master/master.c, postlog/postlog.c, postlogd/postlogd.c,
util/logwriter.c, util/logwriter.h, util/Makefile.in,
util/vstream.c.
+
+20230517
+
+ Bugfix (defect introduced: Postfix 3.8) the posttls-finger
+ command could access uninitialized memory when reconnecting.
+ This also fixes a warning message when a destination contains
+ ":service" information. Reported by Thomas Korbar. File:
+ posttls-finger/posttls-finger.c.
2. Configure Postfix to write logging, to, for example, /var/log/postfix.log.
See also the "Logfile rotation" section below for logfile management.
+ In the example below, specifying maillog_file_permissions is optional
+ (Postfix 3.9 and later). The default value is 0600, i.e., only the super-
+ user can access the file; the value 0644 also adds 'group' and 'other' read
+ access.
+
# postfix stop
# postconf maillog_file=/var/log/postfix.log
+ # postconf maillog_file_permissions=0644 # (Postfix 3.9 and later)
# postfix start
By default, the logfile name must start with "/var" or "/dev/stdout" (the
* After a brief pause, compress the old logfile. The compression program is
configured with the maillog_file_compressor parameter (default: gzip).
+ * The next time it logs an event, postlogd(8) will create a new logfile, with
+ permissions specified with the maillog_file_permissions parameter (default:
+ 0600).
+
Notes:
* This command will not rotate a logfile with a pathname under the /dev
/var/log/postfix.log. See also the "<a href="#logrotate">Logfile
rotation</a>" section below for logfile management. </p>
+<p> In the example below, specifying <a href="postconf.5.html#maillog_file_permissions">maillog_file_permissions</a> is
+optional (Postfix 3.9 and later). The default value is 0600, i.e.,
+only the super-user can access the file; the value 0644 also
+adds 'group' and 'other' read access. </p>
+
<blockquote>
<pre>
# postfix stop
# postconf <a href="postconf.5.html#maillog_file">maillog_file</a>=/var/log/postfix.log
+# postconf <a href="postconf.5.html#maillog_file_permissions">maillog_file_permissions</a>=0644 # (Postfix 3.9 and later)
# postfix start
</pre>
</blockquote>
program is configured with the <a href="postconf.5.html#maillog_file_compressor">maillog_file_compressor</a> parameter
(default: gzip). </p>
+<li> <p> The next time it logs an event, <a href="postlogd.8.html">postlogd(8)</a> will create a
+new logfile, with permissions specified with the <a href="postconf.5.html#maillog_file_permissions">maillog_file_permissions</a>
+parameter (default: 0600). </p>
+
</ul>
<p> Notes: </p>
invoked with the -D option.
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
- The network interface addresses that this mail system receives
- mail on.
+ The local network interface addresses that this mail system
+ receives mail on.
<b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d output')</b>
The Internet protocols Postfix will attempt to use when making
or accepting connections.
<b><a href="postconf.5.html#import_environment">import_environment</a> (see 'postconf -d' output)</b>
- The list of environment parameters that a privileged Postfix
+ The list of environment variables that a privileged Postfix
process will import from a non-Postfix parent process, or
name=value environment overrides.
<p> This feature is available in Postfix 3.4 and later. </p>
+</DD>
+
+<DT><b><a name="maillog_file_permissions">maillog_file_permissions</a>
+(default: 0600)</b></DT><DD>
+
+<p> The file access permissions that will be set when the file
+$<a href="postconf.5.html#maillog_file">maillog_file</a> is created for the first time, or when the file is
+created after an existing file is rotated. Specify one of: <b>0600</b>
+(only super-user read/write access), <b>0640</b> (adds 'group' read
+access), or <b>0644</b> (also adds 'other' read access). The leading
+'0' is optional. </p>
+
+<p> This feature is available in Postfix 3.9 and later. </p>
+
+
</DD>
<DT><b><a name="maillog_file_prefixes">maillog_file_prefixes</a>
<b><a href="postconf.5.html#postlog_service_name">postlog_service_name</a> (postlog)</b>
The name of the <a href="postlogd.8.html"><b>postlogd</b>(8)</a> service entry in <a href="master.5.html">master.cf</a>.
+ Available in Postfix 3.9 and later:
+
+ <b><a href="postconf.5.html#maillog_file_permissions">maillog_file_permissions</a> (0600)</b>
+ The file access permissions that will be set when the file
+ $<a href="postconf.5.html#maillog_file">maillog_file</a> is created for the first time, or when the file is
+ created after an existing file is rotated.
+
<b>SEE ALSO</b>
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="postlogd.8.html">postlogd(8)</a>, Postfix logging
How much time a <a href="postlogd.8.html"><b>postlogd</b>(8)</a> process may take to process a
request before it is terminated by a built-in watchdog timer.
+ Available in Postfix 3.9 and later:
+
+ <b><a href="postconf.5.html#maillog_file_permissions">maillog_file_permissions</a> (0600)</b>
+ The file access permissions that will be set when the file
+ $<a href="postconf.5.html#maillog_file">maillog_file</a> is created for the first time, or when the file is
+ created after an existing file is rotated.
+
<b>SEE ALSO</b>
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
syslogd(8), system logging
\fBpostlogd\fR(8) service.
.IP "\fBpostlog_service_name (postlog)\fR"
The name of the \fBpostlogd\fR(8) service entry in master.cf.
+.PP
+Available in Postfix 3.9 and later:
+.IP "\fBmaillog_file_permissions (0600)\fR"
+The file access permissions that will be set when the file
+$maillog_file is created for the first time, or when the file is
+created after an existing file is rotated.
.SH "SEE ALSO"
.na
.nf
first argument.
.PP
This feature is available in Postfix 3.4 and later.
+.SH maillog_file_permissions (default: 0600)
+The file access permissions that will be set when the file
+$maillog_file is created for the first time, or when the file is
+created after an existing file is rotated. Specify one of: \fB0600\fR
+(only super\-user read/write access), \fB0640\fR (adds 'group' read
+access), or \fB0644\fR (also adds 'other' read access). The leading
+\&'0' is optional.
+.PP
+This feature is available in Postfix 3.9 and later.
.SH maillog_file_prefixes (default: /var, /dev/stdout)
A list of allowed prefixes for a maillog_file value. This is a
safety feature to contain the damage from a single configuration
The external command to execute when a Postfix daemon program is
invoked with the \-D option.
.IP "\fBinet_interfaces (all)\fR"
-The network interface addresses that this mail system receives
-mail on.
+The local network interface addresses that this mail system
+receives mail on.
.IP "\fBinet_protocols (see 'postconf -d output')\fR"
The Internet protocols Postfix will attempt to use when making
or accepting connections.
.IP "\fBimport_environment (see 'postconf -d' output)\fR"
-The list of environment parameters that a privileged Postfix
+The list of environment variables that a privileged Postfix
process will import from a non\-Postfix parent process, or name=value
environment overrides.
.IP "\fBmail_owner (postfix)\fR"
.IP "\fBpostlogd_watchdog_timeout (10s)\fR"
How much time a \fBpostlogd\fR(8) process may take to process a request
before it is terminated by a built\-in watchdog timer.
+.PP
+Available in Postfix 3.9 and later:
+.IP "\fBmaillog_file_permissions (0600)\fR"
+The file access permissions that will be set when the file
+$maillog_file is created for the first time, or when the file is
+created after an existing file is rotated.
.SH "SEE ALSO"
.na
.nf
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20230516"
+#define MAIL_RELEASE_DATE "20230517"
#define MAIL_VERSION_NUMBER "3.9"
#ifdef SNAPSHOT
/* The external command to execute when a Postfix daemon program is
/* invoked with the -D option.
/* .IP "\fBinet_interfaces (all)\fR"
-/* The local network interface addresses that this mail system receives
-/* mail on.
+/* The local network interface addresses that this mail system
+/* receives mail on.
/* .IP "\fBinet_protocols (see 'postconf -d output')\fR"
/* The Internet protocols Postfix will attempt to use when making
/* or accepting connections.
static void connect_remote(STATE *state, char *dest)
{
DNS_RR *addr;
- char *buf;
- char *domain;
- char *service;
/* When reconnecting use IP address of previous session */
if (state->addr == 0) {
+ char *buf;
+ char *domain;
+ char *service;
+
buf = parse_destination(dest, state->smtp ? "smtp" : "24",
&domain, &service, &state->port);
if (!state->nexthop)
if (level == TLS_LEV_INVALID
|| (state->stream = connect_addr(state, addr)) == 0) {
- msg_info("Failed to establish session to %s:%s via %s:%u: %s",
- dest, service, HNAME(addr), addr->port,
+ msg_info("Failed to establish session to %s via %s:%u: %s",
+ dest, HNAME(addr), addr->port,
vstring_str(state->why->reason));
continue;
}
projects / thirdparty / postfix.git / commitdiff
