types and to the proxymap protocol, which is too much change
for a stable release. Files: postalias/postalias.c,
util/dict_db.c, util/dict_dbm.c, util/dict_cdb.c.
+
+20070112
+
+ Bugfix (introduced 20011008): after return from a nested
+ access restriction, possible longjump into exited stack
+ frame upon configuration error or table lookup error. Victor
+ Duchovni. Files: smtpd/smtpd_check.c.
+
+ Workaround: don't insert header/body blank line separator
+ in malformed attachments, to avoid breaking digital signatures.
+ Switch from header to body state, for robust MIME parsing.
+ People concerned about MIME evasion can use a MIME normalizer
+ to corrupt their user's legitimate email. File:
+ global/mime_state.c.
Warning: you still need to edit myorigin/mydestination/mynetworks
parameter settings in $config_directory/main.cf.
- See also http://www.postfix.org/faq.html for information about
- dialup sites or about sites inside a firewalled network.
+ See also http://www.postfix.org/STANDARD_CONFIGURATION_README.html
+ for information about dialup sites or about sites inside a
+ firewalled network.
BTW: Check your $ALIASES file and be sure to set up aliases
that send mail for root and postmaster to a real person, then
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20070104"
-#define MAIL_VERSION_NUMBER "2.3.7-RC1"
+#define MAIL_RELEASE_DATE "20070113"
+#define MAIL_VERSION_NUMBER "2.3.7-RC2"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
/* .IP state
/* MIME parser state created with mime_state_alloc().
/* BUGS
+/* NOTE: when the end of headers is reached, mime_state_update()
+/* may execute up to three call-backs before returning to the
+/* caller: head_out(), head_end(), and body_out() or body_end().
+/* As long as call-backs return no result, it is up to the
+/* call-back routines to check if a previous call-back experienced
+/* an error.
+/*
/* Different mail user agents treat malformed message boundary
/* strings in different ways. The Postfix MIME processor cannot
/* be bug-compatible with everything.
/*
* Invalid input. Force output of one blank line and jump to the
* body state, leaving all other state alone.
+ *
+ * We don't break legitimate mail by inserting a blank line
+ * separator between primary headers and a non-empty body. Many
+ * MTA's don't even record the presence or absence of this
+ * separator, nor does the Milter protocol pass it on to Milter
+ * applications.
+ *
+ * XXX We don't insert a blank line separator with attachments, as
+ * this breaks digital signatures. Postfix shall not do a worse
+ * mail delivery job than crappy MTAs that can't even parse MIME.
+ * But we switch to the body state anyway.
+ *
+ * People who worry about MIME evasion can use a MIME normalizer,
+ * and knowlingly corrupt legitimate email for their users.
+ * Postfix has a different mission.
*/
else {
+ if (msg_verbose)
+ msg_info("garbage in %s header",
+ state->curr_state == MIME_STATE_MULTIPART ? "multipart" :
+ state->curr_state == MIME_STATE_PRIMARY ? "primary" :
+ state->curr_state == MIME_STATE_NESTED ? "nested" :
+ "other");
+ if (state->curr_state == MIME_STATE_PRIMARY)
+ BODY_OUT(state, REC_TYPE_NORM, "", 0);
SET_CURR_STATE(state, MIME_STATE_BODY);
- BODY_OUT(state, REC_TYPE_NORM, "", 0);
}
}
reply_class, def_acl);
}
argv_free(restrictions);
+ memcpy(ADDROF(smtpd_check_buf), ADDROF(savebuf), sizeof(smtpd_check_buf));
return (status);
}
{
if (msg_vprintf_lock == 0) {
msg_vprintf_lock = 1;
+ /* On-the-fly initialization for debugging test programs only. */
+ if (msg_output_fn_count == 0)
+ msg_vstream_init("unknown", VSTREAM_ERR);
/* OK if terminating signal handler hijacks control before next stmt. */
vstring_vsprintf(msg_buffer, percentm(format, errno), ap);
msg_text(level, vstring_str(msg_buffer));
projects / thirdparty / postfix.git / commitdiff
