to use SMTPUTF8, and therefore can avoid incompatibility
with sites that do not support SMTPUTF8.
+ The encoded result looks like "=?charset?Q?gibberish?=" for
+ quoted-printable encoding, or "=?charset?B?gibberish?=" for
+ base64 encoding. Postfix uses quoted-printable for a full
+ name that is short or mostly ASCII, and uses base64 otherwise.
+
The new parameter "full_name_encoding_charset" (default:
"utf-8") specifies the character set of the full name in
the Postfix sendmail "-F" option, in the Postfix sendmail
"NAME" environment variable, or in the GECOS field of the
- UNIX password database.
-
- The encoded result looks like "=?charset?Q?gibberish?= for
- quoted-printable encoding, or "=?charset?B?gibberish?= for
- base64 encoding. Postfix uses quoted-printable for a full
- name that is short or mostly ASCII, and uses base64 otherwise.
+ UNIX password database. The parameter value is also part
+ of the encoded full name, and informs a Mail User Agent how
+ to display the decoded gibberish.
Files: mantools/postlink, proto/postconf.proto, cleanup/cleanup.c,
cleanup/cleanup_init.c, cleanup/cleanup_message.c,
global/ascii_header_text.c, global/ascii_header_text.h,
global/mail_params.h, global/rfc2047_code.c, global/rfc2047_code.h,
util/clean_ascii_cntrl_space.c, util/clean_ascii_cntrl_space.h.
+
+20250106
+
+ Cleanup: the Postfix Milter implementation now logs the
+ reason for a quarantine request. If a quarantine action is
+ requested by a Milter application, Postfix will log the
+ reason given by the application. If the quarantine action
+ is requested with the "milter_default_action" parameter
+ setting or with a per-Milter "default_action" property,
+ Postfix will log "default_action". Files: smtpd/smtp_milter.c,
+ cleanup/cleanup_milter.c, milter/milter8.c, milter/test-milter.c.
+
+ Cleanup: suppress repeated logging of a Milter "quarantine",
+ "discard", or "shutdown" request. Files: cleanup/cleanup_milter.c,
+ smtpd/smtpd.c.
+
+ Documentation: cleanup_replace_stray_cr_lf is disabled
+ with "receive_override_options = no_header_body_checks".
+ File: proto/postconf.proto.
+
+20250107
+
+ Re-worded the documentation for RFC 2047 full name encoding.
+ Files: HISTORY, RELEASE_NOTES, proto/postconf.proto.
+
+ Cleanup: eliminated a bogus warning "unexpected SMFIC_UNKNOWN
+ response" when a Milter default action is "quarantine", the
+ milter is unavailable, and a remote SMTP client sends a
+ command that is unknown or known-but-disabled. File:
+ smtpd/smtpd.c.
+
+ Cleanup: the maximum netstring reply size is now configurable
+ with the socketmap_max_reply_size configuration parameter.
+ Code by Christian Roessner. Files: util/dict_sockmap.[hc],
+ global/mail_params.[hc], proto/postconf.proto,
+ proto/socketmap_table.
+
+ Cleanup: the netstring client sets or clears errno to improve
+ error messages from its callers. File: util/netstring.c.
license of their choice. Those who are more comfortable with the
IPL can continue with that license.
+[Incompat 20250106]
+
+The logging of the Milter 'quarantine' action has changed. Instead
+of logging "milter triggers HOLD action", it logs the reason given
+by a Milter application, or "default_action" if a Milter application
+was unavailable and the milter_default_action parameter or Milter
+"default_action" property specifies "quarantine".
+
+[Feature 20250106]
+
+The Postfix Milter implementation now logs the reason for a
+'quarantine' action, instead of "milter triggers HOLD action".
+
+- If the quarantine action was requested by a Milter application,
+ Postfix will log the reason given by the application.
+
+- If the quarantine action was requested with the "milter_default_action"
+ parameter setting or with a Milter "default_action" property,
+ Postfix will log "default_action".
+
[Feature 20250105]
Support for automatic RFC 2047 encoding of non-ASCII "full name"
non-ASCII full names can avoid the need to use SMTPUTF8, and therefore
can avoid incompatibility with sites that do not support SMTPUTF8.
+The encoded result looks like "=?charset?Q?gibberish?=: for
+quoted-printable encoding, or "=?charset?B?gibberish?=" for base64
+encoding. Postfix uses quoted-printable for a full name that is
+short or mostly ASCII, and uses base64 otherwise.
+
Background: when a message without a From: header is submitted with the
Postfix sendmail(1) command, Postfix will add a From: header and will
try to use the sender's full name specified with the Postfix sendmail(1)
(default: utf8) which specifies the character set of the full name
information in the Postfix sendmail(1) "-F" option or "NAME"
environment variable, or in the GECOS field in the UNIX password
-database.
+database. The parameter value is also part of the encoded full name,
+and informs a Mail User Agent how to display the decoded gibberish.
[Incompat 20250105]
Things to do before the stable release:
- Make the spawn_command fix conditional on compatibility_level.
+ For the stable releases, make the spawn_command fix conditional
+ on compatibility_level.
make pre-release-check, HTML validator check.
relay_recipient_maps empty should default to 'no valid
recipients'. Subject to compatibility level.
- Make a reason available for messages placed on 'hold'.
+ The Milter 'quarantine' action should be reported with a
+ call-back function, instead of setting the Milter default
+ reply. However, we still need the existing 'reply' based
+ channel to support "milter_default_action = quarantine".
In pipe_command() and spawn_command(), the child process
should call initgroups() to corrrectly the access rights
that mail system handles those stray characters in an
implementation-dependent manner. </p>
+<p> Note: this feature is disabled with "<a href="postconf.5.html#receive_override_options">receive_override_options</a> =
+<a href="postconf.5.html#no_header_body_checks">no_header_body_checks</a>". </p>
+
<p> This feature is available in Postfix ≥ 3.9, 3.8.5, 3.7.10,
3.6.14, and 3.5.24. </p>
replace the "&" character with the login name, with a lowercase
ASCII first character converted to uppercase. </p>
-<p> NOTE: Postfix does not convert between character sets; it simply
-encodes the raw bytes in a full name as printable ASCII gibberish.
-The <a href="postconf.5.html#full_name_encoding_charset">full_name_encoding_charset</a> value specifies how a mail reader
-program should display the decoded gibberish. </p>
+<p> NOTE: Postfix does not convert between character sets. The
+<a href="postconf.5.html#full_name_encoding_charset">full_name_encoding_charset</a> parameter specifies the character set
+of the full name in the Postfix sendmail "-F" option, in the Postfix
+sendmail "NAME" environment variable, or in the GECOS field of the
+UNIX password database. The parameter value is also part of the
+encoded full name, and informs a Mail User Agent how to display the
+decoded gibberish. </p>
<p> Specify a valid character set name such as "utf-8" or "iso-8859-1
(specify the latter for full names that use the Latin1 encoding).
<p> This feature is available in Postfix 3.0 and later. </p>
+</DD>
+
+<DT><b><a name="socketmap_max_reply_size">socketmap_max_reply_size</a>
+(default: 100000)</b></DT><DD>
+
+<p> The maximum allowed reply size from a socketmap server, not
+including the netstring encapsulation. </p>
+
+<p> This feature is available in Postfix ≥ 3.10. </p>
+
+
</DD>
<DT><b><a name="soft_bounce">soft_bounce</a>
<a href="cidr_table.5.html">cidr</a>:, <a href="pcre_table.5.html">pcre</a>:, and <a href="regexp_table.5.html">regexp</a>: tables.
<b><a name="reply_format">REPLY FORMAT</a></b>
- The Postfix socketmap client requires that replies are not longer than
- 100000 characters (not including the netstring encapsulation). Replies
- must have the following form:
+ Replies must have the following form:
<b>OK</b> <<b>space</b>> <i>data</i>
The requested data was found.
The request failed. The reason, if non-empty, is descriptive
text.
+<b><a name="protocol_limits">PROTOCOL LIMITS</a></b>
+ The Postfix socketmap client requires that replies are no longer than
+ 100000 bytes (not including the netstring encapsulation). This limit
+ can be changed with the <a href="postconf.5.html#socketmap_max_reply_size">socketmap_max_reply_size</a> configuration parame-
+ ter (Postfix 3.10 and later).
+
+ The Postfix socketmap client enforces a 100s time limit to connect to a
+ socketmap server, to send a request, and to receive a reply. It closes
+ an idle connection after 10s, and closes an active connection after
+ 100s. These limits are not (yet) configurable.
+
<b><a name="security">SECURITY</a></b>
- This map cannot be used for security-sensitive information,
- because neither the connection nor the server are authenticated.
+ This map cannot be used for security-sensitive information, because
+ neither the connection nor the server are authenticated.
+
+<b><a name="configuration_parameters">CONFIGURATION PARAMETERS</a></b>
+ <b><a href="postconf.5.html#socketmap_max_reply_size">socketmap_max_reply_size</a> (100000)</b>
+ The maximum allowed reply size from a socketmap server, not
+ including the netstring encapsulation.
<b><a name="see_also">SEE ALSO</a></b>
<a href="https://cr.yp.to/proto/netstrings.txt">https://cr.yp.to/proto/netstrings.txt</a>, netstring definition
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b><a name="bugs">BUGS</a></b>
- The protocol limits are not yet configurable.
+ The protocol time limits are not yet configurable.
<b><a name="license">LICENSE</a></b>
The Secure Mailer license must be distributed with this software.
<b><a name="history">HISTORY</a></b>
Socketmap support was introduced with Postfix version 2.10.
+ The socketmap protocol was published with Sendmail v8.13.
+
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
111 8th Avenue
New York, NY 10011, USA
+ Wietse Venema
+ porcupine.org
+
SOCKETMAP_TABLE(5)
</pre> </body> </html>
that mail system handles those stray characters in an
implementation\-dependent manner.
.PP
+Note: this feature is disabled with "receive_override_options =
+no_header_body_checks".
+.PP
This feature is available in Postfix >= 3.9, 3.8.5, 3.7.10,
3.6.14, and 3.5.24.
.SH cleanup_service_name (default: cleanup)
replace the "&" character with the login name, with a lowercase
ASCII first character converted to uppercase.
.PP
-NOTE: Postfix does not convert between character sets; it simply
-encodes the raw bytes in a full name as printable ASCII gibberish.
-The full_name_encoding_charset value specifies how a mail reader
-program should display the decoded gibberish.
+NOTE: Postfix does not convert between character sets. The
+full_name_encoding_charset parameter specifies the character set
+of the full name in the Postfix sendmail "\-F" option, in the Postfix
+sendmail "NAME" environment variable, or in the GECOS field of the
+UNIX password database. The parameter value is also part of the
+encoded full name, and informs a Mail User Agent how to display the
+decoded gibberish.
.PP
Specify a valid character set name such as "utf\-8" or "iso\-8859\-1
(specify the latter for full names that use the Latin1 encoding).
built to support these protocols.
.PP
This feature is available in Postfix 3.0 and later.
+.SH socketmap_max_reply_size (default: 100000)
+The maximum allowed reply size from a socketmap server, not
+including the netstring encapsulation.
+.PP
+This feature is available in Postfix >= 3.10.
.SH soft_bounce (default: no)
Safety net to keep mail queued that would otherwise be returned to
the sender. This parameter disables locally\-generated bounces,
.nf
.ad
.fi
-The Postfix socketmap client requires that replies are not
-longer than 100000 characters (not including the netstring
-encapsulation). Replies must have the following form:
+Replies must have the following form:
.IP "\fBOK <space> \fIdata\fR"
The requested data was found.
.IP "\fBNOTFOUND <space>"
.IP "\fBPERM <space> \fIreason\fR"
The request failed. The reason, if non\-empty, is descriptive
text.
+.SH "PROTOCOL LIMITS"
+.na
+.nf
+.ad
+.fi
+The Postfix socketmap client requires that replies are no
+longer than 100000 bytes (not including the netstring
+encapsulation). This limit can be changed with the
+socketmap_max_reply_size configuration parameter (Postfix 3.10
+and later).
+
+The Postfix socketmap client enforces a 100s time limit to
+connect to a socketmap server, to send a request, and to receive
+a reply. It closes an idle connection after 10s, and closes
+an active connection after 100s. These limits are not (yet)
+configurable.
.SH "SECURITY"
.na
.nf
+.ad
+.fi
This map cannot be used for security\-sensitive information,
because neither the connection nor the server are authenticated.
+.SH "CONFIGURATION PARAMETERS"
+.na
+.nf
+.ad
+.fi
+.IP "\fBsocketmap_max_reply_size (100000)\fR"
+The maximum allowed reply size from a socketmap server, not
+including the netstring encapsulation.
.SH "SEE ALSO"
.na
.nf
.SH BUGS
.ad
.fi
-The protocol limits are not yet configurable.
+The protocol time limits are not yet configurable.
.SH "LICENSE"
.na
.nf
.ad
.fi
Socketmap support was introduced with Postfix version 2.10.
+
+The socketmap protocol was published with Sendmail v8.13.
.SH "AUTHOR(S)"
.na
.nf
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
+
+Wietse Venema
+porcupine.org
s;\bqmqpd_authorized_clients\b;<a href="postconf.5.html#qmqpd_authorized_clients">$&</a>;g;
s;\bservice_name\b;<a href="postconf.5.html#service_name">$&</a>;g;
+ s;\bsocket[-</Bb>]*\n* *[<Bb>]*map_max_reply_size\b;<a href="postconf.5.html#socketmap_max_reply_size">$&</a>;g;
s;\bdefault_desti[-</Bb>]*\n* *[<Bb>]*na[-</Bb>]*\n* *[<Bb>]*tion_con[-</Bb>]*\n* *[<Bb>]*cur[-</Bb>]*\n* *[<Bb>]*rency_negative_feedback\b;<a href="postconf.5.html#default_destination_concurrency_negative_feedback">$&</a>;g;
s;\bdefault_desti[-</Bb>]*\n* *[<Bb>]*na[-</Bb>]*\n* *[<Bb>]*tion_con[-</Bb>]*\n* *[<Bb>]*cur[-</Bb>]*\n* *[<Bb>]*rency_positive_feedback\b;<a href="postconf.5.html#default_destination_concurrency_positive_feedback">$&</a>;g;
s;\bdefault_desti[-</Bb>]*\n* *[<Bb>]*na[-</Bb>]*\n* *[<Bb>]*tion_con[-</Bb>]*\n* *[<Bb>]*cur[-</Bb>]*\n* *[<Bb>]*rency_failed_cohort_limit\b;<a href="postconf.5.html#default_destination_concurrency_failed_cohort_limit">$&</a>;g;
that mail system handles those stray characters in an
implementation-dependent manner. </p>
+<p> Note: this feature is disabled with "receive_override_options =
+no_header_body_checks". </p>
+
<p> This feature is available in Postfix ≥ 3.9, 3.8.5, 3.7.10,
3.6.14, and 3.5.24. </p>
replace the "&" character with the login name, with a lowercase
ASCII first character converted to uppercase. </p>
-<p> NOTE: Postfix does not convert between character sets; it simply
-encodes the raw bytes in a full name as printable ASCII gibberish.
-The full_name_encoding_charset value specifies how a mail reader
-program should display the decoded gibberish. </p>
+<p> NOTE: Postfix does not convert between character sets. The
+full_name_encoding_charset parameter specifies the character set
+of the full name in the Postfix sendmail "-F" option, in the Postfix
+sendmail "NAME" environment variable, or in the GECOS field of the
+UNIX password database. The parameter value is also part of the
+encoded full name, and informs a Mail User Agent how to display the
+decoded gibberish. </p>
<p> Specify a valid character set name such as "utf-8" or "iso-8859-1
(specify the latter for full names that use the Latin1 encoding).
skip the full name. </p>
<p> This feature is available in Postfix ≥ 3.10. </p>
+
+%PARAM socketmap_max_reply_size 100000
+
+<p> The maximum allowed reply size from a socketmap server, not
+including the netstring encapsulation. </p>
+
+<p> This feature is available in Postfix ≥ 3.10. </p>
# REPLY FORMAT
# .ad
# .fi
-# The Postfix socketmap client requires that replies are not
-# longer than 100000 characters (not including the netstring
-# encapsulation). Replies must have the following form:
+# Replies must have the following form:
# .IP "\fBOK <space> \fIdata\fR"
# The requested data was found.
# .IP "\fBNOTFOUND <space>"
# .IP "\fBPERM <space> \fIreason\fR"
# The request failed. The reason, if non-empty, is descriptive
# text.
+# PROTOCOL LIMITS
+# .ad
+# .fi
+# The Postfix socketmap client requires that replies are no
+# longer than 100000 bytes (not including the netstring
+# encapsulation). This limit can be changed with the
+# socketmap_max_reply_size configuration parameter (Postfix 3.10
+# and later).
+#
+# The Postfix socketmap client enforces a 100s time limit to
+# connect to a socketmap server, to send a request, and to receive
+# a reply. It closes an idle connection after 10s, and closes
+# an active connection after 100s. These limits are not (yet)
+# configurable.
# SECURITY
+# .ad
+# .fi
# This map cannot be used for security-sensitive information,
# because neither the connection nor the server are authenticated.
+# CONFIGURATION PARAMETERS
+# .ad
+# .fi
+# .IP "\fBsocketmap_max_reply_size (100000)\fR"
+# The maximum allowed reply size from a socketmap server, not
+# including the netstring encapsulation.
# SEE ALSO
# https://cr.yp.to/proto/netstrings.txt, netstring definition
# postconf(1), Postfix supported lookup tables
# .nf
# DATABASE_README, Postfix lookup table overview
# BUGS
-# The protocol limits are not yet configurable.
+# The protocol time limits are not yet configurable.
# LICENSE
# .ad
# .fi
# The Secure Mailer license must be distributed with this software.
# HISTORY
# Socketmap support was introduced with Postfix version 2.10.
+#
+# The socketmap protocol was published with Sendmail v8.13.
# AUTHOR(S)
# Wietse Venema
# IBM T.J. Watson Research
# Google, Inc.
# 111 8th Avenue
# New York, NY 10011, USA
+#
+# Wietse Venema
+# porcupine.org
#--
logging to the standard error stream File postlog postlog c
Files mantools postlink proto postconf proto cleanup cleanup c
many errors I O timeout lost connection File smtpd smtpd c
+ that is unknown or known but disabled File smtpd smtpd c
+proto proto socketmap_table
roff
diffs
CLOSEFROM
+Roessner
return (0);
switch (resp[0]) {
case 'H':
- /* XXX Should log the reason here. */
if (state->flags & CLEANUP_FLAG_HOLD)
return (0);
state->flags |= CLEANUP_FLAG_HOLD;
action = "milter-hold";
- text = "milter triggers HOLD action";
+ text = resp[1] ? resp + 1 : "milter triggers HOLD action";
break;
case 'D':
+ if (state->flags & CLEANUP_FLAG_DISCARD)
+ return (0);
state->flags |= CLEANUP_FLAG_DISCARD;
action = "milter-discard";
text = "milter triggers DISCARD action";
break;
case 'S':
+ if (state->flags & CLEANUP_STAT_CONT)
+ return (0);
/* XXX Can this happen after end-of-message? */
state->flags |= CLEANUP_STAT_CONT;
action = "milter-reject";
mail_params.o: ../../include/dict.h
mail_params.o: ../../include/dict_db.h
mail_params.o: ../../include/dict_lmdb.h
+mail_params.o: ../../include/dict_sockmap.h
mail_params.o: ../../include/get_hostname.h
mail_params.o: ../../include/htable.h
mail_params.o: ../../include/inet_addr_list.h
#include <dict.h>
#include <dict_db.h>
#include <dict_lmdb.h>
+#include <dict_sockmap.h>
#include <inet_proto.h>
#include <vstring_vstream.h>
#include <iostuff.h>
int var_verify_neg_cache;
int var_oldlog_compat;
int var_delay_max_res;
+int var_sockmap_max_reply;
char *var_int_filt_classes;
int var_cyrus_sasl_authzid;
VAR_MIME_BOUND_LEN, DEF_MIME_BOUND_LEN, &var_mime_bound_len, 1, 0,
VAR_DELAY_MAX_RES, DEF_DELAY_MAX_RES, &var_delay_max_res, MIN_DELAY_MAX_RES, MAX_DELAY_MAX_RES,
VAR_INET_WINDOW, DEF_INET_WINDOW, &var_inet_windowsize, 0, 0,
+ VAR_SOCKMAP_MAX_REPLY, DEF_SOCKMAP_MAX_REPLY, &var_sockmap_max_reply, 1, 0,
0,
};
static const CONFIG_LONG_TABLE long_defaults[] = {
check_overlap();
dict_db_cache_size = var_db_read_buf;
dict_lmdb_map_size = var_lmdb_map_size;
+ dict_sockmap_max_reply = var_sockmap_max_reply;
inet_windowsize = var_inet_windowsize;
if (set_logwriter_create_perms(var_maillog_file_perms) < 0)
msg_warn("ignoring bad permissions: %s = %s",
#define DEF_FULL_NAME_ENCODING_CHARSET "utf-8"
extern char *var_full_name_encoding_charset;
+ /*
+ * Limit for the sockmap reply size
+ */
+#define VAR_SOCKMAP_MAX_REPLY "socketmap_max_reply_size"
+#define DEF_SOCKMAP_MAX_REPLY 100000 /* reply size limit */
+extern int var_sockmap_max_reply;
+
/* LICENSE
/* .ad
/* .fi
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20250105"
+#define MAIL_RELEASE_DATE "20250107"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT
if (strcasecmp(milter->def_action, "accept") == 0) {
reply = 0;
} else if (strcasecmp(milter->def_action, "quarantine") == 0) {
- reply = "H";
+ reply = "Hdefault_action";
} else {
reply = "451 4.3.5 Server configuration problem - try again later";
}
} else if (strcasecmp(milter->def_action, "tempfail") == 0) {
reply = "451 4.7.1 Service unavailable - try again later";
} else if (strcasecmp(milter->def_action, "quarantine") == 0) {
- reply = "H";
+ reply = "Hdefault_action";
} else {
msg_warn("milter %s: unrecognized default action: %s",
milter->m.name, milter->def_action);
* accept, discard). We should not transition, either, otherwise
* we get out of sync.
*/
- case SMFIR_QUARANTINE:
- /* XXX What to do with the "reason" text? */
- if (milter8_read_data(milter, &data_size,
- MILTER8_DATA_BUFFER, milter->buf,
- MILTER8_DATA_END) != 0)
- MILTER8_EVENT_BREAK(milter->def_reply);
- milter8_def_reply(milter, "H");
- continue;
+ case SMFIR_QUARANTINE:{
+ VSTRING *reply;
+ ssize_t saved_size = data_size;
+
+ if (milter8_read_data(milter, &data_size,
+ MILTER8_DATA_BUFFER, milter->buf,
+ MILTER8_DATA_END) != 0)
+ MILTER8_EVENT_BREAK(milter->def_reply);
+ /* XXX This should be reported with a call-back. */
+ reply = vstring_alloc(100);
+ if (saved_size > 100)
+ saved_size=100;
+ vstring_sprintf(reply, "H%.*s", (int) saved_size,
+ STR(milter->buf));
+ milter8_def_reply(milter, STR(reply));
+ vstring_free(reply);
+ continue;
+ }
/*
* Decision: skip further events of this type.
/* to maintain compatibility between successive versions.
/*
/* Arguments (multiple alternatives are separated by "\fB|\fR"):
-/* .IP "\fB-a accept|tempfail|reject|discard|skip|\fIddd x.y.z text\fR"
+/* .IP "\fB-a accept|tempfail|reject|discard|skip|quarantine \fItext\fR|\fIddd x.y.z text\fR"
/* Specifies a non-default reply for the MTA command specified
/* with \fB-c\fR. The default is \fBtempfail\fR. The \fItext\fR
/* is repeated once, to produce multi-line reply text.
0, 0,
};
+static char *quarantine_reason;
+
static char *reply_code;
static char *reply_dsn;
static char *reply_message;
if (smfi_delrcpt(ctx, del_rcpt[count]) == MI_FAILURE)
fprintf(stderr, "smfi_delrcpt `%s' failed\n", del_rcpt[count]);
}
+ if (quarantine_reason) {
+ if (smfi_quarantine(ctx, quarantine_reason) == MI_FAILURE)
+ fprintf(stderr, "smfi_quarantine failed\n");
+ printf("quarantine '%s'\n", quarantine_reason);
+ }
return (test_reply(ctx, test_eom_reply));
}
{
"test-milter",
SMFI_VERSION,
- SMFIF_ADDRCPT | SMFIF_DELRCPT | SMFIF_ADDHDRS | SMFIF_CHGHDRS | SMFIF_CHGBODY | SMFIF_CHGFROM,
+ SMFIF_ADDRCPT | SMFIF_DELRCPT | SMFIF_ADDHDRS | SMFIF_CHGHDRS | SMFIF_CHGBODY | SMFIF_CHGFROM | SMFIF_QUARANTINE,
test_connect,
test_helo,
test_mail,
while ((ch = getopt(argc, argv, "a:A:b:c:C:d:D:f:h:i:lm:M:n:N:p:rv")) > 0) {
switch (ch) {
case 'a':
- action = optarg;
+ if (action != 0)
+ fprintf(stderr, "ignoring extra -a option\n");
+ else
+ action = optarg;
break;
case 'A':
if (add_rcpt_count >= MAX_RCPT) {
cp->reply[0] = SMFIS_ACCEPT;
} else if (strcmp(action, "discard") == 0) {
cp->reply[0] = SMFIS_DISCARD;
+ } else if (strncmp(action, "quarantine ", 11) == 0) {
+ if (strcmp(command, "eom") != 0) {
+ fprintf(stderr, "quarantine action requires '-c eom'\n");
+ exit(1);
+ }
+ quarantine_reason = action + 11;
+ quarantine_reason += strspn(quarantine_reason, " ");
#ifdef SMFIS_SKIP
} else if (strcmp(action, "skip") == 0) {
cp->reply[0] = SMFIS_SKIP;
printf("reply code %s dsn %s message %s\n",
reply_code, reply_dsn ? reply_dsn : "(null)",
reply_message ? reply_message : "(null)");
+ if (quarantine_reason)
+ printf("quarantine reason %s\n", quarantine_reason);
}
}
#if SMFI_VERSION > 5
switch (reply[0]) {
case 'H':
+ if (state->saved_flags & CLEANUP_FLAG_HOLD)
+ return (0);
state->saved_flags |= CLEANUP_FLAG_HOLD;
action = "milter-hold";
+ text = reply[1] ? reply + 1 : "milter triggers HOLD action";
reply = 0;
- text = "milter triggers HOLD action";
break;
case 'D':
+ if (state->saved_flags & CLEANUP_FLAG_DISCARD)
+ return (0);
state->saved_flags |= CLEANUP_FLAG_DISCARD;
action = "milter-discard";
reply = 0;
*
* As a compromise, we will not override the Postfix SMTP server's specific
* "5XX Unknown command" etc. reply.
+ *
+ * We're not calling check_milter_reply() because that has unwanted side
+ * effects including logging and replying with 421.
*/
if (state->milters != 0
&& (err = milter_unknown_event(state->milters,
if (err[0] == '4') {
smtpd_chat_reply(state, "%s", err);
return (1);
- } else if (err[0] != '5') {
+ } else if (strchr("HDS5", err[0]) == 0) {
msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
}
}
* Class variables.
*/
static int dict_sockmap_timeout = DICT_SOCKMAP_DEF_TIMEOUT;
-static int dict_sockmap_max_reply = DICT_SOCKMAP_DEF_MAX_REPLY;
+int dict_sockmap_max_reply = DICT_SOCKMAP_DEF_MAX_REPLY;
static int dict_sockmap_max_idle = DICT_SOCKMAP_DEF_MAX_IDLE;
static int dict_sockmap_max_ttl = DICT_SOCKMAP_DEF_MAX_TTL;
#define DICT_TYPE_SOCKMAP "socketmap"
extern DICT *dict_sockmap_open(const char *, int, int);
+extern int dict_sockmap_max_reply;
/* LICENSE
/* .ad
/* Google, Inc.
/* 111 8th Avenue
/* New York, NY 10011, USA
+/*
+/* Wietse Venema
+/* porcupine.org
/*--*/
/* System library. */
#include <sys_defs.h>
#include <stdarg.h>
#include <ctype.h>
+#include <errno.h>
/* Utility library. */
case NETSTRING_ERR_EOF:
return ("unexpected disconnect");
case NETSTRING_ERR_TIME:
+ errno = ETIMEDOUT;
return ("time limit exceeded");
case NETSTRING_ERR_FORMAT:
+ errno = 0;
return ("input format error");
case NETSTRING_ERR_SIZE:
+#ifdef EMSGSIZE
+ errno = EMSGSIZE;
+#endif
return ("input exceeds size limit");
default:
+ errno = 0;
return ("unknown netstring error");
}
}
projects / thirdparty / postfix.git / commitdiff
