-THEADER_OPTS
-THEADER_TOKEN
-THOST
--THOST
-THTABLE
-THTABLE_INFO
-TINET_ADDR_LIST
-TRESOLVE_REPLY
-TRESPONSE
-TREST_TABLE
+-TRES_CONTEXT
-TSCAN_DIR
-TSCAN_INFO
-TSCAN_OBJ
-TSTRING_TABLE
-TSYS_EXITS_TABLE
-TTOK822
+-TTRANSPORT_INFO
-TTRIGGER_SERVER
-TUSER_ATTR
-TVBUF
Mail addresses (PLEASE send questions to the mailing list)
- postfix-XXX@postfix.org Postfix mailing lists
+ postfix-users@postfix.org Postfix users mailing list
wietse@porcupine.org the original author
-In order to subscribe to a mailing list, see http://www.postfix.org/.
+In order to subscribe to the mailing list, see http://www.postfix.org/.
Acknowledgments
===============
nis tables yes
nis+ tables not yet
no <> in smtp yes (most common address forms)
+pgsql tables yes (contributed)
pipeline option yes (server and client)
pop/imap yes (with third-party daemons that use /var[/spool]/mail)
qmqp server yes (with verp support)
sendmail -qRxxx yes (for domains specified in fast_flush_domains)
sendmail -qSxxx no
sendmail -qtime ignored
-sendmail -v yes (but does not show delivery)
+sendmail -v yes (sends delivery report via email)
sendmail.cf no (uses table-driven address rewriting)
size option yes, server and client
smarthost yes (specify relayhost in main.cf)
reorganization of the way queue scans were done. The queue
manager socket now has become public.
-10091002
+19981002
SMTPD now logs "lost connection after end-of-message"
instead of "lost connection after DATA".
-10091005
+19981005
More bullet proofing: timeouts on all triggers.
Cleanup: added support for vstream_fseek(.., .., SEEK_END).
File: util/vstream.c.
+20030608
+
+ Feature: separate address resolver controls for address
+ verification probe messages: address_verify_{local,virtual,
+ relay,default}_transport, address_verify_relayhost, and
+ address_verify_transport_maps. The default values are the
+ regular versions of the same controls. Files: trivial-rewrite/*,
+ global/resolve_clnt.[hc], *qmgr/qmgr_message.c.
+
+20030609
+
+ Bugfix: the "unread recipient" counter needs to be restored
+ after the queue manager has a problem reading a queue file.
+ This fix is for purists only, because after such a failure
+ Postfix closes the queue file and parks it in the corrupt
+ queue. Fix by Patrik Rak. File: nqmgr/qmgr_message.c.
+
Open problems:
Low: smtp-source may block when sending large test messages.
address is deliverable, even when the address will bounce AFTER
that MTA accepts it.
+Normally, address verification probe messages follow the same path
+as regular mail. However, some sites send mail to the Internet
+via an intermediate relayhost; this breaks address verification.
+See below, section "Controlling the routing of address verification
+probes", for how to override mail routing and for possible limitations
+when you have to do this.
+
Postfix assumes that an address is undeliverable when the nearest
MTA for the address rejects the probe, regardless of the reason
for rejection (client rejected, HELO rejected, MAIL FROM rejected,
database. If the file gets too big, or if it gets corrupted, you
can manually delete the file and run "postfix reload". The new
verify daemon process will then create a new, empty, database.
+
+Controlling the routing of address verification probes
+======================================================
+
+By default, Postfix sends address verification probe messages via
+the same route as regular mail, because that normally produces the
+most accurate result. It's no good to verify a local address by
+connecting to your own SMTP port; that just triggers all kinds of
+mailer loop alarms. The same is true for any destination that your
+machine is best MX host for: hidden domains, virtual domains, etc.
+
+However, some sites have a complex infrastructure where mail is
+not sent directly to the Internet, but is instead given to an
+intermediate relayhost. This is a problem for address verification,
+because remote Internet destinations can be verified only when
+Postfix can access those destinations directly.
+
+For this reason, Postfix allows you to override the routing parameters
+when it delivers an address verification probe message.
+
+First, the address_verify_relayhost parameter allows you to override
+the relayhost setting, and the address_verify_transport_maps
+parameter allows you to override the transport_maps setting.
+
+Second, each address class is given its own address verification
+version of the message delivery transport (address classes are
+defined in the ADDRESS_CLASS_README file) as shown in the table:
+
+Destination type Regular transport Verify transport
+ parameter name parameter name
+=====================================================================
+mydestination local_transport address_verify_local_transport
+virtual_alias_domains (not applicable) (not applicable)
+virtual_mailbox_domains virtual_transport address_verify_virtual_transport
+relay_domains relay_transport address_verify_relay_transport
+other default_transport address_verify_default_transport
+
+By default, the parameters that control delivery of address probes
+have the same value as the parameters that control normal mail
+delivery.
+
+Examples
+--------
+
+In a typical scenario one would override the relayhost setting
+for address verification probes and leave everything else alone:
+
+/etc/postfix/main.cf:
+ relayhost = $mydomain
+ address_verify_relayhost =
+
+Sites behind an address translation relay might have to use a
+different SMTP client that sends the correct hostname information:
+
+/etc/postfix/main.cf:
+ relayhost = $mydomain
+ address_verify_relayhost =
+ address_verify_default_transport = direct_smtp
+
+/etc/postfix/master.cf:
+ direct_smtp .. .. .. .. .. .. .. .. .. smtp -o smtp_helo_name=nat.box.tld
+
+Limitations
+-----------
+
+Inconsistencies can happen when probe messages don't follow the
+same path as regular mail. For example, a message can be accepted
+when it follows the regular route while an otherwise identical
+probe message is rejected when it follows the forced route. The
+opposite can happen, too, but is less likely.
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
+Major changes with Postfix snapshot 2.0.11-20030609
+===================================================
+
+Address verification probes can now follow a different route than
+ordinary mail. To make this possible, the address resolver supports
+multiple personalities. The regular personality is used for regular
+mail, and the alternate personality is used for address verification
+probes. The alternate personality is controlled by parameters named
+address_verify_X with X = relayhost, transport_maps, local_transport,
+virtual_transport, relay_transport, and default_transport. These
+alternate parameters have by default the same values as the regular
+parameters. For more detail see the ADDRESS_VERIFICATION_README file.
+
Major changes with Postfix snapshot 2.0.11-20030606
===================================================
pickup, cleanup and in the queue manager daemons. This code had
deteriorated over time. The new code eliminates an old problem
where the queue manager had to read most queue file records twice
-in the case of very large alias/include file expansions.
+in the case of an alias/include file expansion with more than
+qmgr_message_recipient_limit recipients.
Incompatible changes with Postfix snapshot 2.0.8-20030417
=========================================================
# Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
#
address_verify_negative_refresh_time = 2h
+
+#
+# ADDRESS PROBE DELIVERY
+#
+# Normally, address verification probe messages are sent along the
+# same path as regular mail. This usually produces the most accurate
+# result. However, some sites have a more complex infrastructure.
+#
+# The parameters below allow you to override specific aspects of
+# Postfix mail delivery routing. Typically, one would override
+# relayhost, default_transport and/or transport_maps and leave
+# everything else alone.
+#
+
+# The address_verify_transport_maps configuration parameter overrides
+# the transport_maps parameter setting for address verification
+# probes.
+#
+address_verify_transport_maps = $transport_maps
+
+# The address_verify_relayhost configuration parameter overrides the
+# relayhost parameter setting for address verification probes.
+#
+address_verify_relayhost = $relayhost
+
+# The address_verify_default_transport configuration parameter
+# overrides the default_transport parameter setting for address
+# verification probes.
+#
+address_verify_default_transport = $default_transport
+
+# The address_verify_relay_transport configuration parameter
+# overrides the relay_transport parameter setting for address
+# verification probes.
+#
+address_verify_relay_transport = $relay_transport
+
+# The address_verify_virtual_transport configuration parameter
+# overrides the virtual_transport parameter setting for address
+# verification probes.
+#
+address_verify_virtual_transport = $virtual_transport
+
+# The address_verify_local_transport configuration parameter
+# overrides the local_transport parameter setting for address
+# verification probes.
+#
+address_verify_local_transport = $local_transport
<b>trivial-rewrite</b> [generic Postfix daemon options]
<b>DESCRIPTION</b>
- The <b>trivial-rewrite</b> daemon processes two types of client
+ The <b>trivial-rewrite</b> daemon processes three types of client
service requests:
<b>rewrite</b>
The envelope recipient address that is
passed on to <i>nexthop</i>.
+ <b>verify</b> Resolve an address for address verification pur-
+ poses.
+
<b>DEFAULT</b> <b>DELIVERY</b> <b>METHODS</b>
- By default, Postfix uses one of the following delivery
- methods.
This may be overruled with the optional <a href="transport.5.html">trans-</a>
+ By default, Postfix uses one of the following delivery
+ methods.
This may be overruled with the optional <a href="transport.5.html">trans-</a>
<a href="transport.5.html">port(5)</a> table. The default delivery method is selected by
- matching the recipient address domain against one of the
+ matching the recipient address domain against one of the
following:
<b>$mydestination</b>
<b>$inet</b><i>_</i><b>interfaces</b>
- The transport and optional nexthop are specified
- with <b>$local</b><i>_</i><b>transport</b>. The default nexthop is the
+ The transport and optional nexthop are specified
+ with <b>$local</b><i>_</i><b>transport</b>. The default nexthop is the
recipient domain.
<b>$virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
- The recipient address is undeliverable (user
- unknown). By definition, all known addresses in a
- virtual alias domain are aliased to other
+ The recipient address is undeliverable (user
+ unknown). By definition, all known addresses in a
+ virtual alias domain are aliased to other
addresses.
<b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
- The transport and optional nexthop are specified
- with <b>$virtual</b><i>_</i><b>transport</b>. The default nexthop is
+ The transport and optional nexthop are specified
+ with <b>$virtual</b><i>_</i><b>transport</b>. The default nexthop is
the recipient domain.
<b>$relay</b><i>_</i><b>domains</b>
- The transport and optional nexthop are specified
- with <b>$relay</b><i>_</i><b>transport</b>. This overrides the optional
- nexthop information that is specified with <b>$relay-</b>
+ The transport and optional nexthop are specified
+ with <b>$relay</b><i>_</i><b>transport</b>. This overrides the optional
+ nexthop information that is specified with <b>$relay-</b>
<b>host</b>. The default nexthop is the recipient domain.
none of the above
- The transport and optional nexthop are specified
- with <b>$default</b><i>_</i><b>transport</b>. This overrides the
+ The transport and optional nexthop are specified
+ with <b>$default</b><i>_</i><b>transport</b>. This overrides the
optional nexthop information that is specified with
- <b>$relayhost</b>. The default nexthop is the recipient
+ <b>$relayhost</b>. The default nexthop is the recipient
domain.
<b>SERVER</b> <b>PROCESS</b> <b>MANAGEMENT</b>
The trivial-rewrite servers run under control by the Post-
fix master server. Each server can handle multiple simul-
- taneous connections. When all servers are busy while a
- client connects, the master creates a new server process,
- provided that the trivial-rewrite server process limit is
+ taneous connections. When all servers are busy while a
+ client connects, the master creates a new server process,
+ provided that the trivial-rewrite server process limit is
not exceeded. Each trivial-rewrite server terminates
after serving at least <b>$max</b><i>_</i><b>use</b> clients of after <b>$max</b><i>_</i><b>idle</b>
seconds of idle time.
<b>STANDARDS</b>
- None. The command does not interact with the outside
+ None. The command does not interact with the outside
world.
<b>SECURITY</b>
- The <b>trivial-rewrite</b> daemon is not security sensitive. By
- default, this daemon does not talk to remote or local
- users. It can run at a fixed low privilege in a chrooted
+ The <b>trivial-rewrite</b> daemon is not security sensitive. By
+ default, this daemon does not talk to remote or local
+ users. It can run at a fixed low privilege in a chrooted
environment.
<b>DIAGNOSTICS</b>
<b>BUGS</b>
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
+ The following <b>main.cf</b> parameters are especially relevant
+ to this program. See the Postfix <b>main.cf</b> file for syntax
+ details and for default values. Use the <b>postfix</b> <b>reload</b>
command after a configuration change.
<b>Miscellaneous</b>
<b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
- The recipient that is substituted for the null
+ The recipient that is substituted for the null
address.
<b>inet</b><i>_</i><b>interfaces</b>
- The network interfaces that this mail system
- receives mail on. This information is used to
- determine if <i>user</i>@[<i>net.work.addr.ess</i>] is local or
- remote. Mail for local users is given to the
+ The network interfaces that this mail system
+ receives mail on. This information is used to
+ determine if <i>user</i>@[<i>net.work.addr.ess</i>] is local or
+ remote. Mail for local users is given to the
<b>$local</b><i>_</i><b>transport</b>.
<b>mydestination</b>
<b>port</b>.
<b>virtual</b><i>_</i><b>alias</b><i>_</i><b>domains</b>
- List of simulated virtual domains (domains with all
- recipients aliased to some other local or remote
+ List of virtual alias domains (domains with all
+ recipients aliased to some other local or remote
domain).
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
<b>resolve</b><i>_</i><b>unquoted</b><i>_</i><b>address</b>
When resolving an address, do not quote the address
- localpart as per <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>, so that additional <b>@</b>, <b>%</b>
- or <b>!</b> characters remain visible. This is techni-
+ localpart as per <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a>, so that additional <b>@</b>, <b>%</b>
+ or <b>!</b> characters remain visible. This is techni-
cally incorrect, but allows us to stop relay
- attacks when forwarding mail to a Sendmail primary
+ attacks when forwarding mail to a Sendmail primary
MX host.
<b>relocated</b><i>_</i><b>maps</b>
<b>Routing</b>
<b>local</b><i>_</i><b>transport</b>
- Where to deliver mail for destinations that match
- <b>$mydestination</b> or <b>$inet</b><i>_</i><b>interfaces</b>. The default
+ Where to deliver mail for destinations that match
+ <b>$mydestination</b> or <b>$inet</b><i>_</i><b>interfaces</b>. The default
transport is <b>local:$myhostname</b>.
- Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+ Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>virtual</b><i>_</i><b>transport</b>
- Where to deliver mail for non-local domains that
+ Where to deliver mail for non-local domains that
match <b>$virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>. The default trans-
port is <b>virtual</b>.
- Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+ Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>relay</b><i>_</i><b>transport</b>
- Where to deliver mail for non-local domains that
- match <b>$relay</b><i>_</i><b>domains</b>. The default transport is
+ Where to deliver mail for non-local domains that
+ match <b>$relay</b><i>_</i><b>domains</b>. The default transport is
<b>relay</b> (which normally is a clone of the <b>smtp</b> trans-
port).
- Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+ Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>default</b><i>_</i><b>transport</b>
- Where to deliver all other non-local mail. The
+ Where to deliver all other non-local mail. The
default transport is <b>smtp</b>.
- Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
+ Syntax is <i>transport</i>:<i>nexthop</i>; see <a href="transport.5.html"><b>transport</b>(5)</a> for
details. The :<i>nexthop</i> part is optional.
<b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
- List of Postfix features that use <i>domain.tld</i> pat-
- terns to match <i>sub.domain.tld</i> (as opposed to
+ List of Postfix features that use <i>domain.tld</i> pat-
+ terns to match <i>sub.domain.tld</i> (as opposed to
requiring <i>.domain.tld</i> patterns).
<b>relayhost</b>
- The default host to send non-local mail to when no
- host is specified with <b>$relay</b><i>_</i><b>transport</b> or
- <b>$default</b><i>_</i><b>transport</b>, and when the recipient address
+ The default host to send non-local mail to when no
+ host is specified with <b>$relay</b><i>_</i><b>transport</b> or
+ <b>$default</b><i>_</i><b>transport</b>, and when the recipient address
does not match the optional the <a href="transport.5.html"><b>transport</b>(5)</a> table.
<b>transport</b><i>_</i><b>maps</b>
- List of tables with <i>recipient</i> or <i>domain</i> to (<i>trans-</i>
+ List of tables with <i>recipient</i> or <i>domain</i> to (<i>trans-</i>
<i>port,</i> <i>nexthop</i>) mappings.
+<b>Address</b> <b>verification</b>
+ By default, address verification probes use the same route
+ as regular mail. To override specific aspects of message
+ routing for address verification probes, specify one or
+ more of the following: <b>address</b><i>_</i><b>verify</b><i>_</i><b>local</b><i>_</i><b>transport</b>,
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>virtual</b><i>_</i><b>transport</b>, <b>address</b><i>_</i><b>ver-</b>
+ <b>ify</b><i>_</i><b>relay</b><i>_</i><b>transport</b>, <b>address</b><i>_</i><b>verify</b><i>_</i><b>default</b><i>_</i><b>transport</b>,
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>relayhost</b>, <b>address</b><i>_</i><b>verify</b><i>_</i><b>transport</b><i>_</i><b>maps</b>.
+
<b>SEE</b> <b>ALSO</b>
<a href="master.8.html">master(8)</a> process manager
syslogd(8) system logging
<a href="relocated.5.html">relocated(5)</a> format of the "user has moved" table
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
default values. Use the <b>postfix</b> <b>reload</b> command after a
configuration change.
+<b>Cache</b> <b>control</b>
<b>address</b><i>_</i><b>verify</b><i>_</i><b>map</b>
Optional table for persistent recipient status
storage. The file is opened before the process
probe is sent to verify that a known to be bad
address is still bad.
+<b>Probe</b> <b>message</b> <b>routing</b>
+ By default, probe messages are delivered via the same
+ route as regular messages. The following parameters can
+ be used to override specific message routing mechanisms.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>relayhost</b>
+ Overrides the <b>relayhost</b> setting.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>transport</b><i>_</i><b>maps</b>
+ Overrides the <b>transport</b><i>_</i><b>maps</b> setting.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>local</b><i>_</i><b>transport</b>
+ Overrides the <b>local</b><i>_</i><b>transport</b> setting.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>virtual</b><i>_</i><b>transport</b>
+ Overrides the <b>virtual</b><i>_</i><b>transport</b> setting.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>relay</b><i>_</i><b>transport</b>
+ Overrides the <b>relay</b><i>_</i><b>transport</b> setting.
+
+ <b>address</b><i>_</i><b>verify</b><i>_</i><b>default</b><i>_</i><b>transport</b>
+ Overrides the <b>default</b><i>_</i><b>transport</b> setting.
+
<b>SEE</b> <b>ALSO</b>
- verify_clnt(3) address verification client
+ <a href="trivial-rewrite.8.html">trivial-rewrite(8)</a> address rewriting and resolving
<b>LICENSE</b>
The Secure Mailer license must be distributed with this
.SH DESCRIPTION
.ad
.fi
-The \fBtrivial-rewrite\fR daemon processes two types of client
+The \fBtrivial-rewrite\fR daemon processes three types of client
service requests:
.IP \fBrewrite\fR
Rewrite an address to standard form. The \fBtrivial-rewrite\fR
.IP \fIrecipient\fR
The envelope recipient address that is passed on to \fInexthop\fR.
.RE
+.IP \fBverify\fR
+Resolve an address for address verification purposes.
.SH DEFAULT DELIVERY METHODS
.na
.nf
.IP \fBmydestination\fR
List of domains that are given to the \fB$local_transport\fR.
.IP \fBvirtual_alias_domains\fR
-List of simulated virtual domains (domains with all recipients
+List of virtual alias domains (domains with all recipients
aliased to some other local or remote domain).
.IP \fBvirtual_mailbox_domains\fR
List of domains that are given to the \fB$virtual_transport\fR.
.IP \fBtransport_maps\fR
List of tables with \fIrecipient\fR or \fIdomain\fR to
(\fItransport, nexthop\fR) mappings.
+.SH Address verification
+.ad
+.fi
+By default, address verification probes use the same route
+as regular mail. To override specific aspects of message
+routing for address verification probes, specify one or more
+of the following:
+\fBaddress_verify_local_transport\fR,
+\fBaddress_verify_virtual_transport\fR,
+\fBaddress_verify_relay_transport\fR,
+\fBaddress_verify_default_transport\fR,
+\fBaddress_verify_relayhost\fR,
+\fBaddress_verify_transport_maps\fR.
.SH SEE ALSO
.na
.nf
See the Postfix \fBmain.cf\fR file for syntax details and for
default values. Use the \fBpostfix reload\fR command after a
configuration change.
+.SH Cache control
+.ad
+.fi
.IP \fBaddress_verify_map\fR
Optional table for persistent recipient status storage. The file
is opened before the process enters a chroot jail and before
.IP \fBaddress_verify_negative_refresh_time\fR
The minimal amount of time after which a proactive probe is sent to
verify that a known to be bad address is still bad.
+.SH Probe message routing
+.ad
+.fi
+By default, probe messages are delivered via the same route
+as regular messages. The following parameters can be used to
+override specific message routing mechanisms.
+.IP \fBaddress_verify_relayhost\fR
+Overrides the \fBrelayhost\fR setting.
+.IP \fBaddress_verify_transport_maps\fR
+Overrides the \fBtransport_maps\fR setting.
+.IP \fBaddress_verify_local_transport\fR
+Overrides the \fBlocal_transport\fR setting.
+.IP \fBaddress_verify_virtual_transport\fR
+Overrides the \fBvirtual_transport\fR setting.
+.IP \fBaddress_verify_relay_transport\fR
+Overrides the \fBrelay_transport\fR setting.
+.IP \fBaddress_verify_default_transport\fR
+Overrides the \fBdefault_transport\fR setting.
.SH SEE ALSO
.na
.nf
-verify_clnt(3) address verification client
+trivial-rewrite(8) address rewriting and resolving
.SH LICENSE
.na
.nf
#define DEF_VERIFY_SENDER "postmaster"
extern char *var_verify_sender;
+#define VAR_VRFY_LOCAL_XPORT "address_verify_local_transport"
+#define DEF_VRFY_LOCAL_XPORT "$" VAR_LOCAL_TRANSPORT
+extern char *var_vrfy_local_xport;
+
+#define VAR_VRFY_VIRT_XPORT "address_verify_virtual_transport"
+#define DEF_VRFY_VIRT_XPORT "$" VAR_VIRT_TRANSPORT
+extern char *var_vrfy_virt_xport;
+
+#define VAR_VRFY_RELAY_XPORT "address_verify_relay_transport"
+#define DEF_VRFY_RELAY_XPORT "$" VAR_RELAY_TRANSPORT
+extern char *var_vrfy_relay_xport;
+
+#define VAR_VRFY_DEF_XPORT "address_verify_default_transport"
+#define DEF_VRFY_DEF_XPORT "$" VAR_DEF_TRANSPORT
+extern char *var_vrfy_def_xport;
+
+#define VAR_VRFY_RELAYHOST "address_verify_relayhost"
+#define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST
+extern char *var_vrfy_relayhost;
+
+#define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps"
+#define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS
+extern char *var_vrfy_xport_maps;
+
/*
* Message delivery trace service.
*/
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030606"
+#define MAIL_RELEASE_DATE "20030609"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.11-" MAIL_RELEASE_DATE
#define QMGR_READ_FLAG_NONE 0 /* No special features */
#define QMGR_READ_FLAG_MIXED_RCPT_OTHER (1<<0) /* Mixed recipient/other */
+#define QMGR_READ_FLAG_USER (QMGR_READ_FLAG_MIXED_RCPT_OTHER)
+
/*
* Backwards compatibility.
*/
/* RESOLVE_REPLY *reply;
/*
/* void resolve_clnt_query(address, reply)
-/* const char *address
+/* const char *address;
+/* RESOLVE_REPLY *reply;
+/*
+/* void resolve_clnt_verify(address, reply)
+/* const char *address;
/* RESOLVE_REPLY *reply;
/*
/* void resolve_clnt_free(reply)
/* address. In case of communication failure the program keeps trying
/* until the mail system goes down.
/*
+/* resolve_clnt_verify() implements an alternative version that can
+/* be used for address verification.
+/*
/* In the resolver reply, the flags member is the bit-wise OR of
/* zero or more of the following:
/* .IP RESOLVE_FLAG_FINAL
reply->flags = 0;
}
-/* resolve_clnt_query - resolve address to (transport, next hop, recipient) */
+/* resolve_clnt - resolve address to (transport, next hop, recipient) */
-void resolve_clnt_query(const char *addr, RESOLVE_REPLY *reply)
+void resolve_clnt(const char *class, const char *addr, RESOLVE_REPLY *reply)
{
- char *myname = "resolve_clnt_query";
+ char *myname = "resolve_clnt";
VSTREAM *stream;
/*
stream = clnt_stream_access(rewrite_clnt_stream);
errno = 0;
if (attr_print(stream, ATTR_FLAG_NONE,
- ATTR_TYPE_STR, MAIL_ATTR_REQ, RESOLVE_ADDR,
+ ATTR_TYPE_STR, MAIL_ATTR_REQ, class,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
ATTR_TYPE_END) != 0
|| vstream_fflush(stream)
/*
* External interface.
*/
-#define RESOLVE_ADDR "resolve"
+#define RESOLVE_REGULAR "resolve"
+#define RESOLVE_VERIFY "verify"
#define RESOLVE_FLAG_FINAL (1<<0) /* final delivery */
#define RESOLVE_FLAG_ROUTED (1<<1) /* routed destination */
VSTRING *nexthop;
VSTRING *recipient;
int flags;
-} RESOLVE_REPLY;
+} RESOLVE_REPLY;
extern void resolve_clnt_init(RESOLVE_REPLY *);
-extern void resolve_clnt_query(const char *, RESOLVE_REPLY *);
+extern void resolve_clnt(const char *, const char *, RESOLVE_REPLY *);
extern void resolve_clnt_free(RESOLVE_REPLY *);
+#define resolve_clnt_query(a, r) resolve_clnt(RESOLVE_REGULAR, (a), (r))
+#define resolve_clnt_verify(a, r) resolve_clnt(RESOLVE_VERIFY, (a), (r))
+
#define RESOLVE_CLNT_ASSIGN(reply, transport, nexthop, recipient) { \
(reply).transport = (transport); \
(reply).nexthop = (nexthop); \
/* P.O. Box 704
/* Yorktown Heights, NY 10598, USA
/*--*/
-/**INDENT** Error@17: Unmatched #endif */
#endif
token.o: ../../include/bounce.h
token.o: ../../include/deliver_request.h
token.o: ../../include/recipient_list.h
+token.o: ../../include/defer.h
token.o: local.h
token.o: ../../include/been_here.h
token.o: ../../include/mbox_conf.h
int rec_type;
long curr_offset;
long save_offset = message->rcpt_offset; /* save a flag */
+ int save_unread = message->rcpt_unread; /* save a count */
char *start;
int recipient_limit;
const char *error_text;
rec_type = REC_TYPE_ERROR;
break;
}
- if (message->rflags & (~0 << 16)) {
+ if (message->rflags & ~QMGR_READ_FLAG_USER) {
msg_warn("%s: invalid flags in size record: %.100s",
message->queue_id, start);
rec_type = REC_TYPE_ERROR;
return (0);
}
message->rcpt_offset = save_offset; /* restore flag */
- message->rcpt_unread += message->rcpt_list.len;
+ message->rcpt_unread = save_unread; /* restore count */
qmgr_rcpt_list_free(&message->rcpt_list);
qmgr_rcpt_list_init(&message->rcpt_list);
return (-1);
static int qmgr_resolve_one(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
const char *addr, RESOLVE_REPLY *reply)
{
- resolve_clnt_query(addr, reply);
+ if ((message->tflags & DEL_REQ_FLAG_VERIFY) == 0)
+ resolve_clnt_query(addr, reply);
+ else
+ resolve_clnt_verify(addr, reply);
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, "address resolver failure");
return (-1);
pickup.o: ../../include/vstream.h
pickup.o: ../../include/set_ugid.h
pickup.o: ../../include/safe_open.h
-pickup.o: ../../include/stringops.h
pickup.o: ../../include/mail_queue.h
pickup.o: ../../include/mail_open_ok.h
pickup.o: ../../include/mymalloc.h
postdrop.o: ../../include/msg_syslog.h
postdrop.o: ../../include/argv.h
postdrop.o: ../../include/iostuff.h
+postdrop.o: ../../include/stringops.h
postdrop.o: ../../include/mail_proto.h
postdrop.o: ../../include/attr.h
postdrop.o: ../../include/mail_queue.h
rec_type = REC_TYPE_ERROR;
break;
}
- if (message->rflags & (~0 << 16)) {
+ if (message->rflags & ~QMGR_READ_FLAG_USER) {
msg_warn("%s: invalid flags in size record: %.100s",
message->queue_id, start);
rec_type = REC_TYPE_ERROR;
static int qmgr_resolve_one(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
const char *addr, RESOLVE_REPLY *reply)
{
- resolve_clnt_query(addr, reply);
+ if ((message->tflags & DEL_REQ_FLAG_VERIFY) == 0)
+ resolve_clnt_query(addr, reply);
+ else
+ resolve_clnt_verify(addr, reply);
if (reply->flags & RESOLVE_FLAG_FAIL) {
qmgr_defer_recipient(message, recipient, "address resolver failure");
return (-1);
smtpd.o: ../../include/dict.h
smtpd.o: ../../include/argv.h
smtpd.o: ../../include/watchdog.h
+smtpd.o: ../../include/iostuff.h
smtpd.o: ../../include/mail_params.h
smtpd.o: ../../include/record.h
smtpd.o: ../../include/rec_type.h
smtpd.o: ../../include/mail_proto.h
-smtpd.o: ../../include/iostuff.h
smtpd.o: ../../include/attr.h
smtpd.o: ../../include/cleanup_user.h
smtpd.o: ../../include/mail_date.h
trivial-rewrite.o: ../../include/mail_server.h
trivial-rewrite.o: trivial-rewrite.h
trivial-rewrite.o: transport.h
+trivial-rewrite.o: ../../include/maps.h
/*
/* void resolve_init(void)
/*
-/* void resolve_proto(stream)
+/* void resolve_proto(context, stream)
+/* RES_CONTEXT *context;
/* VSTREAM *stream;
-/*
-/* void resolve_addr(rule, addr, result)
-/* char *rule;
-/* char *addr;
-/* VSTRING *result;
/* DESCRIPTION
/* This module implements the trivial address resolving engine.
/* It distinguishes between local and remote mail, and optionally
/* resolve_proto() implements the client-server protocol:
/* read one address in FQDN form, reply with a (transport,
/* nexthop, internalized recipient) triple.
-/*
-/* resolve_addr() gives direct access to the address resolving
-/* engine. It resolves an internalized address to a (transport,
-/* nexthop, internalized recipient) triple.
/* STANDARDS
/* DIAGNOSTICS
/* Problems and transactions are logged to the syslog daemon.
/* resolve_addr - resolve address according to rule set */
-void resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
- VSTRING *nextrcpt, int *flags)
+static void resolve_addr(RES_CONTEXT *rp, char *addr,
+ VSTRING *channel, VSTRING *nexthop,
+ VSTRING *nextrcpt, int *flags)
{
char *myname = "resolve_addr";
VSTRING *addr_buf = vstring_alloc(100);
rcpt_domain, VAR_VIRT_MAILBOX_DOMS,
VAR_RELAY_DOMAINS);
}
- vstring_strcpy(channel, var_virt_transport);
+ vstring_strcpy(channel, RES_PARAM_VALUE(rp->virt_transport));
vstring_strcpy(nexthop, rcpt_domain);
- blame = VAR_VIRT_TRANSPORT;
+ blame = rp->virt_transport_name;
*flags |= RESOLVE_CLASS_VIRTUAL;
} else if (dict_errno != 0) {
msg_warn("%s lookup failure", VAR_VIRT_MAILBOX_DOMS);
*/
if (relay_domains
&& domain_list_match(relay_domains, rcpt_domain)) {
- vstring_strcpy(channel, var_relay_transport);
- blame = VAR_RELAY_TRANSPORT;
+ vstring_strcpy(channel, RES_PARAM_VALUE(rp->relay_transport));
+ blame = rp->relay_transport_name;
*flags |= RESOLVE_CLASS_RELAY;
} else if (dict_errno != 0) {
msg_warn("%s lookup failure", VAR_RELAY_DOMAINS);
* Other off-host destination.
*/
else {
- vstring_strcpy(channel, var_def_transport);
- blame = VAR_DEF_TRANSPORT;
+ vstring_strcpy(channel, RES_PARAM_VALUE(rp->def_transport));
+ blame = rp->def_transport_name;
*flags |= RESOLVE_CLASS_DEFAULT;
}
/*
* With off-host delivery, relayhost overrides recipient domain.
*/
- if (*var_relayhost)
- vstring_strcpy(nexthop, var_relayhost);
+ if (*RES_PARAM_VALUE(rp->relayhost))
+ vstring_strcpy(nexthop, RES_PARAM_VALUE(rp->relayhost));
else
vstring_strcpy(nexthop, rcpt_domain);
}
msg_warn("do not list domain %s in BOTH %s and %s",
rcpt_domain, VAR_MYDEST, VAR_VIRT_MAILBOX_DOMS);
}
- vstring_strcpy(channel, var_local_transport);
+ vstring_strcpy(channel, RES_PARAM_VALUE(rp->local_transport));
vstring_strcpy(nexthop, rcpt_domain);
- blame = VAR_LOCAL_TRANSPORT;
+ blame = rp->local_transport_name;
*flags |= RESOLVE_CLASS_LOCAL;
}
*
* XXX Don't override the virtual alias class (error:User unknown) result.
*/
- if (*var_transport_maps && !(*flags & RESOLVE_CLASS_ALIAS)) {
- if (transport_lookup(STR(nextrcpt), rcpt_domain, channel, nexthop) == 0
+ if (rp->transport_info && !(*flags & RESOLVE_CLASS_ALIAS)) {
+ if (transport_lookup(rp->transport_info, STR(nextrcpt),
+ rcpt_domain, channel, nexthop) == 0
&& dict_errno != 0) {
- msg_warn("%s lookup failure", VAR_TRANSPORT_MAPS);
+ msg_warn("%s lookup failure", rp->transport_maps_name);
*flags |= RESOLVE_FLAG_FAIL;
FREE_MEMORY_AND_RETURN;
}
/* resolve_proto - read request and send reply */
-int resolve_proto(VSTREAM *stream)
+int resolve_proto(RES_CONTEXT *context, VSTREAM *stream)
{
int flags;
ATTR_TYPE_END) != 1)
return (-1);
- resolve_addr(STR(query), channel, nexthop, nextrcpt, &flags);
+ resolve_addr(context, STR(query),
+ channel, nexthop, nextrcpt, &flags);
if (msg_verbose)
msg_info("%s -> (`%s' `%s' `%s' `%d')", STR(query), STR(channel),
/* SYNOPSIS
/* #include "transport.h"
/*
-/* void transport_init()
+/* TRANSPORT_INFO *transport_pre_init(maps_name, maps)
+/* const char *maps_name;
+/* const char *maps;
/*
-/* int transport_lookup(address, rcpt_domain, channel, nexthop)
+/* void transport_post_init(info)
+/* TRANSPORT_INFO *info;
+/*
+/* int transport_lookup(info, address, rcpt_domain, channel, nexthop)
+/* TRANSPORT_INFO *info;
/* const char *address;
/* const char *rcpt_domain;
/* VSTRING *channel;
/* VSTRING *nexthop;
+/*
+/* void transport_free(info);
+/* TRANSPORT_INFO * info;
/* DESCRIPTION
/* This module implements access to the table that maps transport
/* user@domain addresses to (channel, nexthop) tuples.
/*
-/* transport_init() performs initializations that should be
+/* transport_pre_init() performs initializations that should be
/* done before the process enters the chroot jail, and
/* before calling transport_lookup().
/*
+/* transport_post_init() can be invoked after entering the chroot
+/* jail, and must be called before before calling transport_lookup().
+/*
/* transport_lookup() finds the channel and nexthop for the given
/* domain, and returns 1 if something was found. Otherwise, 0
/* is returned.
#include "transport.h"
-static MAPS *transport_path;
static int transport_match_parent_style;
-static VSTRING *wildcard_channel;
-static VSTRING *wildcard_nexthop;
-static int transport_errno;
#define STR(x) vstring_str(x)
-/* transport_init - pre-jail initialization */
+static void transport_wildcard_init(TRANSPORT_INFO *);
+
+/* transport_pre_init - pre-jail initialization */
-void transport_init(void)
+TRANSPORT_INFO *transport_pre_init(const char *transport_maps_name,
+ const char *transport_maps)
+{
+ TRANSPORT_INFO *tp;
+
+ tp = (TRANSPORT_INFO *) mymalloc(sizeof(*tp));
+ tp->transport_path = maps_create(transport_maps_name, transport_maps,
+ DICT_FLAG_LOCK);
+ tp->wildcard_channel = tp->wildcard_nexthop = 0;
+ tp->transport_errno = 0;
+ return (tp);
+}
+
+/* transport_post_init - post-jail initialization */
+
+void transport_post_init(TRANSPORT_INFO *tp)
{
- if (transport_path)
- msg_panic("transport_init: repeated call");
- transport_path = maps_create("transport", var_transport_maps,
- DICT_FLAG_LOCK);
transport_match_parent_style = match_parent_style(VAR_TRANSPORT_MAPS);
+ transport_wildcard_init(tp);
+}
+
+/* transport_free - destroy transport info */
+
+void transport_free(TRANSPORT_INFO *tp)
+{
+ if (tp->transport_path)
+ maps_free(tp->transport_path);
+ if (tp->wildcard_channel)
+ vstring_free(tp->wildcard_channel);
+ if (tp->wildcard_nexthop)
+ vstring_free(tp->wildcard_nexthop);
+ myfree((char *) tp);
}
/* update_entry - update from transport table entry */
/* find_transport_entry - look up and parse transport table entry */
-static int find_transport_entry(const char *key, const char *rcpt_domain,
- int flags, VSTRING *channel, VSTRING *nexthop)
+static int find_transport_entry(TRANSPORT_INFO *tp, const char *key,
+ const char *rcpt_domain, int flags,
+ VSTRING *channel, VSTRING *nexthop)
{
char *saved_value;
const char *host;
#define FOUND 1
#define NOTFOUND 0
- if (transport_path == 0)
- msg_panic("find_transport_entry: missing initialization");
-
/*
* Look up an entry with extreme prejudice.
*
* XXX Should report lookup failure status to caller instead of aborting.
*/
- if ((value = maps_find(transport_path, key, flags)) == 0)
+ if ((value = maps_find(tp->transport_path, key, flags)) == 0)
return (NOTFOUND);
/*
}
}
-/* transport_wildcard_init - post-jail initialization */
+/* transport_wildcard_init - (re) initialize wild-card lookup result */
-void transport_wildcard_init(void)
+static void transport_wildcard_init(TRANSPORT_INFO *tp)
{
VSTRING *channel = vstring_alloc(10);
VSTRING *nexthop = vstring_alloc(10);
#define FULL 0
#define PARTIAL DICT_FLAG_FIXED
- if (find_transport_entry(WILDCARD, "", FULL, channel, nexthop)) {
- transport_errno = 0;
- wildcard_channel = channel;
- wildcard_nexthop = nexthop;
+ if (find_transport_entry(tp, WILDCARD, "", FULL, channel, nexthop)) {
+ tp->transport_errno = 0;
+ if (tp->wildcard_channel)
+ vstring_free(tp->wildcard_channel);
+ tp->wildcard_channel = channel;
+ if (tp->wildcard_nexthop)
+ vstring_free(tp->wildcard_nexthop);
+ tp->wildcard_nexthop = nexthop;
if (msg_verbose)
msg_info("wildcard_{chan:hop}={%s:%s}",
- vstring_str(wildcard_channel), vstring_str(wildcard_nexthop));
+ vstring_str(channel), vstring_str(nexthop));
} else {
- transport_errno = dict_errno;
+ tp->transport_errno = dict_errno;
vstring_free(channel);
vstring_free(nexthop);
}
/* transport_lookup - map a transport domain */
-int transport_lookup(const char *addr, const char *rcpt_domain,
+int transport_lookup(TRANSPORT_INFO *tp, const char *addr,
+ const char *rcpt_domain,
VSTRING *channel, VSTRING *nexthop)
{
char *full_addr;
if ((ratsign = strrchr(full_addr, '@')) == 0 || ratsign[1] == 0)
msg_panic("transport_lookup: bad address: \"%s\"", full_addr);
- if (find_transport_entry(full_addr, rcpt_domain, FULL, channel, nexthop))
+ if (find_transport_entry(tp, full_addr, rcpt_domain, FULL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
*/
if ((stripped_addr = strip_addr(full_addr, DISCARD_EXTENSION,
*var_rcpt_delim)) != 0) {
- found = find_transport_entry(stripped_addr, rcpt_domain, PARTIAL,
+ found = find_transport_entry(tp, stripped_addr, rcpt_domain, PARTIAL,
channel, nexthop);
myfree(stripped_addr);
* with regular expressions.
*/
for (name = ratsign + 1; /* void */ ; name = next) {
- if (find_transport_entry(name, rcpt_domain, PARTIAL, channel, nexthop))
+ if (find_transport_entry(tp, name, rcpt_domain, PARTIAL, channel, nexthop))
RETURN_FREE(FOUND);
if (dict_errno != 0)
RETURN_FREE(NOTFOUND);
/*
* Fall back to the wild-card entry.
*/
- if (transport_errno)
- transport_wildcard_init();
- if (transport_errno) {
- dict_errno = transport_errno;
+ if (tp->transport_errno)
+ transport_wildcard_init(tp);
+ if (tp->transport_errno) {
+ dict_errno = tp->transport_errno;
RETURN_FREE(NOTFOUND);
- } else if (wildcard_channel) {
- update_entry(STR(wildcard_channel), STR(wildcard_nexthop),
+ } else if (tp->wildcard_channel) {
+ update_entry(STR(tp->wildcard_channel), STR(tp->wildcard_nexthop),
rcpt_domain, channel, nexthop);
RETURN_FREE(FOUND);
}
*/
#include <vstring.h>
+ /*
+ * Global library.
+ */
+#include <maps.h>
+
/*
* External interface.
*/
-extern void transport_init(void);
-extern void transport_wildcard_init(void);
-extern int transport_lookup(const char *, const char *, VSTRING *, VSTRING *);
+typedef struct TRANSPORT_INFO {
+ MAPS *transport_path;
+ VSTRING *wildcard_channel;
+ VSTRING *wildcard_nexthop;
+ int transport_errno;
+} TRANSPORT_INFO;
+
+extern TRANSPORT_INFO *transport_pre_init(const char *, const char *);
+extern void transport_post_init(TRANSPORT_INFO *);
+extern int transport_lookup(TRANSPORT_INFO *, const char *, const char *, VSTRING *, VSTRING *);
+extern void transport_free(TRANSPORT_INFO *);
/* LICENSE
/* .ad
/* SYNOPSIS
/* \fBtrivial-rewrite\fR [generic Postfix daemon options]
/* DESCRIPTION
-/* The \fBtrivial-rewrite\fR daemon processes two types of client
+/* The \fBtrivial-rewrite\fR daemon processes three types of client
/* service requests:
/* .IP \fBrewrite\fR
/* Rewrite an address to standard form. The \fBtrivial-rewrite\fR
/* .IP \fIrecipient\fR
/* The envelope recipient address that is passed on to \fInexthop\fR.
/* .RE
+/* .IP \fBverify\fR
+/* Resolve an address for address verification purposes.
/* DEFAULT DELIVERY METHODS
/* .ad
/* .fi
/* .IP \fBmydestination\fR
/* List of domains that are given to the \fB$local_transport\fR.
/* .IP \fBvirtual_alias_domains\fR
-/* List of simulated virtual domains (domains with all recipients
+/* List of virtual alias domains (domains with all recipients
/* aliased to some other local or remote domain).
/* .IP \fBvirtual_mailbox_domains\fR
/* List of domains that are given to the \fB$virtual_transport\fR.
/* .IP \fBtransport_maps\fR
/* List of tables with \fIrecipient\fR or \fIdomain\fR to
/* (\fItransport, nexthop\fR) mappings.
+/* .SH Address verification
+/* .ad
+/* .fi
+/* By default, address verification probes use the same route
+/* as regular mail. To override specific aspects of message
+/* routing for address verification probes, specify one or more
+/* of the following:
+/* \fBaddress_verify_local_transport\fR,
+/* \fBaddress_verify_virtual_transport\fR,
+/* \fBaddress_verify_relay_transport\fR,
+/* \fBaddress_verify_default_transport\fR,
+/* \fBaddress_verify_relayhost\fR,
+/* \fBaddress_verify_transport_maps\fR.
/* SEE ALSO
/* master(8) process manager
/* syslogd(8) system logging
char *var_empty_addr;
int var_show_unk_rcpt_table;
+ /*
+ * Shadow personality for address verification.
+ */
+char *var_vrfy_xport_maps;
+char *var_vrfy_local_xport;
+char *var_vrfy_virt_xport;
+char *var_vrfy_relay_xport;
+char *var_vrfy_def_xport;
+char *var_vrfy_relayhost;
+
+ /*
+ * Different resolver personalities depending on the kind of request.
+ */
+RES_CONTEXT resolve_regular = {
+ VAR_LOCAL_TRANSPORT, &var_local_transport,
+ VAR_VIRT_TRANSPORT, &var_virt_transport,
+ VAR_RELAY_TRANSPORT, &var_relay_transport,
+ VAR_DEF_TRANSPORT, &var_def_transport,
+ VAR_RELAYHOST, &var_relayhost,
+ VAR_TRANSPORT_MAPS, &var_transport_maps, 0
+};
+
+RES_CONTEXT resolve_verify = {
+ VAR_VRFY_LOCAL_XPORT, &var_vrfy_local_xport,
+ VAR_VRFY_VIRT_XPORT, &var_vrfy_virt_xport,
+ VAR_VRFY_RELAY_XPORT, &var_vrfy_relay_xport,
+ VAR_VRFY_DEF_XPORT, &var_vrfy_def_xport,
+ VAR_VRFY_RELAYHOST, &var_vrfy_relayhost,
+ VAR_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0
+};
+
/* rewrite_service - read request and send reply */
static void rewrite_service(VSTREAM *stream, char *unused_service, char **argv)
ATTR_TYPE_END) == 1) {
if (strcmp(vstring_str(command), REWRITE_ADDR) == 0) {
status = rewrite_proto(stream);
- } else if (strcmp(vstring_str(command), RESOLVE_ADDR) == 0) {
- status = resolve_proto(stream);
+ } else if (strcmp(vstring_str(command), RESOLVE_REGULAR) == 0) {
+ status = resolve_proto(&resolve_regular, stream);
+ } else if (strcmp(vstring_str(command), RESOLVE_VERIFY) == 0) {
+ status = resolve_proto(&resolve_verify, stream);
} else {
msg_warn("bad command %.30s", printable(vstring_str(command), '?'));
}
static void pre_accept(char *unused_name, char **unused_argv)
{
const char *table;
-
+
if ((table = dict_changed_name()) != 0) {
msg_info("table %s has changed -- restarting", table);
exit(0);
command = vstring_alloc(100);
rewrite_init();
resolve_init();
- transport_init();
+ if (*RES_PARAM_VALUE(resolve_regular.transport_maps))
+ resolve_regular.transport_info =
+ transport_pre_init(resolve_regular.transport_maps_name,
+ RES_PARAM_VALUE(resolve_regular.transport_maps));
+ if (*RES_PARAM_VALUE(resolve_verify.transport_maps))
+ resolve_verify.transport_info =
+ transport_pre_init(resolve_verify.transport_maps_name,
+ RES_PARAM_VALUE(resolve_verify.transport_maps));
}
+/* post_jail_init - initialize after entering chroot jail */
+
static void post_jail_init(char *unused_name, char **unused_argv)
{
- transport_wildcard_init();
+ if (resolve_regular.transport_info)
+ transport_post_init(resolve_regular.transport_info);
+ if (resolve_verify.transport_info)
+ transport_post_init(resolve_verify.transport_info);
}
/* main - pass control to the multi-threaded skeleton code */
VAR_LOCAL_TRANSPORT, DEF_LOCAL_TRANSPORT, &var_local_transport, 1, 0,
VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
+ VAR_DEF_TRANSPORT, DEF_DEF_TRANSPORT, &var_def_transport, 1, 0,
VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
- VAR_DEF_TRANSPORT, DEF_DEF_TRANSPORT, &var_def_transport, 1, 0,
- VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
- VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
VAR_EMPTY_ADDR, DEF_EMPTY_ADDR, &var_empty_addr, 1, 0,
+ VAR_VRFY_XPORT_MAPS, DEF_VRFY_XPORT_MAPS, &var_vrfy_xport_maps, 0, 0,
+ VAR_VRFY_LOCAL_XPORT, DEF_VRFY_LOCAL_XPORT, &var_vrfy_local_xport, 1, 0,
+ VAR_VRFY_VIRT_XPORT, DEF_VRFY_VIRT_XPORT, &var_vrfy_virt_xport, 1, 0,
+ VAR_VRFY_RELAY_XPORT, DEF_VRFY_RELAY_XPORT, &var_vrfy_relay_xport, 1, 0,
+ VAR_VRFY_DEF_XPORT, DEF_VRFY_DEF_XPORT, &var_vrfy_def_xport, 1, 0,
+ VAR_VRFY_RELAYHOST, DEF_VRFY_RELAYHOST, &var_vrfy_relayhost, 0, 0,
0,
};
static CONFIG_BOOL_TABLE bool_table[] = {
/*
* resolve.c
*/
+typedef struct {
+ const char *local_transport_name; /* name of variable */
+ char **local_transport; /* local transport:nexthop */
+ const char *virt_transport_name; /* name of variable */
+ char **virt_transport; /* virtual mailbox transport:nexthop */
+ const char *relay_transport_name; /* name of variable */
+ char **relay_transport; /* relay transport:nexthop */
+ const char *def_transport_name; /* name of variable */
+ char **def_transport; /* default transport:nexthop */
+ const char *relayhost_name; /* name of variable */
+ char **relayhost; /* for relay and default transport */
+ const char *transport_maps_name; /* name of variable */
+ char **transport_maps; /* maptype:mapname */
+ struct TRANSPORT_INFO *transport_info; /* handle */
+} RES_CONTEXT;
+
+#define RES_PARAM_VALUE(x) (*(x)) /* make it easy to do it right */
+
extern void resolve_init(void);
-extern int resolve_proto(VSTREAM *);
-extern void resolve_addr(char *, VSTRING *, VSTRING *, VSTRING *, int *);
+extern int resolve_proto(RES_CONTEXT *, VSTREAM *);
/* LICENSE
/* .ad
#define LOCAL_CONNECT stream_connect
#define LOCAL_TRIGGER stream_trigger
#define HAS_VOLATILE_LOCKS
+#define BROKEN_READ_SELECT_ON_BLOCKING_SOCKET
+
/*
* Allow build environment to override paths.
*/
/* See the Postfix \fBmain.cf\fR file for syntax details and for
/* default values. Use the \fBpostfix reload\fR command after a
/* configuration change.
+/* .SH Cache control
+/* .ad
+/* .fi
/* .IP \fBaddress_verify_map\fR
/* Optional table for persistent recipient status storage. The file
/* is opened before the process enters a chroot jail and before
/* .IP \fBaddress_verify_negative_refresh_time\fR
/* The minimal amount of time after which a proactive probe is sent to
/* verify that a known to be bad address is still bad.
+/* .SH Probe message routing
+/* .ad
+/* .fi
+/* By default, probe messages are delivered via the same route
+/* as regular messages. The following parameters can be used to
+/* override specific message routing mechanisms.
+/* .IP \fBaddress_verify_relayhost\fR
+/* Overrides the \fBrelayhost\fR setting.
+/* .IP \fBaddress_verify_transport_maps\fR
+/* Overrides the \fBtransport_maps\fR setting.
+/* .IP \fBaddress_verify_local_transport\fR
+/* Overrides the \fBlocal_transport\fR setting.
+/* .IP \fBaddress_verify_virtual_transport\fR
+/* Overrides the \fBvirtual_transport\fR setting.
+/* .IP \fBaddress_verify_relay_transport\fR
+/* Overrides the \fBrelay_transport\fR setting.
+/* .IP \fBaddress_verify_default_transport\fR
+/* Overrides the \fBdefault_transport\fR setting.
/* SEE ALSO
-/* verify_clnt(3) address verification client
+/* trivial-rewrite(8) address rewriting and resolving
/* LICENSE
/* .ad
/* .fi
projects / thirdparty / postfix.git / commitdiff
