20040918
Feature: authorized_flush_users, authorized_mailq_users,
- authorized_sendmail_users to restrict what users can flush
- the queue, list the queue, or submit mail locally. Victor
- Duchovni, Morgan Stanley. Files: sendmail/sendmail.c,
- postdrop/postdrop.c, postqueue/postqueue.c, global/user_acl.[hc].
+ authorized_submit_users to restrict what users can flush
+ the queue, list the queue, or submit mail locally. Based
+ on code by Victor Duchovni, Morgan Stanley. Files:
+ sendmail/sendmail.c, postdrop/postdrop.c, postqueue/postqueue.c,
+ global/user_acl.[hc].
Feature: discard(8) mail delivery agent. Victor Duchovni,
Morgan Stanley. File: discard/discard.c.
Open problems:
+ Low: master(5) manual page.
+
Low: should the Delivered-To: test in local(8) be configurable?
Low: append a different domain (like, address.invalid) for
filtered BEFORE it is stored into the Postfix queue.
This document describes two approaches to content filter all email, as well as
-several options filter mail selectively:
+several options to filter mail selectively:
* Principles of operation
- * Simple content filter example
- * Simple content filter limitations
- * Advanced content filter example
- * Advanced content filter performance
- * Filtering mail from outside users only
- * Different filters for different domains
- * FILTER actions in access or header/body tables
+ * Simple content filter
+
+ o Simple content filter example
+ o Simple content filter performance
+ o Simple content filter limitations
+ o Turning off the simple content filter
+
+ * Advanced content filter
+
+ o Advanced content filter example
+ o Advanced content filter performance
+ o Turning off the advanced content filter
+
+ * Selective content filtering
+
+ o Filtering mail from outside users only
+ o Different filters for different domains
+ o FILTER actions in access or header/body tables
P\bPr\bri\bin\bnc\bci\bip\bpl\ble\bes\bs o\bof\bf o\bop\bpe\ber\bra\bat\bti\bio\bon\bn
* Execute "p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd" to complete the change.
-To turn off content filtering, edit the master.cf file, remove the "-
-o content_filter=filter:dummy" text from the entry that defines the Postfix
-SMTP server, and execute another "p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd".
+S\bSi\bim\bmp\bpl\ble\be c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br p\bpe\ber\brf\bfo\bor\brm\bma\ban\bnc\bce\be
With the shell script as shown above you will lose a factor of four in Postfix
performance for transit mail that arrives and leaves via SMTP. You will lose
below) makes it possible to turn off header_checks or body_checks patterns for
filtered mail.
+T\bTu\bur\brn\bni\bin\bng\bg o\bof\bff\bf t\bth\bhe\be s\bsi\bim\bmp\bpl\ble\be c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br
+
+To turn off "simple" content filtering:
+
+ * Edit the master.cf file, remove the "-o content_filter=filter:dummy" text
+ from the entry that defines the Postfix SMTP server.
+
+ * Execute "p\bpo\bos\bst\bts\bsu\bup\bpe\ber\br -\b-r\br A\bAL\bLL\bL" to remove content filter information from
+ existing queue files.
+
+ * Execute another "p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd".
+
A\bAd\bdv\bva\ban\bnc\bce\bed\bd c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br e\bex\bxa\bam\bmp\bpl\ble\be
The second example is more complex, but can give better performance, and is
addresses instead of the result of virtual alias expansion, canonical
mapping, automatic bcc, address masquerading, etc.
-To turn off content filtering, delete or comment out the two above main.cf
-lines. All other changes made for advanced content filtering have no effect
-when content filtering is turned off.
-
A\bAd\bdv\bva\ban\bnc\bce\bed\bd c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br:\b: s\bse\ben\bnd\bdi\bin\bng\bg u\bun\bnf\bfi\bil\blt\bte\ber\bre\bed\bd m\bma\bai\bil\bl t\bto\bo t\bth\bhe\be c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br
In this example, "scan" is an instance of the Postfix SMTP client with slightly
queue. As mentioned in the introduction of this document, content filtering
with multiple Postfix instances will be covered in a future version.
+T\bTu\bur\brn\bni\bin\bng\bg o\bof\bff\bf t\bth\bhe\be a\bad\bdv\bva\ban\bnc\bce\bed\bd c\bco\bon\bnt\bte\ben\bnt\bt f\bfi\bil\blt\bte\ber\br
+
+To turn off "advanced" content filtering:
+
+ * Delete or comment out the two following main.cf lines. The other changes
+ made for advanced content filtering have no effect when content filtering
+ is turned off.
+
+ /etc/postfix/main.cf:
+ content_filter = scan:localhost:10025
+ receive_override_options = no_address_mappings
+
+ * Execute "p\bpo\bos\bst\bts\bsu\bup\bpe\ber\br -\b-r\br A\bAL\bLL\bL" to remove content filter information from
+ existing queue files.
+
+ * Execute another "p\bpo\bos\bst\btf\bfi\bix\bx r\bre\bel\blo\boa\bad\bd".
+
F\bFi\bil\blt\bte\ber\bri\bin\bng\bg m\bma\bai\bil\bl f\bfr\bro\bom\bm o\bou\but\bts\bsi\bid\bde\be u\bus\bse\ber\brs\bs o\bon\bnl\bly\by
The easiest approach is to configure ONE Postfix instance with multiple SMTP
and change the patchlevel and the release date. Patches are never
issued for snapshot releases.
+Incompatible changes with snapshot Postfix-2.2-20040919
+=======================================================
+
+This snapshot adds a discard service to the master.cf file.
+
+Major changes with snapshot Postfix-2.2-20040919
+================================================
+
+A new discard(8) mail delivery agent that makes throwing away mail
+easier and more efficient. It's the Postfix equivalent of /dev/null
+for deliveries. On the input side, Postfix already has a /dev/null
+equivalent in the form of the DISCARD action in access maps and
+header_body_checks.
+
+Access control for local mail submission, for listing the queue
+and for flushing the queue. These features are controlled with
+authorized_submit_users, authorized_mailq_users, and with
+authorized_flush_users, respectively. The last two controls are
+always permitted for the super-user and for the mail system owner.
+More information is in the postconf(5) manual.
+
Incompatible changes with snapshot Postfix-2.2-20040829
=======================================================
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
-# Note: this action currently affects all recipients
+# Note: use "postsuper -r" to release mail that was
+# kept on hold for a significant fraction of $maxi-
+# mal_queue_lifetime or $bounce_queue_lifetime or
+# longer.
+#
+# Note: this action currently affects all recipients
# of the message.
#
# This feature is available in Postfix 2.0 and later.
#
# PREPEND headername: headervalue
-# Prepend the specified message header to the mes-
+# Prepend the specified message header to the mes-
# sage. When this action is used multiple times, the
-# first prepended header appears before the second
+# first prepended header appears before the second
# etc. prepended header.
#
-# Note: this action does not support multi-line mes-
+# Note: this action does not support multi-line mes-
# sage headers.
#
# This feature is available in Postfix 2.1 and later.
#
# REDIRECT user@domain
-# After the message is queued, send the message to
+# After the message is queued, send the message to
# the specified address instead of the intended
# recipient(s).
#
-# Note: this action overrides the FILTER action, and
+# Note: this action overrides the FILTER action, and
# currently affects all recipients of the message.
#
# This feature is available in Postfix 2.1 and later.
#
# WARN optional text...
# Log a warning with the optional text, together with
-# client information and if available, with helo,
+# client information and if available, with helo,
# sender, recipient and protocol information.
#
# This feature is available in Postfix 2.1 and later.
#
# REGULAR EXPRESSION TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# the table is given in the form of regular expressions. For
-# a description of regular expression lookup table syntax,
+# a description of regular expression lookup table syntax,
# see regexp_table(5) or pcre_table(5).
#
-# Each pattern is a regular expression that is applied to
+# Each pattern is a regular expression that is applied to
# the entire string being looked up. Depending on the appli-
-# cation, that string is an entire client hostname, an
+# cation, that string is an entire client hostname, an
# entire client IP address, or an entire mail address. Thus,
# no parent domain or parent network search is done,
-# user@domain mail addresses are not broken up into their
+# user@domain mail addresses are not broken up into their
# user@ and domain constituent parts, nor is user+foo broken
# up into user and foo.
#
-# Patterns are applied in the order as specified in the
-# table, until a pattern is found that matches the search
+# Patterns are applied in the order as specified in the
+# table, until a pattern is found that matches the search
# string.
#
-# Actions are the same as with indexed file lookups, with
-# the additional feature that parenthesized substrings from
+# Actions are the same as with indexed file lookups, with
+# the additional feature that parenthesized substrings from
# the pattern can be interpolated as $1, $2 and so on.
#
# TCP-BASED TABLES
-# This section describes how the table lookups change when
+# This section describes how the table lookups change when
# lookups are directed to a TCP-based server. For a descrip-
-# tion of the TCP client/server lookup protocol, see
-# tcp_table(5). This feature is not available in Postfix
+# tion of the TCP client/server lookup protocol, see
+# tcp_table(5). This feature is not available in Postfix
# version 2.1.
#
-# Each lookup operation uses the entire query string once.
-# Depending on the application, that string is an entire
+# Each lookup operation uses the entire query string once.
+# Depending on the application, that string is an entire
# client hostname, an entire client IP address, or an entire
-# mail address. Thus, no parent domain or parent network
-# search is done, user@domain mail addresses are not broken
-# up into their user@ and domain constituent parts, nor is
+# mail address. Thus, no parent domain or parent network
+# search is done, user@domain mail addresses are not broken
+# up into their user@ and domain constituent parts, nor is
# user+foo broken up into user and foo.
#
# Actions are the same as with indexed file lookups.
#
# EXAMPLE
-# The following example uses an indexed file, so that the
-# order of table entries does not matter. The example per-
-# mits access by the client at address 1.2.3.4 but rejects
-# all other clients in 1.2.3.0/24. Instead of "hash" lookup
+# The following example uses an indexed file, so that the
+# order of table entries does not matter. The example per-
+# mits access by the client at address 1.2.3.4 but rejects
+# all other clients in 1.2.3.0/24. Instead of "hash" lookup
# tables, some systems use "dbm". Use the command "postconf
-# -m" to find out what lookup tables Postfix supports on
+# -m" to find out what lookup tables Postfix supports on
# your system.
#
# /etc/postfix/main.cf:
# editing the file.
#
# BUGS
-# The table format does not understand quoting conventions.
+# The table format does not understand quoting conventions.
#
# SEE ALSO
# postmap(1), Postfix lookup table manager
# transport(5), transport:nexthop syntax
#
# README FILES
-# Use "postconf readme_directory" or "postconf html_direc-
+# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# SMTPD_ACCESS_README, built-in SMTP server access control
# DATABASE_README, Postfix lookup table overview
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
# the postcat(1) command, and can be destroyed or
# released with the postsuper(1) command.
#
-# Note: this action affects all recipients of the
+# Note: use "postsuper -r" to release mail that was
+# kept on hold for a significant fraction of $maxi-
+# mal_queue_lifetime or $bounce_queue_lifetime or
+# longer.
+#
+# Note: this action affects all recipients of the
# message.
#
# This feature is available in Postfix 2.0 and later.
#
-# IGNORE Delete the current line from the input and inspect
+# IGNORE Delete the current line from the input and inspect
# the next input line.
#
# PREPEND text...
# Prepend one line with the specified text and
# inspect the next input line.
#
-# Note: the prepended text is output immediately
+# Note: the prepended text is output immediately
# before the input that triggered the PREPEND action.
# A body action cannot prepend a message header.
#
-# Note: this action cannot be used to prepend multi-
+# Note: this action cannot be used to prepend multi-
# line text.
#
# This feature is available in Postfix 2.1 and later.
#
# REDIRECT user@domain
-# Write a message redirection request to the queue
-# file and inspect the next input line. After the
+# Write a message redirection request to the queue
+# file and inspect the next input line. After the
# message is queued, it will be sent to the specified
# address instead of the intended recipient(s).
#
-# Note: this action overrides the FILTER action, and
-# affects all recipients of the message. If multiple
-# REDIRECT actions fire, only the last one is exe-
+# Note: this action overrides the FILTER action, and
+# affects all recipients of the message. If multiple
+# REDIRECT actions fire, only the last one is exe-
# cuted.
#
# This feature is available in Postfix 2.1 and later.
#
# REJECT optional text...
-# Reject the entire message. Reply with optional
+# Reject the entire message. Reply with optional
# text... when the optional text is specified, other-
# wise reply with a generic error message.
#
-# Note: this action disables further header or
-# body_checks inspection of the current message and
+# Note: this action disables further header or
+# body_checks inspection of the current message and
# affects all recipients.
#
# WARN optional text...
-# Log a warning with the optional text... (or log a
-# generic message) and inspect the next input line.
+# Log a warning with the optional text... (or log a
+# generic message) and inspect the next input line.
# This action is useful for debugging and for testing
# a pattern before applying more drastic actions.
#
# BUGS
-# Many people overlook the main limitations of header and
-# body_checks rules. These rules operate on one logical
-# message header or one body line at a time, and a decision
-# made for one line is not carried over to the next line.
+# Many people overlook the main limitations of header and
+# body_checks rules. These rules operate on one logical
+# message header or one body line at a time, and a decision
+# made for one line is not carried over to the next line.
# If text in the message body is encoded (RFC 2045) then the
-# rules have to specified for the encoded form. Likewise,
+# rules have to specified for the encoded form. Likewise,
# when message headers are encoded (RFC 2047) then the rules
# need to be specified for the encoded form.
#
-# Message headers added by the cleanup(8) daemon itself are
+# Message headers added by the cleanup(8) daemon itself are
# excluded from inspection. Examples of such message headers
# are From:, To:, Message-ID:, Date:.
#
-# Message headers deleted by the cleanup(8) daemon will be
+# Message headers deleted by the cleanup(8) daemon will be
# examined before they are deleted. Examples are: Bcc:, Con-
# tent-Length:, Return-Path:.
#
# body_checks
# Lookup tables with content filter rules for message
# body lines. These filters see one physical line at
-# a time, in chunks of at most $line_length_limit
+# a time, in chunks of at most $line_length_limit
# bytes.
#
# body_checks_size_limit
-# The amount of content per message body segment
+# The amount of content per message body segment
# (attachment) that is subjected to $body_checks fil-
# tering.
#
#
# nested_header_checks (default: $header_checks)
# Lookup tables with content filter rules for message
-# header lines: respectively, these are applied to
-# the initial message headers (not including MIME
-# headers), to the MIME headers anywhere in the mes-
-# sage, and to the initial headers of attached mes-
+# header lines: respectively, these are applied to
+# the initial message headers (not including MIME
+# headers), to the MIME headers anywhere in the mes-
+# sage, and to the initial headers of attached mes-
# sages.
#
-# Note: these filters see one logical message header
-# at a time, even when a message header spans multi-
-# ple lines. Message headers that are longer than
+# Note: these filters see one logical message header
+# at a time, even when a message header spans multi-
+# ple lines. Message headers that are longer than
# $header_size_limit characters are truncated.
#
# disable_mime_input_processing
-# While receiving mail, give no special treatment to
-# MIME related message headers; all text after the
+# While receiving mail, give no special treatment to
+# MIME related message headers; all text after the
# initial message headers is considered to be part of
-# the message body. This means that header_checks is
-# applied to all the initial message headers, and
+# the message body. This means that header_checks is
+# applied to all the initial message headers, and
# that body_checks is applied to the remainder of the
# message.
#
-# Note: when used in this manner, body_checks will
-# process a multi-line message header one line at a
+# Note: when used in this manner, body_checks will
+# process a multi-line message header one line at a
# time.
#
# EXAMPLES
-# Header pattern to block attachments with bad file name
+# Header pattern to block attachments with bad file name
# extensions.
#
# /etc/postfix/main.cf:
# RFC 2047, message header encoding for non-ASCII text
#
# README FILES
-# Use "postconf readme_directory" or "postconf html_direc-
+# Use "postconf readme_directory" or "postconf html_direc-
# tory" to locate this information.
# DATABASE_README, Postfix lookup table overview
# CONTENT_INSPECTION_README, Postfix content inspection overview
# BACKSCATTER_README, blocking returned forged mail
#
# LICENSE
-# The Secure Mailer license must be distributed with this
+# The Secure Mailer license must be distributed with this
# software.
#
# AUTHOR(S)
Postfix queue. </p>
<p> This document describes two approaches to content filter
-all email, as well as several options filter mail selectively: </p>
+all email, as well as several options to filter mail selectively: </p>
<ul>
<li><a href="#principles">Principles of operation</a>
+<li>Simple content filter
+
+<ul>
+
<li><a href="#simple_filter">Simple content filter example</a>
+<li><a href="#simple_performance">Simple content filter performance</a>
+
<li><a href="#simple_limitations">Simple content filter limitations</a>
+<li><a href="#simple_turnoff">Turning off the simple content filter</a>
+
+</ul>
+
+<li>Advanced content filter
+
+<ul>
+
<li><a href="#advanced_filter">Advanced content filter example</a>
<li><a href="#performance">Advanced content filter performance</a>
+<li><a href="#advanced_turnoff">Turning off the advanced content filter</a>
+
+</ul>
+
+<li>Selective content filtering
+
+<ul>
+
<li><a href="#remote_only">Filtering mail from outside users only</a>
<li><a href="#domain_dependent">Different filters for different domains</a>
</ul>
+</ul>
+
<h2><a name="principles">Principles of operation</a> </h2>
</ul>
-<p> To turn off content filtering, edit the master.cf file, remove
-the "-o <a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" text from the entry that
-defines the Postfix SMTP server, and execute another "<b>postfix
-reload</b>". </p>
+<h2> <a name="simple_performance">Simple content filter performance</a> </h2>
<p> With the shell script as shown above you will lose a factor of
four in Postfix performance for transit mail that arrives and leaves
makes it possible to turn off <a href="postconf.5.html#header_checks">header_checks</a> or <a href="postconf.5.html#body_checks">body_checks</a> patterns
for filtered mail. </p>
+<h2><a name="simple_turnoff">Turning off the simple content filter</a> </h2>
+
+<p> To turn off "simple" content filtering: </p>
+
+<ul> <li> <p> Edit the master.cf file, remove the "-o
+<a href="postconf.5.html#content_filter">content_filter</a>=filter:dummy" text from the entry that defines the
+Postfix SMTP server. </p>
+
+<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
+filter information from existing queue files. </p>
+
+<li> <p> Execute another "<b>postfix reload</b>". </p>
+
+</ul>
+
<h2><a name="advanced_filter">Advanced content filter example</a></h2>
<p> The second example is more complex, but can give better
</ul>
-<p> To turn off content filtering, delete or comment out the two
-above main.cf lines. All other changes made for advanced content
-filtering have no effect when content filtering is turned off.
-</p>
-
<h3> Advanced content filter: sending unfiltered mail to the content
filter</h3>
introduction of this document, content filtering with multiple
Postfix instances will be covered in a future version. </p>
+<h2><a name="advanced_turnoff">Turning off the advanced content filter</a> </h2>
+
+<p> To turn off "advanced" content filtering: </p>
+
+<ul> <li> <p> Delete or comment out the two following main.cf lines.
+The other changes made for advanced content filtering have no effect
+when content filtering is turned off. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ <a href="postconf.5.html#content_filter">content_filter</a> = scan:localhost:10025
+ <a href="postconf.5.html#receive_override_options">receive_override_options</a> = <a href="postconf.5.html#no_address_mappings">no_address_mappings</a>
+</pre>
+</blockquote>
+
+<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
+filter information from existing queue files. </p>
+
+<li> <p> Execute another "<b>postfix reload</b>". </p>
+
+</ul>
+
<h2><a name="remote_only">Filtering mail from outside users only</a></h2>
<p> The easiest approach is to configure ONE Postfix instance with
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
- Note: this action currently affects all recipients
+ Note: use "<b>postsuper -r</b>" to release mail that was
+ kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+ <b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b> or
+ longer.
+
+ Note: this action currently affects all recipients
of the message.
This feature is available in Postfix 2.0 and later.
<b>PREPEND</b> <i>headername: headervalue</i>
- Prepend the specified message header to the mes-
+ Prepend the specified message header to the mes-
sage. When this action is used multiple times, the
- first prepended header appears before the second
+ first prepended header appears before the second
etc. prepended header.
- Note: this action does not support multi-line mes-
+ Note: this action does not support multi-line mes-
sage headers.
This feature is available in Postfix 2.1 and later.
<b>REDIRECT</b> <i>user@domain</i>
- After the message is queued, send the message to
+ After the message is queued, send the message to
the specified address instead of the intended
recipient(s).
- Note: this action overrides the FILTER action, and
+ Note: this action overrides the FILTER action, and
currently affects all recipients of the message.
This feature is available in Postfix 2.1 and later.
<b>WARN</b> <i>optional text...</i>
Log a warning with the optional text, together with
- client information and if available, with helo,
+ client information and if available, with helo,
sender, recipient and protocol information.
This feature is available in Postfix 2.1 and later.
<b>REGULAR EXPRESSION TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
the table is given in the form of regular expressions. For
- a description of regular expression lookup table syntax,
+ a description of regular expression lookup table syntax,
see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
- Each pattern is a regular expression that is applied to
+ Each pattern is a regular expression that is applied to
the entire string being looked up. Depending on the appli-
- cation, that string is an entire client hostname, an
+ cation, that string is an entire client hostname, an
entire client IP address, or an entire mail address. Thus,
no parent domain or parent network search is done,
- <i>user@domain</i> mail addresses are not broken up into their
+ <i>user@domain</i> mail addresses are not broken up into their
<i>user@</i> and <i>domain</i> constituent parts, nor is <i>user+foo</i> broken
up into <i>user</i> and <i>foo</i>.
- Patterns are applied in the order as specified in the
- table, until a pattern is found that matches the search
+ Patterns are applied in the order as specified in the
+ table, until a pattern is found that matches the search
string.
- Actions are the same as with indexed file lookups, with
- the additional feature that parenthesized substrings from
+ Actions are the same as with indexed file lookups, with
+ the additional feature that parenthesized substrings from
the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
- This section describes how the table lookups change when
+ This section describes how the table lookups change when
lookups are directed to a TCP-based server. For a descrip-
- tion of the TCP client/server lookup protocol, see
- <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
+ tion of the TCP client/server lookup protocol, see
+ <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is not available in Postfix
version 2.1.
- Each lookup operation uses the entire query string once.
- Depending on the application, that string is an entire
+ Each lookup operation uses the entire query string once.
+ Depending on the application, that string is an entire
client hostname, an entire client IP address, or an entire
- mail address. Thus, no parent domain or parent network
- search is done, <i>user@domain</i> mail addresses are not broken
- up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
+ mail address. Thus, no parent domain or parent network
+ search is done, <i>user@domain</i> mail addresses are not broken
+ up into their <i>user@</i> and <i>domain</i> constituent parts, nor is
<i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Actions are the same as with indexed file lookups.
<b>EXAMPLE</b>
- The following example uses an indexed file, so that the
- order of table entries does not matter. The example per-
- mits access by the client at address 1.2.3.4 but rejects
- all other clients in 1.2.3.0/24. Instead of "<b>hash</b>" lookup
+ The following example uses an indexed file, so that the
+ order of table entries does not matter. The example per-
+ mits access by the client at address 1.2.3.4 but rejects
+ all other clients in 1.2.3.0/24. Instead of "<b>hash</b>" lookup
tables, some systems use "<b>dbm</b>". Use the command "<b>postconf</b>
- <b>-m</b>" to find out what lookup tables Postfix supports on
+ <b>-m</b>" to find out what lookup tables Postfix supports on
your system.
/etc/postfix/main.cf:
editing the file.
<b>BUGS</b>
- The table format does not understand quoting conventions.
+ The table format does not understand quoting conventions.
<b>SEE ALSO</b>
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
informs the queue manager that delivery should be tried
again at a later time.
- Delivery status reports are sent to the <a href="bounce.8.html"><b>bounce</b>(8)</a>,
- <a href="defer.8.html"><b>defer</b>(8)</a> or <a href="trace.8.html"><b>trace</b>(8)</a> daemon as appropriate.
+ Delivery status reports are sent to the <a href="trace.8.html"><b>trace</b>(8)</a> daemon as
+ appropriate.
<b>SECURITY</b>
The discard mailer is not security-sensitive. It does not
the <a href="postcat.1.html"><b>postcat</b>(1)</a> command, and can be destroyed or
released with the <a href="postsuper.1.html"><b>postsuper</b>(1)</a> command.
- Note: this action affects all recipients of the
+ Note: use "<b>postsuper -r</b>" to release mail that was
+ kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+ <b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b> or
+ longer.
+
+ Note: this action affects all recipients of the
message.
This feature is available in Postfix 2.0 and later.
- <b>IGNORE</b> Delete the current line from the input and inspect
+ <b>IGNORE</b> Delete the current line from the input and inspect
the next input line.
<b>PREPEND</b> <i>text...</i>
Prepend one line with the specified text and
inspect the next input line.
- Note: the prepended text is output immediately
+ Note: the prepended text is output immediately
before the input that triggered the <b>PREPEND</b> action.
A body action cannot prepend a message header.
- Note: this action cannot be used to prepend multi-
+ Note: this action cannot be used to prepend multi-
line text.
This feature is available in Postfix 2.1 and later.
<b>REDIRECT</b> <i>user@domain</i>
- Write a message redirection request to the queue
- file and inspect the next input line. After the
+ Write a message redirection request to the queue
+ file and inspect the next input line. After the
message is queued, it will be sent to the specified
address instead of the intended recipient(s).
- Note: this action overrides the <b>FILTER</b> action, and
- affects all recipients of the message. If multiple
- <b>REDIRECT</b> actions fire, only the last one is exe-
+ Note: this action overrides the <b>FILTER</b> action, and
+ affects all recipients of the message. If multiple
+ <b>REDIRECT</b> actions fire, only the last one is exe-
cuted.
This feature is available in Postfix 2.1 and later.
<b>REJECT</b> <i>optional text...</i>
- Reject the entire message. Reply with <i>optional</i>
+ Reject the entire message. Reply with <i>optional</i>
<i>text...</i> when the optional text is specified, other-
wise reply with a generic error message.
- Note: this action disables further header or
- <a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
+ Note: this action disables further header or
+ <a href="postconf.5.html#body_checks">body_checks</a> inspection of the current message and
affects all recipients.
<b>WARN</b> <i>optional text...</i>
- Log a warning with the <i>optional text...</i> (or log a
- generic message) and inspect the next input line.
+ Log a warning with the <i>optional text...</i> (or log a
+ generic message) and inspect the next input line.
This action is useful for debugging and for testing
a pattern before applying more drastic actions.
<b>BUGS</b>
- Many people overlook the main limitations of header and
- <a href="postconf.5.html#body_checks">body_checks</a> rules. These rules operate on one logical
- message header or one body line at a time, and a decision
- made for one line is not carried over to the next line.
+ Many people overlook the main limitations of header and
+ <a href="postconf.5.html#body_checks">body_checks</a> rules. These rules operate on one logical
+ message header or one body line at a time, and a decision
+ made for one line is not carried over to the next line.
If text in the message body is encoded (<a href="http://www.faqs.org/rfcs/rfc2045.html">RFC 2045</a>) then the
- rules have to specified for the encoded form. Likewise,
+ rules have to specified for the encoded form. Likewise,
when message headers are encoded (<a href="http://www.faqs.org/rfcs/rfc2047.html">RFC 2047</a>) then the rules
need to be specified for the encoded form.
- Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
+ Message headers added by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon itself are
excluded from inspection. Examples of such message headers
are <b>From:</b>, <b>To:</b>, <b>Message-ID:</b>, <b>Date:</b>.
- Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
+ Message headers deleted by the <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon will be
examined before they are deleted. Examples are: <b>Bcc:, Con-</b>
<b>tent-Length:</b>, <b>Return-Path:</b>.
<b><a href="postconf.5.html#body_checks">body_checks</a></b>
Lookup tables with content filter rules for message
body lines. These filters see one physical line at
- a
time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
+ a
time, in chunks of at most <b>$<a href="postconf.5.html#line_length_limit">line_length_limit</a></b>
bytes.
<b><a href="postconf.5.html#body_checks_size_limit">body_checks_size_limit</a></b>
- The amount of content per message body segment
+ The amount of content per message body segment
(attachment) that is subjected to <b>$<a href="postconf.5.html#body_checks">body_checks</a></b> fil-
tering.
<b><a href="postconf.5.html#nested_header_checks">nested_header_checks</a></b> (default: <b>$<a href="postconf.5.html#header_checks">header_checks</a></b>)
Lookup tables with content filter rules for message
- header lines: respectively, these are applied to
- the initial message headers (not including MIME
- headers), to the MIME headers anywhere in the mes-
- sage, and to the initial headers of attached mes-
+ header lines: respectively, these are applied to
+ the initial message headers (not including MIME
+ headers), to the MIME headers anywhere in the mes-
+ sage, and to the initial headers of attached mes-
sages.
- Note: these filters see one logical message header
- at a time, even when a message header spans multi-
- ple lines. Message headers that are longer than
+ Note: these filters see one logical message header
+ at a time, even when a message header spans multi-
+ ple lines. Message headers that are longer than
<b>$<a href="postconf.5.html#header_size_limit">header_size_limit</a></b> characters are truncated.
<b><a href="postconf.5.html#disable_mime_input_processing">disable_mime_input_processing</a></b>
- While receiving mail, give no special treatment to
- MIME related message headers; all text after the
+ While receiving mail, give no special treatment to
+ MIME related message headers; all text after the
initial message headers is considered to be part of
- the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
- applied to all the initial message headers, and
+ the message body. This means that <b><a href="postconf.5.html#header_checks">header_checks</a></b> is
+ applied to all the initial message headers, and
that <b><a href="postconf.5.html#body_checks">body_checks</a></b> is applied to the remainder of the
message.
- Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
- process a multi-line message header one line at a
+ Note: when used in this manner, <b><a href="postconf.5.html#body_checks">body_checks</a></b> will
+ process a multi-line message header one line at a
time.
<b>EXAMPLES</b>
- Header pattern to block attachments with bad file name
+ Header pattern to block attachments with bad file name
extensions.
/etc/postfix/main.cf:
<a href="BACKSCATTER_README.html">BACKSCATTER_README</a>, blocking returned forged mail
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
</p>
<p>
-By default all users are allowed to flush the queue. Otherwise if the
-invoking user is neither the super-user nor the $<a href="postconf.5.html#mail_owner">mail_owner</a> user, access
-is denied unless the real uid of the process trying to flush the queue
-is listed in the system password file and the corresponding login name
-is on the access list. </p>
+By default, all users are allowed to flush the queue. Access is
+always granted if the invoking user is the super-user or the
+$<a href="postconf.5.html#mail_owner">mail_owner</a> user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file. </p>
<p>
Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
</p>
<p>
-By default all users are allowed to view the queue. Otherwise if the
-invoking user is neither the super-user nor the $<a href="postconf.5.html#mail_owner">mail_owner</a> user, access
-is denied unless the real uid of the process trying to view the queue
-is listed in the system password file and the corresponding login name
-is on the access list. </p>
+By default, all users are allowed to view the queue. Access is
+always granted if the invoking user is the super-user or the
+$<a href="postconf.5.html#mail_owner">mail_owner</a> user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file. </p>
<p>
Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
</DD>
-<DT><b><a name="authorized_sendmail_users">authorized_sendmail_users</a>
+<DT><b><a name="authorized_submit_users">authorized_submit_users</a>
(default: static:anyone)</b></DT><DD>
<p>
-List of users who are authorized to use the <a href="sendmail.1.html">sendmail(1)</a> command
-(and the privileged <a href="postdrop.1.html">postdrop(1)</a> helper command) to submit mail.
+List of users who are authorized to submit mail with the <a href="sendmail.1.html">sendmail(1)</a>
+command (and with the privileged <a href="postdrop.1.html">postdrop(1)</a> helper command).
</p>
<p>
-By default all users are allowed to submit mail. Otherwise, access is denied
-unless the real uid of the process trying to submit mail is listed in
-the system password file and the corresponding login name is on the
-access list. To deny mail submission access to all users specify an
-empty list. </p>
+By default, all users are allowed to submit mail. Otherwise, the
+real UID of the process is looked up in the system password file,
+and access is granted only if the corresponding login name is on
+the access list. The username "unknown" is used for processes
+whose real UID is not found in the password file. To deny mail
+submission access to all users specify an empty list. </p>
<p>
Specify a list of user names, "/file/name" or "<a href="DATABASE_README.html">type:table</a>" patterns,
Available in Postfix version 2.2 and later:
- <b><a href="postconf.5.html#authorized_sendmail_users">authorized_sendmail_users</a> (static:anyone)</b>
- List of users who are authorized to use the <a href="sendmail.1.html">send-</a>
- <a href="sendmail.1.html">mail(1)</a> command (and the privileged <a href="postdrop.1.html">postdrop(1)</a>
- helper command) to submit mail.
+ <b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html">sendmail(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html">postdrop(1)</a> helper command).
<b>FILES</b>
/var/spool/postfix/<a href="QSHAPE_README.html#maildrop_queue">maildrop</a>, <a href="QSHAPE_README.html#maildrop_queue">maildrop queue</a>
a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the program reads
queue IDs from standard input.
- Specify <b>-H ALL</b> to release all mail that is "on
- hold". As a safety measure, the word <b>ALL</b> must be
+ Note: use "<b>postsuper -r</b>" to release mail that was
+ kept on hold for a significant fraction of <b>$<a href="postconf.5.html#maximal_queue_lifetime">maxi</a>-</b>
+ <b><a href="postconf.5.html#maximal_queue_lifetime">mal_queue_lifetime</a></b> or <b>$<a href="postconf.5.html#bounce_queue_lifetime">bounce_queue_lifetime</a></b> or
+ longer.
+
+ Specify <b>-H ALL</b> to release all mail that is "on
+ hold". As a safety measure, the word <b>ALL</b> must be
specified in upper case.
- <b>-p</b> Purge old temporary files that are left over after
+ <b>-p</b> Purge old temporary files that are left over after
system or software crashes.
<b>-r</b> <i>queue</i><b>_</b><i>id</i>
- Requeue the message with the named queue ID from
- the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
- <b>active</b> and <b>deferred</b>). To requeue multiple mes-
- sages, specify multiple <b>-r</b> command-line options.
+ Requeue the message with the named queue ID from
+ the named mail queue(s) (default: <b>hold</b>, <b>incoming</b>,
+ <b>active</b> and <b>deferred</b>). To requeue multiple mes-
+ sages, specify multiple <b>-r</b> command-line options.
Alternatively, if a <i>queue</i><b>_</b><i>id</i> of <b>-</b> is specified, the
program reads queue IDs from standard input.
Specify <b>-r ALL</b> to requeue all messages. As a safety
- measure, the word <b>ALL</b> must be specified in upper
+ measure, the word <b>ALL</b> must be specified in upper
case.
- A requeued message is moved to the <b>maildrop</b> queue,
- from where it is copied by the pickup daemon to a
- new file whose name is guaranteed to match the new
+ A requeued message is moved to the <b>maildrop</b> queue,
+ from where it is copied by the pickup daemon to a
+ new file whose name is guaranteed to match the new
queue file inode number. The new queue file is sub-
- jected again to mail address rewriting and substi-
+ jected again to mail address rewriting and substi-
tution. This is useful when rewriting rules or vir-
tual mappings have changed.
- Warning: Postfix queue IDs are reused. There is a
- very small possibility that <b>postsuper</b> requeues the
- wrong message file when it is executed while the
- Postfix mail system is running, but no harm should
+ Warning: Postfix queue IDs are reused. There is a
+ very small possibility that <b>postsuper</b> requeues the
+ wrong message file when it is executed while the
+ Postfix mail system is running, but no harm should
be done.
- <b>-s</b> Structure check and structure repair. This should
+ <b>-s</b> Structure check and structure repair. This should
be done once before Postfix startup.
- <b>o</b> Rename files whose name does not match the
+ <b>o</b> Rename files whose name does not match the
message file inode number. This operation is
- necessary after restoring a mail queue from
+ necessary after restoring a mail queue from
a different machine, or from backup media.
<b>o</b> Move queue files that are in the wrong place
in the file system hierarchy and remove sub-
directories that are no longer needed. File
- position rearrangements are necessary after
+ position rearrangements are necessary after
a change in the <b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a></b> and/or
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a></b> configuration parameters.
<b>-v</b> Enable verbose logging for debugging purposes. Mul-
- tiple <b>-v</b> options make the software increasingly
+ tiple <b>-v</b> options make the software increasingly
verbose.
<b>DIAGNOSTICS</b>
- Problems are reported to the standard error stream and to
+ Problems are reported to the standard error stream and to
<b>syslogd</b>(8).
- <b>postsuper</b> reports the number of messages deleted with <b>-d</b>,
+ <b>postsuper</b> reports the number of messages deleted with <b>-d</b>,
the number of messages requeued with <b>-r</b>, and the number of
- messages whose queue file name was fixed with <b>-s</b>. The
+ messages whose queue file name was fixed with <b>-s</b>. The
report is written to the standard error stream and to <b>sys-</b>
<b>logd</b>(8).
Directory with the <b>main.cf</b> file.
<b>BUGS</b>
- Mail that is not sanitized by Postfix (i.e. mail in the
+ Mail that is not sanitized by Postfix (i.e. mail in the
<b>maildrop</b> queue) cannot be placed "on hold".
<b>CONFIGURATION PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
+ The following <b>main.cf</b> parameters are especially relevant
to this program. The text below provides only a parameter
- summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
+ summary. See <a href="postconf.5.html">postconf(5)</a> for more details including exam-
ples.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix main.cf and
+ The default location of the Postfix main.cf and
master.cf configuration files.
<b><a href="postconf.5.html#hash_queue_depth">hash_queue_depth</a> (1)</b>
- The number of subdirectory levels for queue direc-
- tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
+ The number of subdirectory levels for queue direc-
+ tories listed with the <a href="postconf.5.html#hash_queue_names">hash_queue_names</a> parameter.
<b><a href="postconf.5.html#hash_queue_names">hash_queue_names</a> (see 'postconf -d' output)</b>
- The names of queue directories that are split
+ The names of queue directories that are split
across multiple subdirectory levels.
<b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
- The location of the Postfix top-level queue direc-
+ The location of the Postfix top-level queue direc-
tory.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the pro-
+ The mail system name that is prepended to the pro-
cess name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<a href="postqueue.1.html">postqueue(1)</a>, unprivileged queue operations
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
<b><a href="postconf.5.html#authorized_mailq_users">authorized_mailq_users</a> (static:anyone)</b>
List of users who are authorized to view the queue.
- <b><a href="postconf.5.html#authorized_sendmail_users">authorized_sendmail_users</a> (static:anyone)</b>
- List of users who are authorized to use the <a href="sendmail.1.html">send-</a>
- <a href="sendmail.1.html">mail(1)</a> command (and the privileged <a href="postdrop.1.html">postdrop(1)</a>
- helper command) to submit mail.
+ <b><a href="postconf.5.html#authorized_submit_users">authorized_submit_users</a> (static:anyone)</b>
+ List of users who are authorized to submit mail
+ with the <a href="sendmail.1.html">sendmail(1)</a> command (and with the privi-
+ leged <a href="postdrop.1.html">postdrop(1)</a> helper command).
<b>RESOURCE AND RATE CONTROLS</b>
<b><a href="postconf.5.html#bounce_size_limit">bounce_size_limit</a> (50000)</b>
<b>-F</b> Disable XFORWARD support.
- <b>-h</b> Use <i>hostname</i> in the SMTP greeting, in the HELO
+ <b>-h</b> <i>hostname</i>
+ Use <i>hostname</i> in the SMTP greeting, in the HELO
response, and in the EHLO response. The default
hostname is "smtp-sink".
example, the pickup(8) or qmgr(8) daemon).
.PP
Available in Postfix version 2.2 and later:
-.IP "\fBauthorized_sendmail_users (static:anyone)\fR"
-List of users who are authorized to use the sendmail(1) command
-(and the privileged postdrop(1) helper command) to submit mail.
+.IP "\fBauthorized_submit_users (static:anyone)\fR"
+List of users who are authorized to submit mail with the sendmail(1)
+command (and with the privileged postdrop(1) helper command).
.SH "FILES"
.na
.nf
If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
queue IDs from standard input.
.sp
+Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+or \fB$bounce_queue_lifetime\fR or longer.
+.sp
Specify \fB-H ALL\fR to release all mail that is "on hold".
As a safety measure, the word \fBALL\fR must be specified in upper
case.
List of users who are authorized to flush the queue.
.IP "\fBauthorized_mailq_users (static:anyone)\fR"
List of users who are authorized to view the queue.
-.IP "\fBauthorized_sendmail_users (static:anyone)\fR"
-List of users who are authorized to use the sendmail(1) command
-(and the privileged postdrop(1) helper command) to submit mail.
+.IP "\fBauthorized_submit_users (static:anyone)\fR"
+List of users who are authorized to submit mail with the
+sendmail(1) command (and with the privileged postdrop(1)
+helper command).
.SH "RESOURCE AND RATE CONTROLS"
.na
.nf
Reject the specified commands with a hard (5xx) error code.
.IP \fB-F\fR
Disable XFORWARD support.
-.IP \fB-h\fI hostname\fR
+.IP "\fB-h\fI hostname\fR"
Use \fIhostname\fR in the SMTP greeting, in the HELO response,
and in the EHLO response. The default hostname is "smtp-sink".
.IP \fB-L\fR
\fBpostcat\fR(1) command, and can be destroyed or released with
the \fBpostsuper\fR(1) command.
.sp
+Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+or \fB$bounce_queue_lifetime\fR or longer.
+.sp
Note: this action currently affects all recipients of the message.
.sp
This feature is available in Postfix 2.0 and later.
\fBpostcat\fR(1) command, and can be destroyed or released with
the \fBpostsuper\fR(1) command.
.sp
+Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+or \fB$bounce_queue_lifetime\fR or longer.
+.sp
Note: this action affects all recipients of the message.
.sp
This feature is available in Postfix 2.0 and later.
.SH authorized_flush_users (default: static:anyone)
List of users who are authorized to flush the queue.
.PP
-By default all users are allowed to flush the queue. Otherwise if the
-invoking user is neither the super-user nor the $mail_owner user, access
-is denied unless the real uid of the process trying to flush the queue
-is listed in the system password file and the corresponding login name
-is on the access list.
+By default, all users are allowed to flush the queue. Access is
+always granted if the invoking user is the super-user or the
+$mail_owner user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file.
.PP
Specify a list of user names, "/file/name" or "type:table" patterns,
separated by commas and/or whitespace. The list is matched left to
.SH authorized_mailq_users (default: static:anyone)
List of users who are authorized to view the queue.
.PP
-By default all users are allowed to view the queue. Otherwise if the
-invoking user is neither the super-user nor the $mail_owner user, access
-is denied unless the real uid of the process trying to view the queue
-is listed in the system password file and the corresponding login name
-is on the access list.
+By default, all users are allowed to view the queue. Access is
+always granted if the invoking user is the super-user or the
+$mail_owner user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file.
.PP
Specify a list of user names, "/file/name" or "type:table" patterns,
separated by commas and/or whitespace. The list is matched left to
lines by starting the next line with whitespace.
.PP
This feature is available in Postfix 2.2 and later.
-.SH authorized_sendmail_users (default: static:anyone)
-List of users who are authorized to use the sendmail(1) command
-(and the privileged postdrop(1) helper command) to submit mail.
-.PP
-By all users are allowed to submit mail. Otherwise, access is denied
-unless the real uid of the process trying to submit mail is listed in
-the system password file and the corresponding login name is on the
-access list. To deny mail submission access to all users specify an
-empty list.
+.SH authorized_submit_users (default: static:anyone)
+List of users who are authorized to submit mail with the sendmail(1)
+command (and with the privileged postdrop(1) helper command).
+.PP
+By default, all users are allowed to submit mail. Otherwise, the
+real UID of the process is looked up in the system password file,
+and access is granted only if the corresponding login name is on
+the access list. The username "unknown" is used for processes
+whose real UID is not found in the password file. To deny mail
+submission access to all users specify an empty list.
.PP
Specify a list of user names, "/file/name" or "type:table" patterns,
separated by commas and/or whitespace. The list is matched left to right,
queue file and marks recipients as finished or informs the
queue manager that delivery should be tried again at a later time.
-Delivery status reports are sent to the \fBbounce\fR(8),
-\fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate.
+Delivery status reports are sent to the \fBtrace\fR(8)
+daemon as appropriate.
.SH "SECURITY"
.na
.nf
}
s;\bautho[-</bB>]*\n*[ <bB>]*rized_flush_users\b;<a href="postconf.5.html#authorized_flush_users">$&</a>;g;
s;\bautho[-</bB>]*\n*[ <bB>]*rized_mailq_users\b;<a href="postconf.5.html#authorized_mailq_users">$&</a>;g;
- s;\bautho[-</bB>]*\n*[ <bB>]*rized_sendmail_users\b;<a href="postconf.5.html#authorized_sendmail_users">$&</a>;g;
+ s;\bautho[-</bB>]*\n*[ <bB>]*rized_submit_users\b;<a href="postconf.5.html#authorized_submit_users">$&</a>;g;
s;\bautho[-</bB>]*\n*[ <bB>]*rized_verp_clients\b;<a href="postconf.5.html#authorized_verp_clients">$&</a>;g;
s;\bdebugger_command\b;<a href="postconf.5.html#debugger_command">$&</a>;g;
s;\b2bounce_notice_recipi[-</bB>]*\n*[ <bB>]*ent\b;<a href="postconf.5.html#2bounce_notice_recipient">$&</a>;g;
Postfix queue. </p>
<p> This document describes two approaches to content filter
-all email, as well as several options filter mail selectively: </p>
+all email, as well as several options to filter mail selectively: </p>
<ul>
<li><a href="#principles">Principles of operation</a>
+<li>Simple content filter
+
+<ul>
+
<li><a href="#simple_filter">Simple content filter example</a>
+<li><a href="#simple_performance">Simple content filter performance</a>
+
<li><a href="#simple_limitations">Simple content filter limitations</a>
+<li><a href="#simple_turnoff">Turning off the simple content filter</a>
+
+</ul>
+
+<li>Advanced content filter
+
+<ul>
+
<li><a href="#advanced_filter">Advanced content filter example</a>
<li><a href="#performance">Advanced content filter performance</a>
+<li><a href="#advanced_turnoff">Turning off the advanced content filter</a>
+
+</ul>
+
+<li>Selective content filtering
+
+<ul>
+
<li><a href="#remote_only">Filtering mail from outside users only</a>
<li><a href="#domain_dependent">Different filters for different domains</a>
</ul>
+</ul>
+
<h2><a name="principles">Principles of operation</a> </h2>
</ul>
-<p> To turn off content filtering, edit the master.cf file, remove
-the "-o content_filter=filter:dummy" text from the entry that
-defines the Postfix SMTP server, and execute another "<b>postfix
-reload</b>". </p>
+<h2> <a name="simple_performance">Simple content filter performance</a> </h2>
<p> With the shell script as shown above you will lose a factor of
four in Postfix performance for transit mail that arrives and leaves
makes it possible to turn off header_checks or body_checks patterns
for filtered mail. </p>
+<h2><a name="simple_turnoff">Turning off the simple content filter</a> </h2>
+
+<p> To turn off "simple" content filtering: </p>
+
+<ul> <li> <p> Edit the master.cf file, remove the "-o
+content_filter=filter:dummy" text from the entry that defines the
+Postfix SMTP server. </p>
+
+<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
+filter information from existing queue files. </p>
+
+<li> <p> Execute another "<b>postfix reload</b>". </p>
+
+</ul>
+
<h2><a name="advanced_filter">Advanced content filter example</a></h2>
<p> The second example is more complex, but can give better
</ul>
-<p> To turn off content filtering, delete or comment out the two
-above main.cf lines. All other changes made for advanced content
-filtering have no effect when content filtering is turned off.
-</p>
-
<h3> Advanced content filter: sending unfiltered mail to the content
filter</h3>
introduction of this document, content filtering with multiple
Postfix instances will be covered in a future version. </p>
+<h2><a name="advanced_turnoff">Turning off the advanced content filter</a> </h2>
+
+<p> To turn off "advanced" content filtering: </p>
+
+<ul> <li> <p> Delete or comment out the two following main.cf lines.
+The other changes made for advanced content filtering have no effect
+when content filtering is turned off. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ content_filter = scan:localhost:10025
+ receive_override_options = no_address_mappings
+</pre>
+</blockquote>
+
+<li> <p> Execute "<b>postsuper -r ALL</b>" to remove content
+filter information from existing queue files. </p>
+
+<li> <p> Execute another "<b>postfix reload</b>". </p>
+
+</ul>
+
<h2><a name="remote_only">Filtering mail from outside users only</a></h2>
<p> The easiest approach is to configure ONE Postfix instance with
#
# Mail that is placed on hold can be examined with the
# \fBpostcat\fR(1) command, and can be destroyed or released with
-# the \fBpostsuper\fR(1) command.
+# the \fBpostsuper\fR(1) command.
+# .sp
+# Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+# hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+# or \fB$bounce_queue_lifetime\fR or longer.
# .sp
# Note: this action currently affects all recipients of the message.
# .sp
# \fBpostcat\fR(1) command, and can be destroyed or released with
# the \fBpostsuper\fR(1) command.
# .sp
+# Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+# hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+# or \fB$bounce_queue_lifetime\fR or longer.
+# .sp
# Note: this action affects all recipients of the message.
# .sp
# This feature is available in Postfix 2.0 and later.
</p>
<p>
-By default all users are allowed to flush the queue. Otherwise if the
-invoking user is neither the super-user nor the $mail_owner user, access
-is denied unless the real uid of the process trying to flush the queue
-is listed in the system password file and the corresponding login name
-is on the access list. </p>
+By default, all users are allowed to flush the queue. Access is
+always granted if the invoking user is the super-user or the
+$mail_owner user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file. </p>
<p>
Specify a list of user names, "/file/name" or "type:table" patterns,
</p>
<p>
-By default all users are allowed to view the queue. Otherwise if the
-invoking user is neither the super-user nor the $mail_owner user, access
-is denied unless the real uid of the process trying to view the queue
-is listed in the system password file and the corresponding login name
-is on the access list. </p>
+By default, all users are allowed to view the queue. Access is
+always granted if the invoking user is the super-user or the
+$mail_owner user. Otherwise, the real UID of the process is looked
+up in the system password file, and access is granted only if the
+corresponding login name is on the access list. The username
+"unknown" is used for processes whose real UID is not found in the
+password file. </p>
<p>
Specify a list of user names, "/file/name" or "type:table" patterns,
This feature is available in Postfix 2.2 and later.
</p>
-%PARAM authorized_sendmail_users static:anyone
+%PARAM authorized_submit_users static:anyone
<p>
-List of users who are authorized to use the sendmail(1) command
-(and the privileged postdrop(1) helper command) to submit mail.
+List of users who are authorized to submit mail with the sendmail(1)
+command (and with the privileged postdrop(1) helper command).
</p>
<p>
-By default all users are allowed to submit mail. Otherwise, access is denied
-unless the real uid of the process trying to submit mail is listed in
-the system password file and the corresponding login name is on the
-access list. To deny mail submission access to all users specify an
-empty list. </p>
+By default, all users are allowed to submit mail. Otherwise, the
+real UID of the process is looked up in the system password file,
+and access is granted only if the corresponding login name is on
+the access list. The username "unknown" is used for processes
+whose real UID is not found in the password file. To deny mail
+submission access to all users specify an empty list. </p>
<p>
Specify a list of user names, "/file/name" or "type:table" patterns,
%PARAM alternate_config_directories
%PARAM authorized_flush_users
%PARAM authorized_mailq_users
-%PARAM authorized_sendmail_users
+%PARAM authorized_submit_users
%PARAM default_privs
%PARAM import_environment
%PARAM proxy_read_maps
--- /dev/null
+../../.indent.pro
\ No newline at end of file
--- /dev/null
+been_here_xt 2 0
+bounce_append 5 0
+cleanup_out_format 1 0
+defer_append 5 0
+mail_command 1 0
+mail_print 1 0
+msg_error 0 0
+msg_fatal 0 0
+msg_info 0 0
+msg_panic 0 0
+msg_warn 0 0
+opened 4 0
+post_mail_fprintf 1 0
+qmgr_message_bounce 2 0
+rec_fprintf 2 0
+sent 4 0
+smtp_cmd 1 0
+smtp_mesg_fail 2 0
+smtp_printf 1 0
+smtp_rcpt_fail 3 0
+smtp_site_fail 2 0
+udp_syslog 1 0
+vstream_fprintf 1 0
+vstream_printf 0 0
+vstring_sprintf 1 0
depend: $(MAKES)
(sed '1,/^# do not edit/!d' Makefile.in; \
set -e; for i in [a-z][a-z0-9]*.c; do \
- $(CC) -E $(DEFS) $(INCL) $$i | sed -n -e '/^# *1 *"\([^"]*\)".*/{' \
+ $(CC) -E $(DEFS) $(INCL) $$i | grep -v '[<>]' | sed -n -e '/^# *1 *"\([^"]*\)".*/{' \
-e 's//'`echo $$i|sed 's/c$$/o/'`': \1/' -e 'p' -e '}'; \
done) | grep -v '[.][o][:][ ][/]' >$$$$ && mv $$$$ Makefile.in
@$(EXPORT) make -f Makefile.in Makefile 1>&2
/* queue file and marks recipients as finished or informs the
/* queue manager that delivery should be tried again at a later time.
/*
-/* Delivery status reports are sent to the \fBbounce\fR(8),
-/* \fBdefer\fR(8) or \fBtrace\fR(8) daemon as appropriate.
+/* Delivery status reports are sent to the \fBtrace\fR(8)
+/* daemon as appropriate.
/* SECURITY
/* .ad
/* .fi
user_acl.o: ../../include/match_list.h
user_acl.o: ../../include/match_ops.h
user_acl.o: mypwd.h
+user_acl.o: mail_params.h
user_acl.o: user_acl.h
verify.o: verify.c
verify.o: ../../include/sys_defs.h
/*
* Access control for local privileged operations:
*/
+#define STATIC_ANYONE_ACL "static:anyone"
+
#define VAR_FLUSH_ACL "authorized_flush_users"
-#define DEF_FLUSH_ACL "static:anyone"
+#define DEF_FLUSH_ACL STATIC_ANYONE_ACL
extern char *var_flush_acl;
#define VAR_SHOWQ_ACL "authorized_mailq_users"
-#define DEF_SHOWQ_ACL "static:anyone"
+#define DEF_SHOWQ_ACL STATIC_ANYONE_ACL
extern char *var_showq_acl;
-#define VAR_SENDMAIL_ACL "authorized_sendmail_users"
-#define DEF_SENDMAIL_ACL "static:anyone"
-extern char *var_sendmail_acl;
+#define VAR_SUBMIT_ACL "authorized_submit_users"
+#define DEF_SUBMIT_ACL STATIC_ANYONE_ACL
+extern char *var_submit_acl;
/*
* What goes on the right-hand side of addresses of mail sent from this
* Patches change the patchlevel and the release date. Snapshots change the
* release date only.
*/
-#define MAIL_RELEASE_DATE "20040918"
+#define MAIL_RELEASE_DATE "20040919"
#define MAIL_VERSION_NUMBER "2.2"
#define VAR_MAIL_VERSION "mail_version"
/* NAME
/* user_acl 3
/* SUMMARY
-/* Convert uid to username and check against given ACL.
+/* user name based access control
/* SYNOPSIS
/* #include <user_acl.h>
/*
-/* char *check_user_acl_byuid(acl, uid)
+/* const char *check_user_acl_byuid(acl, uid)
/* const char *acl;
/* uid_t uid;
/* DESCRIPTION
-/* check_user_acl_byuid() checks the given uid against a
-/* user name matchlist. If the uid cannot be resolved to a user
-/* name, the numeric uid is used as the lookup key instead.
-/* The result is NULL on success, "User \fIusername\fR" or
-/* "UID \fIuid\fR" upon failure. The error result lives in
-/* static storage and must be saved if it is to be used to
-/* across calls.
+/* check_user_acl_byuid() converts the given uid into a user
+/* name, and checks the result against a user name matchlist.
+/* If the uid cannot be resolved to a user name, "unknown"
+/* is used as the lookup key instead.
+/* The result is NULL on success, the username upon failure.
+/* The error result lives in static storage and must be saved
+/* if it is to be used to across multiple check_user_acl_byuid()
+/* calls.
/*
/* Arguments:
/* .IP acl
-/* Authorized username list suitable for input to string_list_init(3).
+/* Authorized user name list suitable for input to string_list_init(3).
/* .IP uid
/* The uid to be checked against the access list.
/* LICENSE
#include <string_list.h>
#include <mypwd.h>
+#include <mail_params.h> /* STATIC_ANYONE_ACL */
/* Application-specific. */
/* check_user_acl_byuid - check user authorization */
-char *check_user_acl_byuid(char *acl, uid_t uid)
+const char *check_user_acl_byuid(char *acl, uid_t uid)
{
struct mypasswd *mypwd;
STRING_LIST *list;
- static VSTRING *why = 0;
- VSTRING *uidbuf = 0;
+ static VSTRING *who = 0;
int matched;
const char *name;
/*
- * XXX: we must perform a lookup for unresolved uids, so that
+ * Optimize for the most common case. This also makes Postfix a little
+ * more robust in the face of local infrastructure failures.
+ */
+ if (strcmp(acl, STATIC_ANYONE_ACL) == 0)
+ return (0);
+
+ /*
+ * XXX: Substitute "unknown" for UIDs without username, so that
* static:anyone results in "permit" even when the uid is not found in
- * the password file and the resulting error message is clear.
+ * the password file, and so that a pattern of !unknown can be used to
+ * block non-existent accounts.
+ *
+ * The alternative is to use the UID as a surrogate lookup key for
+ * non-existent accounts. There are several reasons why this is not a
+ * good idea. 1) An ACL with a numerical UID should work regardless of
+ * whether or not an account has a password file entry. Therefore we
+ * would always have search on the numerical UID whenever the username
+ * fails to produce a match. 2) The string-list infrastructure is not
+ * really suitable for mixing numerical and non-numerical user
+ * information, because the numerical match is done in a separate pass
+ * from the non-numerical match. This breaks when the ! operator is used.
*/
if ((mypwd = mypwuid(uid)) == 0) {
- uidbuf = vstring_alloc(10);
- vstring_sprintf(uidbuf, "%ld", (long) uid);
- name = vstring_str(uidbuf);
+ name = "unknown";
} else {
name = mypwd->pw_name;
}
list = string_list_init(MATCH_FLAG_NONE, acl);
if ((matched = string_list_match(list, name)) == 0) {
- if (!why)
- why = vstring_alloc(100);
- vstring_sprintf(why, "%s %s", mypwd ? "User" : "UID", name);
+ if (!who)
+ who = vstring_alloc(10);
+ vstring_strcpy(who, name);
}
string_list_free(list);
if (mypwd)
mypwfree(mypwd);
- else
- vstring_free(uidbuf);
- return (matched ? 0 : vstring_str(why));
+ return (matched ? 0 : vstring_str(who));
}
/*
* External interface
*/
-extern char *check_user_acl_byuid(char *, uid_t);
+extern const char *check_user_acl_byuid(char *, uid_t);
/* AUTHOR(S)
/* Wietse Venema
/* example, the pickup(8) or qmgr(8) daemon).
/* .PP
/* Available in Postfix version 2.2 and later:
-/* .IP "\fBauthorized_sendmail_users (static:anyone)\fR"
-/* List of users who are authorized to use the sendmail(1) command
-/* (and the privileged postdrop(1) helper command) to submit mail.
+/* .IP "\fBauthorized_submit_users (static:anyone)\fR"
+/* List of users who are authorized to submit mail with the sendmail(1)
+/* command (and with the privileged postdrop(1) helper command).
/* FILES
/* /var/spool/postfix/maildrop, maildrop queue
/* SEE ALSO
/*
* Local mail submission access list.
*/
-static char *var_sendmail_acl;
+static char *var_submit_acl;
static CONFIG_STR_TABLE str_table[] = {
- VAR_SENDMAIL_ACL, DEF_SENDMAIL_ACL, &var_sendmail_acl, 0, 0,
+ VAR_SUBMIT_ACL, DEF_SUBMIT_ACL, &var_submit_acl, 0, 0,
0,
};
const char *error_text;
char *attr_name;
char *attr_value;
- char *errstr;
+ const char *errstr;
/*
* Be consistent with file permissions.
* Mail submission access control. Should this be in the user-land gate,
* or in the daemon process?
*/
- if ((errstr = check_user_acl_byuid(var_sendmail_acl, uid)) != 0)
- msg_fatal("%s is not allowed to submit mail", errstr);
+ if ((errstr = check_user_acl_byuid(var_submit_acl, uid)) != 0)
+ msg_fatal("User %s(%ld) is not allowed to submit mail",
+ errstr, (long) uid);
/*
* Stop run-away process accidents by limiting the queue file size. This
static void show_queue(void)
{
- char *errstr;
+ const char *errstr;
char buf[VSTREAM_BUFSIZE];
VSTREAM *showq;
int n;
if (uid != 0 && uid != var_owner_uid
&& (errstr = check_user_acl_byuid(var_showq_acl, uid)) != 0)
msg_fatal_status(EX_NOPERM,
- "%s is not allowed to view the mail queue", errstr);
+ "User %s(%ld) is not allowed to view the mail queue",
+ errstr, (long) uid);
/*
* Connect to the show queue service. Terminate silently when piping into
static void flush_queue(void)
{
- char *errstr;
+ const char *errstr;
uid_t uid = getuid();
if (uid != 0 && uid != var_owner_uid
&& (errstr = check_user_acl_byuid(var_flush_acl, uid)) != 0)
msg_fatal_status(EX_NOPERM,
- "%s is not allowed to flush the mail queue", errstr);
+ "User %s(%ld) is not allowed to flush the mail queue",
+ errstr, (long) uid);
/*
* Trigger the flush queue service.
static void flush_site(const char *site)
{
int status;
- char *errstr;
+ const char *errstr;
uid_t uid = getuid();
if (uid != 0 && uid != var_owner_uid
&& (errstr = check_user_acl_byuid(var_flush_acl, uid)) != 0)
msg_fatal_status(EX_NOPERM,
- "%s is not allowed to flush the mail queue", errstr);
+ "User %s(%ld) is not allowed to flush the mail queue",
+ errstr, (long) uid);
flush_init();
/* If a \fIqueue_id\fR of \fB-\fR is specified, the program reads
/* queue IDs from standard input.
/* .sp
+/* Note: use "\fBpostsuper -r\fR" to release mail that was kept on
+/* hold for a significant fraction of \fB$maximal_queue_lifetime\fR
+/* or \fB$bounce_queue_lifetime\fR or longer.
+/* .sp
/* Specify \fB-H ALL\fR to release all mail that is "on hold".
/* As a safety measure, the word \fBALL\fR must be specified in upper
/* case.
if (size.endp_count > scache_endp_count)
scache_endp_count = size.endp_count;
return;
- return;
}
}
/* List of users who are authorized to flush the queue.
/* .IP "\fBauthorized_mailq_users (static:anyone)\fR"
/* List of users who are authorized to view the queue.
-/* .IP "\fBauthorized_sendmail_users (static:anyone)\fR"
-/* List of users who are authorized to use the sendmail(1) command
-/* (and the privileged postdrop(1) helper command) to submit mail.
+/* .IP "\fBauthorized_submit_users (static:anyone)\fR"
+/* List of users who are authorized to submit mail with the
+/* sendmail(1) command (and with the privileged postdrop(1)
+/* helper command).
/* RESOURCE AND RATE CONTROLS
/* .ad
/* .fi
/*
* Mail submission ACL
*/
-static char *var_sendmail_acl;
+static char *var_submit_acl;
static CONFIG_STR_TABLE str_table[] = {
- VAR_SENDMAIL_ACL, DEF_SENDMAIL_ACL, &var_sendmail_acl, 0, 0,
+ VAR_SUBMIT_ACL, DEF_SUBMIT_ACL, &var_submit_acl, 0, 0,
0,
};
MIME_STATE *mime_state = 0;
SM_STATE state;
int mime_errs;
- char *errstr;
+ const char *errstr;
/*
* Access control is enforced in the postdrop command. The code here
* merely produces a more user-friendly interface.
*/
- if ((errstr = check_user_acl_byuid(var_sendmail_acl, uid)) != 0)
- msg_fatal_status(EX_NOPERM, "%s is not allowed to submit mail", errstr);
+ if ((errstr = check_user_acl_byuid(var_submit_acl, uid)) != 0)
+ msg_fatal_status(EX_NOPERM,
+ "User %s(%ld) is not allowed to submit mail", errstr, (long) uid);
/*
* Initialize.
char *site_to_flush = 0;
char *encoding = 0;
char *qtime = 0;
- char *errstr;
+ const char *errstr;
+ uid_t uid;
/*
* Be consistent with file permissions.
msg_fatal_status(EX_USAGE,
"stand-alone mode requires no recipient");
/* The actual enforcement happens in the postdrop command. */
- if ((errstr = check_user_acl_byuid(var_sendmail_acl, getuid())) != 0)
- msg_fatal_status(EX_NOPERM, "%s is not allowed to submit mail",
- errstr);
+ if ((errstr = check_user_acl_byuid(var_submit_acl, uid = getuid())) != 0)
+ msg_fatal_status(EX_NOPERM,
+ "User %s(%ld) is not allowed to submit mail",
+ errstr, (long) uid);
ext_argv = argv_alloc(2);
argv_add(ext_argv, "smtpd", "-S", (char *) 0);
for (n = 0; n < msg_verbose; n++)
smtp_sasl_proto.o: ../../include/sys_defs.h
smtp_sasl_proto.o: ../../include/msg.h
smtp_sasl_proto.o: ../../include/mymalloc.h
+smtp_sasl_proto.o: ../../include/stringops.h
+smtp_sasl_proto.o: ../../include/vstring.h
+smtp_sasl_proto.o: ../../include/vbuf.h
smtp_sasl_proto.o: ../../include/mail_params.h
smtp_sasl_proto.o: smtp.h
smtp_sasl_proto.o: ../../include/vstream.h
-smtp_sasl_proto.o: ../../include/vbuf.h
-smtp_sasl_proto.o: ../../include/vstring.h
smtp_sasl_proto.o: ../../include/argv.h
smtp_sasl_proto.o: ../../include/htable.h
smtp_sasl_proto.o: ../../include/deliver_request.h
/* Reject the specified commands with a hard (5xx) error code.
/* .IP \fB-F\fR
/* Disable XFORWARD support.
-/* .IP \fB-h\fI hostname\fR
+/* .IP "\fB-h\fI hostname\fR"
/* Use \fIhostname\fR in the SMTP greeting, in the HELO response,
/* and in the EHLO response. The default hostname is "smtp-sink".
/* .IP \fB-L\fR
projects / thirdparty / postfix.git / commitdiff
