postfix-3.10-20241111

2025-08-22 09:57:34 +00:00 · 2024-11-11 00:00:00 -05:00 · 2024-11-11 00:00:00 -05:00 · ed72c23b26
commit ed72c23b26
parent 33701748e1
13 changed files with 85 additions and 34 deletions
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@ -28446,7 +28446,7 @@ Apologies for any names omitted.
 	connection target (the PostgreSQL URI parser decides what
 	is allowed). The dbname setting is now optional if the hosts
 	setting specifies only URIs. Files: util/valid_uri_scheme.[hc],
-	proto/pgsql_table.
+	proto/pgsql_table, global/dict_pgsql.c.

 202141026

@ -28467,3 +28467,33 @@ Apologies for any names omitted.
 	of sessions per SMTP server process (max_use), and on the
 	number file handles per process (managed with sysctl).
 	File: xsasl/xsasl_dovecot_server.c.
+
+20241031
+
+	Logging: the Dovecot SASL client logging for "Invalid
+	authentication mechanism" now includes the name of that
+	mechanism. File: xsasl/xsasl_dovecot_server.c
+
+20241104
+
+	Logging: when a message transaction is canceled (i.e.
+	started but not completed), the cleanup server now logs
+	"queueid: canceled". This provides a clear signal to logfile
+	collation tools. File: cleanup/cleanup_api.c.
+
+20241028
+
+	Documentation: TLSRPT_README, section "Delivering TLSRPT
+	summaries via email". File: proto/TLSRPT_README.html.
+
+20241107
+
+	Documentation: tweaked text for smtpd_delay_open_until_valid_rcpt.
+	File: proto/postconf.proto.
+
+20241111
+
+	Bugfix (defect introduced: Postfix 3.10, date 20241025):
+	dict_pgsql_open() returned NULL when "hosts" specified a
+	non-URI target and "dbname" was not set. Instead, it should
+	return a surrogate dictionary. File: global/dict_pgsql.c.
--- a/postfix/README_FILES/TLSRPT_README
+++ b/postfix/README_FILES/TLSRPT_README
@ -181,15 +181,16 @@ request that TLS enforcement will be disabled when submitting an email message.

 Options:

-  * Do nothing. When TLS security enforcement is required, a persistent
-    enforcement failure will delay the delivery of a TLSRPT summary until the
-    problem is addressed, or until the message expires in the mail queue. Keep
-    in mind that TLSRPT is not a real-time monitoring service; it takes on
-    average 12 hours before a failure is reported through TLSRPT.
+  * Do nothing. When TLS security enforcement is required but fails, a TLSRPT
+    summary message will be delayed until the problem is addressed, or until
+    the message expires in the mail queue. Keep in mind that TLSRPT is not a
+    real-time monitoring service; it takes on average 12 hours before a failure
+    is reported through TLSRPT.

-  * Exclude the sender of TLSRPT summaries from TLS enforcement. Implement the
-    configuration below on outbound MTA instances (replace noreply-smtp-tls-
-    reporting@example.com with your actual report generator's sender address):
+  * Exclude the sender of TLSRPT summaries from TLS security enforcement.
+    Implement the configuration below on outbound MTA instances (replace
+    noreply-smtp-tls-reporting@example.com with your actual report generator's
+    sender address):

    /etc/postfix/main.cf:
        # Limitation: this setting is overruled with transport_maps.
@ -199,7 +200,7 @@ Options:
    /etc/postfix/master.cf:
        # service name    type    private unpriv  chroot  wakeup  maxproc
    command
-        allow-plaintext   unix    -       -       n       -       -       smtp
+        allow-plaintext   unix    -       -       -       -       -       smtp
            -o { smtp_tls_security_level = may }
            -o { smtp_tls_policy_maps = static:may }

--- a/postfix/RELEASE_NOTES
+++ b/postfix/RELEASE_NOTES
@ -26,6 +26,12 @@ now also distributed with the more recent Eclipse Public License
 license of their choice. Those who are more comfortable with the
 IPL can continue with that license.

+[Feature 20241104]
+
+The cleanup server now logs "queueid: canceled" when a message
+transaction is started but not completed. This provides a clear
+signal to logfile collation tools.
+
 [Feature 20240926]

 Support for the TLSRPT protocol (defined in RFC 8460). With this,
--- a/postfix/WISHLIST
+++ b/postfix/WISHLIST
@ -8,16 +8,25 @@ Wish list:

 	Add a mail_version chek to each pluggable database client.

-	Add an option for a built-in JSON generator. This would
-	simplify TLSRPT adoption by eliminating a build-time and
-	run-time dependency on the libtlsrpt client library. Prior
-	art: this approach was previously used to implement Postfix
-	Milter support.
+	relay_recipient_maps empty should default to 'no valid
+	recipients'. Subject to compatibility level.
+
+	Make a reason available for messages placed on 'hold'.
+
+	relay_recipient_maps empty should default to 'no valid
+	recipients'. Subject to compatibility level.
+
+	Add an option for a TLSRPT built-in JSON generator. This
+	would simplify TLSRPT adoption by eliminating a build-time
+	and run-time dependency on the libtlsrpt client library.
+	Prior art: this approach was previously used to implement
+	Postfix Milter support.

 	Make TLSRPT support pluggable (postfix-tlsrpt.so, like
 	postfix-ldap.so, postfix-mysql.so and so on). This avods a
 	hard install-time dependency on sys4 libtlsrpt. The sys4
-	code would still be a build-time dependency.
+	code would still be a required build-time dependency, but
+	it would become an optional install-time dependency.

 	Add smtp_tlsrpt_allow_list feature (default: static:all) to limit
 	the domains for which Postfix generates TLSRPT daily summaries.
--- a/postfix/html/TLSRPT_README.html
+++ b/postfix/html/TLSRPT_README.html
@ -276,14 +276,15 @@ when submitting an email message. </p>

 <ul>

-<li> <p> Do nothing. When TLS security enforcement is required, a
-persistent enforcement failure will delay the delivery of a TLSRPT
-summary until the problem is addressed, or until the message expires
+<li> <p> Do nothing. When TLS security enforcement is required but
+fails, a TLSRPT summary message will be delayed
+until the problem is addressed, or until the message expires
 in the mail queue. Keep in mind that TLSRPT is not a real-time
 monitoring service; it takes on average 12 hours before a failure
 is reported through TLSRPT. </p>

-<li> <p> Exclude the sender of TLSRPT summaries from TLS enforcement.
+<li> <p> Exclude the sender of TLSRPT summaries from TLS security
+enforcement.
 Implement the configuration below on outbound MTA instances (replace
 noreply-smtp-tls-reporting@example.com with your actual report
 generator's sender address): </p>
@ -296,7 +297,7 @@ generator's sender address): </p>
 &nbsp
 /etc/postfix/<a href="master.5.html">master.cf</a>:
    # service name    type    private unpriv  chroot  wakeup  maxproc command
-    allow-plaintext   unix    -       -       n       -       -       smtp
+    allow-plaintext   unix    -       -       -       -       -       smtp
        -o { <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may }
        -o { <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a> = <a href="DATABASE_README.html#types">static</a>:may }
 </pre>
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@ -15871,7 +15871,7 @@ command. </p>
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi-recipient mail.
+ID (also known as a queue ID).
 </p>

 <p> This feature is available in Postfix 2.3 and later. </p>
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@ -10670,7 +10670,7 @@ With sites that reject lots of mail, the default setting reduces
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi\-recipient mail.
+ID (also known as a queue ID).
 .PP
 This feature is available in Postfix 2.3 and later.
 .SH smtpd_delay_reject (default: yes)
--- a/postfix/proto/TLSRPT_README.html
+++ b/postfix/proto/TLSRPT_README.html
@ -276,14 +276,15 @@ when submitting an email message. </p>

 <ul>

-<li> <p> Do nothing. When TLS security enforcement is required, a
-persistent enforcement failure will delay the delivery of a TLSRPT
-summary until the problem is addressed, or until the message expires
+<li> <p> Do nothing. When TLS security enforcement is required but
+fails, a TLSRPT summary message will be delayed
+until the problem is addressed, or until the message expires
 in the mail queue. Keep in mind that TLSRPT is not a real-time
 monitoring service; it takes on average 12 hours before a failure
 is reported through TLSRPT. </p>

-<li> <p> Exclude the sender of TLSRPT summaries from TLS enforcement.
+<li> <p> Exclude the sender of TLSRPT summaries from TLS security
+enforcement.
 Implement the configuration below on outbound MTA instances (replace
 noreply-smtp-tls-reporting@example.com with your actual report
 generator's sender address): </p>
@ -296,7 +297,7 @@ generator's sender address): </p>
 &nbsp
 /etc/postfix/master.cf:
    # service name    type    private unpriv  chroot  wakeup  maxproc command
-    allow-plaintext   unix    -       -       n       -       -       smtp
+    allow-plaintext   unix    -       -       -       -       -       smtp
        -o { smtp_tls_security_level = may }
        -o { smtp_tls_policy_maps = static:may }
 </pre>
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@ -11476,7 +11476,7 @@ command. </p>
 the use of
 disk, CPU and memory resources. The downside is that rejected
 recipients are logged with NOQUEUE instead of a mail transaction
-ID. This complicates the logfile analysis of multi-recipient mail.
+ID (also known as a queue ID).
 </p>

 <p> This feature is available in Postfix 2.3 and later. </p>
--- a/postfix/src/cleanup/cleanup_api.c
+++ b/postfix/src/cleanup/cleanup_api.c
@ -354,6 +354,7 @@ int     cleanup_flush(CLEANUP_STATE *state)
 	    (void) REMOVE(vstring_str(cleanup_trace_path));
 	if (REMOVE(cleanup_path))
 	    msg_warn("remove %s: %m", cleanup_path);
+	msg_info("%s: canceled", state->queue_id);
    }

    /*
--- a/postfix/src/global/dict_pgsql.c
+++ b/postfix/src/global/dict_pgsql.c
@ -733,10 +733,10 @@ DICT   *dict_pgsql_open(const char *name, int open_flags, int dict_flags)
    if (dict_pgsql->pldb->non_uri_target && dict_pgsql->dbname[0] == 0) {
 	DICT   *ret;

-	ret == (dict_surrogate(DICT_TYPE_PGSQL, name, open_flags, dict_flags,
+	ret = dict_surrogate(DICT_TYPE_PGSQL, name, open_flags, dict_flags,
 			   "%s:%s host target '%s' requires dbname setting",
-			       DICT_TYPE_PGSQL, name,
-			       dict_pgsql->pldb->non_uri_target));
+			     DICT_TYPE_PGSQL, name,
+			     dict_pgsql->pldb->non_uri_target);
 	dict_pgsql_close(&dict_pgsql->dict);
 	return (ret);
    }
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@ -20,7 +20,7 @@
  * Patches change both the patchlevel and the release date. Snapshots have no
  * patchlevel; they change the release date only.
  */
-#define MAIL_RELEASE_DATE	"20241027"
+#define MAIL_RELEASE_DATE	"20241111"
 #define MAIL_VERSION_NUMBER	"3.10"

 #ifdef SNAPSHOT
--- a/postfix/src/xsasl/xsasl_dovecot_server.c
+++ b/postfix/src/xsasl/xsasl_dovecot_server.c
@ -660,7 +660,9 @@ int     xsasl_dovecot_server_first(XSASL_SERVER *xp, const char *sasl_method,

    for (cpp = server->mechanism_argv->argv; /* see below */ ; cpp++) {
 	if (*cpp == 0) {
-	    vstring_strcpy(reply, "Invalid authentication mechanism");
+	    vstring_sprintf(reply, "Invalid authentication mechanism: '%s'",
+			    sasl_method);
+	    printable(vstring_str(reply), '?');
 	    return XSASL_AUTH_FAIL;
 	}
 	if (strcasecmp(sasl_method, *cpp) == 0)