code that handles unavailable transports or destinations.
Files: *qmgr/qmgr_deliver.c.
+20051121
+
+ Workaround: do not build the bounce.cf.default template
+ while compiling Postfix - it breaks when the default
+ mail_owner etc. accounts don't exist. Reported by Liviu
+ Daia.
+
+ Compatibility: added permit_auth_destination emulation to
+ the permit_mx_backup feature. This avoids surprises with
+ sites that used permit_mx_backup to authorize all their
+ incoming mail.
+
Open problems:
"postsuper -r" no longer resets the message arrival time,
If you upgrade from Postfix 2.1 or earlier, read RELEASE_NOTES-2.2
before proceeding.
+Incompatibility with snapshot 20051121
+======================================
+
+For compatibility reasons, the permit_mx_backup feature will accept
+mail for authorized destinations (see permit_mx_backup for definition).
+Only with other destinations will it require that the local MTA is
+listed as non-primary MX.
+
Incompatibility with snapshot 20051120
======================================
<dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
-<dd>Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain). Use the optional
-<a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a> parameter to require that the primary
-MX hosts match a list of network blocks. <br> NOTE: prior to
-Postfix version 2.0, use of <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
-
-<br> NOTE: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> requires
-that the local MTA is not listed as primary MX for the recipient
-domain. This is for safety reasons.
-
-<br> NOTE: use of <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> is not recommended without
-restricting its use with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>. </dd>
+<dd>Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
+
+<ul>
+
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+
+<li> Safety: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> can be vulnerable to mis-use when
+access is not restricted with <a href="postconf.5.html#permit_mx_backup_networks">permit_mx_backup_networks</a>.
+
+<li> Safety: as of Postfix version 2.3, <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain. Exception: <a href="postconf.5.html#permit_mx_backup">permit_mx_backup</a> accepts the address
+when it specifies an authorized destination (see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a>
+for definition).
+
+<li> Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
+
+</ul></dd>
<dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
$virtual_alias_domains, or $virtual_mailbox_domains, and the address
contains no sender-specified routing (user@elsewhere@domain).
.IP "\fBpermit_mx_backup\fR"
-Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain). Use the optional
-permit_mx_backup_networks parameter to require that the primary
-MX hosts match a list of network blocks.
-.br
-NOTE: prior to
-Postfix version 2.0, use of permit_mx_backup is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
-.br
-NOTE: as of Postfix version 2.3, permit_mx_backup requires
-that the local MTA is not listed as primary MX for the recipient
-domain. This is for safety reasons.
-.br
-NOTE: use of permit_mx_backup is not recommended without
-restricting its use with permit_mx_backup_networks.
+Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see permit_auth_destination for definition).
+.IP \(bu
+Safety: permit_mx_backup does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+.IP \(bu
+Safety: permit_mx_backup can be vulnerable to mis-use when
+access is not restricted with permit_mx_backup_networks.
+.IP \(bu
+Safety: as of Postfix version 2.3, permit_mx_backup no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain. Exception: permit_mx_backup accepts the address
+when it specifies an authorized destination (see permit_auth_destination
+for definition).
+.IP \(bu
+Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
.IP "\fBreject_non_fqdn_recipient\fR"
Reject the request when the RCPT TO address is not in
fully-qualified domain form, as required by the RFC.
<dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
-<dd>Permit the request when the local mail system is MX host for
-the RCPT TO address. This includes the case that the local mail
-system is the final destination. However, the SMTP server will not
-forward mail with addresses that have sender-specified routing
-information (example: user@elsewhere@domain). Use the optional
-permit_mx_backup_networks parameter to require that the primary
-MX hosts match a list of network blocks. <br> NOTE: prior to
-Postfix version 2.0, use of permit_mx_backup is not recommended;
-mail may be rejected in case of a temporary DNS lookup problem.
-
-<br> NOTE: as of Postfix version 2.3, permit_mx_backup requires
-that the local MTA is not listed as primary MX for the recipient
-domain. This is for safety reasons.
-
-<br> NOTE: use of permit_mx_backup is not recommended without
-restricting its use with permit_mx_backup_networks. </dd>
+<dd>Permit the request when the local mail system is backup MX for
+the RCPT TO address, or when the address is an authorized destination
+(see permit_auth_destination for definition).
+
+<ul>
+
+<li> Safety: permit_mx_backup does not accept addresses that have
+sender-specified routing information (example: user@elsewhere@domain).
+
+<li> Safety: permit_mx_backup can be vulnerable to mis-use when
+access is not restricted with permit_mx_backup_networks.
+
+<li> Safety: as of Postfix version 2.3, permit_mx_backup no longer
+accepts the address when the local mail system is primary MX for
+the recipient domain. Exception: permit_mx_backup accepts the address
+when it specifies an authorized destination (see permit_auth_destination
+for definition).
+
+<li> Limitation: mail may be rejected in case of a temporary DNS
+lookup problem with Postfix prior to version 2.0.
+
+</ul></dd>
<dt><b><a name="reject_non_fqdn_recipient">reject_non_fqdn_recipient</a></b></dt>
.c.o:; $(CC) $(CFLAGS) -c $*.c
+all: $(PROG) ../../conf/bounce.cf.default
+
$(PROG): $(OBJS) $(LIBS)
$(CC) $(CFLAGS) -o $@ $(OBJS) $(LIBS) $(SYSLIBS)
-# Avoid dependency on installed Postfix.
-../../conf/bounce.cf.default: $(PROG) annotate.pl main.cf
+# Eliminate dependency on installed Postfix.
+../../conf/bounce.cf.default: template_test.ref annotate.pl
rm -f $@
- MAIL_CONFIG=. ./$(PROG) -SVzndump_templates | perl annotate.pl >$@
+ perl annotate.pl <template_test.ref >$@
main.cf:
echo queue_directory=. >main.cf
+ echo myhostname=example.com >>main.cf
$(OBJS): ../../conf/makedefs.out
tidy: clean
# Avoid dependency on installed Postfix.
+# XXX This still requires that default_privs, mail_owner etc. accounts exist.
template_test: $(PROG) main.cf template_test.ref
MAIL_CONFIG=. ./$(PROG) -SVzndump_templates >template_test.tmp
diff template_test.ref template_test.tmp
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20051120"
+#define MAIL_RELEASE_DATE "20051121"
#define MAIL_VERSION_NUMBER "2.3"
#ifdef SNAPSHOT
reject_dict_retry(state, recipient);
/*
- * If the destination is local, it is acceptable, because we are
- * supposedly MX for our own address.
+ * For backwards compatibility, emulate permit_auth_destination. However,
+ * old permit_mx_backup implementations allow source routing with local
+ * address class.
*/
if ((domain = strrchr(CONST_STR(reply->recipient), '@')) == 0)
return (SMTPD_CHECK_OK);
domain += 1;
+#if 0
if (reply->flags & RESOLVE_CLASS_LOCAL)
return (SMTPD_CHECK_OK);
-
- /*
- * Skip source-routed non-local or virtual mail (uncertain destination).
- */
+#endif
if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
return (SMTPD_CHECK_DUNNO);
-
- /*
- * The destination is local, or it is a local virtual destination.
- */
if (reply->flags & RESOLVE_CLASS_FINAL)
return (SMTPD_CHECK_OK);
+ if (reply->flags & RESOLVE_CLASS_RELAY)
+ return (SMTPD_CHECK_OK);
if (msg_verbose)
msg_info("%s: not local: %s", myname, recipient);
*/
mx_list = dns_rr_sort(mx_list, dns_rr_compare_pref);
for (middle = mx_list; /* see below */ ; middle = rest) {
- rest = middle->next;
+ rest = middle->next;
if (rest == 0)
break;
if (rest->pref != mx_list->pref) {
projects / thirdparty / postfix.git / commitdiff
