Cleanup: don't log the 'delay_dotcrlf' workaround for CISCO
PIX bugs before the smtp_pix_workaround_threshold_time has
passed. Reported by Ralf Hildebrandt. File: smtp/smtp_proto.c.
+
+20170727
+
+ Cleanup: the postconf command now uses mechanically-generated
+ lists of DBMS parameter names. This eliminates false positives
+ with mysql databases. Files: postconf/Makefile.in,
+ postconf/extract_cfg.sh, postconf/postconf_dbms.c.
+
+ Cleanup: removed `#if 0/#endif' dead code from dict_ldap.c,
+ to avoid spurious output from the extract_cfg.sh parameter name
+ extraction tool.
+
+20170728
+
+ Documentation: added warnings that "enable_original_recipient
+ = no" prevents Postfix from saving the address verification
+ result under the original probe destination address, if it
+ is changed by aliasing or canonical mapping. Files:
+ proto/ADDRESS_VERIFICATION_README.html, proto/postconf.proto.
+
+ Cleanup: don't store an empty address in the verify cache
+ (this could happen with "enable_original_recipient = no").
+ File: global/verify.c.
Probe messages are like normal mail, except that they are never delivered,
deferred or bounced; probe messages are always discarded.
-
probe Postfix
message -> mail
- queue
- Postfix Postfix ->
+ Postfix Postfix -> queue
Internet -> SMTP <-> verify
server server |
v
^
|
v
-
Address
verification
# Postfix 2.6 and later privacy feature.
# unverified_recipient_reject_reason = Address lookup failed
+ # Do not set enable_original_recipient=no. This prevents Postfix
+ # from saving the recipient address verification result under
+ # the original address, when the address verification probe
+ # message goes through address aliasing or canonical mapping.
+
The "reject_unknown_recipient_domain" restriction blocks mail for non-existent
domains. Putting this before "reject_unverified_recipient" avoids the overhead
of generating unnecessary probe messages.
# Note 2: Avoid hash files here. Use btree or lmdb instead.
address_verify_map = btree:/var/lib/postfix/verify
+ # Do not set enable_original_recipient=no. This prevents Postfix
+ # from saving the sender address verification result under the
+ # original address, when the address verification probe message
+ # goes through address aliasing or canonical mapping.
+
/etc/postfix/sender_access:
# Don't do this when you handle lots of email.
aol.com reject_unverified_sender
with a compatibility_level safety net.
In the bounce daemon, set util_utf8_enable if returning an
- SMTPUTF8 message.
+ SMTPUTF8 message. This is wrong; if SMTPUTF8 is disabled,
+ then Postfix must not turn it on.
Add a header_body_checks extension callback in smtp_proto.c
that implements the PASS action.
...
# Postfix 2.6 and later privacy feature.
# <a href="postconf.5.html#unverified_recipient_reject_reason">unverified_recipient_reject_reason</a> = Address lookup failed
+
+ # Do not set <a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a>=no. This prevents Postfix
+ # from saving the recipient address verification result under
+ # the original address, when the address verification probe
+ # message goes through address aliasing or canonical mapping.
</pre>
</blockquote>
# Note 1: Be sure to read the "<a href="#caching">Caching</a>" section below!
# Note 2: Avoid hash files here. Use btree or lmdb instead.
<a href="postconf.5.html#address_verify_map">address_verify_map</a> = <a href="DATABASE_README.html#types">btree</a>:/var/lib/postfix/verify
+
+ # Do not set <a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a>=no. This prevents Postfix
+ # from saving the sender address verification result under the
+ # original address, when the address verification probe message
+ # goes through address aliasing or canonical mapping.
/etc/postfix/sender_access:
# Don't do this when you handle lots of email.
<DT><b><a name="enable_original_recipient">enable_original_recipient</a>
(default: yes)</b></DT><DD>
-<p> Enable support for the X-Original-To message header. This header
-is needed for multi-recipient mailboxes. </p>
+<p> Enable support to save the original address if a recipient address
+is rewritten to a different address (for example with an alias or with
+canonical mapping). </p>
-<p> When this parameter is set to yes, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs
-duplicate elimination on distinct pairs of (original recipient,
-rewritten recipient), and generates non-empty original recipient
-queue file records. </p>
+<p> The original recipient address is used as follows: </p>
-<p> When this parameter is set to no, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs
+<dl>
+
+<dt> X-Original-To message header </dt> <dd> When this parameter
+is set to <b>yes</b>, the original recipient address is stored in
+the X-Original-To message header. This header is needed to distinguish
+between different recipients that share the same mailbox. </dd>
+
+<dt> Recipient deduplication </dt> <dd> When this parameter is set
+to <b>yes</b>, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs duplicate elimination
+on distinct pairs of (original recipient, rewritten recipient), and
+generates non-empty original recipient queue file records. When
+this parameter is set to <b>no</b>, the <a href="cleanup.8.html">cleanup(8)</a> daemon performs
duplicate elimination on the rewritten recipient address only, and
-generates empty original recipient queue file records. </p>
+generates empty original recipient queue file records. </dd>
-<p> This feature is available in Postfix 2.1 and later. With Postfix
-version 2.0, support for the X-Original-To message header is always turned
-on. Postfix versions before 2.0 have no support for the X-Original-To
-message header. </p>
+<dt>Address verification </dt> <dd> When this parameter is set to
+<b>yes</b>, an addres verification result is stored under both the
+original and the final recipient address. When this parameter is
+set to <b>no</b>, an address verification result is stored only
+under the final recipient address. </dd>
+
+</ul>
+
+<p> This feature is available in Postfix 2.1 and later. Postfix
+version 2.0 behaves as if this parameter is always set to <b>yes</b>.
+Postfix versions before 2.0 have no support for the original recipient
+address. </p>
</DD>
temporary problem (default: 450). <br> The
<a href="postconf.5.html#unverified_recipient_tempfail_action">unverified_recipient_tempfail_action</a> parameter specifies the action
after address probe failure due to a temporary problem (default:
-<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). <br> This feature is available in Postfix 2.1
-and later. </dd>
+<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). <br> This feature breaks for aliased addresses
+when <a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> is set to "no". <br> This feature
+is available in Postfix 2.1 and later. </dd>
</dl>
code when an address probe failed due to a temporary problem
(default: 450). <br> The <a href="postconf.5.html#unverified_sender_tempfail_action">unverified_sender_tempfail_action</a> parameter
specifies the action after address probe failure due to a temporary
-problem (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). <br> This feature is available
-in Postfix 2.1 and later. </dd>
+problem (default: <a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). <br> This feature breaks for
+aliased addresses when <a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> is set to "no".
+<br> This feature is avaiable in Postfix 2.1 and later. </dd>
</dl>
#!/bin/sh
+# To view the formatted manual page of this file, type:
+# POSTFIXSOURCE/mantools/srctoman - makedefs | nroff -man
+
#++
# NAME
# makedefs 1
.PP
This feature is available in Postfix 2.9 and later.
.SH enable_original_recipient (default: yes)
-Enable support for the X\-Original\-To message header. This header
-is needed for multi\-recipient mailboxes.
-.PP
-When this parameter is set to yes, the \fBcleanup\fR(8) daemon performs
-duplicate elimination on distinct pairs of (original recipient,
-rewritten recipient), and generates non\-empty original recipient
-queue file records.
-.PP
-When this parameter is set to no, the \fBcleanup\fR(8) daemon performs
+Enable support to save the original address if a recipient address
+is rewritten to a different address (for example with an alias or with
+canonical mapping).
+.PP
+The original recipient address is used as follows:
+.IP "X\-Original\-To message header"
+When this parameter
+is set to \fByes\fR, the original recipient address is stored in
+the X\-Original\-To message header. This header is needed to distinguish
+between different recipients that share the same mailbox.
+.br
+.IP "Recipient deduplication"
+When this parameter is set
+to \fByes\fR, the \fBcleanup\fR(8) daemon performs duplicate elimination
+on distinct pairs of (original recipient, rewritten recipient), and
+generates non\-empty original recipient queue file records. When
+this parameter is set to \fBno\fR, the \fBcleanup\fR(8) daemon performs
duplicate elimination on the rewritten recipient address only, and
generates empty original recipient queue file records.
+.br
+.IP "Address verification"
+When this parameter is set to
+\fByes\fR, an addres verification result is stored under both the
+original and the final recipient address. When this parameter is
+set to \fBno\fR, an address verification result is stored only
+under the final recipient address.
+.br
+.br
.PP
-This feature is available in Postfix 2.1 and later. With Postfix
-version 2.0, support for the X\-Original\-To message header is always turned
-on. Postfix versions before 2.0 have no support for the X\-Original\-To
-message header.
+This feature is available in Postfix 2.1 and later. Postfix
+version 2.0 behaves as if this parameter is always set to \fByes\fR.
+Postfix versions before 2.0 have no support for the original recipient
+address.
.SH error_notice_recipient (default: postmaster)
The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or protocol
after address probe failure due to a temporary problem (default:
defer_if_permit).
.br
-This feature is available in Postfix 2.1
-and later.
+This feature breaks for aliased addresses
+when enable_original_recipient is set to "no".
+.br
+This feature
+is available in Postfix 2.1 and later.
.br
.br
.PP
specifies the action after address probe failure due to a temporary
problem (default: defer_if_permit).
.br
-This feature is available
-in Postfix 2.1 and later.
+This feature breaks for
+aliased addresses when enable_original_recipient is set to "no".
+.br
+This feature is avaiable in Postfix 2.1 and later.
.br
.br
.PP
...
# Postfix 2.6 and later privacy feature.
# unverified_recipient_reject_reason = Address lookup failed
+
+ # Do not set enable_original_recipient=no. This prevents Postfix
+ # from saving the recipient address verification result under
+ # the original address, when the address verification probe
+ # message goes through address aliasing or canonical mapping.
</pre>
</blockquote>
# Note 1: Be sure to read the "<a href="#caching">Caching</a>" section below!
# Note 2: Avoid hash files here. Use btree or lmdb instead.
address_verify_map = btree:/var/lib/postfix/verify
+
+ # Do not set enable_original_recipient=no. This prevents Postfix
+ # from saving the sender address verification result under the
+ # original address, when the address verification probe message
+ # goes through address aliasing or canonical mapping.
/etc/postfix/sender_access:
# Don't do this when you handle lots of email.
%PARAM enable_original_recipient yes
-<p> Enable support for the X-Original-To message header. This header
-is needed for multi-recipient mailboxes. </p>
+<p> Enable support to save the original address if a recipient address
+is rewritten to a different address (for example with an alias or with
+canonical mapping). </p>
-<p> When this parameter is set to yes, the cleanup(8) daemon performs
-duplicate elimination on distinct pairs of (original recipient,
-rewritten recipient), and generates non-empty original recipient
-queue file records. </p>
+<p> The original recipient address is used as follows: </p>
-<p> When this parameter is set to no, the cleanup(8) daemon performs
+<dl>
+
+<dt> X-Original-To message header </dt> <dd> When this parameter
+is set to <b>yes</b>, the original recipient address is stored in
+the X-Original-To message header. This header is needed to distinguish
+between different recipients that share the same mailbox. </dd>
+
+<dt> Recipient deduplication </dt> <dd> When this parameter is set
+to <b>yes</b>, the cleanup(8) daemon performs duplicate elimination
+on distinct pairs of (original recipient, rewritten recipient), and
+generates non-empty original recipient queue file records. When
+this parameter is set to <b>no</b>, the cleanup(8) daemon performs
duplicate elimination on the rewritten recipient address only, and
-generates empty original recipient queue file records. </p>
+generates empty original recipient queue file records. </dd>
-<p> This feature is available in Postfix 2.1 and later. With Postfix
-version 2.0, support for the X-Original-To message header is always turned
-on. Postfix versions before 2.0 have no support for the X-Original-To
-message header. </p>
+<dt>Address verification </dt> <dd> When this parameter is set to
+<b>yes</b>, an addres verification result is stored under both the
+original and the final recipient address. When this parameter is
+set to <b>no</b>, an address verification result is stored only
+under the final recipient address. </dd>
+
+</ul>
+
+<p> This feature is available in Postfix 2.1 and later. Postfix
+version 2.0 behaves as if this parameter is always set to <b>yes</b>.
+Postfix versions before 2.0 have no support for the original recipient
+address. </p>
%PARAM export_environment see "postconf -d" output
temporary problem (default: 450). <br> The
unverified_recipient_tempfail_action parameter specifies the action
after address probe failure due to a temporary problem (default:
-defer_if_permit). <br> This feature is available in Postfix 2.1
-and later. </dd>
+defer_if_permit). <br> This feature breaks for aliased addresses
+when enable_original_recipient is set to "no". <br> This feature
+is available in Postfix 2.1 and later. </dd>
</dl>
code when an address probe failed due to a temporary problem
(default: 450). <br> The unverified_sender_tempfail_action parameter
specifies the action after address probe failure due to a temporary
-problem (default: defer_if_permit). <br> This feature is available
-in Postfix 2.1 and later. </dd>
+problem (default: defer_if_permit). <br> This feature breaks for
+aliased addresses when enable_original_recipient is set to "no".
+<br> This feature is avaiable in Postfix 2.1 and later. </dd>
</dl>
* Optionally fold the key.
*/
if (dict->flags & DICT_FLAG_FOLD_FIX) {
- if (dict->fold_buf == 0)
- dict->fold_buf = vstring_alloc(10);
- vstring_strcpy(dict->fold_buf, name);
- name = lowercase(vstring_str(dict->fold_buf));
+ if (dict->fold_buf == 0)
+ dict->fold_buf = vstring_alloc(10);
+ vstring_strcpy(dict->fold_buf, name);
+ name = lowercase(vstring_str(dict->fold_buf));
}
/*
* set.
*/
dict_ldap->timeout = cfg_get_int(dict_ldap->parser, "timeout", 10, 0, 0);
-
-#if 0 /* No benefit from changing
- * this to match the
- * MySQL/PGSQL syntax */
- if ((dict_ldap->query =
- cfg_get_str(dict_ldap->parser, "query", 0, 0, 0)) == 0)
-#endif
- dict_ldap->query =
- cfg_get_str(dict_ldap->parser, "query_filter",
- "(mailacceptinggeneralid=%s)", 0, 0);
-
+ dict_ldap->query =
+ cfg_get_str(dict_ldap->parser, "query_filter",
+ "(mailacceptinggeneralid=%s)", 0, 0);
if ((dict_ldap->result_format =
cfg_get_str(dict_ldap->parser, "result_format", 0, 0, 0)) == 0)
dict_ldap->result_format =
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20170722"
+#define MAIL_RELEASE_DATE "20170728"
#define MAIL_VERSION_NUMBER "3.3"
#ifdef SNAPSHOT
* XXX vrfy_stat is competely redundant because of dsn.
*/
if (var_verify_neg_cache || vrfy_stat == DEL_RCPT_STAT_OK) {
- req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat,
+ req_stat = verify_clnt_update(recipient->address, vrfy_stat,
my_dsn.reason);
/* Two verify updates for one verify request! */
- if (req_stat == VRFY_STAT_OK
+ if (req_stat == VRFY_STAT_OK && recipient->orig_addr[0]
&& strcasecmp_utf8(recipient->address, recipient->orig_addr) != 0)
- req_stat = verify_clnt_update(recipient->address, vrfy_stat,
+ req_stat = verify_clnt_update(recipient->orig_addr, vrfy_stat,
my_dsn.reason);
} else {
my_dsn.action = "undeliverable-but-not-cached";
MAKES = bool_table.h bool_vars.h int_table.h int_vars.h str_table.h \
str_vars.h time_table.h time_vars.h raw_table.h raw_vars.h \
nint_table.h nint_vars.h nbool_table.h nbool_vars.h long_table.h \
- long_vars.h str_fn_table.h str_fn_vars.h
+ long_vars.h str_fn_table.h str_fn_vars.h
+DB_MAKES= pcf_ldap_suffixes.h pcf_memcache_suffixes.h pcf_mysql_suffixes.h \
+ pcf_pgsql_suffixes.h pcf_sqlite_suffixes.h
TEST_TMP= main.cf master.cf test*.tmp
DUMMIES = makes_dummy # for "make -j"
PROG = postconf
$(AWK) -f extract.awk ../*/*.c | $(SHELL)
touch makes_dummy
+$(DB_MAKES): extract_cfg.sh Makefile.in
+
+pcf_ldap_suffixes.h: ../global/dict_ldap.c
+ sh extract_cfg.sh -d ../global/dict_ldap.c > $@
+
+pcf_memcache_suffixes.h: ../global/dict_memcache.c
+ sh extract_cfg.sh -d ../global/dict_memcache.c > $@
+
+pcf_mysql_suffixes.h: ../global/dict_mysql.c
+ sh extract_cfg.sh -d -s ../global/dict_mysql.c > $@
+
+pcf_pgsql_suffixes.h: ../global/dict_pgsql.c
+ sh extract_cfg.sh -d -s ../global/dict_pgsql.c > $@
+
+pcf_sqlite_suffixes.h: ../global/dict_sqlite.c
+ sh extract_cfg.sh -d -s ../global/dict_sqlite.c > $@
# Define two parameters with smtpd_restriction_classes. One will be ignored.
clean:
rm -f *.o *core $(PROG) $(TESTPROG) junk $(MAKES) $(AUTOS) $(DUMMIES) \
- $(TEST_TMP)
+ $(TEST_TMP) $(DB_MAKES)
rm -rf printfck
tidy: clean
postconf_dbms.o: ../../include/vbuf.h
postconf_dbms.o: ../../include/vstream.h
postconf_dbms.o: ../../include/vstring.h
-postconf_dbms.o: postconf.h
+postconf_dbms.o: pcf_ldap_suffixes.h
+postconf_dbms.o: pcf_memcache_suffixes.h
+postconf_dbms.o: pcf_mysql_suffixes.h
+postconf_dbms.o: pcf_pgsql_suffixes.h
postconf_dbms.o: postconf_dbms.c
+postconf_dbms.o: postconf.h
+postconf_dbms.o: pcf_sqlite_suffixes.h
postconf_edit.o: ../../include/argv.h
postconf_edit.o: ../../include/check_arg.h
postconf_edit.o: ../../include/dict.h
postconf_edit.o: ../../include/vstream.h
postconf_edit.o: ../../include/vstring.h
postconf_edit.o: ../../include/vstring_vstream.h
-postconf_edit.o: postconf.h
postconf_edit.o: postconf_edit.c
+postconf_edit.o: postconf.h
postconf_lookup.o: ../../include/argv.h
postconf_lookup.o: ../../include/check_arg.h
postconf_lookup.o: ../../include/dict.h
--- /dev/null
+#!/bin/sh
+
+# To view the formatted manual page of this file, type:
+# POSTFIXSOURCE/mantools/srctoman - extract_cfg.sh | nroff -man
+
+#++
+# NAME
+# extract_cfg 1
+# SUMMARY
+# extract database parameter names from cfg_get_xxx() calls
+# SYNOPSIS
+# \fBextract_cfg [-d|-s] [\fIfile...\fB]\fR
+# DESCRIPTION
+# The \fBextract_cfg\fR command extracts the parameter names
+# from cfg_get_{str,int,bool}() calls in dict_xxx.c files. The
+# output is one parameter name per line, formatted as a C string
+# followed by comma.
+#
+# Options:
+# .IP \fB-d\fR
+# Add the "domain" parameter to the output. This is used by
+# the LDAP, memcache, and *SQL* tables.
+# .IP \fB-s\fR
+# Add the legacy SQL query parameters: "select_field", "table",
+# "where_field", and "additional_conditions".
+# LICENSE
+# .ad
+# .fi
+# The Secure Mailer license must be distributed with this software.
+# HISTORY
+# .ad
+# .fi
+# This command was introduced with Postfix 3.3.
+# AUTHOR(S)
+# Wietse Venema
+# Google, Inc.
+# 111 8th Avenue
+# New York, NY 10011, USA
+#--
+
+# Flags to add db_common parameter names.
+add_legacy_sql_query_params=
+add_domain_param=
+
+# Parse JCL.
+
+while :
+do
+ case "$1" in
+ -d) add_domain_param=1;;
+ -s) add_legacy_sql_query_params=1;;
+ -*) echo Bad option: $1 1>&2; exit 1;;
+ *) break;;
+ esac
+ shift
+done
+
+# We use m4 macros to extract arguments from cfg_get_xxx() calls that
+# may span multiple lines. We sandwich information of interest between
+# control-A characters. Multiple cfg_get_xxx() calls on the same line
+# should be OK, as long as the calls don't nest.
+
+(
+cat <<'EOF'
+define(`cfg_get_str',`\ 1$2\ 1
+')dnl
+define(`cfg_get_int',`\ 1$2\ 1
+')dnl
+define(`cfg_get_bool',`\ 1$2\ 1
+')dnl
+EOF
+# Convert selected C macro definitions into m4 macro definitions.
+sed 's/^#define[ ]*\([DICT_MC_NAME_A-Za-z0-9_]*\)[ ]*\("[^"]*"\)/define(`\1'"'"',`\2'"'"')/' "$@"
+) | m4 | awk -F\ 1 '/\ 1/ { print $2 }' | (
+test -n "$add_domain_param" && {
+cat <<EOF
+"domain"
+EOF
+}
+test -n "$add_legacy_sql_query_params" && {
+cat <<EOF
+"table"
+"select_field"
+"where_field"
+"additional_conditions"
+EOF
+}
+cat -
+) | sort -u | sed 's/$/,/'
/* See ldap_table(5). */
static const char *pcf_ldap_suffixes[] = {
- "bind", "bind_dn", "bind_pw", "cache", "cache_expiry", "cache_size",
- "chase_referrals", "debuglevel", "dereference", "domain",
- "expansion_limit", "leaf_result_attribute", "query_filter",
- "recursion_limit", "result_attribute", "result_format",
- "sasl_authz_id", "sasl_mechs", "sasl_minssf", "sasl_realm",
- "scope", "search_base", "server_host", "server_port", "size_limit",
- "special_result_attribute", "start_tls", "terminal_result_attribute",
- "timeout", "tls_ca_cert_dir", "tls_ca_cert_file", "tls_cert",
- "tls_cipher_suite", "tls_key", "tls_random_file", "tls_require_cert",
- "version", 0,
+#include "pcf_ldap_suffixes.h"
+ 0,
};
/* See mysql_table(5). */
static const char *pcf_mysql_suffixes[] = {
- "additional_conditions", "dbname", "domain", "expansion_limit",
- "hosts", "password", "query", "result_format", "require_result_set",
- "select_field", "table", "user", "where_field", 0,
+#include "pcf_mysql_suffixes.h"
+ 0,
};
/* See pgsql_table(5). */
static const char *pcf_pgsql_suffixes[] = {
- "additional_conditions", "dbname", "domain", "expansion_limit",
- "hosts", "password", "query", "result_format", "select_field",
- "select_function", "table", "user", "where_field", 0,
+#include "pcf_pgsql_suffixes.h"
+ 0,
};
/* See sqlite_table(5). */
static const char *pcf_sqlite_suffixes[] = {
- "additional_conditions", "dbpath", "domain", "expansion_limit",
- "query", "result_format", "select_field", "table", "where_field",
+#include "pcf_sqlite_suffixes.h"
0,
};
/* See memcache_table(5). */
static const char *pcf_memcache_suffixes[] = {
- "backup", "data_size_limit", "domain", "flags", "key_format",
- "line_size_limit", "max_try", "memcache", "retry_pause",
- "timeout", "ttl", 0,
+#include "pcf_memcache_suffixes.h"
+ 0,
};
/*
projects / thirdparty / postfix.git / commitdiff
