Bitrot: "make test" was broken due to recent changes in
code and due to recent changes at mail-abuse.org.
+
+20080618
+
+ Add a note to SMTP session transcript email messages that
+ other details may be found in the maillog file. Files:
+ smtpd/smtpd_chat.c, smtp/smtp_chat.c.
+
+20080620
+
+ Cleanup: with the "Before-queue content filter", RFC3848
+ information was not added to the headers. Carlos Velasco.
+ File smtpd/smtpd.c.
+
+20080621
+
+ Cleanup: include unread byte count in the SMTP server's "lost
+ connection after DATA (xx bytes)" logging. Files: smtpd/smtpd.c.
+
+20080629
+
+ Bugfix (introduced Postfix 2.2): multiple inconsistencies
+ in SASL support after introduction of TLS. The Postfix
+ SMTP server 1) complained about plain-text SASL configuration
+ details when SASL was forbidden for plain-text sessions,
+ and 2) ignored the smtpd_tls_auth_only parameter setting
+ when built without TLS support. Files: smtpd/smtpd.c,
+ smtpd/smtpd_check.c, smtpd/smtpd_sasl_glue.[hc],
+ smtpd/smtpd_state.c.
+
+ Some clarification about recipient address versus domain,
+ and recipients per message versus session. File:
+ proto/postconf.proto.
+
+ The description of SASL authentication attributes was
+ garbled. File: pipe/pipe.c.
# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain
- # Whitelisting: local clients may specify any destination. Others may not.
+ # Whitelisting: local clients may specify any destination domain.
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
# Block clients that speak too early.
If you upgrade from Postfix 2.4 or earlier, read RELEASE_NOTES-2.5
before proceeding.
+Incompatibility with snapshot 20080629
+======================================
+
+When TLS support is not compiled in, the Postfix SMTP server no
+longer ignores the "smtpd_tls_auth_only = yes" parameter setting.
+Earlier Postfix SMTP server versions would announce SASL support,
+and would accept SASL login or sender information.
+
+Major changes with snapshot 20080629
+====================================
+
+The Postfix SMTP server's SASL authentication was re-structured.
+With "smtpd_tls_auth_only = yes", SASL support is now activated
+only after a successful TLS handshake. Earlier Postfix SMTP server
+versions could complain about unavailable SASL mechanisms during
+the plaintext phase of the SMTP protocol.
+
Incompatibility with snapshot 20080510
======================================
<ul>
-<li> <p> Disallowing <a href="http://www.faqs.org/rfcs/rfc822.html">RFC 822</a> address syntax (example: "MAIL FROM: the
+<li> <p> Disallowing <a href="http://tools.ietf.org/html/rfc822">RFC 822</a> address syntax (example: "MAIL FROM: the
dude <dude@example.com>"). </p>
<li> <p> Disallowing addresses that are not enclosed with <>
# Don't accept mail from domains that don't exist.
<a href="postconf.5.html#smtpd_sender_restrictions">smtpd_sender_restrictions</a> = <a href="postconf.5.html#reject_unknown_sender_domain">reject_unknown_sender_domain</a>
- # Whitelisting: local clients may specify any destination. Others may not.
+ # Whitelisting: local clients may specify any destination domain.
<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> = <a href="postconf.5.html#permit_mynetworks">permit_mynetworks</a>, <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
# Block clients that speak too early.
into connection count and/or rate limits falsely.
In this preliminary implementation, a count (or rate) lim-
- ited server can have only one remote client at a time. If
- a server reports multiple simultaneous clients, state is
- kept only for the last reported client.
+ ited server process can have only one remote client at a
+ time. If a server process reports multiple simultaneous
+ clients, state is kept only for the last reported client.
- The <a href="anvil.8.html"><b>anvil</b>(8)</a> server automatically discards client request
- information
after it expires. To prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a>
+ The <a href="anvil.8.html"><b>anvil</b>(8)</a> server automatically discards client request
+ information
after it expires. To prevent the <a href="anvil.8.html"><b>anvil</b>(8)</a>
server from discarding client request rate information too
- early or too late, a rate limited service should always
- register connect/disconnect events even when it does not
+ early or too late, a rate limited service should always
+ register connect/disconnect events even when it does not
explicitly limit them.
<b>CONFIGURATION PARAMETERS</b>
On low-traffic mail systems, changes to <a href="postconf.5.html"><b>main.cf</b></a> are picked
up automatically as <a href="anvil.8.html"><b>anvil</b>(8)</a> processes run for only a lim-
- ited amount of time. On other mail systems, use the com-
+ ited amount of time. On other mail systems, use the com-
mand "<b>postfix reload</b>" to speed up a change.
- The text below provides only a parameter summary. See
+ The text below provides only a parameter summary. See
<a href="postconf.5.html"><b>postconf</b>(5)</a> for more details including examples.
<b><a href="postconf.5.html#anvil_rate_time_unit">anvil_rate_time_unit</a> (60s)</b>
- The time unit over which client connection rates
+ The time unit over which client connection rates
and other rates are calculated.
<b><a href="postconf.5.html#anvil_status_update_time">anvil_status_update_time</a> (600s)</b>
- How frequently the <a href="anvil.8.html"><b>anvil</b>(8)</a> connection and rate
+ How frequently the <a href="anvil.8.html"><b>anvil</b>(8)</a> connection and rate
limiting server logs peak usage information.
<b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
<a href="master.5.html">master.cf</a> configuration files.
<b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
- How much time a Postfix daemon process may take to
- handle a request before it is terminated by a
+ How much time a Postfix daemon process may take to
+ handle a request before it is terminated by a
built-in watchdog timer.
<b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
over an internal communication channel.
<b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
- The maximum amount of time that an idle Postfix
- daemon process waits for an incoming connection
+ The maximum amount of time that an idle Postfix
+ daemon process waits for an incoming connection
before terminating voluntarily.
<b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
- The maximal number of incoming connections that a
- Postfix daemon process will service before termi-
+ The maximal number of incoming connections that a
+ Postfix daemon process will service before termi-
nating voluntarily.
<b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
- The process ID of a Postfix command or daemon
+ The process ID of a Postfix command or daemon
process.
<b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
- The process name of a Postfix command or daemon
+ The process name of a Postfix command or daemon
process.
<b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
The syslog facility of Postfix logging.
<b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
- The mail system name that is prepended to the
- process name in syslog records, so that "smtpd"
+ The mail system name that is prepended to the
+ process name in syslog records, so that "smtpd"
becomes, for example, "postfix/smtpd".
<b>SEE ALSO</b>
<a href="TUNING_README.html">TUNING_README</a>, performance tuning
<b>LICENSE</b>
- The Secure Mailer license must be distributed with this
+ The Secure Mailer license must be distributed with this
software.
<b>HISTORY</b>
This macro expands to the remote client net-
work address.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${client_helo</b>}
This macro expands to the remote client HELO
command parameter.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${client_hostname</b>}
This macro expands to the remote client
hostname.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${client_port</b>}
This macro expands to the remote client TCP
port number.
- This is available in Postfix 2.5 and later.
+ This feature is available as of Postfix 2.5.
<b>${client_protocol</b>}
This macro expands to the remote client pro-
tocol.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${domain</b>}
This macro expands to the domain portion of
This information is modified by the <b>h</b> flag
for case folding.
- This is available in Postfix 2.5 and later.
+ This feature is available as of Postfix 2.5.
<b>${extension</b>}
This macro expands to the extension part of
This information is modified by the <b>hqu</b>
flags for quoting and case folding.
- This feature is available in Postfix 2.5 and
- later.
+ This feature is available as of Postfix 2.5.
<b>${recipient</b>}
This macro expands to the complete recipient
flags for quoting and case folding.
<b>${sasl_method</b>}
- This macro expands to the SASL authentica-
- tion mechanism used during the reception of
- the message. An empty string is passed if
- the message has been received without SASL
- authentication.
+ This macro expands to the name of the SASL
+ authentication mechanism in the AUTH command
+ when the Postfix SMTP server received the
+ message.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${sasl_sender</b>}
- This macro expands to the SASL sender name
- (i.e.
the original submitter as per <a href="http://tools.ietf.org/html/rfc4954">RFC</a>
- <a href="http://tools.ietf.org/html/rfc4954">4954</a>) used during the reception of the mes-
- sage.
+ This macro expands to the SASL sender name
+ (i.e.
the original submitter as per <a href="http://tools.ietf.org/html/rfc4954">RFC</a>
+ <a href="http://tools.ietf.org/html/rfc4954">4954</a>) in the MAIL FROM command when the
+ Postfix SMTP server received the message.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${sasl_username</b>}
- This macro expands to the SASL user name
- used during the reception of the message. An
- empty string is passed if the message has
- been received without SASL authentication.
+ This macro expands to the SASL user name in
+ the AUTH command when the Postfix SMTP
+ server received the message.
- This is available in Postfix 2.2 and later.
+ This feature is available as of Postfix 2.2.
<b>${sender</b>}
This macro expands to the envelope sender
fix is built with Cyrus SASL support.
<b>dovecot</b>
- This server plug-in requires the Dovecot
- authentication server.
+ This server plug-in uses the Dovecot authen-
+ tication server, and is available when Post-
+ fix is built with any form of SASL support.
This feature is available with Postfix 2.3 and
later.
this limit, then you should increase the <a href="postconf.5.html#mime_nesting_limit">mime_nesting_limit</a> value
proportionally. </p>
+<p> Note: be careful when making changes. Excessively large values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds a local or remote MTA's message size limit.
+</p>
+
</DD>
<DT><b><a name="lmtp_destination_recipient_limit">lmtp_destination_recipient_limit</a>
(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
-<p> The maximal number of recipients per delivery via the lmtp
+<p> The maximal number of recipients per message for the lmtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the <a href="master.5.html">master.cf</a> file. </p>
The maximal size in bytes of a message, including envelope information.
</p>
+<p> Note: be careful when making changes. Excessively small values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds the local or remote MTA's message size limit.
+</p>
+
</DD>
<DT><b><a name="relay_destination_recipient_limit">relay_destination_recipient_limit</a>
(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
-<p> The maximal number of recipients per delivery via the relay
+<p> The maximal number of recipients per message for the relay
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the <a href="master.5.html">master.cf</a> file. </p>
<DT><b><a name="smtp_destination_recipient_limit">smtp_destination_recipient_limit</a>
(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
-<p> The maximal number of recipients per delivery via the smtp
+<p> The maximal number of recipients per message for the smtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the <a href="master.5.html">master.cf</a> file. </p>
<p> To prevent mailer loops between MX hosts and fall-back hosts,
Postfix version 2.2 and later will not use the fallback relays for
-destinations that it is MX host for (and DSN lookup is turned on).
+destinations that it is MX host for (assuming DNS lookup is turned on).
</p>
<dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the MX hosts for
-the RCPT TO address, and execute the corresponding action. Note:
+the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
<dt><b><a name="check_recipient_ns_access">check_recipient_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified <a href="access.5.html">access(5)</a> database for the DNS servers
-for the RCPT TO address, and execute the corresponding action.
+for the RCPT TO domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
<ul>
-<li> Postfix is mail forwarder: the resolved RCPT TO address matches
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
$<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and the address contains no
sender-specified routing (user@elsewhere@domain),
-<li> Postfix is the final destination: the resolved RCPT TO address
+<li> Postfix is the final destination: the resolved RCPT TO domain
matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and the address
contains no sender-specified routing (user@elsewhere@domain).
<dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
<dd>Permit the request when the local mail system is backup MX for
-the RCPT TO address, or when the address is an authorized destination
+the RCPT TO domain, or when the domain is an authorized destination
(see <a href="postconf.5.html#permit_auth_destination">permit_auth_destination</a> for definition).
<ul>
<ul>
-<li> Postfix is mail forwarder: the resolved RCPT TO address matches
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
$<a href="postconf.5.html#relay_domains">relay_domains</a> or a subdomain thereof, and contains no sender-specified
routing (user@elsewhere@domain),
-<li> Postfix is the final destination: the resolved RCPT TO address
+<li> Postfix is the final destination: the resolved RCPT TO domain
matches $<a href="postconf.5.html#mydestination">mydestination</a>, $<a href="postconf.5.html#inet_interfaces">inet_interfaces</a>, $<a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a>,
$<a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a>, or $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>, and contains
no sender-specified routing (user@elsewhere@domain).
<dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
<dd>Reject the request when Postfix is not final destination for
-the recipient address, and the RCPT TO address has no DNS A or MX
+the recipient domain, and the RCPT TO domain has no DNS A or MX
record, or when it has a malformed MX record such as a record with
a zero-length MX hostname (Postfix version 2.3 and later). <br> The
<a href="postconf.5.html#unknown_address_reject_code">unknown_address_reject_code</a> parameter specifies the response code
<DT><b><a name="virtual_destination_recipient_limit">virtual_destination_recipient_limit</a>
(default: $<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipient_limit</a>)</b></DT><DD>
-<p> The maximal number of recipients per delivery via the virtual
+<p> The maximal number of recipients per message for the virtual
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the <a href="master.5.html">master.cf</a> file. </p>
This server plug-in is available when Postfix is built with
Cyrus SASL support.
.IP \fBdovecot\fR
-This server plug-in requires the Dovecot authentication
-server.
+This server plug-in uses the Dovecot authentication server,
+and is available when Postfix is built with any form of SASL
+support.
.RE
.IP
This feature is available with Postfix 2.3 and later.
non-delivery notification. Specify a byte count. If you increase
this limit, then you should increase the mime_nesting_limit value
proportionally.
+.PP
+Note: be careful when making changes. Excessively large values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds a local or remote MTA's message size limit.
.SH bounce_template_file (default: empty)
Pathname of a configuration file with bounce message templates.
These override the built-in templates of delivery status notification
the queue manager. The message delivery transport name is the first
field in the entry in the master.cf file.
.SH lmtp_destination_recipient_limit (default: $default_destination_recipient_limit)
-The maximal number of recipients per delivery via the lmtp
+The maximal number of recipients per message for the lmtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file.
This feature is available in Postfix 2.3 and later.
.SH message_size_limit (default: 10240000)
The maximal size in bytes of a message, including envelope information.
+.PP
+Note: be careful when making changes. Excessively small values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds the local or remote MTA's message size limit.
.SH message_strip_characters (default: empty)
The set of characters that Postfix will remove from message
content. The usual C-like escape sequences are recognized: \ea
.PP
This feature is available in Postfix 2.0 and later.
.SH relay_destination_recipient_limit (default: $default_destination_recipient_limit)
-The maximal number of recipients per delivery via the relay
+The maximal number of recipients per message for the relay
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file.
the queue manager. The message delivery transport name is the first
field in the entry in the master.cf file.
.SH smtp_destination_recipient_limit (default: $default_destination_recipient_limit)
-The maximal number of recipients per delivery via the smtp
+The maximal number of recipients per message for the smtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file.
.PP
To prevent mailer loops between MX hosts and fall-back hosts,
Postfix version 2.2 and later will not use the fallback relays for
-destinations that it is MX host for (and DSN lookup is turned on).
+destinations that it is MX host for (assuming DNS lookup is turned on).
.SH smtp_generic_maps (default: empty)
Optional lookup tables that perform address rewriting in the
SMTP client, typically to transform a locally valid address into
corresponding action.
.IP "\fBcheck_recipient_mx_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the MX hosts for
-the RCPT TO address, and execute the corresponding action. Note:
+the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.IP "\fBcheck_recipient_ns_access \fItype:table\fR\fR"
Search the specified \fBaccess\fR(5) database for the DNS servers
-for the RCPT TO address, and execute the corresponding action.
+for the RCPT TO domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later.
.IP "\fBpermit_auth_destination\fR"
Permit the request when one of the following is true:
.IP \(bu
-Postfix is mail forwarder: the resolved RCPT TO address matches
+Postfix is mail forwarder: the resolved RCPT TO domain matches
$relay_domains or a subdomain thereof, and the address contains no
sender-specified routing (user@elsewhere@domain),
.IP \(bu
-Postfix is the final destination: the resolved RCPT TO address
+Postfix is the final destination: the resolved RCPT TO domain
matches $mydestination, $inet_interfaces, $proxy_interfaces,
$virtual_alias_domains, or $virtual_mailbox_domains, and the address
contains no sender-specified routing (user@elsewhere@domain).
.IP "\fBpermit_mx_backup\fR"
Permit the request when the local mail system is backup MX for
-the RCPT TO address, or when the address is an authorized destination
+the RCPT TO domain, or when the domain is an authorized destination
(see permit_auth_destination for definition).
.IP \(bu
Safety: permit_mx_backup does not accept addresses that have
.IP "\fBreject_unauth_destination\fR"
Reject the request unless one of the following is true:
.IP \(bu
-Postfix is mail forwarder: the resolved RCPT TO address matches
+Postfix is mail forwarder: the resolved RCPT TO domain matches
$relay_domains or a subdomain thereof, and contains no sender-specified
routing (user@elsewhere@domain),
.IP \(bu
-Postfix is the final destination: the resolved RCPT TO address
+Postfix is the final destination: the resolved RCPT TO domain
matches $mydestination, $inet_interfaces, $proxy_interfaces,
$virtual_alias_domains, or $virtual_mailbox_domains, and contains
no sender-specified routing (user@elsewhere@domain).
code for rejected requests (default: 554).
.IP "\fBreject_unknown_recipient_domain\fR"
Reject the request when Postfix is not final destination for
-the recipient address, and the RCPT TO address has no DNS A or MX
+the recipient domain, and the RCPT TO domain has no DNS A or MX
record, or when it has a malformed MX record such as a record with
a zero-length MX hostname (Postfix version 2.3 and later).
.br
by the queue manager. The message delivery transport name is the
first field in the entry in the master.cf file.
.SH virtual_destination_recipient_limit (default: $default_destination_recipient_limit)
-The maximal number of recipients per delivery via the virtual
+The maximal number of recipients per message for the virtual
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file.
count and/or rate limits falsely.
In this preliminary implementation, a count (or rate) limited server
-can have only one remote client at a time. If a server reports
+process can have only one remote client at a time. If a
+server process reports
multiple simultaneous clients, state is kept only for the last
reported client.
.IP \fB${\fBclient_address\fR}\fR
This macro expands to the remote client network address.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBclient_helo\fR}\fR
This macro expands to the remote client HELO command parameter.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBclient_hostname\fR}\fR
This macro expands to the remote client hostname.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBclient_port\fR}\fR
This macro expands to the remote client TCP port number.
.sp
-This is available in Postfix 2.5 and later.
+This feature is available as of Postfix 2.5.
.IP \fB${\fBclient_protocol\fR}\fR
This macro expands to the remote client protocol.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBdomain\fR}\fR
This macro expands to the domain portion of the recipient
address. For example, with an address \fIuser+foo@domain\fR
.sp
This information is modified by the \fBh\fR flag for case folding.
.sp
-This is available in Postfix 2.5 and later.
+This feature is available as of Postfix 2.5.
.IP \fB${\fBextension\fR}\fR
This macro expands to the extension part of a recipient address.
For example, with an address \fIuser+foo@domain\fR the extension is
This information is modified by the \fBhqu\fR flags for quoting
and case folding.
.sp
-This feature is available in Postfix 2.5 and later.
+This feature is available as of Postfix 2.5.
.IP \fB${\fBrecipient\fR}\fR
This macro expands to the complete recipient address.
.sp
This information is modified by the \fBhqu\fR flags for quoting
and case folding.
.IP \fB${\fBsasl_method\fR}\fR
-This macro expands to the SASL authentication mechanism used
-during the reception of the message. An empty string is passed
-if the message has been received without SASL authentication.
+This macro expands to the name of the SASL authentication
+mechanism in the AUTH command when the Postfix SMTP server
+received the message.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBsasl_sender\fR}\fR
This macro expands to the SASL sender name (i.e. the original
-submitter as per RFC 4954) used during the reception of the message.
+submitter as per RFC 4954) in the MAIL FROM command when
+the Postfix SMTP server received the message.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBsasl_username\fR}\fR
-This macro expands to the SASL user name used during the reception
-of the message. An empty string is passed if the message has been
-received without SASL authentication.
+This macro expands to the SASL user name in the AUTH command
+when the Postfix SMTP server received the message.
.sp
-This is available in Postfix 2.2 and later.
+This feature is available as of Postfix 2.2.
.IP \fB${\fBsender\fR}\fR
This macro expands to the envelope sender address. By default,
the null sender address expands to MAILER-DAEMON; this can
# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions = reject_unknown_sender_domain
- # Whitelisting: local clients may specify any destination. Others may not.
+ # Whitelisting: local clients may specify any destination domain.
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
# Block clients that speak too early.
this limit, then you should increase the mime_nesting_limit value
proportionally. </p>
+<p> Note: be careful when making changes. Excessively large values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds a local or remote MTA's message size limit.
+</p>
+
%PARAM canonical_maps
<p>
<p> To prevent mailer loops between MX hosts and fall-back hosts,
Postfix version 2.2 and later will not use the fallback relays for
-destinations that it is MX host for (and DSN lookup is turned on).
+destinations that it is MX host for (assuming DNS lookup is turned on).
</p>
%PARAM fallback_relay
The maximal size in bytes of a message, including envelope information.
</p>
+<p> Note: be careful when making changes. Excessively small values
+will result in the loss of non-delivery notifications, when a bounce
+message size exceeds the local or remote MTA's message size limit.
+</p>
+
%PARAM minimal_backoff_time 300s
<p>
%PARAM lmtp_destination_recipient_limit $default_destination_recipient_limit
-<p> The maximal number of recipients per delivery via the lmtp
+<p> The maximal number of recipients per message for the lmtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file. </p>
%PARAM relay_destination_recipient_limit $default_destination_recipient_limit
-<p> The maximal number of recipients per delivery via the relay
+<p> The maximal number of recipients per message for the relay
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file. </p>
%PARAM smtp_destination_recipient_limit $default_destination_recipient_limit
-<p> The maximal number of recipients per delivery via the smtp
+<p> The maximal number of recipients per message for the smtp
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file. </p>
%PARAM virtual_destination_recipient_limit $default_destination_recipient_limit
-<p> The maximal number of recipients per delivery via the virtual
+<p> The maximal number of recipients per message for the virtual
message delivery transport. This limit is enforced by the queue
manager. The message delivery transport name is the first field in
the entry in the master.cf file. </p>
<dt><b><a name="check_recipient_mx_access">check_recipient_mx_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the MX hosts for
-the RCPT TO address, and execute the corresponding action. Note:
+the RCPT TO domain, and execute the corresponding action. Note:
a result of "OK" is not allowed for safety reasons. Instead, use
DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
<dt><b><a name="check_recipient_ns_access">check_recipient_ns_access</a> <i><a href="DATABASE_README.html">type:table</a></i></b></dt>
<dd>Search the specified access(5) database for the DNS servers
-for the RCPT TO address, and execute the corresponding action.
+for the RCPT TO domain, and execute the corresponding action.
Note: a result of "OK" is not allowed for safety reasons. Instead,
use DUNNO in order to exclude specific hosts from blacklists. This
feature is available in Postfix 2.1 and later. </dd>
<ul>
-<li> Postfix is mail forwarder: the resolved RCPT TO address matches
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
$relay_domains or a subdomain thereof, and the address contains no
sender-specified routing (user@elsewhere@domain),
-<li> Postfix is the final destination: the resolved RCPT TO address
+<li> Postfix is the final destination: the resolved RCPT TO domain
matches $mydestination, $inet_interfaces, $proxy_interfaces,
$virtual_alias_domains, or $virtual_mailbox_domains, and the address
contains no sender-specified routing (user@elsewhere@domain).
<dt><b><a name="permit_mx_backup">permit_mx_backup</a></b></dt>
<dd>Permit the request when the local mail system is backup MX for
-the RCPT TO address, or when the address is an authorized destination
+the RCPT TO domain, or when the domain is an authorized destination
(see permit_auth_destination for definition).
<ul>
<ul>
-<li> Postfix is mail forwarder: the resolved RCPT TO address matches
+<li> Postfix is mail forwarder: the resolved RCPT TO domain matches
$relay_domains or a subdomain thereof, and contains no sender-specified
routing (user@elsewhere@domain),
-<li> Postfix is the final destination: the resolved RCPT TO address
+<li> Postfix is the final destination: the resolved RCPT TO domain
matches $mydestination, $inet_interfaces, $proxy_interfaces,
$virtual_alias_domains, or $virtual_mailbox_domains, and contains
no sender-specified routing (user@elsewhere@domain).
<dt><b><a name="reject_unknown_recipient_domain">reject_unknown_recipient_domain</a></b></dt>
<dd>Reject the request when Postfix is not final destination for
-the recipient address, and the RCPT TO address has no DNS A or MX
+the recipient domain, and the RCPT TO domain has no DNS A or MX
record, or when it has a malformed MX record such as a record with
a zero-length MX hostname (Postfix version 2.3 and later). <br> The
unknown_address_reject_code parameter specifies the response code
/* count and/or rate limits falsely.
/*
/* In this preliminary implementation, a count (or rate) limited server
-/* can have only one remote client at a time. If a server reports
+/* process can have only one remote client at a time. If a
+/* server process reports
/* multiple simultaneous clients, state is kept only for the last
/* reported client.
/*
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
-#define MAIL_RELEASE_DATE "20080606"
+#define MAIL_RELEASE_DATE "20080629"
#define MAIL_VERSION_NUMBER "2.6"
#ifdef SNAPSHOT
/* .IP \fB${\fBclient_address\fR}\fR
/* This macro expands to the remote client network address.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBclient_helo\fR}\fR
/* This macro expands to the remote client HELO command parameter.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBclient_hostname\fR}\fR
/* This macro expands to the remote client hostname.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBclient_port\fR}\fR
/* This macro expands to the remote client TCP port number.
/* .sp
-/* This is available in Postfix 2.5 and later.
+/* This feature is available as of Postfix 2.5.
/* .IP \fB${\fBclient_protocol\fR}\fR
/* This macro expands to the remote client protocol.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBdomain\fR}\fR
/* This macro expands to the domain portion of the recipient
/* address. For example, with an address \fIuser+foo@domain\fR
/* .sp
/* This information is modified by the \fBh\fR flag for case folding.
/* .sp
-/* This is available in Postfix 2.5 and later.
+/* This feature is available as of Postfix 2.5.
/* .IP \fB${\fBextension\fR}\fR
/* This macro expands to the extension part of a recipient address.
/* For example, with an address \fIuser+foo@domain\fR the extension is
/* This information is modified by the \fBhqu\fR flags for quoting
/* and case folding.
/* .sp
-/* This feature is available in Postfix 2.5 and later.
+/* This feature is available as of Postfix 2.5.
/* .IP \fB${\fBrecipient\fR}\fR
/* This macro expands to the complete recipient address.
/* .sp
/* This information is modified by the \fBhqu\fR flags for quoting
/* and case folding.
/* .IP \fB${\fBsasl_method\fR}\fR
-/* This macro expands to the SASL authentication mechanism used
-/* during the reception of the message. An empty string is passed
-/* if the message has been received without SASL authentication.
+/* This macro expands to the name of the SASL authentication
+/* mechanism in the AUTH command when the Postfix SMTP server
+/* received the message.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBsasl_sender\fR}\fR
/* This macro expands to the SASL sender name (i.e. the original
-/* submitter as per RFC 4954) used during the reception of the message.
+/* submitter as per RFC 4954) in the MAIL FROM command when
+/* the Postfix SMTP server received the message.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBsasl_username\fR}\fR
-/* This macro expands to the SASL user name used during the reception
-/* of the message. An empty string is passed if the message has been
-/* received without SASL authentication.
+/* This macro expands to the SASL user name in the AUTH command
+/* when the Postfix SMTP server received the message.
/* .sp
-/* This is available in Postfix 2.2 and later.
+/* This feature is available as of Postfix 2.2.
/* .IP \fB${\fBsender\fR}\fR
/* This macro expands to the envelope sender address. By default,
/* the null sender address expands to MAILER-DAEMON; this can
/* This server plug-in is available when Postfix is built with
/* Cyrus SASL support.
/* .IP \fBdovecot\fR
-/* This server plug-in requires the Dovecot authentication
-/* server.
+/* This server plug-in uses the Dovecot authentication server,
+/* and is available when Postfix is built with any form of SASL
+/* support.
/* .RE
/* .IP
/* This feature is available with Postfix 2.3 and later.
for (cpp = session->history->argv; *cpp; cpp++)
line_wrap(printable(*cpp, '?'), LENGTH, INDENT, print_line,
(char *) notice);
+ post_mail_fputs(notice, "");
+ post_mail_fprintf(notice, "For other details, see the local mail logfile");
(void) post_mail_fclose(notice);
}
smtpd_milter.o: smtpd.h
smtpd_milter.o: smtpd_milter.c
smtpd_milter.o: smtpd_milter.h
+smtpd_milter.o: smtpd_sasl_glue.h
smtpd_peer.o: ../../include/argv.h
smtpd_peer.o: ../../include/attr.h
smtpd_peer.o: ../../include/inet_proto.h
bool var_smtpd_use_tls;
bool var_smtpd_enforce_tls;
bool var_smtpd_tls_wrappermode;
+bool var_smtpd_tls_auth_only;
#ifdef USE_TLS
char *var_smtpd_relay_ccerts;
char *var_smtpd_tls_CAfile;
char *var_smtpd_tls_CApath;
bool var_smtpd_tls_ask_ccert;
-bool var_smtpd_tls_auth_only;
int var_smtpd_tls_ccert_vd;
char *var_smtpd_tls_cert_file;
char *var_smtpd_tls_mand_ciph;
#endif
#ifdef USE_SASL_AUTH
if ((discard_mask & EHLO_MASK_AUTH) == 0) {
- if (var_smtpd_sasl_enable && !sasl_client_exception(state)
-#ifdef USE_TLS
- && (!state->tls_auth_only || state->tls_context)
-#endif
- ) {
+ if (smtpd_sasl_is_active(state) && !sasl_client_exception(state)) {
ENQUEUE_FMT_REPLY(state, reply_buf, "AUTH %s",
state->sasl_mechanism_list);
if (var_broken_auth_clients)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_RWR_CONTEXT, FORWARD_DOMAIN(state));
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable) {
+ if (smtpd_sasl_is_active(state)) {
if (state->sasl_method)
rec_fprintf(state->cleanup, REC_TYPE_ATTR, "%s=%s",
MAIL_ATTR_SASL_METHOD, state->sasl_method);
* Log the queue ID with the message origin.
*/
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state))
smtpd_sasl_mail_log(state);
else
#endif
return (-1);
}
#ifdef USE_SASL_AUTH
- } else if (var_smtpd_sasl_enable && strncasecmp(arg, "AUTH=", 5) == 0) {
+ } else if (smtpd_sasl_is_active(state)
+ && strncasecmp(arg, "AUTH=", 5) == 0) {
if ((err = smtpd_sasl_mail_opt(state, arg + 5)) != 0) {
smtpd_chat_reply(state, "%s", err);
return (-1);
state->saved_delay = 0;
#endif
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state))
smtpd_sasl_mail_reset(state);
#endif
state->discard = 0;
#endif
rfc3848_sess = "";
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable && var_smtpd_sasl_auth_hdr && state->sasl_username) {
+ if (smtpd_sasl_is_active(state) && var_smtpd_sasl_auth_hdr
+ && state->sasl_username) {
username = VSTRING_STRDUP(state->sasl_username);
comment_sanitize(username);
out_fprintf(out_stream, REC_TYPE_NORM,
vstring_free(username);
}
/* RFC 3848 is defined for ESMTP only. */
- if (var_smtpd_sasl_enable && state->sasl_username
+ if (smtpd_sasl_is_active(state) && state->sasl_username
&& strcmp(state->protocol, MAIL_PROTO_ESMTP) == 0)
rfc3848_auth = "A";
else
if (state->rcpt_count == 1 && state->recipient) {
out_fprintf(out_stream, REC_TYPE_NORM,
state->cleanup ? "\tby %s (%s) with %s%s%s id %s" :
- "\tby %s (%s) with %s",
+ "\tby %s (%s) with %s%s%s",
var_myhostname, var_mail_name,
state->protocol, rfc3848_sess,
rfc3848_auth, state->queue_id);
} else {
out_fprintf(out_stream, REC_TYPE_NORM,
state->cleanup ? "\tby %s (%s) with %s%s%s id %s;" :
- "\tby %s (%s) with %s;",
+ "\tby %s (%s) with %s%s%s;",
var_myhostname, var_mail_name,
state->protocol, rfc3848_sess,
rfc3848_auth, state->queue_id);
state->protocol = mystrdup(MAIL_PROTO_SMTP);
}
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state))
smtpd_sasl_auth_reset(state);
#endif
chat_reset(state, 0);
* offered within a plain-text session.
*/
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable
- && strcmp(var_smtpd_sasl_tls_opts, var_smtpd_sasl_opts) != 0) {
- smtpd_sasl_auth_reset(state);
- smtpd_sasl_disconnect(state);
- smtpd_sasl_connect(state, VAR_SMTPD_SASL_TLS_OPTS,
- var_smtpd_sasl_tls_opts);
+ if (var_smtpd_sasl_enable) {
+ /* Non-wrappermode, presumably. */
+ if (smtpd_sasl_is_active(state)
+ && strcmp(var_smtpd_sasl_opts, var_smtpd_sasl_tls_opts) != 0) {
+ smtpd_sasl_auth_reset(state);
+ smtpd_sasl_deactivate(state);
+ }
+ /* Wrappermode and non-wrappermode. */
+ if (smtpd_sasl_is_active(state) == 0)
+ smtpd_sasl_activate(state, VAR_SMTPD_SASL_TLS_OPTS,
+ var_smtpd_sasl_tls_opts);
}
#endif
}
ehlo_words = var_smtpd_ehlo_dis_words;
state->ehlo_discard_mask = ehlo_mask(ehlo_words);
+ /*
+ * SASL initialization for plaintext mode.
+ *
+ * XXX Backwards compatibility: allow AUTH commands when the AUTH
+ * announcement is suppressed via smtpd_sasl_exceptions_networks.
+ *
+ * XXX Safety: don't enable SASL with "smtpd_tls_auth_only = yes" and
+ * non-TLS build.
+ */
+#ifdef USE_SASL_AUTH
+ if (var_smtpd_sasl_enable && smtpd_sasl_is_active(state) == 0
+#ifdef USE_TLS
+ && state->tls_context == 0 && !state->tls_auth_only
+#else
+ && var_smtpd_tls_auth_only == 0
+#endif
+ )
+ smtpd_sasl_activate(state, VAR_SMTPD_SASL_OPTS,
+ var_smtpd_sasl_opts);
+#endif
+
for (;;) {
if (state->flags & SMTPD_FLAG_HANGUP)
break;
*/
if (state->reason && state->where) {
if (strcmp(state->where, SMTPD_CMD_DATA) == 0) {
- msg_info("%s after %s (%lu bytes) from %s",
- state->reason, state->where, (long) state->act_size,
+ msg_info("%s after %s (approximately %lu bytes) from %s",
+ state->reason, state->where,
+ (long) (state->act_size + vstream_peek(state->client)),
state->namaddr);
} else if (strcmp(state->where, SMTPD_AFTER_DOT)
|| strcmp(state->reason, REASON_LOST_CONNECTION)) {
#endif
helo_reset(state);
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state)) {
smtpd_sasl_auth_reset(state);
+ smtpd_sasl_deactivate(state);
+ }
#endif
chat_reset(state, 0);
mail_reset(state);
VAR_SMTPD_USE_TLS, DEF_SMTPD_USE_TLS, &var_smtpd_use_tls,
VAR_SMTPD_ENFORCE_TLS, DEF_SMTPD_ENFORCE_TLS, &var_smtpd_enforce_tls,
VAR_SMTPD_TLS_WRAPPER, DEF_SMTPD_TLS_WRAPPER, &var_smtpd_tls_wrappermode,
-#ifdef USE_TLS
VAR_SMTPD_TLS_AUTH_ONLY, DEF_SMTPD_TLS_AUTH_ONLY, &var_smtpd_tls_auth_only,
+#ifdef USE_TLS
VAR_SMTPD_TLS_ACERT, DEF_SMTPD_TLS_ACERT, &var_smtpd_tls_ask_ccert,
VAR_SMTPD_TLS_RCERT, DEF_SMTPD_TLS_RCERT, &var_smtpd_tls_req_ccert,
VAR_SMTPD_TLS_RECHEAD, DEF_SMTPD_TLS_RECHEAD, &var_smtpd_tls_received_header,
post_mail_fputs(notice, "");
if (state->reason)
post_mail_fprintf(notice, "Session aborted, reason: %s", state->reason);
+ post_mail_fputs(notice, "");
+ post_mail_fprintf(notice, "For other details, see the local mail logfile");
(void) post_mail_fclose(notice);
}
/*
* Reject if the client is logged in and does not own the sender address.
*/
- if (var_smtpd_sasl_enable && state->sasl_username != 0) {
+ if (smtpd_sasl_is_active(state) && state->sasl_username != 0) {
reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, sender);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, sender);
* Reject if the client is not logged in and the sender address has an
* owner.
*/
- if (var_smtpd_sasl_enable && state->sasl_username == 0) {
+ if (smtpd_sasl_is_active(state) && state->sasl_username == 0) {
reply = (const RESOLVE_REPLY *) ctable_locate(smtpd_resolve_cache, sender);
if (reply->flags & RESOLVE_FLAG_FAIL)
reject_dict_retry(state, sender);
ATTR_TYPE_STR, MAIL_ATTR_STRESS, var_stress,
#ifdef USE_SASL_AUTH
ATTR_TYPE_STR, MAIL_ATTR_SASL_METHOD,
- var_smtpd_sasl_enable && state->sasl_method ?
+ smtpd_sasl_is_active(state) && state->sasl_method ?
state->sasl_method : "",
ATTR_TYPE_STR, MAIL_ATTR_SASL_USERNAME,
- var_smtpd_sasl_enable && state->sasl_username ?
+ smtpd_sasl_is_active(state) && state->sasl_username ?
state->sasl_username : "",
ATTR_TYPE_STR, MAIL_ATTR_SASL_SENDER,
- var_smtpd_sasl_enable && state->sasl_sender ?
+ smtpd_sasl_is_active(state) && state->sasl_sender ?
state->sasl_sender : "",
#endif
#ifdef USE_TLS
state->sender, SMTPD_NAME_SENDER);
} else if (strcasecmp(name, REJECT_AUTH_SENDER_LOGIN_MISMATCH) == 0) {
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable) {
+ if (smtpd_sasl_is_active(state)) {
if (state->sender && *state->sender)
status = reject_auth_sender_login_mismatch(state, state->sender);
} else
msg_warn("restriction `%s' ignored: no SASL support", name);
} else if (strcasecmp(name, REJECT_UNAUTH_SENDER_LOGIN_MISMATCH) == 0) {
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable) {
+ if (smtpd_sasl_is_active(state)) {
if (state->sender && *state->sender)
status = reject_unauth_sender_login_mismatch(state, state->sender);
} else
cpp[1], CHECK_RELAY_DOMAINS);
} else if (strcasecmp(name, PERMIT_SASL_AUTH) == 0) {
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state))
status = permit_sasl_auth(state,
SMTPD_CHECK_OK, SMTPD_CHECK_DUNNO);
#endif
status = SMTPD_CHECK_OK;
} else if (strcasecmp(name, PERMIT_SASL_AUTH) == 0) {
#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
+ if (smtpd_sasl_is_active(state))
status = permit_sasl_auth(state, SMTPD_CHECK_OK,
SMTPD_CHECK_DUNNO);
#endif
#ifdef USE_SASL_AUTH
-/* smtpd_sasl_connect - stub */
+/* smtpd_sasl_activate - stub */
-void smtpd_sasl_connect(SMTPD_STATE *state, const char *opts_name,
- const char *opts_var)
+void smtpd_sasl_activate(SMTPD_STATE *state, const char *opts_name,
+ const char *opts_var)
{
- msg_panic("smtpd_sasl_connect was called");
+ msg_panic("smtpd_sasl_activate was called");
}
-/* smtpd_sasl_disconnect - stub */
+/* smtpd_sasl_deactivate - stub */
-void smtpd_sasl_disconnect(SMTPD_STATE *state)
+void smtpd_sasl_deactivate(SMTPD_STATE *state)
{
- msg_panic("smtpd_sasl_disconnect was called");
+ msg_panic("smtpd_sasl_deactivate was called");
}
/* permit_sasl_auth - stub */
/* Application-specific. */
#include <smtpd.h>
+#include <smtpd_sasl_glue.h>
#include <smtpd_milter.h>
/*
/*
* MAIL FROM macros.
*/
-#define IF_SASL_ENABLED(s) (var_smtpd_sasl_enable && (s) ? (s) : 0)
+#define IF_SASL_ENABLED(s) (smtpd_sasl_is_active(state) && (s) ? (s) : 0)
if (strcmp(name, S8_MAC_I) == 0)
return (state->queue_id);
/*
/* void smtpd_sasl_initialize()
/*
-/* void smtpd_sasl_connect(state, sasl_opts_name, sasl_opts_val)
+/* void smtpd_sasl_activate(state, sasl_opts_name, sasl_opts_val)
/* SMTPD_STATE *state;
/* const char *sasl_opts_name;
/* const char *sasl_opts_val;
/* void smtpd_sasl_logout(state)
/* SMTPD_STATE *state;
/*
-/* void smtpd_sasl_disconnect(state)
+/* void smtpd_sasl_deactivate(state)
+/* SMTPD_STATE *state;
+/*
+/* int smtpd_sasl_is_active(state)
+/* SMTPD_STATE *state;
+/*
+/* int smtpd_sasl_set_inactive(state)
/* SMTPD_STATE *state;
/* DESCRIPTION
/* This module encapsulates most of the detail specific to SASL
/* need access to the file system for run-time loading of
/* plug-in modules. There is no corresponding cleanup routine.
/*
-/* smtpd_sasl_connect() performs per-connection initialization.
+/* smtpd_sasl_activate() performs per-connection initialization.
/* This routine should be called once at the start of every
/* connection. The sasl_opts_name and sasl_opts_val parameters
/* are the postfix configuration parameters setting the security
/* smtpd_sasl_logout() cleans up after smtpd_sasl_authenticate().
/* This routine exists for the sake of symmetry.
/*
-/* smtpd_sasl_disconnect() performs per-connection cleanup.
+/* smtpd_sasl_deactivate() performs per-connection cleanup.
/* This routine should be called at the end of every connection.
/*
+/* smtpd_sasl_is_active() is a predicate that returns true
+/* if the SMTP server session state is between smtpd_sasl_activate()
+/* and smtpd_sasl_deactivate().
+/*
+/* smtpd_sasl_set_inactive() initializes the SMTP session
+/* state before the first smtpd_sasl_activate() call.
+/*
/* Arguments:
/* .IP state
/* SMTP session context.
}
-/* smtpd_sasl_connect - per-connection initialization */
+/* smtpd_sasl_activate - per-connection initialization */
-void smtpd_sasl_connect(SMTPD_STATE *state, const char *sasl_opts_name,
- const char *sasl_opts_val)
+void smtpd_sasl_activate(SMTPD_STATE *state, const char *sasl_opts_name,
+ const char *sasl_opts_val)
{
const char *mechanism_list;
+ /*
+ * Sanity check.
+ */
+ if (smtpd_sasl_is_active(state))
+ msg_panic("smtpd_sasl_activate: already active");
+
/*
* Initialize SASL-specific state variables. Use long-lived storage for
* base 64 conversion results, rather than local variables, to avoid
state->sasl_mechanism_list = mystrdup(mechanism_list);
}
-/* smtpd_sasl_disconnect - per-connection cleanup */
+/* smtpd_sasl_deactivate - per-connection cleanup */
-void smtpd_sasl_disconnect(SMTPD_STATE *state)
+void smtpd_sasl_deactivate(SMTPD_STATE *state)
{
if (state->sasl_reply) {
vstring_free(state->sasl_reply);
* SASL protocol interface
*/
extern void smtpd_sasl_initialize(void);
-extern void smtpd_sasl_connect(SMTPD_STATE *, const char *, const char *);
-extern void smtpd_sasl_disconnect(SMTPD_STATE *);
+extern void smtpd_sasl_activate(SMTPD_STATE *, const char *, const char *);
+extern void smtpd_sasl_deactivate(SMTPD_STATE *);
extern int smtpd_sasl_authenticate(SMTPD_STATE *, const char *, const char *);
extern void smtpd_sasl_logout(SMTPD_STATE *);
extern int permit_sasl_auth(SMTPD_STATE *, int, int);
+#define smtpd_sasl_is_active(s) ((s)->sasl_server != 0)
+#define smtpd_sasl_set_inactive(s) ((void) ((s)->sasl_server = 0))
+
/* LICENSE
/* .ad
/* .fi
smtpd_chat_reply(state, "503 5.5.1 Error: send HELO/EHLO first");
return (-1);
}
- if (SMTPD_STAND_ALONE(state) || !var_smtpd_sasl_enable
+ if (SMTPD_STAND_ALONE(state) || !smtpd_sasl_is_active(state)
|| (state->ehlo_discard_mask & EHLO_MASK_AUTH)) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "503 5.5.1 Error: authentication not enabled");
return (-1);
}
if (smtpd_milters != 0 && (err = milter_other_event(smtpd_milters)) != 0) {
- if (err[0] == '5') {
- state->error_mask |= MAIL_ERROR_POLICY;
- smtpd_chat_reply(state, "%s", err);
- return (-1);
- }
- /* Sendmail compatibility: map 4xx into 454. */
- else if (err[0] == '4') {
- state->error_mask |= MAIL_ERROR_POLICY;
- smtpd_chat_reply(state, "454 4.3.0 Try again later");
- return (-1);
- }
+ if (err[0] == '5') {
+ state->error_mask |= MAIL_ERROR_POLICY;
+ smtpd_chat_reply(state, "%s", err);
+ return (-1);
+ }
+ /* Sendmail compatibility: map 4xx into 454. */
+ else if (err[0] == '4') {
+ state->error_mask |= MAIL_ERROR_POLICY;
+ smtpd_chat_reply(state, "454 4.3.0 Try again later");
+ return (-1);
+ }
}
#ifdef USE_TLS
if (state->tls_auth_only && !state->tls_context) {
/*
* Do not store raw RFC2554 protocol data.
*/
- if (!var_smtpd_sasl_enable) {
+ if (!smtpd_sasl_is_active(state)) {
state->error_mask |= MAIL_ERROR_PROTOCOL;
return ("503 5.5.4 Error: authentication disabled");
}
#ifdef USE_SASL_AUTH
if (SMTPD_STAND_ALONE(state))
var_smtpd_sasl_enable = 0;
- if (var_smtpd_sasl_enable)
- smtpd_sasl_connect(state, VAR_SMTPD_SASL_OPTS, var_smtpd_sasl_opts);
+ smtpd_sasl_set_inactive(state);
#endif
state->milter_argv = 0;
vstring_free(state->dsn_buf);
if (state->dsn_orcpt_buf)
vstring_free(state->dsn_orcpt_buf);
-
-#ifdef USE_SASL_AUTH
- if (var_smtpd_sasl_enable)
- smtpd_sasl_disconnect(state);
-#endif
}
projects / thirdparty / postfix.git / commitdiff
