From: Wietse Venema Date: Sat, 22 Apr 2000 00:00:00 +0000 (+0000) Subject: snapshot-20000422 X-Git-Tag: v20010228~61 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=301d3cb207878504cb7fabba9c1203759b45f42b;p=thirdparty%2Fpostfix.git snapshot-20000422 --- diff --git a/postfix/cleanup/cleanup.c b/postfix/cleanup/cleanup.c index 5a02a8e67..68c0fb137 100644 --- a/postfix/cleanup/cleanup.c +++ b/postfix/cleanup/cleanup.c @@ -67,7 +67,7 @@ /* Address to send a copy of each message that enters the system. /* .IP \fBhopcount_limit\fR /* Limit the number of \fBReceived:\fR message headers. -/* .IP \fBrecipients_witheld_header\fR +/* .IP \fBundisclosed_recipients_header\fR /* The header line that is inserted when no recipients were /* specified in (Resent-)To: or (Resent-)Cc: message headers. /* .SH "Address transformations" diff --git a/postfix/cleanup/cleanup_message.c b/postfix/cleanup/cleanup_message.c index b873246cf..678612544 100644 --- a/postfix/cleanup/cleanup_message.c +++ b/postfix/cleanup/cleanup_message.c @@ -359,7 +359,7 @@ static void cleanup_missing_headers(CLEANUP_STATE *state) state->resent, vstring_str(state->temp1)); if (state->fullname && *state->fullname) { vstring_strcat(state->temp2, " ("); - token = tok822_alloc(TOK822_COMMENT, state->fullname); + token = tok822_alloc(TOK822_COMMENT_TEXT, state->fullname); tok822_externalize(state->temp2, token, TOK822_STR_NONE); tok822_free(token); vstring_strcat(state->temp2, ")"); diff --git a/postfix/global/mail_version.h b/postfix/global/mail_version.h index 17ef9f8b6..a3549f4de 100644 --- a/postfix/global/mail_version.h +++ b/postfix/global/mail_version.h @@ -15,7 +15,7 @@ * Version of this program. */ #define VAR_MAIL_VERSION "mail_version" -#define DEF_MAIL_VERSION "Snapshot-20000421" +#define DEF_MAIL_VERSION "Snapshot-20000422" extern char *var_mail_version; /* LICENSE diff --git a/postfix/global/tok822.h b/postfix/global/tok822.h index a39f40d82..c0dd10f5c 100644 --- a/postfix/global/tok822.h +++ b/postfix/global/tok822.h @@ -45,7 +45,7 @@ typedef struct TOK822 { #define TOK822_DOMLIT 259 /* stuff between [] not nesting */ #define TOK822_ADDR 260 /* actually a token group */ #define TOK822_STARTGRP 261 /* start of named group */ -#define TOK822_COMMTEXT 262 /* comment text */ +#define TOK822_COMMENT_TEXT 262 /* comment text */ #define TOK822_MAXTOK 262 /* diff --git a/postfix/global/tok822_parse.c b/postfix/global/tok822_parse.c index 69827e846..ad3afabe9 100644 --- a/postfix/global/tok822_parse.c +++ b/postfix/global/tok822_parse.c @@ -197,7 +197,7 @@ VSTRING *tok822_internalize(VSTRING *vp, TOK822 *tree, int flags) VSTRING_ADDCH(vp, ')'); break; case TOK822_ATOM: - case TOK822_COMMTEXT: + case TOK822_COMMENT_TEXT: case TOK822_QSTRING: vstring_strcat(vp, vstring_str(tp->vstr)); break; @@ -251,7 +251,7 @@ VSTRING *tok822_externalize(VSTRING *vp, TOK822 *tree, int flags) tok822_externalize(vp, tp->head, TOK822_STR_NONE); VSTRING_ADDCH(vp, ')'); break; - case TOK822_COMMTEXT: + case TOK822_COMMENT_TEXT: tok822_copy_quoted(vp, vstring_str(tp->vstr), "()\\\r\n"); break; case TOK822_QSTRING: @@ -469,7 +469,7 @@ const char *tok822_comment(TOK822 *tp, const char *str) TOK822 *tc = 0; int ch; -#define COMMENT_TEXT_TOKEN(t) ((t) && (t)->type == TOK822_COMMTEXT) +#define COMMENT_TEXT_TOKEN(t) ((t) && (t)->type == TOK822_COMMENT_TEXT) #define APPEND_NEW_TOKEN(tp, type, strval) \ tok822_sub_append(tp, tok822_alloc(type, strval)) @@ -490,7 +490,7 @@ const char *tok822_comment(TOK822 *tp, const char *str) str++; } if (!COMMENT_TEXT_TOKEN(tc)) - tc = APPEND_NEW_TOKEN(tp, TOK822_COMMTEXT, (char *) 0); + tc = APPEND_NEW_TOKEN(tp, TOK822_COMMENT_TEXT, (char *) 0); VSTRING_ADDCH(tc->vstr, ch); } } @@ -561,7 +561,7 @@ static void tok822_print(TOK822 *list, int indent) vstream_printf("%*s %s\n", indent, "", "group \":\""); } else { vstream_printf("%*s %s \"%s\"\n", indent, "", - tp->type == TOK822_COMMTEXT ? "text" : + tp->type == TOK822_COMMENT_TEXT ? "comment text" : tp->type == TOK822_ATOM ? "atom" : tp->type == TOK822_QSTRING ? "quoted string" : tp->type == TOK822_DOMLIT ? "domain literal" : diff --git a/postfix/html/access.5.html b/postfix/html/access.5.html index 7371cac91..1ec447443 100644 --- a/postfix/html/access.5.html +++ b/postfix/html/access.5.html @@ -19,25 +19,24 @@ ACCESS(5) ACCESS(5) Normally, the table serves as input to the postmap(1) com- mand. The result, an indexed file in dbm or db format, is - used for fast searching by the mail system. After an - update it may take a minute or so before the change - becomes visible. Issue a postfix reload command to elimi- - nate the delay. + used for fast searching by the mail system. Execute the + command postmap /etc/postfix/access in order to rebuild + the indexed file after changing the access table. - When the table is provided via other means such as NIS, - LDAP or SQL, the same lookups are done as for ordinary + When the table is provided via other means such as NIS, + LDAP or SQL, the same lookups are done as for ordinary indexed files. - Alternatively, the table can be provided as a regular- + Alternatively, the table can be provided as a regular- expression map where patterns are given as regular expres- - sions. In that case, the lookups are done in a slightly + sions. In that case, the lookups are done in a slightly different way as described below. TABLE FORMAT The format of the access table is as follows: blanks and comments - Blank lines are ignored, as are lines beginning + Blank lines are ignored, as are lines beginning with `#'. pattern action @@ -46,22 +45,23 @@ ACCESS(5) ACCESS(5) PATTERNS With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user@domain Matches the specified mail address. domain.name - Matches the domain.name itself and any subdomain - thereof, either in hostnames or in mail addresses. + Matches the domain.name itself and any subdomain + thereof, either in hostnames or in mail addresses. Top-level domains will never be matched. - user@ Matches all mail addresses with the specified user + user@ Matches all mail addresses with the specified user part. + 1 @@ -77,13 +77,13 @@ ACCESS(5) ACCESS(5) net.work - net Matches any host address in the specified network. - A network address is a sequence of one or more + net Matches any host address in the specified network. + A network address is a sequence of one or more octets separated by ".". ACTIONS [45]XX text - Reject the address etc. that matches the pattern, + Reject the address etc. that matches the pattern, and respond with the numerical code and text. REJECT Reject the address etc. that matches the pattern. A @@ -95,29 +95,29 @@ ACCESS(5) ACCESS(5) Accept the address etc. that matches the pattern. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, + a description of regular expression lookup table syntax, see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire string being looked up. Depending on the appli- - cation, that string is an entire client hostname, an + cation, that string is an entire client hostname, an entire client IP address, or an entire mail address. Thus, - no parent domain or parent network search is done, and - user@domain mail addresses are not broken up into their + no parent domain or parent network search is done, and + user@domain mail addresses are not broken up into their user@ and domain constituent parts. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Actions are the same as with normal indexed file lookups, - with the additional feature that parenthesized substrings - from the pattern can be interpolated as $1, $2 and so on. + Actions are the same as with normal indexed file lookups, + with the additional feature that parenthesized substrings + from the pattern can be interpolated as $1, $2 and so on. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. SEE ALSO postmap(1) create mapping table @@ -138,7 +138,7 @@ ACCESS(5) ACCESS(5) LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/aliases.5.html b/postfix/html/aliases.5.html index 887e9ec31..146d267f1 100644 --- a/postfix/html/aliases.5.html +++ b/postfix/html/aliases.5.html @@ -9,7 +9,7 @@ ALIASES(5) ALIASES(5) aliases - format of the Postfix alias database SYNOPSIS - postalias [-c config_dir] [-v] [file_type:]input_file + newaliases DESCRIPTION The aliases file provides a system-wide mechanism to redi- @@ -17,9 +17,9 @@ ALIASES(5) ALIASES(5) The file serves as input to the postalias(1) command. The result, an indexed file in dbm or db format, is used for - fast lookup by the mail system. After an update it may - take a minute or so before the change becomes visible. - Issue a postfix reload command to eliminate the delay. + fast lookup by the mail system. Execute the command + newaliases in order to rebuild the indexed file after + changing the Postfix alias database. The input and output file formats are expected to be com- patible with Sendmail version 8, and are expected to be @@ -71,7 +71,7 @@ ALIASES(5) ALIASES(5) ALIASES(5) ALIASES(5) - with the RFC 822 standard. + with the RFC 822 standard. /file/name Mail is appended to /file/name. See local(8) for @@ -146,7 +146,7 @@ ALIASES(5) ALIASES(5) extensions. STANDARDS - RFC 822 (ARPA Internet Text Messages) + RFC 822 (ARPA Internet Text Messages) SEE ALSO local(8) local delivery agent diff --git a/postfix/html/canonical.5.html b/postfix/html/canonical.5.html index 6bd8000b8..06642ea33 100644 --- a/postfix/html/canonical.5.html +++ b/postfix/html/canonical.5.html @@ -18,47 +18,47 @@ CANONICAL(5) CANONICAL(5) Normally, the file serves as input to the postmap(1) com- mand. The result, an indexed file in dbm or db format, is - used for fast searching by the mail system. After an - update it may take a minute or so before the change - becomes visible. Issue a postfix reload command to elimi- - nate the delay. + used for fast searching by the mail system. Execute the + command postmap /etc/postfix/canonical in order to rebuild + the indexed file after changing the canonical table. - When the table is provided via other means such as NIS, - LDAP or SQL, the same lookups are done as for ordinary + When the table is provided via other means such as NIS, + LDAP or SQL, the same lookups are done as for ordinary indexed files. - Alternatively, the table can be provided as a regular- + Alternatively, the table can be provided as a regular- expression map where patterns are given as regular expres- - sions. In that case, the lookups are done in a slightly + sions. In that case, the lookups are done in a slightly different way as described below. - The canonical mapping affects both message header + The canonical mapping affects both message header addresses (i.e. addresses that appear inside messages) and - message envelope addresses (for example, the addresses - that are used in SMTP protocol commands). Think Sendmail + message envelope addresses (for example, the addresses + that are used in SMTP protocol commands). Think Sendmail rule set S3, if you like. - Typically, one would use the canonical table to replace - login names by Firstname.Lastname, or to clean up + Typically, one would use the canonical table to replace + login names by Firstname.Lastname, or to clean up addresses produced by legacy mail systems. - The canonical mapping is not to be confused with virtual + The canonical mapping is not to be confused with virtual domain support. Use the virtual(5) map for that purpose. - The canonical mapping is not to be confused with local + The canonical mapping is not to be confused with local aliasing. Use the aliases(5) map for that purpose. TABLE FORMAT The format of the canonical table is as follows: blanks and comments - Blank lines are ignored, as are lines beginning + Blank lines are ignored, as are lines beginning with `#'. pattern result - When pattern matches a mail address, replace it by + When pattern matches a mail address, replace it by the corresponding result. + With lookups from indexed files such as DB or DBM, or from @@ -71,60 +71,60 @@ CANONICAL(5) CANONICAL(5) CANONICAL(5) CANONICAL(5) - With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user@domain address - user@domain is replaced by address. This form has + user@domain is replaced by address. This form has the highest precedence. - This form useful to clean up addresses produced by - legacy mail systems. It can also be used to pro- - duce Firstname.Lastname style addresses, but see + This form useful to clean up addresses produced by + legacy mail systems. It can also be used to pro- + duce Firstname.Lastname style addresses, but see below for a simpler solution. user address user@site is replaced by address when site is equal - to $myorigin, when site is listed in $mydestina- + to $myorigin, when site is listed in $mydestina- tion, or when it is listed in $inet_interfaces. - This form is useful for replacing login names by + This form is useful for replacing login names by Firstname.Lastname. @domain address - Every address in domain is replaced by address. + Every address in domain is replaced by address. This form has the lowest precedence. - In all the above forms, when address has the form @other- + In all the above forms, when address has the form @other- domain, the result is the same user in otherdomain. ADDRESS EXTENSION - When table lookup fails, and the address localpart con- - tains the optional recipient delimiter (e.g., - user+foo@domain), the search is repeated for the unex- - tended address (e.g. user@domain), and the unmatched + When table lookup fails, and the address localpart con- + tains the optional recipient delimiter (e.g., + user+foo@domain), the search is repeated for the unex- + tended address (e.g. user@domain), and the unmatched extension is propagated to the result of table lookup. The matching order is: user+foo@domain, user@domain, user+foo, user, and @domain. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, + a description of regular expression lookup table syntax, see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire address being looked up. Thus, user@domain mail - addresses are not broken up into their user and @domain + addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. - Results are the same as with normal indexed file lookups, + Results are the same as with normal indexed file lookups, + with the additional feature that parenthesized substrings @@ -137,16 +137,15 @@ CANONICAL(5) CANONICAL(5) CANONICAL(5) CANONICAL(5) - with the additional feature that parenthesized substrings - from the pattern can be interpolated as $1, $2 and so on. + from the pattern can be interpolated as $1, $2 and so on. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this topic. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this topic. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. canonical_maps @@ -163,19 +162,19 @@ CANONICAL(5) CANONICAL(5) Other parameters of interest: inet_interfaces - The network interface addresses that this system + The network interface addresses that this system receives mail on. masquerade_domains - List of domains that hide their subdomain struc- + List of domains that hide their subdomain struc- ture. masquerade_exceptions - List of user names that are not subject to address + List of user names that are not subject to address masquerading. mydestination - List of domains that this mail system considers + List of domains that this mail system considers local. myorigin @@ -194,6 +193,7 @@ CANONICAL(5) CANONICAL(5) + 3 @@ -204,7 +204,7 @@ CANONICAL(5) CANONICAL(5) LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) diff --git a/postfix/html/cleanup.8.html b/postfix/html/cleanup.8.html index def018487..ae6741158 100644 --- a/postfix/html/cleanup.8.html +++ b/postfix/html/cleanup.8.html @@ -20,7 +20,7 @@ CLEANUP(8) CLEANUP(8) mations: o Insert missing message headers: (Resent-) From:, - Message-Id:, and Date:. + To:, Message-Id:, and Date:. o Extract envelope recipient addresses from (Resent-) To:, Cc: and Bcc: message headers when no recipi- @@ -57,7 +57,7 @@ CLEANUP(8) CLEANUP(8) message back to the sender in case of trouble. STANDARDS - RFC 822 (ARPA Internet Text Messages) + RFC 822 (ARPA Internet Text Messages) @@ -92,6 +92,11 @@ CLEANUP(8) CLEANUP(8) hopcount_limit Limit the number of Received: message headers. + recipients_witheld_header + The header line that is inserted when no recipients + were specified in (Resent-)To: or (Resent-)Cc: mes- + sage headers. + Address transformations empty_address_recipient The destination for undeliverable mail from <>. @@ -120,11 +125,6 @@ CLEANUP(8) CLEANUP(8) virtual_maps Address mapping lookup table for envelope recipient - addresses. - -Resource controls - duplicate_filter_limit - Limit the number of envelope recipients that are @@ -137,6 +137,11 @@ CLEANUP(8) CLEANUP(8) CLEANUP(8) CLEANUP(8) + addresses. + +Resource controls + duplicate_filter_limit + Limit the number of envelope recipients that are remembered. header_size_limit @@ -183,11 +188,6 @@ CLEANUP(8) CLEANUP(8) - - - - - diff --git a/postfix/html/pcre_table.5.html b/postfix/html/pcre_table.5.html index 3b3d7e744..a4fc4d439 100644 --- a/postfix/html/pcre_table.5.html +++ b/postfix/html/pcre_table.5.html @@ -13,7 +13,7 @@ PCRE_TABLE(5) PCRE_TABLE(5) DESCRIPTION The Postfix mail system uses optional tables for address - rewriting or mail routing. These tables usually are in dbm + rewriting or mail routing. These tables are usually in dbm or db format. Alternatively, lookup tables can be speci- fied in Perl Compatible Regular Expression form. diff --git a/postfix/html/regexp_table.5.html b/postfix/html/regexp_table.5.html index 92489df61..80bef7f2e 100644 --- a/postfix/html/regexp_table.5.html +++ b/postfix/html/regexp_table.5.html @@ -13,7 +13,7 @@ REGEXP_TABLE(5) REGEXP_TABLE(5) DESCRIPTION The Postfix mail system uses optional tables for address - rewriting or mail routing. These tables usually are in dbm + rewriting or mail routing. These tables are usually in dbm or db format. Alternatively, lookup tables can be speci- fied in POSIX regular expression form. diff --git a/postfix/html/relocated.5.html b/postfix/html/relocated.5.html index a68420ecd..8c7ab95f3 100644 --- a/postfix/html/relocated.5.html +++ b/postfix/html/relocated.5.html @@ -18,9 +18,9 @@ RELOCATED(5) RELOCATED(5) Normally, the file serves as input to the postmap(1) com- mand. The result, an indexed file in dbm or db format, is - used for fast searching by the mail system. After an - update issue a postfix reload command to make the change - visible. + used for fast searching by the mail system. Execute the + command postmap /etc/postfix/relocated in order to rebuild + the indexed file after changing the relocated table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index f3d9963ee..8c037cbe0 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -24,41 +24,41 @@ SENDMAIL(1) SENDMAIL(1) options are recognized but silently ignored. By default, sendmail reads a message from standard input - and arranges for delivery. sendmail attempts to create a - queue file in the maildrop directory. If that directory is - not world-writable, the message is piped through the post- - drop(1) command, which is expected to execute with suit- - able privileges. - - Specific command aliases are provided for other common + until EOF or until it reads a line with only a . charac- + ter, and arranges for delivery. sendmail attempts to cre- + ate a queue file in the maildrop directory. If that direc- + tory is not world-writable, the message is piped through + the postdrop(1) command, which is expected to execute with + suitable privileges. + + Specific command aliases are provided for other common modes of operation: - mailq List the mail queue. Each entry shows the queue - file ID, message size, arrival time, sender, and + mailq List the mail queue. Each entry shows the queue + file ID, message size, arrival time, sender, and the recipients that still need to be delivered. If - mail could not be delivered upon the last attempt, + mail could not be delivered upon the last attempt, the reason for failure is shown. This mode of oper- - ation is implemented by connecting to the showq(8) + ation is implemented by connecting to the showq(8) daemon. newaliases Initialize the alias database. If no alias database type is specified, the program uses the type speci- - fied in the database_type configuration parameter; - if no input file is specified, the program pro- - cesses the file(s) specified with the - alias_database configuration parameter. This mode - of operation is implemented by running the postal- + fied in the database_type configuration parameter; + if no input file is specified, the program pro- + cesses the file(s) specified with the + alias_database configuration parameter. This mode + of operation is implemented by running the postal- ias(1) command. - Note: it may take a minute or so before an alias - database update becomes visible. Use the postfix + Note: it may take a minute or so before an alias + database update becomes visible. Use the postfix reload command to eliminate this delay. These and other features can be selected by specifying the appropriate combination of command-line options. Some fea- - tures are controlled by parameters in the main.cf configu- - ration file. + tures are controlled by parameters in the main.cf @@ -71,10 +71,12 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) + configuration file. + The following options are recognized: -B body_type (ignored) - The message body MIME type. Currently, Postfix + The message body MIME type. Currently, Postfix implements just-send-eight. -C config_file (ignored :-) @@ -82,49 +84,47 @@ SENDMAIL(1) SENDMAIL(1) figuration files are kept in /etc/postfix. -F full_name - Set the sender full name. This is used only with + Set the sender full name. This is used only with messages that have no From: message header. - -I Initialize alias database. See the newaliases com- + -I Initialize alias database. See the newaliases com- mand above. -N dsn (ignored) - Delivery status notification control. Currently, + Delivery status notification control. Currently, Postfix does not implement DSN. -R return_limit (ignored) - Limit the size of bounced mail. Use the - bounce_size_limit configuration parameter instead. + Limit the size of bounced mail. Use the + bounce_size_limit configuration parameter instead. -X log_file (ignored) - Log mailer traffic. Use the debug_peer_list and - debug_peer_level configuration parameters instead. + Log mailer traffic. Use the debug_peer_list and + debug_peer_level configuration parameters instead. -U (ignored) Initial user submission. - -bd Go into daemon mode. This mode of operation is + -bd Go into daemon mode. This mode of operation is implemented by executing the postfix start command. - -bi Initialize alias database. See the newaliases com- + -bi Initialize alias database. See the newaliases com- mand above. - -bm Read mail from standard input and arrange for + -bm Read mail from standard input and arrange for delivery. This is the default mode of operation. -bp List the mail queue. See the mailq command above. - -bs Stand-alone SMTP server mode. Read SMTP commands - from standard input, and write responses to stan- + -bs Stand-alone SMTP server mode. Read SMTP commands + from standard input, and write responses to stan- dard output. This mode of operation is implemented by running the smtpd(8) daemon. -f sender Set the envelope sender address. This is the address where delivery problems are sent to, unless - the message contains an Errors-To: message header. - - + the message contains an Errors-To: message header. @@ -138,12 +138,12 @@ SENDMAIL(1) SENDMAIL(1) -h hop_count (ignored) - Hop count limit. Use the hopcount_limit configura- + Hop count limit. Use the hopcount_limit configura- tion parameter instead. - -i (ignored) - Lines beginning with "." get special treatment only - with -bs. + -i When reading a message from standard input, don't + treat a line with only a . character as the end of + input. -m (ignored) Backwards compatibility. @@ -161,6 +161,10 @@ SENDMAIL(1) SENDMAIL(1) The message body type. Currently, Postfix imple- ments just-send-eight. + -oi When reading a message from standard input, don't + treat a line with only a . character as the end of + input. + -om (ignored) The sender is never eliminated from alias etc. expansions. @@ -187,10 +191,6 @@ SENDMAIL(1) SENDMAIL(1) -v Enable verbose logging for debugging purposes. Mul- tiple -v options make the software increasingly - verbose. - -SECURITY - By design, this program is not set-user (or group) id. @@ -203,6 +203,10 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) + verbose. + +SECURITY + By design, this program is not set-user (or group) id. However, it must handle data from untrusted users or untrusted machines. Thus, the usual precautions need to be taken against malicious inputs. @@ -254,10 +258,6 @@ SENDMAIL(1) SENDMAIL(1) host matches a pattern in the debug_peer_list parameter. - debug_peer_list - List of domain or network patterns. When a remote - host matches a pattern, increase the verbose - 4 @@ -269,7 +269,10 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) - logging level by the amount specified in the + debug_peer_list + List of domain or network patterns. When a remote + host matches a pattern, increase the verbose log- + ging level by the amount specified in the debug_peer_level parameter. fork_attempts @@ -319,10 +322,7 @@ SENDMAIL(1) SENDMAIL(1) The Secure Mailer license must be distributed with this software. -AUTHOR(S) - Wietse Venema - IBM T.J. Watson Research - P.O. Box 704 + @@ -335,6 +335,10 @@ SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) SENDMAIL(1) +AUTHOR(S) + Wietse Venema + IBM T.J. Watson Research + P.O. Box 704 Yorktown Heights, NY 10598, USA @@ -383,10 +387,6 @@ SENDMAIL(1) SENDMAIL(1) - - - - diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html index 35baf5a2c..13b77d672 100644 --- a/postfix/html/smtp.8.html +++ b/postfix/html/smtp.8.html @@ -40,10 +40,11 @@ SMTP(8) SMTP(8) SMTP client can be run chrooted at fixed low privilege. STANDARDS - RFC 821 (SMTP protocol) - RFC 1651 (SMTP service extensions) - RFC 1870 (Message Size Declaration) - RFC 2197 (Pipelining) + RFC 821 (SMTP protocol) + RFC 1651 (SMTP service extensions) + RFC 1870 (Message Size Declaration) + RFC 2197 (Pipelining) + RFC 2554 (AUTH command) DIAGNOSTICS Problems and transactions are logged to syslogd(8). Cor- @@ -58,7 +59,6 @@ SMTP(8) SMTP(8) CONFIGURATION PARAMETERS The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload @@ -71,6 +71,7 @@ SMTP(8) SMTP(8) SMTP(8) SMTP(8) + details and for default values. Use the postfix reload command after a configuration change. Miscellaneous @@ -127,7 +128,6 @@ SMTP(8) SMTP(8) - 2 @@ -144,38 +144,79 @@ SMTP(8) SMTP(8) Do not wait for the server response after sending QUIT. +Authentication controls + smtp_enable_sasl_auth + Enable per-session authentication as per RFC 2554 + (SASL). + + smtp_sasl_password_maps + Lookup tables with per-host name:password entries. + No entry for a host means no attempt to authenti- + cate. + + smtp_sasl_security_options + Zero or more of the following. + + noplaintext + Disallow authentication methods that use + plaintext passwords. + + noactive + Disallow authentication methods that are + vulnerable to non-dictionary active attacks. + + nodictionary + Disallow authentication methods that are + vulnerable to passive dictionary attack. + + noanonymous + Disallow anonymous logins. + Resource controls smtp_destination_concurrency_limit Limit the number of parallel deliveries to the same - destination. The default limit is taken from the + destination. The default limit is taken from the default_destination_concurrency_limit parameter. smtp_destination_recipient_limit - Limit the number of recipients per message deliv- - ery. The default limit is taken from the + Limit the number of recipients per message deliv- + ery. The default limit is taken from the default_destination_recipient_limit parameter. Timeout controls smtp_connect_timeout Timeout in seconds for completing a TCP connection. When no connection can be made within the deadline, - the SMTP client tries the next address on the mail + the SMTP client tries the next address on the mail exchanger list. + + + + + 3 + + + + + +SMTP(8) SMTP(8) + + smtp_helo_timeout - Timeout in seconds for receiving the SMTP greeting + Timeout in seconds for receiving the SMTP greeting banner. When the server drops the connection with- - out sending a greeting banner, or when it sends no + out sending a greeting banner, or when it sends no greeting banner within the deadline, the SMTP client tries the next address on the mail exchanger list. smtp_helo_timeout - Timeout in seconds for sending the HELO command, + Timeout in seconds for sending the HELO command, and for receiving the server response. smtp_mail_timeout - Timeout in seconds for sending the MAIL FROM com- + Timeout in seconds for sending the MAIL FROM com- mand, and for receiving the server response. smtp_rcpt_timeout @@ -183,7 +224,7 @@ SMTP(8) SMTP(8) and for receiving the server response. smtp_data_init_timeout - Timeout in seconds for sending the DATA command, + Timeout in seconds for sending the DATA command, and for receiving the server response. smtp_data_xfer_timeout @@ -191,24 +232,12 @@ SMTP(8) SMTP(8) smtp_data_done_timeout Timeout in seconds for sending the "." command, and - - - - 3 - - - - - -SMTP(8) SMTP(8) - - for receiving the server response. When no response - is received, a warning is logged that the mail may + is received, a warning is logged that the mail may be delivered multiple times. smtp_quit_timeout - Timeout in seconds for sending the QUIT command, + Timeout in seconds for sending the QUIT command, and for receiving the server response. SEE ALSO @@ -218,7 +247,7 @@ SMTP(8) SMTP(8) syslogd(8) system logging LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -231,35 +260,6 @@ SMTP(8) SMTP(8) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 4 diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html index ad4d3024f..b7d0796db 100644 --- a/postfix/html/smtpd.8.html +++ b/postfix/html/smtpd.8.html @@ -36,13 +36,14 @@ SMTPD(8) SMTPD(8) SMTP server can be run chrooted at fixed low privilege. STANDARDS - RFC 821 (SMTP protocol) - RFC 1123 (Host requirements) - RFC 1651 (SMTP service extensions) - RFC 1652 (8bit-MIME transport) - RFC 1854 (SMTP Pipelining) - RFC 1870 (Message Size Declaration) - RFC 1985 (ETRN command) (partial) + RFC 821 (SMTP protocol) + RFC 1123 (Host requirements) + RFC 1651 (SMTP service extensions) + RFC 1652 (8bit-MIME transport) + RFC 1854 (SMTP Pipelining) + RFC 1870 (Message Size Declaration) + RFC 1985 (ETRN command) (partial) + RFC 2554 (AUTH command) DIAGNOSTICS Problems and transactions are logged to syslogd(8). @@ -52,13 +53,12 @@ SMTPD(8) SMTPD(8) policy violations, and of other trouble. BUGS - RFC 1985 is implemented by forcing delivery of all + RFC 1985 is implemented by forcing delivery of all deferred mail. CONFIGURATION PARAMETERS The following main.cf parameters are especially relevant to this program. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload @@ -71,17 +71,43 @@ SMTPD(8) SMTPD(8) SMTPD(8) SMTPD(8) + details and for default values. Use the postfix reload command after a configuration change. Compatibility controls strict_rfc821_envelopes - Disallow non-RFC 821 style addresses in envelopes. - For example, allow RFC822-style address forms with + Disallow non-RFC 821 style addresses in envelopes. + For example, allow RFC822-style address forms with comments, like Sendmail does. +Authenication controls + enable_sasl_authentication + Enable per-session authentication as per RFC 2554 + (SASL). This functionality is available only when + explicitly selected at program build time and + explicitly enabled at runtime. + + smtpd_sasl_security_options + Zero or more of the following. + + noplaintext + Disallow authentication methods that use + plaintext passwords. + + noactive + Disallow authentication methods that are + vulnerable to non-dictionary active attacks. + + nodictionary + Disallow authentication methods that are + vulnerable to passive dictionary attack. + + noanonymous + Disallow anonymous logins. + Miscellaneous always_bcc - Address to send a copy of each message that enters + Address to send a copy of each message that enters the system. command_directory @@ -89,18 +115,30 @@ SMTPD(8) SMTPD(8) $program_directory). debug_peer_level - Increment in verbose logging level when a remote + Increment in verbose logging level when a remote host matches a pattern in the debug_peer_list parameter. debug_peer_list - List of domain or network patterns. When a remote - host matches a pattern, increase the verbose log- - ging level by the amount specified in the + List of domain or network patterns. When a remote + host matches a pattern, increase the verbose log- + ging level by the amount specified in the debug_peer_level parameter. + + + + 2 + + + + + +SMTPD(8) SMTPD(8) + + error_notice_recipient - Recipient of protocol/policy/resource/software + Recipient of protocol/policy/resource/software error notices. hopcount_limit @@ -110,48 +148,36 @@ SMTPD(8) SMTPD(8) List of error classes. Of special interest are: local_recipient_maps - List of maps with user names that are local to + List of maps with user names that are local to $myorigin or $inet_interfaces. If this parameter is - defined, then the SMTP server rejects mail for + defined, then the SMTP server rejects mail for unknown local users. - policy When a client violates any policy, mail a + policy When a client violates any policy, mail a transcript of the entire SMTP session to the postmaster. protocol - When a client violates the SMTP protocol or + When a client violates the SMTP protocol or issues an unimplemented command, mail a transcript of the entire SMTP session to the postmaster. - - - - 2 - - - - - -SMTPD(8) SMTPD(8) - - smtpd_banner - Text that follows the 220 status code in the SMTP + Text that follows the 220 status code in the SMTP greeting banner. smtpd_recipient_limit - Restrict the number of recipients that the SMTP + Restrict the number of recipients that the SMTP server accepts per message delivery. smtpd_timeout - Limit the time to send a server response and to + Limit the time to send a server response and to receive a client request. Resource controls line_length_limit - Limit the amount of memory in bytes used for the + Limit the amount of memory in bytes used for the handling of partial input lines. message_size_limit @@ -159,24 +185,43 @@ SMTPD(8) SMTPD(8) ing on-disk storage for envelope information. queue_minfree - Minimal amount of free space in bytes in the queue - file system for the SMTP server to accept any mail + Minimal amount of free space in bytes in the queue + file system for the SMTP server to accept any mail at all. Tarpitting + + + + + 3 + + + + + +SMTPD(8) SMTPD(8) + + smtpd_error_sleep_time Time to wait in seconds before sending a 4xx or 5xx server error response. smtpd_soft_error_limit When an SMTP client has made this number of errors, - wait error_count seconds before responding to any + wait error_count seconds before responding to any client request. smtpd_hard_error_limit - Disconnect after a client has made this number of + Disconnect after a client has made this number of errors. + smtpd_junk_command_limit + Limit the number of times a client can issue a junk + command such as NOOP, VRFY, ETRN or RSET in one + SMTP session before it is penalized with tarpit + delays. + UCE control restrictions smtpd_client_restrictions Restrict what clients may connect to this mail sys- @@ -190,19 +235,6 @@ SMTPD(8) SMTPD(8) Restrict what client hostnames are allowed in HELO and EHLO commands. - - - - - 3 - - - - - -SMTPD(8) SMTPD(8) - - smtpd_sender_restrictions Restrict what sender addresses are allowed in MAIL FROM commands. @@ -225,6 +257,18 @@ SMTPD(8) SMTPD(8) Declares the name of zero or more parameters that contain a list of UCE restrictions. The names of these parameters can then be used instead of the + + + + 4 + + + + + +SMTPD(8) SMTPD(8) + + restriction lists that they represent. maps_rbl_domains @@ -256,19 +300,6 @@ SMTPD(8) SMTPD(8) Server response when a client attempts to violate the mail relay policy. - - - - - 4 - - - - - -SMTPD(8) SMTPD(8) - - unknown_address_reject_code Server response when a client violates the reject_unknown_address restriction. @@ -291,6 +322,19 @@ SMTPD(8) SMTPD(8) The Secure Mailer license must be distributed with this software. + + + + + 5 + + + + + +SMTPD(8) SMTPD(8) + + AUTHOR(S) Wietse Venema IBM T.J. Watson Research @@ -326,7 +370,29 @@ SMTPD(8) SMTPD(8) - 5 + + + + + + + + + + + + + + + + + + + + + + + 6 diff --git a/postfix/html/transport.5.html b/postfix/html/transport.5.html index 2fabeb56d..17a2385a4 100644 --- a/postfix/html/transport.5.html +++ b/postfix/html/transport.5.html @@ -19,9 +19,9 @@ TRANSPORT(5) TRANSPORT(5) Normally, the file serves as input to the postmap(1) com- mand. The result, an indexed file in dbm or db format, is - used for fast searching by the mail system. After updating - this table, issue the postfix reload command to make the - change visible. + used for fast searching by the mail system. Execute the + command postmap /etc/postfix/transport in order to rebuild + the indexed file after changing the transport table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html index 8202910c7..6e3daa2ab 100644 --- a/postfix/html/virtual.5.html +++ b/postfix/html/virtual.5.html @@ -25,22 +25,21 @@ VIRTUAL(5) VIRTUAL(5) Normally, the file serves as input to the postmap(1) com- mand. The result, an indexed file in dbm or db format, is - used for fast searching by the mail system. After an - update it may take a minute or so before the change - becomes visible. Issue a postfix reload command to elimi- - nate the delay. + used for fast searching by the mail system. Execute the + command postmap /etc/postfix/virtual in order to rebuild + the indexed file after changing the virtual table. - When the table is provided via other means such as NIS, - LDAP or SQL, the same lookups are done as for ordinary + When the table is provided via other means such as NIS, + LDAP or SQL, the same lookups are done as for ordinary indexed files. - Alternatively, the table can be provided as a regular- + Alternatively, the table can be provided as a regular- expression map where patterns are given as regular expres- - sions. In that case, the lookups are done in a slightly + sions. In that case, the lookups are done in a slightly different way as described below. TABLE FORMAT - Typical support for a virtual domain looks like the fol- + Typical support for a virtual domain looks like the fol- lowing: virtual.domain anything (right-hand content does not matter) @@ -48,17 +47,18 @@ VIRTUAL(5) VIRTUAL(5) user2@virtual.domain address2, address3 With this, the SMTP server accepts mail for virtual.domain - and rejects mail for unknown@virtual.domain as undeliver- + and rejects mail for unknown@virtual.domain as undeliver- able. - The format of the virtual table is as follows, mappings + The format of the virtual table is as follows, mappings being tried in the order as listed in this manual page: blanks and comments - Blank lines are ignored, as are lines beginning + Blank lines are ignored, as are lines beginning with `#'. - + pattern result + When pattern matches a mail address, replace it by @@ -71,61 +71,61 @@ VIRTUAL(5) VIRTUAL(5) VIRTUAL(5) VIRTUAL(5) - pattern result - When pattern matches a mail address, replace it by the corresponding result. With lookups from indexed files such as DB or DBM, or from - networked tables such as NIS, LDAP or SQL, patterns are + networked tables such as NIS, LDAP or SQL, patterns are tried in the order as listed below: user@domain address, address, ... - Mail for user@domain is redirected to address. + Mail for user@domain is redirected to address. This form has the highest precedence. user address, address, ... - Mail for user@site is redirected to address when - site is equal to $myorigin, when site is listed in + Mail for user@site is redirected to address when + site is equal to $myorigin, when site is listed in $mydestination, or when it is listed in $inet_interfaces. - This functionality overlaps with functionality of + This functionality overlaps with functionality of the local alias(5) database. The difference is that - virtual mapping can be applied to non-local + virtual mapping can be applied to non-local addresses. @domain address, address, ... - Mail for any user in domain is redirected to + Mail for any user in domain is redirected to address. This form has the lowest precedence. - In all the above forms, when address has the form @other- - domain, the result is the same user in otherdomain. This + In all the above forms, when address has the form @other- + domain, the result is the same user in otherdomain. This works for the first address in the expansion only. ADDRESS EXTENSION - When the search fails, and the address localpart contains - the optional recipient delimiter (e.g., user+foo@domain), - the search is repeated for the unextended address (e.g. + When the search fails, and the address localpart contains + the optional recipient delimiter (e.g., user+foo@domain), + the search is repeated for the unextended address (e.g. user@domain), and the unmatched address extension is prop- - agated to the result of expansion. The matching order is: + agated to the result of expansion. The matching order is: user+foo@domain, user@domain, user+foo, user, and @domain. REGULAR EXPRESSION TABLES - This section describes how the table lookups change when + This section describes how the table lookups change when the table is given in the form of regular expressions. For - a description of regular expression lookup table syntax, + a description of regular expression lookup table syntax, see regexp_table(5) or pcre_table(5). - Each pattern is a regular expression that is applied to + Each pattern is a regular expression that is applied to the entire address being looked up. Thus, user@domain mail - addresses are not broken up into their user and @domain + addresses are not broken up into their user and @domain constituent parts, nor is user+foo broken up into user and foo. - Patterns are applied in the order as specified in the - table, until a pattern is found that matches the search + Patterns are applied in the order as specified in the + table, until a pattern is found that matches the search string. + Results are the same as with normal indexed file lookups, + 2 @@ -137,17 +137,16 @@ VIRTUAL(5) VIRTUAL(5) VIRTUAL(5) VIRTUAL(5) - Results are the same as with normal indexed file lookups, - with the additional feature that parenthesized substrings - from the pattern can be interpolated as $1, $2 and so on. + with the additional feature that parenthesized substrings + from the pattern can be interpolated as $1, $2 and so on. BUGS - The table format does not understand quoting conventions. + The table format does not understand quoting conventions. CONFIGURATION PARAMETERS - The following main.cf parameters are especially relevant - to this topic. See the Postfix main.cf file for syntax - details and for default values. Use the postfix reload + The following main.cf parameters are especially relevant + to this topic. See the Postfix main.cf file for syntax + details and for default values. Use the postfix reload command after a configuration change. virtual_maps @@ -156,11 +155,11 @@ VIRTUAL(5) VIRTUAL(5) Other parameters of interest: inet_interfaces - The network interface addresses that this system + The network interface addresses that this system receives mail on. mydestination - List of domains that this mail system considers + List of domains that this mail system considers local. myorigin @@ -177,7 +176,7 @@ VIRTUAL(5) VIRTUAL(5) regexp_table(5) format of POSIX regular expression tables LICENSE - The Secure Mailer license must be distributed with this + The Secure Mailer license must be distributed with this software. AUTHOR(S) @@ -194,6 +193,7 @@ VIRTUAL(5) VIRTUAL(5) + 3 diff --git a/postfix/man/man5/access.5 b/postfix/man/man5/access.5 index e07f77bac..e044efe1b 100644 --- a/postfix/man/man5/access.5 +++ b/postfix/man/man5/access.5 @@ -18,9 +18,9 @@ domains, networks, host addresses or mail addresses. Normally, the table serves as input to the \fBpostmap\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, -is used for fast searching by the mail system. After an update -it may take a minute or so before the change becomes visible. -Issue a \fBpostfix reload\fR command to eliminate the delay. +is used for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/access\fR in order to rebuild the indexed +file after changing the access table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files. diff --git a/postfix/man/man5/aliases.5 b/postfix/man/man5/aliases.5 index e9e860cad..fc01b57fe 100644 --- a/postfix/man/man5/aliases.5 +++ b/postfix/man/man5/aliases.5 @@ -9,8 +9,7 @@ format of the Postfix alias database .na .nf .fi -\fBpostalias\fR [\fB-c\fR \fIconfig_dir\fR] [\fB-v\fR] -[\fIfile_type\fR:]\fIinput_file\fR +\fBnewaliases\fR .SH DESCRIPTION .ad .fi @@ -19,9 +18,9 @@ redirect mail for local recipients. The file serves as input to the \fBpostalias\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is -used for fast lookup by the mail system. After an update -it may take a minute or so before the change becomes visible. -Issue a \fBpostfix reload\fR command to eliminate the delay. +used for fast lookup by the mail system. Execute the command +\fBnewaliases\fR in order to rebuild the indexed file after +changing the Postfix alias database. The input and output file formats are expected to be compatible with Sendmail version 8, and are expected to be suitable for the diff --git a/postfix/man/man5/canonical.5 b/postfix/man/man5/canonical.5 index df681ad9f..cc682f32a 100644 --- a/postfix/man/man5/canonical.5 +++ b/postfix/man/man5/canonical.5 @@ -18,9 +18,9 @@ local and non-local addresses. The mapping is used by the Normally, the file serves as input to the \fBpostmap\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, -is used for fast searching by the mail system. After an update -it may take a minute or so before the change becomes visible. -Issue a \fBpostfix reload\fR command to eliminate the delay. +is used for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/canonical\fR in order to rebuild the indexed +file after changing the canonical table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files. diff --git a/postfix/man/man5/relocated.5 b/postfix/man/man5/relocated.5 index 415169c7e..77c9390a2 100644 --- a/postfix/man/man5/relocated.5 +++ b/postfix/man/man5/relocated.5 @@ -17,8 +17,9 @@ used in "user has moved to \fInew_location\fR" bounce messages. Normally, the file serves as input to the \fBpostmap\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, -is used for fast searching by the mail system. After an update -issue a \fBpostfix reload\fR command to make the change visible. +is used for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/relocated\fR in order to rebuild the indexed +file after changing the relocated table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files. diff --git a/postfix/man/man5/transport.5 b/postfix/man/man5/transport.5 index ad470d8d8..762bd8097 100644 --- a/postfix/man/man5/transport.5 +++ b/postfix/man/man5/transport.5 @@ -18,8 +18,9 @@ mapping is used by the \fBtrivial-rewrite\fR(8) daemon. Normally, the file serves as input to the \fBpostmap\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used -for fast searching by the mail system. After updating this table, -issue the \fBpostfix reload\fR command to make the change visible. +for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/transport\fR in order to rebuild the indexed +file after changing the transport table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files. diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5 index 734a377a3..e03f6d7da 100644 --- a/postfix/man/man5/virtual.5 +++ b/postfix/man/man5/virtual.5 @@ -23,9 +23,9 @@ mapping to rewrite header and envelope addresses in general. Normally, the file serves as input to the \fBpostmap\fR(1) command. The result, an indexed file in \fBdbm\fR or \fBdb\fR format, -is used for fast searching by the mail system. After an update -it may take a minute or so before the change becomes visible. -Issue a \fBpostfix reload\fR command to eliminate the delay. +is used for fast searching by the mail system. Execute the command +\fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed +file after changing the virtual table. When the table is provided via other means such as NIS, LDAP or SQL, the same lookups are done as for ordinary indexed files. diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8 index 31b8fbcbf..50f019bfb 100644 --- a/postfix/man/man8/cleanup.8 +++ b/postfix/man/man8/cleanup.8 @@ -19,7 +19,7 @@ manager of its arrival. The \fBcleanup\fR daemon always performs the following transformations: .IP \(bu Insert missing message headers: (\fBResent-\fR) \fBFrom:\fR, -\fBMessage-Id:\fR, and \fBDate:\fR. +\fBTo:\fR, \fBMessage-Id:\fR, and \fBDate:\fR. .IP \(bu Extract envelope recipient addresses from (\fBResent-\fR) \fBTo:\fR, \fBCc:\fR and \fBBcc:\fR message headers when no recipients are @@ -81,6 +81,9 @@ a configuration change. Address to send a copy of each message that enters the system. .IP \fBhopcount_limit\fR Limit the number of \fBReceived:\fR message headers. +.IP \fBrecipients_witheld_header\fR +The header line that is inserted when no recipients were +specified in (Resent-)To: or (Resent-)Cc: message headers. .SH "Address transformations" .ad .fi diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8 index cee4dac96..c3f53dd80 100644 --- a/postfix/man/man8/smtp.8 +++ b/postfix/man/man8/smtp.8 @@ -46,6 +46,7 @@ RFC 821 (SMTP protocol) RFC 1651 (SMTP service extensions) RFC 1870 (Message Size Declaration) RFC 2197 (Pipelining) +RFC 2554 (AUTH command) .SH DIAGNOSTICS .ad .fi @@ -109,6 +110,26 @@ Skip servers that greet us with a 4xx status code. Skip servers that greet us with a 5xx status code. .IP \fBsmtp_skip_quit_response\fR Do not wait for the server response after sending QUIT. +.SH "Authentication controls" +.IP \fBsmtp_enable_sasl_auth\fR +Enable per-session authentication as per RFC 2554 (SASL). +.IP \fBsmtp_sasl_password_maps\fR +Lookup tables with per-host \fIname\fR:\fIpassword\fR entries. +No entry for a host means no attempt to authenticate. +.IP \fBsmtp_sasl_security_options\fR +Zero or more of the following. +.RS +.IP \fBnoplaintext\fR +Disallow authentication methods that use plaintext passwords. +.IP \fBnoactive\fR +Disallow authentication methods that are vulnerable to non-dictionary +active attacks. +.IP \fBnodictionary\fR +Disallow authentication methods that are vulnerable to passive +dictionary attack. +.IP \fBnoanonymous\fR +Disallow anonymous logins. +.RE .SH "Resource controls" .ad .fi diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8 index 6055701ec..c0c7a5f25 100644 --- a/postfix/man/man8/smtpd.8 +++ b/postfix/man/man8/smtpd.8 @@ -80,6 +80,20 @@ allow RFC822-style address forms with comments, like Sendmail does. Enable per-session authentication as per RFC 2554 (SASL). This functionality is available only when explicitly selected at program build time and explicitly enabled at runtime. +.IP \fBsmtpd_sasl_security_options\fR +Zero or more of the following. +.RS +.IP \fBnoplaintext\fR +Disallow authentication methods that use plaintext passwords. +.IP \fBnoactive\fR +Disallow authentication methods that are vulnerable to non-dictionary +active attacks. +.IP \fBnodictionary\fR +Disallow authentication methods that are vulnerable to passive +dictionary attack. +.IP \fBnoanonymous\fR +Disallow anonymous logins. +.RE .SH Miscellaneous .ad .fi