aliases yes (can enable/disable mail to /file or |command)
bare newlines yes (but will send CRLF)
blacklisting yes (client name/addr; helo hostname; mail from; rcpt to)
+connection caching yes (SMTP shared cache; LMTP in-process cache)
content filter yes (before and after queue, internal and external)
db tables yes (compile time option)
dbm tables yes (compile time option)
no <> in smtp yes (most common address forms)
pgsql tables yes (contributed)
pipeline option yes (server and client)
-pop/imap yes (with third-party daemons that use /var[/spool]/mail)
+pop/imap yes (with third-party daemons that use mailbox or maildir)
qmqp server yes (with verp support)
rbl support yes
return-receipt: no
sendmail -qtime ignored
sendmail -v yes (sends delivery report via email)
sendmail.cf no (uses table-driven address rewriting)
-session caching yes (SMTP shared multi-session; LMTP non-shared single-session)
size option yes, server and client
smarthost yes (specify relayhost in main.cf)
spf yes (delegated policy script)
avoid logging that some EHLO keyword is being suppressed.
File: global/ehlo_mask.[hc].
+20050217
+
+ Bugfix: typo in tls_server.c, breaking CApath. Fix by
+ Philipp Morger. File: tls/tls_server.c.
+
Open problems:
Med: disable header address rewriting after XCLIENT?
"username@example.com" by "firstname.lastname@example.com" when sending
mail, and do the reverse transformation when receiving mail.
+ * Replace an internal address by an external address. For example, replace
+ "username@localdomain.local" by "isp-account@isp.example" when sending mail
+ from a home computer to the Internet.
+
* Replace an address by multiple addresses. For example, replace the address
of an alias by the addresses listed under that alias.
-------------------------------------------------------------------------------
-W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG
+W\bWA\bAR\bRN\bNI\bIN\bNG\bG
The sender/recipient address verification feature described in this document is
suitable only for low-traffic sites. It performs poorly under high load and may
a sender (MAIL FROM) or recipient (RCPT TO) address until the address has been
verified to be deliverable.
-The technique has obvious uses in order to reject junk mail with an unreplyable
-sender address.
+The technique has obvious uses to reject junk mail with an unreplyable sender
+address.
The technique may also be useful to block mail for undeliverable recipients,
for example on a mail relay host that does not have a list of all the valid
-------------------------------------------------------------------------------
-W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG
+W\bWA\bAR\bRN\bNI\bIN\bNG\bG
People who go to the trouble of installing Postfix may have the expectation
that Postfix is more secure than some other mailers. The Cyrus SASL library is
-------------------------------------------------------------------------------
-W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG W\bWA\bAR\bRN\bNI\bIN\bNG\bG
+W\bWA\bAR\bRN\bNI\bIN\bNG\bG
The before-queue content filtering feature described in this document is
suitable only for low-traffic sites. See the "Pros and Cons" section below for
================================================
When header address rewriting is enabled, Postfix now updates a
-message header only when at least one address address in that header
+message header only when at least one address in that header
is modified. Older Postfix versions first parse and then unparse
a header so that there may be subtle changes in formatting, such
as the amount of whitespace between tokens, or in capitalization
The policy delegation protocol now supplies TLS client certificate
information after successful verification. The new attribute names
-are ccert_subject, ccert_issuer and cccert_fingerprint.
+are ccert_subject, ccert_issuer and ccert_fingerprint.
Major changes with snapshot Postfix-2.2-20050208
================================================
when sending mail, and do the reverse transformation when receiving
mail. </p>
+<li> <p> Replace an internal address by an external address. For
+example, replace "username@localdomain.local" by "isp-account@isp.example"
+when sending mail from a home computer to the Internet.
+</p>
+
<li> <p> Replace an address by multiple addresses. For example,
replace the address of an alias by the addresses listed under that
alias. </p>
<hr>
-<h2>WARNING WARNING WARNING </h2>
+<h2>WARNING </h2>
<p> The sender/recipient address verification feature described in this
document is suitable only for low-traffic sites. It performs poorly
server to block a sender (MAIL FROM) or recipient (RCPT TO) address
until the address has been verified to be deliverable. </p>
-<p> The technique has obvious uses in order to reject junk mail
+<p> The technique has obvious uses to reject junk mail
with an unreplyable sender address. </p>
<p> The technique may also be useful to block mail for undeliverable
<hr>
-<h2>WARNING WARNING WARNING</h2>
+<h2>WARNING</h2>
<p> People who go to the trouble of installing Postfix may have
the expectation that Postfix is more secure than some other mailers.
<hr>
-<h2>WARNING WARNING WARNING </h2>
+<h2>WARNING </h2>
<p> The before-queue content filtering feature described in
this document is suitable only for low-traffic sites. See the "<a
with the <a href="postconf.5.html#canonical_classes">canonical_classes</a> parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
-are documented in <a href="canonical.5.html">canonical(5)</a>.
+are documented in <a href="canonical.5.html">canonical(5)</a>. For an overview of Postfix address
+manipulations see the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document.
</p>
<p>
<p> A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP client will ignore in the EHLO response
-from a remote SMTP server. Specify the pseudo keyword <b>silent-discard</b>
-to prevent this action from being logged. Use the
-<a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> feature to discard EHLO
-keywords selectively. </p>
+from a remote SMTP server. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the <a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">smtp_discard_ehlo_keyword_address_maps</a> feature to
+discard EHLO keywords selectively. </p>
+
+</ul>
</DD>
<p> A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP server will not send in the EHLO response
-to a remote SMTP client. Specify the pseudo keyword <b>silent-discard</b>
-to prevent this action from being logged. Use the
-<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> feature to discard EHLO
-keywords selectively. </p>
+to a remote SMTP client. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the <a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">smtpd_discard_ehlo_keyword_address_maps</a> feature
+to discard EHLO keywords selectively. </p>
+
+</ul>
</DD>
<p>
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address. The table format and lookups
-are documented in <a href="virtual.5.html">virtual(5)</a>.
+are documented in <a href="virtual.5.html">virtual(5)</a>. For an overview of Postfix address
+manipulations see the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document.
</p>
<p>
<p> Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote domains,
and b) addresses that are aliased to addresses in other local or
-remote domains. Available before Postfix version 2.0. With Postfix 2.0
-and later, this is replaced by separate controls: <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>
+remote domains. Available before Postfix version 2.0. With Postfix
+
2.0 and later, this is replaced by separate controls: <a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>
and <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>. </p>
with the canonical_classes parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
-are documented in \fBcanonical\fR(5).
+are documented in \fBcanonical\fR(5). For an overview of Postfix address
+manipulations see the ADDRESS_REWRITING_README document.
.PP
If you use this feature, run "\fBpostmap /etc/postfix/canonical\fR" to
build the necessary DBM or DB file after every change. The changes
.SH smtp_discard_ehlo_keywords (default: empty)
A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP client will ignore in the EHLO response
-from a remote SMTP server. Specify the pseudo keyword \fBsilent-discard\fR
-to prevent this action from being logged. Use the
-smtp_discard_ehlo_keyword_address_maps feature to discard EHLO
-keywords selectively.
+from a remote SMTP server.
+.PP
+Notes:
+.IP \(bu
+Specify the \fBsilent-discard\fR pseudo keyword to prevent
+this action from being logged.
+.IP \(bu
+Use the smtp_discard_ehlo_keyword_address_maps feature to
+discard EHLO keywords selectively.
.SH smtp_enforce_tls (default: no)
Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear. This also requires
.SH smtpd_discard_ehlo_keywords (default: empty)
A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP server will not send in the EHLO response
-to a remote SMTP client. Specify the pseudo keyword \fBsilent-discard\fR
-to prevent this action from being logged. Use the
-smtpd_discard_ehlo_keyword_address_maps feature to discard EHLO
-keywords selectively.
+to a remote SMTP client.
+.PP
+Notes:
+.IP \(bu
+Specify the \fBsilent-discard\fR pseudo keyword to prevent
+this action from being logged.
+.IP \(bu
+Use the smtpd_discard_ehlo_keyword_address_maps feature
+to discard EHLO keywords selectively.
.SH smtpd_end_of_data_restrictions (default: empty)
Optional access restrictions that the Postfix SMTP server
applies in the context of the SMTP END-OF-DATA command.
.SH virtual_alias_maps (default: $virtual_maps)
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address. The table format and lookups
-are documented in \fBvirtual\fR(5).
+are documented in \fBvirtual\fR(5). For an overview of Postfix address
+manipulations see the ADDRESS_REWRITING_README document.
.PP
This feature is available in Postfix 2.0 and later. The default
value is backwards compatible with Postfix 1.1.
Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote domains,
and b) addresses that are aliased to addresses in other local or
-remote domains. Available before Postfix version 2.0. With Postfix 2.0
-and later, this is replaced by separate controls: virtual_alias_domains
+remote domains. Available before Postfix version 2.0. With Postfix
+2.0 and later, this is replaced by separate controls: virtual_alias_domains
and virtual_alias_maps.
.SH virtual_minimum_uid (default: 100)
The minimum user ID value that the \fBvirtual\fR(8) delivery agent accepts
when sending mail, and do the reverse transformation when receiving
mail. </p>
+<li> <p> Replace an internal address by an external address. For
+example, replace "username@localdomain.local" by "isp-account@isp.example"
+when sending mail from a home computer to the Internet.
+</p>
+
<li> <p> Replace an address by multiple addresses. For example,
replace the address of an alias by the addresses listed under that
alias. </p>
<hr>
-<h2>WARNING WARNING WARNING </h2>
+<h2>WARNING </h2>
<p> The sender/recipient address verification feature described in this
document is suitable only for low-traffic sites. It performs poorly
server to block a sender (MAIL FROM) or recipient (RCPT TO) address
until the address has been verified to be deliverable. </p>
-<p> The technique has obvious uses in order to reject junk mail
+<p> The technique has obvious uses to reject junk mail
with an unreplyable sender address. </p>
<p> The technique may also be useful to block mail for undeliverable
<hr>
-<h2>WARNING WARNING WARNING</h2>
+<h2>WARNING</h2>
<p> People who go to the trouble of installing Postfix may have
the expectation that Postfix is more secure than some other mailers.
<hr>
-<h2>WARNING WARNING WARNING </h2>
+<h2>WARNING </h2>
<p> The before-queue content filtering feature described in
this document is suitable only for low-traffic sites. See the "<a
with the canonical_classes parameter. This is typically used
to clean up dirty addresses from legacy mail systems, or to replace
login names by Firstname.Lastname. The table format and lookups
-are documented in canonical(5).
+are documented in canonical(5). For an overview of Postfix address
+manipulations see the ADDRESS_REWRITING_README document.
</p>
<p>
<p>
Optional lookup tables that alias specific mail addresses or domains
to other local or remote address. The table format and lookups
-are documented in virtual(5).
+are documented in virtual(5). For an overview of Postfix address
+manipulations see the ADDRESS_REWRITING_README document.
</p>
<p>
<p> Optional lookup tables with a) names of domains for which all
addresses are aliased to addresses in other local or remote domains,
and b) addresses that are aliased to addresses in other local or
-remote domains. Available before Postfix version 2.0. With Postfix 2.0
-and later, this is replaced by separate controls: virtual_alias_domains
+remote domains. Available before Postfix version 2.0. With Postfix
+2.0 and later, this is replaced by separate controls: virtual_alias_domains
and virtual_alias_maps. </p>
%PARAM smtp_discard_ehlo_keywords
<p> A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP client will ignore in the EHLO response
-from a remote SMTP server. Specify the pseudo keyword <b>silent-discard</b>
-to prevent this action from being logged. Use the
-smtp_discard_ehlo_keyword_address_maps feature to discard EHLO
-keywords selectively. </p>
+from a remote SMTP server. </p>
+
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the smtp_discard_ehlo_keyword_address_maps feature to
+discard EHLO keywords selectively. </p>
+
+</ul>
%PARAM smtpd_discard_ehlo_keywords
<p> A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP server will not send in the EHLO response
-to a remote SMTP client. Specify the pseudo keyword <b>silent-discard</b>
-to prevent this action from being logged. Use the
-smtpd_discard_ehlo_keyword_address_maps feature to discard EHLO
-keywords selectively. </p>
+to a remote SMTP client. </p>
+<p> Notes: </p>
+
+<ul>
+
+<li> <p> Specify the <b>silent-discard</b> pseudo keyword to prevent
+this action from being logged. </p>
+
+<li> <p> Use the smtpd_discard_ehlo_keyword_address_maps feature
+to discard EHLO keywords selectively. </p>
+
+</ul>
%PARAM smtp_discard_ehlo_keyword_address_maps
<p> Lookup tables, indexed by the remote SMTP server address, with
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20050216"
+#define MAIL_RELEASE_DATE "20050218"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
* copy of the CApath directory for chroot-jail.
*/
if (tls_set_ca_certificate_info(server_ctx, var_smtpd_tls_CAfile,
- var_smtpd_tls_CAfile) < 0) {
+ var_smtpd_tls_CApath) < 0) {
SSL_CTX_free(server_ctx); /* 200411 */
return (0);
}
projects / thirdparty / postfix.git / commitdiff
