Likewise, include the current TLS security level in the TLS
client serverid field. File: smtp/smtp_proto.c.
+
+20250622
+
+ Bugfix (defect introduced: 20250509): added missing ``#ifdef
+ USE_TLS'' guards around memcache key_digest support. File:
+ global/dict_memcache.c.
+
+20250623
+
+ Feature: change the Postfix SMTP client smtp_tls_security_level
+ default value to "may" if Postfix was built with TLS support,
+ and the compatibility_level is 3.11 or higher. At lower
+ compatibility levels, change the default to "empty" and log
+ a backwards compatibility reminder. Files: global/mail_params.h,
+ smtp/smtp.c, tlsproxy/tlsproxy.c, proto/postconf.proto,
+ proto/COMPATIBILITY_README.html.
+
+ There is no equivalent change for Postfix server TLS security
+ levels, because changing the level alone is not sufficient.
+ Server-side TLS requires that at least one private key and
+ corresponding public-key certificate chain are configured.
-P\bPo\bos\bst\btf\bfi\bix\bx B\bBa\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-C\bCo\bom\bmp\bpa\bat\bti\bib\bbi\bil\bli\bit\bty\by S\bSa\baf\bfe\bet\bty\by N\bNe\bet\bt
-
--------------------------------------------------------------------------------
-
-P\bPu\bur\brp\bpo\bos\bse\be o\bof\bf t\bth\bhi\bis\bs d\bdo\boc\bcu\bum\bme\ben\bnt\bt
-
-Postfix 3.0 introduces a safety net that runs Postfix programs with backwards-
-compatible default settings after an upgrade. The safety net will log a warning
-whenever a "new" default setting could have an negative effect on your mail
-flow.
-
-This document provides information on the following topics:
-
- * Detailed descriptions of Postfix backwards-compatibility warnings.
-
- * What backwards-compatible settings you may have to make permanent in
- main.cf or master.cf.
-
- * How to turn off Postfix backwards-compatibility warnings.
-
-O\bOv\bve\ber\brv\bvi\bie\bew\bw
-
-With backwards compatibility turned on, Postfix logs a message whenever a
-backwards-compatible default setting may be required for continuity of service.
-Based on this logging the system administrator can decide if any backwards-
-compatible settings need to be made permanent in main.cf or master.cf, before
-turning off the backwards-compatibility safety net as described at the end of
-this document.
-
-Logged with compatibility_level < 1:
-
- * Using backwards-compatible default setting append_dot_mydomain=yes
-
- * Using backwards-compatible default setting chroot=y
-
- * Using backwards-compatible default setting "smtpd_relay_restrictions =
- (empty)"
-
- * Using backwards-compatible default setting smtputf8_enable=no
-
-Logged with compatibility_level < 2:
-
- * Using backwards-compatible default setting mynetworks_style=subnet
-
- * Using backwards-compatible default setting relay_domains=$mydestination
-
-Logged with compatibility_level < 3.6:
-
- * Using backwards-compatible default setting smtpd_tls_fingerprint_digest=md5
-
- * Using backwards-compatible default setting smtp_tls_fingerprint_digest=md5
-
- * Using backwards-compatible default setting lmtp_tls_fingerprint_digest=md5
-
- * Using backwards-compatible default setting
- smtpd_relay_before_recipient_restrictions=no
-
- * Using backwards-compatible default setting respectful_logging=no
-
-Logged with compatibility_level < 3.11:
-
- * using backwards-compatible default setting
- smtp_tlsrpt_skip_reused_handshakes=yes
-
-If such a message is logged in the context of a legitimate request, the system
-administrator should make the backwards-compatible setting permanent in main.cf
-or master.cf, as detailed in the sections that follow.
-
-When no more backwards-compatible settings need to be made permanent, the
-system administrator should turn off the backwards-compatibility safety net as
-described at the end of this document.
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg a\bap\bpp\bpe\ben\bnd\bd_\b_d\bdo\bot\bt_\b_m\bmy\byd\bdo\bom\bma\bai\bin\bn=\b=y\bye\bes\bs
-
-The append_dot_mydomain default value has changed from "yes" to "no". This
-could result in unexpected non-delivery of email after Postfix is updated from
-an older version. The backwards-compatibility safety net is designed to prevent
-such surprises.
-
-As long as the append_dot_mydomain parameter is left unspecified at its
-implicit default value, and the compatibility_level setting is less than 1,
-Postfix may log one of the following messages:
-
- * Messages about missing "localhost" in mydestination or other address class:
-
- postfix/trivial-rewrite[14777]: using backwards-compatible
- default setting append_dot_mydomain=yes to rewrite
- "localhost" to "localhost.example.com"; please add
- "localhost" to mydestination or other address class
-
- If Postfix logs the above message, add "localhost" to mydestination (or
- virtual_alias_domains, virtual_mailbox_domains, or relay_domains) and
- execute the command "p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd".
-
- * Messages about incomplete domains in email addresses:
-
- postfix/trivial-rewrite[25835]: using backwards-compatible
- default setting append_dot_mydomain=yes to rewrite "foo" to
- "foo.example.com"
-
- If Postfix logs the above message for domains different from "localhost",
- and the sender cannot be changed to use complete domain names in email
- addresses, then the system administrator should make the backwards-
- compatible setting "append_dot_mydomain = yes" permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf a\bap\bpp\bpe\ben\bnd\bd_\b_d\bdo\bot\bt_\b_m\bmy\byd\bdo\bom\bma\bai\bin\bn=\b=y\bye\bes\bs
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg c\bch\bhr\bro\boo\bot\bt=\b=y\by
-
-The master.cf chroot default value has changed from "y" (yes) to "n" (no). The
-new default avoids the need for copies of system files under the Postfix queue
-directory. However, sites with strict security requirements may want to keep
-the chroot feature enabled after updating Postfix from an older version. The
-backwards-compatibility safety net is designed allow the administrator to
-choose if they want to keep the old behavior.
-
-As long as a master.cf chroot field is left unspecified at its implicit default
-value, and the compatibility_level setting is less than 1, Postfix may log the
-following message while it reads the master.cf file:
-
- postfix/master[27664]: /etc/postfix/master.cf: line 72: using
- backwards-compatible default setting chroot=y
-
-If this service should remain chrooted, then the system administrator should
-make the backwards-compatible setting "chroot = y" permanent in master.cf. For
-example, to update the chroot setting for the "smtp inet" service:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-F\bF s\bsm\bmt\btp\bp/\b/i\bin\bne\bet\bt/\b/c\bch\bhr\bro\boo\bot\bt=\b=y\by
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg s\bsm\bmt\btp\bpd\bd_\b_r\bre\bel\bla\bay\by_\b_r\bre\bes\bst\btr\bri\bic\bct\bti\bio\bon\bns\bs =\b= (\b(e\bem\bmp\bpt\bty\by)\b)
-
-The smtpd_relay_restrictions feature was introduced with Postfix version 2.10,
-as a safety mechanism for configuration errors in smtpd_recipient_restrictions
-that could make Postfix an open relay.
-
-The smtpd_relay_restrictions implicit default setting forbids mail to remote
-destinations from clients that don't match permit_mynetworks or
-permit_sasl_authenticated. This could result in unexpected 'Relay access
-denied' errors after Postfix is updated from an older Postfix version. The
-backwards-compatibility safety net is designed to prevent such surprises.
-
-When the compatibility_level less than 1, and the smtpd_relay_restrictions
-parameter is left unspecified at its implicit default setting, Postfix may log
-the following message:
-
- postfix/smtpd[38463]: using backwards-compatible default setting
- "smtpd_relay_restrictions = (empty)" to avoid "Relay access
- denied" error for recipient "user@example.com" from client
- "host.example.net[10.0.0.2]"
-
-If this request should not be blocked, then the system administrator should
-make the backwards-compatible setting "smtpd_relay_restrictions=" (i.e. empty)
-permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bsm\bmt\btp\bpd\bd_\b_r\bre\bel\bla\bay\by_\b_r\bre\bes\bst\btr\bri\bic\bct\bti\bio\bon\bns\bs=\b=
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg s\bsm\bmt\btp\bpu\but\btf\bf8\b8_\b_e\ben\bna\bab\bbl\ble\be=\b=n\bno\bo
-
-The smtputf8_enable default value has changed from "no" to "yes". With the new
-"yes" setting, the Postfix SMTP server rejects non-ASCII addresses from clients
-that don't request SMTPUTF8 support, after Postfix is updated from an older
-version. The backwards-compatibility safety net is designed to prevent such
-surprises.
-
-As long as the smtputf8_enable parameter is left unspecified at its implicit
-default value, and the compatibility_level setting is less than 1, Postfix logs
-a warning each time an SMTP command uses a non-ASCII address localpart without
-requesting SMTPUTF8 support:
-
- postfix/smtpd[27560]: using backwards-compatible default setting
- smtputf8_enable=no to accept non-ASCII sender address
- "??@example.org" from localhost[127.0.0.1]
-
- postfix/smtpd[27560]: using backwards-compatible default setting
- smtputf8_enable=no to accept non-ASCII recipient address
- "??@example.com" from localhost[127.0.0.1]
-
-If the address should not be rejected, and the client cannot be updated to use
-SMTPUTF8, then the system administrator should make the backwards-compatible
-setting "smtputf8_enable = no" permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bsm\bmt\btp\bpu\but\btf\bf8\b8_\b_e\ben\bna\bab\bbl\ble\be=\b=n\bno\bo
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg m\bmy\byn\bne\bet\btw\bwo\bor\brk\bks\bs_\b_s\bst\bty\byl\ble\be=\b=s\bsu\bub\bbn\bne\bet\bt
-
-The mynetworks_style default value has changed from "subnet" to "host". This
-parameter is used to implement the "permit_mynetworks" feature. The change
-could cause unexpected 'access denied' errors after Postfix is updated from an
-older version. The backwards-compatibility safety net is designed to prevent
-such surprises.
-
-As long as the mynetworks and mynetworks_style parameters are left unspecified
-at their implicit default values, and the compatibility_level setting is less
-than 2, the Postfix SMTP server may log one of the following messages:
-
- postfix/smtpd[17375]: using backwards-compatible default setting
- mynetworks_style=subnet to permit request from client
- "foo.example.com[10.1.1.1]"
-
- postfix/postscreen[24982]: using backwards-compatible default
- setting mynetworks_style=subnet to permit request from client
- "10.1.1.1"
-
-If the client request should not be rejected, then the system administrator
-should make the backwards-compatible setting "mynetworks_style = subnet"
-permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf m\bmy\byn\bne\bet\btw\bwo\bor\brk\bks\bs_\b_s\bst\bty\byl\ble\be=\b=s\bsu\bub\bbn\bne\bet\bt
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg r\bre\bel\bla\bay\by_\b_d\bdo\bom\bma\bai\bin\bns\bs=\b=$\b$m\bmy\byd\bde\bes\bst\bti\bin\bna\bat\bti\bio\bon\bn
-
-The relay_domains default value has changed from "$mydestination" to the empty
-value. This could result in unexpected 'Relay access denied' errors or ETRN
-errors after Postfix is updated from an older version. The backwards-
-compatibility safety net is designed to prevent such surprises.
-
-As long as the relay_domains parameter is left unspecified at its implicit
-default value, and the compatibility_level setting is less than 2, Postfix may
-log one of the following messages.
-
- * Messages about accepting mail for a remote domain:
-
- postfix/smtpd[19052]: using backwards-compatible default setting
- relay_domains=$mydestination to accept mail for domain
- "foo.example.com"
-
- postfix/smtpd[19052]: using backwards-compatible default setting
- relay_domains=$mydestination to accept mail for address
- "user@foo.example.com"
-
- * Messages about providing ETRN service for a remote domain:
-
- postfix/smtpd[19138]: using backwards-compatible default setting
- relay_domains=$mydestination to flush mail for domain
- "bar.example.com"
-
- postfix/smtp[13945]: using backwards-compatible default setting
- relay_domains=$mydestination to update fast-flush logfile for
- domain "bar.example.com"
-
-If Postfix should continue to accept mail for that domain or continue to
-provide ETRN service for that domain, then the system administrator should make
-the backwards-compatible setting "relay_domains = $mydestination" permanent in
-main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf '\b'r\bre\bel\bla\bay\by_\b_d\bdo\bom\bma\bai\bin\bns\bs=\b=$\b$m\bmy\byd\bde\bes\bst\bti\bin\bna\bat\bti\bio\bon\bn'\b'
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-Note: quotes are required as indicated above.
-
-Instead of $mydestination, it may be better to specify an explicit list of
-domain names.
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg s\bsm\bmt\btp\bpd\bd_\b_t\btl\bls\bs_\b_f\bfi\bin\bng\bge\ber\brp\bpr\bri\bin\bnt\bt_\b_d\bdi\big\bge\bes\bst\bt=\b=m\bmd\bd5\b5
-
-The smtpd_tls_fingerprint_digest default value has changed from "md5" to
-"sha256". With the new "sha256" setting, the Postfix SMTP server avoids using
-the deprecated "md5" algorithm and computes a more secure digest of the client
-certificate.
-
-If you're using the default "md5" setting, or even an explicit "sha1" (also
-deprecated) setting, you should consider switching to "sha256". This will
-require updating any associated lookup table keys with the "sha256" digests of
-the expected client certificate or public key.
-
-As long as the smtpd_tls_fingerprint_digest parameter is left unspecified at
-its implicit default value, and the compatibility_level setting is less than
-3.6, Postfix logs a warning each time a client certificate or public key
-fingerprint is (potentially) used for access control:
-
- postfix/smtpd[27560]: using backwards-compatible default setting
- smtpd_tls_fingerprint_digest=md5 to compute certificate fingerprints
-
-Since any client certificate fingerprints are passed in policy service lookups,
-and Postfix doesn't know whether the fingerprint will be used, the warning may
-also be logged when policy lookups are performed for connections that used a
-client certificate, even if the policy service does not in fact examine the
-client certificate. To reduce the noise somewhat, such warnings are issued at
-most once per smtpd(8) process instance.
-
-If you prefer to stick with "md5", you can suppress the warnings by making that
-setting explicit. After addressing any other compatibility warnings, you can
-update your compatibility level.
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bsm\bmt\btp\bpd\bd_\b_t\btl\bls\bs_\b_f\bfi\bin\bng\bge\ber\brp\bpr\bri\bin\bnt\bt_\b_d\bdi\big\bge\bes\bst\bt=\b=m\bmd\bd5\b5
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg s\bsm\bmt\btp\bp_\b_t\btl\bls\bs_\b_f\bfi\bin\bng\bge\ber\brp\bpr\bri\bin\bnt\bt_\b_d\bdi\big\bge\bes\bst\bt=\b=m\bmd\bd5\b5
-
-The smtp_tls_fingerprint_digest and lmtp_tls_fingerprint_digest default values
-have changed from "md5" to "sha256". With the new "sha256" setting, the Postfix
-SMTP and LMTP client avoids using the deprecated "md5" algorithm and computes a
-more secure digest of the server certificate.
-
-If you're using the default "md5" setting, or even an explicit "sha1" (also
-deprecated) setting, you should consider switching to "sha256". This will
-require updating any "fingerprint" security level policies in the TLS policy
-table to specify matching "sha256" digests of the expected server certificates
-or public keys.
-
-As long as the smtp_tls_fingerprint_digest (or LMTP equivalent) parameter is
-left unspecified at its implicit default value, and the compatibility_level
-setting is less than 3.6, Postfix logs a warning each time the "fingerprint"
-security level is used to specify matching "md5" digests of trusted server
-certificates or public keys:
-
- postfix/smtp[27560]: using backwards-compatible default setting
- smtp_tls_fingerprint_digest=md5 to compute certificate fingerprints
-
-If you prefer to stick with "md5", you can suppress the warnings by making that
-setting explicit. After addressing any other compatibility warnings, you can
-update your compatibility level.
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf '\b's\bsm\bmt\btp\bp_\b_t\btl\bls\bs_\b_f\bfi\bin\bng\bge\ber\brp\bpr\bri\bin\bnt\bt_\b_d\bdi\big\bge\bes\bst\bt =\b= m\bmd\bd5\b5'\b' \\b\
- '\b'l\blm\bmt\btp\bp_\b_t\btl\bls\bs_\b_f\bfi\bin\bng\bge\ber\brp\bpr\bri\bin\bnt\bt_\b_d\bdi\big\bge\bes\bst\bt =\b= m\bmd\bd5\b5'\b'
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg
-s\bsm\bmt\btp\bpd\bd_\b_r\bre\bel\bla\bay\by_\b_b\bbe\bef\bfo\bor\bre\be_\b_r\bre\bec\bci\bip\bpi\bie\ben\bnt\bt_\b_r\bre\bes\bst\btr\bri\bic\bct\bti\bio\bon\bns\bs=\b=n\bno\bo
-
-The smtpd_relay_before_recipient_restrictions feature was introduced in Postfix
-version 3.6, to evaluate smtpd_relay_restrictions before
-smtpd_recipient_restrictions. Historically, smtpd_relay_restrictions was
-evaluated after smtpd_recipient_restrictions, contradicting documented
-behavior.
-
- Background: smtpd_relay_restrictions is primarily designed to enforce a
- mail relaying policy, while smtpd_recipient_restrictions is primarily
- designed to enforce spam blocking policy. Both are evaluated while replying
- to the RCPT TO command, and both support the same features.
-
-To maintain compatibility with earlier versions, Postfix will keep evaluating
-smtpd_recipient_restrictions before smtpd_relay_restrictions, as long as the
-compatibility_level is less than 3.6, and the
-smtpd_relay_before_recipient_restrictions parameter is left unspecified at its
-implicit default setting. As a reminder, Postfix may log the following message:
-
- postfix/smtpd[54696]: using backwards-compatible default setting
- smtpd_relay_before_recipient_restrictions=no to reject recipient
- "user@example.com" from client "host.example.net[10.0.0.2]"
-
-If Postfix should keep evaluating smtpd_recipient_restrictions before
-smtpd_relay_restrictions, then the system administrator should make the
-backwards-compatible setting "smtpd_relay_before_recipient_restrictions=no"
-permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bsm\bmt\btp\bpd\bd_\b_r\bre\bel\bla\bay\by_\b_b\bbe\bef\bfo\bor\bre\be_\b_r\bre\bec\bci\bip\bpi\bie\ben\bnt\bt_\b_r\bre\bes\bst\btr\bri\bic\bct\bti\bio\bon\bns\bs=\b=n\bno\bo
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg r\bre\bes\bsp\bpe\bec\bct\btf\bfu\bul\bl_\b_l\blo\bog\bgg\bgi\bin\bng\bg=\b=n\bno\bo
-
-Postfix version 3.6 deprecates configuration parameter names and logging that
-suggest white is better than black. Instead it prefers 'allowlist, 'denylist',
-and variations of those words. While the renamed configuration parameters have
-backwards-compatible default values, the changes in logging could affect
-logfile analysis tools.
-
-To avoid breaking existing logfile analysis tools, Postfix will keep logging
-the deprecated form, as long as the respectful_logging parameter is left
-unspecified at its implicit default value, and the compatibility_level setting
-is less than 3.6. As a reminder, Postfix may log the following when a remote
-SMTP client is allowlisted or denylisted:
-
- postfix/postscreen[22642]: Using backwards-compatible default setting
- respectful_logging=no for client [address]:port
-
-If Postfix should keep logging the deprecated form, then the system
-administrator should make the backwards-compatible setting "respectful_logging
-= no" permanent in main.cf.
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf "\b"r\bre\bes\bsp\bpe\bec\bct\btf\bfu\bul\bl_\b_l\blo\bog\bgg\bgi\bin\bng\bg =\b= n\bno\bo"\b"
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-U\bUs\bsi\bin\bng\bg b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbl\ble\be d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bg
-s\bsm\bmt\btp\bp_\b_t\btl\bls\bsr\brp\bpt\bt_\b_s\bsk\bki\bip\bp_\b_r\bre\beu\bus\bse\bed\bd_\b_h\bha\ban\bnd\bds\bsh\bha\bak\bke\bes\bs=\b=y\bye\bes\bs
-
-Postfix version 3.11 changes the default value for
-smtp_tlsrpt_skip_reused_handshakes from "yes" to "no". The backwards-
-compatibility safety net is designed to prevent an unexpected change in
-reporting behavior when Postfix is updated from an older version.
-
-As long as the smtp_tlsrpt_skip_reused_handshakes parameter is left unspecified
-at its implicit default value, and the compatibility_level setting is less than
-3.11, Postfix will log a reminder that it is using the backwards-compatible
-default:
-
- postfix/smtp[388157] using backwards-compatible default setting
- smtp_tlsrpt_skip_reused_handshakes=yes
-
-To keep the old default setting, the system administrator should make the
-backwards-compatible setting "smtp_tlsrpt_skip_reused_handshakes = yes"
-permanent in main.cf:
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bsm\bmt\btp\bp_\b_t\btl\bls\bsr\brp\bpt\bt_\b_s\bsk\bki\bip\bp_\b_r\bre\beu\bus\bse\bed\bd_\b_h\bha\ban\bnd\bds\bsh\bha\bak\bke\bes\bs=\b=y\bye\bes\bs
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-T\bTu\bur\brn\bni\bin\bng\bg o\bof\bff\bf t\bth\bhe\be b\bba\bac\bck\bkw\bwa\bar\brd\bds\bs-\b-c\bco\bom\bmp\bpa\bat\bti\bib\bbi\bil\bli\bit\bty\by s\bsa\baf\bfe\bet\bty\by n\bne\bet\bt
-
-Backwards compatibility is turned off by updating the compatibility_level
-setting in main.cf.
-
- # p\bpo\bos\bst\btc\bco\bon\bnf\bf c\bco\bom\bmp\bpa\bat\bti\bib\bbi\bil\bli\bit\bty\by_\b_l\ble\bev\bve\bel\bl=\b=N\bN
- # p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd
-
-For N specify the number that is logged in your postfix(1) warning message:
-
- warning: To disable backwards compatibility use "postconf
- compatibility_level=N" and "postfix reload"
-
-Sites that don't care about backwards compatibility may set
-"compatibility_level = 9999" at their own risk.
-
-Starting with Postfix version 3.6, the compatibility level in the above warning
-message is the Postfix version that introduced the last incompatible change.
-The level is formatted as major.minor.patch, where patch is usually omitted and
-defaults to zero. Earlier compatibility levels are 0, 1 and 2.
-
-NOTE: Postfix 3.6 also introduces support for the "<level", "<=level", and
-other operators to compare compatibility levels. With the standard operators
-"<", "<=", etc., compatibility level "3.10" would be smaller than "3.9" which
-is undesirable.
-
<li> <p> <a href="#tlsrpt_reused"> using backwards-compatible default
setting smtp_tlsrpt_skip_reused_handshakes=yes</a> </p>
+<li> <p> <a href="#xxx_tls_level"> using backwards-compatible default
+setting <i>xxx</i>_security_level=(empty)</a> </p>
+
</ul>
<p>
</pre>
</blockquote>
+<h2> <a name="xxx_tls_level"> Using backwards-compatible
+default setting <i>xxx</i>_security_level=(empty)</a> </h2>
+
+<p> Postfix version 3.11 changes the default value for client TLS
+security levels from "empty" to "yes". The backwards-compatibility
+safety net is designed to prevent an unexpected change in mail
+sending behavior when Postfix is updated from an older version.
+</p>
+
+<p> There is no equivalent change for Postfix server TLS security
+levels, because changing the level alone is not sufficient. Server-side
+TLS requires that at least one private key and one public-key
+certificate chain are configured. </p>
+
+<p> As long as a TLS security level parameter is left unspecified
+at its implicit default value, and the <a href="postconf.5.html#compatibility_level">compatibility_level</a> setting
+is less than 3.11, Postfix will log one of the following reminders
+that it is using the backwards-compatible default: </p>
+
+<blockquote>
+<pre>
+postfix/smtp[...] using backwards-compatible default setting
+ <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a>=(empty)
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+postfix/tlsproxy[...] using backwards-compatible default setting
+ <a href="postconf.5.html#tlsproxy_client_security_level">tlsproxy_client_security_level</a>=(empty)
+</pre>
+</blockquote>
+
+<p> To keep the old default setting, the system administrator should
+make the backwards-compatible empty setting permanent in <a href="postconf.5.html">main.cf</a>: </p>
+
+<blockquote>
+<pre>
+# <b>postconf <i>xxx</i>_security_level=</b>
+# <b>postfix reload</b>
+</pre>
+</blockquote>
+
+<p> where <i>xxx</i> is taken from the above compatibility message. </p>
+
<h2> <a name="turnoff">Turning off the backwards-compatibility safety net</a> </h2>
<p> Backwards compatibility is turned off by updating the
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
- <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
+ <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (Postfix</b> ><b>= 3.11: may; Postfix</b> < <b>3.11: empty)</b>
The default SMTP TLS security level for the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The pathname of a UNIX-domain datagram socket that is managed by
a local TLSRPT reporting service.
- <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (yes)</b>
- Do not report the TLSRPT status for TLS protocol handshakes that
- reuse a previously-negotiated TLS session (there is no new
- information to report).
+ <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (Postfix</b> ><b>= 3.11: no, Postfix 3.10:</b>
+ <b>yes)</b>
+ When set to "yes", report the TLSRPT status only for "new" TLS
+ sessions.
<b><a href="postconf.5.html#tls_required_enable">tls_required_enable</a> (yes)</b>
Enable support for the "TLS-Required: no" message header,
defined in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>.
<b><a name="obsolete_starttls_controls">OBSOLETE STARTTLS CONTROLS</a></b>
- The following configuration parameters exist for compatibility with
- Postfix versions before 2.3. Support for these will be removed in a
+ The following configuration parameters exist for compatibility with
+ Postfix versions before 2.3. Support for these will be removed in a
future release.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
- Opportunistic mode: use TLS when a remote SMTP server announces
+ Opportunistic mode: use TLS when a remote SMTP server announces
STARTTLS support, otherwise send the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
- Enforcement mode: require that remote SMTP servers use TLS
+ Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
- With mandatory TLS encryption, require that the remote SMTP
- server hostname matches the information in the remote SMTP
+ With mandatory TLS encryption, require that the remote SMTP
+ server hostname matches the information in the remote SMTP
server certificate.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
- Optional lookup tables with the Postfix SMTP client TLS usage
- policy by next-hop destination and by remote SMTP server host-
+ Optional lookup tables with the Postfix SMTP client TLS usage
+ policy by next-hop destination and by remote SMTP server host-
name.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
- Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
+ Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
cipher list.
<b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
- The Postfix SMTP client time limit for completing a TCP connec-
+ The Postfix SMTP client time limit for completing a TCP connec-
tion, or zero (use the operating system built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the HELO or EHLO
- command, and for receiving the initial remote SMTP server
+ The Postfix SMTP client time limit for sending the HELO or EHLO
+ command, and for receiving the initial remote SMTP server
response.
<b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
mand, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the MAIL FROM
+ The Postfix SMTP client time limit for sending the MAIL FROM
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the SMTP RCPT TO
+ The Postfix SMTP client time limit for sending the SMTP RCPT TO
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
- The Postfix SMTP client time limit for sending the SMTP DATA
+ The Postfix SMTP client time limit for sending the SMTP DATA
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
- The Postfix SMTP client time limit for sending the SMTP message
+ The Postfix SMTP client time limit for sending the SMTP message
content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
- The maximal number of MX (mail exchanger) IP addresses that can
- result from Postfix SMTP client mail exchanger lookups, or zero
+ The maximal number of MX (mail exchanger) IP addresses that can
+ result from Postfix SMTP client mail exchanger lookups, or zero
(no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
- The maximal number of SMTP sessions per delivery request before
- the Postfix SMTP client gives up or delivers to a fall-back
+ The maximal number of SMTP sessions per delivery request before
+ the Postfix SMTP client gives up or delivers to a fall-back
<a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
Available in Postfix version 2.2 and earlier:
<b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
- Keep
Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
+ Keep
Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
seconds.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
- Permanently enable SMTP connection caching for the specified
+ Permanently enable SMTP connection caching for the specified
destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
- Temporarily enable SMTP connection caching while a destination
+ Temporarily enable SMTP connection caching while a destination
has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
<b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
- Time limit for connection cache connect, send or receive opera-
+ Time limit for connection cache connect, send or receive opera-
tions.
Available in Postfix version 2.9 - 3.6:
<b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
- Change the behavior of the smtp_*_timeout time limits, from a
- time limit per read or write system call, to a time limit to
- send or receive a complete record (an SMTP command line, SMTP
- response line, SMTP message content line, or TLS protocol mes-
+ Change the behavior of the smtp_*_timeout time limits, from a
+ time limit per read or write system call, to a time limit to
+ send or receive a complete record (an SMTP command line, SMTP
+ response line, SMTP message content line, or TLS protocol mes-
sage).
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
- When SMTP connection caching is enabled, the number of times
- that an SMTP session may be reused before it is closed, or zero
+ When SMTP connection caching is enabled, the number of times
+ that an SMTP session may be reused before it is closed, or zero
(no limit).
Available in Postfix version 3.4 and later:
Available in Postfix version 3.7 and later:
<b><a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a> (no)</b>
- Change the behavior of the smtp_*_timeout time limits, from a
- time limit per plaintext or TLS read or write call, to a com-
- bined time limit for sending a complete SMTP request and for
+ Change the behavior of the smtp_*_timeout time limits, from a
+ time limit per plaintext or TLS read or write call, to a com-
+ bined time limit for sending a complete SMTP request and for
receiving a complete SMTP response.
<b><a href="postconf.5.html#smtp_min_data_rate">smtp_min_data_rate</a> (500)</b>
- The minimum plaintext data transfer rate in bytes/second for
+ The minimum plaintext data transfer rate in bytes/second for
DATA requests, when deadlines are enabled with
<a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a>.
<b><a href="postconf.5.html#transport_destination_concurrency_limit">transport_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
- A
transport-specific override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
+ A
transport-specific override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
<a href="postconf.5.html#default_destination_concurrency_limit">currency_limit</a> parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
name of the message delivery transport.
<b><a href="postconf.5.html#transport_destination_recipient_limit">transport_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipi</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">ent_limit</a>)</b>
A transport-specific override for the <a href="postconf.5.html#default_destination_recipient_limit">default_destination_recip</a>-
- <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>
parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+ <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>
parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
name of the message delivery transport.
<b><a name="smtputf8_controls">SMTPUTF8 CONTROLS</a></b>
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
- Enable preliminary SMTPUTF8 support for the protocols described
+ Enable preliminary SMTPUTF8 support for the protocols described
in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
- Detect that a message requires SMTPUTF8 support for the speci-
+ Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
Available in Postfix version 3.2 and later:
<b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
- Enable 'transitional' compatibility between IDNA2003 and
- IDNA2008, when converting UTF-8 domain names to/from the ASCII
+ Enable 'transitional' compatibility between IDNA2003 and
+ IDNA2008, when converting UTF-8 domain names to/from the ASCII
form that is used for DNS lookups.
<b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a nexthop destina-
- tion, remote client or server name or network address matches a
+ The increment in verbose logging level when a nexthop destina-
+ tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of nexthop destination, remote client or server
- name or network address patterns that, if matched, cause the
- verbose logging level to increase by the amount specified in
+ Optional list of nexthop destination, remote client or server
+ name or network address patterns that, if matched, cause the
+ verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications about mail delivery
+ The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or proto-
col errors.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
- What categories of Postfix-generated mail are subject to
- before-queue
content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
+ What categories of Postfix-generated mail are subject to
+ before-queue
content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
<b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
- Where the Postfix SMTP client should deliver mail when it
+ Where the Postfix SMTP client should deliver mail when it
detects a "mail loops back to myself" error condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to handle a
+ How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
- The maximal number of digits after the decimal point when log-
+ The maximal number of digits after the decimal point when log-
ging delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP clients.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
- The local network interface addresses that this mail system
+ The local network interface addresses that this mail system
receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d' output)</b>
- The Internet protocols Postfix will attempt to use when making
+ The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
- The time limit for sending or receiving information over an
+ The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
- When a remote LMTP server announces no DSN support, assume that
- the server performs final delivery, and send "delivered" deliv-
+ When a remote LMTP server announces no DSN support, assume that
+ the server performs final delivery, and send "delivered" deliv-
ery status notifications instead of "relayed".
<b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
The default TCP port that the Postfix LMTP client connects to.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix daemon process
+ The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The process name of a Postfix command or daemon process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
- The remote network interface addresses that this mail system
- receives mail on by way of a proxy or network address transla-
+ The remote network interface addresses that this mail system
+ receives mail on by way of a proxy or network address transla-
tion unit.
<b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
- client will try first, when a destination has IPv6 and IPv4
+ client will try first, when a destination has IPv6 and IPv4
addresses with equal MX preference.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
- An optional numerical network address that the Postfix SMTP
+ An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv4 connection.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
- An optional numerical network address that the Postfix SMTP
+ An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv6 connection.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Available with Postfix 2.2 and earlier:
Available with Postfix 2.3 and later:
<b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
- Optional list of relay destinations that will be used when an
- SMTP destination is not found, or when delivery fails due to a
+ Optional list of relay destinations that will be used when an
+ SMTP destination is not found, or when delivery fails due to a
non-permanent error.
Available with Postfix 3.0 and later:
<b><a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a> (rcpt)</b>
- In the context of email address verification, the SMTP protocol
+ In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
Available with Postfix 3.1 and later:
Available in Postfix 3.7 and later:
<b><a href="postconf.5.html#smtp_bind_address_enforce">smtp_bind_address_enforce</a> (no)</b>
- Defer delivery when the Postfix SMTP client cannot apply the
+ Defer delivery when the Postfix SMTP client cannot apply the
<a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> or <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> setting.
<b><a name="see_also">SEE ALSO</a></b>
address. </p>
-</DD>
-
-<DT><b><a name="relocated_prefix_enable">relocated_prefix_enable</a>
-(default: yes)</b></DT><DD>
-
-<p> Prepend the prefix "<b>5.1.6 User has moved to </b>" to all
-<a href="postconf.5.html#relocated_maps">relocated_maps</a> lookup results. With "<a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> =
-no", all lookup results must contain a valid <a href="https://tools.ietf.org/html/rfc3463">RFC 3463</a> compliant
-enhanced status code and text (format: "[45].number.number text...").
-
-<p>
-Example:
-</p>
-
-<pre>
-/etc/postfix/<a href="postconf.5.html">main.cf</a>:
- <a href="postconf.5.html#relocated_maps">relocated_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated
- <a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> = no
-<br>
-<a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated:
- user@example.com 5.2.1 User account is disabled
-</pre>
-
-
</DD>
<DT><b><a name="enable_threaded_bounces">enable_threaded_bounces</a>
</pre>
+</DD>
+
+<DT><b><a name="relocated_prefix_enable">relocated_prefix_enable</a>
+(default: yes)</b></DT><DD>
+
+<p> Prepend the prefix "<b>5.1.6 User has moved to </b>" to all
+<a href="postconf.5.html#relocated_maps">relocated_maps</a> lookup results. With "<a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> =
+no", all lookup results must contain a valid <a href="https://tools.ietf.org/html/rfc3463">RFC 3463</a> compliant
+enhanced status code and text (format: "[45].number.number text...").
+
+<p>
+Example:
+</p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ <a href="postconf.5.html#relocated_maps">relocated_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated
+ <a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> = no
+<br>
+<a href="DATABASE_README.html#types">hash</a>:/etc/postfix/relocated:
+ user@example.com 5.2.1 User account is disabled
+</pre>
+
+
</DD>
<DT><b><a name="remote_header_rewrite_domain">remote_header_rewrite_domain</a>
</DD>
<DT><b><a name="smtp_tls_security_level">smtp_tls_security_level</a>
-(default: empty)</b></DT><DD>
+(default: Postfix ≥ 3.11: may; Postfix < 3.11: empty)</b></DT><DD>
<p> The default SMTP TLS security level for the Postfix SMTP client.
When a non-empty value is specified, this overrides the obsolete
parameters <a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a>, <a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a>, and <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a>;
-when no value is specified for <a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> or the obsolete
-parameters, the default SMTP TLS security level is
-<a href="TLS_README.html#client_tls_none">none</a>. </p>
+when no value is specified for those obsolete parameters, the default
+SMTP TLS security level is <a href="TLS_README.html#client_tls_may">may</a>
+(<a href="postconf.5.html#compatibility_level">compatibility_level</a> ≥ 3.11) or <a
+href="TLS_README.html#client_tls_none">none</a>
+(<a href="postconf.5.html#compatibility_level">compatibility_level</a> < 3.11). </p>
<p> Specify one of the following security levels: </p>
<link rel='stylesheet' type='text/css' href='postfix-doc.css'>
<title> Postfix manual - relocated(5) </title>
</head> <body> <pre>
-RELOCATED(5) RELOCATED(5)
+<i>RELOCATED</i>(5) File Formats Manual <i>RELOCATED</i>(5)
<b><a name="name">NAME</a></b>
relocated - Postfix relocated table format
Normally, the <a href="relocated.5.html"><b>relocated</b>(5)</a> table is specified as a text file that
serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The result, an indexed file
- in <b>dbm</b> or <b>db</b> format, is used for fast searching by the mail system.
- Execute the command "<b>postmap /etc/postfix/relocated</b>" to rebuild an
- indexed file after changing the corresponding relocated table.
+ in <b>dbm</b> or <b>db</b> format, is used for fast searching by the mail system. Ex-
+ ecute the command "<b>postmap /etc/postfix/relocated</b>" to rebuild an in-
+ dexed file after changing the corresponding relocated table.
When the table is provided via other means such as NIS, LDAP or SQL,
the same lookups are done as for ordinary indexed files.
Alternatively, the table can be provided as a regular-expression map
- where patterns are given as regular expressions, or lookups can be
- directed to a TCP-based server. In those case, the lookups are done in
- a slightly different way as described below under "REGULAR EXPRESSION
- TABLES" or "TCP-BASED TABLES".
+ where patterns are given as regular expressions, or lookups can be di-
+ rected to a TCP-based server. In those case, the lookups are done in a
+ slightly different way as described below under "REGULAR EXPRESSION TA-
+ BLES" or "TCP-BASED TABLES".
Table lookups are case insensitive.
<b><a name="case_folding">CASE FOLDING</a></b>
- The search string is folded to lowercase before database lookup. As of
- Postfix 2.3, the search string is not case folded with database types
- such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose lookup fields can match both upper and
+ The search string is folded to lowercase before database lookup. As of
+ Postfix 2.3, the search string is not case folded with database types
+ such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose lookup fields can match both upper and
lower case.
<b><a name="table_format">TABLE FORMAT</a></b>
<i>pattern new</i><b>_</b><i>location</i>
Where <i>new</i><b>_</b><i>location</i> specifies contact information such as an
- email address, or perhaps a street address or telephone number.
+ email address, or perhaps a street address or telephone number.
- <b>o</b> Postfix 3.11 and later can optionally disable the hard-coded
- prefix. Specify "<a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> = no" in <a href="postconf.5.html">main.cf</a>, and
- specify <a href="postconf.5.html#relocated_maps">relocated_maps</a> entries with your own <a href="https://tools.ietf.org/html/rfc3463">RFC 3463</a>-compliant
+ <b>o</b> Postfix 3.11 and later can optionally disable the hard-coded
+ prefix. Specify "<a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> = no" in <a href="postconf.5.html">main.cf</a>, and
+ specify <a href="postconf.5.html#relocated_maps">relocated_maps</a> entries with your own <a href="https://tools.ietf.org/html/rfc3463">RFC 3463</a>-compliant
enhanced status code and text, for example:
<i>pattern</i> 5.2.0 Mailbox is unavailable
<i>pattern</i> 5.2.1 Mailbox is disabled
- <b>o</b> Empty lines and whitespace-only lines are ignored, as are lines
+ <b>o</b> Empty lines and whitespace-only lines are ignored, as are lines
whose first non-whitespace character is a `#'.
- <b>o</b> A logical line starts with non-whitespace text. A line that
+ <b>o</b> A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
<b><a name="table_search_order">TABLE SEARCH ORDER</a></b>
- With lookups from indexed files such as DB or DBM, or from networked
- tables such as NIS, LDAP or SQL, patterns are tried in the order as
+ With lookups from indexed files such as DB or DBM, or from networked
+ tables such as NIS, LDAP or SQL, patterns are tried in the order as
listed below:
<i>user</i>@<i>domain</i>
- Matches <i>user</i>@<i>domain</i>. This form has precedence over all other
+ Matches <i>user</i>@<i>domain</i>. This form has precedence over all other
forms.
<i>user</i> Matches <i>user</i>@<i>site</i> when <i>site</i> is $<b><a href="postconf.5.html#myorigin">myorigin</a></b>, when <i>site</i> is listed in
<b><a name="address_extension">ADDRESS EXTENSION</a></b>
When a mail address localpart contains the optional recipient delimiter
- (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order becomes: <i>user+foo</i>@<i>domain</i>,
+ (e.g., <i>user+foo</i>@<i>domain</i>), the lookup order becomes: <i>user+foo</i>@<i>domain</i>,
<i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and @<i>domain</i>.
<b><a name="regular_expression_tables">REGULAR EXPRESSION TABLES</a></b>
- This section describes how the table lookups change when the table is
- given in the form of regular expressions or when lookups are directed
- to a TCP-based server. For a description of regular expression lookup
- table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. For a description
+ This section describes how the table lookups change when the table is
+ given in the form of regular expressions or when lookups are directed
+ to a TCP-based server. For a description of regular expression lookup
+ table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>. For a description
of the TCP client/server table lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This
feature is available in Postfix 2.5 and later.
- Each pattern is a regular expression that is applied to the entire
- address being looked up. Thus, <i>user@domain</i> mail addresses are not bro-
- ken up into their <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i>
- broken up into <i>user</i> and <i>foo</i>.
+ Each pattern is a regular expression that is applied to the entire ad-
+ dress being looked up. Thus, <i>user@domain</i> mail addresses are not broken
+ up into their <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i> bro-
+ ken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.
The table format does not understand quoting conventions.
<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
- The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant. The text
- below provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more
- details including examples.
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant. The text be-
+ low provides only a parameter summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details
+ including examples.
<b><a href="postconf.5.html#relocated_maps">relocated_maps</a> (empty)</b>
Optional lookup tables with new contact information for users or
Available with Postfix version 3.11 and later:
<b><a href="postconf.5.html#relocated_prefix_enable">relocated_prefix_enable</a> (yes)</b>
- Prepend the prefix "<b>5.1.6 User has moved to</b> " to all relo-
+ Prepend the prefix "<b>5.1.6 User has moved to</b> " to all relo-
cated_maps lookup results.
Other parameters of interest:
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
- The local network interface addresses that this mail system
- receives mail on.
+ The local network interface addresses that this mail system re-
+ ceives mail on.
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b>
- The
list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
+ The
list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
mail delivery transport.
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
- The domain name that locally-posted mail appears to come from,
+ The domain name that locally-posted mail appears to come from,
and that locally posted mail is delivered to.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
- The remote network interface addresses that this mail system
- receives mail on by way of a proxy or network address transla-
- tion unit.
+ The remote network interface addresses that this mail system re-
+ ceives mail on by way of a proxy or network address translation
+ unit.
<b><a name="see_also">SEE ALSO</a></b>
<a href="trivial-rewrite.8.html">trivial-rewrite(8)</a>, address resolver
111 8th Avenue
New York, NY 10011, USA
- RELOCATED(5)
+ <i>RELOCATED</i>(5)
</pre> </body> </html>
Detailed information about STARTTLS configuration may be found in the
<a href="TLS_README.html">TLS_README</a> document.
- <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (empty)</b>
+ <b><a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> (Postfix</b> ><b>= 3.11: may; Postfix</b> < <b>3.11: empty)</b>
The default SMTP TLS security level for the Postfix SMTP client.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a>)</b>
The pathname of a UNIX-domain datagram socket that is managed by
a local TLSRPT reporting service.
- <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (yes)</b>
- Do not report the TLSRPT status for TLS protocol handshakes that
- reuse a previously-negotiated TLS session (there is no new
- information to report).
+ <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (Postfix</b> ><b>= 3.11: no, Postfix 3.10:</b>
+ <b>yes)</b>
+ When set to "yes", report the TLSRPT status only for "new" TLS
+ sessions.
<b><a href="postconf.5.html#tls_required_enable">tls_required_enable</a> (yes)</b>
Enable support for the "TLS-Required: no" message header,
defined in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>.
<b><a name="obsolete_starttls_controls">OBSOLETE STARTTLS CONTROLS</a></b>
- The following configuration parameters exist for compatibility with
- Postfix versions before 2.3. Support for these will be removed in a
+ The following configuration parameters exist for compatibility with
+ Postfix versions before 2.3. Support for these will be removed in a
future release.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
- Opportunistic mode: use TLS when a remote SMTP server announces
+ Opportunistic mode: use TLS when a remote SMTP server announces
STARTTLS support, otherwise send the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
- Enforcement mode: require that remote SMTP servers use TLS
+ Enforcement mode: require that remote SMTP servers use TLS
encryption, and never send mail in the clear.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
- With mandatory TLS encryption, require that the remote SMTP
- server hostname matches the information in the remote SMTP
+ With mandatory TLS encryption, require that the remote SMTP
+ server hostname matches the information in the remote SMTP
server certificate.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
- Optional lookup tables with the Postfix SMTP client TLS usage
- policy by next-hop destination and by remote SMTP server host-
+ Optional lookup tables with the Postfix SMTP client TLS usage
+ policy by next-hop destination and by remote SMTP server host-
name.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
- Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
+ Obsolete Postfix < 2.3 control for the Postfix SMTP client TLS
cipher list.
<b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
- The Postfix SMTP client time limit for completing a TCP connec-
+ The Postfix SMTP client time limit for completing a TCP connec-
tion, or zero (use the operating system built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the HELO or EHLO
- command, and for receiving the initial remote SMTP server
+ The Postfix SMTP client time limit for sending the HELO or EHLO
+ command, and for receiving the initial remote SMTP server
response.
<b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
mand, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the MAIL FROM
+ The Postfix SMTP client time limit for sending the MAIL FROM
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
- The Postfix SMTP client time limit for sending the SMTP RCPT TO
+ The Postfix SMTP client time limit for sending the SMTP RCPT TO
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
- The Postfix SMTP client time limit for sending the SMTP DATA
+ The Postfix SMTP client time limit for sending the SMTP DATA
command, and for receiving the remote SMTP server response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
- The Postfix SMTP client time limit for sending the SMTP message
+ The Postfix SMTP client time limit for sending the SMTP message
content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
- The maximal number of MX (mail exchanger) IP addresses that can
- result from Postfix SMTP client mail exchanger lookups, or zero
+ The maximal number of MX (mail exchanger) IP addresses that can
+ result from Postfix SMTP client mail exchanger lookups, or zero
(no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
- The maximal number of SMTP sessions per delivery request before
- the Postfix SMTP client gives up or delivers to a fall-back
+ The maximal number of SMTP sessions per delivery request before
+ the Postfix SMTP client gives up or delivers to a fall-back
<a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
Available in Postfix version 2.2 and earlier:
<b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
- Keep
Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
+ Keep
Postfix LMTP client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
seconds.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
- Permanently enable SMTP connection caching for the specified
+ Permanently enable SMTP connection caching for the specified
destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
- Temporarily enable SMTP connection caching while a destination
+ Temporarily enable SMTP connection caching while a destination
has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
<b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
- Time limit for connection cache connect, send or receive opera-
+ Time limit for connection cache connect, send or receive opera-
tions.
Available in Postfix version 2.9 - 3.6:
<b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
- Change the behavior of the smtp_*_timeout time limits, from a
- time limit per read or write system call, to a time limit to
- send or receive a complete record (an SMTP command line, SMTP
- response line, SMTP message content line, or TLS protocol mes-
+ Change the behavior of the smtp_*_timeout time limits, from a
+ time limit per read or write system call, to a time limit to
+ send or receive a complete record (an SMTP command line, SMTP
+ response line, SMTP message content line, or TLS protocol mes-
sage).
Available in Postfix version 2.11 and later:
<b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
- When SMTP connection caching is enabled, the number of times
- that an SMTP session may be reused before it is closed, or zero
+ When SMTP connection caching is enabled, the number of times
+ that an SMTP session may be reused before it is closed, or zero
(no limit).
Available in Postfix version 3.4 and later:
Available in Postfix version 3.7 and later:
<b><a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a> (no)</b>
- Change the behavior of the smtp_*_timeout time limits, from a
- time limit per plaintext or TLS read or write call, to a com-
- bined time limit for sending a complete SMTP request and for
+ Change the behavior of the smtp_*_timeout time limits, from a
+ time limit per plaintext or TLS read or write call, to a com-
+ bined time limit for sending a complete SMTP request and for
receiving a complete SMTP response.
<b><a href="postconf.5.html#smtp_min_data_rate">smtp_min_data_rate</a> (500)</b>
- The minimum plaintext data transfer rate in bytes/second for
+ The minimum plaintext data transfer rate in bytes/second for
DATA requests, when deadlines are enabled with
<a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a>.
<b><a href="postconf.5.html#transport_destination_concurrency_limit">transport_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
- A
transport-specific override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
+ A
transport-specific override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
<a href="postconf.5.html#default_destination_concurrency_limit">currency_limit</a> parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
name of the message delivery transport.
<b><a href="postconf.5.html#transport_destination_recipient_limit">transport_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipi</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">ent_limit</a>)</b>
A transport-specific override for the <a href="postconf.5.html#default_destination_recipient_limit">default_destination_recip</a>-
- <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>
parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
+ <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>
parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
name of the message delivery transport.
<b><a name="smtputf8_controls">SMTPUTF8 CONTROLS</a></b>
Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
<b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
- Enable preliminary SMTPUTF8 support for the protocols described
+ Enable preliminary SMTPUTF8 support for the protocols described
in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
<b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
- Detect that a message requires SMTPUTF8 support for the speci-
+ Detect that a message requires SMTPUTF8 support for the speci-
fied mail origin classes.
Available in Postfix version 3.2 and later:
<b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
- Enable 'transitional' compatibility between IDNA2003 and
- IDNA2008, when converting UTF-8 domain names to/from the ASCII
+ Enable 'transitional' compatibility between IDNA2003 and
+ IDNA2008, when converting UTF-8 domain names to/from the ASCII
form that is used for DNS lookups.
<b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a nexthop destina-
- tion, remote client or server name or network address matches a
+ The increment in verbose logging level when a nexthop destina-
+ tion, remote client or server name or network address matches a
pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of nexthop destination, remote client or server
- name or network address patterns that, if matched, cause the
- verbose logging level to increase by the amount specified in
+ Optional list of nexthop destination, remote client or server
+ name or network address patterns that, if matched, cause the
+ verbose logging level to increase by the amount specified in
$<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications about mail delivery
+ The recipient of postmaster notifications about mail delivery
problems that are caused by policy, resource, software or proto-
col errors.
<b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
- What categories of Postfix-generated mail are subject to
- before-queue
content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
+ What categories of Postfix-generated mail are subject to
+ before-queue
content inspection by <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
<a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
<b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
- Where the Postfix SMTP client should deliver mail when it
+ Where the Postfix SMTP client should deliver mail when it
detects a "mail loops back to myself" error condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
figuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to handle a
+ How much time a Postfix daemon process may take to handle a
request before it is terminated by a built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
- The maximal number of digits after the decimal point when log-
+ The maximal number of digits after the decimal point when log-
ging delay values.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
Disable DNS lookups in the Postfix SMTP and LMTP clients.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
- The local network interface addresses that this mail system
+ The local network interface addresses that this mail system
receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d' output)</b>
- The Internet protocols Postfix will attempt to use when making
+ The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
- The time limit for sending or receiving information over an
+ The time limit for sending or receiving information over an
internal communication channel.
<b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
- When a remote LMTP server announces no DSN support, assume that
- the server performs final delivery, and send "delivered" deliv-
+ When a remote LMTP server announces no DSN support, assume that
+ the server performs final delivery, and send "delivered" deliv-
ery status notifications instead of "relayed".
<b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
The default TCP port that the Postfix LMTP client connects to.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix daemon process
+ The maximum amount of time that an idle Postfix daemon process
waits for an incoming connection before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
The process name of a Postfix command or daemon process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
- The remote network interface addresses that this mail system
- receives mail on by way of a proxy or network address transla-
+ The remote network interface addresses that this mail system
+ receives mail on by way of a proxy or network address transla-
tion unit.
<b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
- client will try first, when a destination has IPv6 and IPv4
+ client will try first, when a destination has IPv6 and IPv4
addresses with equal MX preference.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
- An optional numerical network address that the Postfix SMTP
+ An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv4 connection.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
- An optional numerical network address that the Postfix SMTP
+ An optional numerical network address that the Postfix SMTP
client should bind to when making an IPv6 connection.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- A prefix that is prepended to the process name in syslog
+ A prefix that is prepended to the process name in syslog
records, so that, for example, "smtpd" becomes "prefix/smtpd".
Available with Postfix 2.2 and earlier:
Available with Postfix 2.3 and later:
<b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
- Optional list of relay destinations that will be used when an
- SMTP destination is not found, or when delivery fails due to a
+ Optional list of relay destinations that will be used when an
+ SMTP destination is not found, or when delivery fails due to a
non-permanent error.
Available with Postfix 3.0 and later:
<b><a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a> (rcpt)</b>
- In the context of email address verification, the SMTP protocol
+ In the context of email address verification, the SMTP protocol
stage that determines whether an email address is deliverable.
Available with Postfix 3.1 and later:
Available in Postfix 3.7 and later:
<b><a href="postconf.5.html#smtp_bind_address_enforce">smtp_bind_address_enforce</a> (no)</b>
- Defer delivery when the Postfix SMTP client cannot apply the
+ Defer delivery when the Postfix SMTP client cannot apply the
<a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> or <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> setting.
<b><a name="see_also">SEE ALSO</a></b>
version 2.0 behaves as if this parameter is always set to \fByes\fR.
Postfix versions before 2.0 have no support for the original recipient
address.
-.SH relocated_prefix_enable (default: yes)
-Prepend the prefix "\fB5.1.6 User has moved to \fR" to all
-relocated_maps lookup results. With "relocated_prefix_enable =
-no", all lookup results must contain a valid RFC 3463 compliant
-enhanced status code and text (format: "[45].number.number text...").
-.PP
-Example:
-.PP
-.nf
-.na
-/etc/postfix/main.cf:
- relocated_maps = hash:/etc/postfix/relocated
- relocated_prefix_enable = no
-.br
-hash:/etc/postfix/relocated:
- user@example.com 5.2.1 User account is disabled
-.fi
-.ad
.SH enable_threaded_bounces (default: no)
Enable non\-delivery, success, and delay notifications that link
to the original message by including a References: and In\-Reply\-To:
relocated_maps = hash:/etc/postfix/relocated
.fi
.ad
+.SH relocated_prefix_enable (default: yes)
+Prepend the prefix "\fB5.1.6 User has moved to \fR" to all
+relocated_maps lookup results. With "relocated_prefix_enable =
+no", all lookup results must contain a valid RFC 3463 compliant
+enhanced status code and text (format: "[45].number.number text...").
+.PP
+Example:
+.PP
+.nf
+.na
+/etc/postfix/main.cf:
+ relocated_maps = hash:/etc/postfix/relocated
+ relocated_prefix_enable = no
+.br
+hash:/etc/postfix/relocated:
+ user@example.com 5.2.1 User account is disabled
+.fi
+.ad
.SH remote_header_rewrite_domain (default: empty)
Rewrite or add message headers in mail from remote clients if
the remote_header_rewrite_domain parameter value is non\-empty,
.in -4
.PP
This feature is available in Postfix 2.3 and later.
-.SH smtp_tls_security_level (default: empty)
+.SH smtp_tls_security_level (default: Postfix >= 3.11: may; Postfix < 3.11: empty)
The default SMTP TLS security level for the Postfix SMTP client.
When a non\-empty value is specified, this overrides the obsolete
parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername;
-when no value is specified for smtp_tls_enforce_peername or the obsolete
-parameters, the default SMTP TLS security level is
-none.
+when no value is specified for those obsolete parameters, the default
+SMTP TLS security level is may
+(compatibility_level >= 3.11) or none
+(compatibility_level < 3.11).
.PP
Specify one of the following security levels:
.IP "\fBnone\fR"
.fi
Detailed information about STARTTLS configuration may be found
in the TLS_README document.
-.IP "\fBsmtp_tls_security_level (empty)\fR"
+.IP "\fBsmtp_tls_security_level (Postfix >= 3.11: may; Postfix < 3.11: empty)\fR"
The default SMTP TLS security level for the Postfix SMTP client.
.IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR"
The SASL authentication security options that the Postfix SMTP
.IP "\fBsmtp_tlsrpt_socket_name (empty)\fR"
The pathname of a UNIX\-domain datagram socket that is managed
by a local TLSRPT reporting service.
-.IP "\fBsmtp_tlsrpt_skip_reused_handshakes (yes)\fR"
-Do not report the TLSRPT status for TLS protocol handshakes
-that reuse a previously\-negotiated TLS session (there is no new
-information to report).
+.IP "\fBsmtp_tlsrpt_skip_reused_handshakes (Postfix >= 3.11: no, Postfix 3.10: yes)\fR"
+When set to "yes", report the TLSRPT status only for "new" TLS
+sessions.
.IP "\fBtls_required_enable (yes)\fR"
Enable support for the "TLS\-Required: no" message header, defined
in RFC 8689.
<li> <p> <a href="#tlsrpt_reused"> using backwards-compatible default
setting smtp_tlsrpt_skip_reused_handshakes=yes</a> </p>
+<li> <p> <a href="#xxx_tls_level"> using backwards-compatible default
+setting <i>xxx</i>_security_level=(empty)</a> </p>
+
</ul>
<p>
</pre>
</blockquote>
+<h2> <a name="xxx_tls_level"> Using backwards-compatible
+default setting <i>xxx</i>_security_level=(empty)</a> </h2>
+
+<p> Postfix version 3.11 changes the default value for client TLS
+security levels from "empty" to "yes". The backwards-compatibility
+safety net is designed to prevent an unexpected change in mail
+sending behavior when Postfix is updated from an older version.
+</p>
+
+<p> There is no equivalent change for Postfix server TLS security
+levels, because changing the level alone is not sufficient. Server-side
+TLS requires that at least one private key and one public-key
+certificate chain are configured. </p>
+
+<p> As long as a TLS security level parameter is left unspecified
+at its implicit default value, and the compatibility_level setting
+is less than 3.11, Postfix will log one of the following reminders
+that it is using the backwards-compatible default: </p>
+
+<blockquote>
+<pre>
+postfix/smtp[...] using backwards-compatible default setting
+ smtp_tls_security_level=(empty)
+</pre>
+</blockquote>
+
+<blockquote>
+<pre>
+postfix/tlsproxy[...] using backwards-compatible default setting
+ tlsproxy_client_security_level=(empty)
+</pre>
+</blockquote>
+
+<p> To keep the old default setting, the system administrator should
+make the backwards-compatible empty setting permanent in main.cf: </p>
+
+<blockquote>
+<pre>
+# <b>postconf <i>xxx</i>_security_level=</b>
+# <b>postfix reload</b>
+</pre>
+</blockquote>
+
+<p> where <i>xxx</i> is taken from the above compatibility message. </p>
+
<h2> <a name="turnoff">Turning off the backwards-compatibility safety net</a> </h2>
<p> Backwards compatibility is turned off by updating the
<p> This feature is available in Postfix 2.3 and later. </p>
-%PARAM smtp_tls_security_level
+%PARAM smtp_tls_security_level Postfix ≥ 3.11: may; Postfix < 3.11: empty
<p> The default SMTP TLS security level for the Postfix SMTP client.
When a non-empty value is specified, this overrides the obsolete
parameters smtp_use_tls, smtp_enforce_tls, and smtp_tls_enforce_peername;
-when no value is specified for smtp_tls_enforce_peername or the obsolete
-parameters, the default SMTP TLS security level is
-<a href="TLS_README.html#client_tls_none">none</a>. </p>
+when no value is specified for those obsolete parameters, the default
+SMTP TLS security level is <a href="TLS_README.html#client_tls_may">may</a>
+(compatibility_level ≥ 3.11) or <a
+href="TLS_README.html#client_tls_none">none</a>
+(compatibility_level < 3.11). </p>
<p> Specify one of the following security levels: </p>
+ address failed File verify verify c
address failed File verify verify c
address failed due to a database error File verify verify c
+ failures Fix by Viktor Dukhovni Wietse Files smtp smtp h
+ Files smtp smtp h
+proto proto COMPATIBILITY_README html
+ smtp smtp c tlsproxy tlsproxy c proto postconf proto
Prepend the prefix 5 1 6 User has moved to to all
pattern number number number text
to to the lookup result With Postfix 3 11 and later specify
+ has moved to to a table lookup result and the format for a
CFG_PARSER *parser; /* common parameter parser */
void *dbc_ctxt; /* db_common context */
char *key_digest; /* digest the query key */
+#ifdef USE_TLS
OSSL_DGST *key_dgst_eng; /* digest engine */
VSTRING *key_dgst_out; /* digest result */
+#endif
char *key_format; /* query key translation */
int timeout; /* client timeout */
int mc_ttl; /* memcache update expiration */
} else {
vstring_strcpy(dict_mc->key_buf, name);
}
+#ifdef USE_TLS
if (dict_mc->key_dgst_eng) {
if (ossl_digest_data(dict_mc->key_dgst_eng, STR(dict_mc->key_buf),
LEN(dict_mc->key_buf), dict_mc->key_dgst_out) < 0) {
return (-1);
}
hex_encode_opt(dict_mc->key_buf, STR(dict_mc->key_dgst_out),
- LEN(dict_mc->key_dgst_out), HEX_ENCODE_FLAG_LOWERCASE);
+ LEN(dict_mc->key_dgst_out), HEX_ENCODE_FLAG_LOWERCASE);
}
+#endif
/*
* The length indicates whether the expansion is empty or not.
db_common_free_ctx(dict_mc->dbc_ctxt);
if (dict_mc->key_digest)
myfree(dict_mc->key_digest);
+#ifdef USE_TLS
if (dict_mc->key_dgst_eng)
ossl_digest_free(dict_mc->key_dgst_eng);
if (dict_mc->key_dgst_out)
vstring_free(dict_mc->key_dgst_out);
+#endif
if (dict_mc->key_format)
myfree(dict_mc->key_format);
myfree(dict_mc->memcache);
dict_mc->parser = parser;
dict_mc->key_digest = cfg_get_str(dict_mc->parser, DICT_MC_NAME_KEY_DGST,
DICT_MC_DEF_KEY_DGST, 0, 0);
+#ifdef USE_TLS
if (*dict_mc->key_digest) {
if ((dict_mc->key_dgst_eng = ossl_digest_new(dict_mc->key_digest)) == 0)
/* See below for dict_surrogate() error propagation. */
dict_mc->key_dgst_eng = 0;
dict_mc->key_dgst_out = 0;
}
+#endif
dict_mc->key_format = cfg_get_str(dict_mc->parser, DICT_MC_NAME_KEY_FMT,
DICT_MC_DEF_KEY_FMT, 0, 0);
dict_mc->timeout = cfg_get_int(dict_mc->parser, DICT_MC_NAME_MC_TIMEOUT,
dict_mc->dict.flags |= DICT_FLAG_MULTI_WRITER;
+#ifdef USE_TLS
if (*dict_mc->key_digest && dict_mc->key_dgst_eng == 0) {
/* See above for ossl_digest_new() error detection. */
DICT *d = dict_surrogate(DICT_TYPE_MEMCACHE, name,
dict_memcache_close(&dict_mc->dict);
return (d);
}
+#else
+ if (*dict_mc->key_digest) {
+ DICT *d = dict_surrogate(DICT_TYPE_MEMCACHE, name,
+ open_flags, dict_flags, "%s support "
+ "requires build with -DUSE_TLS",
+ DICT_MC_NAME_KEY_DGST);
+
+ dict_memcache_close(&dict_mc->dict);
+ return (d);
+ }
+#endif
return (&dict_mc->dict);
}
* Compatibility level 3.11.
*/
int warn_compat_break_smtp_tlsrpt_skip_reused_hs;
+int warn_compat_break_smtp_tls_level;
+int warn_compat_break_lmtp_tls_level;
+int warn_compat_break_tlsp_clnt_level;
/*
* Compatibility level 3.6.
* Each incompatible change has its own flag variable, instead of bit in a
* shared variable. We don't want to rip up code when we need more flag
* bits.
+ *
+ * Note: the purpose of these mail_conf_lookup() calls is to detect if a
+ * parameter value is not specified. The calls must happen before
+ * parameter default settings are enforced with mail_conf_update().
+ *
+ * The preferred flow is: 1) in mail_params.h, specify a configuration
+ * parameter default value that depends on the compatibility level; 2)
+ * below, set a flag to indicate that the parameter will be set to the
+ * legacy default value; 3) in the program-specific code, log a message
+ * when the legacy default value is actually used, and optionally clear
+ * the flag to avoid spamming the log.
*/
/*
* compatibility level changed to 3.11.
*/
if (compat_level < compat_level_from_string(COMPAT_LEVEL_3_11, msg_panic)) {
+#ifdef USE_TLS
if (mail_conf_lookup(VAR_SMTP_TLSRPT_SKIP_REUSED_HS) == 0)
warn_compat_break_smtp_tlsrpt_skip_reused_hs = 1;
+ if (mail_conf_lookup(VAR_SMTP_TLS_LEVEL) == 0)
+ warn_compat_break_smtp_tls_level = 1;
+ if (mail_conf_lookup(VAR_LMTP_TLS_LEVEL) == 0)
+ warn_compat_break_lmtp_tls_level = 1;
+ if (mail_conf_lookup(VAR_TLSP_CLNT_LEVEL) == 0)
+ warn_compat_break_tlsp_clnt_level = 1;
+#endif
}
/*
#define DEF_COMPAT_LEVEL COMPAT_LEVEL_0
extern char *var_compatibility_level;
+ /*
+ * See comment in mail_params.c.
+ */
extern int warn_compat_break_app_dot_mydomain;
extern int warn_compat_break_smtputf8_enable;
extern int warn_compat_break_chroot;
extern int warn_compat_respectful_logging;
extern int warn_compat_break_smtp_tlsrpt_skip_reused_hs;
+extern int warn_compat_break_smtp_tls_level;
+extern int warn_compat_break_lmtp_tls_level;
+extern int warn_compat_break_tlsp_clnt_level;
extern long compat_level;
extern bool var_smtp_tls_wrappermode;
#define VAR_SMTP_TLS_LEVEL "smtp_tls_security_level"
-#define DEF_SMTP_TLS_LEVEL ""
#define VAR_LMTP_TLS_LEVEL "lmtp_tls_security_level"
+#ifdef USE_TLS
+#define DEF_SMTP_TLS_LEVEL "${{$compatibility_level} <level {3.11} ?" \
+ " {} : {may}}"
+#define DEF_LMTP_TLS_LEVEL "${{$compatibility_level} <level {3.11} ?" \
+ " {} : {may}}"
+#else
+#define DEF_SMTP_TLS_LEVEL ""
#define DEF_LMTP_TLS_LEVEL ""
+#endif
extern char *var_smtp_tls_level;
#define VAR_SMTP_TLS_SCERT_VD "smtp_tls_scert_verifydepth"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20250621"
+#define MAIL_RELEASE_DATE "20250623"
#define MAIL_VERSION_NUMBER "3.11"
#ifdef SNAPSHOT
/* .fi
/* Detailed information about STARTTLS configuration may be found
/* in the TLS_README document.
-/* .IP "\fBsmtp_tls_security_level (empty)\fR"
+/* .IP "\fBsmtp_tls_security_level (Postfix >= 3.11: may; Postfix < 3.11: empty)\fR"
/* The default SMTP TLS security level for the Postfix SMTP client.
/* .IP "\fBsmtp_sasl_tls_security_options ($smtp_sasl_security_options)\fR"
/* The SASL authentication security options that the Postfix SMTP
/* .IP "\fBsmtp_tlsrpt_socket_name (empty)\fR"
/* The pathname of a UNIX-domain datagram socket that is managed
/* by a local TLSRPT reporting service.
-/* .IP "\fBsmtp_tlsrpt_skip_reused_handshakes (yes)\fR"
-/* Do not report the TLSRPT status for TLS protocol handshakes
-/* that reuse a previously-negotiated TLS session (there is no new
-/* information to report).
+/* .IP "\fBsmtp_tlsrpt_skip_reused_handshakes (Postfix >= 3.11: no, Postfix 3.10: yes)\fR"
+/* When set to "yes", report the TLSRPT status only for "new" TLS
+/* sessions.
/* .IP "\fBtls_required_enable (yes)\fR"
/* Enable support for the "TLS-Required: no" message header, defined
/* in RFC 8689.
VAR_LMTP_SMTP(SASL_ENABLE));
#endif
+#ifdef USE_TLS
+ /* Postfix <= 3.10 backwards compatibility. */
+ if (WARN_COMPAT_BREAK_LMTP_SMTP(tls_level))
+ msg_info("using backwards-compatible default setting %s=(empty)",
+ VAR_LMTP_SMTP(TLS_LEVEL));
+#endif
if (*var_smtp_tls_level != 0)
switch (tls_level_lookup(var_smtp_tls_level)) {
case TLS_LEV_SECURE:
#define VAR_LMTP_SMTP(x) (smtp_mode ? VAR_SMTP_##x : VAR_LMTP_##x)
#define LMTP_SMTP_SUFFIX(x) (smtp_mode ? x##_SMTP : x##_LMTP)
+#define WARN_COMPAT_BREAK_LMTP_SMTP(x) \
+ (smtp_mode ? warn_compat_break_smtp_##x : warn_compat_break_lmtp_##x)
/*
* Parsed command-line attributes. These do not change during the process
* TODO(wietse) make this a proper VSTREAM interface or test helper API.
*/
-/* vstream_swap - capture msg(3) output output for testing */
+/* vstream_swap - capture msg(3) output for testing */
static void vstream_swap(VSTREAM *one, VSTREAM *two)
{
* A dictionary spec is formatted as "type:name", and a dictionary is
* registered with dict_register() as "type:name(open_flags,dict_flags)".
* The latter form is used to share dictionary instances that have the
- * exact same same properties.
+ * exact same properties.
*
* Build the composite dictionary spec from the dict_type and component
* dictionary specs, and build the list of component specs decorated with
*/
tlsp_client_app_cache = htable_create(10);
+ /* Postfix <= 3.10 backwards compatibility. */
+ if (warn_compat_break_tlsp_clnt_level
+ && warn_compat_break_smtp_tls_level)
+ msg_info("using backwards-compatible default setting "
+ VAR_TLSP_CLNT_LEVEL "=(empty)");
+
/*
* Most sites don't use TLS client certs/keys. In that case, enabling
* tlsproxy-based connection caching is trivial.
projects / thirdparty / postfix.git / commitdiff
