mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 13:18:12 +00:00
Code Issues Releases Wiki Activity

postfix-3.2-20160730

Browse Source
This commit is contained in:
Wietse Venema 2016-07-30 00:00:00 -05:00 committed by Viktor Dukhovni
parent 98b90b32f0
commit edfd6b5bb5
13 changed files with 158 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
postfix/HISTORY
View File

@ -22419,3 +22419,13 @@ Apologies for any names omitted.
after-220 tests. Files: postscreen_misc.c, postscreen_state.c,
postscreen.h, postscreen_tests.c, postscreen.c, postscreen_smtpd.c,
postscreen_early.c.
20160730
Cleanup: don't try to optimize away postscreen cache updates.
File: postscreen_misc.c.
Cleanup: removed compatibility crutches that emulated a
historical data organization from four years ago. Files:
postscreen/postscreen.[hc], postscreen/postscreen_early.c,
postscreen/postscreen_smtpd.c, postscreen/postscreen_tests.c.

7
postfix/html/cidr_table.5.html
View File

@ -85,8 +85,9 @@ CIDR_TABLE(5) CIDR_TABLE(5)
An IPv4 network address is a sequence of four decimal octets separated
by ".", and an IPv6 network address is a sequence of three to eight
hexadecimal octets or octet pairs separated by ":". The pattern
0.0.0.0/0 matches every IPv4 address, and ::/0 matches every IPv6
hexadecimal octet pairs separated by ":" or "::", where the latter is
short-hand for a sequence of one or more all-zero octet pairs. The pat-
tern 0.0.0.0/0 matches every IPv4 address, and ::/0 matches every IPv6
address. IPv6 support is available in Postfix 2.2 and later.
Before comparisons are made, lookup keys and table entries are con-
@ -106,6 +107,8 @@ CIDR_TABLE(5) CIDR_TABLE(5)
# before more general blacklist entries.
192.168.1.1 OK
192.168.0.0/16 REJECT
2001:db8::1 OK
2001:db8::/32 REJECT
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager

7
postfix/html/postscreen.8.html
View File

@ -4,7 +4,7 @@
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<title> Postfix manual - postscreen(8) </title>
</head> <body> <pre>
POSTSCREEN(8) System Manager's Manual POSTSCREEN(8)
POSTSCREEN(8) POSTSCREEN(8)
<b>NAME</b>
postscreen - Postfix zombie blocker
@ -394,9 +394,8 @@ POSTSCREEN(8) System Manager's Manual POSTSCREEN(8)
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
The mail system name that is prepended to the process name in
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
<b>SEE ALSO</b>
<a href="smtpd.8.html">smtpd(8)</a>, Postfix SMTP server

12
postfix/man/man5/cidr_table.5
View File

@ -96,10 +96,12 @@ part must be zero).
An IPv4 network address is a sequence of four decimal octets
separated by ".", and an IPv6 network address is a sequence
of three to eight hexadecimal octets or octet pairs separated by
":". The pattern 0.0.0.0/0 matches every IPv4 address, and ::/0
matches every IPv6 address. IPv6 support is available in
Postfix 2.2 and later.
of three to eight hexadecimal octet pairs separated by ":"
or "::", where the latter is short\-hand for a sequence of
one or more all\-zero octet pairs. The pattern 0.0.0.0/0
matches every IPv4 address, and ::/0 matches every IPv6
address. IPv6 support is available in Postfix 2.2 and
later.
Before comparisons are made, lookup keys and table entries
are converted from string to binary. Therefore, IPv6 patterns
@ -120,6 +122,8 @@ this form is not required.
# before more general blacklist entries.
192.168.1.1 OK
192.168.0.0/16 REJECT
2001:db8::1 OK
2001:db8::/32 REJECT
.fi
.SH "SEE ALSO"
.na

4
postfix/man/man8/postscreen.8
View File

@ -397,8 +397,8 @@ The process name of a Postfix command or daemon process.
.IP "\fBsyslog_facility (mail)\fR"
The syslog facility of Postfix logging.
.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".
A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
.SH "SEE ALSO"
.na
.nf

12
postfix/proto/cidr_table
View File

@ -84,10 +84,12 @@
#
# An IPv4 network address is a sequence of four decimal octets
# separated by ".", and an IPv6 network address is a sequence
# of three to eight hexadecimal octets or octet pairs separated by
# ":". The pattern 0.0.0.0/0 matches every IPv4 address, and ::/0
# matches every IPv6 address. IPv6 support is available in
# Postfix 2.2 and later.
# of three to eight hexadecimal octet pairs separated by ":"
# or "::", where the latter is short-hand for a sequence of
# one or more all-zero octet pairs. The pattern 0.0.0.0/0
# matches every IPv4 address, and ::/0 matches every IPv6
# address. IPv6 support is available in Postfix 2.2 and
# later.
#
# Before comparisons are made, lookup keys and table entries
# are converted from string to binary. Therefore, IPv6 patterns
@ -106,6 +108,8 @@
# # before more general blacklist entries.
# 192.168.1.1 OK
# 192.168.0.0/16 REJECT
# 2001:db8::1 OK
# 2001:db8::/32 REJECT
# .fi
# SEE ALSO
# postmap(1), Postfix lookup table manager

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20160728"
#define MAIL_RELEASE_DATE "20160730"
#define MAIL_VERSION_NUMBER "3.2"
#ifdef SNAPSHOT

14
postfix/src/postscreen/postscreen.c
View File

@ -357,8 +357,8 @@
/* .IP "\fBsyslog_facility (mail)\fR"
/* The syslog facility of Postfix logging.
/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
/* The mail system name that is prepended to the process name in syslog
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* A prefix that is prepended to the process name in syslog
/* records, so that, for example, "smtpd" becomes "prefix/smtpd".
/* SEE ALSO
/* smtpd(8), Postfix SMTP server
/* tlsproxy(8), Postfix TLS proxy server
@ -691,7 +691,7 @@ static void psc_endpt_lookup_done(int endpt_status,
* Reply with 421 when the client has too many open connections.
*/
if (var_psc_cconn_limit > 0
&& state->client_concurrency > var_psc_cconn_limit) {
&& state->client_info->concurrency > var_psc_cconn_limit) {
msg_info("NOQUEUE: reject: CONNECT from [%s]:%s: too many connections",
state->smtp_client_addr, state->smtp_client_port);
PSC_DROP_SESSION_STATE(state,
@ -840,7 +840,7 @@ static int psc_cache_validator(const char *client_addr,
const char *stamp_str,
void *unused_context)
{
PSC_STATE dummy;
PSC_STATE dummy_state;
PSC_CLIENT_INFO dummy_client_info;
/*
@ -851,9 +851,9 @@ static int psc_cache_validator(const char *client_addr,
* silly logging we remove the cache entry only after all tests have
* expired longer ago than the cache retention time.
*/
dummy.client_info = &dummy_client_info;
psc_parse_tests(&dummy, stamp_str, event_time() - var_psc_cache_ret);
return ((dummy.flags & PSC_STATE_MASK_ANY_TODO) == 0);
dummy_state.client_info = &dummy_client_info;
psc_parse_tests(&dummy_state, stamp_str, event_time() - var_psc_cache_ret);
return ((dummy_state.flags & PSC_STATE_MASK_ANY_TODO) == 0);
}
/* pre_jail_init - pre-jail initialization */

13
postfix/src/postscreen/postscreen.h
View File

@ -99,19 +99,6 @@ typedef struct {
const char *where; /* SMTP protocol state */
} PSC_STATE;
/*
* Emulate legacy ad-hoc variables on top of indexable time stamps. This
* avoids massive scar tissue during initial feature development.
*/
#define pregr_stamp client_info->expire_time[PSC_TINDX_PREGR]
#define dnsbl_stamp client_info->expire_time[PSC_TINDX_DNSBL]
#define pipel_stamp client_info->expire_time[PSC_TINDX_PIPEL]
#define nsmtp_stamp client_info->expire_time[PSC_TINDX_NSMTP]
#define barlf_stamp client_info->expire_time[PSC_TINDX_BARLF]
/* Minize the patch size for stable releases. */
#define client_concurrency client_info->concurrency
/*
* Special expiration time values.
*/

5
postfix/src/postscreen/postscreen_early.c
View File

@ -104,6 +104,7 @@ static void psc_early_event(int event, void *context)
{
const char *myname = "psc_early_event";
PSC_STATE *state = (PSC_STATE *) context;
time_t *expire_time = state->client_info->expire_time;
char read_buf[PSC_READ_BUF_SIZE];
int read_count;
DELTA_TIME elapsed;
@ -142,7 +143,7 @@ static void psc_early_event(int event, void *context)
*/
if ((state->flags & PSC_STATE_FLAG_PREGR_TODO) != 0
&& (state->flags & PSC_STATE_MASK_PREGR_FAIL_DONE) == 0) {
state->pregr_stamp = event_time() + var_psc_pregr_ttl;
expire_time[PSC_TINDX_PREGR] = event_time() + var_psc_pregr_ttl;
PSC_PASS_SESSION_STATE(state, "pregreet test",
PSC_STATE_FLAG_PREGR_PASS);
}
@ -175,7 +176,7 @@ static void psc_early_event(int event, void *context)
psc_whitelist_non_dnsbl(state);
}
if (state->dnsbl_score < var_psc_dnsbl_thresh) {
state->dnsbl_stamp = event_time() + state->dnsbl_ttl;
expire_time[PSC_TINDX_DNSBL] = event_time() + state->dnsbl_ttl;
PSC_PASS_SESSION_STATE(state, "dnsbl test",
PSC_STATE_FLAG_DNSBL_PASS);
} else {

7
postfix/src/postscreen/postscreen_misc.c
View File

@ -112,10 +112,13 @@ void psc_conclude(PSC_STATE *state)
/*
* Update the postscreen cache. This still supports a scenario where a
* client gets whitelisted in the course of multiple sessions, as long as
* that client does not "fail" any test.
* that client does not "fail" any test. Don't try to optimize away cache
* updates; we want cached information to be up-to-date even if a test
* result is renewed during overlapping SMTP sessions, and even if
* 'postfix reload' happens in the middle of that.
*/
if ((state->flags & PSC_STATE_MASK_ANY_UPDATE) != 0
&& psc_cache_map != 0 && state->client_info->pass_new_count <= 1) {
&& psc_cache_map != 0) {
psc_print_tests(psc_temp, state);
psc_cache_update(psc_cache_map, state->smtp_client_addr, STR(psc_temp));
}

19
postfix/src/postscreen/postscreen_smtpd.c
View File

@ -722,6 +722,7 @@ static void psc_smtpd_read_event(int event, void *context)
{
const char *myname = "psc_smtpd_read_event";
PSC_STATE *state = (PSC_STATE *) context;
time_t *expire_time = state->client_info->expire_time;
int ch;
struct cmd_trans {
int state;
@ -835,7 +836,7 @@ static void psc_smtpd_read_event(int event, void *context)
PSC_CLIENT_ADDR_PORT(state), STR(psc_temp));
PSC_FAIL_SESSION_STATE(state, PSC_STATE_FLAG_BARLF_FAIL);
PSC_UNPASS_SESSION_STATE(state, PSC_STATE_FLAG_BARLF_PASS);
state->barlf_stamp = PSC_TIME_STAMP_DISABLED; /* XXX */
expire_time[PSC_TINDX_BARLF] = PSC_TIME_STAMP_DISABLED; /* XXX */
/* Skip this test for the remainder of this session. */
PSC_SKIP_SESSION_STATE(state, "bare newline test",
PSC_STATE_FLAG_BARLF_SKIP);
@ -855,7 +856,7 @@ static void psc_smtpd_read_event(int event, void *context)
/* Temporarily whitelist until something expires. */
PSC_PASS_SESSION_STATE(state, "bare newline test",
PSC_STATE_FLAG_BARLF_PASS);
state->barlf_stamp = event_time() + psc_min_ttl;
expire_time[PSC_TINDX_BARLF] = event_time() + psc_min_ttl;
break;
default:
msg_panic("%s: unknown bare_newline action value %d",
@ -960,7 +961,7 @@ static void psc_smtpd_read_event(int event, void *context)
command, STR(psc_temp));
PSC_FAIL_SESSION_STATE(state, PSC_STATE_FLAG_NSMTP_FAIL);
PSC_UNPASS_SESSION_STATE(state, PSC_STATE_FLAG_NSMTP_PASS);
state->nsmtp_stamp = PSC_TIME_STAMP_DISABLED; /* XXX */
expire_time[PSC_TINDX_NSMTP] = PSC_TIME_STAMP_DISABLED; /* XXX */
/* Skip this test for the remainder of this SMTP session. */
PSC_SKIP_SESSION_STATE(state, "non-smtp test",
PSC_STATE_FLAG_NSMTP_SKIP);
@ -980,7 +981,7 @@ static void psc_smtpd_read_event(int event, void *context)
/* Temporarily whitelist until something else expires. */
PSC_PASS_SESSION_STATE(state, "non-smtp test",
PSC_STATE_FLAG_NSMTP_PASS);
state->nsmtp_stamp = event_time() + psc_min_ttl;
expire_time[PSC_TINDX_NSMTP] = event_time() + psc_min_ttl;
break;
default:
msg_panic("%s: unknown non_smtp_command action value %d",
@ -997,7 +998,7 @@ static void psc_smtpd_read_event(int event, void *context)
PSC_CLIENT_ADDR_PORT(state), command, STR(psc_temp));
PSC_FAIL_SESSION_STATE(state, PSC_STATE_FLAG_PIPEL_FAIL);
PSC_UNPASS_SESSION_STATE(state, PSC_STATE_FLAG_PIPEL_PASS);
state->pipel_stamp = PSC_TIME_STAMP_DISABLED; /* XXX */
expire_time[PSC_TINDX_PIPEL] = PSC_TIME_STAMP_DISABLED; /* XXX */
/* Skip this test for the remainder of this SMTP session. */
PSC_SKIP_SESSION_STATE(state, "pipelining test",
PSC_STATE_FLAG_PIPEL_SKIP);
@ -1017,7 +1018,7 @@ static void psc_smtpd_read_event(int event, void *context)
/* Temporarily whitelist until something else expires. */
PSC_PASS_SESSION_STATE(state, "pipelining test",
PSC_STATE_FLAG_PIPEL_PASS);
state->pipel_stamp = event_time() + psc_min_ttl;
expire_time[PSC_TINDX_PIPEL] = event_time() + psc_min_ttl;
break;
default:
msg_panic("%s: unknown pipelining action value %d",
@ -1036,21 +1037,21 @@ static void psc_smtpd_read_event(int event, void *context)
PSC_PASS_SESSION_STATE(state, "bare newline test",
PSC_STATE_FLAG_BARLF_PASS);
/* XXX Reset to PSC_TIME_STAMP_DISABLED on failure. */
state->barlf_stamp = event_time() + var_psc_barlf_ttl;
expire_time[PSC_TINDX_BARLF] = event_time() + var_psc_barlf_ttl;
}
if ((state->flags & PSC_STATE_MASK_NSMTP_TODO_PASS_FAIL)
== PSC_STATE_FLAG_NSMTP_TODO) {
PSC_PASS_SESSION_STATE(state, "non-smtp test",
PSC_STATE_FLAG_NSMTP_PASS);
/* XXX Reset to PSC_TIME_STAMP_DISABLED on failure. */
state->nsmtp_stamp = event_time() + var_psc_nsmtp_ttl;
expire_time[PSC_TINDX_NSMTP] = event_time() + var_psc_nsmtp_ttl;
}
if ((state->flags & PSC_STATE_MASK_PIPEL_TODO_PASS_FAIL)
== PSC_STATE_FLAG_PIPEL_TODO) {
PSC_PASS_SESSION_STATE(state, "pipelining test",
PSC_STATE_FLAG_PIPEL_PASS);
/* XXX Reset to PSC_TIME_STAMP_DISABLED on failure. */
state->pipel_stamp = event_time() + var_psc_pipel_ttl;
expire_time[PSC_TINDX_PIPEL] = event_time() + var_psc_pipel_ttl;
}
}
/* Command COUNT limit test. */

66
postfix/src/postscreen/postscreen_tests.c
View File

@ -133,6 +133,7 @@
void psc_new_tests(PSC_STATE *state)
{
time_t *expire_time = state->client_info->expire_time;
/*
* Give all tests a PSC_TIME_STAMP_NEW time stamp, so that we can later
@ -140,11 +141,11 @@ void psc_new_tests(PSC_STATE *state)
* write a cache entry to the database, any new-but-disabled tests will
* get a PSC_TIME_STAMP_DISABLED time stamp.
*/
state->pregr_stamp = PSC_TIME_STAMP_NEW;
state->dnsbl_stamp = PSC_TIME_STAMP_NEW;
state->pipel_stamp = PSC_TIME_STAMP_NEW;
state->nsmtp_stamp = PSC_TIME_STAMP_NEW;
state->barlf_stamp = PSC_TIME_STAMP_NEW;
expire_time[PSC_TINDX_PREGR] = PSC_TIME_STAMP_NEW;
expire_time[PSC_TINDX_DNSBL] = PSC_TIME_STAMP_NEW;
expire_time[PSC_TINDX_PIPEL] = PSC_TIME_STAMP_NEW;
expire_time[PSC_TINDX_NSMTP] = PSC_TIME_STAMP_NEW;
expire_time[PSC_TINDX_BARLF] = PSC_TIME_STAMP_NEW;
/*
* Determine what tests need to be completed.
@ -190,7 +191,7 @@ void psc_parse_tests(PSC_STATE *state,
void psc_todo_tests(PSC_STATE *state, time_t time_value)
{
time_t *time_stamps = state->client_info->expire_time;
time_t *expire_time = state->client_info->expire_time;
time_t *sp;
/*
@ -203,7 +204,7 @@ void psc_todo_tests(PSC_STATE *state, time_t time_value)
* enabled tests, but the remote SMTP client has not yet passed all those
* tests.
*/
for (sp = time_stamps; sp < time_stamps + PSC_TINDX_COUNT; sp++) {
for (sp = expire_time; sp < expire_time + PSC_TINDX_COUNT; sp++) {
if (*sp == PSC_TIME_STAMP_NEW)
state->flags |= PSC_STATE_FLAG_NEW;
}
@ -212,15 +213,15 @@ void psc_todo_tests(PSC_STATE *state, time_t time_value)
* Don't flag disabled tests as "todo", because there would be no way to
* make those bits go away.
*/
if (PSC_PREGR_TEST_ENABLE() && time_value > state->pregr_stamp)
if (PSC_PREGR_TEST_ENABLE() && time_value > expire_time[PSC_TINDX_PREGR])
state->flags |= PSC_STATE_FLAG_PREGR_TODO;
if (PSC_DNSBL_TEST_ENABLE() && time_value > state->dnsbl_stamp)
if (PSC_DNSBL_TEST_ENABLE() && time_value > expire_time[PSC_TINDX_DNSBL])
state->flags |= PSC_STATE_FLAG_DNSBL_TODO;
if (var_psc_pipel_enable && time_value > state->pipel_stamp)
if (var_psc_pipel_enable && time_value > expire_time[PSC_TINDX_PIPEL])
state->flags |= PSC_STATE_FLAG_PIPEL_TODO;
if (var_psc_nsmtp_enable && time_value > state->nsmtp_stamp)
if (var_psc_nsmtp_enable && time_value > expire_time[PSC_TINDX_NSMTP])
state->flags |= PSC_STATE_FLAG_NSMTP_TODO;
if (var_psc_barlf_enable && time_value > state->barlf_stamp)
if (var_psc_barlf_enable && time_value > expire_time[PSC_TINDX_BARLF])
state->flags |= PSC_STATE_FLAG_BARLF_TODO;
/*
@ -235,15 +236,15 @@ void psc_todo_tests(PSC_STATE *state, time_t time_value)
&& var_psc_refresh_time > 0) {
time_t refresh_time = time_value + var_psc_refresh_time;
if (PSC_PREGR_TEST_ENABLE() && refresh_time > state->pregr_stamp)
if (PSC_PREGR_TEST_ENABLE() && refresh_time > expire_time[PSC_TINDX_PREGR])
state->flags |= PSC_STATE_FLAG_PREGR_TODO;
if (PSC_DNSBL_TEST_ENABLE() && refresh_time > state->dnsbl_stamp)
if (PSC_DNSBL_TEST_ENABLE() && refresh_time > expire_time[PSC_TINDX_DNSBL])
state->flags |= PSC_STATE_FLAG_DNSBL_TODO;
if (var_psc_pipel_enable && refresh_time > state->pipel_stamp)
if (var_psc_pipel_enable && refresh_time > expire_time[PSC_TINDX_PIPEL])
state->flags |= PSC_STATE_FLAG_PIPEL_TODO;
if (var_psc_nsmtp_enable && refresh_time > state->nsmtp_stamp)
if (var_psc_nsmtp_enable && refresh_time > expire_time[PSC_TINDX_NSMTP])
state->flags |= PSC_STATE_FLAG_NSMTP_TODO;
if (var_psc_barlf_enable && refresh_time > state->barlf_stamp)
if (var_psc_barlf_enable && refresh_time > expire_time[PSC_TINDX_BARLF])
state->flags |= PSC_STATE_FLAG_BARLF_TODO;
}
#endif
@ -271,6 +272,7 @@ void psc_todo_tests(PSC_STATE *state, time_t time_value)
char *psc_print_tests(VSTRING *buf, PSC_STATE *state)
{
const char *myname = "psc_print_tests";
time_t *expire_time = state->client_info->expire_time;
/*
* Sanity check.
@ -283,23 +285,23 @@ char *psc_print_tests(VSTRING *buf, PSC_STATE *state)
* with "pass new" when some disabled test becomes enabled at some later
* time.
*/
if (PSC_PREGR_TEST_ENABLE() == 0 && state->pregr_stamp == PSC_TIME_STAMP_NEW)
state->pregr_stamp = PSC_TIME_STAMP_DISABLED;
if (PSC_DNSBL_TEST_ENABLE() == 0 && state->dnsbl_stamp == PSC_TIME_STAMP_NEW)
state->dnsbl_stamp = PSC_TIME_STAMP_DISABLED;
if (var_psc_pipel_enable == 0 && state->pipel_stamp == PSC_TIME_STAMP_NEW)
state->pipel_stamp = PSC_TIME_STAMP_DISABLED;
if (var_psc_nsmtp_enable == 0 && state->nsmtp_stamp == PSC_TIME_STAMP_NEW)
state->nsmtp_stamp = PSC_TIME_STAMP_DISABLED;
if (var_psc_barlf_enable == 0 && state->barlf_stamp == PSC_TIME_STAMP_NEW)
state->barlf_stamp = PSC_TIME_STAMP_DISABLED;
if (PSC_PREGR_TEST_ENABLE() == 0 && expire_time[PSC_TINDX_PREGR] == PSC_TIME_STAMP_NEW)
expire_time[PSC_TINDX_PREGR] = PSC_TIME_STAMP_DISABLED;
if (PSC_DNSBL_TEST_ENABLE() == 0 && expire_time[PSC_TINDX_DNSBL] == PSC_TIME_STAMP_NEW)
expire_time[PSC_TINDX_DNSBL] = PSC_TIME_STAMP_DISABLED;
if (var_psc_pipel_enable == 0 && expire_time[PSC_TINDX_PIPEL] == PSC_TIME_STAMP_NEW)
expire_time[PSC_TINDX_PIPEL] = PSC_TIME_STAMP_DISABLED;
if (var_psc_nsmtp_enable == 0 && expire_time[PSC_TINDX_NSMTP] == PSC_TIME_STAMP_NEW)
expire_time[PSC_TINDX_NSMTP] = PSC_TIME_STAMP_DISABLED;
if (var_psc_barlf_enable == 0 && expire_time[PSC_TINDX_BARLF] == PSC_TIME_STAMP_NEW)
expire_time[PSC_TINDX_BARLF] = PSC_TIME_STAMP_DISABLED;
vstring_sprintf(buf, "%lu;%lu;%lu;%lu;%lu",
(unsigned long) state->pregr_stamp,
(unsigned long) state->dnsbl_stamp,
(unsigned long) state->pipel_stamp,
(unsigned long) state->nsmtp_stamp,
(unsigned long) state->barlf_stamp);
(unsigned long) expire_time[PSC_TINDX_PREGR],
(unsigned long) expire_time[PSC_TINDX_DNSBL],
(unsigned long) expire_time[PSC_TINDX_PIPEL],
(unsigned long) expire_time[PSC_TINDX_NSMTP],
(unsigned long) expire_time[PSC_TINDX_BARLF]);
return (STR(buf));
}