command examples. Files: mantools/manlint, mantools/fixman,
mantools/postconf2man.
+20050206
+
+ Cleanup: don't count a [45]XX SMTP server greeting towards
+ the mx_session_limit setting. File: smtp/smtp_connect.c.
+
+ Feature: output address rewriting in the SMTP client. The
+ smtp_generics_maps parameter specifies an address mapping
+ that happens only when mail is delivered via SMTP. This is
+ typically used for hosts without a valid domain name, that
+ use something like localdomain.local instead. This feature
+ can replace local mail addresses by valid Internet mail
+ addresses when mail needs to go across the Internet, but
+ not when mail is sent between accounts on the local machine.
+ Files: smtp/smtp_proto.c, smtp/smtp_map11.c.
+
+ Cleanup: don't panic in mymalloc() when master can't find
+ any IP addresses. LaMont Jones. File: master/master_ent.c.
+
Open problems:
+ Med: document generics mapping in BASIC_CONFIGURATION_README.
+
Med: local and remote source port and IP address for
smtpd policy hook.
Low: update events.c so that 1-second timer requests do
not suffer from rounding errors. This is needed for 1-second
- SMTP session caching time limits.
+ SMTP session caching time limits. A 1-second interval would
+ become arbitrarily short when an event is scheduled just
+ before the current second rolls over.
Low: per-sender resolver personalities?
o Resolve address to destination
o Mail transport switch
o Relocated users table
+
+ * Address rewriting with remote delivery
+
+ o Generic mapping for outgoing SMTP mail
+
+ * Address rewriting with local delivery
+
o Local alias database
o Local per-user .forward files
o Local catch-all address
is received". Once you've finished reading the remainder of this document, the
table will help you to quickly find what you need.
- _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b
- |A\bAd\bdd\bdr\bre\bes\bss\bs |S\bSc\bco\bop\bpe\be|D\bDa\bae\bem\bmo\bon\bn |G\bGl\blo\bob\bba\bal\bl t\btu\bur\brn\bn-\b-o\bon\bn |S\bSe\bel\ble\bec\bct\bti\biv\bve\be t\btu\bur\brn\bn-\b-o\bof\bff\bf |
- |m\bma\ban\bni\bip\bpu\bul\bla\bat\bti\bio\bon\bn| | |c\bco\bon\bnt\btr\bro\bol\bl |c\bco\bon\bnt\btr\bro\bol\bl |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Rewrite | |trivial-|append_at_myorigin, | |
- |addresses to|all |rewrite |append_dot_mydomain,|none |
- |standard |mail |(8) |swap_bangpath, | |
- |form | | |allow_percent_hack | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Canonical |all |cleanup | | |
- |address |mail |(8) |canonical_maps |receive_override_options|
- |mapping | | | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Address |all |cleanup |masquerade_domains |receive_override_options|
- |masquerading|mail |(8) | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Automatic |new |cleanup |always_bcc, | |
- |BCC |mail |(8) |sender_bcc_maps, |receive_override_options|
- |recipients | | |recipient_bcc_maps | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Virtual |all |cleanup |virtual_alias_maps |receive_override_options|
- |aliasing |mail |(8) | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Resolve |all |trivial-| | |
- |address to |mail |rewrite |none |none |
- |destination | |(8) | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Mail |all |trivial-| | |
- |transport |mail |rewrite |transport_maps |none |
- |switch | |(8) | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Relocated |all |trivial-| | |
- |users table |mail |rewrite |relocated_maps |none |
- | | |(8) | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Local alias |all |local(8)|alias_maps |none |
- |database |mail | | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Local per- | | | | |
- |user |all |local(8)|forward_path |none |
- |.forward |mail | | | |
- |files | | | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
- |Local catch-|all |local(8)|luser_relay |none |
- |all address |mail | | | |
- |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b
+ |A\bAd\bdd\bdr\bre\bes\bss\bs |S\bSc\bco\bop\bpe\be |D\bDa\bae\bem\bmo\bon\bn |G\bGl\blo\bob\bba\bal\bl t\btu\bur\brn\bn-\b-o\bon\bn |S\bSe\bel\ble\bec\bct\bti\biv\bve\be t\btu\bur\brn\bn-\b-o\bof\bff\bf |
+ |m\bma\ban\bni\bip\bpu\bul\bla\bat\bti\bio\bon\bn| | |c\bco\bon\bnt\btr\bro\bol\bl |c\bco\bon\bnt\btr\bro\bol\bl |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Rewrite | |trivial-|append_at_myorigin, | |
+ |addresses to|all mail|rewrite |append_dot_mydomain,|none |
+ |standard | |(8) |swap_bangpath, | |
+ |form | | |allow_percent_hack | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Canonical | |cleanup | | |
+ |address |all mail|(8) |canonical_maps |receive_override_options|
+ |mapping | | | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Address |all mail|cleanup |masquerade_domains |receive_override_options|
+ |masquerading| |(8) | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Automatic | |cleanup |always_bcc, | |
+ |BCC |new mail|(8) |sender_bcc_maps, |receive_override_options|
+ |recipients | | |recipient_bcc_maps | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Virtual |all mail|cleanup |virtual_alias_maps |receive_override_options|
+ |aliasing | |(8) | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Resolve | |trivial-| | |
+ |address to |all mail|rewrite |none |none |
+ |destination | |(8) | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Mail | |trivial-| | |
+ |transport |all mail|rewrite |transport_maps |none |
+ |switch | |(8) | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Relocated | |trivial-| | |
+ |users table |all mail|rewrite |relocated_maps |none |
+ | | |(8) | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Generics |outgoing| | | |
+ |table |SMTP |smtp(8) |smtp_generics_maps |none |
+ | |mail | | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Local alias |all mail|local(8)|alias_maps |none |
+ |database | | | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Local per- | | | | |
+ |user |all mail|local(8)|forward_path |none |
+ |.forward | | | | |
+ |files | | | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+ |Local catch-|all mail|local(8)|luser_relay |none |
+ |all address | | | | |
+ |_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
A\bAd\bdd\bdr\bre\bes\bss\bs r\bre\bew\bwr\bri\bit\bti\bin\bng\bg w\bwh\bhe\ben\bn m\bma\bai\bil\bl i\bis\bs r\bre\bec\bce\bei\biv\bve\bed\bd
either returned to the sender or moved to the deferred queue and tried again
later.
+Address manipulations when mail is delivered via the smtp(8) delivery agent:
+
+ * Generic mapping for outgoing SMTP mail
+
Address manipulations when mail is delivered via the local(8) delivery agent:
* Local alias database
Postfix versions will receive the mail first, and then return it to the sender
as undeliverable, with the same reason.
+G\bGe\ben\bne\ber\bri\bic\bc m\bma\bap\bpp\bpi\bin\bng\bg f\bfo\bor\br o\bou\but\btg\bgo\boi\bin\bng\bg S\bSM\bMT\bTP\bP m\bma\bai\bil\bl
+
+Some hosts have no valid Internet domain name, and instead use a name such as
+localdomain.local. This can be a problem when you want to send mail over the
+Internet, because many mail servers reject mail addresses with invalid domain
+names.
+
+With the smtp_generics_maps parameter you can specify lookup tables that
+replace local mail addresses by valid Internet addresses when mail leaves the
+machine via SMTP. This mapping replaces envelope and header addresses, and is
+non-recursive. It does not happen when you send mail between addresses on the
+local machine.
+
+This feature is available in Postfix version 2.2 and later.
+
+Example:
+
+ /etc/postfix/main.cf:
+ smtp_generics_maps = hash:/etc/postfix/generics
+
+ /etc/postfix/generics:
+ you@localdomain.local youraccount@yourisp.example
+ her@localdomain.local heraccount@herisp.example
+ @localdomain.local youraccount+local@yourisp.example
+
+When mail is sent to a remote host via SMTP, this replaces your local mail
+address you@localdomain.local by your ISP mail address, replaces
+her@localdomain.local by her ISP mail address, and replaces all other local
+addresses by your ISP account, with an address extension of +local (this
+example assumes that the ISP supports "+" style address extensions).
+
L\bLo\boc\bca\bal\bl a\bal\bli\bia\bas\bs d\bda\bat\bta\bab\bba\bas\bse\be
When mail is to be delivered locally, the local(8) delivery agent runs each
When Postfix does not receive or deliver mail, the first order of business is
to look for errors that prevent Postfix from working properly:
- % egrep '(warning|error|fatal|panic):' /some/log/file | more
+ % e\beg\bgr\bre\bep\bp '\b'(\b(w\bwa\bar\brn\bni\bin\bng\bg|\b|e\ber\brr\bro\bor\br|\b|f\bfa\bat\bta\bal\bl|\b|p\bpa\ban\bni\bic\bc)\b):\b:'\b' /\b/s\bso\bom\bme\be/\b/l\blo\bog\bg/\b/f\bfi\bil\ble\be |\b| m\bmo\bor\bre\be
Note: the most important message is near the BEGINNING of the output. Error
messages that come later are less useful.
* What-if: report what would happen, but do not actually deliver mail. This
mode of operation is requested with:
- $ /\b/u\bus\bsr\br/\b/s\bsb\bbi\bin\bn/\b/s\bse\ben\bnd\bdm\bma\bai\bil\bl -\b-b\bbv\bv a\bad\bdd\bdr\bre\bes\bss\bs.\b..\b..\b.
+ % /\b/u\bus\bsr\br/\b/s\bsb\bbi\bin\bn/\b/s\bse\ben\bnd\bdm\bma\bai\bil\bl -\b-b\bbv\bv a\bad\bdd\bdr\bre\bes\bss\bs.\b..\b..\b.
Mail Delivery Status Report will be mailed to <your login name>.
* What happened: deliver mail and report successes and/or failures, including
replies from remote SMTP servers. This mode of operation is requested with:
- $ /\b/u\bus\bsr\br/\b/s\bsb\bbi\bin\bn/\b/s\bse\ben\bnd\bdm\bma\bai\bil\bl -\b-v\bv a\bad\bdd\bdr\bre\bes\bss\bs.\b..\b..\b.
+ % /\b/u\bus\bsr\br/\b/s\bsb\bbi\bin\bn/\b/s\bse\ben\bnd\bdm\bma\bai\bil\bl -\b-v\bv a\bad\bdd\bdr\bre\bes\bss\bs.\b..\b..\b.
Mail Delivery Status Report will be mailed to <your login name>.
These reports contain information that is generated by Postfix delivery agents.
specify a large enough buffer with the "-s" option or else you will miss some
or all of the packet payload.
- # tcpdump -w /file/name -s 2000 host example.com and port 25
+ # t\btc\bcp\bpd\bdu\bum\bmp\bp -\b-w\bw /\b/f\bfi\bil\ble\be/\b/n\bna\bam\bme\be -\b-s\bs 2\b20\b00\b00\b0 h\bho\bos\bst\bt e\bex\bxa\bam\bmp\bpl\ble\be.\b.c\bco\bom\bm a\ban\bnd\bd p\bpo\bor\brt\bt 2\b25\b5
Run this for a while, stop with Ctrl-C when done. To view the data use a binary
viewer, or e\bet\bth\bhe\ber\bre\bea\bal\bl, or use my t\btc\bcp\bpd\bdu\bum\bmp\bpx\bx utility that is available from ftp://
Many systems allow you to inspect a running process with a system call tracer.
For example:
- # trace -p process-id (SunOS 4)
- # strace -p process-id (Linux and many others)
- # truss -p process-id (Solaris, FreeBSD)
- # ktrace -p process-id (generic 4.4BSD)
+ # t\btr\bra\bac\bce\be -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (SunOS 4)
+ # s\bst\btr\bra\bac\bce\be -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (Linux and many others)
+ # t\btr\bru\bus\bss\bs -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (Solaris, FreeBSD)
+ # k\bkt\btr\bra\bac\bce\be -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (generic 4.4BSD)
Even more informative are traces of system library calls. Examples:
- # ltrace -p process-id (Linux, also ported to FreeBSD and BSD/OS)
- # sotruss -p process-id (Solaris)
+ # l\blt\btr\bra\bac\bce\be -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (Linux, also ported to FreeBSD and BSD/OS)
+ # s\bso\bot\btr\bru\bus\bss\bs -\b-p\bp p\bpr\bro\boc\bce\bes\bss\bs-\b-i\bid\bd (Solaris)
See your system documentation for details.
Be sure that g\bgd\bdb\bb is in the command search path, and export X\bXA\bAU\bUT\bTH\bHO\bOR\bRI\bIT\bTY\bY so that X
access control works, for example:
- % setenv XAUTHORITY ~/.Xauthority (csh syntax)
- $ export XAUTHORITY=$HOME/.Xauthority (sh syntax)
+ % s\bse\bet\bte\ben\bnv\bv X\bXA\bAU\bUT\bTH\bHO\bOR\bRI\bIT\bTY\bY ~\b~/\b/.\b.X\bXa\bau\but\bth\bho\bor\bri\bit\bty\by (csh syntax)
+ $ e\bex\bxp\bpo\bor\brt\bt X\bXA\bAU\bUT\bTH\bHO\bOR\bRI\bIT\bTY\bY=\b=$\b$H\bHO\bOM\bME\bE/\b/.\b.X\bXa\bau\but\bth\bho\bor\bri\bit\bty\by (sh syntax)
Append a -\b-D\bD option to the suspect daemon definition in /etc/postfix/master.cf,
for example:
In order to compile Postfix with optimizations turned off:
- % make tidy
- % make makefiles OPT=
+ % m\bma\bak\bke\be t\bti\bid\bdy\by
+ % m\bma\bak\bke\be m\bma\bak\bke\bef\bfi\bil\ble\bes\bs O\bOP\bPT\bT=\b=
This produces a set of Makefiles that do not request compiler optimization.
Once the makefiles are set up, build the software:
- % make
- % su
- # make install
+ % m\bma\bak\bke\be
+ % s\bsu\bu
+ Password:
+ # m\bma\bak\bke\be i\bin\bns\bst\bta\bal\bll\bl
If the problem goes away, then it is time to ask your vendor for help.
R\bRe\bep\bpo\bor\brt\bti\bin\bng\bg p\bpr\bro\bob\bbl\ble\bem\bms\bs t\bto\bo p\bpo\bos\bst\btf\bfi\bix\bx-\b-u\bus\bse\ber\brs\bs@\b@p\bpo\bos\bst\btf\bfi\bix\bx.\b.o\bor\brg\bg
-The people who participate on the postfix-users@postfix.org are very helpful,
+The people who participate on postfix-users@postfix.org are very helpful,
especially if YOU provide them with sufficient information. Remember, these
volunteers are willing to help, but their time is limited.
* A summary of the problem. Please do not just send some logging without
explanation of what YOU believe is wrong.
+ * Complete error messages. Please use cut-and-paste, or use attachments,
+ instead of reciting information from memory.
+
+ * Postfix logging. See the text at the top of the DEBUG_README document to
+ find out where logging is stored. Please do not frustrate the helpers by
+ word wrapping the logging.
+
* Consider using a test email address so that you don't have to reveal email
- addresses of innocent people.
+ addresses or passwords of innocent people.
* If you can't use a test email address, please anonymize information
consistently. Replace each letter by "A", each digit by "D" so that the
helpers can still recognize syntactical errors.
- * Complete error messages. Please use cut-and-paste, or use attachments,
- instead of reciting information from memory.
+ * Output from "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-n\bn". Please do not send your main.cf file or 400+
+ lines of p\bpo\bos\bst\btc\bco\bon\bnf\bf output.
- * Postfix logging. See the text at the top of the DEBUG_README document to
- find out where logging is stored. Please do not frustrate the helpers by
- word wrapping the logging.
+ * Better, provide output from the p\bpo\bos\bst\btf\bfi\bin\bng\bge\ber\br tool. This can be found at http:
+ //ftp.wl0.org/SOURCES/postfinger.
- * Output from "postconf -n". Please do not send your main.cf file. Or better,
- provide output from the "postfinger" tool. This tool is bundled with
- Postfix 2.2 and later source code, and can be found at http://ftp.wl0.org/
- SOURCES/postfinger.
+ * If the problem is SASL related, consider including the output from the
+ s\bsa\bas\bsl\blf\bfi\bin\bng\bge\ber\br tool. This can be found at http://postfix.state-of-mind.de/
+ patrick.koetter/saslfinger/.
* If the problem is about too much mail in the queue, consider including
- output from the qshape tool, as described in the QSHAPE_README file.
+ output from the q\bqs\bsh\bha\bap\bpe\be tool, as described in the QSHAPE_README file.
* If the problem is protocol related (connections time out or an SMTP server
complains about syntax errors etc.) consider recording a session with
- tcpdump, as described in the DEBUG_README document.
+ t\btc\bcp\bpd\bdu\bum\bmp\bp, as described in the DEBUG_README document.
between these implementations.
The main feature of interest is that IPv6 uses 128-bit IP addresses instead of
-the 32-bit addresses used by IPv4. It can therefore accomodate a much larger
+the 32-bit addresses used by IPv4. It can therefore accommodate a much larger
number of hosts and networks without ugly kluges such as NAT. A side benefit of
the much larger address space is that it makes network scanning unpractical.
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
+Major changes with snapshot Postfix-2.2-20050206
+================================================
+
+Support for address rewriting in outgoing SMTP mail. This is useful
+for sites that have no valid Internet domain name, and that use a
+domain name such as localdomain.local instead. Mail addresses that
+use such domain names are often rejected by mail servers. The new
+smtp_generics_maps feature allows you to replace local mail addresses
+by valid Internet addresses when mail needs to be sent across the
+Internet. It has no effect on mail that is sent between accounts
+on the local machine.
+
+Example:
+
+/etc/postfix/main.cf:
+ smtp_generics_maps = hash:/etc/postfix/generics
+
+/etc/postfix/generics:
+ you@localdomain.local youraccount@yourisp.net
+ her@localdomain.local heraccount@herisp.net
+ @localdomain.local youraccount+local@yourisp.net
+
+When mail is sent to a remote host via SMTP, this replaces your
+local mail address you@localdomain.local by your ISP mail address,
+replaces her@localdomain.local by her ISP mail address, and replaces
+all other local addresses by your ISP account, with an address
+extension of +local (this example assumes that the ISP supports
+"+" style address extensions).
+
Major changes with snapshot Postfix-2.2-20050205
================================================
<li> <a href="#relocated"> Relocated users table </a>
+</ul>
+
+<li> <a href="#remote"> Address rewriting with remote delivery </a>
+
+<ul>
+
+<li> <a href="#generics"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<li> <a href="#local"> Address rewriting with local delivery </a>
+
+<ul>
+
<li> <a href="#aliases"> Local alias database </a>
<li> <a href="#forward"> Local per-user .forward files </a>
<td nowrap> all mail </td> <td> <a href="trivial-rewrite.8.html">trivial-<br>rewrite(8)</a> </td> <td>
<a href="postconf.5.html#relocated_maps">relocated_maps</a> </td> <td> none </td> </tr>
+<tr> <td> <a href="#generics"> Generics table </a> </td> <td>
+outgoing SMTP mail </td> <td> <a href="smtp.8.html">smtp(8)</a> </td> <td> <a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a>
+</td> <td> none </td> </tr>
+
<tr> <td> <a href="#aliases"> Local alias database</a> </td> <td>
all mail </td> <td> <a href="local.8.html">local(8)</a> </td> <td> <a href="postconf.5.html#alias_maps">alias_maps</a> </td> <td> none
</td> </tr>
When mail cannot be delivered, it is either returned to the sender
or moved to the <a href="QSHAPE_README.html#deferred_queue">deferred queue</a> and tried again later. </p>
-<p> Address manipulations when mail is delivered via the <a href="local.8.html">local(8)</a>
-delivery agent: </p>
+<p> <a name="remote">Address</a> manipulations when mail is delivered
+via the <a href="smtp.8.html">smtp(8)</a> delivery agent: </p>
+
+<ul>
+
+<li> <a href="#generics"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<p> <a name="local">Address</a> manipulations when mail is delivered
+via the <a href="local.8.html">local(8)</a> delivery agent: </p>
<ul>
mail first, and then return it to the sender as undeliverable, with
the same reason. </p>
+<h3> <a name="generics"> Generic mapping for outgoing SMTP mail </a> </h3>
+
+<p> Some hosts have no valid Internet domain name, and instead use
+a name such as <i>localdomain.local</i>. This can be a problem when
+you want to send mail over the Internet, because many mail servers
+reject mail addresses with invalid domain names. </p>
+
+<p> With the <a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a> parameter you can specify lookup
+tables that replace local mail addresses by valid Internet addresses
+when mail leaves the machine via SMTP. This mapping replaces envelope
+and header addresses, and is non-recursive. It does not happen when
+you send mail between addresses on the local machine. </p>
+
+<p> This feature is available in Postfix version 2.2 and later.</p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ <a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a> = hash:/etc/postfix/generics
+
+/etc/postfix/generics:
+ you@localdomain.local youraccount@yourisp.example
+ her@localdomain.local heraccount@herisp.example
+ @localdomain.local youraccount+local@yourisp.example
+</pre>
+</blockquote>
+
+<p> When mail is sent to a remote host via SMTP, this replaces your
+local mail address <i>you@localdomain.local</i> by your ISP mail
+address, replaces <i>her@localdomain.local</i> by her ISP mail
+address, and replaces all other local addresses by your ISP account,
+with an address extension of +<i>local</i> (this example assumes
+that the ISP supports "+" style address extensions). </p>
+
<h3> <a name="aliases"> Local alias database </a> </h3>
<p> When mail is to be delivered locally, the <a href="local.8.html">local(8)</a> delivery
<blockquote>
<pre>
-% egrep '(warning|error|fatal|panic):' /some/log/file | more
+% <b>egrep '(warning|error|fatal|panic):' /some/log/file | more</b>
</pre>
</blockquote>
deliver mail. This mode of operation is requested with: </p>
<pre>
-$ <b>/usr/sbin/sendmail -bv address...</b>
+% <b>/usr/sbin/sendmail -bv address...</b>
Mail Delivery Status Report will be mailed to <your login name>.
</pre>
of operation is requested with: </p>
<pre>
-$ <b>/usr/sbin/sendmail -v address...</b>
+% <b>/usr/sbin/sendmail -v address...</b>
Mail Delivery Status Report will be mailed to <your login name>.
</pre>
<blockquote>
<pre>
-# tcpdump -w /file/name -s 2000 host example.com and port 25
+# <b>tcpdump -w /file/name -s 2000 host example.com and port 25</b>
</pre>
</blockquote>
<blockquote>
<pre>
-# trace -p process-id (SunOS 4)
-# strace -p process-id (Linux and many others)
-# truss -p process-id (Solaris, FreeBSD)
-# ktrace -p process-id (generic 4.4BSD)
+# <b>trace -p process-id</b> (SunOS 4)
+# <b>strace -p process-id</b> (Linux and many others)
+# <b>truss -p process-id</b> (Solaris, FreeBSD)
+# <b>ktrace -p process-id</b> (generic 4.4BSD)
</pre>
</blockquote>
<blockquote>
<pre>
-# ltrace -p process-id (Linux, also ported to FreeBSD and BSD/OS)
-# sotruss -p process-id (Solaris)
+# <b>ltrace -p process-id</b> (Linux, also ported to FreeBSD and BSD/OS)
+# <b>sotruss -p process-id</b> (Solaris)
</pre>
</blockquote>
<blockquote>
<pre>
-% setenv XAUTHORITY ~/.Xauthority (csh syntax)
-$ export XAUTHORITY=$HOME/.Xauthority (sh syntax)
+% <b>setenv XAUTHORITY ~/.Xauthority</b> (csh syntax)
+$ <b>export XAUTHORITY=$HOME/.Xauthority</b> (sh syntax)
</pre>
</blockquote>
<blockquote>
<pre>
-% make tidy
-% make makefiles OPT=
+% <b>make tidy</b>
+% <b>make makefiles OPT=</b>
</pre>
</blockquote>
<blockquote>
<pre>
-% make
-% su
-# make install
+% <b>make</b>
+% <b>su</b>
+Password:
+# <b>make install</b>
</pre>
</blockquote>
<h2><a name="mail">Reporting problems to postfix-users@postfix.org</a></h2>
-<p> The people who participate on the postfix-users@postfix.org
+<p> The people who participate on postfix-users@postfix.org
are very helpful, especially if YOU provide them with sufficient
information. Remember, these volunteers are willing to help, but
their time is limited. </p>
<li> <p> A summary of the problem. Please do not just send some
logging without explanation of what YOU believe is wrong. </p>
+<li> <p> Complete error messages. Please use cut-and-paste, or use
+attachments, instead of reciting information from memory.
+</p>
+
+<li> <p> Postfix logging. See the text at the top of the <a href="DEBUG_README.html">DEBUG_README</a>
+document to find out where logging is stored. Please do not frustrate
+the helpers by word wrapping the logging. </p>
+
<li> <p> Consider using a test email address so that you don't have
-to reveal email addresses of innocent people. </p>
+to reveal email addresses or passwords of innocent people. </p>
<li> <p> If you can't use a test email address, please anonymize
information consistently. Replace each letter by "A", each digit
by "D" so that the helpers can still recognize syntactical errors.
</p>
-<li> <p> Complete error messages. Please use cut-and-paste, or use
-attachments, instead of reciting information from memory.
-</p>
+<li> <p> Output from "<b>postconf -n</b>". Please do not send your
+main.cf file or 400+ lines of <b>postconf</b> output. </p>
-<li> <p> Postfix logging. See the text at the top of the <a href="DEBUG_README.html">DEBUG_README</a>
-document to find out where logging is stored. Please do not frustrate
-the helpers by word wrapping the logging. </p>
+<li> <p> Better, provide output from the <b>postfinger</b> tool.
+This can be found at <a href="http://ftp.wl0.org/SOURCES/postfinger">http://ftp.wl0.org/SOURCES/postfinger</a>. </p>
-<li> <p> Output from "postconf -n". Please do not send your main.cf
-file. Or better, provide output from the "postfinger" tool. This
-tool is bundled with Postfix 2.2 and later source code, and can be
-found at <a href="http://ftp.wl0.org/SOURCES/postfinger">http://ftp.wl0.org/SOURCES/postfinger</a>. </p>
+<li> <p> If the problem is SASL related, consider including the
+output from the <b>saslfinger</b> tool. This can be found at
+<a href="http://postfix.state-of-mind.de/patrick.koetter/saslfinger/">http://postfix.state-of-mind.de/patrick.koetter/saslfinger/</a>. </p>
<li> <p> If the problem is about too much mail in the queue, consider
-including output from the qshape tool, as described in the
+including output from the <b>qshape</b> tool, as described in the
<a href="QSHAPE_README.html">QSHAPE_README</a> file. </p>
<li> <p> If the problem is protocol related (connections time out
or an SMTP server complains about syntax errors etc.) consider
-recording a session with tcpdump, as described in the <a href="DEBUG_README.html">DEBUG_README</a>
-document. </ul>
+recording a session with <b>tcpdump</b>, as described in the <a
+href="#sniffer">DEBUG_README</a> document. </ul>
</body>
<p> The main feature of interest is that IPv6 uses 128-bit IP
addresses instead of the 32-bit addresses used by IPv4. It can
-therefore accomodate a much larger number of hosts and networks
+therefore accommodate a much larger number of hosts and networks
without ugly kluges such as NAT. A side benefit of the much larger
address space is that it makes network scanning unpractical. </p>
<p>
Specify zero or more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>,
-<b>forward</b> or <b>include</b>. These cause address extension
+<b>forward</b>, <b>include</b> or <b>generics</b>. These cause
+address extension
propagation with <a href="canonical.5.html">canonical(5)</a>, <a href="virtual.5.html">virtual(5)</a>, and <a href="aliases.5.html">aliases(5)</a> maps,
-and with <a href="local.8.html">local(8)</a> .forward and :include: file lookups, respectively.
-</p>
+with <a href="local.8.html">local(8)</a> .forward and :include: file lookups, and with <a href="smtp.8.html">smtp(8)</a>
+generics maps, respectively. </p>
<p>
Note: enabling this feature for types other than <b>canonical</b>
send all their email to a dedicated mailhub. </p>
+</DD>
+
+<DT><b><a name="smtp_generics_maps">smtp_generics_maps</a>
+(default: empty)</b></DT><DD>
+
+<p> Optional lookup tables that perform address rewriting in the
+SMTP client, typically to transform a locally valid address into
+a globally valid address when sending mail across the Internet.
+This is needed when the local machine does not have its own Internet
+domain name, but uses something like <i>localdomain.local</i>
+instead. </p>
+
+<p> The table search order is described below. The search terminates
+when a match is found. In other words, the search is non-recursive.
+</p>
+
+<dl>
+
+<dt> <i>user@domain.tld address</i> </dt>
+
+<dd> <p> Replace <i>user@domain.tld</i> by <i>address</i>. This
+form has the highest precedence. </p> </dd>
+
+<dt> <i>user address</i> </dt>
+
+<dd> <p> Replace <i>user@site</i> by <i>address</i> when <i>site</i> is
+equal to $<a href="postconf.5.html#myorigin">myorigin</a>, when <i>site</i> is listed in $<a href="postconf.5.html#mydestination">mydestination</a>,
+or when it matches $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a> or $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>. </p>
+</dd>
+
+<dt> <i>@domain.tld address</i> </dt>
+
+<dd> <p> Replace all other addresses in <i>domain.tld</i> by
+<i>address</i>. This form has the lowest preference. </p> </dd>
+
+</dl>
+
+<p> In all cases <i>address</i> must specify a username and a
+domain. </p> <p> This feature is available in Postfix 2.2 and later.
+</p>
+
+
</DD>
<DT><b><a name="smtp_helo_name">smtp_helo_name</a>
will ignore in the EHLO response from a remote SMTP
server.
+ <b><a href="postconf.5.html#smtp_generics_maps">smtp_generics_maps</a> (empty)</b>
+ Optional lookup tables that perform address rewrit-
+ ing in the SMTP client, typically to transform a
+ locally valid address into a globally valid address
+ when sending mail across the Internet.
+
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
<b><a href="postconf.5.html#disable_mime_output_conversion">disable_mime_output_conversion</a> (no)</b>
- Disable the conversion of 8BITMIME format to 7BIT
+ Disable the conversion of 8BITMIME format to 7BIT
format.
<b><a href="postconf.5.html#mime_boundary_length_limit">mime_boundary_length_limit</a> (2048)</b>
Available in Postfix version 2.1 and later:
<b><a href="postconf.5.html#smtp_send_xforward_command">smtp_send_xforward_command</a> (no)</b>
- Send the non-standard XFORWARD command when the
- Postfix SMTP server EHLO response announces XFOR-
+ Send the non-standard XFORWARD command when the
+ Postfix SMTP server EHLO response announces XFOR-
WARD support.
<b>SASL AUTHENTICATION CONTROLS</b>
<b><a href="postconf.5.html#smtp_sasl_auth_enable">smtp_sasl_auth_enable</a> (no)</b>
- Enable SASL authentication in the Postfix SMTP
+ Enable SASL authentication in the Postfix SMTP
client.
<b><a href="postconf.5.html#smtp_sasl_password_maps">smtp_sasl_password_maps</a> (empty)</b>
- Optional SMTP client lookup tables with one user-
- name:password entry per remote hostname or domain.
+ Optional SMTP client lookup tables with one user-
+ name:password entry per remote hostname or domain.
<b><a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_security_options</a> (noplaintext, noanonymous)</b>
- What authentication mechanisms the Postfix SMTP
+ What authentication mechanisms the Postfix SMTP
client is allowed to use.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_sasl_mechanism_filter">smtp_sasl_mechanism_filter</a> (empty)</b>
- If non-empty, a Postfix SMTP client filter for the
- remote SMTP server's list of offered SASL mecha-
+ If non-empty, a Postfix SMTP client filter for the
+ remote SMTP server's list of offered SASL mecha-
nisms.
<b>STARTTLS SUPPORT CONTROLS</b>
- Detailed information about STARTTLS configuration may be
+ Detailed information about STARTTLS configuration may be
found in the <a href="TLS_README.html">TLS_README</a> document.
<b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
- Opportunistic mode: use TLS when a remote SMTP
- server announces STARTTLS support, otherwise send
+ Opportunistic mode: use TLS when a remote SMTP
+ server announces STARTTLS support, otherwise send
the mail in the clear.
<b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
- Enforcement mode: require that remote SMTP servers
- use TLS encryption, and never send mail in the
+ Enforcement mode: require that remote SMTP servers
+ use TLS encryption, and never send mail in the
clear.
<b><a href="postconf.5.html#smtp_sasl_tls_security_options">smtp_sasl_tls_security_options</a> ($<a href="postconf.5.html#smtp_sasl_security_options">smtp_sasl_secu</a>-</b>
<b><a href="postconf.5.html#smtp_sasl_security_options">rity_options</a>)</b>
- The SASL authentication security options that the
- Postfix SMTP client uses for TLS encrypted SMTP
+ The SASL authentication security options that the
+ Postfix SMTP client uses for TLS encrypted SMTP
sessions.
<b><a href="postconf.5.html#smtp_starttls_timeout">smtp_starttls_timeout</a> (300s)</b>
- Time limit for Postfix SMTP client write and read
- operations during TLS startup and shutdown hand-
+ Time limit for Postfix SMTP client write and read
+ operations during TLS startup and shutdown hand-
shake procedures.
<b><a href="postconf.5.html#smtp_tls_CAfile">smtp_tls_CAfile</a> (empty)</b>
- The file with the certificate of the certification
- authority (CA) that issued the Postfix SMTP client
+ The file with the certificate of the certification
+ authority (CA) that issued the Postfix SMTP client
certificate.
<b><a href="postconf.5.html#smtp_tls_CApath">smtp_tls_CApath</a> (empty)</b>
- Directory with PEM format certificate authority
- certificates that the Postfix SMTP client uses to
+ Directory with PEM format certificate authority
+ certificates that the Postfix SMTP client uses to
verify a remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a> (empty)</b>
- File with the Postfix SMTP client RSA certificate
+ File with the Postfix SMTP client RSA certificate
in PEM format.
<b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
- Controls the Postfix SMTP client TLS cipher selec-
+ Controls the Postfix SMTP client TLS cipher selec-
tion scheme.
<b><a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a> (empty)</b>
- File with the Postfix SMTP client DSA certificate
+ File with the Postfix SMTP client DSA certificate
in PEM format.
<b><a href="postconf.5.html#smtp_tls_dkey_file">smtp_tls_dkey_file</a> ($<a href="postconf.5.html#smtp_tls_dcert_file">smtp_tls_dcert_file</a>)</b>
- File with the Postfix SMTP client DSA private key
+ File with the Postfix SMTP client DSA private key
in PEM format.
<b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
- When TLS encryption is enforced, require that the
+ When TLS encryption is enforced, require that the
remote SMTP server hostname matches the information
in the remote SMTP server certificate.
<b><a href="postconf.5.html#smtp_tls_key_file">smtp_tls_key_file</a> ($<a href="postconf.5.html#smtp_tls_cert_file">smtp_tls_cert_file</a>)</b>
- File with the Postfix SMTP client RSA private key
+ File with the Postfix SMTP client RSA private key
in PEM format.
<b><a href="postconf.5.html#smtp_tls_loglevel">smtp_tls_loglevel</a> (0)</b>
- Enable additional Postfix SMTP client logging of
+ Enable additional Postfix SMTP client logging of
TLS activity.
<b><a href="postconf.5.html#smtp_tls_note_starttls_offer">smtp_tls_note_starttls_offer</a> (no)</b>
- Log the hostname of a remote SMTP server that
- offers STARTTLS, when TLS is not already enabled
+ Log the hostname of a remote SMTP server that
+ offers STARTTLS, when TLS is not already enabled
for that server.
<b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
Optional lookup tables with the Postfix SMTP client
- TLS usage policy by next-hop domain name and by
+ TLS usage policy by next-hop domain name and by
remote SMTP server hostname.
<b><a href="postconf.5.html#smtp_tls_scert_verifydepth">smtp_tls_scert_verifydepth</a> (5)</b>
- The verification depth for remote SMTP server cer-
+ The verification depth for remote SMTP server cer-
tificates.
<b><a href="postconf.5.html#smtp_tls_session_cache_database">smtp_tls_session_cache_database</a> (empty)</b>
- Name of the file containing the optional Postfix
+ Name of the file containing the optional Postfix
SMTP client TLS session cache.
<b><a href="postconf.5.html#smtp_tls_session_cache_timeout">smtp_tls_session_cache_timeout</a> (3600s)</b>
sion cache information.
<b><a href="postconf.5.html#tls_daemon_random_bytes">tls_daemon_random_bytes</a> (32)</b>
- The
number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
- or
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
- server in order to seed its internal pseudo random
+ The
number of pseudo-random bytes that an <a href="smtp.8.html"><b>smtp</b>(8)</a>
+ or
<a href="smtpd.8.html"><b>smtpd</b>(8)</a> process requests from the <a href="tlsmgr.8.html"><b>tlsmgr</b>(8)</a>
+ server in order to seed its internal pseudo random
number generator (PRNG).
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#smtp_destination_concurrency_limit">smtp_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
- The maximal number of parallel deliveries to the
- same destination via the smtp message delivery
+ The maximal number of parallel deliveries to the
+ same destination via the smtp message delivery
transport.
<b><a href="postconf.5.html#smtp_destination_recipient_limit">smtp_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
<b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
- The maximal number of recipients per delivery via
+ The maximal number of recipients per delivery via
the smtp message delivery transport.
<b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
- The SMTP client time limit for completing a TCP
+ The SMTP client time limit for completing a TCP
connection, or zero (use the operating system
built-in time limit).
<b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
- The SMTP client time limit for sending the HELO or
- EHLO command, and for receiving the initial server
+ The SMTP client time limit for sending the HELO or
+ EHLO command, and for receiving the initial server
response.
<b><a href="postconf.5.html#smtp_xforward_timeout">smtp_xforward_timeout</a> (300s)</b>
command, and for receiving the server response.
<b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
- The SMTP client time limit for sending the MAIL
- FROM command, and for receiving the server
+ The SMTP client time limit for sending the MAIL
+ FROM command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
- The SMTP client time limit for sending the SMTP
- RCPT TO command, and for receiving the server
+ The SMTP client time limit for sending the SMTP
+ RCPT TO command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
- The SMTP client time limit for sending the SMTP
- DATA command, and for receiving the server
+ The SMTP client time limit for sending the SMTP
+ DATA command, and for receiving the server
response.
<b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
- The SMTP client time limit for sending the SMTP
+ The SMTP client time limit for sending the SMTP
message content.
<b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
- The SMTP client time limit for sending the SMTP
+ The SMTP client time limit for sending the SMTP
".", and for receiving the server response.
<b><a href="postconf.5.html#smtp_quit_timeout">smtp_quit_timeout</a> (300s)</b>
- The SMTP client time limit for sending the QUIT
+ The SMTP client time limit for sending the QUIT
command, and for receiving the server response.
Available in Postfix version 2.1 and later:
lookups, or zero (no limit).
<b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
- The maximal number of SMTP sessions per delivery
- request before giving up or delivering to a fall-
+ The maximal number of SMTP sessions per delivery
+ request before giving up or delivering to a fall-
back relay host, or zero (no limit).
<b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
- The SMTP client time limit for sending the RSET
+ The SMTP client time limit for sending the RSET
command, and for receiving the server response.
Available in Postfix version 2.2 and later:
<b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
- Permanently enable SMTP connection caching for the
+ Permanently enable SMTP connection caching for the
specified destinations.
<b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
- Temporarily enable SMTP connection caching while a
+ Temporarily enable SMTP connection caching while a
destination has a high volume of mail in the active
queue.
<b><a href="postconf.5.html#smtp_connection_cache_reuse_limit">smtp_connection_cache_reuse_limit</a> (10)</b>
When SMTP connection caching is enabled, the number
- of times that an SMTP session is reused before it
+ of times that an SMTP session is reused before it
is closed.
<b><a href="postconf.5.html#smtp_connection_cache_time_limit">smtp_connection_cache_time_limit</a> (2s)</b>
When SMTP connection caching is enabled, the amount
- of time that an unused SMTP client socket is kept
+ of time that an unused SMTP client socket is kept
open before it is closed.
<b>TROUBLE SHOOTING CONTROLS</b>
<b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
- The increment in verbose logging level when a
- remote client or server matches a pattern in the
+ The increment in verbose logging level when a
+ remote client or server matches a pattern in the
<a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
<b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
- Optional list of remote client or server hostname
- or network address patterns that cause the verbose
- logging level to increase by the amount specified
+ Optional list of remote client or server hostname
+ or network address patterns that cause the verbose
+ logging level to increase by the amount specified
in $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
<b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
- The recipient of postmaster notifications about
- mail delivery problems that are caused by policy,
+ The recipient of postmaster notifications about
+ mail delivery problems that are caused by policy,
resource, software or protocol errors.
<b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
- The list of error classes that are reported to the
+ The list of error classes that are reported to the
postmaster.
<b>MISCELLANEOUS CONTROLS</b>
<b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
- Where the Postfix SMTP client should deliver mail
+ Where the Postfix SMTP client should deliver mail
when it detects a "mail loops back to myself" error
condition.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
- Disable DNS lookups in the Postfix SMTP and LMTP
+ Disable DNS lookups in the Postfix SMTP and LMTP
clients.
<b><a href="postconf.5.html#fallback_relay">fallback_relay</a> (empty)</b>
- Optional list of relay hosts for SMTP destinations
+ Optional list of relay hosts for SMTP destinations
that can't be found or that are unreachable.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
tem receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (ipv4)</b>
- The Internet protocols Postfix will attempt to use
+ The Internet protocols Postfix will attempt to use
when making or accepting connections.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for the next service request
+ The maximum amount of time that an idle Postfix
+ daemon process waits for the next service request
before exiting.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of connection requests before a
+ The maximal number of connection requests before a
Postfix daemon process terminates.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon pro-
+ The process ID of a Postfix command or daemon pro-
cess.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail sys-
- tem receives mail on by way of a proxy or network
+ tem receives mail on by way of a proxy or network
address translation unit.
<b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
An optional numerical network address that the SMTP
- client should bind to when making an IPv4 connec-
+ client should bind to when making an IPv4 connec-
tion.
<b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
An optional numerical network address that the SMTP
- client should bind to when making an IPv6 connec-
+ client should bind to when making an IPv6 connec-
tion.
<b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
- The hostname to send in the SMTP EHLO or HELO com-
+ The hostname to send in the SMTP EHLO or HELO com-
mand.
<b><a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> (dns)</b>
- What mechanisms when the SMTP client uses to look
+ What mechanisms when the SMTP client uses to look
up a host's IP address.
<b><a href="postconf.5.html#smtp_randomize_addresses">smtp_randomize_addresses</a> (yes)</b>
- Randomize the order of equal-preference MX host
+ Randomize the order of equal-preference MX host
addresses.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="TLS_README.html">TLS_README</a>, Postfix STARTTLS howto
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
to "\fIjoe.user+foo\fR".
.PP
Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
-\fBforward\fR or \fBinclude\fR. These cause address extension
+\fBforward\fR, \fBinclude\fR or \fBgenerics\fR. These cause
+address extension
propagation with \fBcanonical\fR(5), \fBvirtual\fR(5), and \fBaliases\fR(5) maps,
-and with \fBlocal\fR(8) .forward and :include: file lookups, respectively.
+with \fBlocal\fR(8) .forward and :include: file lookups, and with \fBsmtp\fR(8)
+generics maps, respectively.
.PP
Note: enabling this feature for types other than \fBcanonical\fR
and \fBvirtual\fR is likely to cause problems when mail is forwarded
will only connect to servers that support RFC 2487 _and_ that
provide valid server certificates. Typical use is for clients that
send all their email to a dedicated mailhub.
+.SH smtp_generics_maps (default: empty)
+Optional lookup tables that perform address rewriting in the
+SMTP client, typically to transform a locally valid address into
+a globally valid address when sending mail across the Internet.
+This is needed when the local machine does not have its own Internet
+domain name, but uses something like \fIlocaldomain.local\fR
+instead.
+.PP
+The table search order is described below. The search terminates
+when a match is found. In other words, the search is non-recursive.
+.IP "\fIuser@domain.tld address\fR"
+Replace \fIuser@domain.tld\fR by \fIaddress\fR. This
+form has the highest precedence.
+.IP "\fIuser address\fR"
+Replace \fIuser@site\fR by \fIaddress\fR when \fIsite\fR is
+equal to $myorigin, when \fIsite\fR is listed in $mydestination,
+or when it matches $inet_interfaces or $proxy_interfaces.
+.IP "\fI@domain.tld address\fR"
+Replace all other addresses in \fIdomain.tld\fR by
+\fIaddress\fR. This form has the lowest preference.
+.PP
+In all cases \fIaddress\fR must specify a username and a
+domain.
+This feature is available in Postfix 2.2 and later.
.SH smtp_helo_name (default: $myhostname)
The hostname to send in the SMTP EHLO or HELO command.
.PP
A case insensitive list of EHLO keywords (pipelining, starttls,
auth, etc.) that the SMTP client will ignore in the EHLO response
from a remote SMTP server.
+.IP "\fBsmtp_generics_maps (empty)\fR"
+Optional lookup tables that perform address rewriting in the
+SMTP client, typically to transform a locally valid address into
+a globally valid address when sending mail across the Internet.
.SH "MIME PROCESSING CONTROLS"
.na
.nf
s;\bsmtp_data_init_timeout\b;<a href="postconf.5.html#smtp_data_init_timeout">$&</a>;g;
s;\bsmtp_data_xfer_timeout\b;<a href="postconf.5.html#smtp_data_xfer_timeout">$&</a>;g;
s;\bsmtp_defer_if_no_mx_address_found\b;<a href="postconf.5.html#smtp_defer_if_no_mx_address_found">$&</a>;g;
+ s;\bsmtp_generics_maps\b;<a href="postconf.5.html#smtp_generics_maps">$&</a>;g;
s;\blmtp_destination_concurrency_limit\b;<a href="postconf.5.html#lmtp_destination_concurrency_limit">$&</a>;g;
s;\blmtp_destination_recip[-</bB>]*\n* *[<bB>]*ient_limit\b;<a href="postconf.5.html#lmtp_destination_recipient_limit">$&</a>;g;
s;\brelay_destination_concurrency_limit\b;<a href="postconf.5.html#relay_destination_concurrency_limit">$&</a>;g;
<li> <a href="#relocated"> Relocated users table </a>
+</ul>
+
+<li> <a href="#remote"> Address rewriting with remote delivery </a>
+
+<ul>
+
+<li> <a href="#generics"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<li> <a href="#local"> Address rewriting with local delivery </a>
+
+<ul>
+
<li> <a href="#aliases"> Local alias database </a>
<li> <a href="#forward"> Local per-user .forward files </a>
<td nowrap> all mail </td> <td> trivial-<br>rewrite(8) </td> <td>
relocated_maps </td> <td> none </td> </tr>
+<tr> <td> <a href="#generics"> Generics table </a> </td> <td>
+outgoing SMTP mail </td> <td> smtp(8) </td> <td> smtp_generics_maps
+</td> <td> none </td> </tr>
+
<tr> <td> <a href="#aliases"> Local alias database</a> </td> <td>
all mail </td> <td> local(8) </td> <td> alias_maps </td> <td> none
</td> </tr>
When mail cannot be delivered, it is either returned to the sender
or moved to the deferred queue and tried again later. </p>
-<p> Address manipulations when mail is delivered via the local(8)
-delivery agent: </p>
+<p> <a name="remote">Address</a> manipulations when mail is delivered
+via the smtp(8) delivery agent: </p>
+
+<ul>
+
+<li> <a href="#generics"> Generic mapping for outgoing SMTP mail </a>
+
+</ul>
+
+<p> <a name="local">Address</a> manipulations when mail is delivered
+via the local(8) delivery agent: </p>
<ul>
mail first, and then return it to the sender as undeliverable, with
the same reason. </p>
+<h3> <a name="generics"> Generic mapping for outgoing SMTP mail </a> </h3>
+
+<p> Some hosts have no valid Internet domain name, and instead use
+a name such as <i>localdomain.local</i>. This can be a problem when
+you want to send mail over the Internet, because many mail servers
+reject mail addresses with invalid domain names. </p>
+
+<p> With the smtp_generics_maps parameter you can specify lookup
+tables that replace local mail addresses by valid Internet addresses
+when mail leaves the machine via SMTP. This mapping replaces envelope
+and header addresses, and is non-recursive. It does not happen when
+you send mail between addresses on the local machine. </p>
+
+<p> This feature is available in Postfix version 2.2 and later.</p>
+
+<p> Example: </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ smtp_generics_maps = hash:/etc/postfix/generics
+
+/etc/postfix/generics:
+ you@localdomain.local youraccount@yourisp.example
+ her@localdomain.local heraccount@herisp.example
+ @localdomain.local youraccount+local@yourisp.example
+</pre>
+</blockquote>
+
+<p> When mail is sent to a remote host via SMTP, this replaces your
+local mail address <i>you@localdomain.local</i> by your ISP mail
+address, replaces <i>her@localdomain.local</i> by her ISP mail
+address, and replaces all other local addresses by your ISP account,
+with an address extension of +<i>local</i> (this example assumes
+that the ISP supports "+" style address extensions). </p>
+
<h3> <a name="aliases"> Local alias database </a> </h3>
<p> When mail is to be delivered locally, the local(8) delivery
<blockquote>
<pre>
-% egrep '(warning|error|fatal|panic):' /some/log/file | more
+% <b>egrep '(warning|error|fatal|panic):' /some/log/file | more</b>
</pre>
</blockquote>
deliver mail. This mode of operation is requested with: </p>
<pre>
-$ <b>/usr/sbin/sendmail -bv address...</b>
+% <b>/usr/sbin/sendmail -bv address...</b>
Mail Delivery Status Report will be mailed to <your login name>.
</pre>
of operation is requested with: </p>
<pre>
-$ <b>/usr/sbin/sendmail -v address...</b>
+% <b>/usr/sbin/sendmail -v address...</b>
Mail Delivery Status Report will be mailed to <your login name>.
</pre>
<blockquote>
<pre>
-# tcpdump -w /file/name -s 2000 host example.com and port 25
+# <b>tcpdump -w /file/name -s 2000 host example.com and port 25</b>
</pre>
</blockquote>
<blockquote>
<pre>
-# trace -p process-id (SunOS 4)
-# strace -p process-id (Linux and many others)
-# truss -p process-id (Solaris, FreeBSD)
-# ktrace -p process-id (generic 4.4BSD)
+# <b>trace -p process-id</b> (SunOS 4)
+# <b>strace -p process-id</b> (Linux and many others)
+# <b>truss -p process-id</b> (Solaris, FreeBSD)
+# <b>ktrace -p process-id</b> (generic 4.4BSD)
</pre>
</blockquote>
<blockquote>
<pre>
-# ltrace -p process-id (Linux, also ported to FreeBSD and BSD/OS)
-# sotruss -p process-id (Solaris)
+# <b>ltrace -p process-id</b> (Linux, also ported to FreeBSD and BSD/OS)
+# <b>sotruss -p process-id</b> (Solaris)
</pre>
</blockquote>
<blockquote>
<pre>
-% setenv XAUTHORITY ~/.Xauthority (csh syntax)
-$ export XAUTHORITY=$HOME/.Xauthority (sh syntax)
+% <b>setenv XAUTHORITY ~/.Xauthority</b> (csh syntax)
+$ <b>export XAUTHORITY=$HOME/.Xauthority</b> (sh syntax)
</pre>
</blockquote>
<blockquote>
<pre>
-% make tidy
-% make makefiles OPT=
+% <b>make tidy</b>
+% <b>make makefiles OPT=</b>
</pre>
</blockquote>
<blockquote>
<pre>
-% make
-% su
-# make install
+% <b>make</b>
+% <b>su</b>
+Password:
+# <b>make install</b>
</pre>
</blockquote>
<h2><a name="mail">Reporting problems to postfix-users@postfix.org</a></h2>
-<p> The people who participate on the postfix-users@postfix.org
+<p> The people who participate on postfix-users@postfix.org
are very helpful, especially if YOU provide them with sufficient
information. Remember, these volunteers are willing to help, but
their time is limited. </p>
<li> <p> A summary of the problem. Please do not just send some
logging without explanation of what YOU believe is wrong. </p>
+<li> <p> Complete error messages. Please use cut-and-paste, or use
+attachments, instead of reciting information from memory.
+</p>
+
+<li> <p> Postfix logging. See the text at the top of the DEBUG_README
+document to find out where logging is stored. Please do not frustrate
+the helpers by word wrapping the logging. </p>
+
<li> <p> Consider using a test email address so that you don't have
-to reveal email addresses of innocent people. </p>
+to reveal email addresses or passwords of innocent people. </p>
<li> <p> If you can't use a test email address, please anonymize
information consistently. Replace each letter by "A", each digit
by "D" so that the helpers can still recognize syntactical errors.
</p>
-<li> <p> Complete error messages. Please use cut-and-paste, or use
-attachments, instead of reciting information from memory.
-</p>
+<li> <p> Output from "<b>postconf -n</b>". Please do not send your
+main.cf file or 400+ lines of <b>postconf</b> output. </p>
-<li> <p> Postfix logging. See the text at the top of the DEBUG_README
-document to find out where logging is stored. Please do not frustrate
-the helpers by word wrapping the logging. </p>
+<li> <p> Better, provide output from the <b>postfinger</b> tool.
+This can be found at http://ftp.wl0.org/SOURCES/postfinger. </p>
-<li> <p> Output from "postconf -n". Please do not send your main.cf
-file. Or better, provide output from the "postfinger" tool. This
-tool is bundled with Postfix 2.2 and later source code, and can be
-found at http://ftp.wl0.org/SOURCES/postfinger. </p>
+<li> <p> If the problem is SASL related, consider including the
+output from the <b>saslfinger</b> tool. This can be found at
+http://postfix.state-of-mind.de/patrick.koetter/saslfinger/. </p>
<li> <p> If the problem is about too much mail in the queue, consider
-including output from the qshape tool, as described in the
+including output from the <b>qshape</b> tool, as described in the
QSHAPE_README file. </p>
<li> <p> If the problem is protocol related (connections time out
or an SMTP server complains about syntax errors etc.) consider
-recording a session with tcpdump, as described in the DEBUG_README
-document. </ul>
+recording a session with <b>tcpdump</b>, as described in the <a
+href="#sniffer">DEBUG_README</a> document. </ul>
</body>
<p> The main feature of interest is that IPv6 uses 128-bit IP
addresses instead of the 32-bit addresses used by IPv4. It can
-therefore accomodate a much larger number of hosts and networks
+therefore accommodate a much larger number of hosts and networks
without ugly kluges such as NAT. A side benefit of the much larger
address space is that it makes network scanning unpractical. </p>
<p>
Specify zero or more of <b>canonical</b>, <b>virtual</b>, <b>alias</b>,
-<b>forward</b> or <b>include</b>. These cause address extension
+<b>forward</b>, <b>include</b> or <b>generics</b>. These cause
+address extension
propagation with canonical(5), virtual(5), and aliases(5) maps,
-and with local(8) .forward and :include: file lookups, respectively.
-</p>
+with local(8) .forward and :include: file lookups, and with smtp(8)
+generics maps, respectively. </p>
<p>
Note: enabling this feature for types other than <b>canonical</b>
<p> The SASL authentication security options that the Postfix SMTP
server uses for TLS encrypted SMTP sessions. </p>
+
+%PARAM smtp_generics_maps empty
+
+<p> Optional lookup tables that perform address rewriting in the
+SMTP client, typically to transform a locally valid address into
+a globally valid address when sending mail across the Internet.
+This is needed when the local machine does not have its own Internet
+domain name, but uses something like <i>localdomain.local</i>
+instead. </p>
+
+<p> The table search order is described below. The search terminates
+when a match is found. In other words, the search is non-recursive.
+</p>
+
+<dl>
+
+<dt> <i>user@domain.tld address</i> </dt>
+
+<dd> <p> Replace <i>user@domain.tld</i> by <i>address</i>. This
+form has the highest precedence. </p> </dd>
+
+<dt> <i>user address</i> </dt>
+
+<dd> <p> Replace <i>user@site</i> by <i>address</i> when <i>site</i> is
+equal to $myorigin, when <i>site</i> is listed in $mydestination,
+or when it matches $inet_interfaces or $proxy_interfaces. </p>
+</dd>
+
+<dt> <i>@domain.tld address</i> </dt>
+
+<dd> <p> Replace all other addresses in <i>domain.tld</i> by
+<i>address</i>. This form has the lowest preference. </p> </dd>
+
+</dl>
+
+<p> In all cases <i>address</i> must specify a username and a
+domain. </p> <p> This feature is available in Postfix 2.2 and later.
+</p>
ipv
itojun
netmasks
+kluges
test_dns_lookup.o: ../../include/msg.h
test_dns_lookup.o: ../../include/msg_vstream.h
test_dns_lookup.o: ../../include/vstream.h
+test_dns_lookup.o: ../../include/mymalloc.h
+test_dns_lookup.o: ../../include/argv.h
test_dns_lookup.o: dns.h
test_dns_lookup.o: ../../include/sock_addr.h
test_dns_lookup.o: ../../include/myaddrinfo.h
input_transp.o: input_transp.c
input_transp.o: ../../include/sys_defs.h
input_transp.o: ../../include/name_mask.h
+input_transp.o: ../../include/msg.h
input_transp.o: mail_params.h
+input_transp.o: cleanup_user.h
input_transp.o: input_transp.h
is_header.o: is_header.c
is_header.o: ../../include/sys_defs.h
/* .IP "include (EXT_PROP_INCLUDE)"
/* Propagate unmatched address extensions to the right-hand side
/* of :include: file entries.
+/* .IP "generics (EXT_PROP_GENERICS)"
+/* Propagate unmatched address extensions to the right-hand side
+/* of smtp_generics_maps entries.
/* DIAGNOSTICS
/* Panic: inappropriate use.
/* LICENSE
"alias", EXT_PROP_ALIAS,
"forward", EXT_PROP_FORWARD,
"include", EXT_PROP_INCLUDE,
+ "generics", EXT_PROP_GENERICS,
0,
};
#define EXT_PROP_ALIAS (1<<2)
#define EXT_PROP_FORWARD (1<<3)
#define EXT_PROP_INCLUDE (1<<4)
+#define EXT_PROP_GENERICS (1<<5)
extern int ext_prop_mask(const char *, const char *);
#define DEF_SMTP_SEND_XFORWARD 0
extern bool var_smtp_send_xforward;
+#define VAR_SMTP_GENERICS_MAPS "smtp_generics_maps"
+#define DEF_SMTP_GENERICS_MAPS ""
+extern char *var_smtp_generics_maps;
+
/*
* SMTP server. The soft error limit determines how many errors an SMTP
* client may make before we start to slow down; the hard error limit
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20050205"
+#define MAIL_RELEASE_DATE "20050206"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
* Listen socket(s). XXX We pre-allocate storage because the number of
* sockets is frozen anyway once we build the command-line vector below.
*/
+ if (serv->listen_fd_count == 0) {
+ msg_fatal("%s: line %d: no valid IP address found: %s",
+ VSTREAM_PATH(master_fp), master_line, name);
+ }
serv->listen_fd = (int *) mymalloc(sizeof(int) * serv->listen_fd_count);
for (n = 0; n < serv->listen_fd_count; n++)
serv->listen_fd[n] = -1;
SHELL = /bin/sh
SRCS = smtp.c smtp_connect.c smtp_proto.c smtp_chat.c smtp_session.c \
smtp_addr.c smtp_trouble.c smtp_state.c smtp_rcpt.c \
- smtp_sasl_proto.c smtp_sasl_glue.c smtp_reuse.c
+ smtp_sasl_proto.c smtp_sasl_glue.c smtp_reuse.c smtp_map11.c
OBJS = smtp.o smtp_connect.o smtp_proto.o smtp_chat.o smtp_session.o \
smtp_addr.o smtp_trouble.o smtp_state.o smtp_rcpt.o \
- smtp_sasl_proto.o smtp_sasl_glue.o smtp_reuse.o
+ smtp_sasl_proto.o smtp_sasl_glue.o smtp_reuse.o smtp_map11.o
HDRS = smtp.h smtp_sasl.h smtp_addr.h smtp_reuse.h
TESTSRC =
DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE)
smtp.o: ../../include/match_list.h
smtp.o: ../../include/match_ops.h
smtp.o: ../../include/maps.h
+smtp.o: ../../include/ext_prop.h
smtp.o: ../../include/mail_server.h
smtp.o: smtp.h
smtp.o: ../../include/htable.h
+smtp.o: ../../include/tok822.h
+smtp.o: ../../include/resolve_clnt.h
smtp.o: ../../include/tls.h
smtp.o: smtp_sasl.h
smtp_addr.o: smtp_addr.c
smtp_addr.o: ../../include/match_ops.h
smtp_addr.o: ../../include/maps.h
smtp_addr.o: ../../include/dict.h
+smtp_addr.o: ../../include/tok822.h
+smtp_addr.o: ../../include/resolve_clnt.h
smtp_addr.o: ../../include/tls.h
smtp_addr.o: smtp_addr.h
smtp_chat.o: smtp_chat.c
smtp_chat.o: ../../include/match_ops.h
smtp_chat.o: ../../include/maps.h
smtp_chat.o: ../../include/dict.h
+smtp_chat.o: ../../include/tok822.h
+smtp_chat.o: ../../include/resolve_clnt.h
smtp_chat.o: ../../include/tls.h
smtp_connect.o: smtp_connect.c
smtp_connect.o: ../../include/sys_defs.h
smtp_connect.o: ../../include/match_ops.h
smtp_connect.o: ../../include/maps.h
smtp_connect.o: ../../include/dict.h
+smtp_connect.o: ../../include/tok822.h
+smtp_connect.o: ../../include/resolve_clnt.h
smtp_connect.o: ../../include/tls.h
smtp_connect.o: smtp_addr.h
smtp_connect.o: smtp_reuse.h
+smtp_map11.o: smtp_map11.c
+smtp_map11.o: ../../include/sys_defs.h
+smtp_map11.o: ../../include/msg.h
+smtp_map11.o: ../../include/vstring.h
+smtp_map11.o: ../../include/vbuf.h
+smtp_map11.o: ../../include/dict.h
+smtp_map11.o: ../../include/vstream.h
+smtp_map11.o: ../../include/argv.h
+smtp_map11.o: ../../include/tok822.h
+smtp_map11.o: ../../include/resolve_clnt.h
+smtp_map11.o: ../../include/valid_hostname.h
+smtp_map11.o: ../../include/mail_addr_map.h
+smtp_map11.o: ../../include/maps.h
+smtp_map11.o: ../../include/quote_822_local.h
+smtp_map11.o: ../../include/quote_flags.h
+smtp_map11.o: smtp.h
+smtp_map11.o: ../../include/htable.h
+smtp_map11.o: ../../include/deliver_request.h
+smtp_map11.o: ../../include/recipient_list.h
+smtp_map11.o: ../../include/scache.h
+smtp_map11.o: ../../include/string_list.h
+smtp_map11.o: ../../include/match_list.h
+smtp_map11.o: ../../include/match_ops.h
+smtp_map11.o: ../../include/tls.h
smtp_proto.o: smtp_proto.c
smtp_proto.o: ../../include/sys_defs.h
smtp_proto.o: ../../include/msg.h
smtp_proto.o: ../../include/maps.h
smtp_proto.o: ../../include/dict.h
smtp_proto.o: ../../include/argv.h
+smtp_proto.o: ../../include/tok822.h
+smtp_proto.o: ../../include/resolve_clnt.h
+smtp_proto.o: ../../include/mail_addr_map.h
+smtp_proto.o: ../../include/ext_prop.h
+smtp_proto.o: ../../include/lex_822.h
smtp_proto.o: smtp.h
smtp_proto.o: ../../include/htable.h
smtp_proto.o: ../../include/scache.h
smtp_rcpt.o: ../../include/match_ops.h
smtp_rcpt.o: ../../include/maps.h
smtp_rcpt.o: ../../include/dict.h
+smtp_rcpt.o: ../../include/tok822.h
+smtp_rcpt.o: ../../include/resolve_clnt.h
smtp_rcpt.o: ../../include/tls.h
smtp_reuse.o: smtp_reuse.c
smtp_reuse.o: ../../include/sys_defs.h
smtp_reuse.o: ../../include/match_ops.h
smtp_reuse.o: ../../include/maps.h
smtp_reuse.o: ../../include/dict.h
+smtp_reuse.o: ../../include/tok822.h
+smtp_reuse.o: ../../include/resolve_clnt.h
smtp_reuse.o: ../../include/tls.h
smtp_reuse.o: smtp_reuse.h
smtp_reuse.o: ../../include/dns.h
smtp_sasl_glue.o: ../../include/deliver_request.h
smtp_sasl_glue.o: ../../include/recipient_list.h
smtp_sasl_glue.o: ../../include/scache.h
+smtp_sasl_glue.o: ../../include/tok822.h
+smtp_sasl_glue.o: ../../include/resolve_clnt.h
smtp_sasl_glue.o: ../../include/tls.h
smtp_sasl_glue.o: smtp_sasl.h
smtp_sasl_proto.o: smtp_sasl_proto.c
smtp_sasl_proto.o: ../../include/match_ops.h
smtp_sasl_proto.o: ../../include/maps.h
smtp_sasl_proto.o: ../../include/dict.h
+smtp_sasl_proto.o: ../../include/tok822.h
+smtp_sasl_proto.o: ../../include/resolve_clnt.h
smtp_sasl_proto.o: ../../include/tls.h
smtp_sasl_proto.o: smtp_sasl.h
smtp_session.o: smtp_session.c
smtp_session.o: ../../include/string_list.h
smtp_session.o: ../../include/match_list.h
smtp_session.o: ../../include/match_ops.h
+smtp_session.o: ../../include/tok822.h
+smtp_session.o: ../../include/resolve_clnt.h
smtp_session.o: ../../include/tls.h
smtp_state.o: smtp_state.c
smtp_state.o: ../../include/sys_defs.h
smtp_state.o: ../../include/match_ops.h
smtp_state.o: ../../include/maps.h
smtp_state.o: ../../include/dict.h
+smtp_state.o: ../../include/tok822.h
+smtp_state.o: ../../include/resolve_clnt.h
smtp_state.o: ../../include/tls.h
smtp_state.o: smtp_sasl.h
smtp_trouble.o: smtp_trouble.c
smtp_trouble.o: ../../include/match_ops.h
smtp_trouble.o: ../../include/maps.h
smtp_trouble.o: ../../include/dict.h
+smtp_trouble.o: ../../include/tok822.h
+smtp_trouble.o: ../../include/resolve_clnt.h
smtp_trouble.o: ../../include/tls.h
smtp_unalias.o: smtp_unalias.c
smtp_unalias.o: ../../include/sys_defs.h
smtp_unalias.o: ../../include/match_ops.h
smtp_unalias.o: ../../include/maps.h
smtp_unalias.o: ../../include/dict.h
+smtp_unalias.o: ../../include/tok822.h
+smtp_unalias.o: ../../include/resolve_clnt.h
smtp_unalias.o: ../../include/tls.h
/* A case insensitive list of EHLO keywords (pipelining, starttls,
/* auth, etc.) that the SMTP client will ignore in the EHLO response
/* from a remote SMTP server.
+/* .IP "\fBsmtp_generics_maps (empty)\fR"
+/* Optional lookup tables that perform address rewriting in the
+/* SMTP client, typically to transform a locally valid address into
+/* a globally valid address when sending mail across the Internet.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
#include <scache.h>
#include <string_list.h>
#include <maps.h>
+#include <ext_prop.h>
/* Single server skeleton. */
bool var_smtp_tls_note_starttls_offer;
#endif
+char *var_smtp_generics_maps;
+char *var_prop_extension;
+
/*
* Global variables. smtp_errno is set by the address lookup routines and by
* the connection management routines.
STRING_LIST *smtp_cache_dest;
SCACHE *smtp_scache;
MAPS *smtp_ehlo_dis_maps;
+MAPS *smtp_generics_maps;
+int smtp_ext_prop_mask;
#ifdef USE_TLS
msg_warn("%s is true, but SASL support is not compiled in",
VAR_SMTP_SASL_ENABLE);
#endif
+
/*
* Initialize the TLS data before entering the chroot jail
*/
smtp_ehlo_dis_maps = maps_create(VAR_SMTPD_EHLO_DIS_MAPS,
var_smtp_ehlo_dis_maps,
DICT_FLAG_LOCK);
+
+ /*
+ * Generics table.
+ */
+ if (*var_prop_extension)
+ smtp_ext_prop_mask =
+ ext_prop_mask(VAR_PROP_EXTENSION, var_prop_extension);
+ if (*var_smtp_generics_maps)
+ smtp_generics_maps =
+ maps_create(VAR_SMTP_GENERICS_MAPS, var_smtp_generics_maps,
+ DICT_FLAG_LOCK);
}
/* pre_accept - see if tables have changed */
VAR_SMTP_EHLO_DIS_WORDS, DEF_SMTP_EHLO_DIS_WORDS, &var_smtp_ehlo_dis_words, 0, 0,
VAR_SMTP_EHLO_DIS_MAPS, DEF_SMTP_EHLO_DIS_MAPS, &var_smtp_ehlo_dis_maps, 0, 0,
VAR_SMTP_TLS_PER_SITE, DEF_SMTP_TLS_PER_SITE, &var_smtp_tls_per_site, 0, 0,
+ VAR_PROP_EXTENSION, DEF_PROP_EXTENSION, &var_prop_extension, 0, 0,
+ VAR_SMTP_GENERICS_MAPS, DEF_SMTP_GENERICS_MAPS, &var_smtp_generics_maps, 0, 0,
0,
};
static CONFIG_TIME_TABLE time_table[] = {
#include <scache.h>
#include <string_list.h>
#include <maps.h>
+#include <tok822.h>
/*
* Postfix TLS library.
extern MAPS *smtp_ehlo_dis_maps; /* ehlo keyword filter */
+extern MAPS *smtp_generics_maps; /* make internal address valid */
+extern int smtp_ext_prop_mask; /* address externsion propagation */
+
#ifdef USE_TLS
extern SSL_CTX *smtp_tls_ctx; /* client-side TLS engine */
extern SMTP_STATE *smtp_state_alloc(void);
extern void smtp_state_free(SMTP_STATE *);
+ /*
+ * smtp_map11.c
+ */
+extern int smtp_map11_external(VSTRING *, MAPS *, int);
+extern int smtp_map11_tree(TOK822 *, MAPS *, int);
+extern int smtp_map11_internal(VSTRING *, MAPS *, int);
+
/* LICENSE
/* .ad
/* .fi
#define STR(x) vstring_str(x)
+/* smtp_salvage - salvage the server reply before disconnecting */
+
+static VSTRING *smtp_salvage(VSTREAM *stream)
+{
+ int len = vstream_peek(stream);
+ VSTRING *buf = vstring_alloc(len);
+
+ /*
+ * We know the server replied with 4... or 5...; salvage whatever we have
+ * received in the VSTREAM buffer and sanitize any non-printable crud.
+ */
+ vstream_fread(stream, STR(buf), len);
+ VSTRING_AT_OFFSET(buf, len); /* XXX not public interface */
+ VSTRING_TERMINATE(buf);
+ translit(STR(buf), "\r\n", " ");
+ printable(STR(buf), '?');
+ return (buf);
+}
+
/* smtp_connect_addr - connect to explicit address */
static SMTP_SESSION *smtp_connect_addr(const char *dest, DNS_RR *addr,
return (0);
}
vstream_ungetc(stream, ch);
+
+ /*
+ * Skip this host if it sends a 4xx or 5xx greeting. This prevents us
+ * from counting it towards the MX session limit. Unfortunately, this
+ * also means that we have to salvage the server's response ourself so
+ * that it can be included in logging or in non-delivery reports. It does
+ * not hurt if we keep the test for a 4xx or 5xx greeting in smtp_helo().
+ */
+ if (ch == '4' || (ch == '5' && var_smtp_skip_5xx_greeting)) {
+ VSTRING *salvage_buf = smtp_salvage(stream);
+
+ vstring_sprintf(why, "connect to %s[%s]: server refused to talk to me: %s",
+ addr->name, hostaddr.buf, STR(salvage_buf));
+ vstring_free(salvage_buf);
+ smtp_errno = SMTP_ERR_RETRY;
+ vstream_fclose(stream);
+ return (0);
+ }
return (smtp_session_alloc(stream, dest, addr->name,
hostaddr.buf, port, sess_flags));
}
--- /dev/null
+/*++
+/* NAME
+/* smtp_map11 3
+/* SUMMARY
+/* one-to-one address mapping
+/* SYNOPSIS
+/* #include <smtp.h>
+/*
+/* int smtp_map11_external(addr, maps, propagate)
+/* VSTRING *addr;
+/* MAPS *maps;
+/* int propagate;
+/*
+/* int smtp_map11_internal(addr, maps, propagate)
+/* VSTRING *addr;
+/* MAPS *maps;
+/* int propagate;
+/*
+/* int smtp_map11_tree(tree, maps, propagate)
+/* TOK822 *tree;
+/* MAPS *maps;
+/* int propagate;
+/* DESCRIPTION
+/* This module performs non-recursive one-to-one address mapping.
+/* An unmatched address extension is propagated when
+/* \fIpropagate\fR is non-zero.
+/*
+/* smtp_map11_external() looks up the RFC 822 external (quoted) string
+/* form of an address in the maps specified via the \fImaps\fR argument.
+/*
+/* smtp_map11_internal() is a wrapper around the
+/* smtp_map11_external() routine that transforms from
+/* internal (quoted) string form to external form and back.
+/*
+/* smtp_map11_tree() is a wrapper around the
+/* smtp_map11_external() routine that transforms from
+/* internal parse tree form to external form and back.
+/* DIAGNOSTICS
+/* Table lookup errors are fatal.
+/* SEE ALSO
+/* mail_addr_map(3) address mappings
+/* LICENSE
+/* .ad
+/* .fi
+/* The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/* Wietse Venema
+/* IBM T.J. Watson Research
+/* P.O. Box 704
+/* Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <string.h>
+
+#ifdef STRCASECMP_IN_STRINGS_H
+#include <strings.h>
+#endif
+
+/* Utility library. */
+
+#include <msg.h>
+#include <vstring.h>
+#include <dict.h>
+#include <argv.h>
+#include <tok822.h>
+#include <valid_hostname.h>
+
+/* Global library. */
+
+#include <mail_addr_map.h>
+#include <quote_822_local.h>
+
+/* Application-specific. */
+
+#include <smtp.h>
+
+#define STR vstring_str
+
+/* smtp_map11_external - one-to-one table lookups */
+
+int smtp_map11_external(VSTRING *addr, MAPS *maps, int propagate)
+{
+ ARGV *new_addr;
+ const char *at;
+
+ if ((new_addr = mail_addr_map(maps, STR(addr), propagate)) != 0) {
+ if (new_addr->argc > 1)
+ msg_fatal("multi-valued %s entry for %s", maps->title, STR(addr));
+ if ((at = strrchr(STR(addr), '@')) == 0
+ || !valid_hostname(at + 1, DO_GRIPE))
+ msg_fatal("invalid domain information in %s entry for %s",
+ maps->title, STR(addr));
+ vstring_strcpy(addr, new_addr->argv[0]);
+ argv_free(new_addr);
+ return (1);
+ } else {
+ if (dict_errno != 0)
+ msg_fatal("%s map lookup problem for %s", maps->title, STR(addr));
+ return (0);
+ }
+}
+
+/* smtp_map11_tree - rewrite address node */
+
+int smtp_map11_tree(TOK822 *tree, MAPS *maps, int propagate)
+{
+ VSTRING *temp = vstring_alloc(100);
+ int ret;
+
+ tok822_externalize(temp, tree->head, TOK822_STR_DEFL);
+ ret = smtp_map11_external(temp, maps, propagate);
+ tok822_free_tree(tree->head);
+ tree->head = tok822_scan(STR(temp), &tree->tail);
+ vstring_free(temp);
+ return (ret);
+}
+
+/* smtp_map11_internal - rewrite address internal form */
+
+int smtp_map11_internal(VSTRING *addr, MAPS *maps, int propagate)
+{
+ VSTRING *temp = vstring_alloc(100);
+ int ret;
+
+ quote_822_local(temp, STR(addr));
+ ret = smtp_map11_external(temp, maps, propagate);
+ unquote_822_local(addr, STR(temp));
+ vstring_free(temp);
+ return (ret);
+}
#include <mime_state.h>
#include <ehlo_mask.h>
#include <maps.h>
+#include <tok822.h>
+#include <mail_addr_map.h>
+#include <ext_prop.h>
+#include <lex_822.h>
/* Application-specific. */
} while (data_left > 0);
}
+/* smtp_format_out - output one header/body record */
+
+static void PRINTFLIKE(3, 4) smtp_format_out(void *, int, const char *,...);
+
+static void smtp_format_out(void *context, int rec_type, const char *fmt,...)
+{
+ static VSTRING *vp;
+ va_list ap;
+
+ if (vp == 0)
+ vp = vstring_alloc(100);
+ va_start(ap, fmt);
+ vstring_vsprintf(vp, fmt, ap);
+ va_end(ap);
+ smtp_text_out(context, rec_type, vstring_str(vp), VSTRING_LEN(vp), 0);
+}
+
/* smtp_header_out - output one message header */
static void smtp_header_out(void *context, int unused_header_class,
char *line;
char *next_line;
+ /*
+ * This code destroys the header. We could try to avoid clobbering it,
+ * but we're not going to use the data any further.
+ */
for (line = start; line; line = next_line) {
next_line = split_at(line, '\n');
smtp_text_out(context, REC_TYPE_NORM, line, next_line ?
}
}
+/* smtp_header_rewrite - rewrite message header before output */
+
+static void smtp_header_rewrite(void *context, int header_class,
+ HEADER_OPTS *header_info, VSTRING *buf,
+ off_t offset)
+{
+ SMTP_STATE *state = (SMTP_STATE *) context;
+ int did_rewrite = 0;
+ char *line;
+ char *start;
+ char *next_line;
+ char *end_line;
+
+ /*
+ * Rewrite primary header addresses that match the smtp_generics_table.
+ * The cleanup server already enforces that all headers have proper
+ * lengths and that all addresses are in proper form, so we don't have to
+ * repeat that.
+ */
+ if (header_info && header_class == MIME_HDR_PRIMARY
+ && (header_info->flags & (HDR_OPT_SENDER | HDR_OPT_RECIP)) != 0) {
+ TOK822 *tree;
+ TOK822 **addr_list;
+ TOK822 **tpp;
+
+ tree = tok822_parse(vstring_str(buf)
+ + strlen(header_info->name) + 1);
+ addr_list = tok822_grep(tree, TOK822_ADDR);
+ for (tpp = addr_list; *tpp; tpp++)
+ did_rewrite |= smtp_map11_tree(tpp[0], smtp_generics_maps,
+ smtp_ext_prop_mask & EXT_PROP_GENERICS);
+ if (did_rewrite) {
+ vstring_sprintf(buf, "%s: ", header_info->name);
+ tok822_externalize(buf, tree, TOK822_STR_HEAD);
+ }
+ myfree((char *) addr_list);
+ tok822_free_tree(tree);
+ }
+
+ /*
+ * Pass through unmodified headers without reconstruction.
+ */
+ if (did_rewrite == 0) {
+ smtp_header_out(context, header_class, header_info, buf, offset);
+ return;
+ }
+
+ /*
+ * A rewritten address list contains one address per line. The code below
+ * replaces newlines by spaces, to fit as many addresses on a line as
+ * possible (without rearranging the order of addresses). Prepending
+ * white space to the beginning of lines is delegated to the output
+ * routine.
+ */
+ for (line = start = vstring_str(buf); line != 0; line = next_line) {
+ end_line = line + strcspn(line, "\n");
+ if (line > start) {
+ if (end_line - start < 70) { /* TAB counts as one */
+ line[-1] = ' ';
+ } else {
+ start = line;
+ }
+ }
+ next_line = *end_line ? end_line + 1 : 0;
+ }
+
+ /*
+ * Prepend a tab to continued header lines that went through the address
+ * rewriting machinery. Just like smtp_header_out(), this code destroys
+ * the header. We could try to avoid clobbering it, but we're not going
+ * to use the data any further.
+ */
+ for (line = start = vstring_str(buf); line != 0; line = next_line) {
+ next_line = split_at(line, '\n');
+ if (line == start || IS_SPACE_TAB(*line)) {
+ smtp_text_out(state, REC_TYPE_NORM, line, next_line ?
+ next_line - line - 1 : strlen(line), offset);
+ } else {
+ smtp_format_out(state, REC_TYPE_NORM, "\t%s", line);
+ }
+ }
+}
+
/* smtp_loop - exercise the SMTP protocol engine */
static int smtp_loop(SMTP_STATE *state, NOCLOBBER int send_state,
/*
* Macros for readability.
*/
-#define REWRITE_ADDRESS(dst, mid, src) do { \
- if (*(src) && var_smtp_quote_821_env) { \
- quote_821_local(mid, src); \
- smtp_unalias_addr(dst, vstring_str(mid)); \
- } else { \
- vstring_strcpy(dst, src); \
- } \
+#define REWRITE_ADDRESS(dst, src) do { \
+ vstring_strcpy(dst, src); \
+ if (*(src) && smtp_generics_maps) \
+ smtp_map11_internal(dst, smtp_generics_maps, \
+ smtp_ext_prop_mask & EXT_PROP_GENERICS); \
} while (0)
#define QUOTE_ADDRESS(dst, src) do { \
* Build the MAIL FROM command.
*/
case SMTP_STATE_MAIL:
- QUOTE_ADDRESS(session->scratch, request->sender);
+ REWRITE_ADDRESS(session->scratch2, request->sender);
+ QUOTE_ADDRESS(session->scratch, vstring_str(session->scratch2));
vstring_sprintf(next_command, "MAIL FROM:<%s>",
vstring_str(session->scratch));
if (session->features & SMTP_FEATURE_SIZE) /* RFC 1870 */
*/
case SMTP_STATE_RCPT:
rcpt = request->rcpt_list.info + send_rcpt;
- QUOTE_ADDRESS(session->scratch, rcpt->address);
+ REWRITE_ADDRESS(session->scratch2, rcpt->address);
+ QUOTE_ADDRESS(session->scratch, vstring_str(session->scratch2));
vstring_sprintf(next_command, "RCPT TO:<%s>",
vstring_str(session->scratch));
if ((next_rcpt = send_rcpt + 1) == SMTP_RCPT_LEFT(state))
(var_disable_mime_oconv == 0
&& (session->features & SMTP_FEATURE_8BITMIME) == 0
&& strcmp(request->encoding, MAIL_ATTR_ENC_7BIT) != 0);
- if (downgrading)
+ if (downgrading || smtp_generics_maps)
session->mime_state = mime_state_alloc(MIME_OPT_DOWNGRADE
| MIME_OPT_REPORT_NESTING,
+ smtp_generics_maps ?
+ smtp_header_rewrite :
smtp_header_out,
(MIME_STATE_ANY_END) 0,
smtp_text_out,
while ((rec_type = rec_get(state->src, session->scratch, 0)) > 0) {
if (rec_type != REC_TYPE_NORM && rec_type != REC_TYPE_CONT)
break;
- if (downgrading == 0) {
+ if (session->mime_state == 0) {
smtp_text_out((void *) state, rec_type,
vstring_str(session->scratch),
VSTRING_LEN(session->scratch),
all: $(LIB)
Makefile: Makefile.in
- (set -e; echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../../makedefs && cat $?) >$@
+ (echo "# DO NOT EDIT"; $(OPTS) $(SHELL) ../../makedefs && cat $?) >$@
test: $(TESTPROG)
unsafe.o: unsafe.c
unsafe.o: sys_defs.h
unsafe.o: safe.h
+upass_listen.o: upass_listen.c
+upass_listen.o: sys_defs.h
+upass_listen.o: msg.h
+upass_listen.o: sane_accept.h
+upass_listen.o: listen.h
+upass_listen.o: iostuff.h
uppercase.o: uppercase.c
uppercase.o: sys_defs.h
uppercase.o: stringops.h
projects / thirdparty / postfix.git / commitdiff
