options are specified. Files: postmap/postmap.c,
postalias/postalias.c.
+ Safety: don't allow $number substitution in transport maps
+ or sender-dependent relayhost maps.
+
Cleanup: smtp_sasl_passwd_maps lookup keys are folded to
lowercase before searching tables such as btree:, dbm: or
hash: that have fixed-case fields. File: smtp/smtp_sasl_glue.c.
Bugfix: change 20051208 broke when a connection could not
be established. File: util/auto_clnt.c.
+20060124
+
+ Bugfix: the virtual(8) delivery agent did not insist on
+ privileged operation; this broke change 20060117. File:
+ virtual/virtual.c.
+
Open problems:
Centralize main.cf parameter input so that defaults work
* Postfix 2.3 supports both TCP and UNIX-domain filters. The above filter
could be specified as "inet:127.0.0.1:10025". To specify a UNIX-domain
- filter, specify "unix:pathame". A relative pathname is interpreted relative
- to the Postfix queue directory.
+ filter, specify "unix:pathname". A relative pathname is interpreted
+ relative to the Postfix queue directory.
The after-filter SMTP server is a new master.cf entry:
C\bCl\blo\bos\bsi\bin\bng\bg a\ba D\bDN\bNS\bS l\blo\boo\bop\bph\bho\bol\ble\be w\bwi\bit\bth\bh p\bpe\ber\br-\b-s\bsi\bit\bte\be T\bTL\bLS\bS p\bpo\bol\bli\bic\bci\bie\bes\bs
-As long as no secure DNS lookup mechanism is available, false hostnames may
-appear in MX or CNAME responses. Even with a perfect match between the server
-hostname and the server certificate, there is no guarantee that Postfix is
-connected to the right server. To avoid this loophole take the following steps:
+As long as no secure DNS lookup mechanism is available, false hostnames in MX
+or CNAME responses can change the server hostname that Postfix uses for TLS
+policy lookup and server certificate verification. Even with a perfect match
+between the server hostname and the server certificate, there is no guarantee
+that Postfix is connected to the right server. To avoid this loophole take the
+following steps:
* Eliminate MX lookups. Specify local transport(5) table entries for
sensitive domains with explicit smtp:[mailhost] or smtp:[mailhost]:port
Postfix now preserves uppercase information while mapping addresses
with canonical, virtual, relocated or generic maps; this happens
-even with lookups from regular expression maps. However, the local(8)
-and virtual(8) delivery agents still fold addresses to lower case.
+even with $number substitutions in regular expression maps. However,
+the local(8) and virtual(8) delivery agents still fold addresses
+to lower case.
By default, Postfix now folds the search string to lowercase only
with tables that have fixed-case lookup fields such as btree:,
while searching per-host TLS policies or SASL passwords.
Some obscure behavior was eliminated from the smtp_tls_per_site
-feature, without changes to the user interface. some Postfix internals
+feature, without changes to the user interface. Some Postfix internals
had to be re-structured in preparation for a more general TLS policy
mechanism; this required that smtp_tls_per_site be re-implemented
from scratch.
</blockquote>
-<p> This is configured by editing the master.cf file: </p>
+<p> This is configured by editing the <a href="master.5.html">master.cf</a> file: </p>
<blockquote>
<pre>
-/etc/postfix/master.cf:
+/etc/postfix/<a href="master.5.html">master.cf</a>:
# =============================================================
# service type private unpriv chroot wakeup maxproc command
# (yes) (yes) (yes) (never) (100)
<p> The before-filter SMTP server entry is a modified version of the
default Postfix SMTP server entry that is normally configured at
-the top of the master.cf file: </p>
+the top of the <a href="master.5.html">master.cf</a> file: </p>
<ul>
<li> <p> Postfix 2.3 supports both TCP and UNIX-domain filters.
The above filter could be specified as "inet:127.0.0.1:10025".
- To specify a UNIX-domain filter, specify "unix:<i>pathame</i>".
+ To specify a UNIX-domain filter, specify "unix:<i>pathname</i>".
A relative pathname is interpreted relative to the Postfix queue
directory. </p>
</ul>
-<p> The after-filter SMTP server is a new master.cf entry: </p>
+<p> The after-filter SMTP server is a new <a href="master.5.html">master.cf</a> entry: </p>
<ul>
<!-- legacy --> per-site TLS policies </a> </h3>
<p> As long as no secure DNS lookup mechanism is available, false
-hostnames may appear in MX or CNAME responses. Even with a perfect
-match between the server hostname and the server certificate, there
-is no guarantee that Postfix is connected to the right server. To
-avoid this loophole take the following steps: </p>
+hostnames in MX or CNAME responses can change the server hostname
+that Postfix uses for TLS policy lookup and server certificate
+verification. Even with a perfect match between the server hostname
+and the server certificate, there is no guarantee that Postfix is
+connected to the right server. To avoid this loophole take the
+following steps: </p>
<ul>
<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
<p> This feature is available in Postfix 2.3 and later. </p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b><a href="postconf.5.html#lmtp_sasl_type">lmtp_sasl_type</a></b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
<a href="postconf.5.html#mailbox_command_maps">mailbox_command_maps</a>, <a href="postconf.5.html#mailbox_command">mailbox_command</a>, <a href="postconf.5.html#home_mailbox">home_mailbox</a>, <a href="postconf.5.html#mail_spool_directory">mail_spool_directory</a>,
<a href="postconf.5.html#fallback_transport_maps">fallback_transport_maps</a>, <a href="postconf.5.html#fallback_transport">fallback_transport</a> and <a href="postconf.5.html#luser_relay">luser_relay</a>. </p>
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
<p> This feature is available in Postfix 2.3 and later. </p>
@domain. This information is overruled with <a href="postconf.5.html#relay_transport">relay_transport</a>,
<a href="postconf.5.html#default_transport">default_transport</a> and with the <a href="transport.5.html">transport(5)</a> table. </p>
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
<p>
This feature is available in Postfix 2.3 and later.
</p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b><a href="postconf.5.html#smtp_sasl_type">smtp_sasl_type</a></b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b><a href="postconf.5.html#smtpd_sasl_type">smtpd_sasl_type</a></b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
feature with local files, run "<b>postmap /etc/postfix/transport</b>"
after making a change. </p>
+<p> For safety reasons, as of Postfix 2.3 this feature does not
+allow $number substitutions in regular expression maps. </p>
+
<p>
Examples:
</p>
mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay.
.PP
+For safety reasons, this feature does not allow $number
+substitutions in regular expression maps.
+.PP
This feature is available in Postfix 2.3 and later.
.SH fast_flush_domains (default: $relay_domains)
Optional list of destinations that are eligible for per-destination
Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
\fBlmtp_sasl_type\fR. Typically this specifies the name of a
-configuration file or rendez-vous point.
+configuration file or rendezvous point.
.PP
This feature is available in Postfix 2.3 and later.
.SH lmtp_sasl_security_options (default: noplaintext, noanonymous)
mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay.
.PP
+For safety reasons, this feature does not allow $number
+substitutions in regular expression maps.
+.PP
This feature is available in Postfix 2.3 and later.
.SH mailq_path (default: see "postconf -d" output)
Sendmail compatibility feature that specifies where the Postfix
@domain. This information is overruled with relay_transport,
default_transport and with the \fBtransport\fR(5) table.
.PP
+For safety reasons, this feature does not allow $number
+substitutions in regular expression maps.
+.PP
This feature is available in Postfix 2.3 and later.
.SH sendmail_path (default: see "postconf -d" output)
A Sendmail compatibility feature that specifies the location of
Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
\fBsmtp_sasl_type\fR. Typically this specifies the name of a
-configuration file or rendez-vous point.
+configuration file or rendezvous point.
.PP
This feature is available in Postfix 2.3 and later.
.SH smtp_sasl_security_options (default: noplaintext, noanonymous)
Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
\fBsmtpd_sasl_type\fR. Typically this specifies the name of a
-configuration file or rendez-vous point.
+configuration file or rendezvous point.
.PP
This feature is available in Postfix 2.3 and later.
.SH smtpd_sasl_security_options (default: noanonymous)
feature with local files, run "\fBpostmap /etc/postfix/transport\fR"
after making a change.
.PP
+For safety reasons, as of Postfix 2.3 this feature does not
+allow $number substitutions in regular expression maps.
+.PP
Examples:
.PP
.nf
<li> <p> Postfix 2.3 supports both TCP and UNIX-domain filters.
The above filter could be specified as "inet:127.0.0.1:10025".
- To specify a UNIX-domain filter, specify "unix:<i>pathame</i>".
+ To specify a UNIX-domain filter, specify "unix:<i>pathname</i>".
A relative pathname is interpreted relative to the Postfix queue
directory. </p>
<!-- legacy --> per-site TLS policies </a> </h3>
<p> As long as no secure DNS lookup mechanism is available, false
-hostnames may appear in MX or CNAME responses. Even with a perfect
-match between the server hostname and the server certificate, there
-is no guarantee that Postfix is connected to the right server. To
-avoid this loophole take the following steps: </p>
+hostnames in MX or CNAME responses can change the server hostname
+that Postfix uses for TLS policy lookup and server certificate
+verification. Even with a perfect match between the server hostname
+and the server certificate, there is no guarantee that Postfix is
+connected to the right server. To avoid this loophole take the
+following steps: </p>
<ul>
feature with local files, run "<b>postmap /etc/postfix/transport</b>"
after making a change. </p>
+<p> For safety reasons, as of Postfix 2.3 this feature does not
+allow $number substitutions in regular expression maps. </p>
+
<p>
Examples:
</p>
@domain. This information is overruled with relay_transport,
default_transport and with the transport(5) table. </p>
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
+
<p>
This feature is available in Postfix 2.3 and later.
</p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b>smtpd_sasl_type</b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b>smtp_sasl_type</b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
<p> Implementation-specific information that is passed through to
the SASL plug-in implementation that is selected with
<b>lmtp_sasl_type</b>. Typically this specifies the name of a
-configuration file or rendez-vous point. </p>
+configuration file or rendezvous point. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. </p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
is: aliases, .forward files, mailbox_transport_maps, mailbox_transport,
mailbox_command_maps, mailbox_command, home_mailbox, mail_spool_directory,
fallback_transport_maps, fallback_transport and luser_relay. </p>
+
+<p> For safety reasons, this feature does not allow $number
+substitutions in regular expression maps. </p>
<p> This feature is available in Postfix 2.3 and later. </p>
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20060123"
+#define MAIL_RELEASE_DATE "20060124"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT
MAIL_SERVER_PRE_INIT, pre_init,
MAIL_SERVER_POST_INIT, post_init,
MAIL_SERVER_PRE_ACCEPT, pre_accept,
+ MAIL_SERVER_PRIVILEGED,
0);
}
projects / thirdparty / postfix.git / commitdiff
