It should not try to open any user/domain/uce related tables
at all. File: smtpd/smtpd.c.
-20020106
+20030106
Bugfix: bouncing to owner-alias was broken, i.e. the mail
kept being deferred, and when that was fixed, another buglet
specifies a hostname for which the same IP address is listed
multiple times. File: master/master_ent.c.
+20030107
+
+ Robustness: check that FILTER actions in SMTPD access maps
+ or cleanup header/body_checks have plausible syntax. Files:
+ smtpd/smtpd_check.c, cleanup/cleanup_message.c.
+
+20030109
+
+ Cleanup: unnecessary "premature end of file on xxx while
+ reading yyy" warnings became exposed after some code
+ simplification. Files" global/*_clnt.c, global/dict_proxy.c
+
+ Robustness: undo the change that causes a multi-server
+ process to stop accepting new connections while it still
+ services existing clients for an extended amount of time.
+ We need a better process retirement strategy. File:
+ master/multi_server.c.
+
Open problems:
+ Med: make qmgr recipient bounce/defer activity asynchronous
+ or add a multi-recipient operation that reduces overhead.
+
+ Low: postmap/postalias should not try to open a bogus file
+ when given an unsupported dictionary type.
+
Med: do not postpone rejected "MAIL FROM" size information,
and find a way to log the sender address in the rejected
command.
# /^postmaster@/ OK
#
# # Protect your outgoing majordomo exploders
-# /^(.*)-outgoing@(.*)$/!/^owner-/ 550 Use ${1}@${2} instead
+# if !/^owner-/
+# /^(.*)-outgoing@(.*)$/ 550 Use ${1}@${2} instead
+# endif
#
# EXAMPLE HEADER FILTER MAP
# # These were once common in junk mail.
# message header filtering. See pcre_table(5) for syntax description.
#
# Message headers are filtered one at a time. This filter understands
-# multi-line message headers. However, the message header filter has
-# no knowledge of MIME headers that are embedded in the message body.
+# multi-line message headers, including MIME headers in the message
+# body.
#
# The first field is a perl-like regular expression. The expression
# delimiter can be any character except whitespace, or characters
# for a description of the syntax.
#
# Message headers are filtered one at a time. This filter understands
-# multi-line mail headers. However, the message header filter has no
-# knowledge of MIME headers that are embedded in the message body.
+# multi-line mail headers, including MIME headers in the message body.
#
# The general format of a table entry is PATTERN RESULT.
#
<b>DESCRIPTION</b>
The <b>postqueue</b> program implements the Postfix user inter-
- face for queue management. It implements all the opera-
- tions that are traditionally available via the <a href="sendmail.1.html"><b>sendmail</b>(1)</a>
- command.
+ face for queue management. It implements operations that
+ are traditionally available via the <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command.
+ See the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command for queue operations that
+ require super-user privileges such as deleting a message
+ from the queue or changing the status of a message.
The following options are recognized:
request and in the <b>sendmail</b> <b>-qR</b> command.
<b>SEE</b> <b>ALSO</b>
- sendmail(8) sendmail-compatible user interface
+ <a href="sendmail.1.html">sendmail(1)</a> sendmail-compatible user interface
+ <a href="postsuper.1.html">postsuper(1)</a> privileged queue operations
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<a href="showq.8.html">showq(8)</a> list mail queue
<a href="flushd.8.html">flush(8)</a> fast flush service
<b>DESCRIPTION</b>
The <b>postsuper</b> command does maintenance jobs on the Postfix
queue. Use of the command is restricted to the superuser.
+ See the <b>postqueue</b> command for unprivileged queue opera-
+ tions such as listing or flushing the mail queue.
- By default, <b>postsuper</b> performs the operations requested
- with the <b>-s</b> and <b>-p</b> command-line options on all Postfix
+ By default, <b>postsuper</b> performs the operations requested
+ with the <b>-s</b> and <b>-p</b> command-line options on all Postfix
queue directories - this includes the <b>incoming</b>, <b>active</b> and
- <b>deferred</b> directories with mail files and the <b>bounce</b>,
+ <b>deferred</b> directories with mail files and the <b>bounce</b>,
<b>defer</b>, <b>trace</b> and <b>flush</b> directories with log files.
Options:
<b>-c</b> <i>config_dir</i>
- The <b>main.cf</b> configuration file is in the named
+ The <b>main.cf</b> configuration file is in the named
directory instead of the default configuration
- directory. See also the MAIL_CONFIG environment
+ directory. See also the MAIL_CONFIG environment
setting below.
<b>-d</b> <i>queue_id</i>
Delete one message with the named queue ID from the
- named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
+ named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
<b>active</b> and <b>deferred</b>). If a <i>queue_id</i> of <b>-</b> is speci-
- fied, the program reads queue IDs from standard
- input. For example, to delete all mail from or to
+ fied, the program reads queue IDs from standard
+ input. For example, to delete all mail from or to
<b>user@example.com</b>:
mailq | tail +2 | awk 'BEGIN { RS = "" } \
' | tr -d '*!' | postsuper -d -
Specify <b>-d</b> <b>ALL</b> to remove all messages; for example,
- specify <b>-d</b> <b>ALL</b> <b>deferred</b> to delete mail in the
- <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
+ specify <b>-d</b> <b>ALL</b> <b>deferred</b> to delete mail in the
+ <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
must be specified in upper case.
- <b>Postfix</b> <b>queue</b> <b>IDs</b> <b>are</b> <b>reused.</b> <b>There</b> <b>is</b> <b>a</b> <b>very</b>
- <b>small</b> <b>possibility</b> <b>that</b> <b>postsuper</b> <b>deletes</b> <b>the</b> <b>wrong</b>
- <b>message</b> <b>file</b> <b>when</b> <b>it</b> <b>is</b> <b>executed</b> <b>while</b> <b>the</b> <b>Postfix</b>
+ <b>Postfix</b> <b>queue</b> <b>IDs</b> <b>are</b> <b>reused.</b> <b>There</b> <b>is</b> <b>a</b> <b>very</b>
+ <b>small</b> <b>possibility</b> <b>that</b> <b>postsuper</b> <b>deletes</b> <b>the</b> <b>wrong</b>
+ <b>message</b> <b>file</b> <b>when</b> <b>it</b> <b>is</b> <b>executed</b> <b>while</b> <b>the</b> <b>Postfix</b>
<b>mail</b> <b>system</b> <b>is</b> <b>running.</b>
The scenario is as follows:
- 1) The Postfix queue manager deletes the mes-
- sage that <b>postsuper</b> is supposed to delete,
- because Postfix is finished with the mes-
+ 1) The Postfix queue manager deletes the mes-
+ sage that <b>postsuper</b> is supposed to delete,
+ because Postfix is finished with the mes-
sage.
- 2) New mail arrives, and the new message is
- given the same queue ID as the message that
+ 2) New mail arrives, and the new message is
+ given the same queue ID as the message that
<b>postsuper</b> is supposed to delete. The proba-
- bility for reusing a deleted queue ID is
- about 1 in 2**15 (the number of different
+ bility for reusing a deleted queue ID is
+ about 1 in 2**15 (the number of different
microsecond values that the system clock can
distinguish within a second).
- 3) <b>postsuper</b> deletes the new message, instead
- of the old message that it should have
+ 3) <b>postsuper</b> deletes the new message, instead
+ of the old message that it should have
deleted.
<b>-h</b> <i>queue_id</i>
- Put mail "on hold" so that no attempt is made to
- deliver it. Move one message with the named queue
+ Put mail "on hold" so that no attempt is made to
+ deliver it. Move one message with the named queue
ID from the named mail queue(s) (default: <b>incoming</b>,
- <b>active</b> and <b>deferred</b>) to the <b>hold</b> queue. If a
+ <b>active</b> and <b>deferred</b>) to the <b>hold</b> queue. If a
<i>queue_id</i> of <b>-</b> is specified, the program reads queue
IDs from standard input.
- Specify <b>-h</b> <b>ALL</b> to hold all messages; for example,
+ Specify <b>-h</b> <b>ALL</b> to hold all messages; for example,
specify <b>-h</b> <b>ALL</b> <b>deferred</b> to hold mail in the
- <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
+ <b>deferred</b> queue. As a safety measure, the word <b>ALL</b>
must be specified in upper case.
- Note: mail that is put "on hold" will not expire
- when its time in the queue exceeds the <b>maxi-</b>
+ Note: mail that is put "on hold" will not expire
+ when its time in the queue exceeds the <b>maxi-</b>
<b>mal</b><i>_</i><b>queue</b><i>_</i><b>lifetime</b> setting.
<b>-H</b> <i>queue_id</i>
Release mail that was put "on hold". Move one mes-
- sage with the named queue ID from the named mail
+ sage with the named queue ID from the named mail
queue(s) (default: <b>hold</b>) to the <b>deferred</b> queue. If
- a <i>queue_id</i> of <b>-</b> is specified, the program reads
+ a <i>queue_id</i> of <b>-</b> is specified, the program reads
queue IDs from standard input.
- Specify <b>-H</b> <b>ALL</b> to release all mail that is "on
- hold". As a safety measure, the word <b>ALL</b> must be
+ Specify <b>-H</b> <b>ALL</b> to release all mail that is "on
+ hold". As a safety measure, the word <b>ALL</b> must be
specified in upper case.
- <b>-p</b> Purge old temporary files that are left over after
+ <b>-p</b> Purge old temporary files that are left over after
system or software crashes.
<b>-r</b> <i>queue_id</i>
- Requeue the message with the named queue ID from
- the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
- <b>active</b> and <b>deferred</b>). To requeue multiple mes-
- sages, specify multiple <b>-r</b> command-line options.
+ Requeue the message with the named queue ID from
+ the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
+ <b>active</b> and <b>deferred</b>). To requeue multiple mes-
+ sages, specify multiple <b>-r</b> command-line options.
Alternatively, if a <i>queue_id</i> of <b>-</b> is specified, the
program reads queue IDs from standard input.
Specify <b>-r</b> <b>ALL</b> to requeue all messages. As a safety
- measure, the word <b>ALL</b> must be specified in upper
+ measure, the word <b>ALL</b> must be specified in upper
case.
- A requeued message is moved to the <b>maildrop</b> queue,
- from where it is copied by the pickup daemon to a
- new file whose name is guaranteed to match the new
+ A requeued message is moved to the <b>maildrop</b> queue,
+ from where it is copied by the pickup daemon to a
+ new file whose name is guaranteed to match the new
queue file inode number. The new queue file is sub-
- jected again to mail address rewriting and substi-
+ jected again to mail address rewriting and substi-
tution. This is useful when rewriting rules or vir-
tual mappings have changed.
- Postfix queue IDs are reused. There is a very
+ Postfix queue IDs are reused. There is a very
small possibility that <b>postsuper</b> requeues the wrong
- message file when it is executed while the Postfix
+ message file when it is executed while the Postfix
mail system is running, but no harm should be done.
<b>-s</b> Structure check and structure repair. It is highly
- recommended to perform this operation once before
+ recommended to perform this operation once before
Postfix startup.
- <b>o</b> Rename files whose name does not match the
+ <b>o</b> Rename files whose name does not match the
message file inode number. This operation is
- necessary after restoring a mail queue from
+ necessary after restoring a mail queue from
a different machine, or from backup media.
<b>o</b> Move queue files that are in the wrong place
in the file system hierarchy and remove sub-
directories that are no longer needed. File
- position rearrangements are necessary after
+ position rearrangements are necessary after
a change in the <b>hash</b><i>_</i><b>queue</b><i>_</i><b>names</b> and/or
<b>hash</b><i>_</i><b>queue</b><i>_</i><b>depth</b> configuration parameters.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
- Problems are reported to the standard error stream and to
+ Problems are reported to the standard error stream and to
<b>syslogd</b>.
- <b>postsuper</b> reports the number of messages deleted with <b>-d</b>,
+ <b>postsuper</b> reports the number of messages deleted with <b>-d</b>,
the number of messages requeued with <b>-r</b>, and the number of
- messages whose queue file name was fixed with <b>-s</b>. The
+ messages whose queue file name was fixed with <b>-s</b>. The
report is written to the standard error stream and to <b>sys-</b>
<b>logd</b>.
Directory with the <b>main.cf</b> file.
<b>BUGS</b>
- Mail that is not sanitized by Postfix (i.e. mail in the
+ Mail that is not sanitized by Postfix (i.e. mail in the
<b>maildrop</b> queue) cannot be placed "on hold".
<b>CONFIGURATION</b> <b>PARAMETERS</b>
- See the Postfix <b>main.cf</b> file for syntax details and for
+ See the Postfix <b>main.cf</b> file for syntax details and for
default values.
<b>hash</b><i>_</i><b>queue</b><i>_</i><b>depth</b>
Number of subdirectory levels for hashed queues.
<b>hash</b><i>_</i><b>queue</b><i>_</i><b>names</b>
- The names of queues that are organized into multi-
+ The names of queues that are organized into multi-
ple levels of subdirectories.
+<b>SEE</b> <b>ALSO</b>
+ <a href="sendmail.1.html">sendmail(1)</a> sendmail-compatible user interface
+ <a href="postqueue.1.html">postqueue(1)</a> unprivileged queue operations
+
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
connections. When all servers are busy while a client
connects, the master creates a new proxymap server pro-
cess, provided that the proxymap server process limit is
- not exceeded. Each proxymap server stops accepting new
- connections after serving <b>$max</b><i>_</i><b>use</b> clients or terminates
- after <b>$max</b><i>_</i><b>idle</b> seconds of idle time.
+ not exceeded. Each proxymap server terminates after serv-
+ ing at least <b>$max</b><i>_</i><b>use</b> clients or after <b>$max</b><i>_</i><b>idle</b> seconds
+ of idle time.
<b>SECURITY</b>
The proxymap server opens only tables that are approved
/^postmaster@/ OK
# Protect your outgoing majordomo exploders
- /^(.*)-outgoing@(.*)$/!/^owner-/ 550 Use ${1}@${2} instead
+ if !/^owner-/
+ /^(.*)-outgoing@(.*)$/ 550 Use ${1}@${2} instead
+ endif
<b>EXAMPLE</b> <b>HEADER</b> <b>FILTER</b> <b>MAP</b>
# These were once common in junk mail.
taneous connections. When all servers are busy while a
client connects, the master creates a new server process,
provided that the trivial-rewrite server process limit is
- not exceeded. Each trivial-rewrite server stops accepting
- new connections after serving <b>$max</b><i>_</i><b>use</b> clients or termi-
- nates after <b>$max</b><i>_</i><b>idle</b> seconds of idle time.
+ not exceeded. Each trivial-rewrite server terminates
+ after serving at least <b>$max</b><i>_</i><b>use</b> clients of after <b>$max</b><i>_</i><b>idle</b>
+ seconds of idle time.
<b>STANDARDS</b>
None. The command does not interact with the outside
.ad
.fi
The \fBpostqueue\fR program implements the Postfix user interface
-for queue management. It implements all the operations that are
+for queue management. It implements operations that are
traditionally available via the \fBsendmail\fR(1) command.
+See the \fBpostsuper\fR(1) command for queue operations
+that require super-user privileges such as deleting a message
+from the queue or changing the status of a message.
The following options are recognized:
.IP "\fB-c \fIconfig_dir\fR"
.SH SEE ALSO
.na
.nf
-sendmail(8) sendmail-compatible user interface
+sendmail(1) sendmail-compatible user interface
+postsuper(1) privileged queue operations
qmgr(8) queue manager
showq(8) list mail queue
flush(8) fast flush service
.fi
The \fBpostsuper\fR command does maintenance jobs on the Postfix
queue. Use of the command is restricted to the superuser.
+See the \fBpostqueue\fR command for unprivileged queue operations
+such as listing or flushing the mail queue.
By default, \fBpostsuper\fR performs the operations requested with the
\fB-s\fR and \fB-p\fR command-line options on all Postfix queue
.IP \fBhash_queue_names\fR
The names of queues that are organized into multiple levels of
subdirectories.
+.SH SEE ALSO
+.na
+.nf
+sendmail(1) sendmail-compatible user interface
+postqueue(1) unprivileged queue operations
.SH LICENSE
.na
.nf
/^postmaster@/ OK
# Protect your outgoing majordomo exploders
-/^(.*)-outgoing@(.*)$/!/^owner-/ 550 Use ${1}@${2} instead
+if !/^owner-/
+/^(.*)-outgoing@(.*)$/ 550 Use ${1}@${2} instead
+endif
.SH EXAMPLE HEADER FILTER MAP
.na
.nf
When all servers are busy while a client connects, the master
creates a new proxymap server process, provided that the proxymap
server process limit is not exceeded.
-Each proxymap server stops accepting new connections after serving
-\fB$max_use\fR clients or terminates after \fB$max_idle\fR seconds
+Each proxymap server terminates after serving
+at least \fB$max_use\fR clients or after \fB$max_idle\fR seconds
of idle time.
.SH SECURITY
.na
When all servers are busy while a client connects, the master
creates a new server process, provided that the trivial-rewrite
server process limit is not exceeded.
-Each trivial-rewrite server stops accepting new connections after
-serving \fB$max_use\fR clients or terminates after \fB$max_idle\fR
+Each trivial-rewrite server terminates after
+serving at least \fB$max_use\fR clients of after \fB$max_idle\fR
seconds of idle time.
.SH STANDARDS
.na
# /^postmaster@/ OK
#
# # Protect your outgoing majordomo exploders
-# /^(.*)-outgoing@(.*)$/!/^owner-/ 550 Use ${1}@${2} instead
+# if !/^owner-/
+# /^(.*)-outgoing@(.*)$/ 550 Use ${1}@${2} instead
+# endif
# EXAMPLE HEADER FILTER MAP
# # These were once common in junk mail.
# /^Subject: make money fast/ REJECT
if (STREQUAL(value, "FILTER", command_len)) {
if (*optional_text == 0) {
msg_warn("missing FILTER command argument in %s map", map_class);
+ } else if (strchr(optional_text, ':') == 0) {
+ msg_warn("bad FILTER command %s in %s, need transport:destination",
+ optional_text, map_class);
} else {
if (state->filter)
myfree(state->filter);
ATTR_TYPE_NUM, MAIL_ATTR_FLAGS, dict_proxy->in_flags,
ATTR_TYPE_STR, MAIL_ATTR_KEY, key,
ATTR_TYPE_END) != 0
+ || vstream_fflush(stream)
|| attr_scan(stream, ATTR_FLAG_STRICT,
ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &status,
ATTR_TYPE_STR, MAIL_ATTR_VALUE, dict_proxy->result,
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20030107"
+#define MAIL_RELEASE_DATE "20030109"
#define VAR_MAIL_VERSION "mail_version"
#define DEF_MAIL_VERSION "2.0.0-" MAIL_RELEASE_DATE
ATTR_TYPE_STR, MAIL_ATTR_REQ, RESOLVE_ADDR,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
ATTR_TYPE_END) != 0
+ || vstream_fflush(stream)
|| attr_scan(stream, ATTR_FLAG_STRICT,
ATTR_TYPE_STR, MAIL_ATTR_TRANSPORT, reply->transport,
ATTR_TYPE_STR, MAIL_ATTR_NEXTHOP, reply->nexthop,
ATTR_TYPE_STR, MAIL_ATTR_RULE, rule,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
ATTR_TYPE_END) != 0
+ || vstream_fflush(stream)
|| attr_scan(stream, ATTR_FLAG_STRICT,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, result,
ATTR_TYPE_END) != 1) {
ATTR_TYPE_STR, MAIL_ATTR_REQ, VRFY_REQ_QUERY,
ATTR_TYPE_STR, MAIL_ATTR_ADDR, addr,
ATTR_TYPE_END) != 0
+ || vstream_fflush(stream)
|| attr_scan(stream, ATTR_FLAG_MISSING,
ATTR_TYPE_NUM, MAIL_ATTR_STATUS, &request_status,
ATTR_TYPE_NUM, MAIL_ATTR_ADDR_STATUS, addr_status,
/* This value is taken from the global \fBmain.cf\fR configuration
/* file. Setting \fBvar_use_limit\fR to zero disables the client limit.
/*
-/* When the use count reaches the use limit, the process no longer
-/* accepts new connections. Once all existing clients disconnect the
-/* process terminates.
-/*
/* The var_idle_limit variable limits the time that a service
/* receives no client connection requests before it commits suicide.
/* This value is taken from the global \fBmain.cf\fR configuration
event_disable_readwrite(vstream_fileno(stream));
(void) vstream_fclose(stream);
client_count--;
+ use_count++;
}
/* multi_server_execute - in case (char *) != (struct *) */
* Do not bother the application when the client disconnected.
*/
if (peekfd(vstream_fileno(stream)) > 0) {
- if (var_use_limit >= 0 && master_notify(var_pid, MASTER_STAT_TAKEN) < 0)
+ if (master_notify(var_pid, MASTER_STAT_TAKEN) < 0)
multi_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT);
multi_server_service(stream, multi_server_name, multi_server_argv);
- if (var_use_limit >= 0 && master_notify(var_pid, MASTER_STAT_AVAIL) < 0)
+ if (master_notify(var_pid, MASTER_STAT_AVAIL) < 0)
multi_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT);
} else {
multi_server_disconnect(stream);
non_blocking(fd, BLOCKING);
close_on_exec(fd, CLOSE_ON_EXEC);
client_count++;
- use_count++;
stream = vstream_fdopen(fd, O_RDWR);
tmp = concatenate(multi_server_name, " socket", (char *) 0);
vstream_control(stream, VSTREAM_CTL_PATH, tmp, VSTREAM_CTL_END);
/*
* The event loop, at last.
*/
- for (;;) {
-
- /*
- * When the use count reaches the use limit, notify the master daemon
- * that we are no longer listening, close the listen sockets, and
- * dispose of the accept lock if any. A use_limit < 0 indicates that
- * the client limit was reached.
- */
- if (var_use_limit > 0 && use_count >= var_use_limit) {
- if (msg_verbose)
- msg_info("use limit reached -- closing listen socket");
- if (master_notify(var_pid, MASTER_STAT_TAKEN) < 0)
- multi_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT);
- for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) {
- event_disable_readwrite(fd);
- (void) close(fd);
- }
- if (multi_server_lock != 0) {
- (void) vstream_fclose(multi_server_lock);
- multi_server_lock = 0;
- }
- var_use_limit = -1;
- }
-
- /*
- * Terminate if the client limit was reached and no connections remain.
- */
- if (var_use_limit < 0 && client_count == 0) {
- if (msg_verbose)
- msg_info("all clients disconnected -- exiting");
- break;
- }
-
- /*
- * Grab the optional accept lock, do some optional idle processing,
- * and wait for the next event.
- */
+ while (var_use_limit == 0 || use_count < var_use_limit || client_count > 0) {
if (multi_server_lock != 0) {
watchdog_stop(watchdog);
if (myflock(vstream_fileno(multi_server_lock), INTERNAL_LOCK,
/* \fBpostqueue\fR [\fB-c \fIconfig_dir\fR] \fB-s \fIsite\fR
/* DESCRIPTION
/* The \fBpostqueue\fR program implements the Postfix user interface
-/* for queue management. It implements all the operations that are
+/* for queue management. It implements operations that are
/* traditionally available via the \fBsendmail\fR(1) command.
+/* See the \fBpostsuper\fR(1) command for queue operations
+/* that require super-user privileges such as deleting a message
+/* from the queue or changing the status of a message.
/*
/* The following options are recognized:
/* .IP "\fB-c \fIconfig_dir\fR"
/* specifies the domains that Postfix accepts in the SMTP \fBETRN\fR
/* request and in the \fBsendmail -qR\fR command.
/* SEE ALSO
-/* sendmail(8) sendmail-compatible user interface
+/* sendmail(1) sendmail-compatible user interface
+/* postsuper(1) privileged queue operations
/* qmgr(8) queue manager
/* showq(8) list mail queue
/* flush(8) fast flush service
/* DESCRIPTION
/* The \fBpostsuper\fR command does maintenance jobs on the Postfix
/* queue. Use of the command is restricted to the superuser.
+/* See the \fBpostqueue\fR command for unprivileged queue operations
+/* such as listing or flushing the mail queue.
/*
/* By default, \fBpostsuper\fR performs the operations requested with the
/* \fB-s\fR and \fB-p\fR command-line options on all Postfix queue
/* .IP \fBhash_queue_names\fR
/* The names of queues that are organized into multiple levels of
/* subdirectories.
+/* SEE ALSO
+/* sendmail(1) sendmail-compatible user interface
+/* postqueue(1) unprivileged queue operations
/* LICENSE
/* .ad
/* .fi
/* When all servers are busy while a client connects, the master
/* creates a new proxymap server process, provided that the proxymap
/* server process limit is not exceeded.
-/* Each proxymap server stops accepting new connections after serving
-/* \fB$max_use\fR clients or terminates after \fB$max_idle\fR seconds
+/* Each proxymap server terminates after serving
+/* at least \fB$max_use\fR clients or after \fB$max_idle\fR seconds
/* of idle time.
/* SECURITY
/* .ad
do {
type_name += PROXY_COLON_LEN;
} while (!strncmp(type_name, PROXY_COLON, PROXY_COLON_LEN));
- if (htable_locate(proxy_read_maps, type_name) == 0)
+ if (strchr(type_name, ':') != 0
+ && htable_locate(proxy_read_maps, type_name) == 0)
(void) htable_enter(proxy_read_maps, type_name, (char *) 0);
}
myfree(saved_filter);
msg_warn("access map %s entry %s has FILTER entry without value",
table, datum);
return (SMTPD_CHECK_DUNNO);
+ } else if (strchr(cmd_text, ':') == 0) {
+ msg_warn("access map %s entry %s requires transport:destination",
+ table, datum);
+ return (SMTPD_CHECK_DUNNO);
} else {
vstring_sprintf(error_text, "<%s>: %s triggers FILTER %s",
reply_name, reply_class, cmd_text);
/*
* Fall back to the wild-card entry.
*/
+ if (transport_errno)
+ transport_wildcard_init();
if (transport_errno) {
dict_errno = transport_errno;
RETURN_FREE(NOTFOUND);
/* When all servers are busy while a client connects, the master
/* creates a new server process, provided that the trivial-rewrite
/* server process limit is not exceeded.
-/* Each trivial-rewrite server stops accepting new connections after
-/* serving \fB$max_use\fR clients or terminates after \fB$max_idle\fR
+/* Each trivial-rewrite server terminates after
+/* serving at least \fB$max_use\fR clients of after \fB$max_idle\fR
/* seconds of idle time.
/* STANDARDS
/* .ad
projects / thirdparty / postfix.git / commitdiff
