discard, redirect) but disabled the non-flow actions (warn,
replace, prepend, ignore, dunno, ok). File:
cleanup/cleanup_milter.c.
+
+20100827
+
+ Performance: fix for poor smtpd_proxy_filter TCP performance
+ over loopback (127.0.0.1) connections. Problem reported by
+ Mark Martinec. Files: smtpd/smtpd_proxy.c.
+
+ Bugfix: the Postfix SMTP client no longer appends the local
+ domain when looking up a DNS name without ".". Specify
+ "smtp_dns_resolver_options = res_defnames" to get the old
+ behavior, which can produce unexpected results. Files:
+ smtp/smtp.c, smtp/smtp_params.c, smtp/smtp_addr.c.
If you upgrade from Postfix 2.6 or earlier, read RELEASE_NOTES-2.7
before proceeding.
+Incompatibility with snapshot 20100827
+======================================
+
+The Postfix SMTP client no longer appends the local domain when
+looking up a DNS name without ".". Specify "smtp_dns_resolver_options
+= res_defnames" to get the old behavior, which may produce unexpected
+results.
+
Incompatibility with snapshot 20100728
======================================
header_checks(5): document synopsis and feature subsets.
- Would it help if there were different cleanup_server parameter
- names for different message paths? smtpd(8) uses the same
- cleanup_server value for receiving remote mail and for
- sending postmaster problem reports. Do we need separate
- mumble_cleanup_service_name parameters for "inject", "notify"
- and "forward" (with backwards compatinble defaults)?
+ Consistency: in postconf.proto make <dt>..</dt> tags bold.
+
+ According to a paper by Ted Unangst at BSDCON09, kqueue
+ reports state changes, i.e. kqueue indicates when the socket
+ becomes readable. Specifically, he writes when kqueue reports
+ a socket becomes readable but no data is read from that
+ socket, later kqueue calls won't report the socket as
+ readable. That's not what happens on FreeBSD 8.0, where
+ kqueue will keep reporting the socket as readable when
+ nothing is read. Also, FreeBSD 8.0 kqueue still reports
+ the socket as readable after a read operation does not empty
+ the kernel buffer. We need a test program for this that
+ repeats these tests with OpenBSD and NetBSD (and MacOS X
+ once they fix their kqueue implementation).
+
+ postscreen(8): need some option to wait for DNSBL lookup
+ (etc.) completion. For example, postscreen_greet_wait would
+ become a lower bound, while postscreen_dnsbl_wait would
+ become an upper bound (or should all features use a shared
+ postscreen_max_wait upper bound?).
+
+ Would it help if there were different cleanup_service
+ parameter names for different message paths? smtpd(8) uses
+ the same cleanup_service value for receiving remote mail
+ and for submitting postmaster problem reports. Do we need
+ separate mumble_cleanup_service_name parameters for "inject",
+ "notify" and "forward" (with backwards compatinble defaults)?
IF/ENDIF support for CIDR tables.
An optional workaround for routers that break TCP
window scaling.
+ Available in Postfix version 2.8 and later:
+
+ <b><a href="postconf.5.html#smtp_dns_resolver_options">smtp_dns_resolver_options</a> (empty)</b>
+ DNS Resolver options for the Postfix SMTP client.
+
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
</ul>
+</DD>
+
+<DT><b><a name="lmtp_dns_resolver_options">lmtp_dns_resolver_options</a>
+(default: empty)</b></DT><DD>
+
+<p> The LMTP-specific version of the <a href="postconf.5.html#smtp_dns_resolver_options">smtp_dns_resolver_options</a>
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
</DD>
<DT><b><a name="lmtp_enforce_tls">lmtp_enforce_tls</a>
</ul>
+</DD>
+
+<DT><b><a name="smtp_dns_resolver_options">smtp_dns_resolver_options</a>
+(default: empty)</b></DT><DD>
+
+<p> DNS Resolver options for the Postfix SMTP client. Specify zero
+or more of the following, separated by comma or whitespace. Option
+names are case-sensitive. Some options refer to domain names that
+are specified in /etc/resolv.conf or equivalent. </p>
+
+<dl>
+
+<dt><b>res_defnames</b></dt>
+
+<dd> Append the <a href="ADDRESS_CLASS_README.html#default_domain_class">default domain</a> name to single-component names (those
+that do not contain a dot). This can produce incorrect results,
+and was the behavior prior to Postfix 2.8. </dd>
+
+<dt><b>res_dnsrch</b></dt>
+
+<dd> Search for host names in the current domain and in parent
+domains. This can produce incorrect results and is therefore not
+recommended. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+
</DD>
<DT><b><a name="smtp_enforce_tls">smtp_enforce_tls</a>
An optional workaround for routers that break TCP
window scaling.
+ Available in Postfix version 2.8 and later:
+
+ <b><a href="postconf.5.html#smtp_dns_resolver_options">smtp_dns_resolver_options</a> (empty)</b>
+ DNS Resolver options for the Postfix SMTP client.
+
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
.IP \(bu
Use the lmtp_discard_lhlo_keyword_address_maps feature to
discard LHLO keywords selectively.
+.SH lmtp_dns_resolver_options (default: empty)
+The LMTP-specific version of the smtp_dns_resolver_options
+configuration parameter. See there for details.
+.PP
+This feature is available in Postfix 2.8 and later.
.SH lmtp_enforce_tls (default: no)
The LMTP-specific version of the smtp_enforce_tls configuration
parameter. See there for details.
.IP \(bu
Use the smtp_discard_ehlo_keyword_address_maps feature to
discard EHLO keywords selectively.
+.SH smtp_dns_resolver_options (default: empty)
+DNS Resolver options for the Postfix SMTP client. Specify zero
+or more of the following, separated by comma or whitespace. Option
+names are case-sensitive. Some options refer to domain names that
+are specified in /etc/resolv.conf or equivalent.
+.IP "\fBres_defnames\fR"
+Append the default domain name to single-component names (those
+that do not contain a dot). This can produce incorrect results,
+and was the behavior prior to Postfix 2.8.
+.IP "\fBres_dnsrch\fR"
+Search for host names in the current domain and in parent
+domains. This can produce incorrect results and is therefore not
+recommended.
+.PP
+This feature is available in Postfix 2.8 and later.
.SH smtp_enforce_tls (default: no)
Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear. This also requires
Available in Postfix version 2.6 and later:
.IP "\fBtcp_windowsize (0)\fR"
An optional workaround for routers that break TCP window scaling.
+.PP
+Available in Postfix version 2.8 and later:
+.IP "\fBsmtp_dns_resolver_options (empty)\fR"
+DNS Resolver options for the Postfix SMTP client.
.SH "MIME PROCESSING CONTROLS"
.na
.nf
s;\bvir[-</bB>]*\n*[ <bB>]*tual_destination_recip[-</bB>]*\n* *[<bB>]*ient_limit\b;<a href="postconf.5.html#virtual_destination_recipient_limit">$&</a>;g;
s;\bsmtp_discard_ehlo_keyword_address_maps\b;<a href="postconf.5.html#smtp_discard_ehlo_keyword_address_maps">$&</a>;g;
s;\bsmtp_discard_ehlo_keywords\b;<a href="postconf.5.html#smtp_discard_ehlo_keywords">$&</a>;g;
+ s;\bsmtp_dns_resolver_options\b;<a href="postconf.5.html#smtp_dns_resolver_options">$&</a>;g;
s;\bsmtp_helo_name\b;<a href="postconf.5.html#smtp_helo_name">$&</a>;g;
s;\bsmtp_helo_timeout\b;<a href="postconf.5.html#smtp_helo_timeout">$&</a>;g;
s;\bsmtp_host_lookup\b;<a href="postconf.5.html#smtp_host_lookup">$&</a>;g;
configuration parameter. See there for details. </p>
<p> This feature is available in Postfix 2.8 and later. </p>
+
+%PARAM smtp_dns_resolver_options
+
+<p> DNS Resolver options for the Postfix SMTP client. Specify zero
+or more of the following, separated by comma or whitespace. Option
+names are case-sensitive. Some options refer to domain names that
+are specified in /etc/resolv.conf or equivalent. </p>
+
+<dl>
+
+<dt><b>res_defnames</b></dt>
+
+<dd> Append the default domain name to single-component names (those
+that do not contain a dot). This can produce incorrect results,
+and was the behavior prior to Postfix 2.8. </dd>
+
+<dt><b>res_dnsrch</b></dt>
+
+<dd> Search for host names in the current domain and in parent
+domains. This can produce incorrect results and is therefore not
+recommended. </dd>
+
+</dl>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
+%PARAM lmtp_dns_resolver_options
+
+<p> The LMTP-specific version of the smtp_dns_resolver_options
+configuration parameter. See there for details. </p>
+
+<p> This feature is available in Postfix 2.8 and later. </p>
+
#define DEF_SMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS
#define VAR_LMTP_HOST_LOOKUP "lmtp_host_lookup"
#define DEF_LMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS
-extern int var_smtp_dns_lookup;
+extern char *var_smtp_host_lookup;
+
+#define SMTP_DNS_RES_OPT_DEFNAMES "res_defnames"
+#define SMTP_DNS_RES_OPT_DNSRCH "res_dnsrch"
+
+#define VAR_SMTP_DNS_RES_OPT "smtp_dns_resolver_options"
+#define DEF_SMTP_DNS_RES_OPT ""
+#define VAR_LMTP_DNS_RES_OPT "lmtp_dns_resolver_options"
+#define DEF_LMTP_DNS_RES_OPT ""
+extern char *var_smtp_dns_res_opt;
#define VAR_SMTP_MXADDR_LIMIT "smtp_mx_address_limit"
#define DEF_SMTP_MXADDR_LIMIT 5
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20100728"
+#define MAIL_RELEASE_DATE "20100827"
#define MAIL_VERSION_NUMBER "2.8"
#ifdef SNAPSHOT
* This program screens all inbound SMTP connections, so it better not waste
* time.
*/
-#define PS_GREET_TIMEOUT 5
-#define PS_SMTP_WRITE_TIMEOUT 1
#define PS_SEND_SOCK_CONNECT_TIMEOUT 1
#define PS_SEND_SOCK_NOTIFY_TIMEOUT 100
smtp.o: ../../include/debug_peer.h
smtp.o: ../../include/deliver_request.h
smtp.o: ../../include/dict.h
+smtp.o: ../../include/dns.h
smtp.o: ../../include/dsn.h
smtp.o: ../../include/dsn_buf.h
smtp.o: ../../include/ext_prop.h
smtp.o: ../../include/mime_state.h
smtp.o: ../../include/msg.h
smtp.o: ../../include/msg_stats.h
+smtp.o: ../../include/myaddrinfo.h
smtp.o: ../../include/mymalloc.h
smtp.o: ../../include/name_code.h
smtp.o: ../../include/name_mask.h
smtp.o: ../../include/recipient_list.h
smtp.o: ../../include/resolve_clnt.h
smtp.o: ../../include/scache.h
+smtp.o: ../../include/sock_addr.h
smtp.o: ../../include/string_list.h
smtp.o: ../../include/stringops.h
smtp.o: ../../include/sys_defs.h
VAR_LMTP_BODY_CHKS, DEF_LMTP_BODY_CHKS, &var_smtp_body_chks, 0, 0,
VAR_LMTP_RESP_FILTER, DEF_LMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
VAR_LMTP_ADDR_PREF, DEF_LMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
+ VAR_LMTP_DNS_RES_OPT, DEF_LMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0,
0,
};
static const CONFIG_TIME_TABLE lmtp_time_table[] = {
/* Available in Postfix version 2.6 and later:
/* .IP "\fBtcp_windowsize (0)\fR"
/* An optional workaround for routers that break TCP window scaling.
+/* .PP
+/* Available in Postfix version 2.8 and later:
+/* .IP "\fBsmtp_dns_resolver_options (empty)\fR"
+/* DNS Resolver options for the Postfix SMTP client.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
#include <maps.h>
#include <ext_prop.h>
+/* DNS library. */
+
+#include <dns.h>
+
/* Single server skeleton. */
#include <mail_server.h>
char *var_smtp_body_chks;
char *var_smtp_resp_filter;
bool var_lmtp_assume_final;
+char *var_smtp_dns_res_opt;
/* Special handling of 535 AUTH errors. */
char *var_smtp_sasl_auth_cache_name;
MAPS *smtp_ehlo_dis_maps;
MAPS *smtp_generic_maps;
int smtp_ext_prop_mask;
+unsigned smtp_dns_res_opt;
MAPS *smtp_pix_bug_maps;
HBC_CHECKS *smtp_header_checks; /* limited header checks */
HBC_CHECKS *smtp_body_checks; /* limited body checks */
SMTP_HOST_LOOKUP_NATIVE, SMTP_HOST_FLAG_NATIVE,
0,
};
+ static const NAME_MASK dns_res_opt_masks[] = {
+ SMTP_DNS_RES_OPT_DEFNAMES, RES_DEFNAMES,
+ SMTP_DNS_RES_OPT_DNSRCH, RES_DNSRCH,
+ 0,
+ };
/*
* Select hostname lookup mechanisms.
var_ipc_idle_limit,
var_ipc_ttl_limit);
#endif
+
+ /*
+ * Select DNS query flags.
+ */
+ smtp_dns_res_opt = name_mask(VAR_SMTP_DNS_RES_OPT, dns_res_opt_masks,
+ var_smtp_dns_res_opt);
}
/* pre_init - pre-jail initialization */
extern MAPS *smtp_generic_maps; /* make internal address valid */
extern int smtp_ext_prop_mask; /* address externsion propagation */
+extern unsigned smtp_dns_res_opt; /* DNS query flags */
#ifdef USE_TLS
* should not clobber a soft error text and status code.
*/
if (smtp_host_lookup_mask & SMTP_HOST_FLAG_DNS) {
- switch (dns_lookup_v(host, RES_DEFNAMES, &addr, (VSTRING *) 0,
+ switch (dns_lookup_v(host, smtp_dns_res_opt, &addr, (VSTRING *) 0,
why->reason, DNS_REQ_FLAG_NONE,
proto_info->dns_atype_list)) {
case DNS_OK:
VAR_SMTP_BODY_CHKS, DEF_SMTP_BODY_CHKS, &var_smtp_body_chks, 0, 0,
VAR_SMTP_RESP_FILTER, DEF_SMTP_RESP_FILTER, &var_smtp_resp_filter, 0, 0,
VAR_SMTP_ADDR_PREF, DEF_SMTP_ADDR_PREF, &var_smtp_addr_pref, 1, 0,
+ VAR_SMTP_DNS_RES_OPT, DEF_SMTP_DNS_RES_OPT, &var_smtp_dns_res_opt, 0, 0,
0,
};
static const CONFIG_TIME_TABLE smtp_time_table[] = {
/* Needed by our DATA-phase record emulation routines. */
vstream_control(proxy->service_stream, VSTREAM_CTL_CONTEXT,
(char *) state, VSTREAM_CTL_END);
+ /* Avoid poor performance when TCP MSS > VSTREAM_BUFSIZE. */
+ if (connect_fn == inet_connect)
+ vstream_tweak_tcp(proxy->service_stream);
smtp_timeout_setup(proxy->service_stream, proxy->timeout);
/*
projects / thirdparty / postfix.git / commitdiff
