Cleanup: updated comments and identifiers because the bare
newline handling has evolved. Files: global/smtp_stream.[hc],
Files: global/smtp_stream.[hc], smtpd/smtpd.c.
+
+20240113
+
+ Cleanup: updated the user interface. The smtpd_forbid_bare_newline
+ settings are now "require_std_end_of_data", "reject", and
+ "no", with "yes" as an alias for "require_std_end_of_data".
+ Files: smtpd/smtpd.c proto/postconf.proto.
This feature applies to all email that Postfix locally or remotely
sends out. It is not allowlisted based on client identity.
-Major changes with snapshot 20240110
+Major changes with snapshot 20240113
====================================
This updates Postfix fixes for SMTP smuggling attacks, For background,
- Improved logging for rejected input (it now includes queue ID,
helo, mail, and rcpt, if available).
-- The new default setting "smtpd_forbid_bare_newline = normalize"
+- The new default "smtpd_forbid_bare_newline = require_std_end_of_data"
requires the standard End-of-DATA sequence <CR><LF>.<CR><LF>, and
- allows bare newlines from local and remote SMTP clients, maintaining
- more compatibility with infrastructure tools such as probers and
- surveys.
+ allows bare newlines from SMTP clients, maintaining more compatibility
+ with infrastructure tools such as probers and surveys.
- The new setting "smtpd_forbid_bare_newline = reject" requires
- the standard End-of-DATA sequence <CR><LF>.<CR><LF>, and rejects
- a command or message that contains a bare newline. To disconnect
- the client, specify "smtpd_forbid_bare_newline_reject_code = 521".
+ that input lines end in <CR><LF>, requires the standard
+ End-of-DATA sequence <CR><LF>.<CR><LF>, and rejects a command or
+ message that contains a bare newline. To disconnect the client,
+ specify "smtpd_forbid_bare_newline_reject_code = 521".
-- The old setting "yes" has become an alias for "normalize".
+- The old setting "yes" has become an alias for "require_std_end_of_data".
- The old setting "no" has not changed, and allows SMTP smuggling.
The recommended Postfix 3.9 settings (i.e. the defaults) are now:
# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
- # Allow bare newlines from local and remote SMTP clients.
+ # Otherwise, allow bare <LF> and process it as if the client sent
+ # <CR><LF>.
#
- # This will cause problems for legitimate clients that send a
- # non-standard End-of-DATA sequence such as web applications, netcat,
- # fax machines, or load balancer health checks. Such clients need
- # to be excluded with smtpd_forbid_bare_newline_exclusions.
+ # Exclude local SMTP clients from enforcement.
#
- smtpd_forbid_bare_newline = normalize
+ # This maintains compatibility with many legitimate SMTP client
+ # applications that send a mix of standard and non-standard line
+ # endings, but will fail to receive email from client implementations
+ # that do not send <CR><LF>.<CR><LF> Such clients need to be
+ # excluded with smtpd_forbid_bare_newline_exclusions.
+ #
+ smtpd_forbid_bare_newline = require_std_end_of_data
smtpd_forbid_bare_newline_exclusions = $mynetworks
Alternative settings:
- # Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
- # Reject bare newlines from remote SMTP clients.
+ # Reject input lines that end in <LF>, require that input lines
+ # end in <CR><LF>, and require the standard End-of-DATA sequence
+ # <CR><LF>.<CR><LF>.
#
- # This will cause problems for legitimate clients that send any
- # non-standard line endings such as web applications, netcat, fax
- # machines, or load balancer health checks. Such clients need to be
- # excluded with smtpd_forbid_bare_newline_exclusions.
+ # Exclude local SMTP clients from enforcement.
+ #
+ # This will very likely cause problems for SMTP clients that send
+ # non-standard line endings such as web applications, netcat, or
+ # load balancer health checks. Such clients need to be excluded with
+ # smtpd_forbid_bare_newline_exclusions.
#
smtpd_forbid_bare_newline = reject
smtpd_forbid_bare_newline_exclusions = $mynetworks
Disable -DSNAPSHOT and -DNONPROD in makedefs.
+ Maybe add a pre-release check that stable releases cannot
+ have -DSNAPSHOT and -DNONPROD.
+
postfix-install should mention makedefs.out.
Remove .printfck directories, and remove printfck targets
</DD>
<DT><b><a name="smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a>
-(default: Postfix ≥ 3.9: normalize)</b></DT><DD>
+(default: Postfix ≥ 3.9: require_std_end_of_data)</b></DT><DD>
-<p> Reject or normalize commands and email message content when an
-SMTP client sends lines ending in <LF>. Such line endings are
-commonly allowed with UNIX-based SMTP servers, but they violate the
-<a href="https://tools.ietf.org/html/rfc5321">RFC 5321</a> requirement that lines must end in <CR><LF>.
-</p>
+<p> Reject or restrict input lines from an SMTP client that end in
+<LF> instead of the standard <CR><LF>. Such line
+endings are commonly allowed with UNIX-based SMTP servers, but they
+violate <a href="https://tools.ietf.org/html/rfc5321">RFC 5321</a>, and allowing such line endings can make a server
+vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
+SMTP smuggling</a>. </p>
<p> Specify one of the following values (case does not matter): </p>
<dl compact>
-<dt> <b>normalize</b> (default)</dt> <dd> Require the standard
-End-of-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, maintain compatibility with legacy SMTP clients that
-send lines ending in the non-standard <LF>, and treat those
-line endings as if the client sent the standard <CR><LF>.
-<br> This may fail to receive email from legitimate SMTP clients
-such web applications, netcat, fax machines, or load balancer health
-checks. Such clients need to be excluded with
-<a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>. </dd>
-
-<dt> <b>yes</b> </dt> <dd> Alias for "normalize". </dd>
-
-<dt> <b>reject</b> </dt> <dd> Require the standard End-of-DATA
-sequence <CR><LF>.<CR><LF>. When an SMTP
-client sends a command or message content line ending in <LF>,
-log a "bare <LF> received" error, and reject the command or
-message content with $<a href="postconf.5.html#smtpd_forbid_bare_newline_reject_code">smtpd_forbid_bare_newline_reject_code</a>. <br>
-This will fail to receive email from legitimate SMTP clients that
-send non-standard line endings such web applications, netcat, fax
-machines, or load balancer health checks. Such clients need to be
-excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>. </dd>
-
-<dt> <b>no</b> </dt> <dd> Treat all lines ending in <LF>
-as if the client sent <CR><LF>. This option is fully
-backwards compatible, but is not recommended for an Internet-facing
-SMTP server, because it is vulnerable to <a
-href="https://www.postfix.org/smtp-smuggling.html"> SMTP smuggling</a>.
-</dd>
+<dt> <b>require_std_end_of_data</b> (default)</dt> <dd> Require the
+standard End-of-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow input lines ending in the non-standard <LF>,
+and process those as if the client sent inputs with the standard
+<CR><LF>. <br> This maintains compatibility with many
+legitimate SMTP client applications that send a mix of standard and
+non-standard line endings, but will fail to receive email from
+client implementations that do not send
+<CR><LF>.<CR><LF>. Such clients need to be
+excluded with <b><a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a></b>. </dd>
+
+<dt> <b>yes</b> </dt> <dd> Compatibility alias for
+<b>require_std_end_of_data</b>. </dd>
+
+<dt> <b>reject</b> </dt> <dd> Reject a command or message content
+when a line ends in <LF>, log a "bare <LF> received"
+error, and reject the command or message content with
+$<b><a href="postconf.5.html#smtpd_forbid_bare_newline_reject_code">smtpd_forbid_bare_newline_reject_code</a></b>. Require that input
+lines end in <CR><LF>, and require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. <br> This will
+very likely cause problems for SMTP clients that send non-standard
+line endings such as web applications, netcat, or load balancer
+health checks. Such clients need to be excluded with
+<b><a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a></b>. </dd>
+
+<dt> <b>no</b> </dt> <dd> Treat a bare <LF> as if the client
+sent <CR><LF>. This option is fully backwards compatible,
+but is not recommended for an Internet-facing SMTP server, because
+it is vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
+SMTP smuggling</a>. </dd>
</dl>
<blockquote>
<pre>
# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-# Allow bare newlines from local and remote SMTP clients.
+# Otherwise, allow bare <LF> and process it as if the client sent
+# <CR><LF>.
#
-# This will cause problems for legitimate clients that send a
-# non-standard End-of-DATA sequence such as web applications, netcat,
-# fax machines, or load balancer health checks. Such clients need
-# to be excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
+# Exclude local SMTP clients from enforcement.
#
-<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = normalize
+# This maintains compatibility with many legitimate SMTP client
+# applications that send a mix of standard and non-standard line
+# endings, but will fail to receive email from client implementations
+# that do not send <CR><LF>.<CR><LF>. Such clients need to be
+# excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
+#
+<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = require_std_end_of_data
<a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
</pre>
</blockquote>
<blockquote>
<pre>
-# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-# Reject bare newlines from remote SMTP clients.
+# Reject input lines that end in <LF>, require that input lines
+# end in <CR><LF>, and require the standard End-of-DATA sequence
+# <CR><LF>.<CR><LF>.
#
-# This will cause problems for legitimate clients that send any
-# non-standard line endings such as web applications, netcat, fax
-# machines, or load balancer health checks. Such clients need to be
-# excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
+# Exclude local SMTP clients from enforcement.
+#
+# This will very likely cause problems for SMTP clients that send
+# non-standard line endings such as web applications, netcat, or
+# load balancer health checks. Such clients need to be excluded with
+# <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
#
<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = reject
<a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
</pre>
</blockquote>
-<p> This feature with settings 'yes' and 'no' is available in Postfix
-≥ 3.9, 3.8.4, 3.7.9, 3.6.13, and 3.5.23. The settings 'reject'
-and 'normalize' are available with Postfix ≥ 3.9, 3.8.5, 3.7.10,
-3.6.14, and 3.5.24. </p>
+<p> This feature with settings <b>yes</b> and <b>no</b> is available
+in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
+settings <b>reject</b>, and <b>require_std_end_of_data</b> are
+available with Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
+</p>
</DD>
Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
- <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> (Postfix</b> ><b>= 3.9: normalize)</b>
- Reject or normalize commands and email message content when an
- SMTP client sends lines ending in <LF>.
+ <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> (Postfix</b> ><b>= 3.9: require_std_end_of_data)</b>
+ Reject or restrict input lines from an SMTP client that end in
+ <LF> instead of the standard <CR><LF>.
<b><a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
Exclude the specified clients from <a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a>
parameter $name expansion.
.PP
This feature is available in Postfix 2.0 and later.
-.SH smtpd_forbid_bare_newline (default: Postfix >= 3.9: normalize)
-Reject or normalize commands and email message content when an
-SMTP client sends lines ending in <LF>. Such line endings are
-commonly allowed with UNIX\-based SMTP servers, but they violate the
-RFC 5321 requirement that lines must end in <CR><LF>.
+.SH smtpd_forbid_bare_newline (default: Postfix >= 3.9: require_std_end_of_data)
+Reject or restrict input lines from an SMTP client that end in
+<LF> instead of the standard <CR><LF>. Such line
+endings are commonly allowed with UNIX\-based SMTP servers, but they
+violate RFC 5321, and allowing such line endings can make a server
+vulnerable to
+SMTP smuggling.
.PP
Specify one of the following values (case does not matter):
-.IP "\fBnormalize\fR (default)"
-Require the standard
-End\-of\-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, maintain compatibility with legacy SMTP clients that
-send lines ending in the non\-standard <LF>, and treat those
-line endings as if the client sent the standard <CR><LF>.
-.br
-This may fail to receive email from legitimate SMTP clients
-such web applications, netcat, fax machines, or load balancer health
-checks. Such clients need to be excluded with
-smtpd_forbid_bare_newline_exclusions.
+.IP "\fBrequire_std_end_of_data\fR (default)"
+Require the
+standard End\-of\-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow input lines ending in the non\-standard <LF>,
+and process those as if the client sent inputs with the standard
+<CR><LF>.
+.br
+This maintains compatibility with many
+legitimate SMTP client applications that send a mix of standard and
+non\-standard line endings, but will fail to receive email from
+client implementations that do not send
+<CR><LF>.<CR><LF>. Such clients need to be
+excluded with \fBsmtpd_forbid_bare_newline_exclusions\fR.
.br
.IP "\fByes\fR"
-Alias for "normalize".
+Compatibility alias for
+\fBrequire_std_end_of_data\fR.
.br
.IP "\fBreject\fR"
-Require the standard End\-of\-DATA
-sequence <CR><LF>.<CR><LF>. When an SMTP
-client sends a command or message content line ending in <LF>,
-log a "bare <LF> received" error, and reject the command or
-message content with $smtpd_forbid_bare_newline_reject_code.
-.br
-This will fail to receive email from legitimate SMTP clients that
-send non\-standard line endings such web applications, netcat, fax
-machines, or load balancer health checks. Such clients need to be
-excluded with smtpd_forbid_bare_newline_exclusions.
+Reject a command or message content
+when a line ends in <LF>, log a "bare <LF> received"
+error, and reject the command or message content with
+$\fBsmtpd_forbid_bare_newline_reject_code\fR. Require that input
+lines end in <CR><LF>, and require the standard End\-of\-DATA
+sequence <CR><LF>.<CR><LF>.
+.br
+This will
+very likely cause problems for SMTP clients that send non\-standard
+line endings such as web applications, netcat, or load balancer
+health checks. Such clients need to be excluded with
+\fBsmtpd_forbid_bare_newline_exclusions\fR.
.br
.IP "\fBno\fR"
-Treat all lines ending in <LF>
-as if the client sent <CR><LF>. This option is fully
-backwards compatible, but is not recommended for an Internet\-facing
-SMTP server, because it is vulnerable to SMTP smuggling.
+Treat a bare <LF> as if the client
+sent <CR><LF>. This option is fully backwards compatible,
+but is not recommended for an Internet\-facing SMTP server, because
+it is vulnerable to
+SMTP smuggling.
.br
.br
.PP
.na
.ft C
# Require the standard End\-of\-DATA sequence <CR><LF>.<CR><LF>.
-# Allow bare newlines from local and remote SMTP clients.
+# Otherwise, allow bare <LF> and process it as if the client sent
+# <CR><LF>.
+#
+# Exclude local SMTP clients from enforcement.
#
-# This will cause problems for legitimate clients that send a
-# non\-standard End\-of\-DATA sequence such as web applications, netcat,
-# fax machines, or load balancer health checks. Such clients need
-# to be excluded with smtpd_forbid_bare_newline_exclusions.
+# This maintains compatibility with many legitimate SMTP client
+# applications that send a mix of standard and non\-standard line
+# endings, but will fail to receive email from client implementations
+# that do not send <CR><LF>.<CR><LF>. Such clients need to be
+# excluded with smtpd_forbid_bare_newline_exclusions.
#
-smtpd_forbid_bare_newline = normalize
+smtpd_forbid_bare_newline = require_std_end_of_data
smtpd_forbid_bare_newline_exclusions = $mynetworks
.fi
.ad
.nf
.na
.ft C
-# Require the standard End\-of\-DATA sequence <CR><LF>.<CR><LF>.
-# Reject bare newlines from remote SMTP clients.
+# Reject input lines that end in <LF>, require that input lines
+# end in <CR><LF>, and require the standard End\-of\-DATA sequence
+# <CR><LF>.<CR><LF>.
#
-# This will cause problems for legitimate clients that send any
-# non\-standard line endings such as web applications, netcat, fax
-# machines, or load balancer health checks. Such clients need to be
-# excluded with smtpd_forbid_bare_newline_exclusions.
+# Exclude local SMTP clients from enforcement.
+#
+# This will very likely cause problems for SMTP clients that send
+# non\-standard line endings such as web applications, netcat, or
+# load balancer health checks. Such clients need to be excluded with
+# smtpd_forbid_bare_newline_exclusions.
#
smtpd_forbid_bare_newline = reject
smtpd_forbid_bare_newline_exclusions = $mynetworks
.ft R
.in -4
.PP
-This feature with settings 'yes' and 'no' is available in Postfix
->= 3.9, 3.8.4, 3.7.9, 3.6.13, and 3.5.23. The settings 'reject'
-and 'normalize' are available with Postfix >= 3.9, 3.8.5, 3.7.10,
-3.6.14, and 3.5.24.
+This feature with settings \fByes\fR and \fBno\fR is available
+in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
+settings \fBreject\fR, and \fBrequire_std_end_of_data\fR are
+available with Postfix >= 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
.SH smtpd_forbid_bare_newline_exclusions (default: $mynetworks)
Exclude the specified clients from smtpd_forbid_bare_newline
enforcement. It uses the same syntax and parent\-domain matching
command pipelining constraints.
.PP
Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
-.IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: normalize)\fR"
-Reject or normalize commands and email message content when an
-SMTP client sends lines ending in <LF>.
+.IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: require_std_end_of_data)\fR"
+Reject or restrict input lines from an SMTP client that end in
+<LF> instead of the standard <CR><LF>.
.IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR"
Exclude the specified clients from smtpd_forbid_bare_newline
enforcement.
<p> This feature is available in Postfix ≥ 3.9, 3.8.1, 3.7.6,
3.6.10, and 3.5.20. </p>
-%PARAM smtpd_forbid_bare_newline Postfix ≥ 3.9: normalize
+%PARAM smtpd_forbid_bare_newline Postfix ≥ 3.9: require_std_end_of_data
-<p> Reject or normalize commands and email message content when an
-SMTP client sends lines ending in <LF>. Such line endings are
-commonly allowed with UNIX-based SMTP servers, but they violate the
-RFC 5321 requirement that lines must end in <CR><LF>.
-</p>
+<p> Reject or restrict input lines from an SMTP client that end in
+<LF> instead of the standard <CR><LF>. Such line
+endings are commonly allowed with UNIX-based SMTP servers, but they
+violate RFC 5321, and allowing such line endings can make a server
+vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
+SMTP smuggling</a>. </p>
<p> Specify one of the following values (case does not matter): </p>
<dl compact>
-<dt> <b>normalize</b> (default)</dt> <dd> Require the standard
-End-of-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, maintain compatibility with legacy SMTP clients that
-send lines ending in the non-standard <LF>, and treat those
-line endings as if the client sent the standard <CR><LF>.
-<br> This may fail to receive email from legitimate SMTP clients
-such web applications, netcat, fax machines, or load balancer health
-checks. Such clients need to be excluded with
-smtpd_forbid_bare_newline_exclusions. </dd>
-
-<dt> <b>yes</b> </dt> <dd> Alias for "normalize". </dd>
-
-<dt> <b>reject</b> </dt> <dd> Require the standard End-of-DATA
-sequence <CR><LF>.<CR><LF>. When an SMTP
-client sends a command or message content line ending in <LF>,
-log a "bare <LF> received" error, and reject the command or
-message content with $smtpd_forbid_bare_newline_reject_code. <br>
-This will fail to receive email from legitimate SMTP clients that
-send non-standard line endings such web applications, netcat, fax
-machines, or load balancer health checks. Such clients need to be
-excluded with smtpd_forbid_bare_newline_exclusions. </dd>
-
-<dt> <b>no</b> </dt> <dd> Treat all lines ending in <LF>
-as if the client sent <CR><LF>. This option is fully
-backwards compatible, but is not recommended for an Internet-facing
-SMTP server, because it is vulnerable to <a
-href="https://www.postfix.org/smtp-smuggling.html"> SMTP smuggling</a>.
-</dd>
+<dt> <b>require_std_end_of_data</b> (default)</dt> <dd> Require the
+standard End-of-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow input lines ending in the non-standard <LF>,
+and process those as if the client sent inputs with the standard
+<CR><LF>. <br> This maintains compatibility with many
+legitimate SMTP client applications that send a mix of standard and
+non-standard line endings, but will fail to receive email from
+client implementations that do not send
+<CR><LF>.<CR><LF>. Such clients need to be
+excluded with <b>smtpd_forbid_bare_newline_exclusions</b>. </dd>
+
+<dt> <b>yes</b> </dt> <dd> Compatibility alias for
+<b>require_std_end_of_data</b>. </dd>
+
+<dt> <b>reject</b> </dt> <dd> Reject a command or message content
+when a line ends in <LF>, log a "bare <LF> received"
+error, and reject the command or message content with
+$<b>smtpd_forbid_bare_newline_reject_code</b>. Require that input
+lines end in <CR><LF>, and require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. <br> This will
+very likely cause problems for SMTP clients that send non-standard
+line endings such as web applications, netcat, or load balancer
+health checks. Such clients need to be excluded with
+<b>smtpd_forbid_bare_newline_exclusions</b>. </dd>
+
+<dt> <b>no</b> </dt> <dd> Treat a bare <LF> as if the client
+sent <CR><LF>. This option is fully backwards compatible,
+but is not recommended for an Internet-facing SMTP server, because
+it is vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
+SMTP smuggling</a>. </dd>
</dl>
<blockquote>
<pre>
# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-# Allow bare newlines from local and remote SMTP clients.
+# Otherwise, allow bare <LF> and process it as if the client sent
+# <CR><LF>.
#
-# This will cause problems for legitimate clients that send a
-# non-standard End-of-DATA sequence such as web applications, netcat,
-# fax machines, or load balancer health checks. Such clients need
-# to be excluded with smtpd_forbid_bare_newline_exclusions.
+# Exclude local SMTP clients from enforcement.
#
-smtpd_forbid_bare_newline = normalize
+# This maintains compatibility with many legitimate SMTP client
+# applications that send a mix of standard and non-standard line
+# endings, but will fail to receive email from client implementations
+# that do not send <CR><LF>.<CR><LF>. Such clients need to be
+# excluded with smtpd_forbid_bare_newline_exclusions.
+#
+smtpd_forbid_bare_newline = require_std_end_of_data
smtpd_forbid_bare_newline_exclusions = $mynetworks
</pre>
</blockquote>
<blockquote>
<pre>
-# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-# Reject bare newlines from remote SMTP clients.
+# Reject input lines that end in <LF>, require that input lines
+# end in <CR><LF>, and require the standard End-of-DATA sequence
+# <CR><LF>.<CR><LF>.
#
-# This will cause problems for legitimate clients that send any
-# non-standard line endings such as web applications, netcat, fax
-# machines, or load balancer health checks. Such clients need to be
-# excluded with smtpd_forbid_bare_newline_exclusions.
+# Exclude local SMTP clients from enforcement.
+#
+# This will very likely cause problems for SMTP clients that send
+# non-standard line endings such as web applications, netcat, or
+# load balancer health checks. Such clients need to be excluded with
+# smtpd_forbid_bare_newline_exclusions.
#
smtpd_forbid_bare_newline = reject
smtpd_forbid_bare_newline_exclusions = $mynetworks
</pre>
</blockquote>
-<p> This feature with settings 'yes' and 'no' is available in Postfix
-≥ 3.9, 3.8.4, 3.7.9, 3.6.13, and 3.5.23. The settings 'reject'
-and 'normalize' are available with Postfix ≥ 3.9, 3.8.5, 3.7.10,
-3.6.14, and 3.5.24. </p>
+<p> This feature with settings <b>yes</b> and <b>no</b> is available
+in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
+settings <b>reject</b>, and <b>require_std_end_of_data</b> are
+available with Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
+</p>
%PARAM smtpd_forbid_bare_newline_exclusions $mynetworks
Files smtpd smtpd c proto postconf proto RELEASE_NOTES
stable releases Files global smtp_stream hc smtpd smtpd c
Files global smtp_stream hc smtpd smtpd c
+ Files smtpd smtpd c proto postconf proto
* Backwards compatibility.
*/
#define VAR_SMTPD_FORBID_BARE_LF "smtpd_forbid_bare_newline"
-#define DEF_SMTPD_FORBID_BARE_LF "normalize"
+#define DEF_SMTPD_FORBID_BARE_LF "require_std_end_of_data"
#define VAR_SMTPD_FORBID_BARE_LF_EXCL "smtpd_forbid_bare_newline_exclusions"
#define DEF_SMTPD_FORBID_BARE_LF_EXCL "$" VAR_MYNETWORKS
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240112"
+#define MAIL_RELEASE_DATE "20240113"
#define MAIL_VERSION_NUMBER "3.9"
#ifdef SNAPSHOT
/* command pipelining constraints.
/* .PP
/* Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
-/* .IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: normalize)\fR"
-/* Reject or normalize commands and email message content when an
-/* SMTP client sends lines ending in <LF>.
+/* .IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: require_std_end_of_data)\fR"
+/* Reject or restrict input lines from an SMTP client that end in
+/* <LF> instead of the standard <CR><LF>.
/* .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR"
/* Exclude the specified clients from smtpd_forbid_bare_newline
/* enforcement.
#define IS_BARE_LF_REPLY_REJECT(m) ((m) & BARE_LF_FLAG_REPLY_REJECT)
static const NAME_CODE bare_lf_mask_table[] = {
- "normalize", BARE_LF_FLAG_WANT_STD_EOD, /* The new default */
+ "require_std_end_of_data", BARE_LF_FLAG_WANT_STD_EOD, /* Default */
+#ifdef SNAPSHOT
+ "normalize", BARE_LF_FLAG_WANT_STD_EOD, /* Migration aid */
+#endif
"yes", BARE_LF_FLAG_WANT_STD_EOD, /* Migration aid */
"reject", BARE_LF_FLAG_WANT_STD_EOD | BARE_LF_FLAG_REPLY_REJECT,
"no", 0,
projects / thirdparty / postfix.git / commitdiff
