and virtual_xx_domains, and with local_recipient_maps and
the local delivery agent. File: smtpd/smtpd_check.c.
+20021209
+
+ The Postfix installation procedure no longer sets the
+ "chattr +S" bit on Linux queue directories. Wietse has
+ gotten too annoyed with naive reviewers who complain about
+ performance without having a clue of what they are comparing.
+
+ "Security": local_recipient_maps is now turned on by default,
+ to reject mail for non-existent users at the SMTP port.
+ See conf/main.cf for instructions, section REJECTING UNKNOWN
+ LOCAL USERS.
+
+ Safety: detection of missing or inaccessible passwd file
+ database, to prevent massive complaints from people who
+ suddenly lose all their mail because local_recipient_maps
+ is now turned on by default.
+
Open problems:
+ Low: after successful delivery, per-queue window += 1/window,
+ after failure, queue window -= 1 (Victor).
+
Low: revise other local delivery agent duplicate filters.
Low: all table lookups should consistently use internalized
virtual_mailbox_domains
Specifies the list of domains that should be delivered to the
- $virtual_transport delivery agent (default: virtual).
+ $virtual_transport delivery agent (default: virtual). As of
+ version 1.2, Postfix is smart enough that you don't have to
+ list every virtual domain in a Postfix transport map.
virtual_mailbox_maps
recipient is not found the mail is bounced.
In a lookup table, specify a left-hand side of @domain.tld to
- match any user in the specified domain that does not have a
- specific user@domain.tld entry. While searching a lookup table,
- an address extension (user+foo@domain.tld) is ignored.
+ match any user in the specified domain that does not have her
+ own user@domain.tld entry. While searching a lookup table, an
+ address extension (user+foo@domain.tld) is ignored.
If a recipient is not found the mail is returned to the sender.
- For security reasons, regular expression maps are allowed but
+ Regular expression maps are allowed. For security reasons,
regular expression substitution of $1 etc. is disallowed,
because that would open a security hole.
specific user@domain.tld entry. While searching a lookup table,
an address extension (user+foo@domain.tld) is ignored.
- For security reasons, regular expression maps are allowed but
+ Regular expression maps are allowed. For security reasons,
regular expression substitution of $1 etc. is disallowed,
because that would open a security hole.
specific user@domain.tld entry. While searching a lookup table,
an address extension (user+foo@domain.tld) is ignored.
- For security reasons, regular expression maps are allowed but
+ Regular expression maps are allowed. For security reasons,
regular expression substitution of $1 etc. is disallowed,
because that would open a security hole.
types.
/etc/postfix/main.cf:
- virtual_transport = virtual
- virtual_mailbox_base = /var/mail/vhosts
- virtual_mailbox_maps = hash:/etc/postfix/vmailbox
- virtual_minimum_uid = 100
- virtual_uid_maps = hash:/etc/postfix/vuid
- virtual_gid_maps = hash:/etc/postfix/vgid
-
# Don't send mail to the local delivery agent.
mydestination =
virtual_mailbox_domains =
$myhostname localhost.$mydomain virtual1.domain virtual2.domain
+ virtual_transport = virtual
+ virtual_mailbox_base = /var/mail/vhosts
+ virtual_mailbox_maps = hash:/etc/postfix/vmailbox
+ virtual_minimum_uid = 100
+ virtual_uid_maps = hash:/etc/postfix/vuid
+ virtual_gid_maps = hash:/etc/postfix/vgid
+
Define a virtual delivery agent if the entry doesn't already exist:
/etc/postfix/master.cf:
types.
/etc/postfix/main.cf:
+ # All domains and users delivered by the virtual local delivery agent.
+
virtual_transport = virtual
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
- # All domains that are delivered by the local delivery agent.
+ # All domains and users delivered by the local delivery agent.
+ # local_recipient_maps is used by the SMTP server to reject mail
+ # for unknown users.
+ local_transport = local
mydestination = $myhostname $localhost.$mydomain
-
- # Reject unknown local recipients at the SMTP port.
-
local_recipient_maps = unix:passwd.byname $alias_maps
Define a virtual delivery agent if the entry doesn't already exist:
(the user addresses) from the information that changes rarely (the
names of hosted domains).
-This example is the same as above, but it uses a separate table for
-specifying the virtual domain names.
+This example is the same as above, with co-existing local and
+virtual domains, but it uses a separate table for specifying the
+virtual domain names.
/etc/postfix/main.cf:
+ # All domains and users delivered by the virtual local delivery agent.
+
virtual_transport = virtual
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
- # All domains that are delivered by the local delivery agent.
+ # All domains and users delivered by the local delivery agent.
+ # local_recipient_maps is used by the SMTP server to reject mail
+ # for unknown users.
+ local_transport = local
mydestination = $myhostname $localhost.$mydomain
-
- # Reject unknown local recipients at the SMTP port.
-
local_recipient_maps = unix:passwd.byname $alias_maps
Define a virtual delivery agent if the entry doesn't already exist:
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
-Incompatible changes with Postfix snapshot 1.1.12-200212XX
+Incompatible changes with Postfix snapshot 1.1.12-20021209
==========================================================
-Postfix now uses the "relay" mail delivery transport for relayed
-mail (domains matching relay_domains). This may affect your
-defer_transports settings. The old "smtp" transport is now the
-default mail delivery transport for domains that do not match
-relay_domains or any local or virtual domain name.
+This release adds a new "relay" service to the Postfix master.cf
+file. If your Postfix is unable to connect to the "relay" service
+then you have not properly followed the installation procedure.
+
+The Postfix SMTP server now rejects mail for local recipients that
+it does not know about. For this to work correctly, you need to
+review the section titled "REJECTING UNKNOWN LOCAL USERS" in
+conf/main.cf if one of the following is true:
+
+- You run the Postfix SMTP server chrooted (see master.cf).
+- You redefined the local delivery agent in master.cf.
+- You redefined the "local_transport" setting in main.cf.
+- You use the mailbox_transport or fallback_transport feature
+ of the Postfix local delivery agent.
+
+Specify "local_recipient_maps =" (i.e. empty) to make the SMTP
+server accept mail for all known and unknown local recipients. You
+will be considered a bad network citizen, though.
+
+Postfix no longer defaults to the "smtp" transport for all non-local
+destinations. This may affect your defer_transports settings. In
+particular, Postfix now uses the "relay" mail delivery transport
+for domains matching $relay_domains. The old "smtp" transport is
+now the default mail delivery transport for non-local domains that
+do not match relay_domains.
The "virtual_maps" configuration parameter is now called
"virtual_alias_maps", for consistency with "virtual_mailbox_maps".
logs a warning and suggests using "reject_unauth_destination"
instead.
-Major changes with Postfix snapshot 1.1.11-200212XX
+The Postfix installation procedure no longer sets the "chattr +S"
+bit on Linux queue directories. Wietse has gotten too annoyed with
+naive reviewers who complain about performance without having a
+clue of what they are comparing.
+
+Major changes with Postfix snapshot 1.1.11-20021209
===================================================
This release introduces separation of lookup tables for addresses
- A lot of table lookups could be eliminated from the SMTP server's
mail relay control and unknown user blocking code.
-Better handling of unknown recipients. Each address domain class
-now has its own table with known recipients, so that you can reject
-mail for unknown addresses consistently.
+This release introduces better handling of unknown recipients. Each
+address domain class now has its own table with known recipients,
+so that you can reject mail for unknown addresses consistently.
Destination matches Recipients defined by Remarks
--------------------------------------------------------------
#mydestination = $myhostname, localhost.$mydomain, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
+# REJECTING UNKNOWN LOCAL USERS
+#
+# The local_recipient_maps parameter specifies optional lookup tables
+# with all names (not addresses) of users that are local with respect
+# to $mydestination and $inet_interfaces.
+#
+# If this parameter is defined, then the SMTP server will reject
+# mail for unknown local users. This parameter is defined by default.
+#
+# The default setting assumes that you use the default Postfix local
+# delivery agent for local delivery. You need to update the
+# local_recipient_maps setting if:
+#
+# - You redefined the local delivery agent in master.cf.
+#
+# - You redefined the "local_transport" setting in main.cf.
+#
+# - You use the mailbox_transport or fallback_transport feature
+# of the Postfix local delivery agent (see sample-local.cf).
+#
+# Beware: if the Postfix SMTP server runs chrooted, you may have to
+# copy the passwd (not shadow) database into the jail. This is
+# system dependent.
+#
+local_recipient_maps = unix:passwd.byname $alias_maps
+
# TRUST AND RELAY CONTROL
# The mynetworks parameter specifies the list of "trusted" SMTP
#
#relay_recipient_maps = hash:/etc/postfix/relay_recipients
-# REJECTING UNKNOWN LOCAL USERS
-#
-# The local_recipient_maps parameter specifies optional lookup tables
-# with all names (not addresses) of users that are local with respect
-# to $mydestination and $inet_interfaces. If this parameter is
-# defined, then the SMTP server will reject mail for unknown local
-# users.
-#
-# If you use the default Postfix local delivery agent for local
-# delivery, uncomment the definition below.
-#
-# Beware: if the Postfix SMTP server runs chrooted, you may have to
-# copy the passwd (not shadow) database into the jail. This is
-# system dependent.
-#
-#local_recipient_maps = $alias_maps unix:passwd.byname
-
# INPUT RATE CONTROL
#
# The in_flow_delay configuration parameter implements mail input
exit 1
}
-#
-# LINUX by default does not synchronously update directories -
-# that's dangerous for mail.
-#
-if [ -f /usr/bin/chattr ]
-then
- CHATTR="/usr/bin/chattr +S"
-else
- CHATTR=echo
-fi
-
case `uname -s` in
HP-UX*) FMT=cat;;
*) FMT=fmt;;
# :nexthop part is optional. For more details see the sample transports
# file.
#
+# Beware: if you override the default local delivery agent then you
+# also need to review the section "REJECTING UNKNOWN LOCAL USERS"
+# in the main.cf file, otherwise the SMTP server will reject mail.
+#
local_transport = lmtp:unix:/file/name
local_transport = local
# :nexthop part is optional. For more details see the sample transport
# configuration file.
#
+# Beware: if you use the mailbox_transport feature for users not in
+# /etc/passwd and /etc/aliases then you also need to review the
+# section "REJECTING UNKNOWN LOCAL USERS" in the main.cf file,
+# otherwise the SMTP server may reject mail incorrectly.
+#
#mailbox_transport = lmtp:unix:/file/name
#mailbox_transport = cyrus
mailbox_transport =
# :nexthop part is optional. For more details see the sample transport
# configuration file.
#
+# Beware: if you use the fallback_transport feature for users not in
+# /etc/passwd and /etc/aliases then you also need to review the
+# section "REJECTING UNKNOWN LOCAL USERS" in the main.cf file,
+# otherwise the SMTP server may reject mail incorrectly.
+#
#fallback_transport = lmtp:unix:/file/name
#fallback_transport = cyrus
fallback_transport =
<a name="content_filtering"><h3>Content filtering</h3>
-<ul>
-
-<li><a href="#scanning">Support for virus scanning</a>
-
</ul>
<a name="other_transports"><h3>Other transports: UUCP, FAX, etc.</h3>
<hr>
-<a name="scanning"><h3>Support for virus scanning</h3> </a>
-
-Would not it be great if operating systems and applications actually
-worked the way they are supposed to, instead of being as fragile
-as today's products? Well, we can solve only one problem at a time.
-
-<p>
-
-Currently, Postfix has no hooks to let other programs inspect every
-message, so the scanning has to be done before mail enters Postfix
-or while mail leaves Postfix, for example at mailbox delivery time.
-
-<p>
-
-Examples:
-
-<p>
-
-<pre>
- /etc/postfix/main.cf:
- mailbox_command = /some/program ...
-</pre>
-
-<p>
-
-This example specifies a command that delivers all local mail to
-mailbox. See the sample <b>main.cf</b> file for examples. In
-<b>/etc/aliases</b>, you must specify an alias for <b>root</b> that
-directs mail to a real person, otherwise mail sent to <b>root</b>
-will not work as expected.
-
-<p>
-
-<pre>
- /etc/postfix/main.cf:
- mailbox_transport = foo
-</pre>
-
-<p>
-
-This example delegates local mailbox delivery to the transport
-<i>foo</i> as configured in <b>/etc/postfix/master.cf</b>. If you
-follow this route you will build something around the pipe mailer.
-See examples in <b>master.cf</b>.
-
-<hr>
-
<a name="uucp-tcp"><h3>Using UUCP over TCP</h3>
This subject comes up whenever someone asks about a "domain in
tok822_resolve.c tok822_rewrite.c tok822_tree.c xtext.c bounce_log.c \
flush_clnt.c mail_conf_time.c mbox_conf.c mbox_open.c abounce.c \
verp_sender.c match_parent_style.c mime_state.c header_token.c \
- strip_addr.c virtual8_maps_find.c hold_message.c
+ strip_addr.c virtual8_maps.c hold_message.c
OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
debug_peer.o debug_process.o defer.o deliver_completed.o \
deliver_flock.o deliver_pass.o deliver_request.o domain_list.o \
tok822_resolve.o tok822_rewrite.o tok822_tree.o xtext.o bounce_log.o \
flush_clnt.o mail_conf_time.o mbox_conf.o mbox_open.o abounce.o \
verp_sender.o match_parent_style.o mime_state.o header_token.o \
- strip_addr.o virtual8_maps_find.o hold_message.o
+ strip_addr.o virtual8_maps.o hold_message.o
HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
config.h debug_peer.h debug_process.h defer.h deliver_completed.h \
deliver_flock.h deliver_pass.h deliver_request.h domain_list.h \
sys_exits.h timed_ipc.h tok822.h xtext.h bounce_log.h flush_clnt.h \
mbox_conf.h mbox_open.h abounce.h qmqp_proto.h verp_sender.h \
match_parent_style.h quote_flags.h mime_state.h header_token.h \
- lex_822.h strip_addr.h virtual8.h hold_message.h
+ lex_822.h strip_addr.h virtual8_maps.h hold_message.h
TESTSRC = rec2stream.c stream2rec.c recdump.c
WARN = -W -Wformat -Wimplicit -Wmissing-prototypes \
-Wparentheses -Wstrict-prototypes -Wswitch -Wuninitialized \
off_cvt quote_822_local rec2stream recdump resolve_clnt \
resolve_local rewrite_clnt stream2rec string_list tok822_parse \
quote_821_local mail_conf_time mime_state strip_addr \
- virtual8_maps_find
+ virtual8_maps
LIBS = ../../lib/libutil.a
LIB_DIR = ../../lib
$(CC) -DTEST $(CFLAGS) -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
mv junk $@.o
-virtual8_maps_find: $(LIB) $(LIBS)
+virtual8_maps: $(LIB) $(LIBS)
mv $@.o junk
$(CC) -DTEST $(CFLAGS) -o $@ $@.c $(LIB) $(LIBS) $(SYSLIBS)
mv junk $@.o
diff strip_addr.ref strip_addr.tmp
rm -f strip_addr.tmp
-virtual8_test: virtual8_maps_find virtual8_map virtual8.in virtual8.ref \
+virtual8_test: virtual8_maps virtual8_map virtual8.in virtual8.ref \
../postmap/postmap
../postmap/postmap hash:virtual8_map
- ./virtual8_maps_find <virtual8.in hash:virtual8_map >virtual8.tmp
+ ./virtual8_maps <virtual8.in hash:virtual8_map >virtual8.tmp
diff virtual8.ref virtual8.tmp
rm -f virtual8.tmp virtual8_map.db
verp_sender.o: ../../include/vbuf.h
verp_sender.o: mail_params.h
verp_sender.o: verp_sender.h
-virtual8_maps_find.o: virtual8_maps_find.c
-virtual8_maps_find.o: ../../include/sys_defs.h
-virtual8_maps_find.o: ../../include/msg.h
-virtual8_maps_find.o: ../../include/mymalloc.h
-virtual8_maps_find.o: maps.h
-virtual8_maps_find.o: ../../include/dict.h
-virtual8_maps_find.o: ../../include/vstream.h
-virtual8_maps_find.o: ../../include/vbuf.h
-virtual8_maps_find.o: ../../include/argv.h
-virtual8_maps_find.o: mail_params.h
-virtual8_maps_find.o: strip_addr.h
-virtual8_maps_find.o: virtual8.h
+virtual8_maps.o: virtual8_maps.c
+virtual8_maps.o: ../../include/sys_defs.h
+virtual8_maps.o: ../../include/msg.h
+virtual8_maps.o: ../../include/mymalloc.h
+virtual8_maps.o: maps.h
+virtual8_maps.o: ../../include/dict.h
+virtual8_maps.o: ../../include/vstream.h
+virtual8_maps.o: ../../include/vbuf.h
+virtual8_maps.o: ../../include/argv.h
+virtual8_maps.o: mail_params.h
+virtual8_maps.o: strip_addr.h
+virtual8_maps.o: virtual8_maps.h
xtext.o: xtext.c
xtext.o: ../../include/sys_defs.h
xtext.o: ../../include/vstream.h
* Heuristic to reject most unknown recipients at the SMTP port.
*/
#define VAR_LOCAL_RCPT_MAPS "local_recipient_maps"
-#define DEF_LOCAL_RCPT_MAPS ""
+#define DEF_LOCAL_RCPT_MAPS "unix:passwd.byname $alias_maps"
extern char *var_local_rcpt_maps;
/*
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20021208"
+#define MAIL_RELEASE_DATE "20021209"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "1.1.12-" MAIL_RELEASE_DATE
/*++
/* NAME
-/* virtual8_maps_find 3
+/* virtual8_maps 3
/* SUMMARY
/* virtual delivery agent map lookups
/* SYNOPSIS
-/* #include <virtual8.h>
+/* #include <virtual8_maps.h>
/*
/* MAPS *virtual8_maps_create(title, map_names, flags)
/* const char *title;
#include <maps.h>
#include <mail_params.h>
#include <strip_addr.h>
-#include <virtual8.h>
+#include <virtual8_maps.h>
/* Application-specific. */
-#ifndef _VIRTUAL8_H_INCLUDED_
-#define _VIRTUAL8_H_INCLUDED_
+#ifndef _VIRTUAL8_MAPS_H_INCLUDED_
+#define _VIRTUAL8_MAPS_H_INCLUDED_
/*++
/* NAME
-/* virtual8 3h
+/* virtual8_maps 3h
/* SUMMARY
/* virtual delivery agent compatibility
/* SYNOPSIS
-/* #include <virtual8.h>
+/* #include <virtual8_maps.h>
/* DESCRIPTION
/* .nf
resolve.o: ../../include/rewrite_clnt.h
resolve.o: ../../include/tok822.h
resolve.o: ../../include/mail_params.h
+resolve.o: ../../include/defer.h
+resolve.o: ../../include/bounce.h
resolve.o: local.h
resolve.o: ../../include/been_here.h
resolve.o: ../../include/deliver_request.h
smtpd_check.o: ../../include/mac_expand.h
smtpd_check.o: ../../include/mac_parse.h
smtpd_check.o: ../../include/dns.h
-smtpd_check.o: ../../include/namadr_list.h
+smtpd_check.o: ../../include/string_list.h
smtpd_check.o: ../../include/match_list.h
smtpd_check.o: ../../include/match_ops.h
+smtpd_check.o: ../../include/namadr_list.h
smtpd_check.o: ../../include/domain_list.h
smtpd_check.o: ../../include/mail_params.h
smtpd_check.o: ../../include/canon_addr.h
smtpd_check.o: ../../include/mail_addr_find.h
smtpd_check.o: ../../include/match_parent_style.h
smtpd_check.o: ../../include/strip_addr.h
-smtpd_check.o: ../../include/virtual8.h
+smtpd_check.o: ../../include/virtual8_maps.h
smtpd_check.o: ../../include/cleanup_user.h
smtpd_check.o: ../../include/record.h
smtpd_check.o: ../../include/rec_type.h
#include <mail_addr_find.h>
#include <match_parent_style.h>
#include <strip_addr.h>
-#include <virtual8.h>
+#include <virtual8_maps.h>
#include <cleanup_user.h>
#include <record.h>
#include <rec_type.h>
if ((domain = strrchr(CONST_STR(reply->recipient), '@')) == 0)
return (SMTPD_CHECK_OK);
domain += 1;
+ if (reply->flags & RESOLVE_CLASS_LOCAL)
+ return (SMTPD_CHECK_OK);
/*
* Skip source-routed non-local or virtual mail (uncertain destination).
* Reject mail to unknown addresses in local domains (domains that match
* $mydestination or $inet_interfaces).
*
- * XXX For now, we throw up our hands when a transport mapping overrides the
- * default local delivery transport.
- *
* XXX Use the less expensive maps_find() (case is already folded) instead
* of the baroque mail_addr_find(). But then we have to strip the domain
* and deal with address extensions ourselves.
+ *
+ * XXX But that would break sites that use the virtual delivery agent for
+ * local delivery, because the virtual delivery agent requires
+ * user@domain style addresses in its user database.
*/
if ((reply->flags & RESOLVE_CLASS_LOCAL)
&& *var_local_rcpt_maps
+#if 0
&& strcmp(STR(reply->transport), var_local_transport) == 0
+#endif
&& NOMATCH(local_rcpt_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
/*
* Reject mail to unknown addresses in virtual mailbox domains.
- *
- * XXX For now, we throw up our hands when a transport mapping overrides the
- * default virtual delivery transport.
*/
if ((reply->flags & RESOLVE_CLASS_VIRTUAL)
+#if 0
&& strcmp(STR(reply->transport), var_virt_transport) == 0
+#endif
&& NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
/*
* Reject mail to unknown addresses in relay domains.
- *
- * XXX For now, we throw up our hands when a transport mapping overrides the
- * default relay transport.
*/
if ((reply->flags & RESOLVE_CLASS_RELAY)
&& *var_relay_rcpt_maps
+#if 0
&& strcmp(STR(reply->transport), var_relay_transport) == 0
+#endif
&& NOMATCH(relay_rcpt_maps, CONST_STR(reply->recipient))) {
(void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
"%d <%s>: User unknown", 550, recipient);
resolve.o: ../../include/vstring_vstream.h
resolve.o: ../../include/split_at.h
resolve.o: ../../include/valid_hostname.h
+resolve.o: ../../include/stringops.h
resolve.o: ../../include/mail_params.h
resolve.o: ../../include/mail_proto.h
resolve.o: ../../include/iostuff.h
resolve.o: ../../include/quote_flags.h
resolve.o: ../../include/tok822.h
resolve.o: ../../include/resolve_clnt.h
+resolve.o: ../../include/domain_list.h
+resolve.o: ../../include/match_list.h
+resolve.o: ../../include/match_ops.h
+resolve.o: ../../include/string_list.h
+resolve.o: ../../include/match_parent_style.h
+resolve.o: ../../include/maps.h
+resolve.o: ../../include/dict.h
+resolve.o: ../../include/argv.h
+resolve.o: ../../include/mail_addr_find.h
resolve.o: trivial-rewrite.h
resolve.o: transport.h
rewrite.o: rewrite.c
TOK822 *domain = 0;
char *destination;
const char *blame = 0;
+ const char *rcpt_domain;
*flags = 0;
*
* With virtual, relay, or other non-local destinations, give the highest
* precedence to delivery transport associated next-hop information.
+ *
+ * XXX Nag if the domain is listed in multiple domain lists. The effect is
+ * implementation defined, and may break when internals change.
*/
dict_errno = 0;
if (domain != 0) {
*flags |= RESOLVE_FLAG_ERROR;
if (virt_alias_doms
&& string_list_match(virt_alias_doms, STR(nexthop))) {
+ if (virt_mailbox_doms
+ && string_list_match(virt_mailbox_doms, STR(nexthop)))
+ msg_warn("do not list domain %s in BOTH %s and %s",
+ STR(nexthop), VAR_VIRT_ALIAS_DOMS, VAR_VIRT_MAILBOX_DOMS);
vstring_strcpy(channel, var_error_transport);
vstring_strcpy(nexthop, "User unknown");
blame = VAR_ERROR_TRANSPORT;
/*
* Local delivery. Set up the default local transport and the default
* next-hop hostname (myself).
+ *
+ * XXX Nag if the domain is listed in multiple domain lists. The effect is
+ * implementation defined, and may break when internals change.
*/
else {
+ if ((rcpt_domain = strrchr(STR(nextrcpt), '@')) != 0) {
+ rcpt_domain++;
+ if (virt_alias_doms
+ && string_list_match(virt_alias_doms, rcpt_domain))
+ msg_warn("do not list domain %s in BOTH %s and %s",
+ rcpt_domain, VAR_MYDEST, VAR_VIRT_ALIAS_DOMS);
+ if (virt_mailbox_doms
+ && string_list_match(virt_mailbox_doms, rcpt_domain))
+ msg_warn("do not list domain %s in BOTH %s and %s",
+ rcpt_domain, VAR_MYDEST, VAR_VIRT_MAILBOX_DOMS);
+ }
vstring_strcpy(channel, var_local_transport);
blame = VAR_LOCAL_TRANSPORT;
if ((destination = split_at(STR(channel), ':')) == 0
#include "sys_defs.h"
#include <unistd.h>
+#include <errno.h>
#include <string.h>
#include <pwd.h>
#include <grp.h>
{
struct passwd *pwd;
static VSTRING *buf;
+ static int sanity_checked;
dict_errno = 0;
if ((pwd = getpwnam(key)) == 0) {
+ if (sanity_checked == 0) {
+ sanity_checked = 1;
+ errno = 0;
+ if (getpwuid(0) == 0) {
+ msg_warn("cannot access UNIX passwd file info: %m");
+ dict_errno = DICT_ERR_RETRY;
+ }
+ }
return (0);
} else {
if (buf == 0)
buf = vstring_alloc(10);
+ sanity_checked = 1;
vstring_sprintf(buf, "%s:%s:%ld:%ld:%s:%s:%s",
pwd->pw_name, pwd->pw_passwd, (long) pwd->pw_uid,
(long) pwd->pw_gid, pwd->pw_gecos, pwd->pw_dir,
struct group *grp;
static VSTRING *buf;
char **cpp;
+ static int sanity_checked;
dict_errno = 0;
if ((grp = getgrnam(key)) == 0) {
+ if (sanity_checked == 0) {
+ sanity_checked = 1;
+ errno = 0;
+ if (getgrgid(0) == 0) {
+ msg_warn("cannot access UNIX group file info: %m");
+ dict_errno = DICT_ERR_RETRY;
+ }
+ }
return (0);
} else {
if (buf == 0)
buf = vstring_alloc(10);
+ sanity_checked = 1;
vstring_sprintf(buf, "%s:%s:%ld:",
grp->gr_name, grp->gr_passwd, (long) grp->gr_gid);
for (cpp = grp->gr_mem; *cpp; cpp++) {
dict_unix->dict.lookup = lp->lookup;
dict_unix->dict.close = dict_unix_close;
dict_unix->dict.flags = dict_flags | DICT_FLAG_FIXED;
- return (DICT_DEBUG(&dict_unix->dict));
+ return (DICT_DEBUG (&dict_unix->dict));
}
mailbox.o: ../../include/bounce.h
mailbox.o: ../../include/sent.h
mailbox.o: ../../include/mail_params.h
-mailbox.o: ../../include/virtual8.h
+mailbox.o: ../../include/virtual8_maps.h
mailbox.o: ../../include/maps.h
mailbox.o: ../../include/dict.h
mailbox.o: ../../include/argv.h
virtual.o: ../../include/deliver_completed.h
virtual.o: ../../include/mail_params.h
virtual.o: ../../include/mail_conf.h
-virtual.o: ../../include/virtual8.h
+virtual.o: ../../include/virtual8_maps.h
virtual.o: ../../include/maps.h
virtual.o: ../../include/mail_server.h
virtual.o: virtual.h
#include <defer.h>
#include <sent.h>
#include <mail_params.h>
-#include <virtual8.h>
+#include <virtual8_maps.h>
#ifndef EDQUOT
#define EDQUOT EFBIG
#include <mail_params.h>
#include <mail_conf.h>
#include <mail_params.h>
-#include <virtual8.h>
+#include <virtual8_maps.h>
/* Single server skeleton. */
VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
VAR_VIRT_UID_MAPS, DEF_VIRT_UID_MAPS, &var_virt_uid_maps, 0, 0,
VAR_VIRT_GID_MAPS, DEF_VIRT_GID_MAPS, &var_virt_gid_maps, 0, 0,
- VAR_VIRT_MAILBOX_BASE, DEF_VIRT_MAILBOX_BASE, &var_virt_mailbox_base, 0, 0,
+ VAR_VIRT_MAILBOX_BASE, DEF_VIRT_MAILBOX_BASE, &var_virt_mailbox_base, 1, 0,
VAR_VIRT_MAILBOX_LOCK, DEF_VIRT_MAILBOX_LOCK, &var_virt_mailbox_lock, 1, 0,
0,
};
projects / thirdparty / postfix.git / commitdiff
