value in double quotes, to clue in people who specify quoted
pathnames in main.cf. Viktor Dukhovni. Files: tls/tls_certkey.c
and testing code in posttls-finger/posttls-finger.c.
+
+20150202
+
+ Cleanup: make posttls-finger -k/-K documentation consistent
+ with behavior. File: posttls-finger/posttls-finger.c.
+
+20150203
+
+ Cleanup: API minimization, by making some functions static.
+ Files: util/dict.h, util/dict_utf8.c.
+
+20150205
+
+ Preliminary feature: support for building position-independent
+ executables (PIE), tested on Fedora Core 20, Ubuntu 14.04,
+ FreeBSD 9 and 10, and NetBSD 6. See INSTALL section 4.3 for
+ details and limitations. Files: makedefs, proto/INSTALL.html,
+ RELEASE_NOTES-3.0.
+
+20150208
+
+ Cleanup: after many years, the access(5) map BCC action is
+ part of the stable release. Files: smtpd/smtpd_check.c,
+ proto/acces.
4 - Building on a supported system
-At some point in time, a version of Postfix was supported on:
-
- AIX 3.2.5, 4.1.x, 4.2.0, 4.3.x, 5.2
- BSD/OS 2.x, 3.x, 4.x
- FreeBSD 2.x .. 9.x
- HP-UX 9.x, 10.x, 11.x
- IRIX 5.x, 6.x
- Linux Debian 1.3.1 and later
- Linux RedHat 3.x (January 2004) and later
- Linux Slackware 3.x and later
- Linux SuSE 5.x and later
- Linux Ubuntu 4.10 and later
- Mac OS X
- NEXTSTEP 3.x
- NetBSD 1.x and later
- OPENSTEP 4.x
- OSF1.V3 - OSF1.V5 (Digital UNIX)
- Reliant UNIX 5.x
- SunOS 4.1.4 (March 2007)
- SunOS 5.4 - 5.10 (Solaris 2.4..10)
- Ultrix 4.x (well, that was long ago)
-
-or something closely resemblant.
+Postfix development happens on FreeBSD and MacOS X, with regular tests on Linux
+(Fedora, Ubuntu) and Solaris. Support for other systems relies on feedback from
+their users, and may not always be up-to-date.
+
+OpenBSD is partially supported. The libc resolver does not implement the
+documented "internal resolver options which are [...] set by changing fields in
+the _res structure" (documented in the OpenBSD 5.6 resolver(3) manpage). This
+results in too many DNS queries, and false positives for queries that should
+fail.
+
+Overview of topics:
+
+ * 4.1 - Getting started
+ * 4.2 - What compiler to use
+ * 4.3 - Building with Postfix position-independent executables (Postfix >=
+ 3.0)
+ * 4.4 - Building with Postfix dynamically-linked libraries and database
+ plugins (Postfix >= 3.0)
+ * 4.5 - Building with optional features
+ * 4.6 - Overriding built-in parameter default settings
+ * 4.7 - Overriding other compile-time features
+ * 4.8 - Support for thousands of processes
+ * 4.9 - Compiling Postfix, at last
4.1 - Getting started
-On Solaris, the "make" command and other utilities for software development are
-in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command search path. If
-these files do not exist, install the development packages first. See the
-Solaris FAQ item "Which packages do I need to install to support a C
-compiler?".
+On Solaris, the "make" command and other development utilities are in /usr/ccs/
+bin, so you MUST have /usr/ccs/bin in your command search path. If these files
+do not exist, you need to install the development packages first.
-If you need to build Postfix for multiple architectures, use the "lndir"
-command to build a shadow tree with symbolic links to the source files. "lndir"
-is part of X11R6.
+If you need to build Postfix for multiple architectures from a single source-
+code tree, use the "lndir" command to build a shadow tree with symbolic links
+to the source files.
If at any time in the build process you get messages like: "make: don't know
how to ..." you should be able to recover by running the following command from
$ make makefiles CC="purify cc"
$ make
-and so on. In some cases, optimization is turned off automatically.
+and so on. In some cases, optimization will be turned off automatically.
+
+4.3 - Building with Postfix position-independent executables (Postfix >= 3.0)
+
+On some systems Postfix can be built with Position-Independent Executables. PIE
+is used by the ASLR exploit mitigation technique (ASLR = Address-Space Layout
+Randomization):
+
+ $ make makefiles pie=yes ...other arguments...
+
+(Specify "make makefiles pie=no" to explicitly disable Postfix position-
+independent executable support).
+
+Postfix PIE support appears to work on Fedora Core 20, Ubuntu 14.04, FreeBSD 9
+and 10, and NetBSD 6 (all with the default system compilers).
-4.3 - Building with Postfix dynamically-linked libraries and database plugins
+Whether the "pie=yes" above has any effect depends on the compiler. Some
+compilers always produce PIE executables, and some may even complain that the
+Postfix build option is redundant.
+
+4.4 - Building with Postfix dynamically-linked libraries and database plugins
(Postfix >= 3.0)
Postfix dynamically-linked library and database plugin support exists for
Overview of topics:
- * 4.3.1 Turning on Postfix dynamically-linked library support
- * 4.3.2 Turning on Postfix database-plugin support
- * 4.3.3 Customizing Postfix dynamically-linked libraries and database plugins
+ * 4.4.1 Turning on Postfix dynamically-linked library support
+ * 4.4.2 Turning on Postfix database-plugin support
+ * 4.4.3 Customizing Postfix dynamically-linked libraries and database plugins
* 4.4.4 Tips for distribution maintainers
Note: directories with Postfix dynamically-linked libraries or database plugins
dynamically-linked libraries and database plugins implement a Postfix-internal
API that changes without maintaining compatibility.
-4.3.1 Turning on Postfix dynamically-linked library support
+4.4.1 Turning on Postfix dynamically-linked library support
Postfix can be built with Postfix dynamically-linked libraries (files typically
named libpostfix-*.so). Postfix dynamically-linked libraries add minor run-time
lib/postfix or /usr/local/lib/postfix, with file names libpostfix-name.so,
where the name is a source-code directory name such as "util" or "global".
-See section 4.3.3 "Customizing Postfix dynamically-linked libraries and
+See section 4.4.3 "Customizing Postfix dynamically-linked libraries and
database plugins" below for how to customize the Postfix dynamically-linked
library location, including support to upgrade a running mail system safely.
-4.3.2 Turning on Postfix database-plugin support
+4.4.2 Turning on Postfix database-plugin support
Additionally, Postfix can be built to support dynamic loading of Postfix
database clients (database plugins) with the Debian-style dynamicmaps feature.
See the next section for how to customize the location and version of Postfix
database plugins and the location of the file dynamicmaps.cf.
-4.3.3 Customizing Postfix dynamically-linked libraries and database plugins
+4.4.3 Customizing Postfix dynamically-linked libraries and database plugins
+
+Customizing build-time and run-time options for Postfix dynamically-linked
+libraries and database plugins
+
+The build-time environment variables SHLIB_CFLAGS, SHLIB_RPATH, and
+SHLIB_SUFFIX provide control over how Postfix libraries and plugins are
+compiled, linked, and named.
+
+ $ make makefiles SHLIB_CFLAGS=flags SHLIB_RPATH=rpath SHLIB_SUFFIX=suffix
+ ...other arguments...
+ $ make
+
+See section 4.7 "Overriding other compile-time features" below for details.
Customizing the location of Postfix dynamically-linked libraries and database
plugins
same format as the configuration file postfix-files. There is no
requirement that these configuration file *names* have a specific format.
-4.4 - Building with optional features
+4.5 - Building with optional features
By default, Postfix builds as a mail system with relatively few bells and
whistles. Support for third-party databases etc. must be configured when
Note: IP version 6 support is compiled into Postfix on operating systems that
have IPv6 support. See the IPV6_README file for details.
-4.5 - Overriding built-in parameter default settings
+4.6 - Overriding built-in parameter default settings
-4.5.1 - Postfix 3.0 and later
+4.6.1 - Postfix 3.0 and later
All Postfix configuration parameters can be changed by editing a Postfix
configuration file, except for one: the parameter that specifies the location
|shlib_directory |/usr/lib/postfix |
|_____________________|____________________|
-4.5.2 - All Postfix versions
+4.6.2 - All Postfix versions
All Postfix configuration parameters can be changed by editing a Postfix
configuration file, except for one: the parameter that specifies the location
Note: the data_directory parameter (for caches and pseudo-random numbers) was
introduced with Postfix version 2.5.
-4.6 - Overriding other compile-time features
+4.7 - Overriding other compile-time features
The general method to override Postfix compile-time features is as follows:
||-DNO_DB |platforms that are known to support this |
|| |feature. If you override this, then you |
|| |probably should also override DEF_DB_TYPE as |
-|| |described in section 4.5. |
+|| |described in section 4.6. |
||_____________________________|______________________________________________|
|| |Do not build with Solaris /dev/poll support. |
||-DNO_DEVPOLL |By default, /dev/poll support is compiled in |
|| |to be available. |
||_____________________________|______________________________________________|
| |Specifies a non-default compiler debugging |
-|DEBUG=debug_level |level. The default is -g. Specify DEBUG= to |
+|DEBUG=debug_level |level. The default is "-g". Specify DEBUG= to |
| |turn off debugging. |
|______________________________|______________________________________________|
| |Specifies a non-default optimization level. |
-|OPT=optimization_level |The default is -O. Specify OPT= to turn off |
+|OPT=optimization_level |The default is "-O". Specify OPT= to turn off |
| |optimization. |
|______________________________|______________________________________________|
-| |Specifies non-default gcc compiler warning |
-|WARN="warning_flags..." |options for use when "make" is invoked in a |
-| |source subdirectory only. |
+| |Specifies non-default compiler options for |
+|SHLIB_CFLAGS=flags |building Postfix dynamically-linked libraries |
+| |and database plugins. The typical default is |
+| |"-fPIC". |
+|______________________________|______________________________________________|
+| |Specifies a non-default runpath for Postfix |
+|SHLIB_RPATH=rpath |dynamically-linked libraries. The typical |
+| |default is "'-Wl,-rpath,${SHLIB_DIR}'". |
+|______________________________|______________________________________________|
+| |Specifies a non-default suffix for Postfix |
+|SHLIB_SUFFIX=suffix |dynamically-linked libraries and database |
+| |plugins. The typical default is ".so". |
+|______________________________|______________________________________________|
+| |Specifies non-default compiler warning options|
+|WARN="warning_flags..." |for use when "make" is invoked in a source |
+| |subdirectory only. |
|______________________________|______________________________________________|
-4.7 - Support for thousands of processes
+4.8 - Support for thousands of processes
The number of connections that Postfix can manage simultaneously is limited by
the number of processes that it can run. This number in turn is limited by the
configured to handle thousands of connections. See the TUNING_README guide for
examples of how to increase the number of open sockets or files.
-4.8 - Compiling Postfix, at last
+4.9 - Compiling Postfix, at last
If the command
4\b4 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg o\bon\bn a\ba s\bsu\bup\bpp\bpo\bor\brt\bte\bed\bd s\bsy\bys\bst\bte\bem\bm
-At some point in time, a version of Postfix was supported on:
-
- AIX 3.2.5, 4.1.x, 4.2.0, 4.3.x, 5.2
- BSD/OS 2.x, 3.x, 4.x
- FreeBSD 2.x .. 9.x
- HP-UX 9.x, 10.x, 11.x
- IRIX 5.x, 6.x
- Linux Debian 1.3.1 and later
- Linux RedHat 3.x (January 2004) and later
- Linux Slackware 3.x and later
- Linux SuSE 5.x and later
- Linux Ubuntu 4.10 and later
- Mac OS X
- NEXTSTEP 3.x
- NetBSD 1.x and later
- OPENSTEP 4.x
- OSF1.V3 - OSF1.V5 (Digital UNIX)
- Reliant UNIX 5.x
- SunOS 4.1.4 (March 2007)
- SunOS 5.4 - 5.10 (Solaris 2.4..10)
- Ultrix 4.x (well, that was long ago)
-
-or something closely resemblant.
+Postfix development happens on FreeBSD and MacOS X, with regular tests on Linux
+(Fedora, Ubuntu) and Solaris. Support for other systems relies on feedback from
+their users, and may not always be up-to-date.
+
+OpenBSD is partially supported. The libc resolver does not implement the
+documented "internal resolver options which are [...] set by changing fields in
+the _res structure" (documented in the OpenBSD 5.6 resolver(3) manpage). This
+results in too many DNS queries, and false positives for queries that should
+fail.
+
+Overview of topics:
+
+ * 4.1 - Getting started
+ * 4.2 - What compiler to use
+ * 4.3 - Building with Postfix position-independent executables (Postfix >=
+ 3.0)
+ * 4.4 - Building with Postfix dynamically-linked libraries and database
+ plugins (Postfix >= 3.0)
+ * 4.5 - Building with optional features
+ * 4.6 - Overriding built-in parameter default settings
+ * 4.7 - Overriding other compile-time features
+ * 4.8 - Support for thousands of processes
+ * 4.9 - Compiling Postfix, at last
4\b4.\b.1\b1 -\b- G\bGe\bet\btt\bti\bin\bng\bg s\bst\bta\bar\brt\bte\bed\bd
-On Solaris, the "make" command and other utilities for software development are
-in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command search path. If
-these files do not exist, install the development packages first. See the
-Solaris FAQ item "Which packages do I need to install to support a C
-compiler?".
+On Solaris, the "make" command and other development utilities are in /usr/ccs/
+bin, so you MUST have /usr/ccs/bin in your command search path. If these files
+do not exist, you need to install the development packages first.
-If you need to build Postfix for multiple architectures, use the "lndir"
-command to build a shadow tree with symbolic links to the source files. "lndir"
-is part of X11R6.
+If you need to build Postfix for multiple architectures from a single source-
+code tree, use the "lndir" command to build a shadow tree with symbolic links
+to the source files.
If at any time in the build process you get messages like: "make: don't know
how to ..." you should be able to recover by running the following command from
$ make makefiles CC="purify cc"
$ make
-and so on. In some cases, optimization is turned off automatically.
+and so on. In some cases, optimization will be turned off automatically.
+
+4\b4.\b.3\b3 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg w\bwi\bit\bth\bh P\bPo\bos\bst\btf\bfi\bix\bx p\bpo\bos\bsi\bit\bti\bio\bon\bn-\b-i\bin\bnd\bde\bep\bpe\ben\bnd\bde\ben\bnt\bt e\bex\bxe\bec\bcu\but\bta\bab\bbl\ble\bes\bs (\b(P\bPo\bos\bst\btf\bfi\bix\bx >\b>=\b= 3\b3.\b.0\b0)\b)
+
+On some systems Postfix can be built with Position-Independent Executables. PIE
+is used by the ASLR exploit mitigation technique (ASLR = Address-Space Layout
+Randomization):
+
+ $ make makefiles pie=yes ...other arguments...
+
+(Specify "make makefiles pie=no" to explicitly disable Postfix position-
+independent executable support).
+
+Postfix PIE support appears to work on Fedora Core 20, Ubuntu 14.04, FreeBSD 9
+and 10, and NetBSD 6 (all with the default system compilers).
-4\b4.\b.3\b3 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg w\bwi\bit\bth\bh P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be p\bpl\blu\bug\bgi\bin\bns\bs
+Whether the "pie=yes" above has any effect depends on the compiler. Some
+compilers always produce PIE executables, and some may even complain that the
+Postfix build option is redundant.
+
+4\b4.\b.4\b4 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg w\bwi\bit\bth\bh P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be p\bpl\blu\bug\bgi\bin\bns\bs
(\b(P\bPo\bos\bst\btf\bfi\bix\bx >\b>=\b= 3\b3.\b.0\b0)\b)
Postfix dynamically-linked library and database plugin support exists for
Overview of topics:
- * 4.3.1 Turning on Postfix dynamically-linked library support
- * 4.3.2 Turning on Postfix database-plugin support
- * 4.3.3 Customizing Postfix dynamically-linked libraries and database plugins
+ * 4.4.1 Turning on Postfix dynamically-linked library support
+ * 4.4.2 Turning on Postfix database-plugin support
+ * 4.4.3 Customizing Postfix dynamically-linked libraries and database plugins
* 4.4.4 Tips for distribution maintainers
Note: directories with Postfix dynamically-linked libraries or database plugins
dynamically-linked libraries and database plugins implement a Postfix-internal
API that changes without maintaining compatibility.
-4\b4.\b.3\b3.\b.1\b1 T\bTu\bur\brn\bni\bin\bng\bg o\bon\bn P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bry\by s\bsu\bup\bpp\bpo\bor\brt\bt
+4\b4.\b.4\b4.\b.1\b1 T\bTu\bur\brn\bni\bin\bng\bg o\bon\bn P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bry\by s\bsu\bup\bpp\bpo\bor\brt\bt
Postfix can be built with Postfix dynamically-linked libraries (files typically
named libpostfix-*.so). Postfix dynamically-linked libraries add minor run-time
lib/postfix or /usr/local/lib/postfix, with file names libpostfix-name.so,
where the name is a source-code directory name such as "util" or "global".
-See section 4.3.3 "Customizing Postfix dynamically-linked libraries and
+See section 4.4.3 "Customizing Postfix dynamically-linked libraries and
database plugins" below for how to customize the Postfix dynamically-linked
library location, including support to upgrade a running mail system safely.
-4\b4.\b.3\b3.\b.2\b2 T\bTu\bur\brn\bni\bin\bng\bg o\bon\bn P\bPo\bos\bst\btf\bfi\bix\bx d\bda\bat\bta\bab\bba\bas\bse\be-\b-p\bpl\blu\bug\bgi\bin\bn s\bsu\bup\bpp\bpo\bor\brt\bt
+4\b4.\b.4\b4.\b.2\b2 T\bTu\bur\brn\bni\bin\bng\bg o\bon\bn P\bPo\bos\bst\btf\bfi\bix\bx d\bda\bat\bta\bab\bba\bas\bse\be-\b-p\bpl\blu\bug\bgi\bin\bn s\bsu\bup\bpp\bpo\bor\brt\bt
Additionally, Postfix can be built to support dynamic loading of Postfix
database clients (database plugins) with the Debian-style dynamicmaps feature.
See the next section for how to customize the location and version of Postfix
database plugins and the location of the file dynamicmaps.cf.
-4\b4.\b.3\b3.\b.3\b3 C\bCu\bus\bst\bto\bom\bmi\biz\bzi\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be p\bpl\blu\bug\bgi\bin\bns\bs
+4\b4.\b.4\b4.\b.3\b3 C\bCu\bus\bst\bto\bom\bmi\biz\bzi\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be p\bpl\blu\bug\bgi\bin\bns\bs
+
+C\bCu\bus\bst\bto\bom\bmi\biz\bzi\bin\bng\bg b\bbu\bui\bil\bld\bd-\b-t\bti\bim\bme\be a\ban\bnd\bd r\bru\bun\bn-\b-t\bti\bim\bme\be o\bop\bpt\bti\bio\bon\bns\bs f\bfo\bor\br P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd
+l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be p\bpl\blu\bug\bgi\bin\bns\bs
+
+The build-time environment variables SHLIB_CFLAGS, SHLIB_RPATH, and
+SHLIB_SUFFIX provide control over how Postfix libraries and plugins are
+compiled, linked, and named.
+
+ $ make makefiles SHLIB_CFLAGS=flags SHLIB_RPATH=rpath SHLIB_SUFFIX=suffix
+ ...other arguments...
+ $ make
+
+See section 4.7 "Overriding other compile-time features" below for details.
C\bCu\bus\bst\bto\bom\bmi\biz\bzi\bin\bng\bg t\bth\bhe\be l\blo\boc\bca\bat\bti\bio\bon\bn o\bof\bf P\bPo\bos\bst\btf\bfi\bix\bx d\bdy\byn\bna\bam\bmi\bic\bca\bal\bll\bly\by-\b-l\bli\bin\bnk\bke\bed\bd l\bli\bib\bbr\bra\bar\bri\bie\bes\bs a\ban\bnd\bd d\bda\bat\bta\bab\bba\bas\bse\be
p\bpl\blu\bug\bgi\bin\bns\bs
same format as the configuration file postfix-files. There is no
requirement that these configuration file *names* have a specific format.
-4\b4.\b.4\b4 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg w\bwi\bit\bth\bh o\bop\bpt\bti\bio\bon\bna\bal\bl f\bfe\bea\bat\btu\bur\bre\bes\bs
+4\b4.\b.5\b5 -\b- B\bBu\bui\bil\bld\bdi\bin\bng\bg w\bwi\bit\bth\bh o\bop\bpt\bti\bio\bon\bna\bal\bl f\bfe\bea\bat\btu\bur\bre\bes\bs
By default, Postfix builds as a mail system with relatively few bells and
whistles. Support for third-party databases etc. must be configured when
Note: IP version 6 support is compiled into Postfix on operating systems that
have IPv6 support. See the IPV6_README file for details.
-4\b4.\b.5\b5 -\b- O\bOv\bve\ber\brr\bri\bid\bdi\bin\bng\bg b\bbu\bui\bil\blt\bt-\b-i\bin\bn p\bpa\bar\bra\bam\bme\bet\bte\ber\br d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bgs\bs
+4\b4.\b.6\b6 -\b- O\bOv\bve\ber\brr\bri\bid\bdi\bin\bng\bg b\bbu\bui\bil\blt\bt-\b-i\bin\bn p\bpa\bar\bra\bam\bme\bet\bte\ber\br d\bde\bef\bfa\bau\bul\blt\bt s\bse\bet\btt\bti\bin\bng\bgs\bs
-4\b4.\b.5\b5.\b.1\b1 -\b- P\bPo\bos\bst\btf\bfi\bix\bx 3\b3.\b.0\b0 a\ban\bnd\bd l\bla\bat\bte\ber\br
+4\b4.\b.6\b6.\b.1\b1 -\b- P\bPo\bos\bst\btf\bfi\bix\bx 3\b3.\b.0\b0 a\ban\bnd\bd l\bla\bat\bte\ber\br
All Postfix configuration parameters can be changed by editing a Postfix
configuration file, except for one: the parameter that specifies the location
|shlib_directory |/usr/lib/postfix |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
-4\b4.\b.5\b5.\b.2\b2 -\b- A\bAl\bll\bl P\bPo\bos\bst\btf\bfi\bix\bx v\bve\ber\brs\bsi\bio\bon\bns\bs
+4\b4.\b.6\b6.\b.2\b2 -\b- A\bAl\bll\bl P\bPo\bos\bst\btf\bfi\bix\bx v\bve\ber\brs\bsi\bio\bon\bns\bs
All Postfix configuration parameters can be changed by editing a Postfix
configuration file, except for one: the parameter that specifies the location
Note: the data_directory parameter (for caches and pseudo-random numbers) was
introduced with Postfix version 2.5.
-4\b4.\b.6\b6 -\b- O\bOv\bve\ber\brr\bri\bid\bdi\bin\bng\bg o\bot\bth\bhe\ber\br c\bco\bom\bmp\bpi\bil\ble\be-\b-t\bti\bim\bme\be f\bfe\bea\bat\btu\bur\bre\bes\bs
+4\b4.\b.7\b7 -\b- O\bOv\bve\ber\brr\bri\bid\bdi\bin\bng\bg o\bot\bth\bhe\ber\br c\bco\bom\bmp\bpi\bil\ble\be-\b-t\bti\bim\bme\be f\bfe\bea\bat\btu\bur\bre\bes\bs
The general method to override Postfix compile-time features is as follows:
||-DNO_DB |platforms that are known to support this |
|| |feature. If you override this, then you |
|| |probably should also override DEF_DB_TYPE as |
-|| |described in section 4.5. |
+|| |described in section 4.6. |
|_\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
|| |Do not build with Solaris /dev/poll support. |
||-DNO_DEVPOLL |By default, /dev/poll support is compiled in |
|| |to be available. |
|_\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
| |Specifies a non-default compiler debugging |
-|DEBUG=debug_level |level. The default is -g. Specify DEBUG= to |
+|DEBUG=debug_level |level. The default is "-g". Specify DEBUG= to |
| |turn off debugging. |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
| |Specifies a non-default optimization level. |
-|OPT=optimization_level |The default is -O. Specify OPT= to turn off |
+|OPT=optimization_level |The default is "-O". Specify OPT= to turn off |
| |optimization. |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
-| |Specifies non-default gcc compiler warning |
-|WARN="warning_flags..." |options for use when "make" is invoked in a |
-| |source subdirectory only. |
+| |Specifies non-default compiler options for |
+|SHLIB_CFLAGS=flags |building Postfix dynamically-linked libraries |
+| |and database plugins. The typical default is |
+| |"-fPIC". |
+|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+| |Specifies a non-default runpath for Postfix |
+|SHLIB_RPATH=rpath |dynamically-linked libraries. The typical |
+| |default is "'-Wl,-rpath,${SHLIB_DIR}'". |
+|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+| |Specifies a non-default suffix for Postfix |
+|SHLIB_SUFFIX=suffix |dynamically-linked libraries and database |
+| |plugins. The typical default is ".so". |
+|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
+| |Specifies non-default compiler warning options|
+|WARN="warning_flags..." |for use when "make" is invoked in a source |
+| |subdirectory only. |
|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b|_\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b _\b |
-4\b4.\b.7\b7 -\b- S\bSu\bup\bpp\bpo\bor\brt\bt f\bfo\bor\br t\bth\bho\bou\bus\bsa\ban\bnd\bds\bs o\bof\bf p\bpr\bro\boc\bce\bes\bss\bse\bes\bs
+4\b4.\b.8\b8 -\b- S\bSu\bup\bpp\bpo\bor\brt\bt f\bfo\bor\br t\bth\bho\bou\bus\bsa\ban\bnd\bds\bs o\bof\bf p\bpr\bro\boc\bce\bes\bss\bse\bes\bs
The number of connections that Postfix can manage simultaneously is limited by
the number of processes that it can run. This number in turn is limited by the
configured to handle thousands of connections. See the TUNING_README guide for
examples of how to increase the number of open sockets or files.
-4\b4.\b.8\b8 -\b- C\bCo\bom\bmp\bpi\bil\bli\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx,\b, a\bat\bt l\bla\bas\bst\bt
+4\b4.\b.9\b9 -\b- C\bCo\bom\bmp\bpi\bil\bli\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx,\b, a\bat\bt l\bla\bas\bst\bt
If the command
To force Postfix to build without SMTPUTF8, specify:
- $ m\bma\bak\bke\be m\bma\bak\bke\bef\bfi\bil\ble\bes\bs C\bCC\bCA\bAR\bRG\bGS\bS=\b=-\b-D\bDN\bNO\bO_\b_E\bEA\bAI\bI .\b..\b..\b.
+ $ m\bma\bak\bke\be m\bma\bak\bke\bef\bfi\bil\ble\bes\bs C\bCC\bCA\bAR\bRG\bGS\bS=\b="\b"-\b-D\bDN\bNO\bO_\b_E\bEA\bAI\bI .\b..\b..\b."\b"
See the INSTALL document for more "make makefiles" options.
This is the Postfix 3.0 (stable) release.
-The stable Postfix release is called postfix-3.0.x where 2=major
+The stable Postfix release is called postfix-3.0.x where 3=major
release number, 0=minor release number, x=patchlevel. The stable
release never changes except for patches that address bugs or
emergencies. Patches change the patchlevel and the release date.
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
-will result in mail staying queued and the logile will contain
+will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
Major changes - default settings
of lookup tables from file.
[Feature 20140924] Support for unionmap, with the same syntax as
-pipemap. This sends a query to all tables, and non-empty results
-are concatenated, separated by comma.
+pipemap. This sends a query to all tables, and concatenates non-empty
+results, separated by comma.
[Feature 20131121] The "static" lookup table now supports whitespace
when invoked as "static:{ text with whitespace }", so that it can
This is a workaround to avoid error-recovery delays with policy
servers that cannot maintain a persistent connection.
+Major changes - position-independent executables
+------------------------------------------------
+
+[Feature 20150205] Preliminary support for building position-independent
+executables (PIE), tested on Fedora Core 20, Ubuntu 14.04, FreeBSD
+9 and 10, and NetBSD 6. Specify:
+
+$ make makefiles pie=yes ...other arguments...
+
+On some systems, PIE is used by the ASLR exploit mitigation technique
+(ASLR = Address-Space Layout Randomization). Whether specifying
+"pie=yes" has any effect at all depends on the compiler. Reportedly,
+some compilers always produce PIE executables.
+
Major changes - postscreen
--------------------------
[Incompat 20140714] After upgrading Postfix, "postfix reload" (or
start/stop) is required. Several Postfix-internal protocols have
been extended to support SMTPUTF8. Failure to reload or restart
-will result in mail staying queued and the logile will contain
+will result in mail staying queued, while Postfix daemons log
warning messages about unexpected attributes.
[Feature 20140715] Support for Email Address Internationalization
+++ /dev/null
-Wish list:
-
- Things to do before the stable release:
-
- Spell-check, double-word check, and HTML validator check.
-
- Remove this file from the stable release.
-
- Things to do after the stable release:
-
- MAINTAINER_README (with shared lib build guidance)
-
- Update smtpd command count when rejecting input before
- command-table lookup.
-
- In release-notes add commands=x/y logging to the command
- statistics.
-
- Automatically do the equivalent of syslog_name=postfix/mumble
- when basename(mumble) differs from basename(program file).
-
- UTF8 DNS[BW]L domain name.
-
- Consolidate maps flags in mail_params.h instead of having
- multiple copies scattered across programs.
-
- Try to allow UTF-8 myhostname/mydomain, at least in bounce
- template expansion.
-
- No enhanced status code when rejecting connection before
- the HELO handshake is completed.
-
- Maybe don't whitelist a client that has maxed out its
- per-MTA connection count limit.
-
- Inline support for pcre:{/pattern/=action, ...} and ditto
- support for regexp: and cidr: tables. Factor out and reuse
- code that already exists in inline: and other tables.
-
- Solaris poll() does not work as expected. With Solaris10,
- write_wait() hangs until timeout when invoked after peekfd()
- has received an ECONNRESET error indication. This happens
- when a client sends QUIT and closes the connection immediately.
- Apparently the ECONNRESET error condition is not persistent.
-
- Log command=good/bad statistics in postscreen?
-
- Implement smtpd_client_auth_rate limit?
-
- Make the access map BCC action consistent with header_checks.
-
- smtpd_checks tests either must use a DNS dummy resolver
- (override the res_search API) or all names must be under
- porcupine.org (but that does not work for address->name
- lookups, and cannot simulate some errors).
-
- Reporting the original Message-ID in a bounce message
- In-Reply-To: or References: header. In the cleanup daemon,
- grab a copy of the Message-ID and export it along with other
- header-extracted information at the top of the "extracted"
- queue file segment. In the queue manager, extract this
- along with other header-extracted information, and forward
- the Message-ID in the bounce server notification request.
-
- Find a way to show non-default OPT, DEBUG etc. settings at
- the top of the makedefs.out file.
-
- Update smtputf8_enable in postconf(5)
-
- Clobber ORCPT when sender is owner-mumble?
-
- Add milter_mumble_macros to the list of per-macro features.
-
- The pickup daemon logs warnings only when the cleanup daemon
- dit not provide a "reason" attribute. Is this logic right?
-
- up-convert myhostname to UTF-8 in MIME boundary strings?
-
- Eliminate code duplication between pcf_print_master_field()
- and pcf_print_master_entry().
-
- Error reporting: see if pcf_check_master_entry() and children
- can return error descriptions instead of terminating with
- a fatal error.
-
- Make sure that proxy: can handle random:, pipe:, and other
- multimaps.
-
- Add a switch to consider postscreen deep protocol tests as
- "completed" when receiving "RSET" after "RCPT TO" and the
- session has passed all tests up to that point. RSET becomes
- like QUIT except perhaps that it does not hang up.
-
- apipe: map, splits results into address lists and performs
- lookups for the invidual addresses, converting back and
- forth between external and internal forms.
-
- Clarify that receive_override_options have no effect with
- smtpd_proxy_filter.
-
- Document the relative order of header_checks, address
- rewriting, milters.
-
- NOT: Table-driven case folding and case-insensitive string
- comparison specifically for UTF-8. Use libicu functions
- instead.
-
- When downgrading message/global to 7bit, is quoted-printable
- the appropriate encoding? Should it be base64?
-
- Should we encode headers with RFC 2047, when that is the
- only reason that Postfix cannot deliver to a non-UTF8SMTP
- server? Probably not in the general case. What about
- Postfix as a gateway server that converts UTF8SMTP
- for delivery to non-UTF8SMTP environments?
-
- Document and test restriction_classes example for
- smtpd_policy_service_default_action.
-
- Don't accept AUTH or other features that are not announced
- in the EHLO response.
-
- Suggested at Mailserver conference: Postscreen RDNS-based
- reputation (but this makes postscreen performance highly
- unpredicable because it introduces a dependency on random
- DNS servers).
-
- Suggested at Mailserver conference: a way to select a
- specific field in a table, presumably as the result value.
- This may be done with a filtermap{i,j,...}: table that propagates
- only the specified field(s).
-
- Discourage the use of "after 220" tests in POSTSCREEN_README
- and the documentation of individual parameter settings.
-
- To un-break "make tests" under src/smtpd, make tests
- independent from the DNS and native routines for host
- name/address lookup.
-
- Make been_here flag BH_FLAG_FOLD configurable for masochists.
-
- Replace some redundant TLS_README sections with pointers
- to FORWARD_SECRECY_README.
-
- Move html/index.html source to proto/.
-
- How hard is it to follow canonical or virtual mapping
- for the purpose of address validation? We must never
- reject a valid address.
-
- Preserve case in smtpd_resolve_addr() and add a structure
- member for the case-folded address. IIRC some Milter macro
- needs to show the unfolded address.
-
- Per SASL account rate limits. This requires new infrastructure
- that maintains stats by SASL account instead of client IP
- address.
-
- Watchdog timer in postmap/postalias.
-
- Begin code revision, after DANE support stabilizes. This
- should be one pass that changes only names and no code.
-
- recipient_delimiters = $recipient_delimiter for BC
-
- All source code must specify its original author and
- license statement. Some code modules specify Lutz Jaenicke
- as the original author and fall under his liberal license.
- Code that is added to such a module has the same license
- (or at least something that is not more restrictive). Code
- modules without input from Lutz Jaenicke must state its
- original author and license (preferably no more restrictive
- than Postfix's own license). Currently, too many files list
- Wietse as the original author, and Lutz Jaenicke's license,
- which is wrong.
-
- We have smtp_host_lookup, smtp_dns_resolver_options, and
- now smtp_dns_support_level. Of these, smtp_dns_resolver_options
- is orthogonal but the rest has overlap.
-
- There needs to be support for automatic migration from the
- deprecated disable_dns_lookups feature to the preferred
- smtp_dns_support_level feature. This support needs to exist
- for several releases before the deprecated feature can be
- removed.
-
- End code revision, after DANE support stabilizes.
-
- It would be nice if "bare username" lookup is not hard-coded
- for domains in the local address class.
-
- Don't forget Apple's code donation for fetching mail from
- IMAP server.
-
- Should postconf -o refuse to work without the -x option?
-
- Make 30s caching (feature 20070414) configurable, such that
- 0 means no caching.
-
- Make errno white/blacklist for getpwnam_r etc. and mailbox
- write errors.
-
- smtpd_muble_restrictions rule names are case-insensitive.
- restriction_classes values are case-sensitive but should
- be case-insensitive for consistency with smtpd_muble_restrictions.
-
- Make "rename" the default when postmapping a DB file
- (later: use copy+rename for postmap -i, postmap -d).
-
- Service-name parameters aren't documented in daemon manpages.
-
- When faking up the DSN ORCPT, don't send bare usernames
- from local command-line submission.
-
- lmtp_assume_final is broken. A 2XX response does not imply
- final delivery. The Sieve language implements accept-then-bounce.
-
- postscreen event-driven plug-in interface to send out a
- query in parallel with the Pregreet and DNSBL tests, using
- a simplified version of the policy delegation protocol.
-
- Parallelized queue preprocessing: rip out the queue manager
- code to read queue files and resolve recipients, and run
- it in parallel processes. The queue manager then processes
- their results as they become available. This would eliminate
- the qmgr<->trivial-rewrite bottleneck. This can also eliminate
- much of the scheduling disadvantage of a single queue manager
- compared to hundreds of mail receiving or sending processes
- (especially if there is a way to scan the queue in parallel).
-
- Memory pools for same-type memory objects. This can be
- used to either increase memory locality for frequently-allocated
- objects (MRU allocation) or to make use-after-free bugs
- more detectable (use LRU allocation and wipe the object
- immediately after free(). Finally, same-type memory pools
- prevent object type errors with use-after-free bugs.
-
- "no-cache" option for selected postscreen tests?
-
- Need a new DICT flag to indicate that a map handle supports
- locking. If it doesn't (as with memcache or proxymap
- handles), then postscreen etc. don't need to close a cache
- file after "postfix reload". After a fork() it is OK to
- keep using a memcache or proxymap handle, because the parent
- exits immediately. For this to work, the memcache client
- needs to propagate the flag from a persistent backup map,
- but the proxymap protocol should not propagate this to the
- client.
-
- Different TTL values for different DNSBL sources?
-
- Replace master(8) SIGHUP by very simple socket protocol to
- allow reload of a specific service.
-
- postscreen: in the dummy SMTP engine, log the protocol state
- at time of violation (like smtpd, set state->where initially
- to CONNECT, then update it with the name of the last "known"
- command, or set it to "unimplemented").
-
- The discussion of postscreen cache configuration is in the
- wrong place (how whitelisting works). Move it to the section
- about configuring postscreen.
-
- Before proxymap can be exposed to the network (primarily
- to share postscreen or verify caches), need to enforce
- limits on attribute string name and value length in IPC
- protocols. 10-20KB seems OK. We need to enforce content
- sanity checks (for example, no control characters; Postfix
- does not pass around multi-line data in table lookups). The
- VSTREAM library already supports read/write deadlines. We
- need to use attack-resistant code for numeric conversion.
-
- move flush_init() etc. from defer service clients to the
- bounce daemon? Postfix works best when work can be spread
- out over many clients, instead of over a few servers.
-
- multi_connect() function that takes a list of inet:host:port
- and/or unix:pathname specs, with an explicit "inet" prefix
- argument to handle applications that use host:port only.
- This will simplify multi-host implementation for memcache
- client, dovecot client, and other.
-
- dict_memcache: treat "bad" key as cache miss, i.e. read/write
- the backup database as if the cache did not exist. This
- does not help because most Postfix maps (virtual, canonical,
- access, transport, ...) also don't support spaces in keys.
-
- postscreen: keep the cache open after "postfix reload" when
- it is remote (type memcache: or proxy:). This does not work
- because memcache can use a non-proxied file as backup).
-
- What is the feasibility of adding an mta_name (personality)
- attribute that is propagated via queue files and delivery
- agent requests? It would default to myhostname.
-
- Major performance improvement opportunity (that is until
- everyone runs Postfix queues on SSDs). Investigate the
- viability of a daemon that produces incoming and postdrop
- queue files on request (in reality it would maintain a
- limited queue of "spare" files). Central queue file allocation
- reduces the I/O performance disadvantage that qmgr has when
- 100 smtpd processes are receiving mail, or when lots of
- mail is submitted with the sendmail command line. When an
- smtpd process accepts MAIL FROM, a cleanup daemon requests
- a queue file and receives a queue ID + file handle from the
- queue file daemon. If the queue file daemon is down, the
- cleanup daemon creates the file itself like it does now;
- this can be hidden in the mail_stream library module. If
- the mail transaction is aborted, then the cleanup daemon
- gives the queue file back to the queue file daemon's "spare"
- file pool, saving most of the overhead of creating and
- deleting a queue file (the file would still need to be
- renamed at the start of the next mail transaction). If the
- cleanup daemon is unable to give a file back, then it can
- delete the file like it does now; this can be hidden in the
- mail_stream library module. The whole thing can be
- transparently added to Postfix by adding calls to a
- queue-file-service client to the mail_queue_enter() and
- mail_queue_remove() library routines. Other advantages:
- 1) negligible performance hit when queue file allocation
- happens earlier, so that logging and milters have a queue
- ID for the whole transaction not just the first valid
- recipient; 2) by not removing every queue files we get most
- of the performance gain of a queue based on append/truncate
- instead of the much more expensive create/delete.
-
- Investigate viability of Sendmail dns maps.
-
- Make the rules for how to use close-on-exec more explicit.
-
- Provide separate timeout control for dict_proxy client,
- rewrite client, resolve client, cleanup client, and so on.
- Perhaps a timeout argument to the mail_connect() routines.
-
- Trick from amavisd: save listen socket/fifo/etc state, clear
- their close-on-exec flags, exec the same program file to
- re-initialize (with saved socket state on command line or
- in environment), then restore the listen socket/fifo/etc
- close-on-exec flags. This could be a way to mitigate the
- impact of memory/file leaks, and to implement "postfix
- reload" support for master(8) features that currently don't
- support this.
-
- Sub-second time resolution. The first benefit is to make
- per-destination rate delays more usable. Other applications
- will come up once the support exists. The straightforward
- approach is to represent all time intervals in milliseconds,
- and to update all code that makes system calls with a time
- argument (as well as the compiled-in upper and lower time
- parameter bounds, which are currently in seconds).
- Unfortunately, that limits he maximum time interval to less
- than 25 days on 32-bit systems, and is likely to break
- compatibility (for starters, it cannot even deal with the
- compiled-in 100d upper bound on the queue file lifetime).
- A second option is to have a "compatibility" time base
- switch between milliseconds and seconds; this means extra
- changes to all code that makes system calls with a time
- argument, and the way that the compiled-in upper and lower
- bounds are specified. Some of this can be encapsulated in
- macros like time_to_sec(t), time_to_msec(t) and sec_to_time(t).
- Finally, it is relatively easy to replace the events(3)
- interface to use "double" for the time delay arguments, but
- it is a major pain to convert all main.cf time parameters
- into doubles (converting only some leads to a documentation
- nightmare).
-
- Address verify cache: allow a negative cache "refresh"
- result to purge a "positive" cache entry in some safe manner.
- Currently, the negative cache "refresh" result is discarded,
- address verify cache lookup returns OK, and each lookup
- forces a "refresh" probe until the entry expires.
-
- Some Sendmail configurations trigger sub-optimal behavior
- when the postscreen_whitelist_interfaces parameter lists
- primary MX addresses only. When postscreen's "deep protocol
- tests" are successful on the primary MX address (i.e. they
- result in 4XX responses to RCPT TO), some Sendmail
- configurations keep the primary MX connection open until
- AFTER they finish talking to the backup MX address. The
- problem is that the backup connection runs into a WHITELIST
- VETO condition because the whitelisting database has not
- yet been updated with the PASS NEW result for the primary
- MX connection. Unfortunately postscreen can't update the
- whitelisting database before the primary MX connection is
- closed, because a client may still make a mistake.
-
- In the SMTP server, check if the connection is closed before
- replying to ".", and discard the message if the reply can't
- be sent. This reduces the time window for RFC 1047 message
- duplication, and may even prevent the delivery of some spam.
- http://www.exim.org/lurker/message/20070416.103159.9d5ff0ce.en.html
- This requires splitting the SMTP server's commit operation
- into two operations: first, a tentative commit operation
- that performs most of the I/O and processing in milters and
- in the cleanup server; second, a final commit operation
- that is executed only if the remote SMTP client hasn't hung
- up in the mean time. Unfortunately, SMTP-based before-queue
- content filters don't support a tentative commit operation.
-
- Find out how to reproduce Berkeley DB bogus ENOENT errors.
- postscreen does not log this with Berkeley DB 1 (FreeBSD
- 4..8), 4.7.25 (Ubuntu 9.04) and 4.8.24 (Ubuntu 10.04).
-
- postconf command-line option to show the compile-time
- settings (CCARGS, AUXLIBS) in case binary packages
- don't install the makedefs.out file.
-
- events.c: cache the side effects of file descriptor event
- enable/disable operations in user space, and do bulk kernel
- updates at event_loop() time. This can eliminate costly
- system calls with successive event disable/enable operations
- on the same file descriptor. This can also eliminate the
- need for tricky code that tries to avoid the expense of
- successive disable/enable operations. Such code is likely
- to introduce bugs.
-
- When does it pay off to send domains in the active queue
- to a DNS prefetch daemon? Could this generalize to a dynamic
- transport map that piggy-backs domains with the same MX
- host into the same mail delivery transaction?
-
- tlsproxy(8) should receive TLS preferences from postscreen(8)
- and smtpd(8), instead of reading them from main.cf. This
- means that many tlsproxy_ parameters become postscreen_
- parameters, and that tls_server_init() parameters move to
- to tls_server_start(). That is a significant API change.
- It also means tlsproxy can't open all files before chroot().
-
- anvil rate limit for sasl_username.
-
- Encapsulate nbbio buffer access and update by tlsproxy.
-
- Full-duplex support for tlsproxy(8). This requires updating
- events(3) and nbbio(3).
-
- Register automagic destructor for object attached to VSTREAM.
-
- Use different ipc time limits for email message transactions
- (smtpd, pickup)->cleanup and for quick query/reply transactions
- such as address rewriting/resolution. Beware of large time
- limits for local or virtual alias expansion.
-
- permit_tempfail_action (default: defer_if_reject) to be
- used as the default value for dnswl_tempfail_action and
- rhswl_tempfail_action. Steal liberally from the code that
- implements unverified_recipient_tempfail_action etc.
-
- Support filtering of messages that are generated by Postfix:
- This would apply to postmaster notices and bounce messages
- (DKIM), and address verification (BATV).
-
- Consistency: in postconf.proto make <dt>..</dt> tags bold.
-
- Would it help if there were different cleanup_service
- parameter names for different message paths? smtpd(8) uses
- the same cleanup_service value for receiving remote mail
- and for submitting postmaster problem reports. Do we need
- separate mumble_cleanup_service_name parameters for "inject",
- "notify" and "forward" (with backwards compatible defaults)?
-
- IF/ENDIF support for CIDR tables.
-
- Need a regular expression table to translate address
- verification responses into hard/soft/accept reply codes.
-
- Is there a way to make sendmail -V work after local alias
- expansion? Majordomo-like mailing lists would benefit from
- this; the example in VERP_README does not work in the general
- case.
-
- When an alias is a member of an :include: list with owner-
- alias, local(8) needs an option to deliver alias or alias->user
- indirectly. What happens when an :include: list with owner-
- alias includes another list?
-
- Don't allow empty result values in pcre and regexp maps.
- Postfix doesn't allow them anywhere else (check this).
-
- Make PCRE_MAX_CAPTURE configurable.
-
- Add some checks for tokens starting with #. A challenge
- is to report sensible context from the guts of some low-level
- parser, without introducing a great deal of clumsiness.
-
- Add sendmail macros for {verify} and maybe other TLS info.
-
- Find out if we are doing the correct thing by looking at
- state->milter_reject_text when expanding {rcpt_addr} or
- {rcpt_host}.
-
- Find out why post_mail() etc. block when the qmgr fifo is
- full (answer: trigger_timeout). How can this cause delays
- in the queue manager? When a recipient bounces during
- (transport, nexthop, address) resolution, it is redirected
- to the error or retry mailer; and bounce-after-delivery is
- asynchrounous so it can't block the queue manager, either.
-
- How to ensure that proxy_read_maps is processed after all
- its dependencies are initialized, or just bite the bullet
- and rewrite the parameter initialization code.
-
- The cleanup virtual alias expansion limit does not really
- deliver on its promises. 1) It promises to truncate the
- result without aborting delivery, which would be undesirable
- anyway, but that is not what it does, so that is good. 2)
- It keeps all the recipients from multi-recipient database
- lookup, then terminates further recursion when the result
- exceeds the expansion limit. This behavior achieves the
- original goal that all things shall have a finite size (even
- though but we don'really care how large they are) but may
- result in surprises when recipients are listed in virtual
- alias domains or need expansion for other reasons. In a
- phone call with Victor, a reasonable way out is to set the
- limit to some large number (100000) and abort delivery when
- the result exceeds the limit.
-
- Should the postscreen save permanent white/black list lookup
- results to the temporary cache, and query the temporary
- cache first? Skipping white/black list lookups will speed
- up the handling of "good" clients without a permanent
- whitelist entry. Of course, this means that updates to the
- white/black lists do not immediately take effect. Workarounds:
- 1) use a shorter temporary cache TTL for clients on the
- permanent black/white lists; 2) ignore cached white/black
- list lookup results after "postfix reload"; 2) adjust the
- logging, for example "WHITELISTED address (cached)" and
- "BLACKLISTED address (cached)" to eliminate surprises.
- Comparing the cache entry time with the white/blacklist
- file modification time is not foolproof: for example, pcre
- or CIDR tables are read only once.
-
- It would be nice if the generic dict_cache(3) cache manager
- could postpone process suicide until cache cleanup is
- completed (but that is not possible when postscreen forks
- into the background to finish already-accepted connections,
- and it is not desirable when a host is being shut down).
-
- When postscreen drops a connection, a 521 "greeting" should
- be of the form "521 servername..." and not have an enhanced
- status code. The "521 5.7.1" form can be used after EHLO.
- Of course no spammer is going to complain about Postfix
- SMTP compliance.
-
- Find a place to document all the mail routing mechanisms
- in one place so people can figure out how Postfix works.
-
- The access map BCC action is marked "not stable", perhaps
- because people would also expect BCC actions in header/body_checks.
- How much would it take to make the queue file editing code
- generally usable?
-
- Move smtpd_command_filter into smtpd_chat_query() and update
- the session transcript (see smtp_chat_reply() for an example).
-
- SMTP connection caching without storing connections, to
- improve TLS mail delivery performance.
-
- Should not milter8_mail_event() unset the "hold" default
- reply? Better, the default reply should not be used for
- this purpose.
-
- Don't send MASTER_STAT_TAKEN/MASTER_STAT_AVAIL when a server
- runs with process limit of 1. But this means the master
- never learns that the process is successful and will always
- pause $service_throttle_time before restarting a failed service.
-
- Don't bother maintaining a per-service lockfile when a
- server runs with process limit of 1. The purpose of the
- lockfile is to avoid thundering herd problems when the kernel
- wakes up multiple processes for each new client connection.
-
- Implement PREPEND action for milter_header_checks. Save the
- to-be-prepended text to buffer, then emit it along with the
- new header.
-
- Fix the header_body_checks API, so that the name of the map
- class (e.g. milter_header_checks) is available for logging.
-
- Fix the mime_state and header_body_checks APIs, so that
- they use VSTRINGs. This simplifies REPLACE actions.
-
- Update FILTER_README for multi-instance support, and rename
- the old document to FILTER_LEGACY_README.
-
- Need to sign delivery status notifications, to avoid surprises
- when eventually people start enforcing DKIM etc. signatures.
-
- Either document or remove the internal_mail_filter_classes
- feature (it's disabled by default).
-
- Make the "unknown recipient" test configurable as
- first|last|never, with "yes"=="last" for backwards
- compatibility. The "first" setting is good for performance
- (stress=yes) when all users are defined in local files; but
- it may perform worse when users are in networked tables.
-
- Cleanup: make DNSBL query format configurable beyond the
- client's reversed IP address.
-
- With 'final delivery' in the LMTP client, need an option
- to also add delivered-to and other pipe(8) features. This
- requires making mail_copy() functionality available in
- non-mailbox context.
-
- Cleanup: modernize the "add missing From: header" code, to
- ``phrase <addr>'' form. Most likely, quote the entire phrase
- if it contains any text that is special, then rfc822_externalize
- the whole thing.
-
- SMTP server: make the server_addr and server_port available
- to policy server, Dovecot, and perhaps Milters.
-
- Med: local and remote source port and IP address for smtpd
- policy hook.
-
- Maybe change maps_rbl_reject_code default to 521, and
- update wording in STRESS_README.
-
- Encapsulate time_t comparisons so that they can be made
- system dependent (use difftime() where available).
-
- Encapsulate time_t conversions (e.g. REC_TYPE_TIME) so that
- they can be made system dependent.
-
- Plan for time_t larger than long, or wait for LP64 to
- dominate the world?
-
- Make "AUTH=<>" appendage to MAIL FROM configurable, enabled
- by default.
-
- To support ternary operator without a huge parsing effort,
- consider ${value?{xxx}:{yyy}} where ${name} is existing
- syntax, and where ?{text} and :{text} are new syntax that
- is unlikely to break existing configurations. Or perhaps
- it's just too ugly.
-
- Write delivery rate delay example (which _README?) and auth
- failure cache example (SASL_README). Then include them in
- SOHO_README.
-
- Look for alternatives for the use of non_smtpd_milters.
- This involves some way to force local submissions to go
- through a local SMTP client and server, without triggering
- "mail loops back to myself" false alarms. The advantage is
- that it makes smtpd_mumble_restrictions available for local
- and remote mail; the disadvantage is that it makes local
- submissions more dependent on networking. One possibility
- is to use "pickup -o content_filter=smtp:127.0.0.1:10025",
- or a dedicated SMTP client/server on UNIX-domain sockets;
- we could also decide to always suppress "mail loop" detection
- for loopback connections. Another option is to have the
- pickup or cleanup server drive an SMTP client directly;
- this would require extension of the mail_stream() interface,
- plus a way to handle bounced/deferred recipients intelligently,
- but it would be at odds with Postfix design where delivery
- agents access queue files directly; exposing delivery agents
- to raw queue files violates another Postfix design principle.
-
- Consolidate duplicated code in *_server_accept_{pass,inet}().
-
- Consolidate duplicated code in {inet,unix,upass}_trigger.c.
-
- In the SMTP client, handle 421 replies in smtp_loop() by
- having the input function raise a flag after detecting 421
- (kill connection caching and be sure to do the right thing
- with RSET probes), leave the smtp_loop() per-command reply
- handlers unchanged, and have the smtp_loop() reader loop
- bail out with smtp_site_fail("server disconnected after
- %s", where), but only in the case that it isn't already in
- the final state. But first we need to clean up the handling
- of do/don't cache, expired, bad and dead sessions.
-
- Combine smtpd_peer.c and qmqpd_peer.c into a single function
- that produces a client context object, and provide attribute
- print/scan routines that pass these client context objects
- around. With this, we no longer have to update multiple
- pieces of code when a client attribute is added. Ditto for
- SASL and TLS context.
-
- Don't log "warning: XXXXX: undeliverable postmaster
- notification discarded" for spam from outside.
-
- Really need a cleanup driver that allows testing against
- Milter applications instead of synthetic events. This would
- have to provide stubs for clients that talk to Postfix
- daemon processes. See if this approach can also be used for
- other daemons.
-
- smtpd(8) exempts $address_verify_sender from access controls,
- but it doesn't know whether cleanup(8) or delivery agents
- modify the sender. Would it be possible to "calibrate" this
- exemption, perhaps by having delivery agents pass the probe
- sender to the verify server, keeping in mind that the probe
- sender may differ per delivery agent due to output rewriting.
-
- Update attr_print/scan() so they can send/receive file
- descriptors. This simplifies kludgy code in many daemons.
-
- Would there be a problem adding $smtpd_mumble_restrictions
- and $smtpd_sender_login_maps to the default proxy_read_maps
- settings?
-
- Remove defer(8) and trace(8) references and man pages. These
- are services not program names. On the other hand we have
- man pages for lmtp(8) and smtp(8), but not for relay(8).
- Likewise, retry(8) does not have a man page.
-
- Bind all deliveries to the same local delivery process,
- making Postfix perform as poorly as monolithic mailers, but
- giving a possibility to eliminate duplicate deliveries.
-
- Maybe declare loop when resolve_local(mxhost) is true?
-
- Update message content length when adding/removing headers.
-
- Need scache size limit.
-
- REDIRECT should override original recipient info, and
- probably override DSN as well.
-
- Update FILTER_README with mailing list suggestions to tag
- with a badness indicator and then filter down-stream.
-
- Make null local-part handling configurable: either expand
- into mailer-daemon (current bahavior) or disallow (strict
- behavior, currently implemented only in the SMTP server).
-
- Add M flag (enable multi-recipient delivery) to pipe daemon.
-
- The usage of TLScontext->cache_type is unclear. It specifies
- a TLS session cache type (smtpd, smtp, or lmtp), but it is
- sometimes used as an indicator that TLS session caching is
- unavailable. In reality, that decision is made by not
- registering call-back functions for cache maintenance.
-
- Postfix TLS library code should copy any strings that it
- receives from the application, instead of passing them
- around as pointers. TLScontext->cache_type is a case in
- point.
-
- Are transport:nexthop null fields the same as in the case
- of default_transport etc. parameters?
-
- Don't lose bits when converting st_dev into maildir file
- name. It's 64 bits on Linux. Found with the BEAM source
- code analyzer. Is this really a problem, or are they just
- using 64 bits for upwards compatibility with LP64 systems?
-
- Do or don't introduce unknown_reverse_client_reject_code.
-
- Check that "UINT32 == unsigned int" choice is ok (i.e. LP64
- UNIX).
-
- Tempfail when a Milter application tries to negotiate content
- access, while it is configured in an SMTP server that runs
- before the smtpd_proxy filter.
-
- Log DSN original recipient when rejecting mail.
-
- Keep whitespace between label and ":"?
-
- Make the map case folding/locking options configurable, if
- not at run-time then at least at compile time so we get
- consistent behavior across applications.
-
- Investigate what it would take to eliminate oqmgr, and to
- make the old behavior configurable in a unified queue
- manager. This would shave another 2.7 KLOC from the source
- footprint.
-
- Document the case folding strategy for match_list like
- features.
-
- Eliminate the (incoming,deferred)->active rename operation.
- This requires an in-memory hash of queue file names to avoid
- duplicate open() operations.
-
- Softbounce fallback-to-ISP for SOHO users. This heuristic
- assumes that when direct-to-MX delivery fails with 5XX,
- delivery via the ISP may still succeed. This could be
- implemented by enabling soft bounces for destinations other
- than the smtp_fallback_relay. So the only benefit of this
- over the existing soft_bounce feature is that it has no
- effect on smtp_fallback_relay deliveries.
-
- Centralize main.cf parameter input so that defaults work
- consistently. What about parameter names that are prefixed
- with mail delivery transport names?
-
- Fix default time unit handling so that we can have a default
- bounce lifetime of $maximal_queue_lifetime, without causing
- panics when a non-default maximal_queue_lifetime setting
- includes no time unit.
-
- After the 20051222 ISASCII paranoia, lowercase() lowercases
- ASCII text only.
-
- Privacy: remove local command/pathname details from remote
- delivery status reports, and log them via local msg_warn().
-
- Is it safe to cache a connection after it has been used for
- more than some number of address verification probes?
-
- Try to recognize that Resent- headers appear in blocks,
- newest block first. But don't break on incorrect header
- block organization.
-
- Hard limits on cache sizes (anvil, specifically).
-
- Laptop friendliness: make the qmgr remember when the next
- deferred queue scan needs to be done, and have the pickup
- server stat() the maildrop directory before searching it.
-
- Low: replace_sender/replace_recipient actions in access
- maps, so they can be used in policy servers?
-
- Low: configurable order of local(8) delivery methods.
-
- Med: smtp_connect_timeout_budget (default: 3x smtp_connect_timeout)
- to limit the total time spent trying to connect.
-
- Med: transform IPv4-in-IPv6 address literals to IPv4 form
- when comparing against local IP addresses?
-
- Med: transform IPv4-in-IPv6 address literals to IPv4 form
- when eliminating MX mailer loops?
-
- Med: Postfix requires [] around IPv6 address information
- in match lists such as mynetworks, debug_peer_list etc.,
- but the [] must not be specified in access(5) maps. Other
- places don't care. For now, this gotcha is documented in
- IPV6_README and in postconf(5) with each feature that may
- use IPv6 address information. The general recommendation
- is not to use [] unless absolutely necessary.
-
- Med: the partial address matching of IPv6 addresses in
- access(5) maps is a bit lame: it repeatedly truncates the
- last ":octetpair" from the printable address representation
- until a match is found or until truncation is no longer
- possible. Since one or more ":" are usually omitted from
- the printable IPv6 address representation, this does not
- really try all the possibilities that one might expect to
- be tried. For now, this gotcha is documented in access(5).
-
- Low: reject HELO with any domain name or IP address that
- this MTA is the final destination for.
-
- Low: should the Delivered-To: test in local(8) be configurable?
-
- Low: make mail_addr_find() lookup configurable.
-
- Low: update events.c so that 1-second timer requests do not
- suffer from rounding errors. This is needed for 1-second
- SMTP session caching time limits. A 1-second interval would
- become arbitrarily short when an event is scheduled just
- before the current second rolls over.
-
- Low: configurable internal/system locking method.
-
- Low: add INSTALL section for pre-existing Postfix systems.
-
- Low: add INSTALL section for pre-existing RPM Postfixes.
-
- Low: disallow smtpd_recipient_limit < 100 (the RFC minimum).
-
- Low: noise filter: allow smtp(8) to retry immediately if
- all MXes return a quick ECONNRESET or 4xx reply during the
- initial handshake. Retry once? How many times?
-
- Low: make post-install a "postfix-only script" so it can
- take data from the environment instead of main.cf.
-
- Low: randomize deferred mail backoff.
-
- Med: separate ulimit for delivery to command?
-
- Med: postsuper -r should do something with recipients in
- bounce logfiles, to make sure the sender will be notified.
- To be perfectly safe, no process other than the queue manager
- should move a queue file away from the active queue.
-
- This could involve tagging a queue file, and use up another
- permission bit (postsuper tags a "hot" file, qmgr requeues it).
-
- Low: postsuper re-run after renaming files, but only a
- limited number of times.
-
- Low: smtp-source may block when sending large test messages.
-
- Med: find a way to log the sender address when MAIL FROM
- is rejected due to lack of disk space.
-
- Low: revise other local delivery agent duplicate filters.
-
- Low: all table lookups should consistently use internalized
- (unquoted) or externalized (quoted) forms as lookup keys.
- smtpd, qmgr, local, etc. use unquoted address forms as keys.
- cleanup uses quoted forms.
-
- Low: have a configurable list of errno values for mailbox
- or maildir delivery that result in deferral rather than
- bouncing mail. What about "killed by signal" exits?
-
- Low: after reorganizing configuration parameters, add flags
- to all parameters whose value can be read from file.
-
- Medium: need in-process caching for map lookups. LDAP servers
- seem to need this in particular. Need a way to expire cached
- results that are too old.
-
- Low: generic showq protocol, to allow for more intelligent
- processing than just mailq. Maybe marry this with postsuper.
-
- Low: default domain for appending to unqualified recipients,
- so that unqualified names can be delivered locally.
-
- Low: The $process_id_directory setting is not used anywhere
- in Postfix. Problem reported by Michael Smith, texas.net.
- This should be documented, or better, the code should warn
- about attempts to set read-only parameters.
-
- Low: while converting 8bit text to quoted-printable, perhaps
- use =46rom to avoid having to produce >From when delivering
- to mailbox.
-
- virtual_mailbox_path expression like forward_path, so that
- people can specify prefix and suffix.
# same SMTP MAIL transaction, only the last action
# will be used.
#
-# This feature is not part of the stable Postfix
-# release.
+# This feature is available in Postfix 3.0 and later.
#
# DISCARD optional text...
# Claim successful delivery and silently discard the
<h2> <a name="4">4 - Building on a supported system</a> </h2>
+<p> Postfix development happens on FreeBSD and MacOS X, with regular
+tests on Linux (Fedora, Ubuntu) and Solaris. Support for other
+systems relies on feedback from their users, and may not always be
+up-to-date. </p>
+
+<p> OpenBSD is partially supported. The libc resolver does not
+implement the documented "internal resolver options which are [...]
+set by changing fields in the _res structure" (documented in the
+OpenBSD 5.6 resolver(3) manpage). This results in too many DNS
+queries, and false positives for queries that should fail. </p>
+
+<!--
+
<p> At some point in time, a version of Postfix was supported on: </p>
<blockquote>
<p> or something closely resemblant. </p>
-<h3>4.1 - Getting started</h3>
+-->
+
+<p> Overview of topics: </p>
+
+<ul>
+
+<li><a href="#build_first">4.1 - Getting started</a>
+
+<li><a href="#build_cc">4.2 - What compiler to use</a>
+
+<li><a href="#build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix ≥ 3.0)</a>
+
+<li><a href="#build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix ≥ 3.0)</a>
-<p> On Solaris, the "make" command and other utilities for software
-development are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in
-your command search path. If these files do not exist, install the
-development packages first. See the Solaris FAQ item "<a
-href="http://www.science.uva.nl/pub/solaris/solaris2.html#q6.2">Which
-packages do I need to install to support a C compiler?</a>". </p>
+<li><a href="#build_opt">4.5 - Building with optional features</a>
-<p> If you need to build Postfix for multiple architectures, use the
-"lndir" command to build a shadow tree with symbolic links to the
-source files. "lndir" is part of X11R6. </p>
+<li><a href="#build_over">4.6 - Overriding built-in parameter default
+settings</a>
+
+<li><a href="#build_other">4.7 - Overriding other compile-time
+features</a>
+
+<li><a href="#build_proc">4.8 - Support for thousands of processes</a>
+
+<li><a href="#build_final">4.9 - Compiling Postfix, at last</a>
+
+</ul>
+
+
+<h3><a name="build_first">4.1 - Getting started</a> </h3>
+
+<p> On Solaris, the "make" command and other development utilities
+are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command
+search path. If these files do not exist, you need to install the
+development packages first. </p>
+
+<p> If you need to build Postfix for multiple architectures from a
+single source-code tree, use the "lndir" command to build a shadow
+tree with symbolic links to the source files. </p>
<p> If at any time in the build process you get messages like: "make:
don't know how to ..." you should be able to recover by running
<p> This will get rid of any system dependencies left over from
compiling the software elsewhere. </p>
-<h3>4.2 - What compiler to use</h3>
+<h3><a name="build_cc">4.2 - What compiler to use</a></h3>
<p> To build with GCC, or with the native compiler if people told me
that is better for your system, just cd into the top-level Postfix
</pre>
</blockquote>
-<p> and so on. In some cases, optimization is turned off automatically. </p>
+<p> and so on. In some cases, optimization will be turned off
+automatically. </p>
+
+<h3><a name="build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix ≥ 3.0)</a> </h3>
+
+<p> On some systems Postfix can be built with Position-Independent
+Executables. PIE is used by the ASLR exploit mitigation technique
+(ASLR = Address-Space Layout Randomization): </p>
+
+<blockquote>
+<pre>
+$ make makefiles pie=yes ...other arguments...
+</pre>
+</blockquote>
+
+<p> (Specify "make makefiles pie=no" to explicitly disable Postfix
+position-independent executable support). </p>
-<h3>4.3 - Building with Postfix dynamically-linked libraries and
-database plugins (Postfix ≥ 3.0) </h3>
+<p> Postfix PIE support appears to work on Fedora Core 20, Ubuntu
+14.04, FreeBSD 9 and 10, and NetBSD 6 (all with the default system
+compilers). </p>
+
+<p> Whether the "pie=yes" above has any effect depends on the
+compiler. Some compilers always produce PIE executables, and some
+may even complain that the Postfix build option is redundant. </p>
+
+<h3><a name="build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix ≥ 3.0)</a> </h3>
<p> Postfix dynamically-linked library and database plugin support
exists for recent versions of Linux, FreeBSD and MacOS X.
<ul>
-<li><a href="#shared_enable">4.3.1 Turning on Postfix dynamically-linked
+<li><a href="#shared_enable">4.4.1 Turning on Postfix dynamically-linked
library support</a>
-<li><a href="#dynamicmaps_enable">4.3.2 Turning on Postfix database-plugin
+<li><a href="#dynamicmaps_enable">4.4.2 Turning on Postfix database-plugin
support</a>
-<li><a href="#shared_custom">4.3.3 Customizing Postfix dynamically-linked
+<li><a href="#shared_custom">4.4.3 Customizing Postfix dynamically-linked
libraries and database plugins</a>
<li><a href="#shared_tips">4.4.4 Tips for distribution maintainers</a>
a Postfix-internal API that changes without maintaining compatibility.
</p>
-<h4><a name="shared_enable"> 4.3.1 Turning on Postfix dynamically-linked
+<h4><a name="shared_enable"> 4.4.1 Turning on Postfix dynamically-linked
library support </a></h4>
<p> Postfix can be built with Postfix dynamically-linked libraries
names libpostfix-<i>name</i>.so, where the <i>name</i> is a source-code
directory name such as "util" or "global". </p>
-<p> See section 4.3.3 "Customizing Postfix dynamically-linked
-libraries and database plugins" below for how to customize the
-Postfix dynamically-linked library location, including support to
-upgrade a running mail system safely. </p>
+<p> See section 4.4.3 "<a href="#shared_custom">Customizing Postfix
+dynamically-linked libraries and database plugins</a>" below for
+how to customize the Postfix dynamically-linked library location,
+including support to upgrade a running mail system safely. </p>
-<h4><a name="dynamicmaps_enable"> 4.3.2 Turning on Postfix
+<h4><a name="dynamicmaps_enable"> 4.4.2 Turning on Postfix
database-plugin support </a></h4>
<p> Additionally, Postfix can be built to support dynamic loading
version of Postfix database plugins and the location of the file
dynamicmaps.cf. </p>
-<h4><a name="shared_custom"> 4.3.3 Customizing Postfix dynamically-linked
+<h4><a name="shared_custom"> 4.4.3 Customizing Postfix dynamically-linked
libraries and database plugins </a></h4>
+<h5> Customizing build-time and run-time options for Postfix
+dynamically-linked libraries and database plugins </h5>
+
+<p> The build-time environment variables SHLIB_CFLAGS, SHLIB_RPATH,
+and SHLIB_SUFFIX provide control over how Postfix libraries and
+plugins are compiled, linked, and named.
+
+<blockquote>
+<pre>
+$ make makefiles SHLIB_CFLAGS=flags SHLIB_RPATH=rpath SHLIB_SUFFIX=suffix ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> See section 4.7 "<a href="#build_other">Overriding other
+compile-time features</a>" below for details. </p>
+
<h5> Customizing the location of Postfix dynamically-linked libraries
and database plugins </h5>
</ul>
-<h3>4.4 - Building with optional features</h3>
+<h3><a name="build_opt">4.5 - Building with optional features</a></h3>
By default, Postfix builds as a mail system with relatively few
bells and whistles. Support for third-party databases etc.
systems that have IPv6 support. See the <a href="IPV6_README.html">IPV6_README</a> file for details.
</p>
-<h3>4.5 - Overriding built-in parameter default settings</h3>
+<h3><a name="build_over">4.6 - Overriding built-in parameter default
+settings</a></h3>
-<h4>4.5.1 - Postfix 3.0 and later </h4>
+<h4>4.6.1 - Postfix 3.0 and later </h4>
<p> All Postfix configuration parameters can be changed by editing
a Postfix configuration file, except for one: the parameter that
</blockquote>
-<h4>4.5.2 - All Postfix versions </h4>
+<h4>4.6.2 - All Postfix versions </h4>
<p> All Postfix configuration parameters can be changed by editing
a Postfix configuration file, except for one: the parameter that
<p> Note: the <a href="postconf.5.html#data_directory">data_directory</a> parameter (for caches and pseudo-random
numbers) was introduced with Postfix version 2.5. </p>
-<h3>4.6 - Overriding other compile-time features</h3>
+<h3><a name="build_other">4.7 - Overriding other compile-time
+features</a></h3>
<p> The general method to override Postfix compile-time features
is as follows: </p>
DB support. By default, Berkeley DB support is compiled in on
platforms that are known to support this feature. If you override
this, then you probably should also override DEF_DB_TYPE as described
-in section 4.5. </td> </tr>
+in section 4.6. </td> </tr>
<tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with
Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt>
they are known to be available. </td> </tr>
<tr> <td colspan="2"> DEBUG=debug_level </td> <td> Specifies a
-non-default compiler debugging level. The default is <tt>-g</tt>.
+non-default compiler debugging level. The default is "<tt>-g</tt>".
Specify DEBUG= to turn off debugging. </td> </tr>
<tr> <td colspan="2"> OPT=optimization_level </td> <td> Specifies
-a non-default optimization level. The default is -O. Specify OPT=
-to turn off optimization. </td> </tr>
+a non-default optimization level. The default is "<tt>-O</tt>".
+Specify OPT= to turn off optimization. </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_CFLAGS=flags </td> <td> Specifies
+non-default compiler options for building Postfix dynamically-linked
+libraries and database plugins. The typical default is "-fPIC".
+</td> </tr>
+
+<tr> <td colspan="2"> SHLIB_RPATH=rpath </td> <td> Specifies
+a non-default runpath for Postfix dynamically-linked libraries. The
+typical default is "'-Wl,-rpath,${SHLIB_DIR}'". </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_SUFFIX=suffix </td> <td> Specifies
+a non-default suffix for Postfix dynamically-linked libraries and
+database plugins. The typical default is "<tt>.so</tt>". </td>
+</tr>
<tr> <td colspan="2"> WARN="warning_flags..." </td> <td> Specifies
-non-default <tt>gcc</tt> compiler warning options for use when
-"<tt>make</tt>" is invoked in a source subdirectory only. </td>
+non-default compiler warning options for use when "<tt>make</tt>"
+is invoked in a source subdirectory only. </td>
</tr>
</table>
-<h3>4.7 - Support for thousands of processes</h3>
+<h3><a name="build_proc">4.8 - Support for thousands of processes</a></h3>
<p> The number of connections that Postfix can manage simultaneously
is limited by the number of processes that it can run. This number
See the <a href="TUNING_README.html">TUNING_README</a> guide for examples of how to increase the
number of open sockets or files. </p>
-<h3>4.8 - Compiling Postfix, at last</h3>
+<h3><a name="build_final">4.9 - Compiling Postfix, at last</a></h3>
<p> If the command </p>
<blockquote>
<pre>
-$ <b>make makefiles CCARGS=-DNO_EAI ...</b>
+$ <b>make makefiles CCARGS="-DNO_EAI ..."</b>
</pre>
</blockquote>
If multiple BCC actions are specified within the same SMTP MAIL
transaction, only the last action will be used.
- This feature is not part of the stable Postfix release.
+ This feature is available in Postfix 3.0 and later.
<b>DISCARD</b> <i>optional text...</i>
Claim successful delivery and silently discard the message. Log
<DT><b><a name="shlib_directory">shlib_directory</a>
(default: see 'postconf -d' output)</b></DT><DD>
-<p> The location of Postfix shared libraries (libpostfix-*.so),
-and the default location of Postfix database plugins (libpostfix-*.so)
-that have a relative pathname in the dynamicmaps.cf file. The
-<a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter defaults to "no" when Postfix shared
-libraries and database plugins are disabled at compile time, otherwise
-it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
-</p>
+<p> The location of Postfix dynamically-linked libraries
+(libpostfix-*.so), and the default location of Postfix database
+plugins (postfix-*.so) that have a relative pathname in the
+dynamicmaps.cf file. The <a href="postconf.5.html#shlib_directory">shlib_directory</a> parameter defaults to
+"no" when Postfix dynamically-linked libraries and database plugins
+are disabled at compile time, otherwise it typically defaults to
+/usr/lib/postfix or /usr/local/lib/postfix. </p>
<p> Notes: </p>
<ul>
<li> <p> The directory specified with <a href="postconf.5.html#shlib_directory">shlib_directory</a> should contain
-only Postfix-related files. Postfix shared libraries and database
-plugins should not be installed in a "public" system directory such
-as /usr/lib or /usr/local/lib. Linking Postfix shared-library files
-or database plugins into non-Postfix programs is not supported.
-Postfix shared libraries and database plugins implement a
-Postfix-internal API that changes without maintaining compatibility.
-</p>
+only Postfix-related files. Postfix dynamically-linked libraries
+and database plugins should not be installed in a "public" system
+directory such as /usr/lib or /usr/local/lib. Linking Postfix
+dynamically-linked library files or database plugins into non-Postfix
+programs is not supported. Postfix dynamically-linked libraries
+and database plugins implement a Postfix-internal API that changes
+without maintaining compatibility. </p>
<li> <p> You can change the <a href="postconf.5.html#shlib_directory">shlib_directory</a> value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
ter.cf</a>.proto.
<b><a href="postconf.5.html#shlib_directory">shlib_directory</a> (see 'postconf -d' output)</b>
- The location of Postfix shared libraries (libpostfix-*.so), and
- the default location of Postfix database plugins (libpost-
- fix-*.so) that have a relative pathname in the dynamicmaps.cf
- file.
+ The location of Postfix dynamically-linked libraries (libpost-
+ fix-*.so), and the default location of Postfix database plugins
+ (postfix-*.so) that have a relative pathname in the dynam-
+ icmaps.cf file.
Other configuration parameters:
ter.cf</a>.proto.
<b><a href="postconf.5.html#shlib_directory">shlib_directory</a> (see 'postconf -d' output)</b>
- The location of Postfix shared libraries (libpostfix-*.so), and
- the default location of Postfix database plugins (libpost-
- fix-*.so) that have a relative pathname in the dynamicmaps.cf
- file.
+ The location of Postfix dynamically-linked libraries (libpost-
+ fix-*.so), and the default location of Postfix database plugins
+ (postfix-*.so) that have a relative pathname in the dynam-
+ icmaps.cf file.
<b>FILES</b>
$<a href="postconf.5.html#meta_directory">meta_directory</a>/<a href="postconf.5.html">main.cf</a>.proto, stock configuration file
The hostname lookup methods used for the connection. See the
documentation of <a href="postconf.5.html#smtp_host_lookup">smtp_host_lookup</a> for syntax and semantics.
+ <b>-k</b> <i>certfile</i> (default: <i>keyfile</i>)
+ File with PEM-encoded TLS client certificate chain. This
+ defaults to <i>keyfile</i> if one is specified.
+
+ <b>-K</b> <i>keyfile</i> (default: <i>certfile</i>)
+ File with PEM-encoded TLS client private key. This defaults to
+ <i>certfile</i> if one is specified.
+
<b>-l</b> <i>level</i> (default: <b>dane</b> or <b>secure</b>)
The security level for the connection, default <b>dane</b> or <b>secure</b>
depending on whether DNSSEC is available. For syntax and seman-
# .IP \fBOPT=\fIoptimization_level\fR
# Specifies a non-default optimization level. The default is \fB-O\fR.
# Specify \fBOPT=\fR to turn off optimization.
+# .IP \fBSHLIB_CFLAGS=\fIflags\fR
+# Override the compiler flags (typically, "-fPIC") for Postfix
+# dynamically-linked libraries and database plugins.
+#
+# This feature was introduced with Postfix 3.0.
+# .IP \fBSHLIB_RPATH=\fIrpath\fR
+# Override the runpath (typically, "'-Wl,-rpath,${SHLIB_DIR}'")
+# for Postfix dynamically-linked libraries.
+#
+# This feature was introduced with Postfix 3.0.
+# .IP \fBSHLIB_SUFFIX=\fIsuffix\fR
+# Override the filename suffix (typically, ".so") for Postfix
+# dynamically-linked libraries and database plugins.
+#
+# This feature was introduced with Postfix 3.0.
# .IP \fBshared=yes\fR
# .IP \fBshared=no\fR
-# Enable (disable) Postfix builds with shared libraries
-# typically named $shlib_directory/libpostfix-*.so.*.
+# Enable (disable) Postfix builds with dynamically-linked
+# libraries typically named $shlib_directory/libpostfix-*.so.*.
#
# This feature was introduced with Postfix 3.0.
# .IP \fBdynamicmaps=yes\fR
# Enable (disable) Postfix builds with the configuration file
# $meta_directory/dynamicmaps.cf and dynamically-loadable
# database plugins typically named postfix-*.so.*. The setting
-# "dynamicmaps=yes" implicitly enables Postfix shared libraries.
+# "dynamicmaps=yes" implicitly enables Postfix dynamically-linked
+# libraries.
+#
+# This feature was introduced with Postfix 3.0.
+# .IP \fBpie=yes\fR
+# .IP \fBpie=no\fR
+#
+# Enable (disable) Postfix builds with position-independent
+# executables, on platforms where this is supported.
#
# This feature was introduced with Postfix 3.0.
# .IP \fIinstallation_parameter\fB=\fIvalue\fR...
echo "# CCARGS=$CCARGS"
echo "# AUXLIBS=$AUXLIBS"
env | grep '^AUXLIBS_' | sed 's/^/# /'
+echo "# shared=$shared"
echo "# dynamicmaps=$dynamicmaps"
+echo "# pie=$pie"
# Defaults for most sane systems
esac
# Snapshot only.
-CCARGS="$CCARGS -DSNAPSHOT"
+#CCARGS="$CCARGS -DSNAPSHOT"
# Non-production: needs thorough testing, or major changes are still
# needed before the code stabilizes.
_AR=$AR
_RANLIB=$RANLIB
-# Choose between shared and non-shared library builds.
+# Choose between dynamic and static library builds.
case "$dynamicmaps" in
yes) shared=yes;;
;;
esac
- # Determine the shared-library and plugin installation directory.
+ # Determine the dynamically-linked library and plugin installation
+ # directory.
parm_name=shlib_directory
eval parm_val=\"\$$parm_name\"
'`
esac
+# Choose between PIE and non-PIE builds.
+
+case "$pie" in
+ yes) case "$shared" in
+ yes) CCARGS_PIE="-fPIC";;
+ *) CCARGS_PIE="-fPIE";;
+ esac
+ case " $CCARGS " in
+ *" $CCARGS_PIE "*) CCARGS_PIE=;;
+ esac
+ SYSLIBS_PIE="-pie";;
+""|no) ;;
+ *) error "Specify \"pie=yes\" or \"pie=no\"";;
+esac
+
# Finally...
sed 's/ */ /g' <<EOF
_AR = $_AR
ARFL = $ARFL
_RANLIB = $_RANLIB
-SYSLIBS = $AUXLIBS $SYSLIBS $PLUGIN_AUXLIBS
-CC = $CC $CCARGS \$(WARN)
+SYSLIBS = $SYSLIBS_PIE $AUXLIBS $SYSLIBS $PLUGIN_AUXLIBS
+CC = $CC $CCARGS_PIE $CCARGS \$(WARN)
OPT = $OPT
DEBUG = $DEBUG
AWK = $AWK
WARN = $WARN
DEFINED_MAP_TYPES = $DEFINED_MAP_TYPES
MAKE_FIX = $MAKE_FIX
-# Switch between Postfix static and shared libraries.
+# Switch between Postfix static and dynamically-linked libraries.
AR = $AR
RANLIB = $RANLIB
LIB_PREFIX = $LIB_PREFIX
multiple Postfix instances, such as postfix\-files, dynamicmaps.cf,
and the multi\-instance template files main.cf.proto and master.cf.proto.
.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
-The location of Postfix shared libraries (libpostfix\-*.so),
-and the default location of Postfix database plugins (libpostfix\-*.so)
-that have a relative pathname in the dynamicmaps.cf file.
+The location of Postfix dynamically\-linked libraries
+(libpostfix\-*.so), and the default location of Postfix database
+plugins (postfix\-*.so) that have a relative pathname in the
+dynamicmaps.cf file.
.PP
Other configuration parameters:
.IP "\fBimport_environment (see 'postconf -d' output)\fR"
multiple Postfix instances, such as postfix\-files, dynamicmaps.cf,
and the multi\-instance template files main.cf.proto and master.cf.proto.
.IP "\fBshlib_directory (see 'postconf -d' output)\fR"
-The location of Postfix shared libraries (libpostfix\-*.so),
-and the default location of Postfix database plugins (libpostfix\-*.so)
-that have a relative pathname in the dynamicmaps.cf file.
+The location of Postfix dynamically\-linked libraries
+(libpostfix\-*.so), and the default location of Postfix database
+plugins (postfix\-*.so) that have a relative pathname in the
+dynamicmaps.cf file.
.SH "FILES"
.na
.nf
.IP "\fB\-h \fIhost_lookup\fR (default: \fBdns\fR)"
The hostname lookup methods used for the connection. See the
documentation of smtp_host_lookup for syntax and semantics.
+.IP "\fB\-k \fIcertfile\fR (default: \fIkeyfile\fR)\fR"
+File with PEM\-encoded TLS client certificate chain. This
+defaults to \fIkeyfile\fR if one is specified.
+.IP "\fB\-K \fIkeyfile\fR (default: \fIcertfile\fR)"
+File with PEM\-encoded TLS client private key.
+This defaults to \fIcertfile\fR if one is specified.
.IP "\fB\-l \fIlevel\fR (default: \fBdane\fR or \fBsecure\fR)"
The security level for the connection, default \fBdane\fR or
\fBsecure\fR depending on whether DNSSEC is available. For syntax
If multiple BCC actions are specified within the same SMTP
MAIL transaction, only the last action will be used.
.sp
-This feature is not part of the stable Postfix release.
+This feature is available in Postfix 3.0 and later.
.IP "\fBDISCARD \fIoptional text...\fR
Claim successful delivery and silently discard the message.
Log the optional text if specified, otherwise log a generic
to re\-run "\fBpostfix set\-permissions\fR" (with Postfix version 2.0 and
earlier: "\fB/etc/postfix/post\-install set\-permissions\fR".
.SH shlib_directory (default: see 'postconf \-d' output)
-The location of Postfix shared libraries (libpostfix\-*.so),
-and the default location of Postfix database plugins (libpostfix\-*.so)
-that have a relative pathname in the dynamicmaps.cf file. The
-shlib_directory parameter defaults to "no" when Postfix shared
-libraries and database plugins are disabled at compile time, otherwise
-it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
+The location of Postfix dynamically\-linked libraries
+(libpostfix\-*.so), and the default location of Postfix database
+plugins (postfix\-*.so) that have a relative pathname in the
+dynamicmaps.cf file. The shlib_directory parameter defaults to
+"no" when Postfix dynamically\-linked libraries and database plugins
+are disabled at compile time, otherwise it typically defaults to
+/usr/lib/postfix or /usr/local/lib/postfix.
.PP
Notes:
.IP \(bu
The directory specified with shlib_directory should contain
-only Postfix\-related files. Postfix shared libraries and database
-plugins should not be installed in a "public" system directory such
-as /usr/lib or /usr/local/lib. Linking Postfix shared\-library files
-or database plugins into non\-Postfix programs is not supported.
-Postfix shared libraries and database plugins implement a
-Postfix\-internal API that changes without maintaining compatibility.
+only Postfix\-related files. Postfix dynamically\-linked libraries
+and database plugins should not be installed in a "public" system
+directory such as /usr/lib or /usr/local/lib. Linking Postfix
+dynamically\-linked library files or database plugins into non\-Postfix
+programs is not supported. Postfix dynamically\-linked libraries
+and database plugins implement a Postfix\-internal API that changes
+without maintaining compatibility.
.IP \(bu
You can change the shlib_directory value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
<h2> <a name="4">4 - Building on a supported system</a> </h2>
+<p> Postfix development happens on FreeBSD and MacOS X, with regular
+tests on Linux (Fedora, Ubuntu) and Solaris. Support for other
+systems relies on feedback from their users, and may not always be
+up-to-date. </p>
+
+<p> OpenBSD is partially supported. The libc resolver does not
+implement the documented "internal resolver options which are [...]
+set by changing fields in the _res structure" (documented in the
+OpenBSD 5.6 resolver(3) manpage). This results in too many DNS
+queries, and false positives for queries that should fail. </p>
+
+<!--
+
<p> At some point in time, a version of Postfix was supported on: </p>
<blockquote>
<p> or something closely resemblant. </p>
-<h3>4.1 - Getting started</h3>
+-->
+
+<p> Overview of topics: </p>
+
+<ul>
+
+<li><a href="#build_first">4.1 - Getting started</a>
+
+<li><a href="#build_cc">4.2 - What compiler to use</a>
+
+<li><a href="#build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix ≥ 3.0)</a>
+
+<li><a href="#build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix ≥ 3.0)</a>
-<p> On Solaris, the "make" command and other utilities for software
-development are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in
-your command search path. If these files do not exist, install the
-development packages first. See the Solaris FAQ item "<a
-href="http://www.science.uva.nl/pub/solaris/solaris2.html#q6.2">Which
-packages do I need to install to support a C compiler?</a>". </p>
+<li><a href="#build_opt">4.5 - Building with optional features</a>
-<p> If you need to build Postfix for multiple architectures, use the
-"lndir" command to build a shadow tree with symbolic links to the
-source files. "lndir" is part of X11R6. </p>
+<li><a href="#build_over">4.6 - Overriding built-in parameter default
+settings</a>
+
+<li><a href="#build_other">4.7 - Overriding other compile-time
+features</a>
+
+<li><a href="#build_proc">4.8 - Support for thousands of processes</a>
+
+<li><a href="#build_final">4.9 - Compiling Postfix, at last</a>
+
+</ul>
+
+
+<h3><a name="build_first">4.1 - Getting started</a> </h3>
+
+<p> On Solaris, the "make" command and other development utilities
+are in /usr/ccs/bin, so you MUST have /usr/ccs/bin in your command
+search path. If these files do not exist, you need to install the
+development packages first. </p>
+
+<p> If you need to build Postfix for multiple architectures from a
+single source-code tree, use the "lndir" command to build a shadow
+tree with symbolic links to the source files. </p>
<p> If at any time in the build process you get messages like: "make:
don't know how to ..." you should be able to recover by running
<p> This will get rid of any system dependencies left over from
compiling the software elsewhere. </p>
-<h3>4.2 - What compiler to use</h3>
+<h3><a name="build_cc">4.2 - What compiler to use</a></h3>
<p> To build with GCC, or with the native compiler if people told me
that is better for your system, just cd into the top-level Postfix
</pre>
</blockquote>
-<p> and so on. In some cases, optimization is turned off automatically. </p>
+<p> and so on. In some cases, optimization will be turned off
+automatically. </p>
+
+<h3><a name="build_pie">4.3 - Building with Postfix position-independent
+executables (Postfix ≥ 3.0)</a> </h3>
+
+<p> On some systems Postfix can be built with Position-Independent
+Executables. PIE is used by the ASLR exploit mitigation technique
+(ASLR = Address-Space Layout Randomization): </p>
+
+<blockquote>
+<pre>
+$ make makefiles pie=yes ...other arguments...
+</pre>
+</blockquote>
+
+<p> (Specify "make makefiles pie=no" to explicitly disable Postfix
+position-independent executable support). </p>
-<h3>4.3 - Building with Postfix dynamically-linked libraries and
-database plugins (Postfix ≥ 3.0) </h3>
+<p> Postfix PIE support appears to work on Fedora Core 20, Ubuntu
+14.04, FreeBSD 9 and 10, and NetBSD 6 (all with the default system
+compilers). </p>
+
+<p> Whether the "pie=yes" above has any effect depends on the
+compiler. Some compilers always produce PIE executables, and some
+may even complain that the Postfix build option is redundant. </p>
+
+<h3><a name="build_dll">4.4 - Building with Postfix dynamically-linked
+libraries and database plugins (Postfix ≥ 3.0)</a> </h3>
<p> Postfix dynamically-linked library and database plugin support
exists for recent versions of Linux, FreeBSD and MacOS X.
<ul>
-<li><a href="#shared_enable">4.3.1 Turning on Postfix dynamically-linked
+<li><a href="#shared_enable">4.4.1 Turning on Postfix dynamically-linked
library support</a>
-<li><a href="#dynamicmaps_enable">4.3.2 Turning on Postfix database-plugin
+<li><a href="#dynamicmaps_enable">4.4.2 Turning on Postfix database-plugin
support</a>
-<li><a href="#shared_custom">4.3.3 Customizing Postfix dynamically-linked
+<li><a href="#shared_custom">4.4.3 Customizing Postfix dynamically-linked
libraries and database plugins</a>
<li><a href="#shared_tips">4.4.4 Tips for distribution maintainers</a>
a Postfix-internal API that changes without maintaining compatibility.
</p>
-<h4><a name="shared_enable"> 4.3.1 Turning on Postfix dynamically-linked
+<h4><a name="shared_enable"> 4.4.1 Turning on Postfix dynamically-linked
library support </a></h4>
<p> Postfix can be built with Postfix dynamically-linked libraries
names libpostfix-<i>name</i>.so, where the <i>name</i> is a source-code
directory name such as "util" or "global". </p>
-<p> See section 4.3.3 "Customizing Postfix dynamically-linked
-libraries and database plugins" below for how to customize the
-Postfix dynamically-linked library location, including support to
-upgrade a running mail system safely. </p>
+<p> See section 4.4.3 "<a href="#shared_custom">Customizing Postfix
+dynamically-linked libraries and database plugins</a>" below for
+how to customize the Postfix dynamically-linked library location,
+including support to upgrade a running mail system safely. </p>
-<h4><a name="dynamicmaps_enable"> 4.3.2 Turning on Postfix
+<h4><a name="dynamicmaps_enable"> 4.4.2 Turning on Postfix
database-plugin support </a></h4>
<p> Additionally, Postfix can be built to support dynamic loading
version of Postfix database plugins and the location of the file
dynamicmaps.cf. </p>
-<h4><a name="shared_custom"> 4.3.3 Customizing Postfix dynamically-linked
+<h4><a name="shared_custom"> 4.4.3 Customizing Postfix dynamically-linked
libraries and database plugins </a></h4>
+<h5> Customizing build-time and run-time options for Postfix
+dynamically-linked libraries and database plugins </h5>
+
+<p> The build-time environment variables SHLIB_CFLAGS, SHLIB_RPATH,
+and SHLIB_SUFFIX provide control over how Postfix libraries and
+plugins are compiled, linked, and named.
+
+<blockquote>
+<pre>
+$ make makefiles SHLIB_CFLAGS=flags SHLIB_RPATH=rpath SHLIB_SUFFIX=suffix ...other arguments...
+$ make
+</pre>
+</blockquote>
+
+<p> See section 4.7 "<a href="#build_other">Overriding other
+compile-time features</a>" below for details. </p>
+
<h5> Customizing the location of Postfix dynamically-linked libraries
and database plugins </h5>
</ul>
-<h3>4.4 - Building with optional features</h3>
+<h3><a name="build_opt">4.5 - Building with optional features</a></h3>
By default, Postfix builds as a mail system with relatively few
bells and whistles. Support for third-party databases etc.
systems that have IPv6 support. See the IPV6_README file for details.
</p>
-<h3>4.5 - Overriding built-in parameter default settings</h3>
+<h3><a name="build_over">4.6 - Overriding built-in parameter default
+settings</a></h3>
-<h4>4.5.1 - Postfix 3.0 and later </h4>
+<h4>4.6.1 - Postfix 3.0 and later </h4>
<p> All Postfix configuration parameters can be changed by editing
a Postfix configuration file, except for one: the parameter that
</blockquote>
-<h4>4.5.2 - All Postfix versions </h4>
+<h4>4.6.2 - All Postfix versions </h4>
<p> All Postfix configuration parameters can be changed by editing
a Postfix configuration file, except for one: the parameter that
<p> Note: the data_directory parameter (for caches and pseudo-random
numbers) was introduced with Postfix version 2.5. </p>
-<h3>4.6 - Overriding other compile-time features</h3>
+<h3><a name="build_other">4.7 - Overriding other compile-time
+features</a></h3>
<p> The general method to override Postfix compile-time features
is as follows: </p>
DB support. By default, Berkeley DB support is compiled in on
platforms that are known to support this feature. If you override
this, then you probably should also override DEF_DB_TYPE as described
-in section 4.5. </td> </tr>
+in section 4.6. </td> </tr>
<tr> <td> </td> <td> -DNO_DEVPOLL </td> <td> Do not build with
Solaris <tt>/dev/poll</tt> support. By default, <tt>/dev/poll</tt>
they are known to be available. </td> </tr>
<tr> <td colspan="2"> DEBUG=debug_level </td> <td> Specifies a
-non-default compiler debugging level. The default is <tt>-g</tt>.
+non-default compiler debugging level. The default is "<tt>-g</tt>".
Specify DEBUG= to turn off debugging. </td> </tr>
<tr> <td colspan="2"> OPT=optimization_level </td> <td> Specifies
-a non-default optimization level. The default is -O. Specify OPT=
-to turn off optimization. </td> </tr>
+a non-default optimization level. The default is "<tt>-O</tt>".
+Specify OPT= to turn off optimization. </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_CFLAGS=flags </td> <td> Specifies
+non-default compiler options for building Postfix dynamically-linked
+libraries and database plugins. The typical default is "-fPIC".
+</td> </tr>
+
+<tr> <td colspan="2"> SHLIB_RPATH=rpath </td> <td> Specifies
+a non-default runpath for Postfix dynamically-linked libraries. The
+typical default is "'-Wl,-rpath,${SHLIB_DIR}'". </td> </tr>
+
+<tr> <td colspan="2"> SHLIB_SUFFIX=suffix </td> <td> Specifies
+a non-default suffix for Postfix dynamically-linked libraries and
+database plugins. The typical default is "<tt>.so</tt>". </td>
+</tr>
<tr> <td colspan="2"> WARN="warning_flags..." </td> <td> Specifies
-non-default <tt>gcc</tt> compiler warning options for use when
-"<tt>make</tt>" is invoked in a source subdirectory only. </td>
+non-default compiler warning options for use when "<tt>make</tt>"
+is invoked in a source subdirectory only. </td>
</tr>
</table>
-<h3>4.7 - Support for thousands of processes</h3>
+<h3><a name="build_proc">4.8 - Support for thousands of processes</a></h3>
<p> The number of connections that Postfix can manage simultaneously
is limited by the number of processes that it can run. This number
See the TUNING_README guide for examples of how to increase the
number of open sockets or files. </p>
-<h3>4.8 - Compiling Postfix, at last</h3>
+<h3><a name="build_final">4.9 - Compiling Postfix, at last</a></h3>
<p> If the command </p>
<blockquote>
<pre>
-$ <b>make makefiles CCARGS=-DNO_EAI ...</b>
+$ <b>make makefiles CCARGS="-DNO_EAI ..."</b>
</pre>
</blockquote>
# If multiple BCC actions are specified within the same SMTP
# MAIL transaction, only the last action will be used.
# .sp
-# This feature is not part of the stable Postfix release.
+# This feature is available in Postfix 3.0 and later.
# \" .IP "\fBDELAY \fItime\fR"
# \" Place the message into the deferred queue, and delay the
# \" initial delivery attempt by \fItime\fR. The time value may
%PARAM shlib_directory see 'postconf -d' output
-<p> The location of Postfix shared libraries (libpostfix-*.so),
-and the default location of Postfix database plugins (libpostfix-*.so)
-that have a relative pathname in the dynamicmaps.cf file. The
-shlib_directory parameter defaults to "no" when Postfix shared
-libraries and database plugins are disabled at compile time, otherwise
-it typically defaults to /usr/lib/postfix or /usr/local/lib/postfix.
-</p>
+<p> The location of Postfix dynamically-linked libraries
+(libpostfix-*.so), and the default location of Postfix database
+plugins (postfix-*.so) that have a relative pathname in the
+dynamicmaps.cf file. The shlib_directory parameter defaults to
+"no" when Postfix dynamically-linked libraries and database plugins
+are disabled at compile time, otherwise it typically defaults to
+/usr/lib/postfix or /usr/local/lib/postfix. </p>
<p> Notes: </p>
<ul>
<li> <p> The directory specified with shlib_directory should contain
-only Postfix-related files. Postfix shared libraries and database
-plugins should not be installed in a "public" system directory such
-as /usr/lib or /usr/local/lib. Linking Postfix shared-library files
-or database plugins into non-Postfix programs is not supported.
-Postfix shared libraries and database plugins implement a
-Postfix-internal API that changes without maintaining compatibility.
-</p>
+only Postfix-related files. Postfix dynamically-linked libraries
+and database plugins should not be installed in a "public" system
+directory such as /usr/lib or /usr/local/lib. Linking Postfix
+dynamically-linked library files or database plugins into non-Postfix
+programs is not supported. Postfix dynamically-linked libraries
+and database plugins implement a Postfix-internal API that changes
+without maintaining compatibility. </p>
<li> <p> You can change the shlib_directory value after Postfix is
built. However, you may have to run ldconfig or equivalent to prevent
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20150201"
-#define MAIL_VERSION_NUMBER "3.0-RC1"
+#define MAIL_RELEASE_DATE "20150208"
+#define MAIL_VERSION_NUMBER "3.0.0"
#ifdef SNAPSHOT
#define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
/* multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
/* and the multi-instance template files main.cf.proto and master.cf.proto.
/* .IP "\fBshlib_directory (see 'postconf -d' output)\fR"
-/* The location of Postfix shared libraries (libpostfix-*.so),
-/* and the default location of Postfix database plugins (libpostfix-*.so)
-/* that have a relative pathname in the dynamicmaps.cf file.
+/* The location of Postfix dynamically-linked libraries
+/* (libpostfix-*.so), and the default location of Postfix database
+/* plugins (postfix-*.so) that have a relative pathname in the
+/* dynamicmaps.cf file.
/* .PP
/* Other configuration parameters:
/* .IP "\fBimport_environment (see 'postconf -d' output)\fR"
/* multiple Postfix instances, such as postfix-files, dynamicmaps.cf,
/* and the multi-instance template files main.cf.proto and master.cf.proto.
/* .IP "\fBshlib_directory (see 'postconf -d' output)\fR"
-/* The location of Postfix shared libraries (libpostfix-*.so),
-/* and the default location of Postfix database plugins (libpostfix-*.so)
-/* that have a relative pathname in the dynamicmaps.cf file.
+/* The location of Postfix dynamically-linked libraries
+/* (libpostfix-*.so), and the default location of Postfix database
+/* plugins (postfix-*.so) that have a relative pathname in the
+/* dynamicmaps.cf file.
/* FILES
/* $meta_directory/main.cf.proto, stock configuration file
/* $meta_directory/master.cf.proto, stock configuration file
/* .IP "\fB-h \fIhost_lookup\fR (default: \fBdns\fR)"
/* The hostname lookup methods used for the connection. See the
/* documentation of smtp_host_lookup for syntax and semantics.
-/* .IP "\fB-k \fIcertfile\fR (default: none)\fR)"
-/* File with PEM-encoded TLS client certificate chain.
-/* .IP "\fB-K \fIkeyfile\fR (default: \fIcertfile\fR)\fR)"
-/* File with corresponding PEM-encoded TLS client private key,
-/* by default same as \fIcertfile\fR if one is specified.
+/* .IP "\fB-k \fIcertfile\fR (default: \fIkeyfile\fR)\fR"
+/* File with PEM-encoded TLS client certificate chain. This
+/* defaults to \fIkeyfile\fR if one is specified.
+/* .IP "\fB-K \fIkeyfile\fR (default: \fIcertfile\fR)"
+/* File with PEM-encoded TLS client private key.
+/* This defaults to \fIcertfile\fR if one is specified.
/* .IP "\fB-l \fIlevel\fR (default: \fBdane\fR or \fBsecure\fR)"
/* The security level for the connection, default \fBdane\fR or
/* \fBsecure\fR depending on whether DNSSEC is available. For syntax
* BCC means deliver to designated recipient. But we may still change our
* mind, and reject/discard the message for other reasons.
*/
-#ifdef SNAPSHOT
if (STREQUAL(value, "BCC", cmd_len)) {
#ifndef TEST
if (can_delegate_action(state, table, "BCC", reply_class) == 0)
return (SMTPD_CHECK_DUNNO);
}
}
-#endif
/*
* DEFER_IF_PERMIT changes "permit" into "maybe". Use optional text or
int idlen;
int domlen;
+ /*
+ * XXX EAI support.
+ */
+
/*
* Match the certid against each pattern until we find a match.
*/
#define ATTR_HASH_LIMIT 1024 /* Size of hash table */
+ /*
+ * Typechecking support for variadic function arguments. See check_arg(3h)
+ * for documentation.
+ */
#define SEND_ATTR_INT(name, val) ATTR_TYPE_INT, CHECK_CPTR(ATTR, char, (name)), CHECK_VAL(ATTR, int, (val))
#define SEND_ATTR_STR(name, val) ATTR_TYPE_STR, CHECK_CPTR(ATTR, char, (name)), CHECK_CPTR(ATTR, char, (val))
#define SEND_ATTR_HASH(val) ATTR_TYPE_HASH, CHECK_CPTR(ATTR, HTABLE, (val))
} DICT_UTF8_BACKUP;
extern DICT *dict_utf8_activate(DICT *);
-extern char *dict_utf8_check_fold(DICT *, const char *, CONST_CHAR_STAR *);
-extern int dict_utf8_check(const char *, CONST_CHAR_STAR *);
/*
* Driver for interactive or scripted tests.
/*
/* DICT *dict_utf8_activate(
/* DICT *dict)
-/* AUXILIARY FUNCTIONS
-/* char *dict_utf8_check_fold(
-/* DICT *dict,
-/* const char *string,
-/* CONST_CHAR_STAR *err,
-/* int fold_flag)
-/*
-/* int dict_utf8_check(
-/* const char *string,
-/* CONST_CHAR_STAR *err)
/* DESCRIPTION
/* dict_utf8_activate() wraps a dictionary's lookup/update/delete
/* methods with code that enforces UTF-8 checks on keys and
/* skipped while reporting a non-error status, and lookup
/* results that contain a non-UTF-8 value are blocked while
/* reporting a configuration error.
-/*
-/* The dict_utf8_check* functions may be invoked to perform
-/* UTF-8 validity checks when util_utf8_enable is non-zero.
-/*
-/* dict_utf8_check_fold() optionally folds a string, and checks
-/* it for UTF-8 validity. The result is the possibly-folded
-/* string, or a null pointer in case of error.
-/*
-/* dict_utf8_check() checks a string for UTF-8 validity. The
-/* result is zero in case of error.
/* BUGS
/* dict_utf8_activate() does not nest.
/* LICENSE
/* dict_utf8_check_fold - casefold or validate string */
-char *dict_utf8_check_fold(DICT *dict, const char *string,
- CONST_CHAR_STAR *err)
+static char *dict_utf8_check_fold(DICT *dict, const char *string,
+ CONST_CHAR_STAR *err)
{
int fold_flag = (dict->flags & DICT_FLAG_FOLD_ANY);
/* dict_utf8_check validate UTF-8 string */
-int dict_utf8_check(const char *string, CONST_CHAR_STAR *err)
+static int dict_utf8_check(const char *string, CONST_CHAR_STAR *err)
{
if (!allascii(string) && valid_utf8_string(string, strlen(string)) == 0) {
if (err)
projects / thirdparty / postfix.git / commitdiff
