postfix-3.10-20241111

2025-08-22 18:07:41 +00:00 · 2024-11-11 00:00:00 -05:00 · 2024-11-11 00:00:00 -05:00 · ed72c23b26
commit ed72c23b26
parent 33701748e1
13 changed files with 85 additions and 34 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -28446,7 +28446,7 @@ Apologies for any names omitted.
 	connection target (the PostgreSQL URI parser decides what
 	is allowed). The dbname setting is now optional if the hosts
 	setting specifies only URIs. Files: util/valid_uri_scheme.[hc],
-	proto/pgsql_table.
+	proto/pgsql_table, global/dict_pgsql.c.
 202141026
@ -28467,3 +28467,33 @@ Apologies for any names omitted.
 	of sessions per SMTP server process (max_use), and on the
 	number file handles per process (managed with sysctl).
 	File: xsasl/xsasl_dovecot_server.c.
 20241031
 	Logging: the Dovecot SASL client logging for "Invalid
 	authentication mechanism" now includes the name of that
 	mechanism. File: xsasl/xsasl_dovecot_server.c
 20241104
 	Logging: when a message transaction is canceled (i.e.
 	started but not completed), the cleanup server now logs
 	"queueid: canceled". This provides a clear signal to logfile
 	collation tools. File: cleanup/cleanup_api.c.
 20241028
 	Documentation: TLSRPT_README, section "Delivering TLSRPT
 	summaries via email". File: proto/TLSRPT_README.html.
 20241107
 	Documentation: tweaked text for smtpd_delay_open_until_valid_rcpt.
 	File: proto/postconf.proto.
 20241111
 	Bugfix (defect introduced: Postfix 3.10, date 20241025):
 	dict_pgsql_open() returned NULL when "hosts" specified a
 	non-URI target and "dbname" was not set. Instead, it should
 	return a surrogate dictionary. File: global/dict_pgsql.c.
--- a/postfix/README_FILES/TLSRPT_README
+++ b/postfix/README_FILES/TLSRPT_README
@ -181,15 +181,16 @@ request that TLS enforcement will be disabled when submitting an email message.
 Options:
-  * Do nothing. When TLS security enforcement is required, a persistent
+  * Do nothing. When TLS security enforcement is required but fails, a TLSRPT
-    enforcement failure will delay the delivery of a TLSRPT summary until the
+    summary message will be delayed until the problem is addressed, or until
-    problem is addressed, or until the message expires in the mail queue. Keep
+    the message expires in the mail queue. Keep in mind that TLSRPT is not a
-    in mind that TLSRPT is not a real-time monitoring service; it takes on
+    real-time monitoring service; it takes on average 12 hours before a failure
-    average 12 hours before a failure is reported through TLSRPT.
+    is reported through TLSRPT.
-  * Exclude the sender of TLSRPT summaries from TLS enforcement. Implement the
+  * Exclude the sender of TLSRPT summaries from TLS security enforcement.
-    configuration below on outbound MTA instances (replace noreply-smtp-tls-
+    Implement the configuration below on outbound MTA instances (replace
-    reporting@example.com with your actual report generator's sender address):
+    noreply-smtp-tls-reporting@example.com with your actual report generator's
    sender address):
    /etc/postfix/main.cf:
        # Limitation: this setting is overruled with transport_maps.
@ -199,7 +200,7 @@ Options:
    /etc/postfix/master.cf:
        # service name    type    private unpriv  chroot  wakeup  maxproc
    command
-        allow-plaintext   unix    -       -       n       -       -       smtp
+        allow-plaintext   unix    -       -       -       -       -       smtp
            -o { smtp_tls_security_level = may }
            -o { smtp_tls_policy_maps = static:may }
--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@ -26,6 +26,12 @@ now also distributed with the more recent Eclipse Public License
 license of their choice. Those who are more comfortable with the
 IPL can continue with that license.
 [Feature 20241104]
 The cleanup server now logs "queueid: canceled" when a message
 transaction is started but not completed. This provides a clear
 signal to logfile collation tools.
 [Feature 20240926]
 Support for the TLSRPT protocol (defined in RFC 8460). With this,
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@ -8,16 +8,25 @@ Wish list:
 	Add a mail_version chek to each pluggable database client.
-	Add an option for a built-in JSON generator. This would
+	relay_recipient_maps empty should default to 'no valid
-	simplify TLSRPT adoption by eliminating a build-time and
+	recipients'. Subject to compatibility level.
-	run-time dependency on the libtlsrpt client library. Prior
+
-	art: this approach was previously used to implement Postfix
+	Make a reason available for messages placed on 'hold'.
-	Milter support.
+
 	relay_recipient_maps empty should default to 'no valid
 	recipients'. Subject to compatibility level.
 	Add an option for a TLSRPT built-in JSON generator. This
 	would simplify TLSRPT adoption by eliminating a build-time
 	and run-time dependency on the libtlsrpt client library.
 	Prior art: this approach was previously used to implement
 	Postfix Milter support.
 	Make TLSRPT support pluggable (postfix-tlsrpt.so, like
 	postfix-ldap.so, postfix-mysql.so and so on). This avods a
 	hard install-time dependency on sys4 libtlsrpt. The sys4
-	code would still be a build-time dependency.
+	code would still be a required build-time dependency, but
 	it would become an optional install-time dependency.
 	Add smtp_tlsrpt_allow_list feature (default: static:all) to limit
 	the domains for which Postfix generates TLSRPT daily summaries.
--- a/postfix/html/TLSRPT_README.html
+++ b/postfix/html/TLSRPT_README.html
@ -276,14 +276,15 @@ when submitting an email message. </p>
 <ul>
-<li> <p> Do nothing. When TLS security enforcement is required, a
+<li> <p> Do nothing. When TLS security enforcement is required but
-persistent enforcement failure will delay the delivery of a TLSRPT
+fails, a TLSRPT summary message will be delayed
-summary until the problem is addressed, or until the message expires
+until the problem is addressed, or until the message expires
 in the mail queue. Keep in mind that TLSRPT is not a real-time
 monitoring service; it takes on average 12 hours before a failure
 is reported through TLSRPT. </p>
-<li> <p> Exclude the sender of TLSRPT summaries from TLS enforcement.
+<li> <p> Exclude the sender of TLSRPT summaries from TLS security
 enforcement.
 Implement the configuration below on outbound MTA instances (replace
 noreply-smtp-tls-reporting@example.com with your actual report
 generator's sender address): </p>
@ -296,7 +297,7 @@ generator's sender address): </p>
 &nbsp
 /etc/postfix/<a href="master.5.html">master.cf</a>:
    # service name    type    private unpriv  chroot  wakeup  maxproc command
-    allow-plaintext   unix    -       -       n       -       -       smtp
+    allow-plaintext   unix    -       -       -       -       -       smtp
        -o { <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may }
        -o { <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = <a href="DATABASE_README.html#types">static</a>:may }
 </pre>
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@ -15871,7 +15871,7 @@ command. </p>
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi-recipient mail.
+ID (also known as a queue ID).
 </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@ -10670,7 +10670,7 @@ With sites that reject lots of mail, the default setting reduces
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi\-recipient mail.
+ID (also known as a queue ID).
 .PP
 This feature is available in Postfix 2.3 and later.
 .SH smtpd_delay_reject (default: yes)
--- a/postfix/proto/TLSRPT_README.html
+++ b/postfix/proto/TLSRPT_README.html
@ -276,14 +276,15 @@ when submitting an email message. </p>
 <ul>
-<li> <p> Do nothing. When TLS security enforcement is required, a
+<li> <p> Do nothing. When TLS security enforcement is required but
-persistent enforcement failure will delay the delivery of a TLSRPT
+fails, a TLSRPT summary message will be delayed
-summary until the problem is addressed, or until the message expires
+until the problem is addressed, or until the message expires
 in the mail queue. Keep in mind that TLSRPT is not a real-time
 monitoring service; it takes on average 12 hours before a failure
 is reported through TLSRPT. </p>
-<li> <p> Exclude the sender of TLSRPT summaries from TLS enforcement.
+<li> <p> Exclude the sender of TLSRPT summaries from TLS security
 enforcement.
 Implement the configuration below on outbound MTA instances (replace
 noreply-smtp-tls-reporting@example.com with your actual report
 generator's sender address): </p>
@ -296,7 +297,7 @@ generator's sender address): </p>
 &nbsp
 /etc/postfix/master.cf:
    # service name    type    private unpriv  chroot  wakeup  maxproc command
-    allow-plaintext   unix    -       -       n       -       -       smtp
+    allow-plaintext   unix    -       -       -       -       -       smtp
        -o { smtp_tls_security_level = may }
        -o { smtp_tls_policy_maps = static:may }
 </pre>
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@ -11476,7 +11476,7 @@ command. </p>
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi-recipient mail.
+ID (also known as a queue ID).
 </p>
 <p> This feature is available in Postfix 2.3 and later. </p>
--- a/postfix/src/cleanup/cleanup_api.c
+++ b/postfix/src/cleanup/cleanup_api.c
@ -354,6 +354,7 @@ int     cleanup_flush(CLEANUP_STATE *state)
 	    (void) REMOVE(vstring_str(cleanup_trace_path));
 	if (REMOVE(cleanup_path))
 	    msg_warn("remove %s: %m", cleanup_path);
 	msg_info("%s: canceled", state->queue_id);
    }
    /*
--- a/postfix/src/global/dict_pgsql.c
+++ b/postfix/src/global/dict_pgsql.c
@ -733,10 +733,10 @@ DICT   *dict_pgsql_open(const char *name, int open_flags, int dict_flags)
    if (dict_pgsql->pldb->non_uri_target && dict_pgsql->dbname[0] == 0) {
 	DICT   *ret;
-	ret == (dict_surrogate(DICT_TYPE_PGSQL, name, open_flags, dict_flags,
+	ret = dict_surrogate(DICT_TYPE_PGSQL, name, open_flags, dict_flags,
 			   "%s:%s host target '%s' requires dbname setting",
-			       DICT_TYPE_PGSQL, name,
+			     DICT_TYPE_PGSQL, name,
-			       dict_pgsql->pldb->non_uri_target));
+			     dict_pgsql->pldb->non_uri_target);
 	dict_pgsql_close(&dict_pgsql->dict);
 	return (ret);
    }
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20241027"
+#define MAIL_RELEASE_DATE	"20241111"
 #define MAIL_VERSION_NUMBER	"3.10"
 #ifdef SNAPSHOT
--- a/postfix/src/xsasl/xsasl_dovecot_server.c
+++ b/postfix/src/xsasl/xsasl_dovecot_server.c
@ -660,7 +660,9 @@ int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,
    for (cpp = server->mechanism_argv->argv; /* see below */ ; cpp++) {
 	if (*cpp == 0) {
-	    vstring_strcpy(reply, "Invalid authentication mechanism");
+	    vstring_sprintf(reply, "Invalid authentication mechanism: '%s'",
 			    sasl_method);
 	    printable(vstring_str(reply), '?');
 	    return XSASL_AUTH_FAIL;
 	}
 	if (strcasecmp(sasl_method, *cpp) == 0)