Cleanup (DANE support): be more explicit in the logging of
object digests. Viktor Dukhovni. tls/tls_dane.c.
+
+20100613
+
+ Workaround: unhelpful down-stream maintainers fail to install
+ the new smtpd_relay_restrictions safety net, causing things
+ to break. We hard-code the safety net instead. Files:
+ global/mail_params.h, conf/post-install, RELEASE_NOTES_2.10.
+
+ Bugfix (DANE support): when TLSA records are insecure,
+ report that none are found. Viktor Dukhovni. Files:
+ posttls-finger/posttls-finger.c, smtp/smtp_tls_policy.c,
+ tls/tls_dane.c.
+
Major changes - relay safety
----------------------------
-[Incompat 20121007] As part of a forward compatibility safety net,
-the Postfix installation procedure adds the following
-smtpd_relay_restrictions entry to main.cf when there is none:
+[Incompat 20130613] New smtpd_relay_restrictions parameter built-in
+default settings:
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination
+This safety net prevents open relay problems due to mistakes
+with spam filter rules in smtpd_recipient_restrictions.
+
If your site has a complex mail relay policy configured under
-smtpd_recipient_restrictions, this safety net will defer mail that
-the built-in smtpd_relay_restrictions setting would bounce.
+smtpd_recipient_restrictions, this safety net may defer mail that
+Postfix should accept.
-To eliminate this safety net, take one of the following three
-actions:
+To fix this safety net, take one of the following actions:
- Set smtpd_relay_restrictions empty, and keep using the existing
mail relay authorization policy in smtpd_recipient_restrictions.
- Copy the existing mail relay authorization policy from
smtpd_recipient_restrictions to smtpd_relay_restrictions.
-- Set smtpd_relay_restrictions by hand to the new built-in
- policy: permit_mynetworks reject_unauth_destination.
-
There is no need to change the value of smtpd_recipient_restrictions.
-[Feature 20121007] This version introduces the smtpd_relay_restrictions
+[Feature 20130613] This version introduces the smtpd_relay_restrictions
feature for mail relay control. The new built-in default settings
are:
smtpd_relay_restrictions =
permit_mynetworks
- reject_unauth_destination
+ permit_sasl_authenticated
+ defer_unauth_destination
smtpd_recipient_restrictions =
( optional spam blocking rules would go here )
policy under smtpd_recipient_restrictions will not unexpectedly
result in a permissive mail relay policy.
-As usual, this new feature is introduced with safety nets to prevent
-surprises when a site upgrades from an earlier Postfix release.
+As of Postfix 2.10.0 the smtpd_relay_restrictions parameter built-in
+default settings are:
-1 - FORWARD COMPATIBILITY SAFETY NET: the Postfix installation
- procedure adds the following smtpd_relay_restrictions entry to
- main.cf when there is none:
-
- smtpd_relay_restrictions =
- permit_mynetworks
- permit_sasl_authenticated
- defer_unauth_destination
+ smtpd_relay_restrictions =
+ permit_mynetworks
+ permit_sasl_authenticated
+ defer_unauth_destination
- If your site has a complex mail relay policy configured under
- smtpd_recipient_restrictions, this safety net will defer mail
- that the built-in smtpd_relay_restrictions setting would bounce.
+If your site has a complex mail relay policy configured under
+smtpd_recipient_restrictions, this safety net may defer mail that
+Postfix should accept.
- To eliminate this safety net, take one of the following three
- actions:
+To migrate from an earlier Postfix release with the least amount
+of pain:
- - Set smtpd_relay_restrictions empty, and keep using the existing
- mail relay authorization policy in smtpd_recipient_restrictions.
+- Set smtpd_relay_restrictions empty, and keep using the existing
+ mail relay authorization policy in smtpd_recipient_restrictions.
- - Copy the existing mail relay authorization policy from
- smtpd_recipient_restrictions to smtpd_relay_restrictions.
+- There is no need to change the value of smtpd_recipient_restrictions.
- - Set smtpd_relay_restrictions by hand to the new built-in
- policy: permit_mynetworks reject_unauth_destination.
+To take advantage of the new smtpd_relay_restrictions feature:
- There is no need to change the value of smtpd_recipient_restrictions.
+- Copy the existing mail relay authorization policy from
+ smtpd_recipient_restrictions to smtpd_relay_restrictions.
-2 - BACKWARDS COMPATIBILITY SAFETY NET: sites that migrate from
- Postfix versions before 2.10 can set smtpd_relay_restrictions
- to the empty value, and use smtpd_recipient_restrictions exactly
- as they used it before.
+- There is no need to change the value of smtpd_recipient_restrictions.
Major changes - start-up
------------------------
$POSTCONF -c $config_directory inet_protocols=ipv4 || exit 1
}
- # Postfix 2.10.
- # Safety net for incompatible changes due to the introduction
- # of the smtpd_relay_restrictions feature to separate the
- # mail relay policy from the spam blocking policy.
- # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT
- # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM
- # POSTFIX BEFORE 2.10.
- test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || {
- cat <<EOF | ${FMT}
- COMPATIBILITY: editing $config_directory/main.cf, overriding
- smtpd_relay_restrictions to prevent inbound mail from
- unexpectedly bouncing.
- Specify an empty smtpd_relay_restrictions value to keep using
- smtpd_recipient_restrictions as before.
-EOF
- $POSTCONF -c $config_directory "smtpd_relay_restrictions = \
- permit_mynetworks permit_sasl_authenticated \
- defer_unauth_destination" || exit 1
- }
+# Disabled because unhelpful down-stream maintainers disable the safety net.
+# # Postfix 2.10.
+# # Safety net for incompatible changes due to the introduction
+# # of the smtpd_relay_restrictions feature to separate the
+# # mail relay policy from the spam blocking policy.
+# # PLEASE DO NOT REMOVE THIS CODE. ITS PURPOSE IS TO PREVENT
+# # INBOUND MAIL FROM UNEXPECTEDLY BOUNCING AFTER UPGRADING FROM
+# # POSTFIX BEFORE 2.10.
+# test -n "`$POSTCONF -c $config_directory -n smtpd_relay_restrictions`" || {
+# cat <<EOF | ${FMT}
+# COMPATIBILITY: editing $config_directory/main.cf, overriding
+# smtpd_relay_restrictions to prevent inbound mail from
+# unexpectedly bouncing.
+# Specify an empty smtpd_relay_restrictions value to keep using
+# smtpd_recipient_restrictions as before.
+#EOF
+# $POSTCONF -c $config_directory "smtpd_relay_restrictions = \
+# permit_mynetworks permit_sasl_authenticated \
+# defer_unauth_destination" || exit 1
+# }
}
# A reminder if this is the first time Postfix is being installed.
</DD>
<DT><b><a name="smtpd_relay_restrictions">smtpd_relay_restrictions</a>
-(default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>)</b></DT><DD>
+(default: <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#permit_sasl_authenticated">permit_sasl_authenticated</a>, <a href="postconf.5.html#defer_unauth_destination">defer_unauth_destination</a>)</b></DT><DD>
<p> Access restrictions for mail relay control that the Postfix
SMTP server applies in the context of the RCPT TO command, before
.br
.PP
This feature is available in Postfix 2.1 and later.
-.SH smtpd_relay_restrictions (default: permit_mynetworks, reject_unauth_destination)
+.SH smtpd_relay_restrictions (default: permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination)
Access restrictions for mail relay control that the Postfix
SMTP server applies in the context of the RCPT TO command, before
smtpd_recipient_restrictions.
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
</pre>
-%PARAM smtpd_relay_restrictions permit_mynetworks, reject_unauth_destination
+%PARAM smtpd_relay_restrictions permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination
<p> Access restrictions for mail relay control that the Postfix
SMTP server applies in the context of the RCPT TO command, before
#define VAR_RELAY_CHECKS "smtpd_relay_restrictions"
#define DEF_RELAY_CHECKS PERMIT_MYNETWORKS ", " \
- REJECT_UNAUTH_DEST
+ PERMIT_SASL_AUTH \
+ DEFER_UNAUTH_DEST
extern char *var_relay_checks;
#define VAR_RCPT_CHECKS "smtpd_recipient_restrictions"
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20130608"
+#define MAIL_RELEASE_DATE "20130613"
#define MAIL_VERSION_NUMBER "2.11"
#ifdef SNAPSHOT
tls_dane_unusable(state->ddane) ?
"usable " : "");
level = TLS_LEV_SECURE;
+ } else if (!TLS_DANE_HASTA(state->ddane)
+ && !TLS_DANE_HASEE(state->ddane)) {
+ msg_panic("empty DANE match list");
} else {
if (state->match)
argv_free(state->match);
if (TLS_DANE_HASTA(dane)) {
tls->matchargv = argv_alloc(2);
argv_add(tls->matchargv, "hostname", "nexthop", ARGV_END);
- }
+ } else if (!TLS_DANE_HASEE(dane))
+ msg_panic("empty DANE match list");
tls->dane = dane;
tls->level = TLS_LEV_DANE;
return;
if (rrs->dnssec_valid)
parse_tlsa_rrs(dane, rrs);
+ else
+ dane->flags |= TLS_DANE_FLAG_NORRS;
dns_rr_free(rrs);
break;
projects / thirdparty / postfix.git / commitdiff
