transports. Cause: insufficient documentation. Files:
error/error.c, discard/discard.c.
+20070520
+
+ Bugfix (problem introduced Postfix 2.3): when DSN support
+ was introduced it broke "agressive" recipient duplicate
+ elimination with "enable_original_recipient = no". File:
+ cleanup/cleanup_out_recipient.c.
+
+20070523
+
+ Feature: cyrus_sasl_config_path to specify a search path
+ for Cyrus SASL configuration files (currently used only to
+ locate the smtpd.conf file). Based on code by Victor
+ Duchovni. Files: smtpd/smtpd.c xsasl/xsasl_cyrus_server.c,
+ (and xsasl/xsasl_cyrus_client.c for future expansion).
+
Wish list:
+ Update attr_print/scan() so they can send/receive file
+ descriptors. This simplifies kludgy code in many daemons.
+
+ Make adding date/from/etc. conditional. Perhaps on header
+ rewrite context? Do we need a more powerful concept than
+ local_header_rewrite_clients/remote_header_rewrite_domain?
+
Would there be a problem adding $smtpd_mumble_restrictions
and $smtpd_sender_login_maps to the default proxy_read_maps
settings?
passing additional parameters via the MAIL FROM command, because doing so would
require extending the MAIL FROM command length limit by another 600 or more
characters beyond the space that is already needed to support other extensions
-such as AUTH.
+such as AUTH and DSN.
X\bXF\bFO\bOR\bRW\bWA\bAR\bRD\bD C\bCo\bom\bmm\bma\ban\bnd\bd s\bsy\byn\bnt\bta\bax\bx
XFORWARD implementation supports.
The client may send the XFORWARD request at any time except in the middle of a
-mail delivery transaction (i.e. between MAIL and DOT). The command may be
-pipelined when the server supports ESMTP command pipelining.
+mail delivery transaction (i.e. between MAIL and RSET or DOT). The command may
+be pipelined when the server supports ESMTP command pipelining.
The syntax of XFORWARD requests is described below. Upper case and quoted
strings specify terminals, lowercase strings specify meta terminals, and SP is
Upon receipt of a correctly formatted XFORWARD command, the server stores the
specified attribute values, and erases the attributes whose value was specified
as [UNAVAILABLE]. All XFORWARD attributes are reset to the real client
-information after the MAIL FROM command completes.
+information after the MAIL FROM transaction completes (i.e. after RSET or DOT).
X\bXF\bFO\bOR\bRW\bWA\bAR\bRD\bD S\bSe\ber\brv\bve\ber\br r\bre\bep\bpl\bly\by c\bco\bod\bde\bes\bs
SMTP connection caching makes it possible to deliver multiple messages within
the same SMTP session. The XFORWARD attributes are reset after the MAIL FROM
-command completes, so there is no risk of information leakage.
+transaction completes (after RSET or DOT), so there is no risk of information
+leakage.
R\bRe\bef\bfe\ber\bre\ben\bnc\bce\bes\bs
FROM command, because doing so would require extending the MAIL
FROM command length limit by another 600 or more characters beyond
the space that is already needed to support other extensions such
-as AUTH. </p>
+as AUTH and DSN. </p>
<h2>XFORWARD Command syntax</h2>
<p> The client may send the XFORWARD request at any time except in
the middle of a mail delivery transaction (i.e. between MAIL and
-DOT). The command may be pipelined when the server supports
-ESMTP command pipelining.
-</p>
+RSET or DOT). The command may be pipelined when the server supports
+ESMTP command pipelining. </p>
<p> The syntax of XFORWARD requests is described below. Upper case
and quoted strings specify terminals, lowercase strings specify
server stores the specified attribute values, and erases the
attributes whose value was specified as [UNAVAILABLE]. All XFORWARD
attributes are reset to the real client information after the MAIL
-FROM command completes. </p>
+FROM transaction completes (i.e. after RSET or DOT). </p>
<h2> XFORWARD Server reply codes </h2>
<p> SMTP connection caching makes it possible to deliver multiple
messages within the same SMTP session. The XFORWARD attributes are
-reset after the MAIL FROM command completes, so there is no risk
-of information leakage. </p>
+reset after the MAIL FROM transaction completes (after RSET or DOT),
+so there is no risk of information leakage. </p>
<h2> References </h2>
<b>o</b> Template message header names can be specified in
upper case, lower case or mixed case. Postfix
- always uses the spelling as shown in the example
- above.
+ always produces bounce message header labels of the
+ form "<b>From:</b>" and "<b>Subject:</b>".
<b>o</b> Template message headers must not span multiple
lines.
- <b>o</b> Template message headers must not contain <a href="postconf.5.html">main.cf</a>
- $parameters.
+ <b>o</b> Template message headers do not support $parameter
+ expansions.
<b>o</b> Template message headers must contain ASCII charac-
- ters only.
+ ters only, and must not contain ASCII null charac-
+ ters.
<b>TEMPLATE MESSAGE TEXT FORMAT</b>
- The second portion of a bounce template consists of mes-
- sage text. As the above example shows, template message
- text may contain <a href="postconf.5.html">main.cf</a> $parameters. Besides the parame-
+ The second portion of a bounce template consists of mes-
+ sage text. As the above example shows, template message
+ text may contain <a href="postconf.5.html">main.cf</a> $parameters. Besides the parame-
ters that are defined in <a href="postconf.5.html">main.cf</a>, the following parameters
- are treated specially depending on the suffix that is
+ are treated specially depending on the suffix that is
appended to their name.
<b>delay_warning_time_</b><i>suffix</i>
- Expands
into the value of the <b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a></b>
- parameter, expressed in the time unit specified by
- <i>suffix</i>, which is one of <b>seconds</b>, <b>minutes</b>, <b>hours,</b>
+ Expands
into the value of the <b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a></b>
+ parameter, expressed in the time unit specified by
+ <i>suffix</i>, which is one of <b>seconds</b>, <b>minutes</b>, <b>hours,</b>
<b>days</b>, or <b>weeks</b>.
<b>maximal_queue_lifetime_</b><i>suffix</i>
- Expands
into the value of the <b><a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_life</a>-</b>
- <b><a href="postconf.5.html#maximal_queue_lifetime">time</a></b> parameter, expressed in the time unit speci-
+ Expands
into the value of the <b><a href="postconf.5.html#maximal_queue_lifetime">maximal_queue_life</a>-</b>
+ <b><a href="postconf.5.html#maximal_queue_lifetime">time</a></b> parameter, expressed in the time unit speci-
fied by <i>suffix</i>. See above under <b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a></b>
for possible <i>suffix</i> values.
- The usage and specification of template message text is
+ The usage and specification of template message text is
subject to the following restrictions:
<b>o</b> The template message text is not sent in Postmaster
copies of delivery status notifications.
- <b>o</b> If the template message text contains non-ASCII
+ <b>o</b> If the template message text contains non-ASCII
characters, Postfix requires that the <b>Charset:</b> tem-
- plate header is updated. Specify an appropriate
+ plate header is updated. Specify an appropriate
superset of US-ASCII. A superset is needed because
- Postfix appends ASCII text after the message tem-
+ Postfix appends ASCII text after the message tem-
plate when it sends a delivery status notification.
<b>SEE ALSO</b>
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
- The Postfix bounce template format was originally devel-
+ The Postfix bounce template format was originally devel-
oped by Nicolas Riendeau.
<b>AUTHOR(S)</b>
</p>
+</DD>
+
+<DT><b><a name="cyrus_sasl_config_path">cyrus_sasl_config_path</a>
+(default: empty)</b></DT><DD>
+
+<p> Search path for Cyrus SASL application configuration files,
+currently used only to locate the $<a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.conf file.
+Specify zero or more directories separated by a colon character,
+or an empty value to use Cyrus SASL's built-in search path. </p>
+
+<p> This feature is available in Postfix 2.5 and later when compiled
+with Cyrus SASL 2.1.22 or later. </p>
+
+
</DD>
<DT><b><a name="daemon_directory">daemon_directory</a>
The SASL plug-in type that the Postfix SMTP server
should use for authentication.
+ Available in Postfix version 2.5 and later:
+
+ <b><a href="postconf.5.html#cyrus_sasl_config_path">cyrus_sasl_config_path</a> (empty)</b>
+ Search path for Cyrus SASL application configura-
+ tion files, currently used only to locate the
+ $<a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.conf file.
+
<b>STARTTLS SUPPORT CONTROLS</b>
Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document.
The delay between queries for the completion of an
address verification request in progress.
- <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> (postmaster)</b>
+ <b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> ($<a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a>)</b>
The sender address to use in address verification
- probes.
+ probes; prior to Postfix 2.5 the default was "post-
+ master".
<b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a recipient address is rejected by the
+ The numerical Postfix SMTP server response code
+ when a recipient address is rejected by the
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
<b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response when a
+ The numerical Postfix SMTP server response when a
recipient address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_recipient">fied_recipient</a> restriction.
<b>ACCESS CONTROL RESPONSES</b>
- The following parameters control numerical SMTP reply
+ The following parameters control numerical SMTP reply
codes and/or text responses.
<b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a client is rejected by an <a href="access.5.html"><b>access</b>(5)</a> map
+ The numerical Postfix SMTP server response code
+ when a client is rejected by an <a href="access.5.html"><b>access</b>(5)</a> map
restriction.
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a remote SMTP client request is rejected by
+ The numerical Postfix SMTP server response code
+ when a remote SMTP client request is rejected by
the "defer" restriction.
<b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b>
- The numerical Postfix SMTP server response code
- when the client HELO or EHLO command parameter is
- rejected
by the <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
+ The numerical Postfix SMTP server response code
+ when the client HELO or EHLO command parameter is
+ rejected
by the <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
restriction.
<b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
+ The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a>
<b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b>
The numerical Postfix SMTP server reply code when a
- client request is rejected by the
+ client request is rejected by the
<a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>,
<a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a>
restriction.
<b><a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a request is rejected by the <b>reject_plain-</b>
+ The numerical Postfix SMTP server response code
+ when a request is rejected by the <b>reject_plain-</b>
<b>text_session</b> restriction.
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a remote SMTP client request is rejected by
+ The numerical Postfix SMTP server response code
+ when a remote SMTP client request is rejected by
the "reject" restriction.
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a client request is rejected by the
+ The numerical Postfix SMTP server response code
+ when a client request is rejected by the
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient restriction.
<b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a sender or recipient address is rejected by
+ The numerical Postfix SMTP server response code
+ when a sender or recipient address is rejected by
the <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or
<a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> restriction.
<b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a client without valid address <=> name map-
+ The numerical Postfix SMTP server response code
+ when a client without valid address <=> name map-
ping is rejected by the reject_unknown_client_host-
name restriction.
<b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when the hostname specified with the HELO or EHLO
- command is rejected by the
+ The numerical Postfix SMTP server response code
+ when the hostname specified with the HELO or EHLO
+ command is rejected by the
<a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> restriction.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b>
- The default SMTP server response template for a
- request that is rejected by an RBL-based restric-
+ The default SMTP server response template for a
+ request that is rejected by an RBL-based restric-
tion.
<b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b>
- The numerical Postfix SMTP server response code
+ The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a> restriction.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for an incoming connection
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of incoming connections that a
- Postfix daemon process will service before termi-
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
nating voluntarily.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
The internet hostname of this mail system.
<b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
- The list of "trusted" SMTP clients that have more
+ The list of "trusted" SMTP clients that have more
privileges than "strangers".
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to
- come from, and that locally posted mail is deliv-
+ come from, and that locally posted mail is deliv-
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon
+ The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
sions (user+foo).
<b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
- The text that follows the 220 status code in the
+ The text that follows the 220 status code in the
SMTP greeting banner.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> (CONNECT, GET, POST)</b>
- List of commands that causes the Postfix SMTP
- server to immediately terminate the session with a
+ List of commands that causes the Postfix SMTP
+ server to immediately terminate the session with a
221 code.
<b>SEE ALSO</b>
<a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
subject to the following restrictions:
.IP \(bu
Template message header names can be specified in upper
-case, lower case or mixed case. Postfix always uses the
-spelling as shown in the example above.
+case, lower case or mixed case. Postfix always produces
+bounce message header labels of the form "\fBFrom:\fR" and
+"\fBSubject:\fR".
.IP \(bu
Template message headers must not span multiple lines.
.IP \(bu
-Template message headers must not contain main.cf $parameters.
+Template message headers do not support $parameter expansions.
.IP \(bu
-Template message headers must contain ASCII characters only.
+Template message headers must contain ASCII characters only,
+and must not contain ASCII null characters.
.SH "TEMPLATE MESSAGE TEXT FORMAT"
.na
.nf
Postfix \fBtransport\fR(5) table. This setting has a lower precedence
than a content filter that is specified with an \fBaccess\fR(5) table or
in a \fBheader_checks\fR(5) or \fBbody_checks\fR(5) table.
+.SH cyrus_sasl_config_path (default: empty)
+Search path for Cyrus SASL application configuration files,
+currently used only to locate the $smtpd_sasl_path.conf file.
+Specify zero or more directories separated by a colon character,
+or an empty value to use Cyrus SASL's built-in search path.
+.PP
+This feature is available in Postfix 2.5 and later when compiled
+with Cyrus SASL 2.1.22 or later.
.SH daemon_directory (default: see "postconf -d" output)
The directory with Postfix support programs and daemon programs.
These should not be invoked directly by humans. The directory must
.IP "\fBsmtpd_sasl_type (cyrus)\fR"
The SASL plug-in type that the Postfix SMTP server should use
for authentication.
+.PP
+Available in Postfix version 2.5 and later:
+.IP "\fBcyrus_sasl_config_path (empty)\fR"
+Search path for Cyrus SASL application configuration files,
+currently used only to locate the $smtpd_sasl_path.conf file.
.SH "STARTTLS SUPPORT CONTROLS"
.na
.nf
.IP "\fBaddress_verify_poll_delay (3s)\fR"
The delay between queries for the completion of an address
verification request in progress.
-.IP "\fBaddress_verify_sender (postmaster)\fR"
-The sender address to use in address verification probes.
+.IP "\fBaddress_verify_sender ($double_bounce_sender)\fR"
+The sender address to use in address verification probes; prior
+to Postfix 2.5 the default was "postmaster".
.IP "\fBunverified_sender_reject_code (450)\fR"
The numerical Postfix SMTP server response code when a recipient
address is rejected by the reject_unverified_sender restriction.
s;\bsmtpd_reject_unlisted_sender\b;<a href="postconf.5.html#smtpd_reject_unlisted_sender">$&</a>;g;
s;\bsmtpd_restriction_classes\b;<a href="postconf.5.html#smtpd_restriction_classes">$&</a>;g;
s;\bsmtpd_sasl_path\b;<a href="postconf.5.html#smtpd_sasl_path">$&</a>;g;
+ s;\bcyrus_sasl_config_path\b;<a href="postconf.5.html#cyrus_sasl_config_path">$&</a>;g;
s;\bsmtpd_sasl_auth_enable\b;<a href="postconf.5.html#smtpd_sasl_auth_enable">$&</a>;g;
s;\bsmtpd_sasl_authenticated_header\b;<a href="postconf.5.html#smtpd_sasl_authenticated_header">$&</a>;g;
s;\bsmtpd_sasl_exceptions_networks\b;<a href="postconf.5.html#smtpd_sasl_exceptions_networks">$&</a>;g;
FROM command, because doing so would require extending the MAIL
FROM command length limit by another 600 or more characters beyond
the space that is already needed to support other extensions such
-as AUTH. </p>
+as AUTH and DSN. </p>
<h2>XFORWARD Command syntax</h2>
<p> The client may send the XFORWARD request at any time except in
the middle of a mail delivery transaction (i.e. between MAIL and
-DOT). The command may be pipelined when the server supports
-ESMTP command pipelining.
-</p>
+RSET or DOT). The command may be pipelined when the server supports
+ESMTP command pipelining. </p>
<p> The syntax of XFORWARD requests is described below. Upper case
and quoted strings specify terminals, lowercase strings specify
server stores the specified attribute values, and erases the
attributes whose value was specified as [UNAVAILABLE]. All XFORWARD
attributes are reset to the real client information after the MAIL
-FROM command completes. </p>
+FROM transaction completes (i.e. after RSET or DOT). </p>
<h2> XFORWARD Server reply codes </h2>
<p> SMTP connection caching makes it possible to deliver multiple
messages within the same SMTP session. The XFORWARD attributes are
-reset after the MAIL FROM command completes, so there is no risk
-of information leakage. </p>
+reset after the MAIL FROM transaction completes (after RSET or DOT),
+so there is no risk of information leakage. </p>
<h2> References </h2>
# subject to the following restrictions:
# .IP \(bu
# Template message header names can be specified in upper
-# case, lower case or mixed case. Postfix always uses the
-# spelling as shown in the example above.
+# case, lower case or mixed case. Postfix always produces
+# bounce message header labels of the form "\fBFrom:\fR" and
+# "\fBSubject:\fR".
# .IP \(bu
# Template message headers must not span multiple lines.
# .IP \(bu
-# Template message headers must not contain main.cf $parameters.
+# Template message headers do not support $parameter expansions.
# .IP \(bu
-# Template message headers must contain ASCII characters only.
+# Template message headers must contain ASCII characters only,
+# and must not contain ASCII null characters.
# TEMPLATE MESSAGE TEXT FORMAT
# .ad
# .fi
<p> This feature is available in Postfix 2.3 and later. In earlier
releases it was called smtpd_sasl_application. </p>
+%PARAM cyrus_sasl_config_path
+
+<p> Search path for Cyrus SASL application configuration files,
+currently used only to locate the $smtpd_sasl_path.conf file.
+Specify zero or more directories separated by a colon character,
+or an empty value to use Cyrus SASL's built-in search path. </p>
+
+<p> This feature is available in Postfix 2.5 and later when compiled
+with Cyrus SASL 2.1.22 or later. </p>
+
%PARAM smtp_sasl_path
<p> Implementation-specific information that the Postfix SMTP client
* Distinguish between different original recipient addresses that map
* onto the same mailbox. The recipient will use our original recipient
* message header to figure things out.
+ *
+ * Postfix 2.2 compatibility: when ignoring differences in Postfix original
+ * recipient information, also ignore differences in DSN attributes. We
+ * do, however, keep the DSN attributes of the recipient that survives
+ * duplicate elimination.
*/
#define STREQ(x, y) (strcmp((x), (y)) == 0)
if ((state->flags & CLEANUP_FLAG_MAP_OK) == 0
|| cleanup_virt_alias_maps == 0) {
- if (been_here(state->dups, "%s\n%d\n%s\n%s",
- dsn_orcpt, dsn_notify, orcpt, recip) == 0) {
+ if ((var_enable_orcpt ?
+ been_here(state->dups, "%s\n%d\n%s\n%s",
+ dsn_orcpt, dsn_notify, orcpt, recip) :
+ been_here_fixed(state->dups, recip)) == 0) {
if (dsn_notify)
cleanup_out_format(state, REC_TYPE_ATTR, "%s=%d",
MAIL_ATTR_DSN_NOTIFY, dsn_notify);
* notifications. The queue manager will flush the trace (and bounce)
* logfile, possibly after it has generated its own success or failure
* notification records.
+ *
+ * Postfix 2.2 compatibility: when ignoring differences in Postfix original
+ * recipient information, also ignore differences in DSN attributes. We
+ * do, however, keep the DSN attributes of the recipient that survives
+ * duplicate elimination.
*/
else {
RECIPIENT rcpt;
dsn_notify & ~DSN_NOTIFY_SUCCESS);
}
for (cpp = argv->argv; *cpp; cpp++) {
- if (been_here(state->dups, "%s\n%d\n%s\n%s",
- dsn_orcpt, dsn_notify, orcpt, *cpp) == 0) {
+ if ((var_enable_orcpt ?
+ been_here(state->dups, "%s\n%d\n%s\n%s",
+ dsn_orcpt, dsn_notify, orcpt, *cpp) :
+ been_here_fixed(state->dups, *cpp)) == 0) {
if (dsn_notify)
cleanup_out_format(state, REC_TYPE_ATTR, "%s=%d",
MAIL_ATTR_DSN_NOTIFY, dsn_notify);
#define DEF_SMTPD_SASL_PATH "smtpd"
extern char *var_smtpd_sasl_path;
+#define VAR_CYRUS_CONF_PATH "cyrus_sasl_config_path"
+#define DEF_CYRUS_CONF_PATH ""
+extern char *var_cyrus_conf_path;
+
#define VAR_SMTPD_SASL_TLS_OPTS "smtpd_sasl_tls_security_options"
#define DEF_SMTPD_SASL_TLS_OPTS "$" VAR_SMTPD_SASL_OPTS
extern char *var_smtpd_sasl_tls_opts;
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20070516"
+#define MAIL_RELEASE_DATE "20070524"
#define MAIL_VERSION_NUMBER "2.5"
#ifdef SNAPSHOT
/* void (*service)(VSTREAM *stream, char *service_name, char **argv);
/* int key;
/*
-/* void multi_server_disconnect(stream, argv)
+/* void multi_server_disconnect(stream)
/* VSTREAM *stream;
-/* char **argv;
/*
/* void multi_server_drain()
/* DESCRIPTION
/* Function to be executed prior to accepting a new connection.
/* .sp
/* Only the last instance of this parameter type is remembered.
-/* .IP "MAIL_SERVER_PRE_DISCONN (VSTREAM *, void *(char *service_name, char **argv))"
+/* .IP "MAIL_SERVER_PRE_DISCONN (VSTREAM *, char *service_name, char **argv)"
/* A pointer to a function that is called
/* by the multi_server_disconnect() function (see below).
/* .sp
VAR_LMTP_TCP_PORT, DEF_LMTP_TCP_PORT, &var_lmtp_tcp_port, 0, 0,
VAR_LMTP_PIX_BUG_WORDS, DEF_LMTP_PIX_BUG_WORDS, &var_smtp_pix_bug_words, 0, 0,
VAR_LMTP_PIX_BUG_MAPS, DEF_LMTP_PIX_BUG_MAPS, &var_smtp_pix_bug_maps, 0, 0,
+ VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0,
0,
};
static CONFIG_TIME_TABLE lmtp_time_table[] = {
bool var_smtp_cname_overr;
char *var_smtp_pix_bug_words;
char *var_smtp_pix_bug_maps;
+char *var_cyrus_conf_path;
/*
* Global variables.
VAR_LMTP_TCP_PORT, DEF_LMTP_TCP_PORT, &var_lmtp_tcp_port, 0, 0,
VAR_SMTP_PIX_BUG_WORDS, DEF_SMTP_PIX_BUG_WORDS, &var_smtp_pix_bug_words, 0, 0,
VAR_SMTP_PIX_BUG_MAPS, DEF_SMTP_PIX_BUG_MAPS, &var_smtp_pix_bug_maps, 0, 0,
+ VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0,
0,
};
static CONFIG_TIME_TABLE smtp_time_table[] = {
/* .IP "\fBsmtpd_sasl_type (cyrus)\fR"
/* The SASL plug-in type that the Postfix SMTP server should use
/* for authentication.
+/* .PP
+/* Available in Postfix version 2.5 and later:
+/* .IP "\fBcyrus_sasl_config_path (empty)\fR"
+/* Search path for Cyrus SASL application configuration files,
+/* currently used only to locate the $smtpd_sasl_path.conf file.
/* STARTTLS SUPPORT CONTROLS
/* .ad
/* .fi
/* .IP "\fBaddress_verify_poll_delay (3s)\fR"
/* The delay between queries for the completion of an address
/* verification request in progress.
-/* .IP "\fBaddress_verify_sender (postmaster)\fR"
-/* The sender address to use in address verification probes.
+/* .IP "\fBaddress_verify_sender ($double_bounce_sender)\fR"
+/* The sender address to use in address verification probes; prior
+/* to Postfix 2.5 the default was "postmaster".
/* .IP "\fBunverified_sender_reject_code (450)\fR"
/* The numerical Postfix SMTP server response code when a recipient
/* address is rejected by the reject_unverified_sender restriction.
bool var_smtpd_sasl_auth_hdr;
char *var_smtpd_sasl_opts;
char *var_smtpd_sasl_path;
+char *var_cyrus_conf_path;
char *var_smtpd_sasl_realm;
char *var_smtpd_sasl_exceptions_networks;
char *var_smtpd_sasl_type;
VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0,
VAR_SMTPD_SASL_OPTS, DEF_SMTPD_SASL_OPTS, &var_smtpd_sasl_opts, 0, 0,
VAR_SMTPD_SASL_PATH, DEF_SMTPD_SASL_PATH, &var_smtpd_sasl_path, 1, 0,
+ VAR_CYRUS_CONF_PATH, DEF_CYRUS_CONF_PATH, &var_cyrus_conf_path, 0, 0,
VAR_SMTPD_SASL_REALM, DEF_SMTPD_SASL_REALM, &var_smtpd_sasl_realm, 0, 0,
VAR_SMTPD_SASL_EXCEPTIONS_NETWORKS, DEF_SMTPD_SASL_EXCEPTIONS_NETWORKS, &var_smtpd_sasl_exceptions_networks, 0, 0,
VAR_FILTER_XPORT, DEF_FILTER_XPORT, &var_filter_xport, 0, 0,
xsasl_client.o: xsasl_client.c
xsasl_client.o: xsasl_cyrus.h
xsasl_cyrus_client.o: ../../include/argv.h
+xsasl_cyrus_client.o: ../../include/mail_params.h
xsasl_cyrus_client.o: ../../include/msg.h
xsasl_cyrus_client.o: ../../include/mymalloc.h
xsasl_cyrus_client.o: ../../include/stringops.h
xsasl_dovecot_server.o: ../../include/mail_params.h
xsasl_dovecot_server.o: ../../include/msg.h
xsasl_dovecot_server.o: ../../include/mymalloc.h
+xsasl_dovecot_server.o: ../../include/name_mask.h
xsasl_dovecot_server.o: ../../include/split_at.h
xsasl_dovecot_server.o: ../../include/stringops.h
xsasl_dovecot_server.o: ../../include/sys_defs.h
#include <mymalloc.h>
#include <stringops.h>
+ /*
+ * Global library.
+ */
+#include <mail_params.h>
+
/*
* Application-specific
*/
/* xsasl_cyrus_client_init - initialize Cyrus SASL library */
XSASL_CLIENT_IMPL *xsasl_cyrus_client_init(const char *unused_client_type,
- const char *unused_path_info)
+ const char *unused_path_info)
{
XSASL_CLIENT_IMPL *xp;
int sasl_status;
}
#endif
+ if (*var_cyrus_conf_path) {
+#ifdef SASL_PATH_TYPE_CONFIG /* Cyrus SASL 2.1.22 */
+ if (set_sasl_path(SASL_PATH_TYPE_CONFIG,
+ var_cyrus_conf_path) != SASL_OK)
+ msg_warn("failed to set Cyrus SASL configuration path: \"%s\"",
+ var_cyrus_conf_path);
+#else
+ msg_warn("%s is not empty, but setting the Cyrus SASL configuration "
+ "path is not supported with SASL library version %d.%d.%d",
+ VAR_CYRUS_CONF_PATH, SASL_VERSION_MAJOR,
+ SASL_VERSION_MINOR, SASL_VERSION_STEP);
+#endif
+ }
+
/*
* Initialize the SASL library.
*/
}
#endif
+ if (*var_cyrus_conf_path) {
+#ifdef SASL_PATH_TYPE_CONFIG /* Cyrus SASL 2.1.22 */
+ if (set_sasl_path(SASL_PATH_TYPE_CONFIG,
+ var_cyrus_conf_path) != SASL_OK)
+ msg_warn("failed to set Cyrus SASL configuration path: \"%s\"",
+ var_cyrus_conf_path);
+#else
+ msg_warn("%s is not empty, but setting the Cyrus SASL configuration "
+ "path is not supported with SASL library version %d.%d.%d",
+ VAR_CYRUS_CONF_PATH, SASL_VERSION_MAJOR,
+ SASL_VERSION_MINOR, SASL_VERSION_STEP);
+#endif
+ }
+
/*
* Initialize the library: load SASL plug-in routines, etc.
*/
projects / thirdparty / postfix.git / commitdiff
