does not like the workaround. We now default back to the
non-workaround code and turn on the workaround dynamically.
Files: util/unix_send_fd.c, unix_recv_fd.c, unix_pass_fd_fix.c.
+
+20090605
+
+ Portability: modern kernels below ancient user-land. File:
+ makedefs.
+
+20090606
+
+ Feature: post-Milter header checks, with all actions except
+ PREPEND. To enable, specify for example "milter_header_checks
+ = pcre:/path/to/file". Files: cleanup/cleanup_init.c,
+ cleanup/cleanup_milter.c, cleanup/cleanup_extracted.c,
+ cleanup/cleanup_state.c.
+
+ Bugfix: non-portable command pathname in postmulti-script.
+
+ Safety: "postmulti -e destroy" no longer attempts to remove
+ files that are created AFTER "postmulti -e create". Rationale:
+ by design, postfix queue/data directories are not trusted;
+ actions within those directory trees must not affect files
+ outside those those trees (e.g. by symlink race attacks).
+ We don't want to be nailed with a bunch of CVEs for unsafe
+ pathname handling. File: conf/postmulti-script.
If you upgrade from Postfix 2.5 or earlier, read RELEASE_NOTES-2.6
before proceeding.
+
+Incompatibility with snapshot 20090606
+======================================
+
+The "postmulti -e destroy" command no longer attempts to remove
+files that are created AFTER "postmulti -e create". It still works
+as expected immediately after creating an instance by mistake.
+Trying to automatically remove other files is too risky because
+Postfix-owned directories are not trusted.
+
+Major changes with snapshot 20090606
+====================================
+
+Support for header checks on headers that are generated by Milter
+applications. This can be used, for example, to direct mail flow
+based on headers that indicate spam levels. See postconf(5) for
+"milter_header_checks. All header_checks features are implemented
+except PREPEND.
Remove this file from the stable release.
- Apply header_checks and body_checks when Milters add or
- modify the message content. Use case: Milters that add
- spamminess headers.
+ Fix the header_body_checks API, so that the name of the map
+ class (e.g. milter_header_checks) is available for logging.
+
+ Fix the mime_state and header_body_checks APIs, so that
+ they use VSTRINGs. This simplifies REPLACE actions.
Update FILTER_README for multi-instance support, and rename
the old document to FILTER_LEGACY_README.
# multi_instance_group - New value for target instance
# multi_instance_name - New value for target instance
+# For security reasons we don't take pathnames from the file system
+# when destroying instances. Instead we use known-to-be-safe names
+# and nothing with a / because that could be subject to races.
+QUEUE_DIRECTORIES="active bounce corrupt defer deferred flush hold incoming \
+maildrop pid private public saved trace"
+#DEBUG=echo
+
: ${MAIL_CONFIG:?"do not invoke this command directly"}
: ${command_directory:?"do not invoke this command directly"}
: ${daemon_directory:?"do not invoke this command directly"}
TAG="$MAIL_LOGTAG/postmulti-script"
fatal() { postlog -p fatal -t "$TAG" "$1"; exit 1; }
+WARN="postlog -p warn -t $TAG"
# args: add|del $dir
#
postfix -c "$config_directory" status >/dev/null 2>&1 &&
fatal "Instance '$config_directory' is not stopped"
- # XXX: Internal "postfix /some/cmd" interface via /bin/env for execvp().
- #
- for q in maildrop incoming active deferred hold
- do
- postfix -c "$config_directory" /bin/env \
- find "$q" ! -name "$q" ! -name "?" -perm 0700 -print |
- grep "^" >/dev/null &&
- fatal "Instance '$config_directory' $q queue is not empty"
- done
-
# Update multi_instance directories
# and also (just in case) drop from alternate_config_directories
#
- update_cfdirs del $config_directory || exit 1
-
- # Change default personalities:
- MAIL_CONFIG="$config_directory"; export MAIL_CONFIG
-
- # Full steam ahead, instance will be at least partly destroyed!
+ $DEBUG update_cfdirs del $config_directory || exit 1
- # Try to remove data_directory, but not sub-directories.
- # Note: care with "$TAG" insertion into sh -c 'script'.
+ # "postmulti -e destroy" will remove an entire instance only
+ # when invoked immediately after "postmulti -e create". Trying
+ # to remove more files is too dangerous.
#
- postfix /bin/sh -c \
- 'cd $data_directory; rm -f -- *; cd ..; rmdir $data_directory; \
- PATH=$command_directory:$PATH; export PATH; \
- test -d $data_directory && \
- postlog -p warn -t "'"$TAG"'" \
- "$data_directory partly removed" 2>&1' 2>/dev/null
-
- # Remove Postfix-owned files in the queue directory.
- # Remove all files in the "pid" sub-directory.
- # Remove empty directories.
- # Note: care with "$TAG" insertion into sh -c 'script'.
- postfix /bin/sh -c \
- 'find . -user $mail_owner ! -type d -exec rm -f -- "{}" ";"; \
- find . -depth -user $mail_owner -type d -exec rmdir -- "{}" ";"; \
- rm -f -- pid/*; rmdir *; cd ..; rmdir $queue_directory; \
- PATH=$command_directory:$PATH; export PATH; \
- test -d $queue_directory && \
- postlog -p warn -t "'"$TAG"'" \
- "$queue_directory partly removed" 2>&1' 2>/dev/null
+ # By design, postfix-owned directory trees are not trusted, and
+ # any action within those directory trees must not affect files
+ # outside those trees (e.g. via symlink race attacks).
+ #
+ # XXX: Internal "postfix /some/cmd" interface.
+ #
+ postfix -c "$config_directory" /bin/sh -c "
+ for q in $QUEUE_DIRECTORIES
+ do
+ $DEBUG rmdir -- \$q ||
+ $WARN `pwd`/\$q: please verify contents and remove by hand
+ done
+ "
+
+ postfix -c "$config_directory" /bin/sh -c "
+ for dir in \$data_directory \$queue_directory
+ do
+ $DEBUG rmdir -- \$dir ||
+ $WARN \$dir: please verify contents and remove by hand
+ done
+ "
# In the configuration directory remove just the main.cf and master.cf
# files.
- rm -f -- "$MAIL_CONFIG/master.cf" "$MAIL_CONFIG/main.cf" 2>/dev/null
- rmdir -- "$MAIL_CONFIG" 2>/dev/null
- test -d "$MAIL_CONFIG" && \
- postlog -p warn -t "$TAG" \
- "$MAIL_CONFIG partly removed" 2>&1
+ $DEBUG rm -f -- "$config_directory/master.cf" "$config_directory/main.cf" 2>/dev/null
+ $DEBUG rmdir -- "$config_directory" ||
+ $WARN $config_directory: please verify contents and remove by hand
;;
+
enable)
postconf -c "$config_directory" -e \
"multi_instance_enable = yes" || exit 1;;
The macros that are sent to Milter (mail filter)
applications after the end of the message header.
+ Available in Postfix version 2.5 and later:
+
+ <b><a href="postconf.5.html#milter_header_checks">milter_header_checks</a> (empty)</b>
+ Optional lookup tables for content inspection of
+ primary message headers that are produced by Milter
+ applications.
+
<b>MIME PROCESSING CONTROLS</b>
Available in Postfix version 2.0 and later:
<p> This feature is available in Postfix 2.5 and later. </p>
+</DD>
+
+<DT><b><a name="milter_header_checks">milter_header_checks</a>
+(default: empty)</b></DT><DD>
+
+<p>
+Optional lookup tables for content inspection of primary
+message headers that are produced by Milter applications.
+See the <a href="header_checks.5.html">header_checks(5)</a> manual page for usage.
+</p>
+
+<p> The following example sends mail that is marked as SPAM to a
+spam sanization machine. Note that matches are case-insensitive by
+default. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ <a href="postconf.5.html#milter_header_checks">milter_header_checks</a> = <a href="pcre_table.5.html">pcre</a>:/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>
+</pre>
+<pre>
+/etc/postfix/<a href="postconf.5.html#milter_header_checks">milter_header_checks</a>:
+ /^X-SPAM-FLAG:\s+YES]/ FILTER mysmtp:sanitizer.example.com:25
+</pre>
+</blockquote>
+
+
</DD>
<DT><b><a name="milter_helo_macros">milter_helo_macros</a>
case "$RELEASE" in
2.[0-5].*) CCARGS="$CCARGS -DNO_EPOLL";;
# Workaround for retarded libc
- 2.6.*) trap 'rm -f makedefs.test makedefs.test.[co]' 1 2 3 15
+ 2.6.*)
+ if [ `expr "X$CCARGS" : "X.*-DNO_EPOLL"` -gt 0 ]
+ then
+ :
+ elif [ ! -e /usr/include/sys/epoll.h ]
+ then
+ echo CCARGS="$CCARGS -DNO_EPOLL"
+ else
+ trap 'rm -f makedefs.test makedefs.test.[co]' 1 2 3 15
cat >makedefs.test.c <<'EOF'
#include <sys/types.h>
#include <sys/epoll.h>
${CC-gcc} -o makedefs.test makedefs.test.c || exit 1
./makedefs.test 2>/dev/null ||
CCARGS="$CCARGS -DNO_EPOLL"
- rm -f makedefs.test makedefs.test.[co];;
+ rm -f makedefs.test makedefs.test.[co]
+ fi;;
esac
;;
GNU.0*|GNU/kFreeBSD.[567]*)
of available macro names and their meanings.
.PP
This feature is available in Postfix 2.5 and later.
+.SH milter_header_checks (default: empty)
+Optional lookup tables for content inspection of primary
+message headers that are produced by Milter applications.
+See the \fBheader_checks\fR(5) manual page for usage.
+.PP
+The following example sends mail that is marked as SPAM to a
+spam sanization machine. Note that matches are case-insensitive by
+default.
+.sp
+.in +4
+.nf
+.na
+.ft C
+/etc/postfix/main.cf:
+ milter_header_checks = pcre:/etc/postfix/milter_header_checks
+.fi
+.ad
+.ft R
+.nf
+.na
+.ft C
+/etc/postfix/milter_header_checks:
+ /^X-SPAM-FLAG:\es+YES]/ FILTER mysmtp:sanitizer.example.com:25
+.fi
+.ad
+.ft R
+.in -4
.SH milter_helo_macros (default: see "postconf -d" output)
The macros that are sent to Milter (mail filter) applications
after the SMTP HELO or EHLO command. See
.IP "\fBmilter_end_of_header_macros (see 'postconf -d' output)\fR"
The macros that are sent to Milter (mail filter) applications
after the end of the message header.
+.PP
+Available in Postfix version 2.5 and later:
+.IP "\fBmilter_header_checks (empty)\fR"
+Optional lookup tables for content inspection of primary
+message headers that are produced by Milter applications.
.SH "MIME PROCESSING CONTROLS"
.na
.nf
s;\bmilter_unknown_command_macros\b;<a href="postconf.5.html#milter_unknown_command_macros">$&</a>;g;
s;\bmilter_end_of_data_macros\b;<a href="postconf.5.html#milter_end_of_data_macros">$&</a>;g;
s;\bmilter_end_of_header_macros\b;<a href="postconf.5.html#milter_end_of_header_macros">$&</a>;g;
+ s;\bmilter_header_checks\b;<a href="postconf.5.html#milter_header_checks">$&</a>;g;
# Multi-instance support
s;\bmulti_instance_directo[-</bB>]*\n*[ <bB>]*ries\b;<a href="postconf.5.html#multi_instance_directories">$&</a>;g;
<p> This feature is available in Postfix 2.5 and later. </p>
+%PARAM milter_header_checks
+
+<p>
+Optional lookup tables for content inspection of primary
+message headers that are produced by Milter applications.
+See the header_checks(5) manual page for usage.
+</p>
+
+<p> The following example sends mail that is marked as SPAM to a
+spam sanization machine. Note that matches are case-insensitive by
+default. </p>
+
+<blockquote>
+<pre>
+/etc/postfix/main.cf:
+ milter_header_checks = pcre:/etc/postfix/milter_header_checks
+</pre>
+<pre>
+/etc/postfix/milter_header_checks:
+ /^X-SPAM-FLAG:\s+YES]/ FILTER mysmtp:sanitizer.example.com:25
+</pre>
+</blockquote>
cleanup_milter_test10b cleanup_milter_test10c cleanup_milter_test10d \
cleanup_milter_test10e cleanup_milter_test11 cleanup_milter_test12 \
cleanup_milter_test13a cleanup_milter_test13b cleanup_milter_test13c \
- cleanup_milter_test13d
+ cleanup_milter_test13d \
+ cleanup_milter_test14a cleanup_milter_test14b cleanup_milter_test14c \
+ cleanup_milter_test14d cleanup_milter_test14e \
+ cleanup_milter_test15a cleanup_milter_test15b cleanup_milter_test15c \
+ cleanup_milter_test15d cleanup_milter_test15e
root_tests:
diff cleanup_milter.ref13d cleanup_milter.tmp
rm -f test-queue-file13d.tmp cleanup_milter.tmp
+cleanup_milter_test14a: cleanup_milter test-queue-file14 cleanup_milter.in14a \
+ cleanup_milter.ref14a1 ../postcat/postcat cleanup_milter.ref14a2
+ cp test-queue-file14 test-queue-file14a.tmp
+ chmod u+w test-queue-file14a.tmp
+ ./cleanup_milter <cleanup_milter.in14a 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref14a1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file14a.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref14a2 cleanup_milter.tmp2
+ rm -f test-queue-file14a.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test14b: cleanup_milter test-queue-file14 cleanup_milter.in14b \
+ cleanup_milter.ref14b1 ../postcat/postcat cleanup_milter.ref14b2
+ cp test-queue-file14 test-queue-file14b.tmp
+ chmod u+w test-queue-file14b.tmp
+ ./cleanup_milter <cleanup_milter.in14b 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref14b1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file14b.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref14b2 cleanup_milter.tmp2
+ rm -f test-queue-file14b.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test14c: cleanup_milter test-queue-file14 cleanup_milter.in14c \
+ cleanup_milter.ref14c1 ../postcat/postcat cleanup_milter.ref14c2
+ cp test-queue-file14 test-queue-file14c.tmp
+ chmod u+w test-queue-file14c.tmp
+ ./cleanup_milter <cleanup_milter.in14c 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref14c1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file14c.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref14c2 cleanup_milter.tmp2
+ rm -f test-queue-file14c.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test14d: cleanup_milter test-queue-file14 cleanup_milter.in14d \
+ cleanup_milter.ref14d1 ../postcat/postcat cleanup_milter.ref14d2
+ cp test-queue-file14 test-queue-file14d.tmp
+ chmod u+w test-queue-file14d.tmp
+ ./cleanup_milter <cleanup_milter.in14d 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref14d1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file14d.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref14d2 cleanup_milter.tmp2
+ rm -f test-queue-file14d.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test14e: cleanup_milter test-queue-file14 cleanup_milter.in14e \
+ cleanup_milter.ref14e1 ../postcat/postcat cleanup_milter.ref14e2
+ cp test-queue-file14 test-queue-file14e.tmp
+ chmod u+w test-queue-file14e.tmp
+ ./cleanup_milter <cleanup_milter.in14e 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref14e1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file14e.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref14e2 cleanup_milter.tmp2
+ rm -f test-queue-file14e.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test15a: cleanup_milter test-queue-file15 cleanup_milter.in15a \
+ cleanup_milter.ref15a1 ../postcat/postcat cleanup_milter.ref15a2
+ cp test-queue-file15 test-queue-file15a.tmp
+ chmod u+w test-queue-file15a.tmp
+ ./cleanup_milter <cleanup_milter.in15a 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref15a1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file15a.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref15a2 cleanup_milter.tmp2
+ rm -f test-queue-file15a.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test15b: cleanup_milter test-queue-file15 cleanup_milter.in15b \
+ cleanup_milter.ref15b1 ../postcat/postcat cleanup_milter.ref15b2
+ cp test-queue-file15 test-queue-file15b.tmp
+ chmod u+w test-queue-file15b.tmp
+ ./cleanup_milter <cleanup_milter.in15b 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref15b1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file15b.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref15b2 cleanup_milter.tmp2
+ rm -f test-queue-file15b.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test15c: cleanup_milter test-queue-file15 cleanup_milter.in15c \
+ cleanup_milter.ref15c1 ../postcat/postcat cleanup_milter.ref15c2
+ cp test-queue-file15 test-queue-file15c.tmp
+ chmod u+w test-queue-file15c.tmp
+ ./cleanup_milter <cleanup_milter.in15c 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref15c1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file15c.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref15c2 cleanup_milter.tmp2
+ rm -f test-queue-file15c.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test15d: cleanup_milter test-queue-file15 cleanup_milter.in15d \
+ cleanup_milter.ref15d1 ../postcat/postcat cleanup_milter.ref15d2
+ cp test-queue-file15 test-queue-file15d.tmp
+ chmod u+w test-queue-file15d.tmp
+ ./cleanup_milter <cleanup_milter.in15d 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref15d1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file15d.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref15d2 cleanup_milter.tmp2
+ rm -f test-queue-file15d.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
+cleanup_milter_test15e: cleanup_milter test-queue-file15 cleanup_milter.in15e \
+ cleanup_milter.ref15e1 ../postcat/postcat cleanup_milter.ref15e2
+ cp test-queue-file15 test-queue-file15e.tmp
+ chmod u+w test-queue-file15e.tmp
+ ./cleanup_milter <cleanup_milter.in15e 2>cleanup_milter.tmp1
+ diff cleanup_milter.ref15e1 cleanup_milter.tmp1
+ ../postcat/postcat -ov test-queue-file15e.tmp 2>/dev/null >cleanup_milter.tmp2
+ diff cleanup_milter.ref15e2 cleanup_milter.tmp2
+ rm -f test-queue-file15e.tmp cleanup_milter.tmp1 cleanup_milter.tmp2
+
depend: $(MAKES)
(sed '1,/^# do not edit/!d' Makefile.in; \
set -e; for i in [a-z][a-z0-9]*.c; do \
cleanup.o: ../../include/been_here.h
cleanup.o: ../../include/cleanup_user.h
cleanup.o: ../../include/dict.h
+cleanup.o: ../../include/header_body_checks.h
cleanup.o: ../../include/header_opts.h
cleanup.o: ../../include/htable.h
cleanup.o: ../../include/iostuff.h
cleanup_addr.o: ../../include/dict.h
cleanup_addr.o: ../../include/dsn_mask.h
cleanup_addr.o: ../../include/ext_prop.h
+cleanup_addr.o: ../../include/header_body_checks.h
cleanup_addr.o: ../../include/header_opts.h
cleanup_addr.o: ../../include/htable.h
cleanup_addr.o: ../../include/iostuff.h
cleanup_api.o: ../../include/dict.h
cleanup_api.o: ../../include/dsn.h
cleanup_api.o: ../../include/dsn_buf.h
+cleanup_api.o: ../../include/header_body_checks.h
cleanup_api.o: ../../include/header_opts.h
cleanup_api.o: ../../include/htable.h
cleanup_api.o: ../../include/iostuff.h
cleanup_body_edit.o: ../../include/been_here.h
cleanup_body_edit.o: ../../include/cleanup_user.h
cleanup_body_edit.o: ../../include/dict.h
+cleanup_body_edit.o: ../../include/header_body_checks.h
cleanup_body_edit.o: ../../include/header_opts.h
cleanup_body_edit.o: ../../include/htable.h
cleanup_body_edit.o: ../../include/mail_conf.h
cleanup_bounce.o: ../../include/dsn_buf.h
cleanup_bounce.o: ../../include/dsn_mask.h
cleanup_bounce.o: ../../include/dsn_util.h
+cleanup_bounce.o: ../../include/header_body_checks.h
cleanup_bounce.o: ../../include/header_opts.h
cleanup_bounce.o: ../../include/htable.h
cleanup_bounce.o: ../../include/iostuff.h
cleanup_envelope.o: ../../include/cleanup_user.h
cleanup_envelope.o: ../../include/dict.h
cleanup_envelope.o: ../../include/dsn_mask.h
+cleanup_envelope.o: ../../include/header_body_checks.h
cleanup_envelope.o: ../../include/header_opts.h
cleanup_envelope.o: ../../include/htable.h
cleanup_envelope.o: ../../include/iostuff.h
cleanup_envelope.o: ../../include/qmgr_user.h
cleanup_envelope.o: ../../include/rec_attr_map.h
cleanup_envelope.o: ../../include/rec_type.h
+cleanup_envelope.o: ../../include/recipient_list.h
cleanup_envelope.o: ../../include/record.h
cleanup_envelope.o: ../../include/resolve_clnt.h
cleanup_envelope.o: ../../include/string_list.h
cleanup_extracted.o: ../../include/cleanup_user.h
cleanup_extracted.o: ../../include/dict.h
cleanup_extracted.o: ../../include/dsn_mask.h
+cleanup_extracted.o: ../../include/header_body_checks.h
cleanup_extracted.o: ../../include/header_opts.h
cleanup_extracted.o: ../../include/htable.h
cleanup_extracted.o: ../../include/iostuff.h
cleanup_final.o: ../../include/been_here.h
cleanup_final.o: ../../include/cleanup_user.h
cleanup_final.o: ../../include/dict.h
+cleanup_final.o: ../../include/header_body_checks.h
cleanup_final.o: ../../include/header_opts.h
cleanup_final.o: ../../include/htable.h
cleanup_final.o: ../../include/mail_conf.h
cleanup_init.o: ../../include/dict.h
cleanup_init.o: ../../include/ext_prop.h
cleanup_init.o: ../../include/flush_clnt.h
+cleanup_init.o: ../../include/header_body_checks.h
cleanup_init.o: ../../include/header_opts.h
cleanup_init.o: ../../include/htable.h
cleanup_init.o: ../../include/iostuff.h
cleanup_map11.o: ../../include/been_here.h
cleanup_map11.o: ../../include/cleanup_user.h
cleanup_map11.o: ../../include/dict.h
+cleanup_map11.o: ../../include/header_body_checks.h
cleanup_map11.o: ../../include/header_opts.h
cleanup_map11.o: ../../include/htable.h
cleanup_map11.o: ../../include/mail_addr_map.h
cleanup_map1n.o: ../../include/been_here.h
cleanup_map1n.o: ../../include/cleanup_user.h
cleanup_map1n.o: ../../include/dict.h
+cleanup_map1n.o: ../../include/header_body_checks.h
cleanup_map1n.o: ../../include/header_opts.h
cleanup_map1n.o: ../../include/htable.h
cleanup_map1n.o: ../../include/mail_addr_map.h
cleanup_masquerade.o: ../../include/been_here.h
cleanup_masquerade.o: ../../include/cleanup_user.h
cleanup_masquerade.o: ../../include/dict.h
+cleanup_masquerade.o: ../../include/header_body_checks.h
cleanup_masquerade.o: ../../include/header_opts.h
cleanup_masquerade.o: ../../include/htable.h
cleanup_masquerade.o: ../../include/mail_conf.h
cleanup_message.o: ../../include/dict.h
cleanup_message.o: ../../include/dsn_util.h
cleanup_message.o: ../../include/ext_prop.h
+cleanup_message.o: ../../include/header_body_checks.h
cleanup_message.o: ../../include/header_opts.h
cleanup_message.o: ../../include/htable.h
cleanup_message.o: ../../include/iostuff.h
cleanup_milter.o: ../../include/cleanup_user.h
cleanup_milter.o: ../../include/dict.h
cleanup_milter.o: ../../include/dsn_mask.h
+cleanup_milter.o: ../../include/dsn_util.h
+cleanup_milter.o: ../../include/header_body_checks.h
cleanup_milter.o: ../../include/header_opts.h
cleanup_milter.o: ../../include/htable.h
cleanup_milter.o: ../../include/iostuff.h
cleanup_out.o: ../../include/been_here.h
cleanup_out.o: ../../include/cleanup_user.h
cleanup_out.o: ../../include/dict.h
+cleanup_out.o: ../../include/header_body_checks.h
cleanup_out.o: ../../include/header_opts.h
cleanup_out.o: ../../include/htable.h
cleanup_out.o: ../../include/lex_822.h
cleanup_out_recipient.o: ../../include/dsn_buf.h
cleanup_out_recipient.o: ../../include/dsn_mask.h
cleanup_out_recipient.o: ../../include/ext_prop.h
+cleanup_out_recipient.o: ../../include/header_body_checks.h
cleanup_out_recipient.o: ../../include/header_opts.h
cleanup_out_recipient.o: ../../include/htable.h
cleanup_out_recipient.o: ../../include/iostuff.h
cleanup_region.o: ../../include/been_here.h
cleanup_region.o: ../../include/cleanup_user.h
cleanup_region.o: ../../include/dict.h
+cleanup_region.o: ../../include/header_body_checks.h
cleanup_region.o: ../../include/header_opts.h
cleanup_region.o: ../../include/htable.h
cleanup_region.o: ../../include/mail_conf.h
cleanup_rewrite.o: ../../include/been_here.h
cleanup_rewrite.o: ../../include/cleanup_user.h
cleanup_rewrite.o: ../../include/dict.h
+cleanup_rewrite.o: ../../include/header_body_checks.h
cleanup_rewrite.o: ../../include/header_opts.h
cleanup_rewrite.o: ../../include/htable.h
cleanup_rewrite.o: ../../include/iostuff.h
cleanup_state.o: ../../include/been_here.h
cleanup_state.o: ../../include/cleanup_user.h
cleanup_state.o: ../../include/dict.h
+cleanup_state.o: ../../include/header_body_checks.h
cleanup_state.o: ../../include/header_opts.h
cleanup_state.o: ../../include/htable.h
cleanup_state.o: ../../include/iostuff.h
/* .IP "\fBmilter_end_of_header_macros (see 'postconf -d' output)\fR"
/* The macros that are sent to Milter (mail filter) applications
/* after the end of the message header.
+/* .PP
+/* Available in Postfix version 2.5 and later:
+/* .IP "\fBmilter_header_checks (empty)\fR"
+/* Optional lookup tables for content inspection of primary
+/* message headers that are produced by Milter applications.
/* MIME PROCESSING CONTROLS
/* .ad
/* .fi
#include <mime_state.h>
#include <string_list.h>
#include <cleanup_user.h>
+#include <header_body_checks.h>
/*
* Milter library.
off_t append_rcpt_pt_target; /* target of above record */
off_t append_hdr_pt_offset; /* append header here */
off_t append_hdr_pt_target; /* target of above record */
+ off_t append_meta_pt_offset; /* append meta record here */
+ off_t append_meta_pt_target; /* target of above record */
ssize_t rcpt_count; /* recipient count */
char *reason; /* failure reason */
char *smtp_reply; /* failure reason, SMTP-style */
VSTRING *milter_ext_from; /* externalized sender */
VSTRING *milter_ext_rcpt; /* externalized recipient */
VSTRING *milter_err_text; /* milter call-back reply */
+ HBC_CHECKS *milter_hbc_checks; /* Milter header checks */
+ VSTRING *milter_hbc_reply; /* Milter header checks reply */
/*
* Support for Milter body replacement requests.
cleanup_addr_sender(state, buf);
if (state->milters || cleanup_milters) {
/* Make room to replace sender. */
- rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE);
+ if ((len = strlen(state->sender)) < REC_TYPE_PTR_PAYL_SIZE)
+ rec_pad(state->dst, REC_TYPE_PTR, REC_TYPE_PTR_PAYL_SIZE - len);
/* Remember the after-sender record offset. */
if ((state->sender_pt_target = vstream_ftell(state->dst)) < 0)
msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
cleanup_out_format(state, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_ENCODING, encoding);
state->flags |= CLEANUP_FLAG_INRCPT;
+ /* Make room to append more meta records. */
+ if (state->milters || cleanup_milters) {
+ if ((state->append_meta_pt_offset = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT, 0L);
+ if ((state->append_meta_pt_target = vstream_ftell(state->dst)) < 0)
+ msg_fatal("%s: vstream_ftell %s: %m:", myname, cleanup_path);
+ }
}
/*
char *var_milt_eod_macros; /* end-of-data macros */
char *var_milt_unk_macros; /* unknown command macros */
char *var_cleanup_milters; /* non-SMTP mail */
+char *var_milt_head_checks; /* post-Milter header checks */
int var_auto_8bit_enc_hdr; /* auto-detect 8bit encoding header */
int var_always_add_hdrs; /* always add missing headers */
VAR_MILT_EOD_MACROS, DEF_MILT_EOD_MACROS, &var_milt_eod_macros, 0, 0,
VAR_MILT_UNK_MACROS, DEF_MILT_UNK_MACROS, &var_milt_unk_macros, 0, 0,
VAR_CLEANUP_MILTERS, DEF_CLEANUP_MILTERS, &var_cleanup_milters, 0, 0,
+ VAR_MILT_HEAD_CHECKS, DEF_MILT_HEAD_CHECKS, &var_milt_head_checks, 0, 0,
0,
};
#include <lex_822.h>
#include <is_header.h>
#include <quote_821_local.h>
+#include <dsn_util.h>
/* Application-specific. */
#define STR(x) vstring_str(x)
#define LEN(x) VSTRING_LEN(x)
+/* cleanup_milter_hbc_log - log post-milter header/body_checks action */
+
+static void cleanup_milter_hbc_log(void *context, const char *action,
+ const char *where, const char *line,
+ const char *optional_text)
+{
+ const CLEANUP_STATE *state = (CLEANUP_STATE *) context;
+ const char *attr;
+
+ vstring_sprintf(state->temp1, "%s: milter-%s-%s: %s %.60s from %s[%s];",
+ state->queue_id, where, action, where, line,
+ state->client_name, state->client_addr);
+ if (state->sender)
+ vstring_sprintf_append(state->temp1, " from=<%s>", state->sender);
+ if (state->recip)
+ vstring_sprintf_append(state->temp1, " to=<%s>", state->recip);
+ if ((attr = nvtable_find(state->attr, MAIL_ATTR_LOG_PROTO_NAME)) != 0)
+ vstring_sprintf_append(state->temp1, " proto=%s", attr);
+ if ((attr = nvtable_find(state->attr, MAIL_ATTR_LOG_HELO_NAME)) != 0)
+ vstring_sprintf_append(state->temp1, " helo=<%s>", attr);
+ if (optional_text)
+ vstring_sprintf_append(state->temp1, ": %s", optional_text);
+ msg_info("%s", vstring_str(state->temp1));
+}
+
+/* cleanup_milter_header_prepend - prepend header to milter-generated header */
+
+static void cleanup_milter_header_prepend(void *context, int rec_type,
+ const char *buf, ssize_t len, off_t offset)
+{
+ msg_warn("the milter_header/body_checks prepend action is not implemented");
+}
+
+/* cleanup_milter_hbc_extend - additional header/body_checks actions */
+
+static char *cleanup_milter_hbc_extend(void *context, const char *command,
+ int cmd_len, const char *optional_text,
+ const char *where, const char *buf,
+ ssize_t buf_len, off_t offset)
+{
+ CLEANUP_STATE *state = (CLEANUP_STATE *) context;
+ const char *map_class = VAR_MILT_HEAD_CHECKS; /* XXX */
+
+#define STREQUAL(x,y,l) (strncasecmp((x), (y), (l)) == 0 && (y)[l] == 0)
+
+ /*
+ * We log all header/body-checks actions here, because we know the
+ * details of the message content that triggered the action. We also
+ * report detail-free milter-reply values to the caller through the
+ * milter_hbc_reply state member, so that up-stream code can stop sending
+ * requests after e.g., reject or discard.
+ *
+ * As enforced elsewhere, this code is not called when (state->flags &
+ * CLEANUP_FLAG_FILTER_ALL) == 0.
+ */
+ if (STREQUAL(command, "REJECT", cmd_len)) {
+ const CLEANUP_STAT_DETAIL *detail;
+
+ if (state->reason)
+ myfree(state->reason);
+ detail = cleanup_stat_detail(CLEANUP_STAT_CONT);
+ if (*optional_text) {
+ state->reason = dsn_prepend(detail->dsn, optional_text);
+ if (*state->reason != '4' && *state->reason != '5') {
+ msg_warn("bad DSN action in %s -- need 4.x.x or 5.x.x",
+ optional_text);
+ *state->reason = '4';
+ }
+ } else {
+ state->reason = dsn_prepend(detail->dsn, detail->text);
+ }
+ state->flags &= ~CLEANUP_FLAG_FILTER_ALL;
+ cleanup_milter_hbc_log((void *) state, "reject", where, buf, state->reason);
+ vstring_sprintf(state->milter_hbc_reply, "%d %s", detail->smtp, state->reason);
+ STR(state->milter_hbc_reply)[0] = *state->reason;
+ return ((char *) buf);
+ }
+ if (STREQUAL(command, "FILTER", cmd_len)) {
+ if (*optional_text == 0) {
+ msg_warn("missing FILTER command argument in %s map", map_class);
+ } else if (strchr(optional_text, ':') == 0) {
+ msg_warn("bad FILTER command %s in %s -- "
+ "need transport:destination",
+ optional_text, map_class);
+ } else {
+ if (state->filter)
+ myfree(state->filter);
+ state->filter = mystrdup(optional_text);
+ cleanup_milter_hbc_log((void *) state, "filter", where, buf,
+ optional_text);
+ }
+ return ((char *) buf);
+ }
+ if (STREQUAL(command, "DISCARD", cmd_len)) {
+ cleanup_milter_hbc_log((void *) state, "discard", where, buf, optional_text);
+ vstring_strcpy(state->milter_hbc_reply, "D");
+ state->flags &= ~CLEANUP_FLAG_FILTER_ALL;
+ return ((char *) buf);
+ }
+ if (STREQUAL(command, "HOLD", cmd_len)) {
+ if ((state->flags & CLEANUP_FLAG_HOLD) == 0) {
+ cleanup_milter_hbc_log((void *) state, "hold", where, buf, optional_text);
+ vstring_strcpy(state->milter_hbc_reply, "H");
+ }
+ return ((char *) buf);
+ }
+ if (STREQUAL(command, "REDIRECT", cmd_len)) {
+ if (strchr(optional_text, '@') == 0) {
+ msg_warn("bad REDIRECT target \"%s\" in %s map -- "
+ "need user@domain",
+ optional_text, map_class);
+ } else {
+ if (state->redirect)
+ myfree(state->redirect);
+ state->redirect = mystrdup(optional_text);
+ cleanup_milter_hbc_log((void *) state, "redirect", where, buf,
+ optional_text);
+ state->flags &= ~CLEANUP_FLAG_FILTER_ALL;
+ }
+ return ((char *) buf);
+ }
+ msg_warn("unknown command in %s map: %s", map_class, command);
+ return ((char *) buf);
+}
+
+/* cleanup_milter_header_checks - inspect Milter-generated header */
+
+static int cleanup_milter_header_checks(CLEANUP_STATE *state, VSTRING *buf)
+{
+ char *ret;
+
+ /*
+ * Milter application "add/insert/replace header" requests happen at the
+ * end-of-message stage, therefore all the header operations are relative
+ * to the primary message header.
+ */
+ ret = hbc_header_checks((void *) state, state->milter_hbc_checks,
+ MIME_HDR_PRIMARY, (HEADER_OPTS *) 0,
+ buf, (off_t) 0);
+ if (ret == 0) {
+ return (0);
+ } else {
+ if (ret != STR(buf)) {
+ vstring_strcpy(buf, ret);
+ myfree(ret);
+ }
+ return (1);
+ }
+}
+
+/* cleanup_milter_hbc_add_meta - add REDIRECT or FILTER meta records */
+
+static void cleanup_milter_hbc_add_meta(CLEANUP_STATE *state)
+{
+ const char *myname = "cleanup_milter_hbc_add_meta";
+ off_t reverse_ptr_offset;
+ off_t new_meta_offset;
+
+ /*
+ * Note: this code runs while the Milter infrastructure is being torn
+ * down. For this reason we handle all I/O errors here on the spot
+ * instead of reporting them back through the Milter infrastructure.
+ */
+
+ /*
+ * Sanity check.
+ */
+ if (state->append_meta_pt_offset < 0)
+ msg_panic("%s: no meta append pointer location", myname);
+ if (state->append_meta_pt_target < 0)
+ msg_panic("%s: no meta append pointer target", myname);
+
+ /*
+ * Allocate space after the end of the queue file, and write the meta
+ * record(s), followed by a reverse pointer record that points to the
+ * target of the old "meta record append" pointer record. This reverse
+ * pointer record becomes the new "meta record append" pointer record.
+ * Although the new "meta record append" pointer record will never be
+ * used we update it here to make the code more similar to other code
+ * that inserts/appends content, so that common code can be factored out
+ * later.
+ */
+ if ((new_meta_offset = vstream_fseek(state->dst, (off_t) 0, SEEK_END)) < 0) {
+ msg_warn("%s: seek file %s: %m", myname, cleanup_path);
+ state->errs |= CLEANUP_STAT_WRITE;
+ return;
+ }
+ if (state->filter != 0)
+ cleanup_out_string(state, REC_TYPE_FILT, state->filter);
+ if (state->redirect != 0)
+ cleanup_out_string(state, REC_TYPE_RDR, state->redirect);
+ if ((reverse_ptr_offset = vstream_ftell(state->dst)) < 0) {
+ msg_warn("%s: vstream_ftell file %s: %m", myname, cleanup_path);
+ state->errs |= CLEANUP_STAT_WRITE;
+ return;
+ }
+ cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
+ (long) state->append_meta_pt_target);
+
+ /*
+ * Pointer flipping: update the old "meta record append" pointer record
+ * value with the location of the new meta record.
+ */
+ if (vstream_fseek(state->dst, state->append_meta_pt_offset, SEEK_SET) < 0) {
+ msg_warn("%s: seek file %s: %m", myname, cleanup_path);
+ state->errs |= CLEANUP_STAT_WRITE;
+ return;
+ }
+ cleanup_out_format(state, REC_TYPE_PTR, REC_TYPE_PTR_FORMAT,
+ (long) new_meta_offset);
+
+ /*
+ * Update the in-memory "meta append" pointer record location with the
+ * location of the reverse pointer record that follows the new meta
+ * record. The target of the "meta append" pointer record does not
+ * change; it's always the record that follows the dummy pointer record
+ * that was written while Postfix received the message.
+ */
+ state->append_meta_pt_offset = reverse_ptr_offset;
+}
+
+/* cleanup_milter_header_checks_init - initialize post-Milter header checks */
+
+static void cleanup_milter_header_checks_init(CLEANUP_STATE *state)
+{
+#define NO_NESTED_HDR_NAME ""
+#define NO_NESTED_HDR_VALUE ""
+#define NO_MIME_HDR_NAME ""
+#define NO_MIME_HDR_VALUE ""
+
+ static /* XXX not const */ HBC_CALL_BACKS call_backs = {
+ cleanup_milter_hbc_log,
+ cleanup_milter_header_prepend,
+ cleanup_milter_hbc_extend,
+ };
+
+ state->milter_hbc_checks =
+ hbc_header_checks_create(VAR_MILT_HEAD_CHECKS, var_milt_head_checks,
+ NO_MIME_HDR_NAME, NO_MIME_HDR_VALUE,
+ NO_NESTED_HDR_NAME, NO_NESTED_HDR_VALUE,
+ &call_backs);
+ state->milter_hbc_reply = vstring_alloc(100);
+ if (state->filter)
+ myfree(state->filter);
+ state->filter = 0;
+ if (state->redirect)
+ myfree(state->redirect);
+ state->redirect = 0;
+}
+
+/* cleanup_milter_hbc_finish - finalize post-Milter header checks */
+
+static void cleanup_milter_hbc_finish(CLEANUP_STATE *state)
+{
+ if (state->milter_hbc_checks)
+ hbc_header_checks_free(state->milter_hbc_checks);
+ state->milter_hbc_checks = 0;
+ if (state->milter_hbc_reply)
+ vstring_free(state->milter_hbc_reply);
+ state->milter_hbc_reply = 0;
+ if (CLEANUP_OUT_OK(state) && (state->filter || state->redirect))
+ cleanup_milter_hbc_add_meta(state);
+}
+
/*
* Milter replies.
*/
if (state->append_hdr_pt_target < 0)
msg_panic("%s: no header append pointer target", myname);
+ /*
+ * Return early when Milter header checks request that this header record
+ * be dropped.
+ */
+ buf = vstring_alloc(100);
+ vstring_sprintf(buf, "%s:%s%s", name, space, value);
+ if (state->milter_hbc_checks
+ && (state->flags & CLEANUP_FLAG_FILTER_ALL)
+ && cleanup_milter_header_checks(state, buf) == 0) {
+ vstring_free(buf);
+ return (0);
+ }
+
/*
* Allocate space after the end of the queue file, and write the header
* record(s), followed by a reverse pointer record that points to the
*/
if ((new_hdr_offset = vstream_fseek(state->dst, (off_t) 0, SEEK_END)) < 0) {
msg_warn("%s: seek file %s: %m", myname, cleanup_path);
+ vstring_free(buf);
return (cleanup_milter_error(state, errno));
}
- buf = vstring_alloc(100);
- vstring_sprintf(buf, "%s:%s%s", name, space, value);
cleanup_out_header(state, buf); /* Includes padding */
vstring_free(buf);
if ((reverse_ptr_offset = vstream_ftell(state->dst)) < 0) {
/*
* In case of error while doing record output.
*/
- return (CLEANUP_OUT_OK(state) ? 0 : cleanup_milter_error(state, 0));
+ return (CLEANUP_OUT_OK(state) == 0 ? cleanup_milter_error(state, 0) :
+ state->milter_hbc_reply && LEN(state->milter_hbc_reply) ?
+ STR(state->milter_hbc_reply) : 0);
+
+ /*
+ * Note: state->append_meta_pt_target never changes.
+ */
}
/* cleanup_find_header_start - find specific header instance */
* record. It is ignored when the to-be-saved record is a pointer record.
*/
+ /*
+ * Return early when Milter header checks request that this header record
+ * be dropped.
+ */
+ vstring_sprintf(buf, "%s:%s%s", new_hdr_name, hdr_space, new_hdr_value);
+ if (state->milter_hbc_checks
+ && (state->flags & CLEANUP_FLAG_FILTER_ALL)
+ && cleanup_milter_header_checks(state, buf) == 0)
+ CLEANUP_PATCH_HEADER_RETURN(0);
+
/*
* Write the new header to a new location after the end of the queue
* file.
msg_warn("%s: seek file %s: %m", myname, cleanup_path);
CLEANUP_PATCH_HEADER_RETURN(cleanup_milter_error(state, errno));
}
- vstring_sprintf(buf, "%s:%s%s", new_hdr_name, hdr_space, new_hdr_value);
cleanup_out_header(state, buf); /* Includes padding */
if (msg_verbose > 1)
msg_info("%s: %ld: write %.*s", myname, (long) new_hdr_offset,
/*
* In case of error while doing record output.
*/
- CLEANUP_PATCH_HEADER_RETURN(CLEANUP_OUT_OK(state) ? 0 :
- cleanup_milter_error(state, 0));
+ CLEANUP_PATCH_HEADER_RETURN(
+ CLEANUP_OUT_OK(state) == 0 ? cleanup_milter_error(state, 0) :
+ state->milter_hbc_reply && LEN(state->milter_hbc_reply) ?
+ STR(state->milter_hbc_reply) : 0);
/*
* Note: state->append_hdr_pt_target never changes.
default:
msg_panic("%s: unexpected mail filter reply: %s", myname, resp);
}
+
+ /*
+ * Don't log milter_header/body checks actions again.
+ */
+ if (state->milter_hbc_reply && strcmp(resp, STR(state->milter_hbc_reply)) == 0)
+ return (ret);
+
vstring_sprintf(state->temp1, "%s: %s: %s from %s[%s]: %s;",
state->queue_id, action, event, state->client_name,
state->client_addr, text);
if (state->client_name == 0)
cleanup_milter_client_init(state);
+ /*
+ * Prologue: prepare for Milter header/body checks.
+ */
+ if (*var_milt_head_checks)
+ cleanup_milter_header_checks_init(state);
+
/*
* Process mail filter replies. The reply format is verified by the mail
* filter library.
if ((resp = milter_message(milters, state->handle->stream,
state->data_offset)) != 0)
cleanup_milter_apply(state, "END-OF-MESSAGE", resp);
+
+ /*
+ * Epilogue: finalize Milter header/body checks.
+ */
+ if (*var_milt_head_checks)
+ cleanup_milter_hbc_finish(state);
+
if (msg_verbose)
msg_info("leave %s", myname);
}
char *var_milt_daemon_name = "host.example.com";
char *var_milt_v = DEF_MILT_V;
MILTERS *cleanup_milters = (MILTERS *) ((char *) sizeof(*cleanup_milters));
+char *var_milt_head_checks = "";
/* Dummies to satisfy unused external references. */
if ((state->append_rcpt_pt_target =
vstream_ftell(state->dst)) < 0)
msg_fatal("file %s: vstream_ftell: %m", cleanup_path);
+ } else if (curr_offset > state->xtra_offset
+ && state->append_meta_pt_offset < 0) {
+ state->append_meta_pt_offset = curr_offset;
+ if (atol(STR(buf)) != 0)
+ msg_fatal("file %s: bad dummy meta PTR record: %s",
+ cleanup_path, STR(buf));
+ if ((state->append_meta_pt_target =
+ vstream_ftell(state->dst)) < 0)
+ msg_fatal("file %s: vstream_ftell: %m", cleanup_path);
}
} else {
if (state->append_hdr_pt_offset < 0) {
}
}
if (state->append_rcpt_pt_offset > 0
- && state->append_hdr_pt_offset > 0)
+ && state->append_hdr_pt_offset > 0
+ && (rec_type == REC_TYPE_END
+ || state->append_meta_pt_offset > 0))
break;
}
if (msg_verbose) {
CLEANUP_STATE *state = cleanup_state_alloc((VSTREAM *) 0);
state->queue_id = mystrdup("NOQUEUE");
+ state->sender = mystrdup("sender");
+ state->recip = mystrdup("recipient");
+ state->client_name = "client_name";
+ state->client_addr = "client_addr";
+ state->flags |= CLEANUP_FLAG_FILTER_ALL;
msg_vstream_init(argv[0], VSTREAM_ERR);
var_line_limit = DEF_LINE_LIMIT;
for (;;) {
ARGV *argv;
ssize_t index;
+ const char *resp = 0;
if (istty) {
vstream_printf("- ");
} else if (state->dst == 0) {
msg_warn("no open queue file");
} else if (strcmp(argv->argv[0], "close") == 0) {
+ if (*var_milt_head_checks)
+ cleanup_milter_hbc_finish(state);
close_queue_file(state);
} else if (strcmp(argv->argv[0], "add_header") == 0) {
if (argv->argc < 2) {
msg_warn("bad add_header argument count: %d", argv->argc);
} else {
flatten_args(arg_buf, argv->argv + 2);
- cleanup_add_header(state, argv->argv[1], " ", STR(arg_buf));
+ resp = cleanup_add_header(state, argv->argv[1], " ", STR(arg_buf));
}
} else if (strcmp(argv->argv[0], "ins_header") == 0) {
if (argv->argc < 3) {
msg_warn("bad ins_header index value");
} else {
flatten_args(arg_buf, argv->argv + 3);
- cleanup_ins_header(state, index, argv->argv[2], " ", STR(arg_buf));
+ resp = cleanup_ins_header(state, index, argv->argv[2], " ", STR(arg_buf));
}
} else if (strcmp(argv->argv[0], "upd_header") == 0) {
if (argv->argc < 3) {
msg_warn("bad upd_header index value");
} else {
flatten_args(arg_buf, argv->argv + 3);
- cleanup_upd_header(state, index, argv->argv[2], " ", STR(arg_buf));
+ resp = cleanup_upd_header(state, index, argv->argv[2], " ", STR(arg_buf));
}
} else if (strcmp(argv->argv[0], "del_header") == 0) {
if (argv->argc != 3) {
vstream_fclose(fp);
}
}
+ } else if (strcmp(argv->argv[0], "header_checks") == 0) {
+ if (argv->argc != 2) {
+ msg_warn("bad header_checks argument count: %d", argv->argc);
+ } else if (*var_milt_head_checks) {
+ msg_warn("can't change header checks");
+ } else {
+ var_milt_head_checks = mystrdup(argv->argv[1]);
+ cleanup_milter_header_checks_init(state);
+ }
} else {
msg_warn("bad command: %s", argv->argv[0]);
}
argv_free(argv);
+ if (resp)
+ cleanup_milter_apply(state, "END-OF-MESSAGE", resp);
}
vstring_free(inbuf);
vstring_free(arg_buf);
+ if (state->append_meta_pt_offset >= 0) {
+ if (state->flags)
+ msg_info("flags = %s", cleanup_strflags(state->flags));
+ if (state->errs)
+ msg_info("errs = %s", cleanup_strerror(state->errs));
+ }
cleanup_state_free(state);
return (0);
--- /dev/null
+#verbose on
+open test-queue-file14a.tmp
+
+header_checks regexp:cleanup_milter.reg14a
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14b.tmp
+
+header_checks regexp:cleanup_milter.reg14b
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14c.tmp
+
+header_checks regexp:cleanup_milter.reg14c
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14d.tmp
+
+header_checks regexp:cleanup_milter.reg14d
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14e.tmp
+
+header_checks regexp:cleanup_milter.reg14e
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14f.tmp
+
+header_checks regexp:cleanup_milter.reg14f
+ins_header 2 X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file14g.tmp
+
+header_checks regexp:cleanup_milter.reg14g
+upd_header 1 X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15a.tmp
+
+header_checks regexp:cleanup_milter.reg15a
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15b.tmp
+
+header_checks regexp:cleanup_milter.reg15b
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15c.tmp
+
+header_checks regexp:cleanup_milter.reg15c
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15d.tmp
+
+header_checks regexp:cleanup_milter.reg15d
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15e.tmp
+
+header_checks regexp:cleanup_milter.reg15e
+add_header X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15f.tmp
+
+header_checks regexp:cleanup_milter.reg15f
+ins_header 2 X-SPAM-FLAG YES
+
+close
--- /dev/null
+#verbose on
+open test-queue-file15g.tmp
+
+header_checks regexp:cleanup_milter.reg15g
+ins_header 2 X-SPAM-FLAG YES
+
+close
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-reject: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: 5.7.1 message content rejected
+./cleanup_milter: errs = message content rejected
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14a.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14a.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14a.tmp ***
+ 623 pointer_record: 0
+ 640 *** MESSAGE FILE END test-queue-file14a.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-filter: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: transport:nexthop:port
+./cleanup_milter: flags = enable_header_body_filter enable_milters
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14b.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14b.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14b.tmp ***
+ 623 pointer_record: 677
+ 677 content_filter: transport:nexthop:port
+ 701 pointer_record: 640
+ 640 *** MESSAGE FILE END test-queue-file14b.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-redirect: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: foo@examle.com
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14c.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14c.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14c.tmp ***
+ 623 pointer_record: 677
+ 677 redirect_to: foo@examle.com
+ 693 pointer_record: 640
+ 640 *** MESSAGE FILE END test-queue-file14c.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-discard: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>:
+./cleanup_milter: flags = discard_message
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14d.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14d.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14d.tmp ***
+ 623 pointer_record: 0
+ 640 *** MESSAGE FILE END test-queue-file14d.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-hold: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>:
+./cleanup_milter: flags = enable_header_body_filter hold_message enable_milters
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14e.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14e.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14e.tmp ***
+ 623 pointer_record: 0
+ 640 *** MESSAGE FILE END test-queue-file14e.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-reject: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: 5.7.1 message content rejected
+./cleanup_milter: errs = message content rejected
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14f.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14f.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 regular_text: To: wietse@ahost.example.com
+ 690 pointer_record: 402
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 0
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14f.tmp ***
+ 623 pointer_record: 0
+ 640 *** MESSAGE FILE END test-queue-file14f.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-reject: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: 5.7.1 message content rejected
+./cleanup_milter: errs = message content rejected
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file14g.tmp ***
+ 0 message_size: 365 256 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:05:19 2009
+ 100 create_time: Fri Jun 5 14:05:19 2009
+ 124 named_attribute: rewrite_context=local
+ 147 sender_fullname: Wietse Venema
+ 162 sender: wietse@ahost.example.com
+ 188 pointer_record: 0
+ 203 original_recipient: wietse
+ 211 recipient: wietse@ahost.example.com
+ 237 pointer_record: 0
+ 254 *** MESSAGE CONTENTS test-queue-file14g.tmp ***
+ 256 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 316 regular_text: id DA4892510C1; Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 372 regular_text: To: wietse@ahost.example.com
+ 402 regular_text: Message-Id: <20090605180519.DA4892510C1@ahost.example.com>
+ 462 regular_text: Date: Fri, 5 Jun 2009 14:05:19 -0400 (EDT)
+ 507 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 555 pointer_record: 642
+ 642 regular_text: X-SPAM-FLAG: YES
+ 660 pointer_record: 572
+ 572 regular_text:
+ 574 regular_text: Fri Jun 5 14:05:19 EDT 2009
+ 604 pointer_record: 0
+ 621 *** HEADER EXTRACTED test-queue-file14g.tmp ***
+ 623 pointer_record: 0
+ 640 *** MESSAGE FILE END test-queue-file14g.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-reject: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: 5.7.1 message content rejected
+./cleanup_milter: errs = message content rejected
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15a.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15a.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 regular_text: To: wietse@ahost.example.com
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 pointer_record: 537
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15a.tmp ***
+ 588 pointer_record: 0
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15a.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-filter: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: transport:nexthop:port
+./cleanup_milter: flags = enable_header_body_filter enable_milters
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15b.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15b.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 regular_text: To: wietse@ahost.example.com
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 pointer_record: 537
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15b.tmp ***
+ 588 pointer_record: 676
+ 676 content_filter: transport:nexthop:port
+ 700 pointer_record: 605
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15b.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-redirect: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: foo@examle.com
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15c.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15c.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 regular_text: To: wietse@ahost.example.com
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 pointer_record: 537
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15c.tmp ***
+ 588 pointer_record: 676
+ 676 redirect_to: foo@examle.com
+ 692 pointer_record: 605
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15c.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-discard: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>:
+./cleanup_milter: flags = discard_message
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15d.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15d.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 regular_text: To: wietse@ahost.example.com
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 pointer_record: 537
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15d.tmp ***
+ 588 pointer_record: 0
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15d.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-hold: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>:
+./cleanup_milter: flags = enable_header_body_filter hold_message enable_milters
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15e.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15e.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 regular_text: To: wietse@ahost.example.com
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 pointer_record: 537
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15e.tmp ***
+ 588 pointer_record: 0
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15e.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-redirect: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: x@y.z
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15f.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15f.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 regular_text: To: wietse@ahost.example.com
+ 689 pointer_record: 367
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 0
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15f.tmp ***
+ 588 pointer_record: 706
+ 706 redirect_to: x@y.z
+ 713 pointer_record: 605
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15f.tmp ***
--- /dev/null
+./cleanup_milter: NOQUEUE: milter-header-filter: header X-SPAM-FLAG: YES from client_name[client_addr]; from=<sender> to=<recipient>: x:y:z
+./cleanup_milter: flags = enable_header_body_filter enable_milters
--- /dev/null
+*** ENVELOPE RECORDS test-queue-file15g.tmp ***
+ 0 message_size: 365 221 1 0 365
+ 81 message_arrival_time: Fri Jun 5 14:06:34 2009
+ 99 create_time: Fri Jun 5 14:06:34 2009
+ 123 named_attribute: rewrite_context=local
+ 146 sender_fullname: Wietse Venema
+ 161 sender: wietse@ahost.example.com
+ 187 pointer_record: 0
+ 202 pointer_record: 0
+ 219 *** MESSAGE CONTENTS test-queue-file15g.tmp ***
+ 221 regular_text: Received: by ahost.example.com (Postfix, from userid 1001)
+ 281 regular_text: id 06F8B2510C2; Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 337 pointer_record: 641
+ 641 regular_text: X-SPAM-FLAG: YES
+ 659 regular_text: To: wietse@ahost.example.com
+ 689 pointer_record: 367
+ 367 regular_text: Message-Id: <20090605180634.06F8B2510C2@ahost.example.com>
+ 427 regular_text: Date: Fri, 5 Jun 2009 14:06:34 -0400 (EDT)
+ 472 regular_text: From: wietse@ahost.example.com (Wietse Venema)
+ 520 pointer_record: 0
+ 537 regular_text:
+ 539 regular_text: Fri Jun 5 14:06:34 EDT 2009
+ 569 pointer_record: 0
+ 586 *** HEADER EXTRACTED test-queue-file15g.tmp ***
+ 588 pointer_record: 706
+ 706 content_filter: x:y:z
+ 713 pointer_record: 605
+ 605 original_recipient: wietse
+ 613 recipient: wietse@ahost.example.com
+ 639 *** MESSAGE FILE END test-queue-file15g.tmp ***
--- /dev/null
+/./ reject
--- /dev/null
+/./ FILTER transport:nexthop:port
--- /dev/null
+/./ REDIRECT foo@examle.com
--- /dev/null
+/./ DISCARD
--- /dev/null
+/./ reject
--- /dev/null
+/./ reject
--- /dev/null
+/./ reject
--- /dev/null
+/./ FILTER transport:nexthop:port
--- /dev/null
+/./ REDIRECT foo@examle.com
--- /dev/null
+/./ DISCARD
--- /dev/null
+/./ redirect x@y.z
--- /dev/null
+/./ filter x:y:z
state->append_rcpt_pt_target = -1;
state->append_hdr_pt_offset = -1;
state->append_hdr_pt_target = -1;
+ state->append_meta_pt_offset = -1;
+ state->append_meta_pt_target = -1;
+ state->milter_hbc_checks = 0;
+ state->milter_hbc_reply = 0;
state->rcpt_count = 0;
state->reason = 0;
state->smtp_reply = 0;
#define DEF_MILT_V "$" VAR_MAIL_NAME " $" VAR_MAIL_VERSION
extern char *var_milt_v;
+#define VAR_MILT_HEAD_CHECKS "milter_header_checks"
+#define DEF_MILT_HEAD_CHECKS ""
+extern char *var_milt_head_checks;
+
/*
* What internal mail do we inspect/stamp/etc.? This is not yet safe enough
* to enable world-wide.
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20090603"
+#define MAIL_RELEASE_DATE "20090606"
#define MAIL_VERSION_NUMBER "2.7"
#ifdef SNAPSHOT
str_vars.h time_table.h time_vars.h raw_table.h raw_vars.h \
nint_table.h nint_vars.h
AUTOS = auto_table.h auto_vars.h
+DUMMIES = makes_dummy autos_dummy
PROG = postconf
SAMPLES = ../../conf/main.cf.default
INC_DIR = ../../include
../../bin/$(PROG): $(PROG)
cp $(PROG) ../../bin
-$(MAKES): $(INC_DIR)/mail_params.h ../global/mail_params.c
+$(MAKES): makes_dummy
+
+makes_dummy: $(INC_DIR)/mail_params.h ../global/mail_params.c
$(AWK) -f extract.awk ../*/*.c | $(SHELL)
+ touch makes_dummy
+
+$(AUTOS): autos_dummy
-$(AUTOS): auto.awk
+autos_dummy: auto.awk
$(AWK) -f auto.awk
+ touch autos_dummy
printfck: $(OBJS) $(PROG)
rm -rf printfck
lint $(DEFS) $(SRCS) $(LINTFIX)
clean:
- rm -f *.o *core $(PROG) $(TESTPROG) junk $(MAKES) $(AUTOS)
+ rm -f *.o *core $(PROG) $(TESTPROG) junk $(MAKES) $(AUTOS) $(DUMMIES)
rm -rf printfck
tidy: clean
msg.msg_iovlen = 1;
/*
- * The CMSG_LEN workaround was originally developed for OpenBSD 3.6 on
- * 64-bit SPARC (later also confirmed on AMD64). It was hard-coded with
- * Postfix 2.3 for all platforms because of increasing pressure to work
- * on other things.
+ * The CMSG_LEN send/receive workaround was originally developed for
+ * OpenBSD 3.6 on SPARC64. After the workaround was verified to not break
+ * Solaris 8 on SPARC64, it was hard-coded with Postfix 2.3 for all
+ * platforms because of increasing pressure to work on other things. The
+ * workaround does nothing for 32-bit systems.
*
* The investigation was reopened with Postfix 2.7 because the workaround
- * broke on NetBSD 5.0. This time it was found that OpenBSD on AMD64
- * needs the workaround for sending only. We assume that OpenBSD on AMD64
- * and SPARC64 are similar, and turn on the workaround on-the-fly. The
- * OpenBSD problem was fixed for AMD64 and SPARC64 with OpenBSD 4.4 or
- * 4.5.
+ * broke with NetBSD 5.0 on 64-bit architectures. This time it was found
+ * that OpenBSD <= 4.3 on AMD64 and SPARC64 needed the workaround for
+ * sending only. The following platforms worked with and without the
+ * workaround: OpenBSD 4.5 on AMD64 and SPARC64, FreeBSD 7.2 on AMD64,
+ * Solaris 8 on SPARC64, and Linux 2.6-11 on x86_64.
*
- * The workaround was made run-time configurable to make the investigation
- * possible on many different platforms. Though the code is over-kill for
- * this particular problem, it is left in place so that it can serve as
- * an example of how to add run-time configurable workarounds to Postfix.
+ * As this appears to have been an OpenBSD-specific problem, we revert to
+ * the Postfix 2.2 behavior. Instead of hard-coding the workaround for
+ * all platforms, we now detect sendmsg() errors at run time and turn on
+ * the workaround dynamically.
+ *
+ * The workaround was made run-time configurable to investigate the problem
+ * on multiple platforms. Though set_unix_pass_fd_fix() is over-kill for
+ * this specific problem, it is left in place so that it can serve as an
+ * example of how to add run-time configurable workarounds to Postfix.
*/
if (sendmsg(fd, &msg, 0) >= 0)
return (0);
projects / thirdparty / postfix.git / commitdiff
