Bugfix (defect introduced: Postfix 3.10, date 20230310):
segfault after reading a null pointer, while responding to
an unknown or unimplemented command. File: smtpd/smtpd.c.
+
+20240614
+
+ Documentation: made the descriptions of command-line arguments
+ inside {} more consistent. Files: proto/master, pipe/pipe.c.
+
+20240618
+
+ Code health: factored out duplicate code for unknown and
+ unimplemented commands in the SMTP server. File: smtpd/smtpd.c.
+
+20240622
+
+ Documentation: in the rbl_reply_maps description,added text
+ how it handles reject_rbl_* or reject_rhsbl_* queries with
+ an address filter. Also added text to clarify te differences
+ between rbl_reply_maps and postscreen_dnsbl_reply_map.
+ File: proto/postconf.proto.
using FIFOs anymore, and trigger servers could use a proper
(attribute, value) protocol.
+ The postsceen NON-SMTP test should log the command in
+ the same format as the BARE NEWLINE and PREGREET tests.
+ Consider logging the entire unadulterated command line.
+
"postconf -d" should not complain about a missing master.cf
file.
auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>"
to query the LDAP database directly, with appropriate configuration
in <code>saslauthd.conf</code>, <a
-href="http://git.cyrusimap.org/cyrus-sasl/tree/saslauthd/LDAP_SASLAUTHD">as
+href="https://github.com/cyrusimap/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD">as
described here</a>. You will not be able to use any of the
methods that require access to plaintext passwords, such as the
shared-secret methods CRAM-MD5 and DIGEST-MD5. </p>
verbose.
<b>Command-line arguments that start with {</b>
- Specify "{" and "}" around command arguments that start
- with "{" (Postfix 3.0 and later). The outer "{" and "}"
- are removed from the input, together with any leading or
- trailing whitespace.
-
- <b>Other command-line arguments</b>
- Specify "{" and "}" around command arguments that contain
- whitespace (Postfix 3.0 and later). The outer "{" and "}"
- are removed from the input, together with any leading or
- trailing whitespace.
+
+ <b>Command-line arguments that contain whitespace</b>
+
+ <b>Command-line arguments that must be empty</b>
+ Specify "{" and "}" around such arguments (Postfix 3.0
+ and later). The outer "{" and "}" will be removed,
+ together with any leading or trailing whitespace in the
+ remaining text.
<b>SEE ALSO</b>
<a href="master.8.html">master(8)</a>, process manager
interpreter.
Specify "{" and "}" around command arguments that contain white-
- space (Postfix 3.0 and later). Whitespace after the opening "{"
- and before the closing "}" is ignored.
+ space, arguments that begin with "{", or arguments that must be
+ an empty string (Postfix 3.0 and later). The outer "{" and "}"
+ will be removed, together with any leading or trailing white-
+ space in the remaining text.
In the command argument vector, the following macros are recog-
nized and replaced with corresponding information from the Post-
<p> Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations
-are needed when the same RBL reply template is used for client,
+are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions. </p>
<ul>
secret.zen.spamhaus.org zen.spamhaus.org
</pre>
+<p> NOTE: This feature differs from the Postfix SMTP server's
+<a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> feature, where 1) the table search key includes the
+optional "<i>=address</i>" filter, and where 2) the lookup result
+contains free text with <i>$name</i> variables. </p>
+
<p> This feature is available in Postfix 2.8. </p>
(default: empty)</b></DT><DD>
<p>
-Optional lookup tables with RBL response templates. The tables are
-indexed by the RBL domain name. By default, Postfix uses the default
+Optional lookup tables with RBL or RHSBL response templates. The
+table search key is the reject_rbl_* or reject_rhsbl_* argument,
+including any optional "<i>=address-pattern</i>" filter. </p>
+
+<p> By default, Postfix uses the
template as specified with the <a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a> configuration
-parameter. See there for a discussion of the syntax of RBL reply
-templates.
+parameter. See there for a discussion of the response template
+syntax.
+</p>
+
+<p> Example: </p>
+
+<pre>
+/etc/postfix/<a href="postconf.5.html">main.cf</a>:
+ <a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/rbl_reply
+ <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
+ <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>,
+ <a href="postconf.5.html#reject_rbl_client">reject_rbl_client</a> <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11],
+ ...
+<br>
+/etc/postfix/rbl_reply:
+ # See https://www.postfix.org/postconf.5.html#<a href="postconf.5.html#default_rbl_reply">default_rbl_reply</a>
+ # for the definition of the $client_address and $rbl_class etc.
+ # variables.
+ <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11]
+ 554 $rbl_class $rbl_what blocked using ZEN - see <a href="https://www.spamhaus.org/query/ip/$client_address">https://www.spamhaus.org/query/ip/$client_address</a> for details
+ <i>secret</i>.zen.dq.spamhaus.net
+ 554 $rbl_class $rbl_what blocked using ZEN - see <a href="https://www.spamhaus.org/query/ip/$client_address">https://www.spamhaus.org/query/ip/$client_address</a> for details
+</pre>
+
+<p>
+NOTE: This feature differs from <a href="postconf.5.html#postscreen_dnsbl_reply_map">postscreen_dnsbl_reply_map</a> where
+the table search key is a domain name (no "<i>=address</i>" filter,
+no "<i>*weight</i>" factor) and where the lookup result should be
+a domain name (no free text, no <i>$name</i> variables).
</p>
<p>
This feature is available in Postfix 2.0 and later.
+The "=address-pattern" filter is available in Postfix 2.8 and later.
</p>
<a href="postconf.5.html#reject_multi_recipient_bounce">ent_bounce</a> restriction.
<b><a href="postconf.5.html#rbl_reply_maps">rbl_reply_maps</a> (empty)</b>
- Optional lookup tables with RBL response templates.
+ Optional lookup tables with RBL or RHSBL response templates.
Available in Postfix version 2.6 and later:
Increase the verbose logging level. Specify multiple \fB\-v\fR
options to make a Postfix daemon process increasingly verbose.
.IP "\fBCommand\-line arguments that start with {\fR"
-Specify "{" and "}" around command arguments that start
-with "{" (Postfix 3.0 and later). The outer "{" and "}" are
-removed from the input, together with any leading or trailing
-whitespace.
-.IP "\fBOther command\-line arguments\fR"
-Specify "{" and "}" around command arguments that contain
-whitespace (Postfix 3.0 and later). The outer "{" and "}"
-are removed from the input, together with any leading or
-trailing whitespace.
+.IP "\fBCommand\-line arguments that contain whitespace\fR"
+.IP "\fBCommand\-line arguments that must be empty\fR"
+Specify "{" and "}" around such arguments (Postfix 3.0 and
+later). The outer "{" and "}" will be removed, together
+with any leading or trailing whitespace in the remaining
+text.
.SH "SEE ALSO"
.na
.nf
.PP
Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations
-are needed when the same RBL reply template is used for client,
+are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions.
.IP \(bu
When rejecting a sender address, the Postfix SMTP server
.ad
.ft R
.PP
+NOTE: This feature differs from the Postfix SMTP server's
+rbl_reply_maps feature, where 1) the table search key includes the
+optional "\fI=address\fR" filter, and where 2) the lookup result
+contains free text with \fI$name\fR variables.
+.PP
This feature is available in Postfix 2.8.
.SH postscreen_dnsbl_sites (default: empty)
Optional list of patterns with DNS allow/denylist domains, filters
.PP
This feature is available in Postfix 2.0 and later.
.SH rbl_reply_maps (default: empty)
-Optional lookup tables with RBL response templates. The tables are
-indexed by the RBL domain name. By default, Postfix uses the default
+Optional lookup tables with RBL or RHSBL response templates. The
+table search key is the reject_rbl_* or reject_rhsbl_* argument,
+including any optional "\fI=address\-pattern\fR" filter.
+.PP
+By default, Postfix uses the
template as specified with the default_rbl_reply configuration
-parameter. See there for a discussion of the syntax of RBL reply
-templates.
+parameter. See there for a discussion of the response template
+syntax.
+.PP
+Example:
+.PP
+.nf
+.na
+.ft C
+/etc/postfix/main.cf:
+ rbl_reply_maps = hash:/etc/postfix/rbl_reply
+ smtpd_recipient_restrictions =
+ permit_mynetworks,
+ reject_rbl_client \fIsecret\fR.zen.dq.spamhaus.net=127.0.0.[2..11],
+ ...
+.br
+/etc/postfix/rbl_reply:
+ # See https://www.postfix.org/postconf.5.html#default_rbl_reply
+ # for the definition of the $client_address and $rbl_class etc.
+ # variables.
+ \fIsecret\fR.zen.dq.spamhaus.net=127.0.0.[2..11]
+ 554 $rbl_class $rbl_what blocked using ZEN \- see https://www.spamhaus.org/query/ip/$client_address for details
+ \fIsecret\fR.zen.dq.spamhaus.net
+ 554 $rbl_class $rbl_what blocked using ZEN \- see https://www.spamhaus.org/query/ip/$client_address for details
+.fi
+.ad
+.ft R
+.PP
+NOTE: This feature differs from postscreen_dnsbl_reply_map where
+the table search key is a domain name (no "\fI=address\fR" filter,
+no "\fI*weight\fR" factor) and where the lookup result should be
+a domain name (no free text, no \fI$name\fR variables).
.PP
This feature is available in Postfix 2.0 and later.
+The "=address\-pattern" filter is available in Postfix 2.8 and later.
.SH readme_directory (default: see "postconf \-d" output)
The location of Postfix README files that describe how to build,
configure or operate a specific Postfix subsystem or feature.
shell meta characters by a shell command interpreter.
.sp
Specify "{" and "}" around command arguments that contain
-whitespace (Postfix 3.0 and later). Whitespace
-after the opening "{" and before the closing "}" is ignored.
+whitespace, arguments that begin with "{", or arguments
+that must be an empty string (Postfix 3.0 and later). The
+outer "{" and "}" will be removed, together with any leading
+or trailing whitespace in the remaining text.
.sp
In the command argument vector, the following macros are recognized
and replaced with corresponding information from the Postfix queue
client request is blocked by the reject_multi_recipient_bounce
restriction.
.IP "\fBrbl_reply_maps (empty)\fR"
-Optional lookup tables with RBL response templates.
+Optional lookup tables with RBL or RHSBL response templates.
.PP
Available in Postfix version 2.6 and later:
.IP "\fBaccess_map_defer_code (450)\fR"
auxprop plugin. Instead, you can use "<code>saslauthd -a ldap</code>"
to query the LDAP database directly, with appropriate configuration
in <code>saslauthd.conf</code>, <a
-href="http://git.cyrusimap.org/cyrus-sasl/tree/saslauthd/LDAP_SASLAUTHD">as
+href="https://github.com/cyrusimap/cyrus-sasl/blob/master/saslauthd/LDAP_SASLAUTHD">as
described here</a>. You will not be able to use any of the
methods that require access to plaintext passwords, such as the
shared-secret methods CRAM-MD5 and DIGEST-MD5. </p>
# Increase the verbose logging level. Specify multiple \fB-v\fR
# options to make a Postfix daemon process increasingly verbose.
# .IP "\fBCommand-line arguments that start with {\fR"
-# Specify "{" and "}" around command arguments that start
-# with "{" (Postfix 3.0 and later). The outer "{" and "}" are
-# removed from the input, together with any leading or trailing
-# whitespace.
-# .IP "\fBOther command-line arguments\fR"
- Specify "{" and "}" around command arguments that contain
-# whitespace (Postfix 3.0 and later). The outer "{" and "}"
-# are removed from the input, together with any leading or
-# trailing whitespace.
+# .IP "\fBCommand-line arguments that contain whitespace\fR"
+# .IP "\fBCommand-line arguments that must be empty\fR"
+# Specify "{" and "}" around such arguments (Postfix 3.0 and
+# later). The outer "{" and "}" will be removed, together
+# with any leading or trailing whitespace in the remaining
+# text.
# SEE ALSO
# master(8), process manager
# postconf(5), configuration parameters
<p> Note: when an enhanced status code is specified in an RBL reply
template, it is subject to modification. The following transformations
-are needed when the same RBL reply template is used for client,
+are needed when the same RBL response template is used for client,
helo, sender, or recipient access restrictions. </p>
<ul>
%PARAM rbl_reply_maps
<p>
-Optional lookup tables with RBL response templates. The tables are
-indexed by the RBL domain name. By default, Postfix uses the default
+Optional lookup tables with RBL or RHSBL response templates. The
+table search key is the reject_rbl_* or reject_rhsbl_* argument,
+including any optional "<i>=address-pattern</i>" filter. </p>
+
+<p> By default, Postfix uses the
template as specified with the default_rbl_reply configuration
-parameter. See there for a discussion of the syntax of RBL reply
-templates.
+parameter. See there for a discussion of the response template
+syntax.
+</p>
+
+<p> Example: </p>
+
+<pre>
+/etc/postfix/main.cf:
+ rbl_reply_maps = hash:/etc/postfix/rbl_reply
+ smtpd_recipient_restrictions =
+ permit_mynetworks,
+ reject_rbl_client <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11],
+ ...
+<br>
+/etc/postfix/rbl_reply:
+ # See https://www.postfix.org/postconf.5.html#default_rbl_reply
+ # for the definition of the $client_address and $rbl_class etc.
+ # variables.
+ <i>secret</i>.zen.dq.spamhaus.net=127.0.0.[2..11]
+ 554 $rbl_class $rbl_what blocked using ZEN - see https://www.spamhaus.org/query/ip/$client_address for details
+ <i>secret</i>.zen.dq.spamhaus.net
+ 554 $rbl_class $rbl_what blocked using ZEN - see https://www.spamhaus.org/query/ip/$client_address for details
+</pre>
+
+<p>
+NOTE: This feature differs from postscreen_dnsbl_reply_map where
+the table search key is a domain name (no "<i>=address</i>" filter,
+no "<i>*weight</i>" factor) and where the lookup result should be
+a domain name (no free text, no <i>$name</i> variables).
</p>
<p>
This feature is available in Postfix 2.0 and later.
+The "=address-pattern" filter is available in Postfix 2.8 and later.
</p>
%PARAM receive_override_options
secret.zen.spamhaus.org zen.spamhaus.org
</pre>
+<p> NOTE: This feature differs from the Postfix SMTP server's
+rbl_reply_maps feature, where 1) the table search key includes the
+optional "<i>=address</i>" filter, and where 2) the lookup result
+contains free text with <i>$name</i> variables. </p>
+
<p> This feature is available in Postfix 2.8. </p>
%PARAM postscreen_dnsbl_timeout 10s
Maadani
GTEST
javascript
+SMFI
+RHSBL
a domain File postalias postalias c
File spawn spawn c
an unknown or unimplemented command File smtpd smtpd c
+ inside more consistent Files proto master pipe pipe c
+ unimplemented commands in the SMTP server File smtpd smtpd c
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20240612"
+#define MAIL_RELEASE_DATE "20240622"
#define MAIL_VERSION_NUMBER "3.10"
#ifdef SNAPSHOT
/* shell meta characters by a shell command interpreter.
/* .sp
/* Specify "{" and "}" around command arguments that contain
-/* whitespace (Postfix 3.0 and later). Whitespace
-/* after the opening "{" and before the closing "}" is ignored.
+/* whitespace, arguments that begin with "{", or arguments
+/* that must be an empty string (Postfix 3.0 and later). The
+/* outer "{" and "}" will be removed, together with any leading
+/* or trailing whitespace in the remaining text.
/* .sp
/* In the command argument vector, the following macros are recognized
/* and replaced with corresponding information from the Postfix queue
/* client request is blocked by the reject_multi_recipient_bounce
/* restriction.
/* .IP "\fBrbl_reply_maps (empty)\fR"
-/* Optional lookup tables with RBL response templates.
+/* Optional lookup tables with RBL or RHSBL response templates.
/* .PP
/* Available in Postfix version 2.6 and later:
/* .IP "\fBaccess_map_defer_code (450)\fR"
#endif
+/* milter_unknown_reply_override - common code for unknown/unimplemented case */
+
+static int milter_unknown_reply_override(SMTPD_STATE *state)
+{
+ const char *err;
+
+ /*
+ * XXX The Postfix libmilter implementation does not indicate whether it
+ * returns:
+ *
+ * 1) A generic "command rejected" etc. reply text that is generated by the
+ * Postfix milter library, when the Sendmail milter library replies with
+ * SMFI_REJECT or SMFI_TEMPFAIL.
+ *
+ * 2) A custom reply text that is generated by a milter application, when
+ * the Sendmail milter library replies with SMFI_REPLY.
+ *
+ * As a compromise, we will not override the Postfix SMTP server's specific
+ * "5XX Unknown command" etc. reply.
+ */
+ if (state->milters != 0
+ && (err = milter_unknown_event(state->milters,
+ STR(state->buffer))) != 0) {
+ if (err[0] == '4') {
+ smtpd_chat_reply(state, "%s", err);
+ return (1);
+ } else if (err[0] != '5') {
+ msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
+ }
+ }
+ return (0);
+}
+
/* unimpl_cmd - dummy for functionality that is not compiled in */
static int unimpl_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *unused_argv)
{
- const char *err = 0;
/*
* When a connection is closed we want to log the request counts for
* it must either tempfail or reject.
*/
state->error_mask |= MAIL_ERROR_PROTOCOL;
- if (state->milters != 0
- && (err = milter_unknown_event(state->milters,
- STR(state->buffer))) != 0
- && err[0] == '4') {
- smtpd_chat_reply(state, "%s", err);
- } else {
- if (err && err[0] != '5')
- msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
+ if (milter_unknown_reply_override(state) == 0)
smtpd_chat_reply(state, "502 5.5.1 Error: command not implemented");
- }
return (-1);
}
#define SMTPD_CMD_FLAG_PRE_TLS (1<<1) /* allow before STARTTLS */
#define SMTPD_CMD_FLAG_LAST (1<<2) /* last in PIPELINING command group */
-static int help_cmd(SMTPD_STATE *, int, SMTPD_TOKEN *);
+static int help_cmd(SMTPD_STATE *, int, SMTPD_TOKEN *);
static SMTPD_CMD smtpd_cmd_table[] = {
{SMTPD_CMD_HELO, helo_cmd, SMTPD_CMD_FLAG_LIMIT | SMTPD_CMD_FLAG_PRE_TLS | SMTPD_CMD_FLAG_LAST,},
}
/* state->access_denied == 0 || cmdp->action == quit_cmd */
if (cmdp->name == 0) {
- /* See unimpl_cmd() for valid xxfi_unknown() return values. */
- err = 0;
- if (state->milters != 0
- && (err = milter_unknown_event(state->milters,
- STR(state->buffer))) != 0
- && err[0] == '4') {
- smtpd_chat_reply(state, "%s", err);
- } else {
- if (err && err[0] != '5')
- msg_warn("unexpected SMFIC_UNKNOWN response: %s", err);
+ if (milter_unknown_reply_override(state) == 0)
smtpd_chat_reply(state,
"500 5.5.2 Error: command not recognized");
- }
state->error_mask |= MAIL_ERROR_PROTOCOL;
state->error_count++;
continue;
projects / thirdparty / postfix.git / commitdiff
