Feature: per-command delays in smtp-sink. File:
smtpstone/smtp-sink.c. Victor Duchovni.
+
+20071006
+
+ Cleanup: updated a bunch of hard-coded host[addr] logging
+ statements. Files: smtpd/smtpd.c, smtpd/smtpd_chat.c,
+ smtpd/smtpd_sasl_glue.c.
+
+ Cleanup: client port logging is now configurable (off by
+ default). Parameters: smtpd_client_port_logging and
+ qmqpd_client_port_logging. Files: smtpd/smtpd_peer.c,
+ qmqpd/qmqpd_peer.c.
+
+ Cleanup: send client port information "0" instead of "unknown"
+ to Milter applications. Files: smtpd/smtpd.c, smtpd/smtpd_milter.c,
+ cleanup/cleanup_milter.c.
Wish list:
+ Make event_drain() a proper event loop; update the zero mask,
+ and don't ignore a non-empty timer queue.
+
Combine smtpd_peer.c and qmqpd_peer.c into a single function
that produces a client context object, and provide attribute
print/scan routines that pass these client context objects
</pre>
+</DD>
+
+<DT><b><a name="qmqpd_client_port_logging">qmqpd_client_port_logging</a>
+(default: no)</b></DT><DD>
+
+<p> Enable logging of the remote QMQP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
</DD>
<DT><b><a name="qmqpd_error_delay">qmqpd_error_delay</a>
</pre>
+</DD>
+
+<DT><b><a name="smtpd_client_port_logging">smtpd_client_port_logging</a>
+(default: no)</b></DT><DD>
+
+<p> Enable logging of the remote SMTP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+
</DD>
<DT><b><a name="smtpd_client_recipient_rate_limit">smtpd_client_recipient_rate_limit</a>
What clients are allowed to connect to the QMQP
server port.
+ <b>qmqpd_client_port_logging (no)</b>
+ Enable logging of the remote QMQP client port in
+ addition to the hostname and IP address.
+
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b><a href="postconf.5.html#verp_delimiter_filter">verp_delimiter_filter</a> (-=+)</b>
- The characters Postfix accepts as VERP delimiter
- characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
+ The characters Postfix accepts as VERP delimiter
+ characters on the Postfix <a href="sendmail.1.html"><b>sendmail</b>(1)</a> command line
and in SMTP commands.
<b>SEE ALSO</b>
<a href="QMQP_README.html">QMQP_README</a>, Postfix ezmlm-idx howto.
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
server to immediately terminate the session with a
221 code.
+ Available in Postfix version 2.5 and later:
+
+ <b><a href="postconf.5.html#smtpd_client_port_logging">smtpd_client_port_logging</a> (no)</b>
+ Enable logging of the remote SMTP client port in
+ addition to the hostname and IP address.
+
<b>SEE ALSO</b>
<a href="anvil.8.html">anvil(8)</a>, connection/rate limiting
<a href="cleanup.8.html">cleanup(8)</a>, message canonicalization
<a href="XFORWARD_README.html">XFORWARD_README</a>, Postfix XFORWARD extension
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
.fi
.ad
.ft R
+.SH qmqpd_client_port_logging (default: no)
+Enable logging of the remote QMQP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+.PP
+This feature is available in Postfix 2.5 and later.
.SH qmqpd_error_delay (default: 1s)
How long the QMQP server will pause before sending a negative reply
to the client. The purpose is to slow down confused or malicious
.fi
.ad
.ft R
+.SH smtpd_client_port_logging (default: no)
+Enable logging of the remote SMTP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+.PP
+This feature is available in Postfix 2.5 and later.
.SH smtpd_client_recipient_rate_limit (default: 0)
The maximal number of recipient addresses that any client is allowed
to send to this service per time unit, regardless of whether or not
The process name of a Postfix command or daemon process.
.IP "\fBqmqpd_authorized_clients (empty)\fR"
What clients are allowed to connect to the QMQP server port.
+.IP "\fBqmqpd_client_port_logging (no)\fR"
+Enable logging of the remote QMQP client port in addition to
+the hostname and IP address.
.IP "\fBqueue_directory (see 'postconf -d' output)\fR"
The location of the Postfix top-level queue directory.
.IP "\fBsyslog_facility (mail)\fR"
.IP "\fBsmtpd_forbidden_commands (CONNECT, GET, POST)\fR"
List of commands that causes the Postfix SMTP server to immediately
terminate the session with a 221 code.
+.PP
+Available in Postfix version 2.5 and later:
+.IP "\fBsmtpd_client_port_logging (no)\fR"
+Enable logging of the remote SMTP client port in addition to
+the hostname and IP address.
.SH "SEE ALSO"
.na
.nf
s;\bsmtpd_client_event_limit_exceptions\b;<a href="postconf.5.html#smtpd_client_event_limit_exceptions">$&</a>;g;
s;\bsmtpd_client_connection_rate_limit\b;<a href="postconf.5.html#smtpd_client_connection_rate_limit">$&</a>;g;
s;\bsmtpd_client_message_rate_limit\b;<a href="postconf.5.html#smtpd_client_message_rate_limit">$&</a>;g;
+ s;\bsmtpd_client_port_logging\b;<a href="postconf.5.html#smtpd_client_port_logging">$&</a>;g;
s;\bsmtpd_client_recipient_rate_limit\b;<a href="postconf.5.html#smtpd_client_recipient_rate_limit">$&</a>;g;
s;\bsmtpd_client_new_tls_session_rate_limit\b;<a href="postconf.5.html#smtpd_client_new_tls_session_rate_limit">$&</a>;g;
s;\bsmtpd_client_restrictions\b;<a href="postconf.5.html#smtpd_client_restrictions">$&</a>;g;
with some SMTP servers. </p>
<p> This feature is available in Postfix 2.4.4 and later. </p>
+
+%PARAM smtpd_client_port_logging no
+
+<p> Enable logging of the remote SMTP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
+
+%PARAM qmqpd_client_port_logging no
+
+<p> Enable logging of the remote QMQP client port in addition to
+the hostname and IP address. The logging format is "host[address]:port".
+</p>
+
+<p> This feature is available in Postfix 2.5 and later. </p>
/*
* Connect macros.
*/
+#ifndef CLIENT_ATTR_UNKNOWN
+#define CLIENT_ATTR_UNKNOWN "unknown"
+#endif
+
if (strcmp(name, S8_MAC__) == 0) {
vstring_sprintf(state->temp1, "%s [%s]",
state->reverse_name, state->client_addr);
if (strcmp(name, S8_MAC_CLIENT_NAME) == 0)
return (state->client_name);
if (strcmp(name, S8_MAC_CLIENT_PORT) == 0)
- return (state->client_port);
+ return (state->client_port
+ && strcmp(state->client_port, CLIENT_ATTR_UNKNOWN) ?
+ state->client_port : "0");
if (strcmp(name, S8_MAC_CLIENT_PTR) == 0)
return (state->reverse_name);
#define DEF_INT_FILT_CLASSES ""
extern char *var_int_filt_classes;
+ /*
+ * This could break logfile processors, so it's off by default.
+ */
+#define VAR_SMTPD_CLIENT_PORT_LOG "smtpd_client_port_logging"
+#define DEF_SMTPD_CLIENT_PORT_LOG 0
+extern bool var_smtpd_client_port_log;
+
+#define VAR_QMQPD_CLIENT_PORT_LOG "qmqpd_client_port_logging"
+#define DEF_QMQPD_CLIENT_PORT_LOG 0
+extern bool var_qmqpd_client_port_log;
+
/* LICENSE
/* .ad
/* .fi
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20071004"
+#define MAIL_RELEASE_DATE "20071006"
#define MAIL_VERSION_NUMBER "2.5"
#ifdef SNAPSHOT
/* The process name of a Postfix command or daemon process.
/* .IP "\fBqmqpd_authorized_clients (empty)\fR"
/* What clients are allowed to connect to the QMQP server port.
+/* .IP "\fBqmqpd_client_port_logging (no)\fR"
+/* Enable logging of the remote QMQP client port in addition to
+/* the hostname and IP address.
/* .IP "\fBqueue_directory (see 'postconf -d' output)\fR"
/* The location of the Postfix top-level queue directory.
/* .IP "\fBsyslog_facility (mail)\fR"
char *var_filter_xport;
char *var_qmqpd_clients;
char *var_input_transp;
+bool var_qmqpd_client_port_log;
/*
* Silly little macros.
VAR_INPUT_TRANSP, DEF_INPUT_TRANSP, &var_input_transp, 0, 0,
0,
};
+ static CONFIG_BOOL_TABLE bool_table[] = {
+ VAR_QMQPD_CLIENT_PORT_LOG, DEF_QMQPD_CLIENT_PORT_LOG, &var_qmqpd_client_port_log,
+ 0,
+ };
/*
* Fingerprint executables and core dumps.
* Do the name[addr]:port formatting for pretty reports.
*/
state->namaddr =
- concatenate(state->name, "[", state->addr,
- "]:", state->port, (char *) 0);
+ concatenate(state->name, "[", state->addr, "]",
+ var_qmqpd_client_port_log ? ":" : (char *) 0,
+ state->port, (char *) 0);
}
/* qmqpd_peer_reset - destroy peer information */
/* .IP "\fBsmtpd_forbidden_commands (CONNECT, GET, POST)\fR"
/* List of commands that causes the Postfix SMTP server to immediately
/* terminate the session with a 221 code.
+/* .PP
+/* Available in Postfix version 2.5 and later:
+/* .IP "\fBsmtpd_client_port_logging (no)\fR"
+/* Enable logging of the remote SMTP client port in addition to
+/* the hostname and IP address.
/* SEE ALSO
/* anvil(8), connection/rate limiting
/* cleanup(8), message canonicalization
char *var_milt_data_macros;
char *var_milt_eod_macros;
char *var_milt_unk_macros;
+bool var_smtpd_client_port_log;
/*
* Silly little macros.
state->name, state->addr);
if (msg_verbose)
- msg_info("sasl_exceptions: %s[%s], match=%d",
- state->name, state->addr, match);
+ msg_info("sasl_exceptions: %s, match=%d",
+ state->namaddr, match);
return (match);
}
switch (status) {
default:
- msg_panic("smtpd_proto: unknown error reading from %s[%s]",
- state->name, state->addr);
+ msg_panic("smtpd_proto: unknown error reading from %s",
+ state->namaddr);
break;
case SMTP_ERR_TIME:
milter_macro_callback(smtpd_milters, smtpd_milter_eval,
(void *) state);
if ((err = milter_conn_event(smtpd_milters, state->name,
- state->addr, state->port,
+ state->addr,
+ strcmp(state->port, CLIENT_PORT_UNKNOWN) ?
+ state->port : "0",
state->addr_family)) != 0)
err = check_milter_reply(state, err);
}
*/
if (state->reason && state->where) {
if (strcmp(state->where, SMTPD_CMD_DATA) == 0) {
- msg_info("%s after %s (%lu bytes) from %s[%s]",
+ msg_info("%s after %s (%lu bytes) from %s",
state->reason, state->where, (long) state->act_size,
- state->name, state->addr);
+ state->namaddr);
} else if (strcmp(state->where, SMTPD_AFTER_DOT)
|| strcmp(state->reason, REASON_LOST_CONNECTION)) {
- msg_info("%s after %s from %s[%s]",
- state->reason, state->where, state->name, state->addr);
+ msg_info("%s after %s from %s",
+ state->reason, state->where, state->namaddr);
}
}
#endif
VAR_SMTPD_PEERNAME_LOOKUP, DEF_SMTPD_PEERNAME_LOOKUP, &var_smtpd_peername_lookup,
VAR_SMTPD_DELAY_OPEN, DEF_SMTPD_DELAY_OPEN, &var_smtpd_delay_open,
+ VAR_SMTPD_CLIENT_PORT_LOG, DEF_SMTPD_CLIENT_PORT_LOG, &var_smtpd_client_port_log,
0,
};
static CONFIG_STR_TABLE str_table[] = {
last_char = smtp_get(state->buffer, state->client, var_line_limit);
smtp_chat_append(state, "In: ");
if (last_char != '\n')
- msg_warn("%s[%s]: request longer than %d: %.30s...",
- state->name, state->addr, var_line_limit,
+ msg_warn("%s: request longer than %d: %.30s...",
+ state->namaddr, var_line_limit,
printable(STR(state->buffer), '?'));
if (msg_verbose)
- msg_info("< %s[%s]: %s", state->name, state->addr, STR(state->buffer));
+ msg_info("< %s: %s", state->namaddr, STR(state->buffer));
}
/* smtpd_chat_reply - format, send and record an SMTP response */
smtp_chat_append(state, "Out: ");
if (msg_verbose)
- msg_info("> %s[%s]: %s", state->name, state->addr, STR(state->buffer));
+ msg_info("> %s: %s", state->namaddr, STR(state->buffer));
/*
* Slow down clients that make errors. Sleep-on-anything slows down
post_mail_fprintf(notice, "From: %s (Mail Delivery System)",
mail_addr_mail_daemon());
post_mail_fprintf(notice, "To: %s (Postmaster)", var_error_rcpt);
- post_mail_fprintf(notice, "Subject: %s SMTP server: errors from %s[%s]",
- var_mail_name, state->name, state->addr);
+ post_mail_fprintf(notice, "Subject: %s SMTP server: errors from %s",
+ var_mail_name, state->namaddr);
post_mail_fputs(notice, "");
post_mail_fputs(notice, "Transcript of session follows.");
post_mail_fputs(notice, "");
if (strcmp(name, S8_MAC_CLIENT_ADDR) == 0)
return (state->rfc_addr);
if (strcmp(name, S8_MAC_CLIENT_PORT) == 0)
- return (state->port);
+ return (strcmp(state->port, CLIENT_PORT_UNKNOWN) ? state->port : "0");
if (strcmp(name, S8_MAC_CLIENT_CONN) == 0) {
if (state->expand_buf == 0)
state->expand_buf = vstring_alloc(10);
* Do the name[addr]:port formatting for pretty reports.
*/
state->namaddr =
- concatenate(state->name, "[", state->addr,
- "]:", state->port, (char *) 0);
+ concatenate(state->name, "[", state->addr, "]",
+ var_smtpd_client_port_log ? ":" : (char *) 0,
+ state->port, (char *) 0);
}
/* smtpd_peer_reset - destroy peer information */
*/
smtpd_chat_query(state);
if (strcmp(STR(state->buffer), "*") == 0) {
- msg_warn("%s[%s]: SASL %s authentication aborted",
- state->name, state->addr, sasl_method);
+ msg_warn("%s: SASL %s authentication aborted",
+ state->namaddr, sasl_method);
smtpd_chat_reply(state, "501 5.7.0 Authentication aborted");
return (-1);
}
}
if (status != XSASL_AUTH_DONE) {
- msg_warn("%s[%s]: SASL %s authentication failed: %s",
- state->name, state->addr, sasl_method,
+ msg_warn("%s: SASL %s authentication failed: %s",
+ state->namaddr, sasl_method,
STR(state->sasl_reply));
/* RFC 4954 Section 6. */
smtpd_chat_reply(state, "535 5.7.8 Error: authentication failed: %s",
projects / thirdparty / postfix.git / commitdiff
