The new "none" address rewriting context does not modify
message header addresses at all.
- Postfix uses the "local" rewriting context for mail from
- the machine itself, from clients listed with the
- local_rewrite_context_clients parameter (default:
- $inet_interfaces $mynetworks) and from SASL authenticated
- clients.
+ Postfix uses the "local" rewriting context for mail posted
+ with Postfix sendmail, from clients listed with the
+ local_rewrite_context_clients parameter (default: $mynetworks)
+ and from SASL authenticated clients.
The context specified with remote_rewrite_context_name is
used for all other clients. The default setting is backwards
Incompatible changes with snapshot Postfix-2.2-20041019
=======================================================
+You must reload or restart Postfix, because the protocol between
+queue manager and delivery agents has changed. If you forget this,
+mail will remain queued until you restart/reload Postfix.
+
Support for return addresses in the non-standard Errors-To: message
headers is removed. It was already disabled by default with Postfix
-version 2.1.
+version 2.1. Since it is non-standard, there was no guarantee that
+it would have effect on other MTAs.
Major changes with snapshot Postfix-2.2-20041019
================================================
The "local" address rewriting context is used for mail submitted
with the Postfix sendmail command, for mail from clients that match
-$local_header_rewrite_context_clients (default: $inet_interfaces
-$mynetworks), and for mail from SASL authenticated clients. It is
-not automatically used for pop-before-smtp clients; you'll have to
-specify their lookup table via the local_header_rewrite_context_clients
-parameter.
+$local_header_rewrite_context_clients (default: $mynetworks), and
+for mail from SASL authenticated clients. It is not automatically
+used for pop-before-smtp clients; you'll have to specify their
+lookup table via the local_header_rewrite_context_clients parameter.
The smtpd_remote_header_rewrite_context parameter specifies the
-address
-rewriting context for remote mail. The backwards compatible default
-is "local". Purists will specify "none", so that Postfix does not
-modify headers (not even with canonical mappings or address
+address rewriting context for remote mail. The backwards compatible
+default is "local". Purists will specify "none", so that Postfix
+does not modify headers (not even with canonical mappings or address
masquerading).
Postix always uses the "local" context for envelope addresses,
</DD>
<DT><b><a name="local_header_rewrite_context_clients">local_header_rewrite_context_clients</a>
-(default: $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>
-$<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
+(default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
<p> Append the domain names in $<a href="postconf.5.html#myorigin">myorigin</a> and $<a href="postconf.5.html#mydomain">mydomain</a> to incomplete
message header addresses from these clients. </p>
<p> Specify a list of network addresses or network/netmask patterns,
-separated by comma or whitespace. The list is matched left to right,
-and the search stops on the first match. Specify !address or
-!network/netmask to exclude an address or network block from the
-list. A network mask specifies the number of bits in the network
-part of a host address. Continue long lines by starting the next
-line with whitespace. </p>
+separated by comma or whitespace. Continue long lines by starting
+the next line with whitespace. </p>
+
+<p> A network mask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a client name or address
+matches a lookup key (the lookup result is ignored). </p>
+
+<p> The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list. </p>
+
+<p>
+Examples:
+</p>
-<p> You can also specify "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns.
-A "/file/name" pattern is replaced by its contents; a "<a href="DATABASE_README.html">type:table</a>"
-lookup table is matched when a client name or address matches a
-lookup key (the lookup result is ignored). </p>
+<pre>
+<a href="postconf.5.html#local_header_rewrite_context_clients">local_header_rewrite_context_clients</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
+<a href="postconf.5.html#local_header_rewrite_context_clients">local_header_rewrite_context_clients</a> = !192.168.0.1 $<a href="postconf.5.html#mynetworks">mynetworks</a>
+<a href="postconf.5.html#local_header_rewrite_context_clients">local_header_rewrite_context_clients</a> = static:all
+</pre>
</DD>
Postfix ignores the <a href="postconf.5.html#mynetworks_style">mynetworks_style</a> setting.
</p>
-<p>
-Specify a list of network/netmask patterns, separated by commas
-and/or whitespace. The mask specifies the number of bits in the
-network part of a host address. You can also specify "/file/name"
-or "<a href="DATABASE_README.html">type:table</a>" patterns. A "/file/name" pattern is replaced by
-its contents; a "<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table
-entry matches a lookup string (the lookup result is ignored).
-Continue long lines by starting the next line with whitespace.
-</p>
+<p> Specify a list of network addresses or network/netmask patterns,
+separated by commas and/or whitespace. Continue long lines by
+starting the next line with whitespace. </p>
-<p>
-Examples:
-</p>
+<p> The netmask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "<a href="DATABASE_README.html">type:table</a>"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"<a href="DATABASE_README.html">type:table</a>" lookup table is matched when a table entry matches a
+lookup string (the lookup result is ignored). </p>
+
+<p> The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list. </p>
+
+<p> Examples: </p>
<pre>
<a href="postconf.5.html#mynetworks">mynetworks</a> = 168.100.189.0/28, 127.0.0.0/8
+<a href="postconf.5.html#mynetworks">mynetworks</a> = !192.168.0.1, 192.168.0.0/28
<a href="postconf.5.html#mynetworks">mynetworks</a> = $<a href="postconf.5.html#config_directory">config_directory</a>/mynetworks
<a href="postconf.5.html#mynetworks">mynetworks</a> = hash:/etc/postfix/network_table
</pre>
Available in Postfix version 2.2 and later:
- <b><a href="postconf.5.html#local_header_rewrite_context_clients">local_header_rewrite_context_clients</a> ($<a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b>
- <b>$<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
+ <b><a href="postconf.5.html#local_header_rewrite_context_clients">local_header_rewrite_context_clients</a> ($<a href="postconf.5.html#mynetworks">mynetworks</a>)</b>
Append the domain names in $<a href="postconf.5.html#myorigin">myorigin</a> and $<a href="postconf.5.html#mydomain">mydomain</a>
to incomplete message header addresses from these
clients.
Setting this parameter to a value > 1 changes the meaning of
local_destination_concurrency_limit from concurrency per recipient
into concurrency per domain.
-<DT>\fBlocal_header_rewrite_context_clients
-(default: $inet_interfaces
-$mynetworks)\fR</DT><DD>
-.PP
+.SH local_header_rewrite_context_clients (default: $mynetworks)
Append the domain names in $myorigin and $mydomain to incomplete
message header addresses from these clients.
.PP
Specify a list of network addresses or network/netmask patterns,
-separated by comma or whitespace. The list is matched left to right,
-and the search stops on the first match. Specify !address or
-!network/netmask to exclude an address or network block from the
-list. A network mask specifies the number of bits in the network
-part of a host address. Continue long lines by starting the next
-line with whitespace.
-.PP
-You can also specify "/file/name" or "type:table" patterns.
-A "/file/name" pattern is replaced by its contents; a "type:table"
-lookup table is matched when a client name or address matches a
-lookup key (the lookup result is ignored).
+separated by comma or whitespace. Continue long lines by starting
+the next line with whitespace.
+.PP
+A network mask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "type:table"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"type:table" lookup table is matched when a client name or address
+matches a lookup key (the lookup result is ignored).
+.PP
+The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list.
+.PP
+Examples:
+.PP
+.nf
+.na
+.ft C
+local_header_rewrite_context_clients = $mynetworks
+local_header_rewrite_context_clients = !192.168.0.1 $mynetworks
+local_header_rewrite_context_clients = static:all
+.fi
+.ad
+.ft R
.SH local_recipient_maps (default: proxy:unix:passwd.byname $alias_maps)
Lookup tables with all names or addresses of local recipients:
a recipient address is local when its domain matches $mydestination,
If you specify the mynetworks list by hand,
Postfix ignores the mynetworks_style setting.
.PP
-Specify a list of network/netmask patterns, separated by commas
-and/or whitespace. The mask specifies the number of bits in the
-network part of a host address. You can also specify "/file/name"
-or "type:table" patterns. A "/file/name" pattern is replaced by
-its contents; a "type:table" lookup table is matched when a table
-entry matches a lookup string (the lookup result is ignored).
-Continue long lines by starting the next line with whitespace.
+Specify a list of network addresses or network/netmask patterns,
+separated by commas and/or whitespace. Continue long lines by
+starting the next line with whitespace.
+.PP
+The netmask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "type:table"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"type:table" lookup table is matched when a table entry matches a
+lookup string (the lookup result is ignored).
+.PP
+The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list.
.PP
Examples:
.PP
.na
.ft C
mynetworks = 168.100.189.0/28, 127.0.0.0/8
+mynetworks = !192.168.0.1, 192.168.0.0/28
mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table
.fi
filtering, or address mapping.
.PP
Available in Postfix version 2.2 and later:
-.IP "\fBlocal_header_rewrite_context_clients ($inet_interfaces $mynetworks)\fR"
+.IP "\fBlocal_header_rewrite_context_clients ($mynetworks)\fR"
Append the domain names in $myorigin and $mydomain to incomplete
message header addresses from these clients.
.IP "\fBremote_header_rewrite_context_name (local)\fR"
Postfix ignores the mynetworks_style setting.
</p>
-<p>
-Specify a list of network/netmask patterns, separated by commas
-and/or whitespace. The mask specifies the number of bits in the
-network part of a host address. You can also specify "/file/name"
-or "type:table" patterns. A "/file/name" pattern is replaced by
-its contents; a "type:table" lookup table is matched when a table
-entry matches a lookup string (the lookup result is ignored).
-Continue long lines by starting the next line with whitespace.
-</p>
+<p> Specify a list of network addresses or network/netmask patterns,
+separated by commas and/or whitespace. Continue long lines by
+starting the next line with whitespace. </p>
-<p>
-Examples:
-</p>
+<p> The netmask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "type:table"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"type:table" lookup table is matched when a table entry matches a
+lookup string (the lookup result is ignored). </p>
-<pre>
+<p> The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list. </p>
+
+<p> Examples: </p>
+
+<pre>
mynetworks = 168.100.189.0/28, 127.0.0.0/8
+mynetworks = !192.168.0.1, 192.168.0.0/28
mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table
</pre>
"invalid". This is one way to avoid appending your own domain to
addresses in spam from poorly written software. </p>
-%PARAM local_header_rewrite_context_clients $inet_interfaces
-$mynetworks
+%PARAM local_header_rewrite_context_clients $mynetworks
<p> Append the domain names in $myorigin and $mydomain to incomplete
message header addresses from these clients. </p>
<p> Specify a list of network addresses or network/netmask patterns,
-separated by comma or whitespace. The list is matched left to right,
-and the search stops on the first match. Specify !address or
-!network/netmask to exclude an address or network block from the
-list. A network mask specifies the number of bits in the network
-part of a host address. Continue long lines by starting the next
-line with whitespace. </p>
-
-<p> You can also specify "/file/name" or "type:table" patterns.
-A "/file/name" pattern is replaced by its contents; a "type:table"
-lookup table is matched when a client name or address matches a
-lookup key (the lookup result is ignored). </p>
+separated by comma or whitespace. Continue long lines by starting
+the next line with whitespace. </p>
+
+<p> A network mask specifies the number of bits in the network part
+of a host address. You can also specify "/file/name" or "type:table"
+patterns. A "/file/name" pattern is replaced by its contents; a
+"type:table" lookup table is matched when a client name or address
+matches a lookup key (the lookup result is ignored). </p>
+
+<p> The list is matched left to right, and the search stops on the
+first match. Specify "!pattern" to exclude an address or network
+block from the list. </p>
+
+
+<p>
+Examples:
+</p>
+
+<pre>
+local_header_rewrite_context_clients = $mynetworks
+local_header_rewrite_context_clients = !192.168.0.1 $mynetworks
+local_header_rewrite_context_clients = static:all
+</pre>
%PARAM remote_header_rewrite_context_name local
#define REWRITE_NONE "none"
#define VAR_LOC_RWR_CLIENTS "local_header_rewrite_context_clients"
-#define DEF_LOC_RWR_CLIENTS "$" VAR_INET_INTERFACES \
- " $" VAR_MYNETWORKS
+#define DEF_LOC_RWR_CLIENTS "$" VAR_MYNETWORKS
extern char *var_local_rwr_clients;
/* LICENSE
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20041019"
+#define MAIL_RELEASE_DATE "20041020"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
-canonical !
-canonical a!
-canonical !b
-canonical a!b
-canonical %
-canonical a%
-canonical %b
-canonical a%b
-canonical @
-canonical a@
-canonical a@.
-canonical a@b
-canonical a@b.
+local !
+local a!
+local !b
+local a!b
+local %
+local a%
+local %b
+local a%b
+local @
+local a@
+local a@.
+local a@b
+local a@b.
invalid !
invalid a!
invalid !b
-rule canonical
+rule local
address !
result ""@
-rule canonical
+rule local
address a!
result ""@a.MYDOMAIN
-rule canonical
+rule local
address !b
result b@
-rule canonical
+rule local
address a!b
result b@a.MYDOMAIN
-rule canonical
+rule local
address %
result ""@
-rule canonical
+rule local
address a%
result a@
-rule canonical
+rule local
address %b
result ""@b.MYDOMAIN
-rule canonical
+rule local
address a%b
result a@b.MYDOMAIN
-rule canonical
+rule local
address @
result ""
-rule canonical
+rule local
address a@
result a@
-rule canonical
+rule local
address a@.
result a@.
-rule canonical
+rule local
address a@b
result a@b.MYDOMAIN
-rule canonical
+rule local
address a@b.
result a@b
/* filtering, or address mapping.
/* .PP
/* Available in Postfix version 2.2 and later:
-/* .IP "\fBlocal_header_rewrite_context_clients ($inet_interfaces $mynetworks)\fR"
+/* .IP "\fBlocal_header_rewrite_context_clients ($mynetworks)\fR"
/* Append the domain names in $myorigin and $mydomain to incomplete
/* message header addresses from these clients.
/* .IP "\fBremote_header_rewrite_context_name (local)\fR"
* DOMAIN=local or remote.
*/
case SMTPD_STATE_XFORWARD_DOMAIN:
+ if (STREQ(attr_value, XFORWARD_UNAVAILABLE))
+ attr_value = XFORWARD_DOM_LOCAL;
context_name[1] = var_remote_rwr_name;
if ((context_code = name_code(xforward_to_context,
NAME_CODE_FLAG_NONE,
state.xforward_allowed =
namadr_list_match(xforward_hosts, state.name, state.addr);
- /*
- * Choose a default address rewriting context. This should be made more
- * configurable.
- */
- smtpd_check_rewrite(&state);
-
/*
* See if we need to turn on verbose logging for this client.
*/
#define NOT_SASL_AUTHENTICATED 0
/*
- * XXX We want to be able to use !pattern to make exceptions, but then we
- * should not confuse matters by mixing names with addresses.
+ * XXX We accept same syntax as mynetwork.
*/
if (SMTPD_STAND_ALONE(state)
- || namadr_list_match(local_rewrite_clients, " ", state->addr)
+ || namadr_list_match(local_rewrite_clients, state->name, state->addr)
#ifdef USE_SASL_AUTH
|| permit_sasl_auth(state, SASL_AUTHENTICATED,
NOT_SASL_AUTHENTICATED)
projects / thirdparty / postfix.git / commitdiff
