p>
-<p> On some Linux and *BSD distributions, the Sendmail libmilter
+<ul>
-library is installed by default. With this, applications such as
+
-<a href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a>
+<li> <p> The first option is to use a pre-compiled library. Some
-and <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
+systems install the Sendmail libmilter library by default.  With
 other systems, libmilter may be provided by a package (called
 "sendmail-devel" on some Linux systems).  </p>
 <p> Once libmilter is installed, applications such as <a
 href="http://sourceforge.net/projects/dkim-milter/">dkim-milter</a> and
 <a href="http://sourceforge.net/projects/sid-milter/">sid-milter</a>
 build out of the box without requiring any tinkering:</p>
 <blockquote>
@@ -219,17 +225,8 @@ $ <b>make</b>
 </pre>
 </blockquote>
-<p> On other platforms you have two options: </p>
+<li> <p> The other option is to build the libmilter library from
-
+Sendmail source code: </p>
 <ul>
 <li> <p>Install the Sendmail libmilter object library and include
 files.  On Linux systems, libmilter may be provided by the
 sendmail-devel package.  After installing libmilter, build the
 Milter applications as described in the preceding paragraph.  </p>
 <li> <p>Don't install the Sendmail libmilter library, but build the
 library from Sendmail source code instead: </p>
 <blockquote>
 <pre>
@@ -496,8 +493,8 @@ protocol stages
 <table border="1">
-<tr> <th> Parameter </th> <th> Time limit </th> <th> Protocol
+<tr> <th> Postfix parameter </th> <th> Time limit </th> <th> Milter
-stage</th> </tr>
+protocol stage</th> </tr>
 <tr> <td> milter_connect_timeout </td> <td> 30s </td> <td> CONNECT
 </td> </tr>
@@ -523,7 +520,7 @@ filtering. </p>
 <p> Postfix emulates a limited number of Sendmail macros, as shown
 in the table. Some macro values depend on whether a recipient is
 rejected (rejected recipients are available on request by the Milter
-application). Different macros are available at different SMTP
+application). Different macros are available at different Milter
 protocol stages (EOH = end-of-header, EOM = end-of-message); their
 availability is not
 always the same as in Sendmail. See the <a
@@ -534,12 +531,13 @@ href="#workarounds">workarounds</a> section below for solutions.
 <table border="1">
-<tr> <th> Name </th> <th> Availability </th> <th> Description </th>
+<tr> <th> Sendmail macro </th> <th> Milter protocol stage </th>
-</tr>
+<th> Description </th> </tr>
-<tr> <td> i </td> <td> DATA, EOH, EOM </td> <td> Queue ID </td> </tr>
+<tr> <td> i </td> <td> DATA, EOH, EOM </td> <td> Queue ID, also
 Postfix queue file name </td> </tr>
-<tr> <td> j </td> <td> Always </td> <td> value of myhostname </td>
+<tr> <td> j </td> <td> Always </td> <td> Value of myhostname </td>
 </tr>
 <tr> <td> _ </td> <td> Always </td> <td> The validated client name
@@ -600,7 +598,7 @@ smtpd_milters) </td> <td> Sender mail delivery transport </td> </tr>
 <tr> <td> {rcpt_host} </td> <td> RCPT (Postfix &ge; 2.6, only with
 smtpd_milters) </td> <td> Recipient next-hop destination <br> With
-rejected recpient: enhanced status code </td> </tr>
+rejected recipient: enhanced status code </td> </tr>
 <tr> <td> {rcpt_mailer} </td> <td> RCPT (Postfix &ge; 2.6, only with
 smtpd_milters) </td> <td> Recipient mail delivery transport <br>
@@ -616,23 +614,23 @@ With rejected recipient: "error" </td> </tr>
 </blockquote>
-<p> Postfix sends specific sets of macros at different SMTP protocol
+<p> Postfix sends specific sets of macros at different Milter protocol
 stages.  The sets are configured with the parameters as described
 in the table (EOH = end of headers; EOM = end of message). The
 protocol version is a number that Postfix sends at the beginning
 of the Milter protocol handshake. </p>
 <p> As of Sendmail 8.14.0, Milter applications can specify what
-macros they want to receive at different protocol stages. In that
+macros they want to receive at different Milter protocol stages.
-case, the application-specified list takes precedence over Postfix
+An application-specified list takes precedence over a Postfix-specified
-configuration. </p>
+list. </p>
 <blockquote>
 <table border="1">
-<tr> <th> Parameter name </th> <th> Protocol version </th> <th>
+<tr> <th> Postfix parameter </th> <th> Milter protocol version </th>
-Protocol stage </th> </tr>
+<th> Milter protocol stage </th> </tr>
 <tr> <td> milter_connect_macros </td> <td> 2 or higher </td> <td>
 CONNECT </td> </tr>
@@ -664,19 +662,26 @@ TO </td> </tr>
 <h2><a name="workarounds">Workarounds</a></h2>
-<p> Content filters may break DKIM etc. signatures. If you
+<ul>
-use an SMTP-based content filter, then you should add a line to
+
-master.cf with "-o disable_mime_output_conversion=yes" (note: no
+<li> <p> To avoid breaking DKIM etc. signatures with an SMTP-based
-spaces around the "="), as described in the <a
+content filter, update the before-filter SMTP client in master.cf,
 and add a line with "-o disable_mime_output_conversion=yes" (note:
 no spaces around the "="). For details, see the <a
 href="FILTER_README.html#advanced_filter">advanced content filter</a>
 example. </p>
-<p> Sendmail Milter applications were originally developed for the
+<pre>
-Sendmail version 8 MTA, which has a different architecture than
+/etc/postfix/master.cf:
-Postfix.  The result is that some Milter applications make assumptions
+    # =============================================================
-that aren't true in a Postfix environment. </p>
+    # service type  private unpriv  chroot  wakeup  maxproc command
-
+    #               (yes)   (yes)   (yes)   (never) (100)
-<ul>
+    # =============================================================
    scan      unix  -       -       n       -       10      smtp
        -o smtp_send_xforward_command=yes
        -o disable_mime_output_conversion=yes
        -o smtp_generic_maps=
 </pre>
 <li> <p> Some Milter applications use the "<tt>{if_addr}</tt>" macro
 to recognize local mail; this macro does not exist in Postfix.
@@ -699,16 +704,11 @@ X-SenderID: Sendmail Sender-ID Filter vx.y.z host.example.com &lt;unknown-msgid&
 </pre>
 </blockquote>
-<p> This happens because those Milter applications expect that the
+<p> The problem is that Milter applications expect that the queue
-queue ID is known <i>before</i> the MTA accepts the MAIL FROM
+ID is known <i>before</i> the MTA accepts the MAIL FROM (sender)
-(sender) command.  Postfix, on the other hand, does not choose a
+command.  Postfix does not choose a queue ID, which is used as the
-queue file name until <i>after</i> it accepts the first valid RCPT
+queue file name, until <i>after</i> it accepts the first valid RCPT
-TO (recipient) command (Postfix queue file names must be unique
+TO (recipient) command. </p>
 across multiple directories, so the name can't be chosen before the
 file is created; if multiple messages were to use the same queue
 ID <i>simultaneously</i>, mail would be lost).  </p>
 </ul>
 <p> If you experience the ugly header problem, see if a recent
 version of the Milter application fixes it. For example, current
@@ -717,8 +717,9 @@ up the Postfix queue ID at a later protocol stage, and sid-filter
 version 1.0.0 no longer includes the queue ID in the message header.
 </p>
-<p> To fix the ugly message header with other Milter applications,
+<p> To fix the ugly message header, you will need to add code that
-you will need to do something like this: </p>
+looks up the Postfix queue ID at some later point im time. The
 example below adds the lookup after the end-of-message.  </p>
 <ul>
@@ -741,8 +742,6 @@ if (dfc->mctx_jobid == 0 || strcmp(dfc->mctx_jobid, JOBIDUNKNOWN) == 0) {
        if (jobid != 0)
                dfc->mctx_jobid = jobid;
 }</b>
 /* get hostname; used in the X header and in new MIME boundaries */
 </pre>
 </blockquote>
@@ -751,11 +750,15 @@ if (dfc->mctx_jobid == 0 || strcmp(dfc->mctx_jobid, JOBIDUNKNOWN) == 0) {
 <ul>
 <li> <p> Different mail filters use slightly different names for
-variables. If the above code does not compile, look for the code
+variables. If the above code does not compile, look elsewhere in
-at the start of the <tt>mlfi_eoh()</tt> routine. </p>
+the mail filter source file for code that looks up the "i" macro
 value, and copy that code.  </p>
-<li> <p> This fixes only the ugly message header, but not the WARNING
+<li> <p> This change fixes only the ugly message header, but not
-message.  Fortunately, many Milters log that message only once. </p>
+the WARNING message.  Fortunately, many Milters log that message
 only once. </p>
 </ul>
 </ul>
@@ -778,7 +781,7 @@ different Postfix versions implement different feature sets. </p>
 </tr>
 <tr> <td align="center"> 2.6 </td> <td> All Milter requests of
-Sendmail 8.14.0.  </td> </tr>
+Sendmail 8.14.0 (see notes below).  </td> </tr>
 <tr> <td align="center"> 2.5 </td> <td> All Milter requests of
 Sendmail 8.14.0, except: <br> SMFIP_RCPT_REJ (report rejected
@@ -791,14 +794,13 @@ Sendmail 8.13.0.  </td> </tr>
 <tr> <td align="center"> 2.3 </td> <td> All Milter requests of
 Sendmail 8.13.0, except: <br> SMFIR_REPLBODY (replace message body).
 </p>
 </table>
 <li> <p> For Milter applications that are written in C, you need
 to use the Sendmail libmilter library. </p>
-<li> <p> There are TWO sets of mail filters: filters that are used
+<li> <p> Postfix has TWO sets of mail filters: filters that are used
 for SMTP mail only (specified with the smtpd_milters parameter),
 and filters for non-SMTP mail (specified with the non_smtpd_milters
 parameter).  The non-SMTP filters are primarily for local submissions.
@@ -825,8 +827,8 @@ or to the envelope. </p>
 <li> <p> Postfix 2.6 ignores the optional ESMTP parameters in
 requests to replace the sender (SMFIR_CHGFROM) or to append a
-recipient (SMFIR_ADDRCPT_PAR). When a Milter application supplies
+recipient (SMFIR_ADDRCPT_PAR). Postfix logs a warning message when
-such ESMTP parameters, Postfix will log a warning: </p>
+a Milter application supplies such ESMTP parameters: </p>
 <pre>
 warning: <i>queue-id</i>: cleanup_chg_from: ignoring ESMTP arguments "<i>whatever</i>"
@@ -834,8 +836,8 @@ warning: <i>queue-id</i>: cleanup_add_rcpt: ignoring ESMTP arguments "<i>whateve
 </pre>
 <li> <p> Postfix 2.3 does not implement requests to replace the
-message body. Milter applications that need this unsupported operation
+message body. Milter applications log a warning message when they
-will log a warning:
+need this unsupported operation: </p>
 <pre>
 st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
--- a/postfix/proto/STRESS_README.html
+++ b/postfix/proto/STRESS_README.html
@@ -512,7 +512,7 @@ services that accept remote connections. </p>
 </pre>
 </blockquote>
-<h2><a name="other"> Other measures to off-load zombies </h2>
+<h2><a name="other"> Other measures to off-load zombies </a> </h2>
 <p> OpenBSD <a href="http://www.openbsd.org/spamd/">spamd</a>
 implements a daemon that handles all connections from "new" clients.
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20090510"
+#define MAIL_RELEASE_DATE	"20090511"
 #define MAIL_VERSION_NUMBER	"2.7"
 #ifdef SNAPSHOT
--- a/postfix/src/master/multi_server.c
+++ b/postfix/src/master/multi_server.c
@@ -511,6 +511,7 @@ NORETURN multi_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
    int     alone = 0;
    int     zerolimit = 0;
    WATCHDOG *watchdog;
    char   *oname;
    char   *oval;
    char   *generation;
    int     msg_vstream_needed = 0;
@@ -591,10 +592,11 @@ NORETURN multi_server_main(int argc, char **argv, MULTI_SERVER_FN service,...)
 	    break;
 	case 'o':
 	    /* XXX Use split_nameval() */
-	    if ((oval = split_at(optarg, '=')) == 0)
+	    oname = mystrdup(optarg);
 	    if ((oval = split_at(oname, '=')) == 0)
 		oval = "";
-	    mail_conf_update(optarg, oval);
+	    mail_conf_update(oname, oval);
-	    if (strcmp(optarg, VAR_SYSLOG_NAME) == 0)
+	    if (strcmp(oname, VAR_SYSLOG_NAME) == 0)
 		redo_syslog_init = 1;
 	    break;
 	case 's':
--- a/postfix/src/master/single_server.c
+++ b/postfix/src/master/single_server.c
@@ -402,6 +402,7 @@ NORETURN single_server_main(int argc, char **argv, SINGLE_SERVER_FN service,...)
    int     alone = 0;
    int     zerolimit = 0;
    WATCHDOG *watchdog;
    char   *oname;
    char   *oval;
    char   *generation;
    int     msg_vstream_needed = 0;
@@ -482,10 +483,11 @@ NORETURN single_server_main(int argc, char **argv, SINGLE_SERVER_FN service,...)
 	    break;
 	case 'o':
 	    /* XXX Use split_nameval() */
-	    if ((oval = split_at(optarg, '=')) == 0)
+	    oname = mystrdup(optarg);
 	    if ((oval = split_at(oname, '=')) == 0)
 		oval = "";
-	    mail_conf_update(optarg, oval);
+	    mail_conf_update(oname, oval);
-	    if (strcmp(optarg, VAR_SYSLOG_NAME) == 0)
+	    if (strcmp(oname, VAR_SYSLOG_NAME) == 0)
 		redo_syslog_init = 1;
 	    break;
 	case 's':
--- a/postfix/src/master/trigger_server.c
+++ b/postfix/src/master/trigger_server.c
@@ -413,6 +413,7 @@ NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,..
    int     alone = 0;
    int     zerolimit = 0;
    WATCHDOG *watchdog;
    char   *oname;
    char   *oval;
    char   *generation;
    int     msg_vstream_needed = 0;
@@ -493,10 +494,11 @@ NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,..
 	    break;
 	case 'o':
 	    /* XXX Use split_nameval() */
-	    if ((oval = split_at(optarg, '=')) == 0)
+	    oname = mystrdup(optarg);
 	    if ((oval = split_at(oname, '=')) == 0)
 		oval = "";
-	    mail_conf_update(optarg, oval);
+	    mail_conf_update(oname, oval);
-	    if (strcmp(optarg, VAR_SYSLOG_NAME) == 0)
+	    if (strcmp(oname, VAR_SYSLOG_NAME) == 0)
 		redo_syslog_init = 1;
 	    break;
 	case 's':