src/smtpd/smtpd_check.c, src/trivial-rewrite/transport.c,
src/trivial-rewrite/trivial-rewrite.c.
+20130409
+
+ Documentation: pointers to other actions under "ACCEPT
+ ACTIONS" and "REJECT ACTIONS". File: proto/access.
+
+20130410
+
+ Cleanup: more uniform permutation in dns_rr() by Victor
+ Duchovni & Son. File: dns/dns_rr.c.
+
+20130411
+
+ Documentation: clarified text about result formats. Files:
+ proto/canonical, proto/virtual.
+
+20130423
+
+ Bugfix (introduced: Postfix 2.0): when myhostname is not
+ listed in mydestination, the trivial-rewrite resolver may
+ log "do not list <myhostname value> in both mydestination
+ and <name of non-mydestination domain list>". The fix is
+ to re-resolve a domain-less address after adding $myhostname
+ as the surrogate domain, so that it pops out with the right
+ address-class label. Problem reported by Quanah Gibson-Mount.
+ File: trivial-rewrite/resolve.c.
+
20130512
Feature: allow an SMTP client to skip postscreen(8) tests
postscreen/postscreen.c, postscreen/postscreen.h,
postscreen/postscreen_early.c, postscreen/postscreen_state.c,
postscreen/postscreen_tests.c.
+
+20130513
+
+ Bugfix (introduced: 20130512): postscreen logged no "PASS
+ NEW" event when the pregreet tests were turned off and the
+ postscreen_dnsbl_whitelist_treshold feature was turned on.
+ Reported by Rob McGee (/dev/rob0). Files: postscreen/postscreen.h,
+ postscreen/postscreen_early.c.
+
+ Bugfix (introduced: 20130512): postscreen panic because the
+ logic for dnsbl result retrieval was changed. Reported by
+ Noel Jones. File: postscreen/postscreen_early.c.
# mat is generated by address-based relay authoriza-
# tion schemes such as pop-before-smtp.
#
+# For other accept actions, see "OTHER ACTIONS" below.
+#
# REJECT ACTIONS
# Postfix version 2.3 and later support enhanced status
# codes as defined in RFC 3463. When no code is specified
#
# This feature is available in Postfix 2.1 and later.
#
+# For other reject actions, see "OTHER ACTIONS" below.
+#
# OTHER ACTIONS
# restriction...
# Apply the named UCE restriction(s) (permit, reject,
# TABLE FORMAT
# The input format for the postmap(1) command is as follows:
#
-# pattern result
+# pattern address
# When pattern matches a mail address, replace it by
-# the corresponding result.
+# the corresponding address.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# TABLE FORMAT
# The input format for the postmap(1) command is as follows:
#
-# pattern result
+# pattern address, address, ...
# When pattern matches a mail address, replace it by
-# the corresponding result.
+# the corresponding address.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
mat is generated by address-based relay authoriza-
tion schemes such as pop-before-smtp.
+ For other accept actions, see "OTHER ACTIONS" below.
+
<b>REJECT ACTIONS</b>
Postfix version 2.3 and later support enhanced status
codes as defined in <a href="http://tools.ietf.org/html/rfc3463">RFC 3463</a>. When no code is specified
This feature is available in Postfix 2.1 and later.
+ For other reject actions, see "OTHER ACTIONS" below.
+
<b>OTHER ACTIONS</b>
<i>restriction...</i>
Apply the named UCE restriction(s) (<b>permit</b>, <b>reject</b>,
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> configuration parameter spec-
ifies a non-empty value. To get the behavior before Post-
fix 2.2, specify "<a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> =
- static:all".
+ <a href="DATABASE_README.html#types">static</a>:all".
Typically, one would use the <a href="canonical.5.html"><b>canonical</b>(5)</a> table to replace
login names by <i>Firstname.Lastname</i>, or to clean up
<b>TABLE FORMAT</b>
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
- <i>pattern result</i>
+ <i>pattern address</i>
When <i>pattern</i> matches a mail address, replace it by
- the corresponding <i>result</i>.
+ the corresponding <i>address</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
# Use .forward for mail without address extension, and for mail with
# an unrecognized address extension.
<a href="postconf.5.html#forward_path">forward_path</a> = $home/.forward${<a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>}${extension},
- $home/.forward,
+ $home/.forward
</pre>
<b>TABLE FORMAT</b>
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
- <i>pattern result</i>
+ <i>pattern address, address, ...</i>
When <i>pattern</i> matches a mail address, replace it by
- the corresponding <i>result</i>.
+ the corresponding <i>address</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored,
An all-numerical result is treated as OK. This format is
generated by address-based relay authorization schemes
such as pop-before-smtp.
+.PP
+For other accept actions, see "OTHER ACTIONS" below.
.SH "REJECT ACTIONS"
.na
.nf
Prior to Postfix 2.6, the SMTP reply code is 450.
.sp
This feature is available in Postfix 2.1 and later.
+.PP
+For other reject actions, see "OTHER ACTIONS" below.
.SH "OTHER ACTIONS"
.na
.nf
.ad
.fi
The input format for the \fBpostmap\fR(1) command is as follows:
-.IP "\fIpattern result\fR"
+.IP "\fIpattern address\fR"
When \fIpattern\fR matches a mail address, replace it by the
-corresponding \fIresult\fR.
+corresponding \fIaddress\fR.
.IP "blank lines and comments"
Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.
# Use .forward for mail without address extension, and for mail with
# an unrecognized address extension.
forward_path = $home/.forward${recipient_delimiter}${extension},
- $home/.forward,
+ $home/.forward
.fi
.ad
.ft R
.ad
.fi
The input format for the \fBpostmap\fR(1) command is as follows:
-.IP "\fIpattern result\fR"
+.IP "\fIpattern address, address, ...\fR"
When \fIpattern\fR matches a mail address, replace it by the
-corresponding \fIresult\fR.
+corresponding \fIaddress\fR.
.IP "blank lines and comments"
Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.
# An all-numerical result is treated as OK. This format is
# generated by address-based relay authorization schemes
# such as pop-before-smtp.
+# .PP
+# For other accept actions, see "OTHER ACTIONS" below.
# REJECT ACTIONS
# .ad
# .fi
# Prior to Postfix 2.6, the SMTP reply code is 450.
# .sp
# This feature is available in Postfix 2.1 and later.
+# .PP
+# For other reject actions, see "OTHER ACTIONS" below.
# OTHER ACTIONS
# .ad
# .fi
# .ad
# .fi
# The input format for the \fBpostmap\fR(1) command is as follows:
-# .IP "\fIpattern result\fR"
+# .IP "\fIpattern address\fR"
# When \fIpattern\fR matches a mail address, replace it by the
-# corresponding \fIresult\fR.
+# corresponding \fIaddress\fR.
# .IP "blank lines and comments"
# Empty lines and whitespace-only lines are ignored, as
# are lines whose first non-whitespace character is a `#'.
# Use .forward for mail without address extension, and for mail with
# an unrecognized address extension.
forward_path = $home/.forward${recipient_delimiter}${extension},
- $home/.forward,
+ $home/.forward
</pre>
%PARAM reject_code 554
# .ad
# .fi
# The input format for the \fBpostmap\fR(1) command is as follows:
-# .IP "\fIpattern result\fR"
+# .IP "\fIpattern address, address, ...\fR"
# When \fIpattern\fR matches a mail address, replace it by the
-# corresponding \fIresult\fR.
+# corresponding \fIaddress\fR.
# .IP "blank lines and comments"
# Empty lines and whitespace-only lines are ignored, as
# are lines whose first non-whitespace character is a `#'.
rr_array[len] = rr;
/*
- * Shuffle resource records.
+ * Shuffle resource records. Every element has an equal chance of landing
+ * in slot 0. After that every remaining element has an equal chance of
+ * landing in slot 1, ... This is exactly n! states for n! permutations.
*/
- for (i = 0; i < len; i++) {
- r = myrand() % len;
+ for (i = 0; i < len - 1; i++) {
+ r = i + (myrand() % (len - i)); /* Victor&Son */
rr = rr_array[i];
rr_array[i] = rr_array[r];
rr_array[r] = rr;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20130512"
+#define MAIL_RELEASE_DATE "20130513"
#define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT
VSTRING *buffer = vstring_alloc(1);
while (vstring_fgets_nonl(buffer, VSTREAM_IN)) {
- if ((addr = split_at(STR(buffer), ' ')) == 0 || *STR(buffer) == 0)
- msg_fatal("need as input: class address");
+ addr = split_at(STR(buffer), ' ');
+ if (*STR(buffer) == 0)
+ msg_fatal("need as input: class [address]");
+ if (addr == 0)
+ addr = "";
resolve(STR(buffer), addr, &reply);
}
vstring_free(buffer);
#define PSC_STATE_MASK_BARLF_TODO_SKIP \
(PSC_STATE_FLAG_BARLF_TODO | PSC_STATE_FLAG_BARLF_SKIP)
+#define PSC_STATE_MASK_PREGR_FAIL_DONE \
+ (PSC_STATE_FLAG_PREGR_FAIL | PSC_STATE_FLAG_PREGR_DONE)
+
#define PSC_STATE_MASK_PIPEL_TODO_PASS_FAIL \
(PSC_STATE_MASK_PIPEL_TODO_FAIL | PSC_STATE_FLAG_PIPEL_PASS)
#define PSC_STATE_MASK_NSMTP_TODO_PASS_FAIL \
/*
* Check if the SMTP client spoke before its turn.
*/
- if ((state->flags & PSC_STATE_MASK_PREGR_TODO_FAIL)
- == (state->flags & PSC_STATE_MASK_PREGR_TODO_DONE)) {
+ if ((state->flags & PSC_STATE_FLAG_PREGR_TODO) != 0
+ && (state->flags & PSC_STATE_MASK_PREGR_FAIL_DONE) == 0) {
state->pregr_stamp = event_time() + var_psc_pregr_ttl;
PSC_PASS_SESSION_STATE(state, "pregreet test",
PSC_STATE_FLAG_PREGR_PASS);
if ((read_count = recv(vstream_fileno(state->smtp_client_stream),
read_buf, sizeof(read_buf) - 1, MSG_PEEK)) <= 0) {
/* Avoid memory leak. */
- if (state->flags & PSC_STATE_FLAG_DNSBL_TODO)
+ if (state->dnsbl_score == NO_DNSBL_SCORE
+ && (state->flags & PSC_STATE_FLAG_DNSBL_TODO))
(void) psc_dnsbl_retrieve(state->smtp_client_addr,
&state->dnsbl_name,
state->dnsbl_index);
switch (psc_pregr_action) {
case PSC_ACT_DROP:
/* Avoid memory leak. */
- if (state->flags & PSC_STATE_FLAG_DNSBL_TODO)
+ if (state->dnsbl_score == NO_DNSBL_SCORE
+ && (state->flags & PSC_STATE_FLAG_DNSBL_TODO))
(void) psc_dnsbl_retrieve(state->smtp_client_addr,
&state->dnsbl_name,
state->dnsbl_index);
/* int expect;
/* const char *format;
/*
-/* void smtpd_proxy_disconnect(state)
-/* SMTPD_STATE *state;
-/*
/* void smtpd_proxy_free(state)
/* SMTPD_STATE *state;
/*
/* In case of error, proxy->cmd() updates the state->error_mask
/* and state->err fields.
/*
-/* smtpd_proxy_disconnect() disconnects from a proxy server.
-/* The last proxy server reply or error description remains
-/* available via the proxy->buffer field.
-/*
/* smtpd_proxy_free() destroys a proxy server handle and resets
/* the state->proxy field.
/*
tok822_free(tree->head);
tree->head = 0;
}
- /* XXX must be localpart only, not user@domain form. */
- if (tree->head == 0)
+ /* XXX Re-resolve the surrogate, in case already in user@domain form. */
+ if (tree->head == 0) {
tree->head = tok822_scan(var_empty_addr, &tree->tail);
+ continue;
+ }
+
+ /* XXX Re-resolve with @$myhostname for backwards compatibility. */
+ if (domain == 0 && saved_domain == 0) {
+ tok822_sub_append(tree, tok822_alloc('@', (char *) 0));
+ tok822_sub_append(tree, tok822_scan(var_myhostname, (TOK822 **) 0));
+ continue;
+ }
/*
* We're done. There are no domains left to strip off the address,
/* int true_res;
/* int false_res;
/* DESCRIPTION
-/* The functions in this module are macros that provide a
-/* convenient interface to poll_fd().
+/* The read*() and write*() functions in this module are macros
+/* that provide a convenient interface to poll_fd().
/*
/* readable() asks the kernel if the specified file descriptor
/* is readable, i.e. a read operation would not block.
/* it is false. They never return an error indication.
/*
/* read_wait() and write_wait() return zero when the requested
-/* POLL_FD_READ or POLL_FD_WRITE condition is true, -1 with
-/* errno set to ETIMEDOUT when it is false.
+/* POLL_FD_READ or POLL_FD_WRITE condition is true, -1 (with
+/* errno set to ETIMEDOUT) when it is false.
/*
/* poll_fd() returns true_res when the requested POLL_FD_READ
/* or POLL_FD_WRITE condition is true, false_res when it is
projects / thirdparty / postfix.git / commitdiff
