all input lines ending in <CR><LF> only if the first input
line ends in <CR><LF>). Files: sendmail/sendmail.c,
global/mail_params.h, proto/postconf.proto.
+
+20111017
+
+ Cleanup: refined the heuristic that automagically transforms
+ legacy "sendmail -V" VERP requests into contemporary "sendmail
+ -XV" syntax. File: sendmail/sendmail.c.
+
+ Cleanup: when the cleanup daemon goes into discard mode,
+ don't get stuck when it runs onto milter file descriptor
+ information. File: cleanup/cleanup.c.
+
+20111020
+
+ EAI Future-proofing: don't apply strict_mime_encoding_domain
+ checks to unknown message subtypes such as message/global*.
+ File: global/mime_state.c.
this parameter limits the size of the short-term, in-memory list of
"dead" destinations. Destinations that don't fit the list are not
added.
+ transport_destination_concurrency_failed_cohort_limit
+ Controls when a destination is considered "dead". This parameter is
+ critical with a non-zero transport_destination_rate_delay, with a
+ reduced transport_destination_concurrency_limit, or with a reduced
+ initial_destination_concurrency.
IMPORTANT: If you increase the frequency of deferred mail delivery attempts, or
if you flush the deferred mail queue frequently, then you may find that Postfix
that require performance for low-security operations
such as sharing the postscreen cache.
+ What is the feasibility of adding an mta_name (personality)
+ attribute that is propagated via queue files and delivery
+ agent requests? It would default to myhostname.
+
+ Major performance improvement opportunity (that is until
+ everyone runs Postfix queues on SSDs). Investigate the
+ viability of a daemon that produces incoming and postdrop
+ queue files on request (in reality it would maintain a
+ limited queue of "spare" files). Central queue file allocation
+ reduces the I/O performance disadvantage that qmgr has when
+ 100 smtpd processes are receiving mail, or when lots of
+ mail is submitted with the sendmail command line. When an
+ smtpd process accepts MAIL FROM, a cleanup daemon requests
+ a queue file and receives a queue ID + file handle from the
+ queue file daemon. If the queue file daemon is down, the
+ cleanup daemon creates the file itself like it does now;
+ this can be hidden in the mail_stream library module. If
+ the mail transaction is aborted, then the cleanup daemon
+ gives the queue file back to the queue file daemon's "spare"
+ file pool, saving most of the overhead of creating and
+ deleting a queue file (the file would still need to be
+ renamed at the start of the next mail transaction). If the
+ cleanup daemon is unable to give a file back, then it can
+ delete the file like it does now; this can be hidden in the
+ mail_stream library module. The whole thing can be
+ transparently added to Postfix by adding calls to a
+ queue-file-service client to the mail_queue_enter() and
+ mail_queue_remove() library routines. Other advantages:
+ 1) negligible performance hit when queue file allocation
+ happens earlier, so that logging and milters have a queue
+ ID for the whole transaction not just the first valid
+ recipient; 2) by not removing every queue files we get most
+ of the performance gain of a queue based on append/truncate
+ instead of the much more expensive create/delete.
+
Investigate viability of Sendmail socket maps (the moral
equivalent of tcp_table(5)), and dns maps.
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#debugger_command">debugger_command</a> =
PATH=/bin:/usr/bin:/usr/local/bin;
- (truss -p $<a href="postconf.5.html#process_id">process_id</a> 2>&1 | logger -p mail.info) & sleep 5
+ (truss -p $<a href="postconf.5.html#process_id">process_id</a> 2>&1 | logger -p mail.info) & sleep 5
</pre>
</blockquote>
of "dead" destinations. Destinations that don't fit the list are
not added. </dd>
+<dt> <a href="postconf.5.html#transport_destination_concurrency_failed_cohort_limit"><i>transport</i>_destination_concurrency_failed_cohort_limit</a>
+</dt> <dd> Controls when a destination is considered "dead". This
+parameter is critical with a non-zero
+<a href="postconf.5.html#transport_destination_rate_delay"><i>transport</i>_destination_rate_delay</a>, with a reduced
+<a href="postconf.5.html#transport_destination_concurrency_limit"><i>transport</i>_destination_concurrency_limit</a>, or with
+a reduced <a href="postconf.5.html#initial_destination_concurrency">initial_destination_concurrency</a>. </dd>
+
</dl>
</blockquote>
ples.
<b>COMPATIBILITY CONTROLS</b>
+ Available with Postfix 2.9 and later:
+
<b>sendmail_fix_line_endings (always)</b>
Controls how the Postfix sendmail command converts
email message line endings from <CR><LF> into UNIX
ples.
<b>COMPATIBILITY CONTROLS</b>
+ Available with Postfix 2.9 and later:
+
<b>sendmail_fix_line_endings (always)</b>
Controls how the Postfix sendmail command converts
email message line endings from <CR><LF> into UNIX
<p> Mandatory TLS: announce STARTTLS support to SMTP clients,
and require that clients use TLS encryption. According to <a href="http://tools.ietf.org/html/rfc2487">RFC 2487</a>
this MUST NOT be applied in case of a publicly-referenced SMTP
-server. This option is off by default and should be used only on
-dedicated servers. </p>
+server. This option is therefore off by default. </p>
<p> Note 1: "<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> = yes" implies "<a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> = yes". </p>
ples.
<b>COMPATIBILITY CONTROLS</b>
+ Available with Postfix 2.9 and later:
+
<b>sendmail_fix_line_endings (always)</b>
Controls how the Postfix sendmail command converts
email message line endings from <CR><LF> into UNIX
.nf
.ad
.fi
+Available with Postfix 2.9 and later:
.IP "\fBsendmail_fix_line_endings (always)\fR"
Controls how the Postfix sendmail command converts email message
line endings from <CR><LF> into UNIX format (<LF>).
Mandatory TLS: announce STARTTLS support to SMTP clients,
and require that clients use TLS encryption. According to RFC 2487
this MUST NOT be applied in case of a publicly-referenced SMTP
-server. This option is off by default and should be used only on
-dedicated servers.
+server. This option is therefore off by default.
.PP
Note 1: "smtpd_enforce_tls = yes" implies "smtpd_tls_auth_only = yes".
.PP
/etc/postfix/main.cf:
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin;
- (truss -p $process_id 2>&1 | logger -p mail.info) & sleep 5
+ (truss -p $process_id 2>&1 | logger -p mail.info) & sleep 5
</pre>
</blockquote>
of "dead" destinations. Destinations that don't fit the list are
not added. </dd>
+<dt> <i>transport</i>_destination_concurrency_failed_cohort_limit
+</dt> <dd> Controls when a destination is considered "dead". This
+parameter is critical with a non-zero
+<i>transport</i>_destination_rate_delay, with a reduced
+<i>transport</i>_destination_concurrency_limit, or with
+a reduced initial_destination_concurrency. </dd>
+
</dl>
</blockquote>
<p> Mandatory TLS: announce STARTTLS support to SMTP clients,
and require that clients use TLS encryption. According to RFC 2487
this MUST NOT be applied in case of a publicly-referenced SMTP
-server. This option is off by default and should be used only on
-dedicated servers. </p>
+server. This option is therefore off by default. </p>
<p> Note 1: "smtpd_enforce_tls = yes" implies "smtpd_tls_auth_only = yes". </p>
*/
if (CLEANUP_OUT_OK(state) == 0 && type > 0) {
while (type != REC_TYPE_END
- && (type = rec_get(src, buf, 0)) > 0)
- /* void */ ;
+ && (type = rec_get(src, buf, 0)) > 0) {
+ if (type == REC_TYPE_MILT_COUNT) {
+ int milter_count = atoi(vstring_str(buf));
+
+ /* Avoid deadlock. */
+ if (milter_count >= 0)
+ cleanup_milter_receive(state, milter_count);
+ }
+ }
}
/*
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20111012"
+#define MAIL_RELEASE_DATE "20111024"
#define MAIL_VERSION_NUMBER "2.9"
#ifdef SNAPSHOT
if (state->curr_domain != MIME_ENC_7BIT)
REPORT_ERROR(state, MIME_ERR_ENCODING_DOMAIN,
mime_state_enc_name(state->curr_encoding));
- } else {
+ }
+ /* EAI: message/global allows non-identity encoding. */
+ else if (state->curr_stype == MIME_STYPE_RFC822) {
if (state->curr_encoding != state->curr_domain)
REPORT_ERROR(state, MIME_ERR_ENCODING_DOMAIN,
mime_state_enc_name(state->curr_encoding));
count++;
(void) rec_fprintf(stream, REC_TYPE_MILT_COUNT, "%d", count);
+ if (msg_verbose)
+ msg_info("send %d milters");
+
/*
* XXX Optimization: don't send or receive further information when there
* aren't any active filters.
MILTER *tail = 0;
MILTER *milter = 0;
+ if (msg_verbose)
+ msg_info("receive %d milters", count);
+
/*
* XXX We must instantiate a MILTERS structure even when the sender has
* no active filters, otherwise the cleanup server would try to use its
/* COMPATIBILITY CONTROLS
/* .ad
/* .fi
+/* Available with Postfix 2.9 and later:
/* .IP "\fBsendmail_fix_line_endings (always)\fR"
/* Controls how the Postfix sendmail command converts email message
/* line endings from <CR><LF> into UNIX format (<LF>).
optind++;
continue;
}
- if (strcmp(argv[OPTIND], "-V") == 0) {
+ if (strcmp(argv[OPTIND], "-V") == 0
+ && argv[OPTIND + 1] != 0 && strlen(argv[OPTIND + 1]) == 2) {
msg_warn("option -V is deprecated with Postfix 2.3; "
"specify -XV instead");
argv[OPTIND] = "-XV";
#define SMTPD_FLAG_ILL_PIPELINING (1<<1) /* inappropriate pipelining */
#define SMTPD_FLAG_AUTH_USED (1<<2) /* don't reuse SASL state */
+ /* Security: don't reset SMTPD_FLAG_AUTH_USED. */
#define SMTPD_MASK_MAIL_KEEP ~0 /* keep all after MAIL reset */
#define SMTPD_STATE_XFORWARD_INIT (1<<0) /* xforward preset done */
projects / thirdparty / postfix.git / commitdiff
