Cleanup: polishing recent documentation and code. Files:
postscreen/postscreen_dnsbl.c, util/ip_match.c.
+
+20101201
+
+ Bugfix (introduced 20101129): broken default value for
+ postscreen_client_connection_count_limit if the
+ smtpd_client_connection_count_limit parameter was left at
+ its default. File: postscreen/postscreen.c.
+
+ Workaround: BSD-ish mkdir() ignores the effective GID
+ and copies group ownership from the parent directory.
+ File: util/make_dirs.c.
<ul>
<li> <p> When no "=filter" is specified, <a href="postscreen.8.html">postscreen(8)</a> will use any
-non-error DNSBL reply. Otherwise, the filter must be an IPv4
-address, and <a href="postscreen.8.html">postscreen(8)</a> uses only DNSBL replies that match the
-filter. </p>
+non-error DNSBL reply. Otherwise, <a href="postscreen.8.html">postscreen(8)</a> uses only DNSBL
+replies that match the filter. The filter has the form d.d.d.d,
+where each d is a number, or a pattern inside [] that contains one
+or more comma-separated numbers or number..number ranges. </p>
<li> <p> When no "*weight" is specified, <a href="postscreen.8.html">postscreen(8)</a> increments
the SMTP client's DNSBL score by 1. Otherwise, the weight must be
The default is to permit everything.
</p>
+<p> Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> by not sending HELO or EHLO).
+</p>
+
<p>
Specify a list of restrictions, separated by commas and/or whitespace.
Continue long lines by starting the next line with whitespace.
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the HELO or EHLO
hostname or parent domains, and execute the corresponding action.
Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
-restriction. </dd>
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_access">check_helo_access</a> by not sending HELO or EHLO). </dd>
<dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_mx_access">check_helo_mx_access</a> by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
</dd>
<dt><b><a name="check_helo_ns_access">check_helo_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can
+simply skip <a href="postconf.5.html#check_helo_ns_access">check_helo_ns_access</a> by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
</dd>
<dt><b><a name="reject_invalid_helo_hostname">reject_invalid_helo_hostname</a></b> (with Postfix < 2.3: reject_invalid_hostname)</dt>
<dd>Reject the request when the HELO or EHLO hostname syntax is
invalid. Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce
-this restriction. <br> The <a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> specifies
-the response code for rejected requests (default: 501).</dd>
+this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply
+skip <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a> by not sending HELO or EHLO).
+<br> The <a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> specifies the response code
+for rejected requests (default: 501).</dd>
<dt><b><a name="reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a></b> (with Postfix < 2.3: reject_non_fqdn_hostname)</dt>
<dd>Reject the request when the HELO or EHLO hostname is not in
fully-qualified domain form, as required by the RFC. Note: specify
-"<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this restriction. <br>
+"<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully enforce this restriction
+(without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a client can simply skip
+<a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a> by not sending HELO or EHLO). <br>
The <a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> parameter specifies the response code for
rejected requests (default: 504).</dd>
listed with any A record under <i>rbl_domain</i>. See the
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> description for additional RBL related configuration
parameters. Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
-enforce this restriction. This feature is available in Postfix 2.0
+enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
+client can simply skip <a href="postconf.5.html#reject_rhsbl_helo">reject_rhsbl_helo</a> by not sending HELO or
+EHLO). This feature is available in Postfix 2.0
and later. </dd>
<dt><b><a name="reject_unknown_helo_hostname">reject_unknown_helo_hostname</a></b> (with Postfix < 2.3: reject_unknown_hostname)</dt>
450). <br> The <a href="postconf.5.html#unknown_helo_hostname_tempfail_action">unknown_helo_hostname_tempfail_action</a> parameter
specifies the action after a temporary DNS error (default:
<a href="postconf.5.html#defer_if_permit">defer_if_permit</a>). Note: specify "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes" to fully
-enforce this restriction. </dd>
+enforce this restriction (without "<a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> = yes", a
+client can simply skip <a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> by not sending
+HELO or EHLO). </dd>
</dl>
comma or whitespace.
.IP \(bu
When no "=filter" is specified, \fBpostscreen\fR(8) will use any
-non-error DNSBL reply. Otherwise, the filter must be an IPv4
-address, and \fBpostscreen\fR(8) uses only DNSBL replies that match the
-filter.
+non-error DNSBL reply. Otherwise, \fBpostscreen\fR(8) uses only DNSBL
+replies that match the filter. The filter has the form d.d.d.d,
+where each d is a number, or a pattern inside [] that contains one
+or more comma-separated numbers or number..number ranges.
.IP \(bu
When no "*weight" is specified, \fBpostscreen\fR(8) increments
the SMTP client's DNSBL score by 1. Otherwise, the weight must be
.PP
The default is to permit everything.
.PP
+Note: specify "smtpd_helo_required = yes" to fully enforce this
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip smtpd_helo_restrictions by not sending HELO or EHLO).
+.PP
Specify a list of restrictions, separated by commas and/or whitespace.
Continue long lines by starting the next line with whitespace.
Restrictions are applied in the order as specified; the first
Search the specified \fBaccess\fR(5) database for the HELO or EHLO
hostname or parent domains, and execute the corresponding action.
Note: specify "smtpd_helo_required = yes" to fully enforce this
-restriction.
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_access by not sending HELO or EHLO).
.IP "\fBcheck_helo_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for
the HELO or EHLO hostname, and execute the corresponding action.
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_mx_access by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
.IP "\fBcheck_helo_ns_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the DNS servers
for the HELO or EHLO hostname, and execute the corresponding action.
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_ns_access by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
.IP "\fBreject_invalid_helo_hostname\fR (with Postfix < 2.3: reject_invalid_hostname)"
Reject the request when the HELO or EHLO hostname syntax is
invalid. Note: specify "smtpd_helo_required = yes" to fully enforce
-this restriction.
+this restriction (without "smtpd_helo_required = yes", a client can simply
+skip reject_invalid_helo_hostname by not sending HELO or EHLO).
.br
-The invalid_hostname_reject_code specifies
-the response code for rejected requests (default: 501).
+The invalid_hostname_reject_code specifies the response code
+for rejected requests (default: 501).
.IP "\fBreject_non_fqdn_helo_hostname\fR (with Postfix < 2.3: reject_non_fqdn_hostname)"
Reject the request when the HELO or EHLO hostname is not in
fully-qualified domain form, as required by the RFC. Note: specify
-"smtpd_helo_required = yes" to fully enforce this restriction.
+"smtpd_helo_required = yes" to fully enforce this restriction
+(without "smtpd_helo_required = yes", a client can simply skip
+reject_non_fqdn_helo_hostname by not sending HELO or EHLO).
.br
The non_fqdn_reject_code parameter specifies the response code for
rejected requests (default: 504).
listed with any A record under \fIrbl_domain\fR. See the
reject_rbl_client description for additional RBL related configuration
parameters. Note: specify "smtpd_helo_required = yes" to fully
-enforce this restriction. This feature is available in Postfix 2.0
+enforce this restriction (without "smtpd_helo_required = yes", a
+client can simply skip reject_rhsbl_helo by not sending HELO or
+EHLO). This feature is available in Postfix 2.0
and later.
.IP "\fBreject_unknown_helo_hostname\fR (with Postfix < 2.3: reject_unknown_hostname)"
Reject the request when the HELO or EHLO hostname has no DNS A
The unknown_helo_hostname_tempfail_action parameter
specifies the action after a temporary DNS error (default:
defer_if_permit). Note: specify "smtpd_helo_required = yes" to fully
-enforce this restriction.
+enforce this restriction (without "smtpd_helo_required = yes", a
+client can simply skip reject_unknown_helo_hostname by not sending
+HELO or EHLO).
.PP
Other restrictions that are valid in this context:
.IP \(bu
The default is to permit everything.
</p>
+<p> Note: specify "smtpd_helo_required = yes" to fully enforce this
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip smtpd_helo_restrictions by not sending HELO or EHLO).
+</p>
+
<p>
Specify a list of restrictions, separated by commas and/or whitespace.
Continue long lines by starting the next line with whitespace.
<dd>Search the specified access(5) database for the HELO or EHLO
hostname or parent domains, and execute the corresponding action.
Note: specify "smtpd_helo_required = yes" to fully enforce this
-restriction. </dd>
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_access by not sending HELO or EHLO). </dd>
<dt><b><a name="check_helo_mx_access">check_helo_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_mx_access by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
</dd>
<dt><b><a name="check_helo_ns_access">check_helo_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
Note 1: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. Note
2: specify "smtpd_helo_required = yes" to fully enforce this
-restriction. This feature is available in Postfix 2.1 and later.
+restriction (without "smtpd_helo_required = yes", a client can
+simply skip check_helo_ns_access by not sending HELO or EHLO). This
+feature is available in Postfix 2.1 and later.
</dd>
<dt><b><a name="reject_invalid_helo_hostname">reject_invalid_helo_hostname</a></b> (with Postfix < 2.3: reject_invalid_hostname)</dt>
<dd>Reject the request when the HELO or EHLO hostname syntax is
invalid. Note: specify "smtpd_helo_required = yes" to fully enforce
-this restriction. <br> The invalid_hostname_reject_code specifies
-the response code for rejected requests (default: 501).</dd>
+this restriction (without "smtpd_helo_required = yes", a client can simply
+skip reject_invalid_helo_hostname by not sending HELO or EHLO).
+<br> The invalid_hostname_reject_code specifies the response code
+for rejected requests (default: 501).</dd>
<dt><b><a name="reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a></b> (with Postfix < 2.3: reject_non_fqdn_hostname)</dt>
<dd>Reject the request when the HELO or EHLO hostname is not in
fully-qualified domain form, as required by the RFC. Note: specify
-"smtpd_helo_required = yes" to fully enforce this restriction. <br>
+"smtpd_helo_required = yes" to fully enforce this restriction
+(without "smtpd_helo_required = yes", a client can simply skip
+reject_non_fqdn_helo_hostname by not sending HELO or EHLO). <br>
The non_fqdn_reject_code parameter specifies the response code for
rejected requests (default: 504).</dd>
listed with any A record under <i>rbl_domain</i>. See the
reject_rbl_client description for additional RBL related configuration
parameters. Note: specify "smtpd_helo_required = yes" to fully
-enforce this restriction. This feature is available in Postfix 2.0
+enforce this restriction (without "smtpd_helo_required = yes", a
+client can simply skip reject_rhsbl_helo by not sending HELO or
+EHLO). This feature is available in Postfix 2.0
and later. </dd>
<dt><b><a name="reject_unknown_helo_hostname">reject_unknown_helo_hostname</a></b> (with Postfix < 2.3: reject_unknown_hostname)</dt>
450). <br> The unknown_helo_hostname_tempfail_action parameter
specifies the action after a temporary DNS error (default:
defer_if_permit). Note: specify "smtpd_helo_required = yes" to fully
-enforce this restriction. </dd>
+enforce this restriction (without "smtpd_helo_required = yes", a
+client can simply skip reject_unknown_helo_hostname by not sending
+HELO or EHLO). </dd>
</dl>
<ul>
<li> <p> When no "=filter" is specified, postscreen(8) will use any
-non-error DNSBL reply. Otherwise, the filter must be an IPv4
-address, and postscreen(8) uses only DNSBL replies that match the
-filter. </p>
+non-error DNSBL reply. Otherwise, postscreen(8) uses only DNSBL
+replies that match the filter. The filter has the form d.d.d.d,
+where each d is a number, or a pattern inside [] that contains one
+or more comma-separated numbers or number..number ranges. </p>
<li> <p> When no "*weight" is specified, postscreen(8) increments
the SMTP client's DNSBL score by 1. Otherwise, the weight must be
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20101130"
+#define MAIL_RELEASE_DATE "20101201"
#define MAIL_VERSION_NUMBER "2.8"
#ifdef SNAPSHOT
int var_ps_cmd_count;
char *var_ps_cmd_time;
+int var_smtpd_cconn_limit;
int var_ps_cconn_limit;
/*
VAR_PROC_LIMIT, DEF_PROC_LIMIT, &var_proc_limit, 1, 0,
VAR_PS_DNSBL_THRESH, DEF_PS_DNSBL_THRESH, &var_ps_dnsbl_thresh, 0, 0,
VAR_PS_CMD_COUNT, DEF_PS_CMD_COUNT, &var_ps_cmd_count, 1, 0,
+ VAR_SMTPD_CCONN_LIMIT, DEF_SMTPD_CCONN_LIMIT, &var_smtpd_cconn_limit, 0, 0,
0,
};
static const CONFIG_NINT_TABLE nint_table[] = {
int make_dirs(const char *path, int perms)
{
+ const char *myname = "make_dirs";
char *saved_path;
unsigned char *cp;
int saved_ch;
struct stat st;
int ret;
mode_t saved_mode = 0;
+ gid_t egid = -1;
/*
* Initialize. Make a copy of the path that we can safely clobber.
break;
}
}
+
+ /*
+ * Fix directory ownership when mkdir() ignores the effective
+ * GID. Don't change the effective UID for doing this.
+ */
+ if ((ret = stat(saved_path, &st)) < 0) {
+ msg_warn("%s: stat saved_path: %m", myname);
+ break;
+ }
+ if (egid == -1)
+ egid = getegid();
+ if (st.st_gid != egid && (ret = chown(saved_path, -1, egid)) < 0) {
+ msg_warn("%s: chgrp saved_path: %m", myname);
+ break;
+ }
}
if (saved_ch != 0)
*cp = saved_ch;
projects / thirdparty / postfix.git / commitdiff
