-Enabling the Postfix fast ETRN service
-======================================
+The Postfix fast ETRN service
+=============================
-Postfix "fast ETRN" speeds up deliveries by looking only at mail
-that is queued for a given destination site. Postfix ordinary ETRN
-attempts to deliver all queued mail. Postfix fast ETRN service is
-available only for destinations that the local MTA is willing to
-relay mail to.
+The SMTP ETRN command was designed for sites that have intermittent
+Internet connectivity. With ETRN, a site can tell the mail server
+of its network provider "Please deliver all my mail now".
-But first you need to configure Postfix to provide fast ETRN service.
+Postfix versions before 20001001 implemented the ETRN command in
+a lame manner: they would attempt to deliver all queued mail. This
+is slow on mail servers that queue mail for many customers.
-- Execute "postfix stop"
+The Postfix "fast ETRN" service speeds up deliveries by looking
+only at mail that is queued for a given destination site. Postfix
+"slow ETRN" is still used as a fall-back method.
-- Execute "make install" if you are running an older Postfix version
- that does not have "fast flush" logfile support,
+The "fast ETRN" service uses the new "fast flush" service which
+maintains per-destination logfiles of queued mail. The "fast flush"
+service is enabled by default:
-- Add a "flush" service entry to /etc/postfix/master.cf if you were
- running an older Postfix version:
+ fast_flush_domains = $relay_domains
- flush unix - - n - 0 flush
+By default, Postfix "fast ETRN" service is available only for
+destinations that the local MTA is willing to relay mail to.
- That is, the same line as bounce, except that bounce is replaced
- by flush, twice.
+To disable the "fast ETRN" service, specify an empty string:
-- Execute "postconf hash_queue_names" and verify that the output
- includes at the very least the "active", "bounce", "defer", and
- "flush" queue names. If any queue name is missing, edit the
- main.cf file and either delete the explicit hash_queue_names
- entry, or add the missing queue names.
+ fast_flush_domains =
-- Execute "postconf hash_queue_names" again, just to be sure.
+The syntax of the fast_flush_domains parameter is exactly the
+same as for the relay_domains parameter: a list of domain names,
+files with domain names, or maptype:mapname lookup tables where
+the right-hand side is ignored.
-- Edit the main.cf file and specify
+For destinations that cannot have "fast ETRN" service, Postfix
+falls back to the old "slow ETRN" service that attempts to deliver
+all queued mail.
- enable_fast_flush = yes
+By default, every site can issue ETRN commands to your SMTP
+server:
-- Execute "postconf enable_fast_flush", to verify that the fast
- flush feature is indeed enabled.
+ smtpd_etrn_restrictions =
-- Execute "postfix start"
+To test the "fast ETRN" service, telnet to the Postfix SMTP server
+from a client that is allowed to execute ETRN commands, and type:
-- From a client that is allowed to execute ETRN commands, connect
- to the Postfix SMTP server and type:
+ helo my.client.name
+ etrn some.customer.domain
- helo my.client.name
- etrn some.customer.domain
+where "some.customer.domain" is the name of a domain that your mail
+server is willing to relay mail to.
- where "some.customer.domain" is the name of a domain that your
- mail server is willing to relay mail to.
+In the maillog file, you should see something logged like:
- In the maillog file, you should see something logged like:
+ created fast ETRN cache for some.customer.domain
- created fast ETRN cache for some.customer.domain
+It will then do a "slow ETRN" once. The next time the same ETRN
+command is given, Postfix will do "fast ETRN".
- If Postfix logs that it cannot create a fast ETRN cache then
- execute the command "postfix check". You probably skipped some
- of the above instructions so that the necessary directories were
- not created.
+If Postfix logs that it cannot create a fast ETRN cache for
+"some.customer.domain", then execute the command "postfix check".
+You probably skipped some installation instructions so that the
+necessary directories were not created.
- If Postfix logs that it refuses fast ETRN service, then either
- "some.customer.domain" does not exist, or it is not listed as a
- valid relay destination. Check your relay_domains setting.
+If Postfix logs that it uses slow ETRN service for "some.customer.domain",
+instead of creating a fast ETRN cache, then either "some.customer.domain"
+was not found in the DNS, or it was not listed as a valid fast ETRN
+destination. Check your fast_flush_domains or relay_domains settings.
Incompatible changes with snapshot-20000928
===========================================
-You must execute "postfix stop" before installing this release,
-and "postfix start" after updating the software. Some default
-parameter settings have changed, as detailed below.
-
If this release does not work for you, you can go back to a previous
Postfix version without losing your mail, subject to the "incompatible
changes" listed for previous Postfix releases below.
-In order to improve performance of one-to-one deliveries, Postfix
-by default now looks at up to 10000 messages at a time (was: 1000).
-This change affects the following main.cf configuration parameters:
+You must execute "postfix stop" before installing this release.
+Some recommended parameter settings have changed, and a new entry
+must be added to the master.cf file before you can start Postfix
+again.
+
+After installing the new Postfix release:
+
+- Check the output from "postconf qmgr_message_active_limit". The
+ recommended value has changed to 10000.
+
+ If your setting is lower, either you need to remove the explicit
+ setting from the main.cf file (so that Postfix uses the recommended
+ default setting), or you need to update it.
+
+- Check the output from "postconf hash_queue_names". The recommended
+ setting now includes the names of the "active", "bounce", "defer",
+ and "flush" directories.
- qmgr_message_active_limit: default setting increased to 10000
- hash_queue_names: default setting now includes the active queue
+ If your setting does not contain at least these directory names,
+ either you need to remove the explicit setting from the main.cf
+ file (so that Postfix uses the recommended default setting), or
+ you need to update it.
-With this change, the active queue must no longer be a flat directory.
+- Add a new entry to the master.cf file for the new flush service:
-If your main.cf file has an explicit hash_queue_names setting, and
-the active queue is not listed there, Postfix will perform very
-poorly when delivering lots of mail.
+ flush unix - - n 18000? 0 flush
+
+ This entry is not needed if you won't use the fast flush service
+ (this service is used by default; to disable, you need to specify
+ in the main.cf file an empty fast_flush_domains parameter:
+
+ fast_flush_domains =
+
+ The 18000? requests that the "fast flush" service does some
+ cleaning up every 5 hours, but only if the fast flush service is
+ being used by some other Postfix service, and the 0 means that
+ Postfix should run as many flush servers as are needed, in order
+ to avoid deadlock conditions.
+
+Now you can start Postfix again.
Major changes with snapshot-20000929
====================================
-Until now, Postfix does a rather lame effort at implementing the
-SMTP ETRN command - it attempts to deliver all mail in the queue,
+In order to improve performance of one-to-one deliveries, Postfix
+by default now looks at up to 10000 messages at a time (was: 1000).
+
+Until now, Postfix did a rather lame effort at implementing the
+SMTP ETRN command - it attempted to deliver all mail in the queue,
regardless of its destination. This is slow if your mail server
queues mail for lots of different sites.
This release introduces "fast ETRN", which delivers only mail that
-is known to be queued for a site. The per-destination queue info
-is kept in so-called "fast flush" logfiles. A "fast flush" logfile
-is "flushed" after Postfix receives an appropriate ETRN command,
-or after someone executes the command "sendmail -qRsite" for an
-appropriate site.
+is known to be queued for the specified site. Postfix now maintains
+so-called "fast flush" logfiles with information about what mail
+is queued for specific sites. A "fast flush" logfile is "flushed"
+after Postfix receives an appropriate ETRN command, or after someone
+executes the command "sendmail -qRsite" for an appropriate site.
A missing "fast flush" logfile is created automatically when an
SMTP client issues the ETRN command - but only for destinations
that the local MTA is willing to relay mail to. This policy is
-currently hard coded. Other destinations remain stuck with the
-old "slow" ETRN service that attempts to deliver all mail in the
-queue.
+controlled with the "fast_etrn_domains" configuration parameter
+(default: $relay_domains). Other destinations remain stuck with
+the old "slow ETRN" service that attempts to deliver all mail in
+the queue.
-See the file ETRN_README for how to turn on the "fast ETRN" service.
+See the file ETRN_README for details.
Incompatible changes with snapshot-20000924
===========================================
# chroot environment for your type of machine.
#
# Wakeup time: automatically wake up the named service after the
-# specified number of seconds. Specify 0 for no wakeup. Presently,
-# only the local pickup and queue manager daemons need a wakeup timer.
+# specified number of seconds. A ? at the end of the wakeup time
+# field requests that wake up events be sent only to services that
+# are actually being used. Specify 0 for no wakeup. Presently, only
+# the pickup, queue manager and flush daemons need a wakeup timer.
#
# Max procs: the maximum number of processes that may execute this
# service simultaneously. Default is to use a globally configurable
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
-flush unix - - n - 0 flush
+flush unix - - n 18000? 0 flush
smtp unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
site. After the logfile is processed, the file is
truncated to length zero.
+ <b>TRIGGER</b><i>_</i><b>REQ</b><i>_</i><b>WAKEUP</b> (wakeup signal from master)
+
+ <b>FLUSH</b><i>_</i><b>REQ</b><i>_</i><b>PURGE</b>
+ Pretend that <b>FLUSH</b><i>_</i><b>REQ</b><i>_</i><b>SEND</b> was received for all
+ sites with a non-empty "fast flush" logfile, and
+ delete empty "fast flush" logfiles that have not
+ been updated in several days. This operation com-
+ pletes in the background because it can take a
+ noticeable amount of time.
+
+ Fast flush logfiles are truncated only after a
+ <b>FLUSH</b><i>_</i><b>REQ</b><i>_</i><b>SEND</b> request, not when mail is actually
+ delivered, and therefore can accumulate redundant
+ or even outdated information. In order to maintain
+ sanity, <b>FLUSH</b><i>_</i><b>REQ</b><i>_</i><b>PURGE</b> must be requested occasion-
+ ally.
+
The response to the client is one of:
<b>FLUSH</b><i>_</i><b>STAT</b><i>_</i><b>OK</b>
The flush server rejected the request (bad request
name, bad request parameter value).
- <b>FLUSH</b><i>_</i><b>STAT</b><i>_</i><b>UNKNOWN</b>
- The specified site has no fast flush log.
- Fast flush logfiles are truncated only after a flush
- request. In order to prevent fast flush logs from growing
- too large, and to prevent them from accumulating too much
- outdated information, the flush service generates a pro-
- active flush request once every every 1000 append
- requests. This should not impact operation.
-
-<b>SECURITY</b>
- The fast flush server is not security-sensitive. It does
- not talk to the network, and it does not talk to local
- users. The fast flush server can run chrooted at fixed
- low privilege.
-
-<b>DIAGNOSTICS</b>
- Problems and transactions are logged to <b>syslogd</b>(8).
FLUSH(8) FLUSH(8)
+ <b>FLUSH</b><i>_</i><b>STAT</b><i>_</i><b>UNKNOWN</b>
+ The specified site has no fast flush log.
+
+<b>SECURITY</b>
+ The fast flush server is not security-sensitive. It does
+ not talk to the network, and it does not talk to local
+ users. The fast flush server can run chrooted at fixed
+ low privilege.
+
+<b>DIAGNOSTICS</b>
+ Problems and transactions are logged to <b>syslogd</b>(8).
+
<b>BUGS</b>
- In reality, this server schedules delivery of messages,
+ In reality, this server schedules delivery of messages,
regardless of their destination. This limitation is due to
the fact that one queue runner has to handle mail for mul-
tiple destinations.
-<b>CONFIGURATION</b> <b>PARAMETERS</b>
- The following <b>main.cf</b> parameters are especially relevant
- to this program. See the Postfix <b>main.cf</b> file for syntax
- details and for default values. Use the <b>postfix</b> <b>reload</b>
- command after a configuration change.
-
- <b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
- Maximal length of strings in a fast flush client
- request.
-
<b>SEE</b> <b>ALSO</b>
<a href="smtpd.8.html">smtpd(8)</a> Postfix SMTP server
<a href="qmgr.8.html">qmgr(8)</a> Postfix queue manager
syslogd(8) system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
-
-
address where delivery problems are sent to, unless
the message contains an <b>Errors-To:</b> message header.
- <b>-q</b> Flush the mail queue. This is implemented by kick-
- ing the <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon.
+ <b>-q</b> Attempt to deliver all queued mail. This is imple-
+
mented by kicking the <a href="qmgr.8.html"><b>qmgr</b>(8)</a> daemon.
<b>-q</b><i>interval</i> (ignored)
The interval between queue runs. Use the
Schedule immediate delivery of all mail that is
queued for the named <i>site</i>. Depending on the desti-
nation, this uses "fast flush" service, or it has
- the same effect as <b>sendmail</b> <b>-q</b>. This functionality
- is implemented by connecting to the local SMTP
+ the same effect as <b>sendmail</b> <b>-q</b>. This is imple-
+ mented by connecting to the local SMTP server. See
SENDMAIL(1) SENDMAIL(1)
- server. See <a href="smtpd.8.html">smtpd(8)</a> for more information about the
- "fast flush" service.
+ <a href="smtpd.8.html"><b>smtpd</b>(8)</a> for more information about the "fast
+ flush" service.
<b>-qS</b><i>site</i>
This command is not implemented. Use the slower
ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
+ <b>fast</b><i>_</i><b>flush</b><i>_</i><b>domains</b>
+ List of domains that will receive "fast flush" ser-
+ vice (default: all domains that this system is
+ willing to relay mail to). This greatly improves
+ the performance of the SMTP <b>ETRN</b> request, and of
+ the <b>sendmail</b> <b>-qR</b> command. For domains not in the
+ list, Postfix simply attempts to deliver all queued
+ mail.
+
<b>fork</b><i>_</i><b>attempts</b>
Number of attempts to <b>fork</b>() a process before giv-
ing up.
<b>queue</b><i>_</i><b>directory</b>
Top-level directory of the Postfix queue. This is
also the root directory of Postfix daemons that run
- chrooted.
-
- <b>queue</b><i>_</i><b>run</b><i>_</i><b>delay</b>
- The time between successive scans of the deferred
- queue.
-
-<b>SEE</b> <b>ALSO</b>
- <a href="pickup.8.html">pickup(8)</a> mail pickup daemon
- <a href="postalias.1.html">postalias(1)</a> maintain alias database
SENDMAIL(1) SENDMAIL(1)
+ chrooted.
+
+ <b>queue</b><i>_</i><b>run</b><i>_</i><b>delay</b>
+ The time between successive scans of the deferred
+ queue.
+
+<b>SEE</b> <b>ALSO</b>
+ <a href="pickup.8.html">pickup(8)</a> mail pickup daemon
+ <a href="postalias.1.html">postalias(1)</a> maintain alias database
<a href="postdrop.1.html">postdrop(1)</a> privileged posting agent
<a href="postfix.1.html">postfix(1)</a> mail system control
<a href="postkick.1.html">postkick(1)</a> kick a Postfix daemon
-
-
-
-
-
-
-
-
-
ging level by the amount specified in the
<b>debug</b><i>_</i><b>peer</b><i>_</i><b>level</b> parameter.
- <b>enable</b><i>_</i><b>fast</b><i>_</i><b>flush</b>
- Enable the "fast flush" cache for improved ETRN
- performance. By default, Postfix attempts to
- deliver all messages in the queue after receiving
- an ETRN command. The "fast flush" cache keeps a
- record of what mail is queued up for specific des-
- tinations. Currently, "fast flush" support is
- available only for destinations that the local MTA
- is willing to relay mail to (i.e. the policy is
- hard coded).
-
<b>error</b><i>_</i><b>notice</b><i>_</i><b>recipient</b>
Recipient of protocol/policy/resource/software
error notices.
Limit the time to send a server response and to
receive a client request.
+<b>Resource</b> <b>controls</b>
+ <b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
+ Limit the amount of memory in bytes used for the
+ handling of partial input lines.
+ <b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
+ Limit the total size in bytes of a message, includ-
+ ing on-disk storage for envelope information.
- 3
+ 3
-SMTPD(8) SMTPD(8)
-<b>Resource</b> <b>controls</b>
- <b>line</b><i>_</i><b>length</b><i>_</i><b>limit</b>
- Limit the amount of memory in bytes used for the
- handling of partial input lines.
- <b>message</b><i>_</i><b>size</b><i>_</i><b>limit</b>
- Limit the total size in bytes of a message, includ-
- ing on-disk storage for envelope information.
+
+SMTPD(8) SMTPD(8)
+
<b>queue</b><i>_</i><b>minfree</b>
Minimal amount of free space in bytes in the queue
SMTP session before it is penalized with tarpit
delays.
+<b>ETRN</b> <b>controls</b>
+ <b>smtpd</b><i>_</i><b>etrn</b><i>_</i><b>restrictions</b>
+ Restrict what domain names can be used in <b>ETRN</b> com-
+ mands, and what clients may issue <b>ETRN</b> commands.
+
+ <b>fast</b><i>_</i><b>flush</b><i>_</i><b>domains</b>
+ The destinations that this system is willing to
+ provide "fast ETRN" service for. By default, "fast
+ ETRN" service is available only for destinations
+ that the local system is willing to relay mail to.
+ For other destinations, Postfix simply attempts to
+ deliver all mail in the queue.
+
<b>UCE</b> <b>control</b> <b>restrictions</b>
<b>smtpd</b><i>_</i><b>client</b><i>_</i><b>restrictions</b>
Restrict what clients may connect to this mail sys-
Restrict what sender addresses are allowed in <b>MAIL</b>
<b>FROM</b> commands.
- <b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>restrictions</b>
- Restrict what recipient addresses are allowed in
- <b>RCPT</b> <b>TO</b> commands.
-
4
SMTPD(8) SMTPD(8)
- <b>smtpd</b><i>_</i><b>etrn</b><i>_</i><b>restrictions</b>
- Restrict what domain names can be used in <b>ETRN</b> com-
- mands, and what clients may issue <b>ETRN</b> commands.
+ <b>smtpd</b><i>_</i><b>recipient</b><i>_</i><b>restrictions</b>
+ Restrict what recipient addresses are allowed in
+ <b>RCPT</b> <b>TO</b> commands.
<b>allow</b><i>_</i><b>untrusted</b><i>_</i><b>routing</b>
- Allow untrusted clients to specify addresses with
- sender-specified routing. Enabling this opens up
- nasty relay loopholes involving trusted backup MX
+ Allow untrusted clients to specify addresses with
+ sender-specified routing. Enabling this opens up
+ nasty relay loopholes involving trusted backup MX
hosts.
<b>restriction</b><i>_</i><b>classes</b>
- Declares the name of zero or more parameters that
- contain a list of UCE restrictions. The names of
- these parameters can then be used instead of the
+ Declares the name of zero or more parameters that
+ contain a list of UCE restrictions. The names of
+ these parameters can then be used instead of the
restriction lists that they represent.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b>
- List of DNS domains that publish the addresses of
+ List of DNS domains that publish the addresses of
blacklisted hosts.
<b>relay</b><i>_</i><b>domains</b>
- Restrict what domains or networks this mail system
+ Restrict what domains or networks this mail system
will relay mail from or to.
<b>UCE</b> <b>control</b> <b>responses</b>
<b>access</b><i>_</i><b>map</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client violates an access
+ Server response when a client violates an access
database restriction.
<b>invalid</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client violates the
+ Server response when a client violates the
<b>reject</b><i>_</i><b>invalid</b><i>_</i><b>hostname</b> restriction.
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client violates the
+ Server response when a client violates the
<b>maps</b><i>_</i><b>rbl</b><i>_</i><b>domains</b> restriction.
<b>reject</b><i>_</i><b>code</b>
- Response code when the client matches a <b>reject</b>
+ Response code when the client matches a <b>reject</b>
restriction.
<b>relay</b><i>_</i><b>domains</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client attempts to violate
+ Server response when a client attempts to violate
the mail relay policy.
<b>unknown</b><i>_</i><b>address</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client violates the
+ Server response when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>address</b> restriction.
<b>unknown</b><i>_</i><b>client</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client without address to
- name mapping violates the <b>reject</b><i>_</i><b>unknown</b><i>_</i><b>clients</b>
+ Server response when a client without address to
+ name mapping violates the <b>reject</b><i>_</i><b>unknown</b><i>_</i><b>clients</b>
restriction.
<b>unknown</b><i>_</i><b>hostname</b><i>_</i><b>reject</b><i>_</i><b>code</b>
- Server response when a client violates the
+ Server response when a client violates the
<b>reject</b><i>_</i><b>unknown</b><i>_</i><b>hostname</b> restriction.
<b>SEE</b> <b>ALSO</b>
syslogd(8) system logging
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
delivery problems are sent to, unless the message contains an
\fBErrors-To:\fR message header.
.IP \fB-q\fR
-Flush the mail queue. This is implemented by kicking the
+Attempt to deliver all queued mail. This is implemented by kicking the
\fBqmgr\fR(8) daemon.
.IP "\fB-q\fIinterval\fR (ignored)"
The interval between queue runs. Use the \fBqueue_run_delay\fR
Schedule immediate delivery of all mail that is queued for the named
\fIsite\fR. Depending on the destination, this uses "fast flush"
service, or it has the same effect as \fBsendmail -q\fR.
-This functionality is implemented by connecting to the local SMTP
-server. See smtpd(8) for more information about the "fast flush"
+This is implemented by connecting to the local SMTP server.
+See \fBsmtpd\fR(8) for more information about the "fast flush"
service.
.IP \fB-qS\fIsite\fR
This command is not implemented. Use the slower \fBsendmail -q\fR
List of domain or network patterns. When a remote host matches
a pattern, increase the verbose logging level by the amount
specified in the \fBdebug_peer_level\fR parameter.
+.IP \fBfast_flush_domains\fR
+List of domains that will receive "fast flush" service (default: all
+domains that this system is willing to relay mail to). This greatly
+improves the performance of the SMTP \fBETRN\fR request, and of the
+\fBsendmail -qR\fR command. For domains not in the list, Postfix simply
+attempts to deliver all queued mail.
.IP \fBfork_attempts\fR
Number of attempts to \fBfork\fR() a process before giving up.
.IP \fBfork_delay\fR
Arrange for the delivery of all messages that are listed in the fast
flush logfile for the specified site. After the logfile is processed,
the file is truncated to length zero.
+.IP "\fBTRIGGER_REQ_WAKEUP\fR (wakeup signal from master)"
+.IP "\fBFLUSH_REQ_PURGE\fR"
+Pretend that \fBFLUSH_REQ_SEND\fR was received for all sites with
+a non-empty "fast flush" logfile, and delete empty "fast flush"
+logfiles that have not been updated in several days. This operation
+completes in the background because it can take a noticeable
+amount of time.
+.sp
+Fast flush logfiles are truncated only after a \fBFLUSH_REQ_SEND\fR
+request, not when mail is actually delivered, and therefore can
+accumulate redundant or even outdated information. In order to
+maintain sanity, \fBFLUSH_REQ_PURGE\fR must be requested occasionally.
.PP
The response to the client is one of:
.IP \fBFLUSH_STAT_OK\fR
request parameter value).
.IP \fBFLUSH_STAT_UNKNOWN\fR
The specified site has no fast flush log.
-.PP
-Fast flush logfiles are truncated only after a flush request. In
-order to prevent fast flush logs from growing too large, and to
-prevent them from accumulating too much outdated information, the
-flush service generates a pro-active flush request once every
-every 1000 append requests. This should not impact operation.
.SH SECURITY
.na
.nf
In reality, this server schedules delivery of messages, regardless
of their destination. This limitation is due to the fact that
one queue runner has to handle mail for multiple destinations.
-.SH CONFIGURATION PARAMETERS
-.na
-.nf
-.ad
-.fi
-The following \fBmain.cf\fR parameters are especially relevant to
-this program. See the Postfix \fBmain.cf\fR file for syntax details
-and for default values. Use the \fBpostfix reload\fR command after
-a configuration change.
-.IP \fBline_length_limit\fR
-Maximal length of strings in a fast flush client request.
.SH SEE ALSO
.na
.nf
List of domain or network patterns. When a remote host matches
a pattern, increase the verbose logging level by the amount
specified in the \fBdebug_peer_level\fR parameter.
-.IP \fBenable_fast_flush\fR
-Enable the "fast flush" cache for improved ETRN performance.
-By default, Postfix attempts to deliver all messages in the queue
-after receiving an ETRN command.
-The "fast flush" cache keeps a record of what mail is queued up for
-specific destinations.
-Currently, "fast flush" support is available only for destinations
-that the local MTA is willing to relay mail to (i.e. the policy
-is hard coded).
.IP \fBerror_notice_recipient\fR
Recipient of protocol/policy/resource/software error notices.
.IP \fBhopcount_limit\fR
Limit the number of times a client can issue a junk command
such as NOOP, VRFY, ETRN or RSET in one SMTP session before
it is penalized with tarpit delays.
+.SH "ETRN controls"
+.ad
+.fi
+.IP \fBsmtpd_etrn_restrictions\fR
+Restrict what domain names can be used in \fBETRN\fR commands,
+and what clients may issue \fBETRN\fR commands.
+.IP \fBfast_flush_domains\fR
+The destinations that this system is willing to provide "fast ETRN"
+service for. By default, "fast ETRN" service is available only
+for destinations that the local system is willing to relay mail to.
+For other destinations, Postfix simply attempts to deliver all mail
+in the queue.
.SH "UCE control restrictions"
.ad
.fi
Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands.
.IP \fBsmtpd_recipient_restrictions\fR
Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands.
-.IP \fBsmtpd_etrn_restrictions\fR
-Restrict what domain names can be used in \fBETRN\fR commands,
-and what clients may issue \fBETRN\fR commands.
.IP \fBallow_untrusted_routing\fR
Allow untrusted clients to specify addresses with sender-specified
routing. Enabling this opens up nasty relay loopholes involving
/* Arrange for the delivery of all messages that are listed in the fast
/* flush logfile for the specified site. After the logfile is processed,
/* the file is truncated to length zero.
+/* .IP "\fBTRIGGER_REQ_WAKEUP\fR (wakeup signal from master)"
+/* .IP "\fBFLUSH_REQ_PURGE\fR"
+/* Pretend that \fBFLUSH_REQ_SEND\fR was received for all sites with
+/* a non-empty "fast flush" logfile, and delete empty "fast flush"
+/* logfiles that have not been updated in several days. This operation
+/* completes in the background because it can take a noticeable
+/* amount of time.
+/* .sp
+/* Fast flush logfiles are truncated only after a \fBFLUSH_REQ_SEND\fR
+/* request, not when mail is actually delivered, and therefore can
+/* accumulate redundant or even outdated information. In order to
+/* maintain sanity, \fBFLUSH_REQ_PURGE\fR must be requested occasionally.
/* .PP
/* The response to the client is one of:
/* .IP \fBFLUSH_STAT_OK\fR
/* request parameter value).
/* .IP \fBFLUSH_STAT_UNKNOWN\fR
/* The specified site has no fast flush log.
-/* .PP
-/* Fast flush logfiles are truncated only after a flush request. In
-/* order to prevent fast flush logs from growing too large, and to
-/* prevent them from accumulating too much outdated information, the
-/* flush service generates a pro-active flush request once every
-/* every 1000 append requests. This should not impact operation.
/* SECURITY
/* .ad
/* .fi
/* In reality, this server schedules delivery of messages, regardless
/* of their destination. This limitation is due to the fact that
/* one queue runner has to handle mail for multiple destinations.
-/* CONFIGURATION PARAMETERS
-/* .ad
-/* .fi
-/* The following \fBmain.cf\fR parameters are especially relevant to
-/* this program. See the Postfix \fBmain.cf\fR file for syntax details
-/* and for default values. Use the \fBpostfix reload\fR command after
-/* a configuration change.
-/* .IP \fBline_length_limit\fR
-/* Maximal length of strings in a fast flush client request.
/* SEE ALSO
/* smtpd(8) Postfix SMTP server
/* qmgr(8) Postfix queue manager
/* System library. */
#include <sys_defs.h>
+#include <sys/stat.h>
#include <unistd.h>
#include <stdlib.h>
#include <utime.h>
#include <valid_hostname.h>
#include <htable.h>
#include <dict.h>
+#include <scan_dir.h>
/* Global library. */
#include <mail_proto.h>
#include <mail_flush.h>
#include <mail_conf.h>
+#include <mail_scan_dir.h>
#include <maps.h>
/* Single server skeleton. */
#define STR(x) vstring_str(x)
#define FLUSH_DUP_FILTER_SIZE 10000 /* graceful degradation */
-#define FLUSH_COMMAND_TIMEOUT 60 /* don't get stuck */
-#define FLUSH_CHECK_RATE 1000 /* don't accumulate cruft */
+#define FLUSH_MAX_UNUSED (7 * 24 * 60 * 60)
/* flush_append - append queue ID to per-site fast flush log */
QMGR_REQ_FLUSH_DEAD, /* flush dead site/transport cache */
};
HTABLE *dup_filter;
+ int count;
if (msg_verbose)
msg_info("%s: site %s", myname, site);
queue_file = vstring_alloc(10);
dup_filter = htable_create(10);
tbuf.actime = tbuf.modtime = event_time();
- while (vstring_get_nonl(queue_id, log) != VSTREAM_EOF) {
+ for (count = 0; vstring_get_nonl(queue_id, log) != VSTREAM_EOF; count++) {
if (!mail_queue_id_ok(STR(queue_id))) {
- msg_warn("bad queue id %.30s... in fast flush log for site %s",
+ msg_warn("bad queue id \"%.30s...\" in fast flush log for site %s",
STR(queue_id), site);
continue;
}
|| htable_find(dup_filter, STR(queue_id)) == 0) {
if (msg_verbose)
msg_info("%s: site %s: update %s time stamps",
- myname, site, STR(queue_file));
+ myname, site, STR(queue_id));
if (dup_filter->used <= FLUSH_DUP_FILTER_SIZE)
htable_enter(dup_filter, STR(queue_id), 0);
/*
* Truncate the fast flush log.
*/
- if (ftruncate(vstream_fileno(log), (off_t) 0) < 0)
+ if (count > 0 && ftruncate(vstream_fileno(log), (off_t) 0) < 0)
msg_fatal("%s: truncate fast flush log for site %s: %m",
myname, site);
myname, site);
if (vstream_fclose(log) != 0)
msg_warn("read fast flush log for site %s: %m", site);
- if (msg_verbose)
- msg_info("%s: requesting delivery for site %s", myname, site);
- mail_trigger(MAIL_CLASS_PUBLIC, MAIL_SERVICE_QUEUE,
- qmgr_trigger, sizeof(qmgr_trigger));
-
+ if (count > 0) {
+ if (msg_verbose)
+ msg_info("%s: requesting delivery for site %s", myname, site);
+ mail_trigger(MAIL_CLASS_PUBLIC, MAIL_SERVICE_QUEUE,
+ qmgr_trigger, sizeof(qmgr_trigger));
+ }
return (FLUSH_STAT_OK);
}
return (FLUSH_STAT_OK);
}
+/* flush_purge - housekeeping */
+
+static void flush_purge(void)
+{
+ char *myname = "flush_purge";
+ SCAN_DIR *scan;
+ char *site;
+ struct stat st;
+ VSTRING *path = vstring_alloc(10);
+
+ scan = scan_dir_open(MAIL_QUEUE_FLUSH);
+ while ((site = mail_scan_dir_next(scan)) != 0) {
+ if (valid_hostname(site) == 0) {
+ msg_warn("%s: bad fast flush logfile name: %s", myname, STR(path));
+ if (unlink(STR(path)) < 0)
+ msg_warn("remove %s: %m", STR(path));
+ continue;
+ }
+ if (stat(mail_queue_path(path, MAIL_QUEUE_FLUSH, site), &st) < 0) {
+ if (errno != ENOENT)
+ msg_warn("%s: stat %s: %m", myname, STR(path));
+ else if (msg_verbose)
+ msg_info("%s: %s: %m", myname, STR(path));
+ continue;
+ }
+ if (st.st_size == 0) {
+ if (st.st_mtime + FLUSH_MAX_UNUSED < event_time()) {
+ if (unlink(STR(path)) < 0)
+ msg_warn("remove %s: %m", STR(path));
+ else if (msg_verbose)
+ msg_info("%s: unlink %s, unused for %d days",
+ myname, STR(path), FLUSH_MAX_UNUSED / 84600);
+ } else if (msg_verbose)
+ msg_info("%s: skip site %s - empty log", myname, site);
+ } else {
+ if (msg_verbose)
+ msg_info("%s: flush site %s", myname, site);
+ flush_site(site);
+ }
+ }
+ scan_dir_close(scan);
+ vstring_free(path);
+}
+
/* flush_service - perform service for client */
static void flush_service(VSTREAM *client_stream, char *unused_service,
{
VSTRING *request = vstring_alloc(10);
VSTRING *site = vstring_alloc(10);
- VSTRING *queue_id;
+ VSTRING *queue_id = vstring_alloc(10);
int status = FLUSH_STAT_BAD;
- static int counter;
+ static char wakeup[] = { /* master wakeup request */
+ TRIGGER_REQ_WAKEUP,
+ 0,
+ };
/*
* Sanity check. This service takes no command-line arguments.
*
* All connection-management stuff is handled by the common code in
* single_server.c.
+ *
+ * Note that the purge operation only acknowledges receipt of the request
+ * and proceeds in the background. All other operations send their result
+ * status after the operation is completed.
*/
#define STREQ(x,y) (strcmp((x), (y)) == 0)
- if (mail_scan(client_stream, "%s %s", request, site) == 2
- && valid_hostname(STR(site))) {
+ if (mail_scan(client_stream, "%s", request) == 1) {
if (STREQ(STR(request), FLUSH_REQ_APPEND)) {
- queue_id = vstring_alloc(10);
- if (mail_scan(client_stream, "%s", queue_id) == 1
+ if (mail_scan(client_stream, "%s %s", site, queue_id) == 2
+ && valid_hostname(STR(site))
&& mail_queue_id_ok(STR(queue_id)))
status = flush_append(STR(site), STR(queue_id));
- vstring_free(queue_id);
+ mail_print(client_stream, "%d", status);
} else if (STREQ(STR(request), FLUSH_REQ_SEND)) {
- status = flush_site(STR(site));
+ if (mail_scan(client_stream, "%s", site) == 1
+ && valid_hostname(STR(site)))
+ status = flush_site(STR(site));
+ mail_print(client_stream, "%d", status);
} else if (STREQ(STR(request), FLUSH_REQ_ENABLE)) {
- status = flush_enable(STR(site));
+ if (mail_scan(client_stream, "%s", site) == 1
+ && valid_hostname(STR(site)))
+ status = flush_enable(STR(site));
+ mail_print(client_stream, "%d", status);
+ } else if (STREQ(STR(request), FLUSH_REQ_PURGE)
+ || STREQ(STR(request), wakeup)) {
+ mail_print(client_stream, "%d", FLUSH_STAT_OK);
+ flush_purge();
}
}
- mail_print(client_stream, "%d", status);
-
- /*
- * Once in a while we generate a pro-active flush request to ensure that
- * the logfile does not grow unreasonably, and to ensure that it does not
- * contain too much outdated information. Flush our reply to the client
- * so that it does not have to wait while the pro-active flush happens.
- */
- if (status == FLUSH_STAT_OK && STREQ(STR(request), FLUSH_REQ_APPEND)
- && (++counter + event_time() + getpid()) % FLUSH_CHECK_RATE == 0) {
- vstream_fflush(client_stream);
- if (msg_verbose)
- msg_info("site %s: time for a pro-active flush", STR(site));
- (void) flush_site(STR(site));
- }
- vstring_free(site);
vstring_free(request);
+ vstring_free(site);
+ vstring_free(queue_id);
}
/* main - pass control to the single-threaded skeleton */
/*
* Notify the fast flush service.
*/
- if (var_enable_fflush
+ if (*var_fast_flush_domains
&& (rcpt_domain = strrchr(recipient, '@')) != 0
&& *++rcpt_domain != 0)
mail_flush_append(rcpt_domain, id);
* Make sure the mail flush dupfilter sees no false positive if we're
* repeatedly delivering the same message.
*/
- if (var_enable_fflush)
+ if (*var_fast_flush_domains)
mail_flush_append_init();
return (request);
/*
/* int mail_flush_deferred()
/*
+/* int mail_flush_purge()
+/*
/* int mail_flush_enable(site)
/* const char *site;
/*
/* mail_flush_deferred() triggers delivery of all deferred
/* or incoming mail.
/*
-/* The following services are available only for sites have a
+/* The following services are available only for sites that have a
/* "fast flush" logfile. These files list all mail that is queued
/* for a given site, and are created on demand when, for example,
/* an eligible SMTP client issues the ETRN command.
/* the application opens a new queue file, to prevent false
/* positives with the duplicate filter when repeated attempts
/* are made to deliver the same message.
+/*
+/* mail_flush_purge() requests the "fast flush" service to
+/* flush all its "fast flush" logfiles. This is necessary
+/* once a day or so, in order to prevent accumulation of
+/* too much outdated information.
/* DIAGNOSTICS
/* The result codes and their meaning are (see mail_flush(5h)):
/* .IP MAIL_FLUSH_OK
return (status);
}
+/* mail_flush_purge - house keeping */
+
+int mail_flush_purge(void)
+{
+ char *myname = "mail_flush_purge";
+ int status;
+
+ if (msg_verbose)
+ msg_info("%s", myname);
+ status = mail_flush_clnt("%s", FLUSH_REQ_SEND);
+ if (msg_verbose)
+ msg_info("%s: status %d", myname, status);
+
+ return (status);
+}
+
/* mail_flush_site - flush deferred mail for site */
int mail_flush_site(const char *site)
* External interface.
*/
extern int mail_flush_deferred(void);
+extern int mail_flush_purge(void);
extern int mail_flush_enable(const char *);
extern int mail_flush_site(const char *);
extern int mail_flush_append(const char *, const char *);
#define FLUSH_REQ_APPEND "append"/* append queue ID to site log */
#define FLUSH_REQ_SEND "send" /* flush mail queued for site */
#define FLUSH_REQ_ENABLE "enable"/* flush mail queued for site */
+#define FLUSH_REQ_PURGE "purge" /* flush mail queued for site */
/*
* Mail flush server status codes.
/* int var_ownreq_special;
/* int var_daemon_timeout;
/* char *var_syslog_facility;
-/* int var_enable_fflush;
+/* char *var_fast_flush_domains;
/*
/* void mail_params_init()
/* DESCRIPTION
int var_ownreq_special;
int var_daemon_timeout;
char *var_syslog_facility;
-int var_enable_fflush;
+char *var_relay_domains;
+char *var_fast_flush_domains;
/* check_myhostname - lookup hostname and validate */
VAR_DB_TYPE, DEF_DB_TYPE, &var_db_type, 1, 0,
VAR_HASH_QUEUE_NAMES, DEF_HASH_QUEUE_NAMES, &var_hash_queue_names, 1, 0,
VAR_RCPT_DELIM, DEF_RCPT_DELIM, &var_rcpt_delim, 0, 1,
+ VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
+ VAR_FFLUSH_DOMAINS, DEF_FFLUSH_DOMAINS, &var_fast_flush_domains, 0, 0,
0,
};
static CONFIG_STR_FN_TABLE function_str_defaults_2[] = {
VAR_SOFT_BOUNCE, DEF_SOFT_BOUNCE, &var_soft_bounce,
VAR_OWNREQ_SPECIAL, DEF_OWNREQ_SPECIAL, &var_ownreq_special,
VAR_MAILTOOL_COMPAT, DEF_MAILTOOL_COMPAT, &var_mailtool_compat,
- VAR_ENABLE_FFLUSH, DEF_ENABLE_FFLUSH, &var_enable_fflush,
0,
};
/*
* Fast flush service support.
*/
-#define VAR_ENABLE_FFLUSH "enable_fast_flush"
-#define DEF_ENABLE_FFLUSH 0
-extern bool var_enable_fflush;
+#define VAR_FFLUSH_DOMAINS "fast_flush_domains"
+#define DEF_FFLUSH_DOMAINS "$relay_domains"
+extern char *var_fast_flush_domains;
/* LICENSE
/* .ad
{
const char *cp;
- if (strlen(queue_name) > 100)
+ if (*queue_name == 0 || strlen(queue_name) > 100)
return (0);
for (cp = queue_name; *cp; cp++)
{
const char *cp;
- if (strlen(queue_id) > 100)
+ if (*queue_id == 0 || strlen(queue_id) > 100)
return (0);
/*
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "Snapshot-20000930"
+#define DEF_MAIL_VERSION "Snapshot-20001001"
extern char *var_mail_version;
/* LICENSE
*/
#define MASTER_FLAG_THROTTLE (1<<0) /* we're having trouble */
#define MASTER_FLAG_MARK (1<<1) /* garbage collection support */
+#define MASTER_FLAG_CONDWAKE (1<<2) /* wake up if actually used */
#define MASTER_THROTTLED(f) ((f)->flags & MASTER_FLAG_THROTTLE)
*/
else {
serv->flags &= ~MASTER_FLAG_MARK;
+ if (entry->flags & MASTER_FLAG_CONDWAKE)
+ serv->flags |= MASTER_FLAG_CONDWAKE;
+ else
+ serv->flags &= ~MASTER_FLAG_CONDWAKE;
serv->wakeup_time = entry->wakeup_time;
serv->max_proc = entry->max_proc;
serv->throttle_delay = entry->throttle_delay;
*/
serv->wakeup_time = get_int_ent(&bufp, "wakeup_time", "0", 0);
+ /*
+ * Find out if the wakeup time is conditional, i.e., wakeup triggers
+ * should not be sent until the service has actually been used.
+ */
+ if (serv->wakeup_time > 0 && bufp[*bufp ? -2 : -1] == '?')
+ serv->flags |= MASTER_FLAG_CONDWAKE;
+
/*
* Concurrency limit. Zero means no limit.
*/
/*
* Parent. Fill in a process member data structure and set up links
* between child and process. Say this process has become available.
+ * If this service has a wakeup timer that is turned on only when the
+ * service is actually used, turn on the wakeup timer.
*/
default:
if (msg_verbose)
sizeof(pid), (char *) proc);
serv->total_proc++;
master_avail_more(serv, proc);
+ if (serv->flags & MASTER_FLAG_CONDWAKE) {
+ serv->flags &= ~MASTER_FLAG_CONDWAKE;
+ master_wakeup_init(serv);
+ if (msg_verbose)
+ msg_info("start conditional timer for %s", serv->name);
+ }
return;
}
}
{
char *myname = "master_wakeup_init";
- if (serv->wakeup_time == 0)
+ if (serv->wakeup_time == 0 || (serv->flags & MASTER_FLAG_CONDWAKE))
return;
if (msg_verbose)
msg_info("%s: service %s time %d",
* Make sure the mail flush dupfilter sees no false positive if we're
* repeatedly trying to deliver the same message.
*/
- else if (var_enable_fflush)
+ else if (*var_fast_flush_domains)
mail_flush_append_init();
}
}
* Make sure the mail flush dupfilter sees no false positive if we're
* repeatedly trying to deliver the same message.
*/
- else if (var_enable_fflush)
+ else if (*var_fast_flush_domains)
mail_flush_append_init();
}
}
/* delivery problems are sent to, unless the message contains an
/* \fBErrors-To:\fR message header.
/* .IP \fB-q\fR
-/* Flush the mail queue. This is implemented by kicking the
+/* Attempt to deliver all queued mail. This is implemented by kicking the
/* \fBqmgr\fR(8) daemon.
/* .IP "\fB-q\fIinterval\fR (ignored)"
/* The interval between queue runs. Use the \fBqueue_run_delay\fR
/* Schedule immediate delivery of all mail that is queued for the named
/* \fIsite\fR. Depending on the destination, this uses "fast flush"
/* service, or it has the same effect as \fBsendmail -q\fR.
-/* This functionality is implemented by connecting to the local SMTP
-/* server. See smtpd(8) for more information about the "fast flush"
+/* This is implemented by connecting to the local SMTP server.
+/* See \fBsmtpd\fR(8) for more information about the "fast flush"
/* service.
/* .IP \fB-qS\fIsite\fR
/* This command is not implemented. Use the slower \fBsendmail -q\fR
/* List of domain or network patterns. When a remote host matches
/* a pattern, increase the verbose logging level by the amount
/* specified in the \fBdebug_peer_level\fR parameter.
+/* .IP \fBfast_flush_domains\fR
+/* List of domains that will receive "fast flush" service (default: all
+/* domains that this system is willing to relay mail to). This greatly
+/* improves the performance of the SMTP \fBETRN\fR request, and of the
+/* \fBsendmail -qR\fR command. For domains not in the list, Postfix simply
+/* attempts to deliver all queued mail.
/* .IP \fBfork_attempts\fR
/* Number of attempts to \fBfork\fR() a process before giving up.
/* .IP \fBfork_delay\fR
/* chat - send command and examine reply */
-static void chat(VSTREAM *fp, VSTRING *buf, const char *fmt,...)
+static void chat(VSTREAM * fp, VSTRING * buf, const char *fmt,...)
{
va_list ap;
/* List of domain or network patterns. When a remote host matches
/* a pattern, increase the verbose logging level by the amount
/* specified in the \fBdebug_peer_level\fR parameter.
-/* .IP \fBenable_fast_flush\fR
-/* Enable the "fast flush" cache for improved ETRN performance.
-/* By default, Postfix attempts to deliver all messages in the queue
-/* after receiving an ETRN command.
-/* The "fast flush" cache keeps a record of what mail is queued up for
-/* specific destinations.
-/* Currently, "fast flush" support is available only for destinations
-/* that the local MTA is willing to relay mail to (i.e. the policy
-/* is hard coded).
/* .IP \fBerror_notice_recipient\fR
/* Recipient of protocol/policy/resource/software error notices.
/* .IP \fBhopcount_limit\fR
/* Limit the number of times a client can issue a junk command
/* such as NOOP, VRFY, ETRN or RSET in one SMTP session before
/* it is penalized with tarpit delays.
+/* .SH "ETRN controls"
+/* .ad
+/* .fi
+/* .IP \fBsmtpd_etrn_restrictions\fR
+/* Restrict what domain names can be used in \fBETRN\fR commands,
+/* and what clients may issue \fBETRN\fR commands.
+/* .IP \fBfast_flush_domains\fR
+/* The destinations that this system is willing to provide "fast ETRN"
+/* service for. By default, "fast ETRN" service is available only
+/* for destinations that the local system is willing to relay mail to.
+/* For other destinations, Postfix simply attempts to deliver all mail
+/* in the queue.
/* .SH "UCE control restrictions"
/* .ad
/* .fi
/* Restrict what sender addresses are allowed in \fBMAIL FROM\fR commands.
/* .IP \fBsmtpd_recipient_restrictions\fR
/* Restrict what recipient addresses are allowed in \fBRCPT TO\fR commands.
-/* .IP \fBsmtpd_etrn_restrictions\fR
-/* Restrict what domain names can be used in \fBETRN\fR commands,
-/* and what clients may issue \fBETRN\fR commands.
/* .IP \fBallow_untrusted_routing\fR
/* Allow untrusted clients to specify addresses with sender-specified
/* routing. Enabling this opens up nasty relay loopholes involving
*/
int var_smtpd_rcpt_limit;
int var_smtpd_tmout;
-char *var_relay_domains;
int var_smtpd_soft_erlim;
int var_smtpd_hard_erlim;
int var_queue_minfree; /* XXX use off_t */
char *var_smtpd_sasl_opts;
char *var_smtpd_sasl_realm;
char *var_filter_xport;
+char *var_fast_flush_domains;
/*
* Global state, for stand-alone mode queue file cleanup. When this is
static int etrn_cmd(SMTPD_STATE *state, int argc, SMTPD_TOKEN *argv)
{
- VSTREAM *fp;
char *err;
/*
smtpd_chat_reply(state, "%s", err);
return (-1);
}
- if (!var_enable_fflush) {
+ if (!*var_fast_flush_domains) {
mail_flush_deferred();
smtpd_chat_reply(state, "250 Queuing started");
return (0);
} else {
msg_info("created fast ETRN cache for %s (client=%s)",
argv[1].strval, state->namaddr);
- vstream_fclose(fp);
}
} else {
- msg_info("refused fast ETRN service for %s (client=%s)",
+ msg_info("using slow ETRN service for %s (client=%s)",
argv[1].strval, state->namaddr);
}
/* Fallthrough. */
0,
};
static CONFIG_STR_TABLE str_table[] = {
- VAR_RELAY_DOMAINS, DEF_RELAY_DOMAINS, &var_relay_domains, 0, 0,
VAR_SMTPD_BANNER, DEF_SMTPD_BANNER, &var_smtpd_banner, 1, 0,
VAR_DEBUG_PEER_LIST, DEF_DEBUG_PEER_LIST, &var_debug_peer_list, 0, 0,
VAR_NOTIFY_CLASSES, DEF_NOTIFY_CLASSES, &var_notify_classes, 0, 0,
/* .PP
/* smtpd_check_etrn_cache_policy_ok() returns "true" if it is OK to
/* create a fast ETRN cache file for the specified destination.
-/* Currently, the hard-coded policy is that the local MTA must be
-/* is willing to relay mail to that destination.
+/* The default policy ($smtpd_fast_flush_domains) is that the local MTA
+/* must be willing to relay mail to that destination.
/*
/* smtpd_check_size() checks if a message with the given size can
/* be received (zero means that the message size is unknown). The
*/
static DOMAIN_LIST *relay_domains;
static NAMADR_LIST *mynetworks;
+static DOMAIN_LIST *fast_flush_domains;
/*
* Pre-parsed restriction lists.
*/
mynetworks = namadr_list_init(var_mynetworks);
relay_domains = domain_list_init(var_relay_domains);
+ fast_flush_domains = domain_list_init(var_fast_flush_domains);
/*
* Pre-parse and pre-open the recipient maps.
{
/*
- * The domain name must be an authorized relay destination.
+ * Fast ETRN cache files are created on demand. Anything else would make
+ * the feature unusable. However, it should not be possible that some
+ * network vandal abuses this feature to create lots of bogus fast ETRN
+ * cache files.
+ *
+ * By default, Postfix accepts ETRN commands from everywhere, but will
+ * create fast ETRN cache files only for destinations that Postfix is
+ * willing to relay mail to.
*/
- if (domain_list_match(relay_domains, domain) == 0)
- return (0);
/*
* The domain name must exist.
(VSTRING *) 0, T_A, T_MX, 0) != DNS_OK)
return (0);
+ /*
+ * The domain name must be an authorized relay destination.
+ */
+ if (domain_list_match(fast_flush_domains, domain) == 0)
+ return (0);
+
/*
* Must be OK then.
*/
/* VSTRING *vp;
/* VSTREAM *fp;
/* int bound;
-/*
-/* int vstring_get_null_bound(vp, fp, bound)
-/* VSTRING *vp;
-/* VSTREAM *fp;
/* DESCRIPTION
/* The routines in this module each read one newline or null-terminated
/* string from an input stream. In all cases the result is either the
/* vstring_get_null() reads a null-terminated string from the named
/* stream.
/*
-/* vstring_get_bound(), vstring_get_nonl_bound() and
-/* vstring_get_null_bound() read no more than \fIbound\fR characters.
-/* Otherwise they behave like the unbounded versions documented above.
+/* vstring_get_bound() and vstring_get_nonl_bound() read no more
+/* than \fIbound\fR characters. Otherwise they behave like the
+/* unbounded versions documented above.
/* DIAGNOSTICS
/* Fatal errors: memory allocation failure.
/* Panic: improper string bound.
-/* BUGS
-/* This code should honor the bound information that is already
-/* part of a VSTRING.
/* LICENSE
/* .ad
/* .fi
return (c == '\n' ? c : VSTRING_GET_RESULT(vp));
}
-/* vstring_get_null_bound - read null-terminated string, up to bound */
-
-int vstring_get_null_bound(VSTRING *vp, VSTREAM *fp, int bound)
-{
- int c;
-
- if (bound <= 0)
- msg_panic("vstring_get_null_bound: invalid bound %d", bound);
-
- VSTRING_RESET(vp);
- while (bound-- > 0 && (c = VSTREAM_GETC(fp)) != VSTREAM_EOF && c != 0)
- VSTRING_ADDCH(vp, c);
- VSTRING_TERMINATE(vp);
- return (c == 0 ? c : VSTRING_GET_RESULT(vp));
-}
-
#ifdef TEST
/*
extern int vstring_get_null(VSTRING *, VSTREAM *);
extern int vstring_get_bound(VSTRING *, VSTREAM *, int);
extern int vstring_get_nonl_bound(VSTRING *, VSTREAM *, int);
-extern int vstring_get_null_bound(VSTRING *, VSTREAM *, int);
/*
* Backwards compatibility for code that still uses the vstring_fgets()
(vstring_get_bound((s), (p), (l)) == VSTREAM_EOF ? 0 : (s))
#define vstring_fgets_nonl_bound(s, p, l) \
(vstring_get_nonl_bound((s), (p), (l)) == VSTREAM_EOF ? 0 : (s))
-#define vstring_fgets_null_bound(s, p, l) \
- (vstring_get_null_bound((s), (p), (l)) == VSTREAM_EOF ? 0 : (s))
/* LICENSE
/* .ad
projects / thirdparty / postfix.git / commitdiff
