========================
This document provides a road map of the Postfix mail system source
-code distribution. I suggest that you take a few minutes to read
-this file, and then proceed with the INSTALL instructions.
+code distribution. I suggest that you
+
+- take a few minutes to read this file,
+
+- review the RELEASE_NOTES file for incompatible changes,
+
+- and then proceed with the INSTALL instructions.
Introduction
============
+++ /dev/null
-LINUX SYSLOGD PERFORMANCE
-=========================
-
-LINUX syslogd uses synchronous writes by default, which is very
-expensive. For services such as mail it is recommended that you
-disable synchronous logfile writes by editing /etc/syslog.conf and
-by prepending a - to the logfile name:
-
- mail.* -/var/log/mail.log
-
-Send a "kill -HUP" to the syslogd to make the change effective.
home directory. This user handles all potentially dangerous mail
content - that is why it should be a separate account.
+In the above example, Postfix listens on port localhost:10025. If
+you want to have your filter listening on port localhost:10025
+instead of Postfix, then you must run your filter as a stand-alone
+program.
+
The /some/where/filter command is most likely a PERL script. PERL
has modules that make talking SMTP easy. The command-line specifies
that mail should be sent back into Postfix via localhost port 10026.
Code cleanup: Postfix should now run with no alias database.
Code cleanup: local_destination_recipient_limit and
- local_destination_concurrency_limit are not first-class
+ local_destination_concurrency_limit have become first-class
configuration parameters. Files: global/mail_params.h,
*qmgr/qmgr.c, postconf/postconf.c.
+
+20010226
+
+ Documentation suggestions by Lars Hecking and Richard
+ Huxton, Matthias Andree and many others.
+
+ Code cleanup: some queue/transport operations need to be
+ moved, after the code cleanup of the recipient/concurrency
+ limit handling. Patrik Rak. Files: *qmgr/qmgr_message.c.
+Release 20010228 differs from snapshot 20010228 in that the virtual
+delivery agent and nqmgr queue manager are left out. That software
+will become part of the official release when it has not changed
+in a while.
+
Incompatible changes with snapshot-20010225
===========================================
# The general format is lines with parameter = value pairs. Lines
# that begin with whitespace continue the previous line. A value can
# contain references to other $names or ${name}s.
+#
+# NOTE - CHANGE NO MORE THAN 2-3 PARAMETERS AT A TIME, AND TEST IF
+# POSTFIX STILL WORKS AFTER EVERY CHANGE.
# SOFT BOUNCE
#
# through Postfix. See the smtpd_recipient_restrictions parameter
# in file sample-smtpd.cf.
#
+# You can specify the list of "trusted" network addresses by hand
+# or you can let Postfix do it for you (which is the default).
+#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
# On Linux, this does works correctly only with interfaces specified
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
-# This used to be the default. It is appropriate for service providers.
+# Don't do this with a dialup site - it would cause Postfix to "trust"
+# your entire provider's network. Instead, specify an explicit
+# mynetworks list by hand, as described below.
#
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
# mynetworks_style = subnet
# mynetworks_style = host
-# Instead of using mynetworks_style to implicitly derive the mynetworks
-# list from local machine addresses, you can specify an explicit list
-# of network/netmask patterns, where the mask specifies the number of
-# bits in the network part of a host address.
+# Alternatively, you can specify the mynetworks list by hand, in
+# which case Postfix ignores the mynetworks_style setting.
+#
+# Specify an explicit list of network/netmask patterns, where the
+# mask specifies the number of bits in the network part of a host
+# address.
#
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here.
# through Postfix. See the smtpd_recipient_restrictions parameter
# in file sample-smtpd.cf.
#
+# You can specify the list of "trusted" network addresses by hand
+# or you can let Postfix do it for you (which is the default).
+#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
-# This used to be the default. It is appropriate for service providers.
+# Don't do this with a dialup site - it would cause Postfix to "trust"
+# your entire provider's network. Instead, specify an explicit
+# mynetworks list by hand, as described below.
#
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
# mynetworks_style = subnet
# mynetworks_style = host
-# Instead of using mynetworks_style to implicitly derive the mynetworks
-# list from local machine addresses, you can specify an explicit list
-# of network/netmask patterns, where the mask specifies the number of
-# bits in the network part of a host address.
+# Alternatively, you can specify the mynetworks list by hand, in
+# which case Postfix ignores the mynetworks_style setting.
+#
+# Specify an explicit list of network/netmask patterns, where the
+# mask specifies the number of bits in the network part of a host
+# address.
#
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here.
# through Postfix. See the smtpd_recipient_restrictions parameter
# in file sample-smtpd.cf.
#
+# You can specify the list of "trusted" network addresses by hand
+# or you can let Postfix do it for you (which is the default).
+#
# By default (mynetworks_style = subnet), Postfix "trusts" SMTP
# clients in the same IP subnetworks as the local machine.
#
# Specify "mynetworks_style = class" when Postfix should "trust" SMTP
# clients in the same IP class A/B/C networks as the local machine.
-# This used to be the default. It is appropriate for service providers.
+# Don't do this with a dialup site - it would cause Postfix to "trust"
+# your entire provider's network. Instead, specify an explicit
+# mynetworks list by hand, as described below.
#
# Specify "mynetworks_style = host" when Postfix should "trust"
# only the local machine.
mynetworks_style = subnet
# mynetworks_style = host
-# Instead of using mynetworks_style to implicitly derive the mynetworks
-# list from local machine addresses, you can specify an explicit list
-# of network/netmask patterns, where the mask specifies the number of
-# bits in the network part of a host address.
+# Alternatively, you can specify the mynetworks list by hand, in
+# which case Postfix ignores the mynetworks_style setting.
+#
+# Specify an explicit list of network/netmask patterns, where the
+# mask specifies the number of bits in the network part of a host
+# address.
#
# You can also specify the absolute pathname of a pattern file instead
# of listing the patterns here.
queue status. This is the program behind the <a
href="mailq.1.html">mailq</a> command.
+<p>
+
+<li>The <a href="flush.8.html">flush</a> daemon improves the
+performance of the SMTP <b>ETRN</b> request, and of its command-line
+equivalent, <b>sendmail -qR</b><i>destination</i>, for selected
+destinations. For other destinations, Postfix silently falls
+back to the equivalent of <b>sendmail -q</b>.
+
+<p>
+
+<li>The <a href="spawn.8.html">spawn</a> daemon listens on a TCP
+port, UNIX-domain socket or FIFO, and runs non-Postfix commands on
+request, with the socket or FIFO connected to the standard input,
+output and error streams. It is currently used only in an example
+of the Postfix external content filtering system.
+
</ul>
<hr>
<dl>
<dt> <b>class</b> <dd> Trust SMTP clients in the class A/B/C networks
-that Postfix is connected to.
+that Postfix is connected to. <b>Don't do this with a dialup site
+- it would cause Postfix to "trust" your entire provider's network.
+Instead, specify an explicit mynetworks list by hand, as described
+below</b>.
<p>
<p>
-To specify the list of trusted networks by hand, specify
-network blocks in CIDR (network/mask) notation, for example:
+Alternatively, you can specify the <b>mynetworks</b> list by hand,
+in which case Postfix ignores the <b>mynetworks_style</b> setting.
+To specify the list of trusted networks by hand, specify network
+blocks in CIDR (network/mask) notation, for example:
<p>
</dl>
+<p>
+
+You can also specify the absolute pathname of a pattern file instead
+of listing the patterns in the <b>main.cf</b> file.
+
<a name="inet_interfaces"> <h2> My own network addresses </h2> </a>
The <b>inet_interfaces</b> parameter specifies all network interface
<ul>
-<li><a href="#example_config">Example configurations</a>
+<li><a href="#poppers">POP or IMAP problems</a>
<li><a href="#warnings">Postfix warnings and error messages</a>
+<li><a href="#example_config">Example configurations</a>
+
<li><a href="#sendmail_incompatibility">Sendmail incompatibility</a>
<li><a href="#moby">Running hundreds of Postfix processes</a>
<p>
-<a name="example_config"><h3>Example configurations</h3>
+<a name="warnings"><h3>Postfix warnings and error messages</h3>
<ul>
-<li><a href="#stand_alone">Stand-alone machine</a>
+<li><a href="#biff">What does "biff_notify: Connection refused" mean?</a>
-<li><a href="#workstation_server">Workstations and servers</a>
+<li><a href="#nisdom">What does "NIS domain name not set - NIS lookups disabled" mean?</a>
-<li><a href="#null_client">Null clients</a>
+<li><a href="#dns-again">Mail stays queued with: Host not found, try again</a>
-<li><a href="#intranet">Running Postfix inside an intranet</a>
+<li><a href="#timeouts">Mail fails consistently with timeout or lost connection</a>
-<li><a href="#firewall">Running Postfix on a firewall</a>
+<li><a href="#noalias">What does "fatal: open database /etc/aliases.db" mean?</a>
-<li><a href="#dialup">Running Postfix on a dialup machine</a>
+<li><a href="#nosuid">sendmail has set-uid root file permissions, or is run from a set-uid root process</a>
</ul>
<p>
-<a name="warnings"><h3>Postfix warnings and error messages</h3>
+<a name="example_config"><h3>Example configurations</h3>
<ul>
-<li><a href="#biff">What does "biff_notify: Connection refused" mean?</a>
+<li><a href="#stand_alone">Stand-alone machine</a>
-<li><a href="#nisdom">What does "NIS domain name not set - NIS lookups disabled" mean?</a>
+<li><a href="#workstation_server">Workstations and servers</a>
-<li><a href="#dns-again">Mail stays queued with: Host not found, try again</a>
+<li><a href="#null_client">Null clients</a>
-<li><a href="#timeouts">Mail fails consistently with timeout or lost connection</a>
+<li><a href="#intranet">Running Postfix inside an intranet</a>
-<li><a href="#noalias">What does "fatal: open database /etc/aliases.db" mean?</a>
+<li><a href="#firewall">Running Postfix on a firewall</a>
+
+<li><a href="#dialup">Running Postfix on a dialup machine</a>
</ul>
<hr>
+<a name="poppers"><h3>POP or IMAP problems</h3>
+
+Postfix is a mail delivery system. Postfix does not implement
+services such as POP or IMAP to read mail. Several POP/IMAP
+implementations exist that can cooperate with software such as
+Postfix.
+
+<p>
+
+Examples of software that is used successfully with Postfix:
+
+<p>
+
+<ul>
+
+<li><a href="http://asg.web.cmu.edu/cyrus/">Cyrus IMAP</a> implements
+IMAP, POP3, and KPOP, later versions also support TLS. This software
+implements its own private mail database system. Not for beginners.
+
+<p>
+
+<li><a href="http://www.inter7.com/courierimap/">Courier-Imap</a>
+provides POP3, IMAP, POP3 and IMAP, and supports access over SSL.
+This software supports the maildir-style mailbox format only
+(one message per file, same format as qmail).
+
+<p>
+
+<li><a href="http://www.eudora.com/qpopper/">Qpopper</a> supports
+POP3, TLS (SSL), and uses the traditional UNIX-style mailbox format
+(multiple messages per file, each message starts with "From sender date...").
+
+</ul>
+
+<p>
+
+<hr>
+
<a name="stand_alone"><h3>Stand-alone machine</h3>
Out of the box, Postfix should work without change on a stand-alone
<hr>
+<a name="nosuid"><h1>sendmail has set-uid root file permissions, or is run from a
+set-uid root process</h3></a>
+
+Traditionally, the UNIX <b>sendmail</b> command is installed with
+set-uid root permissions. Even many MTAs other than Sendmail ship
+with a set-uid root <b>sendmail</b> command. This is not the case
+with Postfix. The Postfix <b>sendmail</b> command is designed not
+to be set-uid.
+
+<p>
+
+Unfortunately, some Linux systems have a helpful utility called
+<b>linuxconf</b> that automatically "fixes" file permissions to
+what they are supposed to be for Sendmail's <b>sendmail</b> command.
+Even when you reset the set-uid bit on the Postfix <b>sendmail</b>
+executable file, <b>linuxconf</b> will happily turn it on again
+for you.
+
+<p>
+
+On SuSE systems the file permission fixing utulity is called
+<b>SuSEconfig</b>. Other Linux systems may use different names.
+The usual disclaimers about mileages etc. apply.
+
+<p>
+
+<h4>Solutions</h4>
+
+<ul>
+
+<li>Rask Ingemann Lambertsen has a particularly effective
+solution :-)
+
+<blockquote>
+<pre>
+# /etc/rc.d/init.d/linuxconf stop && rpm --erase linuxconf
+</pre>
+</blockquote>
+
+<li>According to Matthias Andree, the band-aid fix for SuSE is to
+add to /etc/permissions.local the following line:
+
+<blockquote>
+<pre>
+/usr/sbin/sendmail root.root 755
+</pre>
+</blockquote>
+
+and to make sure that in /etc/rc.config,
+PERMISSIONS_SECURITY mentions local last, EXAMPLE:
+
+<blockquote>
+<pre>
+CHECK_PERMISSIONS=set
+PERMISSION_SECURITY="secure local"
+</pre>
+</blockquote>
+
+</ul>
+
+<hr>
+
<a name="moby-freebsd"><h3>Running hundreds of Postfix processes on FreeBSD</h3></a>
With hundreds of Postfix processes, the kernel will eventually
<a name="deleting"><h3>Deleting a message from the Postfix queue</h3></a>
-To delete ONE message with queue id ABCDEF from the Postfix queue,
-it is not necessary to stop Postfix.
+To delete ONE message with queue id ABCDEF (e.g., from <b>mailq</b>
+output) from the Postfix queue, it is not necessary to stop Postfix.
<p>
<p>
-If you have to delete a large amount of mail, it is safer to stop
-Postfix first.
+If you have to delete a large amount of mail, you must stop Postfix
+first.
<p>
<pre>
<b>recipient</b><i>_</i><b>delimiter</b>
Separator between username and address extension.
- <b>test</b><i>_</i><b>home</b><i>_</i><b>directory</b>
+ <b>require</b><i>_</i><b>home</b><i>_</i><b>directory</b>
Require that a recipient's home directory is acces-
sible by the recipient before attempting delivery.
+ Defer delivery otherwise.
<b>Mailbox</b> <b>delivery</b>
<b>fallback</b><i>_</i><b>transport</b>
External command to use for mailbox delivery. The
command executes with the recipient privileges
(exception: root). The string is subject to $name
- expansions.
LOCAL(8) LOCAL(8)
+ expansions.
+
<b>mailbox</b><i>_</i><b>transport</b>
Message transport to use for mailbox delivery to
all local recipients, whether or not they are found
<b>stale</b><i>_</i><b>lock</b><i>_</i><b>time</b>
Limit the time after which a stale lock is removed.
- <b>mailbox</b><i>__</i><b>delivery</b><i>_</i><b>lock</b>
+ <b>mailbox</b><i>_</i><b>delivery</b><i>_</i><b>lock</b>
What file locking method(s) to use when delivering
to a UNIX-style mailbox. The default setting is
system dependent. For a list of available file
-
-
7
forwarding mail is not recommended.
.IP \fBrecipient_delimiter\fR
Separator between username and address extension.
-.IP \fBtest_home_directory\fR
+.IP \fBrequire_home_directory\fR
Require that a recipient's home directory is accessible by the
-recipient before attempting delivery.
+recipient before attempting delivery. Defer delivery otherwise.
.SH Mailbox delivery
.ad
.fi
an exclusive lock.
.IP \fBstale_lock_time\fR
Limit the time after which a stale lock is removed.
-.IP \fBmailbox__delivery_lock\fR
+.IP \fBmailbox_delivery_lock\fR
What file locking method(s) to use when delivering to a UNIX-style
mailbox.
The default setting is system dependent. For a list of available
* Version of this program.
*/
#define VAR_MAIL_VERSION "mail_version"
-#define DEF_MAIL_VERSION "Snapshot-20010225"
+#define DEF_MAIL_VERSION "Snapshot-20010228"
extern char *var_mail_version;
/* LICENSE
/* forwarding mail is not recommended.
/* .IP \fBrecipient_delimiter\fR
/* Separator between username and address extension.
-/* .IP \fBtest_home_directory\fR
+/* .IP \fBrequire_home_directory\fR
/* Require that a recipient's home directory is accessible by the
-/* recipient before attempting delivery.
+/* recipient before attempting delivery. Defer delivery otherwise.
/* .SH Mailbox delivery
/* .ad
/* .fi
/* an exclusive lock.
/* .IP \fBstale_lock_time\fR
/* Limit the time after which a stale lock is removed.
-/* .IP \fBmailbox__delivery_lock\fR
+/* .IP \fBmailbox_delivery_lock\fR
/* What file locking method(s) to use when delivering to a UNIX-style
/* mailbox.
/* The default setting is system dependent. For a list of available
msg_fatal("pipe: %m");
non_blocking(SIG_PIPE_WRITE_FD, NON_BLOCKING);
non_blocking(SIG_PIPE_READ_FD, NON_BLOCKING);
+ close_on_exec(SIG_PIPE_WRITE_FD, CLOSE_ON_EXEC);
+ close_on_exec(SIG_PIPE_READ_FD, CLOSE_ON_EXEC);
event_enable_read(SIG_PIPE_READ_FD, master_sig_event, (char *) 0);
#endif
at = strrchr(STR(reply.recipient), '@');
len = (at ? (at - STR(reply.recipient)) : strlen(STR(reply.recipient)));
- if ((transport = qmgr_transport_find(STR(reply.transport))) == 0)
- transport = qmgr_transport_create(STR(reply.transport));
+ /*
+ * Look up or instantiate the proper transport. We're working a
+ * little ahead, doing queue management stuff that used to be done
+ * way down.
+ */
+ if (transport == 0 || !STREQ(transport->name, STR(reply.transport))) {
+ if ((transport = qmgr_transport_find(STR(reply.transport))) == 0)
+ transport = qmgr_transport_create(STR(reply.transport));
+ queue = 0;
+ }
if (transport->recipient_limit == 1) {
VSTRING_SPACE(reply.nexthop, len + 1);
memmove(STR(reply.nexthop) + len + 1, STR(reply.nexthop),
* bind each recipient to an in-core queue instance which is needed
* anyway. That gives all information needed for recipient grouping.
*/
+#if 0
/*
* Look up or instantiate the proper transport.
transport = qmgr_transport_create(STR(reply.transport));
queue = 0;
}
+#endif
/*
* This transport is dead. Defer delivery to this recipient.
at = strrchr(STR(reply.recipient), '@');
len = (at ? (at - STR(reply.recipient)) : strlen(STR(reply.recipient)));
- if ((transport = qmgr_transport_find(STR(reply.transport))) == 0)
- transport = qmgr_transport_create(STR(reply.transport));
+ /*
+ * Look up or instantiate the proper transport. We're working a
+ * little ahead, doing queue management stuff that used to be done
+ * way down.
+ */
+ if (transport == 0 || !STREQ(transport->name, STR(reply.transport))) {
+ if ((transport = qmgr_transport_find(STR(reply.transport))) == 0)
+ transport = qmgr_transport_create(STR(reply.transport));
+ queue = 0;
+ }
if (transport->recipient_limit == 1) {
VSTRING_SPACE(reply.nexthop, len + 1);
memmove(STR(reply.nexthop) + len + 1, STR(reply.nexthop),
* bind each recipient to an in-core queue instance which is needed
* anyway. That gives all information needed for recipient grouping.
*/
+#if 0
/*
* Look up or instantiate the proper transport.
transport = qmgr_transport_create(STR(reply.transport));
queue = 0;
}
+#endif
/*
* This transport is dead. Defer delivery to this recipient.
projects / thirdparty / postfix.git / commitdiff
