complicating troubleshooting. The fix is to log additional
context to clarify that this "no match" condition is for
smtpd_log_access_permit_actions. File: smtpd/smtpd_check.c.
+
+20160228
+
+ Documentation: typos in postfix-tls-script(1) manpage.
+
+20160327
+
+ Documentation: line wrapping in postconf(1) manpage.
+
+20160310
+
+ Bugfix (introduced: Postfix 2.6): the Milter SMFIR_CHGFROM
+ (replace sender) request lost the sender_bcc_maps address.
+ Fixed by moving some record keeping to the sender output
+ function. Files: cleanup/cleanup_envelope.c,
+ cleanup/cleanup_addr.c, cleanup/cleanup_milter.c,
+ cleanup/cleanup.h, regression tests.
+
+20160410
+
+ Bugfix (introduced: Postfix 2.6): the "bad filetype"
+ header_checks pattern falsely rejected Content-Mumble headers
+ with ``name="example"; x-apple-part-url="example.com"''.
+ Fixed by respecting the ";" separator between content
+ attribute values. Reported by Cedric Knight. File:
+ proto/header_checks.
+
+20160515
+
+ Portability: OpenBSD 6.0. Files: makedefs, util/sys_defs.h.
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
-# /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
+# /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
# This is typically used as follows:
# .sp
# \fBpostfix tls all-default-client &&
-# postfix tls enable-tls-client\fR
+# postfix tls enable-client\fR
# .IP "\fBall-default-server\fR"
# Exit with status 0 (success) if all SMTP server TLS settings are
# at their default values. Otherwise, exit with a non-zero status.
# This is typically used as follows:
# .sp
# \fBpostfix tls all-default-server &&
-# postfix tls enable-tls-server\fR
+# postfix tls enable-server\fR
# CONFIGURATION PARAMETERS
# .ad
# .fi
<a href="postconf.5.html#header_checks">header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.<a href="pcre_table.5.html">pcre</a>:
- /^Content-(Disposition|Type).*name\s*=\s*"?(.*(\.|=2E)(
+ /^Content-(Disposition|Type).*name\s*=\s*"?([^;]*(\.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
/etc/postfix/<a href="master.5.html">master.cf</a>, Postfix master daemon configuration
<b>SEE ALSO</b>
- <a href="bounce.5.html">bounce(5)</a>, bounce template file format <a href="master.5.html">master(5)</a>, <a href="master.5.html">master.cf</a>
- configuration file syntax <a href="postconf.5.html">postconf(5)</a>, <a href="postconf.5.html">main.cf</a> configuration
- file syntax
+ <a href="bounce.5.html">bounce(5)</a>, bounce template file format
+ <a href="master.5.html">master(5)</a>, <a href="master.5.html">master.cf</a> configuration file syntax
+ <a href="postconf.5.html">postconf(5)</a>, <a href="postconf.5.html">main.cf</a> configuration file syntax
<b>README FILES</b>
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
This is typically used as follows:
<b><a href="postfix-tls.1.html">postfix tls</a> all-default-client</b> &&
- <b><a href="postfix-tls.1.html">postfix tls</a> enable-tls-client</b>
+ <b><a href="postfix-tls.1.html">postfix tls</a> enable-client</b>
<b>all-default-server</b>
Exit with status 0 (success) if all SMTP server TLS settings are
This is typically used as follows:
<b><a href="postfix-tls.1.html">postfix tls</a> all-default-server</b> &&
- <b><a href="postfix-tls.1.html">postfix tls</a> enable-tls-server</b>
+ <b><a href="postfix-tls.1.html">postfix tls</a> enable-server</b>
<b>CONFIGURATION PARAMETERS</b>
The "<b><a href="postfix-tls.1.html">postfix tls</a></b> <i>subcommand</i>" feature reads or updates the following
The optional "after 220 server greeting" tests involve <a href="postscreen.8.html"><b>postscreen</b>(8)</a>'s
built-in SMTP protocol engine. When these tests succeed, <a href="postscreen.8.html"><b>postscreen</b>(8)</a>
- adds the client to the temporary whitelist, but it cannot not hand off
- the "live" connection to a Postfix SMTP server process in the middle of
- a session. Instead, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> defers attempts to deliver mail with
- a 4XX status, and waits for the client to disconnect. When the client
+ adds the client to the temporary whitelist, but it cannot hand off the
+ "live" connection to a Postfix SMTP server process in the middle of a
+ session. Instead, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> defers attempts to deliver mail with a
+ 4XX status, and waits for the client to disconnect. When the client
connects again, <a href="postscreen.8.html"><b>postscreen</b>(8)</a> will allow the client to talk to a Post-
fix SMTP server process (provided that the whitelist status has not
expired). <a href="postscreen.8.html"><b>postscreen</b>(8)</a> mitigates the impact of this limitation by
: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
: ${PLUGIN_LD="${CC} -shared"}
;;
+ OpenBSD.6*) SYSTYPE=OPENBSD6
+ : ${CC=cc}
+ : ${SHLIB_SUFFIX=.so.1.0}
+ : ${SHLIB_CFLAGS=-fPIC}
+ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'}
+ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
+ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
+ : ${PLUGIN_LD="${CC} -shared"}
+ ;;
ekkoBSD.1*) SYSTYPE=EKKOBSD1
;;
NetBSD.1*) SYSTYPE=NETBSD1
.SH "SEE ALSO"
.na
.nf
-bounce(5), bounce template file format master(5), master.cf
-configuration file syntax postconf(5), main.cf configuration
-file syntax
+bounce(5), bounce template file format
+master(5), master.cf configuration file syntax
+postconf(5), main.cf configuration file syntax
.SH "README FILES"
.na
.nf
This is typically used as follows:
.sp
\fBpostfix tls all\-default\-client &&
- postfix tls enable\-tls\-client\fR
+ postfix tls enable\-client\fR
.IP "\fBall\-default\-server\fR"
Exit with status 0 (success) if all SMTP server TLS settings are
at their default values. Otherwise, exit with a non\-zero status.
This is typically used as follows:
.sp
\fBpostfix tls all\-default\-server &&
- postfix tls enable\-tls\-server\fR
+ postfix tls enable\-server\fR
.SH "CONFIGURATION PARAMETERS"
.na
.nf
header_checks = pcre:/etc/postfix/header_checks.pcre
/etc/postfix/header_checks.pcre:
- /^Content\-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
+ /^Content\-(Disposition|Type).*name\es*=\es*"?([^;]*(\e.|=2E)(
ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
hlp|ht[at]|
inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
The optional "after 220 server greeting" tests involve
\fBpostscreen\fR(8)'s built\-in SMTP protocol engine. When
these tests succeed, \fBpostscreen\fR(8) adds the client
-to the temporary whitelist, but it cannot not hand off the
+to the temporary whitelist, but it cannot hand off the
"live" connection to a Postfix SMTP server process in the
middle of a session. Instead, \fBpostscreen\fR(8) defers
attempts to deliver mail with a 4XX status, and waits for
.ad
.fi
The Secure Mailer license must be distributed with this software.
-.SH "HISTORY"
-.na
-.nf
+.SH HISTORY
+.ad
+.fi
.ad
.fi
This service was introduced with Postfix version 2.8.
# header_checks = pcre:/etc/postfix/header_checks.pcre
#
# /etc/postfix/header_checks.pcre:
-# /^Content-(Disposition|Type).*name\es*=\es*"?(.*(\e.|=2E)(
+# /^Content-(Disposition|Type).*name\es*=\es*"?([^;]*(\e.|=2E)(
# ade|adp|asp|bas|bat|chm|cmd|com|cpl|crt|dll|exe|
# hlp|ht[at]|
# inf|ins|isp|jse?|lnk|md[betw]|ms[cipt]|nws|
/*
* cleanup_addr.c.
*/
-extern void cleanup_addr_sender(CLEANUP_STATE *, const char *);
+extern off_t cleanup_addr_sender(CLEANUP_STATE *, const char *);
extern void cleanup_addr_recipient(CLEANUP_STATE *, const char *);
extern void cleanup_addr_bcc_dsn(CLEANUP_STATE *, const char *, const char *, int);
/* SYNOPSIS
/* #include <cleanup.h>
/*
-/* void cleanup_addr_sender(state, addr)
+/* off_t cleanup_addr_sender(state, addr)
/* CLEANUP_STATE *state;
/* const char *addr;
/*
/* sender/recipient auto bcc address generation.
/*
/* cleanup_addr_sender() processes sender envelope information and updates
-/* state->sender.
+/* state->sender. The result value is the offset of the record that
+/* follows the sender record if milters are enabled, otherwise zero.
/*
/* cleanup_addr_recipient() processes recipient envelope information
/* and updates state->recip.
/* Global library. */
#include <rec_type.h>
+#include <record.h>
#include <cleanup_user.h>
#include <mail_params.h>
#include <ext_prop.h>
/* cleanup_addr_sender - process envelope sender record */
-void cleanup_addr_sender(CLEANUP_STATE *state, const char *buf)
+off_t cleanup_addr_sender(CLEANUP_STATE *state, const char *buf)
{
+ const char myname[] = "cleanup_addr_sender";
VSTRING *clean_addr = vstring_alloc(100);
+ off_t after_sender_offs = 0;
const char *bcc;
+ size_t len;
/*
* Note: an unqualified envelope address is for all practical purposes
if (state->sender) /* XXX Can't happen */
myfree(state->sender);
state->sender = mystrdup(STR(clean_addr)); /* Used by Milter client */
+ /* Fix 20160310: Moved from cleanup_envelope.c. */
+ if (state->milters || cleanup_milters) {
+ /* Make room to replace sender. */
+ if ((len = LEN(clean_addr)) < REC_TYPE_PTR_PAYL_SIZE)
+ rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
+ /* Remember the after-sender record offset. */
+ if ((after_sender_offs = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ }
if ((state->flags & CLEANUP_FLAG_BCC_OK)
&& *STR(clean_addr)
&& cleanup_send_bcc_maps) {
}
}
vstring_free(clean_addr);
+ return after_sender_offs;
}
/* cleanup_addr_recipient - process envelope recipient */
return;
}
if (type == REC_TYPE_FROM) {
+ off_t after_sender_offs;
+
/* Allow only one instance. */
if (state->sender != 0) {
msg_warn("%s: message rejected: multiple envelope sender records",
if ((state->sender_pt_offset = vstream_ftell(state->dst)) < 0)
msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
}
- cleanup_addr_sender(state, buf);
+ after_sender_offs = cleanup_addr_sender(state, buf);
if (state->milters || cleanup_milters) {
- /* Make room to replace sender. */
- if ((len = strlen(state->sender)) < REC_TYPE_PTR_PAYL_SIZE)
- rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
/* Remember the after-sender record offset. */
- if ((state->sender_pt_target = vstream_ftell(state->dst)) < 0)
- msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ state->sender_pt_target = after_sender_offs;
}
if (cleanup_milters != 0
&& state->milters == 0
const char *myname = "cleanup_chg_from";
CLEANUP_STATE *state = (CLEANUP_STATE *) context;
off_t new_sender_offset;
+ off_t after_sender_offs;
int addr_count;
TOK822 *tree;
TOK822 *tp;
}
}
tok822_free_tree(tree);
- cleanup_addr_sender(state, STR(int_sender_buf));
+ after_sender_offs = cleanup_addr_sender(state, STR(int_sender_buf));
vstring_free(int_sender_buf);
cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
(long) state->sender_pt_target);
+ state->sender_pt_target = after_sender_offs;
/*
* Overwrite the original sender record with the pointer to the new
var_milt_head_checks = mystrdup(argv->argv[1]);
cleanup_milter_header_checks_init(state);
}
+ } else if (strcmp(argv->argv[0], "sender_bcc_maps") == 0) {
+ if (argv->argc != 2) {
+ msg_warn("bad sender_bcc_maps argument count: %ld",
+ (long) argv->argc);
+ } else {
+ if (cleanup_send_bcc_maps)
+ maps_free(cleanup_send_bcc_maps);
+ cleanup_send_bcc_maps =
+ maps_create("sender_bcc_maps", argv->argv[1],
+ DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
+ | DICT_FLAG_UTF8_REQUEST);
+ state->flags |= CLEANUP_FLAG_BCC_OK;
+ var_rcpt_delim = "";
+ }
} else {
msg_warn("bad command: %s", argv->argv[0]);
}
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20160224"
-#define MAIL_VERSION_NUMBER "3.1.0"
+#define MAIL_RELEASE_DATE "20160515"
+#define MAIL_VERSION_NUMBER "3.1.1"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
/* /etc/postfix/main.cf, Postfix configuration parameters
/* /etc/postfix/master.cf, Postfix master daemon configuration
/* SEE ALSO
-/* bounce(5), bounce template file format master(5), master.cf
-/* configuration file syntax postconf(5), main.cf configuration
-/* file syntax
+/* bounce(5), bounce template file format
+/* master(5), master.cf configuration file syntax
+/* postconf(5), main.cf configuration file syntax
/* README FILES
/* .ad
/* .fi
/* The optional "after 220 server greeting" tests involve
/* \fBpostscreen\fR(8)'s built-in SMTP protocol engine. When
/* these tests succeed, \fBpostscreen\fR(8) adds the client
-/* to the temporary whitelist, but it cannot not hand off the
+/* to the temporary whitelist, but it cannot hand off the
/* "live" connection to a Postfix SMTP server process in the
/* middle of a session. Instead, \fBpostscreen\fR(8) defers
/* attempts to deliver mail with a 4XX status, and waits for
|| defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
- || defined(OPENBSD5) \
+ || defined(OPENBSD5) || defined(OPENBSD6) \
|| defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
|| defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \
|| defined(NETBSD7) \
projects / thirdparty / postfix.git / commitdiff
