reject mail when reject_plaintext_session is specified while
TLS isn't compiled in. File: smtpd/smtpd_check.c.
+20060204
+
+ Bugfix: disable content_inspection for "sendmail -bv"
+ probes. File: *qmgr/qmgr_message.c.
+
+20060207
+
+ Robustness: place the "do we have TLS" guards within method
+ implementations, instead of putting them around method
+ invocations. File: smtpd/smtpd_check.c.
+
+ Bugfix: duplicate the cleanup(8) DSN envelope ID syntax
+ check in smtpd(8), so that clients get better error replies.
+ File: smtpd/smtpd_check.c.
+
+ Bugfix: change 20060203 broke the reject_plaintext_session
+ feature.
+
+ The trivial-rewrite and proxymap multi-server processes now
+ terminate soon after all their clients disconnect, instead
+ of waiting for another 100 seconds. This allows the processes
+ to refresh more frequently on low-traffic systems.
+
Wish list:
+ Fix XCLIENT/XFORWARD: send xtext and accept old non-xtext.
+
Make the map case folding/locking options configurable, if
not at run-time then at least at compile time so we get
consistent behavior across applications.
panics when a non-default maximal_queue_lifetime setting
includes no time unit.
- In second-line servers such as proxymap and trivial-rewrite,
- set the max_idle time limit to a relatively small value so
- that processes will refresh more often.
-
After the 20051222 ISASCII paranoia, lowercase() lowercases
ASCII text only.
To be perfectly safe, no process other than the queue manager
should move a queue file from the active queue.
+ This could involve tagging a queue file, and use up another
+ permission bit.
+
Low: postsuper re-run after renaming files, but only a
limited number of times.
delivery agent which is error(8) in disguise, and which
calls defer_append() instead of bounce_append().
- Low: postmap/postalias should not try to open a bogus file
- when given an unsupported dictionary type.
-
Med: find a way to log the sender address when MAIL FROM
is rejected due to lack of disk space.
If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
before proceeding.
+Incompatibility with snapshot 20060207
+======================================
+
+The Postfix SMTP server no longer complains when TLS support is not
+compiled in, but permit_tls_clientcerts, permit_tls_all_clientcerts,
+or check_ccert_access are used. These features now are effectively
+ignored. However, the reject_plaintext_session feature is not
+ignored and will reject mail.
+
Incompatibility with snapshot 20060123
======================================
test -n "$set_permission" && {
chown $recursive $owner $path || exit 1
test -z "$group" || chgrp $recursive $group $path || exit 1
+ # Don't "chmod -R"; queue file status is encoded in mode bits.
if [ "$type" = "d" -a -n "$recursive" ]
then
find $path -type d -exec chmod $mode "{}" ";"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20060203"
+#define MAIL_RELEASE_DATE "20060207"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT
/*
* Content filtering overrides the address resolver.
+ *
+ * XXX Bypass content_filter inspection for user-generated probes
+ * (sendmail -bv). MTA-generated probes never have the "please filter
+ * me" bits turned on, but we handle them here anyway for the sake of
+ * future proofing.
*/
- else if (message->filter_xport) {
+ else if (message->filter_xport
+ && (message->tflags & DEL_REQ_TRACE_ONLY_MASK) == 0) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0
(void) htable_enter(proxy_read_maps, type_name, (char *) 0);
}
myfree(saved_filter);
+
+ /*
+ * This process is called by clients that already enforce the max_idle
+ * time, so we don't have to do it another time.
+ */
+ var_idle_limit = 1;
}
/* pre_accept - see if tables have changed */
/*
* Content filtering overrides the address resolver.
+ *
+ * XXX Bypass content_filter inspection for user-generated probes
+ * (sendmail -bv). MTA-generated probes never have the "please filter
+ * me" bits turned on, but we handle them here anyway for the sake of
+ * future proofing.
*/
- else if (message->filter_xport) {
+ else if (message->filter_xport
+ && (message->tflags & DEL_REQ_TRACE_ONLY_MASK) == 0) {
reply.flags = 0;
vstring_strcpy(reply.transport, message->filter_xport);
if ((nexthop = split_at(STR(reply.transport), ':')) == 0
smtpd_chat_reply(state, "501 5.7.1 DSN support is disabled");
return (-1);
}
- if (dsn_envid || xtext_unquote(state->dsn_buf, arg + 6) == 0) {
+ if (dsn_envid
+ || xtext_unquote(state->dsn_buf, arg + 6) == 0
+ || !allprint(STR(state->dsn_buf))) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "501 5.5.4 Bad ENVID parameter syntax");
return (-1);
return (smtpd_check_reject(state, MAIL_ERROR_POLICY,
var_plaintext_code, "4.7.1",
"Session encryption is required"));
+ return (SMTPD_CHECK_DUNNO);
}
/* permit_inet_interfaces - succeed if client my own address */
/* permit_tls_clientcerts - OK/DUNNO for message relaying */
-#ifdef USE_TLS
static int permit_tls_clientcerts(SMTPD_STATE *state, int permit_all_certs)
{
+#ifdef USE_TLS
const char *found;
if (!state->tls_context)
msg_info("relay_clientcerts: No match for fingerprint '%s'",
state->tls_context->peer_fingerprint);
}
+#endif
return (SMTPD_CHECK_DUNNO);
}
-#endif
-
/* check_relay_domains - OK/FAIL for message relaying */
static int check_relay_domains(SMTPD_STATE *state, char *recipient,
/* check_ccert_access - access for TLS clients by certificate fingerprint */
-#ifdef USE_TLS
static int check_ccert_access(SMTPD_STATE *state, const char *table,
const char *def_acl)
{
+#ifdef USE_TLS
char *myname = "check_ccert_access";
int found;
state->tls_context->peer_CN,
SMTPD_NAME_CCERT, def_acl));
}
+#endif
return (SMTPD_CHECK_DUNNO);
}
-#endif
-
/* check_mail_access - OK/FAIL based on mail address lookup */
static int check_mail_access(SMTPD_STATE *state, const char *table,
SMTPD_NAME_CLIENT);
}
} else if (is_map_command(state, name, CHECK_CCERT_ACL, &cpp)) {
-#ifdef USE_TLS
status = check_ccert_access(state, *cpp, def_acl);
-#endif
}
/*
SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO);
#endif
} else if (strcasecmp(name, PERMIT_TLS_ALL_CLIENTCERTS) == 0) {
-#ifdef USE_TLS
status = permit_tls_clientcerts(state, 1);
-#endif
} else if (strcasecmp(name, PERMIT_TLS_CLIENTCERTS) == 0) {
-#ifdef USE_TLS
status = permit_tls_clientcerts(state, 0);
-#endif
} else if (strcasecmp(name, REJECT_UNKNOWN_RCPTDOM) == 0) {
if (state->recipient)
status = reject_unknown_address(state, state->recipient,
SMTPD_CHECK_DUNNO);
#endif
} else if (strcasecmp(name, PERMIT_TLS_ALL_CLIENTCERTS) == 0) {
-#ifdef USE_TLS
status = permit_tls_clientcerts(state, 1);
-#endif
} else if (strcasecmp(name, PERMIT_TLS_CLIENTCERTS) == 0) {
-#ifdef USE_TLS
status = permit_tls_clientcerts(state, 0);
-#endif
} else {
msg_warn("parameter %s: invalid request: %s",
VAR_LOC_RWR_CLIENTS, name);
#endif
-#ifdef CHECK_TABLE_STATS_PERIODICALLY
+#ifdef SNAPSHOT
static void check_table_stats(int unused_event, char *unused_context)
{
transport_post_init(resolve_regular.transport_info);
if (resolve_verify.transport_info)
transport_post_init(resolve_verify.transport_info);
-#ifdef CHECK_TABLE_STATS_PERIODICALLY
+#ifdef SNAPSHOT
check_table_stats(0, (char *) 0);
#endif
+
+ /*
+ * This process is called by clients that already enforce the max_idle
+ * time, so we don't have to do it another time.
+ */
+ var_idle_limit = 1;
}
/* main - pass control to the multi-threaded skeleton code */
projects / thirdparty / postfix.git / commitdiff
