server will not wait (up to 6 seconds) for the address
verification result. File: global/mail_params.h.
- Final slution for the I/O event starvation problem when a
+ Final solution for the I/O event starvation problem when a
timer call-back schedules a zero-delay timer request. File:
util/events.c.
Feature: smtp_address_preference (default: ipv6) to control
the order in which the Postfix SMTP client will connect to
a destination that has IPv6 and IPv4 addresses with equal
- MX preference. Files: global/mail_params.c, smtp/smtp.c,
- smtp/smtp_params.c, smtp/smtp_addr.c, proto/postconf.proto.
+ MX preference. Files: global/mail_params.h, smtp/smtp.c,
+ smtp/smtp_params.c, smtp/smtp_addr.c, dns/dns_rr.c,
+ and documentation.
+
+20100321
+
+ Feature: allow Milter applications to use a lower protocol
+ version than the version that Postfix is configured for.
+ Based on an idea by Kouhei Sutou. File: milter/milter8.c.
+
+20100322
+
+ Bugfix (introduced 20100305) the new smtp_address_preference
+ feature was not tested with LMTP support. Problem reported
+ by Stefan Foerster. File: smtp/smtp.c.
however, the limitations section below for features that aren't supported by
Postfix.
-If the Postfix milter_protocol setting specifies a too high version, the
-libmilter library simply hangs up without logging a warning, and you see a
-Postfix warning message like one of the following:
+With Postfix 2.7 and earlier, if the Postfix milter_protocol setting specifies
+a too high version, the libmilter library simply hangs up without logging a
+warning, and you see a Postfix warning message like one of the following:
warning: milter inet:host:port: can't read packet header: Unknown error : 0
warning: milter inet:host:port: can't read packet header: Success
warning: milter inet:host:port: can't read SMFIC_DATA reply packet header:
No such file or directory
-The remedy is to lower the Postfix milter_protocol version number.
+The remedy is to lower the Postfix milter_protocol version number. Postfix 2.8
+and later will automatically turn off protocol features that the application's
+libmilter library does not expect.
M\bMi\bil\blt\bte\ber\br p\bpr\bro\bot\bto\boc\bco\bol\bl t\bti\bim\bme\beo\bou\but\bts\bs
Remove this file from the stable release.
- Add smtpd_sender_login_maps to proxy_read_maps. What other
- parameters are worthy of being whitelisted for proxy access?
- Is there a way to automate this decision?
+ Add some checks for tokens starting with #. A challenge
+ is to report sensible context from the guts of some low-level
+ parser, without introducing a great deal of clumsiness.
+
+ Add sendmail macros for {verify} and maybe other TLS info.
+
+ Find out if we are doing the correct thing by looking at
+ state->milter_reject_text when expanding {rcpt_addr} or
+ {rcpt_host}.
+
+ Find out why post_mail() etc. block when the qmgr fifo
+ is full. This causes delays in the queue manager.
+
+ Add smtpd_sender_login_maps to proxy_read_maps, and make
+ sure that defaults are set before proxy_read_maps is
+ evaluated. What other parameters are worthy of being
+ whitelisted for proxy access? Is there a way to automate
+ this decision?
+
+ How to ensure that proxy_read_maps is processed after all
+ its dependencies are initialized, or just bite the bullet
+ and rewrite the parameter initialization code.
The cleanup virtual alias expansion limit does not really
deliver on its promises. 1) It promises to truncate the
number. See, however, the <a href="#limitations">limitations</a>
section below for features that aren't supported by Postfix. </p>
-<p> If the Postfix <a href="postconf.5.html#milter_protocol">milter_protocol</a> setting specifies a too high
+<p> With Postfix 2.7 and earlier, if the Postfix <a href="postconf.5.html#milter_protocol">milter_protocol</a>
+setting specifies a too high
version, the libmilter library simply hangs up without logging a
warning, and you see a Postfix warning message like one of the
following: </p>
</blockquote>
<p> The remedy is to lower the Postfix <a href="postconf.5.html#milter_protocol">milter_protocol</a> version
-number. </p>
+number. Postfix 2.8 and later will automatically turn off protocol
+features that the application's libmilter library does not expect.
+</p>
<h3><a name="timeouts">Milter protocol timeouts</a></h3>
tion parameter in <a href="postconf.5.html">main.cf</a>).
<b>pass</b> The service listens on a UNIX-domain socket,
- receives one open connection (file descrip-
- tor passing) per connection request, and is
- accessible to local clients only.
+ and is accessible to local clients only. It
+ receives one open connection (file descrip-
+ tor passing) per connection request.
The service name is a pathname relative to
the Postfix queue directory (pathname con-
By default, <a href="postcat.1.html"><b>postcat</b>(1)</a> shows the envelope and message con-
tent, as if the options <b>-beh</b> were specified. To view mes-
- sage content only, specify <b>-bh</b> (Postfix 2.7 and later).
+ sage headers only, specify <b>-bh</b> (Postfix 2.7 and later).
Options:
<p> By default, the Postfix SMTP server polls the <a href="verify.8.html">verify(8)</a> service
up to three times under non-overload conditions, and only once when
-under overload. With Postfix version 2.6 and earlier, the SMTP
+under overload. With Postfix version 2.5 and earlier, the SMTP
server always polls the <a href="verify.8.html">verify(8)</a> service up to three times by
default. </p>
/^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2
</pre>
+<pre>
+ # Bounce-never mail sink. Use <a href="postconf.5.html#notify_classes">notify_classes</a>=bounce,resource,software
+ # to send bounced mail to the postmaster (with message body removed).
+ /^(RCPT\s+TO:.*?)\bNOTIFY=\S+\b(.*)/ $1 NOTIFY=NEVER $2
+ /^(RCPT\s+TO:.*)/ $1 NOTIFY=NEVER
+</pre>
+
<p> This feature is available in Postfix 2.7. </p>
By default, \fBpostcat\fR(1) shows the envelope and message
content, as if the options \fB-beh\fR were specified. To
-view message content only, specify \fB-bh\fR (Postfix 2.7
+view message headers only, specify \fB-bh\fR (Postfix 2.7
and later).
Options:
queue directory (pathname controlled with the \fBqueue_directory\fR
configuration parameter in main.cf).
.IP \fBpass\fR
-The service listens on a UNIX-domain socket, receives one
-open connection (file descriptor passing) per connection
-request, and is accessible to local clients only.
+The service listens on a UNIX-domain socket, and is accessible
+to local clients only. It receives one open connection (file
+descriptor passing) per connection request.
The service name is a pathname relative to the Postfix
queue directory (pathname controlled with the \fBqueue_directory\fR
.PP
By default, the Postfix SMTP server polls the \fBverify\fR(8) service
up to three times under non-overload conditions, and only once when
-under overload. With Postfix version 2.6 and earlier, the SMTP
+under overload. With Postfix version 2.5 and earlier, the SMTP
server always polls the \fBverify\fR(8) service up to three times by
default.
.PP
.ad
.ft R
.PP
+.nf
+.na
+.ft C
+ # Bounce-never mail sink. Use notify_classes=bounce,resource,software
+ # to send bounced mail to the postmaster (with message body removed).
+ /^(RCPT\es+TO:.*?)\ebNOTIFY=\eS+\eb(.*)/ $1 NOTIFY=NEVER $2
+ /^(RCPT\es+TO:.*)/ $1 NOTIFY=NEVER
+.fi
+.ad
+.ft R
+.PP
This feature is available in Postfix 2.7.
.SH smtpd_data_restrictions (default: empty)
Optional access restrictions that the Postfix SMTP server applies
number. See, however, the <a href="#limitations">limitations</a>
section below for features that aren't supported by Postfix. </p>
-<p> If the Postfix milter_protocol setting specifies a too high
+<p> With Postfix 2.7 and earlier, if the Postfix milter_protocol
+setting specifies a too high
version, the libmilter library simply hangs up without logging a
warning, and you see a Postfix warning message like one of the
following: </p>
</blockquote>
<p> The remedy is to lower the Postfix milter_protocol version
-number. </p>
+number. Postfix 2.8 and later will automatically turn off protocol
+features that the application's libmilter library does not expect.
+</p>
<h3><a name="timeouts">Milter protocol timeouts</a></h3>
# queue directory (pathname controlled with the \fBqueue_directory\fR
# configuration parameter in main.cf).
# .IP \fBpass\fR
-# The service listens on a UNIX-domain socket, receives one
-# open connection (file descriptor passing) per connection
-# request, and is accessible to local clients only.
+# The service listens on a UNIX-domain socket, and is accessible
+# to local clients only. It receives one open connection (file
+# descriptor passing) per connection request.
#
# The service name is a pathname relative to the Postfix
# queue directory (pathname controlled with the \fBqueue_directory\fR
<p> By default, the Postfix SMTP server polls the verify(8) service
up to three times under non-overload conditions, and only once when
-under overload. With Postfix version 2.6 and earlier, the SMTP
+under overload. With Postfix version 2.5 and earlier, the SMTP
server always polls the verify(8) service up to three times by
default. </p>
/^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2
</pre>
+<pre>
+ # Bounce-never mail sink. Use notify_classes=bounce,resource,software
+ # to send bounced mail to the postmaster (with message body removed).
+ /^(RCPT\s+TO:.*?)\bNOTIFY=\S+\b(.*)/ $1 NOTIFY=NEVER $2
+ /^(RCPT\s+TO:.*)/ $1 NOTIFY=NEVER
+</pre>
+
<p> This feature is available in Postfix 2.7. </p>
%PARAM smtp_reply_filter
/* NOTIFY option to internal form.
/*
/* dsn_notify_str() converts internal form to the representation
-/* used in the MAIL FROM .. NOTIFY command. The result is in
+/* used in the RCPT TO .. NOTIFY command. The result is in
/* volatile memory and is clobbered whenever str_name_mask()
/* is called.
/*
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20100306"
+#define MAIL_RELEASE_DATE "20100323"
#define MAIL_VERSION_NUMBER "2.8"
#ifdef SNAPSHOT
#define SMFIP_NOUNKNOWN (1L<<8) /* filter does not want unknown cmd */
#define SMFIP_NODATA (1L<<9) /* filter does not want DATA */
/* Introduced with Sendmail 8.14. */
-#define SMFIP_SKIP (1L<<10)/* MTA supports SMFIS_SKIP */
+#define SMFIP_SKIP (1L<<10)/* MTA supports SMFIR_SKIP */
#define SMFIP_RCPT_REJ (1L<<11)/* filter wants rejected RCPTs */
#define SMFIP_NR_CONN (1L<<12)/* filter won't reply for connect */
#define SMFIP_NR_HELO (1L<<13)/* filter won't reply for HELO */
*
* XXX Is this still needed? Sendmail 8.14 provides a proper way to negotiate
* what replies the mail filter will send.
+ *
+ * XXX Keep this table in reverse numerical order. This is needed by the code
+ * that implements compatibility with older Milter protocol versions.
*/
static const NAME_CODE milter8_event_masks[] = {
- "2", MILTER8_V2_PROTO_MASK,
- "3", MILTER8_V3_PROTO_MASK,
- "4", MILTER8_V4_PROTO_MASK,
"6", MILTER8_V6_PROTO_MASK,
+ "4", MILTER8_V4_PROTO_MASK,
+ "3", MILTER8_V3_PROTO_MASK,
+ "2", MILTER8_V2_PROTO_MASK,
"no_header_reply", SMFIP_NOHREPL,
0, -1,
};
if (milter->ev_mask & SMFIP_RCPT_REJ)
milter->m.flags |= MILTER_FLAG_WANT_RCPT_REJ;
+ /*
+ * Allow the remote application to run an older protocol version, but
+ * don't them send events that their protocol version doesn't support.
+ * Based on a suggestion by Kouhei Sutou.
+ *
+ * XXX When the Milter sends a protocol version that we don't have
+ * information for, use the information for the next-lower protocol
+ * version instead. This code assumes that the milter8_event_masks table
+ * is organized in reverse numerical order.
+ */
+ if (milter->version < my_version) {
+ const NAME_CODE *np;
+ int version;
+
+ for (np = milter8_event_masks; /* see below */ ; np++) {
+ if (np->name == 0) {
+ msg_warn("milter %s: unexpected protocol version %d",
+ milter->m.name, milter->version);
+ break;
+ }
+ if ((version = atoi(np->name)) > 0 && version <= milter->version) {
+ milter->np_mask |= (SMFIP_NOSEND_MASK & ~np->code);
+ if (msg_verbose)
+ msg_info("%s: non-protocol events for milter %s"
+ " protocol version %d: %s",
+ myname, milter->m.name, milter->version,
+ str_name_mask_opt(milter->buf,
+ "non-protocol event mask",
+ smfip_table, milter->np_mask,
+ NAME_MASK_NUMBER));
+ break;
+ }
+ }
+ }
+
/*
* Initial negotiations completed.
*/
#endif
+#if SMFI_VERSION > 5
+
static sfsistat test_negotiate(SMFICTX *, unsigned long, unsigned long,
unsigned long, unsigned long,
unsigned long *, unsigned long *,
unsigned long *, unsigned long *);
+#endif
+
+#ifndef SMFIF_CHGFROM
+#define SMFIF_CHGFROM 0
+#endif
+#ifndef SMFIP_HDR_LEADSPC
+#define SMFIP_HDR_LEADSPC 0
+#define misc_mask 0
+#endif
+
static struct smfiDesc smfilter =
{
"test-milter",
/*
/* By default, \fBpostcat\fR(1) shows the envelope and message
/* content, as if the options \fB-beh\fR were specified. To
-/* view message content only, specify \fB-bh\fR (Postfix 2.7
+/* view message headers only, specify \fB-bh\fR (Postfix 2.7
/* and later).
/*
/* Options:
state->request = request;
state->src = request->fp;
state->service = service;
- state->misc_flags = smtp_addr_pref;
+ state->misc_flags |= smtp_addr_pref;
SMTP_RCPT_INIT(state);
/*
projects / thirdparty / postfix.git / commitdiff
