Safety: always truncate SMTP server error replies to 512
bytes. File: smtpd/smtpd_check.c.
+20030717
+
+ Documentation: added description of policy_time_limit to
+ the SMTPD_POLICY_README document.
+
+ Documentation: corrected the command time limit parameter
+ syntax in the spawn(8) manual page.
+
Open problems:
Low: smtp-source may block when sending large test messages.
reject_unauth_destination
check_policy_service unix:private/policy
...
+ policy_time_limit = 3600
NOTE: specify "check_policy_service" AFTER "reject_unauth_destination"
or else your system could become an open relay.
+NOTE: Postfix by default kills a command after 1000 seconds. This
+is too short for a policy daemon that may run for as long as an
+SMTP client is connected to an SMTP server process.
+
NOTE: Solaris UNIX-domain sockets do not work very well. Use TCP
sockets instead:
reject_unauth_destination
check_policy_service inet:localhost:9998
...
+ localhost:9998_time_limit = 3600
Other client-side configuration parmeters:
...
restriction_classes = greylist
greylist = check_policy_service unix:private/policy
+ policy_time_limit = 3600
/etc/postfix/sender_access:
aol.com greylist
check_sender_access hash:/etc/postfix/sender_access
check_policy_service unix:private/policy
...
+ policy_time_limit = 3600
/etc/postfix/sender_access:
securityfocus.com OK
command after a configuration change.
<b>Miscellaneous</b>
- <b>export</b><i>_</i><b>environment</b>
+ <b>export_environment</b>
List of names of environment parameters that can be
exported to non-Postfix processes.
- <b>mail</b><i>_</i><b>owner</b>
+ <b>mail_owner</b>
The process privileges used while not running an
external command.
<b>Resource control</b>
- <i>service_</i><b>command</b><i>_</i><b>time</b><i>_</i><b>limit</b>
+ <i>service</i><b>_time_limit</b>
The amount of time the command is allowed to run
- before it is killed with force. The <i>service</i> name is
- the name of the entry in the <b>master.cf</b> file. The
+ before it is killed with force. <i>service</i> is the
+ first field of the entry in the <b>master.cf</b> file. The
default time limit is given by the global <b>com-</b>
- <b>mand</b><i>_</i><b>time</b><i>_</i><b>limit</b> configuration parameter.
+ <b>mand_time_limit</b> configuration parameter.
<b>SEE ALSO</b>
<a href="master.8.html">master(8)</a> process manager
.SH Resource control
.ad
.fi
-.IP \fIservice\fB_command_time_limit\fR
+.IP \fIservice\fB_time_limit\fR
The amount of time the command is allowed to run before it is
-killed with force. The \fIservice\fR name is the name of the entry
+killed with force. \fIservice\fR is the first field of the entry
in the \fBmaster.cf\fR file. The default time limit is given by the
global \fBcommand_time_limit\fR configuration parameter.
.SH SEE ALSO
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030716"
+#define MAIL_RELEASE_DATE "20030717"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.14-" MAIL_RELEASE_DATE
/* .SH Resource control
/* .ad
/* .fi
-/* .IP \fIservice\fB_command_time_limit\fR
+/* .IP \fIservice\fB_time_limit\fR
/* The amount of time the command is allowed to run before it is
-/* killed with force. The \fIservice\fR name is the name of the entry
+/* killed with force. \fIservice\fR is the first field of the entry
/* in the \fBmaster.cf\fR file. The default time limit is given by the
/* global \fBcommand_time_limit\fR configuration parameter.
/* SEE ALSO
projects / thirdparty / postfix.git / commitdiff
