more correct, but it opens a mail relay loophole with "user
@domain"@domain when relaying mail to a Sendmail system.
+20020514
+
+ Bugfix: the new code for header address quoting sometimes
+ did not null terminate strings so that arbitrary garbage
+ could appear at the end of message headers. Reported by
+ Ralf Hildebrandt. File: global/tok822_parse.c.
+
+ Safety: user@domain@domain is no longer accepted by the
+ permit_mx_backup uce restriction (unless Postfix is configured
+ with "resolve_dequoted_address = no"). Victor Duchovny,
+ Morgan Stanley. File: smtpd/smtpd_check.c.
+
Open problems:
Low: all table lookups should consistently use internalized
date. Snapshots change only the release date, unless they include
the same bugfixes as a patch release.
+Incompatible changes with Postfix snapshot 1.1.10-20020514
+==========================================================
+
+For safety reasons, the permit_mx_backup restriction no longer
+accepts mail for user@domain@domain. To recover the old behavior,
+specify "resolve_dequoted_address = no" which opens up a completely
+different can of worms as described a few paragraphs down in this
+document.
+
Major changes with Postfix snapshot 1.1.9-20020513
==================================================
* Patches change the patchlevel and the release date. Snapshots change the
* release date only, unless they include the same bugfix as a patch release.
*/
-#define MAIL_RELEASE_DATE "20020513"
+#define MAIL_RELEASE_DATE "20020514"
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "1.1.9-" MAIL_RELEASE_DATE
+#define DEF_MAIL_VERSION "1.1.10-" MAIL_RELEASE_DATE
extern char *var_mail_version;
/*
*/
case TOK822_ADDR:
tmp = vstring_alloc(100);
- tok822_internalize(tmp, tp->head, TOK822_STR_NONE);
+ tok822_internalize(tmp, tp->head, TOK822_STR_TERM);
quote_822_local_flags(vp, vstring_str(tmp),
QUOTE_FLAG_8BITCLEAN | QUOTE_FLAG_APPEND);
vstring_free(tmp);
"\tid %s; %s", state->queue_id, mail_date(state->time));
}
#ifdef RECEIVED_ENVELOPE_FROM
- quote_822_local(state->buf, state->sender, QUOTE_FLAG_8BITCLEAN);
+ quote_822_local(state->buf, state->sender);
rec_fprintf(state->cleanup, REC_TYPE_NORM,
"\t(envelope-from <%s>)", STR(state->buf));
#endif
if ((domain = strrchr(CONST_STR(reply->recipient), '@')) == 0)
return (SMTPD_CHECK_OK);
domain += 1;
- if (resolve_final(state, recipient, domain))
- return (SMTPD_CHECK_OK);
-
- if (msg_verbose)
- msg_info("%s: not local: %s", myname, recipient);
/*
- * Skip source-routed mail (uncertain destination).
+ * Skip source-routed non-local or virtual mail (uncertain destination).
*/
if (var_allow_untrust_route == 0 && (reply->flags & RESOLVE_FLAG_ROUTED))
return (SMTPD_CHECK_DUNNO);
+ /*
+ * The destination is local, or it is a local virtual destination.
+ */
+ if (resolve_final(state, recipient, domain))
+ return (SMTPD_CHECK_OK);
+
+ if (msg_verbose)
+ msg_info("%s: not local: %s", myname, recipient);
+
/*
* Skip numerical forms that didn't match the local system.
*/
projects / thirdparty / postfix.git / commitdiff
