From fe4e81b23b3ee76c64de73d7cb250882fbaaacb9 Mon Sep 17 00:00:00 2001
From: Wietse Venema <wietse@porcupine.org>
Date: Fri, 27 May 2022 00:00:00 -0500
Subject: [PATCH] postfix-3.8-20220527

---
 postfix/HISTORY                           |  31 +++++++
 postfix/README_FILES/ADDRESS_CLASS_README |  31 +++----
 postfix/README_FILES/MAILLOG_README       |   4 +-
 postfix/README_FILES/MILTER_README        |  30 +++----
 postfix/html/ADDRESS_CLASS_README.html    |  19 ++--
 postfix/html/MAILLOG_README.html          |   3 +-
 postfix/html/MILTER_README.html           |  33 ++++---
 postfix/html/postconf.5.html              | 102 +++++++++-------------
 postfix/man/man5/postconf.5               |  94 +++++++++-----------
 postfix/proto/ADDRESS_CLASS_README.html   |  19 ++--
 postfix/proto/MAILLOG_README.html         |   3 +-
 postfix/proto/MILTER_README.html          |  33 ++++---
 postfix/proto/postconf.proto              | 102 +++++++++-------------
 postfix/src/global/mail_version.h         |   2 +-
 postfix/src/milter/milter8.c              |  11 ++-
 15 files changed, 259 insertions(+), 258 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 14ed05def..b7605b394 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -26502,3 +26502,34 @@ Apologies for any names omitted.
 	with the "encoding" configuration file attribute. The default
 	is "UTF8". Previously the encoding was hard-coded as "LATIN1".
 	Files: global/dict_pgsql,c, proto/pgsql_table.
+
+20220512
+
+	Documentation: in the text for smtpd_reject_unlisted_sender
+	and smtpd_reject_unlisted_recipient, refer to the address
+	class validation in ADDRESS_CLASS_README, instead of repeating
+	that information in postconf(5). File: proto/postconf.proto.
+
+20220515
+
+	Documentation: the text for reject_xxx_sender_login_mismatch
+	was not optimal for clarity. As new features were added
+	over time, they were documented in terms of the existing
+	features. File: proto/postconf.proto.
+
+	Documentation: minor tweaks in ADDRESS_CLASS_README. File:
+	proto/ADDRESS_CLASS_README.html.
+
+20220523
+
+	Documentation: add the Postfix >= 3.7 postlog(1) command
+	to the list of programs that can have set-gid permissions.
+	File: proto/MAILLOG_README.html.
+
+20220527
+
+	Internal documentation: update the timeline annotations of
+	Milter protocol features. File: milter/milter8.c.
+
+	Documentation: edit text for clarity. File:
+	proto/MILTER_README.html.
diff --git a/postfix/README_FILES/ADDRESS_CLASS_README b/postfix/README_FILES/ADDRESS_CLASS_README
index 2de5acc88..7605aa281 100644
--- a/postfix/README_FILES/ADDRESS_CLASS_README
+++ b/postfix/README_FILES/ADDRESS_CLASS_README
@@ -25,13 +25,13 @@ important for the operation of Postfix.
 
 An address class is defined by three items.
 
-  * The list of domains that are a member of the class: for example, all local
-    domains, or all relay domains.
+  * The list of domains that are a member of that address class: for example,
+    all local domains, or all relay domains.
 
-  * The default delivery transport. For example, the local, virtual or relay
-    delivery transport (delivery transports are defined in master.cf). This
-    helps to keep Postfix configurations simple, by avoiding the need for
-    explicit routing information in transport maps.
+  * The default delivery transport for that address class. For example, the
+    local, virtual or relay delivery transport (delivery transports are defined
+    in master.cf). This helps to keep Postfix configurations simple, by
+    avoiding the need for explicit routing information in transport maps.
 
   * The list of valid recipient addresses for that address class. The Postfix
     SMTP server rejects invalid recipients with "User unknown in <name of
@@ -48,9 +48,9 @@ The local domain class.
 
   * Purpose: final delivery for traditional UNIX system accounts and
     traditional Sendmail-style aliases. This is typically used for the
-    canonical domains of the machine. For a discussion of the difference
-    between canonical domains, hosted domains and other domains, see the
-    VIRTUAL_README file.
+    canonical domains of the machine (for example, $myhostname, $mydomain). For
+    a discussion of the difference between canonical domains, hosted domains
+    and other domains, see the VIRTUAL_README file.
 
   * Domain names are listed with the mydestination parameter. This domain class
     also includes mail for user@[ipaddress] when the IP address is listed with
@@ -68,9 +68,10 @@ The local domain class.
 
 The virtual alias domain class.
 
-  * Purpose: hosted domains where each recipient address is aliased to a local
-    UNIX system account or to a remote address. A virtual alias example is
-    given in the VIRTUAL_README file.
+  * Purpose: hosted domains where each recipient address is aliased to an
+    address in a different domain, for example, a local UNIX system account or
+    a remote address. A virtual alias example is given in the VIRTUAL_README
+    file.
 
   * Domain names are listed in virtual_alias_domains. The default value is
     $virtual_alias_maps for Postfix 1.1 compatibility.
@@ -81,7 +82,7 @@ The virtual alias domain class.
     compatibility.
 
   * There is no mail delivery transport parameter. Every address must be
-    aliased to some other address.
+    aliased to an address in some other domain.
 
 The virtual mailbox domain class.
 
@@ -158,8 +159,8 @@ earlier Postfix versions:
     mail (and bounced undeliverable mail) out of the mail queue. This is
     controlled by the smtpd_reject_unlisted_recipient configuration parameter.
 
-  * As of Postfix version 2.1, the SMTP server also rejects unknown sender
-    addresses (i.e. addresses that it would reject as unknown recipient
+  * As of Postfix version 2.1, the SMTP server can also reject unknown sender
+    addresses (i.e. addresses that it would reject as an unknown recipient
     addresses). Sender "egress filtering" can help to slow down an email worm
     explosion. This is controlled by the smtpd_reject_unlisted_sender
     configuration parameter.
diff --git a/postfix/README_FILES/MAILLOG_README b/postfix/README_FILES/MAILLOG_README
index ec63b96fe..27125aebf 100644
--- a/postfix/README_FILES/MAILLOG_README
+++ b/postfix/README_FILES/MAILLOG_README
@@ -108,6 +108,6 @@ Limitations:
     $maillog_file (also, logging to stdout would interfere with the operation
     of some of these programs). These programs can log to postlogd(8) if they
     are run by the super-user, or if their executable file has set-gid
-    permission. Do not set this permission on programs other than postdrop(1)
-    and postqueue(1).
+    permission. Do not set this permission on programs other than postdrop(1),
+    postqueue(1), and (Postfix >= 3.7) postlog(1).
 
diff --git a/postfix/README_FILES/MILTER_README b/postfix/README_FILES/MILTER_README
index 9e866d4cc..fc52c6e8d 100644
--- a/postfix/README_FILES/MILTER_README
+++ b/postfix/README_FILES/MILTER_README
@@ -82,10 +82,10 @@ Postfix architecture).
 
 BBuuiillddiinngg MMiilltteerr aapppplliiccaattiioonnss
 
-Milter applications have been written in C, JAVA and Perl, but this document
-deals with C applications only. For these, you need an object library that
-implements the Sendmail 8 Milter protocol. Postfix currently does not provide
-such a library, but Sendmail does.
+Milter applications have been written in C, Haskell, Java, Perl, Python, Rust,
+and more, but this document covers C applications only. For these, you need an
+object library that implements the Sendmail 8 Milter protocol. Postfix
+currently does not provide such a library, but Sendmail does.
 
 Some systems install the Sendmail libmilter library by default. With other
 systems, libmilter may be provided by a package (called "sendmail-devel" on
@@ -148,9 +148,9 @@ section.
 You specify SMTP-only Milter applications (there can be more than one) with the
 smtpd_milters parameter. Each Milter application is identified by the name of
 its listening socket; other Milter configuration options will be discussed in
-later sections. Milter applications are applied in the order as specified, and
-the first Milter application that rejects a command will override the responses
-from other Milter applications.
+later sections. Postfix sends commands to each Milter application in the order
+as configured with smtpd_milters. When a Milter application rejects a command,
+that will override responses from other Milter applications.
 
     /etc/postfix/main.cf:
         # Milters for mail that arrives via the smtpd(8) server.
@@ -192,9 +192,9 @@ Instead, keep Postfix's own Received: message header and use the header_checks
 You specify non-SMTP Milter applications with the non_smtpd_milters parameter.
 This parameter uses the same syntax as the smtpd_milters parameter in the
 previous section. As with the SMTP-only filters, you can specify more than one
-Milter application; they are applied in the order as specified, and the first
-Milter application that rejects a command will override the responses from the
-other applications.
+Milter application. Postfix sends commands to each Milter application in the
+order as configured with non_smtpd_milters. When a Milter application rejects a
+command, that will override responses from other Milter applications.
 
     /etc/postfix/main.cf:
         # Milters for non-SMTP mail.
@@ -470,9 +470,9 @@ Sendmail. See the workarounds section below for solutions.
 WWhhaatt mmaaccrrooss wwiillll PPoossttffiixx sseenndd ttoo MMiilltteerrss??
 
 Postfix sends specific sets of macros at different Milter protocol stages. The
-sets are configured with the parameters as shown in the table below (EOH = end
-of headers; EOM = end of message). The protocol version is a number that
-Postfix sends at the beginning of the Milter protocol handshake.
+names of these macros are configured with the parameters shown in the table
+below (EOH = end of headers; EOM = end of message). Some lists require a
+minimum Milter protocol version.
 
 As of Sendmail 8.14.0, Milter applications can specify what macros they want to
 receive at different Milter protocol stages. An application-specified list
@@ -643,6 +643,6 @@ the CONTENT_INSPECTION_README document for a discussion.
 
     The solution is to use Postfix version 2.4 or later.
 
-  * Most Milter configuration options are global. Future Postfix versions may
-    support per-Milter timeouts, per-Milter error handling, etc.
+  * Postfix versions before 3.0 did not support per-Milter timeouts, per-Milter
+    error handling, etc.
 
diff --git a/postfix/html/ADDRESS_CLASS_README.html b/postfix/html/ADDRESS_CLASS_README.html
index 0932e9f70..355f22b13 100644
--- a/postfix/html/ADDRESS_CLASS_README.html
+++ b/postfix/html/ADDRESS_CLASS_README.html
@@ -50,10 +50,11 @@ address classes are very important for the operation of Postfix. </p>
 
 <ul>
 
-<li> <p> The list of domains that are a member of the class: for
-example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
+<li> <p> The list of domains that are a member of that address
+class: for example, all <a href="ADDRESS_CLASS_README.html#local_domain_class">local domains</a>, or all <a href="ADDRESS_CLASS_README.html#relay_domain_class">relay domains</a>. </p>
 
-<li> <p> The default delivery transport. For example, the local,
+<li> <p> The default delivery transport for that address class. For
+example, the local,
 virtual or relay delivery transport (delivery transports are defined
 in <a href="master.5.html">master.cf</a>). This helps to keep Postfix configurations simple,
 by avoiding the need for explicit routing information in transport
@@ -80,7 +81,8 @@ are. </p>
 
 <li> <p> Purpose: final delivery for traditional UNIX system accounts
 and traditional Sendmail-style aliases. This is typically used for
-the <a href="VIRTUAL_README.html#canonical">canonical domains</a> of the machine.  For a discussion of the
+the <a href="VIRTUAL_README.html#canonical">canonical domains</a> of the machine (for example, $<a href="postconf.5.html#myhostname">myhostname</a>,
+$<a href="postconf.5.html#mydomain">mydomain</a>).  For a discussion of the
 difference between <a href="VIRTUAL_README.html#canonical">canonical domains</a>, <a href="VIRTUAL_README.html#canonical">hosted domains</a> and other
 domains, see the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
 
@@ -108,7 +110,8 @@ class. </p>
 <ul>
 
 <li> <p> Purpose: <a href="VIRTUAL_README.html#canonical">hosted domains</a> where each recipient address is
-aliased to a local UNIX system account or to a remote address.  A
+aliased to an address in a different domain, for example, a local
+UNIX system account or a remote address.  A
 <a href="VIRTUAL_README.html#virtual_alias">virtual alias example</a> is given in the <a href="VIRTUAL_README.html">VIRTUAL_README</a> file. </p>
 
 <li> <p> Domain names are listed in <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>. The
@@ -121,7 +124,7 @@ parameter. The Postfix SMTP server rejects invalid recipients with
 $<a href="postconf.5.html#virtual_maps">virtual_maps</a> for Postfix 1.1 compatibility. </p>
 
 <li> <p> There is no mail delivery transport parameter. Every
-address must be aliased to some other address. </p>
+address must be aliased to an address in some other domain. </p>
 
 </ul>
 
@@ -223,9 +226,9 @@ is needed to keep undeliverable mail (and bounced undeliverable
 mail) out of the mail queue. This is controlled by the
 <a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> configuration parameter. </p>
 
-<li> <p> As of Postfix version 2.1, the SMTP server also rejects
+<li> <p> As of Postfix version 2.1, the SMTP server can also reject
 unknown sender addresses (i.e. addresses that it would reject as
-unknown recipient addresses).  Sender "egress filtering" can help
+an unknown recipient addresses). Sender "egress filtering" can help
 to slow down an email worm explosion.  This is controlled by the
 <a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> configuration parameter. </p>
 
diff --git a/postfix/html/MAILLOG_README.html b/postfix/html/MAILLOG_README.html
index 32e33677e..a96e6254c 100644
--- a/postfix/html/MAILLOG_README.html
+++ b/postfix/html/MAILLOG_README.html
@@ -174,7 +174,8 @@ to $<a href="postconf.5.html#maillog_file">maillog_file</a> (also, logging to st
 operation of some of these programs). These programs can log to
 <a href="postlogd.8.html">postlogd(8)</a> if they are run by the super-user, or if their executable
 file has set-gid permission. Do not set this permission on programs
-other than <a href="postdrop.1.html">postdrop(1)</a> and <a href="postqueue.1.html">postqueue(1)</a>.
+other than <a href="postdrop.1.html">postdrop(1)</a>, <a href="postqueue.1.html">postqueue(1)</a>, and (Postfix &ge; 3.7)
+<a href="postlog.1.html">postlog(1)</a>.
 
 </ul>
 
diff --git a/postfix/html/MILTER_README.html b/postfix/html/MILTER_README.html
index 1c0ecae3e..2f8c99412 100644
--- a/postfix/html/MILTER_README.html
+++ b/postfix/html/MILTER_README.html
@@ -194,8 +194,9 @@ href="QSHAPE_README.html#incoming_queue"> incoming </a> </td>
 
 <h2><a name="building">Building Milter applications</a></h2>
 
-<p> Milter applications have been written in C, JAVA and Perl, but
-this document deals with C applications only.   For these, you need
+<p> Milter applications have been written in C, Haskell, Java, Perl,
+Python, Rust, and more, but
+this document covers C applications only. For these, you need
 an object library that implements the Sendmail 8 Milter protocol.
 Postfix currently does not provide such a library, but Sendmail
 does. </p>
@@ -286,10 +287,10 @@ information. </blockquote>
 <p> You specify SMTP-only Milter applications (there can be more
 than one) with the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> parameter.  Each Milter application
 is identified by the name of its listening socket; other Milter
-configuration options will be discussed in later sections.  Milter
-applications are applied in the order as specified, and the first
-Milter application that rejects a command will override the responses
-from other Milter applications.  </p>
+configuration options will be discussed in later sections. Postfix
+sends commands to each Milter application in the order as configured
+with <a href="postconf.5.html#smtpd_milters">smtpd_milters</a>. When a Milter application rejects a command,
+that will override responses from other Milter applications. </p>
 
 <blockquote>
 <pre>
@@ -348,10 +349,10 @@ information. </p>
 <p> You specify non-SMTP Milter applications with the <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>
 parameter. This parameter uses the same syntax as the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a>
 parameter in the previous section. As with the SMTP-only filters,
-you can specify more than one Milter application; they are applied
-in the order as specified, and the first Milter application that
-rejects a command will override the responses from the other
-applications.  </p>
+you can specify more than one Milter application. Postfix sends
+commands to each Milter application in the order as configured with
+<a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>. When a Milter application rejects a command,
+that will override responses from other Milter applications. </p>
 
 <blockquote>
 <pre>
@@ -705,10 +706,9 @@ With rejected recipient: "error" </td> </tr>
 <h3><a name="send-macros">What macros will Postfix send to Milters?</a></h3>
 
 <p> Postfix sends specific sets of macros at different Milter protocol
-stages.  The sets are configured with the parameters as shown in the
-table below (EOH = end of headers; EOM = end of message). The
-protocol version is a number that Postfix sends at the beginning
-of the Milter protocol handshake. </p>
+stages. The names of these macros are configured with the parameters
+shown in the table below (EOH = end of headers; EOM = end of message).
+Some lists require a minimum Milter protocol version.  </p>
 
 <p> As of Sendmail 8.14.0, Milter applications can specify what
 macros they want to receive at different Milter protocol stages.
@@ -941,9 +941,8 @@ st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
 
 <p> The solution is to use Postfix version 2.4 or later. </p>
 
-<li> <p> Most Milter configuration options are global. Future Postfix
-versions may support per-Milter timeouts, per-Milter error handling,
-etc. </p>
+<li> <p> Postfix versions before 3.0 did not support per-Milter
+timeouts, per-Milter error handling, etc. </p>
 
 </ul>
 
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index acfea50b1..d524d840f 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -16612,28 +16612,11 @@ access restriction is specified. This prevents the Postfix queue
 from filling up with undeliverable MAILER-DAEMON messages.
 </p>
 
-<p> An address is considered "unknown" when it does not match a
-<a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping, and one of the following
-conditions holds: </p>
-
-<ul>
-
-<li> The recipient domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
-or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the recipient is not listed in
-$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
-
-<li> The recipient domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the
-recipient is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
-
-<li> The recipient domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
-recipient is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
-is not null.
-
-<li> The recipient domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the recipient
-is not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>
-is not null.
-
-</ul>
+<p> An address is considered "unknown" when 1) it does not match a
+<a href="virtual.5.html">virtual(5)</a> alias or <a href="canonical.5.html">canonical(5)</a> mapping, and 2) the address is not
+valid for its address class. For a definition of class-based address
+validation, see <a href="ADDRESS_CLASS_README.html#classes">
+ADDRESS_CLASS_README</a>. </p>
 
 <p>
 This feature is available in Postfix 2.1 and later.
@@ -16648,30 +16631,13 @@ This feature is available in Postfix 2.1 and later.
 <p> Request that the Postfix SMTP server rejects mail from unknown
 sender addresses, even when no explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a>
 access restriction is specified. This can slow down an explosion
-of forged mail from worms or viruses.  </p>
+of forged mail from worms or viruses. </p>
 
-<p> An address is considered "unknown" when it does not match a
-<a href="virtual.5.html">virtual(5)</a> alias or a <a href="canonical.5.html">canonical(5)</a> mapping, and one of the following
-conditions holds: </p>
-
-<ul>
-
-<li> The sender domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
-$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>, but the sender is not listed in
-$<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a>, and $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> is not null.
-
-<li> The sender domain matches $<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> but the sender
-is not listed in $<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>.
-
-<li> The sender domain matches $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> but the
-sender is not listed in $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>
-is not null.
-
-<li> The sender domain matches $<a href="postconf.5.html#relay_domains">relay_domains</a> but the sender is
-not listed in $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a>, and $<a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> is
-not null.
-
-</ul>
+<p> An address is considered "unknown" when 1) it does not match a
+<a href="virtual.5.html">virtual(5)</a> alias or <a href="canonical.5.html">canonical(5)</a> mapping, and 2) the address is not
+valid for its address class. For a definition of class-based address
+validation, see <a href="ADDRESS_CLASS_README.html#classes">
+ADDRESS_CLASS_README</a>. </p>
 
 <p>
 This feature is available in Postfix 2.1 and later.
@@ -17215,15 +17181,30 @@ feature is available in Postfix 2.1 and later.  </dd>
 
 <dt><b><a name="reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a></b></dt>
 
-<dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
-authenticated clients only. This feature is available in
-Postfix version 2.1 and later. </dd>
+<dd> Reject the request when the client is authenticated with SASL,
+but either the MAIL FROM address is not listed in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>,
+or the SASL login name is not an owner for that address.
+<br>
+This prevents an authenticated client from using a MAIL FROM address
+that they do not explicitly own.
+<br>
+This feature is available in Postfix version 2.1 and later. </dd>
 
 <dt><b><a name="reject_known_sender_login_mismatch">reject_known_sender_login_mismatch</a></b></dt>
 
-<dd>Apply the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction only to MAIL
-FROM addresses that are known in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.  This
-feature is available in Postfix version 2.11 and later. </dd>
+<dd> When the client is authenticated with SASL, reject the request
+when the MAIL FROM address is listed in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>,
+but the SASL login name is not an owner for that address.
+<br>
+When the client is not authenticated with SASL, reject the request
+when SASL is enabled, and the MAIL FROM address is listed in
+$<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.
+<br>
+This protects any MAIL FROM address that is listed in
+$<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>, while still allowing a client to use any
+unlisted MAIL FROM address.
+<br>
+This feature is available in Postfix version 2.11 and later.</dd>
 
 <dt><b><a name="reject_non_fqdn_sender">reject_non_fqdn_sender</a></b></dt>
 
@@ -17251,17 +17232,20 @@ This feature is available in Postfix 2.0 and later.</dd>
 
 <dt><b><a name="reject_sender_login_mismatch">reject_sender_login_mismatch</a></b></dt>
 
-<dd>Reject the request when $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> specifies an
-owner for the MAIL FROM address, but the client is not (SASL) logged
-in as that MAIL FROM address owner; or when the client is (SASL)
-logged in, but the client login name doesn't own the MAIL FROM
-address according to $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.</dd>
+<dd> As of Postfix 2.1, this is an alias for
+"<a href="postconf.5.html#reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a>,
+<a href="postconf.5.html#reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a>".</dd>
 
 <dt><b><a name="reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a></b></dt>
 
-<dd>Enforces the <a href="postconf.5.html#reject_sender_login_mismatch">reject_sender_login_mismatch</a> restriction for
-unauthenticated clients only. This feature is available in
-Postfix version 2.1 and later. </dd>
+<dd> Reject the request when SASL is enabled, the MAIL FROM address
+is listed in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>, but the client is not
+authenticated with SASL.
+<br>
+With SASL enabled, this prevents an unauthenticated client from
+using any MAIL FROM address that is listed in $<a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a>.
+<br>
+This feature is available in Postfix version 2.1 and later.</dd>
 
 <dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
 
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index 10d2e67d3..c579e1cba 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -11490,25 +11490,11 @@ recipient addresses, even when no explicit reject_unlisted_recipient
 access restriction is specified. This prevents the Postfix queue
 from filling up with undeliverable MAILER\-DAEMON messages.
 .PP
-An address is considered "unknown" when it does not match a
-\fBvirtual\fR(5) alias or a \fBcanonical\fR(5) mapping, and one of the following
-conditions holds:
-.IP \(bu
-The recipient domain matches $mydestination, $inet_interfaces
-or $proxy_interfaces, but the recipient is not listed in
-$local_recipient_maps, and $local_recipient_maps is not null.
-.IP \(bu
-The recipient domain matches $virtual_alias_domains but the
-recipient is not listed in $virtual_alias_maps.
-.IP \(bu
-The recipient domain matches $virtual_mailbox_domains but the
-recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
-is not null.
-.IP \(bu
-The recipient domain matches $relay_domains but the recipient
-is not listed in $relay_recipient_maps, and $relay_recipient_maps
-is not null.
-.br
+An address is considered "unknown" when 1) it does not match a
+\fBvirtual\fR(5) alias or \fBcanonical\fR(5) mapping, and 2) the address is not
+valid for its address class. For a definition of class\-based address
+validation, see
+ADDRESS_CLASS_README.
 .PP
 This feature is available in Postfix 2.1 and later.
 .SH smtpd_reject_unlisted_sender (default: no)
@@ -11517,25 +11503,11 @@ sender addresses, even when no explicit reject_unlisted_sender
 access restriction is specified. This can slow down an explosion
 of forged mail from worms or viruses.
 .PP
-An address is considered "unknown" when it does not match a
-\fBvirtual\fR(5) alias or a \fBcanonical\fR(5) mapping, and one of the following
-conditions holds:
-.IP \(bu
-The sender domain matches $mydestination, $inet_interfaces or
-$proxy_interfaces, but the sender is not listed in
-$local_recipient_maps, and $local_recipient_maps is not null.
-.IP \(bu
-The sender domain matches $virtual_alias_domains but the sender
-is not listed in $virtual_alias_maps.
-.IP \(bu
-The sender domain matches $virtual_mailbox_domains but the
-sender is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
-is not null.
-.IP \(bu
-The sender domain matches $relay_domains but the sender is
-not listed in $relay_recipient_maps, and $relay_recipient_maps is
-not null.
-.br
+An address is considered "unknown" when 1) it does not match a
+\fBvirtual\fR(5) alias or \fBcanonical\fR(5) mapping, and 2) the address is not
+valid for its address class. For a definition of class\-based address
+validation, see
+ADDRESS_CLASS_README.
 .PP
 This feature is available in Postfix 2.1 and later.
 .SH smtpd_relay_before_recipient_restrictions (default: see "postconf \-d" output)
@@ -11921,14 +11893,29 @@ use DUNNO in order to exclude specific hosts from denylists.  This
 feature is available in Postfix 2.1 and later.
 .br
 .IP "\fBreject_authenticated_sender_login_mismatch\fR"
-Enforces the reject_sender_login_mismatch restriction for
-authenticated clients only. This feature is available in
-Postfix version 2.1 and later.
+Reject the request when the client is authenticated with SASL,
+but either the MAIL FROM address is not listed in $smtpd_sender_login_maps,
+or the SASL login name is not an owner for that address.
+.br
+This prevents an authenticated client from using a MAIL FROM address
+that they do not explicitly own.
+.br
+This feature is available in Postfix version 2.1 and later.
 .br
 .IP "\fBreject_known_sender_login_mismatch\fR"
-Apply the reject_sender_login_mismatch restriction only to MAIL
-FROM addresses that are known in $smtpd_sender_login_maps.  This
-feature is available in Postfix version 2.11 and later.
+When the client is authenticated with SASL, reject the request
+when the MAIL FROM address is listed in $smtpd_sender_login_maps,
+but the SASL login name is not an owner for that address.
+.br
+When the client is not authenticated with SASL, reject the request
+when SASL is enabled, and the MAIL FROM address is listed in
+$smtpd_sender_login_maps.
+.br
+This protects any MAIL FROM address that is listed in
+$smtpd_sender_login_maps, while still allowing a client to use any
+unlisted MAIL FROM address.
+.br
+This feature is available in Postfix version 2.11 and later.
 .br
 .IP "\fBreject_non_fqdn_sender\fR"
 Reject the request when the MAIL FROM address specifies a
@@ -11957,16 +11944,19 @@ specifies tables with server replies indexed by \fIrbl_domain\fR.
 This feature is available in Postfix 2.0 and later.
 .br
 .IP "\fBreject_sender_login_mismatch\fR"
-Reject the request when $smtpd_sender_login_maps specifies an
-owner for the MAIL FROM address, but the client is not (SASL) logged
-in as that MAIL FROM address owner; or when the client is (SASL)
-logged in, but the client login name doesn't own the MAIL FROM
-address according to $smtpd_sender_login_maps.
+As of Postfix 2.1, this is an alias for
+"reject_authenticated_sender_login_mismatch,
+reject_unauthenticated_sender_login_mismatch".
 .br
 .IP "\fBreject_unauthenticated_sender_login_mismatch\fR"
-Enforces the reject_sender_login_mismatch restriction for
-unauthenticated clients only. This feature is available in
-Postfix version 2.1 and later.
+Reject the request when SASL is enabled, the MAIL FROM address
+is listed in $smtpd_sender_login_maps, but the client is not
+authenticated with SASL.
+.br
+With SASL enabled, this prevents an unauthenticated client from
+using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
+.br
+This feature is available in Postfix version 2.1 and later.
 .br
 .IP "\fBreject_unknown_sender_domain\fR"
 Reject the request when Postfix is not the final destination for
diff --git a/postfix/proto/ADDRESS_CLASS_README.html b/postfix/proto/ADDRESS_CLASS_README.html
index ca4bb6722..ccf69b1bb 100644
--- a/postfix/proto/ADDRESS_CLASS_README.html
+++ b/postfix/proto/ADDRESS_CLASS_README.html
@@ -50,10 +50,11 @@ address classes are very important for the operation of Postfix. </p>
 
 <ul>
 
-<li> <p> The list of domains that are a member of the class: for
-example, all local domains, or all relay domains. </p>
+<li> <p> The list of domains that are a member of that address
+class: for example, all local domains, or all relay domains. </p>
 
-<li> <p> The default delivery transport. For example, the local,
+<li> <p> The default delivery transport for that address class. For
+example, the local,
 virtual or relay delivery transport (delivery transports are defined
 in master.cf). This helps to keep Postfix configurations simple,
 by avoiding the need for explicit routing information in transport
@@ -80,7 +81,8 @@ are. </p>
 
 <li> <p> Purpose: final delivery for traditional UNIX system accounts
 and traditional Sendmail-style aliases. This is typically used for
-the canonical domains of the machine.  For a discussion of the
+the canonical domains of the machine (for example, $myhostname,
+$mydomain).  For a discussion of the
 difference between canonical domains, hosted domains and other
 domains, see the VIRTUAL_README file. </p>
 
@@ -108,7 +110,8 @@ class. </p>
 <ul>
 
 <li> <p> Purpose: hosted domains where each recipient address is
-aliased to a local UNIX system account or to a remote address.  A
+aliased to an address in a different domain, for example, a local
+UNIX system account or a remote address.  A
 virtual alias example is given in the VIRTUAL_README file. </p>
 
 <li> <p> Domain names are listed in virtual_alias_domains. The
@@ -121,7 +124,7 @@ parameter. The Postfix SMTP server rejects invalid recipients with
 $virtual_maps for Postfix 1.1 compatibility. </p>
 
 <li> <p> There is no mail delivery transport parameter. Every
-address must be aliased to some other address. </p>
+address must be aliased to an address in some other domain. </p>
 
 </ul>
 
@@ -223,9 +226,9 @@ is needed to keep undeliverable mail (and bounced undeliverable
 mail) out of the mail queue. This is controlled by the
 smtpd_reject_unlisted_recipient configuration parameter. </p>
 
-<li> <p> As of Postfix version 2.1, the SMTP server also rejects
+<li> <p> As of Postfix version 2.1, the SMTP server can also reject
 unknown sender addresses (i.e. addresses that it would reject as
-unknown recipient addresses).  Sender "egress filtering" can help
+an unknown recipient addresses). Sender "egress filtering" can help
 to slow down an email worm explosion.  This is controlled by the
 smtpd_reject_unlisted_sender configuration parameter. </p>
 
diff --git a/postfix/proto/MAILLOG_README.html b/postfix/proto/MAILLOG_README.html
index 5a19a92e5..5591eb884 100644
--- a/postfix/proto/MAILLOG_README.html
+++ b/postfix/proto/MAILLOG_README.html
@@ -174,7 +174,8 @@ to $maillog_file (also, logging to stdout would interfere with the
 operation of some of these programs). These programs can log to
 postlogd(8) if they are run by the super-user, or if their executable
 file has set-gid permission. Do not set this permission on programs
-other than postdrop(1) and postqueue(1).
+other than postdrop(1), postqueue(1), and (Postfix &ge; 3.7)
+postlog(1).
 
 </ul>
 
diff --git a/postfix/proto/MILTER_README.html b/postfix/proto/MILTER_README.html
index a0d5ac692..1f2868d27 100644
--- a/postfix/proto/MILTER_README.html
+++ b/postfix/proto/MILTER_README.html
@@ -194,8 +194,9 @@ href="QSHAPE_README.html#incoming_queue"> incoming </a> </td>
 
 <h2><a name="building">Building Milter applications</a></h2>
 
-<p> Milter applications have been written in C, JAVA and Perl, but
-this document deals with C applications only.   For these, you need
+<p> Milter applications have been written in C, Haskell, Java, Perl,
+Python, Rust, and more, but
+this document covers C applications only. For these, you need
 an object library that implements the Sendmail 8 Milter protocol.
 Postfix currently does not provide such a library, but Sendmail
 does. </p>
@@ -286,10 +287,10 @@ information. </blockquote>
 <p> You specify SMTP-only Milter applications (there can be more
 than one) with the smtpd_milters parameter.  Each Milter application
 is identified by the name of its listening socket; other Milter
-configuration options will be discussed in later sections.  Milter
-applications are applied in the order as specified, and the first
-Milter application that rejects a command will override the responses
-from other Milter applications.  </p>
+configuration options will be discussed in later sections. Postfix
+sends commands to each Milter application in the order as configured
+with smtpd_milters. When a Milter application rejects a command,
+that will override responses from other Milter applications. </p>
 
 <blockquote>
 <pre>
@@ -348,10 +349,10 @@ information. </p>
 <p> You specify non-SMTP Milter applications with the non_smtpd_milters
 parameter. This parameter uses the same syntax as the smtpd_milters
 parameter in the previous section. As with the SMTP-only filters,
-you can specify more than one Milter application; they are applied
-in the order as specified, and the first Milter application that
-rejects a command will override the responses from the other
-applications.  </p>
+you can specify more than one Milter application. Postfix sends
+commands to each Milter application in the order as configured with
+non_smtpd_milters. When a Milter application rejects a command,
+that will override responses from other Milter applications. </p>
 
 <blockquote>
 <pre>
@@ -705,10 +706,9 @@ With rejected recipient: "error" </td> </tr>
 <h3><a name="send-macros">What macros will Postfix send to Milters?</a></h3>
 
 <p> Postfix sends specific sets of macros at different Milter protocol
-stages.  The sets are configured with the parameters as shown in the
-table below (EOH = end of headers; EOM = end of message). The
-protocol version is a number that Postfix sends at the beginning
-of the Milter protocol handshake. </p>
+stages. The names of these macros are configured with the parameters
+shown in the table below (EOH = end of headers; EOM = end of message).
+Some lists require a minimum Milter protocol version.  </p>
 
 <p> As of Sendmail 8.14.0, Milter applications can specify what
 macros they want to receive at different Milter protocol stages.
@@ -941,9 +941,8 @@ st_optionneg[134563840]: 0x3d does not fulfill action requirements 0x1e
 
 <p> The solution is to use Postfix version 2.4 or later. </p>
 
-<li> <p> Most Milter configuration options are global. Future Postfix
-versions may support per-Milter timeouts, per-Milter error handling,
-etc. </p>
+<li> <p> Postfix versions before 3.0 did not support per-Milter
+timeouts, per-Milter error handling, etc. </p>
 
 </ul>
 
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 28ff0965a..a2160d9cf 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -6680,15 +6680,30 @@ feature is available in Postfix 2.1 and later.  </dd>
 
 <dt><b><a name="reject_authenticated_sender_login_mismatch">reject_authenticated_sender_login_mismatch</a></b></dt>
 
-<dd>Enforces the reject_sender_login_mismatch restriction for
-authenticated clients only. This feature is available in
-Postfix version 2.1 and later. </dd>
+<dd> Reject the request when the client is authenticated with SASL,
+but either the MAIL FROM address is not listed in $smtpd_sender_login_maps,
+or the SASL login name is not an owner for that address.
+<br>
+This prevents an authenticated client from using a MAIL FROM address
+that they do not explicitly own.
+<br>
+This feature is available in Postfix version 2.1 and later. </dd>
 
 <dt><b><a name="reject_known_sender_login_mismatch">reject_known_sender_login_mismatch</a></b></dt>
 
-<dd>Apply the reject_sender_login_mismatch restriction only to MAIL
-FROM addresses that are known in $smtpd_sender_login_maps.  This
-feature is available in Postfix version 2.11 and later. </dd>
+<dd> When the client is authenticated with SASL, reject the request
+when the MAIL FROM address is listed in $smtpd_sender_login_maps,
+but the SASL login name is not an owner for that address.
+<br>
+When the client is not authenticated with SASL, reject the request
+when SASL is enabled, and the MAIL FROM address is listed in
+$smtpd_sender_login_maps.
+<br>
+This protects any MAIL FROM address that is listed in
+$smtpd_sender_login_maps, while still allowing a client to use any
+unlisted MAIL FROM address.
+<br>
+This feature is available in Postfix version 2.11 and later.</dd>
 
 <dt><b><a name="reject_non_fqdn_sender">reject_non_fqdn_sender</a></b></dt>
 
@@ -6716,17 +6731,20 @@ This feature is available in Postfix 2.0 and later.</dd>
 
 <dt><b><a name="reject_sender_login_mismatch">reject_sender_login_mismatch</a></b></dt>
 
-<dd>Reject the request when $smtpd_sender_login_maps specifies an
-owner for the MAIL FROM address, but the client is not (SASL) logged
-in as that MAIL FROM address owner; or when the client is (SASL)
-logged in, but the client login name doesn't own the MAIL FROM
-address according to $smtpd_sender_login_maps.</dd>
+<dd> As of Postfix 2.1, this is an alias for
+"reject_authenticated_sender_login_mismatch,
+reject_unauthenticated_sender_login_mismatch".</dd>
 
 <dt><b><a name="reject_unauthenticated_sender_login_mismatch">reject_unauthenticated_sender_login_mismatch</a></b></dt>
 
-<dd>Enforces the reject_sender_login_mismatch restriction for
-unauthenticated clients only. This feature is available in
-Postfix version 2.1 and later. </dd>
+<dd> Reject the request when SASL is enabled, the MAIL FROM address
+is listed in $smtpd_sender_login_maps, but the client is not
+authenticated with SASL.
+<br>
+With SASL enabled, this prevents an unauthenticated client from
+using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
+<br>
+This feature is available in Postfix version 2.1 and later.</dd>
 
 <dt><b><a name="reject_unknown_sender_domain">reject_unknown_sender_domain</a></b></dt>
 
@@ -8750,28 +8768,11 @@ access restriction is specified. This prevents the Postfix queue
 from filling up with undeliverable MAILER-DAEMON messages.
 </p>
 
-<p> An address is considered "unknown" when it does not match a
-virtual(5) alias or a canonical(5) mapping, and one of the following
-conditions holds: </p>
-
-<ul>
-
-<li> The recipient domain matches $mydestination, $inet_interfaces
-or $proxy_interfaces, but the recipient is not listed in
-$local_recipient_maps, and $local_recipient_maps is not null.
-
-<li> The recipient domain matches $virtual_alias_domains but the
-recipient is not listed in $virtual_alias_maps.
-
-<li> The recipient domain matches $virtual_mailbox_domains but the
-recipient is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
-is not null.
-
-<li> The recipient domain matches $relay_domains but the recipient
-is not listed in $relay_recipient_maps, and $relay_recipient_maps
-is not null.
-
-</ul>
+<p> An address is considered "unknown" when 1) it does not match a
+virtual(5) alias or canonical(5) mapping, and 2) the address is not
+valid for its address class. For a definition of class-based address
+validation, see <a href="ADDRESS_CLASS_README.html#classes">
+ADDRESS_CLASS_README</a>. </p>
 
 <p>
 This feature is available in Postfix 2.1 and later.
@@ -8782,30 +8783,13 @@ This feature is available in Postfix 2.1 and later.
 <p> Request that the Postfix SMTP server rejects mail from unknown
 sender addresses, even when no explicit reject_unlisted_sender
 access restriction is specified. This can slow down an explosion
-of forged mail from worms or viruses.  </p>
+of forged mail from worms or viruses. </p>
 
-<p> An address is considered "unknown" when it does not match a 
-virtual(5) alias or a canonical(5) mapping, and one of the following
-conditions holds: </p>
-
-<ul>
-
-<li> The sender domain matches $mydestination, $inet_interfaces or
-$proxy_interfaces, but the sender is not listed in
-$local_recipient_maps, and $local_recipient_maps is not null.
-
-<li> The sender domain matches $virtual_alias_domains but the sender
-is not listed in $virtual_alias_maps.
-
-<li> The sender domain matches $virtual_mailbox_domains but the
-sender is not listed in $virtual_mailbox_maps, and $virtual_mailbox_maps
-is not null.
-
-<li> The sender domain matches $relay_domains but the sender is
-not listed in $relay_recipient_maps, and $relay_recipient_maps is
-not null.
-
-</ul>
+<p> An address is considered "unknown" when 1) it does not match a
+virtual(5) alias or canonical(5) mapping, and 2) the address is not
+valid for its address class. For a definition of class-based address
+validation, see <a href="ADDRESS_CLASS_README.html#classes">
+ADDRESS_CLASS_README</a>. </p>
 
 <p>
 This feature is available in Postfix 2.1 and later.
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 5c902b790..e1d426aca 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20220509"
+#define MAIL_RELEASE_DATE	"20220527"
 #define MAIL_VERSION_NUMBER	"3.8"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/milter/milter8.c b/postfix/src/milter/milter8.c
index ab2bc868c..6c9a1eec4 100644
--- a/postfix/src/milter/milter8.c
+++ b/postfix/src/milter/milter8.c
@@ -128,6 +128,7 @@
 #define SMFIC_OPTNEG		'O'	/* Option negotiation */
 #define SMFIC_QUIT		'Q'	/* QUIT */
 #define SMFIC_RCPT		'R'	/* RCPT to */
+ /* Introduced with Sendmail 8.13. */
 #define SMFIC_DATA		'T'	/* DATA */
 #define SMFIC_UNKNOWN		'U'	/* Any unknown command */
  /* Introduced with Sendmail 8.14. */
@@ -146,6 +147,7 @@ static const NAME_CODE smfic_table[] = {
     "SMFIC_OPTNEG", SMFIC_OPTNEG,
     "SMFIC_QUIT", SMFIC_QUIT,
     "SMFIC_RCPT", SMFIC_RCPT,
+    /* Introduced with Sendmail 8.13. */
     "SMFIC_DATA", SMFIC_DATA,
     "SMFIC_UNKNOWN", SMFIC_UNKNOWN,
     /* Introduced with Sendmail 8.14. */
@@ -214,11 +216,12 @@ static const NAME_CODE smfir_table[] = {
 #define SMFIP_NOBODY		(1L<<4)	/* filter does not want body */
 #define SMFIP_NOHDRS		(1L<<5)	/* filter does not want headers */
 #define SMFIP_NOEOH		(1L<<6)	/* filter does not want EOH */
-#define SMFIP_NR_HDR		(1L<<7)	/* filter won't reply for header */
+ /* Introduced with Sendmail 8.13. */
 #define SMFIP_NOHREPL		SMFIP_NR_HDR
+ /* Introduced with Sendmail 8.14. */
+#define SMFIP_NR_HDR		(1L<<7)	/* filter won't reply for header */
 #define SMFIP_NOUNKNOWN 	(1L<<8)	/* filter does not want unknown cmd */
 #define SMFIP_NODATA		(1L<<9)	/* filter does not want DATA */
- /* Introduced with Sendmail 8.14. */
 #define SMFIP_SKIP		(1L<<10)/* MTA supports SMFIR_SKIP */
 #define SMFIP_RCPT_REJ		(1L<<11)/* filter wants rejected RCPTs */
 #define SMFIP_NR_CONN		(1L<<12)/* filter won't reply for connect */
@@ -249,10 +252,10 @@ static const NAME_MASK smfip_table[] = {
     "SMFIP_NOBODY", SMFIP_NOBODY,
     "SMFIP_NOHDRS", SMFIP_NOHDRS,
     "SMFIP_NOEOH", SMFIP_NOEOH,
+    /* Introduced with Sendmail 8.14. */
     "SMFIP_NR_HDR", SMFIP_NR_HDR,
     "SMFIP_NOUNKNOWN", SMFIP_NOUNKNOWN,
     "SMFIP_NODATA", SMFIP_NODATA,
-    /* Introduced with Sendmail 8.14. */
     "SMFIP_SKIP", SMFIP_SKIP,
     "SMFIP_RCPT_REJ", SMFIP_RCPT_REJ,
     "SMFIP_NR_CONN", SMFIP_NR_CONN,
@@ -276,6 +279,7 @@ static const NAME_MASK smfip_table[] = {
 #define SMFIF_ADDRCPT		(1L<<2)	/* filter may add recipients */
 #define SMFIF_DELRCPT		(1L<<3)	/* filter may delete recipients */
 #define SMFIF_CHGHDRS		(1L<<4)	/* filter may change/delete headers */
+ /* Introduced with Sendmail 8.13. */
 #define SMFIF_QUARANTINE 	(1L<<5)	/* filter may quarantine envelope */
  /* Introduced with Sendmail 8.14. */
 #define SMFIF_CHGFROM		(1L<<6)	/* filter may replace sender */
@@ -288,6 +292,7 @@ static const NAME_MASK smfif_table[] = {
     "SMFIF_ADDRCPT", SMFIF_ADDRCPT,
     "SMFIF_DELRCPT", SMFIF_DELRCPT,
     "SMFIF_CHGHDRS", SMFIF_CHGHDRS,
+    /* Introduced with Sendmail 8.13. */
     "SMFIF_QUARANTINE", SMFIF_QUARANTINE,
     /* Introduced with Sendmail 8.14. */
     "SMFIF_CHGFROM", SMFIF_CHGFROM,