mir/postfix
2
0
Fork 0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-29 13:18:12 +00:00
Code Issues Releases Wiki Activity

postfix-2.12-20140625

Browse Source
This commit is contained in:
Wietse Venema 2014-06-25 00:00:00 -05:00 committed by Viktor Dukhovni
parent f69b42d56f
commit f9922d6a8a
49 changed files with 1942 additions and 851 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
postfix/HISTORY
View File

@ -19919,3 +19919,107 @@ Apologies for any names omitted.
Cleanup: INFO action in access(5) tables, for consistency
with header/body_checks. Viktor Dukhovni. Files:
smtpd/smtpd_check.c, proto/access.
20140619
Cleanup: process LaMont Jones feedback for shared-library
and database-plugin builds. Changes: 1) move non-executable
files from $daemon_directory to the default $config_directory
(postfix-files*, dynamicmaps.cf*, main.cf.proto/master.cf.proto
for multi-instance support); 2) add foo.so -> foo.so.version
symlinks; 3) change $shlib_directory and $plugin_directory
defaults to /usr/lib/postfix to reduce sprawl. Files:
conf/main.cf.proto, conf/master.cf.proto, conf/postfix-files.proto,
conf/post-install, conf/postmulti-script, makedefs,
postfix-install, proto/INSTALL.html, global/dynamicmaps.c,
global/dynamicmaps.h, global/mail_dict.c, global/mail_params.h,
postmulti/postmulti.c.
Bugfix (introduced: 2001): qmqpd null pointer bug when it
logs a lost connection while not in a mail transaction.
Reported by Michal Adamek. File: qmqpd/qmqpd.c.
Cleanup: filter non-printable characters in X509 subject
or issuer names. Viktor Dukhovni. File: tls/tls_server.c.
20140620
Cleanup: for compliance with file system policies, some
files have been moved from $daemon-directory to the directory
specified with the new meta_directory parameter which has
the same default value as config_directory. This change
affects non-executable files that are shared among multiple
Postfix instances, such as postfix-files, dynamicmaps.cf,
and multi-instance template files.
For backwards compatibility with Postfix 2.6..2.11, specify
"meta_directory = $daemon_directory" in main.cf before
installing Postfix, or specify "meta_directory = /path/name"
on the "make makefiles", "make install" or "make upgrade"
command line.
Files: Makefile.in, RELEASE_NOTES, conf/post-install,
conf/postfix-files.proto, conf/postmulti-script, makedefs,
mantools/postlink, postfix-install, proto/INSTALL.html,
proto/postconf.proto, global/mail_params.c, global/mail_params.h,
postfix/postfix.c, postmulti/postmulti.c.
Feature: check_xxx_a_access (for xxx in client, reverse_client,
helo, sender, recipient) implements access control on all
A and AAAA IP addresses for the client hostname, helo
parameter, sender domain or recipient domain. Some spam has
sender domains with the same IP address but different MX
hosts. Files: global/mail_params.h, smtpd/smtpd_check.c,
proto/postconf.proto.
20140622
Cleanup: eliminated plugin_directory to reduce configuration
parameter sprawl. Files: Makefile.in, RELEASE_NOTES,
conf/post-install, conf/postfix-files.proto, conf/postfix-script,
conf/postmulti-script, makedefs, mantools/postlink,
postfix-install, proto/INSTALL.html, proto/postconf.proto,
global/Makefile.in, global/mail_dict.c, global/mail_params.c,
global/mail_params.h, global/mail_version.h, postfix/postfix.c,
postmulti/postmulti.c, smtpd/smtpd_check.c, util/Makefile.in.
20140623
Cleanup: eliminated the use of Postfix release versions as
file name suffixes for shared libraries, database plugins
and dynamicmaps.cf. The shared-library version suffixes
were fighting against assumptions and conventions in run-time
linkers, including the assumption that ABIs are preserved
from one version to the next. The Postfix version can now
be embedded in the shlib_directory parameter. As this is
sufficient to permit upgrade of a running Postfix system
without risking that old binaries will link against newer
shared objects, we no longer need a version suffix for
dynamicmaps.cf. Files: Makefile.in, RELEASE_NOTES,
conf/postfix-files.proto, makedefs, proto/INSTALL.html,
proto/postconf.proto, global/mail_params.h, global/mail_version.h,
20140624
Cleanup: the commands "make (makefiles|install|upgrade|package)
parameter=value" now replace the string MAIL_VERSION in a
configuration parameter value with the Postfix release
version. Unfortunately, the more obvious approach, a
parameter value with the unexpanded '$mail_version', produces
inconsistent results with different make implementations.
Files: makedefs, Makefile.in, postfix-install, proto/INSTALL.html,
proto/PACKAGE_README.html
Cleanup: postmulti now requires "postmulti -e init" before
accepting other multi-instance requests. Viktor Dukhovni.
File: conf/postmulti-script.
20140625
Kludge: moved dict_db_cache_size away from dict_db.c in
preparation for Berkeley DB database plugin support (a
similar kludge was implemented for LMDB). Files:
util/dict_db.[hc], util/dict_test.c, global/mail_params.c.
Cleanup: don't leak build directory information via SHLIB_ENV
in makedefs.out. Files: Makefile.in, conf/postfix-files.

231
postfix/INSTALL
View File

@ -155,55 +155,69 @@ Postfix shared-library and database plugin support exists for recent versions
of Linux, FreeBSD and MacOS X. Shared-library builds may become the default at
some point in the future.
Overview of topics:
* 4.3.1 Turning on Postfix shared-library support
* 4.3.2 Turning on Postfix database-plugin support
* 4.3.3 Customizing Postfix shared libraries and database plugins
* 4.4.4 Tips for distribution maintainers
Note: directories with Postfix shared libraries or database plugins should
contain only postfix-related files. Postfix shared libraries and database
plugins should not be installed in a "public" system directory such as /usr/lib
or /usr/local/lib. Linking Postfix shared-library or database-plugin files into
non-Postfix programs is not supported. Postfix shared libraries and database
plugins implement a Postfix-internal API that changes without maintaining
compatibility.
4.3.1 Turning on Postfix shared-library support
Postfix can be built with Postfix shared libraries (files typically named
libpostfix-*.so.*). Postfix shared libraries add minor run-time overhead and
libpostfix-*.so). Postfix shared libraries add minor run-time overhead and
result in significantly-smaller Postfix executable files.
Specify "shared=yes" on the "make makefiles" command line to build Postfix with
shared-library support.
$ make makefiles shared=yes ...other arguments...
$ make makefiles shared=no ...other arguments...
$ make
This defaults to installing shared libraries in /usr/local/lib, typically with
names like libpostfix-name.so.version, where the name is a source-code
directory name such as "util" or "global", and the version is the Postfix
version: x.y.z for stable releases, x.y-date for snapshot (development)
releases, or x.y-date-nonprod for non-production releases.
(Specify "make makefiles shared=no" to explicitly disable Postfix shared-
library support).
To override the default location or shared-library version, specify, for
example:
This installs shared libraries in $shlib_directory, typically, /usr/lib/
postfix/version or /usr/local/lib/postfix/version, with names like libpostfix-
name.so, where the name is a source-code directory name such as "util" or
"global", and the version is the Postfix release version: x.y.z for stable
releases, x.y-date for snapshot (development) releases, or x.y-date-nonprod for
non-production releases.
$ make makefiles shared=yes shlib_directory=/usr/lib \
SHLIB_VERSION=1 ...other arguments...
See section 4.3.3 "Customizing Postfix shared libraries and database plugins"
below for how to customize the Postfix shared-library location and version.
You can change the shlib_directory setting after Postfix is built, with "make
install" or "make upgrade". However, you may have to run ldconfig if you change
shlib_directory after Postfix is built and install the libpostfix-*.so.* files
in a non-system directory. No ldconfig is needed if you keep the libpostfix-
*.so.* files in the compiled-in default $shlib_directory location.
4.3.2 Turning on Postfix database-plugin support
Additionally, Postfix can be built to support dynamic loading of Postfix
database clients with the Debian-style dynamicmaps feature. Postfix 2.12
supports dynamic loading of cdb:, ldap:, lmdb:, mysql:, pcre:, pgsql:, sdbm:,
and sqlite: database clients. Dynamic loading is useful when you distribute or
install pre-compiled Postfix packages.
database clients (database plugins) with the Debian-style dynamicmaps feature.
Postfix 2.12 supports dynamic loading of cdb:, ldap:, lmdb:, mysql:, pcre:,
pgsql:, sdbm:, and sqlite: database clients. Dynamic loading is useful when you
distribute or install pre-compiled Postfix packages.
Specify "dynamicmaps=yes" on the "make makefiles" command line to build Postfix
with support to dynamically load Postfix database clients (database plugins)
with the Debian-style dynamicmaps feature.
with support to dynamically load Postfix database clients with the Debian-style
dynamicmaps feature.
$ make makefiles dynamicmaps=yes ...other arguments...
$ make makefiles dynamicmaps=no ...other arguments...
$ make
This implicitly enables shared-library support, and defaults to installing
dynamicmaps.cf and database plugins in /usr/libexec/postfix. Database plugins
are typically named postfix-type.so.version where the type is a database type
such as "cdb" or "ldap", and where the version is the same as for Postfix
shared libraries. The installed dynamicmaps.cf configuration file is given a
suffix with the same version.
(Specify "make makefiles dynamicmaps=no" to explicitly disable Postfix
database-plugin support).
This implicitly enables shared-library support, installs the configuration file
dynamicmaps.cf in $meta_directory (usually, /etc/postfix or /usr/local/etc/
postfix), and installs database plugins in $shlib_directory (see above).
Database plugins are named postfix-type.so where the type is a database type
such as "cdb" or "ldap".
NOTE: The Postfix 2.12 build procedure expects that you specify database
library dependencies with variables named AUXLIBS_CDB, AUXLIBS_LDAP, etc.
@ -217,50 +231,115 @@ suffix with the same version.
dependencies. And that was exactly what dynamic database client loading was
meant to avoid.
To override the default location or shared-library version, specify, for
See the next section for how to customize the location and version of Postfix
database plugins and the location of the file dynamicmaps.cf.
4.3.3 Customizing Postfix shared libraries and database plugins
Customizing the location of Postfix shared libraries and database plugins
As a reminder, the directories with Postfix shared libraries or database
plugins should contain only Postfix-related files. Linking these files into
other programs is not supported.
To override the default location of Postfix shared libraries and database
plugins specify, for example:
$ make makefiles shared=yes shlib_directory=/usr/local/lib/postfix ...
If you intend to upgrade Postfix without stopping the mail system, then you
should append the Postfix release version to the shlib_directory pathname, to
eliminate the possibility that programs from the old Postfix version will link
with files from the new Postfix version. For example:
$ make makefiles shared=yes \
shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
The command "make makefiles name=value..." will replace the string MAIL_VERSION
in a configuration parameter value with the Postfix release version. Do not try
to specify something like $mail_version on this command line. This produces
inconsistent results with different versions of the make(1) command.
You can change the shlib_directory setting after Postfix is built, with "make
install" or "make upgrade". However, you may have to run ldconfig if you change
shlib_directory after Postfix is built (the symptom is that Postfix programs
fail because the run-time linker cannot find the files libpostfix-*.so). No
ldconfig command is needed if you keep the files libpostfix-*.so in the
compiled-in default $shlib_directory location.
# make upgrade shlib_directory=/usr/local/lib/postfix ...
# make install shlib_directory=/usr/local/lib/postfix ...
To append the Postfix release version to the pathname if you intend to upgrade
Postfix without stopping the mail system:
# make upgrade shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
# make install shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
See also the comments above for appending MAIL_VERSION with the "make
makefiles" command.
Customizing the location of dynamicmaps.cf and other files
The meta_directory parameter has the same default setting as the
config_directory parameter, typically /etc/postfix or /usr/local/etc/postfix.
You can override the default meta_directory location at compile time or after
Postfix is built. To override the default location at compile time specify, for
example:
% make makefiles dynamicmaps=yes plugin_directory=/usr/lib/postfix \
SHLIB_VERSION=1 ...
% make makefiles meta_directory=/usr/libexec/postfix ...
You can also override the plugin_directory setting after Postfix is built, with
"make install" or "make upgrade". In this case, there is no need to run the
ldconfig command.
Here is a tip if you want to make a pathname dependent on the Postfix release
version: the command "make makefiles name=value..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the make(1)
command.
Tips for distribution maintainers:
You can override the meta_directory setting after Postfix is built, with "make
install" or "make upgrade".
* The postfix-install procedure creates a compatibility symlink
dynamicmaps.cf -> dynamicmaps.cf.version (as well as a symlink
dynamicmaps.cf.d -> dynamicmaps.cf.version.d; more on that below). It is
therefore safe to use "unversioned" configuration file names when
installing or deinstalling a database plugin. However, Postfix itself will
use the "versioned" names, to allow minor upgrades to happen without having
to stop Postfix.
# make upgrade meta_directory=/usr/libexec/postfix ...
# make install meta_directory=/usr/libexec/postfix ...
* The configuration file dynamicmaps.cf.version will automatically include
files under the directory dynamicmaps.cf.d.version, just like the
configuration file postfix-files will automatically include files under the
directory postfix-files.d. Thanks to this, you don't have to edit postfix-
files or dynamicmaps.cf, when installing or deinstalling a database plugin
package. Instead, each plugin can have its own configuration file.
As with the command "make makefiles, the command "make install/upgrade
name=value..." will replace the string MAIL_VERSION in a configuration
parameter value with the Postfix release version. Do not try to specify
something like $mail_version on this command line. This produces inconsistent
results with different versions of the make(1) command.
* The plugin_directory setting provides the default directory for shared-
library objects with a relative pathname in the file
dynamicmaps.cf.version.
4.4.4 Tips for distribution maintainers
* Each configuration file under the directory dynamicmaps.cf.d.version must
have a name that ends in ".cf" and must have the same format as the file
dynamicmaps.cf.version.
* The shlib_directory parameter setting also provides the default directory
for database plugin files with a relative pathname in the file
dynamicmaps.cf.
* The directory dynamicmaps.cf.d.version is the default directory for shared-
library objects with a relative pathname in the files
dynamicmaps.cf.d.version/*.cf. Thus, the directory dynamicmaps.cf.d.version
may contain both configuration files and shared-library object files.
Hence, the requirement that configuration file names must end in ".cf".
* The meta_directory parameter specifies the location of the files
dynamicmaps.cf, postfix-files, and some multi-instance template files. The
meta_directory parameter has the same default value as the config_directory
parameter (typically, /etc/postfix or /usr/local/etc/postfix). For
backwards compatibility with Postfix 2.6 .. 2.11, specify "meta_directory =
$daemon_directory" in main.cf before installing or upgrading Postfix, or
specify "meta_directory = /path/name" on the "make makefiles", "make
install" or "make upgrade" command line.
* The configuration file dynamicmaps.cf will automatically include files
under the directory dynamicmaps.cf.d, just like the configuration file
postfix-files will automatically include files under the directory postfix-
files.d. Thanks to this, you can install or deinstall a database plugin
package without having to edit postfix-files or dynamicmaps.cf. Instead,
you give that plugin its own configuration files dynamicmaps.cf.d and
postfix-files.d, and you add or remove those configuration files along with
the database plugin shared object.
* Each configuration file under the directory dynamicmaps.cf.d must have the
same format as the configuration file dynamicmaps.cf. There is no
requirement that these configuration file *names* have a specific format.
* Each configuration file under the directory postfix-files.d must have the
same format as the configuration file postfix-files. There is no
requirement that these configuration file names have a specific format.
requirement that these configuration file *names* have a specific format.
4.4 - Building with optional features
@ -306,6 +385,12 @@ directory other than /etc/postfix, use:
$ make makefiles config_directory=/some/where ...other arguments...
$ make
The command "make makefiles name=value ..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the make(1)
command.
Parameters whose defaults can be specified in this way are listed below. See
the postconf(5) manpage for a description (command: "nroff -man man/man5/
postconf.5 | less").
@ -329,9 +414,9 @@ postconf.5 | less").
|_____________________|____________________|
|manpage_directory |/usr/local/man |
|_____________________|____________________|
|newaliases_path |/usr/bin/newaliases |
|meta_directory |/etc/postfix |
|_____________________|____________________|
|plugin_directory |/usr/libexec/postfix|
|newaliases_path |/usr/bin/newaliases |
|_____________________|____________________|
|queue_directory |/var/spool/postfix |
|_____________________|____________________|
@ -339,7 +424,7 @@ postconf.5 | less").
|_____________________|____________________|
|sendmail_path |/usr/sbin/sendmail |
|_____________________|____________________|
|shlib_directory |/usr/local/lib |
|shlib_directory |/usr/lib/postfix |
|_____________________|____________________|
4.5.2 - All Postfix versions
@ -402,7 +487,7 @@ The following is an extensive list of names and values.
|Name/Value |Description |
|______________________________|______________________________________________|
| |Specifies one or more non-default object |
| |libraries. Postfix 2,12 and later specify some|
| |libraries. Postfix 2.12 and later specify some|
| |of their database library dependencies with |
|AUXLIBS="object_library..." |AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB, |
| |AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, |
@ -474,12 +559,6 @@ The following is an extensive list of names and values.
|OPT=optimization_level |The default is -O. Specify OPT= to turn off |
| |optimization. |
|______________________________|______________________________________________|
| |Specifies a non-default Postfix shared-library|
| |version number. The default is to use the |
|SHLIB_VERSION=version |Postfix version: X.Y.Z for stable releases, |
| |X.Y-DATE for snapshot releases, X.Y-DATE- |
| |nonprod for non-production releases. |
|______________________________|______________________________________________|
| |Specifies non-default gcc compiler warning |
|WARN="warning_flags..." |options for use when "make" is invoked in a |
| |source subdirectory only. |
@ -627,6 +706,16 @@ following commands as the super-user:
file from a previous installation. If the file does not exist, use
interactive installation ("make install") instead.
* If you specify name=value arguments on the "make install" or "make upgrade"
command line, then these will take precedence over compiled-in default
settings or main.cf settings.
The command "make install/upgrade name=value ..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the
make(1) command.
6.4 - Configure Postfix
Proceed to the section on how you wish to run Postfix on your particular

93
postfix/Makefile.in
View File

@ -1,6 +1,6 @@
SHELL = /bin/sh
WARN = -Wmissing-prototypes -Wformat -Wno-comment
OPTS = 'CC=$(CC)'
OPTS = 'WARN=$(WARN)'
DIRS = src/util src/global src/dns src/tls src/xsasl src/milter src/master \
src/postfix src/fsstone src/smtpstone \
src/sendmail src/error src/pickup src/cleanup src/smtpd src/local \
@ -12,20 +12,22 @@ DIRS = src/util src/global src/dns src/tls src/xsasl src/milter src/master \
src/postmulti src/postscreen src/dnsblog src/tlsproxy \
src/posttls-finger
MANDIRS = proto man html
LIBEXEC = libexec/post-install libexec/postfix-files libexec/postfix-script \
libexec/postfix-wrapper libexec/main.cf libexec/master.cf \
libexec/postmulti-script
PLUGINS = plugins/dynamicmaps.cf.$(SHLIB_VERSION)
LIBEXEC = libexec/post-install libexec/postfix-script libexec/postfix-wrapper \
libexec/postmulti-script libexec/post-install
PLUGINS = meta/dynamicmaps.cf
META = meta/main.cf.proto meta/master.cf.proto meta/postfix-files \
meta/makedefs.out $(PLUGINS)
EXPAND = sed -e "s;\$${LIB_PREFIX};$(LIB_PREFIX);" \
-e "s;\$${LIB_SUFFIX};$(LIB_SUFFIX);" \
-e "s;\$${SHLIB_VERSION};$(SHLIB_VERSION);"
-e "s;\$${LIB_SUFFIX};$(LIB_SUFFIX);"
SHLIB_DIR_OVERRIDE = \
$${shlib_directory:-`$(SHLIB_ENV) bin/postconf -dhx shlib_directory`}
default: update
# While generating the top-level Makefile, we must get the PLUGIN_DIR
# While generating the top-level Makefile, we must get the PLUGIN_LD
# setting directly from the latest makedefs.out result.
makefiles Makefiles:
makefiles Makefiles conf/makedefs.out:
(echo "# Do not edit -- this file documents how Postfix was built for your machine."; $(SHELL) makedefs) >makedefs.tmp
set +e; if cmp makedefs.tmp conf/makedefs.out; then rm makedefs.tmp; \
else mv makedefs.tmp conf/makedefs.out; fi >/dev/null 2>/dev/null
@ -33,11 +35,11 @@ makefiles Makefiles:
(set -e; echo "[$$i]"; cd $$i; rm -f Makefile; \
$(MAKE) -f Makefile.in Makefile MAKELEVEL=) || exit 1; \
done
set -- `grep '^PLUGIN_DIR' conf/makedefs.out`; \
@set -- `grep '^PLUGIN_LD' conf/makedefs.out`; \
rm -f Makefile; (cat conf/makedefs.out; \
case "$$3" in \
/*) cat Makefile.in;; \
*) grep -v '^PLUGINS' Makefile.in;; \
""|":") grep -v '^PLUGINS' Makefile.in;; \
*) cat Makefile.in;; \
esac) >Makefile
update printfck tests root_tests:
@ -45,31 +47,33 @@ update printfck tests root_tests:
(set -e; echo "[$$i]"; cd $$i; $(MAKE) $(OPTS) $@ MAKELEVEL=) || exit 1; \
done
update: $(LIBEXEC) $(PLUGINS)
libexec/makedefs.out: conf/makedefs.out
rm -f $@ && ln -f $? $@
update: $(META) $(LIBEXEC)
libexec/post-install: conf/post-install
rm -f $@ && ln -f $? $@
libexec/postfix-files: conf/postfix-files conf/makedefs.out Makefile
# Censor out build directory information.
meta/makedefs.out: conf/makedefs.out
grep -v SHLIB_ENV $? > $@
meta/postfix-files: conf/postfix-files conf/makedefs.out Makefile
rm -f $@
(if [ "${SHLIB_DIR}" = "no" -o "${SHLIB_DIR}" = "" ]; then \
(if [ "${SHLIB_DIR_OVERRIDE}" = "no" -o "${SHLIB_DIR}" = "" ]; then \
sed -e '/^\$$shlib_directory/d' \
-e '/^\$$plugin_directory/d' conf/postfix-files; \
elif [ "${PLUGIN_DIR}" = "no" -o "${PLUGIN_DIR}" = "" ]; then \
sed -e '/^\$$plugin_directory/d' conf/postfix-files | $(EXPAND); \
-e '/dynamicmaps.cf/d' conf/postfix-files; \
elif [ "${PLUGIN_LD}" = "" ]; then \
sed -e '/dynamicmaps.cf/d' \
-e '/^\$$shlib_directory\/\$${LIB_PREFIX}/d' \
conf/postfix-files | $(EXPAND); \
else \
$(EXPAND) conf/postfix-files | awk -F: ' \
BEGIN { \
count = split("'"$(DEFINED_MAP_TYPES)"'", names, " "); \
for (n = 1; n <= count; n++) \
have["$$plugin_directory/$(LIB_PREFIX)" names[n] \
have["$$shlib_directory/$(LIB_PREFIX)" names[n] \
"$(LIB_SUFFIX)"] = 1; } \
/^[$$]plugin_directory.dynamicmaps/ { \
print; next } \
/^[$$]plugin_directory.$(LIB_PREFIX)/ { \
/^[$$]shlib_directory.$(LIB_PREFIX)/ { \
if (have[$$1]) print; next } \
{ print } \
'; \
@ -83,16 +87,16 @@ libexec/postfix-script: conf/postfix-script
libexec/postfix-wrapper: conf/postfix-wrapper
rm -f $@ && ln -f $? $@
libexec/main.cf: conf/main.cf
meta/main.cf.proto: conf/main.cf
rm -f $@ && ln -f $? $@
libexec/master.cf: conf/master.cf
meta/master.cf.proto: conf/master.cf
rm -f $@ && ln -f $? $@
libexec/postmulti-script: conf/postmulti-script
rm -f $@ && ln -f $? $@
plugins/dynamicmaps.cf.$(SHLIB_VERSION): conf/dynamicmaps.cf Makefile
meta/dynamicmaps.cf: conf/dynamicmaps.cf Makefile
rm -f $@ && $(EXPAND) conf/dynamicmaps.cf | $(AWK) ' \
BEGIN { split("'"$(DEFINED_MAP_TYPES)"'", map_types); \
for (n in map_types) has_type[map_types[n]] = n } \
@ -107,26 +111,27 @@ manpages:
printfck: update
# The build-time shlib_directory/plugin_directory settings must take
# precedence over the installed main.cf settings, otherwise we can't
# update an installed system from dynamicmaps=yes<->dynamicmaps=no
# or from shared=yes<->shared=no.
# The build-time shlib_directory setting must take precedence over
# the installed main.cf settings, otherwise we can't update an
# installed system from dynamicmaps=yes<->dynamicmaps=no or from
# shared=yes<->shared=no.
install: update
$(SHLIB_ENV) shlib_directory=${SHLIB_DIR} plugin_directory=$(PLUGIN_DIR) \
$(SHELL) postfix-install
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install
package: update
$(SHLIB_ENV) shlib_directory=${SHLIB_DIR} plugin_directory=$(PLUGIN_DIR) \
$(SHELL) postfix-install -package
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -package
upgrade: update
$(SHLIB_ENV) shlib_directory=${SHLIB_DIR} plugin_directory=$(PLUGIN_DIR) \
$(SHELL) postfix-install -non-interactive
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive
non-interactive-package: update
$(SHLIB_ENV) shlib_directory=${SHLIB_DIR} plugin_directory=$(PLUGIN_DIR) \
$(SHELL) postfix-install -non-interactive -package
$(SHLIB_ENV) shlib_directory=$(SHLIB_DIR_OVERRIDE) $(SHELL) \
postfix-install -non-interactive -package
depend clean:
set -e; for i in $(DIRS); do \
@ -144,9 +149,9 @@ tidy: clean
cp Makefile.init Makefile
rm -f README_FILES/RELEASE_NOTES
ln -s ../RELEASE_NOTES README_FILES
rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* plugins/[!CRS]* \
src/*/libpostfix-*.so.* src/*/libpostfix-*.dylib.* \
src/*/postfix-*.so.* src/*/postfix-*.dylib.* \
rm -f bin/[!CRS]* lib/[!CRS]* include/[!CRS]* libexec/[!CRS]* \
src/*/libpostfix-*.so src/*/libpostfix-*.dylib \
src/*/postfix-*.so src/*/postfix-*.dylib \
junk */junk */*/junk \
*core */*core */*/*core \
.nfs* */.nfs* */*/.nfs* \
@ -160,7 +165,7 @@ tidy: clean
*.bak */*.bak */*/*.bak \
make.err */make.err */*/make.err \
*.gmon */*.gmon */*/*.gmon \
conf/main.cf.default conf/bounce.cf.default
conf/main.cf.default conf/bounce.cf.default meta/*
find . -type s -print | xargs rm -f
find . -type d -print | xargs chmod 755
find . -type f -print | xargs chmod a+r

231
postfix/README_FILES/INSTALL
View File

@ -155,55 +155,69 @@ Postfix shared-library and database plugin support exists for recent versions
of Linux, FreeBSD and MacOS X. Shared-library builds may become the default at
some point in the future.
Overview of topics:
* 4.3.1 Turning on Postfix shared-library support
* 4.3.2 Turning on Postfix database-plugin support
* 4.3.3 Customizing Postfix shared libraries and database plugins
* 4.4.4 Tips for distribution maintainers
Note: directories with Postfix shared libraries or database plugins should
contain only postfix-related files. Postfix shared libraries and database
plugins should not be installed in a "public" system directory such as /usr/lib
or /usr/local/lib. Linking Postfix shared-library or database-plugin files into
non-Postfix programs is not supported. Postfix shared libraries and database
plugins implement a Postfix-internal API that changes without maintaining
compatibility.
44..33..11 TTuurrnniinngg oonn PPoossttffiixx sshhaarreedd--lliibbrraarryy ssuuppppoorrtt
Postfix can be built with Postfix shared libraries (files typically named
libpostfix-*.so.*). Postfix shared libraries add minor run-time overhead and
libpostfix-*.so). Postfix shared libraries add minor run-time overhead and
result in significantly-smaller Postfix executable files.
Specify "shared=yes" on the "make makefiles" command line to build Postfix with
shared-library support.
$ make makefiles shared=yes ...other arguments...
$ make makefiles shared=no ...other arguments...
$ make
This defaults to installing shared libraries in /usr/local/lib, typically with
names like libpostfix-name.so.version, where the name is a source-code
directory name such as "util" or "global", and the version is the Postfix
version: x.y.z for stable releases, x.y-date for snapshot (development)
releases, or x.y-date-nonprod for non-production releases.
(Specify "make makefiles shared=no" to explicitly disable Postfix shared-
library support).
To override the default location or shared-library version, specify, for
example:
This installs shared libraries in $shlib_directory, typically, /usr/lib/
postfix/version or /usr/local/lib/postfix/version, with names like libpostfix-
name.so, where the name is a source-code directory name such as "util" or
"global", and the version is the Postfix release version: x.y.z for stable
releases, x.y-date for snapshot (development) releases, or x.y-date-nonprod for
non-production releases.
$ make makefiles shared=yes shlib_directory=/usr/lib \
SHLIB_VERSION=1 ...other arguments...
See section 4.3.3 "Customizing Postfix shared libraries and database plugins"
below for how to customize the Postfix shared-library location and version.
You can change the shlib_directory setting after Postfix is built, with "make
install" or "make upgrade". However, you may have to run ldconfig if you change
shlib_directory after Postfix is built and install the libpostfix-*.so.* files
in a non-system directory. No ldconfig is needed if you keep the libpostfix-
*.so.* files in the compiled-in default $shlib_directory location.
44..33..22 TTuurrnniinngg oonn PPoossttffiixx ddaattaabbaassee--pplluuggiinn ssuuppppoorrtt
Additionally, Postfix can be built to support dynamic loading of Postfix
database clients with the Debian-style dynamicmaps feature. Postfix 2.12
supports dynamic loading of cdb:, ldap:, lmdb:, mysql:, pcre:, pgsql:, sdbm:,
and sqlite: database clients. Dynamic loading is useful when you distribute or
install pre-compiled Postfix packages.
database clients (database plugins) with the Debian-style dynamicmaps feature.
Postfix 2.12 supports dynamic loading of cdb:, ldap:, lmdb:, mysql:, pcre:,
pgsql:, sdbm:, and sqlite: database clients. Dynamic loading is useful when you
distribute or install pre-compiled Postfix packages.
Specify "dynamicmaps=yes" on the "make makefiles" command line to build Postfix
with support to dynamically load Postfix database clients (database plugins)
with the Debian-style dynamicmaps feature.
with support to dynamically load Postfix database clients with the Debian-style
dynamicmaps feature.
$ make makefiles dynamicmaps=yes ...other arguments...
$ make makefiles dynamicmaps=no ...other arguments...
$ make
This implicitly enables shared-library support, and defaults to installing
dynamicmaps.cf and database plugins in /usr/libexec/postfix. Database plugins
are typically named postfix-type.so.version where the type is a database type
such as "cdb" or "ldap", and where the version is the same as for Postfix
shared libraries. The installed dynamicmaps.cf configuration file is given a
suffix with the same version.
(Specify "make makefiles dynamicmaps=no" to explicitly disable Postfix
database-plugin support).
This implicitly enables shared-library support, installs the configuration file
dynamicmaps.cf in $meta_directory (usually, /etc/postfix or /usr/local/etc/
postfix), and installs database plugins in $shlib_directory (see above).
Database plugins are named postfix-type.so where the type is a database type
such as "cdb" or "ldap".
NOTE: The Postfix 2.12 build procedure expects that you specify database
library dependencies with variables named AUXLIBS_CDB, AUXLIBS_LDAP, etc.
@ -217,50 +231,115 @@ suffix with the same version.
dependencies. And that was exactly what dynamic database client loading was
meant to avoid.
To override the default location or shared-library version, specify, for
See the next section for how to customize the location and version of Postfix
database plugins and the location of the file dynamicmaps.cf.
44..33..33 CCuussttoommiizziinngg PPoossttffiixx sshhaarreedd lliibbrraarriieess aanndd ddaattaabbaassee pplluuggiinnss
CCuussttoommiizziinngg tthhee llooccaattiioonn ooff PPoossttffiixx sshhaarreedd lliibbrraarriieess aanndd ddaattaabbaassee pplluuggiinnss
As a reminder, the directories with Postfix shared libraries or database
plugins should contain only Postfix-related files. Linking these files into
other programs is not supported.
To override the default location of Postfix shared libraries and database
plugins specify, for example:
$ make makefiles shared=yes shlib_directory=/usr/local/lib/postfix ...
If you intend to upgrade Postfix without stopping the mail system, then you
should append the Postfix release version to the shlib_directory pathname, to
eliminate the possibility that programs from the old Postfix version will link
with files from the new Postfix version. For example:
$ make makefiles shared=yes \
shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
The command "make makefiles name=value..." will replace the string MAIL_VERSION
in a configuration parameter value with the Postfix release version. Do not try
to specify something like $mail_version on this command line. This produces
inconsistent results with different versions of the make(1) command.
You can change the shlib_directory setting after Postfix is built, with "make
install" or "make upgrade". However, you may have to run ldconfig if you change
shlib_directory after Postfix is built (the symptom is that Postfix programs
fail because the run-time linker cannot find the files libpostfix-*.so). No
ldconfig command is needed if you keep the files libpostfix-*.so in the
compiled-in default $shlib_directory location.
# make upgrade shlib_directory=/usr/local/lib/postfix ...
# make install shlib_directory=/usr/local/lib/postfix ...
To append the Postfix release version to the pathname if you intend to upgrade
Postfix without stopping the mail system:
# make upgrade shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
# make install shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
See also the comments above for appending MAIL_VERSION with the "make
makefiles" command.
CCuussttoommiizziinngg tthhee llooccaattiioonn ooff ddyynnaammiiccmmaappss..ccff aanndd ootthheerr ffiilleess
The meta_directory parameter has the same default setting as the
config_directory parameter, typically /etc/postfix or /usr/local/etc/postfix.
You can override the default meta_directory location at compile time or after
Postfix is built. To override the default location at compile time specify, for
example:
% make makefiles dynamicmaps=yes plugin_directory=/usr/lib/postfix \
SHLIB_VERSION=1 ...
% make makefiles meta_directory=/usr/libexec/postfix ...
You can also override the plugin_directory setting after Postfix is built, with
"make install" or "make upgrade". In this case, there is no need to run the
ldconfig command.
Here is a tip if you want to make a pathname dependent on the Postfix release
version: the command "make makefiles name=value..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the make(1)
command.
Tips for distribution maintainers:
You can override the meta_directory setting after Postfix is built, with "make
install" or "make upgrade".
* The postfix-install procedure creates a compatibility symlink
dynamicmaps.cf -> dynamicmaps.cf.version (as well as a symlink
dynamicmaps.cf.d -> dynamicmaps.cf.version.d; more on that below). It is
therefore safe to use "unversioned" configuration file names when
installing or deinstalling a database plugin. However, Postfix itself will
use the "versioned" names, to allow minor upgrades to happen without having
to stop Postfix.
# make upgrade meta_directory=/usr/libexec/postfix ...
# make install meta_directory=/usr/libexec/postfix ...
* The configuration file dynamicmaps.cf.version will automatically include
files under the directory dynamicmaps.cf.d.version, just like the
configuration file postfix-files will automatically include files under the
directory postfix-files.d. Thanks to this, you don't have to edit postfix-
files or dynamicmaps.cf, when installing or deinstalling a database plugin
package. Instead, each plugin can have its own configuration file.
As with the command "make makefiles, the command "make install/upgrade
name=value..." will replace the string MAIL_VERSION in a configuration
parameter value with the Postfix release version. Do not try to specify
something like $mail_version on this command line. This produces inconsistent
results with different versions of the make(1) command.
* The plugin_directory setting provides the default directory for shared-
library objects with a relative pathname in the file
dynamicmaps.cf.version.
44..44..44 TTiippss ffoorr ddiissttrriibbuuttiioonn mmaaiinnttaaiinneerrss
* Each configuration file under the directory dynamicmaps.cf.d.version must
have a name that ends in ".cf" and must have the same format as the file
dynamicmaps.cf.version.
* The shlib_directory parameter setting also provides the default directory
for database plugin files with a relative pathname in the file
dynamicmaps.cf.
* The directory dynamicmaps.cf.d.version is the default directory for shared-
library objects with a relative pathname in the files
dynamicmaps.cf.d.version/*.cf. Thus, the directory dynamicmaps.cf.d.version
may contain both configuration files and shared-library object files.
Hence, the requirement that configuration file names must end in ".cf".
* The meta_directory parameter specifies the location of the files
dynamicmaps.cf, postfix-files, and some multi-instance template files. The
meta_directory parameter has the same default value as the config_directory
parameter (typically, /etc/postfix or /usr/local/etc/postfix). For
backwards compatibility with Postfix 2.6 .. 2.11, specify "meta_directory =
$daemon_directory" in main.cf before installing or upgrading Postfix, or
specify "meta_directory = /path/name" on the "make makefiles", "make
install" or "make upgrade" command line.
* The configuration file dynamicmaps.cf will automatically include files
under the directory dynamicmaps.cf.d, just like the configuration file
postfix-files will automatically include files under the directory postfix-
files.d. Thanks to this, you can install or deinstall a database plugin
package without having to edit postfix-files or dynamicmaps.cf. Instead,
you give that plugin its own configuration files dynamicmaps.cf.d and
postfix-files.d, and you add or remove those configuration files along with
the database plugin shared object.
* Each configuration file under the directory dynamicmaps.cf.d must have the
same format as the configuration file dynamicmaps.cf. There is no
requirement that these configuration file *names* have a specific format.
* Each configuration file under the directory postfix-files.d must have the
same format as the configuration file postfix-files. There is no
requirement that these configuration file names have a specific format.
requirement that these configuration file *names* have a specific format.
44..44 -- BBuuiillddiinngg wwiitthh ooppttiioonnaall ffeeaattuurreess
@ -306,6 +385,12 @@ directory other than /etc/postfix, use:
$ make makefiles config_directory=/some/where ...other arguments...
$ make
The command "make makefiles name=value ..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the make(1)
command.
Parameters whose defaults can be specified in this way are listed below. See
the postconf(5) manpage for a description (command: "nroff -man man/man5/
postconf.5 | less").
@ -329,9 +414,9 @@ postconf.5 | less").
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|manpage_directory |/usr/local/man |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|newaliases_path |/usr/bin/newaliases |
|meta_directory |/etc/postfix |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|plugin_directory |/usr/libexec/postfix|
|newaliases_path |/usr/bin/newaliases |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|queue_directory |/var/spool/postfix |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
@ -339,7 +424,7 @@ postconf.5 | less").
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|sendmail_path |/usr/sbin/sendmail |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
|shlib_directory |/usr/local/lib |
|shlib_directory |/usr/lib/postfix |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
44..55..22 -- AAllll PPoossttffiixx vveerrssiioonnss
@ -402,7 +487,7 @@ The following is an extensive list of names and values.
|NNaammee//VVaalluuee |DDeessccrriippttiioonn |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
| |Specifies one or more non-default object |
| |libraries. Postfix 2,12 and later specify some|
| |libraries. Postfix 2.12 and later specify some|
| |of their database library dependencies with |
|AUXLIBS="object_library..." |AUXLIBS_CDB, AUXLIBS_LDAP, AUXLIBS_LMDB, |
| |AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL, |
@ -474,12 +559,6 @@ The following is an extensive list of names and values.
|OPT=optimization_level |The default is -O. Specify OPT= to turn off |
| |optimization. |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
| |Specifies a non-default Postfix shared-library|
| |version number. The default is to use the |
|SHLIB_VERSION=version |Postfix version: X.Y.Z for stable releases, |
| |X.Y-DATE for snapshot releases, X.Y-DATE- |
| |nonprod for non-production releases. |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ |
| |Specifies non-default gcc compiler warning |
|WARN="warning_flags..." |options for use when "make" is invoked in a |
| |source subdirectory only. |
@ -627,6 +706,16 @@ following commands as the super-user:
file from a previous installation. If the file does not exist, use
interactive installation ("make install") instead.
* If you specify name=value arguments on the "make install" or "make upgrade"
command line, then these will take precedence over compiled-in default
settings or main.cf settings.
The command "make install/upgrade name=value ..." will replace the string
MAIL_VERSION in a configuration parameter value with the Postfix release
version. Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions of the
make(1) command.
66..44 -- CCoonnffiigguurree PPoossttffiixx
Proceed to the section on how you wish to run Postfix on your particular

6
postfix/README_FILES/PACKAGE_README
View File

@ -57,6 +57,12 @@ installation parameters on the command line:
With Postfix versions before 2.2 you must invoke the post-install script
directly (% sshh ppoosstt--iinnssttaallll --nnoonn--iinntteerraaccttiivvee iinnssttaallll__rroooott......).
With Postfix 2.12 and later, the command "make package name=value ..." will
replace the string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like $mail_version on
this command line. This produces inconsistent results with different versions
of the make(1) command.
BBeeggiinn SSeeccuurriittyy AAlleerrtt
WWhheenn bbuuiillddiinngg aann aarrcchhiivvee ffoorr ddiissttrriibbuuttiioonn,, bbee ssuurree ttoo aarrcchhiivvee oonnllyy ffiilleess aanndd

85
postfix/RELEASE_NOTES
View File

@ -16,10 +16,18 @@ specifies the release date of a stable release or snapshot release.
If you upgrade from Postfix 2.10 or earlier, read RELEASE_NOTES-2.11
before proceeding.
Notes for distribution maintainers (20140530)
---------------------------------------------
Notes for distribution maintainers
----------------------------------
The Postfix build/install procedure has changed.
The Postfix build/install procedure has changed to support Postfix
shared libraries and database plugins.
[Update 20140625: As a result of maintainer feedback, 1) the Postfix
release version is no longer used as a filename suffix for Postfix
shared libraries, database plugins or dynamicmaps.cf; 2) non-executable
files have been moved away from $daemon_directory to $meta_directory
(usually, /etc/postfix). The release notes below for 20140530 have
been updated accordingly.]
To avoid massive frustration due to broken patches, PLEASE BUILD
POSTFIX FIRST WITHOUT APPLYING ANY PATCHES. Follow the INSTALL
@ -33,6 +41,22 @@ Maintainers may also benefit from the makedefs documentation
(mantools/srctoman - makedefs | nroff -man | less) with information
about build options that are not described in the INSTALL instructions.
Incompatible changes with snapshot 20140625
===========================================
For compliance with file system policies, some files have been moved
from $daemon_directory to the directory specified with the new
meta_directory configuration parameter which has the same default
value as the config_directory parameter. This change affects
non-executable files that are shared between multiple Postfix
instances such as postfix-files, dynamicmaps.cf, and multi-instance
template files.
For backwards compatibility with Postfix 2.6 .. 2.11, specify
"meta_directory = $daemon_directory" in main.cf before installing
or upgrading Postfix, or specify "meta_directory = /path/name" on
the "make makefiles", "make install" or "make upgrade" command line.
Incompatible changes with snapshot 20140618
===========================================
@ -139,11 +163,11 @@ of Linux, FreeBSD, MacOS X, and for the ancient Solaris 9.
To support Postfix shared libraries and dynamically-loadable database
clients, the Postfix build procedure had to be changed (specifically,
the makedefs and Makefile.in files, and the scripts that install
or update Postfix). These changes are introduced early in the
annual Postfix development cycle to give down-stream maintainers
sufficient time to prepare their build systems for the next stable
Postfix release.
the files makedefs and Makefile.in, and the files postfix-install
and post-install that install or update Postfix). These changes
are introduced early in the annual Postfix development cycle to
give down-stream maintainers sufficient time to prepare their build
systems for the next stable Postfix release in 2015.
Building with Postfix shared libraries and database plugins
-----------------------------------------------------------
@ -151,18 +175,19 @@ Building with Postfix shared libraries and database plugins
Please see the INSTALL section "Building with Postfix shared libraries
and database plugins" for fine-tuning details.
To build with Postfix shared libraries (libpostfix-*.so.*), use:
To build with Postfix shared libraries (files named libpostfix-*.so),
use:
% make makefiles shared=yes ...other arguments...
To build with dynamicmaps.cf support and dynamically-loadable
database clients (postfix-*.so.*), use:
database clients (files named postfix-*.so), use:
% make makefiles dynamicmaps=yes ...other arguments...
This implicitly enables support for libpostfix-*.so.* shared
libraries. Postfix 2.12 supports dynamic loading for CDB, LDAP,
LMDB, MYSQL, PCRE, PGSQL, SDBM, and SQLITE database clients.
This implicitly enables support for Postfix shared libraries. Postfix
2.12 supports dynamic loading for CDB, LDAP, LMDB, MYSQL, PCRE,
PGSQL, SDBM, and SQLITE database clients.
NOTE: The Postfix 2.12 build procedure expects that you specify
database library dependencies with variables named AUXLIBS_CDB,
@ -184,22 +209,28 @@ Besides changes to the Postfix "build" system as described above,
the user-visible changes with respect to Debian are:
- The new shlib_directory parameter specifies the location of the
libpostfix-*.so.* shared-library files. You can change the location
of these files after Postfix is built. However, you may have to
run ldconfig if you move the libpostfix-*.so.* files to a non-system
directory. No ldconfig is needed if you keep the libpostfix-*.so.*
files in the compiled-in default $shlib_directory location.
libpostfix-*.so shared-library files and the postfix-*.so database
plugins. You can change the location of these files after Postfix
is built. However, you may have to run ldconfig if you change the
libpostfix-*.so location. No ldconfig is needed if you keep the
libpostfix-*.so files in the compiled-in default $shlib_directory
location.
- The new plugin_directory parameter specifies the location of the
dynamicmaps.cf database plugin configuration file and of any
postfix-*.so.* plugins with a relative pathname. The dynamicmaps.cf
location is not hard-coded to /etc, because the file is shared
among all Postfix instances just like postfix-files and other
files. Files in /etc are meant to be instance-specific.
- The new meta_directory parameter specifies the location of the
file dynamicmaps.cf and some other non-executable files. The
meta_directory parameter has the same default value as the
config_directory parameter, so this is backwards compatible with
Debian (but the default setting may be changed at compile time).
- Postfix supports the directory dynamicmaps.cf.d. in addition to
the file dynamicmaps.cf. Maintainers can one configuration file
per database plugin, which simplifies installation and removal.
- Postfix supports the directory dynamicmaps.cf.d in addition to
the file dynamicmaps.cf. Maintainers can use one configuration
file per database plugin, which simplifies installation and
removal of individual plugins.
- Likewise, Postfix supports the directory postfix-files.d in
addition to the file postfix-files, Again, maintainers can use
one configuration file per database plugin, which simplifies
installation and removal of individual plugins.
Major changes with snapshot 20140321
====================================

47
postfix/conf/post-install
View File

@ -40,8 +40,8 @@
# Arguments
# .IP create-missing
# Create missing queue directories with ownerships and permissions
# according to the contents of $daemon_directory/postfix-files
# and optionally in $daemon_directory/postfix-files.d/*, using
# according to the contents of $meta_directory/postfix-files
# and optionally in $meta_directory/postfix-files.d/*, using
# the mail_owner and setgid_group parameter settings from the
# command line, process environment or from the installed
# main.cf file.
@ -49,8 +49,8 @@
# This is required at Postfix start-up time.
# .IP set-permissions
# Set all file/directory ownerships and permissions according to the
# contents of $daemon_directory/postfix-files and optionally
# in $daemon_directory/postfix-files.d/*, using the mail_owner
# contents of $meta_directory/postfix-files and optionally
# in $meta_directory/postfix-files.d/*, using the mail_owner
# and setgid_group parameter settings from the command line,
# process environment or from the installed main.cf file.
# Implies create-missing.
@ -60,8 +60,8 @@
# settings after Postfix is already installed.
# .IP upgrade-permissions
# Update ownership and permission of existing files/directories as
# specified in $daemon_directory/postfix-files and optionally
# in $daemon_directory/postfix-files.d/*, using the mail_owner
# specified in $meta_directory/postfix-files and optionally
# in $meta_directory/postfix-files.d/*, using the mail_owner
# and setgid_group parameter settings from the command line,
# process environment or from the installed main.cf file.
# Implies create-missing.
@ -176,16 +176,20 @@
# .IP readme_directory
# The directory for the Postfix README files.
# .IP shlib_directory
# The directory for the Postfix shared-library files.
# .IP plugin_directory
# The directory for the Postfix dynamicmaps.cf database plugin
# configuration file, and files referenced by that file.
# The directory for the Postfix shared-library files, and for
# the Postfix dabatase plugin files with a relative pathname
# in the file dynamicmaps.cf.
# .IP meta_directory
# The directory for non-executable files that are shared
# among multiple Postfix instances, such as postfix-files,
# dynamicmaps.cf, as well as the multi-instance template files
# main.cf.proto and master.cf.proto.
# SEE ALSO
# postfix-install(1) Postfix primary installation script.
# FILES
# $config_directory/main.cf, Postfix installation parameters.
# $daemon_directory/postfix-files, installation control file.
# $daemon_directory/postfix-files.d/*, optional control files.
# $meta_directory/postfix-files, installation control file.
# $meta_directory/postfix-files.d/*, optional control files.
# $config_directory/install.cf, obsolete configuration file.
# LICENSE
# .ad
@ -210,7 +214,7 @@ debug=:
MOST_PARAMETERS="command_directory daemon_directory data_directory
html_directory mail_owner mailq_path manpage_directory
newaliases_path queue_directory readme_directory sample_directory
sendmail_path setgid_group shlib_directory plugin_directory"
sendmail_path setgid_group shlib_directory meta_directory"
NON_SHARED="config_directory queue_directory data_directory"
USAGE="Usage: $0 [name=value] command
@ -292,8 +296,8 @@ do
esac
done
test -f $daemon_directory/postfix-files || {
echo $0: Error: $daemon_directory/postfix-files is not a file. 1>&2
test -f $meta_directory/postfix-files || {
echo $0: Error: $meta_directory/postfix-files is not a file. 1>&2
exit 1
}
@ -366,7 +370,8 @@ case $setgid_group in
esac
for path in "$daemon_directory" "$command_directory" "$queue_directory" \
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \
"$meta_directory"
do
case "$path" in
/*) ;;
@ -374,7 +379,7 @@ do
esac
done
for path in "$html_directory" "$readme_directory" "$shlib_directory" "$plugin_directory"
for path in "$html_directory" "$readme_directory" "$shlib_directory"
do
case "$path" in
/*) ;;
@ -444,15 +449,15 @@ test -n "$override" && {
"sample_directory = $sample_directory" \
"readme_directory = $readme_directory" \
"shlib_directory = $shlib_directory" \
"plugin_directory = $plugin_directory" \
"meta_directory = $meta_directory" \
|| exit 1
}
# Use file/directory status information in $daemon_directory/postfix-files.
# Use file/directory status information in $meta_directory/postfix-files.
test -n "$create" && {
postfix_files_d=$daemon_directory/postfix-files.d
for postfix_file in $daemon_directory/postfix-files \
postfix_files_d=$meta_directory/postfix-files.d
for postfix_file in $meta_directory/postfix-files \
`test -d $postfix_files_d && { find $postfix_files_d -type f | sort; }`
do
exec <$postfix_file || exit 1

42
postfix/conf/postfix-files
View File

@ -66,25 +66,27 @@ $queue_directory/public:d:$mail_owner:$setgid_group:710:uc
$queue_directory/pid:d:root:-:755:uc
$queue_directory/saved:d:$mail_owner:-:700:ucr
$queue_directory/trace:d:$mail_owner:-:700:ucr
# Update shared libraries before daemon or command-line programs.
# Update shared libraries and plugins before daemon or command-line programs.
$shlib_directory/lib${LIB_PREFIX}util${LIB_SUFFIX}:f:root:-:755
$shlib_directory/lib${LIB_PREFIX}global${LIB_SUFFIX}:f:root:-:755
$shlib_directory/lib${LIB_PREFIX}dns${LIB_SUFFIX}:f:root:-:755
$shlib_directory/lib${LIB_PREFIX}tls${LIB_SUFFIX}:f:root:-:755
$shlib_directory/lib${LIB_PREFIX}master${LIB_SUFFIX}:f:root:-:755
# Update database plugins before daemon or command-line programs.
$plugin_directory/${LIB_PREFIX}cdb${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}ldap${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}lmdb${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}mysql${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}pcre${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}pgsql${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}sdbm${LIB_SUFFIX}:f:root:-:755
$plugin_directory/${LIB_PREFIX}sqlite${LIB_SUFFIX}:f:root:-:755
$plugin_directory/dynamicmaps.cf.${SHLIB_VERSION}:f:root:-:644:
$plugin_directory/dynamicmaps.cf.${SHLIB_VERSION}.d:d:root:-:755:
$plugin_directory/dynamicmaps.cf:l:dynamicmaps.cf.${SHLIB_VERSION}:-::
$plugin_directory/dynamicmaps.cf.d:l:dynamicmaps.cf.${SHLIB_VERSION}.d:-::
$shlib_directory/${LIB_PREFIX}cdb${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}ldap${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}lmdb${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}mysql${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}pcre${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}pgsql${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}sdbm${LIB_SUFFIX}:f:root:-:755
$shlib_directory/${LIB_PREFIX}sqlite${LIB_SUFFIX}:f:root:-:755
$meta_directory/dynamicmaps.cf.d:d:root:-:755
$meta_directory/dynamicmaps.cf:f:root:-:644
$meta_directory/main.cf.proto:f:root:-:644
$meta_directory/makedefs.out:f:root:-:644
$meta_directory/master.cf.proto:f:root:-:644
$meta_directory/postfix-files.d:d:root:-:755
$meta_directory/postfix-files:f:root:-:644
$daemon_directory/anvil:f:root:-:755
$daemon_directory/bounce:f:root:-:755
$daemon_directory/cleanup:f:root:-:755
@ -92,17 +94,17 @@ $daemon_directory/discard:f:root:-:755
$daemon_directory/dnsblog:f:root:-:755
$daemon_directory/error:f:root:-:755
$daemon_directory/flush:f:root:-:755
#$daemon_directory/lmtp:f:root:-:755
$daemon_directory/local:f:root:-:755
$daemon_directory/main.cf:f:root:-:644
$daemon_directory/master.cf:f:root:-:644
$daemon_directory/main.cf:f:root:-:644:o
$daemon_directory/master.cf:f:root:-:644:o
$daemon_directory/master:f:root:-:755
$daemon_directory/oqmgr:f:root:-:755
$daemon_directory/pickup:f:root:-:755
$daemon_directory/pipe:f:root:-:755
$daemon_directory/post-install:f:root:-:755
$daemon_directory/postfix-files:f:root:-:644
$daemon_directory/postfix-files.d:d:root:-:755
# In case meta_directory == daemon_directory.
#$daemon_directory/postfix-files:f:root:-:644:o
#$daemon_directory/postfix-files.d:d:root:-:755:o
$daemon_directory/postfix-script:f:root:-:755
$daemon_directory/postfix-wrapper:f:root:-:755
$daemon_directory/postmulti-script:f:root:-:755
@ -150,10 +152,8 @@ $config_directory/header_checks:f:root:-:644:p1
$config_directory/install.cf:f:root:-:644:o
$config_directory/main.cf.default:f:root:-:644:1
$config_directory/main.cf:f:root:-:644:p
$config_directory/makedefs.out:f:root:-:644:1
$config_directory/master.cf:f:root:-:644:p
$config_directory/pcre_table:f:root:-:644:o
$config_directory/postfix-files:f:root:-:644:o
$config_directory/regexp_table:f:root:-:644:o
$config_directory/relocated:f:root:-:644:p1
$config_directory/tcp_table:f:root:-:644:o

16
postfix/conf/postfix-script
View File

@ -71,13 +71,10 @@ no) ;;
exit 1
}
esac
case $plugin_directory in
no) ;;
*) cd $plugin_directory || {
$FATAL no Postfix plugin directory $plugin_directory!
cd $meta_directory || {
$FATAL no Postfix meta directory $meta_directory!
exit 1
}
esac
}
cd $queue_directory || {
$FATAL no Postfix queue directory $queue_directory!
exit 1
@ -259,10 +256,10 @@ check-warn)
test -n "$check_shared_files" && {
todo="$daemon_directory $todo"
test "$shlib_directory" = "no" || todo="$shlib_directory $todo"
test "$plugin_directory" = "no" || todo="$plugin_directory $todo"
todo="$meta_directory $todo"
}
for dir in $todo
for dir in `echo "$todo" | tr ' ' '\12' | sort -u`
do
ls -lLd $dir | (grep " root " >/dev/null ||
$WARN not owned by root: $dir)
@ -277,7 +274,6 @@ check-warn)
todo="$daemon_directory/* $todo"
test "$shlib_directory" = "no" ||
todo="$shlib_directory/libpostfix* $todo"
# plugin_directory/* is checked by dynamicmaps routines.
}
find $todo ! -user root \
@ -287,7 +283,7 @@ check-warn)
test -n "$check_shared_files" && todo="$daemon_directory/. $todo"
# FIXME don't scan non-Postfix files under /usr/local/lib.
test "$shlib_directory" = "no" ||
todo="$shlib_directory/libpostfix* $todo"
todo="$shlib_directory/libpostfix* $shlib_directory/postfix* $todo"
find $todo \
\( -perm -020 -o -perm -002 \) -type f \

21
postfix/conf/postmulti-script
View File

@ -14,6 +14,8 @@ umask 022
# MAIL_CONFIG - config_directory of primary instance
# command_directory - From primary instance
# daemon_directory - From primary instance
# meta_directory - From primary instance
# shlib_directory - From primary instance
# config_directroy - config_directory of target instance
# queue_directory - queue_directory of target instance
# data_directory - data_directory of target instance
@ -30,6 +32,8 @@ umask 022
: ${MAIL_CONFIG:?"do not invoke this command directly"}
: ${command_directory:?"do not invoke this command directly"}
: ${daemon_directory:?"do not invoke this command directly"}
: ${meta_directory:?"do not invoke this command directly"}
: ${shlib_directory:?"do not invoke this command directly"}
USAGE="$0 -e create|destroy|import|deport|enable|disable|assign|init"
usage() { echo "$0: Error: Usage: $USAGE" >&2; exit 1; }
@ -109,6 +113,17 @@ init)
exit $? ;;
esac
# Backport note: "-x" requires 2.10 or later, and is not essential here.
#
wrapper=`postconf -hx multi_instance_wrapper` || exit 1
enable=`postconf -hx multi_instance_enable` || exit 1
test -n "$wrapper" ||
fatal "multi_instance_wrapper is empty, run 'postmulti -e init' first."
test "$enable" = "yes" ||
fatal "multi_instance_enable!=yes, run 'postmulti -e init' first."
: ${config_directory:?"Invalid empty target instance config_directory"}
case $action in
@ -138,7 +153,7 @@ create|import)
tmpdir=$config_directory/.tmp
(umask 077; mkdir -p $tmpdir) || exit 1
cp -p $daemon_directory/main.cf $tmpdir/main.cf || exit 1
cp -p $meta_directory/main.cf.proto $tmpdir/main.cf || exit 1
# Shared install parameters are cloned from user-specified values in
# the default instance, but only if explicitly set there. Otherwise,
@ -147,6 +162,7 @@ create|import)
SHARED_PARAMETERS="
command_directory
daemon_directory
meta_directory
mail_owner
setgid_group
sendmail_path
@ -157,7 +173,6 @@ create|import)
sample_directory
readme_directory
shlib_directory
plugin_directory
"
shift $# # Needed on SunOS where bare "set --" is NOP!
@ -185,7 +200,7 @@ create|import)
"$@" || exit 1
cp -p $daemon_directory/master.cf $tmpdir/master.cf || exit 1
cp -p $meta_directory/master.cf.proto $tmpdir/master.cf || exit 1
mv $tmpdir/main.cf $config_directory/main.cf || exit 1
mv $tmpdir/master.cf $config_directory/master.cf || exit 1
rmdir $tmpdir 2>/dev/null

298
postfix/html/INSTALL.html
View File

@ -236,8 +236,37 @@ $ make
recent versions of Linux, FreeBSD and MacOS X. Shared-library builds
may become the default at some point in the future. </p>
<p> Overview of topics: </p>
<ul>
<li><a href="#shared_enable">4.3.1 Turning on Postfix shared-library
support</a>
<li><a href="#dynamicmaps_enable">4.3.2 Turning on Postfix database-plugin
support</a>
<li><a href="#shared_custom">4.3.3 Customizing Postfix shared
libraries and database plugins</a>
<li><a href="#shared_tips">4.4.4 Tips for distribution maintainers</a>
</ul>
<p> Note: directories with Postfix shared libraries or database
plugins should contain only postfix-related files. Postfix shared
libraries and database plugins should not be installed in a "public"
system directory such as /usr/lib or /usr/local/lib. Linking Postfix
shared-library or database-plugin files into non-Postfix programs
is not supported. Postfix shared libraries and database plugins
implement a Postfix-internal API that changes without maintaining
compatibility. </p>
<h4><a name="shared_enable"> 4.3.1 Turning on Postfix shared-library
support </a></h4>
<p> Postfix can be built with Postfix shared libraries (files
typically named <tt>libpostfix-*.so.*</tt>). Postfix shared libraries
typically named <tt>libpostfix-*.so</tt>). Postfix shared libraries
add minor run-time overhead and result in significantly-smaller
Postfix executable files. </p>
@ -247,63 +276,57 @@ build Postfix with shared-library support. </p>
<blockquote>
<pre>
$ make makefiles shared=yes ...other arguments...
$ make makefiles shared=no ...other arguments...
$ make
</pre>
</blockquote>
<p> This defaults to installing shared libraries in /usr/local/lib,
typically with names like libpostfix-<i>name</i>.so.<i>version</i>,
where the <i>name</i> is a source-code directory name such as "util"
or "global", and the <i>version</i> is the Postfix version:
<i>x.y.z</i> for stable releases, <i>x.y</i>-<i>date</i> for snapshot
(development) releases, or <i>x.y</i>-<i>date</i>-nonprod for
non-production releases. </p>
<p> (Specify "make makefiles shared=no" to explicitly disable Postfix
shared-library support). </p>
<p> To override the default location or shared-library version,
specify, for example: </p>
<p> This installs shared libraries in $<a href="postconf.5.html#shlib_directory">shlib_directory</a>, typically,
/usr/lib/postfix/<i>version</i> or /usr/local/lib/postfix/<i>version</i>,
with names like libpostfix-<i>name</i>.so, where the <i>name</i>
is a source-code directory name such as "util" or "global", and the
<i>version</i> is the Postfix release version: <i>x.y.z</i> for
stable releases, <i>x.y</i>-<i>date</i> for snapshot (development)
releases, or <i>x.y</i>-<i>date</i>-nonprod for non-production
releases. </p>
<blockquote>
<pre>
$ make makefiles shared=yes <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/lib \
SHLIB_VERSION=1 ...other arguments...
</pre>
</blockquote>
<p> See section 4.3.3 "Customizing Postfix shared libraries and
database plugins" below for how to customize the Postfix shared-library
location and version.
<p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> setting after Postfix is
built, with "make install" or "make upgrade". However, you may have
to run ldconfig if you change <a href="postconf.5.html#shlib_directory">shlib_directory</a> after Postfix is built
and install the libpostfix-*.so.* files in a non-system directory.
No ldconfig is needed if you keep the libpostfix-*.so.* files in
the compiled-in default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
<h4><a name="dynamicmaps_enable"> 4.3.2 Turning on Postfix
database-plugin support </a></h4>
<p> Additionally, Postfix can be built to support dynamic loading
of Postfix database clients with the Debian-style dynamicmaps
feature. Postfix 2.12 supports dynamic loading of <a href="CDB_README.html">cdb</a>:, <a href="ldap_table.5.html">ldap</a>:,
<a href="lmdb_table.5.html">lmdb</a>:, <a href="mysql_table.5.html">mysql</a>:, <a href="pcre_table.5.html">pcre</a>:, <a href="pgsql_table.5.html">pgsql</a>:, <a href="DATABASE_README.html#types">sdbm</a>:, and <a href="sqlite_table.5.html">sqlite</a>: database clients.
Dynamic loading is useful when you distribute or install pre-compiled
Postfix packages. </p>
of Postfix database clients (database plugins) with the Debian-style
dynamicmaps feature. Postfix 2.12 supports dynamic loading of <a href="CDB_README.html">cdb</a>:,
<a href="ldap_table.5.html">ldap</a>:, <a href="lmdb_table.5.html">lmdb</a>:, <a href="mysql_table.5.html">mysql</a>:, <a href="pcre_table.5.html">pcre</a>:, <a href="pgsql_table.5.html">pgsql</a>:, <a href="DATABASE_README.html#types">sdbm</a>:, and <a href="sqlite_table.5.html">sqlite</a>: database
clients. Dynamic loading is useful when you distribute or install
pre-compiled Postfix packages. </p>
<p> Specify "dynamicmaps=yes" on the "make makefiles" command line
to build Postfix with support to dynamically load Postfix database
clients (database plugins) with the Debian-style dynamicmaps feature.
clients with the Debian-style dynamicmaps feature.
</p>
<blockquote>
<pre>
$ make makefiles dynamicmaps=yes ...other arguments...
$ make makefiles dynamicmaps=no ...other arguments...
$ make
</pre>
</blockquote>
<p> This implicitly enables shared-library support, and defaults
to installing dynamicmaps.cf and database plugins in /usr/libexec/postfix.
Database plugins are typically named postfix-<i>type</i>.so.<i>version</i>
where the <i>type</i> is a database type such as "cdb" or "ldap",
and where the <i>version</i> is the same as for Postfix shared
libraries. The installed dynamicmaps.cf configuration file is given
a suffix with the same version. </p>
<p> (Specify "make makefiles dynamicmaps=no" to explicitly disable
Postfix database-plugin support). </p>
<p> This implicitly enables shared-library support, installs the
configuration file dynamicmaps.cf in $<a href="postconf.5.html#meta_directory">meta_directory</a> (usually,
/etc/postfix or /usr/local/etc/postfix), and installs database
plugins in $<a href="postconf.5.html#shlib_directory">shlib_directory</a> (see above). Database plugins are named
postfix-<i>type</i>.so where the <i>type</i> is a database type
such as "cdb" or "ldap". </p>
<blockquote>
@ -322,60 +345,155 @@ database client loading was meant to avoid. </p>
</blockquote>
<p> To override the default location or shared-library version,
specify, for example: </p>
<p> See the next section for how to customize the location and
version of Postfix database plugins and the location of the file
dynamicmaps.cf. </p>
<h4><a name="shared_custom"> 4.3.3 Customizing Postfix shared
libraries and database plugins </a></h4>
<h5> Customizing the location of Postfix shared libraries and
database plugins </h5>
<p> As a reminder, the directories with Postfix shared libraries
or database plugins should contain only Postfix-related files.
Linking these files into other programs is not supported. </p>
<p> To override the default location of Postfix shared libraries
and database plugins specify, for example: </p>
<blockquote>
<pre>
% make makefiles dynamicmaps=yes <a href="postconf.5.html#plugin_directory">plugin_directory</a>=/usr/lib/postfix \
SHLIB_VERSION=1 ...
$ make makefiles shared=yes <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
</pre>
</blockquote>
<p> You can also override the <a href="postconf.5.html#plugin_directory">plugin_directory</a> setting after Postfix
is built, with "make install" or "make upgrade". In this case, there
is no need to run the ldconfig command. </p>
<p> If you intend to upgrade Postfix without stopping the mail
system, then you should append the Postfix release version to the
<a href="postconf.5.html#shlib_directory">shlib_directory</a> pathname, to eliminate the possibility that programs
from the old Postfix version will link with files from the new
Postfix version. For example: </p>
<p> Tips for distribution maintainers:
<blockquote>
<pre>
$ make makefiles shared=yes \
<a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
</pre>
</blockquote>
<p> The command "make makefiles name=value..." will replace the
string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
<p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> setting after Postfix is
built, with "make install" or "make upgrade". However, you may have
to run ldconfig if you change <a href="postconf.5.html#shlib_directory">shlib_directory</a> after Postfix is built
(the symptom is that Postfix programs fail because the run-time
linker cannot find the files libpostfix-*.so). No ldconfig command
is needed if you keep the files libpostfix-*.so in the compiled-in
default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
<blockquote>
<pre>
# make upgrade <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
# make install <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix ...
</pre>
</blockquote>
<p> To append the Postfix release version to the pathname if you
intend to upgrade Postfix without stopping the mail system: </p>
<blockquote>
<pre>
# make upgrade <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
# make install <a href="postconf.5.html#shlib_directory">shlib_directory</a>=/usr/local/lib/postfix/MAIL_VERSION ...
</pre>
</blockquote>
<p> See also the comments above for appending MAIL_VERSION with
the "make makefiles" command. </p>
<h5> Customizing the location of dynamicmaps.cf and other files
</h5>
<p> The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default setting as
the <a href="postconf.5.html#config_directory">config_directory</a> parameter, typically /etc/postfix or
/usr/local/etc/postfix. </p>
<p> You can override the default <a href="postconf.5.html#meta_directory">meta_directory</a> location at compile
time or after Postfix is built. To override the default location
at compile time specify, for example: </p>
<blockquote>
<pre>
% make makefiles <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
</pre>
</blockquote>
<p> Here is a tip if you want to make a pathname dependent on the
Postfix release version: the command "make makefiles name=value..."
will replace the string MAIL_VERSION in a configuration parameter
value with the Postfix release version. Do not try to specify
something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces
inconsistent results with different versions of the make(1) command.
</p>
<p> You can override the <a href="postconf.5.html#meta_directory">meta_directory</a> setting after Postfix is
built, with "make install" or "make upgrade". </p>
<blockquote>
<pre>
# make upgrade <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
# make install <a href="postconf.5.html#meta_directory">meta_directory</a>=/usr/libexec/postfix ...
</pre>
</blockquote>
<p> As with the command "make makefiles, the command "make
install/upgrade name=value..." will replace the string MAIL_VERSION
in a configuration parameter value with the Postfix release version.
Do not try to specify something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command
line. This produces inconsistent results with different versions
of the make(1) command. </p>
<h4><a name="shared_tips"> 4.4.4 Tips for distribution maintainers
</a></h4>
<ul>
<li> <p> The postfix-install procedure creates a compatibility
symlink dynamicmaps.cf -> dynamicmaps.cf.<i>version</i> (as well
as a symlink dynamicmaps.cf.d -> dynamicmaps.cf.<i>version</i>.d;
more on that below). It is therefore safe to use "unversioned"
configuration file names when installing or deinstalling a database
plugin. However, Postfix itself will use the "versioned" names, to
allow minor upgrades to happen without having to stop Postfix. </p>
<li> <p> The <a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter setting also provides the
default directory for database plugin files with a relative pathname
in the file dynamicmaps.cf. </p>
<li> <p> The configuration file dynamicmaps.cf.<i>version</i> will
automatically include files under the directory
dynamicmaps.cf.d.<i>version</i>, just like the configuration file
postfix-files will automatically include files under the directory
postfix-files.d. Thanks to this, you don't have to edit postfix-files
or dynamicmaps.cf, when installing or deinstalling a database plugin
package. Instead, each plugin can have its own configuration file.
</p>
<li> <p> The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter specifies the location of the
files dynamicmaps.cf, postfix-files, and some multi-instance template
files. The <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default value as
the <a href="postconf.5.html#config_directory">config_directory</a> parameter (typically, /etc/postfix or
/usr/local/etc/postfix). For backwards compatibility with Postfix
2.6 .. 2.11, specify "<a href="postconf.5.html#meta_directory">meta_directory</a> = $<a href="postconf.5.html#daemon_directory">daemon_directory</a>" in <a href="postconf.5.html">main.cf</a>
before installing or upgrading Postfix, or specify "<a href="postconf.5.html#meta_directory">meta_directory</a>
= /path/name" on the "make makefiles", "make install" or "make
upgrade" command line. </p>
<li> <p> The <a href="postconf.5.html#plugin_directory">plugin_directory</a> setting provides the default directory
for shared-library objects with a relative pathname in the file
dynamicmaps.cf.<i>version</i>.
<li> <p> The configuration file dynamicmaps.cf will automatically
include files under the directory dynamicmaps.cf.d, just like the
configuration file postfix-files will automatically include files
under the directory postfix-files.d. Thanks to this, you can install
or deinstall a database plugin package without having to edit
postfix-files or dynamicmaps.cf. Instead, you give that plugin its
own configuration files dynamicmaps.cf.d and postfix-files.d, and
you add or remove those configuration files along with the database
plugin shared object. </p>
<li> <p> Each configuration file under the directory
dynamicmaps.cf.d.<i>version</i> must have a name that ends in ".cf"
and must have the same format as the file dynamicmaps.cf.<i>version</i>.
</p>
<li> <p> The directory dynamicmaps.cf.d.<i>version</i> is the default
directory for shared-library objects with a relative pathname in
the files dynamicmaps.cf.d.<i>version</i>/*.cf. Thus, the directory
dynamicmaps.cf.d.<i>version</i> may contain both configuration files
and shared-library object files. Hence, the requirement that
configuration file names must end in ".cf". </p>
<li> <p> Each configuration file under the directory dynamicmaps.cf.d
must have the same format as the configuration file dynamicmaps.cf.
There is no requirement that these configuration file *names* have a
specific format. </p>
<li> <p> Each configuration file under the directory postfix-files.d
must have the same format as the configuration file postfix-files.
There is no requirement that these configuration file names have a
There is no requirement that these configuration file *names* have a
specific format. </p>
</ul>
@ -445,6 +563,12 @@ $ make
</pre>
</blockquote>
<p> The command "make makefiles name=value ..." will replace the
string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
<p> Parameters whose defaults can be specified in this way are
listed below. See the <a href="postconf.5.html">postconf(5)</a> manpage for a description
(command: "<tt>nroff -man man/man5/postconf.5 | less</tt>"). </p>
@ -471,9 +595,9 @@ listed below. See the <a href="postconf.5.html">postconf(5)</a> manpage for a de
<tr> <td><a href="postconf.5.html#manpage_directory">manpage_directory</a></td> <td>/usr/local/man</td> </tr>
<tr> <td><a href="postconf.5.html#newaliases_path">newaliases_path</a></td> <td>/usr/bin/newaliases</td> </tr>
<tr> <td><a href="postconf.5.html#meta_directory">meta_directory</a></td> <td>/etc/postfix</td> </tr>
<tr> <td><a href="postconf.5.html#plugin_directory">plugin_directory</a></td> <td>/usr/libexec/postfix</td> </tr>
<tr> <td><a href="postconf.5.html#newaliases_path">newaliases_path</a></td> <td>/usr/bin/newaliases</td> </tr>
<tr> <td><a href="postconf.5.html#queue_directory">queue_directory</a></td> <td>/var/spool/postfix</td> </tr>
@ -481,7 +605,7 @@ listed below. See the <a href="postconf.5.html">postconf(5)</a> manpage for a de
<tr> <td><a href="postconf.5.html#sendmail_path">sendmail_path</a></td> <td>/usr/sbin/sendmail</td> </tr>
<tr> <td><a href="postconf.5.html#shlib_directory">shlib_directory</a></td> <td>/usr/local/lib</td> </tr>
<tr> <td><a href="postconf.5.html#shlib_directory">shlib_directory</a></td> <td>/usr/lib/postfix</td> </tr>
</table>
@ -578,7 +702,7 @@ $ make
<tr> <th colspan="2"> Name/Value </th> <th> Description </th> </tr>
<tr> <td colspan="2"> AUXLIBS="object_library..."</td> <td> Specifies
one or more non-default object libraries. Postfix 2,12 and later
one or more non-default object libraries. Postfix 2.12 and later
specify some of their database library dependencies with <a href="CDB_README.html">AUXLIBS_CDB</a>,
<a href="LDAP_README.html">AUXLIBS_LDAP</a>, <a href="LMDB_README.html">AUXLIBS_LMDB</a>, <a href="MYSQL_README.html">AUXLIBS_MYSQL</a>, <a href="PCRE_README.html">AUXLIBS_PCRE</a>, <a href="PGSQL_README.html">AUXLIBS_PGSQL</a>,
<a href="SDBM_README.html">AUXLIBS_SDBM</a>, and <a href="SQLITE_README.html">AUXLIBS_SQLITE</a>, respectively. </td> </tr>
@ -647,12 +771,6 @@ Specify DEBUG= to turn off debugging. </td> </tr>
a non-default optimization level. The default is -O. Specify OPT=
to turn off optimization. </td> </tr>
<tr> <td colspan="2"> SHLIB_VERSION=version </td> <td> Specifies a
non-default Postfix shared-library version number. The default is
to use the Postfix version: X.Y.Z for stable releases, X.Y-DATE for
snapshot releases, X.Y-DATE-nonprod for non-production releases.
</td> </tr>
<tr> <td colspan="2"> WARN="warning_flags..." </td> <td> Specifies
non-default <tt>gcc</tt> compiler warning options for use when
"<tt>make</tt>" is invoked in a source subdirectory only. </td>
@ -857,6 +975,16 @@ pathnames that end in ".postfix"</b>. </p>
does not exist, use interactive installation ("make install")
instead. </p>
<li> <p> If you specify name=value arguments on the "make install"
or "make upgrade" command line, then these will take precedence
over compiled-in default settings or <a href="postconf.5.html">main.cf</a> settings. </p>
<p> The command "make install/upgrade name=value ..." will replace
the string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
</ul>
<h3>6.4 - Configure Postfix</h3>

7
postfix/html/PACKAGE_README.html
View File

@ -85,6 +85,13 @@ non-default installation parameters on the command line: </p>
script directly (<tt>% <b>sh post-install -non-interactive
install_root...</b></tt>). </p>
<p> With Postfix 2.12 and later, the command "make package name=value
..." will replace the string MAIL_VERSION in a configuration parameter
value with the Postfix release version. Do not try to specify
something like $<a href="postconf.5.html#mail_version">mail_version</a> on this command line. This produces
inconsistent results with different versions of the make(1) command.
</p>
<h2>Begin Security Alert</h2>
<p> <b> When building an archive for distribution, be sure to

117
postfix/html/postconf.5.html
View File

@ -6198,6 +6198,27 @@ and <a href="postconf.5.html#body_checks">body_checks</a>. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="meta_directory">meta_directory</a>
(default: see 'postconf -d' output)</b></DT><DD>
<p> The location of non-executable files that are shared among
multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files <a href="postconf.5.html">main.cf</a>.proto and <a href="master.5.html">master.cf</a>.proto.
This directory should contain only Postfix-related files. Typically,
the <a href="postconf.5.html#meta_directory">meta_directory</a> parameter has the same default as the <a href="postconf.5.html#config_directory">config_directory</a>
parameter (/etc/postfix or /usr/local/etc/postfix). </p>
<p> For backwards compatibility with Postfix versions 2.6..2.11,
specify "<a href="postconf.5.html#meta_directory">meta_directory</a> = $<a href="postconf.5.html#daemon_directory">daemon_directory</a>" in <a href="postconf.5.html">main.cf</a> before
installing or upgrading Postfix, or specify "<a href="postconf.5.html#meta_directory">meta_directory</a> =
/path/name" on the "make makefiles", "make install" or "make upgrade"
command line. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="milter_command_timeout">milter_command_timeout</a>
@ -7090,19 +7111,6 @@ is rejected by the <b><a href="postconf.5.html#reject_plaintext_session">reject_
<p> This feature is available in Postfix 2.3 and later. </p>
</DD>
<DT><b><a name="plugin_directory">plugin_directory</a>
(default: see 'postconf -d' output)</b></DT><DD>
<p> The location of the Postfix dynamicmaps.cf database plugin
configuration file, and of database plugins with a relative pathname.
This is set to "no" when Postfix database plugin support is disabled
at compile time. </p>
<p> This feature is available in Postfix 2.12 and later. </p>
</DD>
<DT><b><a name="postmulti_control_commands">postmulti_control_commands</a>
@ -9553,15 +9561,34 @@ earlier: "<b>/etc/postfix/post-install set-permissions</b>".
<DT><b><a name="shlib_directory">shlib_directory</a>
(default: see 'postconf -d' output)</b></DT><DD>
<p> The location of Postfix shared libraries (libpostfix-*.so.*).
This parameter defaults to "no" when Postfix shared libraries are
disabled at compile time. </p>
<p> The location of Postfix shared libraries (libpostfix-*.so),
and the default location of Postfix database plugins (libpostfix-*.so)
that have a relative pathname in the dynamicmaps.cf file. The
<a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter defaults to "no" when Postfix shared
libraries and database plugins are disabled at compile time, otherwise
it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
</p>
<p> NOTE: You can change the location of these files after Postfix
is built. However, you may have to run ldconfig if you move the
libpostfix-*.so.* files to a non-system directory. No ldconfig is
needed if you keep the libpostfix-*.so.* files in the compiled-in
default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
<p> Notes: </p>
<ul>
<li> <p> The directory specified with <a href="postconf.5.html#shlib_directory">shlib_directory</a> should contain
only Postfix-related files. Postfix shared libraries and database
plugins should not be installed in a "public" system directory such
as /usr/lib or /usr/local/lib. Linking Postfix shared-library files
or database plugins into non-Postfix programs is not supported.
Postfix shared libraries and database plugins implement a
Postfix-internal API that changes without maintaining compatibility.
</p>
<li> <p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
Postfix programs from failing because the libpostfix-*.so files are
not found. No ldconfig command is needed if you keep the libpostfix-*.so
files in the compiled-in default $<a href="postconf.5.html#shlib_directory">shlib_directory</a> location. </p>
</ul>
<p> This feature is available in Postfix 2.12 and later. </p>
@ -13002,6 +13029,14 @@ Postfix version 2.5). This feature is available with Postfix version
parent domains, client IP address, or networks obtained by stripping
least significant octets. See the <a href="access.5.html">access(5)</a> manual page for details. </dd>
<dt><b><a name="check_client_a_access">check_client_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for the
client hostname, and execute the corresponding action. Note: a result
of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
to exclude specific hosts from blacklists. This feature is available
in Postfix 2.12 and later. </dd>
<dt><b><a name="check_client_mx_access">check_client_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
@ -13028,6 +13063,14 @@ safety reasons. Instead, use DUNNO in order to exclude specific
hosts from blacklists. This feature is available in Postfix 2.6
and later.</dd>
<dt><b><a name="check_reverse_client_hostname_a_access">check_reverse_client_hostname_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for the
unverified reverse client hostname, and execute the corresponding
action. Note: a result of "OK" is not allowed for safety reasons.
Instead, use DUNNO in order to exclude specific hosts from blacklists.
This feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_reverse_client_hostname_mx_access">check_reverse_client_hostname_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for the
@ -13786,6 +13829,18 @@ Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required
restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
simply skip <a href="postconf.5.html#check_helo_access">check_helo_access</a> by not sending HELO or EHLO). </dd>
<dt><b><a name="check_helo_a_access">check_helo_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
the HELO or EHLO hostname, and execute the corresponding action.
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
simply skip check_helo_a_access by not sending HELO or EHLO). This
feature is available in Postfix 2.12 and later.
</dd>
<dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
@ -14251,6 +14306,14 @@ that is received with the RCPT TO command.
TO address, domain, parent domains, or localpart@, and execute the
corresponding action. </dd>
<dt><b><a name="check_recipient_a_access">check_recipient_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
@ -15027,10 +15090,18 @@ received with the MAIL FROM command.
address, domain, parent domains, or localpart@, and execute the
corresponding action. </dd>
<dt><b><a name="check_sender_a_access">check_sender_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the IP addresses for
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_sender_mx_access">check_sender_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
the MAIL FROM address, and execute the corresponding action. Note:
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
@ -15038,7 +15109,7 @@ feature is available in Postfix 2.1 and later. </dd>
<dt><b><a name="check_sender_ns_access">check_sender_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
for the MAIL FROM address, and execute the corresponding action.
for the MAIL FROM domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>

13
postfix/html/postfix.1.html
View File

@ -179,13 +179,16 @@ POSTFIX(1) POSTFIX(1)
Available in Postfix version 2.12 and later:
<b><a href="postconf.5.html#plugin_directory">plugin_directory</a> (see 'postconf -d' output)</b>
The location of the Postfix dynamicmaps.cf database plugin con-
figuration file, and of database plugins with a relative path-
name.
<b><a href="postconf.5.html#meta_directory">meta_directory</a> (see 'postconf -d' output)</b>
The location of non-executable files that are shared among mul-
tiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files <a href="postconf.5.html">main.cf</a>.proto and <a href="master.5.html">mas-
ter.cf</a>.proto.
<b><a href="postconf.5.html#shlib_directory">shlib_directory</a> (see 'postconf -d' output)</b>
The location of Postfix shared libraries (libpostfix-*.so.*).
The location of Postfix shared libraries (libpostfix-*.so.*),
and of Postfix database plugins that have a relative pathname in
the dynamicmaps.cf file.
Other configuration parameters:

17
postfix/html/postmulti.1.html
View File

@ -356,9 +356,22 @@ POSTMULTI(1) POSTMULTI(1)
syslog records, so that "smtpd" becomes, for example, "post-
fix/smtpd".
Available in Postfix 2.12 and later:
<b><a href="postconf.5.html#meta_directory">meta_directory</a> (see 'postconf -d' output)</b>
The location of non-executable files that are shared among mul-
tiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files <a href="postconf.5.html">main.cf</a>.proto and <a href="master.5.html">mas-
ter.cf</a>.proto.
<b><a href="postconf.5.html#shlib_directory">shlib_directory</a> (see 'postconf -d' output)</b>
The location of Postfix shared libraries (libpostfix-*.so.*),
and of Postfix database plugins that have a relative pathname in
the dynamicmaps.cf file.
<b>FILES</b>
$<a href="postconf.5.html#daemon_directory">daemon_directory</a>/<a href="postconf.5.html">main.cf</a>, stock configuration file
$<a href="postconf.5.html#daemon_directory">daemon_directory</a>/<a href="master.5.html">master.cf</a>, stock configuration file
$<a href="postconf.5.html#meta_directory">meta_directory</a>/<a href="postconf.5.html">main.cf</a>.proto, stock configuration file
$<a href="postconf.5.html#meta_directory">meta_directory</a>/<a href="master.5.html">master.cf</a>.proto, stock configuration file
$<a href="postconf.5.html#daemon_directory">daemon_directory</a>/postmulti-script, life-cycle helper program
<b>SEE ALSO</b>

189
postfix/makedefs
View File

@ -18,6 +18,12 @@
# environment variables (or as name=value pairs on the "make"
# command line). Use quotes if variables contain whitespace
# or shell meta characters.
#
# The "make makefiles name=value..." command will replace the
# string MAIL_VERSION in a parameter value with the Postfix
# release version. Do not try to specify something like
# $mail_version on this command line. This produces inconsistent
# results with different versions of the make(1) command.
# .IP \fBAUXLIBS=\fIobject_library...\fR
# Specifies one or more non-default object libraries. Postfix
# 2,12 and later specify some of their database library
@ -85,7 +91,7 @@
# .IP \fBdynamicmaps=yes\fR
# .IP \fBdynamicmaps=no\fR
# Enable (disable) Postfix builds with the configuration file
# $plugin_directory/dynamicmaps.cf and dynamically-loadable
# $meta_directory/dynamicmaps.cf and dynamically-loadable
# database plugins typically named postfix-*.so.*. The setting
# "dynamicmaps=yes" implicitly enables Postfix shared libraries.
#
@ -97,19 +103,13 @@
#
# command_directory config_directory daemon_directory
# data_directory default_database_type html_directory
# mailq_path manpage_directory newaliases_path plugin_directory
# mailq_path manpage_directory meta_directory newaliases_path
# queue_directory readme_directory sendmail_path shlib_directory
#
# See the postconf(5) manpage for a description of these
# parameters.
#
# This feature was introduced with Postfix 2.12.
# .IP \fBSHLIB_VERSION=\fIversion\fR
# Specifies a non-default shared-library version for Postfix
# libraries and database plugins. By default, the version
# equals the default value for the $mail_version parameter.
#
# This feature was introduced with Postfix 2.12.
# .IP \fBWARN=\fIwarning_flags\fR
# Specifies non-default gcc compiler warning options for use when
# "make" is invoked in a source subdirectory only.
@ -708,6 +708,91 @@ CCARGS="$CCARGS -DSNAPSHOT"
# Workaround: prepend Postfix include files before other include files.
CCARGS="-I. -I../../include $CCARGS"
# Portability and usability considerations.
#
# In an ideal world we would be able to provide the option to say
# "make makefiles shlib_directory=/some/where/'$mail_version'". This
# would allow a running system to be upggraded without worries about
# tempororary program-library ABI incompatibilities (the Postfix
# library API changes incompatibly from one version to the next).
#
# Unfortunately, gmake performs macro expansion on values in name=value
# command-line arguments. In the specific example above, gmake would
# eat up the "$" and "m" before it even invokes makedefs, and it
# ould replace "'${mail_version}'" and "'$(mail_version)'" with
# nothing.
#
# We could work around this by documenting that $$ must be used (and
# fix $$ in the case that people use traditional make). But this
# would be non-intuitive and bad from a usability point of view.
#
# We could work around this by documenting that people must pass
# name=value via the environment instead of the command line, as in
# "shlib_directory=/some/where/'$mail_version' make makefiles", or
# that they issue "export" or "setenv" commands depending on their
# interactive shell. That would be non-intuitive and bad usability.
#
# Even if we did any of the above, we would not want to pass the
# unexpanded $mail_version via CCARGS, because that requires extra
# quoting with `echo "$parm_val" | sed 's/[$]/\\\\$$/'` which is
# just too ugly to be portable.
#
# The upshot of all this is that we will expand MAIL_VERSION in the
# "make makefiles parameter=value" command line, and that we pass
# the expanded text via CCARGS. This is clumsier but cleaner.
# Helper function to determine DEF_MAIL_VERSION.
def_mail_version()
{
trap 'rm -f makedefs.test makedefs.test.[co]' 1 2 3 15
cat > makedefs.test.c <<'EOF'
#include <stdlib.h>
#include <stdio.h>
EOF
# Avoid "nested comment" warnings. Top-of-file comments start in
# column 1 and have no code after "*/", not even in header files.
# If this is insufficient, kill the problem with #ifndef MAKEDEFS.
sed '/^\/\*/,/\*\//d' src/global/mail_version.h >>makedefs.test.c
cat >>makedefs.test.c <<EOF
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int main(void)
{
printf("%s\n", DEF_MAIL_VERSION);
fflush(stdout);
exit(ferror(stdout) ? 1 : 0);
}
EOF
eval ${CC-gcc} ${CCARGS} -o makedefs.test makedefs.test.c || exit 1
./makedefs.test || exit 1
rm -f makedefs.test makedefs.test.[co]
}
# Helper function to expand MAIL_VERSION in command-line value.
expand_MAIL_VERSION()
{
case "$mail_version" in
"") mail_version=`def_mail_version` || exit 1
esac
echo "$1" | sed "s/MAIL_VERSION/$mail_version/g"
}
# Helper function to expand $mail_version in parameter value.
expand_mail_version()
{
case "$mail_version" in
"") mail_version=`def_mail_version` || exit 1
esac
echo "$1" | sed "
s/\$[{(]mail_version[)}]/$mail_version/g
s/\$mail_version/$mail_version/g
"
}
# Optionally override installation-parameter default settings.
command_directory_macro=DEF_COMMAND_DIR
@ -715,25 +800,29 @@ config_directory_macro=DEF_CONFIG_DIR
daemon_directory_macro=DEF_DAEMON_DIR
data_directory_macro=DEF_DATA_DIR
mailq_path_macro=DEF_MAILQ_PATH
meta_directory_macro=DEF_META_DIR
newaliases_path_macro=DEF_NEWALIAS_PATH
plugin_directory_macro=DEF_PLUGIN_DIR
queue_directory_macro=DEF_QUEUE_DIR
sendmail_path_macro=DEF_SENDMAIL_PATH
shlib_directory_macro=DEF_SHLIB_DIR
# shlib_directory and plugin_directory are checked here because "no"
# is not a good answer. Instead, build with "dynamicmaps=no" or
# "shared=no" as appropriate.
# shlib_directory is checked here because "no" is not a good answer.
# Instead, build with "dynamicmaps=no" and "shared=no" as appropriate.
for parm_name in command_directory config_directory daemon_directory \
data_directory mailq_path newaliases_path plugin_directory \
data_directory mailq_path meta_directory newaliases_path \
queue_directory sendmail_path shlib_directory
do
eval parm_val=\"\$$parm_name\"
eval parm_macro=\"\$${parm_name}_macro\"
case "$parm_val" in
"") ;;
/*) CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
/*) case "$parm_val" in
*MAIL_VERSION*)
parm_val=`expand_MAIL_VERSION "$parm_val"` || exit 1
eval ${parm_name}=\""\$parm_val"\";;
esac
CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
*) error "$parm_name must specify an absolute path name";;
esac
done
@ -748,7 +837,12 @@ do
eval parm_macro=\"\$${parm_name}_macro\"
case "$parm_val" in
"") ;;
/*|no) CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
/*|no) case "$parm_val" in
*MAIL_VERSION*)
parm_val=`expand_MAIL_VERSION "$parm_val"` || exit 1
eval ${parm_name}=\""\$parm_val"\";;
esac
CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
*) error "$parm_name must specify \"no\" or an absolute path name";;
esac
done
@ -761,7 +855,12 @@ do
eval parm_macro=\"\$${parm_name}_macro\"
case "$parm_val" in
"") ;;
*) CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
*) case "$parm_val" in
*MAIL_VERSION*)
parm_val=`expand_MAIL_VERSION "$parm_val"` || exit 1
eval ${parm_name}=\""\$parm_val"\";;
esac
CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\"";;
esac
done
@ -801,14 +900,17 @@ yes)
PLUGIN_MAP_SO_MAKE=
PLUGIN_MAP_SO_UPDATE=
PLUGIN_LD=
plugin_directory=no
CCARGS="$CCARGS -UUSE_DYNAMIC_MAPS -DDEF_PLUGIN_DIR=\\\"no\\\""
CCARGS="$CCARGS -UUSE_DYNAMIC_MAPS"
;;
esac
# Determine the shared-library and plugin installation directory.
for parm_name in shlib_directory plugin_directory
do
# The shlib_directory parameter is special. If the DEF_SHLIB_DIR
# C-language constant ends in "$mail_version" then the custom
# code below expands this by peeking at the DEF_MAIL_VERSION
# C-language constant.
#
parm_name=shlib_directory
eval parm_val=\"\$$parm_name\"
eval parm_macro=\"\$${parm_name}_macro\"
case "$parm_val" in
@ -817,7 +919,6 @@ yes)
"") trap 'rm -f makedefs.test makedefs.test.[co]' 1 2 3 15
sed -n '
/_SHLIB_DIR/,/^$/p
/_PLUGIN_DIR/,/^$/p
' src/global/mail_params.h >makedefs.test.c
cat >>makedefs.test.c <<EOF
#include <stdlib.h>
@ -830,55 +931,33 @@ int main(void)
}
EOF
eval ${CC-gcc} ${CCARGS} -o makedefs.test makedefs.test.c || exit 1
eval $parm_name=`./makedefs.test` || exit 1
parm_val=`./makedefs.test` || exit 1
rm -f makedefs.test makedefs.test.[co]
case $parm_val in
*'$'mail_version*|*'$'{mail_version}*|'$('mail_version')'*)
parm_val=`expand_mail_version "$parm_val"` || exit 1
eval ${parm_name}=\""\$parm_val"\"
esac
CCARGS="$CCARGS -D$parm_macro=\\\"$parm_val\\\""
;;
*) # this parameter was already checked above.
error "Can't happen in $0 - $parm_val is not an absolute path"
;;
esac
done
# Determine the shared-library version.
test -z "$SHLIB_VERSION" && {
trap 'rm -f makedefs.test makedefs.test.[co]' 1 2 3 15
(cat <<'EOF'
#include <stdlib.h>
#include <stdio.h>
EOF
# Avoid "nested comment" warnings. Top-of-file comments start in
# column 1 and have no code after "*/", not even in header files.
# If this is insufficient, kill the problem with #ifndef MAKEDEFS.
sed '/^\/\*/,/\*\//d' src/global/mail_version.h
cat <<'EOF'
int main(void)
{
printf("%s\n", DEF_MAIL_VERSION);
fflush(stdout);
exit(ferror(stdout) ? 1 : 0);
}
EOF
) >makedefs.test.c
eval ${CC-gcc} -DMAKEDEFS ${CCARGS} -o makedefs.test makedefs.test.c || exit 1
SHLIB_VERSION=`./makedefs.test` || exit 1
rm -f makedefs.test makedefs.test.[co]
}
LIB_PREFIX=postfix-
LIB_SUFFIX=${SHLIB_SUFFIX}.${SHLIB_VERSION}
CCARGS="$CCARGS -DSHLIB_VERSION=\\\"$SHLIB_VERSION\\\""
LIB_SUFFIX=${SHLIB_SUFFIX}
;;
no|"")
shlib_directory=no
plugin_directory=no
CCARGS="$CCARGS -UUSE_DYNAMIC_LIBS -DDEF_SHLIB_DIR=\\\"no\\\""
CCARGS="$CCARGS -UUSE_DYNAMIC_MAPS -DDEF_PLUGIN_DIR=\\\"no\\\""
CCARGS="$CCARGS -UUSE_DYNAMIC_MAPS"
SHLIB_CFLAGS=
SHLIB_SUFFIX=
SHLIB_LD=:
SHLIB_RPATH=
SHLIB_ENV=
SHLIB_VERSION=
LIB_PREFIX=
LIB_SUFFIX=.a
NON_PLUGIN_MAP_OBJ='$(MAP_OBJ)'
@ -922,8 +1001,8 @@ DEFINED_MAP_TYPES=`
PLUGGABLE_MAPS="CDB LDAP LMDB MYSQL PCRE PGSQL SDBM SQLITE"
case "$plugin_directory" in
/*) for name in $PLUGGABLE_MAPS
case "$dynamicmaps" in
yes) for name in $PLUGGABLE_MAPS
do
eval test -n "\"\$AUXLIBS_$name\"" &&
eval PLUGIN_AUXLIBS="\"\$PLUGIN_AUXLIBS
@ -961,9 +1040,7 @@ SHLIB_DIR = $shlib_directory
SHLIB_ENV = $SHLIB_ENV
SHLIB_LD = $SHLIB_LD
SHLIB_RPATH = $SHLIB_RPATH
SHLIB_VERSION = $SHLIB_VERSION
# Switch between dynamicmaps.cf plugins and hard-linked databases.
PLUGIN_DIR = $plugin_directory
NON_PLUGIN_MAP_OBJ = $NON_PLUGIN_MAP_OBJ
PLUGIN_MAP_OBJ = $PLUGIN_MAP_OBJ
PLUGIN_MAP_OBJ_UPDATE = $PLUGIN_MAP_OBJ_UPDATE

11
postfix/man/man1/postfix.1
View File

@ -165,11 +165,14 @@ The directory with Postfix-writable data files (for example:
caches, pseudo-random numbers).
.PP
Available in Postfix version 2.12 and later:
.IP "\fBplugin_directory (see 'postconf -d' output)\fR"
The location of the Postfix dynamicmaps.cf database plugin
configuration file, and of database plugins with a relative pathname.
.IP "\fBmeta_directory (see 'postconf -d' output)\fR"
The location of non-executable files that are shared among
multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files main.cf.proto and master.cf.proto.
.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
The location of Postfix shared libraries (libpostfix-*.so.*).
The location of Postfix shared libraries (libpostfix-*.so.*),
and of Postfix database plugins that have a relative pathname in
the dynamicmaps.cf file.
.PP
Other configuration parameters:
.IP "\fBimport_environment (see 'postconf -d' output)\fR"

14
postfix/man/man1/postmulti.1
View File

@ -368,11 +368,21 @@ The syslog facility of Postfix logging.
.IP "\fBsyslog_name (see 'postconf -d' output)\fR"
The mail system name that is prepended to the process name in syslog
records, so that "smtpd" becomes, for example, "postfix/smtpd".
.PP
Available in Postfix 2.12 and later:
.IP "\fBmeta_directory (see 'postconf -d' output)\fR"
The location of non-executable files that are shared among
multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files main.cf.proto and master.cf.proto.
.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
The location of Postfix shared libraries (libpostfix-*.so.*),
and of Postfix database plugins that have a relative pathname in
the dynamicmaps.cf file.
.SH "FILES"
.na
.nf
$daemon_directory/main.cf, stock configuration file
$daemon_directory/master.cf, stock configuration file
$meta_directory/main.cf.proto, stock configuration file
$meta_directory/master.cf.proto, stock configuration file
$daemon_directory/postmulti-script, life-cycle helper program
.SH "SEE ALSO"
.na

94
postfix/man/man5/postconf.5
View File

@ -3674,6 +3674,21 @@ message_strip_characters = \e0
.ft R
.PP
This feature is available in Postfix 2.3 and later.
.SH meta_directory (default: see 'postconf -d' output)
The location of non-executable files that are shared among
multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files main.cf.proto and master.cf.proto.
This directory should contain only Postfix-related files. Typically,
the meta_directory parameter has the same default as the config_directory
parameter (/etc/postfix or /usr/local/etc/postfix).
.PP
For backwards compatibility with Postfix versions 2.6..2.11,
specify "meta_directory = $daemon_directory" in main.cf before
installing or upgrading Postfix, or specify "meta_directory =
/path/name" on the "make makefiles", "make install" or "make upgrade"
command line.
.PP
This feature is available in Postfix 2.12 and later.
.SH milter_command_timeout (default: 30s)
The time limit for sending an SMTP command to a Milter (mail
filter) application, and for receiving the response.
@ -4238,13 +4253,6 @@ The numerical Postfix SMTP server response code when a request
is rejected by the \fBreject_plaintext_session\fR restriction.
.PP
This feature is available in Postfix 2.3 and later.
.SH plugin_directory (default: see 'postconf -d' output)
The location of the Postfix dynamicmaps.cf database plugin
configuration file, and of database plugins with a relative pathname.
This is set to "no" when Postfix database plugin support is disabled
at compile time.
.PP
This feature is available in Postfix 2.12 and later.
.SH postmulti_control_commands (default: reload flush)
The \fBpostfix\fR(1) commands that the \fBpostmulti\fR(1) instance manager
treats as "control" commands, that operate on running instances. For
@ -5845,15 +5853,29 @@ Postfix directories. When this parameter value is changed you need
to re-run "\fBpostfix set-permissions\fR" (with Postfix version 2.0 and
earlier: "\fB/etc/postfix/post-install set-permissions\fR".
.SH shlib_directory (default: see 'postconf -d' output)
The location of Postfix shared libraries (libpostfix-*.so.*).
This parameter defaults to "no" when Postfix shared libraries are
disabled at compile time.
The location of Postfix shared libraries (libpostfix-*.so),
and the default location of Postfix database plugins (libpostfix-*.so)
that have a relative pathname in the dynamicmaps.cf file. The
shlib_directory parameter defaults to "no" when Postfix shared
libraries and database plugins are disabled at compile time, otherwise
it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
.PP
NOTE: You can change the location of these files after Postfix
is built. However, you may have to run ldconfig if you move the
libpostfix-*.so.* files to a non-system directory. No ldconfig is
needed if you keep the libpostfix-*.so.* files in the compiled-in
default $shlib_directory location.
Notes:
.IP \(bu
The directory specified with shlib_directory should contain
only Postfix-related files. Postfix shared libraries and database
plugins should not be installed in a "public" system directory such
as /usr/lib or /usr/local/lib. Linking Postfix shared-library files
or database plugins into non-Postfix programs is not supported.
Postfix shared libraries and database plugins implement a
Postfix-internal API that changes without maintaining compatibility.
.IP \(bu
You can change the shlib_directory value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
Postfix programs from failing because the libpostfix-*.so files are
not found. No ldconfig command is needed if you keep the libpostfix-*.so
files in the compiled-in default $shlib_directory location.
.br
.PP
This feature is available in Postfix 2.12 and later.
.SH show_user_unknown_table_name (default: yes)
@ -8492,6 +8514,13 @@ Search the specified access database for the client hostname,
parent domains, client IP address, or networks obtained by stripping
least significant octets. See the \fBaccess\fR(5) manual page for details.
.br
.IP "\fBcheck_client_a_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the IP addresses for the
client hostname, and execute the corresponding action. Note: a result
of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
to exclude specific hosts from blacklists. This feature is available
in Postfix 2.12 and later.
.br
.IP "\fBcheck_client_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for the
client hostname, and execute the corresponding action. Note: a result
@ -8515,6 +8544,13 @@ safety reasons. Instead, use DUNNO in order to exclude specific
hosts from blacklists. This feature is available in Postfix 2.6
and later.
.br
.IP "\fBcheck_reverse_client_hostname_a_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the IP addresses for the
unverified reverse client hostname, and execute the corresponding
action. Note: a result of "OK" is not allowed for safety reasons.
Instead, use DUNNO in order to exclude specific hosts from blacklists.
This feature is available in Postfix 2.12 and later.
.br
.IP "\fBcheck_reverse_client_hostname_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for the
unverified reverse client hostname, and execute the corresponding
@ -9126,6 +9162,16 @@ Note: specify "smtpd_helo_required = yes" to fully enforce this
restriction (without "smtpd_helo_required = yes", a client can
simply skip check_helo_access by not sending HELO or EHLO).
.br
.IP "\fBcheck_helo_a_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the IP addresses for
the HELO or EHLO hostname, and execute the corresponding action.
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
restriction (without "smtpd_helo_required = yes", a client can
simply skip check_helo_a_access by not sending HELO or EHLO). This
feature is available in Postfix 2.12 and later.
.br
.IP "\fBcheck_helo_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for
the HELO or EHLO hostname, and execute the corresponding action.
@ -9443,6 +9489,13 @@ Search the specified \fBaccess\fR(5) database for the resolved RCPT
TO address, domain, parent domains, or localpart@, and execute the
corresponding action.
.br
.IP "\fBcheck_recipient_a_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the IP addresses for
the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later.
.br
.IP "\fBcheck_recipient_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for
the RCPT TO domain, and execute the corresponding action. Note:
@ -10051,16 +10104,23 @@ Search the specified \fBaccess\fR(5) database for the MAIL FROM
address, domain, parent domains, or localpart@, and execute the
corresponding action.
.br
.IP "\fBcheck_sender_a_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the IP addresses for
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later.
.br
.IP "\fBcheck_sender_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for
the MAIL FROM address, and execute the corresponding action. Note:
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.br
.IP "\fBcheck_sender_ns_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the DNS servers
for the MAIL FROM address, and execute the corresponding action.
for the MAIL FROM domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.

2
postfix/mantools/postlink
View File

@ -390,7 +390,7 @@ while (<>) {
s;\bdefault_desti[-</Bb>]*\n* *[<Bb>]*na[-</Bb>]*\n* *[<Bb>]*tion_con[-</Bb>]*\n* *[<Bb>]*currency_failed_cohort_limit\b;<a href="postconf.5.html#default_destination_concurrency_failed_cohort_limit">$&</a>;g;
s;\bdestination_concurrency_feedback_debug\b;<a href="postconf.5.html#destination_concurrency_feedback_debug">$&</a>;g;
s;\bdefault_destina[-</Bb>]*\n* *[<Bb>]*tion_rate_delay\b;<a href="postconf.5.html#default_destination_rate_delay">$&</a>;g;
s;\bplugin_directory\b;<a href="postconf.5.html#plugin_directory">$&</a>;g;
s;\bmeta_directory\b;<a href="postconf.5.html#meta_directory">$&</a>;g;
s;\bqmqpd_client_port_logging\b;<a href="postconf.5.html#qmqpd_client_port_logging">$&</a>;g;
s;\bqmqpd_error_delay\b;<a href="postconf.5.html#qmqpd_error_delay">$&</a>;g;

0
postfix/meta/.keep Normal file
View File

7
postfix/postfix-env.sh
View File

@ -1,8 +1,5 @@
#!/bin/sh
# Run a program with the new libraries, not the installed ones.
# Run a program with the new shared libraries instead of the installed ones.
export LD_LIBRARY_PATH
LD_LIBRARY_PATH=`pwd`/lib
"$@"
LD_LIBRARY_PATH=`pwd`/lib exec "$@"

99
postfix/postfix-install
View File

@ -57,11 +57,16 @@
# parameter settings. These settings have the highest precedence.
# .IP "command line"
# Parameter settings can be given as name=value arguments on
# the postfix-install command line.
# the postfix-install command line. This mode will replace
# the string MAIL_VERSION in a configuration parameter value
# with the Postfix release version (Postfix 2.12 and later).
# .IP "process environment"
# Parameter settings can be given as name=value environment
# variables. Environment parameters can also be specified on the
# make(1) command line as "make install name=value ...".
# variables. Environment parameters can also be specified on
# the make(1) command line as "make install name=value ...".
# This mode will replace the string MAIL_VERSION in a
# configuration parameter value with the Postfix release
# version (Postfix 2.12 and later).
# .IP "installed configuration files"
# If a parameter is not specified via the command line or via the
# process environment, postfix-install will attempt to extract its
@ -144,25 +149,29 @@
# The final destination directory for the Postfix sample configuration
# files. This parameter is obsolete as of Postfix version 2.1.
# This parameter setting is recorded in the installed main.cf file.
# .IP plugin_directory
# The final destination directory for the Postfix dynamicmaps.cf
# database plugin configuration file, and files referenced by
# that file. This is "no" when dynamic linking is disabled
# at compile time.
# .IP meta_directory
# The final destination directory for non-executable files
# that are shared among multiple Postfix instances, such
# as postfix-files, dynamicmaps.cf, as well as the multi-instance
# template files main.cf.proto and master.cf.proto. This
# directory should contain only Postfix-related files.
# .IP readme_directory
# The final destination directory for the Postfix README files.
# This parameter setting is recorded in the installed main.cf file.
# .IP shlib_directory
# The final destination directory for Postfix shared-library files.
# The built-in default value is specified at compile time.
# If you change this at installation time, then you should specify
# only "standard" system directories. Otherwise, additional
# configuration will be required with ldconfig(1) or equivalent.
# The final destination directory for Postfix shared-library
# files, and the default directory for Postfix database plugin
# files with a relative pathname in the file dynamicmaps.cf.
# This directory should contain only Postfix-related files.
# The shlib_directory parameter built-in default value is
# specified at compile time. If you change this at installation
# time, then additional configuration will be required with
# ldconfig(1) or equivalent.
# SEE ALSO
# post-install(1) post-installation procedure
# FILES
# $config_directory/main.cf, Postfix installation configuration.
# $daemon_directory/postfix-files, installation control file.
# $meta_directory/postfix-files, installation control file.
# $config_directory/install.cf, obsolete configuration file.
# LICENSE
# .ad
@ -221,6 +230,28 @@ test -x bin/postconf || {
exit 1
}
CONFIG_PARAMS="command_directory daemon_directory data_directory \
html_directory mail_owner mailq_path manpage_directory newaliases_path \
queue_directory readme_directory sendmail_path setgid_group shlib_directory \
meta_directory"
# Expand the string MAIL_VERSION in "make install" etc. name=value
# command-line arguments (and consequently, in environment settings),
# for consistency with "make makefiles".
for name in $CONFIG_PARAMS sample_directory install_root tempdir
do
eval junk=\$$name
case "$junk" in
*MAIL_VERSION*)
case "$mail_version" in
"") mail_version="`bin/postconf -dhx mail_version`" || exit 1
esac
eval ${name}=\"`echo "$junk" | sed "s/MAIL_VERSION/$mail_version/g"`\" ||
exit 1;;
esac
done
case `uname -s` in
HP-UX*) FMT=cat;;
*) FMT=fmt;;
@ -387,9 +418,10 @@ HTML files. Specify \"no\" if you do not want to install these files."
shlib_directory_prompt="the final destination directory for Postfix
shared-library files."
plugin_directory_prompt="the final destination directory for the
Postfix dynamicmaps.cf configuration file and files referenced by
that file."
meta_directory_prompt="the final destination directory for
non-executable files that are shared among multiple Postfix instances,
such as postfix-files, dynamicmaps.cf, as well as the multi-instance
template files main.cf.proto and master.cf.proto."
# Default settings, just to get started.
@ -452,11 +484,6 @@ grep setgid_group $CONFIG_DIRECTORY/main.cf >/dev/null 2>&1 || {
}
}
CONFIG_PARAMS="command_directory daemon_directory data_directory \
html_directory mail_owner mailq_path manpage_directory newaliases_path \
queue_directory readme_directory sendmail_path setgid_group shlib_directory \
plugin_directory"
# Extract parameter settings from the installed main.cf file.
test -f $CONFIG_DIRECTORY/main.cf && {
@ -517,7 +544,7 @@ case "$manpage_directory" in
exit 1;;
esac
for path in "$html_directory" "$readme_directory" "$shlib_directory" "$plugin_directory"
for path in "$html_directory" "$readme_directory" "$shlib_directory"
do
case "$path" in
/*) ;;
@ -528,7 +555,8 @@ do
done
for path in "$daemon_directory" "$data_directory" "$command_directory" "$queue_directory" \
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory"
"$sendmail_path" "$newaliases_path" "$mailq_path" "$manpage_directory" \
"$meta_directory"
do
case "$path" in
/*) ;;
@ -545,8 +573,8 @@ do
done
for path in command_directory config_directory daemon_directory data_directory \
manpage_directory queue_directory shlib_directory plugin_directory html_directory \
readme_directory
manpage_directory queue_directory shlib_directory html_directory \
readme_directory meta_directory
do
case "$path" in
no) ;;
@ -602,21 +630,20 @@ HTML_DIRECTORY=$install_root$html_directory
MANPAGE_DIRECTORY=$install_root$manpage_directory
README_DIRECTORY=$install_root$readme_directory
SHLIB_DIRECTORY=$install_root$shlib_directory
PLUGIN_DIRECTORY=$install_root$plugin_directory
META_DIRECTORY=$install_root$meta_directory
# Avoid repeated tests for existence of these; default permissions suffice.
test -d $DAEMON_DIRECTORY || mkdir -p $DAEMON_DIRECTORY || exit 1
test -d $COMMAND_DIRECTORY || mkdir -p $COMMAND_DIRECTORY || exit 1
test -d $QUEUE_DIRECTORY || mkdir -p $QUEUE_DIRECTORY || exit 1
test "$plugin_directory" = "no" -o -d $PLUGIN_DIRECTORY ||
mkdir -p $PLUGIN_DIRECTORY || exit 1
test "$shlib_directory" = "no" -o -d $SHLIB_DIRECTORY ||
mkdir -p $SHLIB_DIRECTORY || exit 1
test "$html_directory" = "no" -o -d $HTML_DIRECTORY ||
mkdir -p $HTML_DIRECTORY || exit 1
test "$readme_directory" = "no" -o -d $README_DIRECTORY ||
mkdir -p $README_DIRECTORY || exit 1
test -d $META_DIRECTORY || mkdir -p $META_DIRECTORY || exit 1
# Upgrade or first-time installation?
@ -629,7 +656,7 @@ fi
# Install files, using information from the postfix-files file.
exec < libexec/postfix-files || exit 1
exec < meta/postfix-files || exit 1
while IFS=: read path type owner group mode flags junk
do
IFS="$BACKUP_IFS"
@ -703,9 +730,9 @@ do
'$shlib_directory')
compare_or_replace $mode "$owner" "$group" lib/$file \
$SHLIB_DIRECTORY/$file || exit 1;;
'$plugin_directory')
compare_or_replace $mode "$owner" "$group" plugins/$file \
$PLUGIN_DIRECTORY/$file || exit 1;;
'$meta_directory')
compare_or_replace $mode "$owner" "$group" meta/$file \
$META_DIRECTORY/$file || exit 1;;
'$daemon_directory')
compare_or_replace $mode "$owner" "$group" libexec/$file \
$DAEMON_DIRECTORY/$file || exit 1;;
@ -731,7 +758,7 @@ do
test "$readme_directory" = "no" ||
compare_or_replace $mode "$owner" "$group" README_FILES/$file \
$README_DIRECTORY/$file || exit 1;;
*) echo $0: Error: unknown entry $path in libexec/postfix-files 1>&2
*) echo $0: Error: unknown entry $path in meta/postfix-files 1>&2
exit 1;;
esac) || exit 1
continue;;
@ -762,7 +789,7 @@ do
) || exit 1
continue;;
*) echo $0: Error: unknown type $type for $path in libexec/postfix-files 1>&2
*) echo $0: Error: unknown type $type for $path in meta/postfix-files 1>&2
exit 1;;
esac
@ -788,7 +815,7 @@ bin/postconf -c $CONFIG_DIRECTORY -e \
"sample_directory = $sample_directory" \
"readme_directory = $readme_directory" \
"shlib_directory = $shlib_directory" \
"plugin_directory = $plugin_directory" \
"meta_directory = $meta_directory" \
|| exit 1
# If Postfix is being installed locally from source code, do the

298
postfix/proto/INSTALL.html
View File

@ -236,8 +236,37 @@ $ make
recent versions of Linux, FreeBSD and MacOS X. Shared-library builds
may become the default at some point in the future. </p>
<p> Overview of topics: </p>
<ul>
<li><a href="#shared_enable">4.3.1 Turning on Postfix shared-library
support</a>
<li><a href="#dynamicmaps_enable">4.3.2 Turning on Postfix database-plugin
support</a>
<li><a href="#shared_custom">4.3.3 Customizing Postfix shared
libraries and database plugins</a>
<li><a href="#shared_tips">4.4.4 Tips for distribution maintainers</a>
</ul>
<p> Note: directories with Postfix shared libraries or database
plugins should contain only postfix-related files. Postfix shared
libraries and database plugins should not be installed in a "public"
system directory such as /usr/lib or /usr/local/lib. Linking Postfix
shared-library or database-plugin files into non-Postfix programs
is not supported. Postfix shared libraries and database plugins
implement a Postfix-internal API that changes without maintaining
compatibility. </p>
<h4><a name="shared_enable"> 4.3.1 Turning on Postfix shared-library
support </a></h4>
<p> Postfix can be built with Postfix shared libraries (files
typically named <tt>libpostfix-*.so.*</tt>). Postfix shared libraries
typically named <tt>libpostfix-*.so</tt>). Postfix shared libraries
add minor run-time overhead and result in significantly-smaller
Postfix executable files. </p>
@ -247,63 +276,57 @@ build Postfix with shared-library support. </p>
<blockquote>
<pre>
$ make makefiles shared=yes ...other arguments...
$ make makefiles shared=no ...other arguments...
$ make
</pre>
</blockquote>
<p> This defaults to installing shared libraries in /usr/local/lib,
typically with names like libpostfix-<i>name</i>.so.<i>version</i>,
where the <i>name</i> is a source-code directory name such as "util"
or "global", and the <i>version</i> is the Postfix version:
<i>x.y.z</i> for stable releases, <i>x.y</i>-<i>date</i> for snapshot
(development) releases, or <i>x.y</i>-<i>date</i>-nonprod for
non-production releases. </p>
<p> (Specify "make makefiles shared=no" to explicitly disable Postfix
shared-library support). </p>
<p> To override the default location or shared-library version,
specify, for example: </p>
<p> This installs shared libraries in $shlib_directory, typically,
/usr/lib/postfix/<i>version</i> or /usr/local/lib/postfix/<i>version</i>,
with names like libpostfix-<i>name</i>.so, where the <i>name</i>
is a source-code directory name such as "util" or "global", and the
<i>version</i> is the Postfix release version: <i>x.y.z</i> for
stable releases, <i>x.y</i>-<i>date</i> for snapshot (development)
releases, or <i>x.y</i>-<i>date</i>-nonprod for non-production
releases. </p>
<blockquote>
<pre>
$ make makefiles shared=yes shlib_directory=/usr/lib \
SHLIB_VERSION=1 ...other arguments...
</pre>
</blockquote>
<p> See section 4.3.3 "Customizing Postfix shared libraries and
database plugins" below for how to customize the Postfix shared-library
location and version.
<p> You can change the shlib_directory setting after Postfix is
built, with "make install" or "make upgrade". However, you may have
to run ldconfig if you change shlib_directory after Postfix is built
and install the libpostfix-*.so.* files in a non-system directory.
No ldconfig is needed if you keep the libpostfix-*.so.* files in
the compiled-in default $shlib_directory location. </p>
<h4><a name="dynamicmaps_enable"> 4.3.2 Turning on Postfix
database-plugin support </a></h4>
<p> Additionally, Postfix can be built to support dynamic loading
of Postfix database clients with the Debian-style dynamicmaps
feature. Postfix 2.12 supports dynamic loading of cdb:, ldap:,
lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database clients.
Dynamic loading is useful when you distribute or install pre-compiled
Postfix packages. </p>
of Postfix database clients (database plugins) with the Debian-style
dynamicmaps feature. Postfix 2.12 supports dynamic loading of cdb:,
ldap:, lmdb:, mysql:, pcre:, pgsql:, sdbm:, and sqlite: database
clients. Dynamic loading is useful when you distribute or install
pre-compiled Postfix packages. </p>
<p> Specify "dynamicmaps=yes" on the "make makefiles" command line
to build Postfix with support to dynamically load Postfix database
clients (database plugins) with the Debian-style dynamicmaps feature.
clients with the Debian-style dynamicmaps feature.
</p>
<blockquote>
<pre>
$ make makefiles dynamicmaps=yes ...other arguments...
$ make makefiles dynamicmaps=no ...other arguments...
$ make
</pre>
</blockquote>
<p> This implicitly enables shared-library support, and defaults
to installing dynamicmaps.cf and database plugins in /usr/libexec/postfix.
Database plugins are typically named postfix-<i>type</i>.so.<i>version</i>
where the <i>type</i> is a database type such as "cdb" or "ldap",
and where the <i>version</i> is the same as for Postfix shared
libraries. The installed dynamicmaps.cf configuration file is given
a suffix with the same version. </p>
<p> (Specify "make makefiles dynamicmaps=no" to explicitly disable
Postfix database-plugin support). </p>
<p> This implicitly enables shared-library support, installs the
configuration file dynamicmaps.cf in $meta_directory (usually,
/etc/postfix or /usr/local/etc/postfix), and installs database
plugins in $shlib_directory (see above). Database plugins are named
postfix-<i>type</i>.so where the <i>type</i> is a database type
such as "cdb" or "ldap". </p>
<blockquote>
@ -322,60 +345,155 @@ database client loading was meant to avoid. </p>
</blockquote>
<p> To override the default location or shared-library version,
specify, for example: </p>
<p> See the next section for how to customize the location and
version of Postfix database plugins and the location of the file
dynamicmaps.cf. </p>
<h4><a name="shared_custom"> 4.3.3 Customizing Postfix shared
libraries and database plugins </a></h4>
<h5> Customizing the location of Postfix shared libraries and
database plugins </h5>
<p> As a reminder, the directories with Postfix shared libraries
or database plugins should contain only Postfix-related files.
Linking these files into other programs is not supported. </p>
<p> To override the default location of Postfix shared libraries
and database plugins specify, for example: </p>
<blockquote>
<pre>
% make makefiles dynamicmaps=yes plugin_directory=/usr/lib/postfix \
SHLIB_VERSION=1 ...
$ make makefiles shared=yes shlib_directory=/usr/local/lib/postfix ...
</pre>
</blockquote>
<p> You can also override the plugin_directory setting after Postfix
is built, with "make install" or "make upgrade". In this case, there
is no need to run the ldconfig command. </p>
<p> If you intend to upgrade Postfix without stopping the mail
system, then you should append the Postfix release version to the
shlib_directory pathname, to eliminate the possibility that programs
from the old Postfix version will link with files from the new
Postfix version. For example: </p>
<p> Tips for distribution maintainers:
<blockquote>
<pre>
$ make makefiles shared=yes \
shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
</pre>
</blockquote>
<p> The command "make makefiles name=value..." will replace the
string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$mail_version on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
<p> You can change the shlib_directory setting after Postfix is
built, with "make install" or "make upgrade". However, you may have
to run ldconfig if you change shlib_directory after Postfix is built
(the symptom is that Postfix programs fail because the run-time
linker cannot find the files libpostfix-*.so). No ldconfig command
is needed if you keep the files libpostfix-*.so in the compiled-in
default $shlib_directory location. </p>
<blockquote>
<pre>
# make upgrade shlib_directory=/usr/local/lib/postfix ...
# make install shlib_directory=/usr/local/lib/postfix ...
</pre>
</blockquote>
<p> To append the Postfix release version to the pathname if you
intend to upgrade Postfix without stopping the mail system: </p>
<blockquote>
<pre>
# make upgrade shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
# make install shlib_directory=/usr/local/lib/postfix/MAIL_VERSION ...
</pre>
</blockquote>
<p> See also the comments above for appending MAIL_VERSION with
the "make makefiles" command. </p>
<h5> Customizing the location of dynamicmaps.cf and other files
</h5>
<p> The meta_directory parameter has the same default setting as
the config_directory parameter, typically /etc/postfix or
/usr/local/etc/postfix. </p>
<p> You can override the default meta_directory location at compile
time or after Postfix is built. To override the default location
at compile time specify, for example: </p>
<blockquote>
<pre>
% make makefiles meta_directory=/usr/libexec/postfix ...
</pre>
</blockquote>
<p> Here is a tip if you want to make a pathname dependent on the
Postfix release version: the command "make makefiles name=value..."
will replace the string MAIL_VERSION in a configuration parameter
value with the Postfix release version. Do not try to specify
something like $mail_version on this command line. This produces
inconsistent results with different versions of the make(1) command.
</p>
<p> You can override the meta_directory setting after Postfix is
built, with "make install" or "make upgrade". </p>
<blockquote>
<pre>
# make upgrade meta_directory=/usr/libexec/postfix ...
# make install meta_directory=/usr/libexec/postfix ...
</pre>
</blockquote>
<p> As with the command "make makefiles, the command "make
install/upgrade name=value..." will replace the string MAIL_VERSION
in a configuration parameter value with the Postfix release version.
Do not try to specify something like $mail_version on this command
line. This produces inconsistent results with different versions
of the make(1) command. </p>
<h4><a name="shared_tips"> 4.4.4 Tips for distribution maintainers
</a></h4>
<ul>
<li> <p> The postfix-install procedure creates a compatibility
symlink dynamicmaps.cf -> dynamicmaps.cf.<i>version</i> (as well
as a symlink dynamicmaps.cf.d -> dynamicmaps.cf.<i>version</i>.d;
more on that below). It is therefore safe to use "unversioned"
configuration file names when installing or deinstalling a database
plugin. However, Postfix itself will use the "versioned" names, to
allow minor upgrades to happen without having to stop Postfix. </p>
<li> <p> The shlib_directory parameter setting also provides the
default directory for database plugin files with a relative pathname
in the file dynamicmaps.cf. </p>
<li> <p> The configuration file dynamicmaps.cf.<i>version</i> will
automatically include files under the directory
dynamicmaps.cf.d.<i>version</i>, just like the configuration file
postfix-files will automatically include files under the directory
postfix-files.d. Thanks to this, you don't have to edit postfix-files
or dynamicmaps.cf, when installing or deinstalling a database plugin
package. Instead, each plugin can have its own configuration file.
</p>
<li> <p> The meta_directory parameter specifies the location of the
files dynamicmaps.cf, postfix-files, and some multi-instance template
files. The meta_directory parameter has the same default value as
the config_directory parameter (typically, /etc/postfix or
/usr/local/etc/postfix). For backwards compatibility with Postfix
2.6 .. 2.11, specify "meta_directory = $daemon_directory" in main.cf
before installing or upgrading Postfix, or specify "meta_directory
= /path/name" on the "make makefiles", "make install" or "make
upgrade" command line. </p>
<li> <p> The plugin_directory setting provides the default directory
for shared-library objects with a relative pathname in the file
dynamicmaps.cf.<i>version</i>.
<li> <p> The configuration file dynamicmaps.cf will automatically
include files under the directory dynamicmaps.cf.d, just like the
configuration file postfix-files will automatically include files
under the directory postfix-files.d. Thanks to this, you can install
or deinstall a database plugin package without having to edit
postfix-files or dynamicmaps.cf. Instead, you give that plugin its
own configuration files dynamicmaps.cf.d and postfix-files.d, and
you add or remove those configuration files along with the database
plugin shared object. </p>
<li> <p> Each configuration file under the directory
dynamicmaps.cf.d.<i>version</i> must have a name that ends in ".cf"
and must have the same format as the file dynamicmaps.cf.<i>version</i>.
</p>
<li> <p> The directory dynamicmaps.cf.d.<i>version</i> is the default
directory for shared-library objects with a relative pathname in
the files dynamicmaps.cf.d.<i>version</i>/*.cf. Thus, the directory
dynamicmaps.cf.d.<i>version</i> may contain both configuration files
and shared-library object files. Hence, the requirement that
configuration file names must end in ".cf". </p>
<li> <p> Each configuration file under the directory dynamicmaps.cf.d
must have the same format as the configuration file dynamicmaps.cf.
There is no requirement that these configuration file *names* have a
specific format. </p>
<li> <p> Each configuration file under the directory postfix-files.d
must have the same format as the configuration file postfix-files.
There is no requirement that these configuration file names have a
There is no requirement that these configuration file *names* have a
specific format. </p>
</ul>
@ -445,6 +563,12 @@ $ make
</pre>
</blockquote>
<p> The command "make makefiles name=value ..." will replace the
string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$mail_version on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
<p> Parameters whose defaults can be specified in this way are
listed below. See the postconf(5) manpage for a description
(command: "<tt>nroff -man man/man5/postconf.5 | less</tt>"). </p>
@ -471,9 +595,9 @@ listed below. See the postconf(5) manpage for a description
<tr> <td>manpage_directory</td> <td>/usr/local/man</td> </tr>
<tr> <td>newaliases_path</td> <td>/usr/bin/newaliases</td> </tr>
<tr> <td>meta_directory</td> <td>/etc/postfix</td> </tr>
<tr> <td>plugin_directory</td> <td>/usr/libexec/postfix</td> </tr>
<tr> <td>newaliases_path</td> <td>/usr/bin/newaliases</td> </tr>
<tr> <td>queue_directory</td> <td>/var/spool/postfix</td> </tr>
@ -481,7 +605,7 @@ listed below. See the postconf(5) manpage for a description
<tr> <td>sendmail_path</td> <td>/usr/sbin/sendmail</td> </tr>
<tr> <td>shlib_directory</td> <td>/usr/local/lib</td> </tr>
<tr> <td>shlib_directory</td> <td>/usr/lib/postfix</td> </tr>
</table>
@ -578,7 +702,7 @@ $ make
<tr> <th colspan="2"> Name/Value </th> <th> Description </th> </tr>
<tr> <td colspan="2"> AUXLIBS="object_library..."</td> <td> Specifies
one or more non-default object libraries. Postfix 2,12 and later
one or more non-default object libraries. Postfix 2.12 and later
specify some of their database library dependencies with AUXLIBS_CDB,
AUXLIBS_LDAP, AUXLIBS_LMDB, AUXLIBS_MYSQL, AUXLIBS_PCRE, AUXLIBS_PGSQL,
AUXLIBS_SDBM, and AUXLIBS_SQLITE, respectively. </td> </tr>
@ -647,12 +771,6 @@ Specify DEBUG= to turn off debugging. </td> </tr>
a non-default optimization level. The default is -O. Specify OPT=
to turn off optimization. </td> </tr>
<tr> <td colspan="2"> SHLIB_VERSION=version </td> <td> Specifies a
non-default Postfix shared-library version number. The default is
to use the Postfix version: X.Y.Z for stable releases, X.Y-DATE for
snapshot releases, X.Y-DATE-nonprod for non-production releases.
</td> </tr>
<tr> <td colspan="2"> WARN="warning_flags..." </td> <td> Specifies
non-default <tt>gcc</tt> compiler warning options for use when
"<tt>make</tt>" is invoked in a source subdirectory only. </td>
@ -857,6 +975,16 @@ pathnames that end in ".postfix"</b>. </p>
does not exist, use interactive installation ("make install")
instead. </p>
<li> <p> If you specify name=value arguments on the "make install"
or "make upgrade" command line, then these will take precedence
over compiled-in default settings or main.cf settings. </p>
<p> The command "make install/upgrade name=value ..." will replace
the string MAIL_VERSION in a configuration parameter value with the
Postfix release version. Do not try to specify something like
$mail_version on this command line. This produces inconsistent
results with different versions of the make(1) command. </p>
</ul>
<h3>6.4 - Configure Postfix</h3>

7
postfix/proto/PACKAGE_README.html
View File

@ -85,6 +85,13 @@ non-default installation parameters on the command line: </p>
script directly (<tt>% <b>sh post-install -non-interactive
install_root...</b></tt>). </p>
<p> With Postfix 2.12 and later, the command "make package name=value
..." will replace the string MAIL_VERSION in a configuration parameter
value with the Postfix release version. Do not try to specify
something like $mail_version on this command line. This produces
inconsistent results with different versions of the make(1) command.
</p>
<h2>Begin Security Alert</h2>
<p> <b> When building an archive for distribution, be sure to

101
postfix/proto/postconf.proto
View File

@ -4982,6 +4982,14 @@ Postfix version 2.5). This feature is available with Postfix version
parent domains, client IP address, or networks obtained by stripping
least significant octets. See the access(5) manual page for details. </dd>
<dt><b><a name="check_client_a_access">check_client_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the IP addresses for the
client hostname, and execute the corresponding action. Note: a result
of "OK" is not allowed for safety reasons. Instead, use DUNNO in order
to exclude specific hosts from blacklists. This feature is available
in Postfix 2.12 and later. </dd>
<dt><b><a name="check_client_mx_access">check_client_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for the
@ -5008,6 +5016,14 @@ safety reasons. Instead, use DUNNO in order to exclude specific
hosts from blacklists. This feature is available in Postfix 2.6
and later.</dd>
<dt><b><a name="check_reverse_client_hostname_a_access">check_reverse_client_hostname_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the IP addresses for the
unverified reverse client hostname, and execute the corresponding
action. Note: a result of "OK" is not allowed for safety reasons.
Instead, use DUNNO in order to exclude specific hosts from blacklists.
This feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_reverse_client_hostname_mx_access">check_reverse_client_hostname_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for the
@ -5554,6 +5570,18 @@ Note: specify "smtpd_helo_required = yes" to fully enforce this
restriction (without "smtpd_helo_required = yes", a client can
simply skip check_helo_access by not sending HELO or EHLO). </dd>
<dt><b><a name="check_helo_a_access">check_helo_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the IP addresses for
the HELO or EHLO hostname, and execute the corresponding action.
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
restriction (without "smtpd_helo_required = yes", a client can
simply skip check_helo_a_access by not sending HELO or EHLO). This
feature is available in Postfix 2.12 and later.
</dd>
<dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for
@ -5833,6 +5861,14 @@ that is received with the RCPT TO command.
TO address, domain, parent domains, or localpart@, and execute the
corresponding action. </dd>
<dt><b><a name="check_recipient_a_access">check_recipient_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the IP addresses for
the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for
@ -6334,10 +6370,18 @@ received with the MAIL FROM command.
address, domain, parent domains, or localpart@, and execute the
corresponding action. </dd>
<dt><b><a name="check_sender_a_access">check_sender_a_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the IP addresses for
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.12 and later. </dd>
<dt><b><a name="check_sender_mx_access">check_sender_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for
the MAIL FROM address, and execute the corresponding action. Note:
the MAIL FROM domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
@ -6345,7 +6389,7 @@ feature is available in Postfix 2.1 and later. </dd>
<dt><b><a name="check_sender_ns_access">check_sender_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the DNS servers
for the MAIL FROM address, and execute the corresponding action.
for the MAIL FROM domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
@ -15900,23 +15944,50 @@ deliveries. See default_delivery_status_filter for details. </p>
%PARAM shlib_directory see 'postconf -d' output
<p> The location of Postfix shared libraries (libpostfix-*.so.*).
This parameter defaults to "no" when Postfix shared libraries are
disabled at compile time. </p>
<p> The location of Postfix shared libraries (libpostfix-*.so),
and the default location of Postfix database plugins (libpostfix-*.so)
that have a relative pathname in the dynamicmaps.cf file. The
shlib_directory parameter defaults to "no" when Postfix shared
libraries and database plugins are disabled at compile time, otherwise
it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
</p>
<p> NOTE: You can change the location of these files after Postfix
is built. However, you may have to run ldconfig if you move the
libpostfix-*.so.* files to a non-system directory. No ldconfig is
needed if you keep the libpostfix-*.so.* files in the compiled-in
default $shlib_directory location. </p>
<p> Notes: </p>
<ul>
<li> <p> The directory specified with shlib_directory should contain
only Postfix-related files. Postfix shared libraries and database
plugins should not be installed in a "public" system directory such
as /usr/lib or /usr/local/lib. Linking Postfix shared-library files
or database plugins into non-Postfix programs is not supported.
Postfix shared libraries and database plugins implement a
Postfix-internal API that changes without maintaining compatibility.
</p>
<li> <p> You can change the shlib_directory value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
Postfix programs from failing because the libpostfix-*.so files are
not found. No ldconfig command is needed if you keep the libpostfix-*.so
files in the compiled-in default $shlib_directory location. </p>
</ul>
<p> This feature is available in Postfix 2.12 and later. </p>
%PARAM plugin_directory see 'postconf -d' output
%PARAM meta_directory see 'postconf -d' output
<p> The location of the Postfix dynamicmaps.cf database plugin
configuration file, and of database plugins with a relative pathname.
This is set to "no" when Postfix database plugin support is disabled
at compile time. </p>
<p> The location of non-executable files that are shared among
multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
and the multi-instance template files main.cf.proto and master.cf.proto.
This directory should contain only Postfix-related files. Typically,
the meta_directory parameter has the same default as the config_directory
parameter (/etc/postfix or /usr/local/etc/postfix). </p>
<p> For backwards compatibility with Postfix versions 2.6..2.11,
specify "meta_directory = $daemon_directory" in main.cf before
installing or upgrading Postfix, or specify "meta_directory =
/path/name" on the "make makefiles", "make install" or "make upgrade"
command line. </p>
<p> This feature is available in Postfix 2.12 and later. </p>

5
postfix/src/global/Makefile.in
View File

@ -118,7 +118,6 @@ TESTPROG= domain_list dot_lockfile mail_addr_crunch mail_addr_find \
LIBS = ../../lib/lib$(LIB_PREFIX)util$(LIB_SUFFIX)
LIB_DIR = ../../lib
INC_DIR = ../../include
PLG_DIR= ../../plugins
PLUGIN_MAP_SO = $(LIB_PREFIX)ldap$(LIB_SUFFIX) $(LIB_PREFIX)mysql$(LIB_SUFFIX) \
$(LIB_PREFIX)pgsql$(LIB_SUFFIX) $(LIB_PREFIX)sqlite$(LIB_SUFFIX) \
$(LIB_PREFIX)lmdb$(LIB_SUFFIX) $(LIB_PREFIX)cdb$(LIB_SUFFIX) \
@ -182,11 +181,11 @@ plugin_map_so_update: $(PLUGIN_MAP_SO)
do \
for type in $(DEFINED_MAP_TYPES); do \
case $$i in $(LIB_PREFIX)$$type$(LIB_SUFFIX)) \
cmp -s $$i $(PLG_DIR)/$$i 2>/dev/null || cp $$i $(PLG_DIR); \
cmp -s $$i $(LIB_DIR)/$$i 2>/dev/null || cp $$i $(LIB_DIR); \
continue 2;; \
esac; \
done; \
rm -f $(PLG_DIR)/$$i; \
rm -f $(LIB_DIR)/$$i; \
done
dot_lockfile: $(LIB) $(LIBS)

73
postfix/src/global/dynamicmaps.c
View File

@ -6,7 +6,7 @@
/* SYNOPSIS
/* #include <dynamicmaps.h>
/*
/* void dymap_init(const char *path)
/* void dymap_init(const char *conf_path, const char *plugin_dir)
/* DESCRIPTION
/* This module reads the dynamicmaps.cf file and performs
/* run-time loading of Postfix dictionaries. Each dynamicmaps.cf
@ -14,19 +14,13 @@
/* of a shared-library object, the name of a "dict_open"
/* function for access to individual dictionary entries, and
/* optionally the name of a "mkmap_open" function for bulk-mode
/* dictionary creation. The configuration file's parent directory
/* is the default directory for shared-library objects with a
/* relative pathname.
/* dictionary creation. Plugins may be specified with a relative
/* pathname.
/*
/* A dictionary may be installed without editing the file
/* dynamicmaps.cf, by placing a configuration file under the
/* directory dynamicmaps.cf.d, with the same format as
/* dynamicmaps.cf. These configuration file names must end in
/* ".cf". As before, a configuration file's parent directory
/* is the default directory for shared-library objects with a
/* relative pathname. Thus, the directory dynamicmaps.cf.d may
/* contain both configuration files and shared-library object
/* files.
/* dynamicmaps.cf.
/*
/* dymap_init() reads the specified configuration file which
/* is in dynamicmaps.cf format, and hooks itself into the
@ -37,6 +31,12 @@
/* already been linked into the process address space, nor
/* will it hide their dictionaries types from later "open"
/* requests.
/*
/* Arguments:
/* .IP conf_path
/* Pathname for the dynamicmaps configuration file.
/* .IP plugin_dir
/* Default directory for plugins with a relative pathname.
/* SEE ALSO
/* load_lib(3) low-level run-time linker adapter
/* DIAGNOSTICS
@ -106,11 +106,6 @@ static DICT_OPEN_EXTEND_FN saved_dict_open_hook = 0;
static MKMAP_OPEN_EXTEND_FN saved_mkmap_open_hook = 0;
static DICT_MAPNAMES_EXTEND_FN saved_dict_mapnames_hook = 0;
/*
* Mandatory dynamicmaps.cf.d/ configuration file suffix.
*/
#define DYMAP_CF_SUFFIX ".cf"
#define STREQ(x, y) (strcmp((x), (y)) == 0)
/* dymap_dict_lookup - look up "dict_foo_open" function */
@ -143,7 +138,7 @@ static DICT_OPEN_FN dymap_dict_lookup(const char *dict_type)
}
if (st.st_uid != 0 || (st.st_mode & (S_IWGRP | S_IWOTH)) != 0) {
msg_warn("unsupported dictionary type: %s "
"(%s: file is writable by non-root users)",
"(%s: file is owned or writable by non-root users)",
dict_type, dp->soname);
return (0);
}
@ -187,7 +182,7 @@ static MKMAP_OPEN_FN dymap_mkmap_lookup(const char *dict_type)
dict_type, dp->soname, dict_type);
if (st.st_uid != 0 || (st.st_mode & (S_IWGRP | S_IWOTH)) != 0)
msg_fatal("unsupported dictionary type: %s "
"(%s: file is writable by non-root users)",
"(%s: file is owned or writable by non-root users)",
dict_type, dp->soname);
fn[0].name = dp->mkmap_name;
fn[1].name = 0;
@ -257,7 +252,7 @@ static void dymap_read_conf(const char *path, const char *path_base)
if (fstat(vstream_fileno(fp), &st) < 0)
msg_fatal("%s: fstat failed; %m", path);
if (st.st_uid != 0 || (st.st_mode & (S_IWGRP | S_IWOTH)) != 0) {
msg_warn("%s: file is writable by non-root users"
msg_warn("%s: file is owned or writable by non-root users"
" -- skipping this file", path);
} else {
buf = vstring_alloc(100);
@ -307,15 +302,13 @@ static void dymap_read_conf(const char *path, const char *path_base)
/* dymap_init - initialize dictionary type to soname etc. mapping */
void dymap_init(const char *path)
void dymap_init(const char *conf_path, const char *plugin_dir)
{
const char myname[] = "dymap_init";
SCAN_DIR *dir;
char *path_base;
char *path_d;
char *conf_path_d;
const char *conf_name;
char *path_d_conf;
char *suffix;
VSTRING *sub_conf_path;
/*
* Reload dynamicsmaps.cf, but don't reload already-loaded plugins.
@ -327,35 +320,29 @@ void dymap_init(const char *path)
/*
* Read dynamicmaps.cf.
*/
path_base = mystrdup(path);
(void) split_at_right(path_base, '/');
dymap_read_conf(path, path_base);
myfree(path_base);
dymap_read_conf(conf_path, plugin_dir);
/*
* Read dynamicmaps.cf.d/filename entries. We allow shared-object files
* in dynamicmaps.cf.d. Therefore, configuration file names must have a
* distinct suffix.
* Read dynamicmaps.cf.d/filename entries.
*/
path_d = concatenate(path, ".d", (char *) 0);
if ((dir = scan_dir_open(path_d)) != 0) {
conf_path_d = concatenate(conf_path, ".d", (char *) 0);
if (access(conf_path_d, R_OK | X_OK) == 0
&& (dir = scan_dir_open(conf_path_d)) != 0) {
sub_conf_path = vstring_alloc(100);
while ((conf_name = scan_dir_next(dir)) != 0) {
if ((suffix = strrchr(conf_name, '.')) != 0
&& strcmp(suffix, DYMAP_CF_SUFFIX) == 0) {
path_d_conf = concatenate(path_d, "/", conf_name, (char *) 0);
dymap_read_conf(path_d_conf, path_d);
myfree(path_d_conf);
} else if (errno != 0) {
vstring_sprintf(sub_conf_path, "%s/%s", conf_path_d, conf_name);
dymap_read_conf(vstring_str(sub_conf_path), plugin_dir);
}
if (errno != 0)
/* Don't crash all programs - degrade gracefully. */
msg_warn("%s: directory read error: %m", path_d);
}
}
msg_warn("%s: directory read error: %m", conf_path_d);
scan_dir_close(dir);
vstring_free(sub_conf_path);
} else if (errno != ENOENT) {
/* Don't crash all programs - degrade gracefully. */
msg_warn("%s: directory open failed: %m", path_d);
msg_warn("%s: directory open failed: %m", conf_path_d);
}
myfree(path_d);
myfree(conf_path_d);
/*
* Future proofing, in case someone "improves" the code. We can't hook

2
postfix/src/global/dynamicmaps.h
View File

@ -16,7 +16,7 @@
*/
#ifdef USE_DYNAMIC_LIBS
extern void dymap_init(const char *);
extern void dymap_init(const char *, const char *);
#endif
/* LICENSE

4
postfix/src/global/mail_dict.c
View File

@ -85,12 +85,12 @@ void mail_dict_init(void)
#ifdef USE_DYNAMIC_MAPS
char *path;
path = concatenate(var_plugin_dir, "/", "dynamicmaps.cf",
path = concatenate(var_meta_dir, "/", "dynamicmaps.cf",
#ifdef SHLIB_VERSION
".", SHLIB_VERSION,
#endif
(char *) 0);
dymap_init(path);
dymap_init(path, var_shlib_dir);
myfree(path);
#endif

11
postfix/src/global/mail_params.c
View File

@ -28,7 +28,7 @@
/* char *var_daemon_dir;
/* char *var_data_dir;
/* char *var_command_dir;
/* char *var_plugin_dir;
/* char *var_meta_dir;
/* char *var_queue_dir;
/* char *var_shlib_dir;
/* int var_use_limit;
@ -179,9 +179,7 @@
#include <safe_open.h>
#include <mymalloc.h>
#include <dict.h>
#ifdef HAS_DB
#include <dict_db.h>
#endif
#include <dict_lmdb.h>
#include <inet_proto.h>
#include <vstring_vstream.h>
@ -222,7 +220,7 @@ char *var_config_dir;
char *var_daemon_dir;
char *var_data_dir;
char *var_command_dir;
char *var_plugin_dir;
char *var_meta_dir;
char *var_queue_dir;
char *var_shlib_dir;
int var_use_limit;
@ -322,6 +320,7 @@ char *var_dsn_filter;
const char null_format_string[1] = "";
DEFINE_DICT_LMDB_MAP_SIZE;
DEFINE_DICT_DB_CACHE_SIZE;
/* check_myhostname - lookup hostname and validate */
@ -557,7 +556,7 @@ void mail_params_init()
VAR_DAEMON_DIR, DEF_DAEMON_DIR, &var_daemon_dir, 1, 0,
VAR_DATA_DIR, DEF_DATA_DIR, &var_data_dir, 1, 0,
VAR_COMMAND_DIR, DEF_COMMAND_DIR, &var_command_dir, 1, 0,
VAR_PLUGIN_DIR, DEF_PLUGIN_DIR, &var_plugin_dir, 1, 0,
VAR_META_DIR, DEF_META_DIR, &var_meta_dir, 1, 0,
VAR_QUEUE_DIR, DEF_QUEUE_DIR, &var_queue_dir, 1, 0,
VAR_SHLIB_DIR, DEF_SHLIB_DIR, &var_shlib_dir, 1, 0,
VAR_PID_DIR, DEF_PID_DIR, &var_pid_dir, 1, 0,
@ -731,9 +730,7 @@ void mail_params_init()
check_mail_owner();
check_sgid_group();
check_overlap();
#ifdef HAS_DB
dict_db_cache_size = var_db_read_buf;
#endif
dict_lmdb_map_size = var_lmdb_map_size;
inet_windowsize = var_inet_windowsize;

15
postfix/src/global/mail_params.h
View File

@ -2204,6 +2204,11 @@ extern int var_map_defer_code;
#define CHECK_HELO_NS_ACL "check_helo_ns_access"
#define CHECK_SENDER_NS_ACL "check_sender_ns_access"
#define CHECK_RECIP_NS_ACL "check_recipient_ns_access"
#define CHECK_CLIENT_A_ACL "check_client_a_access"
#define CHECK_REVERSE_CLIENT_A_ACL "check_reverse_client_hostname_a_access"
#define CHECK_HELO_A_ACL "check_helo_a_access"
#define CHECK_SENDER_A_ACL "check_sender_a_access"
#define CHECK_RECIP_A_ACL "check_recipient_a_access"
#define WARN_IF_REJECT "warn_if_reject"
@ -3789,15 +3794,15 @@ extern char *var_local_dsn_filter;
*/
#define VAR_SHLIB_DIR "shlib_directory"
#ifndef DEF_SHLIB_DIR
#define DEF_SHLIB_DIR "/usr/local/lib"
#define DEF_SHLIB_DIR "/usr/lib/postfix/$mail_version"
#endif
extern char *var_shlib_dir;
#define VAR_PLUGIN_DIR "plugin_directory"
#ifndef DEF_PLUGIN_DIR
#define DEF_PLUGIN_DIR "/usr/libexec/postfix"
#define VAR_META_DIR "meta_directory"
#ifndef DEF_META_DIR
#define DEF_META_DIR DEF_CONFIG_DIR
#endif
extern char *var_plugin_dir;
extern char *var_meta_dir;
/* LICENSE
/* .ad

2
postfix/src/global/mail_version.h
View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20140618"
#define MAIL_RELEASE_DATE "20140625"
#define MAIL_VERSION_NUMBER "2.12"
#ifdef SNAPSHOT

13
postfix/src/postfix/postfix.c
View File

@ -155,11 +155,14 @@
/* caches, pseudo-random numbers).
/* .PP
/* Available in Postfix version 2.12 and later:
/* .IP "\fBplugin_directory (see 'postconf -d' output)\fR"
/* The location of the Postfix dynamicmaps.cf database plugin
/* configuration file, and of database plugins with a relative pathname.
/* .IP "\fBmeta_directory (see 'postconf -d' output)\fR"
/* The location of non-executable files that are shared among
/* multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
/* and the multi-instance template files main.cf.proto and master.cf.proto.
/* .IP "\fBshlib_directory (see 'postconf -d' output)\fR"
/* The location of Postfix shared libraries (libpostfix-*.so.*).
/* The location of Postfix shared libraries (libpostfix-*.so.*),
/* and of Postfix database plugins that have a relative pathname in
/* the dynamicmaps.cf file.
/* .PP
/* Other configuration parameters:
/* .IP "\fBimport_environment (see 'postconf -d' output)\fR"
@ -508,7 +511,7 @@ int main(int argc, char **argv)
check_setenv(VAR_COMMAND_DIR, var_command_dir); /* main.cf */
check_setenv(VAR_DAEMON_DIR, var_daemon_dir); /* main.cf */
check_setenv(VAR_DATA_DIR, var_data_dir); /* main.cf */
check_setenv(VAR_PLUGIN_DIR, var_plugin_dir); /* main.cf */
check_setenv(VAR_META_DIR, var_meta_dir); /* main.cf */
check_setenv(VAR_QUEUE_DIR, var_queue_dir); /* main.cf */
check_setenv(VAR_CONFIG_DIR, var_config_dir); /* main.cf */
check_setenv(VAR_SHLIB_DIR, var_shlib_dir); /* main.cf */

25
postfix/src/postmulti/postmulti.c
View File

@ -352,9 +352,19 @@
/* .IP "\fBsyslog_name (see 'postconf -d' output)\fR"
/* The mail system name that is prepended to the process name in syslog
/* records, so that "smtpd" becomes, for example, "postfix/smtpd".
/* .PP
/* Available in Postfix 2.12 and later:
/* .IP "\fBmeta_directory (see 'postconf -d' output)\fR"
/* The location of non-executable files that are shared among
/* multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
/* and the multi-instance template files main.cf.proto and master.cf.proto.
/* .IP "\fBshlib_directory (see 'postconf -d' output)\fR"
/* The location of Postfix shared libraries (libpostfix-*.so.*),
/* and of Postfix database plugins that have a relative pathname in
/* the dynamicmaps.cf file.
/* FILES
/* $daemon_directory/main.cf, stock configuration file
/* $daemon_directory/master.cf, stock configuration file
/* $meta_directory/main.cf.proto, stock configuration file
/* $meta_directory/master.cf.proto, stock configuration file
/* $daemon_directory/postmulti-script, life-cycle helper program
/* SEE ALSO
/* postfix(1), Postfix control program
@ -447,6 +457,8 @@ typedef struct {
static SHARED_PATH shared_dir_table[] = {
VAR_COMMAND_DIR, &var_command_dir,
VAR_DAEMON_DIR, &var_daemon_dir,
VAR_META_DIR, &var_meta_dir,
VAR_SHLIB_DIR, &var_shlib_dir,
0,
};
@ -942,13 +954,22 @@ static void check_shared_dir_status(void)
struct stat st;
const SHARED_PATH *sp;
/*
* XXX Avoid false conflicts with meta_directory. This usually overlaps
* with other directories, typcally config_directory, shlib_directory or
* daemon_directory.
*/
for (sp = shared_dir_table; sp->param_name; ++sp) {
if (sp->param_value[0][0] != '/') /* "no" or other special */
continue;
if (stat(sp->param_value[0], &st) < 0)
msg_fatal("%s = '%s': directory not found: %m",
sp->param_name, sp->param_value[0]);
if (!S_ISDIR(st.st_mode))
msg_fatal("%s = '%s' is not a directory",
sp->param_name, sp->param_value[0]);
if (strcmp(sp->param_name, VAR_META_DIR) == 0)
continue;
register_claim(var_config_dir, sp->param_name, sp->param_value[0]);
}
}

3
postfix/src/qmqpd/qmqpd.c
View File

@ -706,7 +706,8 @@ static void qmqpd_proto(QMQPD_STATE *state)
*/
if (state->reason && state->where)
msg_info("%s: %s: %s while %s",
state->queue_id, state->namaddr, state->reason, state->where);
state->queue_id ? state->queue_id : "NOQUEUE",
state->namaddr, state->reason, state->where);
}
/* qmqpd_service - service one client */

9
postfix/src/smtpd/Makefile.in
View File

@ -74,7 +74,8 @@ tidy: clean
tests: smtpd_check_test smtpd_check_test2 smtpd_acl_test smtpd_exp_test \
smtpd_token_test smtpd_check_test4 smtpd_check_dsn_test \
smtpd_check_backup_test smtpd_dnswl_test smtpd_error_test
smtpd_check_backup_test smtpd_dnswl_test smtpd_error_test \
smtpd_server_test
root_tests:
@ -114,6 +115,12 @@ smtpd_exp_test: smtpd_check smtpd_exp.in smtpd_exp.ref
diff smtpd_exp.ref smtpd_exp.tmp
rm -f smtpd_exp.tmp smtpd_check_access.*
smtpd_server_test: smtpd_check smtpd_server.in smtpd_server.ref
$(SHLIB_ENV) ../postmap/postmap hash:smtpd_check_access
$(SHLIB_ENV) ./smtpd_check <smtpd_server.in >smtpd_server.tmp 2>&1
diff smtpd_server.ref smtpd_server.tmp
rm -f smtpd_server.tmp smtpd_check_access.*
smtpd_check_dsn_test: smtpd_check smtpd_check_dsn.in smtpd_check_dsn.ref smtpd_check_access
$(SHLIB_ENV) ../postmap/postmap hash:smtpd_check_access
$(SHLIB_ENV) ./smtpd_check <smtpd_check_dsn.in >smtpd_check.tmp 2>&1

59
postfix/src/smtpd/smtpd_check.c
View File

@ -2668,7 +2668,11 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
/*
* Sanity check.
*/
if (type != T_MX && type != T_NS)
if (type != T_MX && type != T_NS && type != T_A
#ifdef HAS_IPV6
&& type != T_AAAA
#endif
)
msg_panic("%s: unexpected resource type \"%s\" in request",
myname, dns_strtype(type));
@ -2711,6 +2715,9 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
}
/*
* If the request is type A or AAAA, fabricate an MX record that points
* to the domain name itself, and skip name-based access control.
*
* If the domain name does not exist then we apply no restriction.
*
* If the domain name exists but no MX record exists, fabricate an MX record
@ -2719,6 +2726,14 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
* If the domain name exists but no NS record exists, look up parent domain
* NS records.
*/
if (type == T_A
#ifdef HAS_IPV6
|| type == T_AAAA
#endif
) {
server_list = dns_rr_create(domain, domain, T_MX, C_IN, 0, 0,
domain, strlen(domain) + 1);
} else {
dns_status = dns_lookup(domain, type, 0, &server_list,
(VSTRING *) 0, (VSTRING *) 0);
if (dns_status == DNS_NOTFOUND /* Not: h_errno == NO_DATA */ ) {
@ -2741,6 +2756,7 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
domain && domain[1] ? domain : name, dns_strerror(h_errno));
return (SMTPD_CHECK_DUNNO);
}
}
/*
* No bare returns after this point or we have a memory leak.
@ -2762,12 +2778,14 @@ static int check_server_access(SMTPD_STATE *state, const char *table,
CHECK_SERVER_RETURN(status);
continue;
}
if ((status = check_domain_access(state, table, (char *) server->data,
if (type != T_A && type != T_AAAA
&& ((status = check_domain_access(state, table, (char *) server->data,
FULL, &found, reply_name, reply_class,
def_acl)) != 0 || found)
def_acl)) != 0 || found))
CHECK_SERVER_RETURN(status);
if ((aierr = hostname_to_sockaddr((char *) server->data,
(char *) 0, 0, &res0)) != 0) {
if (type != T_A && type != T_AAAA)
msg_warn("Unable to look up %s host %s for %s %s: %s",
dns_strtype(type), (char *) server->data,
reply_class, reply_name, MAI_STRERROR(aierr));
@ -3950,6 +3968,13 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
SMTPD_NAME_CLIENT, def_acl);
forbid_whitelist(state, name, status, state->name);
}
} else if (is_map_command(state, name, CHECK_CLIENT_A_ACL, &cpp)) {
if (strcasecmp(state->name, "unknown") != 0) {
status = check_server_access(state, *cpp, state->name,
T_A, state->namaddr,
SMTPD_NAME_CLIENT, def_acl);
forbid_whitelist(state, name, status, state->name);
}
} else if (is_map_command(state, name, CHECK_REVERSE_CLIENT_NS_ACL, &cpp)) {
if (strcasecmp(state->reverse_name, "unknown") != 0) {
status = check_server_access(state, *cpp, state->reverse_name,
@ -3964,6 +3989,13 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
SMTPD_NAME_REV_CLIENT, def_acl);
forbid_whitelist(state, name, status, state->reverse_name);
}
} else if (is_map_command(state, name, CHECK_REVERSE_CLIENT_A_ACL, &cpp)) {
if (strcasecmp(state->reverse_name, "unknown") != 0) {
status = check_server_access(state, *cpp, state->reverse_name,
T_A, state->namaddr,
SMTPD_NAME_REV_CLIENT, def_acl);
forbid_whitelist(state, name, status, state->reverse_name);
}
}
/*
@ -4018,6 +4050,13 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
SMTPD_NAME_HELO, def_acl);
forbid_whitelist(state, name, status, state->helo_name);
}
} else if (is_map_command(state, name, CHECK_HELO_A_ACL, &cpp)) {
if (state->helo_name) {
status = check_server_access(state, *cpp, state->helo_name,
T_A, state->helo_name,
SMTPD_NAME_HELO, def_acl);
forbid_whitelist(state, name, status, state->helo_name);
}
} else if (strcasecmp(name, REJECT_NON_FQDN_HELO_HOSTNAME) == 0
|| strcasecmp(name, REJECT_NON_FQDN_HOSTNAME) == 0) {
if (state->helo_name) {
@ -4115,6 +4154,13 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
SMTPD_NAME_SENDER, def_acl);
forbid_whitelist(state, name, status, state->sender);
}
} else if (is_map_command(state, name, CHECK_SENDER_A_ACL, &cpp)) {
if (state->sender && *state->sender) {
status = check_server_access(state, *cpp, state->sender,
T_A, state->sender,
SMTPD_NAME_SENDER, def_acl);
forbid_whitelist(state, name, status, state->sender);
}
} else if (strcasecmp(name, REJECT_RHSBL_SENDER) == 0) {
if (cpp[1] == 0)
msg_warn("restriction %s requires domain name argument", name);
@ -4212,6 +4258,13 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
SMTPD_NAME_RECIPIENT, def_acl);
forbid_whitelist(state, name, status, state->recipient);
}
} else if (is_map_command(state, name, CHECK_RECIP_A_ACL, &cpp)) {
if (state->recipient && *state->recipient) {
status = check_server_access(state, *cpp, state->recipient,
T_A, state->recipient,
SMTPD_NAME_RECIPIENT, def_acl);
forbid_whitelist(state, name, status, state->recipient);
}
} else if (strcasecmp(name, REJECT_RHSBL_RECIPIENT) == 0) {
if (cpp[1] == 0)
msg_warn("restriction %s requires domain name argument", name);

2
postfix/src/smtpd/smtpd_check_access
View File

@ -31,6 +31,8 @@ ok@ok.domain OK
ok.domain OK
<> 550 Go away postmaster
54.187.136.235 reject bizsat.net, gypsysoul.org spam
blackholes.mail-abuse.org $rbl_code client=$client
client_address=$client_address
client_name=$client_name helo_name=$helo_name

32
postfix/src/smtpd/smtpd_exp.in
View File

@ -60,35 +60,3 @@ recipient_restrictions reject_rhsbl_helo,abuse.rfc-ignorant.org
helo example.tld
mail sname@sdomain
rcpt rname@rdomain
#
# Check MX access
#
helo_restrictions check_helo_mx_access,hash:smtpd_check_access
#helo verisign-wildcard.com
helo verisign.com
helo example.tld
sender_restrictions check_sender_mx_access,hash:smtpd_check_access
mail foo@pls.net.au
#mail foo@verisign-wildcard.com
mail foo@verisign.com
recipient_restrictions check_recipient_mx_access,hash:smtpd_check_access
#rcpt foo@verisign-wildcard.com
rcpt foo@verisign.com
rcpt foo@1.2.3.porcupine.org
#
# Check NS access
#
helo_restrictions check_helo_ns_access,hash:smtpd_check_access
helo email-publisher.com
helo ns1.topica.com
#helo verisign-wildcard.com
helo example.tld
sender_restrictions check_sender_ns_access,hash:smtpd_check_access
mail foo@email-publisher.com
mail foo@ns1.topica.com
#mail foo@verisign-wildcard.com
recipient_restrictions check_recipient_ns_access,hash:smtpd_check_access
rcpt foo@email-publisher.com
rcpt foo@ns1.topica.com
#rcpt foo@verisign-wildcard.com
rcpt foo@1.2.3.porcupine.org

62
postfix/src/smtpd/smtpd_exp.ref
View File

@ -109,65 +109,3 @@ OK
>>> rcpt rname@rdomain
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@domain; from=<sname@sdomain> to=<rname@rdomain> proto=SMTP helo=<example.tld>
554 5.7.1 Service unavailable; Helo command [example.tld] blocked using abuse.rfc-ignorant.org; Not supporting abuse@domain
>>> #
>>> # Check MX access
>>> #
>>> helo_restrictions check_helo_mx_access,hash:smtpd_check_access
OK
>>> #helo verisign-wildcard.com
>>> helo verisign.com
OK
>>> helo example.tld
./smtpd_check: warning: Unable to look up MX host example.tld for Helo command example.tld: hostname nor servname provided, or not known
OK
>>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access
OK
>>> mail foo@pls.net.au
OK
>>> #mail foo@verisign-wildcard.com
>>> mail foo@verisign.com
OK
>>> recipient_restrictions check_recipient_mx_access,hash:smtpd_check_access
OK
>>> #rcpt foo@verisign-wildcard.com
>>> rcpt foo@verisign.com
OK
>>> rcpt foo@1.2.3.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: mail server 10.10.10.10; from=<foo@verisign.com> to=<foo@1.2.3.porcupine.org> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: mail server 10.10.10.10
>>> #
>>> # Check NS access
>>> #
>>> helo_restrictions check_helo_ns_access,hash:smtpd_check_access
OK
>>> helo email-publisher.com
./smtpd_check: <queue id>: reject: HELO from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <email-publisher.com>: Helo command rejected: Access denied; from=<foo@verisign.com> proto=SMTP helo=<email-publisher.com>
554 5.7.1 <email-publisher.com>: Helo command rejected: Access denied
>>> helo ns1.topica.com
./smtpd_check: <queue id>: reject: HELO from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <ns1.topica.com>: Helo command rejected: Access denied; from=<foo@verisign.com> proto=SMTP helo=<ns1.topica.com>
554 5.7.1 <ns1.topica.com>: Helo command rejected: Access denied
>>> #helo verisign-wildcard.com
>>> helo example.tld
./smtpd_check: warning: Unable to look up NS host for example.tld: Host not found
OK
>>> sender_restrictions check_sender_ns_access,hash:smtpd_check_access
OK
>>> mail foo@email-publisher.com
./smtpd_check: <queue id>: reject: MAIL from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@email-publisher.com>: Sender address rejected: Access denied; from=<foo@email-publisher.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@email-publisher.com>: Sender address rejected: Access denied
>>> mail foo@ns1.topica.com
./smtpd_check: <queue id>: reject: MAIL from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@ns1.topica.com>: Sender address rejected: Access denied; from=<foo@ns1.topica.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@ns1.topica.com>: Sender address rejected: Access denied
>>> #mail foo@verisign-wildcard.com
>>> recipient_restrictions check_recipient_ns_access,hash:smtpd_check_access
OK
>>> rcpt foo@email-publisher.com
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@email-publisher.com>: Recipient address rejected: Access denied; from=<foo@ns1.topica.com> to=<foo@email-publisher.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@email-publisher.com>: Recipient address rejected: Access denied
>>> rcpt foo@ns1.topica.com
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@ns1.topica.com>: Recipient address rejected: Access denied; from=<foo@ns1.topica.com> to=<foo@ns1.topica.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@ns1.topica.com>: Recipient address rejected: Access denied
>>> #rcpt foo@verisign-wildcard.com
>>> rcpt foo@1.2.3.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: name server spike.porcupine.org; from=<foo@ns1.topica.com> to=<foo@1.2.3.porcupine.org> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: name server spike.porcupine.org

59
postfix/src/smtpd/smtpd_server.in Normal file
View File

@ -0,0 +1,59 @@
#
# Initialize.
#
#! ../bin/postmap smtpd_check_access
#msg_verbose 1
smtpd_delay_reject 0
mynetworks 127.0.0.0/8,168.100.189.0/28
relay_domains porcupine.org
maps_rbl_domains dnsbltest.porcupine.org
rbl_reply_maps hash:smtpd_check_access
client spike.porcupine.org 168.100.189.2
#
# Check MX access
#
helo_restrictions check_helo_mx_access,hash:smtpd_check_access
#helo verisign-wildcard.com
helo verisign.com
helo example.tld
sender_restrictions check_sender_mx_access,hash:smtpd_check_access
mail foo@pls.net.au
#mail foo@verisign-wildcard.com
mail foo@verisign.com
recipient_restrictions check_recipient_mx_access,hash:smtpd_check_access
#rcpt foo@verisign-wildcard.com
rcpt foo@verisign.com
rcpt foo@1.2.3.porcupine.org
#
# Check NS access
#
helo_restrictions check_helo_ns_access,hash:smtpd_check_access
helo email-publisher.com
helo ns1.topica.com
#helo verisign-wildcard.com
helo example.tld
sender_restrictions check_sender_ns_access,hash:smtpd_check_access
mail foo@email-publisher.com
mail foo@ns1.topica.com
#mail foo@verisign-wildcard.com
recipient_restrictions check_recipient_ns_access,hash:smtpd_check_access
rcpt foo@email-publisher.com
rcpt foo@ns1.topica.com
#rcpt foo@verisign-wildcard.com
rcpt foo@1.2.3.porcupine.org
#
# Check A access
#
helo_restrictions check_helo_a_access,hash:smtpd_check_access
helo help.gypsysoul.org
helo gypsysoul.org
client_restrictions check_client_a_access,hash:smtpd_check_access
client help.gypsysoul.org 1.2.3.4
client gypsysoul.org 1.2.3.4
#reverse_client_restrictions check_reverse_client_a_access,hash:smtpd_check_access
#client help.gypsysoul.org 1.2.3.4
#client gypsysoul.org 1.2.3.4
sender_restrictions check_sender_a_access,hash:smtpd_check_access
mail foo@gypsysoul.org
recipient_restrictions check_recipient_a_access,hash:smtpd_check_access
mail foo@gypsysoul.org

109
postfix/src/smtpd/smtpd_server.ref Normal file
View File

@ -0,0 +1,109 @@
>>> #
>>> # Initialize.
>>> #
>>> #! ../bin/postmap smtpd_check_access
>>> #msg_verbose 1
>>> smtpd_delay_reject 0
OK
>>> mynetworks 127.0.0.0/8,168.100.189.0/28
OK
>>> relay_domains porcupine.org
OK
>>> maps_rbl_domains dnsbltest.porcupine.org
OK
>>> rbl_reply_maps hash:smtpd_check_access
OK
>>> client spike.porcupine.org 168.100.189.2
OK
>>> #
>>> # Check MX access
>>> #
>>> helo_restrictions check_helo_mx_access,hash:smtpd_check_access
OK
>>> #helo verisign-wildcard.com
>>> helo verisign.com
OK
>>> helo example.tld
./smtpd_check: warning: Unable to look up MX host example.tld for Helo command example.tld: hostname nor servname provided, or not known
OK
>>> sender_restrictions check_sender_mx_access,hash:smtpd_check_access
OK
>>> mail foo@pls.net.au
OK
>>> #mail foo@verisign-wildcard.com
>>> mail foo@verisign.com
OK
>>> recipient_restrictions check_recipient_mx_access,hash:smtpd_check_access
OK
>>> #rcpt foo@verisign-wildcard.com
>>> rcpt foo@verisign.com
OK
>>> rcpt foo@1.2.3.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: mail server 10.10.10.10; from=<foo@verisign.com> to=<foo@1.2.3.porcupine.org> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: mail server 10.10.10.10
>>> #
>>> # Check NS access
>>> #
>>> helo_restrictions check_helo_ns_access,hash:smtpd_check_access
OK
>>> helo email-publisher.com
./smtpd_check: <queue id>: reject: HELO from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <email-publisher.com>: Helo command rejected: Access denied; from=<foo@verisign.com> proto=SMTP helo=<email-publisher.com>
554 5.7.1 <email-publisher.com>: Helo command rejected: Access denied
>>> helo ns1.topica.com
./smtpd_check: <queue id>: reject: HELO from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <ns1.topica.com>: Helo command rejected: Access denied; from=<foo@verisign.com> proto=SMTP helo=<ns1.topica.com>
554 5.7.1 <ns1.topica.com>: Helo command rejected: Access denied
>>> #helo verisign-wildcard.com
>>> helo example.tld
./smtpd_check: warning: Unable to look up NS host for example.tld: Host not found
OK
>>> sender_restrictions check_sender_ns_access,hash:smtpd_check_access
OK
>>> mail foo@email-publisher.com
./smtpd_check: <queue id>: reject: MAIL from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@email-publisher.com>: Sender address rejected: Access denied; from=<foo@email-publisher.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@email-publisher.com>: Sender address rejected: Access denied
>>> mail foo@ns1.topica.com
./smtpd_check: <queue id>: reject: MAIL from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@ns1.topica.com>: Sender address rejected: Access denied; from=<foo@ns1.topica.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@ns1.topica.com>: Sender address rejected: Access denied
>>> #mail foo@verisign-wildcard.com
>>> recipient_restrictions check_recipient_ns_access,hash:smtpd_check_access
OK
>>> rcpt foo@email-publisher.com
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@email-publisher.com>: Recipient address rejected: Access denied; from=<foo@ns1.topica.com> to=<foo@email-publisher.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@email-publisher.com>: Recipient address rejected: Access denied
>>> rcpt foo@ns1.topica.com
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@ns1.topica.com>: Recipient address rejected: Access denied; from=<foo@ns1.topica.com> to=<foo@ns1.topica.com> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@ns1.topica.com>: Recipient address rejected: Access denied
>>> #rcpt foo@verisign-wildcard.com
>>> rcpt foo@1.2.3.porcupine.org
./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: name server spike.porcupine.org; from=<foo@ns1.topica.com> to=<foo@1.2.3.porcupine.org> proto=SMTP helo=<example.tld>
554 5.7.1 <foo@1.2.3.porcupine.org>: Recipient address rejected: name server spike.porcupine.org
>>> #
>>> # Check A access
>>> #
>>> helo_restrictions check_helo_a_access,hash:smtpd_check_access
OK
>>> helo help.gypsysoul.org
OK
>>> helo gypsysoul.org
./smtpd_check: <queue id>: reject: HELO from spike.porcupine.org[168.100.189.2]: 554 5.7.1 <gypsysoul.org>: Helo command rejected: bizsat.net, gypsysoul.org spam; from=<foo@ns1.topica.com> proto=SMTP helo=<gypsysoul.org>
554 5.7.1 <gypsysoul.org>: Helo command rejected: bizsat.net, gypsysoul.org spam
>>> client_restrictions check_client_a_access,hash:smtpd_check_access
OK
>>> client help.gypsysoul.org 1.2.3.4
OK
>>> client gypsysoul.org 1.2.3.4
./smtpd_check: <queue id>: reject: CONNECT from gypsysoul.org[1.2.3.4]: 554 5.7.1 <gypsysoul.org[1.2.3.4]>: Client host rejected: bizsat.net, gypsysoul.org spam; from=<foo@ns1.topica.com> proto=SMTP helo=<gypsysoul.org>
554 5.7.1 <gypsysoul.org[1.2.3.4]>: Client host rejected: bizsat.net, gypsysoul.org spam
>>> #reverse_client_restrictions check_reverse_client_a_access,hash:smtpd_check_access
>>> #client help.gypsysoul.org 1.2.3.4
>>> #client gypsysoul.org 1.2.3.4
>>> sender_restrictions check_sender_a_access,hash:smtpd_check_access
OK
>>> mail foo@gypsysoul.org
./smtpd_check: <queue id>: reject: MAIL from gypsysoul.org[1.2.3.4]: 554 5.7.1 <foo@gypsysoul.org>: Sender address rejected: bizsat.net, gypsysoul.org spam; from=<foo@gypsysoul.org> proto=SMTP helo=<gypsysoul.org>
554 5.7.1 <foo@gypsysoul.org>: Sender address rejected: bizsat.net, gypsysoul.org spam
>>> recipient_restrictions check_recipient_a_access,hash:smtpd_check_access
OK
>>> mail foo@gypsysoul.org
./smtpd_check: <queue id>: reject: MAIL from gypsysoul.org[1.2.3.4]: 554 5.7.1 <foo@gypsysoul.org>: Sender address rejected: bizsat.net, gypsysoul.org spam; from=<foo@gypsysoul.org> proto=SMTP helo=<gypsysoul.org>
554 5.7.1 <foo@gypsysoul.org>: Sender address rejected: bizsat.net, gypsysoul.org spam

4
postfix/src/tls/tls_server.c
View File

@ -854,10 +854,10 @@ TLS_SESS_STATE *tls_server_post_accept(TLS_SESS_STATE *TLScontext)
if (TLScontext->log_mask & TLS_LOG_VERBOSE) {
X509_NAME_oneline(X509_get_subject_name(peer),
buf, sizeof(buf));
msg_info("subject=%s", buf);
msg_info("subject=%s", printable(buf, '?'));
X509_NAME_oneline(X509_get_issuer_name(peer),
buf, sizeof(buf));
msg_info("issuer=%s", buf);
msg_info("issuer=%s", printable(buf, '?'));
}
TLScontext->peer_CN = tls_peer_CN(peer, TLScontext);
TLScontext->issuer_CN = tls_issuer_CN(peer, TLScontext);

5
postfix/src/util/Makefile.in
View File

@ -128,7 +128,6 @@ PLUGIN_MAP_SO = $(LIB_PREFIX)pcre$(LIB_SUFFIX)
LIB_DIR = ../../lib
INC_DIR = ../../include
PLG_DIR = ../../plugins
.c.o:; $(CC) $(SHLIB_CFLAGS) $(CFLAGS) -c $*.c
@ -168,11 +167,11 @@ plugin_map_so_update: $(PLUGIN_MAP_SO)
do \
for type in $(DEFINED_MAP_TYPES); do \
case $$i in $(LIB_PREFIX)$$type$(LIB_SUFFIX)) \
cmp -s $$i $(PLG_DIR)/$$i 2>/dev/null || cp $$i $(PLG_DIR); \
cmp -s $$i $(LIB_DIR)/$$i 2>/dev/null || cp $$i $(LIB_DIR); \
continue 2;; \
esac; \
done; \
rm -f $(PLG_DIR)/$$i; \
rm -f $(LIB_DIR)/$$i; \
done
plugin_map_obj_update: $(LIB_MAP_OBJ)

19
postfix/src/util/dict_db.c
View File

@ -6,7 +6,9 @@
/* SYNOPSIS
/* #include <dict_db.h>
/*
/* int dict_db_cache_size;
/* extern int dict_db_cache_size;
/*
/* DEFINE_DICT_DB_CACHE_SIZE;
/*
/* DICT *dict_hash_open(path, open_flags, dict_flags)
/* const char *path;
@ -27,6 +29,10 @@
/* For better performance while creating a large table, specify a large
/* buffer size before opening the file.
/*
/* This variable cannot be exported via the dict(3) API and
/* must therefore be defined in the calling program by invoking
/* the DEFINE_DICT_DB_CACHE_SIZE macro at the global level.
/*
/* Arguments:
/* .IP path
/* The database pathname, not including the ".db" suffix.
@ -126,17 +132,6 @@ typedef struct {
#define SCOPY(buf, data, size) \
vstring_str(vstring_strncpy(buf ? buf : (buf = vstring_alloc(10)), data, size))
/*
* You can override the default dict_db_cache_size setting before calling
* dict_hash_open() or dict_btree_open(). This is done in mkmap_db_open() to
* set a larger memory pool for database (re)builds.
*
* XXX This should be specified via the DICT interface so that it becomes an
* object property, instead of being specified by poking a global variable
* so that it becomes a class property.
*/
int dict_db_cache_size = (128 * 1024); /* 128K default memory pool */
#define DICT_DB_NELM 4096
#if DB_VERSION_MAJOR > 1

6
postfix/src/util/dict_db.h
View File

@ -27,9 +27,15 @@ extern DICT *dict_btree_open(const char *, int, int);
/*
* XXX Should be part of the DICT interface.
*
* You can override the default dict_db_cache_size setting before calling
* dict_hash_open() or dict_btree_open(). This is done in mkmap_db_open() to
* set a larger memory pool for database (re)builds.
*/
extern int dict_db_cache_size;
#define DEFINE_DICT_DB_CACHE_SIZE int dict_db_cache_size = (128 * 1024)
/* LICENSE
/* .ad
/* .fi

1
postfix/src/util/dict_lmdb.h
View File

@ -27,7 +27,6 @@ extern DICT *dict_lmdb_open(const char *, int, int);
* XXX Should be part of the DICT interface.
*/
extern size_t dict_lmdb_map_size;
extern unsigned int dict_lmdb_max_readers;
/* Minimum size without SIGSEGV. */
#define DEFINE_DICT_LMDB_MAP_SIZE size_t dict_lmdb_map_size = 8192

1
postfix/src/util/dict_test.c
View File

@ -24,6 +24,7 @@
#include <dict_lmdb.h>
DEFINE_DICT_LMDB_MAP_SIZE;
DEFINE_DICT_DB_CACHE_SIZE;
static NORETURN usage(char *myname)
{