what happens before or after an external content filter:
rejecting unknown recipients, canonical and virtual address
mapping, address masquerading, automatic BCC recipients
- and header/body checks. This is more convenient than having
- to specify two different cleanup services in the master.cf
- file.
+ and header/body checks. This eliminates the need to configure
+ multiple cleanup services in the master.cf file.
Open problems:
FILTER_README document, where all mail is inspected AFTER it is
stored in the Postfix mail queue]
+This feature is meant to be used as follows:
+ / smtp
+ Internet -> smtpd -> proxy -> smtpd -> cleanup -> queue -> local
+ Postfix Postfix \ virtual etc.
+
+For reference, this is the normal path through Postfix:
+
+ / smtp
+ Internet -> smtpd -> cleanup -> queue -> local
+ Postfix \ virtual etc.
+
+For comparison, this is the FILTER_README approach with an SMTP-based
+content filter:
+ / smtp
+ Internet -> smtpd -> cleanup -> queue -> local
+ Postfix ^ v \ virtual etc.
+ smtpd smtp
+ Postfix Postfix
+ \ /
+ filter <-
+
The SMTP proxy server receives unfiltered mail from Postfix and
does one of the following:
content.
2 - Reject the mail (by sending a suitable status code back to
- Postfix) so that it is returned to sender.
+ Postfix). Postfix passes the status back to the remote SMTP
+ client. This way, Postfix does not have to send a bounce message.
3 - Send the mail somewhere else.
pipelining. The SMTP proxy server must accept the same MAIL FROM
and RCPT TO command syntax as the Postfix SMTP server.
-This feature is meant to be used as follows:
- / smtp
- Internet -> smtpd -> proxy -> smtpd -> cleanup -> queue -> local
- Postfix Postfix \ virtual etc.
-
-For reference, this is the normal path through Postfix:
-
- / smtp
- Internet -> smtpd -> cleanup -> queue -> local
- Postfix \ virtual etc.
-
-For comparison, this is the FILTER_README approach with an SMTP-based
-content filter:
- / smtp
- Internet -> smtpd -> cleanup -> queue -> local
- Postfix ^ v \ virtual etc.
- smtpd smtp
- Postfix Postfix
- \ /
- filter <-
Configuration parameters
========================
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
-Major changes with Postfix snapshot 2.0.13-20030705
+Major changes with Postfix snapshot 2.0.13-20030706
===================================================
New receive_override_options parameter that eliminates the need
New CIDR-based lookup table, remotely based on code by Jozsef
Kadlecsik. For details and examples, see "man cidr_table".
-The TCP-based client-server table lookup protocol is finished.
-For details and examples, see "man tcp_table". This will allow you
-to implement your own greylisting.
+The TCP-based table lookup protocol is finished. For details and
+examples, see "man tcp_table". This will allow you to implement
+your own greylisting, or to do your own open proxy tests before
+accepting mail.
Support for !/pattern/ (negative matches) in PCRE lookup tables by
Victor Duchovni. See "man pcre_table" for more.
and ignores the original recipient when eliminating duplicates
after virtual alias expansion. Code by Victor Duchovni.
-Finer control over how long the SMTP server waits for address
-verification probes to complete. address_verify_poll_{count,delay}
-control how often to query the verify server and how long to wait
-between queries. Specify address_verify_poll_count=1 to implement
-a crude form of greylisting.
+Finer control over how long Postfix SMTPD waits for completion of
+address verification probes: the address_verify_poll_{count,delay}
+parameters control how often to query the verify server and how
+long to wait between queries. Specify address_verify_poll_count=1
+to implement a crude form of greylisting.
Major changes with Postfix snapshot 2.0.11-20030611
===================================================
# to not contain the % or NEWLINE character.
#
# SECURITY
-# Do not use TCP lookup tables for security critical purposes.
-# The client-server connection is not protected and the server
-# is not authenticated.
+# Do not use TCP lookup tables for security critical pur-
+# poses. The client-server connection is not protected and
+# the server is not authenticated.
#
# SEE ALSO
# regexp_table(5) format of regular expression tables
to not contain the % or NEWLINE character.
<b>SECURITY</b>
- Do not use TCP lookup tables for security critical purposes.
- The client-server connection is not protected and the server
- is not authenticated.
+ Do not use TCP lookup tables for security critical pur-
+ poses. The client-server connection is not protected and
+ the server is not authenticated.
<b>SEE ALSO</b>
<a href="regexp_table.5.html">regexp_table(5)</a> format of regular expression tables
.SH SECURITY
.na
.nf
+.ad
+.fi
Do not use TCP lookup tables for security critical purposes.
The client-server connection is not protected and the server
is not authenticated.
# The server may omit the encoding as long as the reply
# is guaranteed to not contain the % or NEWLINE character.
# SECURITY
+# .ad
+# .fi
# Do not use TCP lookup tables for security critical purposes.
# The client-server connection is not protected and the server
# is not authenticated.
* discard input after any lethal error. See the CLEANUP_OUT_OK() macro
* definition.
*/
+ if (msg_verbose)
+ msg_info("cleanup flags = %s", cleanup_strflags(flags));
if ((state->flags = flags) & CLEANUP_FLAG_BOUNCE) {
state->err_mask = CLEANUP_STAT_MASK_INCOMPLETE;
} else {
const char *map_class;
if (msg_verbose)
- msg_info("%s: '%s'", myname, vstring_str(header_buf));
+ msg_info("%s: '%.200s'", myname, vstring_str(header_buf));
/*
* Crude header filtering. This stops malware that isn't sophisticated
flush_clnt.c mail_conf_time.c mbox_conf.c mbox_open.c abounce.c \
verp_sender.c match_parent_style.c mime_state.c header_token.c \
strip_addr.c virtual8_maps.c hold_message.c verify_clnt.c \
- trace.c log_adhoc.c verify.c dict_proxy.c mail_dict.c input_transp.c
+ trace.c log_adhoc.c verify.c dict_proxy.c mail_dict.c input_transp.c \
+ cleanup_strflags.c
OBJS = been_here.o bounce.o canon_addr.o cleanup_strerror.o clnt_stream.o \
debug_peer.o debug_process.o defer.o deliver_completed.o \
deliver_flock.o deliver_pass.o deliver_request.o domain_list.o \
flush_clnt.o mail_conf_time.o mbox_conf.o mbox_open.o abounce.o \
verp_sender.o match_parent_style.o mime_state.o header_token.o \
strip_addr.o virtual8_maps.o hold_message.o verify_clnt.o \
- trace.o log_adhoc.o verify.o dict_proxy.o mail_dict.o input_transp.o
+ trace.o log_adhoc.o verify.o dict_proxy.o mail_dict.o input_transp.o \
+ cleanup_strflags.o
HDRS = been_here.h bounce.h canon_addr.h cleanup_user.h clnt_stream.h \
config.h debug_peer.h debug_process.h defer.h deliver_completed.h \
deliver_flock.h deliver_pass.h deliver_request.h domain_list.h \
cleanup_strerror.o: ../../include/vstring.h
cleanup_strerror.o: ../../include/vbuf.h
cleanup_strerror.o: cleanup_user.h
+cleanup_strflags.o: cleanup_strflags.c
+cleanup_strflags.o: ../../include/sys_defs.h
+cleanup_strflags.o: ../../include/msg.h
+cleanup_strflags.o: ../../include/vstring.h
+cleanup_strflags.o: ../../include/vbuf.h
+cleanup_strflags.o: cleanup_user.h
clnt_stream.o: clnt_stream.c
clnt_stream.o: ../../include/sys_defs.h
clnt_stream.o: ../../include/msg.h
--- /dev/null
+/*++
+/* NAME
+/* cleanup_strflags 3
+/* SUMMARY
+/* cleanup flags code to string
+/* SYNOPSIS
+/* #include <cleanup_user.h>
+/*
+/* const char *cleanup_strflags(code)
+/* int code;
+/* DESCRIPTION
+/* cleanup_strflags() maps a CLEANUP_FLAGS code to printable string.
+/* The result is for read purposes only. The result is overwritten
+/* upon each call.
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <vstring.h>
+
+/* Global library. */
+
+#include "cleanup_user.h"
+
+ /*
+ * Mapping from flags code to printable string.
+ */
+struct cleanup_flag_map {
+ unsigned flag;
+ const char *text;
+};
+
+static struct cleanup_flag_map cleanup_flag_map[] = {
+ CLEANUP_FLAG_BOUNCE, "enable_bad_mail_bounce",
+ CLEANUP_FLAG_FILTER, "enable_header_body_filter",
+ CLEANUP_FLAG_HOLD, "hold_message",
+ CLEANUP_FLAG_DISCARD, "discard_message",
+ CLEANUP_FLAG_BCC_OK, "enable_automatic_bcc",
+ CLEANUP_FLAG_MAP_OK, "enable_address_mapping",
+};
+
+/* cleanup_strflags - map flags code to printable string */
+
+const char *cleanup_strflags(unsigned flags)
+{
+ static VSTRING *result;
+ unsigned i;
+
+ if (flags == 0)
+ return ("none");
+
+ if (result == 0)
+ result = vstring_alloc(20);
+ else
+ VSTRING_RESET(result);
+
+ for (i = 0; i < sizeof(cleanup_flag_map) / sizeof(cleanup_flag_map[0]); i++) {
+ if (cleanup_flag_map[i].flag & flags) {
+ vstring_sprintf_append(result, "%s ", cleanup_flag_map[i].text);
+ flags &= ~cleanup_flag_map[i].flag;
+ }
+ }
+
+ if (flags != 0 || VSTRING_LEN(result) == 0)
+ msg_panic("cleanup_strflags: unrecognized flag value(s) 0x%x", flags);
+
+ vstring_truncate(result, VSTRING_LEN(result) - 1);
+ VSTRING_TERMINATE(result);
+
+ return (vstring_str(result));
+}
(CLEANUP_STAT_BAD | CLEANUP_STAT_WRITE | CLEANUP_STAT_SIZE)
extern const char *cleanup_strerror(unsigned);
+extern const char *cleanup_strflags(unsigned);
/* LICENSE
/* .ad
/* This module controls how much processing happens before mail is
/* written to the Postfix queue. Each transparency option is either
/* implemented by a client of the cleanup service, or is passed
-/* along in a client request to the cleanup service.
+/* along in a client request to the cleanup service. This eliminates
+/* the need to configure multiple cleanup service instances.
/*
/* input_transp_mask() takes a comma-separated list of names and
/* computes the corresponding mask. The following names are
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030705"
+#define MAIL_RELEASE_DATE "20030706"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.13-" MAIL_RELEASE_DATE
/*
* Peek at the cache.
+ *
+ * XXX Must be made "rule" specific.
*/
if (strcmp(addr, STR(last_addr)) == 0) {
vstring_strcpy(result, STR(last_result));
/* const char *quoted;
/* DESCRIPTION
/* xtext_quote() takes a null-terminated string and replaces characters
-/* <33(10) and >126(10), as well as characters specified with "special"
+/* +, <33(10) and >126(10), as well as characters specified with "special"
/* by +XX, XX being the two-digit uppercase hexadecimal equivalent.
/*
/* xtext_unquote() performs the opposite transformation. This function
-/* understands lowercase, uppercase, and mixed case %XX sequences. The
+/* understands lowercase, uppercase, and mixed case +XX sequences. The
/* result value is the unquoted argument in case of success, a null pointer
/* otherwise.
/* BUGS
projects / thirdparty / postfix.git / commitdiff
