Bitrot: non-functional code changes to silence compiler
errors/warnings. File: milter/test-milter.c.
+
+20251208
+
+ Improved Milter error handling for messages that arrive
+ over a long-lived SMTP connection, by changing the default
+ milter_default_action from "tempfail" to the new "shutdown"
+ action (i.e. disconnect the remote SMTP client).
+
+ The problem was that after a single Milter error, Postfix
+ could tempfail all messages that the client sends over a
+ long-lived connection, even if the Milter error was only
+ temporary. This problem was reported by Ankit Kulkarni.
+
+ Files: proto/postconf.proto global/mail_params.h milter/milter8.c.
</DD>
<DT><b><a name="milter_default_action">milter_default_action</a>
-(default: tempfail)</b></DT><DD>
+(default: Postfix ≥ 3.11: shutdown; Postfix < 3.11: tempfail)</b></DT><DD>
<p> The default action when a Milter (mail filter) response is
unavailable (for example, bad Postfix configuration or Milter
<dt>tempfail</dt> <dd>Reject all further commands in this session
with a temporary status code. </dd>
+<dt>shutdown</dt> <dd>Close the SMTP connection after sending a 421
+SMTP reply. Available in Postfix 3.11 and later. </dd>
+
<dt>quarantine</dt> <dd>Like "accept", but freeze the message in
the "<a href="QSHAPE_README.html#hold_queue">hold" queue</a>. Available with Postfix 2.6 and later. </dd>
</dl>
+<p> The default action was "tempfail" with Postfix 3.10 and earlier.
+</p>
+
+<p> The default action is "shutdown" with Postfix 3.11 and later,
+i.e. disconnect the SMTP client. With the old default, Postfix could
+tempfail all messages that the client sends over a long-lived
+connection, even if a Milter failure is only temporary. </p>
+
<p> This feature is available in Postfix 2.3 and later. </p>
for a list of available macro names and their meanings.
.PP
This feature is available in Postfix 2.3 and later.
-.SH milter_default_action (default: tempfail)
+.SH milter_default_action (default: Postfix >= 3.11: shutdown; Postfix < 3.11: tempfail)
The default action when a Milter (mail filter) response is
unavailable (for example, bad Postfix configuration or Milter
failure). Specify one of the following:
Reject all further commands in this session
with a temporary status code.
.br
+.IP "shutdown"
+Close the SMTP connection after sending a 421
+SMTP reply. Available in Postfix 3.11 and later.
+.br
.IP "quarantine"
Like "accept", but freeze the message in
the "hold" queue. Available with Postfix 2.6 and later.
.br
.br
.PP
+The default action was "tempfail" with Postfix 3.10 and earlier.
+.PP
+The default action is "shutdown" with Postfix 3.11 and later,
+i.e. disconnect the SMTP client. With the old default, Postfix could
+tempfail all messages that the client sends over a long\-lived
+connection, even if a Milter failure is only temporary.
+.PP
This feature is available in Postfix 2.3 and later.
.SH milter_end_of_data_macros (default: see "postconf \-d" output)
The macros that are sent to Milter (mail filter) applications
<p> This feature is available in Postfix 2.3 and later. </p>
-%PARAM milter_default_action tempfail
+%PARAM milter_default_action Postfix ≥ 3.11: shutdown; Postfix < 3.11: tempfail
<p> The default action when a Milter (mail filter) response is
unavailable (for example, bad Postfix configuration or Milter
<dt>tempfail</dt> <dd>Reject all further commands in this session
with a temporary status code. </dd>
+<dt>shutdown</dt> <dd>Close the SMTP connection after sending a 421
+SMTP reply. Available in Postfix 3.11 and later. </dd>
+
<dt>quarantine</dt> <dd>Like "accept", but freeze the message in
the "hold" queue. Available with Postfix 2.6 and later. </dd>
</dl>
+<p> The default action was "tempfail" with Postfix 3.10 and earlier.
+</p>
+
+<p> The default action is "shutdown" with Postfix 3.11 and later,
+i.e. disconnect the SMTP client. With the old default, Postfix could
+tempfail all messages that the client sends over a long-lived
+connection, even if a Milter failure is only temporary. </p>
+
<p> This feature is available in Postfix 2.3 and later. </p>
%PARAM milter_connect_timeout 30s
extern char *var_cleanup_milters;
#define VAR_MILT_DEF_ACTION "milter_default_action"
-#define DEF_MILT_DEF_ACTION "tempfail"
+#define DEF_MILT_DEF_ACTION "shutdown"
extern char *var_milt_def_action;
#define VAR_MILT_CONN_MACROS "milter_connect_macros"
#define DEF_MILT_PROTOCOL "6"
extern char *var_milt_protocol;
-#define VAR_MILT_DEF_ACTION "milter_default_action"
-#define DEF_MILT_DEF_ACTION "tempfail"
-extern char *var_milt_def_action;
-
#define VAR_MILT_DAEMON_NAME "milter_macro_daemon_name"
#define DEF_MILT_DAEMON_NAME "$" VAR_MYHOSTNAME
extern char *var_milt_daemon_name;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20251205"
+#define MAIL_RELEASE_DATE "20251208"
#define MAIL_VERSION_NUMBER "3.11"
#ifdef SNAPSHOT
}
if (strcasecmp(milter->def_action, "accept") == 0) {
reply = 0;
+ } else if (strcasecmp(milter->def_action, "shutdown") == 0) {
+ reply = "421 4.3.5 Server configuration problem - try again later";
} else if (strcasecmp(milter->def_action, "quarantine") == 0) {
reply = "Hdefault_action";
} else {
reply = "550 5.5.0 Service unavailable";
} else if (strcasecmp(milter->def_action, "tempfail") == 0) {
reply = "451 4.7.1 Service unavailable - try again later";
+ } else if (strcasecmp(milter->def_action, "shutdown") == 0) {
+ reply = "421 Service unavailable - try again later";
} else if (strcasecmp(milter->def_action, "quarantine") == 0) {
reply = "Hdefault_action";
} else {
projects / thirdparty / postfix.git / commitdiff
