Documentation: updated comment text. File: util/hash_fnv.c.
-29220312
+20220312
Cleanup: when a main.cf like file may have changed while
it was read, forget the settings before re-reading the file.
Documentation: how to stop recursion in virtual_alias_maps.
File: proto/virtual.
+
+20220330
+
+ Documentation: updated the postlogd(8) daemon manpage,
+ adding that the Postfix >= 3.7 postlog(1) command can run
+ with setgid permissions. File: postlogd/postlogd.c.
+
+20220403
+
+ Cleanup: milter_hader_checks maps are now opened before the
+ cleanup server enters the chroot jail. Files: cleanup/cleanup.h,
+ cleanup/cleanup_init.c, cleanup/cleanup_milter.c,
+ global/header_body_checks.c, global/header_body_checks.h,
+ global/maps.c, global/maps.h, smtp/smtp.c.
expectations when different reply patterns have different weights.
We need a compatibility_level feature to correct this.
- In the cleanup daemon, open the milter*header_checks greedily,
- before the chroot() call. This code is implemented and needs
- to be tested.
-
In the pgsql: client, make the client encoding configurable
with a sensible default (UTF8). This code is implemented
and needs to be tested.
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
- The default SMTP TLS security level for the Postfix SMTP client;
- when a non-empty value is specified, this overrides the obsolete
- parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and
- <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
+ The default SMTP TLS security level for the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
- Request that the Postfix SMTP client connects using the legacy
- SMTPS protocol instead of using the STARTTLS command.
+ Request that the Postfix SMTP client connects using the SUBMIS-
+ SIONS/SMTPS protocol instead of using the STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
Enable preliminary SMTPUTF8 support for the protocols described
- in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
+ in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
<b><a href="postconf.5.html#maillog_file">log_file</a></b> (also, logging to stdout would interfere with the operation of
some of these programs). These programs can log to <a href="postlogd.8.html"><b>postlogd</b>(8)</a> if they
are run by the super-user, or if their executable file has set-gid per-
- mission. Do not set this permission on programs other than <a href="postdrop.1.html"><b>postdrop</b>(1)</a>
- and <a href="postqueue.1.html"><b>postqueue</b>(1)</a>.
+ mission. Do not set this permission on programs other than <a href="postdrop.1.html"><b>postdrop</b>(1)</a>,
+ <a href="postqueue.1.html"><b>postqueue</b>(1)</a> and (Postfix >= 3.7) <a href="postlog.1.html"><b>postlog</b>(1)</a>.
<b>CONFIGURATION PARAMETERS</b>
Changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked up automatically, as <a href="postlogd.8.html"><b>postlogd</b>(8)</a> pro-
<a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
- The default SMTP TLS security level for the Postfix SMTP client;
- when a non-empty value is specified, this overrides the obsolete
- parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and
- <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>.
+ The default SMTP TLS security level for the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The SASL authentication security options that the Postfix SMTP
Available in Postfix version 3.0 and later:
<b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
- Request that the Postfix SMTP client connects using the legacy
- SMTPS protocol instead of using the STARTTLS command.
+ Request that the Postfix SMTP client connects using the SUBMIS-
+ SIONS/SMTPS protocol instead of using the STARTTLS command.
Available in Postfix version 3.1 and later:
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
Enable preliminary SMTPUTF8 support for the protocols described
- in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>..6533.
+ in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
Detect that a message requires SMTPUTF8 support for the speci-
with the operation of some of these programs). These programs
can log to \fBpostlogd\fR(8) if they are run by the super\-user,
or if their executable file has set\-gid permission. Do not
-set this permission on programs other than \fBpostdrop\fR(1)
-and \fBpostqueue\fR(1).
+set this permission on programs other than \fBpostdrop\fR(1),
+\fBpostqueue\fR(1) and (Postfix >= 3.7) \fBpostlog\fR(1).
.SH "CONFIGURATION PARAMETERS"
.na
.nf
Detailed information about STARTTLS configuration may be found
in the TLS_README document.
.IP "\fBsmtp_tls_security_level (empty)\fR"
-The default SMTP TLS security level for the Postfix SMTP client;
-when a non\-empty value is specified, this overrides the obsolete
-parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
+The default SMTP TLS security level for the Postfix SMTP client.
.IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR"
The SASL authentication security options that the Postfix SMTP
client uses for TLS encrypted SMTP sessions.
Available in Postfix version 3.0 and later:
.IP "\fBsmtp_tls_wrappermode (no)\fR"
Request that the Postfix SMTP client connects using the
-legacy SMTPS protocol instead of using the STARTTLS command.
+SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
.PP
Available in Postfix version 3.1 and later:
.IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
.IP "\fBsmtputf8_enable (yes)\fR"
Enable preliminary SMTPUTF8 support for the protocols described
-in RFC 6531..6533.
+in RFC 6531, RFC 6532, and RFC 6533.
.IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
Detect that a message requires SMTPUTF8 support for the specified
mail origin classes.
/*
* Milters.
*/
+extern MAPS *cleanup_milt_head_checks;
extern MILTERS *cleanup_milters;
/*
/*
* Milter support.
*/
+MAPS *cleanup_milt_head_checks;
MILTERS *cleanup_milters;
/*
maps_create(VAR_RCPT_BCC_MAPS, var_rcpt_bcc_maps,
DICT_FLAG_LOCK | DICT_FLAG_FOLD_FIX
| DICT_FLAG_UTF8_REQUEST);
+ if (*var_milt_head_checks)
+ cleanup_milt_head_checks =
+ maps_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks,
+ DICT_FLAG_LOCK);
if (*var_cleanup_milters)
cleanup_milters = milter_create(var_cleanup_milters,
var_milt_conn_time,
static void cleanup_milter_header_checks_init(CLEANUP_STATE *state)
{
-#define NO_NESTED_HDR_NAME ""
-#define NO_NESTED_HDR_VALUE ""
-#define NO_MIME_HDR_NAME ""
-#define NO_MIME_HDR_VALUE ""
+#define NO_NESTED_HDR_MAPS ((MAPS *) 0)
+#define NO_MIME_HDR_MAPS ((MAPS *) 0)
static /* XXX not const */ HBC_CALL_BACKS call_backs = {
cleanup_milter_hbc_log,
};
state->milter_hbc_checks =
- hbc_header_checks_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks,
- NO_MIME_HDR_NAME, NO_MIME_HDR_VALUE,
- NO_NESTED_HDR_NAME, NO_NESTED_HDR_VALUE,
+ hbc_header_checks_create(cleanup_milt_head_checks,
+ NO_MIME_HDR_MAPS,
+ NO_NESTED_HDR_MAPS,
&call_backs);
state->milter_hbc_reply = vstring_alloc(100);
if (state->filter)
/*
* Prologue: prepare for Milter header/body checks.
*/
- if (*var_milt_head_checks)
+ if (cleanup_milt_head_checks)
cleanup_milter_header_checks_init(state);
/*
/*
* Epilogue: finalize Milter header/body checks.
*/
- if (*var_milt_head_checks)
+ if (cleanup_milt_head_checks)
cleanup_milter_hbc_finish(state);
if (msg_verbose)
char *var_milt_v = DEF_MILT_V;
MILTERS *cleanup_milters = (MILTERS *) ((char *) sizeof(*cleanup_milters));
char *var_milt_head_checks = "";
+MAPS *cleanup_milt_head_checks;
/* Dummies to satisfy unused external references. */
cleanup_milter_hbc_finish(state);
myfree(var_milt_head_checks);
var_milt_head_checks = "";
+ maps_free(cleanup_milt_head_checks);
+ cleanup_milt_head_checks = 0;
}
close_queue_file(state);
} else if (state->milter_hbc_reply && LEN(state->milter_hbc_reply)) {
msg_warn("can't change header checks");
} else {
var_milt_head_checks = mystrdup(argv->argv[1]);
+ cleanup_milt_head_checks = maps_create(VAR_MILT_HEAD_CHECKS,
+ var_milt_head_checks, DICT_FLAG_LOCK);
cleanup_milter_header_checks_init(state);
}
} else if (strcmp(argv->argv[0], "sender_bcc_maps") == 0) {
msg_info("errs = %s", cleanup_strerror(state->errs));
}
cleanup_state_free(state);
- if (*var_milt_head_checks)
+ if (*var_milt_head_checks)
myfree(var_milt_head_checks);
+ if (cleanup_milt_head_checks)
+ maps_free(cleanup_milt_head_checks);
return (0);
}
/* } HBC_CALL_BACKS;
/*
/* HBC_CHECKS *hbc_header_checks_create(
-/* header_checks_name, header_checks_value
-/* mime_header_checks_name, mime_header_checks_value,
-/* nested_header_checks_name, nested_header_checks_value,
-/* call_backs)
-/* const char *header_checks_name;
-/* const char *header_checks_value;
-/* const char *mime_header_checks_name;
-/* const char *mime_header_checks_value;
-/* const char *nested_header_checks_name;
-/* const char *nested_header_checks_value;
+/* header_checks_maps, mime_header_checks_maps,
+/* nested_header_checks_maps, call_backs)
+/* MAPS *header_checks_maps;
+/* MAPS *mime_header_checks_maps;
+/* MAPS *nested_header_checks_maps;
/* HBC_CALL_BACKS *call_backs;
/*
-/* HBC_CHECKS *hbc_body_checks_create(
-/* body_checks_name, body_checks_value,
-/* call_backs)
-/* const char *body_checks_name;
-/* const char *body_checks_value;
+/* HBC_CHECKS *hbc_body_checks_create(body_check_maps, call_backs)
+/* MAPS *body_check_maps;
/* HBC_CALL_BACKS *call_backs;
/*
/* char *hbc_header_checks(context, hbc, header_class, hdr_opts, header)
/*
/* hbc_header_checks_create() creates a context for header
/* inspection. This function is typically called once during
-/* program initialization. The result is a null pointer when
-/* all _value arguments specify zero-length strings; in this
+/* program initialization. The result is a null pointer when
+/* all _maps arguments specify a null pointer; in this
/* case, hbc_header_checks() and hbc_header_checks_free() must
/* not be called.
/*
+/* Note: hbc_header_checks_create() does not take ownership
+/* of its _maps arguments.
+/*
/* hbc_header_checks() inspects the specified logical header.
/* The result is either the original header, HBC_CHECKS_STAT_IGNORE
/* (meaning: discard the header), HBC_CHECKS_STAT_ERROR, or a
const char hbc_checks_unknown;
/*
- * Header checks are stored as an array of HBC_MAP_INFO structures, one
- * structure for each header class (MIME_HDR_PRIMARY, MIME_HDR_MULTIPART, or
- * MIME_HDR_NESTED).
+ * Header checks are stored as an array of MAPS pointers, one for each
+ * header class (MIME_HDR_PRIMARY, MIME_HDR_MULTIPART, or MIME_HDR_NESTED).
*
- * Body checks are stored as one single HBC_MAP_INFO structure, because we make
- * no distinction between body segments.
+ * Body checks are stored as a single MAPS pointer, because we make no
+ * distinction between body segments.
*/
#define HBC_HEADER_INDEX(class) ((class) - MIME_HDR_FIRST)
#define HBC_BODY_INDEX (0)
-#define HBC_INIT(hbc, index, name, value) do { \
- HBC_MAP_INFO *_mp = (hbc)->map_info + (index); \
- if (*(value) != 0) { \
- _mp->map_class = (name); \
- _mp->maps = maps_create((name), (value), DICT_FLAG_LOCK); \
- } else { \
- _mp->map_class = 0; \
- _mp->maps = 0; \
- } \
- } while (0)
-
/* How does the action routine know where we are? */
#define HBC_CTXT_HEADER "header"
if (STREQUAL(cmd, "IGNORE", cmd_len))
/* XXX Not logged for compatibility with cleanup(8). */
return (HBC_CHECKS_STAT_IGNORE);
-
+
if (STREQUAL(cmd, "DUNNO", cmd_len) /* preferred */
||STREQUAL(cmd, "OK", cmd_len)) /* compatibility */
return ((char *) line);
{
const char *myname = "hbc_header_checks";
const char *action;
- HBC_MAP_INFO *mp;
+ MAPS *mp;
if (msg_verbose)
msg_info("%s: '%.30s'", myname, STR(header));
if (hdr_opts && (hdr_opts->flags & HDR_OPT_MIME))
header_class = MIME_HDR_MULTIPART;
- mp = hbc->map_info + HBC_HEADER_INDEX(header_class);
+ mp = hbc->map_info[HBC_HEADER_INDEX(header_class)];
- if (mp->maps != 0 && (action = maps_find(mp->maps, STR(header), 0)) != 0) {
+ if (mp != 0 && (action = maps_find(mp, STR(header), 0)) != 0) {
return (hbc_action(context, hbc->call_backs,
- mp->map_class, HBC_CTXT_HEADER, action,
+ maps_title(mp), HBC_CTXT_HEADER, action,
STR(header), LEN(header), offset));
- } else if (mp->maps && mp->maps->error) {
+ } else if (mp && mp->error) {
return (HBC_CHECKS_STAT_ERROR);
} else {
return (STR(header));
{
const char *myname = "hbc_body_checks";
const char *action;
- HBC_MAP_INFO *mp;
+ MAPS *mp;
if (msg_verbose)
msg_info("%s: '%.30s'", myname, line);
- mp = hbc->map_info;
+ mp = hbc->map_info[0];
- if ((action = maps_find(mp->maps, line, 0)) != 0) {
+ if ((action = maps_find(mp, line, 0)) != 0) {
return (hbc_action(context, hbc->call_backs,
- mp->map_class, HBC_CTXT_BODY, action,
+ maps_title(mp), HBC_CTXT_BODY, action,
line, len, offset));
- } else if (mp->maps->error) {
+ } else if (mp->error) {
return (HBC_CHECKS_STAT_ERROR);
} else {
return ((char *) line);
/* hbc_header_checks_create - create header checking context */
-HBC_CHECKS *hbc_header_checks_create(const char *header_checks_name,
- const char *header_checks_value,
- const char *mime_header_checks_name,
- const char *mime_header_checks_value,
- const char *nested_header_checks_name,
- const char *nested_header_checks_value,
+HBC_CHECKS *hbc_header_checks_create(MAPS *header_checks_maps,
+ MAPS *mime_header_checks_maps,
+ MAPS *nested_header_checks_maps,
HBC_CALL_BACKS *call_backs)
{
HBC_CHECKS *hbc;
/*
* Optimize for the common case.
*/
- if (*header_checks_value == 0 && *mime_header_checks_value == 0
- && *nested_header_checks_value == 0) {
+ if (header_checks_maps == 0 && mime_header_checks_maps == 0
+ && nested_header_checks_maps == 0) {
return (0);
} else {
hbc = (HBC_CHECKS *) mymalloc(sizeof(*hbc)
- + (MIME_HDR_LAST - MIME_HDR_FIRST) * sizeof(HBC_MAP_INFO));
+ + (MIME_HDR_LAST - MIME_HDR_FIRST) * sizeof(hbc->map_info));
hbc->call_backs = call_backs;
- HBC_INIT(hbc, HBC_HEADER_INDEX(MIME_HDR_PRIMARY),
- header_checks_name, header_checks_value);
- HBC_INIT(hbc, HBC_HEADER_INDEX(MIME_HDR_MULTIPART),
- mime_header_checks_name, mime_header_checks_value);
- HBC_INIT(hbc, HBC_HEADER_INDEX(MIME_HDR_NESTED),
- nested_header_checks_name, nested_header_checks_value);
+ hbc->map_info[HBC_HEADER_INDEX(MIME_HDR_PRIMARY)] =
+ header_checks_maps;
+ hbc->map_info[HBC_HEADER_INDEX(MIME_HDR_MULTIPART)] =
+ mime_header_checks_maps;
+ hbc->map_info[HBC_HEADER_INDEX(MIME_HDR_NESTED)] =
+ nested_header_checks_maps;
return (hbc);
}
}
/* hbc_body_checks_create - create body checking context */
-HBC_CHECKS *hbc_body_checks_create(const char *body_checks_name,
- const char *body_checks_value,
+HBC_CHECKS *hbc_body_checks_create(MAPS *body_checks_maps,
HBC_CALL_BACKS *call_backs)
{
HBC_CHECKS *hbc;
/*
* Optimize for the common case.
*/
- if (*body_checks_value == 0) {
+ if (body_checks_maps == 0) {
return (0);
} else {
hbc = (HBC_CHECKS *) mymalloc(sizeof(*hbc));
hbc->call_backs = call_backs;
- HBC_INIT(hbc, HBC_BODY_INDEX, body_checks_name, body_checks_value);
+ hbc->map_info[HBC_BODY_INDEX] = body_checks_maps;
return (hbc);
}
}
void _hbc_checks_free(HBC_CHECKS *hbc, ssize_t len)
{
- HBC_MAP_INFO *mp;
-
- for (mp = hbc->map_info; mp < hbc->map_info + len; mp++)
- if (mp->maps)
- maps_free(mp->maps);
myfree((void *) hbc);
}
body_out, body_end,
err_print,
(void *) &context);
+
+#define MAPS_OR_NULL(name, value) \
+ (*(value) ? maps_create((name), (value), DICT_FLAG_LOCK) : (MAPS *) 0)
+
context.header_checks =
- hbc_header_checks_create("header_checks", argv[1],
- "mime_header_checks", argv[2],
- "nested_header_checks", argv[3],
+ hbc_header_checks_create(MAPS_OR_NULL("header_checks", argv[1]),
+ MAPS_OR_NULL("mime_header_checks", argv[2]),
+ MAPS_OR_NULL("nested_header_checks", argv[3]),
call_backs);
context.body_checks =
- hbc_body_checks_create("body_checks", argv[4], call_backs);
+ hbc_body_checks_create(MAPS_OR_NULL("body_checks", argv[4]),
+ call_backs);
context.buf = vstring_alloc(100);
context.fp = VSTREAM_OUT;
context.queueid = "test-queueID";
/*
* External interface.
*/
-typedef struct {
- const char *map_class; /* parameter name */
- MAPS *maps; /* map handle */
-} HBC_MAP_INFO;
-
typedef struct {
void (*logger) (void *, const char *, const char *, const char *, const char *);
void (*prepend) (void *, int, const char *, ssize_t, off_t);
typedef struct {
HBC_CALL_BACKS *call_backs;
- HBC_MAP_INFO map_info[1]; /* actually, a bunch */
+ MAPS *map_info[1]; /* actually, a bunch; NOT owned */
} HBC_CHECKS;
#define HBC_CHECKS_STAT_IGNORE ((char *) 0)
#define HBC_CHECKS_STAT_ERROR (&hbc_checks_error)
#define HBC_CHECKS_STAT_UNKNOWN (&hbc_checks_unknown)
-extern HBC_CHECKS *hbc_header_checks_create(const char *, const char *,
- const char *, const char *,
- const char *, const char *,
+extern HBC_CHECKS *hbc_header_checks_create(MAPS *, MAPS *, MAPS *,
HBC_CALL_BACKS *);
-extern HBC_CHECKS *hbc_body_checks_create(const char *, const char *,
- HBC_CALL_BACKS *);
+extern HBC_CHECKS *hbc_body_checks_create(MAPS *, HBC_CALL_BACKS *);
extern char *hbc_header_checks(void *, HBC_CHECKS *, int, const HEADER_OPTS *,
VSTRING *, off_t);
extern char *hbc_body_checks(void *, HBC_CHECKS *, const char *, ssize_t, off_t);
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20220325"
+#define MAIL_RELEASE_DATE "20220403"
#define MAIL_VERSION_NUMBER "3.8"
#ifdef SNAPSHOT
/* const char *key;
/* int flags;
/*
+/* const char *maps_title(maps)
+/* MAPS *maps;
+/*
/* MAPS *maps_free(maps)
/* MAPS *maps;
/* DESCRIPTION
/* the base64 lookup result. This requires that the maps are
/* opened with DICT_FLAG_SRC_RHS_IS_FILE.
/*
+/* maps_title() returns a pointer to a copy of the title
+/* specified with maps_create().
+/*
/* maps_free() releases storage claimed by maps_create()
/* and conveniently returns a null pointer.
/*
extern MAPS *maps_create(const char *, const char *, int);
extern const char *maps_find(MAPS *, const char *, int);
extern const char *maps_file_find(MAPS *, const char *, int);
+
+#define maps_title(maps) ((const char *) ((maps)->title))
extern MAPS *maps_free(MAPS *);
/* LICENSE
/* with the operation of some of these programs). These programs
/* can log to \fBpostlogd\fR(8) if they are run by the super-user,
/* or if their executable file has set-gid permission. Do not
-/* set this permission on programs other than \fBpostdrop\fR(1)
-/* and \fBpostqueue\fR(1).
+/* set this permission on programs other than \fBpostdrop\fR(1),
+/* \fBpostqueue\fR(1) and (Postfix >= 3.7) \fBpostlog\fR(1).
/* CONFIGURATION PARAMETERS
/* .ad
/* .fi
/* Detailed information about STARTTLS configuration may be found
/* in the TLS_README document.
/* .IP "\fBsmtp_tls_security_level (empty)\fR"
-/* The default SMTP TLS security level for the Postfix SMTP client;
-/* when a non-empty value is specified, this overrides the obsolete
-/* parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername.
+/* The default SMTP TLS security level for the Postfix SMTP client.
/* .IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR"
/* The SASL authentication security options that the Postfix SMTP
/* client uses for TLS encrypted SMTP sessions.
/* Available in Postfix version 3.0 and later:
/* .IP "\fBsmtp_tls_wrappermode (no)\fR"
/* Request that the Postfix SMTP client connects using the
-/* legacy SMTPS protocol instead of using the STARTTLS command.
+/* SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
/* .PP
/* Available in Postfix version 3.1 and later:
/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
/* Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
/* .IP "\fBsmtputf8_enable (yes)\fR"
/* Enable preliminary SMTPUTF8 support for the protocols described
-/* in RFC 6531..6533.
+/* in RFC 6531, RFC 6532, and RFC 6533.
/* .IP "\fBsmtputf8_autodetect_classes (sendmail, verify)\fR"
/* Detect that a message requires SMTPUTF8 support for the specified
/* mail origin classes.
bool var_smtp_sasl_auth_soft_bounce;
char *var_hfrom_format;
-bool var_smtp_bind_addr_enforce;
+bool var_smtp_bind_addr_enforce;
/*
* Global variables.
/*
* Header/body checks.
*/
+#define MAPS_OR_NULL(name, value) \
+ (*(value) ? maps_create((name), (value), DICT_FLAG_LOCK) : (MAPS *) 0)
+
smtp_header_checks = hbc_header_checks_create(
- VAR_LMTP_SMTP(HEAD_CHKS), var_smtp_head_chks,
- VAR_LMTP_SMTP(MIME_CHKS), var_smtp_mime_chks,
- VAR_LMTP_SMTP(NEST_CHKS), var_smtp_nest_chks,
+ MAPS_OR_NULL(VAR_LMTP_SMTP(HEAD_CHKS), var_smtp_head_chks),
+ MAPS_OR_NULL(VAR_LMTP_SMTP(MIME_CHKS), var_smtp_mime_chks),
+ MAPS_OR_NULL(VAR_LMTP_SMTP(NEST_CHKS), var_smtp_nest_chks),
smtp_hbc_callbacks);
smtp_body_checks = hbc_body_checks_create(
- VAR_LMTP_SMTP(BODY_CHKS), var_smtp_body_chks,
+ MAPS_OR_NULL(VAR_LMTP_SMTP(BODY_CHKS), var_smtp_body_chks),
smtp_hbc_callbacks);
/*
projects / thirdparty / postfix.git / commitdiff
