diff --git a/postfix/HISTORY b/postfix/HISTORY index 3f5cdb270..fe7f369f5 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -28313,3 +28313,18 @@ Apologies for any names omitted. smtp/smtp_params.c, smtp/smtp_tlsrpt.c, tls/tls_client.c, tls/tls_proxy_client_print.c, tls/tls_proxy_client_scan.c, tls/tlsrpt_wrapper.c, tls/tlsrpt_wrapper.h. + +20240928 + + Feature (no code change): generate HTML anchors for manpage + sections, for example: cidr_table.5.html#table_format. The + anchor contains the section name, after replacing upper + case with lower case, and after replacing spaces with + underscores. File: mantools/man2html. + + Cleanaup (no code change): regenerate all man-style pages + so that the parameter summaries at the end match the text + in postconf(5). This also updates embedded man-style + comments in Postfix source code. Files: mantools/man2html, + proto/aliases, cleanup/cleanup.c, local/local.c, smtpd/smtpd.c, + tlsproxy/tlsproxy.c. diff --git a/postfix/WISHLIST b/postfix/WISHLIST index f12a1544a..506cb7c3e 100644 --- a/postfix/WISHLIST +++ b/postfix/WISHLIST @@ -18,9 +18,10 @@ Wish list: When debug logging is enabled, dict_db_open() logs a newline character after the version info. - postsuper fails to write the maillog file while Postfix is down - (the fallback to 'direct write' happens after an irreversible - set_ugid() call). + postsuper fails to write the maillog file while Postfix is + down (the fallback to 'direct write' happens after an + irreversible set_ugid() call). Possible solution: figure + out if we can open the maillog file before dropping privileges. The postdrop code should be more explicit about what attrributes it will pass through. rec_attr_map() is not diff --git a/postfix/conf/aliases b/postfix/conf/aliases index c27bce78b..f4b853c03 100644 --- a/postfix/conf/aliases +++ b/postfix/conf/aliases @@ -206,46 +206,49 @@ decode: root # updated with "newaliases" or with "sendmail -bi". # # alias_maps (see 'postconf -d' output) -# Optional lookup tables with aliases that apply only -# to local(8) recipients; this is unlike vir- -# tual_alias_maps that apply to all recipients: -# local(8), virtual, and remote. +# Optional lookup tables that are searched only with +# an email address localpart (no domain) and that +# apply only to local(8) recipients; this is unlike +# virtual_alias_maps that are often searched with a +# full email address (including domain) and that +# apply to all recipients: local(8), virtual, and +# remote. # # allow_mail_to_commands (alias, forward) -# Restrict local(8) mail delivery to external com- +# Restrict local(8) mail delivery to external com- # mands. # # allow_mail_to_files (alias, forward) -# Restrict local(8) mail delivery to external files. +# Restrict local(8) mail delivery to external files. # # expand_owner_alias (no) # When delivering to an alias "aliasname" that has an # "owner-aliasname" companion alias, set the envelope -# sender address to the expansion of the +# sender address to the expansion of the # "owner-aliasname" alias. # # propagate_unmatched_extensions (canonical, virtual) -# What address lookup tables copy an address exten- +# What address lookup tables copy an address exten- # sion from the lookup key to the lookup result. # # owner_request_special (yes) # Enable special treatment for owner-listname entries # in the aliases(5) file, and don't split owner-list- -# name and listname-request address localparts when +# name and listname-request address localparts when # the recipient_delimiter is set to "-". # # recipient_delimiter (empty) -# The set of characters that can separate an email -# address localpart, user name, or a .forward file +# The set of characters that can separate an email +# address localpart, user name, or a .forward file # name from its extension. # # Available in Postfix version 2.3 and later: # # frozen_delivered_to (yes) -# Update the local(8) delivery agent's idea of the -# Delivered-To: address (see prepend_deliv- -# ered_header) only once, at the start of a delivery -# attempt; do not update the Delivered-To: address +# Update the local(8) delivery agent's idea of the +# Delivered-To: address (see prepend_deliv- +# ered_header) only once, at the start of a delivery +# attempt; do not update the Delivered-To: address # while expanding aliases or .forward files. # # STANDARDS @@ -258,12 +261,12 @@ decode: root # postconf(5), configuration parameters # # README FILES -# Use "postconf readme_directory" or "postconf html_direc- +# Use "postconf readme_directory" or "postconf html_direc- # tory" to locate this information. # DATABASE_README, Postfix lookup table overview # # LICENSE -# The Secure Mailer license must be distributed with this +# The Secure Mailer license must be distributed with this # software. # # AUTHOR(S) diff --git a/postfix/html/aliases.5.html b/postfix/html/aliases.5.html index 177f3f76b..6c71da498 100644 --- a/postfix/html/aliases.5.html +++ b/postfix/html/aliases.5.html @@ -7,15 +7,15 @@ 
 ALIASES(5)                                                          ALIASES(5)
 
-NAME
+NAME
        aliases - Postfix local alias database format
 
-SYNOPSIS
+SYNOPSIS
        newaliases
 
        postalias -q name [file-type]:[file-name]
 
-DESCRIPTION
+DESCRIPTION
        The  optional  aliases(5)  table  (alias_maps) redirects mail for local
        recipients. The redirections are  processed  by  the  Postfix  local(8)
        delivery  agent.  This  table  is always searched with an email address
@@ -105,7 +105,7 @@ ALIASES(5)                                                          ALIASES(5)
               disallowed  by  default.  To enable, edit the allow_mail_to_com-
               mands and allow_mail_to_files configuration parameters.
 
-ADDRESS EXTENSION
+ADDRESS EXTENSION
        When alias database search fails, and the recipient localpart  contains
        the  optional  recipient  delimiter  (e.g.,  user+foo),  the  search is
        repeated for the unextended address (e.g., user).
@@ -114,11 +114,11 @@ ALIASES(5)                                                          ALIASES(5)
        unmatched address extension (+foo) is propagated to the result of table
        lookup.
 
-CASE FOLDING
+CASE FOLDING
        The local(8) delivery agent always folds the search string to lowercase
        before database lookup.
 
-REGULAR EXPRESSION TABLES
+REGULAR EXPRESSION TABLES
        This  section  describes how the table lookups change when the table is
        given in the form of regular expressions. For a description of  regular
        expression  lookup  table syntax, see regexp_table(5) or pcre_table(5).
@@ -133,7 +133,7 @@ ALIASES(5)                                                          ALIASES(5)
        Lookup results are the same as with indexed file lookups.  For security
        reasons there is no support for $1, $2 etc. substring interpolation.
 
-SECURITY
+SECURITY
        The  local(8)  delivery agent disallows regular expression substitution
        of $1 etc. in alias_maps, because that would open a security hole.
 
@@ -142,7 +142,7 @@ ALIASES(5)                                                          ALIASES(5)
        directly.  Before Postfix version 2.2, the local(8) delivery agent will
        terminate with a fatal error.
 
-CONFIGURATION PARAMETERS
+CONFIGURATION PARAMETERS
        The  following  main.cf  parameters  are especially relevant.  The text
        below provides only a  parameter  summary.  See  postconf(5)  for  more
        details including examples.
@@ -152,9 +152,11 @@ ALIASES(5)                                                          ALIASES(5)
               "newaliases" or with "sendmail -bi".
 
        alias_maps (see 'postconf -d' output)
-              Optional lookup tables with aliases that apply only to  local(8)
-              recipients;  this is unlike virtual_alias_maps that apply to all
-              recipients: local(8), virtual, and remote.
+              Optional lookup tables that are  searched  only  with  an  email
+              address  localpart  (no  domain) and that apply only to local(8)
+              recipients; this is unlike  virtual_alias_maps  that  are  often
+              searched  with  a full email address (including domain) and that
+              apply to all recipients: local(8), virtual, and remote.
 
        allow_mail_to_commands (alias, forward)
               Restrict local(8) mail delivery to external commands.
@@ -189,19 +191,19 @@ ALIASES(5)                                                          ALIASES(5)
               of  a  delivery attempt; do not update the Delivered-To: address
               while expanding aliases or .forward files.
 
-STANDARDS
+STANDARDS
        RFC 822 (ARPA Internet Text Messages)
 
-SEE ALSO
+SEE ALSO
        local(8), local delivery agent
        newaliases(1), create/update alias database
        postalias(1), create/update alias database
        postconf(5), configuration parameters
 
-README FILES
+README FILES
        DATABASE_README, Postfix lookup table overview
 
-LICENSE
+LICENSE
        The Secure Mailer license must be distributed with this software.
 
 AUTHOR(S)
diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html
index e4ecd4398..70e9a6188 100644
--- a/postfix/html/cleanup.8.html
+++ b/postfix/html/cleanup.8.html
@@ -7,13 +7,13 @@
   
 CLEANUP(8)                                                          CLEANUP(8)
 
-NAME
+NAME
        cleanup - canonicalize and enqueue Postfix message
 
-SYNOPSIS
+SYNOPSIS
        cleanup [generic Postfix daemon options]
 
-DESCRIPTION
+DESCRIPTION
        The  cleanup(8)  daemon  processes  inbound  mail,  inserts it into the
        incoming mail queue, and informs the queue manager of its arrival.
 
@@ -62,7 +62,7 @@ CLEANUP(8)                                                          CLEANUP(8)
        cleanup(8)  daemon  to bounce the message back to the sender in case of
        trouble.
 
-STANDARDS
+STANDARDS
        RFC 822 (ARPA Internet Text Messages)
        RFC 2045 (MIME: Format of Internet Message Bodies)
        RFC 2046 (MIME: Media Types)
@@ -71,14 +71,14 @@ CLEANUP(8)                                                          CLEANUP(8)
        RFC 3464 (Delivery status notifications)
        RFC 5322 (Internet Message Format)
 
-DIAGNOSTICS
+DIAGNOSTICS
        Problems and transactions are logged to syslogd(8) or postlogd(8).
 
-BUGS
+BUGS
        Table-driven rewriting rules make it hard to express if then  else  and
        other logical relationships.
 
-CONFIGURATION PARAMETERS
+CONFIGURATION PARAMETERS
        Changes to main.cf are picked up automatically, as cleanup(8) processes
        run for only a limited amount of time. Use the command "postfix reload"
        to speed up a change.
@@ -86,7 +86,7 @@ CLEANUP(8)                                                          CLEANUP(8)
        The  text  below provides only a parameter summary. See postconf(5) for
        more details including examples.
 
-COMPATIBILITY CONTROLS
+COMPATIBILITY CONTROLS
        undisclosed_recipients_header (see 'postconf -d' output)
               Message header that the Postfix cleanup(8) server inserts when a
               message contains no To: or Cc: message header.
@@ -121,7 +121,7 @@ CLEANUP(8)                                                          CLEANUP(8)
        header_from_format (standard)
               The format of the Postfix-generated From: header.
 
-BUILT-IN CONTENT FILTERING CONTROLS
+BUILT-IN CONTENT FILTERING CONTROLS
        Postfix built-in content filtering is meant to stop a flood of worms or
        viruses. It is not a general content filter.
 
@@ -170,7 +170,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               independent from how a remote mail server handles  such  charac-
               ters.
 
-BEFORE QUEUE MILTER CONTROLS
+BEFORE QUEUE MILTER CONTROLS
        As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
        filter) protocol. When mail is not received via  the  smtpd(8)  server,
        the cleanup(8) server will simulate SMTP events to the extent that this
@@ -256,7 +256,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               for  arbitrary  macros  that Postfix may send to Milter applica-
               tions.
 
-MIME PROCESSING CONTROLS
+MIME PROCESSING CONTROLS
        Available in Postfix version 2.0 and later:
 
        disable_mime_input_processing (no)
@@ -289,7 +289,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               tent-Transfer-Encoding:  message  headers;  historically,   this
               behavior was hard-coded to be "always on".
 
-AUTOMATIC BCC RECIPIENT CONTROLS
+AUTOMATIC BCC RECIPIENT CONTROLS
        Postfix  can automatically add BCC (blind carbon copy) when mail enters
        the mail system:
 
@@ -307,7 +307,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               Optional BCC (blind carbon-copy) address lookup tables,  indexed
               by envelope recipient address.
 
-ADDRESS TRANSFORMATION CONTROLS
+ADDRESS TRANSFORMATION CONTROLS
        Address  rewriting  is delegated to the trivial-rewrite(8) daemon.  The
        cleanup(8) server implements table driven address mapping.
 
@@ -353,9 +353,11 @@ CLEANUP(8)                                                          CLEANUP(8)
        Available in Postfix version 2.0 and later:
 
        virtual_alias_maps ($virtual_maps)
-              Optional lookup tables with aliases that apply  to  all  recipi-
-              ents:  local(8),  virtual, and remote; this is unlike alias_maps
-              that apply only to local(8) recipients.
+              Optional lookup tables that are often searched with a full email
+              address  (including  domain)  and  that apply to all recipients:
+              local(8), virtual, and remote; this is  unlike  alias_maps  that
+              are  only  searched  with an email address localpart (no domain)
+              and that apply only to local(8) recipients.
 
        Available in Postfix version 2.2 and later:
 
@@ -378,7 +380,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               remote_header_rewrite_domain parameter, and adding missing head-
               ers.
 
-RESOURCE AND RATE CONTROLS
+RESOURCE AND RATE CONTROLS
        duplicate_filter_limit (1000)
               The maximal number of addresses remembered by the address dupli-
               cate filter for aliases(5) or virtual(5) alias expansion, or for
@@ -431,7 +433,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               The maximal length of  an  email  address  after  virtual  alias
               expansion.
 
-SMTPUTF8 CONTROLS
+SMTPUTF8 CONTROLS
        Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 
        smtputf8_enable (yes)
@@ -449,7 +451,7 @@ CLEANUP(8)                                                          CLEANUP(8)
               IDNA2008, when converting UTF-8 domain names to/from  the  ASCII
               form that is used for DNS lookups.
 
-MISCELLANEOUS CONTROLS
+MISCELLANEOUS CONTROLS
        config_directory (see 'postconf -d' output)
               The  default  location of the Postfix main.cf and master.cf con-
               figuration files.
@@ -530,11 +532,11 @@ CLEANUP(8)                                                          CLEANUP(8)
               able, before header_checks,  body_checks,  Milters,  and  before
               after-queue content filters.
 
-FILES
+FILES
        /etc/postfix/canonical*, canonical mapping table
        /etc/postfix/virtual*, virtual mapping table
 
-SEE ALSO
+SEE ALSO
        trivial-rewrite(8), address rewriting
        qmgr(8), queue manager
        header_checks(5), message header content inspection
@@ -547,11 +549,11 @@ CLEANUP(8)                                                          CLEANUP(8)
        postlogd(8), Postfix logging
        syslogd(8), system logging
 
-README FILES
+README FILES
        ADDRESS_REWRITING_README Postfix address manipulation
        CONTENT_INSPECTION_README content inspection
 
-LICENSE
+LICENSE
        The Secure Mailer license must be distributed with this software.
 
 AUTHOR(S)
diff --git a/postfix/html/local.8.html b/postfix/html/local.8.html
index a923ce206..a8bafada8 100644
--- a/postfix/html/local.8.html
+++ b/postfix/html/local.8.html
@@ -7,13 +7,13 @@
   
 LOCAL(8)                                                              LOCAL(8)
 
-NAME
+NAME
        local - Postfix local mail delivery
 
-SYNOPSIS
+SYNOPSIS
        local [generic Postfix daemon options]
 
-DESCRIPTION
+DESCRIPTION
        The  local(8) daemon processes delivery requests from the Postfix queue
        manager to deliver mail to local  recipients.   Each  delivery  request
        specifies  a  queue file, a sender address, a domain or host to deliver
@@ -25,12 +25,12 @@ LOCAL(8)                                                              LOCAL(8)
        again  at  a  later  time.  Delivery  status  reports  are  sent to the
        bounce(8), defer(8) or trace(8) daemon as appropriate.
 
-CASE FOLDING
+CASE FOLDING
        All delivery decisions are made using the bare recipient name (i.e. the
        address  localpart),  folded  to  lower  case.   See also under ADDRESS
        EXTENSION below for a few exceptions.
 
-SYSTEM-WIDE AND USER-LEVEL ALIASING
+SYSTEM-WIDE AND USER-LEVEL ALIASING
        The system administrator can set  up  one  or  more  system-wide  send-
        mail-style  alias  databases.  Users can have sendmail-style ~/.forward
        files.  Mail for name is delivered to the alias name,  to  destinations
@@ -80,7 +80,7 @@ LOCAL(8)                                                              LOCAL(8)
        attempts to avoid duplicate deliveries. The duplicate_filter_limit con-
        figuration parameter limits the number of remembered recipients.
 
-MAIL FORWARDING
+MAIL FORWARDING
        For  the  sake  of reliability, forwarded mail is re-submitted as a new
        message, so that each recipient has a separate on-file delivery  status
        record.
@@ -90,7 +90,7 @@ LOCAL(8)                                                              LOCAL(8)
        address.  If  mail  arrives for a recipient that is already listed in a
        Delivered-To: header, the message is bounced.
 
-MAILBOX DELIVERY
+MAILBOX DELIVERY
        The default per-user mailbox is a file in the UNIX mail spool directory
        (/var/mail/user or /var/spool/mail/user); the location can be specified
        with the mail_spool_directory configuration parameter. Specify  a  name
@@ -132,7 +132,7 @@ LOCAL(8)                                                              LOCAL(8)
        to Postfix, and prepends a Return-Path: header with the envelope sender
        address.
 
-EXTERNAL COMMAND DELIVERY
+EXTERNAL COMMAND DELIVERY
        The  allow_mail_to_commands  configuration parameter restricts delivery
        to external commands. The default setting (alias, forward) forbids com-
        mand destinations in :include: files.
@@ -246,7 +246,7 @@ LOCAL(8)                                                              LOCAL(8)
        with  the  final  recipient  envelope  address, prepends a Return-Path:
        header with the sender envelope address, and appends no empty line.
 
-EXTERNAL FILE DELIVERY
+EXTERNAL FILE DELIVERY
        The delivery format depends on the destination  filename  syntax.   The
        default  is to use UNIX-style mailbox format.  Specify a name ending in
        / for qmail-compatible maildir delivery.
@@ -272,7 +272,7 @@ LOCAL(8)                                                              LOCAL(8)
        to  Postfix.   The  envelope  sender  address  is  available   in   the
        Return-Path: header.
 
-ADDRESS EXTENSION
+ADDRESS EXTENSION
        The  optional recipient_delimiter configuration parameter specifies how
        to separate address extensions from local recipient names.
 
@@ -281,7 +281,7 @@ LOCAL(8)                                                              LOCAL(8)
        tions listed in ~name/.forward+foo or in ~name/.forward, to the mailbox
        owned by the user name, or it is sent back as undeliverable.
 
-DELIVERY RIGHTS
+DELIVERY RIGHTS
        Deliveries  to  external  files and external commands are made with the
        rights of the receiving user on whose behalf the delivery is made.   In
        the  absence  of  a  user  context,  the local(8) daemon uses the owner
@@ -289,11 +289,11 @@ LOCAL(8)                                                              LOCAL(8)
        owned by the superuser, delivery is made with the rights specified with
        the default_privs configuration parameter.
 
-STANDARDS
+STANDARDS
        RFC 822 (ARPA Internet Text Messages)
        RFC 3463 (Enhanced status codes)
 
-DIAGNOSTICS
+DIAGNOSTICS
        Problems and transactions are  logged  to  syslogd(8)  or  postlogd(8).
        Corrupted  message  files are marked so that the queue manager can move
        them to the corrupt queue afterwards.
@@ -301,7 +301,7 @@ LOCAL(8)                                                              LOCAL(8)
        Depending on the setting of the notify_classes parameter, the  postmas-
        ter is notified of bounces and of other trouble.
 
-SECURITY
+SECURITY
        The  local(8)  delivery agent needs a dual personality 1) to access the
        private Postfix queue and IPC mechanisms, 2) to impersonate the recipi-
        ent  and deliver to recipient-specified files or commands. It is there-
@@ -315,7 +315,7 @@ LOCAL(8)                                                              LOCAL(8)
        directly.  Before Postfix version 2.2, the local(8) delivery agent will
        terminate with a fatal error.
 
-BUGS
+BUGS
        For security reasons, the message delivery status of external  commands
        or  of  external  files is never checkpointed to file. As a result, the
        program may occasionally deliver more than once to a command or  exter-
@@ -325,7 +325,7 @@ LOCAL(8)                                                              LOCAL(8)
        The resulting mail forwarding loop is broken by the use of  the  Deliv-
        ered-To: message header.
 
-CONFIGURATION PARAMETERS
+CONFIGURATION PARAMETERS
        Changes  to  main.cf are picked up automatically, as local(8) processes
        run for only a limited amount of time. Use the command "postfix reload"
        to speed up a change.
@@ -333,7 +333,7 @@ LOCAL(8)                                                              LOCAL(8)
        The  text  below provides only a parameter summary. See postconf(5) for
        more details including examples.
 
-COMPATIBILITY CONTROLS
+COMPATIBILITY CONTROLS
        biff (yes)
               Whether or not to use the local biff service.
 
@@ -377,16 +377,18 @@ LOCAL(8)                                                              LOCAL(8)
               status code or explanatory text of  successful  or  unsuccessful
               deliveries.
 
-DELIVERY METHOD CONTROLS
+DELIVERY METHOD CONTROLS
        The  precedence  of  local(8)  delivery  methods  from  high to low is:
        aliases,  .forward  files,  mailbox_transport_maps,  mailbox_transport,
        mailbox_command_maps,  mailbox_command, home_mailbox, mail_spool_direc-
        tory, fallback_transport_maps, fallback_transport, and luser_relay.
 
        alias_maps (see 'postconf -d' output)
-              Optional lookup tables with aliases that apply only to  local(8)
-              recipients;  this is unlike virtual_alias_maps that apply to all
-              recipients: local(8), virtual, and remote.
+              Optional lookup tables that are  searched  only  with  an  email
+              address  localpart  (no  domain) and that apply only to local(8)
+              recipients; this is unlike  virtual_alias_maps  that  are  often
+              searched  with  a full email address (including domain) and that
+              apply to all recipients: local(8), virtual, and remote.
 
        forward_path (see 'postconf -d' output)
               The local(8) delivery agent search list for finding  a  .forward
@@ -436,7 +438,7 @@ LOCAL(8)                                                              LOCAL(8)
               The  local(8)  delivery  agent working directory for delivery to
               external commands.
 
-MAILBOX LOCKING CONTROLS
+MAILBOX LOCKING CONTROLS
        deliver_lock_attempts (20)
               The maximal number of attempts to acquire an exclusive lock on a
               mailbox file or bounce(8) logfile.
@@ -453,7 +455,7 @@ LOCAL(8)                                                              LOCAL(8)
               How  to  lock  a  UNIX-style  local(8) mailbox before attempting
               delivery.
 
-RESOURCE AND RATE CONTROLS
+RESOURCE AND RATE CONTROLS
        command_time_limit (1000s)
               Time limit for delivery to external commands.
 
@@ -479,7 +481,7 @@ LOCAL(8)                                                              LOCAL(8)
               The  maximal  number  of recipients per message delivery via the
               local mail delivery transport.
 
-SECURITY CONTROLS
+SECURITY CONTROLS
        allow_mail_to_commands (alias, forward)
               Restrict local(8) mail delivery to external commands.
 
@@ -511,7 +513,7 @@ LOCAL(8)                                                              LOCAL(8)
               Defer  delivery  when a mailbox file is not owned by its recipi-
               ent.
 
-MISCELLANEOUS CONTROLS
+MISCELLANEOUS CONTROLS
        config_directory (see 'postconf -d' output)
               The default location of the Postfix main.cf and  master.cf  con-
               figuration files.
@@ -593,13 +595,13 @@ LOCAL(8)                                                              LOCAL(8)
               The  email  address  form that will be used in non-debug logging
               (info, warning, etc.).
 
-FILES
+FILES
        The following are examples; details differ between systems.
        $HOME/.forward, per-user aliasing
        /etc/aliases, system-wide alias database
        /var/spool/mail, system mailboxes
 
-SEE ALSO
+SEE ALSO
        qmgr(8), queue manager
        bounce(8), delivery status reports
        newaliases(1), create/update alias database
@@ -610,10 +612,10 @@ LOCAL(8)                                                              LOCAL(8)
        postlogd(8), Postfix logging
        syslogd(8), system logging
 
-LICENSE
+LICENSE
        The Secure Mailer license must be distributed with this software.
 
-HISTORY
+HISTORY
        The Delivered-To: message header appears in the qmail system by  Daniel
        Bernstein.
 
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 4466acac7..f4d9341d8 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -7,15 +7,15 @@
   
 SMTPD(8)                                                              SMTPD(8)
 
-NAME
+NAME
        smtpd - Postfix SMTP server
 
-SYNOPSIS
+SYNOPSIS
        smtpd [generic Postfix daemon options]
 
        sendmail -bs
 
-DESCRIPTION
+DESCRIPTION
        The  SMTP  server accepts network connection requests and performs zero
        or more SMTP transactions per connection.   Each  received  message  is
        piped  through  the  cleanup(8) daemon, and is placed into the incoming
@@ -35,12 +35,12 @@ SMTPD(8)                                                              SMTPD(8)
        RCPT TO commands. They are detailed below and in the main.cf configura-
        tion file.
 
-SECURITY
+SECURITY
        The SMTP server is moderately  security-sensitive.  It  talks  to  SMTP
        clients  and  to DNS servers on the network. The SMTP server can be run
        chrooted at fixed low privilege.
 
-STANDARDS
+STANDARDS
        RFC 821 (SMTP protocol)
        RFC 1123 (Host requirements)
        RFC 1652 (8bit-MIME transport)
@@ -63,14 +63,14 @@ SMTPD(8)                                                              SMTPD(8)
        RFC 6533 (Internationalized Delivery Status Notifications)
        RFC 7505 ("Null MX" No Service Resource Record)
 
-DIAGNOSTICS
+DIAGNOSTICS
        Problems and transactions are logged to syslogd(8) or postlogd(8).
 
        Depending on the setting of the notify_classes parameter, the  postmas-
        ter  is  notified of bounces, protocol problems, policy violations, and
        of other trouble.
 
-CONFIGURATION PARAMETERS
+CONFIGURATION PARAMETERS
        Changes to main.cf are picked up automatically, as  smtpd(8)  processes
        run for only a limited amount of time. Use the command "postfix reload"
        to speed up a change.
@@ -78,7 +78,7 @@ SMTPD(8)                                                              SMTPD(8)
        The text below provides only a parameter summary. See  postconf(5)  for
        more details including examples.
 
-COMPATIBILITY CONTROLS
+COMPATIBILITY CONTROLS
        The  following  parameters  work  around implementation errors in other
        software, and/or allow you to override standards in  order  to  prevent
        undesirable use.
@@ -190,7 +190,7 @@ SMTPD(8)                                                              SMTPD(8)
               DATA  and  BDAT  requests,  when  deadlines  are  enabled   with
               smtpd_per_request_deadline.
 
-ADDRESS REWRITING CONTROLS
+ADDRESS REWRITING CONTROLS
        See  the ADDRESS_REWRITING_README document for a detailed discussion of
        Postfix address rewriting.
 
@@ -205,7 +205,7 @@ SMTPD(8)                                                              SMTPD(8)
               updating incomplete addresses with the domain name in  $myorigin
               or $mydomain, and adding missing headers.
 
-BEFORE-SMTPD PROXY AGENT
+BEFORE-SMTPD PROXY AGENT
        Available in Postfix version 2.10 and later:
 
        smtpd_upstream_proxy_protocol (empty)
@@ -216,7 +216,7 @@ SMTPD(8)                                                              SMTPD(8)
               The time  limit  for  the  proxy  protocol  specified  with  the
               smtpd_upstream_proxy_protocol parameter.
 
-AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
+AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
        As  of  version  1.0,  Postfix can be configured to send new mail to an
        external content filter AFTER the mail is queued. This  content  filter
        is  expected to inject mail back into a (Postfix or other) MTA for fur-
@@ -226,7 +226,7 @@ SMTPD(8)                                                              SMTPD(8)
               After the message is queued, send  the  entire  message  to  the
               specified transport:destination.
 
-BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
+BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS
        As  of  version  2.1, the Postfix SMTP server can be configured to send
        incoming mail to a real-time SMTP-based content filter BEFORE  mail  is
        queued.  This content filter is expected to inject mail back into Post-
@@ -248,7 +248,7 @@ SMTPD(8)                                                              SMTPD(8)
               The  time limit for connecting to a proxy filter and for sending
               or receiving information.
 
-BEFORE QUEUE MILTER CONTROLS
+BEFORE QUEUE MILTER CONTROLS
        As of version 2.3, Postfix supports the Sendmail version 8 Milter (mail
        filter)  protocol.  These content filters run outside Postfix. They can
        inspect the SMTP command  stream  and  the  message  content,  and  can
@@ -333,7 +333,7 @@ SMTPD(8)                                                              SMTPD(8)
               Lookup  tables  with  Milter  settings per remote SMTP client IP
               address.
 
-GENERAL CONTENT INSPECTION CONTROLS
+GENERAL CONTENT INSPECTION CONTROLS
        The following parameters are applicable for both built-in and  external
        content filters.
 
@@ -343,7 +343,7 @@ SMTPD(8)                                                              SMTPD(8)
               Enable or disable recipient validation, built-in content filter-
               ing, or address mapping.
 
-EXTERNAL CONTENT INSPECTION CONTROLS
+EXTERNAL CONTENT INSPECTION CONTROLS
        The following parameters  are  applicable  for  both  before-queue  and
        after-queue content filtering.
 
@@ -353,7 +353,7 @@ SMTPD(8)                                                              SMTPD(8)
               What  remote  SMTP  clients are allowed to use the XFORWARD fea-
               ture.
 
-SASL AUTHENTICATION CONTROLS
+SASL AUTHENTICATION CONTROLS
        Postfix SASL support (RFC 4954) can be used to authenticate remote SMTP
        clients  to  the  Postfix  SMTP server, and to authenticate the Postfix
        SMTP client to a remote SMTP server.  See the SASL_README document  for
@@ -377,7 +377,7 @@ SMTPD(8)                                                              SMTPD(8)
 
        smtpd_sender_login_maps (empty)
               Optional  lookup  table  with  the SASL login names that own the
-              sender (MAIL FROM) addresses.
+              envelope sender (MAIL FROM) addresses.
 
        Available in Postfix version 2.1 and later:
 
@@ -430,7 +430,7 @@ SMTPD(8)                                                              SMTPD(8)
               If  non-empty,  a  filter  for the SASL mechanism names that the
               Postfix SMTP server will announce in the EHLO response.
 
-STARTTLS SUPPORT CONTROLS
+STARTTLS SUPPORT CONTROLS
        Detailed information about STARTTLS configuration may be found  in  the
        TLS_README document.
 
@@ -612,8 +612,8 @@ SMTPD(8)                                                              SMTPD(8)
        Available in Postfix version 3.2 and later:
 
        tls_eecdh_auto_curves (see 'postconf -d' output)
-              The prioritized list of elliptic curves supported by the Postfix
-              SMTP client and server.
+              The  prioritized list of elliptic curves, that should be enabled
+              in the Postfix SMTP client and server.
 
        Available in Postfix version 3.4 and later:
 
@@ -655,7 +655,7 @@ SMTPD(8)                                                              SMTPD(8)
               instead of an X.509 certificate, when asking  for  or  requiring
               client authentication.
 
-OBSOLETE STARTTLS CONTROLS
+OBSOLETE STARTTLS CONTROLS
        The  following  configuration  parameters  exist for compatibility with
        Postfix versions before 2.3. Support for these will  be  removed  in  a
        future release.
@@ -673,7 +673,7 @@ SMTPD(8)                                                              SMTPD(8)
               Obsolete Postfix < 2.3 control for the Postfix SMTP  server  TLS
               cipher list.
 
-SMTPUTF8 CONTROLS
+SMTPUTF8 CONTROLS
        Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 
        smtputf8_enable (yes)
@@ -694,7 +694,7 @@ SMTPD(8)                                                              SMTPD(8)
               IDNA2008, when converting UTF-8 domain names to/from  the  ASCII
               form that is used for DNS lookups.
 
-VERP SUPPORT CONTROLS
+VERP SUPPORT CONTROLS
        With  VERP  style delivery, each recipient of a message receives a cus-
        tomized copy of the message with his/her own recipient address  encoded
        in the envelope sender address.  The VERP_README file describes config-
@@ -722,7 +722,7 @@ SMTPD(8)                                                              SMTPD(8)
               What  remote  SMTP clients are allowed to specify the XVERP com-
               mand.
 
-TROUBLE SHOOTING CONTROLS
+TROUBLE SHOOTING CONTROLS
        The DEBUG_README document describes how to debug parts of  the  Postfix
        mail  system.  The  methods  vary from making the software log a lot of
        detail, to running some daemon processes under control of a call tracer
@@ -772,7 +772,7 @@ SMTPD(8)                                                              SMTPD(8)
               access lists (by default, the SMTP server logs "reject"  actions
               but not "permit" actions).
 
-KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS
+KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS
        As  of  Postfix  version  2.0, the SMTP server rejects mail for unknown
        recipients. This prevents the mail queue from clogging up with undeliv-
        erable  MAILER-DAEMON messages. Additional information on this topic is
@@ -878,7 +878,7 @@ SMTPD(8)                                                              SMTPD(8)
               specifies a list of lookup tables that does not match the recip-
               ient address.
 
-RESOURCE AND RATE CONTROLS
+RESOURCE AND RATE CONTROLS
        The following parameters limit resource usage by the SMTP server and/or
        control client request rates.
 
@@ -1014,7 +1014,7 @@ SMTPD(8)                                                              SMTPD(8)
               The numerical Postfix SMTP server response code when rejecting a
               request with "smtpd_forbid_bare_newline = reject".
 
-TARPIT CONTROLS
+TARPIT CONTROLS
        When  a  remote  SMTP  client makes errors, the Postfix SMTP server can
        insert delays before responding. This can help to  slow  down  run-away
        software.   The  behavior is controlled by an error counter that counts
@@ -1049,7 +1049,7 @@ SMTPD(8)                                                              SMTPD(8)
               before  the Postfix SMTP server increments the per-session error
               count for each excess recipient.
 
-ACCESS POLICY DELEGATION CONTROLS
+ACCESS POLICY DELEGATION CONTROLS
        As of version 2.1, Postfix can be configured to delegate access  policy
        decisions  to  an  external  server that runs outside Postfix.  See the
        file SMTPD_POLICY_README for more information.
@@ -1092,7 +1092,7 @@ SMTPD(8)                                                              SMTPD(8)
               (originally, to share the same service endpoint  among  multiple
               check_policy_service clients).
 
-ACCESS CONTROLS
+ACCESS CONTROLS
        The  SMTPD_ACCESS_README document gives an introduction to all the SMTP
        server access control features.
 
@@ -1186,7 +1186,7 @@ SMTPD(8)                                                              SMTPD(8)
               server applies in the context of the  RCPT  TO  command,  before
               smtpd_recipient_restrictions.
 
-SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS
+SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS
        Postfix  version  2.1 introduces sender and recipient address verifica-
        tion.  This feature is implemented by sending probe email messages that
        are  not  actually  delivered.   This  feature  is  requested  via  the
@@ -1249,7 +1249,7 @@ SMTPD(8)                                                              SMTPD(8)
               The  time  between  changes  in  the  time-dependent  portion of
               address verification probe sender addresses.
 
-ACCESS CONTROL RESPONSES
+ACCESS CONTROL RESPONSES
        The following parameters control numerical SMTP reply codes and/or text
        responses.
 
@@ -1338,7 +1338,7 @@ SMTPD(8)                                                              SMTPD(8)
               reject_unknown_sender_domain or  reject_unknown_recipient_domain
               fail due to a temporary error condition.
 
-MISCELLANEOUS CONTROLS
+MISCELLANEOUS CONTROLS
        config_directory (see 'postconf -d' output)
               The  default  location of the Postfix main.cf and master.cf con-
               figuration files.
@@ -1432,7 +1432,7 @@ SMTPD(8)                                                              SMTPD(8)
               Lookup  tables,  indexed by the complete Postfix SMTP server 4xx
               or 5xx response, with reject footer templates.
 
-SEE ALSO
+SEE ALSO
        anvil(8), connection/rate limiting
        cleanup(8), message canonicalization
        tlsmgr(8), TLS session and PRNG management
@@ -1444,7 +1444,7 @@ SMTPD(8)                                                              SMTPD(8)
        postlogd(8), Postfix logging
        syslogd(8), system logging
 
-README FILES
+README FILES
        ADDRESS_CLASS_README, blocking unknown hosted or relay recipients
        ADDRESS_REWRITING_README, Postfix address manipulation
        BDAT_README, Postfix CHUNKING support
@@ -1460,7 +1460,7 @@ SMTPD(8)                                                              SMTPD(8)
        XCLIENT_README, Postfix XCLIENT extension
        XFORWARD_README, Postfix XFORWARD extension
 
-LICENSE
+LICENSE
        The Secure Mailer license must be distributed with this software.
 
 AUTHOR(S)
diff --git a/postfix/html/tlsproxy.8.html b/postfix/html/tlsproxy.8.html
index 615a2222c..feb4f5591 100644
--- a/postfix/html/tlsproxy.8.html
+++ b/postfix/html/tlsproxy.8.html
@@ -7,13 +7,13 @@
   
 TLSPROXY(8)                                                        TLSPROXY(8)
 
-NAME
+NAME
        tlsproxy - Postfix TLS proxy
 
-SYNOPSIS
+SYNOPSIS
        tlsproxy [generic Postfix daemon options]
 
-DESCRIPTION
+DESCRIPTION
        The  tlsproxy(8)  server  implements a two-way TLS proxy. It is used by
        the postscreen(8) server to talk SMTP-over-TLS with remote SMTP clients
        that  are not allowlisted (including clients whose allowlist status has
@@ -24,7 +24,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        same time, it is a good idea  to  allow  the  number  of  processes  to
        increase with load, so that the service remains responsive.
 
-PROTOCOL EXAMPLE
+PROTOCOL EXAMPLE
        The  example  below  concerns  postscreen(8).  However, the tlsproxy(8)
        server is agnostic of the application protocol, and the example is eas-
        ily adapted to other applications.
@@ -40,15 +40,15 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        of  the  TLS-level  handshake, tlsproxy(8) translates between plaintext
        from/to postscreen(8) and ciphertext to/from the remote SMTP client.
 
-SECURITY
+SECURITY
        The tlsproxy(8) server is moderately security-sensitive.  It  talks  to
        untrusted  clients  on  the network. The process can be run chrooted at
        fixed low privilege.
 
-DIAGNOSTICS
+DIAGNOSTICS
        Problems and transactions are logged to syslogd(8) or postlogd(8).
 
-CONFIGURATION PARAMETERS
+CONFIGURATION PARAMETERS
        Changes to main.cf are not picked up automatically, as tlsproxy(8) pro-
        cesses  may run for a long time depending on mail server load.  Use the
        command "postfix reload" to speed up a change.
@@ -56,7 +56,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        The text below provides only a parameter summary. See  postconf(5)  for
        more details including examples.
 
-STARTTLS GLOBAL CONTROLS
+STARTTLS GLOBAL CONTROLS
        The  following settings are global and therefore cannot be overruled by
        information specified in a tlsproxy(8) client request.
 
@@ -137,8 +137,8 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        Available in Postfix version 3.2 and later:
 
        tls_eecdh_auto_curves (see 'postconf -d' output)
-              The prioritized list of elliptic curves supported by the Postfix
-              SMTP client and server.
+              The prioritized list of elliptic curves, that should be  enabled
+              in the Postfix SMTP client and server.
 
        Available in Postfix version 3.4 and later:
 
@@ -169,7 +169,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
               The application name passed by Postfix to OpenSSL  library  ini-
               tialization functions.
 
-STARTTLS SERVER CONTROLS
+STARTTLS SERVER CONTROLS
        These  settings are clones of Postfix SMTP server settings.  They allow
        tlsproxy(8) to load the same certificate and private key information as
        the  Postfix  SMTP  server, before dropping privileges, so that the key
@@ -287,7 +287,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
               instead of an X.509 certificate, when asking or requiring client
               authentication.
 
-STARTTLS CLIENT CONTROLS
+STARTTLS CLIENT CONTROLS
        These settings are clones of Postfix SMTP client settings.  They  allow
        tlsproxy(8) to load the same certificate and private key information as
        the Postfix SMTP client, before dropping privileges, so  that  the  key
@@ -381,7 +381,7 @@ TLSPROXY(8)                                                        TLSPROXY(8)
               Optional  lookup  tables with the Postfix tlsproxy(8) client TLS
               security policy by next-hop destination.
 
-OBSOLETE STARTTLS SUPPORT CONTROLS
+OBSOLETE STARTTLS SUPPORT CONTROLS
        These parameters are supported for compatibility with  smtpd(8)  legacy
        parameters.
 
@@ -400,12 +400,12 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        tlsproxy_client_enforce_tls ($smtp_enforce_tls)
               Enforcement mode: require that SMTP servers use TLS  encryption.
 
-RESOURCE CONTROLS
+RESOURCE CONTROLS
        tlsproxy_watchdog_timeout (10s)
               How much time a tlsproxy(8) process may take to process local or
               remote I/O before it is terminated by a built-in watchdog timer.
 
-MISCELLANEOUS CONTROLS
+MISCELLANEOUS CONTROLS
        config_directory (see 'postconf -d' output)
               The  default  location of the Postfix main.cf and master.cf con-
               figuration files.
@@ -428,17 +428,17 @@ TLSPROXY(8)                                                        TLSPROXY(8)
        service_name (read-only)
               The master.cf service name of a Postfix daemon process.
 
-SEE ALSO
+SEE ALSO
        postscreen(8), Postfix zombie blocker
        smtpd(8), Postfix SMTP server
        postconf(5), configuration parameters
        postlogd(8), Postfix logging
        syslogd(8), system logging
 
-LICENSE
+LICENSE
        The Secure Mailer license must be distributed with this software.
 
-HISTORY
+HISTORY
        This service was introduced with Postfix version 2.8.
 
 AUTHOR(S)
diff --git a/postfix/man/man5/aliases.5 b/postfix/man/man5/aliases.5
index 2a18e579e..c06f513de 100644
--- a/postfix/man/man5/aliases.5
+++ b/postfix/man/man5/aliases.5
@@ -175,9 +175,11 @@ The text below provides only a parameter summary. See
 The alias databases for \fBlocal\fR(8) delivery that are updated with
 "\fBnewaliases\fR" or with "\fBsendmail \-bi\fR".
 .IP "\fBalias_maps (see 'postconf -d' output)\fR"
-Optional lookup tables with aliases that apply only to \fBlocal\fR(8)
-recipients; this is unlike virtual_alias_maps that apply to all
-recipients: \fBlocal\fR(8), virtual, and remote.
+Optional lookup tables that are searched only with an email address
+localpart (no domain) and that apply only to \fBlocal\fR(8) recipients;
+this is unlike virtual_alias_maps that are often searched with a
+full email address (including domain) and that apply to all recipients:
+\fBlocal\fR(8), virtual, and remote.
 .IP "\fBallow_mail_to_commands (alias, forward)\fR"
 Restrict \fBlocal\fR(8) mail delivery to external commands.
 .IP "\fBallow_mail_to_files (alias, forward)\fR"
diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8
index 0f4ee68b9..f309f5d19 100644
--- a/postfix/man/man8/cleanup.8
+++ b/postfix/man/man8/cleanup.8
@@ -329,8 +329,10 @@ remote domains.
 .PP
 Available in Postfix version 2.0 and later:
 .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
-Optional lookup tables with aliases that apply to all recipients:
-\fBlocal\fR(8), virtual, and remote; this is unlike alias_maps that apply
+Optional lookup tables that are often searched with a full email
+address (including domain) and that apply to all recipients: \fBlocal\fR(8),
+virtual, and remote; this is unlike alias_maps that are only searched
+with an email address localpart (no domain) and that apply
 only to \fBlocal\fR(8) recipients.
 .PP
 Available in Postfix version 2.2 and later:
diff --git a/postfix/man/man8/local.8 b/postfix/man/man8/local.8
index 84736cb29..af11a607d 100644
--- a/postfix/man/man8/local.8
+++ b/postfix/man/man8/local.8
@@ -452,9 +452,11 @@ mailbox_transport, mailbox_command_maps, mailbox_command,
 home_mailbox, mail_spool_directory, fallback_transport_maps,
 fallback_transport, and luser_relay.
 .IP "\fBalias_maps (see 'postconf -d' output)\fR"
-Optional lookup tables with aliases that apply only to \fBlocal\fR(8)
-recipients; this is unlike virtual_alias_maps that apply to all
-recipients: \fBlocal\fR(8), virtual, and remote.
+Optional lookup tables that are searched only with an email address
+localpart (no domain) and that apply only to \fBlocal\fR(8) recipients;
+this is unlike virtual_alias_maps that are often searched with a
+full email address (including domain) and that apply to all recipients:
+\fBlocal\fR(8), virtual, and remote.
 .IP "\fBforward_path (see 'postconf -d' output)\fR"
 The \fBlocal\fR(8) delivery agent search list for finding a .forward
 file with user\-specified delivery methods.
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index fdfe4862d..266322273 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -357,7 +357,8 @@ the list of available
 features depends on the SASL server implementation that is selected
 with \fBsmtpd_sasl_type\fR.
 .IP "\fBsmtpd_sender_login_maps (empty)\fR"
-Optional lookup table with the SASL login names that own the sender
+Optional lookup table with the SASL login names that own the
+envelope sender
 (MAIL FROM) addresses.
 .PP
 Available in Postfix version 2.1 and later:
@@ -542,8 +543,8 @@ Algorithm used to encrypt RFC5077 TLS session tickets.
 .PP
 Available in Postfix version 3.2 and later:
 .IP "\fBtls_eecdh_auto_curves (see 'postconf -d' output)\fR"
-The prioritized list of elliptic curves supported by the Postfix
-SMTP client and server.
+The prioritized list of elliptic curves, that should be enabled in the
+Postfix SMTP client and server.
 .PP
 Available in Postfix version 3.4 and later:
 .IP "\fBsmtpd_tls_chain_files (empty)\fR"
diff --git a/postfix/man/man8/tlsproxy.8 b/postfix/man/man8/tlsproxy.8
index 4677dc4f1..53010ac56 100644
--- a/postfix/man/man8/tlsproxy.8
+++ b/postfix/man/man8/tlsproxy.8
@@ -139,8 +139,8 @@ The location of the OpenSSL command line program \fBopenssl\fR(1).
 .PP
 Available in Postfix version 3.2 and later:
 .IP "\fBtls_eecdh_auto_curves (see 'postconf -d' output)\fR"
-The prioritized list of elliptic curves supported by the Postfix
-SMTP client and server.
+The prioritized list of elliptic curves, that should be enabled in the
+Postfix SMTP client and server.
 .PP
 Available in Postfix version 3.4 and later:
 .IP "\fBtls_server_sni_maps (empty)\fR"
diff --git a/postfix/mantools/man2html b/postfix/mantools/man2html
index 3f78eff49..aa9c88b1d 100755
--- a/postfix/mantools/man2html
+++ b/postfix/mantools/man2html
@@ -44,6 +44,19 @@ sed '
 		N
 		g
 	}
+
+	# Generate anchors for sections.
+	/^\([A-Z][-_A-Z0-9 ]*\)<\/b>/{
+		s//\1/
+		s/[ 	]*$//
+		h
+		y/ABCDEFGHIJKLMNOPQRSTUVWXYZ /abcdefghijklmnopqrstuvwxyz_/
+		s/^//
+		G
+		s/\n//
+		s;$;;
+	}
 ' "$@"
 
 echo '
  '
diff --git a/postfix/proto/aliases b/postfix/proto/aliases
index 696e76479..22e20e91e 100644
--- a/postfix/proto/aliases
+++ b/postfix/proto/aliases
@@ -159,9 +159,11 @@
 #	The alias databases for \fBlocal\fR(8) delivery that are updated with
 #	"\fBnewaliases\fR" or with "\fBsendmail -bi\fR".
 # .IP "\fBalias_maps (see 'postconf -d' output)\fR"
-#	Optional lookup tables with aliases that apply only to \fBlocal\fR(8)
-#	recipients; this is unlike virtual_alias_maps that apply to all
-#	recipients: \fBlocal\fR(8), virtual, and remote.
+#	Optional lookup tables that are searched only with an email address
+#	localpart (no domain) and that apply only to \fBlocal\fR(8) recipients;
+#	this is unlike virtual_alias_maps that are often searched with a
+#	full email address (including domain) and that apply to all recipients:
+#	\fBlocal\fR(8), virtual, and remote.
 # .IP "\fBallow_mail_to_commands (alias, forward)\fR"
 #	Restrict \fBlocal\fR(8) mail delivery to external commands.
 # .IP "\fBallow_mail_to_files (alias, forward)\fR"
diff --git a/postfix/proto/stop.double-history b/postfix/proto/stop.double-history
index 3a720a5d8..ea90445ac 100644
--- a/postfix/proto/stop.double-history
+++ b/postfix/proto/stop.double-history
@@ -132,3 +132,4 @@ proto  proto mysql_table proto pgsql_table proto ldap_table
  File postcat postcat c 
  Files src tls tls h src tls tls_dh c src tls tls_misc c 
  proto TLSRPT_README html proto postconf proto smtp smtp c 
+ proto aliases cleanup cleanup c local local c smtpd smtpd c 
diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c
index 5db42bd85..9f972a71f 100644
--- a/postfix/src/cleanup/cleanup.c
+++ b/postfix/src/cleanup/cleanup.c
@@ -303,8 +303,10 @@
 /* .PP
 /*	Available in Postfix version 2.0 and later:
 /* .IP "\fBvirtual_alias_maps ($virtual_maps)\fR"
-/*	Optional lookup tables with aliases that apply to all recipients:
-/*	\fBlocal\fR(8), virtual, and remote; this is unlike alias_maps that apply
+/*	Optional lookup tables that are often searched with a full email
+/*	address (including domain) and that apply to all recipients: \fBlocal\fR(8),
+/*	virtual, and remote; this is unlike alias_maps that are only searched
+/*	with an email address localpart (no domain) and that apply
 /*	only to \fBlocal\fR(8) recipients.
 /* .PP
 /*	Available in Postfix version 2.2 and later:
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 7eced915f..83a850805 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20240927"
+#define MAIL_RELEASE_DATE	"20240928"
 #define MAIL_VERSION_NUMBER	"3.10"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/local/local.c b/postfix/src/local/local.c
index 10b80824b..d9587cae4 100644
--- a/postfix/src/local/local.c
+++ b/postfix/src/local/local.c
@@ -416,9 +416,11 @@
 /*	home_mailbox, mail_spool_directory, fallback_transport_maps,
 /*	fallback_transport, and luser_relay.
 /* .IP "\fBalias_maps (see 'postconf -d' output)\fR"
-/*	Optional lookup tables with aliases that apply only to \fBlocal\fR(8)
-/*	recipients; this is unlike virtual_alias_maps that apply to all
-/*	recipients: \fBlocal\fR(8), virtual, and remote.
+/*	Optional lookup tables that are searched only with an email address
+/*	localpart (no domain) and that apply only to \fBlocal\fR(8) recipients;
+/*	this is unlike virtual_alias_maps that are often searched with a
+/*	full email address (including domain) and that apply to all recipients:
+/*	\fBlocal\fR(8), virtual, and remote.
 /* .IP "\fBforward_path (see 'postconf -d' output)\fR"
 /*	The \fBlocal\fR(8) delivery agent search list for finding a .forward
 /*	file with user-specified delivery methods.
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index 8c5ce4717..e7164da78 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -325,7 +325,8 @@
 /*	features depends on the SASL server implementation that is selected
 /*	with \fBsmtpd_sasl_type\fR.
 /* .IP "\fBsmtpd_sender_login_maps (empty)\fR"
-/*	Optional lookup table with the SASL login names that own the sender
+/*	Optional lookup table with the SASL login names that own the
+/*	envelope sender
 /*	(MAIL FROM) addresses.
 /* .PP
 /*	Available in Postfix version 2.1 and later:
@@ -508,8 +509,8 @@
 /* .PP
 /*	Available in Postfix version 3.2 and later:
 /* .IP "\fBtls_eecdh_auto_curves (see 'postconf -d' output)\fR"
-/*	The prioritized list of elliptic curves supported by the Postfix
-/*	SMTP client and server.
+/*	The prioritized list of elliptic curves, that should be enabled in the
+/*	Postfix SMTP client and server.
 /* .PP
 /*	Available in Postfix version 3.4 and later:
 /* .IP "\fBsmtpd_tls_chain_files (empty)\fR"
diff --git a/postfix/src/tlsproxy/tlsproxy.c b/postfix/src/tlsproxy/tlsproxy.c
index 1bf449d37..341311027 100644
--- a/postfix/src/tlsproxy/tlsproxy.c
+++ b/postfix/src/tlsproxy/tlsproxy.c
@@ -123,8 +123,8 @@
 /* .PP
 /*	Available in Postfix version 3.2 and later:
 /* .IP "\fBtls_eecdh_auto_curves (see 'postconf -d' output)\fR"
-/*	The prioritized list of elliptic curves supported by the Postfix
-/*	SMTP client and server.
+/*	The prioritized list of elliptic curves, that should be enabled in the
+/*	Postfix SMTP client and server.
 /* .PP
 /*	Available in Postfix version 3.4 and later:
 /* .IP "\fBtls_server_sni_maps (empty)\fR"