xsasl/xsasl.h, xsasl/xsasl*client.c, smtp/smtp_sasl_glue.c.
More postlink fixes. File: mantools/postlink.
+
+20090419
+
+ Bugfix: don't re-enable SIGHUP if it is ignored in the
+ parent. This may cause random "Postfix integrity check
+ failed" errors at boot time (POSIX SIGHUP death), causing
+ Postfix not to start. We duplicate code from postdrop and
+ thus avoid past mistakes. File: postsuper/postsuper.c.
+
+ Robustness: don't re-enable SIGTERM if it is ignored in the
+ parent. Files: postsuper/postsuper.c, postdrop/postdrop.c.
+
+20090422
+
+ Undo delivery agent change 20090415. The queue manager never
+ locks a queue file to read additional recipients into memory,
+ so if a delivery agent runs into a locked file, then something
+ is seriously wrong. File: global/deliver_request.c.
+
+20090424
+
+ Compatibility: the Postfix SMTP client no longer uses the
+ obsolete SSLv2 by default for opportunistic encryption.
+ This has nothing to do with security (we're willing to send
+ plaintext over an unauthenticated connection) but with the
+ loss of advanced options that give better performance.
+ Victor Duchovni. Files: proto/postconf.proto, global/mail_params.h.
+
+20090426
+
+ Feature: more accurate support for Milter macros {mail_addr}
+ and {rcpt_addr}, and new support for Milter macros {mail_host},
+ {mail_mailer}, {rcpt_host}, and {rcpt_mailer}. Files:
+ milter/milter.[hc], smtpd/smtpd.[hc], smtpd/smtpd_milter.c,
+ smtpd/smtpd_resolve.c.
+
+ Feature: support to report rejected recipients to Milters
+ (SMFIP_RCPT_REJ). Postfix reports the event as decribed in
+ Sendmail 8.14.0 documentation: {rcpt_mailer} = "error",
+ {rcpt_host} = enhanced status code (e.g., "5.7.1"), and
+ {rcpt_addr} = reason to reject (e.g., "Relay access denied").
+ Files: milter/milter.[hc], milter/milter8.c, smtpd/smtpd.[hc],
+ smtpd/smtpd_milter.c.
+
+20090427
+
+ Feature: Milter support for replacing the envelope sender
+ and adding recipients (SMFIR_CHGFROM, SMFIR_ADDRCPT_PAR).
+ This support currently ignores ESMTP command parameters.
+ Files: milter/milter8.c, cleanup/cleanup_milter.c.
+
+20090428
+
+ Compatibility: to make all the new Milter features usable,
+ raise the default milter_protocol setting from 2 to 6.
+ This has been tested with a Sendmail 8.14 libmilter.
+ File: global/mail_params.h.
+
+ Bugfix: don't disable MIME parsing with smtp_header_checks,
+ smtp_mime_header_checks, smtp_nested_header_checks or with
+ smtp_body_checks. Bug reported by Victor. File: smtp/smtp_proto.c.
store its temporary files.
* Configure Postfix to deliver mail to the content filter with the pipe(8)
- delivery agent.
+ delivery agent (see the pipe(8) manpage for a description of the command
+ syntax below).
/etc/postfix/master.cf:
# =============================================================
# (yes) (yes) (yes) (never) (100)
# =============================================================
filter unix - n n - 10 pipe
- flags=Rq user=filter argv=/path/to/script -f ${sender} -- ${recipient}
+ flags=Rq user=filter null_sender=
+ argv=/path/to/script -f ${sender} -- ${recipient}
This runs up to 10 content filters in parallel. Instead of a limit of 10
concurrent processes, use whatever process limit is feasible for your
machine. Content inspection software can gobble up a lot of system
resources, so you don't want to have too much of it running at the same
- time.
+ time. The empty null_sender setting is required with Postfix 2.3 and later.
* To turn on content filtering for mail arriving via SMTP only, append "-
o content_filter=filter:dummy" to the master.cf entry that defines the
As Postfix is not built with the Sendmail libmilter library, you may need to
configure the Milter protocol version that Postfix should use. The default
-version is 2. Other protocol versions are 3 and 4 (Postfix 2.3 and later), and
-6 (Postfix 2.5 an later).
+version is 6 (before Postfix 2.6 the default version is 2).
/etc/postfix/main.cf:
+ # Postfix >= 2.6
+ milter_protocol = 6
+ # 2.3 <= Postfix <= 2.5
milter_protocol = 2
If the Postfix milter_protocol setting specifies a too low version, the
S\bSe\ben\bnd\bdm\bma\bai\bil\bl m\bma\bac\bcr\bro\bo e\bem\bmu\bul\bla\bat\bti\bio\bon\bn
Postfix emulates a limited number of Sendmail macros, as shown in the table.
-Different macros are available at different SMTP protocol stages (EOH = end-of-
-header, EOM = end-of-message); their availability is not always the same as in
+Some macro values depend on whether a recipient is rejected (rejected
+recipients are available on request by the Milter application). Different
+macros are available at different SMTP protocol stages (EOH = end-of-header,
+EOM = end-of-message); their availability is not always the same as in
Sendmail. See the workarounds section below for solutions.
_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b
|{client_connections}|CONNECT |Connection concurrency for|
| | |this client |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- | | |Client hostname, "unknown"|
- |{client_name} |Always |when lookup or |
- | | |verification fails |
+ | | |Client hostname |
+ | | |When address -> name |
+ |{client_name} |Always |lookup or name -> address |
+ | | |verification fails: |
+ | | |"unknown" |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|{client_port} |Always (Postfix >=2.5) |Client TCP port |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- | | |Client name from reverse |
- |{client_ptr} |CONNECT, HELO, MAIL, DATA|lookup, "unknown" when |
- | | |lookup fails |
+ | | |Client name from address -|
+ |{client_ptr} |CONNECT, HELO, MAIL, DATA|> name lookup |
+ | | |When address -> name |
+ | | |lookup fails: "unknown" |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|{cert_issuer} |HELO, MAIL, DATA, EOH, |TLS client certificate |
| |EOM |issuer |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|{mail_addr} |MAIL |Sender address |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |{rcpt_addr} |RCPT |Recipient address |
+ |{mail_host} |MAIL (Postfix >= 2.6) |Sender next-hop |
+ | | |destination |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |{mail_mailer} |MAIL (Postfix >= 2.6) |Sender mail delivery |
+ | | |transport |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ | | |Recipient address |
+ |{rcpt_addr} |RCPT |With rejected recipient: |
+ | | |descriptive text |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ | | |Recipient next-hop |
+ |{rcpt_host} |RCPT (Postfix >= 2.6) |destination |
+ | | |With rejected recpient: |
+ | | |enhanced status code |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ | | |Recipient mail delivery |
+ |{rcpt_mailer} |RCPT (Postfix >= 2.6) |transport |
+ | | |With rejected recipient: |
+ | | |"error" |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|{tls_version} |HELO, MAIL, DATA, EOH, |TLS protocol version |
| |EOM | |
course the usual limitations of before-queue filtering will always apply. See
the CONTENT_INSPECTION_README document for a discussion.
- * Postfix version 2.3 introduces support for Sendmail 8 milter protocol
- versions 2, 3 and 4; Postfix version 2.5 adds support for protocol version
- 6, which is available with Sendmail 8.14. Support for other protocol types
- or protocol versions may be added later.
-
- * For applications that are written in C, you need to use the Sendmail
- libmilter library. A Postfix replacement may be provided in the future.
+ * For Milter applications that are written in C, you need to use the Sendmail
+ libmilter library.
* There are TWO sets of mail filters: filters that are used for SMTP mail
only (specified with the smtpd_milters parameter), and filters for non-SMTP
mail (specified with the non_smtpd_milters parameter). The non-SMTP filters
are primarily for local submissions.
- * When mail is filtered by non-SMTP filters, the Postfix cleanup(8) server
- has to simulate the SMTP client CONNECT and DISCONNECT events, and the SMTP
- client EHLO, MAIL FROM, RCPT TO and DATA commands. This works as expected,
- with only one exception: non-SMTP filters must not REJECT or TEMPFAIL
- simulated RCPT TO commands. When a non-SMTP filter REJECTs or TEMPFAILs a
- recipient, Postfix will report a configuration error, and mail will stay in
- the queue.
+ o When mail is filtered by non-SMTP filters, the Postfix cleanup(8)
+ server has to simulate the SMTP client CONNECT and DISCONNECT events,
+ and the SMTP client EHLO, MAIL FROM, RCPT TO and DATA commands. This
+ works as expected, with only one exception: non-SMTP filters must not
+ REJECT or TEMPFAIL simulated RCPT TO commands. When a non-SMTP filter
+ REJECTs or TEMPFAILs a recipient, Postfix will report a configuration
+ error, and mail will stay in the queue.
* Postfix currently does not apply content filters to mail that is forwarded
or aliased internally, or to mail that is generated internally such as
command information; they have no access to the message header or body, and
cannot make modifications to the message or to the envelope.
- * Postfix 2.3 does not support Milter requests to replace the message body.
- Milter applications that request this unsupported operation will log a
- warning like this:
+ * Postfix version 2.6 implements all Sendmail 8.14 Milter features, except it
+ ignores the optional ESMTP command parameters with requests to replace the
+ sender (SMFIR_CHGFROM), or to append a recipient (SMFIR_ADDRCPT_PAR). When
+ a Milter application supplies ESMTP command parameters, these are logged as
+ follows:
- application name: st_optionneg[134563840]: 0x3d does not fulfill action
- requirements 0x1e
+ postfix/cleanup[40629]: warning: 100B22B3293: cleanup_chg_from: ignoring
+ ESMTP arguments "whatever"
- The solution is to use Postfix version 2.4 or later.
+ Specify "milter_protocol = 6" to enable all available Sendmail 8.14 and
+ earlier Milter features.
- * Postfix version 2.5 implements the Sendmail 8.14 features except:
+ * Postfix version 2.5 implements all Sendmail 8.14 Milter features except:
SMFIP_RCPT_REJ (report rejected recipients to the mail filter),
SMFIR_CHGFROM (replace sender, with optional ESMTP command parameters), and
SMFIR_ADDRCPT_PAR (add recipient, with optional ESMTP command parameters).
+ Specify "milter_protocol = 6" to enable all available Sendmail 8.14 and
+ earlier Milter features.
+
+ * Postfix 2.4 implements all Sendmail 8.13 Milter features.
+
+ Specify "milter_protocol = 4" to enable all available Sendmail 8.13 and
+ earlier Milter features.
+
+ * Postfix 2.3 implements all Sendmail 8.13 Milter features except requests to
+ replace the message body. Milter applications that request this unsupported
+ operation will log a warning like
+
+ application name: st_optionneg[134563840]: 0x3d does not fulfill action
+ requirements 0x1e
+
+ The solution is to use Postfix version 2.4 or later.
+
+ Specify "milter_protocol = 4" to enable all available Sendmail 8.13 and
+ earlier Milter features.
+
* Most Milter configuration options are global. Future Postfix versions may
support per-Milter timeouts, per-Milter error handling, etc.
produces a result of PERMIT, REJECT or DEFER (try again later). The end of the
list is equivalent to a PERMIT result. By placing a PERMIT restriction before a
REJECT restriction you can make exceptions for specific clients or users. This
-is called whitelisting; the last example above allows mail from local networks
-but otherwise rejects mail to arbitrary destinations.
+is called whitelisting; the fourth example above allows mail from local
+networks but otherwise rejects mail to arbitrary destinations.
The table below summarizes the purpose of each SMTP access restriction list.
All lists use the exact same syntax; they differ only in the time of evaluation
smtp_tls_mandatory_protocols = !SSLv2
# Also available with Postfix >= 2.6:
smtp_tls_ciphers = export
- smtp_tls_protocols =
+ smtp_tls_protocols = !SSLv2
C\bCl\bli\bie\ben\bnt\bt-\b-s\bsi\bid\bde\be S\bSM\bMT\bTP\bPS\bS s\bsu\bup\bpp\bpo\bor\brt\bt
The mail_release_date configuration parameter (format: yyyymmdd)
specifies the release date of a stable release or snapshot release.
+Incompatibility with snapshot 20090428
+======================================
+
+The Postfix SMTP client(!) no longer tries to use the obsolete SSLv2
+protocol by default, as this may prevent the use of modern SSL
+features. Lack of SSLv2 support should never be a problem, since
+SSLv3 was defined in 1996, and TLSv1 in 2006, but you can undo the
+change by specifying empty main.cf values for smtp_tls_protocols
+and lmtp_tls_protocols. The Postfix SMTP server maintains SSLv2
+support for backwards compatibility with ancient clients.
+
+The default Milter protocol version is increased from 2 to 6; this
+enables all available features up to and including Sendmail 8.14.0.
+The new milter_protocol setting may break compatibility with older
+Milter libraries or applications, and may cause Postfix to log
+warning messages such as:
+
+ postfix/smtpd[21045]: warning: milter inet:host:port: can't read packet
+ header: Unknown error : 0
+ postfix/cleanup[15190]: warning: milter inet:host:port: can't read packet
+ header: Success
+
+To restore compatibility, specify "milter_protocol = 2" in main.cf.
+
+Major changes with snapshot 20090428
+====================================
+
+The following improvements have been made to the Milter implementation:
+
+- Improved compatibility of the {mail_addr} and {rcpt_addr} macros.
+
+- Support for the {mail_host}, {mail_mailer}, {rcpt_host} and
+{rcpt_mailer} macros.
+
+- Milter applications can now request rejected recipients with the
+SMFIP_RCPT_REJ feature. Rejected recipients are reported with
+{rcpt_mailer} = "error", {rcpt_host} = enhanced status code, and
+{rcpt_addr} = descriptive text. This feature requires "milter_protocol
+= 6" or higher (default as of Postfix 2.6).
+
+- Milters can now replace the envelope sender address with the
+SMFIR_CHGFROM request, and can add recipients with SMFIR_ADDRCPT_PAR.
+These implementations currently ignore ESMTP command parameters
+with a warning message as follows:
+
+ postfix/cleanup[40629]: warning: 100B22B3293: cleanup_chg_from:
+ ignoring ESMTP arguments "whatever"
+
Incompatibility with snapshot 20090330
======================================
is supposed to store its temporary files. </p>
<li> <p> Configure Postfix to deliver mail to the content filter
-with the <a href="pipe.8.html">pipe(8)</a> delivery agent. </p>
+with the <a href="pipe.8.html">pipe(8)</a> delivery agent (see the <a href="pipe.8.html">pipe(8)</a> manpage for a
+description of the command syntax below). </p>
<pre>
/etc/postfix/<a href="master.5.html">master.cf</a>:
# (yes) (yes) (yes) (never) (100)
# =============================================================
filter unix - n n - 10 pipe
- flags=Rq user=filter argv=/path/to/script -f ${sender} -- ${recipient}
+ flags=Rq user=filter null_sender=
+ argv=/path/to/script -f ${sender} -- ${recipient}
</pre>
<p> This runs up to 10 content filters in parallel. Instead of a
limit of 10 concurrent processes, use whatever process limit is
feasible for your machine. Content inspection software can gobble
up a lot of system resources, so you don't want to have too much
-of it running at the same time. </p>
+of it running at the same time. The empty null_sender setting is
+required with Postfix 2.3 and later. </p>
<li> <p> To turn on content filtering for mail arriving via SMTP
only, append "-o <a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" to the <a href="master.5.html">master.cf</a>
<p> As Postfix is not built with the Sendmail libmilter library,
you may need to configure the Milter protocol version that Postfix
-should use. The default version is 2. Other protocol versions are
-3 and 4 (Postfix 2.3 and later), and 6 (Postfix 2.5 an later). </p>
+should use. The default version is 6 (before Postfix 2.6 the default
+version is 2). </p>
<blockquote>
<pre>
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ # Postfix ≥ 2.6
+ <a href="postconf.5.html#milter_protocol">milter_protocol</a> = 6
+ # 2.3 ≤ Postfix ≤ 2.5
<a href="postconf.5.html#milter_protocol">milter_protocol</a> = 2
</pre>
</blockquote>
<h3><a name="macros">Sendmail macro emulation</a></h3>
<p> Postfix emulates a limited number of Sendmail macros, as shown
-in the table. Different macros are available at different SMTP
+in the table. Some macro values depend on whether a recipient is
+rejected (rejected recipients are available on request by the Milter
+application). Different macros are available at different SMTP
protocol stages (EOH = end-of-header, EOM = end-of-message); their
availability is not
always the same as in Sendmail. See the <a
<tr> <td> {client_connections} </td> <td> CONNECT </td> <td>
Connection concurrency for this client </td> </tr>
-<tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname,
-"unknown" when lookup or verification fails </td> </tr>
+<tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname
+<br> When address → name lookup or name → address
+verification fails: "unknown" </td> </tr>
<tr> <td> {client_port} </td> <td> Always (Postfix ≥2.5) </td>
<td> Client TCP port </td> </tr>
<tr> <td> {client_ptr} </td> <td> CONNECT, HELO, MAIL, DATA </td>
-<td> Client name from reverse lookup, "unknown" when lookup fails
-</td> </tr>
+<td> Client name from address → name lookup <br> When address
+→ name lookup fails: "unknown" </td> </tr>
<tr> <td> {cert_issuer} </td> <td> HELO, MAIL, DATA, EOH, EOM </td> <td>
TLS client certificate issuer </td> </tr>
<tr> <td> {mail_addr} </td> <td> MAIL </td> <td> Sender address
</td> </tr>
+<tr> <td> {mail_host} </td> <td> MAIL (Postfix ≥ 2.6) </td> <td>
+Sender next-hop destination </td> </tr>
+
+<tr> <td> {mail_mailer} </td> <td> MAIL (Postfix ≥ 2.6) </td>
+<td> Sender mail delivery transport </td> </tr>
+
<tr> <td> {rcpt_addr} </td> <td> RCPT </td> <td> Recipient address
-</td> </tr>
+<br> With rejected recipient: descriptive text </td> </tr>
+
+<tr> <td> {rcpt_host} </td> <td> RCPT (Postfix ≥ 2.6) </td> <td>
+Recipient next-hop destination <br> With rejected recpient: enhanced
+status code </td> </tr>
+
+<tr> <td> {rcpt_mailer} </td> <td> RCPT (Postfix ≥ 2.6) </td>
+<td> Recipient mail delivery transport <br> With rejected recipient:
+"error" </td> </tr>
-<tr> <td> {tls_version} </td> <td> HELO, MAIL, DATA, EOH, EOM </td> <td>
-TLS protocol version </td> </tr>
+<tr> <td> {tls_version} </td> <td> HELO, MAIL, DATA, EOH, EOM </td>
+<td> TLS protocol version </td> </tr>
<tr> <td> v </td> <td> Always </td> <td> value of <a href="postconf.5.html#milter_macro_v">milter_macro_v</a>
</td> </tr>
<ul>
-<li> <p> Postfix version 2.3 introduces support for Sendmail 8
-milter protocol versions 2, 3 and 4; Postfix version 2.5 adds support
-for protocol version 6, which is available with Sendmail 8.14.
-Support for other protocol types or protocol versions may be added
-later. </p>
-
-<li> <p> For applications that are written in C, you need to use
-the Sendmail libmilter library. A Postfix replacement may be
-provided in the future. </p>
+<li> <p> For Milter applications that are written in C, you need
+to use the Sendmail libmilter library. </p>
<li> <p> There are TWO sets of mail filters: filters that are used
for SMTP mail only (specified with the <a href="postconf.5.html#smtpd_milters">smtpd_milters</a> parameter),
parameter). The non-SMTP filters are primarily for local submissions.
</p>
+<ul>
+
<li> <p> When mail is filtered by non-SMTP filters, the Postfix
<a href="cleanup.8.html">cleanup(8)</a> server has to simulate the SMTP client CONNECT and
DISCONNECT events, and the SMTP client EHLO, MAIL FROM, RCPT TO and
Postfix will report a configuration error, and mail will stay in
the queue. </p>
+</ul>
+
<li> <p> Postfix currently does not apply content filters to mail
that is forwarded or aliased internally, or to mail that is generated
internally such as bounces or Postmaster notifications. This may
message header or body, and cannot make modifications to the message
or to the envelope. </p>
-<li> <p> Postfix 2.3 does not support Milter requests to replace
-the message body. Milter applications that request this unsupported
-operation will log a warning like this: </p>
+<li> <p> Postfix version 2.6 implements all Sendmail 8.14 Milter
+features, except it ignores the optional ESMTP command parameters
+with requests to replace the sender (SMFIR_CHGFROM), or to append
+a recipient (SMFIR_ADDRCPT_PAR). When a Milter application supplies
+ESMTP command parameters, these are logged as follows: </p>
+
+<pre>
+postfix/cleanup[40629]: warning: 100B22B3293: cleanup_chg_from: ignoring ESMTP arguments "<i>whatever</i>"
+</pre>
+
+<p> Specify "<a href="postconf.5.html#milter_protocol">milter_protocol</a> = 6" to enable all available Sendmail
+8.14 and earlier Milter features. </p>
+
+<li> <p> Postfix version 2.5 implements all Sendmail 8.14 Milter
+features except: SMFIP_RCPT_REJ (report rejected recipients to the
+mail filter), SMFIR_CHGFROM (replace sender, with optional ESMTP
+command parameters), and SMFIR_ADDRCPT_PAR (add recipient, with
+optional ESMTP command parameters). </p>
+
+<p> Specify "<a href="postconf.5.html#milter_protocol">milter_protocol</a> = 6" to enable all available Sendmail
+8.14 and earlier Milter features. </p>
+
+<li> <p> Postfix 2.4 implements all Sendmail 8.13 Milter features.
+</p>
+
+<p> Specify "<a href="postconf.5.html#milter_protocol">milter_protocol</a> = 4" to enable all available Sendmail
+8.13 and earlier Milter features. </p>
+
+<li> <p> Postfix 2.3 implements all Sendmail 8.13 Milter features
+except requests to replace the message body. Milter applications
+that request this unsupported operation will log a warning like
<blockquote>
<pre>
<p> The solution is to use Postfix version 2.4 or later. </p>
-<li> <p> Postfix version 2.5 implements the Sendmail 8.14 features
-except: SMFIP_RCPT_REJ (report rejected recipients to the mail
-filter), SMFIR_CHGFROM (replace sender, with optional ESMTP command
-parameters), and SMFIR_ADDRCPT_PAR (add recipient, with optional
-ESMTP command parameters).
+<p> Specify "<a href="postconf.5.html#milter_protocol">milter_protocol</a> = 4" to enable all available Sendmail
+8.13 and earlier Milter features. </p>
<li> <p> Most Milter configuration options are global. Future Postfix
versions may support per-Milter timeouts, per-Milter error handling,
again later). The end of the list is equivalent to a PERMIT result.
By placing a PERMIT restriction before a REJECT restriction you
can make exceptions for specific clients or users. This is called
-whitelisting; the last example above allows mail from local networks
-but otherwise rejects mail to arbitrary destinations. </p>
+whitelisting; the fourth example above allows mail from local
+networks but otherwise rejects mail to arbitrary destinations. </p>
<p> The table below summarizes the purpose of each SMTP access
restriction list. All lists use the exact same syntax; they differ
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2
# Also available with Postfix ≥ 2.6:
<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
- <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> =
+ <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2
</pre>
</blockquote>
mail that does not arrive via the Postfix <a href="smtpd.8.html"><b>smtpd</b>(8)</a>
server.
- <b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (2)</b>
+ <b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (6)</b>
The mail filter protocol version and optional pro-
tocol extensions for communication with a Milter
- (mail filter) application.
+ application; prior to Postfix 2.6 the default pro-
+ tocol is 2.
<b><a href="postconf.5.html#milter_default_action">milter_default_action</a> (tempfail)</b>
- The default action when a Milter (mail filter)
+ The default action when a Milter (mail filter)
application is unavailable or mis-configured.
<b><a href="postconf.5.html#milter_macro_daemon_name">milter_macro_daemon_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
cations.
<b><a href="postconf.5.html#milter_connect_timeout">milter_connect_timeout</a> (30s)</b>
- The time limit for connecting to a Milter (mail
- filter) application, and for negotiating protocol
+ The time limit for connecting to a Milter (mail
+ filter) application, and for negotiating protocol
options.
<b><a href="postconf.5.html#milter_command_timeout">milter_command_timeout</a> (30s)</b>
- The time limit for sending an SMTP command to a
+ The time limit for sending an SMTP command to a
Milter (mail filter) application, and for receiving
the response.
<b><a href="postconf.5.html#milter_content_timeout">milter_content_timeout</a> (300s)</b>
- The time limit for sending message content to a
+ The time limit for sending message content to a
Milter (mail filter) application, and for receiving
the response.
<b><a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
- applications after completion of an SMTP connec-
+ The macros that are sent to Milter (mail filter)
+ applications after completion of an SMTP connec-
tion.
<b><a href="postconf.5.html#milter_helo_macros">milter_helo_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP HELO or EHLO command.
<b><a href="postconf.5.html#milter_mail_macros">milter_mail_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP MAIL FROM command.
<b><a href="postconf.5.html#milter_rcpt_macros">milter_rcpt_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP RCPT TO command.
<b><a href="postconf.5.html#milter_data_macros">milter_data_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to version 4 or higher
- Milter (mail filter) applications after the SMTP
+ The macros that are sent to version 4 or higher
+ Milter (mail filter) applications after the SMTP
DATA command.
<b><a href="postconf.5.html#milter_unknown_command_macros">milter_unknown_command_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to version 3 or higher
- Milter (mail filter) applications after an unknown
+ The macros that are sent to version 3 or higher
+ Milter (mail filter) applications after an unknown
SMTP command.
<b><a href="postconf.5.html#milter_end_of_data_macros">milter_end_of_data_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the message end-of-data.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#milter_end_of_header_macros">milter_end_of_header_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the end of the message header.
<b>MIME PROCESSING CONTROLS</b>
will handle.
<b><a href="postconf.5.html#strict_8bitmime">strict_8bitmime</a> (no)</b>
- Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
+ Enable both <a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> and strict_8bit-
mime_body.
<b><a href="postconf.5.html#strict_7bit_headers">strict_7bit_headers</a> (no)</b>
Reject mail with 8-bit text in message headers.
<b><a href="postconf.5.html#strict_8bitmime_body">strict_8bitmime_body</a> (no)</b>
- Reject 8-bit message body text without 8-bit MIME
+ Reject 8-bit message body text without 8-bit MIME
content encoding information.
<b><a href="postconf.5.html#strict_mime_encoding_domain">strict_mime_encoding_domain</a> (no)</b>
Reject mail with invalid Content-Transfer-Encoding:
- information for the message/* or multipart/* MIME
+ information for the message/* or multipart/* MIME
content types.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#detect_8bit_encoding_header">detect_8bit_encoding_header</a> (yes)</b>
Automatically detect 8BITMIME body content by look-
- ing at Content-Transfer-Encoding: message headers;
- historically, this behavior was hard-coded to be
+ ing at Content-Transfer-Encoding: message headers;
+ historically, this behavior was hard-coded to be
"always on".
<b>AUTOMATIC BCC RECIPIENT CONTROLS</b>
mail enters the mail system:
<b><a href="postconf.5.html#always_bcc">always_bcc</a> (empty)</b>
- Optional address that receives a "blind carbon
+ Optional address that receives a "blind carbon
copy" of each message that is received by the Post-
fix mail system.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#sender_bcc_maps">sender_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by sender address.
<b><a href="postconf.5.html#recipient_bcc_maps">recipient_bcc_maps</a> (empty)</b>
- Optional BCC (blind carbon-copy) address lookup
+ Optional BCC (blind carbon-copy) address lookup
tables, indexed by recipient address.
<b>ADDRESS TRANSFORMATION CONTROLS</b>
- Address
rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
- daemon. The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven
+ Address
rewriting is delegated to the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
+ daemon. The <a href="cleanup.8.html"><b>cleanup</b>(8)</a> server implements table driven
address mapping.
<b><a href="postconf.5.html#empty_address_recipient">empty_address_recipient</a> (MAILER-DAEMON)</b>
- The recipient of mail addressed to the null
+ The recipient of mail addressed to the null
address.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
- Optional address mapping lookup tables for message
+ Optional address mapping lookup tables for message
headers and envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
Optional address mapping lookup tables for envelope
and header sender addresses.
- <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
+ <b><a href="postconf.5.html#masquerade_classes">masquerade_classes</a> (envelope_sender, header_sender,</b>
<b>header_recipient)</b>
What addresses are subject to address masquerading.
<b><a href="postconf.5.html#masquerade_domains">masquerade_domains</a> (empty)</b>
- Optional list of domains whose subdomain structure
+ Optional list of domains whose subdomain structure
will be stripped off in email addresses.
<b><a href="postconf.5.html#masquerade_exceptions">masquerade_exceptions</a> (empty)</b>
- Optional list of user names that are not subjected
- to address masquerading, even when their address
+ Optional list of user names that are not subjected
+ to address masquerading, even when their address
matches $<a href="postconf.5.html#masquerade_domains">masquerade_domains</a>.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
- What address lookup tables copy an address exten-
+ What address lookup tables copy an address exten-
sion from the lookup key to the lookup result.
Available before Postfix version 2.0:
<b><a href="postconf.5.html#virtual_maps">virtual_maps</a> (empty)</b>
Optional lookup tables with a) names of domains for
- which all addresses are aliased to addresses in
- other local or remote domains, and b) addresses
- that are aliased to addresses in other local or
+ which all addresses are aliased to addresses in
+ other local or remote domains, and b) addresses
+ that are aliased to addresses in other local or
remote domains.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
- Optional lookup tables that alias specific mail
- addresses or domains to other local or remote
+ Optional lookup tables that alias specific mail
+ addresses or domains to other local or remote
address.
Available in Postfix version 2.2 and later:
- <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
+ <b><a href="postconf.5.html#canonical_classes">canonical_classes</a> (envelope_sender, envelope_recipient,</b>
<b>header_sender, header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
+ What
addresses are subject to <a href="postconf.5.html#canonical_maps">canonical_maps</a>
address mapping.
<b><a href="postconf.5.html#recipient_canonical_classes">recipient_canonical_classes</a> (envelope_recipient,</b>
<b>header_recipient)</b>
- What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
+ What
addresses are subject to <a href="postconf.5.html#recipient_canonical_maps">recipient_canoni</a>-
<a href="postconf.5.html#recipient_canonical_maps">cal_maps</a> address mapping.
<b><a href="postconf.5.html#sender_canonical_classes">sender_canonical_classes</a> (envelope_sender, header_sender)</b>
address mapping.
<b><a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> (empty)</b>
- Don't rewrite message headers from remote clients
+ Don't rewrite message headers from remote clients
at all when this parameter is empty; otherwise, re-
- write message headers and append the specified
+ write message headers and append the specified
domain name to incomplete addresses.
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#duplicate_filter_limit">duplicate_filter_limit</a> (1000)</b>
- The maximal number of addresses remembered by the
- address
duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <a href="virtual.5.html"><b>vir-</b></a>
+ The maximal number of addresses remembered by the
+ address
duplicate filter for <a href="aliases.5.html"><b>aliases</b>(5)</a> or <a href="virtual.5.html"><b>vir-</b></a>
<a href="virtual.5.html"><b>tual</b>(5)</a> alias expansion, or for <a href="showq.8.html"><b>showq</b>(8)</a> queue dis-
plays.
message header.
<b><a href="postconf.5.html#hopcount_limit">hopcount_limit</a> (50)</b>
- The maximal number of Received: message headers
+ The maximal number of Received: message headers
that is allowed in the primary message headers.
<b><a href="postconf.5.html#in_flow_delay">in_flow_delay</a> (1s)</b>
- Time to pause before accepting a new message, when
+ Time to pause before accepting a new message, when
the message arrival rate exceeds the message deliv-
ery rate.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
- The maximal size in bytes of a message, including
+ The maximal size in bytes of a message, including
envelope information.
Available in Postfix version 2.0 and later:
will handle.
<b><a href="postconf.5.html#queue_file_attribute_count_limit">queue_file_attribute_count_limit</a> (100)</b>
- The maximal number of (name=value) attributes that
+ The maximal number of (name=value) attributes that
may be stored in a Postfix queue file.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#virtual_alias_expansion_limit">virtual_alias_expansion_limit</a> (1000)</b>
- The maximal number of addresses that virtual alias
+ The maximal number of addresses that virtual alias
expansion produces from each original recipient.
<b><a href="postconf.5.html#virtual_alias_recursion_limit">virtual_alias_recursion_limit</a> (1000)</b>
- The maximal nesting depth of virtual alias expan-
+ The maximal nesting depth of virtual alias expan-
sion.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
- The maximal number of digits after the decimal
+ The maximal number of digits after the decimal
point when logging sub-second delay values.
<b><a href="postconf.5.html#delay_warning_time">delay_warning_time</a> (0h)</b>
- The time after which the sender receives the mes-
+ The time after which the sender receives the mes-
sage headers of mail that is still queued.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for an incoming connection
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of incoming connections that a
- Postfix daemon process will service before termi-
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
nating voluntarily.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to
- come from, and that locally posted mail is deliv-
+ come from, and that locally posted mail is deliv-
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon
+ The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#enable_original_recipient">enable_original_recipient</a> (yes)</b>
- Enable support for the X-Original-To message
+ Enable support for the X-Original-To message
header.
<b>FILES</b>
<a href="CONTENT_INSPECTION_README.html">CONTENT_INSPECTION_README</a> content inspection
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
Available in Postfix version 2.6 and later:
- <b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (empty)</b>
+ <b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (!SSLv2)</b>
List of TLS protocols that the Postfix SMTP client
will exclude or include with opportunistic TLS
encryption.
<b>ward</b>+<i>foo</i> or in ~<i>name</i>/.<b>forward</b>, to the mailbox owned by the
user <i>name</i>, or it is sent back as undeliverable.
- In all cases the <a href="local.8.html"><b>local</b>(8)</a> daemon prepends an optional
- `<b>Delivered-To:</b> header line with the final recipient
- address.
-
<b>DELIVERY RIGHTS</b>
Deliveries to external files and external commands are
made with the rights of the receiving user on whose behalf
by naive software. For example, when the <a href="pipe.8.html"><b>pipe</b>(8)</a>
daemon executes a command such as:
- command -f$sender -- $recipient (<i>bad</i>)
+ <i>Wrong</i>: command -f$sender -- $recipient
the command will mis-parse the -f option value when
the sender address is a null string. For correct
parsing, specify <b>$sender</b> as an argument by itself:
- command -f $sender -- $recipient (<i>good</i>)
+ <i>Right</i>: command -f $sender -- $recipient
This feature is available as of Postfix 2.3.
</DD>
<DT><b><a name="milter_protocol">milter_protocol</a>
-(default: 2)</b></DT><DD>
+(default: 6)</b></DT><DD>
<p> The mail filter protocol version and optional protocol extensions
-for communication with a Milter (mail filter) application. Postfix
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2. Postfix
sends this version number during the initial protocol handshake.
It should match the version number that is expected by the mail
filter application (or by its Milter library). </p>
<dl compact>
<dt>2</dt> <dd>Use Sendmail 8 mail filter protocol version 2 (default
-as of Sendmail version 8.11).</dd>
+with Sendmail version 8.11 .. 8.13 and Postfix version 2.3 ..
+2.5).</dd>
<dt>3</dt> <dd>Use Sendmail 8 mail filter protocol version 3.</dd>
<dt>4</dt> <dd>Use Sendmail 8 mail filter protocol version 4.</dd>
<dt>6</dt> <dd>Use Sendmail 8 mail filter protocol version 6 (default
-as of Sendmail version 8.14).</dd>
+with Sendmail version 8.14 and Postfix version 2.6).</dd>
</dl>
of how the policy is specified, the <a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> and
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> parameters apply when TLS encryption
is mandatory. Connections for which encryption is optional typically
-enable all "export" grade and better ciphers and all SSL/TLS protocols
-
(see <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> and <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>). </p>
+enable all "export" grade and better ciphers (see <a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a>
+and <a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a>). </p>
<p> As long as no secure DNS lookup mechanism is available, false
hostnames in MX or CNAME responses can change the server hostname
</DD>
<DT><b><a name="smtp_tls_protocols">smtp_tls_protocols</a>
-(default: empty)</b></DT><DD>
+(default: !SSLv2)</b></DT><DD>
-<p> List of TLS protocols that the Postfix SMTP client will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS. </p>
+<p> List of TLS protocols that the Postfix SMTP client will exclude or
+include with opportunistic TLS encryption. Starting with Postfix 2.6,
+the Postfix SMTP client will by default not use the obsolete SSLv2
+protocol. </p>
<p> In <a href="postconf.5.html">main.cf</a> the values are separated by whitespace, commas or
colons. In the policy table (see <a href="postconf.5.html#smtp_tls_policy_maps">smtp_tls_policy_maps</a>) the only valid
<p> Example: </p>
<pre>
-<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2
+# TLSv1 only!
+<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2, !SSLv3
</pre>
<p> This feature is available in Postfix 2.6 and later. </p>
# Opportunistic TLS.
<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = may
# Postfix ≥ 2.6:
-# Do not tweak opportunistic ciphers or protocols unless it is essential
+# Do not tweak opportunistic ciphers unless it is essential
# to do so (if a security vulnerability is found in the SSL library that
# can be mitigated by disabling a particular protocol or raising the
# cipher grade from "export" to "low" or "medium").
<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
-<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> =
+<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2
</pre>
<pre>
Available in Postfix version 2.6 and later:
- <b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (empty)</b>
+ <b><a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> (!SSLv2)</b>
List of TLS protocols that the Postfix SMTP client
will exclude or include with opportunistic TLS
encryption.
A list of Milter (mail filter) applications for new
mail that arrives via the Postfix <a href="smtpd.8.html"><b>smtpd</b>(8)</a> server.
- <b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (2)</b>
+ <b><a href="postconf.5.html#milter_protocol">milter_protocol</a> (6)</b>
The mail filter protocol version and optional pro-
tocol extensions for communication with a Milter
- (mail filter) application.
+ application; prior to Postfix 2.6 the default pro-
+ tocol is 2.
<b><a href="postconf.5.html#milter_default_action">milter_default_action</a> (tempfail)</b>
- The default action when a Milter (mail filter)
+ The default action when a Milter (mail filter)
application is unavailable or mis-configured.
<b><a href="postconf.5.html#milter_macro_daemon_name">milter_macro_daemon_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
cations.
<b><a href="postconf.5.html#milter_connect_timeout">milter_connect_timeout</a> (30s)</b>
- The time limit for connecting to a Milter (mail
- filter) application, and for negotiating protocol
+ The time limit for connecting to a Milter (mail
+ filter) application, and for negotiating protocol
options.
<b><a href="postconf.5.html#milter_command_timeout">milter_command_timeout</a> (30s)</b>
- The time limit for sending an SMTP command to a
+ The time limit for sending an SMTP command to a
Milter (mail filter) application, and for receiving
the response.
<b><a href="postconf.5.html#milter_content_timeout">milter_content_timeout</a> (300s)</b>
- The time limit for sending message content to a
+ The time limit for sending message content to a
Milter (mail filter) application, and for receiving
the response.
<b><a href="postconf.5.html#milter_connect_macros">milter_connect_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
- applications after completion of an SMTP connec-
+ The macros that are sent to Milter (mail filter)
+ applications after completion of an SMTP connec-
tion.
<b><a href="postconf.5.html#milter_helo_macros">milter_helo_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP HELO or EHLO command.
<b><a href="postconf.5.html#milter_mail_macros">milter_mail_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP MAIL FROM command.
<b><a href="postconf.5.html#milter_rcpt_macros">milter_rcpt_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the SMTP RCPT TO command.
<b><a href="postconf.5.html#milter_data_macros">milter_data_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to version 4 or higher
- Milter (mail filter) applications after the SMTP
+ The macros that are sent to version 4 or higher
+ Milter (mail filter) applications after the SMTP
DATA command.
<b><a href="postconf.5.html#milter_unknown_command_macros">milter_unknown_command_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to version 3 or higher
- Milter (mail filter) applications after an unknown
+ The macros that are sent to version 3 or higher
+ Milter (mail filter) applications after an unknown
SMTP command.
<b><a href="postconf.5.html#milter_end_of_header_macros">milter_end_of_header_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the end of the message header.
<b><a href="postconf.5.html#milter_end_of_data_macros">milter_end_of_data_macros</a> (see 'postconf -d' output)</b>
- The macros that are sent to Milter (mail filter)
+ The macros that are sent to Milter (mail filter)
applications after the message end-of-data.
<b>GENERAL CONTENT INSPECTION CONTROLS</b>
- The following parameters are applicable for both built-in
+ The following parameters are applicable for both built-in
and external content filters.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
- Enable or disable recipient validation, built-in
+ Enable or disable recipient validation, built-in
content filtering, or address mapping.
<b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
- The following parameters are applicable for both before-
+ The following parameters are applicable for both before-
queue and after-queue content filtering.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b>
- What SMTP clients are allowed to use the XFORWARD
+ What SMTP clients are allowed to use the XFORWARD
feature.
<b>SASL AUTHENTICATION CONTROLS</b>
- Postfix SASL support (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>) can be used to authenti-
- cate remote SMTP clients to the Postfix SMTP server, and
- to authenticate the Postfix SMTP client to a remote SMTP
+ Postfix SASL support (<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>) can be used to authenti-
+ cate remote SMTP clients to the Postfix SMTP server, and
+ to authenticate the Postfix SMTP client to a remote SMTP
server. See the <a href="SASL_README.html">SASL_README</a> document for details.
<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b>
- Enable inter-operability with SMTP clients that
- implement an obsolete version of the AUTH command
+ Enable inter-operability with SMTP clients that
+ implement an obsolete version of the AUTH command
(<a href="http://tools.ietf.org/html/rfc4954">RFC 4954</a>).
<b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b>
- Enable SASL authentication in the Postfix SMTP
+ Enable SASL authentication in the Postfix SMTP
server.
<b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b>
- The name of the Postfix SMTP server's local SASL
+ The name of the Postfix SMTP server's local SASL
authentication realm.
<b><a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> (noanonymous)</b>
- Postfix SMTP server SASL security options; as of
- Postfix 2.3 the list of available features depends
- on the SASL server implementation that is selected
+ Postfix SMTP server SASL security options; as of
+ Postfix 2.3 the list of available features depends
+ on the SASL server implementation that is selected
with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b>
- Optional lookup table with the SASL login names
+ Optional lookup table with the SASL login names
that own sender (MAIL FROM) addresses.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b>
- What remote SMTP clients the Postfix SMTP server
+ What remote SMTP clients the Postfix SMTP server
will not offer AUTH support to.
Available in Postfix version 2.1 and 2.2:
<b>smtpd_sasl_application_name (smtpd)</b>
- The application name that the Postfix SMTP server
+ The application name that the Postfix SMTP server
uses for SASL server initialization.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a> (no)</b>
- Report the SASL authenticated user name in the
+ Report the SASL authenticated user name in the
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> Received message header.
<b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a> (smtpd)</b>
- Implementation-specific information that the Post-
- fix SMTP server passes through to the SASL plug-in
- implementation that is selected with
+ Implementation-specific information that the Post-
+ fix SMTP server passes through to the SASL plug-in
+ implementation that is selected with
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a> (cyrus)</b>
- The SASL plug-in type that the Postfix SMTP server
+ The SASL plug-in type that the Postfix SMTP server
should use for authentication.
Available in Postfix version 2.5 and later:
<b><a href="postconf.5.html#cyrus_sasl_config_path">cyrus_sasl_config_path</a> (empty)</b>
- Search path for Cyrus SASL application configura-
- tion files, currently used only to locate the
+ Search path for Cyrus SASL application configura-
+ tion files, currently used only to locate the
$<a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a>.conf file.
<b>STARTTLS SUPPORT CONTROLS</b>
- Detailed information about STARTTLS configuration may be
+ Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> (empty)</b>
- The SMTP TLS security level for the Postfix SMTP
- server; when a non-empty value is specified, this
+ The SMTP TLS security level for the Postfix SMTP
+ server; when a non-empty value is specified, this
overrides the obsolete parameters <a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> and
<a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a>.
<b><a href="postconf.5.html#smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_secu</a>-</b>
<b><a href="postconf.5.html#smtpd_sasl_security_options">rity_options</a>)</b>
- The SASL authentication security options that the
- Postfix SMTP server uses for TLS encrypted SMTP
+ The SASL authentication security options that the
+ Postfix SMTP server uses for TLS encrypted SMTP
sessions.
<b><a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> (300s)</b>
- The time limit for Postfix SMTP server write and
- read operations during TLS startup and shutdown
+ The time limit for Postfix SMTP server write and
+ read operations during TLS startup and shutdown
handshake procedures.
<b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b>
- A file containing (PEM format) CA certificates of
- root CAs trusted to sign either remote SMTP client
+ A file containing (PEM format) CA certificates of
+ root CAs trusted to sign either remote SMTP client
certificates or intermediate CA certificates.
- <b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b>
- A file containing (PEM format) CA certificates of
- root CAs trusted to sign either remote SMTP client
- certificates or intermediate CA certificates.
+ <b><a href="postconf.5.html#smtpd_tls_CApath">smtpd_tls_CApath</a> (empty)</b>
+ A directory containing (PEM format) CA certificates
+ of root CAs trusted to sign either remote SMTP
+ client certificates or intermediate CA certifi-
+ cates.
<b><a href="postconf.5.html#smtpd_tls_always_issue_session_ids">smtpd_tls_always_issue_session_ids</a> (yes)</b>
Force the Postfix SMTP server to issue a TLS ses-
for a list of available macro names and their meanings.
.PP
This feature is available in Postfix 2.3 and later.
-.SH milter_protocol (default: 2)
+.SH milter_protocol (default: 6)
The mail filter protocol version and optional protocol extensions
-for communication with a Milter (mail filter) application. Postfix
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2. Postfix
sends this version number during the initial protocol handshake.
It should match the version number that is expected by the mail
filter application (or by its Milter library).
Protocol versions:
.IP "2"
Use Sendmail 8 mail filter protocol version 2 (default
-as of Sendmail version 8.11).
+with Sendmail version 8.11 .. 8.13 and Postfix version 2.3 ..
+2.5).
.IP "3"
Use Sendmail 8 mail filter protocol version 3.
.IP "4"
Use Sendmail 8 mail filter protocol version 4.
.IP "6"
Use Sendmail 8 mail filter protocol version 6 (default
-as of Sendmail version 8.14).
+with Sendmail version 8.14 and Postfix version 2.6).
.PP
Protocol extensions:
.IP "no_header_reply"
of how the policy is specified, the smtp_tls_mandatory_ciphers and
smtp_tls_mandatory_protocols parameters apply when TLS encryption
is mandatory. Connections for which encryption is optional typically
-enable all "export" grade and better ciphers and all SSL/TLS protocols
-(see smtp_tls_ciphers and smtp_tls_protocols).
+enable all "export" grade and better ciphers (see smtp_tls_ciphers
+and smtp_tls_protocols).
.PP
As long as no secure DNS lookup mechanism is available, false
hostnames in MX or CNAME responses can change the server hostname
configurations in environments where DNS security is not assured.
.PP
This feature is available in Postfix 2.3 and later.
-.SH smtp_tls_protocols (default: empty)
-List of TLS protocols that the Postfix SMTP client will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS.
+.SH smtp_tls_protocols (default: !SSLv2)
+List of TLS protocols that the Postfix SMTP client will exclude or
+include with opportunistic TLS encryption. Starting with Postfix 2.6,
+the Postfix SMTP client will by default not use the obsolete SSLv2
+protocol.
.PP
In main.cf the values are separated by whitespace, commas or
colons. In the policy table (see smtp_tls_policy_maps) the only valid
.nf
.na
.ft C
-smtp_tls_protocols = !SSLv2
+# TLSv1 only!
+smtp_tls_protocols = !SSLv2, !SSLv3
.fi
.ad
.ft R
# Opportunistic TLS.
smtp_tls_security_level = may
# Postfix >= 2.6:
-# Do not tweak opportunistic ciphers or protocols unless it is essential
+# Do not tweak opportunistic ciphers unless it is essential
# to do so (if a security vulnerability is found in the SSL library that
# can be mitigated by disabling a particular protocol or raising the
# cipher grade from "export" to "low" or "medium").
smtp_tls_ciphers = export
-smtp_tls_protocols =
+smtp_tls_protocols = !SSLv2
.fi
.ad
.ft R
.IP "\fBnon_smtpd_milters (empty)\fR"
A list of Milter (mail filter) applications for new mail that
does not arrive via the Postfix \fBsmtpd\fR(8) server.
-.IP "\fBmilter_protocol (2)\fR"
+.IP "\fBmilter_protocol (6)\fR"
The mail filter protocol version and optional protocol extensions
-for communication with a Milter (mail filter) application.
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2.
.IP "\fBmilter_default_action (tempfail)\fR"
The default action when a Milter (mail filter) application is
unavailable or mis-configured.
~\fIname\fR/.\fBforward\fR+\fIfoo\fR or in ~\fIname\fR/.\fBforward\fR,
to the mailbox owned by the user \fIname\fR, or it is sent back as
undeliverable.
-
-In all cases the \fBlocal\fR(8) daemon prepends an optional
-`\fBDelivered-To:\fR header line with the final recipient
-address.
.SH "DELIVERY RIGHTS"
.na
.nf
executes a command such as:
.sp
.nf
- command -f$sender -- $recipient (\fIbad\fR)
+ \fIWrong\fR: command -f$sender -- $recipient
.fi
.IP
the command will mis-parse the -f option value when the
specify \fB$sender\fR as an argument by itself:
.sp
.nf
- command -f $sender -- $recipient (\fIgood\fR)
+ \fIRight\fR: command -f $sender -- $recipient
.fi
.IP
This feature is available as of Postfix 2.3.
certificate fingerprints.
.PP
Available in Postfix version 2.6 and later:
-.IP "\fBsmtp_tls_protocols (empty)\fR"
-List of TLS protocols that the Postfix SMTP client will exclude
-or include with opportunistic TLS encryption.
+.IP "\fBsmtp_tls_protocols (!SSLv2)\fR"
+List of TLS protocols that the Postfix SMTP client will exclude or
+include with opportunistic TLS encryption.
.IP "\fBsmtp_tls_ciphers (export)\fR"
The minimum TLS cipher grade that the Postfix SMTP client
will use with opportunistic TLS encryption.
.IP "\fBsmtpd_milters (empty)\fR"
A list of Milter (mail filter) applications for new mail that
arrives via the Postfix \fBsmtpd\fR(8) server.
-.IP "\fBmilter_protocol (2)\fR"
+.IP "\fBmilter_protocol (6)\fR"
The mail filter protocol version and optional protocol extensions
-for communication with a Milter (mail filter) application.
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2.
.IP "\fBmilter_default_action (tempfail)\fR"
The default action when a Milter (mail filter) application is
unavailable or mis-configured.
A file containing (PEM format) CA certificates of root CAs trusted
to sign either remote SMTP client certificates or intermediate CA
certificates.
-.IP "\fBsmtpd_tls_CAfile (empty)\fR"
-A file containing (PEM format) CA certificates of root CAs trusted
-to sign either remote SMTP client certificates or intermediate CA
+.IP "\fBsmtpd_tls_CApath (empty)\fR"
+A directory containing (PEM format) CA certificates of root CAs
+trusted to sign either remote SMTP client certificates or intermediate CA
certificates.
.IP "\fBsmtpd_tls_always_issue_session_ids (yes)\fR"
Force the Postfix SMTP server to issue a TLS session id, even
is supposed to store its temporary files. </p>
<li> <p> Configure Postfix to deliver mail to the content filter
-with the pipe(8) delivery agent. </p>
+with the pipe(8) delivery agent (see the pipe(8) manpage for a
+description of the command syntax below). </p>
<pre>
/etc/postfix/master.cf:
# (yes) (yes) (yes) (never) (100)
# =============================================================
filter unix - n n - 10 pipe
- flags=Rq user=filter argv=/path/to/script -f ${sender} -- ${recipient}
+ flags=Rq user=filter null_sender=
+ argv=/path/to/script -f ${sender} -- ${recipient}
</pre>
<p> This runs up to 10 content filters in parallel. Instead of a
limit of 10 concurrent processes, use whatever process limit is
feasible for your machine. Content inspection software can gobble
up a lot of system resources, so you don't want to have too much
-of it running at the same time. </p>
+of it running at the same time. The empty null_sender setting is
+required with Postfix 2.3 and later. </p>
<li> <p> To turn on content filtering for mail arriving via SMTP
only, append "-o content_filter=filter:dummy" to the master.cf
<p> As Postfix is not built with the Sendmail libmilter library,
you may need to configure the Milter protocol version that Postfix
-should use. The default version is 2. Other protocol versions are
-3 and 4 (Postfix 2.3 and later), and 6 (Postfix 2.5 an later). </p>
+should use. The default version is 6 (before Postfix 2.6 the default
+version is 2). </p>
<blockquote>
<pre>
/etc/postfix/main.cf:
+ # Postfix ≥ 2.6
+ milter_protocol = 6
+ # 2.3 ≤ Postfix ≤ 2.5
milter_protocol = 2
</pre>
</blockquote>
<h3><a name="macros">Sendmail macro emulation</a></h3>
<p> Postfix emulates a limited number of Sendmail macros, as shown
-in the table. Different macros are available at different SMTP
+in the table. Some macro values depend on whether a recipient is
+rejected (rejected recipients are available on request by the Milter
+application). Different macros are available at different SMTP
protocol stages (EOH = end-of-header, EOM = end-of-message); their
availability is not
always the same as in Sendmail. See the <a
<tr> <td> {client_connections} </td> <td> CONNECT </td> <td>
Connection concurrency for this client </td> </tr>
-<tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname,
-"unknown" when lookup or verification fails </td> </tr>
+<tr> <td> {client_name} </td> <td> Always </td> <td> Client hostname
+<br> When address → name lookup or name → address
+verification fails: "unknown" </td> </tr>
<tr> <td> {client_port} </td> <td> Always (Postfix ≥2.5) </td>
<td> Client TCP port </td> </tr>
<tr> <td> {client_ptr} </td> <td> CONNECT, HELO, MAIL, DATA </td>
-<td> Client name from reverse lookup, "unknown" when lookup fails
-</td> </tr>
+<td> Client name from address → name lookup <br> When address
+→ name lookup fails: "unknown" </td> </tr>
<tr> <td> {cert_issuer} </td> <td> HELO, MAIL, DATA, EOH, EOM </td> <td>
TLS client certificate issuer </td> </tr>
<tr> <td> {mail_addr} </td> <td> MAIL </td> <td> Sender address
</td> </tr>
+<tr> <td> {mail_host} </td> <td> MAIL (Postfix ≥ 2.6) </td> <td>
+Sender next-hop destination </td> </tr>
+
+<tr> <td> {mail_mailer} </td> <td> MAIL (Postfix ≥ 2.6) </td>
+<td> Sender mail delivery transport </td> </tr>
+
<tr> <td> {rcpt_addr} </td> <td> RCPT </td> <td> Recipient address
-</td> </tr>
+<br> With rejected recipient: descriptive text </td> </tr>
+
+<tr> <td> {rcpt_host} </td> <td> RCPT (Postfix ≥ 2.6) </td> <td>
+Recipient next-hop destination <br> With rejected recpient: enhanced
+status code </td> </tr>
+
+<tr> <td> {rcpt_mailer} </td> <td> RCPT (Postfix ≥ 2.6) </td>
+<td> Recipient mail delivery transport <br> With rejected recipient:
+"error" </td> </tr>
-<tr> <td> {tls_version} </td> <td> HELO, MAIL, DATA, EOH, EOM </td> <td>
-TLS protocol version </td> </tr>
+<tr> <td> {tls_version} </td> <td> HELO, MAIL, DATA, EOH, EOM </td>
+<td> TLS protocol version </td> </tr>
<tr> <td> v </td> <td> Always </td> <td> value of milter_macro_v
</td> </tr>
<ul>
-<li> <p> Postfix version 2.3 introduces support for Sendmail 8
-milter protocol versions 2, 3 and 4; Postfix version 2.5 adds support
-for protocol version 6, which is available with Sendmail 8.14.
-Support for other protocol types or protocol versions may be added
-later. </p>
-
-<li> <p> For applications that are written in C, you need to use
-the Sendmail libmilter library. A Postfix replacement may be
-provided in the future. </p>
+<li> <p> For Milter applications that are written in C, you need
+to use the Sendmail libmilter library. </p>
<li> <p> There are TWO sets of mail filters: filters that are used
for SMTP mail only (specified with the smtpd_milters parameter),
parameter). The non-SMTP filters are primarily for local submissions.
</p>
+<ul>
+
<li> <p> When mail is filtered by non-SMTP filters, the Postfix
cleanup(8) server has to simulate the SMTP client CONNECT and
DISCONNECT events, and the SMTP client EHLO, MAIL FROM, RCPT TO and
Postfix will report a configuration error, and mail will stay in
the queue. </p>
+</ul>
+
<li> <p> Postfix currently does not apply content filters to mail
that is forwarded or aliased internally, or to mail that is generated
internally such as bounces or Postmaster notifications. This may
message header or body, and cannot make modifications to the message
or to the envelope. </p>
-<li> <p> Postfix 2.3 does not support Milter requests to replace
-the message body. Milter applications that request this unsupported
-operation will log a warning like this: </p>
+<li> <p> Postfix version 2.6 implements all Sendmail 8.14 Milter
+features, except it ignores the optional ESMTP command parameters
+with requests to replace the sender (SMFIR_CHGFROM), or to append
+a recipient (SMFIR_ADDRCPT_PAR). When a Milter application supplies
+ESMTP command parameters, these are logged as follows: </p>
+
+<pre>
+postfix/cleanup[40629]: warning: 100B22B3293: cleanup_chg_from: ignoring ESMTP arguments "<i>whatever</i>"
+</pre>
+
+<p> Specify "milter_protocol = 6" to enable all available Sendmail
+8.14 and earlier Milter features. </p>
+
+<li> <p> Postfix version 2.5 implements all Sendmail 8.14 Milter
+features except: SMFIP_RCPT_REJ (report rejected recipients to the
+mail filter), SMFIR_CHGFROM (replace sender, with optional ESMTP
+command parameters), and SMFIR_ADDRCPT_PAR (add recipient, with
+optional ESMTP command parameters). </p>
+
+<p> Specify "milter_protocol = 6" to enable all available Sendmail
+8.14 and earlier Milter features. </p>
+
+<li> <p> Postfix 2.4 implements all Sendmail 8.13 Milter features.
+</p>
+
+<p> Specify "milter_protocol = 4" to enable all available Sendmail
+8.13 and earlier Milter features. </p>
+
+<li> <p> Postfix 2.3 implements all Sendmail 8.13 Milter features
+except requests to replace the message body. Milter applications
+that request this unsupported operation will log a warning like
<blockquote>
<pre>
<p> The solution is to use Postfix version 2.4 or later. </p>
-<li> <p> Postfix version 2.5 implements the Sendmail 8.14 features
-except: SMFIP_RCPT_REJ (report rejected recipients to the mail
-filter), SMFIR_CHGFROM (replace sender, with optional ESMTP command
-parameters), and SMFIR_ADDRCPT_PAR (add recipient, with optional
-ESMTP command parameters).
+<p> Specify "milter_protocol = 4" to enable all available Sendmail
+8.13 and earlier Milter features. </p>
<li> <p> Most Milter configuration options are global. Future Postfix
versions may support per-Milter timeouts, per-Milter error handling,
again later). The end of the list is equivalent to a PERMIT result.
By placing a PERMIT restriction before a REJECT restriction you
can make exceptions for specific clients or users. This is called
-whitelisting; the last example above allows mail from local networks
-but otherwise rejects mail to arbitrary destinations. </p>
+whitelisting; the fourth example above allows mail from local
+networks but otherwise rejects mail to arbitrary destinations. </p>
<p> The table below summarizes the purpose of each SMTP access
restriction list. All lists use the exact same syntax; they differ
smtp_tls_mandatory_protocols = !SSLv2
# Also available with Postfix ≥ 2.6:
smtp_tls_ciphers = export
- smtp_tls_protocols =
+ smtp_tls_protocols = !SSLv2
</pre>
</blockquote>
of how the policy is specified, the smtp_tls_mandatory_ciphers and
smtp_tls_mandatory_protocols parameters apply when TLS encryption
is mandatory. Connections for which encryption is optional typically
-enable all "export" grade and better ciphers and all SSL/TLS protocols
-(see smtp_tls_ciphers and smtp_tls_protocols). </p>
+enable all "export" grade and better ciphers (see smtp_tls_ciphers
+and smtp_tls_protocols). </p>
<p> As long as no secure DNS lookup mechanism is available, false
hostnames in MX or CNAME responses can change the server hostname
# Opportunistic TLS.
smtp_tls_security_level = may
# Postfix ≥ 2.6:
-# Do not tweak opportunistic ciphers or protocols unless it is essential
+# Do not tweak opportunistic ciphers unless it is essential
# to do so (if a security vulnerability is found in the SSL library that
# can be mitigated by disabling a particular protocol or raising the
# cipher grade from "export" to "low" or "medium").
smtp_tls_ciphers = export
-smtp_tls_protocols =
+smtp_tls_protocols = !SSLv2
</pre>
<pre>
<p> This feature is available in Postfix 2.3 and later. </p>
-%PARAM milter_protocol 2
+%PARAM milter_protocol 6
<p> The mail filter protocol version and optional protocol extensions
-for communication with a Milter (mail filter) application. Postfix
+for communication with a Milter application; prior to Postfix 2.6
+the default protocol is 2. Postfix
sends this version number during the initial protocol handshake.
It should match the version number that is expected by the mail
filter application (or by its Milter library). </p>
<dl compact>
<dt>2</dt> <dd>Use Sendmail 8 mail filter protocol version 2 (default
-as of Sendmail version 8.11).</dd>
+with Sendmail version 8.11 .. 8.13 and Postfix version 2.3 ..
+2.5).</dd>
<dt>3</dt> <dd>Use Sendmail 8 mail filter protocol version 3.</dd>
<dt>4</dt> <dd>Use Sendmail 8 mail filter protocol version 4.</dd>
<dt>6</dt> <dd>Use Sendmail 8 mail filter protocol version 6 (default
-as of Sendmail version 8.14).</dd>
+with Sendmail version 8.14 and Postfix version 2.6).</dd>
</dl>
<p> This feature is available in Postfix 2.5 and later. </p>
-%PARAM smtp_tls_protocols
+%PARAM smtp_tls_protocols !SSLv2
-<p> List of TLS protocols that the Postfix SMTP client will exclude
-or include with opportunistic TLS encryption. This parameter SHOULD be
-left at its default empty value, allowing all protocols to be used with
-opportunistic TLS. </p>
+<p> List of TLS protocols that the Postfix SMTP client will exclude or
+include with opportunistic TLS encryption. Starting with Postfix 2.6,
+the Postfix SMTP client will by default not use the obsolete SSLv2
+protocol. </p>
<p> In main.cf the values are separated by whitespace, commas or
colons. In the policy table (see smtp_tls_policy_maps) the only valid
<p> Example: </p>
<pre>
-smtp_tls_protocols = !SSLv2
+# TLSv1 only!
+smtp_tls_protocols = !SSLv2, !SSLv3
</pre>
<p> This feature is available in Postfix 2.6 and later. </p>
postmaster = var_2bounce_rcpt;
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
postmaster,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
*/
else {
if ((bounce = post_mail_fopen_nowait(NULL_SENDER, recipient,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
postmaster = var_bounce_rcpt;
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
postmaster,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
count = -1;
} else {
verp_sender(verp_buf, verp_delims, recipient, rcpt);
if ((bounce = post_mail_fopen_nowait(NULL_SENDER, STR(verp_buf),
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
postmaster = var_bounce_rcpt;
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
postmaster,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
if (bounce_header(bounce, bounce_info, postmaster,
} else {
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
var_2bounce_rcpt,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
bounce_status = 0;
} else {
if ((bounce = post_mail_fopen_nowait(NULL_SENDER, orig_sender,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
*/
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
var_bounce_rcpt,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
if (bounce_header(bounce, bounce_info, var_bounce_rcpt,
* a new queue file.
*/
if ((bounce = post_mail_fopen_nowait(NULL_SENDER, recipient,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
count = -1;
postmaster = var_delay_rcpt;
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
postmaster,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
*/
else {
if ((bounce = post_mail_fopen_nowait(NULL_SENDER, recipient,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
postmaster = var_delay_rcpt;
if ((bounce = post_mail_fopen_nowait(mail_addr_double_bounce(),
postmaster,
- INT_FILT_BOUNCE,
+ INT_FILT_MASK_BOUNCE,
NULL_TRACE_FLAGS,
new_id)) != 0) {
count = -1;
cleanup_milter_test5 cleanup_milter_test6 cleanup_milter_test7 \
cleanup_milter_test8 cleanup_milter_test9 cleanup_milter_test10a \
cleanup_milter_test10b cleanup_milter_test10c cleanup_milter_test10d \
- cleanup_milter_test10e cleanup_milter_test11 cleanup_milter_test12
+ cleanup_milter_test10e cleanup_milter_test11 cleanup_milter_test12 \
+ cleanup_milter_test13a cleanup_milter_test13b cleanup_milter_test13c \
+ cleanup_milter_test13d
root_tests:
diff cleanup_milter.ref12 cleanup_milter.tmp
rm -f test-queue-file12.tmp cleanup_milter.tmp
+cleanup_milter_test13a: cleanup_milter test-queue-file13a cleanup_milter.in13a \
+ cleanup_milter.ref13a ../postcat/postcat
+ cp test-queue-file13a test-queue-file13a.tmp
+ chmod u+w test-queue-file13a.tmp
+ ./cleanup_milter <cleanup_milter.in13a
+ ../postcat/postcat -ov test-queue-file13a.tmp 2>/dev/null >cleanup_milter.tmp
+ diff cleanup_milter.ref13a cleanup_milter.tmp
+ rm -f test-queue-file13a.tmp cleanup_milter.tmp
+
+cleanup_milter_test13b: cleanup_milter test-queue-file13b cleanup_milter.in13b \
+ cleanup_milter.ref13b ../postcat/postcat
+ cp test-queue-file13b test-queue-file13b.tmp
+ chmod u+w test-queue-file13b.tmp
+ ./cleanup_milter <cleanup_milter.in13b
+ ../postcat/postcat -ov test-queue-file13b.tmp 2>/dev/null >cleanup_milter.tmp
+ diff cleanup_milter.ref13b cleanup_milter.tmp
+ rm -f test-queue-file13b.tmp cleanup_milter.tmp
+
+cleanup_milter_test13c: cleanup_milter test-queue-file13c cleanup_milter.in13c \
+ cleanup_milter.ref13c ../postcat/postcat
+ cp test-queue-file13c test-queue-file13c.tmp
+ chmod u+w test-queue-file13c.tmp
+ ./cleanup_milter <cleanup_milter.in13c
+ ../postcat/postcat -ov test-queue-file13c.tmp 2>/dev/null >cleanup_milter.tmp
+ diff cleanup_milter.ref13c cleanup_milter.tmp
+ rm -f test-queue-file13c.tmp cleanup_milter.tmp
+
+cleanup_milter_test13d: cleanup_milter test-queue-file13d cleanup_milter.in13d \
+ cleanup_milter.ref13d ../postcat/postcat
+ cp test-queue-file13d test-queue-file13d.tmp
+ chmod u+w test-queue-file13d.tmp
+ ./cleanup_milter <cleanup_milter.in13d
+ ../postcat/postcat -ov test-queue-file13d.tmp 2>/dev/null >cleanup_milter.tmp
+ diff cleanup_milter.ref13d cleanup_milter.tmp
+ rm -f test-queue-file13d.tmp cleanup_milter.tmp
+
depend: $(MAKES)
(sed '1,/^# do not edit/!d' Makefile.in; \
set -e; for i in [a-z][a-z0-9]*.c; do \
/* .IP "\fBnon_smtpd_milters (empty)\fR"
/* A list of Milter (mail filter) applications for new mail that
/* does not arrive via the Postfix \fBsmtpd\fR(8) server.
-/* .IP "\fBmilter_protocol (2)\fR"
+/* .IP "\fBmilter_protocol (6)\fR"
/* The mail filter protocol version and optional protocol extensions
-/* for communication with a Milter (mail filter) application.
+/* for communication with a Milter application; prior to Postfix 2.6
+/* the default protocol is 2.
/* .IP "\fBmilter_default_action (tempfail)\fR"
/* The default action when a Milter (mail filter) application is
/* unavailable or mis-configured.
off_t body_offset; /* start of body content */
off_t xtra_offset; /* start of extra segment */
off_t cont_length; /* length including Milter edits */
+ off_t sender_pt_offset; /* replace sender here */
+ off_t sender_pt_target; /* record after sender address */
off_t append_rcpt_pt_offset; /* append recipient here */
off_t append_rcpt_pt_target; /* target of above record */
off_t append_hdr_pt_offset; /* append header here */
state->errs |= CLEANUP_STAT_BAD;
return;
}
+ if (state->milters || cleanup_milters) {
+ /* Remember the sender record offset. */
+ if ((state->sender_pt_offset = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ }
cleanup_addr_sender(state, buf);
+ if (state->milters || cleanup_milters) {
+ /* Make room to replace sender. */
+ if (len < REC_TYPE_PTR_PAYL_SIZE)
+ rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
+ /* Remember the after-sender record offset. */
+ if ((state->sender_pt_target = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ }
if (cleanup_milters != 0
&& state->milters == 0
&& CLEANUP_MILTER_OK(state))
return (CLEANUP_OUT_OK(state) ? 0 : cleanup_milter_error(state, 0));
}
+/* cleanup_chg_from - replace sender address, ignore ESMTP arguments */
+
+static const char *cleanup_chg_from(void *context, const char *ext_from,
+ const char *esmtp_args)
+{
+ const char *myname = "cleanup_chg_from";
+ CLEANUP_STATE *state = (CLEANUP_STATE *) context;
+ off_t new_sender_offset;
+ int addr_count;
+ TOK822 *tree;
+ TOK822 *tp;
+ VSTRING *int_sender_buf;
+
+ if (msg_verbose)
+ msg_info("%s: \"%s\" \"%s\"", myname, ext_from, esmtp_args);
+
+ if (esmtp_args[0])
+ msg_warn("%s: %s: ignoring ESMTP arguments \"%.100s\"",
+ state->queue_id, myname, esmtp_args);
+
+ /*
+ * The cleanup server remembers the location of the the original sender
+ * address record (offset in sender_pt_offset) and the file offset of the
+ * record that follows the sender address (offset in sender_pt_target).
+ * Short original sender records are padded, so that they can safely be
+ * overwritten with a pointer record to the new sender address record.
+ */
+ if (state->sender_pt_offset < 0)
+ msg_panic("%s: no original sender record offset", myname);
+ if (state->sender_pt_target < 0)
+ msg_panic("%s: no post-sender record offset", myname);
+
+ /*
+ * Allocate space after the end of the queue file, and write the new
+ * sender record, followed by a reverse pointer record that points to the
+ * record that follows the original sender address record. No padding is
+ * needed for a "new" short sender record, since the record is not meant
+ * to be overwritten. When the "new" sender is replaced, we allocate a
+ * new record at the end of the queue file.
+ *
+ * We update the queue file in a safe manner: save the new sender after the
+ * end of the queue file, write the reverse pointer, and only then
+ * overwrite the old sender record with the forward pointer to the new
+ * sender.
+ */
+ if ((new_sender_offset = vstream_fseek(state->dst, (off_t) 0, SEEK_END)) < 0) {
+ msg_warn("%s: seek file %s: %m", myname, cleanup_path);
+ return (cleanup_milter_error(state, errno));
+ }
+
+ /*
+ * Transform the address from external form to internal form. This also
+ * removes the enclosing <>, if present.
+ *
+ * XXX vstring_alloc() rejects zero-length requests.
+ */
+ int_sender_buf = vstring_alloc(strlen(ext_from) + 1);
+ tree = tok822_parse(ext_from);
+ for (addr_count = 0, tp = tree; tp != 0; tp = tp->next) {
+ if (tp->type == TOK822_ADDR) {
+ if (addr_count == 0) {
+ tok822_internalize(int_sender_buf, tp->head, TOK822_STR_DEFL);
+ addr_count += 1;
+ } else {
+ msg_warn("%s: Milter request to add multi-sender: \"%s\"",
+ state->queue_id, ext_from);
+ break;
+ }
+ }
+ }
+ tok822_free_tree(tree);
+ cleanup_addr_sender(state, STR(int_sender_buf));
+ vstring_free(int_sender_buf);
+ cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
+ (long) state->sender_pt_target);
+
+ /*
+ * Overwrite the original sender record with the pointer to the new
+ * sender address record.
+ */
+ if (vstream_fseek(state->dst, state->sender_pt_offset, SEEK_SET) < 0) {
+ msg_warn("%s: seek file %s: %m", myname, cleanup_path);
+ return (cleanup_milter_error(state, errno));
+ }
+ cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
+ (long) new_sender_offset);
+
+ /*
+ * In case of error while doing record output.
+ */
+ return (CLEANUP_OUT_OK(state) ? 0 : cleanup_milter_error(state, 0));
+}
+
/* cleanup_add_rcpt - append recipient address */
static const char *cleanup_add_rcpt(void *context, const char *ext_rcpt)
return (CLEANUP_OUT_OK(state) ? 0 : cleanup_milter_error(state, 0));
}
+/* cleanup_add_rcpt_par - append recipient address, ignore ESMTP arguments */
+
+static const char *cleanup_add_rcpt_par(void *context, const char *ext_rcpt,
+ const char *esmtp_args)
+{
+ const char *myname = "cleanup_add_rcpt";
+ CLEANUP_STATE *state = (CLEANUP_STATE *) context;
+
+ if (esmtp_args[0])
+ msg_warn("%s: %s: ignoring ESMTP arguments \"%.100s\"",
+ state->queue_id, myname, esmtp_args);
+ return (cleanup_add_rcpt(context, ext_rcpt));
+}
+
/* cleanup_del_rcpt - remove recipient and all its expansions */
static const char *cleanup_del_rcpt(void *context, const char *ext_rcpt)
milter_edit_callback(state->milters,
cleanup_add_header, cleanup_upd_header,
cleanup_ins_header, cleanup_del_header,
- cleanup_add_rcpt, cleanup_del_rcpt,
+ cleanup_chg_from, cleanup_add_rcpt,
+ cleanup_add_rcpt_par, cleanup_del_rcpt,
cleanup_repl_body, (void *) state);
}
switch (resp[0]) {
case 'H':
/* XXX Should log the reason here. */
- if (state->flags & CLEANUP_FLAG_HOLD)
+ if (state->flags & CLEANUP_FLAG_HOLD)
return (0);
state->flags |= CLEANUP_FLAG_HOLD;
action = "milter-hold";
milter_edit_callback(milters,
cleanup_add_header, cleanup_upd_header,
cleanup_ins_header, cleanup_del_header,
- cleanup_add_rcpt, cleanup_del_rcpt,
+ cleanup_chg_from, cleanup_add_rcpt,
+ cleanup_add_rcpt_par, cleanup_del_rcpt,
cleanup_repl_body, (void *) state);
if (state->client_name == 0)
cleanup_milter_client_init(state);
vstring_strcpy(state->milter_ext_rcpt, addr);
argv[0] = STR(state->milter_ext_rcpt);
argv[1] = 0;
- if ((resp = milter_rcpt_event(milters, argv)) != 0
+ if ((resp = milter_rcpt_event(milters, MILTER_FLAG_NONE, argv)) != 0
&& cleanup_milter_apply(state, "RCPT", resp) != 0) {
msg_warn("%s: milter configuration error: can't reject recipient "
"in non-smtpd(8) submission", state->queue_id);
cleanup_path, STR(buf));
state->data_offset = data_offset;
state->xtra_offset = data_offset + msg_seg_len;
+ } else if (rec_type == REC_TYPE_FROM) {
+ state->sender_pt_offset = curr_offset;
+ if (LEN(buf) < REC_TYPE_PTR_PAYL_SIZE
+ && rec_get_raw(state->dst, buf, 0, REC_FLAG_NONE) != REC_TYPE_PTR)
+ msg_fatal("file %s: missing PTR record after short sender",
+ cleanup_path);
+ if ((state->sender_pt_target = vstream_ftell(state->dst)) < 0)
+ msg_fatal("file %s: missing END record", cleanup_path);
} else if (rec_type == REC_TYPE_PTR) {
if (state->data_offset < 0)
msg_fatal("file %s: missing SIZE record", cleanup_path);
int istty = isatty(vstream_fileno(VSTREAM_IN));
CLEANUP_STATE *state = cleanup_state_alloc((VSTREAM *) 0);
+ state->queue_id = mystrdup("NOQUEUE");
+
msg_vstream_init(argv[0], VSTREAM_ERR);
var_line_limit = DEF_LINE_LIMIT;
var_header_limit = DEF_HEADER_LIMIT;
} else {
cleanup_del_header(state, index, argv->argv[2]);
}
+ } else if (strcmp(argv->argv[0], "chg_from") == 0) {
+ if (argv->argc != 3) {
+ msg_warn("bad chg_from argument count: %d", argv->argc);
+ } else {
+ cleanup_chg_from(state, argv->argv[1], argv->argv[2]);
+ }
} else if (strcmp(argv->argv[0], "add_rcpt") == 0) {
if (argv->argc != 2) {
msg_warn("bad add_rcpt argument count: %d", argv->argc);
} else {
cleanup_add_rcpt(state, argv->argv[1]);
}
+ } else if (strcmp(argv->argv[0], "add_rcpt_par") == 0) {
+ if (argv->argc != 3) {
+ msg_warn("bad add_rcpt_par argument count: %d", argv->argc);
+ } else {
+ cleanup_add_rcpt_par(state, argv->argv[1], argv->argv[2]);
+ }
} else if (strcmp(argv->argv[0], "del_rcpt") == 0) {
if (argv->argc != 2) {
msg_warn("bad del_rcpt argument count: %d", argv->argc);
--- /dev/null
+#verbose on
+open test-queue-file13a.tmp
+
+# Add a recipient to a message that was received with "sendmail -t"
+# so that all the recipients are in the extracted queue file segment.
+
+add_rcpt_par me@porcupine.org esmtpstuff
+
+# Delete the recipient added above.
+
+del_rcpt me@porcupine.org
+
+# Add a new recipient, using a different address than above, so that
+# the duplicate filter won't suppress it.
+
+add_rcpt_par em@porcupine.org esmtpstuff
+
+# Delete the recipient.
+
+del_rcpt em@porcupine.org
+
+close
--- /dev/null
+#verbose on
+open test-queue-file13b.tmp
+
+# Change the sender.
+
+chg_from m@porcupine.org esmtpstuff
+
+close
--- /dev/null
+#verbose on
+open test-queue-file13c.tmp
+
+# Change the sender.
+
+chg_from m@porcupine.org esmtpstuff
+chg_from n@porcupine.org esmtpstuff
+
+close
--- /dev/null
+#verbose on
+open test-queue-file13d.tmp
+
+# Change the null sender, to test correct padding of short sender records.
+
+chg_from m@porcupine.org esmtpstuff
+chg_from n@porcupine.org esmtpstuff
+
+close
*** ENVELOPE RECORDS test-queue-file11.tmp ***
- 0 message_size: 358 480 1 0 358
- 81 message_arrival_time: Thu Jan 18 15:15:42 2007
- 100 create_time: Thu Jan 18 15:15:48 2007
+ 0 message_size: 366 605 1 0 366
+ 81 message_arrival_time: Mon Apr 27 20:41:30 2009
+ 100 create_time: Mon Apr 27 20:41:41 2009
124 named_attribute: rewrite_context=local
147 sender:
- 149 named_attribute: log_client_name=localhost
- 176 named_attribute: log_client_address=127.0.0.1
- 206 named_attribute: log_message_origin=localhost[127.0.0.1]
- 247 named_attribute: log_protocol_name=SMTP
- 271 named_attribute: client_name=localhost
- 294 named_attribute: reverse_client_name=localhost
- 325 named_attribute: client_address=127.0.0.1
- 351 named_attribute: client_address_type=2
- 374 named_attribute: dsn_orig_rcpt=rfc822;wietse@localhost
- 413 original_recipient: wietse@localhost
- 431 recipient: wietse@localhost.example.com
- 461 pointer_record: 0
- 478 *** MESSAGE CONTENTS test-queue-file11.tmp ***
- 480 regular_text: Received: from localhost (localhost [127.0.0.1])
- 530 regular_text: by foo.example.com (Postfix) with SMTP id 2ADF9290403
- 586 regular_text: for <wietse@localhost>; Thu, 18 Jan 2007 15:15:42 -0500 (EST)
- 650 regular_text: Message-Id: <20070118201548.2ADF9290403@foo.example.com>
- 708 regular_text: Date: Thu, 18 Jan 2007 15:15:42 -0500 (EST)
- 753 regular_text: From: MAILER-DAEMON
- 774 regular_text: To: undisclosed-recipients:;
- 804 pointer_record: 821
- 821 pointer_record: 842
- 842 regular_text:
- 844 regular_text: Sed ut perspiciatis unde omnis iste natus error sit voluptatem\r
- 909 regular_text: accusantium doloremque laudantium, totam rem aperiam, eaque ipsa\r
- 976 regular_text: quae ab illo inventore veritatis et quasi architecto beatae vitae\r
- 1044 regular_text: dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit\r
- 1113 regular_text: aspernatur aut odit aut fugit, sed quia consequuntur magni dolores\r
- 1182 regular_text: eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam\r
- 1248 regular_text: est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci\r
- 1316 regular_text: velit, sed quia non numquam eius modi tempora incidunt ut labore\r
- 1383 regular_text: et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima\r
- 1448 regular_text: veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam,\r
- 1522 regular_text: nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure\r
- 1591 regular_text: reprehenderit qui in ea voluptate velit esse quam nihil molestiae\r
- 1659 regular_text: consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla\r
- 1726 regular_text: pariatur?\r
- 1738 regular_text: \r
- 1741 regular_text: At vero eos et accusamus et iusto odio dignissimos ducimus qui\r
- 1806 regular_text: blanditiis praesentium voluptatum deleniti atque corrupti quos\r
- 1871 regular_text: dolores et quas molestias excepturi sint occaecati cupiditate non\r
- 1939 regular_text: provident, similique sunt in culpa qui officia deserunt mollitia\r
- 2006 regular_text: animi, id est laborum et dolorum fuga. Et harum quidem rerum facilis\r
- 2077 regular_text: est et expedita distinctio. Nam libero tempore, cum soluta nobis\r
- 2144 regular_text: est eligendi optio cumque nihil impedit quo minus id quod maxime\r
- 2211 regular_text: placeat facere possimus, omnis voluptas assumenda est, omnis dolor\r
- 2280 regular_text: repellendus. Temporibus autem quibusdam et aut officiis debitis aut\r
- 2350 regular_text: rerum necessitatibus saepe eveniet ut et voluptates repudiandae\r
- 2416 regular_text: sint et molestiae non recusandae. Itaque earum rerum hic tenetur a\r
- 2485 regular_text: sapiente delectus, ut aut reiciendis voluptatibus maiores alias\r
- 2551 regular_text: consequatur aut perferendis doloribus asperiores repellat.\r
- 2612 pointer_record: 838
- 838 *** HEADER EXTRACTED test-queue-file11.tmp ***
- 840 *** MESSAGE FILE END test-queue-file11.tmp ***
+ 149 pointer_record: 0
+ 164 named_attribute: log_client_name=localhost
+ 191 named_attribute: log_client_address=127.0.0.1
+ 221 named_attribute: log_client_port=51286
+ 244 named_attribute: log_message_origin=localhost[127.0.0.1]
+ 285 named_attribute: log_helo_name=localhost
+ 310 named_attribute: log_protocol_name=SMTP
+ 334 named_attribute: client_name=localhost
+ 357 named_attribute: reverse_client_name=localhost
+ 388 named_attribute: client_address=127.0.0.1
+ 414 named_attribute: client_port=51286
+ 433 named_attribute: helo_name=localhost
+ 454 named_attribute: protocol_name=SMTP
+ 474 named_attribute: client_address_type=2
+ 497 named_attribute: dsn_orig_rcpt=rfc822;wietse@localhost
+ 536 original_recipient: wietse@localhost
+ 554 recipient: wietse@localhost.porcupine.org
+ 586 pointer_record: 0
+ 603 *** MESSAGE CONTENTS test-queue-file11.tmp ***
+ 605 regular_text: Received: from localhost (localhost [127.0.0.1])
+ 655 regular_text: by hades.porcupine.org (Postfix) with SMTP id 382B12B3292
+ 715 regular_text: for <wietse@localhost>; Mon, 27 Apr 2009 20:41:30 -0400 (EDT)
+ 779 regular_text: Message-Id: <20090428004141.382B12B3292@hades.porcupine.org>
+ 841 regular_text: Date: Mon, 27 Apr 2009 20:41:30 -0400 (EDT)
+ 886 regular_text: From: MAILER-DAEMON
+ 907 regular_text: To: undisclosed-recipients:;
+ 937 pointer_record: 954
+ 954 pointer_record: 975
+ 975 regular_text:
+ 977 regular_text: Sed ut perspiciatis unde omnis iste natus error sit voluptatem\r
+ 1042 regular_text: accusantium doloremque laudantium, totam rem aperiam, eaque ipsa\r
+ 1109 regular_text: quae ab illo inventore veritatis et quasi architecto beatae vitae\r
+ 1177 regular_text: dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit\r
+ 1246 regular_text: aspernatur aut odit aut fugit, sed quia consequuntur magni dolores\r
+ 1315 regular_text: eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam\r
+ 1381 regular_text: est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci\r
+ 1449 regular_text: velit, sed quia non numquam eius modi tempora incidunt ut labore\r
+ 1516 regular_text: et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima\r
+ 1581 regular_text: veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam,\r
+ 1655 regular_text: nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure\r
+ 1724 regular_text: reprehenderit qui in ea voluptate velit esse quam nihil molestiae\r
+ 1792 regular_text: consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla\r
+ 1859 regular_text: pariatur?\r
+ 1871 regular_text: \r
+ 1874 regular_text: At vero eos et accusamus et iusto odio dignissimos ducimus qui\r
+ 1939 regular_text: blanditiis praesentium voluptatum deleniti atque corrupti quos\r
+ 2004 regular_text: dolores et quas molestias excepturi sint occaecati cupiditate non\r
+ 2072 regular_text: provident, similique sunt in culpa qui officia deserunt mollitia\r
+ 2139 regular_text: animi, id est laborum et dolorum fuga. Et harum quidem rerum facilis\r
+ 2210 regular_text: est et expedita distinctio. Nam libero tempore, cum soluta nobis\r
+ 2277 regular_text: est eligendi optio cumque nihil impedit quo minus id quod maxime\r
+ 2344 regular_text: placeat facere possimus, omnis voluptas assumenda est, omnis dolor\r
+ 2413 regular_text: repellendus. Temporibus autem quibusdam et aut officiis debitis aut\r
+ 2483 regular_text: rerum necessitatibus saepe eveniet ut et voluptates repudiandae\r
+ 2549 regular_text: sint et molestiae non recusandae. Itaque earum rerum hic tenetur a\r
+ 2618 regular_text: sapiente delectus, ut aut reiciendis voluptatibus maiores alias\r
+ 2684 regular_text: consequatur aut perferendis doloribus asperiores repellat.\r
+ 2745 pointer_record: 971
+ 971 *** HEADER EXTRACTED test-queue-file11.tmp ***
+ 973 *** MESSAGE FILE END test-queue-file11.tmp ***
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file13a.tmp ***
+ 0 message_size: 332 182 1 0 332
+ 81 message_arrival_time: Sun Jan 21 13:32:59 2007
+ 100 create_time: Sun Jan 21 13:33:08 2007
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: me@porcupine.org
+ 180 *** MESSAGE CONTENTS test-queue-file13a.tmp ***
+ 182 regular_text: Received: by hades.porcupine.org (Postfix, from userid 1001)
+ 244 regular_text: id DE040290405; Sun, 21 Jan 2007 13:33:08 -0500 (EST)
+ 300 regular_text: From: me@porcupine.org
+ 324 regular_text: To: you@porcupine.org
+ 347 regular_text: Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org>
+ 409 regular_text: Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT)
+ 454 regular_text: Subject: hey!
+ 469 padding: 0
+ 472 pointer_record: 0
+ 489 regular_text:
+ 491 regular_text: text
+ 497 pointer_record: 0
+ 514 *** HEADER EXTRACTED test-queue-file13a.tmp ***
+ 516 original_recipient: you@porcupine.org
+ 535 recipient: you@porcupine.org
+ 554 pointer_record: 573
+ 573 named_attribute: notify_flags=1
+ 589 original_recipient: me@porcupine.org
+ 607 canceled_recipient: me@porcupine.org
+ 625 pointer_record: 642
+ 642 named_attribute: notify_flags=1
+ 658 original_recipient: em@porcupine.org
+ 676 canceled_recipient: em@porcupine.org
+ 694 pointer_record: 571
+ 571 *** MESSAGE FILE END test-queue-file13a.tmp ***
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file13b.tmp ***
+ 0 message_size: 332 182 1 0 332
+ 81 message_arrival_time: Sun Jan 21 13:32:59 2007
+ 100 create_time: Sun Jan 21 13:33:08 2007
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 pointer_record: 573
+ 573 sender: m@porcupine.org
+ 590 pointer_record: 180
+ 180 *** MESSAGE CONTENTS test-queue-file13b.tmp ***
+ 182 regular_text: Received: by hades.porcupine.org (Postfix, from userid 1001)
+ 244 regular_text: id DE040290405; Sun, 21 Jan 2007 13:33:08 -0500 (EST)
+ 300 regular_text: From: me@porcupine.org
+ 324 regular_text: To: you@porcupine.org
+ 347 regular_text: Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org>
+ 409 regular_text: Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT)
+ 454 regular_text: Subject: hey!
+ 469 padding: 0
+ 472 pointer_record: 0
+ 489 regular_text:
+ 491 regular_text: text
+ 497 pointer_record: 0
+ 514 *** HEADER EXTRACTED test-queue-file13b.tmp ***
+ 516 original_recipient: you@porcupine.org
+ 535 recipient: you@porcupine.org
+ 554 pointer_record: 0
+ 571 *** MESSAGE FILE END test-queue-file13b.tmp ***
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file13c.tmp ***
+ 0 message_size: 332 182 1 0 332
+ 81 message_arrival_time: Sun Jan 21 13:32:59 2007
+ 100 create_time: Sun Jan 21 13:33:08 2007
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 pointer_record: 607
+ 607 sender: n@porcupine.org
+ 624 pointer_record: 180
+ 180 *** MESSAGE CONTENTS test-queue-file13c.tmp ***
+ 182 regular_text: Received: by hades.porcupine.org (Postfix, from userid 1001)
+ 244 regular_text: id DE040290405; Sun, 21 Jan 2007 13:33:08 -0500 (EST)
+ 300 regular_text: From: me@porcupine.org
+ 324 regular_text: To: you@porcupine.org
+ 347 regular_text: Message-Id: <20060725192735.5EC2D29013F@hades.porcupine.org>
+ 409 regular_text: Date: Tue, 25 Jul 2006 15:27:19 -0400 (EDT)
+ 454 regular_text: Subject: hey!
+ 469 padding: 0
+ 472 pointer_record: 0
+ 489 regular_text:
+ 491 regular_text: text
+ 497 pointer_record: 0
+ 514 *** HEADER EXTRACTED test-queue-file13c.tmp ***
+ 516 original_recipient: you@porcupine.org
+ 535 recipient: you@porcupine.org
+ 554 pointer_record: 0
+ 571 *** MESSAGE FILE END test-queue-file13c.tmp ***
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file13d.tmp ***
+ 0 message_size: 366 605 1 0 366
+ 81 message_arrival_time: Mon Apr 27 20:41:30 2009
+ 100 create_time: Mon Apr 27 20:41:41 2009
+ 124 named_attribute: rewrite_context=local
+ 147 pointer_record: 1009
+ 1009 sender: n@porcupine.org
+ 1026 pointer_record: 164
+ 164 named_attribute: log_client_name=localhost
+ 191 named_attribute: log_client_address=127.0.0.1
+ 221 named_attribute: log_client_port=51286
+ 244 named_attribute: log_message_origin=localhost[127.0.0.1]
+ 285 named_attribute: log_helo_name=localhost
+ 310 named_attribute: log_protocol_name=SMTP
+ 334 named_attribute: client_name=localhost
+ 357 named_attribute: reverse_client_name=localhost
+ 388 named_attribute: client_address=127.0.0.1
+ 414 named_attribute: client_port=51286
+ 433 named_attribute: helo_name=localhost
+ 454 named_attribute: protocol_name=SMTP
+ 474 named_attribute: client_address_type=2
+ 497 named_attribute: dsn_orig_rcpt=rfc822;wietse@localhost
+ 536 original_recipient: wietse@localhost
+ 554 recipient: wietse@localhost.porcupine.org
+ 586 pointer_record: 0
+ 603 *** MESSAGE CONTENTS test-queue-file13d.tmp ***
+ 605 regular_text: Received: from localhost (localhost [127.0.0.1])
+ 655 regular_text: by hades.porcupine.org (Postfix) with SMTP id 382B12B3292
+ 715 regular_text: for <wietse@localhost>; Mon, 27 Apr 2009 20:41:30 -0400 (EDT)
+ 779 regular_text: Message-Id: <20090428004141.382B12B3292@hades.porcupine.org>
+ 841 regular_text: Date: Mon, 27 Apr 2009 20:41:30 -0400 (EDT)
+ 886 regular_text: From: MAILER-DAEMON
+ 907 regular_text: To: undisclosed-recipients:;
+ 937 pointer_record: 0
+ 954 pointer_record: 0
+ 971 *** HEADER EXTRACTED test-queue-file13d.tmp ***
+ 973 *** MESSAGE FILE END test-queue-file13d.tmp ***
state->body_offset = -1;
state->xtra_offset = -1;
state->cont_length = 0;
+ state->sender_pt_offset = -1;
+ state->sender_pt_target = -1;
state->append_rcpt_pt_offset = -1;
state->append_rcpt_pt_target = -1;
state->append_hdr_pt_offset = -1;
static RCPT_BUF *rcpt_buf;
int rcpt_count;
int dsn_ret;
- int lock_tries;
/*
* Initialize. For some reason I wanted to allow for multiple instances
* duplicate deliveries when the queue is flushed immediately after queue
* manager restart.
*
+ * The queue manager locks the file exclusively when it enters the active
+ * queue, and releases the lock before starting deliveries from that
+ * file. The queue manager does not lock the file again when reading more
+ * recipients into memory. When the queue manager is restarted, the new
+ * process moves files from the active queue to the incoming queue to cool
+ * off for a while. Delivery agents should therefore never try to open a
+ * file that is locked by a queue manager process.
+ *
* Opening the queue file can fail for a variety of reasons, such as the
* system running out of resources. Instead of throwing away mail, we're
* raising a fatal error which forces the mail system to back off, and
}
if (msg_verbose)
msg_info("%s: file %s", myname, VSTREAM_PATH(request->fp));
-
- /*
- * XXX Originally, the queue manager would read new recipients AFTER all
- * the in-memory recipients were processed. either the queue manager held
- * an exclusive lock or delivery agents held a shared lock. Now we try a
- * few times.
- */
- for (lock_tries = 0; /* see below */; lock_tries++) {
- if (myflock(vstream_fileno(request->fp), INTERNAL_LOCK, DELIVER_LOCK_MODE) == 0)
- break;
- if (lock_tries < 5)
- sleep(1);
- else
- msg_fatal("shared lock %s: %m", VSTREAM_PATH(request->fp));
- }
+ if (myflock(vstream_fileno(request->fp), INTERNAL_LOCK, DELIVER_LOCK_MODE) < 0)
+ msg_fatal("shared lock %s: %m", VSTREAM_PATH(request->fp));
close_on_exec(vstream_fileno(request->fp), CLOSE_ON_EXEC);
return (0);
/* the internal_mail_filter_classes configuration parameter.
/*
/* Specify one of the following:
-/* .IP INT_FILT_NONE
+/* .IP INT_FILT_MASK_NONE
/* Mail that must be excluded from inspection (address probes, etc.).
-/* .IP INT_FILT_NOTIFY
+/* .IP INT_FILT_MASK_NOTIFY
/* Postmaster notifications from the smtpd(8) and smtp(8)
/* protocol adapters.
-/* .IP INT_FILT_BOUNCE
+/* .IP INT_FILT_MASK_BOUNCE
/* Delivery status notifications from the bounce(8) server.
/* DIAGNOSTICS
/* Fatal: invalid mail category name.
int int_filt_flags(int class)
{
static const NAME_MASK table[] = {
- "notify", INT_FILT_NOTIFY,
- "bounce", INT_FILT_BOUNCE,
+ INT_FILT_CLASS_NOTIFY, INT_FILT_MASK_NOTIFY,
+ INT_FILT_CLASS_BOUNCE, INT_FILT_MASK_BOUNCE,
0,
};
int filtered_classes = 0;
/*
* External interface.
*/
-#define INT_FILT_NONE (0)
-#define INT_FILT_NOTIFY (1<<1)
-#define INT_FILT_BOUNCE (1<<2)
+#define INT_FILT_MASK_NONE (0)
+#define INT_FILT_MASK_NOTIFY (1<<1)
+#define INT_FILT_MASK_BOUNCE (1<<2)
extern int int_filt_flags(int);
extern char *var_smtp_tls_policy;
#define VAR_SMTP_TLS_PROTO "smtp_tls_protocols"
-#define DEF_SMTP_TLS_PROTO ""
+#define DEF_SMTP_TLS_PROTO "!SSLv2"
#define VAR_LMTP_TLS_PROTO "lmtp_tls_protocols"
-#define DEF_LMTP_TLS_PROTO ""
+#define DEF_LMTP_TLS_PROTO "!SSLv2"
extern char *var_smtp_tls_proto;
#define VAR_SMTP_TLS_MAND_PROTO "smtp_tls_mandatory_protocols"
#define VAR_MILT_MAIL_MACROS "milter_mail_macros"
#define DEF_MILT_MAIL_MACROS "i {auth_type} {auth_authen}" \
- " {auth_author} {mail_addr}"
+ " {auth_author} {mail_addr}" \
+ " {mail_host} {mail_mailer}"
extern char *var_milt_mail_macros;
#define VAR_MILT_RCPT_MACROS "milter_rcpt_macros"
-#define DEF_MILT_RCPT_MACROS "i {rcpt_addr}"
+#define DEF_MILT_RCPT_MACROS "i {rcpt_addr} {rcpt_host}" \
+ " {rcpt_mailer}"
extern char *var_milt_rcpt_macros;
#define VAR_MILT_DATA_MACROS "milter_data_macros"
extern int var_milt_msg_time;
#define VAR_MILT_PROTOCOL "milter_protocol"
-#define DEF_MILT_PROTOCOL "2"
+#define DEF_MILT_PROTOCOL "6"
extern char *var_milt_protocol;
#define VAR_MILT_DEF_ACTION "milter_default_action"
* What internal mail do we inspect/stamp/etc.? This is not yet safe enough
* to enable world-wide.
*/
+#define INT_FILT_CLASS_NONE ""
+#define INT_FILT_CLASS_NOTIFY "notify"
+#define INT_FILT_CLASS_BOUNCE "bounce"
+
#define VAR_INT_FILT_CLASSES "internal_mail_filter_classes"
-#define DEF_INT_FILT_CLASSES ""
+#define DEF_INT_FILT_CLASSES INT_FILT_CLASS_NONE
extern char *var_int_filt_classes;
/*
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20090418"
-#define MAIL_VERSION_NUMBER "2.6.0-RC2"
+#define MAIL_RELEASE_DATE "20090428"
+#define MAIL_VERSION_NUMBER "2.6.0-RC3"
#ifdef SNAPSHOT
# define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
/* ~\fIname\fR/.\fBforward\fR+\fIfoo\fR or in ~\fIname\fR/.\fBforward\fR,
/* to the mailbox owned by the user \fIname\fR, or it is sent back as
/* undeliverable.
-/*
-/* In all cases the \fBlocal\fR(8) daemon prepends an optional
-/* `\fBDelivered-To:\fR header line with the final recipient
-/* address.
/* DELIVERY RIGHTS
/* .ad
/* .fi
/* void *mac_context;
/*
/* void milter_edit_callback(milters, add_header, upd_header,
-/* ins_header, del_header, add_rcpt,
-/* del_rcpt, repl_body, context)
+/* ins_header, del_header, chg_from,
+/* add_rcpt, add_rcpt_par, del_rcpt,
+/* repl_body, context)
/* MILTERS *milters;
/* MILTER_ADD_HEADER_FN add_header;
/* MILTER_EDIT_HEADER_FN upd_header;
/* MILTER_EDIT_HEADER_FN ins_header;
/* MILTER_DEL_HEADER_FN del_header;
+/* MILTER_EDIT_FROM_FN chg_from;
/* MILTER_EDIT_RCPT_FN add_rcpt;
+/* MILTER_EDIT_RCPT_PAR_FN add_rcpt_par;
/* MILTER_EDIT_RCPT_FN del_rcpt;
/* MILTER_EDIT_BODY_FN repl_body;
/* void *context;
/* MILTERS *milters;
/* const char **argv;
/*
-/* const char *milter_rcpt_event(milters, argv)
+/* const char *milter_rcpt_event(milters, flags, argv)
/* MILTERS *milters;
+/* int flags;
/* const char **argv;
/*
/* const char *milter_data_event(milters)
/*
/* The functions that inspect content or envelope commands
/* return either an SMTP reply ([45]XX followed by enhanced
-/* status code and text), "D" (discard), "H" (quarantine),
+/* status code and text), "D" (discard), "H" (quarantine),
/* "S" (shutdown connection), or a null pointer, which means
/* "no news is good news".
/*
/*
/* milter_rcpt_event() reports an RCPT TO event to the specified
/* milter instances, after sending the macros that were specified
-/* with the milter_create() rcpt_macros argument.
-/*
+/* with the milter_create() rcpt_macros argument. The flags
+/* argument supports the following:
+/* .IP MILTER_FLAG_WANT_RCPT_REJ
+/* When this flag is cleared, invoke all milters. When this
+/* flag is set, invoke only milters that want to receive
+/* rejected recipients; with Sendmail V8 Milters, {rcpt_mailer}
+/* is set to "error", {rcpt_host} is set to an enhanced status
+/* code, and {rcpt_addr} is set to descriptive text.
+/* .PP
/* milter_data_event() reports a DATA event to the specified
/* milter instances, after sending the macros that were specified
/* with the milter_create() data_macros argument.
MILTER_EDIT_HEADER_FN upd_header,
MILTER_EDIT_HEADER_FN ins_header,
MILTER_DEL_HEADER_FN del_header,
+ MILTER_EDIT_FROM_FN chg_from,
MILTER_EDIT_RCPT_FN add_rcpt,
+ MILTER_EDIT_RCPT_PAR_FN add_rcpt_par,
MILTER_EDIT_RCPT_FN del_rcpt,
MILTER_EDIT_BODY_FN repl_body,
void *chg_context)
milters->upd_header = upd_header;
milters->ins_header = ins_header;
milters->del_header = del_header;
+ milters->chg_from = chg_from;
milters->add_rcpt = add_rcpt;
+ milters->add_rcpt_par = add_rcpt_par;
milters->del_rcpt = del_rcpt;
milters->repl_body = repl_body;
milters->chg_context = chg_context;
/* milter_rcpt_event - report rcpt to event */
-const char *milter_rcpt_event(MILTERS *milters, const char **argv)
+const char *milter_rcpt_event(MILTERS *milters, int flags, const char **argv)
{
const char *resp;
MILTER *m;
ARGV *any_macros;
if (msg_verbose)
- msg_info("report recipient to all milters");
+ msg_info("report recipient to all milters (flags=0x%x)", flags);
for (resp = 0, m = milters->milter_list; resp == 0 && m != 0; m = m->next) {
- any_macros = MILTER_MACRO_EVAL(global_macros, m, milters, rcpt_macros);
- resp = m->rcpt_event(m, argv, any_macros);
- if (any_macros != global_macros)
- argv_free(any_macros);
+ if ((flags & MILTER_FLAG_WANT_RCPT_REJ) == 0
+ || (m->flags & MILTER_FLAG_WANT_RCPT_REJ) != 0) {
+ any_macros =
+ MILTER_MACRO_EVAL(global_macros, m, milters, rcpt_macros);
+ resp = m->rcpt_event(m, argv, any_macros);
+ if (any_macros != global_macros)
+ argv_free(any_macros);
+ }
}
if (global_macros)
argv_free(global_macros);
*/
typedef struct MILTER {
char *name; /* full name including transport */
+ int flags; /* see below */
struct MILTER *next; /* linkage */
struct MILTERS *parent; /* parent information */
struct MILTER_MACROS *macros; /* private macros */
void (*free) (struct MILTER *);
} MILTER;
+#define MILTER_FLAG_NONE (0)
+#define MILTER_FLAG_WANT_RCPT_REJ (1<<0) /* see S8_RCPT_MAILER_ERROR */
+
extern MILTER *milter8_create(const char *, int, int, int, const char *, const char *, struct MILTERS *);
extern MILTER *milter8_receive(VSTREAM *, struct MILTERS *);
typedef const char *(*MILTER_ADD_HEADER_FN) (void *, const char *, const char *, const char *);
typedef const char *(*MILTER_EDIT_HEADER_FN) (void *, ssize_t, const char *, const char *, const char *);
typedef const char *(*MILTER_DEL_HEADER_FN) (void *, ssize_t, const char *);
+typedef const char *(*MILTER_EDIT_FROM_FN) (void *, const char *, const char *);
typedef const char *(*MILTER_EDIT_RCPT_FN) (void *, const char *);
+typedef const char *(*MILTER_EDIT_RCPT_PAR_FN) (void *, const char *, const char *);
typedef const char *(*MILTER_EDIT_BODY_FN) (void *, int, VSTRING *);
typedef struct MILTERS {
MILTER_EDIT_HEADER_FN upd_header;
MILTER_DEL_HEADER_FN del_header;
MILTER_EDIT_HEADER_FN ins_header;
+ MILTER_EDIT_FROM_FN chg_from;
MILTER_EDIT_RCPT_FN add_rcpt;
+ MILTER_EDIT_RCPT_PAR_FN add_rcpt_par;
MILTER_EDIT_RCPT_FN del_rcpt;
MILTER_EDIT_BODY_FN repl_body;
} MILTERS;
extern void milter_macro_callback(MILTERS *, MILTER_MAC_LOOKUP_FN, void *);
extern void milter_edit_callback(MILTERS *milters, MILTER_ADD_HEADER_FN,
MILTER_EDIT_HEADER_FN, MILTER_EDIT_HEADER_FN,
- MILTER_DEL_HEADER_FN, MILTER_EDIT_RCPT_FN,
+ MILTER_DEL_HEADER_FN, MILTER_EDIT_FROM_FN,
+ MILTER_EDIT_RCPT_FN, MILTER_EDIT_RCPT_PAR_FN,
MILTER_EDIT_RCPT_FN, MILTER_EDIT_BODY_FN,
void *);
extern const char *milter_conn_event(MILTERS *, const char *, const char *, const char *, unsigned);
extern const char *milter_helo_event(MILTERS *, const char *, int);
extern const char *milter_mail_event(MILTERS *, const char **);
-extern const char *milter_rcpt_event(MILTERS *, const char **);
+extern const char *milter_rcpt_event(MILTERS *, int, const char **);
extern const char *milter_data_event(MILTERS *);
extern const char *milter_message(MILTERS *, VSTREAM *, off_t);
extern const char *milter_unknown_event(MILTERS *, const char *);
#define S8_MAC_RCPT_HOST "{rcpt_host}" /* recip nexthop */
#define S8_MAC_RCPT_ADDR "{rcpt_addr}" /* recip address */
+#define S8_RCPT_MAILER_ERROR "error" /* see MILTER_FLAG_WANT_RCPT_REJ */
+
/* LICENSE
/* .ad
/* .fi
#define MILTER8_V3_PROTO_MASK (MILTER8_V2_PROTO_MASK | SMFIP_NOUNKNOWN)
#define MILTER8_V4_PROTO_MASK (MILTER8_V3_PROTO_MASK | SMFIP_NODATA)
#define MILTER8_V6_PROTO_MASK \
- (MILTER8_V4_PROTO_MASK | SMFIP_SKIP /* | SMFIP_RCPT_REJ */ \
+ (MILTER8_V4_PROTO_MASK | SMFIP_SKIP | SMFIP_RCPT_REJ \
| SMFIP_NOREPLY_MASK | SMFIP_HDR_LEADSPC)
/*
STR(milter->body));
continue;
+ /*
+ * Modification request: replace sender, with optional
+ * ESMTP args.
+ */
+ case SMFIR_CHGFROM:
+ if (milter8_read_data(milter, &data_size,
+ MILTER8_DATA_STRING, milter->buf,
+ MILTER8_DATA_MORE) != 0)
+ MILTER8_EVENT_BREAK(milter->def_reply);
+ if (data_size > 0) {
+ if (milter8_read_data(milter, &data_size,
+ MILTER8_DATA_STRING, milter->body,
+ MILTER8_DATA_END) != 0)
+ MILTER8_EVENT_BREAK(milter->def_reply);
+ } else
+ STR(milter->body)[0] = 0;
+ /* Skip to the next request after previous edit error. */
+ if (edit_resp)
+ continue;
+ edit_resp = parent->chg_from(parent->chg_context,
+ STR(milter->buf),
+ STR(milter->body));
+ continue;
+
/*
* Modification request: append recipient.
*/
STR(milter->buf));
continue;
+ /*
+ * Modification request: append recipient, with optional
+ * ESMTP args.
+ */
+ case SMFIR_ADDRCPT_PAR:
+ if (milter8_read_data(milter, &data_size,
+ MILTER8_DATA_STRING, milter->buf,
+ MILTER8_DATA_MORE) != 0)
+ MILTER8_EVENT_BREAK(milter->def_reply);
+ if (data_size > 0) {
+ if (milter8_read_data(milter, &data_size,
+ MILTER8_DATA_STRING, milter->body,
+ MILTER8_DATA_END) != 0)
+ MILTER8_EVENT_BREAK(milter->def_reply);
+ } else
+ STR(milter->body)[0] = 0;
+ /* Skip to the next request after previous edit error. */
+ if (edit_resp)
+ continue;
+ edit_resp = parent->add_rcpt_par(parent->chg_context,
+ STR(milter->buf),
+ STR(milter->body));
+ continue;
+
/*
* Modification request: delete (expansion of) recipient.
*/
| SMFIF_DELRCPT | SMFIF_CHGHDRS
| SMFIF_CHGBODY
| SMFIF_QUARANTINE
-#if 0
| SMFIF_CHGFROM
| SMFIF_ADDRCPT_PAR
-#endif
| SMFIF_SETSYMLIST
);
UINT32_TYPE my_version = 0;
(void) milter8_comm_error(milter);
return;
}
+ if (milter->ev_mask & SMFIP_RCPT_REJ)
+ milter->m.flags |= MILTER_FLAG_WANT_RCPT_REJ;
/*
* Initial negotiations completed.
*/
milter = (MILTER8 *) mymalloc(sizeof(*milter));
milter->m.name = mystrdup(name);
+ milter->m.flags = 0;
milter->m.next = 0;
milter->m.parent = parent;
milter->m.macros = 0;
/* .IP "\fB-A address\fR"
/* Add the specified recipient address. Multiple -A options
/* are supported.
-/* .IP "\fB-d\fI level\fR"
-/* Enable libmilter debugging at the specified level.
+/* .IP "\fB-b pathname
+/* Replace the message body by the content of the specified file.
/* .IP "\fB-c connect|helo|mail|rcpt|data|header|eoh|body|eom|unknown|close|abort\fR"
/* When to send the non-default reply specified with \fB-a\fR.
/* The default protocol stage is \fBconnect\fR.
/* .IP "\fB-C\fI count\fR"
/* Terminate after \fIcount\fR connections.
+/* .IP "\fB-d\fI level\fR"
+/* Enable libmilter debugging at the specified level.
+/* .IP "\fB-f \fIsender\fR
+/* Replace the sender by the specified address.
+/* .IP "\fB-h \fI'index header-label header-value'\fR"
+/* Replace the message header at the specified position.
/* .IP "\fB-i \fI'index header-label header-value'\fR"
/* Insert header at specified position.
/* .IP "\fB-l\fR"
/* The event for which the filter will not reply.
/* .IP "\fB-p inet:\fIport\fB@\fIhost\fB|unix:\fIpathname\fR"
/* The mail filter listen endpoint.
-/* .IP "\fB-r \fI'index header-label header-value'\fR"
-/* Replace the message header at the specified position.
-/* .IP "\fB-R pathname
-/* Replace the message body by the content of the specified file.
+/* .IP "\fB-r\fR"
+/* Request rejected recipients from the MTA.
/* .IP "\fB-v\fR"
/* Make the program more verbose.
/* LICENSE
static char *reply_dsn;
static char *reply_message;
+#ifdef SMFIR_CHGFROM
+static char *chg_from;
+
+#endif
+
#ifdef SMFIR_INSHEADER
static char *ins_hdr;
static int ins_idx;
int rcpt_count = 0;
char *rcpt_addr[MAX_RCPT];
+static const char *macro_names[] = {
+ "_",
+ "i",
+ "j",
+ "v",
+ "{auth_authen}",
+ "{auth_author}",
+ "{auth_type}",
+ "{cert_issuer}",
+ "{cert_subject}",
+ "{cipher}",
+ "{cipher_bits}",
+ "{client_addr}",
+ "{client_connections}",
+ "{client_name}",
+ "{client_port}",
+ "{client_ptr}",
+ "{client_resolve}",
+ "{daemon_name}",
+ "{if_addr}",
+ "{if_name}",
+ "{mail_addr}",
+ "{mail_host}",
+ "{mail_mailer}",
+ "{rcpt_addr}",
+ "{rcpt_host}",
+ "{rcpt_mailer}",
+ "{tls_version}",
+ 0,
+};
+
static int test_reply(SMFICTX *ctx, int code)
{
- (void) fflush(stdout); /* In case output redirected. */
+ const char **cpp;
+ const char *symval;
+
+ for (cpp = macro_names; *cpp; cpp++)
+ if ((symval = smfi_getsymval(ctx, (char *) *cpp)) != 0)
+ printf("macro: %s=\"%s\"\n", *cpp, symval);
+ (void) fflush(stdout); /* In case output redirected. */
if (code == SMFIR_REPLYCODE) {
if (smfi_setmlreply(ctx, reply_code, reply_dsn, reply_message, reply_message, (char *) 0) == MI_FAILURE)
}
}
#endif
+#ifdef SMFIR_CHGFROM
+ if (chg_from != 0 && smfi_chgfrom(ctx, chg_from, "whatever") == MI_FAILURE)
+ fprintf(stderr, "smfi_chgfrom failed\n");
+ else
+ printf("smfi_chgfrom OK\n");
+#endif
#ifdef SMFIR_INSHEADER
if (ins_hdr && smfi_insheader(ctx, ins_idx, ins_hdr, ins_val) == MI_FAILURE)
fprintf(stderr, "smfi_insheader failed\n");
{
"test-milter",
SMFI_VERSION,
- SMFIF_ADDRCPT | SMFIF_DELRCPT | SMFIF_ADDHDRS | SMFIF_CHGHDRS | SMFIF_CHGBODY,
+ SMFIF_ADDRCPT | SMFIF_DELRCPT | SMFIF_ADDHDRS | SMFIF_CHGHDRS | SMFIF_CHGBODY | SMFIF_CHGFROM,
test_connect,
test_helo,
test_mail,
char *noreply = 0;
const struct noproto_map *np;
- while ((ch = getopt(argc, argv, "a:A:c:C:d:i:lm:M:n:N:p:r:R:v")) > 0) {
+ while ((ch = getopt(argc, argv, "a:A:b:c:C:d:f:h:i:lm:M:n:N:p:rv")) > 0) {
switch (ch) {
case 'a':
action = optarg;
}
rcpt_addr[rcpt_count++] = optarg;
break;
+ case 'b':
+#ifdef SMFIR_REPLBODY
+ if (body_file) {
+ fprintf(stderr, "too many -b options\n");
+ exit(1);
+ }
+ body_file = optarg;
+#else
+ fprintf(stderr, "no libmilter support to replace body\n");
+#endif
+ break;
case 'c':
command = optarg;
break;
exit(1);
}
break;
+ case 'f':
+#ifdef SMFIR_CHGFROM
+ if (chg_from) {
+ fprintf(stderr, "too many -f options\n");
+ exit(1);
+ }
+ chg_from = optarg;
+#else
+ fprintf(stderr, "no libmilter support to change sender\n");
+ exit(1);
+#endif
+ break;
+ case 'h':
+#ifdef SMFIR_CHGHEADER
+ if (chg_hdr) {
+ fprintf(stderr, "too many -h options\n");
+ exit(1);
+ }
+ parse_hdr_info(optarg, &chg_idx, &chg_hdr, &chg_val);
+#else
+ fprintf(stderr, "no libmilter support to change header\n");
+ exit(1);
+#endif
+ break;
case 'i':
#ifdef SMFIR_INSHEADER
if (ins_hdr) {
}
break;
case 'r':
-#ifdef SMFIR_CHGHEADER
- if (chg_hdr) {
- fprintf(stderr, "too many -r options\n");
- exit(1);
- }
- parse_hdr_info(optarg, &chg_idx, &chg_hdr, &chg_val);
+#ifdef SMFIP_RCPT_REJ
+ misc_mask |= SMFIP_RCPT_REJ;
#else
- fprintf(stderr, "no libmilter support to change header\n");
- exit(1);
+ fprintf(stderr, "no libmilter support for rejected recipients\n");
#endif
break;
case 'v':
case 'C':
conn_count = atoi(optarg);
break;
-#ifdef SMFIR_REPLBODY
- case 'R':
- if (body_file) {
- fprintf(stderr, "too many -R options\n");
- exit(1);
- }
- body_file = optarg;
-#endif
- break;
default:
fprintf(stderr,
"usage: %s [-dv] \n"
"\t[-a action] non-default action\n"
+ "\t[-b body_text] replace body\n",
"\t[-c command] non-default action trigger\n"
+ "\t[-h 'index label value'] replace header\n"
"\t[-i 'index label value'] insert header\n"
"\t[-m macro_state] non-default macro state\n"
"\t[-M macro_list] non-default macro list\n"
"\t[-n events] don't receive these events\n"
"\t[-N events] don't reply to these events\n"
"\t-p port milter application\n"
- "\t[-r 'index label value'] replace header\n"
+ "\t-r request rejected recipients\n"
"\t[-C conn_count] when to exit\n",
- "\t[-R body_text] replace body\n",
argv[0]);
exit(1);
}
/* executes a command such as:
/* .sp
/* .nf
-/* command -f$sender -- $recipient (\fIbad\fR)
+/* \fIWrong\fR: command -f$sender -- $recipient
/* .fi
/* .IP
/* the command will mis-parse the -f option value when the
/* specify \fB$sender\fR as an argument by itself:
/* .sp
/* .nf
-/* command -f $sender -- $recipient (\fIgood\fR)
+/* \fIRight\fR: command -f $sender -- $recipient
/* .fi
/* .IP
/* This feature is available as of Postfix 2.3.
signal(SIGINT, postdrop_sig);
signal(SIGQUIT, postdrop_sig);
- signal(SIGTERM, postdrop_sig);
+ if (signal(SIGTERM, SIG_IGN) == SIG_DFL)
+ signal(SIGTERM, postdrop_sig);
if (signal(SIGHUP, SIG_IGN) == SIG_DFL)
signal(SIGHUP, postdrop_sig);
msg_cleanup(postdrop_cleanup);
/*
* This commands requires root privileges. We therefore do not worry
* about hostile signals, and report problems via msg_warn().
+ *
+ * We use the in-kernel SIGINT handler address as an atomic variable to
+ * prevent nested interrupted() calls. For this reason, main() must
+ * configure interrupted() as SIGINT handler before other signal handlers
+ * are allowed to invoke interrupted(). See also similar code in
+ * postdrop.
*/
- if (signal(SIGHUP, SIG_IGN) != SIG_IGN) {
- (void) signal(SIGINT, SIG_IGN);
+ if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
(void) signal(SIGQUIT, SIG_IGN);
(void) signal(SIGTERM, SIG_IGN);
+ (void) signal(SIGHUP, SIG_IGN);
if (inode_mismatch > 0 || inode_fixed > 0 || position_mismatch > 0)
msg_warn("OPERATION INCOMPLETE -- RERUN COMMAND TO FIX THE QUEUE FIRST");
if (sig)
*
* Set up signal handlers after permanently dropping super-user privileges,
* so that signal handlers will always run with the correct privileges.
+ *
+ * XXX Don't enable SIGHUP or SIGTERM if it was ignored by the parent.
+ *
+ * interrupted() uses the in-kernel SIGINT handler address as an atomic
+ * variable to prevent nested interrupted() calls. For this reason, the
+ * SIGINT handler must be configured before other signal handlers are
+ * allowed to invoke interrupted(). See also similar code in postdrop.
*/
- signal(SIGHUP, interrupted);
signal(SIGINT, interrupted);
signal(SIGQUIT, interrupted);
- signal(SIGTERM, interrupted);
+ if (signal(SIGTERM, SIG_IGN) == SIG_DFL)
+ signal(SIGTERM, interrupted);
+ if (signal(SIGHUP, SIG_IGN) == SIG_DFL)
+ signal(SIGHUP, interrupted);
msg_cleanup(fatal_warning);
/*
/* certificate fingerprints.
/* .PP
/* Available in Postfix version 2.6 and later:
-/* .IP "\fBsmtp_tls_protocols (empty)\fR"
-/* List of TLS protocols that the Postfix SMTP client will exclude
-/* or include with opportunistic TLS encryption.
+/* .IP "\fBsmtp_tls_protocols (!SSLv2)\fR"
+/* List of TLS protocols that the Postfix SMTP client will exclude or
+/* include with opportunistic TLS encryption.
/* .IP "\fBsmtp_tls_ciphers (export)\fR"
/* The minimum TLS cipher grade that the Postfix SMTP client
/* will use with opportunistic TLS encryption.
notice = post_mail_fopen_nowait(mail_addr_double_bounce(),
var_error_rcpt,
- INT_FILT_NOTIFY,
+ INT_FILT_MASK_NOTIFY,
NULL_TRACE_FLAGS, NO_QUEUE_ID);
if (notice == 0) {
msg_warn("postmaster notify: %m");
* XXX Don't downgrade just because generic_maps is turned
* on.
*/
- if (downgrading || smtp_generic_maps || smtp_header_checks
- || smtp_body_checks)
+#define SMTP_ANY_CHECKS (smtp_header_checks || smtp_body_checks)
+
+ if (downgrading || smtp_generic_maps || SMTP_ANY_CHECKS)
session->mime_state = mime_state_alloc(downgrading ?
MIME_OPT_DOWNGRADE
| MIME_OPT_REPORT_NESTING :
- MIME_OPT_DISABLE_MIME,
+ SMTP_ANY_CHECKS == 0 ?
+ MIME_OPT_DISABLE_MIME :
+ 0,
smtp_generic_maps
|| smtp_header_checks ?
smtp_header_rewrite :
SHELL = /bin/sh
SRCS = smtpd.c smtpd_token.c smtpd_check.c smtpd_chat.c smtpd_state.c \
smtpd_peer.c smtpd_sasl_proto.c smtpd_sasl_glue.c smtpd_proxy.c \
- smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c
+ smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c smtpd_resolve.c
OBJS = smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o \
smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o \
- smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o
+ smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o
HDRS = smtpd_token.h smtpd_check.h smtpd_chat.h smtpd_sasl_proto.h \
- smtpd_sasl_glue.h smtpd_proxy.h smtpd_dsn_fix.h smtpd_milter.h
+ smtpd_sasl_glue.h smtpd_proxy.h smtpd_dsn_fix.h smtpd_milter.h \
+ smtpd_resolve.h
TESTSRC = smtpd_token_test.c
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
CFLAGS = $(DEBUG) $(OPT) $(DEFS)
../../libexec/$(PROG): $(PROG)
cp $(PROG) ../../libexec
-SMTPD_CHECK_OBJ = smtpd_state.o smtpd_peer.o smtpd_xforward.o smtpd_dsn_fix.o
+SMTPD_CHECK_OBJ = smtpd_state.o smtpd_peer.o smtpd_xforward.o smtpd_dsn_fix.o \
+ smtpd_resolve.o
smtpd_token: smtpd_token.c $(LIBS)
$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIBS) $(SYSLIBS)
smtpd.o: ../../include/quote_822_local.h
smtpd.o: ../../include/quote_flags.h
smtpd.o: ../../include/rec_type.h
+smtpd.o: ../../include/recipient_list.h
smtpd.o: ../../include/record.h
smtpd.o: ../../include/resolve_clnt.h
smtpd.o: ../../include/smtp_stream.h
smtpd_check.o: smtpd_check.c
smtpd_check.o: smtpd_check.h
smtpd_check.o: smtpd_dsn_fix.h
+smtpd_check.o: smtpd_resolve.h
smtpd_check.o: smtpd_sasl_glue.h
smtpd_dsn_fix.o: ../../include/msg.h
smtpd_dsn_fix.o: ../../include/sys_defs.h
smtpd_milter.o: ../../include/name_mask.h
smtpd_milter.o: ../../include/quote_821_local.h
smtpd_milter.o: ../../include/quote_flags.h
+smtpd_milter.o: ../../include/resolve_clnt.h
smtpd_milter.o: ../../include/sys_defs.h
smtpd_milter.o: ../../include/tls.h
smtpd_milter.o: ../../include/vbuf.h
smtpd_milter.o: smtpd.h
smtpd_milter.o: smtpd_milter.c
smtpd_milter.o: smtpd_milter.h
+smtpd_milter.o: smtpd_resolve.h
smtpd_milter.o: smtpd_sasl_glue.h
smtpd_peer.o: ../../include/argv.h
smtpd_peer.o: ../../include/attr.h
smtpd_proxy.o: smtpd.h
smtpd_proxy.o: smtpd_proxy.c
smtpd_proxy.o: smtpd_proxy.h
+smtpd_resolve.o: ../../include/attr.h
+smtpd_resolve.o: ../../include/ctable.h
+smtpd_resolve.o: ../../include/iostuff.h
+smtpd_resolve.o: ../../include/mail_proto.h
+smtpd_resolve.o: ../../include/msg.h
+smtpd_resolve.o: ../../include/mymalloc.h
+smtpd_resolve.o: ../../include/resolve_clnt.h
+smtpd_resolve.o: ../../include/rewrite_clnt.h
+smtpd_resolve.o: ../../include/stringops.h
+smtpd_resolve.o: ../../include/sys_defs.h
+smtpd_resolve.o: ../../include/vbuf.h
+smtpd_resolve.o: ../../include/vstream.h
+smtpd_resolve.o: ../../include/vstring.h
+smtpd_resolve.o: smtpd_resolve.c
+smtpd_resolve.o: smtpd_resolve.h
smtpd_sasl_glue.o: ../../include/argv.h
smtpd_sasl_glue.o: ../../include/attr.h
smtpd_sasl_glue.o: ../../include/mail_params.h
/* .IP "\fBsmtpd_milters (empty)\fR"
/* A list of Milter (mail filter) applications for new mail that
/* arrives via the Postfix \fBsmtpd\fR(8) server.
-/* .IP "\fBmilter_protocol (2)\fR"
+/* .IP "\fBmilter_protocol (6)\fR"
/* The mail filter protocol version and optional protocol extensions
-/* for communication with a Milter (mail filter) application.
+/* for communication with a Milter application; prior to Postfix 2.6
+/* the default protocol is 2.
/* .IP "\fBmilter_default_action (tempfail)\fR"
/* The default action when a Milter (mail filter) application is
/* unavailable or mis-configured.
/* A file containing (PEM format) CA certificates of root CAs trusted
/* to sign either remote SMTP client certificates or intermediate CA
/* certificates.
-/* .IP "\fBsmtpd_tls_CAfile (empty)\fR"
-/* A file containing (PEM format) CA certificates of root CAs trusted
-/* to sign either remote SMTP client certificates or intermediate CA
+/* .IP "\fBsmtpd_tls_CApath (empty)\fR"
+/* A directory containing (PEM format) CA certificates of root CAs
+/* trusted to sign either remote SMTP client certificates or intermediate CA
/* certificates.
/* .IP "\fBsmtpd_tls_always_issue_session_ids (yes)\fR"
/* Force the Postfix SMTP server to issue a TLS session id, even
const char *dsn_orcpt_type = 0;
int dsn_notify = 0;
const char *coded_addr;
+ const char *milter_err;
/*
* Sanity checks.
return (-1);
}
if (SMTPD_STAND_ALONE(state) == 0) {
- if ((err = smtpd_check_rcpt(state, STR(state->addr_buf))) != 0) {
- smtpd_chat_reply(state, "%s", err);
- return (-1);
- }
+ err = smtpd_check_rcpt(state, STR(state->addr_buf));
if (smtpd_milters != 0
&& (state->saved_flags & MILTER_SKIP_FLAGS) == 0) {
PUSH_STRING(saved_rcpt, state->recipient, STR(state->addr_buf));
- err = milter_rcpt_event(smtpd_milters,
+ state->milter_reject_text = err;
+ milter_err = milter_rcpt_event(smtpd_milters,
+ err == 0 ? MILTER_FLAG_NONE :
+ MILTER_FLAG_WANT_RCPT_REJ,
milter_argv(state, argc - 2, argv + 2));
- if (err != 0) {
+ if (err == 0 && milter_err != 0) {
/* Log reject etc. with correct recipient information. */
- err = check_milter_reply(state, err);
+ err = check_milter_reply(state, milter_err);
}
POP_STRING(saved_rcpt, state->recipient);
- if (err != 0) {
- smtpd_chat_reply(state, "%s", err);
- return (-1);
- }
+ }
+ if (err != 0) {
+ smtpd_chat_reply(state, "%s", err);
+ return (-1);
}
}
/*
* Milter support.
*/
- const char **milter_argv;
- ssize_t milter_argc;
+ const char **milter_argv; /* SMTP command vector */
+ ssize_t milter_argc; /* SMTP command vector */
+ const char *milter_reject_text; /* input to call-back from Milter */
} SMTPD_STATE;
#define SMTPD_FLAG_HANGUP (1<<0) /* 421/521 disconnect */
notice = post_mail_fopen_nowait(mail_addr_double_bounce(),
var_error_rcpt,
- INT_FILT_NOTIFY,
+ INT_FILT_MASK_NOTIFY,
NULL_TRACE_FLAGS, NO_QUEUE_ID);
if (notice == 0) {
msg_warn("postmaster notify: %m");
#include "smtpd_sasl_glue.h"
#include "smtpd_check.h"
#include "smtpd_dsn_fix.h"
+#include "smtpd_resolve.h"
#define RESTRICTION_SEPARATORS ", \t\r\n"
* memory manager routines.
*/
static VSTRING *error_text;
-static CTABLE *smtpd_resolve_cache;
static CTABLE *smtpd_rbl_cache;
/*
const char *txt; /* randomly selected trimmed TXT rr */
} SMTPD_RBL_EXPAND_CONTEXT;
-/* resolve_pagein - page in an address resolver result */
-
-static void *resolve_pagein(const char *addr, void *unused_context)
-{
- static VSTRING *query;
- RESOLVE_REPLY *reply;
-
- /*
- * Initialize on the fly.
- */
- if (query == 0)
- query = vstring_alloc(10);
-
- /*
- * Initialize.
- */
- reply = (RESOLVE_REPLY *) mymalloc(sizeof(*reply));
- resolve_clnt_init(reply);
-
- /*
- * Resolve the address.
- */
- rewrite_clnt_internal(MAIL_ATTR_RWR_LOCAL, addr, query);
- resolve_clnt_query(STR(query), reply);
- lowercase(STR(reply->recipient));
-
- /*
- * Save the result.
- */
- return ((void *) reply);
-}
-
-/* resolve_pageout - page out an address resolver result */
-
-static void resolve_pageout(void *data, void *unused_context)
-{
- RESOLVE_REPLY *reply = (RESOLVE_REPLY *) data;
-
- resolve_clnt_free(reply);
- myfree((void *) reply);
-}
-
/* policy_client_register - register policy service endpoint */
static void policy_client_register(const char *name)
* Initialize the resolved address cache. Note: the cache persists across
* SMTP sessions so we cannot make it dependent on session state.
*/
- smtpd_resolve_cache = ctable_create(100, resolve_pagein,
- resolve_pageout, (void *) 0);
+ smtpd_resolve_init(100);
/*
* Initialize the RBL lookup cache. Note: the cache persists across SMTP
/*
* Resolve the address.
*/
- reply = (const RESOLVE_REPLY *)
- ctable_locate(smtpd_resolve_cache, recipient);
+ reply = smtpd_resolve_addr(recipient);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, recipient);
/*
* Resolve the address.
*/
- reply = (const RESOLVE_REPLY *)
- ctable_locate(smtpd_resolve_cache, recipient);
+ reply = smtpd_resolve_addr(recipient);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, recipient);
/*
* Resolve the address.
*/
- reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, addr);
+ reply = smtpd_resolve_addr(addr);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, addr);
/*
* Resolve the address.
*/
- reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, addr);
+ reply = smtpd_resolve_addr(addr);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, addr);
* Reject if the client is logged in and does not own the sender address.
*/
if (smtpd_sasl_is_active(state) && state->sasl_username != 0) {
- reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, sender);
+ reply = smtpd_resolve_addr(sender);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, sender);
if ((owners = check_mail_addr_find(state, sender, smtpd_sender_login_maps,
* owner.
*/
if (smtpd_sasl_is_active(state) && state->sasl_username == 0) {
- reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, sender);
+ reply = smtpd_resolve_addr(sender);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, sender);
if (check_mail_addr_find(state, sender, smtpd_sender_login_maps,
*/
if (addr == 0 || *addr == 0)
return (0);
- resolve_reply = (const RESOLVE_REPLY *)
- ctable_locate(smtpd_resolve_cache, addr);
+ resolve_reply = smtpd_resolve_addr(addr);
if (resolve_reply->flags & RESOLVE_FLAG_ERROR)
return (-1);
return (0);
/*
* Resolve the address.
*/
- reply = (const RESOLVE_REPLY *)
- ctable_locate(smtpd_resolve_cache, recipient);
+ reply = smtpd_resolve_addr(recipient);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, recipient);
/* Utility library. */
+#include <split_at.h>
+
/* Global library. */
#include <mail_params.h>
#include <smtpd.h>
#include <smtpd_sasl_glue.h>
+#include <smtpd_resolve.h>
#include <smtpd_milter.h>
/*
const char *smtpd_milter_eval(const char *name, void *ptr)
{
SMTPD_STATE *state = (SMTPD_STATE *) ptr;
+ const RESOLVE_REPLY *reply;
+ char *cp;
+
+ /*
+ * On-the-fly initialization.
+ */
+ if (state->expand_buf == 0)
+ state->expand_buf = vstring_alloc(10);
/*
* Canonicalize the name.
*/
if (*name != '{') { /* } */
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
vstring_sprintf(state->expand_buf, "{%s}", name);
name = STR(state->expand_buf);
}
* Connect macros.
*/
if (strcmp(name, S8_MAC__) == 0) {
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
vstring_sprintf(state->expand_buf, "%s [%s]",
state->reverse_name, state->addr);
if (strcasecmp(state->name, state->reverse_name) != 0)
if (strcmp(name, S8_MAC_CLIENT_PORT) == 0)
return (strcmp(state->port, CLIENT_PORT_UNKNOWN) ? state->port : "0");
if (strcmp(name, S8_MAC_CLIENT_CONN) == 0) {
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
vstring_sprintf(state->expand_buf, "%d", state->conn_count);
return (STR(state->expand_buf));
}
if (strcmp(name, S8_MAC_CIPHER_BITS) == 0) {
if (state->tls_context == 0)
return (0);
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
vstring_sprintf(state->expand_buf, "%d",
IF_ENCRYPTED(state->tls_context->cipher_usebits));
return (STR(state->expand_buf));
if (strcmp(name, S8_MAC_MAIL_ADDR) == 0) {
if (state->sender == 0)
return (0);
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
+ if (state->sender[0] == 0)
+ return ("");
+ reply = smtpd_resolve_addr(state->sender);
/* Sendmail 8.13 does not externalize the null string. */
- if (state->sender[0])
- quote_821_local(state->expand_buf, state->sender);
+ if (STR(reply->recipient)[0])
+ quote_821_local(state->expand_buf, STR(reply->recipient));
else
- vstring_strcpy(state->expand_buf, state->sender);
+ vstring_strcpy(state->expand_buf, STR(reply->recipient));
return (STR(state->expand_buf));
}
+ if (strcmp(name, S8_MAC_MAIL_HOST) == 0) {
+ if (state->sender == 0)
+ return (0);
+ reply = smtpd_resolve_addr(state->sender);
+ return (STR(reply->nexthop));
+ }
+ if (strcmp(name, S8_MAC_MAIL_MAILER) == 0) {
+ if (state->sender == 0)
+ return (0);
+ reply = smtpd_resolve_addr(state->sender);
+ return (STR(reply->transport));
+ }
/*
* RCPT TO macros.
if (strcmp(name, S8_MAC_RCPT_ADDR) == 0) {
if (state->recipient == 0)
return (0);
- if (state->expand_buf == 0)
- state->expand_buf = vstring_alloc(10);
+ if (state->recipient[0] == 0)
+ return ("");
+ if (state->milter_reject_text) {
+ /* 554 5.7.1 <user@example.com>: Relay access denied */
+ vstring_strcpy(state->expand_buf, state->milter_reject_text + 4);
+ cp = split_at(STR(state->expand_buf), ' ');
+ return (cp ? split_at(cp, ' ') : cp);
+ }
+ reply = smtpd_resolve_addr(state->recipient);
/* Sendmail 8.13 does not externalize the null string. */
- if (state->recipient[0])
- quote_821_local(state->expand_buf, state->recipient);
+ if (STR(reply->recipient)[0])
+ quote_821_local(state->expand_buf, STR(reply->recipient));
else
- vstring_strcpy(state->expand_buf, state->recipient);
+ vstring_strcpy(state->expand_buf, STR(reply->recipient));
return (STR(state->expand_buf));
}
+ if (strcmp(name, S8_MAC_RCPT_HOST) == 0) {
+ if (state->recipient == 0)
+ return (0);
+ if (state->milter_reject_text) {
+ /* 554 5.7.1 <user@example.com>: Relay access denied */
+ vstring_strcpy(state->expand_buf, state->milter_reject_text + 4);
+ (void) split_at(STR(state->expand_buf), ' ');
+ return (STR(state->expand_buf));
+ }
+ reply = smtpd_resolve_addr(state->recipient);
+ return (STR(reply->nexthop));
+ }
+ if (strcmp(name, S8_MAC_RCPT_MAILER) == 0) {
+ if (state->recipient == 0)
+ return (0);
+ if (state->milter_reject_text)
+ return (S8_RCPT_MAILER_ERROR);
+ reply = smtpd_resolve_addr(state->recipient);
+ return (STR(reply->transport));
+ }
return (0);
}
--- /dev/null
+/*++
+/* NAME
+/* smtpd_resolve 3
+/* SUMMARY
+/* caching resolve client
+/* SYNOPSIS
+/* #include <smtpd_resolve.h>
+/*
+/* void smtpd_resolve_init(cache_size)
+/* int cache_size;
+/*
+/* const RESOLVE_REPLY *smtpd_resolve_addr(addr)
+/* const char *addr;
+/* DESCRIPTION
+/* This module maintains a resolve client cache that persists
+/* across SMTP sessions (not process life times). Addresses
+/* are always resolved in local rewriting context.
+/*
+/* smtpd_resolve_init() initializes the cache and must
+/* called once before the cache can be used.
+/*
+/* smtpd_resolve_addr() resolves one address or returns
+/* a known result from cache.
+/*
+/* Arguments:
+/* .IP cache_size
+/* The requested cache size.
+/* .IP addr
+/* The address to resolve.
+/* DIAGNOSTICS
+/* All errors are fatal.
+/* BUGS
+/* The recipient address is always case folded to lowercase.
+/* Changing this requires great care, since the address is used
+/* for policy lookups.
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <mymalloc.h>
+#include <vstring.h>
+#include <ctable.h>
+#include <stringops.h>
+
+/* Global library. */
+
+#include <rewrite_clnt.h>
+#include <resolve_clnt.h>
+#include <mail_proto.h>
+
+/* Application-specific. */
+
+#include <smtpd_resolve.h>
+
+static CTABLE *smtpd_resolve_cache;
+
+#define STR(x) vstring_str(x)
+
+/* resolve_pagein - page in an address resolver result */
+
+static void *resolve_pagein(const char *addr, void *unused_context)
+{
+ static VSTRING *query;
+ RESOLVE_REPLY *reply;
+
+ /*
+ * Initialize on the fly.
+ */
+ if (query == 0)
+ query = vstring_alloc(10);
+
+ /*
+ * Initialize.
+ */
+ reply = (RESOLVE_REPLY *) mymalloc(sizeof(*reply));
+ resolve_clnt_init(reply);
+
+ /*
+ * Resolve the address.
+ */
+ rewrite_clnt_internal(MAIL_ATTR_RWR_LOCAL, addr, query);
+ resolve_clnt_query(STR(query), reply);
+ lowercase(STR(reply->recipient)); /* XXX */
+
+ /*
+ * Save the result.
+ */
+ return ((void *) reply);
+}
+
+/* resolve_pageout - page out an address resolver result */
+
+static void resolve_pageout(void *data, void *unused_context)
+{
+ RESOLVE_REPLY *reply = (RESOLVE_REPLY *) data;
+
+ resolve_clnt_free(reply);
+ myfree((void *) reply);
+}
+
+/* smtpd_resolve_init - set up global cache */
+
+void smtpd_resolve_init(int cache_size)
+{
+
+ /*
+ * Sanity check.
+ */
+ if (smtpd_resolve_cache)
+ msg_panic("smtpd_resolve_init: multiple initialization");
+
+ /*
+ * Initialize the resolved address cache. Note: the cache persists across
+ * SMTP sessions so we cannot make it dependent on session state.
+ */
+ smtpd_resolve_cache = ctable_create(cache_size, resolve_pagein,
+ resolve_pageout, (void *) 0);
+}
+
+/* smtpd_resolve_addr - resolve cached addres */
+
+const RESOLVE_REPLY *smtpd_resolve_addr(const char *addr)
+{
+
+ /*
+ * Sanity check.
+ */
+ if (smtpd_resolve_cache == 0)
+ msg_panic("smtpd_resolve_addr: missing initialization");
+
+ /*
+ * Reply from the read-through cache.
+ */
+ return (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, addr);
+}
--- /dev/null
+/*++
+/* NAME
+/* smtpd_resolve 3h
+/* SUMMARY
+/* caching resolve client
+/* SYNOPSIS
+/* include <smtpd_resolve.h>
+/* DESCRIPTION
+/* .nf
+
+ /*
+ * Global library.
+ */
+#include <resolve_clnt.h>
+
+ /*
+ * External interface.
+ */
+extern void smtpd_resolve_init(int);
+extern const RESOLVE_REPLY *smtpd_resolve_addr(const char *);
+
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*
+/* TLS support originally by:
+/* Lutz Jaenicke
+/* BTU Cottbus
+/* Allgemeine Elektrotechnik
+/* Universitaetsplatz 3-4
+/* D-03044 Cottbus, Germany
+/*--*/
argv_split.o: argv.h
argv_split.o: argv_split.c
argv_split.o: mymalloc.h
+argv_split.o: msg.h
argv_split.o: stringops.h
argv_split.o: sys_defs.h
argv_split.o: vbuf.h
extern ARGV *argv_free(ARGV *);
extern ARGV *argv_split(const char *, const char *);
+extern ARGV *argv_split_count(const char *, const char *, ssize_t);
extern ARGV *argv_split_append(ARGV *, const char *, const char *);
#define ARGV_END ((char *) 0)
/* ARGV *argv_split(string, delim)
/* const char *string;
/*
+/* ARGV *argv_split_count(string, delim, count)
+/* const char *string;
+/* ssize_t count;
+/*
/* ARGV *argv_split_append(argv, string, delim)
/* ARGV *argv;
/* const char *string;
/* to the delimiters specified in \fIdelim\fR. The result is
/* a null-terminated string array.
/*
+/* argv_split_count() is like argv_split() but stops splitting
+/* input after at most \fIcount\fR -1 times and leaves the
+/* remainder, if any, in the last array element. It is an error
+/* to specify a count < 1.
+/*
/* argv_split_append() performs the same operation as argv_split(),
/* but appends the result to an existing string array.
/* SEE ALSO
/* System libraries. */
#include <sys_defs.h>
+#include <string.h>
/* Application-specific. */
#include "mymalloc.h"
#include "stringops.h"
#include "argv.h"
+#include "msg.h"
/* argv_split - split string into token array */
return (argvp);
}
+/* argv_split_count - split string into token array */
+
+ARGV *argv_split_count(const char *string, const char *delim, ssize_t count)
+{
+ ARGV *argvp = argv_alloc(1);
+ char *saved_string = mystrdup(string);
+ char *bp = saved_string;
+ char *arg;
+
+ if (count < 1)
+ msg_panic("argv_split_count: bad count: %ld", (long) count);
+ while (count-- > 1 && (arg = mystrtok(&bp, delim)) != 0)
+ argv_add(argvp, arg, (char *) 0);
+ if (*bp)
+ bp += strspn(bp, delim);
+ if (*bp)
+ argv_add(argvp, bp, (char *) 0);
+ argv_terminate(argvp);
+ myfree(saved_string);
+ return (argvp);
+}
+
/* argv_split_append - split string into token array, append to array */
ARGV *argv_split_append(ARGV *argvp, const char *string, const char *delim)
STR(addr), addr_status, now, updated);
post_mail_fopen_async(strcmp(var_verify_sender, "<>") == 0 ?
"" : var_verify_sender, STR(addr),
- INT_FILT_NONE,
+ INT_FILT_MASK_NONE,
DEL_REQ_FLAG_MTA_VRFY,
(VSTRING *) 0,
verify_post_mail_action,
VSTREAM_CTL_TIMEOUT, AUTH_TIMEOUT,
VSTREAM_CTL_END);
+ /* XXX Encapsulate for logging. */
vstream_fprintf(sasl_stream,
"VERSION\t%u\t%u\n"
"CPID\t%u\n",
}
success = 0;
line_str = vstring_alloc(256);
+ /* XXX Encapsulate for logging. */
while (vstring_get_nonl(line_str, sasl_stream) != VSTREAM_EOF) {
line = vstring_str(line_str);
const char *myname = "xsasl_dovecot_handle_reply";
char *line, *cmd;
+ /* XXX Encapsulate for logging. */
while (vstring_get_nonl(server->sasl_line,
server->impl->sasl_stream) != VSTREAM_EOF) {
line = vstring_str(server->sasl_line);
}
/* send the request */
server->last_request_id = ++server->impl->request_id_counter;
+ /* XXX Encapsulate for logging. */
vstream_fprintf(server->impl->sasl_stream,
"AUTH\t%u\t%s\tservice=%s\tnologin\tlip=%s\trip=%s",
server->last_request_id, sasl_method,
server->service, server->server_addr,
server->client_addr);
if (server->tls_flag)
+ /* XXX Encapsulate for logging. */
vstream_fputs("\tsecured", server->impl->sasl_stream);
if (init_response) {
* initial response is already base64 encoded, so we can send it
* directly.
*/
+ /* XXX Encapsulate for logging. */
vstream_fprintf(server->impl->sasl_stream,
"\tresp=%s", init_response);
}
+ /* XXX Encapsulate for logging. */
VSTREAM_PUTC('\n', server->impl->sasl_stream);
if (vstream_fflush(server->impl->sasl_stream) != VSTREAM_EOF)
vstring_strcpy(reply, "Invalid base64 data in continued response");
return XSASL_AUTH_FAIL;
}
+ /* XXX Encapsulate for logging. */
vstream_fprintf(server->impl->sasl_stream,
"CONT\t%u\t%s\n", server->last_request_id, request);
if (vstream_fflush(server->impl->sasl_stream) == VSTREAM_EOF) {
projects / thirdparty / postfix.git / commitdiff
