util/sane_time.[hc].
Bumped the default mailbox file size limits to 50MB.
+
+20010202
+
+ Bugfix: fixed the way the master resets the file size limit
+ to avoid problems when a Postfix daemon updates a queue
+ file. The file size limit is now increased to INT_MAX if
+ it is smaller than INT_MAX, so that it is less likely to
+ interfere than the old setting of message_size_limit.
+
+ Feature: disable mailbox size limits for the local and
+ virtual delivery agents by setting mailbox_size_limit or
+ virtual_mailbox_limit to zero.
Apart from bugfixes this is expected to become the first non-beta
Postfix release.
+Major changes with snapshot-20010202
+====================================
+
+The mailbox file size limits for the local and virtual delivery
+agents can be disabled by setting mailbox_size_limit and/or
+virtual_mailbox_limit to zero.
+
Incompatible changes with snapshot-20010128
===========================================
+If this release does not work for you, you can go back to a previous
+Postfix version without losing your mail, subject to the "incompatible
+changes" listed for previous Postfix releases below.
+
REJECT in header/body_checks is now flagged as policy violation
rather than bounce, for consistency in postmaster notifications.
-The mailbox size limit for local delivery is no longer controlled
-by the message_size_limit paramater, but by a separate parameter
-called mailbox_size_limit (default: 20MBytes).
+New mailbox size limit for local delivery (default: 50MBytes). This
+limit affects all file write access by the local delivery agent or
+by a process run by the local delivery agent. The purpose of this
+parameter is to act as a safety for run-away software. It cannot
+be a substitute for a file quota management system.
The default RBL (real-time blackhole lists) domain examples have
been updated from *.vix.com to *.mail-abuse.org.
VIRTUAL_README for detailed examples. This code is still new. Once
it stops changing it will become part of the non-beta release.
-Many "valid_hostname" warnings were eliminated. The complaints that
+Many "valid_hostname" warnings were eliminated. The warnings that
were not eliminated were replaced by something more informative.
SASL support (RFC 2554) for the LMTP delivery agent. This is required
<h4>Cisco PIX "fixup protocol smtp" bug</h4>
-The Cisco PIX has have a bug when running software older than
+The Cisco PIX firewall has a bug when running software older than
version 5.2(4) or 6.0(1).
<p>
How does one recognize a mailer behind a Cisco PIX with "fixup
protocol smtp" enabled? As of version 5.1 and later, the fixup
protocol smtp command changes the characters in the SMTP banner to
-asterisks except for the "2", "0", "0" and space characters.
+asterisks except for the "2", "0" and "0 SPACE" characters.
<p>
<b>mailbox</b><i>_</i><b>size</b><i>_</i><b>limit</b>
Limit the size of a mailbox etc. file (any file
- that is written to upon delivery).
+ that is written to upon delivery). Set to zero to
+ disable the limit.
-<b>Security</b> <b>controls</b>
LOCAL(8) LOCAL(8)
+<b>Security</b> <b>controls</b>
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>commands</b>
- Restrict the usage of mail delivery to external
+ Restrict the usage of mail delivery to external
command.
<b>allow</b><i>_</i><b>mail</b><i>_</i><b>to</b><i>_</i><b>files</b>
- Restrict the usage of mail delivery to external
+ Restrict the usage of mail delivery to external
file.
<b>command</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
- What characters are allowed to appear in $name
- expansions of mailbox_command. Illegal characters
+ What characters are allowed to appear in $name
+ expansions of mailbox_command. Illegal characters
are replaced by underscores.
<b>default</b><i>_</i><b>privs</b>
- Default rights for delivery to external file or
+ Default rights for delivery to external file or
command.
<b>forward</b><i>_</i><b>expansion</b><i>_</i><b>filter</b>
- What characters are allowed to appear in $name
- expansions of forward_path. Illegal characters are
+ What characters are allowed to appear in $name
+ expansions of forward_path. Illegal characters are
replaced by underscores.
<b>HISTORY</b>
- The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
+ The <b>Delivered-To:</b> header appears in the <b>qmail</b> system by
Daniel Bernstein.
- The <i>maildir</i> structure appears in the <b>qmail</b> system by
+ The <i>maildir</i> structure appears in the <b>qmail</b> system by
Daniel Bernstein.
<b>SEE</b> <b>ALSO</b>
<a href="qmgr.8.html">qmgr(8)</a> queue manager
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>AUTHOR(S)</b>
-
8
<b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>limit</b>
The maximal size in bytes of a mailbox or maildir
- file.
+ file. Set to zero to disable the limit.
<b>HISTORY</b>
This agent was originally based on the Postfix local
.IP \fBmailbox_size_limit\fR
Limit the size of a mailbox etc. file (any file that is
written to upon delivery).
+Set to zero to disable the limit.
.SH "Security controls"
.ad
.fi
The limit is enforced by the Postfix queue manager.
.IP \fBvirtual_mailbox_limit\fR
The maximal size in bytes of a mailbox or maildir file.
+Set to zero to disable the limit.
.SH HISTORY
.na
.nf
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "Snapshot-20010201"
+#define DEF_MAIL_VERSION "Snapshot-20010202"
extern char *var_mail_version;
/* LICENSE
/* .IP \fBmailbox_size_limit\fR
/* Limit the size of a mailbox etc. file (any file that is
/* written to upon delivery).
+/* Set to zero to disable the limit.
/* .SH "Security controls"
/* .ad
/* .fi
* size limit. XXX This still isn't accurate because the file size limit
* also affects delivery to command.
*
+ * A file size limit protects the machine against runaway software errors.
+ * It is not suitable to enfoce mail quota, because users can get around
+ * mail quota by delivering to /file/name or to |command.
+ *
* We can't have mailbox size limit smaller than the message size limit,
* because that prohibits the delivery agent from updating the queue
* file.
*/
- if (var_mailbox_limit < var_message_limit)
- msg_fatal("main.cf configuration error: %s is smaller than %s",
- VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
- set_file_limit(var_mailbox_limit);
+ if (var_mailbox_limit) {
+ if (var_mailbox_limit < var_message_limit)
+ msg_fatal("main.cf configuration error: %s is smaller than %s",
+ VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
+ set_file_limit(var_mailbox_limit);
+ }
}
/* main - pass control to the single-threaded skeleton */
};
static CONFIG_INT_TABLE int_table[] = {
VAR_DUP_FILTER_LIMIT, DEF_DUP_FILTER_LIMIT, &var_dup_filter_limit, 0, 0,
- VAR_MAILBOX_LIMIT, DEF_MAILBOX_LIMIT, &var_mailbox_limit, 1, 0,
+ VAR_MAILBOX_LIMIT, DEF_MAILBOX_LIMIT, &var_mailbox_limit, 0, 0,
0,
};
static CONFIG_STR_TABLE str_table[] = {
#include <unistd.h>
#include <string.h>
#include <fcntl.h>
+#include <limits.h>
/* Utility library. */
clean_env(import_env->argv);
argv_free(import_env);
- if ((inherited_limit = get_file_limit()) < (off_t) var_message_limit) {
- msg_warn("file size limit %lu < message_size_limit %lu -- reset",
- (unsigned long) inherited_limit, (unsigned long) var_message_limit);
- set_file_limit(var_message_limit);
- }
+ if ((inherited_limit = get_file_limit()) < (off_t) INT_MAX)
+ set_file_limit(INT_MAX);
+
if (chdir(var_queue_dir))
msg_fatal("chdir %s: %m", var_queue_dir);
* Use the semi-crappy random number generator.
*/
if (my_pid == 0)
- srandom(my_pid = (getpid() ^ time((time_t *) 0)));
+ srandom((my_pid = getpid()) ^ time((time_t *) 0));
usec = (delay - variation / 2) + variation * (double) random() / RAND_MAX;
doze(usec);
}
/* The limit is enforced by the Postfix queue manager.
/* .IP \fBvirtual_mailbox_limit\fR
/* The maximal size in bytes of a mailbox or maildir file.
+/* Set to zero to disable the limit.
/* HISTORY
/* .ad
/* .fi
/*
* Reset the file size limit from the message size limit to the mailbox
- * size limit. XXX This still isn't accurate because the file size limit
- * also affects delivery to command.
+ * size limit.
*
* We can't have mailbox size limit smaller than the message size limit,
* because that prohibits the delivery agent from updating the queue
* file.
*/
- if (var_virt_mailbox_limit < var_message_limit)
- msg_fatal("main.cf configuration error: %s is smaller than %s",
- VAR_VIRT_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
- set_file_limit(var_virt_mailbox_limit);
+ if (var_virt_mailbox_limit) {
+ if (var_virt_mailbox_limit < var_message_limit)
+ msg_fatal("main.cf configuration error: %s is smaller than %s",
+ VAR_VIRT_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
+ set_file_limit(var_virt_mailbox_limit);
+ }
}
/* main - pass control to the single-threaded skeleton */
{
static CONFIG_INT_TABLE int_table[] = {
VAR_VIRT_MINUID, DEF_VIRT_MINUID, &var_virt_minimum_uid, 1, 0,
- VAR_VIRT_MAILBOX_LIMIT, DEF_VIRT_MAILBOX_LIMIT, &var_virt_mailbox_limit, 1, 0,
+ VAR_VIRT_MAILBOX_LIMIT, DEF_VIRT_MAILBOX_LIMIT, &var_virt_mailbox_limit, 0, 0,
0,
};
static CONFIG_STR_TABLE str_table[] = {
projects / thirdparty / postfix.git / commitdiff
