stripping in postqueue/postqueue.c. Problem reported by
Victor Duchovni, Morgan Stanley.
+20020402
+
+ Workaround: recognize more headers that are sent instead
+ of SMTP commands. File: smtpd/smtpd.c.
+
+20020413
+
+ Feature: new pipe delivery agent "D" flag to prepend a
+ Delivered-To: message header. This requires single recipient
+ deliveries. Based on code by Matthias Andree. File:
+ pipe/pipe.c.
+
+20020414
+
+ Portability: Postfix will no longer attempt to build with
+ gdbm support, because gdbm is broken. File: makedefs.
+
+20020415
+
+ Cleanup: the attribute list IPC code did not distinguish
+ between "disconnect" and "timeout" while reading an attribute
+ list, making trouble shooting more difficult than necessary.
+ Files: util/attr_scan0.c, util/attr_scan64.c.
+
+ Cleanup: install parameter defaults can now be overruled
+ from makedefs: sendmail_path, mailq_path, newaliases_path,
+ command_directory, daemon_directory. Based on code by
+ Victor Duchovni, Morgan Stanley. File: util/sys_defs.h.
+
+20020411
+
+ Cleanup: Use more robust quoting passing makedefs/Makefile
+ settings. This also simplifies the seven backslashes example
+ in the INSTALL file. Victor Duchovni, Morgan Stanley.
+ Files: makedefs, INSTALL.
+
+20020417
+
+ Bugfix: the post-install script failed to upgrade master.cf
+ settings from private to public if the service was explicitly
+ configured as private.
+
+20020418
+
+ Documentation: added CPU saving patterns for quickly skipping
+ base 64 encoded text in message bodies. Liviu Daia.
+ Files: {proto,conf}/pcre_table, {proto,conf}/regexp_table,
+ conf/sample_{regexp,pcre}_body.cf.
+
+20020426
+
+ Bugfix: the SMTP client forgot to quote whitespace etc.
+ in a sender/recipient address when DNS lookup was turned
+ off (disable_dns_lookups = yes). Problem experienced by
+ Chip Paswater. Files: smtp/smtp_proto.c.
+
+20020501
+
+ Feature: wildcard lookup in transport maps (lookup key
+ "*"). Code developed with Lamont Jones, HP.
+
+ Feature: a null transport:destination transport map entry
+ means proceed as if the transport map lookup failed. Code
+ developed with Lamont Jones, HP.
+
+ Feature: more efficient use of cache memory when a process
+ opens multiple Berkeley DB tables. Files: util/dict_db.c,
+ global/mkmap_db.c. Victor Duchovni, Morgan Stanley.
+
+20020503
+
+ Cleanup: postqueue silently ignored command-line arguments
+ following -p or -f options, instead of complaining; postqueue
+ produced an incorrect error message (mail system down) when
+ the command was installed with incorrect privileges. File:
+ postqueue/postqueue.c.
+
+ Bugfix: while reporting a domain name or IP address syntax
+ error, postqueue could dereference a dangling pointer with
+ some getopt() implementations. LaMont Jones, HP. File:
+ postqueue/postqueue.c.
+
+ Safety: postalias and postmap now drop root privileges
+ while processing a non-root input file. Thus, the result
+ should be writable to the source file owner. Specify the
+ -o option if this is a problem. Files: postmap/postmap.c,
+ postalias/postalias.c.
+
+ Consistency: just like postmap, postalias now copies file
+ permissions from the source file when it creates a new
+ table for the first time. File: postalias/postalias.c.
+
+ Portability: run-time test to avoid GDBM trouble. File:
+ util/dict_dbm.c.
+
Open problems:
Low: sendmail does not store null command-line recipients.
Low: generic showq protocol, to allow for more intelligent
processing than just mailq. Maybe marry this with postsuper.
- Low: default domain for appending to unqualified recipients.
+ Low: default domain for appending to unqualified recipients,
+ so that unqualified names can be delivered locally.
Low: The $process_id_directory setting is not used anywhere
in Postfix. Problem reported by Michael Smith, texas.net.
In order to build with non-default settings, for example, with a
configuration directory other than /etc/postfix, use:
- % make makefiles CCARGS=-DDEF_CONFIG_DIR=\\\\\\\"/some/where\\\\\\\"
+ % make makefiles CCARGS='-DDEF_CONFIG_DIR=\"/some/where\"'
% make
-That's seven backslashes :-) But at least this works with sh and csh.
+Be sure to get the quotes right. These details matter a lot.
+
+Other parameters whose defaults can be specified in this way are:
+
+ Macro name default value for
+ -------------------------------------
+ DEF_COMMAND_DIR command_directory
+ DEF_DAEMON_DIR daemon_directory
+ DEF_SENDMAIL_PATH sendmail_path
+ DEF_MAILQ_PATH mailq_path
+ DEF_NEWALIAS_PATH newaliases_path
In order to build Postfix for very large applications, where you
expect to run more than 1000 delivery processes, you may need to
postfix:*:12345:12345:postfix:/no/where:/no/shell
+ Note: there should be no whitespace before "postfix:".
+
- Make sure there is a corresponding alias in /etc/aliases:
postfix: root
+ Note: there should be no whitespace before "postfix:".
+
- Create a group "postdrop" with a group id that is not used by
any other user account. Not even by the postfix user account.
My group file entry looks like:
postdrop:*:54321:
+ Note: there should be no whitespace before "postdrop:".
+
NB: this group was optional with older Postfix releases; it is
now required.
% sendmail -bp
-See also the "Care and feeding" section 13 below.
+See also the "Care and feeding" section 12 below.
8 - Configuring Postfix to send and receive mail (virtual interface)
====================================================================
% sendmail -bp
-See also the "Care and feeding" section 13 below.
+See also the "Care and feeding" section 12 below.
9 - Turning off sendmail forever
================================
Typical logfile names are: /var/log/maillog or /var/log/syslog.
See /etc/syslog.conf for actual logfile names.
-See also the "Care and feeding" section 13 below.
+See also the "Care and feeding" section 12 below.
10 - Mandatory configuration file edits
=======================================
SHELL = /bin/sh
WARN = -Wmissing-prototypes -Wformat
-OPTS = "CC=$(CC)"
+OPTS = 'CC=$(CC)'
DIRS = src/util src/global src/dns src/master src/postfix src/smtpstone \
src/sendmail src/error src/pickup src/cleanup src/smtpd src/local \
src/lmtp src/trivial-rewrite src/qmgr src/smtp src/bounce src/pipe \
-#
# PCRE_TABLE(5) PCRE_TABLE(5)
#
# NAME
# /^Subject: make money fast/ REJECT
# /^To: friend@public\.com/ REJECT
#
+# EXAMPLE BODY FILTER MAP
+# # First skip over base 64 encoded text to save CPU cycles.
+# # Requires PCRE version 3.
+# ~^[[:alnum:]+/]{60,}$~ OK
+#
+# # Put your own body patterns here.
+#
# SEE ALSO
# regexp_table(5) format of POSIX regular expression tables
#
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
-# 1
-#
+# PCRE_TABLE(5)
for name in cleanup flush
do
- grep "^$name[ ]*unix[ ]*-" \
+ grep "^$name[ ]*unix[ ]*[-y]" \
$config_directory/master.cf >/dev/null && {
echo Editing $config_directory/master.cf, making the $name service public
ed $config_directory/master.cf <<EOF || exit 1
-/^$name[ ]*unix[ ]*-/
-s/-/n/
+/^$name[ ]*unix[ ]*[-y]/
+s/[-y]/n/
p
w
q
-#
# REGEXP_TABLE(5) REGEXP_TABLE(5)
#
# NAME
# /^Subject: make money fast/ REJECT
# /^To: friend@public\.com/ REJECT
#
+# EXAMPLE BODY FILTER MAP
+# # First skip over base 64 encoded text to save CPU cycles.
+# ~^[[:alnum:]+/]{60,}$~ OK
+#
+# # Put your own body patterns here.
+#
# SEE ALSO
# pcre_table(5) format of PCRE tables
#
# P.O. Box 704
# Yorktown Heights, NY 10598, USA
#
-# 1
-#
+# REGEXP_TABLE(5)
# policy (anti-UCE violations) and protocol error (broken mailers)
# reports.
#
+# The error classes are:
+#
+# bounce: Send the postmaster copies of the headers of bounced mail.
+# 2bounce: Send undeliverable bounced mail to the postmaster.
+# delay: Send the postmaster copies of the headers of delayed mail.
+# policy: Send the postmaster a transcript of the entire SMTP session
+# when a client request was rejected because of (UCE) policy.
+# protocol: Send the postmaster a transcript of the entire SMTP
+# session in case of client or server protocol errors.
+# resource: Inform the postmaster of mail not delivered due to
+# resource problems.
+# software: Inform the postmaster of mail not delivered due to
+# software problems.
+#
#notify_classes = bounce,delay,policy,protocol,resource,software
#notify_classes = 2bounce,resource,software
notify_classes = resource,software
# appended to the previous line (there should be no whitespace
# before your regular expression!)
#
+
+# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
+# Expressions by Liviu Daia, amended by Victor Duchovni.
+# Requires PCRE version 3.
+~^[[:alnum:]+/]{60,}\s*$~ OK
+
+# Your own body patterns go here.
# IGNORE The header line is silently discarded.
# WARN The header is logged (not rejected) with a warning.
# WARN text.... As above, and the text is logged, too.
+
+# Skip over base 64 encoded blocks. This saves lots of CPU cycles.
+# Expressions by Liviu Daia. Amended by Victor Duchovni.
+~^[[:alnum:]+/]{60,}[:space:]*$~ OK
+
+# Your own body patterns go here.
#
# pattern result
# When pattern matches the domain, use the corre-
-# sponding result.
+# sponding result. A pattern of `*' matches all
+# entries.
#
# blank lines and comments
# Empty lines and whitespace-only lines are ignored,
# parent_domain_matches_subdomains configuration set-
# ting. Otherwise, a domain name matches itself and
# its subdomains.
+#
+# An empty result (`:' - default transport, default nexthop)
+# behaves as though the transport map did not exist. When
+# combined with a wildcard (`*') entry, this can be used to
+# route internal mail directly, while using a relay for all
+# outbound traffic. (Note that you should _NOT_ set
+# relayhost in this case.)
+#
+# * smtp:outbound-relay.my.domain
+# .my.domain :
#
# Note: transport map entries take precedence over domains
# specified in the mydestination parameter. If you use the
tion schemes.
<i>restriction...</i>
- Apply the named UCE restriction(s) (<b>permit</b>, reject,
+ Apply the named UCE restriction(s) (<b>permit</b>, <b>reject</b>,
<b>reject</b><i>_</i><b>unauth</b><i>_</i><b>destination</b>, and so on).
<b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
<html> <head> </head> <body> <pre>
-
FLUSH(8) FLUSH(8)
<b>NAME</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ FLUSH(8)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
PCRE_TABLE(5) PCRE_TABLE(5)
<b>NAME</b>
/^Subject: make money fast/ REJECT
/^To: friend@public\.com/ REJECT
+<b>EXAMPLE</b> <b>BODY</b> <b>FILTER</b> <b>MAP</b>
+ # First skip over base 64 encoded text to save CPU cycles.
+ # Requires PCRE version 3.
+ ~^[[:alnum:]+/]{60,}$~ OK
+
+ # Put your own body patterns here.
+
<b>SEE</b> <b>ALSO</b>
<a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ PCRE_TABLE(5)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
PICKUP(8) PICKUP(8)
<b>NAME</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ PICKUP(8)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
PIPE(8) PIPE(8)
<b>NAME</b>
file at the end of a service definition. The syntax is as
follows:
- <b>flags=BFRhqu.</b>> (optional)
+ <b>flags=BDFRhqu.</b>> (optional)
Optional message processing flags. By default, a
message is copied unchanged.
agents that recognize "<b>From</b> " lines only
when preceded by a blank line.
- <b>F</b> Prepend a "<b>From</b> <i>sender</i> <i>time_stamp</i>" envelope
- header to the message content. This is
+ <b>D</b> Prepend a "<b>Delivered-To:</b> <i>recipient</i>" message
+ header with the envelope recipient address.
+ Note: for this to work, the <i>transport_</i><b>desti-</b>
+ <b>nation</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> must be 1.
+
+ <b>F</b> Prepend a "<b>From</b> <i>sender</i> <i>time_stamp</i>" envelope
+ header to the message content. This is
expected by, for example, <b>UUCP</b> software.
- <b>R</b> Prepend a <b>Return-Path:</b> message header with
+ <b>R</b> Prepend a <b>Return-Path:</b> message header with
the envelope sender address.
<b>h</b> Fold the command-line <b>$recipient</b> domain name
- and <b>$nexthop</b> host name to lower case. This
+ and <b>$nexthop</b> host name to lower case. This
is recommended for delivery via <b>UUCP</b>.
- <b>q</b> Quote white space and other special charac-
+ <b>q</b> Quote white space and other special charac-
ters in the command-line <b>$sender</b> and <b>$recip-</b>
<b>ient</b> address localparts (text to the left of
the right-most <b>@</b> character), according to an
- 8-bit transparent version of <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>. This
- is recommended for delivery via <b>UUCP</b> or
+ 8-bit transparent version of <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>. This
+ is recommended for delivery via <b>UUCP</b> or
<b>BSMTP</b>.
- The result is compatible with the address
- parsing of command-line recipients by the
+ The result is compatible with the address
+ parsing of command-line recipients by the
Postfix <b>sendmail</b> mail submission command.
- The <b>q</b> flag affects only entire addresses,
+ The <b>q</b> flag affects only entire addresses,
not the partial address information from the
- <b>$user</b>, <b>$extension</b> or <b>$mailbox</b> command-line
+ <b>$user</b>, <b>$extension</b> or <b>$mailbox</b> command-line
macros.
<b>u</b> Fold the command-line <b>$recipient</b> address
- localpart (text to the left of the right-
- most <b>@</b> character) to lower case. This is
+ localpart (text to the left of the right-
+ most <b>@</b> character) to lower case. This is
recommended for delivery via <b>UUCP</b>.
- <b>.</b> Prepend <b>.</b> to lines starting with "<b>.</b>". This
+ <b>.</b> Prepend <b>.</b> to lines starting with "<b>.</b>". This
is needed by, for example, <b>BSMTP</b> software.
- > Prepend > to lines starting with "<b>From</b> ".
+ > Prepend > to lines starting with "<b>From</b> ".
This is expected by, for example, <b>UUCP</b> soft-
ware.
<b>user</b>=<i>username</i>:<i>groupname</i>
The external command is executed with the rights of
- the specified <i>username</i>. The software refuses to
- execute commands with root privileges, or with the
- privileges of the mail system owner. If <i>groupname</i>
- is specified, the corresponding group ID is used
+ the specified <i>username</i>. The software refuses to
+ execute commands with root privileges, or with the
+ privileges of the mail system owner. If <i>groupname</i>
+ is specified, the corresponding group ID is used
instead of the group ID of <i>username</i>.
<b>eol=string</b> (default: <b>\n</b>)
- The output record delimiter. Typically one would
- use either <b>\r\n</b> or <b>\n</b>. The usual C-style backslash
- escape sequences are recognized: <b>\a</b> <b>\b</b> <b>\f</b> <b>\n</b> <b>\r</b> <b>\t</b>
+ The output record delimiter. Typically one would
+ use either <b>\r\n</b> or <b>\n</b>. The usual C-style backslash
+ escape sequences are recognized: <b>\a</b> <b>\b</b> <b>\f</b> <b>\n</b> <b>\r</b> <b>\t</b>
<b>\v</b> <b>\</b><i>octal</i> and <b>\\</b>.
<b>size</b>=<i>size_limit</i> (optional)
will be bounced back to the sender.
<b>argv</b>=<i>command</i>... (required)
- The command to be executed. This must be specified
+ The command to be executed. This must be specified
as the last command attribute. The command is exe-
cuted directly, i.e. without interpretation of
- shell meta characters by a shell command inter-
+ shell meta characters by a shell command inter-
preter.
In the command argument vector, the following
macros are recognized and replaced with correspond-
- ing information from the Postfix queue manager
+ ing information from the Postfix queue manager
delivery request:
<b>${extension</b>}
- This macro expands to the extension part of
- a recipient address. For example, with an
+ This macro expands to the extension part of
+ a recipient address. For example, with an
address <i>user+foo@domain</i> the extension is
<i>foo</i>.
- A command-line argument that contains
- <b>${extension</b>} expands into as many command-
+ A command-line argument that contains
+ <b>${extension</b>} expands into as many command-
line arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
<b>${mailbox</b>}
- This macro expands to the complete local
- part of a recipient address. For example,
- with an address <i>user+foo@domain</i> the mailbox
+ This macro expands to the complete local
+ part of a recipient address. For example,
+ with an address <i>user+foo@domain</i> the mailbox
is <i>user+foo</i>.
- A command-line argument that contains
+ A command-line argument that contains
<b>${mailbox</b>} expands into as many command-line
arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
<b>${nexthop</b>}
This macro expands to the next-hop hostname.
- This information is modified by the <b>h</b> flag
+ This information is modified by the <b>h</b> flag
for case folding.
<b>${recipient</b>}
This macro expands to the complete recipient
address.
- A command-line argument that contains
- <b>${recipient</b>} expands into as many command-
+ A command-line argument that contains
+ <b>${recipient</b>} expands into as many command-
line arguments as there are recipients.
- This information is modified by the <b>hqu</b>
+ This information is modified by the <b>hqu</b>
flags for quoting and case folding.
<b>${sender</b>}
- This macro expands to the envelope sender
+ This macro expands to the envelope sender
address.
- This information is modified by the <b>q</b> flag
+ This information is modified by the <b>q</b> flag
for quoting.
<b>${size</b>}
- This macro expands to Postfix's idea of the
- message size, which is an approximation of
+ This macro expands to Postfix's idea of the
+ message size, which is an approximation of
the size of the message as delivered.
<b>${user</b>}
This macro expands to the username part of a
- recipient address. For example, with an
+ recipient address. For example, with an
address <i>user+foo@domain</i> the username part is
<i>user</i>.
- A command-line argument that contains
- <b>${user</b>} expands into as many command-line
+ A command-line argument that contains
+ <b>${user</b>} expands into as many command-line
arguments as there are recipients.
- This information is modified by the <b>u</b> flag
+ This information is modified by the <b>u</b> flag
for case folding.
- In addition to the form ${<i>name</i>}, the forms $<i>name</i> and
- $(<i>name</i>) are also recognized. Specify <b>$$</b> where a single <b>$</b>
+ In addition to the form ${<i>name</i>}, the forms $<i>name</i> and
+ $(<i>name</i>) are also recognized. Specify <b>$$</b> where a single <b>$</b>
is wanted.
<b>DIAGNOSTICS</b>
- Command exit status codes are expected to follow the con-
+ Command exit status codes are expected to follow the con-
ventions defined in <<b>sysexits.h</b>>.
- Problems and transactions are logged to <b>syslogd</b>(8). Cor-
- rupted message files are marked so that the queue manager
+ Problems and transactions are logged to <b>syslogd</b>(8). Cor-
+ rupted message files are marked so that the queue manager
can move them to the <b>corrupt</b> queue for further inspection.
<b>SECURITY</b>
- This program needs a dual personality 1) to access the
- private Postfix queue and IPC mechanisms, and 2) to exe-
+ This program needs a dual personality 1) to access the
+ private Postfix queue and IPC mechanisms, and 2) to exe-
cute external commands as the specified user. It is there-
fore security sensitive.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this program. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Miscellaneous</b>
exported to non-Postfix processes.
<b>mail</b><i>_</i><b>owner</b>
- The process privileges used while not running an
+ The process privileges used while not running an
external command.
<b>Resource</b> <b>controls</b>
- In the text below, <i>transport</i> is the first field in a <b>mas-</b>
+ In the text below, <i>transport</i> is the first field in a <b>mas-</b>
<b>ter.cf</b> entry.
<i>transport_</i><b>destination</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b>
Limit the number of parallel deliveries to the same
- destination, for delivery via the named <i>transport</i>.
- The default limit is taken from the <b>default</b><i>_</i><b>desti-</b>
- <b>nation</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter. The limit is
+ destination, for delivery via the named <i>transport</i>.
+ The default limit is taken from the <b>default</b><i>_</i><b>desti-</b>
+ <b>nation</b><i>_</i><b>concurrency</b><i>_</i><b>limit</b> parameter. The limit is
enforced by the Postfix queue manager.
<i>transport_</i><b>destination</b><i>_</i><b>recipient</b><i>_</i><b>limit</b>
- Limit the number of recipients per message deliv-
- ery, for delivery via the named <i>transport</i>. The
- default limit is taken from the <b>default</b><i>_</i><b>destina-</b>
- <b>tion</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter. The limit is
+ Limit the number of recipients per message deliv-
+ ery, for delivery via the named <i>transport</i>. The
+ default limit is taken from the <b>default</b><i>_</i><b>destina-</b>
+ <b>tion</b><i>_</i><b>recipient</b><i>_</i><b>limit</b> parameter. The limit is
enforced by the Postfix queue manager.
<i>transport_</i><b>time</b><i>_</i><b>limit</b>
- Limit the time for delivery to external command,
- for delivery via the named <b>transport</b>. The default
- limit is taken from the <b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b> parame-
- ter. The limit is enforced by the Postfix queue
+ Limit the time for delivery to external command,
+ for delivery via the named <b>transport</b>. The default
+ limit is taken from the <b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b> parame-
+ ter. The limit is enforced by the Postfix queue
manager.
<b>SEE</b> <b>ALSO</b>
syslogd(8) system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ PIPE(8)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
POSTALIAS(1) POSTALIAS(1)
<b>NAME</b>
postalias - Postfix alias database maintenance
<b>SYNOPSIS</b>
- <b>postalias</b> [<b>-Nfinrvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
+ <b>postalias</b> [<b>-Nfinorvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file_type</i>:]<i>file_name</i> ...
<b>DESCRIPTION</b>
Sendmail version 8, and are expected to be suitable for
the use as NIS alias maps.
+ If the result files do not exist they will be created with
+ the same group and other read permissions as the source
+ file.
+
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on
the entire database, in order to avoid surprises in spec-
Postfix does whatever is the default for the host
operating system.
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
- first value found on the standard output stream.
+ <b>-o</b> Do not release root privileges when processing a
+ non-root input file. By default, <b>postalias</b> drops
+ root privileges and runs as the source file owner
+ instead.
+
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
+ first value found on the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
- key values from the standard input stream and
- prints one line of <i>key:</i> <i>value</i> output for each key
- that was found. The exit status is zero when at
+ key values from the standard input stream and
+ prints one line of <i>key:</i> <i>value</i> output for each key
+ that was found. The exit status is zero when at
least one of the requested keys was found.
- <b>-r</b> When updating a table, do not warn about duplicate
+ <b>-r</b> When updating a table, do not warn about duplicate
entries; silently replace them.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
- <b>-w</b> When updating a table, do not warn about duplicate
+ <b>-w</b> When updating a table, do not warn about duplicate
entries; silently ignore them.
Arguments:
<i>file_type</i>
The type of database to be produced.
- <b>btree</b> The output is a btree file, named
- <i>file_name</i><b>.db</b>. This is available only on
+ <b>btree</b> The output is a btree file, named
+ <i>file_name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
- <b>dbm</b> The output consists of two files, named
- <i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
- available only on systems with support for
+ <b>dbm</b> The output consists of two files, named
+ <i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
+ available only on systems with support for
<b>dbm</b> databases.
- <b>hash</b> The output is a hashed file, named
- <i>file_name</i><b>.db</b>. This is available only on
+ <b>hash</b> The output is a hashed file, named
+ <i>file_name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
- When no <i>file_type</i> is specified, the software uses
- the database type specified via the <b>database</b><i>_</i><b>type</b>
- configuration parameter. The default value for
+ When no <i>file_type</i> is specified, the software uses
+ the database type specified via the <b>database</b><i>_</i><b>type</b>
+ configuration parameter. The default value for
this parameter depends on the host environment.
<i>file_name</i>
- The name of the alias database source file when
+ The name of the alias database source file when
rebuilding a database.
<b>DIAGNOSTICS</b>
- Problems are logged to the standard error stream. No out-
+ Problems are logged to the standard error stream. No out-
put means no problems were detected. Duplicate entries are
skipped and are flagged with a warning.
<b>postalias</b> terminates with zero exit status in case of suc-
- cess (including successful <b>postmap</b> <b>-q</b> lookup) and termi-
+ cess (including successful <b>postalias</b> <b>-q</b> lookup) and termi-
nates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
Enable verbose logging for debugging purposes.
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this program. See the Postfix <b>main.cf</b> file for syntax
+ The following <b>main.cf</b> parameters are especially relevant
+ to this program. See the Postfix <b>main.cf</b> file for syntax
details and for default values.
<b>database</b><i>_</i><b>type</b>
- Default alias database type. On many UNIX systems,
+ Default alias database type. On many UNIX systems,
the default type is either <b>dbm</b> or <b>hash</b>.
<b>STANDARDS</b>
<a href="sendmail.1.html">sendmail(1)</a> mail posting and compatibility interface.
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ POSTALIAS(1)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
POSTCONF(1) POSTCONF(1)
<b>NAME</b>
label that normally precedes the value.
<b>-l</b> List the names of all supported mailbox locking
- methods.
+ methods. Postfix supports the following methods:
+
+ <b>flock</b> A kernel-based advisory locking method for
+ local files only. This locking method is
+ available only on systems with a BSD compat-
+ ible library.
+
+ <b>fcntl</b> A kernel-based advisory locking method for
+ local and remote files.
+
+ <b>dotlock</b>
+ An application-level locking method. An
+ application locks a file named <i>filename</i> by
+ creating a file named <i>filename</i><b>.lock</b>. The
+ application is expected to remove its own
+ lock file, as well as stale lock files that
+ were left behind after abnormal termination.
<b>-m</b> List the names of all supported lookup table types.
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ POSTCONF(1)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
POSTDROP(1) POSTDROP(1)
<b>NAME</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ POSTDROP(1)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
POSTMAP(1) POSTMAP(1)
<b>NAME</b>
postmap - Postfix lookup table management
<b>SYNOPSIS</b>
- <b>postmap</b> [<b>-Nfinrvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
+ <b>postmap</b> [<b>-Nfinorvw</b>] [<b>-c</b> <i>config_dir</i>] [<b>-d</b> <i>key</i>] [<b>-q</b> <i>key</i>]
[<i>file_type</i>:]<i>file_name</i> ...
<b>DESCRIPTION</b>
Postfix does whatever is the default for the host
operating system.
- <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
- first value found on the standard output stream.
+ <b>-o</b> Do not release root privileges when processing a
+ non-root input file. By default, <b>postmap</b> drops root
+ privileges and runs as the source file owner
+ instead.
+
+ <b>-q</b> <i>key</i> Search the specified maps for <i>key</i> and print the
+ first value found on the standard output stream.
The exit status is zero when the requested informa-
tion was found.
If a key value of <b>-</b> is specified, the program reads
- key values from the standard input stream and
- prints one line of <i>key</i> <i>value</i> output for each key
- that was found. The exit status is zero when at
+ key values from the standard input stream and
+ prints one line of <i>key</i> <i>value</i> output for each key
+ that was found. The exit status is zero when at
least one of the requested keys was found.
- <b>-r</b> When updating a table, do not warn about duplicate
+ <b>-r</b> When updating a table, do not warn about duplicate
entries; silently replace them.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
- <b>-w</b> When updating a table, do not warn about duplicate
+ <b>-w</b> When updating a table, do not warn about duplicate
entries; silently ignore them.
Arguments:
<i>file_type</i>
The type of database to be produced.
- <b>btree</b> The output file is a btree file, named
- <i>file_name</i><b>.db</b>. This is available only on
+ <b>btree</b> The output file is a btree file, named
+ <i>file_name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
- <b>dbm</b> The output consists of two files, named
- <i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
- available only on systems with support for
+ <b>dbm</b> The output consists of two files, named
+ <i>file_name</i><b>.pag</b> and <i>file_name</i><b>.dir</b>. This is
+ available only on systems with support for
<b>dbm</b> databases.
- <b>hash</b> The output file is a hashed file, named
- <i>file_name</i><b>.db</b>. This is available only on
+ <b>hash</b> The output file is a hashed file, named
+ <i>file_name</i><b>.db</b>. This is available only on
systems with support for <b>db</b> databases.
- When no <i>file_type</i> is specified, the software uses
- the database type specified via the <b>database</b><i>_</i><b>type</b>
+ When no <i>file_type</i> is specified, the software uses
+ the database type specified via the <b>database</b><i>_</i><b>type</b>
configuration parameter.
<i>file_name</i>
- The name of the lookup table source file when
+ The name of the lookup table source file when
rebuilding a database.
<b>DIAGNOSTICS</b>
stream. No output means no problems. Duplicate entries are
skipped and are flagged with a warning.
- <b>postmap</b> terminates with zero exit status in case of suc-
- cess (including successful <b>postmap</b> <b>-q</b> lookup) and termi-
+ <b>postmap</b> terminates with zero exit status in case of suc-
+ cess (including successful <b>postmap</b> <b>-q</b> lookup) and termi-
nates with non-zero exit status in case of failure.
<b>ENVIRONMENT</b>
<b>CONFIGURATION</b> <b>PARAMETERS</b>
<b>database</b><i>_</i><b>type</b>
- Default output database type. On many UNIX sys-
- tems, the default database type is either <b>hash</b> or
+ Default output database type. On many UNIX sys-
+ tems, the default database type is either <b>hash</b> or
<b>dbm</b>.
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ POSTMAP(1)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
REGEXP_TABLE(5) REGEXP_TABLE(5)
<b>NAME</b>
/^Subject: make money fast/ REJECT
/^To: friend@public\.com/ REJECT
+<b>EXAMPLE</b> <b>BODY</b> <b>FILTER</b> <b>MAP</b>
+ # First skip over base 64 encoded text to save CPU cycles.
+ ~^[[:alnum:]+/]{60,}$~ OK
+
+ # Put your own body patterns here.
+
<b>SEE</b> <b>ALSO</b>
<a href="pcre_table.5.html">pcre_table(5)</a> format of PCRE tables
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ REGEXP_TABLE(5)
</pre> </body> </html>
<html> <head> </head> <body> <pre>
-
TRIVIAL-REWRITE(8) TRIVIAL-REWRITE(8)
<b>NAME</b>
P.O. Box 704
Yorktown Heights, NY 10598, USA
- 1
-
+ TRIVIAL-REWRITE(8)
</pre> </body> </html>
By default, this restriction is applied when the client sends the
RCPT TO command. In order to have the restriction take effect
-as soon as possible, specify <b>smtpd_delay_reject = yes</b> in
+as soon as possible, specify <b>smtpd_delay_reject = no</b> in
the Postfix <b>main.cf</b> configuration file. Doing so may cause
unexpected results with poorly implemented client software.
By default, this restriction is applied when the client sends the
RCPT TO command. In order to have the restriction take effect
-as soon as possible, specify <b>smtpd_delay_reject = yes</b> in
+as soon as possible, specify <b>smtpd_delay_reject = no</b> in
the Postfix <b>main.cf</b> configuration file. Doing so may cause
unexpected results with poorly implemented client software.
echo "See the RELEASE_NOTES file for more information." 1>&2
exit 1
fi
- # See where GDBM's ndbm.h include file sits.
- if [ -f /usr/include/gdbm-ndbm.h ]
- then
- CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm-ndbm.h>'"
- GDBM_LIBS=gdbm
- elif [ -f /usr/include/gdbm/ndbm.h ]
- then
- CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'"
- GDBM_LIBS=gdbm
- fi
+ # GDBM locks the DBM .pag file after open. This breaks postmap.
+ # if [ -f /usr/include/gdbm-ndbm.h ]
+ # then
+ # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm-ndbm.h>'"
+ # GDBM_LIBS=gdbm
+ # elif [ -f /usr/include/gdbm/ndbm.h ]
+ # then
+ # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'"
+ # GDBM_LIBS=gdbm
+ # fi
SYSLIBS="-ldb"
for name in nsl resolv $GDBM_LIBS
do
DEBUG = $DEBUG
AWK = $AWK
STRCASE = $STRCASE
-EXPORT = AUXLIBS="$AUXLIBS" CCARGS="$CCARGS" OPT="$OPT" DEBUG="$DEBUG"
+EXPORT = AUXLIBS='$AUXLIBS' CCARGS='$CCARGS' OPT='$OPT' DEBUG='$DEBUG'
EOF
.na
.nf
.fi
-\fBpostalias\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR]
+\fBpostalias\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR]
[\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
[\fIfile_type\fR:]\fIfile_name\fR ...
.SH DESCRIPTION
file formats are expected to be compatible with Sendmail version 8,
and are expected to be suitable for the use as NIS alias maps.
+If the result files do not exist they will be created with the
+same group and other read permissions as the source file.
+
While a database update is in progress, signal delivery is
postponed, and an exclusive, advisory, lock is placed on the
entire database, in order to avoid surprises in spectator
Don't include the terminating null character that terminates lookup
keys and values. By default, Postfix does whatever is the default for
the host operating system.
+.IP \fB-o\fR
+Do not release root privileges when processing a non-root
+input file. By default, \fBpostalias\fR drops root privileges
+and runs as the source file owner instead.
.IP "\fB-q \fIkey\fR"
Search the specified maps for \fIkey\fR and print the first value
found on the standard output stream. The exit status is zero
flagged with a warning.
\fBpostalias\fR terminates with zero exit status in case of success
-(including successful \fBpostmap -q\fR lookup) and terminates
+(including successful \fBpostalias -q\fR lookup) and terminates
with non-zero exit status in case of failure.
.SH ENVIRONMENT
.na
that normally precedes the value.
.IP \fB-l\fR
List the names of all supported mailbox locking methods.
+Postfix supports the following methods:
+.RS
+.IP \fBflock\fR
+A kernel-based advisory locking method for local files only.
+This locking method is available only on systems with a BSD
+compatible library.
+.IP \fBfcntl\fR
+A kernel-based advisory locking method for local and remote files.
+.IP \fBdotlock\fR
+An application-level locking method. An application locks a file
+named \fIfilename\fR by creating a file named \fIfilename\fB.lock\fR.
+The application is expected to remove its own lock file, as well as
+stale lock files that were left behind after abnormal termination.
+.RE
.IP \fB-m\fR
List the names of all supported lookup table types.
.IP \fB-n\fR
.na
.nf
.fi
-\fBpostmap\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR]
+\fBpostmap\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR]
[\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
[\fIfile_type\fR:]\fIfile_name\fR ...
.SH DESCRIPTION
Don't include the terminating null character that terminates lookup
keys and values. By default, Postfix does whatever is the default for
the host operating system.
+.IP \fB-o\fR
+Do not release root privileges when processing a non-root
+input file. By default, \fBpostmap\fR drops root privileges
+and runs as the source file owner instead.
.IP "\fB-q \fIkey\fR"
Search the specified maps for \fIkey\fR and print the first value
found on the standard output stream. The exit status is zero
An all-numerical result is treated as OK. This format is
generated by address-based relay authorization schemes.
.IP \fIrestriction...\fR
-Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR,
+Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
\fBreject_unauth_destination\fR, and so on).
.SH REGULAR EXPRESSION TABLES
.na
.nf
/^Subject: make money fast/ REJECT
/^To: friend@public\\.com/ REJECT
+.SH EXAMPLE BODY FILTER MAP
+.na
+.nf
+# First skip over base 64 encoded text to save CPU cycles.
+# Requires PCRE version 3.
+~^[[:alnum:]+/]{60,}$~ OK
+
+# Put your own body patterns here.
.SH SEE ALSO
.na
.nf
# These were once common in junk mail.
/^Subject: make money fast/ REJECT
/^To: friend@public\\.com/ REJECT
+.SH EXAMPLE BODY FILTER MAP
+.na
+.nf
+# First skip over base 64 encoded text to save CPU cycles.
+~^[[:alnum:]+/]{60,}$~ OK
+
+# Put your own body patterns here.
.SH SEE ALSO
.na
.nf
.fi
The external command attributes are given in the \fBmaster.cf\fR
file at the end of a service definition. The syntax is as follows:
-.IP "\fBflags=BFRhqu.>\fR (optional)"
+.IP "\fBflags=BDFRhqu.>\fR (optional)"
Optional message processing flags. By default, a message is
copied unchanged.
.RS
Append a blank line at the end of each message. This is required
by some mail user agents that recognize "\fBFrom \fR" lines only
when preceded by a blank line.
+.IP \fBD\fR
+Prepend a "\fBDelivered-To: \fIrecipient\fR" message header with the
+envelope recipient address. Note: for this to work, the
+\fItransport\fB_destination_recipient_limit\fR must be 1.
.IP \fBF\fR
Prepend a "\fBFrom \fIsender time_stamp\fR" envelope header to
the message content.
# An all-numerical result is treated as OK. This format is
# generated by address-based relay authorization schemes.
# .IP \fIrestriction...\fR
-# Apply the named UCE restriction(s) (\fBpermit\fR, \fRreject\fR,
+# Apply the named UCE restriction(s) (\fBpermit\fR, \fBreject\fR,
# \fBreject_unauth_destination\fR, and so on).
# REGULAR EXPRESSION TABLES
# .ad
# EXAMPLE HEADER FILTER MAP
# /^Subject: make money fast/ REJECT
# /^To: friend@public\\.com/ REJECT
+# EXAMPLE BODY FILTER MAP
+# # First skip over base 64 encoded text to save CPU cycles.
+# # Requires PCRE version 3.
+# ~^[[:alnum:]+/]{60,}$~ OK
+#
+# # Put your own body patterns here.
# SEE ALSO
# regexp_table(5) format of POSIX regular expression tables
# AUTHOR(S)
# # These were once common in junk mail.
# /^Subject: make money fast/ REJECT
# /^To: friend@public\\.com/ REJECT
+# EXAMPLE BODY FILTER MAP
+# # First skip over base 64 encoded text to save CPU cycles.
+# ~^[[:alnum:]+/]{60,}$~ OK
+#
+# # Put your own body patterns here.
# SEE ALSO
# pcre_table(5) format of PCRE tables
# AUTHOR(S)
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
+#define MAIL_RELEASE_DATE "20020501"
+
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "1.1.7-$mail_release_date"
+#define DEF_MAIL_VERSION "1.1.7-" MAIL_RELEASE_DATE
extern char *var_mail_version;
/*
* Release date.
*/
#define VAR_MAIL_RELEASE "mail_release_date"
-#define DEF_MAIL_RELEASE "20020331"
+#define DEF_MAIL_RELEASE MAIL_RELEASE_DATE
extern char *var_mail_release;
/* LICENSE
#include <sys_defs.h>
+/* Global library. */
+
+#include "mail_conf.h"
+
/* Utility library. */
#include <msg.h>
/* mkmap_db_open - create or open database */
+/*
+ * db_mpool_size" is defined in util/dict_db.c and defaults to 256K,
+ * which works well for the lookup code.
+ *
+ * We use a larger memory pool when building ".db" files.
+ * For "hash" files performance degrades rapidly unless the memory pool
+ * is O(file size).
+ *
+ * For "btree" files peformance is good with sorted input even for small
+ * memory pools, but with random input degrades rapidly unless the memory
+ * pool is O(file size).
+ */
+extern int db_mpool_size;
+
+#define VAR_MPOOL_SIZE "db_mkmap_mpool_size"
+#define DEF_MPOOL_SIZE 16777216 /* 16MB */
+
static MKMAP *mkmap_db_open(const char *path,
DICT *(*db_open) (const char *, int, int))
{
MKMAP *mkmap = (MKMAP *) mymalloc(sizeof(*mkmap));
+ /* Override default mpool size for map rebuilds */
+ db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0);
+
/*
* Fill in the generic members.
*/
/*++
/* NAME
-/* mkmap 3
+/* mkmap_dbm 3
/* SUMMARY
/* create or open database, DBM style
/* SYNOPSIS
/* .fi
/* The external command attributes are given in the \fBmaster.cf\fR
/* file at the end of a service definition. The syntax is as follows:
-/* .IP "\fBflags=BFRhqu.>\fR (optional)"
+/* .IP "\fBflags=BDFRhqu.>\fR (optional)"
/* Optional message processing flags. By default, a message is
/* copied unchanged.
/* .RS
/* Append a blank line at the end of each message. This is required
/* by some mail user agents that recognize "\fBFrom \fR" lines only
/* when preceded by a blank line.
+/* .IP \fBD\fR
+/* Prepend a "\fBDelivered-To: \fIrecipient\fR" message header with the
+/* envelope recipient address. Note: for this to work, the
+/* \fItransport\fB_destination_recipient_limit\fR must be 1.
/* .IP \fBF\fR
/* Prepend a "\fBFrom \fIsender time_stamp\fR" envelope header to
/* the message content.
case 'R':
attr->flags |= MAIL_COPY_RETURN_PATH;
break;
+ case 'D':
+ attr->flags |= MAIL_COPY_DELIVERED;
+ break;
case 'h':
attr->flags |= PIPE_OPT_FOLD_HOST;
break;
get_service_attr(&attr, argv);
}
+ /*
+ * The D flag cannot be specified for multi-recipient deliveries.
+ */
+ if ((attr.flags & MAIL_COPY_DELIVERED) && (rcpt_list->len > 1)) {
+ deliver_status = eval_command_status(PIPE_STAT_DEFER, service,
+ request, request->fp,
+ "mailer configuration error");
+ msg_warn("pipe flag `D' requires %s_destination_recipient_limit = 1",
+ service);
+ DELIVER_MSG_CLEANUP();
+ return (deliver_status);
+ }
+
/*
* Check that this agent accepts messages this large.
*/
PIPE_CMD_TIME_LIMIT, conf.time_limit,
PIPE_CMD_EOL, STR(attr.eol),
PIPE_CMD_EXPORT, export_env->argv,
+ PIPE_CMD_DELIVERED, rcpt_list->info[0].address,
PIPE_CMD_END);
argv_free(export_env);
/* Postfix alias database maintenance
/* SYNOPSIS
/* .fi
-/* \fBpostalias\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR]
+/* \fBpostalias\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR]
/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
/* [\fIfile_type\fR:]\fIfile_name\fR ...
/* DESCRIPTION
/* file formats are expected to be compatible with Sendmail version 8,
/* and are expected to be suitable for the use as NIS alias maps.
/*
+/* If the result files do not exist they will be created with the
+/* same group and other read permissions as the source file.
+/*
/* While a database update is in progress, signal delivery is
/* postponed, and an exclusive, advisory, lock is placed on the
/* entire database, in order to avoid surprises in spectator
/* Don't include the terminating null character that terminates lookup
/* keys and values. By default, Postfix does whatever is the default for
/* the host operating system.
+/* .IP \fB-o\fR
+/* Do not release root privileges when processing a non-root
+/* input file. By default, \fBpostalias\fR drops root privileges
+/* and runs as the source file owner instead.
/* .IP "\fB-q \fIkey\fR"
/* Search the specified maps for \fIkey\fR and print the first value
/* found on the standard output stream. The exit status is zero
/* flagged with a warning.
/*
/* \fBpostalias\fR terminates with zero exit status in case of success
-/* (including successful \fBpostmap -q\fR lookup) and terminates
+/* (including successful \fBpostalias -q\fR lookup) and terminates
/* with non-zero exit status in case of failure.
/* ENVIRONMENT
/* .ad
#include <split_at.h>
#include <get_hostname.h>
#include <vstring_vstream.h>
+#include <set_eugid.h>
/* Global library. */
#define STR vstring_str
+#define POSTALIAS_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */
+
/* postalias - create or update alias database */
-static void postalias(char *map_type, char *path_name,
+static void postalias(char *map_type, char *path_name, int postalias_flags,
int open_flags, int dict_flags)
{
VSTREAM *source_fp;
TOK822 *key_list;
TOK822 *colon;
TOK822 *value_list;
+ struct stat st;
+ mode_t saved_mask;
/*
* Initialize.
} else if ((source_fp = vstream_fopen(path_name, O_RDONLY, 0)) == 0) {
msg_fatal("open %s: %m", path_name);
}
+ if (fstat(vstream_fileno(source_fp), &st) < 0)
+ msg_fatal("fstat %s: %m", path_name);
+
+ /*
+ * Turn off group/other read permissions as indicated in the source file.
+ */
+ if (S_ISREG(st.st_mode))
+ saved_mask = umask(022 | (~st.st_mode & 077));
+
+ /*
+ * If running as root, run as the owner of the source file, so that the
+ * result shows proper ownership, and so that a bug in postalias does not
+ * allow privilege escalation.
+ */
+ if ((postalias_flags & POSTALIAS_FLAG_AS_OWNER) && getuid() == 0
+ && (st.st_uid != geteuid() || st.st_gid != getegid()))
+ set_eugid(st.st_uid, st.st_gid);
+
/*
* Open the database, create it when it does not exist, truncate it when
*/
mkmap = mkmap_open(map_type, path_name, open_flags, dict_flags);
+ /*
+ * And restore the umask, in case it matters.
+ */
+ if (S_ISREG(st.st_mode))
+ umask(saved_mask);
+
/*
* Add records to the database.
*/
static NORETURN usage(char *myname)
{
- msg_fatal("usage: %s [-Nfinrvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
+ msg_fatal("usage: %s [-Nfinorvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
myname);
}
int fd;
char *slash;
struct stat st;
+ int postalias_flags = POSTALIAS_FLAG_AS_OWNER;
int open_flags = O_RDWR | O_CREAT | O_TRUNC;
int dict_flags = DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_KEY;
char *query = 0;
/*
* Parse JCL.
*/
- while ((ch = GETOPT(argc, argv, "Nc:d:finq:rvw")) > 0) {
+ while ((ch = GETOPT(argc, argv, "Nc:d:finoq:rvw")) > 0) {
switch (ch) {
default:
usage(argv[0]);
dict_flags |= DICT_FLAG_TRY0NULL;
dict_flags &= ~DICT_FLAG_TRY1NULL;
break;
+ case 'o':
+ postalias_flags &= ~POSTALIAS_FLAG_AS_OWNER;
+ break;
case 'q':
if (query || delkey)
msg_fatal("specify only one of -q or -d");
usage(argv[0]);
while (optind < argc) {
if ((path_name = split_at(argv[optind], ':')) != 0) {
- postalias(argv[optind], path_name, open_flags, dict_flags);
+ postalias(argv[optind], path_name, postalias_flags,
+ open_flags, dict_flags);
} else {
- postalias(var_db_type, argv[optind], open_flags, dict_flags);
+ postalias(var_db_type, argv[optind], postalias_flags,
+ open_flags, dict_flags);
}
optind++;
}
/* that normally precedes the value.
/* .IP \fB-l\fR
/* List the names of all supported mailbox locking methods.
+/* Postfix supports the following methods:
+/* .RS
+/* .IP \fBflock\fR
+/* A kernel-based advisory locking method for local files only.
+/* This locking method is available only on systems with a BSD
+/* compatible library.
+/* .IP \fBfcntl\fR
+/* A kernel-based advisory locking method for local and remote files.
+/* .IP \fBdotlock\fR
+/* An application-level locking method. An application locks a file
+/* named \fIfilename\fR by creating a file named \fIfilename\fB.lock\fR.
+/* The application is expected to remove its own lock file, as well as
+/* stale lock files that were left behind after abnormal termination.
+/* .RE
/* .IP \fB-m\fR
/* List the names of all supported lookup table types.
/* .IP \fB-n\fR
if (strchr(cp, '\n') != 0)
msg_fatal("edit accepts no multi-line input");
while (ISSPACE(*cp))
- cp++;
+ cp++;
if (*cp == '#')
msg_fatal("edit accepts no comment input");
if ((err = split_nameval(cp, &edit_key, &edit_val)) != 0)
interesting = 0;
while (vstring_get(buf, src) != VSTREAM_EOF) {
for (cp = STR(buf); ISSPACE(*cp) /* including newline */ ; cp++)
- /* void */ ;
+ /* void */ ;
/* Copy comment, all-whitespace, or empty line. */
if (*cp == '#' || *cp == 0) {
vstream_fputs(STR(buf), dst);
/*
* Parse JCL.
*/
- while ((ch = GETOPT(argc, argv, "c:dehmlnv")) > 0) {
+ while ((ch = GETOPT(argc, argv, "c:deEhmlnv")) > 0) {
switch (ch) {
case 'c':
if (setenv(CONF_ENV_PATH, optarg, 1) < 0)
case 'e':
mode |= EDIT_MAIN;
break;
+
+ /*
+ * People, this does not work unless you properly handle default
+ * settings. For example, fast_flush_domains = $relay_domains
+ * must not evaluate to the empty string when relay_domains is
+ * left at its default setting of $mydestination.
+ */
+#if 0
+ case 'E':
+ mode |= SHOW_EVAL;
+ break;
+#endif
case 'h':
mode &= ~SHOW_NAME;
break;
/* Postfix lookup table management
/* SYNOPSIS
/* .fi
-/* \fBpostmap\fR [\fB-Nfinrvw\fR] [\fB-c \fIconfig_dir\fR]
+/* \fBpostmap\fR [\fB-Nfinorvw\fR] [\fB-c \fIconfig_dir\fR]
/* [\fB-d \fIkey\fR] [\fB-q \fIkey\fR]
/* [\fIfile_type\fR:]\fIfile_name\fR ...
/* DESCRIPTION
/* Don't include the terminating null character that terminates lookup
/* keys and values. By default, Postfix does whatever is the default for
/* the host operating system.
+/* .IP \fB-o\fR
+/* Do not release root privileges when processing a non-root
+/* input file. By default, \fBpostmap\fR drops root privileges
+/* and runs as the source file owner instead.
/* .IP "\fB-q \fIkey\fR"
/* Search the specified maps for \fIkey\fR and print the first value
/* found on the standard output stream. The exit status is zero
#include <stringops.h>
#include <split_at.h>
#include <vstring_vstream.h>
+#include <set_eugid.h>
/* Global library. */
#define STR vstring_str
+#define POSTMAP_FLAG_AS_OWNER (1<<0) /* open dest as owner of source */
+
/* postmap - create or update mapping database */
-static void postmap(char *map_type, char *path_name,
+static void postmap(char *map_type, char *path_name, int postmap_flags,
int open_flags, int dict_flags)
{
VSTREAM *source_fp;
if (S_ISREG(st.st_mode))
saved_mask = umask(022 | (~st.st_mode & 077));
+ /*
+ * If running as root, run as the owner of the source file, so that the
+ * result shows proper ownership, and so that a bug in postmap does not
+ * allow privilege escalation.
+ */
+ if ((postmap_flags & POSTMAP_FLAG_AS_OWNER) && getuid() == 0
+ && (st.st_uid != geteuid() || st.st_gid != getegid()))
+ set_eugid(st.st_uid, st.st_gid);
+
/*
* Open the database, optionally create it when it does not exist,
* optionally truncate it when it does exist, and lock out any
static NORETURN usage(char *myname)
{
- msg_fatal("usage: %s [-Nfinrvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
+ msg_fatal("usage: %s [-Nfinorvw] [-c config_dir] [-d key] [-q key] [map_type:]file...",
myname);
}
int fd;
char *slash;
struct stat st;
+ int postmap_flags = POSTMAP_FLAG_AS_OWNER;
int open_flags = O_RDWR | O_CREAT | O_TRUNC;
int dict_flags = DICT_FLAG_DUP_WARN | DICT_FLAG_FOLD_KEY;
char *query = 0;
/*
* Parse JCL.
*/
- while ((ch = GETOPT(argc, argv, "Nc:d:finq:rvw")) > 0) {
+ while ((ch = GETOPT(argc, argv, "Nc:d:finoq:rvw")) > 0) {
switch (ch) {
default:
usage(argv[0]);
dict_flags |= DICT_FLAG_TRY0NULL;
dict_flags &= ~DICT_FLAG_TRY1NULL;
break;
+ case 'o':
+ postmap_flags &= ~POSTMAP_FLAG_AS_OWNER;
+ break;
case 'q':
if (query || delkey)
msg_fatal("specify only one of -q or -d");
usage(argv[0]);
while (optind < argc) {
if ((path_name = split_at(argv[optind], ':')) != 0) {
- postmap(argv[optind], path_name, open_flags, dict_flags);
+ postmap(argv[optind], path_name, postmap_flags,
+ open_flags, dict_flags);
} else {
- postmap(var_db_type, argv[optind], open_flags, dict_flags);
+ postmap(var_db_type, argv[optind], postmap_flags,
+ open_flags, dict_flags);
}
optind++;
}
msg_warn("close: %m");
}
+ /*
+ * Don't assume that the mail system is down when the user has
+ * insufficient permission to access the showq socket.
+ */
+ else if (errno != ECONNREFUSED && errno != ENOENT) {
+ msg_fatal_status(EX_SOFTWARE,
+ "Connect to the %s %s service: %m",
+ var_mail_name, var_showq_service);
+ }
+
/*
* When the mail system is down, the superuser can still access the queue
* directly. Just run the showq program in stand-alone mode.
static NORETURN usage(void)
{
- msg_fatal_status(EX_USAGE, "usage: specify one of -f, -p, or -s");
+ msg_fatal_status(EX_USAGE, "usage: postqueue -f | postqueue -p | postqueue -s site");
}
/* main - the main program */
char *site_to_flush = 0;
ARGV *import_env;
char *last;
+ int bad_site;
/*
* Be consistent with file permissions.
usage();
mode = PQ_MODE_MAILQ_LIST;
break;
- break;
case 's': /* flush site */
if (mode != PQ_MODE_DEFAULT)
usage();
usage();
}
}
+ if (argc > optind)
+ usage();
/*
* Further initialization...
* Further input validation.
*/
if (site_to_flush != 0) {
+ bad_site = 0;
if (*site_to_flush == '['
&& *(last = site_to_flush + strlen(site_to_flush) - 1) == ']') {
*last = 0;
- if (!valid_hostaddr(site_to_flush + 1, DONT_GRIPE))
- site_to_flush = 0;
+ bad_site = !valid_hostaddr(site_to_flush + 1, DONT_GRIPE);
*last = ']';
} else {
- if (!valid_hostname(site_to_flush, DONT_GRIPE)
- && !valid_hostaddr(site_to_flush, DONT_GRIPE))
- site_to_flush = 0;
+ bad_site = (!valid_hostname(site_to_flush, DONT_GRIPE)
+ && !valid_hostaddr(site_to_flush, DONT_GRIPE));
}
- if (site_to_flush == 0)
+ if (bad_site)
msg_fatal_status(EX_USAGE,
"Cannot flush mail queue - invalid destination: \"%.100s%s\"",
- optarg, strlen(optarg) > 100 ? "..." : "");
+ site_to_flush, strlen(site_to_flush) > 100 ? "..." : "");
}
/*
} \
} while (0)
+#define QUOTE_ADDRESS(addr) do { \
+ if (*(addr)) { \
+ quote_821_local(state->scratch, addr); \
+ myfree(addr); \
+ addr = mystrdup(vstring_str(state->scratch)); \
+ } \
+ } while (0)
+
#define RETURN(x) do { vstring_free(next_command); return (x); } while (0)
#define SENDER_IS_AHEAD \
* Build the MAIL FROM command.
*/
case SMTP_STATE_MAIL:
- if (*request->sender)
- if (var_disable_dns == 0)
- REWRITE_ADDRESS(request->sender);
+ if (var_disable_dns == 0) {
+ REWRITE_ADDRESS(request->sender);
+ } else {
+ QUOTE_ADDRESS(request->sender);
+ }
vstring_sprintf(next_command, "MAIL FROM:<%s>", request->sender);
if (state->features & SMTP_FEATURE_SIZE)
vstring_sprintf_append(next_command, " SIZE=%lu",
*/
case SMTP_STATE_RCPT:
rcpt = request->rcpt_list.info + send_rcpt;
- if (var_disable_dns == 0)
+ if (var_disable_dns == 0) {
REWRITE_ADDRESS(rcpt->address);
+ } else {
+ QUOTE_ADDRESS(rcpt->address);
+ }
vstring_sprintf(next_command, "RCPT TO:<%s>", rcpt->address);
if ((next_rcpt = send_rcpt + 1) == request->rcpt_list.len)
next_state = SMTP_STATE_DATA;
"ETRN", etrn_cmd, SMTPD_CMD_FLAG_LIMIT,
"QUIT", quit_cmd, 0,
"Received:", 0, SMTPD_CMD_FLAG_HEADER,
+ "Reply-To:", 0, SMTPD_CMD_FLAG_HEADER,
+ "Message-ID:", 0, SMTPD_CMD_FLAG_HEADER,
"Subject:", 0, SMTPD_CMD_FLAG_HEADER,
"From:", 0, SMTPD_CMD_FLAG_HEADER,
0,
static MAPS *transport_path;
static int transport_match_parent_style;
+static VSTRING *wildcard_channel;
+static VSTRING *wildcard_nexthop;
/* transport_init - pre-jail initialization */
transport_path = maps_create("transport", var_transport_maps,
DICT_FLAG_LOCK);
transport_match_parent_style = match_parent_style(VAR_TRANSPORT_MAPS);
+
+}
+
+void transport_wildcard_init(void)
+{
+ wildcard_channel = vstring_alloc(10);
+ wildcard_nexthop = vstring_alloc(10);
+ if (!transport_lookup("*", wildcard_channel, wildcard_nexthop)) {
+ vstring_free(wildcard_channel);
+ vstring_free(wildcard_nexthop);
+ }
+ if (msg_verbose) {
+ msg_info("wildcard_{chan,hop}={%s %s}",
+ vstring_str(wildcard_channel), vstring_str(wildcard_nexthop));
+ }
}
/* transport_lookup - map a transport domain */
char *saved_value;
char *transport;
int found = 0;
+ int null_found = 0;
#define FULL 0
#define PARTIAL DICT_FLAG_FIXED
/*
* Keep stripping domain components until nothing is left or until a
- * matching entry is found.
+ * matching entry is found. If a NULL entry (either no RHS, or ':'),
+ * then pretend we got no match, and return. If we really got no match,
+ * then return the wildcard transport, if any.
*
* After checking the full name, check for .upper.domain, to distinguish
* between the upper domain and it's decendants, ala sendmail and tcp
* Specify if a key is partial or full, to avoid matching partial keys with
* regular expressions.
*/
- for (name = low_domain; /* void */; name = next) {
+ for (name = low_domain; /* void */ ; name = next) {
if ((value = maps_find(transport_path, name, maps_flag)) != 0) {
saved_value = mystrdup(value);
- if ((host = split_at(saved_value, ':')) == 0 || *host == 0)
+ if ((host = split_at(saved_value, ':')) == 0 || *host == 0) {
+ if (*saved_value == 0) {
+ myfree(saved_value);
+ null_found = 1;
+ break;
+ }
host = domain;
+ }
if (*(transport = saved_value) == 0)
transport = var_def_transport;
vstring_strcpy(channel, transport);
maps_flag = PARTIAL;
}
myfree(low_domain);
+
+ if (wildcard_channel && !null_found) {
+ vstring_strcpy(channel, vstring_str(wildcard_channel));
+ if (vstring_str(wildcard_nexthop))
+ vstring_strcpy(nexthop, vstring_str(wildcard_nexthop));
+ else
+ vstring_strcpy(nexthop, domain);
+ found = 1;
+ }
return (found);
}
* External interface.
*/
extern void transport_init(void);
+extern void transport_wildcard_init(void);
extern int transport_lookup(const char *, VSTRING *, VSTRING *);
/* LICENSE
transport_init();
}
+static void post_jail_init(char *unused_name, char **unused_argv)
+{
+ transport_wildcard_init();
+}
+
/* main - pass control to the multi-threaded skeleton code */
int main(int argc, char **argv)
MAIL_SERVER_STR_TABLE, str_table,
MAIL_SERVER_BOOL_TABLE, bool_table,
MAIL_SERVER_PRE_INIT, pre_jail_init,
+ MAIL_SERVER_POST_INIT, post_jail_init,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
0);
}
int ch;
if ((ch = vstring_get_null(plain_buf, fp)) == VSTREAM_EOF) {
- msg_warn("premature end-of-input from %s while reading %s",
+ msg_warn("%s on %s while reading %s",
+ vstream_ftimeout(fp) ? "timeout" : "premature end-of-input",
VSTREAM_PATH(fp), context);
return (-1);
}
VSTRING_RESET(base64_buf);
while ((ch = VSTREAM_GETC(fp)) != ':' && ch != '\n') {
if (ch == VSTREAM_EOF) {
- msg_warn("premature end-of-input from %s while reading %s",
+ msg_warn("%s on %s while reading %s",
+ vstream_ftimeout(fp) ? "timeout" : "premature end-of-input",
VSTREAM_PATH(fp), context);
return (-1);
}
DB *db; /* open db file */
} DICT_DB;
-#define DICT_DB_CACHE_SIZE (1024 * 1024)
+ /*
+ * db_mpool_size is initialized when the first database is opened. The
+ * parameter can be preempted by setting db_mpool_size != 0 before calling
+ * dict_hash_open() or dict_btree_open(). This is done in mkmap_db_open()
+ * via "db_mkmap_mpool_size" to set a larger memory pool for database
+ * rebuilds.
+ */
+#define VAR_MPOOL_SIZE "db_mpool_size"
+#define DEF_MPOOL_SIZE 262144 /* 256K default memory pool */
#define DICT_DB_NELM 4096
+int db_mpool_size;
#if DB_VERSION_MAJOR > 1
#endif
+#if DB_VERSION_MAJOR > 1
+
+static DB_ENV *dict_db_env;
+static int dict_db_refcount;
+
+static int dict_db_env_alloc(DB_ENV ** env)
+{
+ int err;
+
+ /*
+ * Allocate a new environment if this is the first database. Bump the
+ * reference count so we can deallocate the environment when the last
+ * database is closed.
+ */
+ if (dict_db_env != 0) {
+ ++dict_db_refcount;
+ *env = dict_db_env;
+ return 0;
+ }
+#if DB_VERSION_MAJOR == 2
+#define DICT_DB_ENV_FLAGS (DB_CREATE|DB_INIT_MPOOL|DB_MPOOL_PRIVATE)
+
+ dict_db_env = (DB_ENV *) mymalloc(sizeof(DB_ENV));
+ memset((char *) dict_db_env, 0, sizeof(DB_ENV));
+ dict_db_env->mp_size = db_mpool_size;
+
+ if ((err = db_appinit(0, 0, dict_db_env, DICT_DB_ENV_FLAGS)) != 0) {
+ myfree((char *) dict_db_env);
+ dict_db_env = 0;
+ return err;
+ }
+#endif /* DB_VERSION_MAJOR == 2 */
+
+#if DB_VERSION_MAJOR > 2
+#define DICT_DB_ENV_FLAGS (DB_CREATE|DB_INIT_MPOOL|DB_PRIVATE)
+
+ err = db_env_create(&dict_db_env, 0);
+ if (err == 0)
+ err = dict_db_env->set_cachesize(dict_db_env, 0, db_mpool_size, 1);
+ if (err == 0)
+ err = dict_db_env->open(dict_db_env, 0, DICT_DB_ENV_FLAGS, 0644);
+
+ if (err != 0) {
+ if (dict_db_env)
+ dict_db_env->close(dict_db_env, 0);
+ dict_db_env = 0;
+ return err;
+ }
+#endif /* DB_VERSION_MAJOR > 2 */
+
+ ++dict_db_refcount;
+ *env = dict_db_env;
+ return 0;
+}
+
+static void dict_db_env_free(void)
+{
+
+ /*
+ * Deallocate a database within the environment Free the environment when
+ * the last database is closed
+ */
+
+#if DB_VERSION_MAJOR == 2
+ if (dict_db_env && dict_db_refcount > 0 && --dict_db_refcount == 0) {
+ db_appexit(dict_db_env);
+ dict_db_env = 0;
+ }
+#endif
+
+#if DB_VERSION_MAJOR > 2
+ if (dict_db_env && dict_db_refcount > 0 && --dict_db_refcount == 0) {
+ dict_db_env->close(dict_db_env, 0);
+ dict_db_env = 0;
+ }
+#endif
+}
+
+#endif /* DB_VERSION_MAJOR > 1 */
+
/* dict_db_lookup - find database entry */
static const char *dict_db_lookup(DICT *dict, const char *name)
msg_fatal("flush database %s: %m", dict_db->dict.name);
if (DICT_DB_CLOSE(dict_db->db) < 0)
msg_fatal("close database %s: %m", dict_db->dict.name);
+
+#if DB_VERSION_MAJOR > 1
+ dict_db_env_free();
+#endif
+
dict_free(dict);
}
#if DB_VERSION_MAJOR > 1
int db_flags;
+ DB_ENV *env;
#endif
db_flags |= DB_CREATE;
if (open_flags & O_TRUNC)
db_flags |= DB_TRUNCATE;
- if ((errno = db_open(db_path, type, db_flags, 0644, 0, tweak, &db)) != 0)
+ if ((errno = dict_db_env_alloc(&env)) != 0)
+ msg_fatal("create DB environment: %m");
+ if ((errno = db_open(db_path, type, db_flags, 0644, env, tweak, &db)) != 0)
msg_fatal("open database %s: %m", db_path);
if (db == 0)
msg_panic("db_open null result");
db_flags |= DB_CREATE;
if (open_flags & O_TRUNC)
db_flags |= DB_TRUNCATE;
- if ((errno = db_create(&db, 0, 0)) != 0)
+ if ((errno = dict_db_env_alloc(&env)) != 0)
+ msg_fatal("create DB environment: %m");
+ if ((errno = db_create(&db, env, 0)) != 0)
msg_fatal("create DB database: %m");
if (db == 0)
msg_panic("db_create null result");
- if ((errno = db->set_cachesize(db, 0, DICT_DB_CACHE_SIZE, 0)) != 0)
- msg_fatal("set DB cache size %d: %m", DICT_DB_CACHE_SIZE);
if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
if ((errno = db->open(db, db_path, 0, type, db_flags, 0644)) != 0)
#if DB_VERSION_MAJOR < 2
HASHINFO tweak;
- memset((char *) &tweak, 0, sizeof(tweak));
- tweak.nelem = DICT_DB_NELM;
- tweak.cachesize = DICT_DB_CACHE_SIZE;
#endif
#if DB_VERSION_MAJOR == 2
DB_INFO tweak;
- memset((char *) &tweak, 0, sizeof(tweak));
- tweak.h_nelem = DICT_DB_NELM;
- tweak.db_cachesize = DICT_DB_CACHE_SIZE;
#endif
#if DB_VERSION_MAJOR > 2
void *tweak;
- tweak = 0;
#endif
+
+ /* Set the mpool size if not already set in mkmap_db_open() */
+ if (db_mpool_size == 0)
+ db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0);
+
+ memset((char *) &tweak, 0, sizeof(tweak));
+
+#if DB_VERSION_MAJOR < 2
+ tweak.nelem = DICT_DB_NELM;
+ tweak.cachesize = db_mpool_size;
+#endif
+#if DB_VERSION_MAJOR == 2
+ tweak.h_nelem = DICT_DB_NELM;
+ tweak.db_cachesize = 0;
+#endif
+
return (dict_db_open(DICT_TYPE_HASH, path, open_flags, DB_HASH,
(void *) &tweak, dict_flags));
}
#if DB_VERSION_MAJOR < 2
BTREEINFO tweak;
- memset((char *) &tweak, 0, sizeof(tweak));
- tweak.cachesize = DICT_DB_CACHE_SIZE;
#endif
#if DB_VERSION_MAJOR == 2
DB_INFO tweak;
- memset((char *) &tweak, 0, sizeof(tweak));
- tweak.db_cachesize = DICT_DB_CACHE_SIZE;
#endif
#if DB_VERSION_MAJOR > 2
void *tweak;
- tweak = 0;
+#endif
+
+ /* Set the mpool size if not already set in mkmap_db_open() */
+ if (db_mpool_size == 0)
+ db_mpool_size = get_mail_conf_int(VAR_MPOOL_SIZE, DEF_MPOOL_SIZE, 0, 0);
+
+ memset((char *) &tweak, 0, sizeof(tweak));
+
+#if DB_VERSION_MAJOR < 2
+ tweak.cachesize = db_mpool_size;
#endif
return (dict_db_open(DICT_TYPE_BTREE, path, open_flags, DB_BTREE,
dict_dbm->dict.close = dict_dbm_close;
dict_dbm->dict.lock_fd = dbm_dirfno(dbm);
dict_dbm->dict.stat_fd = dbm_pagfno(dbm);
+ if (dict_dbm->dict.lock_fd == dict_dbm->dict.stat_fd)
+ msg_fatal("open database %s: cannot support GDBM", path);
if (fstat(dict_dbm->dict.stat_fd, &st) < 0)
msg_fatal("dict_dbm_open: fstat: %m");
dict_dbm->dict.mtime = st.st_mtime;
#define STATFS_IN_SYS_MOUNT_H
#define HAS_POSIX_REGEXP
#define HAS_ST_GEN /* struct stat contains inode generation number */
-#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
#if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4)
#define PRINTFLIKE(x,y)
#define SCANFLIKE(x,y)
#define HAS_NETINFO
-#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
#define DUP2_DUPS_CLOSE_ON_EXEC
#define MISSING_USLEEP
#define NO_HERRNO
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
-#define DEF_COMMAND_DIR "/usr/etc"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_COMMAND_DIR "/usr/etc"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
#define STATFS_IN_SYS_VFS_H
#define memmove(d,s,l) bcopy(s,d,l)
#define NO_HERRNO
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
-#define DEF_MAILQ_PATH "/usr/ucb/mailq"
-#define DEF_NEWALIAS_PATH "/usr/ucb/newaliases"
-#define DEF_COMMAND_DIR "/usr/etc"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/ucb/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/ucb/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/etc"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
#define LOCAL_CONNECT stream_connect
#define LOCAL_TRIGGER stream_trigger
#define HAS_VOLATILE_LOCKS
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+/*
+ * Allow build environment to override paths.
+ */
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
#define USE_STATVFS
#define STATVFS_IN_SYS_STATVFS_H
#define STRCASECMP_IN_STRINGS_H
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
-#define DEF_MAILQ_PATH "/usr/sbin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/sbin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/sbin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
#ifdef AIX4
extern int setegid(gid_t);
extern int initgroups(const char *, int);
#endif
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
-#define DEF_MAILQ_PATH "/usr/sbin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/sbin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/sbin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/sbin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
extern int seteuid(uid_t);
extern int setegid(gid_t);
extern int initgroups(const char *, int);
-#define DEF_SENDMAIL_PATH "/usr/lib/sendmail"
+#define NATIVE_SENDMAIL_PATH "/usr/lib/sendmail"
#endif
#define UNIX_DOMAIN_CONNECT_BLOCKS_FOR_ACCEPT
#define PREPEND_PLUS_TO_OPTSTRING
#define HAS_POSIX_REGEXP
-#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
#define USE_STATFS
#define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP
-#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
#ifdef HPUX10
#define USE_STATFS
#define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP
-#define DEF_SENDMAIL_PATH "/usr/sbin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_COMMAND_DIR "/usr/sbin"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/sbin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_COMMAND_DIR "/usr/sbin"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
#ifdef HPUX9
#define USE_STATFS
#define STATFS_IN_SYS_VFS_H
#define HAS_POSIX_REGEXP
-#define DEF_SENDMAIL_PATH "/usr/bin/sendmail"
-#define DEF_MAILQ_PATH "/usr/bin/mailq"
-#define DEF_NEWALIAS_PATH "/usr/bin/newaliases"
-#define DEF_DAEMON_DIR "/usr/libexec/postfix"
+#define NATIVE_SENDMAIL_PATH "/usr/bin/sendmail"
+#define NATIVE_MAILQ_PATH "/usr/bin/mailq"
+#define NATIVE_NEWALIAS_PATH "/usr/bin/newaliases"
+#define NATIVE_DAEMON_DIR "/usr/libexec/postfix"
#endif
/*
*/
#ifndef SUPPORTED
#error "unsupported platform"
+#endif
+
+ /*
+ * Allow command line flags to override native settings
+ */
+#ifndef DEF_COMMAND_DIR
+#ifdef NATIVE_COMMAND_DIR
+#define DEF_COMMAND_DIR NATIVE_COMMAND_DIR
+#endif
+#endif
+
+#ifndef DEF_DAEMON_DIR
+#ifdef NATIVE_DAEMON_DIR
+#define DEF_DAEMON_DIR NATIVE_DAEMON_DIR
+#endif
+#endif
+
+#ifndef DEF_SENDMAIL_PATH
+#ifdef NATIVE_SENDMAIL_PATH
+#define DEF_SENDMAIL_PATH NATIVE_SENDMAIL_PATH
+#endif
+#endif
+
+#ifndef DEF_MAILQ_PATH
+#ifdef NATIVE_MAILQ_PATH
+#define DEF_MAILQ_PATH NATIVE_MAILQ_PATH
+#endif
+#endif
+
+#ifndef DEF_NEWALIAS_PATH
+#ifdef NATIVE_NEWALIAS_PATH
+#define DEF_NEWALIAS_PATH NATIVE_NEWALIAS_PATH
+#endif
#endif
#define CAST_CHAR_PTR_TO_INT(cptr) ((int) (long) (cptr))
$(CC) -E $(DEFS) $(INCL) $$i | sed -n -e '/^# *1 *"\([^"]*\)".*/{' \
-e 's//'`echo $$i|sed 's/c$$/o/'`': \1/' -e 'p' -e '}'; \
done) | grep -v '[.][o][:][ ][/]' >$$$$ && mv $$$$ Makefile.in
- @make -f Makefile.in Makefile
+ @$(EXPORT) @make -f Makefile.in Makefile
# do not edit below this line - it is generated by 'make depend'
deliver_attr.o: deliver_attr.c
projects / thirdparty / postfix.git / commitdiff
