newline handling has evolved. Files: global/smtp_stream.[hc],
Files: global/smtp_stream.[hc], smtpd/smtpd.c.
-20240113
+20240116
- Cleanup: updated the user interface. The smtpd_forbid_bare_newline
- settings are now "require_std_end_of_data", "reject", and
- "no", with "yes" as an alias for "require_std_end_of_data".
- Files: smtpd/smtpd.c proto/postconf.proto.
+ Reverted some changes after postfix-3.9-20240112, and updated
+ documentation.
This feature applies to all email that Postfix locally or remotely
sends out. It is not allowlisted based on client identity.
-Major changes with snapshot 20240113
+Major changes with snapshot 20240116
====================================
-This updates Postfix fixes for SMTP smuggling attacks, For background,
-see https://www.postfix.org/smtp-smuggling.html
+This updates Postfix fixes for inbound SMTP smuggling attacks. For
+background, see https://www.postfix.org/smtp-smuggling.html
This will be back ported to Postfix 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
- Improved logging for rejected input (it now includes queue ID,
helo, mail, and rcpt, if available).
-- The new default "smtpd_forbid_bare_newline = require_std_end_of_data"
+- The new default "smtpd_forbid_bare_newline = normalize"
requires the standard End-of-DATA sequence <CR><LF>.<CR><LF>, and
allows bare newlines from SMTP clients, maintaining more compatibility
with infrastructure tools such as probers and surveys.
message that contains a bare newline. To disconnect the client,
specify "smtpd_forbid_bare_newline_reject_code = 521".
-- The old setting "yes" has become an alias for "require_std_end_of_data".
+- The old setting "yes" has become an alias for "normalize".
- The old setting "no" has not changed, and allows SMTP smuggling.
# This maintains compatibility with many legitimate SMTP client
# applications that send a mix of standard and non-standard line
# endings, but will fail to receive email from client implementations
- # that do not send <CR><LF>.<CR><LF> Such clients need to be
+ # that do not send <CR><LF>.<CR><LF>. Such clients need to be
# excluded with smtpd_forbid_bare_newline_exclusions.
#
- smtpd_forbid_bare_newline = require_std_end_of_data
+ smtpd_forbid_bare_newline = normalize
smtpd_forbid_bare_newline_exclusions = $mynetworks
Alternative settings:
#
# Exclude local SMTP clients from enforcement.
#
- # This will very likely cause problems for SMTP clients that send
+ # This will fail to receive email from SMTP clients that send any
# non-standard line endings such as web applications, netcat, or
# load balancer health checks. Such clients need to be excluded with
# smtpd_forbid_bare_newline_exclusions.
Disable -DSNAPSHOT and -DNONPROD in makedefs.
- Maybe add a pre-release check that stable releases cannot
- have -DSNAPSHOT and -DNONPROD.
-
postfix-install should mention makedefs.out.
Remove .printfck directories, and remove printfck targets
</DD>
<DT><b><a name="smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a>
-(default: Postfix ≥ 3.9: require_std_end_of_data)</b></DT><DD>
+(default: Postfix ≥ 3.9: normalize)</b></DT><DD>
<p> Reject or restrict input lines from an SMTP client that end in
<LF> instead of the standard <CR><LF>. Such line
<dl compact>
-<dt> <b>require_std_end_of_data</b> (default)</dt> <dd> Require the
-standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, allow input lines ending in the non-standard <LF>,
-and process those as if the client sent inputs with the standard
-<CR><LF>. <br> This maintains compatibility with many
-legitimate SMTP client applications that send a mix of standard and
-non-standard line endings, but will fail to receive email from
-client implementations that do not send
+<dt> <b>normalize</b> (default)</dt> <dd> Require the standard
+End-of-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow command or message content lines ending in the
+non-standard <LF>, and process them as if the client sent the
+standard <CR><LF>. <br> <br> This maintains compatibility
+with many legitimate SMTP client applications that send a mix of
+standard and non-standard line endings, but will fail to receive
+email from client implementations that do not send
<CR><LF>.<CR><LF>. Such clients need to be
-excluded with <b><a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a></b>. </dd>
-
-<dt> <b>yes</b> </dt> <dd> Compatibility alias for
-<b>require_std_end_of_data</b>. </dd>
-
-<dt> <b>reject</b> </dt> <dd> Reject a command or message content
-when a line ends in <LF>, log a "bare <LF> received"
-error, and reject the command or message content with
-$<b><a href="postconf.5.html#smtpd_forbid_bare_newline_reject_code">smtpd_forbid_bare_newline_reject_code</a></b>. Require that input
-lines end in <CR><LF>, and require the standard End-of-DATA
-sequence <CR><LF>.<CR><LF>. <br> This will
-very likely cause problems for SMTP clients that send non-standard
+excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>. </dd>
+
+<dt> <b>yes</b> </dt> <dd> Compatibility alias for <b>normalize</b>. </dd>
+
+<dt> <b>reject</b> </dt> <dd> Require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. Reject a command
+or message content when a line ends in <LF>, log a "bare
+<LF> received" error, and reply with the SMTP status code in
+$<a href="postconf.5.html#smtpd_forbid_bare_newline_reject_code">smtpd_forbid_bare_newline_reject_code</a>. <br> <br> This will fail
+to receive email from SMTP clients that may send any non-standard
line endings such as web applications, netcat, or load balancer
health checks. Such clients need to be excluded with
-<b><a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a></b>. </dd>
-
-<dt> <b>no</b> </dt> <dd> Treat a bare <LF> as if the client
-sent <CR><LF>. This option is fully backwards compatible,
-but is not recommended for an Internet-facing SMTP server, because
-it is vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
-SMTP smuggling</a>. </dd>
+<a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>. </dd>
+
+<dt> <b>no</b> </dt> <dd> Do not require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. Always process
+a bare <LF> as if the client sent <CR><LF>. This
+option is fully backwards compatible, but is not recommended for
+an Internet-facing SMTP server, because it is vulnerable to <a
+href="https://www.postfix.org/smtp-smuggling.html"> SMTP smuggling</a>.
+</dd>
</dl>
# that do not send <CR><LF>.<CR><LF>. Such clients need to be
# excluded with <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
#
-<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = require_std_end_of_data
+<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = normalize
<a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a> = $<a href="postconf.5.html#mynetworks">mynetworks</a>
</pre>
</blockquote>
#
# Exclude local SMTP clients from enforcement.
#
-# This will very likely cause problems for SMTP clients that send
+# This will fail to receive email from SMTP clients that send any
# non-standard line endings such as web applications, netcat, or
# load balancer health checks. Such clients need to be excluded with
# <a href="postconf.5.html#smtpd_forbid_bare_newline_exclusions">smtpd_forbid_bare_newline_exclusions</a>.
<p> This feature with settings <b>yes</b> and <b>no</b> is available
in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
-settings <b>reject</b>, and <b>require_std_end_of_data</b> are
-available with Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
-</p>
+settings <b>reject</b>, and <b>normalize</b> are available with
+Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24. </p>
</DD>
(default: $<a href="postconf.5.html#mynetworks">mynetworks</a>)</b></DT><DD>
<p> Exclude the specified clients from <a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a>
-enforcement. It uses the same syntax and parent-domain matching
-behavior as <a href="postconf.5.html#mynetworks">mynetworks</a>. </p>
+enforcement. This setting uses the same syntax and parent-domain
+
matching behavior as <a href="postconf.5.html#mynetworks">mynetworks</a>. </p>
<p> This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9,
3.6.13, and 3.5.23. </p>
(default: 550)</b></DT><DD>
<p>
-The numerical Postfix SMTP server response code when a request
-is rejected by the <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a></b> feature.
+The numerical Postfix SMTP server response code when rejecting a
+request with "<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = reject".
Specify a 5XX status code (521 to disconnect).
</p>
Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
- <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> (Postfix</b> ><b>= 3.9: require_std_end_of_data)</b>
+ <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> (Postfix</b> ><b>= 3.9: normalize)</b>
Reject or restrict input lines from an SMTP client that end in
<LF> instead of the standard <CR><LF>.
Available in Postfix 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24 and later:
<b><a href="postconf.5.html#smtpd_forbid_bare_newline_reject_code">smtpd_forbid_bare_newline_reject_code</a> (550)</b>
- The numerical Postfix SMTP server response code when a request
- is rejected by the <b><a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a></b> feature.
+ The numerical Postfix SMTP server response code when rejecting a
+ request with "<a href="postconf.5.html#smtpd_forbid_bare_newline">smtpd_forbid_bare_newline</a> = reject".
<b>TARPIT CONTROLS</b>
When a remote SMTP client makes errors, the Postfix SMTP server can
parameter $name expansion.
.PP
This feature is available in Postfix 2.0 and later.
-.SH smtpd_forbid_bare_newline (default: Postfix >= 3.9: require_std_end_of_data)
+.SH smtpd_forbid_bare_newline (default: Postfix >= 3.9: normalize)
Reject or restrict input lines from an SMTP client that end in
<LF> instead of the standard <CR><LF>. Such line
endings are commonly allowed with UNIX\-based SMTP servers, but they
SMTP smuggling.
.PP
Specify one of the following values (case does not matter):
-.IP "\fBrequire_std_end_of_data\fR (default)"
-Require the
-standard End\-of\-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, allow input lines ending in the non\-standard <LF>,
-and process those as if the client sent inputs with the standard
-<CR><LF>.
-.br
-This maintains compatibility with many
-legitimate SMTP client applications that send a mix of standard and
-non\-standard line endings, but will fail to receive email from
-client implementations that do not send
+.IP "\fBnormalize\fR (default)"
+Require the standard
+End\-of\-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow command or message content lines ending in the
+non\-standard <LF>, and process them as if the client sent the
+standard <CR><LF>.
+.br
+.br
+This maintains compatibility
+with many legitimate SMTP client applications that send a mix of
+standard and non\-standard line endings, but will fail to receive
+email from client implementations that do not send
<CR><LF>.<CR><LF>. Such clients need to be
-excluded with \fBsmtpd_forbid_bare_newline_exclusions\fR.
+excluded with smtpd_forbid_bare_newline_exclusions.
.br
.IP "\fByes\fR"
-Compatibility alias for
-\fBrequire_std_end_of_data\fR.
+Compatibility alias for \fBnormalize\fR.
.br
.IP "\fBreject\fR"
-Reject a command or message content
-when a line ends in <LF>, log a "bare <LF> received"
-error, and reject the command or message content with
-$\fBsmtpd_forbid_bare_newline_reject_code\fR. Require that input
-lines end in <CR><LF>, and require the standard End\-of\-DATA
-sequence <CR><LF>.<CR><LF>.
-.br
-This will
-very likely cause problems for SMTP clients that send non\-standard
+Require the standard End\-of\-DATA
+sequence <CR><LF>.<CR><LF>. Reject a command
+or message content when a line ends in <LF>, log a "bare
+<LF> received" error, and reply with the SMTP status code in
+$smtpd_forbid_bare_newline_reject_code.
+.br
+.br
+This will fail
+to receive email from SMTP clients that may send any non\-standard
line endings such as web applications, netcat, or load balancer
health checks. Such clients need to be excluded with
-\fBsmtpd_forbid_bare_newline_exclusions\fR.
+smtpd_forbid_bare_newline_exclusions.
.br
.IP "\fBno\fR"
-Treat a bare <LF> as if the client
-sent <CR><LF>. This option is fully backwards compatible,
-but is not recommended for an Internet\-facing SMTP server, because
-it is vulnerable to
-SMTP smuggling.
+Do not require the standard End\-of\-DATA
+sequence <CR><LF>.<CR><LF>. Always process
+a bare <LF> as if the client sent <CR><LF>. This
+option is fully backwards compatible, but is not recommended for
+an Internet\-facing SMTP server, because it is vulnerable to SMTP smuggling.
.br
.br
.PP
# that do not send <CR><LF>.<CR><LF>. Such clients need to be
# excluded with smtpd_forbid_bare_newline_exclusions.
#
-smtpd_forbid_bare_newline = require_std_end_of_data
+smtpd_forbid_bare_newline = normalize
smtpd_forbid_bare_newline_exclusions = $mynetworks
.fi
.ad
#
# Exclude local SMTP clients from enforcement.
#
-# This will very likely cause problems for SMTP clients that send
+# This will fail to receive email from SMTP clients that send any
# non\-standard line endings such as web applications, netcat, or
# load balancer health checks. Such clients need to be excluded with
# smtpd_forbid_bare_newline_exclusions.
.PP
This feature with settings \fByes\fR and \fBno\fR is available
in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
-settings \fBreject\fR, and \fBrequire_std_end_of_data\fR are
-available with Postfix >= 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
+settings \fBreject\fR, and \fBnormalize\fR are available with
+Postfix >= 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
.SH smtpd_forbid_bare_newline_exclusions (default: $mynetworks)
Exclude the specified clients from smtpd_forbid_bare_newline
-enforcement. It uses the same syntax and parent\-domain matching
-behavior as mynetworks.
+enforcement. This setting uses the same syntax and parent\-domain
+matching behavior as mynetworks.
.PP
This feature is available in Postfix >= 3.9, 3.8.4, 3.7.9,
3.6.13, and 3.5.23.
.SH smtpd_forbid_bare_newline_reject_code (default: 550)
-The numerical Postfix SMTP server response code when a request
-is rejected by the \fBsmtpd_forbid_bare_newline\fR feature.
+The numerical Postfix SMTP server response code when rejecting a
+request with "smtpd_forbid_bare_newline = reject".
Specify a 5XX status code (521 to disconnect).
.PP
This feature is available in Postfix >= 3.9, 3.8.5, 3.7.10,
command pipelining constraints.
.PP
Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
-.IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: require_std_end_of_data)\fR"
+.IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: normalize)\fR"
Reject or restrict input lines from an SMTP client that end in
<LF> instead of the standard <CR><LF>.
.IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR"
Available in Postfix 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24 and
later:
.IP "\fBsmtpd_forbid_bare_newline_reject_code (550)\fR"
-The numerical Postfix SMTP server response code when a request
-is rejected by the \fBsmtpd_forbid_bare_newline\fR feature.
+The numerical Postfix SMTP server response code when rejecting a
+request with "smtpd_forbid_bare_newline = reject".
.SH "TARPIT CONTROLS"
.na
.nf
<p> This feature is available in Postfix ≥ 3.9, 3.8.1, 3.7.6,
3.6.10, and 3.5.20. </p>
-%PARAM smtpd_forbid_bare_newline Postfix ≥ 3.9: require_std_end_of_data
+%PARAM smtpd_forbid_bare_newline Postfix ≥ 3.9: normalize
<p> Reject or restrict input lines from an SMTP client that end in
<LF> instead of the standard <CR><LF>. Such line
<dl compact>
-<dt> <b>require_std_end_of_data</b> (default)</dt> <dd> Require the
-standard End-of-DATA sequence <CR><LF>.<CR><LF>.
-Otherwise, allow input lines ending in the non-standard <LF>,
-and process those as if the client sent inputs with the standard
-<CR><LF>. <br> This maintains compatibility with many
-legitimate SMTP client applications that send a mix of standard and
-non-standard line endings, but will fail to receive email from
-client implementations that do not send
+<dt> <b>normalize</b> (default)</dt> <dd> Require the standard
+End-of-DATA sequence <CR><LF>.<CR><LF>.
+Otherwise, allow command or message content lines ending in the
+non-standard <LF>, and process them as if the client sent the
+standard <CR><LF>. <br> <br> This maintains compatibility
+with many legitimate SMTP client applications that send a mix of
+standard and non-standard line endings, but will fail to receive
+email from client implementations that do not send
<CR><LF>.<CR><LF>. Such clients need to be
-excluded with <b>smtpd_forbid_bare_newline_exclusions</b>. </dd>
-
-<dt> <b>yes</b> </dt> <dd> Compatibility alias for
-<b>require_std_end_of_data</b>. </dd>
-
-<dt> <b>reject</b> </dt> <dd> Reject a command or message content
-when a line ends in <LF>, log a "bare <LF> received"
-error, and reject the command or message content with
-$<b>smtpd_forbid_bare_newline_reject_code</b>. Require that input
-lines end in <CR><LF>, and require the standard End-of-DATA
-sequence <CR><LF>.<CR><LF>. <br> This will
-very likely cause problems for SMTP clients that send non-standard
+excluded with smtpd_forbid_bare_newline_exclusions. </dd>
+
+<dt> <b>yes</b> </dt> <dd> Compatibility alias for <b>normalize</b>. </dd>
+
+<dt> <b>reject</b> </dt> <dd> Require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. Reject a command
+or message content when a line ends in <LF>, log a "bare
+<LF> received" error, and reply with the SMTP status code in
+$smtpd_forbid_bare_newline_reject_code. <br> <br> This will fail
+to receive email from SMTP clients that may send any non-standard
line endings such as web applications, netcat, or load balancer
health checks. Such clients need to be excluded with
-<b>smtpd_forbid_bare_newline_exclusions</b>. </dd>
-
-<dt> <b>no</b> </dt> <dd> Treat a bare <LF> as if the client
-sent <CR><LF>. This option is fully backwards compatible,
-but is not recommended for an Internet-facing SMTP server, because
-it is vulnerable to <a href="https://www.postfix.org/smtp-smuggling.html">
-SMTP smuggling</a>. </dd>
+smtpd_forbid_bare_newline_exclusions. </dd>
+
+<dt> <b>no</b> </dt> <dd> Do not require the standard End-of-DATA
+sequence <CR><LF>.<CR><LF>. Always process
+a bare <LF> as if the client sent <CR><LF>. This
+option is fully backwards compatible, but is not recommended for
+an Internet-facing SMTP server, because it is vulnerable to <a
+href="https://www.postfix.org/smtp-smuggling.html"> SMTP smuggling</a>.
+</dd>
</dl>
# that do not send <CR><LF>.<CR><LF>. Such clients need to be
# excluded with smtpd_forbid_bare_newline_exclusions.
#
-smtpd_forbid_bare_newline = require_std_end_of_data
+smtpd_forbid_bare_newline = normalize
smtpd_forbid_bare_newline_exclusions = $mynetworks
</pre>
</blockquote>
#
# Exclude local SMTP clients from enforcement.
#
-# This will very likely cause problems for SMTP clients that send
+# This will fail to receive email from SMTP clients that send any
# non-standard line endings such as web applications, netcat, or
# load balancer health checks. Such clients need to be excluded with
# smtpd_forbid_bare_newline_exclusions.
<p> This feature with settings <b>yes</b> and <b>no</b> is available
in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the
-settings <b>reject</b>, and <b>require_std_end_of_data</b> are
-available with Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.
-</p>
+settings <b>reject</b>, and <b>normalize</b> are available with
+Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24. </p>
%PARAM smtpd_forbid_bare_newline_exclusions $mynetworks
<p> Exclude the specified clients from smtpd_forbid_bare_newline
-enforcement. It uses the same syntax and parent-domain matching
-behavior as mynetworks. </p>
+enforcement. This setting uses the same syntax and parent-domain
+matching behavior as mynetworks. </p>
<p> This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9,
3.6.13, and 3.5.23. </p>
%PARAM smtpd_forbid_bare_newline_reject_code 550
<p>
-The numerical Postfix SMTP server response code when a request
-is rejected by the <b>smtpd_forbid_bare_newline</b> feature.
+The numerical Postfix SMTP server response code when rejecting a
+request with "smtpd_forbid_bare_newline = reject".
Specify a 5XX status code (521 to disconnect).
</p>
dt b a name reject_unknown_sender_domain reject_unknown_sender_domain a b dt
dt b a name check_address_map check_address_map a i a href DATABASE_README html type table a i b dt
PARAM postscreen_dnsbl_max_ttl postscreen_dnsbl_ttl postscreen_dnsbl_ttl 1 h
+standard lt CR gt lt LF gt br br This maintains compatibility
+ smtpd_forbid_bare_newline_reject_code br br This will fail
* Backwards compatibility.
*/
#define VAR_SMTPD_FORBID_BARE_LF "smtpd_forbid_bare_newline"
-#define DEF_SMTPD_FORBID_BARE_LF "require_std_end_of_data"
+#define DEF_SMTPD_FORBID_BARE_LF "normalize"
#define VAR_SMTPD_FORBID_BARE_LF_EXCL "smtpd_forbid_bare_newline_exclusions"
#define DEF_SMTPD_FORBID_BARE_LF_EXCL "$" VAR_MYNETWORKS
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240113"
+#define MAIL_RELEASE_DATE "20240116"
#define MAIL_VERSION_NUMBER "3.9"
#ifdef SNAPSHOT
/* command pipelining constraints.
/* .PP
/* Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later:
-/* .IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: require_std_end_of_data)\fR"
+/* .IP "\fBsmtpd_forbid_bare_newline (Postfix >= 3.9: normalize)\fR"
/* Reject or restrict input lines from an SMTP client that end in
/* <LF> instead of the standard <CR><LF>.
/* .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR"
/* Available in Postfix 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24 and
/* later:
/* .IP "\fBsmtpd_forbid_bare_newline_reject_code (550)\fR"
-/* The numerical Postfix SMTP server response code when a request
-/* is rejected by the \fBsmtpd_forbid_bare_newline\fR feature.
+/* The numerical Postfix SMTP server response code when rejecting a
+/* request with "smtpd_forbid_bare_newline = reject".
/* TARPIT CONTROLS
/* .ad
/* .fi
#define IS_BARE_LF_REPLY_REJECT(m) ((m) & BARE_LF_FLAG_REPLY_REJECT)
static const NAME_CODE bare_lf_mask_table[] = {
- "require_std_end_of_data", BARE_LF_FLAG_WANT_STD_EOD, /* Default */
-#ifdef SNAPSHOT
- "normalize", BARE_LF_FLAG_WANT_STD_EOD, /* Migration aid */
-#endif
+ "normalize", BARE_LF_FLAG_WANT_STD_EOD, /* Default */
"yes", BARE_LF_FLAG_WANT_STD_EOD, /* Migration aid */
"reject", BARE_LF_FLAG_WANT_STD_EOD | BARE_LF_FLAG_REPLY_REJECT,
"no", 0,
projects / thirdparty / postfix.git / commitdiff
