20060204
- Bugfix: disable content_inspection for "sendmail -bv"
- probes. File: *qmgr/qmgr_message.c.
+ Bugfix: disable the content_filter feature for user-requested
+ "sendmail -bv" probes, just like it is disabled for probes
+ generated by Postfix itself. File: *qmgr/qmgr_message.c.
20060207
of waiting for another 100 seconds. This allows the processes
to refresh more frequently on low-traffic systems.
+ Cleanup: smtpd_delay_open_until_valid_rcpt (default: yes)
+ controls whether Postfix delays the start of a mail transaction
+ until after the first valid recipient, or if it starts a
+ transaction immediately after MAIL FROM. File: smtpd/smtpd.c.
+
+20060217
+
+ Bugfix: don't terminate with a non-standard exit status
+ when the pipe-to-command feature has a problem before it
+ executes the command. File: global/pipe_command.c.
+
+20060223
+
+ Bugfix: detect integer overflow when multiplying time values
+ with non-trivial time units. File: global/conv_time.c.
+
+20060307
+
+ Bugfix: reset the msg_cleanup() fatal error handler in child
+ processes. See also change 20060217. Files: postlock/postlock.c,
+ master/multi_server.c, global/mail_run.c, util/vstream_popen.c.
+
Wish list:
- Fix XCLIENT/XFORWARD: send xtext and accept old non-xtext.
+ Log DSN original recipient when rejecting mail.
+
+ Keep whitespace between label and ":"?
+
+ Make XCLIENT/XFORWARD future proof: send xtext and accept
+ old non-xtext.
Make the map case folding/locking options configurable, if
not at run-time then at least at compile time so we get
do virtual aliasing earlier?
Investigate what it would take to eliminate oqmgr, and to
- make the old behavior configurable in a unified queue manager.
+ make the old behavior configurable in a unified queue
+ manager.
This would shave another 2.7 KLOC from the source footprint.
Document the case folding strategy for match_list like features.
smtp_bind_address parameter does for IPv4:
/etc/postfix/main.cf:
- smtp_bind_address6 = 2001:240:5c7:0:250:56ff:fe89:1
+ smtp_bind_address6 = 2001:240:587:0:250:56ff:fe89:1
* If you left the value of the mynetworks parameter at its default (i.e. no
mynetworks setting in main.cf) Postfix will figure out by itself what its
% postconf mynetworks
mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:
- 240:5c7::]/64
+ 240:587::]/64
If you did specify the mynetworks parameter value in main.cf, you need
update the mynetworks value to include the IPv6 networks the system is in.
Be sure to specify IPv6 address information inside "[]", like this:
/etc/postfix/main.cf:
- mynetworks = ...IPv4 networks... [::1]/128 [2001:240:5c7::]/64 ...
+ mynetworks = ...IPv4 networks... [::1]/128 [2001:240:587::]/64 ...
N\bNO\bOT\bTE\bE:\b: w\bwh\bhe\ben\bn c\bco\bon\bnf\bfi\big\bgu\bur\bri\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx m\bma\bat\btc\bch\bh l\bli\bis\bst\bts\bs s\bsu\buc\bch\bh a\bas\bs m\bmy\byn\bne\bet\btw\bwo\bor\brk\bks\bs o\bor\br
d\bde\beb\bbu\bug\bg_\b_p\bpe\bee\ber\br_\b_l\bli\bis\bst\bt,\b, y\byo\bou\bu m\bmu\bus\bst\bt s\bsp\bpe\bec\bci\bif\bfy\by I\bIP\bPv\bv6\b6 a\bad\bdd\bdr\bre\bes\bss\bs i\bin\bnf\bfo\bor\brm\bma\bat\bti\bio\bon\bn i\bin\bns\bsi\bid\bde\be "\b"[\b[]\b]"\b" i\bin\bn t\bth\bhe\be
168.100.189.2/255.255.255.224
127.0.0.1/255.0.0.0
fe80:1::2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
- 2001:240:5c7:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
+ 2001:240:587:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
fe80:5::1/ffff:ffff:ffff:ffff::
::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
know that oqmgr(8) uses round-robin by destination while qmgr(8) uses simple
FIFO, except for some preemptive magic. The postconf(5) manual documents all
the knobs the user can use to control this preemptive magic - there is nothing
-else to the preemption than the quite simple conditions described below.
+else to the preemption than the quite simple conditions described in there.
As for programmer-level documentation, this will have to be extracted from all
those emails we have exchanged with Wietse [rats! I hoped that Patrik would do
* Configuring the Postfix SMTP pass-through proxy feature
* Configuration parameters
* How Postfix talks to the before-queue content filter
- * Transparency
P\bPr\bri\bin\bnc\bci\bip\bpl\ble\bes\bs o\bof\bf o\bop\bpe\ber\bra\bat\bti\bio\bon\bn
-The before-filter Postfix SMTP server receives mail from the Internet and does
-the usual relay access control, SASL authentication, RBL lookups, rejecting
-non-existent sender or recipient addresses, etc. The before-queue filter
-receives unfiltered mail content from Postfix and does one of the following:
+The before-filter Postfix SMTP server accepts connections from the Internet and
+does the usual relay access control, SASL authentication, TLS negotiation, RBL
+lookups, rejecting non-existent sender or recipient addresses, etc. The before-
+queue filter receives unfiltered mail content from Postfix and does one of the
+following:
1. Re-inject the mail back into Postfix via SMTP, perhaps after changing its
content and/or destination.
EHLO, XFORWARD (for logging the remote client IP address instead of localhost
[127.0.0.1]), DATA and QUIT commands, and forwards unmodified copies of all the
MAIL FROM and RCPT TO commands that the before-filter Postfix SMTP server
-didn't reject itself. The SMTP proxy server should accept the same MAIL FROM
-and RCPT TO command syntax as the Postfix SMTP server. Postfix sends no other
-SMTP commands.
-
-The content filter is expected to pass on unmodified SMTP commands from a
-before-filter Postfix SMTP server to an after-filter Postfix SMTP server that
-usually listens on a non-standard port. When the filter rejects content, it
-should send a negative SMTP response back to the before-filter Postfix SMTP
-server, and it should abort the connection with the after-filter Postfix SMTP
-server without completing the SMTP conversation with the after-filter Postfix
-SMTP server.
-
-More detail on the postfix-to-proxy interaction is in the section titled
-"Transparency".
-
-T\bTr\bra\ban\bns\bsp\bpa\bar\bre\ben\bnc\bcy\by
-
-The before-filter Postfix SMTP server forwards the MAIL FROM, RCPT TO and DATA
-commands that it has approved, but it does not forward other commands such as
-TLS or SASL commands. It can therefore not be transparent.
-
-The real-time content filter, on the other hand, has to be transparent. In
-order to support non-transparent real-time content filters, Postfix would have
-to reconcile the before-filter Postfix ESMTP feature set with the feature set
-that Postfix receives from the real-time content filter.
-
- * When a future Postfix version supports DSN, but the content filter does not
- announce DSN support in the EHLO reply, then the before-filter SMTP server
- would have to either 1) suppress the DSN feature in its EHLO announcement,
- or 2) duplicate all the work that needs to be done when delivering DSN-
- aware mail to a non-DSN destination.
-
- * When the content filter does not announce 8BITMIME support in the EHLO
- reply, then the before-filter SMTP server would have to either 1) suppress
- the 8BITMIME feature in its EHLO announcement, or 2) convert the content to
- quoted-printable before giving it to the content filter.
-
- * Performance: when Postfix has to suppress elements from the before-filter
- EHLO reply because they are incompatible with the real-time content filter,
- then Postfix has to connect to the content filter as soon as the client
- sends a valid EHLO command. This wastes a lot of resources when all the
- MAIL FROM or RCPT TO commands are rejected.
-
-Therefore, the Postfix SMTP server cannot be transparent with respect to the
-before-queue content filter.
+didn't reject itself. Postfix sends no other SMTP commands.
+
+The content filter should accept the same MAIL FROM and RCPT TO command syntax
+as the before-filter Postfix SMTP server, and should forward the commands
+without modification to the after-filter SMTP server. If the content filter or
+after-filter SMTP server does not support all the ESMTP features that the
+before-filter Postfix SMTP server supports, then the missing features must be
+turned off in the before-filter Postfix SMTP server with the
+smtpd_discard_ehlo_keywords parameter.
+
+When the filter rejects content, it should send a negative SMTP response back
+to the before-filter Postfix SMTP server, and it should abort the connection
+with the after-filter Postfix SMTP server without completing the SMTP
+conversation with the after-filter Postfix SMTP server.
with the necessary definitions. This is done by invoking the command "make
makefiles" in the Postfix top-level directory and with arguments as shown next.
-N\bNO\bOT\bTE\bE:\b: D\bDo\bo n\bno\bot\bt u\bus\bse\be G\bGn\bnu\bu T\bTL\bLS\bS.\b. I\bIt\bt w\bwi\bil\bll\bl s\bsp\bpo\bon\bnt\bta\ban\bne\beo\bou\bus\bsl\bly\by t\bte\ber\brm\bmi\bin\bna\bat\bte\be a\ba p\bpr\bro\boc\bce\bes\bss\bs w\bwi\bit\bth\bh e\bex\bxi\bit\bt
-s\bst\bta\bat\btu\bus\bs c\bco\bod\bde\be 2\b2,\b, i\bin\bns\bst\bte\bea\bad\bd o\bof\bf p\bpr\bro\bop\bpe\ber\brl\bly\by r\bre\bep\bpo\bor\brt\bti\bin\bng\bg p\bpr\bro\bob\bbl\ble\bem\bms\bs t\bto\bo P\bPo\bos\bst\btf\bfi\bix\bx,\b, s\bso\bo t\bth\bha\bat\bt i\bit\bt
-c\bca\ban\bn l\blo\bog\bg t\bth\bhe\bem\bm t\bto\bo t\bth\bhe\be m\bma\bai\bil\bll\blo\bog\bg f\bfi\bil\ble\be.\b.
+N\bNO\bOT\bTE\bE:\b: D\bDo\bo n\bno\bot\bt u\bus\bse\be G\bGn\bnu\bu T\bTL\bLS\bS.\b. I\bIt\bt w\bwi\bil\bll\bl s\bsp\bpo\bon\bnt\bta\ban\bne\beo\bou\bus\bsl\bly\by t\bte\ber\brm\bmi\bin\bna\bat\bte\be a\ba P\bPo\bos\bst\btf\bfi\bix\bx d\bda\bae\bem\bmo\bon\bn
+p\bpr\bro\boc\bce\bes\bss\bs w\bwi\bit\bth\bh e\bex\bxi\bit\bt s\bst\bta\bat\btu\bus\bs c\bco\bod\bde\be 2\b2,\b, i\bin\bns\bst\bte\bea\bad\bd o\bof\bf a\bal\bll\blo\bow\bwi\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx t\bto\bo 1\b1)\b) r\bre\bep\bpo\bor\brt\bt t\bth\bhe\be
+e\ber\brr\bro\bor\br t\bto\bo t\bth\bhe\be m\bma\bai\bil\bll\blo\bog\bg f\bfi\bil\ble\be,\b, a\ban\bnd\bd t\bto\bo 2\b2)\b) p\bpr\bro\bov\bvi\bid\bde\be p\bpl\bla\bai\bin\bnt\bte\bex\bxt\bt s\bse\ber\brv\bvi\bic\bce\be w\bwh\bhe\ber\bre\be t\bth\bhi\bis\bs i\bis\bs
+a\bap\bpp\bpr\bro\bop\bpr\bri\bia\bat\bte\be.\b.
* If the OpenSSL include files (such as ssl.h) are in directory /usr/include/
openssl, and the OpenSSL libraries (such as libssl.so and libcrypto.so) are
# relayhost exact nexthop match
[msa.example.net]:587 MUST
- # example.org (as nexthop) has MX hosts with broken TLS.
+ # TLS should not be used with the example.org MX hosts.
example.org NONE
- # Except for (as host) mx1.example.org which works.
- mx1.example.org MAY
+ # TLS should not be used with the host smtp.example.com.
+ smtp.example.com NONE
D\bDi\bis\bsc\bco\bov\bve\ber\bri\bin\bng\bg s\bse\ber\brv\bve\ber\brs\bs t\bth\bha\bat\bt s\bsu\bup\bpp\bpo\bor\brt\bt T\bTL\bLS\bS
<h2><a name="configuration">Configuration</a></h2>
-<p> Postfix IPv6 support introduces two new main.cf configuration
+<p> Postfix IPv6 support introduces two new <a href="postconf.5.html">main.cf</a> configuration
parameters, and introduces an important change in address syntax
notation in match lists such as <a href="postconf.5.html#mynetworks">mynetworks</a> or
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a>. </p>
<ul>
<li> <p> Instead of hard-coding 127.0.0.1 and ::1 loopback addresses
-in master.cf, specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only" in main.cf.
-This way you can use the same master.cf file regardless of whether
+in <a href="master.5.html">master.cf</a>, specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only" in <a href="postconf.5.html">main.cf</a>.
+This way you can use the same <a href="master.5.html">master.cf</a> file regardless of whether
or not Postfix will run on an IPv6-enabled system. </p>
<li> <p> The first new parameter is called <a href="postconf.5.html#inet_protocols">inet_protocols</a>. This
<blockquote>
<pre>
-/etc/postfix/main.cf:
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
# You must stop/start Postfix after changing this parameter.
<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4 (DEFAULT: enable IPv4 only)
<a href="postconf.5.html#inet_protocols">inet_protocols</a> = all (enable IPv4, and IPv6 if supported)
<blockquote>
<pre>
-/etc/postfix/main.cf:
- <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> = 2001:240:5c7:0:250:56ff:fe89:1
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> = 2001:240:587:0:250:56ff:fe89:1
</pre>
</blockquote>
<li> <p> If you left the value of the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter at its
-default (i.e. no <a href="postconf.5.html#mynetworks">mynetworks</a> setting in main.cf) Postfix will figure
+default (i.e. no <a href="postconf.5.html#mynetworks">mynetworks</a> setting in <a href="postconf.5.html">main.cf</a>) Postfix will figure
out by itself what its network addresses are. This is what a typical
setting looks like: </p>
<blockquote>
<pre>
% postconf <a href="postconf.5.html#mynetworks">mynetworks</a>
-<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:5c7::]/64
+<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:587::]/64
</pre>
</blockquote>
<p> If you did specify the <a href="postconf.5.html#mynetworks">mynetworks</a> parameter value in
-
main.cf, you need update the <a href="postconf.5.html#mynetworks">mynetworks</a> value to include
+
<a href="postconf.5.html">main.cf</a>, you need update the <a href="postconf.5.html#mynetworks">mynetworks</a> value to include
the IPv6 networks the system is in. Be sure to specify IPv6 address
information inside "<tt>[]</tt>", like this: </p>
<blockquote>
<pre>
-/etc/postfix/main.cf:
- <a href="postconf.5.html#mynetworks">mynetworks</a> = ...<i>IPv4 networks</i>... [::1]/128 [2001:240:5c7::]/64 ...
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ <a href="postconf.5.html#mynetworks">mynetworks</a> = ...<i>IPv4 networks</i>... [::1]/128 [2001:240:587::]/64 ...
</pre>
</blockquote>
<p> <b> NOTE: when configuring Postfix match lists such as
<a href="postconf.5.html#mynetworks">mynetworks</a> or <a href="postconf.5.html#debug_peer_list">debug_peer_list</a>, you must specify
-IPv6 address information inside "<tt>[]</tt>" in the main.cf parameter
+IPv6 address information inside "<tt>[]</tt>" in the <a href="postconf.5.html">main.cf</a> parameter
value and in files specified with a "<i>/file/name</i>" pattern.
IPv6 addresses contain the ":" character, and would otherwise be
confused with a "<i><a href="DATABASE_README.html">type:table</a></i>" pattern. </b> </p>
subnet mask
and always assumes a /128 network. This is a problem only with
"<a href="postconf.5.html#mynetworks_style">mynetworks_style</a> = subnet" and no explicit <a href="postconf.5.html#mynetworks">mynetworks</a>
-setting in main.cf. </p>
+setting in <a href="postconf.5.html">main.cf</a>. </p>
</ul>
<ul>
-<li> <p>
main.cf: The <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> parameter does not support
+<li> <p>
<a href="postconf.5.html">main.cf</a>: The <a href="postconf.5.html#inet_interfaces">inet_interfaces</a> parameter does not support
the notation "ipv6:all" or "ipv4:all". Use the
<a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter instead. </p>
-<li> <p>
main.cf: Specify "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = all" or
+<li> <p>
<a href="postconf.5.html">main.cf</a>: Specify "<a href="postconf.5.html#inet_protocols">inet_protocols</a> = all" or
"<a href="postconf.5.html#inet_protocols">inet_protocols</a> = ipv4, ipv6" in order to enable both IPv4
and IPv6 support. </p>
-<li> <p>
main.cf: The <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter also controls
+<li> <p>
<a href="postconf.5.html">main.cf</a>: The <a href="postconf.5.html#inet_protocols">inet_protocols</a> parameter also controls
what DNS lookups Postfix will attempt to make when delivering or
receiving mail. </p>
-<li> <p>
main.cf: Specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only"
+<li> <p>
<a href="postconf.5.html">main.cf</a>: Specify "<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> = loopback-only"
to listen on loopback network interfaces only. </p>
-<li> <p> The lmtp_bind_address and lmtp_bind_address6
+<li> <p> The <a href="postconf.5.html#lmtp_bind_address">lmtp_bind_address</a> and <a href="postconf.5.html#lmtp_bind_address6">lmtp_bind_address6</a>
features were omitted. The Postfix LMTP client will be absorbed
into the SMTP client, so there is no reason to keep adding features
to the LMTP client. </p>
168.100.189.2/255.255.255.224
127.0.0.1/255.0.0.0
fe80:1::2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
-2001:240:5c7:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
+2001:240:587:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
fe80:5::1/ffff:ffff:ffff:ffff::
::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
</pre>
while <a href="qmgr.8.html">qmgr(8)</a> uses simple FIFO, except for some preemptive magic.
The <a href="postconf.5.html">postconf(5)</a> manual documents all the knobs the user
can use to control this preemptive magic - there is nothing else
-to the preemption than the quite simple conditions described below.
+to the preemption than the quite simple conditions described in there.
</p>
<p> As for programmer-level documentation, this will have to be
<li><a href="#protocol">How Postfix talks to the before-queue content
filter</a>
-<li><a href="#transparency">Transparency</a>
-
</ul>
<h2><a name="principles">Principles of operation</a></h2>
-<p> The before-filter Postfix SMTP server receives mail from the
+<p> The before-filter Postfix SMTP server accepts connections from the
Internet and does the usual relay access control, SASL authentication,
+TLS negotiation,
RBL lookups, rejecting non-existent sender or recipient addresses,
etc. The before-queue filter receives unfiltered mail content from
Postfix and does one of the following: </p>
the remote client IP address instead of localhost[127.0.0.1]), DATA
and QUIT commands, and forwards unmodified copies of all the MAIL
FROM and RCPT TO commands that the before-filter Postfix SMTP server
-didn't reject itself. The SMTP proxy server should accept the same
-MAIL FROM and RCPT TO command syntax as the Postfix SMTP server.
+didn't reject itself.
Postfix sends no other SMTP commands. </p>
-<p> The content filter is expected to pass on unmodified SMTP
-commands from a before-filter Postfix SMTP server to an after-filter
-Postfix SMTP server that usually listens on a non-standard port.
-When the filter rejects content, it should send a negative SMTP
+<p> The content filter should accept the same MAIL FROM and RCPT
+TO command syntax as the before-filter Postfix SMTP server, and
+should forward the commands without modification to the after-filter
+SMTP server. If the content filter or after-filter SMTP server
+does not support all the ESMTP features that the before-filter
+Postfix SMTP server supports, then the missing features must be
+turned off in the before-filter Postfix SMTP server with the
+<a href="postconf.5.html#smtpd_discard_ehlo_keywords">smtpd_discard_ehlo_keywords</a> parameter. </p>
+
+<p> When the filter rejects content, it should send a negative SMTP
response back to the before-filter Postfix SMTP server, and it
should abort the connection with the after-filter Postfix SMTP
server without completing the SMTP conversation with the after-filter
Postfix SMTP server. </p>
-<p> More detail on the postfix-to-proxy interaction is in the
-section titled "<a href="#transparency">Transparency</a>". </p>
-
-<h2><a name="transparency">Transparency</a></h2>
-
-<p> The before-filter Postfix SMTP server forwards the MAIL FROM,
-RCPT TO and DATA commands that it has approved, but it does not
-forward other commands such as TLS or SASL commands. It can
-therefore not be transparent. </p>
-
-<p> The real-time content filter, on the other hand, has to be
-transparent. In order to support non-transparent real-time content
-filters, Postfix would have to reconcile the before-filter Postfix
-ESMTP feature set with the feature set that Postfix receives from
-the real-time content filter. </p>
-
-<ul>
-
- <li> <p> When a future Postfix version supports DSN, but the
- content filter does not announce DSN support in the EHLO reply,
- then the before-filter SMTP server would have to either 1)
- suppress the DSN feature in its EHLO announcement, or 2)
- duplicate all the work that needs to be done when delivering
- DSN-aware mail to a non-DSN destination. </p>
-
- <li> <p> When the content filter does not announce 8BITMIME
- support in the EHLO reply, then the before-filter SMTP server
- would have to either 1) suppress the 8BITMIME feature in its
- EHLO announcement, or 2) convert the content to quoted-printable
- before giving it to the content filter. </p>
-
- <li> <p> Performance: when Postfix has to suppress elements
- from the before-filter EHLO reply because they are incompatible
- with the real-time content filter, then Postfix has to connect
- to the content filter as soon as the client sends a valid EHLO
- command. This wastes a lot of resources when all the MAIL FROM
- or RCPT TO commands are rejected. </p>
-
-</ul>
-
-<p> Therefore, the Postfix SMTP server cannot be transparent with
-respect to the before-queue content filter. </p>
-
</body>
</html>
top-level directory and with arguments as shown next. </p>
<p> <b> NOTE: Do not use Gnu TLS. It will spontaneously terminate
-a process with exit status code 2, instead of properly reporting
-problems to Postfix, so that it can log them to the maillog file.
-</b> </p>
+a Postfix daemon process with exit status code 2, instead of allowing
+Postfix to 1) report the error to the maillog file, and to 2) provide
+plaintext service where this is appropriate. </b> </p>
<ul>
# <a href="postconf.5.html#relayhost">relayhost</a> exact nexthop match
[msa.example.net]:587 MUST
- # example.org (as nexthop) has MX hosts with broken TLS.
+ # TLS should not be used with the <i>example.org</i> MX hosts.
example.org NONE
- # Except for (as host) mx1.example.org which works.
- mx1.example.org MAY
+ # TLS should not be used with the host <i>smtp.example.com</i>.
+ smtp.example.com NONE
</pre>
</blockquote>
databases.
In order to use LDAP lookups, define an LDAP source as a
- lookup table in main.cf, for example:
+ lookup table in <a href="postconf.5.html">main.cf</a>, for example:
<a href="postconf.5.html#alias_maps">alias_maps</a> = <a href="ldap_table.5.html">ldap</a>:/etc/postfix/ldap-aliases.cf
The file /etc/postfix/ldap-aliases.cf has the same format
- as the Postfix main.cf file, and can specify the parame-
+ as the Postfix <a href="postconf.5.html">main.cf</a> file, and can specify the parame-
ters described below. An example is given at the end of
this manual.
<b>BACKWARDS COMPATIBILITY</b>
For backwards compatibility with Postfix version 2.0 and
- earlier, LDAP parameters can also be defined in main.cf.
+ earlier, LDAP parameters can also be defined in <a href="postconf.5.html">main.cf</a>.
Specify as LDAP source a name that doesn't begin with a
slash or a dot. The LDAP parameters will then be accessi-
ble as the name you've given the source in its definition,
an underscore, and the name of the parameter. For exam-
ple, if the map is specified as "<a href="ldap_table.5.html">ldap</a>:<i>ldapsource</i>", the
- "server_host" parameter below would be defined in main.cf
+ "server_host" parameter below would be defined in <a href="postconf.5.html">main.cf</a>
as "<i>ldapsource</i>_server_host".
Note: with this form, the passwords for the LDAP sources
- are written in main.cf, which is normally world-readable.
+ are written in <a href="postconf.5.html">main.cf</a>, which is normally world-readable.
Support for this form will be removed in a future Postfix
version.
Postfix 2.2 has enhanced query interfaces for MySQL and
- PostgreSQL, these now include features previously avail-
- able only in the Postfix LDAP client. This work also cre-
- ated an opportunity for improvements in the LDAP inter-
+ PostgreSQL. These include features that were previously
+ available only in the Postfix LDAP client. This work also
+ created an opportunity for improvements in the LDAP inter-
face. The primary compatibility issue is that <b>result_fil-</b>
<b>ter</b> (a name that has caused some confusion as to its mean-
ing in the past) has been renamed to <b>result_format</b>. For
you have to use this, you probably want to make the
map configuration file readable only by the Postfix
user. When using the obsolete <a href="ldap_table.5.html">ldap</a>:ldapsource syn-
- tax, with map parameters in main.cf, it is not pos-
+ tax, with map parameters in <a href="postconf.5.html">main.cf</a>, it is not pos-
sible to securely store the bind password. This is
- because main.cf needs to be world readable to allow
+ because <a href="postconf.5.html">main.cf</a> needs to be world readable to allow
local accounts to submit mail via the sendmail com-
mand. Example:
bind_pw = postfixpw
version = 3
If any of the Postfix programs querying the map is config-
- ured in master.cf to run chrooted, all the certificates
+ ured in <a href="master.5.html">master.cf</a> to run chrooted, all the certificates
and keys involved have to be copied to the chroot jail. Of
course, the private keys should only be readable by the
user "postfix".
<b>EXAMPLE</b>
Here's a basic example for using LDAP to look up <a href="local.8.html">local(8)</a>
- aliases. Assume that in main.cf, you have:
+ aliases. Assume that in <a href="postconf.5.html">main.cf</a>, you have:
<a href="postconf.5.html#alias_maps">alias_maps</a> = hash:/etc/aliases,
<a href="ldap_table.5.html">ldap</a>:/etc/postfix/ldap-aliases.cf
<pre>
<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28
<a href="postconf.5.html#mynetworks">mynetworks</a> = !192.168.0.1, 192.168.0.0/28
-<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:5c7::]/64
+<a href="postconf.5.html#mynetworks">mynetworks</a> = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
<a href="postconf.5.html#mynetworks">mynetworks</a> = $<a href="postconf.5.html#config_directory">config_directory</a>/mynetworks
<a href="postconf.5.html#mynetworks">mynetworks</a> = hash:/etc/postfix/network_table
</pre>
</pre>
+</DD>
+
+<DT><b><a name="smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a>
+(default: yes)</b></DT><DD>
+
+<p> Postpone the start of an SMTP mail transaction until a valid
+RCPT TO command is received. Specify "smtpd_delay_open_until_rcpt =
+yes" to create a mail transaction as soon as the SMTP server receives
+a valid MAIL FROM command. </p>
+
+<p> Postponing the start of a mail transaction reduces the use of
+disk, CPU and memory resources. The downside is that rejected
+recipients are logged with NOQUEUE instead of a mail transaction
+ID. This complicates the logfile analysis of multi-recipient mail.
+</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
+
+
</DD>
<DT><b><a name="smtpd_delay_reject">smtpd_delay_reject</a>
Options:
<b>-c</b> <i>config</i><b>_</b><i>dir</i>
- Read the <b>main.cf</b> configuration file in the named
+ Read the <a href="postconf.5.html"><b>main.cf</b></a> configuration file in the named
directory instead of the default configuration
directory.
Enable verbose logging for debugging purposes.
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
+ The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant
to this program. The text below provides only a parameter
summary. See <a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including exam-
ples.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
- master.cf configuration files.
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
<b>SEE ALSO</b>
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
will not send in the EHLO response to a remote SMTP
client.
+ <b><a href="postconf.5.html#smtpd_delay_open_until_valid_rcpt">smtpd_delay_open_until_valid_rcpt</a> (yes)</b>
+ Postpone the start of an SMTP mail transaction
+ until a valid RCPT TO command is received.
+
<b>ADDRESS REWRITING CONTROLS</b>
- See the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document for a detailed
+ See the <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a> document for a detailed
discussion of Postfix address rewriting.
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
- Enable or disable recipient validation, built-in
+ Enable or disable recipient validation, built-in
content filtering, or address mapping.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#local_header_rewrite_clients">local_header_rewrite_clients</a> (<a href="postconf.5.html#permit_inet_interfaces">permit_inet_interfaces</a>)</b>
Rewrite message header addresses in mail from these
- clients and update incomplete addresses with the
+ clients and update incomplete addresses with the
domain name in $<a href="postconf.5.html#myorigin">myorigin</a> or $<a href="postconf.5.html#mydomain">mydomain</a>; either don't
- rewrite message headers from other clients at all,
- or rewrite message headers and update incomplete
- addresses with the domain specified in the
+ rewrite message headers from other clients at all,
+ or rewrite message headers and update incomplete
+ addresses with the domain specified in the
<a href="postconf.5.html#remote_header_rewrite_domain">remote_header_rewrite_domain</a> parameter.
<b>AFTER QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
- As of version 1.0, Postfix can be configured to send new
- mail to an external content filter AFTER the mail is
- queued. This content filter is expected to inject mail
- back into a (Postfix or other) MTA for further delivery.
+ As of version 1.0, Postfix can be configured to send new
+ mail to an external content filter AFTER the mail is
+ queued. This content filter is expected to inject mail
+ back into a (Postfix or other) MTA for further delivery.
See the <a href="FILTER_README.html">FILTER_README</a> document for details.
<b><a href="postconf.5.html#content_filter">content_filter</a> (empty)</b>
- The name of a mail delivery transport that filters
+ The name of a mail delivery transport that filters
mail after it is queued.
<b>BEFORE QUEUE EXTERNAL CONTENT INSPECTION CONTROLS</b>
- As of version 2.1, the Postfix SMTP server can be config-
- ured to send incoming mail to a real-time SMTP-based con-
+ As of version 2.1, the Postfix SMTP server can be config-
+ ured to send incoming mail to a real-time SMTP-based con-
tent filter BEFORE mail is queued. This content filter is
- expected to inject mail back into Postfix. See the
- <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
+ expected to inject mail back into Postfix. See the
+ <a href="SMTPD_PROXY_README.html">SMTPD_PROXY_README</a> document for details on how to config-
ure and operate this feature.
<b><a href="postconf.5.html#smtpd_proxy_filter">smtpd_proxy_filter</a> (empty)</b>
- The hostname and TCP port of the mail filtering
+ The hostname and TCP port of the mail filtering
proxy server.
<b><a href="postconf.5.html#smtpd_proxy_ehlo">smtpd_proxy_ehlo</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
for sending or receiving information.
<b>GENERAL CONTENT INSPECTION CONTROLS</b>
- The following parameters are applicable for both built-in
+ The following parameters are applicable for both built-in
and external content filters.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#receive_override_options">receive_override_options</a> (empty)</b>
- Enable or disable recipient validation, built-in
+ Enable or disable recipient validation, built-in
content filtering, or address mapping.
<b>EXTERNAL CONTENT INSPECTION CONTROLS</b>
- The following parameters are applicable for both before-
+ The following parameters are applicable for both before-
queue and after-queue content filtering.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xforward_hosts">smtpd_authorized_xforward_hosts</a> (empty)</b>
- What SMTP clients are allowed to use the XFORWARD
+ What SMTP clients are allowed to use the XFORWARD
feature.
<b>SASL AUTHENTICATION CONTROLS</b>
- Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti-
- cate remote SMTP clients to the Postfix SMTP server, and
- to authenticate the Postfix SMTP client to a remote SMTP
+ Postfix SASL support (<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>) can be used to authenti-
+ cate remote SMTP clients to the Postfix SMTP server, and
+ to authenticate the Postfix SMTP client to a remote SMTP
server. See the <a href="SASL_README.html">SASL_README</a> document for details.
<b><a href="postconf.5.html#broken_sasl_auth_clients">broken_sasl_auth_clients</a> (no)</b>
- Enable inter-operability with SMTP clients that
- implement an obsolete version of the AUTH command
+ Enable inter-operability with SMTP clients that
+ implement an obsolete version of the AUTH command
(<a href="http://www.faqs.org/rfcs/rfc2554.html">RFC 2554</a>).
<b><a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a> (no)</b>
- Enable SASL authentication in the Postfix SMTP
+ Enable SASL authentication in the Postfix SMTP
server.
<b><a href="postconf.5.html#smtpd_sasl_local_domain">smtpd_sasl_local_domain</a> (empty)</b>
The name of the local SASL authentication realm.
<b><a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_security_options</a> (noanonymous)</b>
- SASL security options; as of Postfix 2.3 the list
- of available features depends on the SASL server
- implementation that is selected with
+ SASL security options; as of Postfix 2.3 the list
+ of available features depends on the SASL server
+ implementation that is selected with
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sender_login_maps">smtpd_sender_login_maps</a> (empty)</b>
- Optional lookup table with the SASL login names
+ Optional lookup table with the SASL login names
that own sender (MAIL FROM) addresses.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_sasl_exceptions_networks">smtpd_sasl_exceptions_networks</a> (empty)</b>
- What SMTP clients Postfix will not offer AUTH sup-
+ What SMTP clients Postfix will not offer AUTH sup-
port to.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtpd_sasl_authenticated_header">smtpd_sasl_authenticated_header</a> (no)</b>
- Report the SASL authenticated user name in the
+ Report the SASL authenticated user name in the
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> Received message header.
<b><a href="postconf.5.html#smtpd_sasl_path">smtpd_sasl_path</a> (smtpd)</b>
- Implementation-specific information that is passed
- through to the SASL plug-in implementation that is
+ Implementation-specific information that is passed
+ through to the SASL plug-in implementation that is
selected with <b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>.
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a> (cyrus)</b>
- The SASL plug-in type that the Postfix SMTP server
+ The SASL plug-in type that the Postfix SMTP server
should use for authentication.
<b>STARTTLS SUPPORT CONTROLS</b>
- Detailed information about STARTTLS configuration may be
+ Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtpd_use_tls">smtpd_use_tls</a> (no)</b>
- Opportunistic mode: announce STARTTLS support to
- SMTP clients, but do not require that clients use
+ Opportunistic mode: announce STARTTLS support to
+ SMTP clients, but do not require that clients use
TLS encryption.
<b><a href="postconf.5.html#smtpd_enforce_tls">smtpd_enforce_tls</a> (no)</b>
Enforcement mode: announce STARTTLS support to SMTP
- clients, and require that clients use TLS encryp-
+ clients, and require that clients use TLS encryp-
tion.
<b><a href="postconf.5.html#smtpd_sasl_tls_security_options">smtpd_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtpd_sasl_security_options">smtpd_sasl_secu</a>-</b>
<b><a href="postconf.5.html#smtpd_sasl_security_options">rity_options</a>)</b>
- The SASL authentication security options that the
- Postfix SMTP server uses for TLS encrypted SMTP
+ The SASL authentication security options that the
+ Postfix SMTP server uses for TLS encrypted SMTP
sessions.
<b><a href="postconf.5.html#smtpd_starttls_timeout">smtpd_starttls_timeout</a> (300s)</b>
- The time limit for Postfix SMTP server write and
- read operations during TLS startup and shutdown
+ The time limit for Postfix SMTP server write and
+ read operations during TLS startup and shutdown
handshake procedures.
<b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b>
- The file with the certificate of the certification
- authority (CA) that issued the Postfix SMTP server
+ The file with the certificate of the certification
+ authority (CA) that issued the Postfix SMTP server
certificate.
<b><a href="postconf.5.html#smtpd_tls_CAfile">smtpd_tls_CAfile</a> (empty)</b>
- The file with the certificate of the certification
- authority (CA) that issued the Postfix SMTP server
+ The file with the certificate of the certification
+ authority (CA) that issued the Postfix SMTP server
certificate.
<b><a href="postconf.5.html#smtpd_tls_ask_ccert">smtpd_tls_ask_ccert</a> (no)</b>
- Ask a remote SMTP client for a client certificate.
+ Ask a remote SMTP client for a client certificate.
<b><a href="postconf.5.html#smtpd_tls_auth_only">smtpd_tls_auth_only</a> (no)</b>
When TLS encryption is optional in the Postfix SMTP
- server, do not announce or accept SASL authentica-
+ server, do not announce or accept SASL authentica-
tion over unencrypted connections.
<b><a href="postconf.5.html#smtpd_tls_ccert_verifydepth">smtpd_tls_ccert_verifydepth</a> (5)</b>
- The verification depth for remote SMTP client cer-
+ The verification depth for remote SMTP client cer-
tificates.
<b><a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a> (empty)</b>
- File with the Postfix SMTP server RSA certificate
+ File with the Postfix SMTP server RSA certificate
in PEM format.
<b><a href="postconf.5.html#smtpd_tls_cipherlist">smtpd_tls_cipherlist</a> (empty)</b>
- Controls the Postfix SMTP server TLS cipher selec-
+ Controls the Postfix SMTP server TLS cipher selec-
tion scheme.
<b><a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a> (empty)</b>
- File with the Postfix SMTP server DSA certificate
+ File with the Postfix SMTP server DSA certificate
in PEM format.
<b><a href="postconf.5.html#smtpd_tls_dh1024_param_file">smtpd_tls_dh1024_param_file</a> (empty)</b>
- File with DH parameters that the Postfix SMTP
+ File with DH parameters that the Postfix SMTP
server should use with EDH ciphers.
<b><a href="postconf.5.html#smtpd_tls_dh512_param_file">smtpd_tls_dh512_param_file</a> (empty)</b>
- File with DH parameters that the Postfix SMTP
+ File with DH parameters that the Postfix SMTP
server should use with EDH ciphers.
<b><a href="postconf.5.html#smtpd_tls_dkey_file">smtpd_tls_dkey_file</a> ($<a href="postconf.5.html#smtpd_tls_dcert_file">smtpd_tls_dcert_file</a>)</b>
- File with the Postfix SMTP server DSA private key
+ File with the Postfix SMTP server DSA private key
in PEM format.
<b><a href="postconf.5.html#smtpd_tls_key_file">smtpd_tls_key_file</a> ($<a href="postconf.5.html#smtpd_tls_cert_file">smtpd_tls_cert_file</a>)</b>
- File with the Postfix SMTP server RSA private key
+ File with the Postfix SMTP server RSA private key
in PEM format.
<b><a href="postconf.5.html#smtpd_tls_loglevel">smtpd_tls_loglevel</a> (0)</b>
- Enable additional Postfix SMTP server logging of
+ Enable additional Postfix SMTP server logging of
TLS activity.
<b><a href="postconf.5.html#smtpd_tls_received_header">smtpd_tls_received_header</a> (no)</b>
Request that the Postfix SMTP server produces
Received: message headers that include information
- about the protocol and cipher used, as well as the
- client CommonName and client certificate issuer
+ about the protocol and cipher used, as well as the
+ client CommonName and client certificate issuer
CommonName.
<b><a href="postconf.5.html#smtpd_tls_req_ccert">smtpd_tls_req_ccert</a> (no)</b>
- When TLS encryption is enforced, require a remote
- SMTP client certificate in order to allow TLS con-
+ When TLS encryption is enforced, require a remote
+ SMTP client certificate in order to allow TLS con-
nections to proceed.
<b><a href="postconf.5.html#smtpd_tls_session_cache_database">smtpd_tls_session_cache_database</a> (empty)</b>
- Name of the file containing the optional Postfix
+ Name of the file containing the optional Postfix
SMTP server TLS session cache.
<b><a href="postconf.5.html#smtpd_tls_session_cache_timeout">smtpd_tls_session_cache_timeout</a> (3600s)</b>
sion cache information.
<b><a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a> (no)</b>
- Run the Postfix SMTP server in the non-standard
- "wrapper" mode, instead of using the STARTTLS com-
+ Run the Postfix SMTP server in the non-standard
+ "wrapper" mode, instead of using the STARTTLS com-
mand.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
- The
number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
- or
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
- server in order to seed its internal pseudo random
+ The
number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ or
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
+ server in order to seed its internal pseudo random
number generator (PRNG).
<b>VERP SUPPORT CONTROLS</b>
- With VERP style delivery, each recipient of a message
+ With VERP style delivery, each recipient of a message
receives a customized copy of the message with his/her own
- recipient address encoded in the envelope sender address.
+ recipient address encoded in the envelope sender address.
The <a href="VERP_README.html">VERP_README</a> file describes configuration and operation
- details of Postfix support for variable envelope return
+ details of Postfix support for variable envelope return
path addresses. VERP style delivery is requested with the
- SMTP XVERP command or with the "sendmail -V" command-line
- option and is available in Postfix version 1.1 and later.
+ SMTP XVERP command or with the "sendmail -V" command-line
+ option and is available in Postfix version 1.1 and later.
<b><a href="postconf.5.html#default_verp_delimiters">default_verp_delimiters</a> (+=)</b>
The two default VERP delimiter characters.
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
Available in Postfix version 1.1 and 2.0:
<b><a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
- What SMTP clients are allowed to specify the XVERP
+ What SMTP clients are allowed to specify the XVERP
command.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_verp_clients">smtpd_authorized_verp_clients</a> ($<a href="postconf.5.html#authorized_verp_clients">authorized_verp_clients</a>)</b>
- What SMTP clients are allowed to specify the XVERP
+ What SMTP clients are allowed to specify the XVERP
command.
<b>TROUBLE SHOOTING CONTROLS</b>
- The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of
- the Postfix mail system. The methods vary from making the
- software log a lot of detail, to running some daemon pro-
+ The <a href="DEBUG_README.html">DEBUG_README</a> document describes how to debug parts of
+ the Postfix mail system. The methods vary from making the
+ software log a lot of detail, to running some daemon pro-
cesses under control of a call tracer or debugger.
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications about
- mail delivery problems that are caused by policy,
+ The recipient of postmaster notifications about
+ mail delivery problems that are caused by policy,
resource, software or protocol errors.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
- The list of error classes that are reported to the
+ The list of error classes that are reported to the
postmaster.
<b><a href="postconf.5.html#soft_bounce">soft_bounce</a> (no)</b>
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_authorized_xclient_hosts">smtpd_authorized_xclient_hosts</a> (empty)</b>
- What SMTP clients are allowed to use the XCLIENT
+ What SMTP clients are allowed to use the XCLIENT
feature.
<b>KNOWN VERSUS UNKNOWN RECIPIENT CONTROLS</b>
- As of Postfix version 2.0, the SMTP server rejects mail
- for unknown recipients. This prevents the mail queue from
- clogging up with undeliverable MAILER-DAEMON messages.
- Additional information on this topic is in the
+ As of Postfix version 2.0, the SMTP server rejects mail
+ for unknown recipients. This prevents the mail queue from
+ clogging up with undeliverable MAILER-DAEMON messages.
+ Additional information on this topic is in the
<a href="LOCAL_RECIPIENT_README.html">LOCAL_RECIPIENT_README</a> and <a href="ADDRESS_CLASS_README.html">ADDRESS_CLASS_README</a> documents.
<b><a href="postconf.5.html#show_user_unknown_table_name">show_user_unknown_table_name</a> (yes)</b>
- Display the name of the recipient table in the
+ Display the name of the recipient table in the
"User unknown" responses.
<b><a href="postconf.5.html#canonical_maps">canonical_maps</a> (empty)</b>
- Optional address mapping lookup tables for message
+ Optional address mapping lookup tables for message
headers and envelopes.
<b><a href="postconf.5.html#recipient_canonical_maps">recipient_canonical_maps</a> (empty)</b>
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, local-</b>
<b>host)</b>
- The list of domains that are delivered via the
+ The list of domains that are delivered via the
$<a href="postconf.5.html#local_transport">local_transport</a> mail delivery transport.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail sys-
- tem receives mail on by way of a proxy or network
+ tem receives mail on by way of a proxy or network
address translation unit.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
- The Internet protocols Postfix will attempt to use
+ The Internet protocols Postfix will attempt to use
when making or accepting connections.
<b><a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> (<a href="proxymap.8.html">proxy</a>:unix:passwd.byname</b>
<b>$<a href="postconf.5.html#alias_maps">alias_maps</a>)</b>
- Lookup tables with all names or addresses of local
- recipients: a recipient address is local when its
- domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
+ Lookup tables with all names or addresses of local
+ recipients: a recipient address is local when its
+ domain matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or
$<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>.
<b><a href="postconf.5.html#unknown_local_recipient_reject_code">unknown_local_recipient_reject_code</a> (550)</b>
- The numerical Postfix SMTP server response code
- when a recipient address is local, and
- $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup
+ The numerical Postfix SMTP server response code
+ when a recipient address is local, and
+ $<a href="postconf.5.html#local_recipient_maps">local_recipient_maps</a> specifies a list of lookup
tables that does not match the recipient.
- Parameters concerning known/unknown recipients of relay
+ Parameters concerning known/unknown recipients of relay
destinations:
<b><a href="postconf.5.html#relay_domains">relay_domains</a> ($<a href="postconf.5.html#mydestination">mydestination</a>)</b>
- What destination domains (and subdomains thereof)
+ What destination domains (and subdomains thereof)
this system will relay mail to.
<b><a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> (empty)</b>
- Optional lookup tables with all valid addresses in
+ Optional lookup tables with all valid addresses in
the domains that match $<a href="postconf.5.html#relay_domains">relay_domains</a>.
<b><a href="postconf.5.html#unknown_relay_recipient_reject_code">unknown_relay_recipient_reject_code</a> (550)</b>
The numerical Postfix SMTP server reply code when a
- recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and
- <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup
+ recipient address matches $<a href="postconf.5.html#relay_domains">relay_domains</a>, and
+ <a href="postconf.5.html#relay_recipient_maps">relay_recipient_maps</a> specifies a list of lookup
tables that does not match the recipient address.
- Parameters concerning known/unknown recipients in virtual
+ Parameters concerning known/unknown recipients in virtual
alias domains:
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
Postfix is final destination for the specified list
- of virtual alias domains, that is, domains for
- which all addresses are aliased to addresses in
+ of virtual alias domains, that is, domains for
+ which all addresses are aliased to addresses in
other local or remote domains.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
- Optional lookup tables that alias specific mail
- addresses or domains to other local or remote
+ Optional lookup tables that alias specific mail
+ addresses or domains to other local or remote
address.
<b><a href="postconf.5.html#unknown_virtual_alias_reject_code">unknown_virtual_alias_reject_code</a> (550)</b>
The SMTP server reply code when a recipient address
- matches
$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>-
- <a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables
+ matches
$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, and $<a href="postconf.5.html#virtual_alias_maps">vir</a>-
+ <a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a> specifies a list of lookup tables
that does not match the recipient address.
- Parameters concerning known/unknown recipients in virtual
+ Parameters concerning known/unknown recipients in virtual
mailbox domains:
<b><a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a> ($<a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a>)</b>
Postfix is final destination for the specified list
- of
domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
+ of
domains; mail is delivered via the $<a href="postconf.5.html#virtual_transport">vir</a>-
<a href="postconf.5.html#virtual_transport">tual_transport</a> mail delivery transport.
<b><a href="postconf.5.html#virtual_mailbox_maps">virtual_mailbox_maps</a> (empty)</b>
- Optional lookup tables with all valid addresses in
+ Optional lookup tables with all valid addresses in
the domains that match $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
<b><a href="postconf.5.html#unknown_virtual_mailbox_reject_code">unknown_virtual_mailbox_reject_code</a> (550)</b>
The SMTP server reply code when a recipient address
- matches
$<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
+ matches
$<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and $<a href="postconf.5.html#virtual_mailbox_maps">vir</a>-
<a href="postconf.5.html#virtual_mailbox_maps">tual_mailbox_maps</a> specifies a list of lookup tables
that does not match the recipient address.
<b>RESOURCE AND RATE CONTROLS</b>
- The following parameters limit resource usage by the SMTP
+ The following parameters limit resource usage by the SMTP
server and/or control client request rates.
<b><a href="postconf.5.html#line_length_limit">line_length_limit</a> (2048)</b>
- Upon input, long lines are chopped up into pieces
- of at most this length; upon delivery, long lines
+ Upon input, long lines are chopped up into pieces
+ of at most this length; upon delivery, long lines
are reconstructed.
<b><a href="postconf.5.html#queue_minfree">queue_minfree</a> (0)</b>
- The minimal amount of free space in bytes in the
+ The minimal amount of free space in bytes in the
queue file system that is needed to receive mail.
<b><a href="postconf.5.html#message_size_limit">message_size_limit</a> (10240000)</b>
- The maximal size in bytes of a message, including
+ The maximal size in bytes of a message, including
envelope information.
<b><a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a> (1000)</b>
- The maximal number of recipients that the Postfix
+ The maximal number of recipients that the Postfix
SMTP server accepts per message delivery request.
<b><a href="postconf.5.html#smtpd_timeout">smtpd_timeout</a> (300s)</b>
- The time limit for sending a Postfix SMTP server
- response and for receiving a remote SMTP client
+ The time limit for sending a Postfix SMTP server
+ response and for receiving a remote SMTP client
request.
<b><a href="postconf.5.html#smtpd_history_flush_threshold">smtpd_history_flush_threshold</a> (100)</b>
- The maximal number of lines in the Postfix SMTP
- server command history before it is flushed upon
+ The maximal number of lines in the Postfix SMTP
+ server command history before it is flushed upon
receipt of EHLO, RSET, or end of DATA.
Available in Postfix version 2.3 and later:
<b><a href="postconf.5.html#smtpd_peername_lookup">smtpd_peername_lookup</a> (yes)</b>
- Attempt to look up the SMTP client hostname, and
+ Attempt to look up the SMTP client hostname, and
verify that the name matches the client IP address.
The per SMTP client connection count and request rate lim-
its are implemented in co-operation with the <a href="anvil.8.html"><b>anvil</b>(8)</a> ser-
- vice, and are available in Postfix version 2.2 and later.
+ vice, and are available in Postfix version 2.2 and later.
<b><a href="postconf.5.html#smtpd_client_connection_count_limit">smtpd_client_connection_count_limit</a> (50)</b>
- How many simultaneous connections any client is
+ How many simultaneous connections any client is
allowed to make to this service.
<b><a href="postconf.5.html#smtpd_client_connection_rate_limit">smtpd_client_connection_rate_limit</a> (0)</b>
The maximal number of connection attempts any
- client is allowed to make to this service per time
+ client is allowed to make to this service per time
unit.
<b><a href="postconf.5.html#smtpd_client_message_rate_limit">smtpd_client_message_rate_limit</a> (0)</b>
- The maximal number of message delivery requests
- that any client is allowed to make to this service
+ The maximal number of message delivery requests
+ that any client is allowed to make to this service
per time unit, regardless of whether or not Postfix
actually accepts those messages.
<b><a href="postconf.5.html#smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a> (0)</b>
- The maximal number of recipient addresses that any
- client is allowed to send to this service per time
+ The maximal number of recipient addresses that any
+ client is allowed to send to this service per time
unit, regardless of whether or not Postfix actually
accepts those recipients.
<b><a href="postconf.5.html#smtpd_client_event_limit_exceptions">smtpd_client_event_limit_exceptions</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
- Clients that are excluded from connection count,
+ Clients that are excluded from connection count,
connection rate, or SMTP request rate restrictions.
Available in Postfix version 2.3 and later:
tiate with this service per time unit.
<b>TARPIT CONTROLS</b>
- When a remote SMTP client makes errors, the Postfix SMTP
- server can insert delays before responding. This can help
- to slow down run-away software. The behavior is con-
- trolled by an error counter that counts the number of
- errors within an SMTP session that a client makes without
+ When a remote SMTP client makes errors, the Postfix SMTP
+ server can insert delays before responding. This can help
+ to slow down run-away software. The behavior is con-
+ trolled by an error counter that counts the number of
+ errors within an SMTP session that a client makes without
delivering mail.
<b><a href="postconf.5.html#smtpd_error_sleep_time">smtpd_error_sleep_time</a> (1s)</b>
With Postfix version 2.1 and later: the SMTP server
- response delay after a client has made more than
- $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than
- $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering
+ response delay after a client has made more than
+ $<a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> errors, and fewer than
+ $<a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> errors, without delivering
mail.
<b><a href="postconf.5.html#smtpd_soft_error_limit">smtpd_soft_error_limit</a> (10)</b>
- The number of errors a remote SMTP client is
- allowed to make without delivering mail before the
+ The number of errors a remote SMTP client is
+ allowed to make without delivering mail before the
Postfix SMTP server slows down all its responses.
<b><a href="postconf.5.html#smtpd_hard_error_limit">smtpd_hard_error_limit</a> (20)</b>
- The maximal number of errors a remote SMTP client
+ The maximal number of errors a remote SMTP client
is allowed to make without delivering mail.
<b><a href="postconf.5.html#smtpd_junk_command_limit">smtpd_junk_command_limit</a> (100)</b>
- The number of junk commands (NOOP, VRFY, ETRN or
+ The number of junk commands (NOOP, VRFY, ETRN or
RSET) that a remote SMTP client can send before the
- Postfix SMTP server starts to increment the error
+ Postfix SMTP server starts to increment the error
counter with each junk command.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_recipient_overshoot_limit">smtpd_recipient_overshoot_limit</a> (1000)</b>
- The number of recipients that a remote SMTP client
- can send in excess of the limit specified with
+ The number of recipients that a remote SMTP client
+ can send in excess of the limit specified with
$<a href="postconf.5.html#smtpd_recipient_limit">smtpd_recipient_limit</a>, before the Postfix SMTP
- server increments the per-session error count for
+ server increments the per-session error count for
each excess recipient.
<b>ACCESS POLICY DELEGATION CONTROLS</b>
- As of version 2.1, Postfix can be configured to delegate
- access policy decisions to an external server that runs
- outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
+ As of version 2.1, Postfix can be configured to delegate
+ access policy decisions to an external server that runs
+ outside Postfix. See the file <a href="SMTPD_POLICY_README.html">SMTPD_POLICY_README</a> for
more information.
<b><a href="postconf.5.html#smtpd_policy_service_max_idle">smtpd_policy_service_max_idle</a> (300s)</b>
- The time after which an idle SMTPD policy service
+ The time after which an idle SMTPD policy service
connection is closed.
<b><a href="postconf.5.html#smtpd_policy_service_max_ttl">smtpd_policy_service_max_ttl</a> (1000s)</b>
connection is closed.
<b><a href="postconf.5.html#smtpd_policy_service_timeout">smtpd_policy_service_timeout</a> (100s)</b>
- The time limit for connecting to, writing to or
+ The time limit for connecting to, writing to or
receiving from a delegated SMTPD policy server.
<b>ACCESS CONTROLS</b>
- The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
+ The <a href="SMTPD_ACCESS_README.html">SMTPD_ACCESS_README</a> document gives an introduction to
all the SMTP server access control features.
<b><a href="postconf.5.html#smtpd_delay_reject">smtpd_delay_reject</a> (yes)</b>
- Wait until the RCPT TO command before evaluating
+ Wait until the RCPT TO command before evaluating
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a>, $smtpd_helo_restric-
tions and $<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a>, or wait until
- the ETRN command before evaluating
+ the ETRN command before evaluating
$<a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> and $smtpd_helo_restric-
tions.
- <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b>
+ <b><a href="postconf.5.html#parent_domain_matches_subdomains">parent_domain_matches_subdomains</a> (see 'postconf -d' out-</b>
<b>put)</b>
What Postfix features match subdomains of
"domain.tld" automatically, instead of requiring an
explicit ".domain.tld" pattern.
<b><a href="postconf.5.html#smtpd_client_restrictions">smtpd_client_restrictions</a> (empty)</b>
- Optional SMTP server access restrictions in the
+ Optional SMTP server access restrictions in the
context of a client SMTP connection request.
<b><a href="postconf.5.html#smtpd_helo_required">smtpd_helo_required</a> (no)</b>
Require that a remote SMTP client introduces itself
- at the beginning of an SMTP session with the HELO
+ at the beginning of an SMTP session with the HELO
or EHLO command.
<b><a href="postconf.5.html#smtpd_helo_restrictions">smtpd_helo_restrictions</a> (empty)</b>
- Optional restrictions that the Postfix SMTP server
+ Optional restrictions that the Postfix SMTP server
applies in the context of the SMTP HELO command.
<b><a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> (empty)</b>
- Optional restrictions that the Postfix SMTP server
+ Optional restrictions that the Postfix SMTP server
applies in the context of the MAIL FROM command.
<b><a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> (<a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,</b>
<b><a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b>
The access restrictions that the Postfix SMTP
- server applies in the context of the RCPT TO com-
+ server applies in the context of the RCPT TO com-
mand.
<b><a href="postconf.5.html#smtpd_etrn_restrictions">smtpd_etrn_restrictions</a> (empty)</b>
- Optional SMTP server access restrictions in the
+ Optional SMTP server access restrictions in the
context of a client ETRN request.
<b><a href="postconf.5.html#allow_untrusted_routing">allow_untrusted_routing</a> (no)</b>
- Forward mail with sender-specified routing
- (user[@%!]remote[@%!]site) from untrusted clients
+ Forward mail with sender-specified routing
+ (user[@%!]remote[@%!]site) from untrusted clients
to destinations matching $<a href="postconf.5.html#relay_domains">relay_domains</a>.
<b><a href="postconf.5.html#smtpd_restriction_classes">smtpd_restriction_classes</a> (empty)</b>
- User-defined aliases for groups of access restric-
+ User-defined aliases for groups of access restric-
tions.
<b><a href="postconf.5.html#smtpd_null_access_lookup_key">smtpd_null_access_lookup_key</a> (</b><><b>)</b>
- The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables
+ The lookup key to be used in SMTP <a href="access.5.html"><b>access</b>(5)</a> tables
instead of the null sender address.
<b><a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> (empty)</b>
Restrict the use of the <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> SMTP
- access feature to only domains whose primary MX
+ access feature to only domains whose primary MX
hosts match the listed networks.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#smtpd_data_restrictions">smtpd_data_restrictions</a> (empty)</b>
- Optional access restrictions that the Postfix SMTP
+ Optional access restrictions that the Postfix SMTP
server applies in the context of the SMTP DATA com-
mand.
<b><a href="postconf.5.html#smtpd_expansion_filter">smtpd_expansion_filter</a> (see 'postconf -d' output)</b>
- What characters are allowed in $name expansions of
+ What characters are allowed in $name expansions of
RBL reply templates.
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtpd_reject_unlisted_sender">smtpd_reject_unlisted_sender</a> (no)</b>
- Request that the Postfix SMTP server rejects mail
- from unknown sender addresses, even when no
- explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
+ Request that the Postfix SMTP server rejects mail
+ from unknown sender addresses, even when no
+ explicit <a href="postconf.5.html#reject_unlisted_sender">reject_unlisted_sender</a> access restriction
is specified.
<b><a href="postconf.5.html#smtpd_reject_unlisted_recipient">smtpd_reject_unlisted_recipient</a> (yes)</b>
- Request that the Postfix SMTP server rejects mail
+ Request that the Postfix SMTP server rejects mail
for unknown recipient addresses, even when no
- explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
+ explicit <a href="postconf.5.html#reject_unlisted_recipient">reject_unlisted_recipient</a> access restric-
tion is specified.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtpd_end_of_data_restrictions">smtpd_end_of_data_restrictions</a> (empty)</b>
- Optional access restrictions that the Postfix SMTP
- server applies in the context of the SMTP END-OF-
+ Optional access restrictions that the Postfix SMTP
+ server applies in the context of the SMTP END-OF-
DATA command.
<b>SENDER AND RECIPIENT ADDRESS VERIFICATION CONTROLS</b>
- Postfix version 2.1 introduces sender and recipient
- address verification. This feature is implemented by
- sending probe email messages that are not actually deliv-
- ered.
This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
- <a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
- restrictions. The status of verification probes is main-
+ Postfix version 2.1 introduces sender and recipient
+ address verification. This feature is implemented by
+ sending probe email messages that are not actually deliv-
+ ered.
This feature is requested via the <a href="postconf.5.html#reject_unverified_sender">reject_unveri</a>-
+ <a href="postconf.5.html#reject_unverified_sender">fied_sender</a> and <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> access
+ restrictions. The status of verification probes is main-
tained by the <a href="verify.8.html"><b>verify</b>(8)</a> server. See the file <a href="ADDRESS_VERIFICATION_README.html">ADDRESS_VER</a>-
- <a href="ADDRESS_VERIFICATION_README.html">IFICATION_README</a> for information about how to configure
+ <a href="ADDRESS_VERIFICATION_README.html">IFICATION_README</a> for information about how to configure
and operate the Postfix sender/recipient address verifica-
tion service.
<b><a href="postconf.5.html#address_verify_poll_count">address_verify_poll_count</a> (3)</b>
- How many times to query the <a href="verify.8.html"><b>verify</b>(8)</a> service for
- the completion of an address verification request
+ How many times to query the <a href="verify.8.html"><b>verify</b>(8)</a> service for
+ the completion of an address verification request
in progress.
<b><a href="postconf.5.html#address_verify_poll_delay">address_verify_poll_delay</a> (3s)</b>
- The delay between queries for the completion of an
+ The delay between queries for the completion of an
address verification request in progress.
<b><a href="postconf.5.html#address_verify_sender">address_verify_sender</a> (postmaster)</b>
- The sender address to use in address verification
+ The sender address to use in address verification
probes.
<b><a href="postconf.5.html#unverified_sender_reject_code">unverified_sender_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a recipient address is rejected by the
+ The numerical Postfix SMTP server response code
+ when a recipient address is rejected by the
<a href="postconf.5.html#reject_unverified_sender">reject_unverified_sender</a> restriction.
<b><a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response when a
+ The numerical Postfix SMTP server response when a
recipient address is rejected by the <a href="postconf.5.html#reject_unverified_recipient">reject_unveri</a>-
<a href="postconf.5.html#reject_unverified_recipient">fied_recipient</a> restriction.
<b>ACCESS CONTROL RESPONSES</b>
- The following parameters control numerical SMTP reply
+ The following parameters control numerical SMTP reply
codes and/or text responses.
<b><a href="postconf.5.html#access_map_reject_code">access_map_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a client is rejected by an <a href="access.5.html"><b>access</b>(5)</a> map
+ The numerical Postfix SMTP server response code
+ when a client is rejected by an <a href="access.5.html"><b>access</b>(5)</a> map
restriction.
<b><a href="postconf.5.html#defer_code">defer_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a remote SMTP client request is rejected by
+ The numerical Postfix SMTP server response code
+ when a remote SMTP client request is rejected by
the "defer" restriction.
<b><a href="postconf.5.html#invalid_hostname_reject_code">invalid_hostname_reject_code</a> (501)</b>
- The numerical Postfix SMTP server response code
- when the client HELO or EHLO command parameter is
- rejected
by the <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
+ The numerical Postfix SMTP server response code
+ when the client HELO or EHLO command parameter is
+ rejected
by the <a href="postconf.5.html#reject_invalid_helo_hostname">reject_invalid_helo_hostname</a>
restriction.
<b><a href="postconf.5.html#maps_rbl_reject_code">maps_rbl_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
+ The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a>, <a href="postconf.5.html#reject_rhsbl_client">reject_rhsbl_client</a>,
<a href="postconf.5.html#reject_rhsbl_sender">reject_rhsbl_sender</a> or <a href="postconf.5.html#reject_rhsbl_recipient">reject_rhsbl_recipient</a>
<b><a href="postconf.5.html#non_fqdn_reject_code">non_fqdn_reject_code</a> (504)</b>
The numerical Postfix SMTP server reply code when a
- client request is rejected by the
+ client request is rejected by the
<a href="postconf.5.html#reject_non_fqdn_helo_hostname">reject_non_fqdn_helo_hostname</a>,
<a href="postconf.5.html#reject_non_fqdn_sender">reject_non_fqdn_sender</a> or <a href="postconf.5.html#reject_non_fqdn_recipient">reject_non_fqdn_recipient</a>
restriction.
<b><a href="postconf.5.html#plaintext_reject_code">plaintext_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a request is rejected by the <b>reject_plain-</b>
+ The numerical Postfix SMTP server response code
+ when a request is rejected by the <b>reject_plain-</b>
<b>text_session</b> restriction.
<b><a href="postconf.5.html#reject_code">reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a remote SMTP client request is rejected by
+ The numerical Postfix SMTP server response code
+ when a remote SMTP client request is rejected by
the "reject" restriction.
<b><a href="postconf.5.html#relay_domains_reject_code">relay_domains_reject_code</a> (554)</b>
- The numerical Postfix SMTP server response code
- when a client request is rejected by the
+ The numerical Postfix SMTP server response code
+ when a client request is rejected by the
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a> recipient restriction.
<b><a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a sender or recipient address is rejected by
+ The numerical Postfix SMTP server response code
+ when a sender or recipient address is rejected by
the <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a> or
<a href="postconf.5.html#reject_unknown_recipient_domain">reject_unknown_recipient_domain</a> restriction.
<b><a href="postconf.5.html#unknown_client_reject_code">unknown_client_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when a client without valid address <=> name map-
+ The numerical Postfix SMTP server response code
+ when a client without valid address <=> name map-
ping is rejected by the reject_unknown_client_host-
name restriction.
<b><a href="postconf.5.html#unknown_hostname_reject_code">unknown_hostname_reject_code</a> (450)</b>
- The numerical Postfix SMTP server response code
- when the hostname specified with the HELO or EHLO
- command is rejected by the
+ The numerical Postfix SMTP server response code
+ when the hostname specified with the HELO or EHLO
+ command is rejected by the
<a href="postconf.5.html#reject_unknown_helo_hostname">reject_unknown_helo_hostname</a> restriction.
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> (see 'postconf -d' output)</b>
- The default SMTP server response template for a
- request that is rejected by an RBL-based restric-
+ The default SMTP server response template for a
+ request that is rejected by an RBL-based restric-
tion.
<b><a href="postconf.5.html#multi_recipient_bounce_reject_code">multi_recipient_bounce_reject_code</a> (550)</b>
- The numerical Postfix SMTP server response code
+ The numerical Postfix SMTP server response code
when a remote SMTP client request is blocked by the
<a href="postconf.5.html#reject_multi_recipient_bounce">reject_multi_recipient_bounce</a> restriction.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#command_directory">command_directory</a> (see 'postconf -d' output)</b>
- The location of all postfix administrative com-
+ The location of all postfix administrative com-
mands.
<b><a href="postconf.5.html#double_bounce_sender">double_bounce_sender</a> (double-bounce)</b>
and most Postfix daemon processes.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#myhostname">myhostname</a> (see 'postconf -d' output)</b>
The internet hostname of this mail system.
<b><a href="postconf.5.html#mynetworks">mynetworks</a> (see 'postconf -d' output)</b>
- The list of "trusted" SMTP clients that have more
+ The list of "trusted" SMTP clients that have more
privileges than "strangers".
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to
- come from, and that locally posted mail is deliv-
+ come from, and that locally posted mail is deliv-
ered to.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon
+ The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> (empty)</b>
sions (user+foo).
<b><a href="postconf.5.html#smtpd_banner">smtpd_banner</a> ($<a href="postconf.5.html#myhostname">myhostname</a> ESMTP $<a href="postconf.5.html#mail_name">mail_name</a>)</b>
- The text that follows the 220 status code in the
+ The text that follows the 220 status code in the
SMTP greeting banner.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtpd_forbidden_commands">smtpd_forbidden_commands</a> (CONNECT, GET, POST)</b>
- List of commands that causes the Postfix SMTP
- server to immediately terminate the session with a
+ List of commands that causes the Postfix SMTP
+ server to immediately terminate the session with a
221 code.
<b>SEE ALSO</b>
<a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
written in main.cf, which is normally world-readable. Support
for this form will be removed in a future Postfix version.
-Postfix 2.2 has enhanced query interfaces for MySQL and PostgreSQL,
-these now include features previously available only in the
+Postfix 2.2 has enhanced query interfaces for MySQL and PostgreSQL.
+These include features that were previously available only in the
Postfix LDAP client. This work also created an opportunity for
improvements in the LDAP interface. The primary compatibility
issue is that \fBresult_filter\fR (a name that has caused some
.ft C
mynetworks = 127.0.0.0/8 168.100.189.0/28
mynetworks = !192.168.0.1, 192.168.0.0/28
-mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:5c7::]/64
+mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table
.fi
.fi
.ad
.ft R
+.SH smtpd_delay_open_until_valid_rcpt (default: yes)
+Postpone the start of an SMTP mail transaction until a valid
+RCPT TO command is received. Specify "smtpd_delay_open_until_rcpt =
+yes" to create a mail transaction as soon as the SMTP server receives
+a valid MAIL FROM command.
+.PP
+Postponing the start of a mail transaction reduces the use of
+disk, CPU and memory resources. The downside is that rejected
+recipients are logged with NOQUEUE instead of a mail transaction
+ID. This complicates the logfile analysis of multi-recipient mail.
+.PP
+This feature is available in Postfix 2.3 and later.
.SH smtpd_delay_reject (default: yes)
Wait until the RCPT TO command before evaluating
$smtpd_client_restrictions, $smtpd_helo_restrictions and
A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP server will not send in the EHLO response
to a remote SMTP client.
+.IP "\fBsmtpd_delay_open_until_valid_rcpt (yes)\fR"
+Postpone the start of an SMTP mail transaction until a valid
+RCPT TO command is received.
.SH "ADDRESS REWRITING CONTROLS"
.na
.nf
-#!/bin/sh
-
-perl -e '
+#!/usr/bin/perl
$printit++ unless $nflag;
s;\bsmtpd_client_new_tls_session_rate_limit\b;<a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">$&</a>;g;
s;\bsmtpd_client_restrictions\b;<a href="postconf.5.html#smtpd_client_restrictions">$&</a>;g;
s;\bsmtpd_data_restrictions\b;<a href="postconf.5.html#smtpd_data_restrictions">$&</a>;g;
+ s;\bsmtpd_delay_open_until_valid_rcpt\b;<a href="postconf.5.html#smtpd_delay_open_until_valid_rcpt">$&</a>;g;
s;\bsmtpd_delay_reject\b;<a href="postconf.5.html#smtpd_delay_reject">$&</a>;g;
s;\bsmtpd_discard_ehlo_keyword_address_maps\b;<a href="postconf.5.html#smtpd_discard_ehlo_keyword_address_maps">$&</a>;g;
s;\bsmtpd_discard_ehlo_keywords\b;<a href="postconf.5.html#smtpd_discard_ehlo_keywords">$&</a>;g;
else
{ $printit++ unless $nflag; }
}
-
-' "$@"
<blockquote>
<pre>
/etc/postfix/main.cf:
- smtp_bind_address6 = 2001:240:5c7:0:250:56ff:fe89:1
+ smtp_bind_address6 = 2001:240:587:0:250:56ff:fe89:1
</pre>
</blockquote>
<blockquote>
<pre>
% postconf mynetworks
-mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:5c7::]/64
+mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [fe80::]/10 [2001:240:587::]/64
</pre>
</blockquote>
<blockquote>
<pre>
/etc/postfix/main.cf:
- mynetworks = ...<i>IPv4 networks</i>... [::1]/128 [2001:240:5c7::]/64 ...
+ mynetworks = ...<i>IPv4 networks</i>... [::1]/128 [2001:240:587::]/64 ...
</pre>
</blockquote>
168.100.189.2/255.255.255.224
127.0.0.1/255.0.0.0
fe80:1::2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
-2001:240:5c7:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
+2001:240:587:0:2d0:b7ff:fe88:2ca7/ffff:ffff:ffff:ffff::
fe80:5::1/ffff:ffff:ffff:ffff::
::1/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
</pre>
while qmgr(8) uses simple FIFO, except for some preemptive magic.
The postconf(5) manual documents all the knobs the user
can use to control this preemptive magic - there is nothing else
-to the preemption than the quite simple conditions described below.
+to the preemption than the quite simple conditions described in there.
</p>
<p> As for programmer-level documentation, this will have to be
<li><a href="#protocol">How Postfix talks to the before-queue content
filter</a>
-<li><a href="#transparency">Transparency</a>
-
</ul>
<h2><a name="principles">Principles of operation</a></h2>
-<p> The before-filter Postfix SMTP server receives mail from the
+<p> The before-filter Postfix SMTP server accepts connections from the
Internet and does the usual relay access control, SASL authentication,
+TLS negotiation,
RBL lookups, rejecting non-existent sender or recipient addresses,
etc. The before-queue filter receives unfiltered mail content from
Postfix and does one of the following: </p>
the remote client IP address instead of localhost[127.0.0.1]), DATA
and QUIT commands, and forwards unmodified copies of all the MAIL
FROM and RCPT TO commands that the before-filter Postfix SMTP server
-didn't reject itself. The SMTP proxy server should accept the same
-MAIL FROM and RCPT TO command syntax as the Postfix SMTP server.
+didn't reject itself.
Postfix sends no other SMTP commands. </p>
-<p> The content filter is expected to pass on unmodified SMTP
-commands from a before-filter Postfix SMTP server to an after-filter
-Postfix SMTP server that usually listens on a non-standard port.
-When the filter rejects content, it should send a negative SMTP
+<p> The content filter should accept the same MAIL FROM and RCPT
+TO command syntax as the before-filter Postfix SMTP server, and
+should forward the commands without modification to the after-filter
+SMTP server. If the content filter or after-filter SMTP server
+does not support all the ESMTP features that the before-filter
+Postfix SMTP server supports, then the missing features must be
+turned off in the before-filter Postfix SMTP server with the
+smtpd_discard_ehlo_keywords parameter. </p>
+
+<p> When the filter rejects content, it should send a negative SMTP
response back to the before-filter Postfix SMTP server, and it
should abort the connection with the after-filter Postfix SMTP
server without completing the SMTP conversation with the after-filter
Postfix SMTP server. </p>
-<p> More detail on the postfix-to-proxy interaction is in the
-section titled "<a href="#transparency">Transparency</a>". </p>
-
-<h2><a name="transparency">Transparency</a></h2>
-
-<p> The before-filter Postfix SMTP server forwards the MAIL FROM,
-RCPT TO and DATA commands that it has approved, but it does not
-forward other commands such as TLS or SASL commands. It can
-therefore not be transparent. </p>
-
-<p> The real-time content filter, on the other hand, has to be
-transparent. In order to support non-transparent real-time content
-filters, Postfix would have to reconcile the before-filter Postfix
-ESMTP feature set with the feature set that Postfix receives from
-the real-time content filter. </p>
-
-<ul>
-
- <li> <p> When a future Postfix version supports DSN, but the
- content filter does not announce DSN support in the EHLO reply,
- then the before-filter SMTP server would have to either 1)
- suppress the DSN feature in its EHLO announcement, or 2)
- duplicate all the work that needs to be done when delivering
- DSN-aware mail to a non-DSN destination. </p>
-
- <li> <p> When the content filter does not announce 8BITMIME
- support in the EHLO reply, then the before-filter SMTP server
- would have to either 1) suppress the 8BITMIME feature in its
- EHLO announcement, or 2) convert the content to quoted-printable
- before giving it to the content filter. </p>
-
- <li> <p> Performance: when Postfix has to suppress elements
- from the before-filter EHLO reply because they are incompatible
- with the real-time content filter, then Postfix has to connect
- to the content filter as soon as the client sends a valid EHLO
- command. This wastes a lot of resources when all the MAIL FROM
- or RCPT TO commands are rejected. </p>
-
-</ul>
-
-<p> Therefore, the Postfix SMTP server cannot be transparent with
-respect to the before-queue content filter. </p>
-
</body>
</html>
top-level directory and with arguments as shown next. </p>
<p> <b> NOTE: Do not use Gnu TLS. It will spontaneously terminate
-a process with exit status code 2, instead of properly reporting
-problems to Postfix, so that it can log them to the maillog file.
-</b> </p>
+a Postfix daemon process with exit status code 2, instead of allowing
+Postfix to 1) report the error to the maillog file, and to 2) provide
+plaintext service where this is appropriate. </b> </p>
<ul>
# relayhost exact nexthop match
[msa.example.net]:587 MUST
- # example.org (as nexthop) has MX hosts with broken TLS.
+ # TLS should not be used with the <i>example.org</i> MX hosts.
example.org NONE
- # Except for (as host) mx1.example.org which works.
- mx1.example.org MAY
+ # TLS should not be used with the host <i>smtp.example.com</i>.
+ smtp.example.com NONE
</pre>
</blockquote>
# written in main.cf, which is normally world-readable. Support
# for this form will be removed in a future Postfix version.
#
-# Postfix 2.2 has enhanced query interfaces for MySQL and PostgreSQL,
-# these now include features previously available only in the
+# Postfix 2.2 has enhanced query interfaces for MySQL and PostgreSQL.
+# These include features that were previously available only in the
# Postfix LDAP client. This work also created an opportunity for
# improvements in the LDAP interface. The primary compatibility
# issue is that \fBresult_filter\fR (a name that has caused some
<pre>
mynetworks = 127.0.0.0/8 168.100.189.0/28
mynetworks = !192.168.0.1, 192.168.0.0/28
-mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:5c7::]/64
+mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table
</pre>
See there for details. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
+
+%PARAM smtpd_delay_open_until_valid_rcpt yes
+
+<p> Postpone the start of an SMTP mail transaction until a valid
+RCPT TO command is received. Specify "smtpd_delay_open_until_rcpt =
+yes" to create a mail transaction as soon as the SMTP server receives
+a valid MAIL FROM command. </p>
+
+<p> Postponing the start of a mail transaction reduces the use of
+disk, CPU and memory resources. The downside is that rejected
+recipients are logged with NOQUEUE instead of a mail transaction
+ID. This complicates the logfile analysis of multi-recipient mail.
+</p>
+
+<p> This feature is available in Postfix 2.3 and later. </p>
* XXX: When delivering to a non-incoming queue, do not consume
* in_flow tokens. Unfortunately we can't move the code that
* consumes tokens until after the mail is received, because that
- * would increase the risk of duplicate deliveries.
+ * would increase the risk of duplicate deliveries (RFC 1047).
*/
(void) mail_flow_put(1);
}
state->errs = mail_stream_finish(state->handle, (VSTRING *) 0);
} else {
+
+ /*
+ * XXX: When discarding mail, should we consume in_flow tokens? See
+ * also the comments above for mail that is placed on hold.
+ */
+#if 0
+ (void) mail_flow_put(1);
+#endif
mail_stream_cleanup(state->handle);
}
state->handle = 0;
tests: tok822_test mime_test mime_nest mime_8bit mime_dom mime_trunc \
mime_cvt mime_cvt2 mime_cvt3 strip_addr_test tok822_limit_test \
xtext_test scache_multi_test ehlo_mask_test \
- namadr_list_test
+ namadr_list_test mail_conf_time_test
root_tests: rewrite_clnt_test resolve_clnt_test
diff namadr_list.ref namadr_list.tmp
rm -f namadr_list.tmp
+mail_conf_time_test: mail_conf_time mail_conf_time.ref
+ ./mail_conf_time >mail_conf_time.tmp
+ diff mail_conf_time.ref mail_conf_time.tmp
+ rm -f mail_conf_time.tmp
+
printfck: $(OBJS) $(PROG)
rm -rf printfck
mkdir printfck
/* SYNOPSIS
/* #include <conv_time.h>
/*
-/* int conv_time(strval, intval, def_unit);
+/* int conv_time(strval, timval, def_unit);
/* const char *strval;
-/* int *intval;
+/* int *timval;
/* int def_unit;
/* DESCRIPTION
/* conv_time() converts a numerical time value with optional
/* Arguments:
/* .IP strval
/* Input value.
-/* .IP intval
+/* .IP timval
/* Result pointer.
/* .IP def_unit
/* The default time unit suffix character.
/* System library. */
#include <sys_defs.h>
+#include <limits.h> /* INT_MAX */
#include <stdio.h> /* sscanf() */
/* Utility library. */
/* conv_time - convert time value */
-int conv_time(const char *strval, int *intval, int def_unit)
+int conv_time(const char *strval, int *timval, int def_unit)
{
char unit;
char junk;
+ int intval;
- switch (sscanf(strval, "%d%c%c", intval, &unit, &junk)) {
+ switch (sscanf(strval, "%d%c%c", &intval, &unit, &junk)) {
case 1:
unit = def_unit;
case 2:
+ if (intval < 0)
+ return (0);
switch (unit) {
case 'w':
- *intval *= WEEK;
- return (1);
+ if (intval < INT_MAX / WEEK) {
+ *timval = intval * WEEK;
+ return (1);
+ } else {
+ return (0);
+ }
case 'd':
- *intval *= DAY;
- return (1);
+ if (intval < INT_MAX / DAY) {
+ *timval = intval * DAY;
+ return (1);
+ } else {
+ return (0);
+ }
case 'h':
- *intval *= HOUR;
- return (1);
+ if (intval < INT_MAX / HOUR) {
+ *timval = intval * HOUR;
+ return (1);
+ } else {
+ return (0);
+ }
case 'm':
- *intval *= MINUTE;
- return (1);
+ if (intval < INT_MAX / MINUTE) {
+ *timval = intval * MINUTE;
+ return (1);
+ } else {
+ return (0);
+ }
case 's':
+ *timval = intval;
return (1);
}
}
break;
case '1': case '2': case '3': case '4': case '5':
case '6': case '7': case '8': case '9':
+ /*
+ * Find highest %[1-9] index in query template. Input keys
+ * will be constrained to those with at least this many
+ * domain components. This makes the db_common_expand()
+ * code safe from invalid inputs.
+ */
if (ctx->nparts < *cp - '0')
ctx->nparts = *cp - '0';
/* FALLTHROUGH */
if (ctx->nparts > 0) {
parts = argv_split(key ? kdomain : vdomain, ".");
/*
- * Skip domains that lack enough labels to fill-in the template.
+ * Filter out input keys whose domains lack enough labels
+ * to fill-in the query template. See below and also
+ * db_common_parse() which initializes ctx->nparts.
*/
if (parts->argc < ctx->nparts) {
argv_free(parts);
case '1': case '2': case '3': case '4': case '5':
case '6': case '7': case '8': case '9':
+ /*
+ * Interpolate %[1-9] components into the query string.
+ * By this point db_common_parse() has identified the
+ * highest component index, and (see above) keys with
+ * fewer components have been filtered out. The "parts"
+ * ARGV is guaranteed to be initialized and hold enough
+ * elements to satisfy the query template.
+ */
QUOTE_VAL(ctx->dict, quote_func,
parts->argv[parts->argc-(*cp-'0')], result);
break;
#define DEL_REQ_FLAG_SUCCESS (1<<0) /* delete successful recipients */
#define DEL_REQ_FLAG_BOUNCE (1<<1) /* unimplemented */
-#define DEL_REQ_FLAG_MTA_VRFY (1<<8) /* verify recipient, don't deliver */
-#define DEL_REQ_FLAG_USR_VRFY (1<<9) /* verify expansion, don't deliver */
+#define DEL_REQ_FLAG_MTA_VRFY (1<<8) /* MTA-requested address probe */
+#define DEL_REQ_FLAG_USR_VRFY (1<<9) /* user-requested address probe */
#define DEL_REQ_FLAG_RECORD (1<<10) /* record and deliver */
#define DEL_REQ_FLAG_SCACHE (1<<11) /* opportunistic caching */
if ((strval = mail_conf_lookup_eval(name)) == 0)
return (0);
if (conv_time(strval, intval, def_unit) == 0)
- msg_fatal("parameter %s: bad time unit: %s", name, strval);
+ msg_fatal("parameter %s: bad time value or unit: %s", name, strval);
return (1);
}
--- /dev/null
+10 seconds = 1
+10 minutes = 600
+10 hours = 36000
+10 days = 864000
+10 weeks = 6048000
#define DEF_SMTPD_TLS_SCACHTIME "3600s"
extern int var_smtpd_tls_scache_timeout;
+#define VAR_SMTPD_DELAY_OPEN "smtpd_delay_open_until_valid_rcpt"
+#define DEF_SMTPD_DELAY_OPEN 1
+extern bool var_smtpd_delay_open;
+
#define VAR_SMTP_TLS_PER_SITE "smtp_tls_per_site"
#define DEF_SMTP_TLS_PER_SITE ""
#define VAR_LMTP_TLS_PER_SITE "lmtp_tls_per_site"
msg_warn("fork %s: %m", path);
break;
case 0:
+ /* Reset the msg_cleanup() handlers in the child process. */
+ (void) msg_cleanup((MSG_CLEANUP_FN) 0);
execv(path, argv);
msg_fatal("execv %s: %m", path);
default:
msg_warn("fork %s: %m", path);
break;
case 0:
+ /* Reset the msg_cleanup() handlers in the child process. */
+ (void) msg_cleanup((MSG_CLEANUP_FN) 0);
execv(path, argv);
msg_fatal("execv %s: %m", path);
default:
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20060207"
+#define MAIL_RELEASE_DATE "20060307"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT
return (n);
}
+/* pipe_child_cleanup - child fatal error handler */
+
+static void pipe_child_cleanup(void)
+{
+ exit(EX_TEMPFAIL);
+}
+
/* pipe_command - execute command with extreme prejudice */
int pipe_command(VSTREAM *src, DSN_BUF *why,...)
/*
* Child. Run the child in a separate process group so that the
* parent can kill not just the child but also its offspring.
+ *
+ * Redirect fatal exits to our own fatal exit handler (never leave the
+ * parent's handler enabled :-) so we can replace random exit status
+ * codes by EX_TEMPFAIL.
*/
case 0:
+ (void) msg_cleanup(pipe_child_cleanup);
set_ugid(args.uid, args.gid);
if (setsid() < 0)
msg_warn("setsid failed: %m");
/*
* Working directory plumbing.
*/
- if (args.cwd && chdir(args.cwd) < 0) {
- msg_warn("cannot change directory to \"%s\" for uid=%lu gid=%lu: %m",
- args.cwd, (unsigned long) args.uid,
- (unsigned long) args.gid);
- exit(EX_TEMPFAIL);
- }
+ if (args.cwd && chdir(args.cwd) < 0)
+ msg_fatal("cannot change directory to \"%s\" for uid=%lu gid=%lu: %m",
+ args.cwd, (unsigned long) args.uid,
+ (unsigned long) args.gid);
/*
* Environment plumbing. Always reset the command search path. XXX
/*
* Process plumbing. If possible, avoid running a shell.
+ *
+ * From this point we would like to handle fatal errors ourselves
+ * (ENOMEM would probably be one of the few soft error conditions).
+ * For that we have to update exec_command() first so it returns an
+ * error indication instead of terminating the process.
*/
closelog();
if (args.argv) {
return (-1);
/* Finish existing clients in the background, then terminate. */
case 0:
+ (void) msg_cleanup((MSG_CLEANUP_FN) 0);
for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++)
event_disable_readwrite(fd);
var_use_limit = 1;
*cp = '@';
break;
}
+ /* FALLTHROUGH */
case PIPE_OPT_FOLD_USER | PIPE_OPT_FOLD_HOST:
lowercase(STR(buf));
break;
}
switch (pid) {
case 0:
+ (void) msg_cleanup((MSG_CLEANUP_FN) 0);
execvp(command[0], command);
msg_fatal("execvp %s: %m", command[0]);
default:
* correctly handle the case of no resolvable MX host. Currently this is
* always treated as a soft error. RFC 2821 wants a more precise
* response.
+ *
+ * XXX dns_lookup() enables RES_DEFNAMES. This is wrong for names found in
+ * MX records - we should not append the local domain to dot-less names.
+ *
+ * XXX However, this is not the only problem. If we use the native name
+ * service for host lookup, then it will usually enable RES_DNSRCH which
+ * appends local domain information to all lookups. In particular,
+ * getaddrinfo() may invoke a resolver that runs in a different process
+ * (NIS server, nscd), so we can't even reliably turn this off by
+ * tweaking the in-process resolver flags.
*/
for (rr = mx_names; rr; rr = rr->next) {
if (rr->type != T_MX)
/* A case insensitive list of EHLO keywords (pipelining, starttls,
/* auth, etc.) that the SMTP server will not send in the EHLO response
/* to a remote SMTP client.
+/* .IP "\fBsmtpd_delay_open_until_valid_rcpt (yes)\fR"
+/* Postpone the start of an SMTP mail transaction until a valid
+/* RCPT TO command is received.
/* ADDRESS REWRITING CONTROLS
/* .ad
/* .fi
bool var_smtpd_peername_lookup;
int var_plaintext_code;
+bool var_smtpd_delay_open;
/*
* Silly little macros.
/* mail_open_stream - open mail queue file or IPC stream */
-static void mail_open_stream(SMTPD_STATE *state)
+static int mail_open_stream(SMTPD_STATE *state)
{
- char *postdrop_command;
- int cleanup_flags;
/*
- * XXX 2821: An SMTP server is not allowed to "clean up" mail except in
- * the case of original submissions. Presently, Postfix always runs all
- * mail through the cleanup server.
- *
- * We could approximate the RFC as follows: Postfix rewrites mail if it
- * comes from a source that we are willing to relay for. This way, we
- * avoid rewriting most mail that comes from elsewhere. However, that
- * requires moving functionality away from the cleanup daemon elsewhere,
- * such as virtual address expansion, and header/body pattern matching.
+ * Connect to the before-queue filter when one is configured. The MAIL
+ * FROM and RCPT TO commands are forwarded as received (including DSN
+ * attributes), with the exception that the before-filter smtpd process
+ * handles all authentication, encryption, access control and relay
+ * control, and that the before-filter smtpd process does not forward
+ * blocked commands. If the after-filter smtp server does not support
+ * some of Postfix's ESMTP features, then they must be turned off in the
+ * before-filter smtpd process with the smtpd_discard_ehlo_keywords
+ * feature.
*/
+ if (state->proxy_mail) {
+ smtpd_check_rewrite(state);
+ if (smtpd_proxy_open(state, var_smtpd_proxy_filt,
+ var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo,
+ state->proxy_mail) != 0) {
+ smtpd_chat_reply(state, "%s", STR(state->proxy_buffer));
+ return (-1);
+ }
+ }
/*
* If running from the master or from inetd, connect to the cleanup
* service.
+ *
+ * XXX 2821: An SMTP server is not allowed to "clean up" mail except in the
+ * case of original submissions.
+ *
+ * We implement this by distinguishing between mail that we are willing to
+ * rewrite (the local rewrite context) and mail from elsewhere.
*/
- cleanup_flags = input_transp_cleanup(CLEANUP_FLAG_MASK_EXTERNAL,
- smtpd_input_transp_mask);
+ else if (SMTPD_STAND_ALONE(state) == 0) {
+ int cleanup_flags;
- if (SMTPD_STAND_ALONE(state) == 0) {
+ smtpd_check_rewrite(state);
+ cleanup_flags = input_transp_cleanup(CLEANUP_FLAG_MASK_EXTERNAL,
+ smtpd_input_transp_mask);
state->dest = mail_stream_service(MAIL_CLASS_PUBLIC,
var_cleanup_service);
if (state->dest == 0
* XXX Make postdrop a manifest constant.
*/
else {
+ char *postdrop_command;
+
postdrop_command = concatenate(var_command_dir, "/postdrop",
msg_verbose ? " -v" : (char *) 0, (char *) 0);
state->dest = mail_stream_command(postdrop_command);
msg_fatal("unable to execute %s", postdrop_command);
myfree(postdrop_command);
}
- state->cleanup = state->dest->stream;
- state->queue_id = mystrdup(state->dest->id);
/*
* Record the time of arrival, the SASL-related stuff if applicable, the
* sender envelope address, some session information, and some additional
* attributes.
*/
- if (SMTPD_STAND_ALONE(state) == 0) {
- rec_fprintf(state->cleanup, REC_TYPE_TIME, REC_TYPE_TIME_FORMAT,
- REC_TYPE_TIME_ARG(state->arrival_time));
- if (*var_filter_xport)
- rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport);
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_RWR_CONTEXT, FORWARD_DOMAIN(state));
+ if (state->dest) {
+ state->cleanup = state->dest->stream;
+ state->queue_id = mystrdup(state->dest->id);
+ if (SMTPD_STAND_ALONE(state) == 0) {
+ rec_fprintf(state->cleanup, REC_TYPE_TIME, REC_TYPE_TIME_FORMAT,
+ REC_TYPE_TIME_ARG(state->arrival_time));
+ if (*var_filter_xport)
+ rec_fprintf(state->cleanup, REC_TYPE_FILT, "%s", var_filter_xport);
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_RWR_CONTEXT, FORWARD_DOMAIN(state));
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable) {
- if (state->sasl_method)
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_SASL_METHOD, state->sasl_method);
- if (state->sasl_username)
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_SASL_USERNAME, state->sasl_username);
- if (state->sasl_sender)
+ if (var_smtpd_sasl_enable) {
+ if (state->sasl_method)
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_SASL_METHOD, state->sasl_method);
+ if (state->sasl_username)
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_SASL_USERNAME, state->sasl_username);
+ if (state->sasl_sender)
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_SASL_SENDER, state->sasl_sender);
+ }
+#endif
+
+ /*
+ * Record DSN related information that was received with the MAIL
+ * FROM command.
+ *
+ * RFC 3461 Section 5.2.1. If no ENVID parameter was included in the
+ * MAIL command when the message was received, the ENVID
+ * parameter MUST NOT be supplied when the message is relayed.
+ * Ditto for the RET parameter.
+ *
+ * In other words, we can't simply make up our default ENVID or RET
+ * values. We have to remember whether the client sent any.
+ *
+ * We store DSN information as named attribute records so that we
+ * don't have to pollute the queue file with records that are
+ * incompatible with past Postfix versions. Preferably, people
+ * should be able to back out from an upgrade without losing
+ * mail.
+ */
+ if (state->dsn_envid)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_SASL_SENDER, state->sasl_sender);
+ MAIL_ATTR_DSN_ENVID, state->dsn_envid);
+ if (state->dsn_ret)
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%d",
+ MAIL_ATTR_DSN_RET, state->dsn_ret);
}
-#endif
+ rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender);
+ if (state->encoding != 0)
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_ENCODING, state->encoding);
/*
- * Record DSN related information that was received with the MAIL
- * FROM command.
- *
- * RFC 3461 Section 5.2.1. If no ENVID parameter was included in the
- * MAIL command when the message was received, the ENVID parameter
- * MUST NOT be supplied when the message is relayed. Ditto for the
- * RET parameter.
- *
- * In other words, we can't simply make up our default ENVID or RET
- * values. We have to remember whether the client sent any.
- *
- * We store DSN information as named attribute records so that we don't
- * have to pollute the queue file with records that are incompatible
- * with past Postfix versions. Preferably, people should be able to
- * back out from an upgrade without losing mail.
+ * Store the client attributes for logging purposes.
*/
- if (state->dsn_envid)
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_DSN_ENVID, state->dsn_envid);
- if (state->dsn_ret)
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%d",
- MAIL_ATTR_DSN_RET, state->dsn_ret);
+ if (SMTPD_STAND_ALONE(state) == 0) {
+ if (IS_AVAIL_CLIENT_NAME(FORWARD_NAME(state)))
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_CLIENT_NAME, FORWARD_NAME(state));
+ if (IS_AVAIL_CLIENT_ADDR(FORWARD_ADDR(state)))
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_CLIENT_ADDR, FORWARD_ADDR(state));
+ if (IS_AVAIL_CLIENT_NAMADDR(FORWARD_NAMADDR(state)))
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_ORIGIN, FORWARD_NAMADDR(state));
+ if (IS_AVAIL_CLIENT_HELO(FORWARD_HELO(state)))
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_HELO_NAME, FORWARD_HELO(state));
+ if (IS_AVAIL_CLIENT_PROTO(FORWARD_PROTO(state)))
+ rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
+ MAIL_ATTR_PROTO_NAME, FORWARD_PROTO(state));
+ }
+ if (state->verp_delims)
+ rec_fputs(state->cleanup, REC_TYPE_VERP, state->verp_delims);
}
- rec_fputs(state->cleanup, REC_TYPE_FROM, state->sender);
- if (state->encoding != 0)
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_ENCODING, state->encoding);
/*
- * Store the client attributes for logging purposes.
+ * Log the queue ID with the message origin.
*/
- if (SMTPD_STAND_ALONE(state) == 0) {
- if (IS_AVAIL_CLIENT_NAME(FORWARD_NAME(state)))
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_CLIENT_NAME, FORWARD_NAME(state));
- if (IS_AVAIL_CLIENT_ADDR(FORWARD_ADDR(state)))
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_CLIENT_ADDR, FORWARD_ADDR(state));
- if (IS_AVAIL_CLIENT_NAMADDR(FORWARD_NAMADDR(state)))
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_ORIGIN, FORWARD_NAMADDR(state));
- if (IS_AVAIL_CLIENT_HELO(FORWARD_HELO(state)))
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_HELO_NAME, FORWARD_HELO(state));
- if (IS_AVAIL_CLIENT_PROTO(FORWARD_PROTO(state)))
- rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
- MAIL_ATTR_PROTO_NAME, FORWARD_PROTO(state));
- }
- if (state->verp_delims)
- rec_fputs(state->cleanup, REC_TYPE_VERP, state->verp_delims);
+#ifdef USE_SASL_AUTH
+ if (var_smtpd_sasl_enable)
+ smtpd_sasl_mail_log(state);
+ else
+#endif
+ msg_info("%s: client=%s", state->queue_id ?
+ state->queue_id : "NOQUEUE", FORWARD_NAMADDR(state));
+ return (0);
}
/* extract_addr - extract address from rubble */
state->dsn_envid = mystrdup(STR(state->dsn_buf));
if (USE_SMTPD_PROXY(state))
state->proxy_mail = mystrdup(STR(state->buffer));
+ if (var_smtpd_delay_open == 0 && mail_open_stream(state) < 0)
+ return (-1);
smtpd_chat_reply(state, "250 2.1.0 Ok");
return (0);
}
* Don't access the proxy, queue file, or queue file writer process until
* we have a valid recipient address.
*/
- if (state->proxy == 0 && state->cleanup == 0) {
- if (!SMTPD_STAND_ALONE(state))
- smtpd_check_rewrite(state);
- if (state->proxy_mail) {
- if (smtpd_proxy_open(state, var_smtpd_proxy_filt,
- var_smtpd_proxy_tmout, var_smtpd_proxy_ehlo,
- state->proxy_mail) != 0) {
- smtpd_chat_reply(state, "%s", STR(state->proxy_buffer));
- return (-1);
- }
- } else {
- mail_open_stream(state);
- }
-
- /*
- * Log the queue ID with the message origin.
- */
-#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
- smtpd_sasl_mail_log(state);
- else
-#endif
- msg_info("%s: client=%s", state->queue_id ?
- state->queue_id : "NOQUEUE", FORWARD_NAMADDR(state));
- }
+ if (state->proxy == 0 && state->cleanup == 0 && mail_open_stream(state) < 0)
+ return (-1);
/*
* Proxy the recipient. OK, so we lied. If the real-time proxy rejects
VAR_SMTPD_TLS_RECHEAD, DEF_SMTPD_TLS_RECHEAD, &var_smtpd_tls_received_header,
#endif
VAR_SMTPD_PEERNAME_LOOKUP, DEF_SMTPD_PEERNAME_LOOKUP, &var_smtpd_peername_lookup,
+ VAR_SMTPD_DELAY_OPEN, DEF_SMTPD_DELAY_OPEN, &var_smtpd_delay_open,
0,
};
static CONFIG_STR_TABLE str_table[] = {
if (state->proxy_xforward_features) {
buf = vstring_alloc(100);
bad = 0;
- if ((!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_NAME)
- || !(bad = smtpd_xforward(state, buf, XFORWARD_NAME,
- IS_AVAIL_CLIENT_NAME(FORWARD_NAME(state)),
- FORWARD_NAME(state))))
- && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_ADDR)
- || !(bad = smtpd_xforward(state, buf, XFORWARD_ADDR,
- IS_AVAIL_CLIENT_ADDR(FORWARD_ADDR(state)),
- FORWARD_ADDR(state))))
- && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_HELO)
- || !(bad = smtpd_xforward(state, buf, XFORWARD_HELO,
- IS_AVAIL_CLIENT_HELO(FORWARD_HELO(state)),
- FORWARD_HELO(state))))
- && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_PROTO)
- || !(bad = smtpd_xforward(state, buf, XFORWARD_PROTO,
- IS_AVAIL_CLIENT_PROTO(FORWARD_PROTO(state)),
- FORWARD_PROTO(state))))
- && (!(state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN)
- || !(bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1,
+ if (state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_NAME)
+ bad = smtpd_xforward(state, buf, XFORWARD_NAME,
+ IS_AVAIL_CLIENT_NAME(FORWARD_NAME(state)),
+ FORWARD_NAME(state));
+ if (bad == 0
+ && (state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_ADDR))
+ bad = smtpd_xforward(state, buf, XFORWARD_ADDR,
+ IS_AVAIL_CLIENT_ADDR(FORWARD_ADDR(state)),
+ FORWARD_ADDR(state));
+ if (bad == 0
+ && (state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_HELO))
+ bad = smtpd_xforward(state, buf, XFORWARD_HELO,
+ IS_AVAIL_CLIENT_HELO(FORWARD_HELO(state)),
+ FORWARD_HELO(state));
+ if (bad == 0
+ && (state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_PROTO))
+ bad = smtpd_xforward(state, buf, XFORWARD_PROTO,
+ IS_AVAIL_CLIENT_PROTO(FORWARD_PROTO(state)),
+ FORWARD_PROTO(state));
+ if (bad == 0
+ && (state->proxy_xforward_features & SMTPD_PROXY_XFORWARD_DOMAIN))
+ bad = smtpd_xforward(state, buf, XFORWARD_DOMAIN, 1,
STREQ(FORWARD_DOMAIN(state), MAIL_ATTR_RWR_LOCAL) ?
- XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE))))
+ XFORWARD_DOM_LOCAL : XFORWARD_DOM_REMOTE);
+ if (bad == 0)
bad = smtpd_xforward_flush(state, buf);
vstring_free(buf);
if (bad) {
* Standard UTF8 does not encode NUL as 0b11000000, that is
* a Java "feature". So we need to check for embedded NULs.
*/
- if (strlen(tmp) != len) {
+ if (strlen((char *) tmp) != len) {
msg_warn("internal NUL in peer %s", label);
OPENSSL_free(tmp);
return (0);
}
- result = mystrdup(tmp);
+ result = mystrdup((char *) tmp);
OPENSSL_free(tmp);
return (result);
}
* Append missing @origin
*/
else if (var_append_at_myorigin != 0
- && context->origin[0][0] != 0) {
+ && REW_PARAM_VALUE(context->origin) != 0
+ && REW_PARAM_VALUE(context->origin)[0] != 0) {
domain = tok822_sub_append(tree, tok822_alloc('@', (char *) 0));
tok822_sub_append(tree, tok822_scan(REW_PARAM_VALUE(context->origin),
(TOK822 **) 0));
* alone.
*/
if (var_append_dot_mydomain != 0
- && context->domain[0][0] != 0
+ && REW_PARAM_VALUE(context->domain) != 0
+ && REW_PARAM_VALUE(context->domain)[0] != 0
&& (domain = tok822_rfind_type(tree->tail, '@')) != 0
&& domain != tree->tail
&& tok822_find_type(domain, TOK822_DOMLIT) == 0
/* Some output functions may suffer from intentional or accidental
/* record length restrictions that are imposed by library routines
/* and/or by the runtime environment.
+/*
+/* Code that spawns a child process should almost always reset
+/* the cleanup handler. The exception is when the parent exits
+/* immediately and the child continues.
+/*
+/* msg_cleanup() may be unsafe in code that changes process
+/* privileges, because the call-back routine may run with the
+/* wrong privileges.
/* LICENSE
/* .ad
/* .fi
(void) close(sockfd[1]);
return (0);
case 0: /* child */
+ (void) msg_cleanup((MSG_CLEANUP_FN) 0);
if (close(sockfd[1]))
msg_warn("close: %m");
for (fd = 0; fd < 2; fd++)
projects / thirdparty / postfix.git / commitdiff
