From: Wietse Venema <wietse@porcupine.org>
Date: Wed, 7 Nov 2001 05:00:00 +0000 (-0500)
Subject: snapshot-20011107
X-Git-Tag: v1.1.0~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=31ab41ad0560e770d8e8064b03881cf8e58709c6;p=thirdparty%2Fpostfix.git

snapshot-20011107
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 70d4a7450..686e1d18d 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -5576,6 +5576,18 @@ Apologies for any names omitted.
 	Bugfix: missing terminator in new attribute-based function
 	call caused signal 11. File: src/cleanup/cleanup.c.
 
+	Lame workaround for ESTALE errors with mail deliver over
+	NFS. Some bandages have been added to the local delivery
+	agent. Wietse maintains that Postfix offers no guarantee
+	for reliable delivery over NFS.
+
+20011107
+
+	Workaround: in order to get mail past PIX firewall bugs,
+	Postfix now waits until the socket send buffer is empty
+	before sending the final ".<CR><LF>". Files:
+	util/sock_empty_wait.c, smtp/smtp_proto.c.
+
 Open problems:
 
 	Medium: need in-process caching for map lookups. LDAP
@@ -5587,6 +5599,8 @@ Open problems:
 	Medium: smtpd access maps don't understand the recipient
 	delimiter setting.
 
+	Low: default domain for appending to unqualified recipients.
+
 	Low: The $process_id_directory setting is not used anywhere
 	in Postfix. Problem reported by Michael Smith, texas.net.
 	This should be documented, or better, the code should warn
diff --git a/postfix/INSTALL b/postfix/INSTALL
index 3d6748521..8c5419b22 100644
--- a/postfix/INSTALL
+++ b/postfix/INSTALL
@@ -213,8 +213,8 @@ In order to install or upgrade Postfix:
 
 - Run the INSTALL.sh script as the super-user:
 
-    # make install              (interactive version, first time install)
-    # make install </dev/null   (non-interactive version, for upgrades)
+    # make install       (interactive version, first time install)
+    # make upgrade       (non-interactive version, for upgrades)
 
   The non-interactive version needs the /etc/postfix/install.cf
   file from a previous installation. If the file does not exist,
diff --git a/postfix/Makefile.in b/postfix/Makefile.in
index 62d3af31d..b20bb4cb5 100644
--- a/postfix/Makefile.in
+++ b/postfix/Makefile.in
@@ -27,6 +27,9 @@ printfck: update
 install: update
 	sh INSTALL.sh
 
+upgrade: update
+	sh INSTALL.sh </dev/null
+
 depend clean:
 	set -e; for i in $(DIRS); do \
 	 (set -e; echo "[$$i]"; cd $$i; $(MAKE) $@) || exit 1; \
diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf
index 43220c108..cc39b935b 100644
--- a/postfix/conf/main.cf
+++ b/postfix/conf/main.cf
@@ -152,9 +152,9 @@ mail_owner = postfix
 # Specify "mynetworks_style = host" when Postfix should "trust"
 # only the local machine.
 # 
-# mynetworks_style = class
-# mynetworks_style = subnet
-# mynetworks_style = host
+#mynetworks_style = class
+#mynetworks_style = subnet
+#mynetworks_style = host
 
 # Alternatively, you can specify the mynetworks list by hand, in
 # which case Postfix ignores the mynetworks_style setting.
@@ -217,10 +217,10 @@ mail_owner = postfix
 #
 # If you're connected via UUCP, see also the default_transport parameter.
 #
-# relayhost = $mydomain
-# relayhost = gateway.my.domain
-# relayhost = uucphost
-# relayhost = [an.ip.add.ress]
+#relayhost = $mydomain
+#relayhost = gateway.my.domain
+#relayhost = uucphost
+#relayhost = [an.ip.add.ress]
 
 # REJECTING UNKNOWN LOCAL USERS
 #
@@ -319,7 +319,7 @@ mail_owner = postfix
 # Basically, the software tries user+foo and .forward+foo before
 # trying user and .forward.
 #
-# recipient_delimiter = +
+#recipient_delimiter = +
 
 # DELIVERY TO MAILBOX
 #
@@ -335,8 +335,8 @@ mail_owner = postfix
 # UNIX-style mailboxes are kept. The default setting depends on the
 # system type.
 #
-# mail_spool_directory = /var/mail
-# mail_spool_directory = /var/spool/mail
+#mail_spool_directory = /var/mail
+#mail_spool_directory = /var/spool/mail
 
 # The mailbox_command parameter specifies the optional external
 # command to use instead of mailbox delivery. The command is run as
@@ -399,9 +399,9 @@ mail_owner = postfix
 #
 # luser_relay works only for the default Postfix local delivery agent.
 #
-# luser_relay = $user@other.host
-# luser_relay = $local@other.host
-# luser_relay = admin+$local
+#luser_relay = $user@other.host
+#luser_relay = $local@other.host
+#luser_relay = admin+$local
   
 # JUNK MAIL CONTROLS
 # 
@@ -481,8 +481,8 @@ debug_peer_level = 2
 # increase the verbose logging level by the amount specified in the
 # debug_peer_level parameter.
 #
-# debug_peer_list = 127.0.0.1
-# debug_peer_list = some.domain
+#debug_peer_list = 127.0.0.1
+#debug_peer_list = some.domain
 
 # The debugger_command specifies the external command that is executed
 # when a Postfix daemon program is run with the -D option.
diff --git a/postfix/conf/sample-aliases.cf b/postfix/conf/sample-aliases.cf
index 80dd4a6e8..6ebebb66d 100644
--- a/postfix/conf/sample-aliases.cf
+++ b/postfix/conf/sample-aliases.cf
@@ -13,8 +13,8 @@
 # specify multiple tables, not necessarily all under control by
 # Postfix.
 #
-# alias_database = dbm:/etc/aliases
-# alias_database = dbm:/etc/mail/aliases
+#alias_database = dbm:/etc/aliases
+#alias_database = dbm:/etc/mail/aliases
 alias_database = hash:/etc/aliases
 
 # The alias_maps parameter specifies the list of alias databases used
@@ -30,6 +30,6 @@ alias_database = hash:/etc/aliases
 # It will take a minute or so before changes become visible.  Use
 # "postfix reload" to eliminate the delay.
 # 
-# alias_maps = dbm:/etc/aliases, nis:mail.aliases
-# alias_maps = hash:/etc/aliases
+#alias_maps = dbm:/etc/aliases, nis:mail.aliases
+#alias_maps = hash:/etc/aliases
 alias_maps = hash:/etc/aliases
diff --git a/postfix/conf/sample-auth.cf b/postfix/conf/sample-auth.cf
index be003437d..00920bde7 100644
--- a/postfix/conf/sample-auth.cf
+++ b/postfix/conf/sample-auth.cf
@@ -70,7 +70,7 @@ smtpd_sasl_security_options = noanonymous
 # By default, the local authentication realm name is the name of the
 # machine.
 # 
-# smtpd_sasl_local_domain = $mydomain
+#smtpd_sasl_local_domain = $mydomain
 smtpd_sasl_local_domain = $myhostname
 
 # SMTP CLIENT CONTROLS
diff --git a/postfix/conf/sample-canonical.cf b/postfix/conf/sample-canonical.cf
index 1e3b0a57c..474976b70 100644
--- a/postfix/conf/sample-canonical.cf
+++ b/postfix/conf/sample-canonical.cf
@@ -17,10 +17,10 @@
 # will become visible after a minute or so.  Use "postfix reload"
 # to eliminate the delay.
 #
-# canonical_maps = dbm:/etc/postfix/canonical
-# canonical_maps = hash:/etc/postfix/canonical
-# canonical_maps = hash:/etc/postfix/canonical, nis:canonical
-# canonical_maps = hash:/etc/postfix/canonical, netinfo:/canonical
+#canonical_maps = dbm:/etc/postfix/canonical
+#canonical_maps = hash:/etc/postfix/canonical
+#canonical_maps = hash:/etc/postfix/canonical, nis:canonical
+#canonical_maps = hash:/etc/postfix/canonical, netinfo:/canonical
 canonical_maps = 
 
 # The recipient_canonical_maps parameter specifies optional address
@@ -30,7 +30,7 @@ canonical_maps =
 #
 # $recipient_canonical_maps is used before $canonical_maps lookups.
 #
-# recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
+#recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
 recipient_canonical_maps = 
 
 # The sender_canonical_maps parameter specifies optional address
@@ -44,5 +44,5 @@ recipient_canonical_maps =
 # 
 # $sender_canonical_maps is used before $canonical_maps lookups.
 #
-# sender_canonical_maps = hash:/etc/postfix/sender_canonical
+#sender_canonical_maps = hash:/etc/postfix/sender_canonical
 sender_canonical_maps = 
diff --git a/postfix/conf/sample-debug.cf b/postfix/conf/sample-debug.cf
index c8a8e97a6..5f850ddc7 100644
--- a/postfix/conf/sample-debug.cf
+++ b/postfix/conf/sample-debug.cf
@@ -16,8 +16,8 @@ debug_peer_level = 2
 # increase the verbose logging level by the amount specified in the
 # debug_peer_level parameter.
 #
-# debug_peer_list = 127.0.0.1
-# debug_peer_list = some.domain
+#debug_peer_list = 127.0.0.1
+#debug_peer_list = some.domain
 debug_peer_list = 
 
 # The debugger_command specifies the external command that is executed
diff --git a/postfix/conf/sample-lmtp.cf b/postfix/conf/sample-lmtp.cf
index 64419a35b..9e2699ccc 100644
--- a/postfix/conf/sample-lmtp.cf
+++ b/postfix/conf/sample-lmtp.cf
@@ -68,7 +68,7 @@ lmtp_destination_recipient_limit = $default_destination_recipient_limit
 # Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
 # The default time unit is s (seconds).
 #
-# lmtp_connect_timeout = 30s
+#lmtp_connect_timeout = 30s
 lmtp_connect_timeout = 0s
 
 # The lmtp_lhlo_timeout parameter specifies the LMTP client timeout
diff --git a/postfix/conf/sample-local.cf b/postfix/conf/sample-local.cf
index 69f87dda1..4a1c8c244 100644
--- a/postfix/conf/sample-local.cf
+++ b/postfix/conf/sample-local.cf
@@ -15,7 +15,7 @@
 # with lots of interactive users, this "protocol" can be a real
 # performance pig.  Specify "biff = no" to disable.
 # 
-# biff = no
+#biff = no
 biff = yes
 
 # The require_home_directory parameter controls whether a local
@@ -84,14 +84,14 @@ forward_path = $home/.forward$recipient_delimiter$extension,$home/.forward
 # external commands. The default is to disallow delivery to "|command"
 # in :include: files.
 #
-# allow_mail_to_commands = alias,forward,include
+#allow_mail_to_commands = alias,forward,include
 allow_mail_to_commands = alias,forward
 
 # The allow_mail_to_files parameter restricts mail delivery to external
 # file. The default is to disallow delivery to /file/name in :include:
 # files.
 #
-# allow_mail_to_files = alias,forward,include
+#allow_mail_to_files = alias,forward,include
 allow_mail_to_files = alias,forward
 
 # The default_privs parameter specifies the default rights used by
@@ -110,8 +110,8 @@ default_privs = nobody
 # mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
 # "Maildir/" for qmail-style delivery (the / is required).
 #
-# home_mailbox = Mailbox
-# home_mailbox = Maildir/
+#home_mailbox = Mailbox
+#home_mailbox = Maildir/
 home_mailbox = 
 
 # The luser_relay parameter specifies an optional destination address
@@ -127,16 +127,16 @@ home_mailbox =
 #
 # luser_relay works only for the default Postfix local delivery agent.
 #
-# luser_relay = $user@other.host
-# luser_relay = $local@other.host
-# luser_relay = admin+$local
+#luser_relay = $user@other.host
+#luser_relay = $local@other.host
+#luser_relay = admin+$local
 
 # The mail_spool_directory parameter specifies the directory where
 # UNIX-style mailboxes are kept. The default setting depends on the
 # system type.
 #
-# mail_spool_directory = /var/mail
-# mail_spool_directory = /var/spool/mail
+#mail_spool_directory = /var/mail
+#mail_spool_directory = /var/spool/mail
 
 # The mailbox_command parameter specifies the optional external
 # command to use instead of mailbox delivery. The command is run
@@ -157,8 +157,8 @@ home_mailbox =
 # IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN
 # ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER.
 #
-# mailbox_command = /some/where/procmail
-# mailbox_command = /some/where/procmail -a "$EXTENSION"
+#mailbox_command = /some/where/procmail
+#mailbox_command = /some/where/procmail -a "$EXTENSION"
 mailbox_command = 
 
 # The mailbox_command_maps allows you to specify a per-user mailbox
@@ -166,7 +166,7 @@ mailbox_command =
 # Specify one or more maps. If this feature is used then every user
 # must have a matching entry.
 #
-# mailbox_command_maps = hash:/etc/postfix/mailbox_commands
+#mailbox_command_maps = hash:/etc/postfix/mailbox_commands
 
 # The mailbox_transport specifies the optional transport in master.cf
 # to use after processing aliases and .forward files. This parameter
@@ -178,8 +178,8 @@ mailbox_command =
 # :nexthop part is optional. For more details see the sample transport
 # configuration file.
 #
-# mailbox_transport = lmtp:unix:/file/name
-# mailbox_transport = cyrus
+#mailbox_transport = lmtp:unix:/file/name
+#mailbox_transport = cyrus
 mailbox_transport =
 
 # The fallback_transport specifies the optional transport in master.cf
@@ -191,8 +191,8 @@ mailbox_transport =
 # :nexthop part is optional. For more details see the sample transport
 # configuration file.
 #
-# fallback_transport = lmtp:unix:/file/name
-# fallback_transport = cyrus
+#fallback_transport = lmtp:unix:/file/name
+#fallback_transport = cyrus
 fallback_transport =
 
 #
@@ -236,5 +236,5 @@ local_destination_recipient_limit = 1
 # and command. Turning off the Delivered-To: header when forwarding
 # mail is not recommended.
 #
-# prepend_delivered_header = command, file, forward
-# prepend_delivered_header = forward
+#prepend_delivered_header = command, file, forward
+#prepend_delivered_header = forward
diff --git a/postfix/conf/sample-misc.cf b/postfix/conf/sample-misc.cf
index 4b2d7d502..4b7941ee0 100644
--- a/postfix/conf/sample-misc.cf
+++ b/postfix/conf/sample-misc.cf
@@ -24,8 +24,8 @@ daemon_timeout = 18000s
 # systems the default type is either `dbm' or `hash'. The default is
 # determined when the Postfix system is built.
 #
-# default_database_type = hash
-# default_database_type = dbm
+#default_database_type = hash
+#default_database_type = dbm
 
 # The default_transport parameter specifies the default message
 # delivery transport to use when no transport is explicitly given in
@@ -36,7 +36,7 @@ daemon_timeout = 18000s
 # transport or nexthop are optional. For more details see the sample
 # transports file.
 #
-# default_transport = uucp:relayhostname
+#default_transport = uucp:relayhostname
 default_transport = smtp
 
 # The double_bounce_sender parameter specifies the sender address
@@ -98,7 +98,7 @@ hopcount_limit = 50
 # 
 # Specify a list of names separated by whitespace or comma.
 #
-# import_environment = MAIL_CONFIG TZ XAUTHORITY DISPLAY HOME PURIFYOPTIONS
+#import_environment = MAIL_CONFIG TZ XAUTHORITY DISPLAY HOME PURIFYOPTIONS
 import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY
 
 # The inet_interfaces parameter specifies the network interface
@@ -187,8 +187,8 @@ max_use = 100
 # a name matches a lookup key.  Continue long lines by starting the
 # next line with whitespace.
 #
-# mydestination = $myhostname, localhost.$mydomain $mydomain
-# mydestination = $myhostname, localhost.$mydomain www.$mydomain, ftp.$mydomain
+#mydestination = $myhostname, localhost.$mydomain $mydomain
+#mydestination = $myhostname, localhost.$mydomain www.$mydomain, ftp.$mydomain
 mydestination = $myhostname, localhost.$mydomain
 
 # The mydomain parameter specifies the local internet domain name.
@@ -212,7 +212,7 @@ mydestination = $myhostname, localhost.$mydomain
 # a domain-wide alias database that aliases each user to
 # user@that.users.mailhost.
 #
-# myorigin = $mydomain
+#myorigin = $mydomain
 myorigin = $myhostname
 
 # The mynetworks parameter specifies the list of "trusted" SMTP
@@ -237,9 +237,9 @@ myorigin = $myhostname
 # Specify "mynetworks_style = host" when Postfix should "trust"
 # only the local machine.
 # 
-# mynetworks_style = class
-# mynetworks_style = subnet
-# mynetworks_style = host
+#mynetworks_style = class
+#mynetworks_style = subnet
+#mynetworks_style = host
 
 # Alternatively, you can specify the mynetworks list by hand, in
 # which case Postfix ignores the mynetworks_style setting.
@@ -259,8 +259,8 @@ myorigin = $myhostname
 # policy (anti-UCE violations) and protocol error (broken mailers)
 # reports.
 #
-# notify_classes = bounce,delay,policy,protocol,resource,software
-# notify_classes = 2bounce,resource,software
+#notify_classes = bounce,delay,policy,protocol,resource,software
+#notify_classes = 2bounce,resource,software
 notify_classes = resource,software
 
 # The following parameters specify who gets postmaster notices if
@@ -297,7 +297,7 @@ queue_directory = /var/spool/postfix
 # Basically, the software tries user+foo and .forward+foo before
 # trying user and .forward.
 #
-# recipient_delimiter = +
+#recipient_delimiter = +
 recipient_delimiter =
 
 # The propagate_unmatched_extensions parameter specifies what lookup
@@ -332,10 +332,10 @@ recipient_delimiter =
 #
 # If you're connected via UUCP, see also the default_transport parameter.
 #
-# relayhost = $mydomain
-# relayhost = gateway.my.domain
-# relayhost = uucphost
-# relayhost = [an.ip.add.ress]
+#relayhost = $mydomain
+#relayhost = gateway.my.domain
+#relayhost = uucphost
+#relayhost = [an.ip.add.ress]
 relayhost =
 
 # The relocated_maps parameter specifies optional tables with contact
@@ -347,7 +347,7 @@ relayhost =
 # Specify the types and names of databases to use.  After change,
 # run "postmap /etc/postfix/relocated", then "postfix reload".
 #
-# relocated_maps = hash:/etc/postfix/relocated
+#relocated_maps = hash:/etc/postfix/relocated
 relocated_maps =
 
 # The syslog_facility parameter controls where Postfix logging is
@@ -390,4 +390,4 @@ trigger_timeout = 10s
 # Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
 # The default time unit is h (hours).
 #
-# delay_warning_time = 0h
+#delay_warning_time = 0h
diff --git a/postfix/conf/sample-relocated.cf b/postfix/conf/sample-relocated.cf
index 1c83ca538..611134b0a 100644
--- a/postfix/conf/sample-relocated.cf
+++ b/postfix/conf/sample-relocated.cf
@@ -14,8 +14,8 @@
 # build the necessary DBM or DB file after change, then "postfix
 # reload" to make the changes visible.
 #
-# relocated_maps = dbm:/etc/postfix/relocated
-# relocated_maps = hash:/etc/postfix/relocated
-# relocated_maps = hash:/etc/postfix/relocated, nis:virtual
-# relocated_maps = hash:/etc/postfix/relocated, netinfo:/relocated
+#relocated_maps = dbm:/etc/postfix/relocated
+#relocated_maps = hash:/etc/postfix/relocated
+#relocated_maps = hash:/etc/postfix/relocated, nis:virtual
+#relocated_maps = hash:/etc/postfix/relocated, netinfo:/relocated
 relocated_maps = 
diff --git a/postfix/conf/sample-rewrite.cf b/postfix/conf/sample-rewrite.cf
index deed2785f..c4d5e1ea1 100644
--- a/postfix/conf/sample-rewrite.cf
+++ b/postfix/conf/sample-rewrite.cf
@@ -7,7 +7,7 @@
 # The allow_percent_hack parameter controls the rewriting of the form
 # "user%domain" to "user@domain". This is enabled by default.
 #
-# allow_percent_hack = no
+#allow_percent_hack = no
 allow_percent_hack = yes
 
 # The append_at_myorigin controls the rewriting of the form "user" to
@@ -18,7 +18,7 @@ append_at_myorigin = yes
 # The append_dot_mydomain controls the rewriting of the form
 # "user@host" to "user@host.$mydomain". This is enabled by default.
 #
-# append_dot_mydomain = no
+#append_dot_mydomain = no
 append_dot_mydomain = yes
 
 # The empty_address_recipient specifies the destination for mail from
@@ -45,7 +45,7 @@ masquerade_classes = envelope_sender, header_sender, header_recipient
 #
 # By default, address masquerading is disabled.
 #
-# masquerade_domains = $mydomain
+#masquerade_domains = $mydomain
 masquerade_domains = 
 
 # The masquerade_exceptions parameter gives an optional list of user
@@ -61,5 +61,5 @@ masquerade_exceptions =
 # "site!user" to "user@site".  This is necessary if your machine is
 # connected to UUCP networks. It is enabled by default.
 #
-# swap_bangpath = no
+#swap_bangpath = no
 swap_bangpath = yes
diff --git a/postfix/conf/sample-smtp.cf b/postfix/conf/sample-smtp.cf
index b1ffef725..888c49449 100644
--- a/postfix/conf/sample-smtp.cf
+++ b/postfix/conf/sample-smtp.cf
@@ -138,7 +138,7 @@ smtp_destination_recipient_limit = $default_destination_recipient_limit
 # Time units: s (seconds), m (minutes), h (hours), d (days), w (weeks).
 # The default time unit is s (seconds).
 #
-# smtp_connect_timeout = 30s
+#smtp_connect_timeout = 30s
 smtp_connect_timeout = 0s
 
 # The smtp_helo_timeout parameter specifies the SMTP client timeout
diff --git a/postfix/conf/sample-smtpd.cf b/postfix/conf/sample-smtpd.cf
index ed084a942..73175c038 100644
--- a/postfix/conf/sample-smtpd.cf
+++ b/postfix/conf/sample-smtpd.cf
@@ -23,7 +23,7 @@
 # greeting banner it will report a mailer loop. That's better than
 # having a machine meltdown.
 #
-# smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
+#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
 smtpd_banner = $myhostname ESMTP $mail_name
 
 # The smtpd_etrn_restrictions parameter restricts what clients are
@@ -123,9 +123,9 @@ smtpd_hard_error_limit = 100
 # Specify "mynetworks_style = host" when Postfix should "trust"
 # only the local machine.
 # 
-# mynetworks_style = class
+#mynetworks_style = class
 mynetworks_style = subnet
-# mynetworks_style = host
+#mynetworks_style = host
 
 # Alternatively, you can specify the mynetworks list by hand, in
 # which case Postfix ignores the mynetworks_style setting.
@@ -173,7 +173,7 @@ smtpd_client_restrictions =
 # that SMTP clients must introduce themselves at the beginning of an
 # SMTP session.
 #
-# smtpd_helo_required = yes
+#smtpd_helo_required = yes
 smtpd_helo_required = no
 
 # The smtpd_helo_restrictions parameter specifies optional restrictions
@@ -202,8 +202,8 @@ smtpd_helo_required = no
 # Specify a list of restrictions, separated by commas and/or whitespace.
 # Continue long lines by starting the next line with whitespace.
 #
-# smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname
-# smtpd_helo_restrictions = permit_mynetworks, reject_unknown_hostname
+#smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname
+#smtpd_helo_restrictions = permit_mynetworks, reject_unknown_hostname
 smtpd_helo_restrictions = 
 
 # The smtpd_sender_restrictions parameter specifies optional restrictions
@@ -235,8 +235,8 @@ smtpd_helo_restrictions =
 # Specify a list of restrictions, separated by commas and/or whitespace.
 # Continue long lines by starting the next line with whitespace.
 #
-# smtpd_sender_restrictions = reject_unknown_sender_domain
-# smtpd_sender_restrictions = reject_unknown_sender_domain, hash:/etc/postfix/access
+#smtpd_sender_restrictions = reject_unknown_sender_domain
+#smtpd_sender_restrictions = reject_unknown_sender_domain, hash:/etc/postfix/access
 smtpd_sender_restrictions = 
 
 # The smtpd_recipient_restrictions parameter specifies restrictions on
diff --git a/postfix/conf/sample-transport.cf b/postfix/conf/sample-transport.cf
index 8ecd2b56b..79d6f87d0 100644
--- a/postfix/conf/sample-transport.cf
+++ b/postfix/conf/sample-transport.cf
@@ -11,8 +11,8 @@
 # to use.  If you use this feature, run "postmap /etc/postfix/transport"
 # after change, then "postfix reload".
 # 
-# transport_maps = dbm:/etc/postfix/transport
-# transport_maps = hash:/etc/postfix/transport
-# transport_maps = hash:/etc/postfix/transport, nis:transport
-# transport_maps = hash:/etc/postfix/transport, netinfo:/transport
+#transport_maps = dbm:/etc/postfix/transport
+#transport_maps = hash:/etc/postfix/transport
+#transport_maps = hash:/etc/postfix/transport, nis:transport
+#transport_maps = hash:/etc/postfix/transport, netinfo:/transport
 transport_maps = 
diff --git a/postfix/conf/sample-virtual.cf b/postfix/conf/sample-virtual.cf
index d660d6b79..f11ccc317 100644
--- a/postfix/conf/sample-virtual.cf
+++ b/postfix/conf/sample-virtual.cf
@@ -16,8 +16,8 @@
 # It may take a minute or so before the change becomes visible.
 # Use "postfix reload" to eliminate the delay.
 #
-# virtual_maps = dbm:/etc/postfix/virtual
-# virtual_maps = hash:/etc/postfix/virtual
-# virtual_maps = hash:/etc/postfix/virtual, nis:virtual
-# virtual_maps = hash:/etc/postfix/virtual, netinfo:/virtual
+#virtual_maps = dbm:/etc/postfix/virtual
+#virtual_maps = hash:/etc/postfix/virtual
+#virtual_maps = hash:/etc/postfix/virtual, nis:virtual
+#virtual_maps = hash:/etc/postfix/virtual, netinfo:/virtual
 virtual_maps = 
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 21b8ef185..89c8c7885 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -1140,6 +1140,8 @@ extern int var_access_map_code;
 #define CHECK_RECIP_ACL		"check_recipient_access"
 #define CHECK_ETRN_ACL		"check_etrn_access"
 
+#define WARN_IF_REJECT		"warn_if_reject"
+
 #define REJECT_MAPS_RBL		"reject_maps_rbl"
 #define VAR_MAPS_RBL_CODE	"maps_rbl_reject_code"
 #define DEF_MAPS_RBL_CODE	554
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 0d6789be1..b015653d4 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -15,7 +15,7 @@
   * Version of this program.
   */
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"Snapshot-20011105"
+#define DEF_MAIL_VERSION	"Snapshot-20011107"
 extern char *var_mail_version;
 
 /* LICENSE
diff --git a/postfix/src/local/file.c b/postfix/src/local/file.c
index e3a530ba8..610b1a61d 100644
--- a/postfix/src/local/file.c
+++ b/postfix/src/local/file.c
@@ -170,7 +170,7 @@ int     deliver_file(LOCAL_STATE state, USER_ATTR usr_attr, char *path)
      * As the mail system, bounce, defer delivery, or report success.
      */
     if (status != 0) {
-	status = (errno == EAGAIN || errno == ENOSPC ?
+	status = (errno == EAGAIN || errno == ENOSPC || errno == ESTALE ?
 		  defer_append : bounce_append)
 	    (BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
 	     "cannot append message to destination file %s: %s",
diff --git a/postfix/src/local/mailbox.c b/postfix/src/local/mailbox.c
index 667a65e19..fd438cf0e 100644
--- a/postfix/src/local/mailbox.c
+++ b/postfix/src/local/mailbox.c
@@ -203,7 +203,7 @@ static int deliver_mailbox_file(LOCAL_STATE state, USER_ATTR usr_attr)
      * As the mail system, bounce, defer delivery, or report success.
      */
     if (status != 0) {
-	status = (errno == EAGAIN || errno == ENOSPC ?
+	status = (errno == EAGAIN || errno == ENOSPC || errno == ESTALE ?
 		  defer_append : bounce_append)
 	    (BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
 	     "cannot access mailbox %s for user %s. %s",
diff --git a/postfix/src/local/maildir.c b/postfix/src/local/maildir.c
index e9bd0de85..195e0bfdb 100644
--- a/postfix/src/local/maildir.c
+++ b/postfix/src/local/maildir.c
@@ -153,7 +153,8 @@ int     deliver_maildir(LOCAL_STATE state, USER_ATTR usr_attr, char *path)
     set_eugid(var_owner_uid, var_owner_gid);
 
     if (status)
-	status = (errno == ENOSPC ? defer_append : bounce_append)
+	status = (errno == ENOSPC || errno == ESTALE ?
+		  defer_append : bounce_append)
 	    (BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr),
 	     "maildir delivery failed: %s", vstring_str(why));
     else
diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c
index b26095fd8..3267d5eae 100644
--- a/postfix/src/smtp/smtp_proto.c
+++ b/postfix/src/smtp/smtp_proto.c
@@ -82,6 +82,7 @@
 #include <vstring_vstream.h>
 #include <stringops.h>
 #include <mymalloc.h>
+#include <iostuff.h>
 
 /* Global library. */
 
@@ -178,8 +179,11 @@ int     smtp_helo(SMTP_STATE *state)
      * does not span a packet boundary. This hurts performance so it is not
      * on by default.
      */
-    if (resp->str[strspn(resp->str, "20 *\t\n")] == 0)
+    if (resp->str[strspn(resp->str, "20 *\t\n")] == 0) {
+	msg_info("enabling PIX <CRLF>.<CRLF> workaround for %s",
+		 session->namaddr);
 	state->features |= SMTP_FEATURE_MAYBEPIX;
+    }
 
     /*
      * See if we are talking to ourself. This should not be possible with the
@@ -196,9 +200,9 @@ int     smtp_helo(SMTP_STATE *state)
 	} else if (strcasecmp(word, "ESMTP") == 0)
 	    state->features |= SMTP_FEATURE_ESMTP;
     }
-    if (var_smtp_always_ehlo)
+    if (var_smtp_always_ehlo && (state->features & SMTP_FEATURE_MAYBEPIX) == 0)
 	state->features |= SMTP_FEATURE_ESMTP;
-    if (var_smtp_never_ehlo)
+    if (var_smtp_never_ehlo || (state->features & SMTP_FEATURE_MAYBEPIX) != 0)
 	state->features &= ~SMTP_FEATURE_ESMTP;
 
     /*
@@ -657,9 +661,11 @@ int     smtp_xfer(SMTP_STATE *state)
 
 	    if (prev_type == REC_TYPE_CONT)	/* missing newline at end */
 		smtp_fputs("", 0, session->stream);
-	    if ((state->features & SMTP_FEATURE_ESMTP) == 0
-		&& (state->features & SMTP_FEATURE_MAYBEPIX) != 0)
+	    if ((state->features & SMTP_FEATURE_MAYBEPIX) != 0) {
 		vstream_fflush(session->stream);/* hurts performance */
+		sock_empty_wait(vstream_fileno(session->stream),
+				session->stream->timeout / 2);
+	    }
 	    if (vstream_ferror(state->src))
 		msg_fatal("queue file read error");
 	    if (rec_type != REC_TYPE_XTRA)
diff --git a/postfix/src/smtpd/smtpd.h b/postfix/src/smtpd/smtpd.h
index 29fb3d2d7..20386ad73 100644
--- a/postfix/src/smtpd/smtpd.h
+++ b/postfix/src/smtpd/smtpd.h
@@ -76,6 +76,7 @@ typedef struct SMTPD_STATE {
     VSTRING *sasl_encoded;
     VSTRING *sasl_decoded;
 #endif
+    int     warn_if_reject;
 } SMTPD_STATE;
 
 extern void smtpd_state_init(SMTPD_STATE *, VSTREAM *);
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index d558c37c3..fde64186a 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -585,6 +585,20 @@ static int smtpd_check_reject(SMTPD_STATE *state, int error_class,
 			              char *format,...)
 {
     va_list ap;
+    int     warn_if_reject;
+    const char *whatsup;
+
+    /*
+     * Do not reject mail if we were asked to warn only. However,
+     * configuration errors cannot be converted into warnings.
+     */
+    if (state->warn_if_reject && error_class != MAIL_ERROR_SOFTWARE) {
+	warn_if_reject = 1;
+	whatsup = "reject_warning";
+    } else {
+	warn_if_reject = 0;
+	whatsup = "reject";
+    }
 
     /*
      * Update the error class mask, and format the response. XXX What about
@@ -634,22 +648,22 @@ static int smtpd_check_reject(SMTPD_STATE *state, int error_class,
      * rejected. Print the request, client name/address, and response.
      */
     if (state->recipient && state->sender) {
-	msg_info("reject: %s from %s: %s; from=<%s> to=<%s>",
-		 state->where, state->namaddr, STR(error_text),
+	msg_info("%s: %s from %s: %s; from=<%s> to=<%s>",
+		 whatsup, state->where, state->namaddr, STR(error_text),
 		 state->sender, state->recipient);
     } else if (state->recipient) {
-	msg_info("reject: %s from %s: %s; to=<%s>",
-		 state->where, state->namaddr, STR(error_text),
+	msg_info("%s: %s from %s: %s; to=<%s>",
+		 whatsup, state->where, state->namaddr, STR(error_text),
 		 state->recipient);
     } else if (state->sender) {
-	msg_info("reject: %s from %s: %s; from=<%s>",
-		 state->where, state->namaddr, STR(error_text),
+	msg_info("%s: %s from %s: %s; from=<%s>",
+		 whatsup, state->where, state->namaddr, STR(error_text),
 		 state->sender);
     } else {
-	msg_info("reject: %s from %s: %s",
-		 state->where, state->namaddr, STR(error_text));
+	msg_info("%s: %s from %s: %s",
+		 whatsup, state->where, state->namaddr, STR(error_text));
     }
-    return (SMTPD_CHECK_REJECT);
+    return (warn_if_reject ? 0 : SMTPD_CHECK_REJECT);
 }
 
 /* reject_dict_retry - reject with temporary failure if dict lookup fails */
@@ -1824,6 +1838,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
     int     status = 0;
     ARGV   *list;
     int     found;
+    int     saved_recursion = state->recursion;
 
     if (msg_verbose)
 	msg_info("%s: START", myname);
@@ -1833,6 +1848,15 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 	if (msg_verbose)
 	    msg_info("%s: name=%s", myname, name);
 
+	/*
+	 * Pseudo restrictions.
+	 */
+	if (strcasecmp(name, WARN_IF_REJECT) == 0) {
+	    if (state->warn_if_reject == 0)
+		state->warn_if_reject = state->recursion;
+	    continue;
+	}
+
 	/*
 	 * Spoof the is_map_command() routine, so that we do not have to make
 	 * special cases for the implicit short-hand access map notation.
@@ -1847,14 +1871,14 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 	 */
 	if (strcasecmp(name, PERMIT_ALL) == 0) {
 	    status = SMTPD_CHECK_OK;
-	    if (cpp[1] != 0)
+	    if (cpp[1] != 0 && state->warn_if_reject == 0)
 		msg_warn("restriction `%s' after `%s' is ignored",
 			 cpp[1], PERMIT_ALL);
 	} else if (strcasecmp(name, REJECT_ALL) == 0) {
 	    status = smtpd_check_reject(state, MAIL_ERROR_POLICY,
 				      "%d <%s>: %s rejected: Access denied",
 				  var_reject_code, reply_name, reply_class);
-	    if (cpp[1] != 0)
+	    if (cpp[1] != 0 && state->warn_if_reject == 0)
 		msg_warn("restriction `%s' after `%s' is ignored",
 			 cpp[1], REJECT_ALL);
 	} else if (strcasecmp(name, REJECT_UNAUTH_PIPE) == 0) {
@@ -1963,7 +1987,7 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 	    if (state->recipient)
 		status = check_relay_domains(state, state->recipient,
 				    state->recipient, SMTPD_NAME_RECIPIENT);
-	    if (cpp[1] != 0)
+	    if (cpp[1] != 0 && state->warn_if_reject == 0)
 		msg_warn("restriction `%s' after `%s' is ignored",
 			 cpp[1], CHECK_RELAY_DOMAINS);
 #ifdef USE_SASL_AUTH
@@ -2011,12 +2035,17 @@ static int generic_checks(SMTPD_STATE *state, ARGV *restrictions,
 	if (msg_verbose)
 	    msg_info("%s: name=%s status=%d", myname, name, status);
 
+	if (state->warn_if_reject >= state->recursion)
+	    state->warn_if_reject = 0;
+
 	if (status != 0)
 	    break;
     }
     if (msg_verbose && name == 0)
 	msg_info("%s: END", myname);
 
+    state->recursion = saved_recursion;
+
     return (status);
 }
 
@@ -2035,7 +2064,7 @@ char   *smtpd_check_client(SMTPD_STATE *state)
     /*
      * Apply restrictions in the order as specified.
      */
-    state->recursion = 0;
+    state->recursion = 1;
     status = setjmp(smtpd_check_buf);
     if (status == 0 && client_restrctions->argc)
 	status = generic_checks(state, client_restrctions, state->namaddr,
@@ -2081,7 +2110,7 @@ char   *smtpd_check_helo(SMTPD_STATE *state, char *helohost)
     /*
      * Apply restrictions in the order as specified.
      */
-    state->recursion = 0;
+    state->recursion = 1;
     status = setjmp(smtpd_check_buf);
     if (status == 0 && helo_restrctions->argc)
 	status = generic_checks(state, helo_restrctions, state->helo_name,
@@ -2117,7 +2146,7 @@ char   *smtpd_check_mail(SMTPD_STATE *state, char *sender)
     /*
      * Apply restrictions in the order as specified.
      */
-    state->recursion = 0;
+    state->recursion = 1;
     status = setjmp(smtpd_check_buf);
     if (status == 0 && mail_restrctions->argc)
 	status = generic_checks(state, mail_restrctions, sender,
@@ -2171,7 +2200,7 @@ char   *smtpd_check_rcpt(SMTPD_STATE *state, char *recipient)
     /*
      * Apply restrictions in the order as specified.
      */
-    state->recursion = 0;
+    state->recursion = 1;
     status = setjmp(smtpd_check_buf);
     if (status == 0 && rcpt_restrctions->argc)
 	status = generic_checks(state, rcpt_restrctions,
@@ -2216,7 +2245,7 @@ char   *smtpd_check_etrn(SMTPD_STATE *state, char *domain)
     /*
      * Apply restrictions in the order as specified.
      */
-    state->recursion = 0;
+    state->recursion = 1;
     status = setjmp(smtpd_check_buf);
     if (status == 0 && etrn_restrctions->argc)
 	status = generic_checks(state, etrn_restrctions, domain,
diff --git a/postfix/src/smtpd/smtpd_state.c b/postfix/src/smtpd/smtpd_state.c
index ca4929634..6e7236543 100644
--- a/postfix/src/smtpd/smtpd_state.c
+++ b/postfix/src/smtpd/smtpd_state.c
@@ -91,6 +91,7 @@ void    smtpd_state_init(SMTPD_STATE *state, VSTREAM *stream)
     state->recursion = 0;
     state->msg_size = 0;
     state->junk_cmds = 0;
+    state->warn_if_reject = 0;
 
 #ifdef USE_SASL_AUTH
     if (SMTPD_STAND_ALONE(state))
diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in
index b31dc93aa..95ba1e335 100644
--- a/postfix/src/util/Makefile.in
+++ b/postfix/src/util/Makefile.in
@@ -24,7 +24,7 @@ SRCS	= argv.c argv_split.c basename.c binhash.c chroot_uid.c \
 	sane_link.c unescape.c timed_read.c timed_write.c dict_tcp.c \
 	hex_quote.c dict_alloc.c rand_sleep.c sane_time.c dict_debug.c \
 	sane_socketpair.c myrand.c netstring.c ctable.c attr_print.c intv.c \
-	attr_scan.c base64_code.c
+	attr_scan.c base64_code.c sock_empty_wait.c attr_print0.c attr_scan0.c
 OBJS	= argv.o argv_split.o basename.o binhash.o chroot_uid.o \
 	close_on_exec.o concatenate.o dict.o dict_db.o dict_dbm.o \
 	dict_env.o dict_ht.o dict_ldap.o dict_mysql.o dict_ni.o dict_nis.o \
@@ -50,7 +50,7 @@ OBJS	= argv.o argv_split.o basename.o binhash.o chroot_uid.o \
 	sane_link.o unescape.o timed_read.o timed_write.o dict_tcp.o \
 	hex_quote.o dict_alloc.o rand_sleep.o sane_time.o dict_debug.o \
 	sane_socketpair.o myrand.o netstring.o ctable.o attr_print.o intv.o \
-	attr_scan.o base64_code.o
+	attr_scan.o base64_code.o sock_empty_wait.o attr_print0.c attr_scan0.c
 HDRS	= argv.h attr.h binhash.h chroot_uid.h connect.h dict.h dict_db.h \
 	dict_dbm.h dict_env.h dict_ht.h dict_ldap.h dict_mysql.h \
 	dict_ni.h dict_nis.h dict_nisplus.h dir_forest.h events.h \
@@ -84,7 +84,7 @@ TESTPROG= dict_open dup2_pass_on_exec events exec_command fifo_open \
 	mystrtok sigdelay translit valid_hostname vstream_popen \
 	vstring vstring_vstream doze select_bug stream_test mac_expand \
 	watchdog unescape hex_quote name_mask rand_sleep sane_time ctable \
-	inet_addr_list attr_print attr_scan base64_code
+	inet_addr_list attr_print attr_scan base64_code attr_print0 attr_scan0
 
 LIB_DIR	= ../../lib
 INC_DIR	= ../../include
@@ -303,6 +303,16 @@ base64_code: $(LIB) $@.o
 	$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS)
 	mv junk $@.o
 
+attr_print0: $(LIB) $@.o
+	mv $@.o junk
+	$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS)
+	mv junk $@.o
+
+attr_scan0: $(LIB) $@.o
+	mv $@.o junk
+	$(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS)
+	mv junk $@.o
+
 depend: $(MAKES)
 	(sed '1,/^# do not edit/!d' Makefile.in; \
 	set -e; for i in [a-z][a-z0-9]*.c; do \
@@ -357,6 +367,11 @@ attr_scan_test: attr_print attr_scan attr_scan.ref
 	diff attr_scan.ref attr_scan.tmp
 	rm -f attr_scan.tmp
 
+attr_scan0_test: attr_print0 attr_scan0 attr_scan0.ref
+	(./attr_print0 2>&3 | (sleep 1; ./attr_scan0)) >attr_scan0.tmp 2>&1 3>&1
+	diff attr_scan0.ref attr_scan0.tmp
+	rm -f attr_scan0.tmp
+
 DB_TYPE	= `../postconf/postconf -h default_database_type`
 
 dict_test: dict_open testdb dict_test.in dict_test.ref
@@ -391,6 +406,14 @@ attr_print.o: htable.h
 attr_print.o: base64_code.h
 attr_print.o: vstring.h
 attr_print.o: attr.h
+attr_print0.o: attr_print0.c
+attr_print0.o: sys_defs.h
+attr_print0.o: msg.h
+attr_print0.o: mymalloc.h
+attr_print0.o: vstream.h
+attr_print0.o: vbuf.h
+attr_print0.o: htable.h
+attr_print0.o: attr.h
 attr_scan.o: attr_scan.c
 attr_scan.o: sys_defs.h
 attr_scan.o: msg.h
@@ -401,6 +424,15 @@ attr_scan.o: vstring.h
 attr_scan.o: htable.h
 attr_scan.o: base64_code.h
 attr_scan.o: attr.h
+attr_scan0.o: attr_scan0.c
+attr_scan0.o: sys_defs.h
+attr_scan0.o: msg.h
+attr_scan0.o: mymalloc.h
+attr_scan0.o: vstream.h
+attr_scan0.o: vbuf.h
+attr_scan0.o: vstring.h
+attr_scan0.o: htable.h
+attr_scan0.o: attr.h
 base64_code.o: base64_code.c
 base64_code.o: sys_defs.h
 base64_code.o: msg.h
@@ -979,6 +1011,10 @@ skipblanks.o: sys_defs.h
 skipblanks.o: stringops.h
 skipblanks.o: vstring.h
 skipblanks.o: vbuf.h
+sock_empty_wait.o: sock_empty_wait.c
+sock_empty_wait.o: sys_defs.h
+sock_empty_wait.o: msg.h
+sock_empty_wait.o: iostuff.h
 spawn_command.o: spawn_command.c
 spawn_command.o: sys_defs.h
 spawn_command.o: msg.h
diff --git a/postfix/src/util/attr.h b/postfix/src/util/attr.h
index 1033b53b3..55fce306e 100644
--- a/postfix/src/util/attr.h
+++ b/postfix/src/util/attr.h
@@ -52,6 +52,18 @@ extern int attr_vprint(VSTREAM *, int, va_list);
 extern int attr_scan(VSTREAM *, int,...);
 extern int attr_vscan(VSTREAM *, int, va_list);
 
+ /*
+  * attr_print0.c.
+  */
+extern int attr_print0(VSTREAM *, int,...);
+extern int attr_vprint0(VSTREAM *, int, va_list);
+
+ /*
+  * attr_scan0.c.
+  */
+extern int attr_scan0(VSTREAM *, int,...);
+extern int attr_vscan0(VSTREAM *, int, va_list);
+
  /*
   * Attribute names for testing the compatibility of the read and write
   * routines.
diff --git a/postfix/src/util/attr_print0.c b/postfix/src/util/attr_print0.c
new file mode 100644
index 000000000..aa9bd5443
--- /dev/null
+++ b/postfix/src/util/attr_print0.c
@@ -0,0 +1,194 @@
+/*++
+/* NAME
+/*	attr_print0 3
+/* SUMMARY
+/*	send attributes over byte stream
+/* SYNOPSIS
+/*	#include <attr.h>
+/*
+/*	int	attr_print0(fp, flags, type, name, ...)
+/*	VSTREAM	fp;
+/*	int	flags;
+/*	int	type;
+/*	char	*name;
+/*
+/*	int	attr_vprint0(fp, flags, ap)
+/*	VSTREAM	fp;
+/*	int	flags;
+/*	va_list	ap;
+/* DESCRIPTION
+/*	attr_print0() takes zero or more (name, value) simple attributes
+/*	or (name, count, value) list attributes, and converts its input
+/*	to a byte stream that can be recovered with attr_scan0(). The stream
+/*	is not flushed.
+/*
+/*	attr_vprint0() provides an alternate interface that is convenient
+/*	for calling from within variadoc functions.
+/*
+/*	Attributes are sent in the requested order as specified with the
+/*	attr_print0() argument list. This routine satisfies the formatting
+/*	rules as outlined in attr_scan0(3).
+/*
+/*	Arguments:
+/* .IP fp
+/*	Stream to write the result to.
+/* .IP flags
+/*	The bit-wise OR of zero or more of the following.
+/* .RS
+/* .IP ATTR_FLAG_MORE
+/*	After sending the requested attributes, leave the output stream in
+/*	a state that is usable for more attribute sending operations on
+/*	the same output attribute list.
+/*	By default, attr_print0() automatically appends an attribute list
+/*	terminator when it has sent the last requested attribute.
+/* .RE
+/* .IP type
+/*	The type determines the arguments that follow.
+/* .RS
+/* .IP "ATTR_TYPE_NUM (char *, int)"
+/*	This argument is followed by an attribute name and an integer.
+/* .IP "ATTR_TYPE_STR (char *, char *)"
+/*	This argument is followed by an attribute name and a null-terminated
+/*	string.
+/* .IP "ATTR_TYPE_HASH (HTABLE *)"
+/*	The content of the hash table is sent as a sequence of string-valued
+/*	attributes with names equal to the hash table lookup key.
+/* .IP ATTR_TYPE_END
+/*	This terminates the attribute list.
+/* .RE
+/* DIAGNOSTICS
+/*	The result value is 0 in case of success, VSTREAM_EOF in case
+/*	of trouble.
+/*
+/*	Panic: interface violation. All system call errors are fatal.
+/* SEE ALSO
+/*	attr_scan0(3) recover attributes from byte stream
+/* LICENSE
+/* .ad
+/* .fi
+/*	The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/*	Wietse Venema
+/*	IBM T.J. Watson Research
+/*	P.O. Box 704
+/*	Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <stdarg.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <mymalloc.h>
+#include <vstream.h>
+#include <htable.h>
+#include <attr.h>
+
+/* attr_vprint0 - send attribute list to stream */
+
+int     attr_vprint0(VSTREAM *fp, int flags, va_list ap)
+{
+    const char *myname = "attr_print0";
+    int     attr_type;
+    char   *attr_name;
+    unsigned int_val;
+    char   *str_val;
+    HTABLE_INFO **ht_info_list;
+    HTABLE_INFO **ht;
+
+    /*
+     * Sanity check.
+     */
+    if (flags & ~ATTR_FLAG_ALL)
+	msg_panic("%s: bad flags: 0x%x", myname, flags);
+
+    /*
+     * Iterate over all (type, name, value) triples, and produce output on
+     * the fly.
+     */
+    while ((attr_type = va_arg(ap, int)) != ATTR_TYPE_END) {
+	switch (attr_type) {
+	case ATTR_TYPE_NUM:
+	    attr_name = va_arg(ap, char *);
+	    vstream_fwrite(fp, attr_name, strlen(attr_name));
+	    int_val = va_arg(ap, int);
+	    vstream_fprintf(fp, "%u", (unsigned) int_val);
+	    VSTREAM_PUTC('\0', fp);
+	    if (msg_verbose)
+		msg_info("send attr %s = %u", attr_name, int_val);
+	    break;
+	case ATTR_TYPE_STR:
+	    attr_name = va_arg(ap, char *);
+	    vstream_fwrite(fp, attr_name, strlen(attr_name));
+	    str_val = va_arg(ap, char *);
+	    vstream_fwrite(fp, str_val, strlen(str_val));
+	    if (msg_verbose)
+		msg_info("send attr %s = %s", attr_name, str_val);
+	    break;
+	case ATTR_TYPE_HASH:
+	    ht_info_list = htable_list(va_arg(ap, HTABLE *));
+	    for (ht = ht_info_list; *ht; ht++) {
+		vstream_fwrite(fp, ht[0]->key, strlen(ht[0]->key));
+		vstream_fwrite(fp, ht[0]->value, strlen(ht[0]->value));
+		if (msg_verbose)
+		    msg_info("send attr name %s value %s",
+			     ht[0]->key, ht[0]->value);
+	    }
+	    myfree((char *) ht_info_list);
+	    break;
+	default:
+	    msg_panic("%s: unknown type code: %d", myname, attr_type);
+	}
+    }
+    if ((flags & ATTR_FLAG_MORE) == 0)
+	VSTREAM_PUTC('\0', fp);
+    return (vstream_ferror(fp));
+}
+
+int     attr_print0(VSTREAM *fp, int flags,...)
+{
+    va_list ap;
+    int     ret;
+
+    va_start(ap, flags);
+    ret = attr_vprint0(fp, flags, ap);
+    va_end(ap);
+    return (ret);
+}
+
+#ifdef TEST
+
+ /*
+  * Proof of concept test program.  Mirror image of the attr_scan0 test
+  * program.
+  */
+#include <msg_vstream.h>
+
+int     main(int unused_argc, char **argv)
+{
+    HTABLE *table = htable_create(1);
+
+    msg_vstream_init(argv[0], VSTREAM_ERR);
+    msg_verbose = 1;
+    htable_enter(table, "foo-name", mystrdup("foo-value"));
+    htable_enter(table, "bar-name", mystrdup("bar-value"));
+    attr_print0(VSTREAM_OUT, ATTR_FLAG_NONE,
+		ATTR_TYPE_NUM, ATTR_NAME_NUM, 4711,
+		ATTR_TYPE_STR, ATTR_NAME_STR, "whoopee",
+		ATTR_TYPE_HASH, table,
+		ATTR_TYPE_END);
+    attr_print0(VSTREAM_OUT, ATTR_FLAG_NONE,
+		ATTR_TYPE_NUM, ATTR_NAME_NUM, 4711,
+		ATTR_TYPE_STR, ATTR_NAME_STR, "whoopee",
+		ATTR_TYPE_END);
+    if (vstream_fflush(VSTREAM_OUT) != 0)
+	msg_fatal("write error: %m");
+
+    htable_free(table, myfree);
+    return (0);
+}
+
+#endif
diff --git a/postfix/src/util/attr_scan0.c b/postfix/src/util/attr_scan0.c
new file mode 100644
index 000000000..7e3d98bbf
--- /dev/null
+++ b/postfix/src/util/attr_scan0.c
@@ -0,0 +1,407 @@
+/*++
+/* NAME
+/*	attr_scan0 3
+/* SUMMARY
+/*	recover attributes from byte stream
+/* SYNOPSIS
+/*	#include <attr.h>
+/*
+/*	int	attr_scan0(fp, flags, type, name, ...)
+/*	VSTREAM	fp;
+/*	int	flags;
+/*	int	type;
+/*	char	*name;
+/*
+/*	int	attr_vscan0(fp, flags, ap)
+/*	VSTREAM	fp;
+/*	int	flags;
+/*	va_list	ap;
+/* DESCRIPTION
+/*	attr_scan0() takes zero or more (name, value) request attributes
+/*	and recovers the attribute values from the byte stream that was
+/*	possibly generated by attr_print0().
+/*
+/*	attr_vscan0() provides an alternative interface that is convenient
+/*	for calling from within a variadic function.
+/*
+/*	The input stream is formatted as follows, where (item)* stands
+/*	for zero or more instances of the specified item, and where
+/*	(item1 | item2) stands for choice:
+/*
+/* .in +5
+/*	attr-list :== simple-attr* null
+/* .br
+/*	simple-attr :== attr-name null attr-value null
+/* .br
+/*	attr-name :== any string not containing null
+/* .br
+/*	attr-value :== any string not containing null
+/* .br
+/*	null :== the ASCII null character
+/* .in
+/*
+/*	All attribute names and attribute values are sent as null terminated
+/*	strings. Each string must be no longer than 2*var_line_limit
+/*	characters. The formatting rules favor implementations in C.
+/*
+/*      Normally, attributes must be received in the sequence as specified with
+/*	the attr_scan0() argument list.  The input stream may contain additional
+/*	attributes at any point in the input stream, including additional
+/*	instances of requested attributes.
+/*
+/*	Additional input attributes or input attribute instances are silently
+/*	skipped over, unless the ATTR_FLAG_EXTRA processing flag is specified
+/*	(see below). This allows for some flexibility in the evolution of
+/*	protocols while still providing the option of being strict where
+/*	this is desirable.
+/*
+/*	Arguments:
+/* .IP fp
+/*	Stream to recover the input attributes from.
+/* .IP flags
+/*	The bit-wise OR of zero or more of the following.
+/* .RS
+/* .IP ATTR_FLAG_MISSING
+/*	Log a warning when the input attribute list terminates before all
+/*	requested attributes are recovered. It is always an error when the
+/*	input stream ends without the newline attribute list terminator.
+/* .IP ATTR_FLAG_EXTRA
+/*	Log a warning and stop attribute recovery when the input stream
+/*	contains an attribute that was not requested. This includes the
+/*	case of additional instances of a requested attribute.
+/* .IP ATTR_FLAG_MORE
+/*	After recovering the requested attributes, leave the input stream
+/*	in a state that is usable for more attr_scan0() operations from the
+/*	same input attribute list.
+/*	By default, attr_scan0() skips forward past the input attribute list
+/*	terminator.
+/* .IP ATTR_FLAG_STRICT
+/*	For convenience, this value combines both ATTR_FLAG_MISSING and
+/*	ATTR_FLAG_EXTRA.
+/* .IP ATTR_FLAG_NONE
+/*	For convenience, this value requests none of the above.
+/* .RE
+/* .IP type
+/*	The type argument determines the arguments that follow.
+/* .RS
+/* .IP "ATTR_TYPE_NUM (char *, int *)"
+/*	This argument is followed by an attribute name and an integer pointer.
+/* .IP "ATTR_TYPE_STR (char *, VSTRING *)"
+/*	This argument is followed by an attribute name and a VSTRING pointer.
+/* .IP "ATTR_TYPE_HASH (HTABLE *)"
+/*	All further input attributes are processed as string attributes.
+/*	No specific attribute sequence is enforced.
+/*	All attributes up to the attribute list terminator are read,
+/*	but only the first instance of each attribute is stored.
+/* .sp
+/*	The attribute string values are stored in the hash table under
+/*	keys equal to the attribute name (obtained from the input stream).
+/*	Values from the input stream are added to the hash table. Existing
+/*	hash table entries are not replaced.
+/* .sp
+/*	N.B. This construct must be followed by an ATTR_TYPE_END argument.
+/* .IP ATTR_TYPE_END
+/*	This argument terminates the requested attribute list.
+/* .RE
+/* BUGS
+/*	ATTR_TYPE_HASH accepts attributes with arbitrary names from possibly
+/*	untrusted sources. This is unsafe, unless the resulting table is
+/*	queried only with known to be good attribute names.
+/* DIAGNOSTICS
+/*	attr_scan0() and attr_vscan0() return -1 when malformed input is
+/*	detected (string too long, incomplete line, missing end marker).
+/*	Otherwise, the result value is the number of attributes that were
+/*	successfully recovered from the input stream (a hash table counts
+/*	as the number of entries stored into the table).
+/*
+/*	Panic: interface violation. All system call errors are fatal.
+/* SEE ALSO
+/*	attr_print0(3) send attributes over byte stream.
+/* LICENSE
+/* .ad
+/* .fi
+/*	The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/*	Wietse Venema
+/*	IBM T.J. Watson Research
+/*	P.O. Box 704
+/*	Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <stdarg.h>
+#include <stdio.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <mymalloc.h>
+#include <vstream.h>
+#include <vstring.h>
+#include <vstring_vstream.h>
+#include <htable.h>
+#include <attr.h>
+
+/* Application specific. */
+
+#define STR(x)	vstring_str(x)
+#define LEN(x)	VSTRING_LEN(x)
+
+/* attr_scan0_string - pull a string from the input stream */
+
+static int attr_scan0_string(VSTREAM *fp, VSTRING *plain_buf, const char *context)
+{
+    extern int var_line_limit;		/* XXX */
+    int     limit = var_line_limit * 2;
+    int     ch;
+
+    if ((ch = vstring_get_null_bound(plain_buf, fp, limit)) == VSTREAM_EOF) {
+	msg_warn("premature end-of-input from %s while reading %s",
+		 VSTREAM_PATH(fp), context);
+	return (-1);
+    }
+    if (ch != 0) {
+	msg_warn("string length > %d characters from %s while reading %s",
+		 limit, VSTREAM_PATH(fp), context);
+	return (-1);
+    }
+    if (msg_verbose)
+	msg_info("%s: %s", context, *STR(plain_buf) ? STR(plain_buf) : "(end)");
+    return (ch);
+}
+
+/* attr_scan0_number - pull a number from the input stream */
+
+static int attr_scan0_number(VSTREAM *fp, unsigned *ptr, VSTRING *str_buf,
+			             const char *context)
+{
+    char    junk = 0;
+    int     ch;
+
+    if ((ch = attr_scan0_string(fp, str_buf, context)) < 0)
+	return (-1);
+    if (sscanf(STR(str_buf), "%u%c", ptr, &junk) != 1 || junk != 0) {
+	msg_warn("malformed numerical data from %s while reading %s: %.100s",
+		 VSTREAM_PATH(fp), context, STR(str_buf));
+	return (-1);
+    }
+    return (ch);
+}
+
+/* attr_vscan0 - receive attribute list from stream */
+
+int     attr_vscan0(VSTREAM *fp, int flags, va_list ap)
+{
+    const char *myname = "attr_scan0";
+    static VSTRING *str_buf = 0;
+    static VSTRING *name_buf = 0;
+    int     wanted_type = -1;
+    char   *wanted_name;
+    unsigned int *number;
+    VSTRING *string;
+    HTABLE *hash_table;
+    int     ch;
+    int     conversions;
+
+    /*
+     * Sanity check.
+     */
+    if (flags & ~ATTR_FLAG_ALL)
+	msg_panic("%s: bad flags: 0x%x", myname, flags);
+
+    /*
+     * Initialize.
+     */
+    if (str_buf == 0) {
+	str_buf = vstring_alloc(10);
+	name_buf = vstring_alloc(10);
+    }
+
+    /*
+     * Iterate over all (type, name, value) triples.
+     */
+    for (conversions = 0; /* void */ ; conversions++) {
+
+	/*
+	 * Determine the next attribute type and attribute name on the
+	 * caller's wish list.
+	 * 
+	 * If we're reading into a hash table, we already know that the
+	 * attribute value is string-valued, and we get the attribute name
+	 * from the input stream instead. This is secure only when the
+	 * resulting table is queried with known to be good attribute names.
+	 */
+	if (wanted_type != ATTR_TYPE_HASH) {
+	    wanted_type = va_arg(ap, int);
+	    if (wanted_type == ATTR_TYPE_END) {
+		if ((flags & ATTR_FLAG_MORE) != 0)
+		    return (conversions);
+		wanted_name = "(list terminator)";
+	    } else if (wanted_type == ATTR_TYPE_HASH) {
+		wanted_name = "(any attribute name or list terminator)";
+		hash_table = va_arg(ap, HTABLE *);
+		if (va_arg(ap, int) !=ATTR_TYPE_END)
+		    msg_panic("%s: ATTR_TYPE_HASH not followed by ATTR_TYPE_END",
+			      myname);
+	    } else {
+		wanted_name = va_arg(ap, char *);
+	    }
+	}
+
+	/*
+	 * Locate the next attribute of interest in the input stream.
+	 */
+	for (;;) {
+
+	    /*
+	     * Get the name of the next attribute. Hitting EOF is always bad.
+	     * Hitting the end-of-input early is OK if the caller is prepared
+	     * to deal with missing inputs.
+	     */
+	    if (msg_verbose)
+		msg_info("%s: wanted attribute: %s",
+			 VSTREAM_PATH(fp), wanted_name);
+	    if ((ch = attr_scan0_string(fp, name_buf,
+				    "input attribute name")) == VSTREAM_EOF)
+		return (-1);
+	    if (LEN(name_buf) == 0) {
+		if (wanted_type == ATTR_TYPE_END
+		    || wanted_type == ATTR_TYPE_HASH)
+		    return (conversions);
+		if ((flags & ATTR_FLAG_MISSING) != 0)
+		    msg_warn("missing attribute %s in input from %s",
+			     wanted_name, VSTREAM_PATH(fp));
+		return (conversions);
+	    }
+
+	    /*
+	     * See if the caller asks for this attribute.
+	     */
+	    if (wanted_type == ATTR_TYPE_HASH
+		|| (wanted_type != ATTR_TYPE_END
+		    && strcmp(wanted_name, STR(name_buf)) == 0))
+		break;
+	    if ((flags & ATTR_FLAG_EXTRA) != 0) {
+		msg_warn("spurious attribute %s in input from %s",
+			 STR(name_buf), VSTREAM_PATH(fp));
+		return (conversions);
+	    }
+
+	    /*
+	     * Skip over this attribute. The caller does not ask for it.
+	     */
+	    (void) attr_scan0_string(fp, string, "input attribute value");
+	}
+
+	/*
+	 * Do the requested conversion.
+	 */
+	switch (wanted_type) {
+	case ATTR_TYPE_NUM:
+	    number = va_arg(ap, unsigned int *);
+	    if ((ch = attr_scan0_number(fp, number, str_buf,
+					"input attribute value")) < 0)
+		return (-1);
+	    break;
+	case ATTR_TYPE_STR:
+	    string = va_arg(ap, VSTRING *);
+	    if ((ch = attr_scan0_string(fp, string,
+					"input attribute value")) < 0)
+		return (-1);
+	    break;
+	case ATTR_TYPE_HASH:
+	    if ((ch = attr_scan0_string(fp, str_buf,
+					"input attribute value")) < 0)
+		return (-1);
+	    if (htable_locate(hash_table, STR(name_buf)) != 0) {
+		if ((flags & ATTR_FLAG_EXTRA) != 0) {
+		    msg_warn("duplicate attribute %s in input from %s",
+			     STR(name_buf), VSTREAM_PATH(fp));
+		    return (conversions);
+		}
+	    } else {
+		htable_enter(hash_table, STR(name_buf),
+			     mystrdup(STR(str_buf)));
+	    }
+	    break;
+	default:
+	    msg_panic("%s: unknown type code: %d", myname, wanted_type);
+	}
+    }
+}
+
+/* attr_scan0 - read attribute list from stream */
+
+int     attr_scan0(VSTREAM *fp, int flags,...)
+{
+    va_list ap;
+    int     ret;
+
+    va_start(ap, flags);
+    ret = attr_vscan0(fp, flags, ap);
+    va_end(ap);
+    return (ret);
+}
+
+#ifdef TEST
+
+ /*
+  * Proof of concept test program.  Mirror image of the attr_scan0 test
+  * program.
+  */
+#include <msg_vstream.h>
+
+int     var_line_limit = 2048;
+
+int     main(int unused_argc, char **used_argv)
+{
+    VSTRING *str_val = vstring_alloc(1);
+    HTABLE *table = htable_create(1);
+    HTABLE_INFO **ht_info_list;
+    HTABLE_INFO **ht;
+    int     int_val;
+    int     ret;
+
+    msg_verbose = 1;
+    msg_vstream_init(used_argv[0], VSTREAM_ERR);
+    if ((ret = attr_scan0(VSTREAM_IN,
+			  ATTR_FLAG_STRICT,
+			  ATTR_TYPE_NUM, ATTR_NAME_NUM, &int_val,
+			  ATTR_TYPE_STR, ATTR_NAME_STR, str_val,
+			  ATTR_TYPE_HASH, table,
+			  ATTR_TYPE_END)) > 2) {
+	vstream_printf("%s %d\n", ATTR_NAME_NUM, int_val);
+	vstream_printf("%s %s\n", ATTR_NAME_STR, STR(str_val));
+	ht_info_list = htable_list(table);
+	for (ht = ht_info_list; *ht; ht++)
+	    vstream_printf("(hash) %s %s\n", ht[0]->key, ht[0]->value);
+	myfree((char *) ht_info_list);
+    } else {
+	vstream_printf("return: %d\n", ret);
+    }
+    if ((ret = attr_scan0(VSTREAM_IN,
+			  ATTR_FLAG_STRICT,
+			  ATTR_TYPE_NUM, ATTR_NAME_NUM, &int_val,
+			  ATTR_TYPE_STR, ATTR_NAME_STR, str_val,
+			  ATTR_TYPE_END)) == 2) {
+	vstream_printf("%s %d\n", ATTR_NAME_NUM, int_val);
+	vstream_printf("%s %s\n", ATTR_NAME_STR, STR(str_val));
+	ht_info_list = htable_list(table);
+	for (ht = ht_info_list; *ht; ht++)
+	    vstream_printf("(hash) %s %s\n", ht[0]->key, ht[0]->value);
+	myfree((char *) ht_info_list);
+    } else {
+	vstream_printf("return: %d\n", ret);
+    }
+    if (vstream_fflush(VSTREAM_OUT) != 0)
+	msg_fatal("write error: %m");
+
+    vstring_free(str_val);
+    htable_free(table, myfree);
+
+    return (0);
+}
+
+#endif
diff --git a/postfix/src/util/iostuff.h b/postfix/src/util/iostuff.h
index 7da0f297d..ac9681b1d 100644
--- a/postfix/src/util/iostuff.h
+++ b/postfix/src/util/iostuff.h
@@ -29,6 +29,9 @@ extern int timed_write(int, void *, unsigned, int, void *);
 extern void doze(unsigned);
 extern void rand_sleep(unsigned, unsigned);
 extern int duplex_pipe(int *);
+extern int sock_empty_wait(int, int);
+extern int sock_maximize_send_lowat(int);
+extern void sock_set_send_lowat(int, int);
 
 #define BLOCKING	0
 #define NON_BLOCKING	1
diff --git a/postfix/src/util/sock_empty_wait.c b/postfix/src/util/sock_empty_wait.c
new file mode 100644
index 000000000..302993d94
--- /dev/null
+++ b/postfix/src/util/sock_empty_wait.c
@@ -0,0 +1,182 @@
+/*++
+/* NAME
+/*	sock_empty_wait 3
+/* SUMMARY
+/*	wait until socket send buffer is near empty
+/* SYNOPSIS
+/*	#include <iostuff.h>
+/*
+/*	int	sock_empty_wait(fd, timeout)
+/*	int	fd;
+/*	int	timeout;
+/* AUXILIARY ROUTINES
+/*	int	sock_maximize_send_lowat(fd)
+/*	int	fd;
+/*
+/*	void	sock_set_send_lowat(fd, send_lowat)
+/*	int	fd;
+/*	int	send_lowat;
+/* DESCRIPTION
+/*	sock_empty_wait() blocks the process until the specified socket's
+/*	send buffer is near empty, in the hope that the contents of the
+/*	next write() operation will not be merged with preceding data.
+/*
+/*	sock_maximize_send_lowat() maximizes the socket send buffer
+/*	low-water mark, which controls how much free buffer space must
+/*	be available before the socket is considered writable.
+/*	The result value is the old low-water mark value.
+/*
+/*	sock_set_send_lowat() sets the socket send buffer low-water mark
+/*	to the specified value.
+/*
+/*	Arguments:
+/* .IP fd
+/*	File descriptor in the range 0..FD_SETSIZE.
+/* .IP timeout
+/*	If positive, deadline in seconds. A zero value effects a poll.
+/*	A negative value means wait until something happens.
+/* DIAGNOSTICS
+/*	All system call errors are fatal.
+/*
+/*	A zero result means success.  When the specified deadline is
+/*	exceeded, sock_empty_wait() returns -1 and sets errno to ETIMEDOUT.
+/* BUGS
+/*	Linux knows better and does not allow the application to
+/*	control the send buffer low-water mark.
+/* LICENSE
+/* .ad
+/* .fi
+/*	The Secure Mailer license must be distributed with this software.
+/* AUTHOR(S)
+/*	Wietse Venema
+/*	IBM T.J. Watson Research
+/*	P.O. Box 704
+/*	Yorktown Heights, NY 10598, USA
+/*--*/
+
+/* System library. */
+
+#include <sys_defs.h>
+#include <sys/socket.h>
+#include <errno.h>
+#include <unistd.h>
+#include <string.h>
+
+/* Utility library. */
+
+#include <msg.h>
+#include <iostuff.h>
+
+/* sock_maximize_send_lowat - maximize the send buffer low-water mark */
+
+int     sock_maximize_send_lowat(int fd)
+{
+    char   *myname = "sock_maximize_send_lowat";
+    int     send_buffer_size;
+    int     saved_low_water_mark;
+    int     want_low_water_mark;
+    int     got_low_water_mark;
+    SOCKOPT_SIZE optlen;
+
+    /*
+     * Get the send buffer size.
+     */
+    optlen = sizeof(send_buffer_size);
+    if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF,
+		   (char *) &send_buffer_size, &optlen) < 0)
+	msg_fatal("%s: getsockopt SO_SNDBUF: %m", myname);
+
+    /*
+     * Save the send buffer low-water mark.
+     */
+    optlen = sizeof(saved_low_water_mark);
+    if (getsockopt(fd, SOL_SOCKET, SO_SNDLOWAT,
+		   (char *) &saved_low_water_mark, &optlen) < 0)
+	msg_fatal("%s: getsockopt SO_SNDLOWAT: %m", myname);
+
+    /*
+     * Max out the send buffer low-water mark.
+     */
+    want_low_water_mark = send_buffer_size;
+    if (setsockopt(fd, SOL_SOCKET, SO_SNDLOWAT,
+		   (char *) &want_low_water_mark,
+		   sizeof(want_low_water_mark)) < 0)
+	if (errno != ENOPROTOOPT)
+	    msg_fatal("%s: setsockopt SO_SNDLOWAT: %m", myname);
+
+    /*
+     * Make debugging a bit easier.
+     */
+    if (msg_verbose) {
+	optlen = sizeof(got_low_water_mark);
+	if (getsockopt(fd, SOL_SOCKET, SO_SNDLOWAT,
+		       (char *) &got_low_water_mark, &optlen) < 0)
+	    msg_fatal("%s: getsockopt SO_SNDLOWAT: %m", myname);
+	msg_info("%s: send buffer %d, low-water mark was %d, wanted %d, got %d",
+		 myname, send_buffer_size, saved_low_water_mark,
+		 want_low_water_mark, got_low_water_mark);
+
+    }
+    return (saved_low_water_mark);
+}
+
+/* sock_set_send_lowat - restore socket send buffer low-water mark */
+
+void    sock_set_send_lowat(int fd, int want_low_water_mark)
+{
+    char   *myname = "sock_set_send_lowat";
+    int     got_low_water_mark;
+    SOCKOPT_SIZE optlen;
+
+    /*
+     * Set the send buffer low-water mark.
+     */
+    if (setsockopt(fd, SOL_SOCKET, SO_SNDLOWAT,
+		   (char *) &want_low_water_mark,
+		   sizeof(want_low_water_mark)) < 0)
+	if (errno != ENOPROTOOPT)
+	    msg_fatal("%s: setsockopt SO_SNDLOWAT: %m", myname);
+
+    /*
+     * Make debugging a bit easier.
+     */
+    if (msg_verbose) {
+	optlen = sizeof(got_low_water_mark);
+	if (getsockopt(fd, SOL_SOCKET, SO_SNDLOWAT,
+		       (char *) &got_low_water_mark, &optlen) < 0)
+	    msg_fatal("%s: getsockopt SO_SNDLOWAT: %m", myname);
+	msg_info("%s: low-water mark wanted %d, got %d",
+		 myname, want_low_water_mark, got_low_water_mark);
+    }
+}
+
+/* sock_empty_wait - wait until socket send buffer is near empty */
+
+int     sock_empty_wait(int fd, int timeout)
+{
+    int     saved_errno;
+    int     saved_low_water_mark;
+    int     result;
+
+    /*
+     * Max out the send buffer low-water mark.
+     */
+    saved_low_water_mark = sock_maximize_send_lowat(fd);
+
+    /*
+     * Wait until the socket is considered writable.
+     */
+    result = write_wait(fd, timeout);
+
+    /*
+     * Restore the send buffer low-water mark.
+     */
+    saved_errno = errno;
+    sock_set_send_lowat(fd, saved_low_water_mark);
+    errno = saved_errno;
+
+    /*
+     * Done.
+     */
+    return (result);
+}
diff --git a/postfix/src/util/vstring_vstream.c b/postfix/src/util/vstring_vstream.c
index 078d255e1..2f644bf1d 100644
--- a/postfix/src/util/vstring_vstream.c
+++ b/postfix/src/util/vstring_vstream.c
@@ -27,6 +27,11 @@
 /*	VSTRING	*vp;
 /*	VSTREAM	*fp;
 /*	int	bound;
+/*
+/*	int	vstring_get_null_bound(vp, fp, bound)
+/*	VSTRING	*vp;
+/*	VSTREAM	*fp;
+/*	int	bound;
 /* DESCRIPTION
 /*	The routines in this module each read one newline or null-terminated
 /*	string from an input stream. In all cases the result is either the
@@ -41,7 +46,7 @@
 /*	vstring_get_null() reads a null-terminated string from the named
 /*	stream.
 /*
-/*	vstring_get_bound() and vstring_get_nonl_bound() read no more
+/*	the vstring_get<whatever>_bound() routines read no more
 /*	than \fIbound\fR characters.  Otherwise they behave like the
 /*	unbounded versions documented above.
 /* DIAGNOSTICS
@@ -154,6 +159,22 @@ int     vstring_get_nonl_bound(VSTRING *vp, VSTREAM *fp, int bound)
     return (c == '\n' ? c : VSTRING_GET_RESULT(vp));
 }
 
+/* vstring_get_null_bound - read null-terminated string from file */
+
+int     vstring_get_null_bound(VSTRING *vp, VSTREAM *fp, int bound)
+{
+    int     c;
+
+    if (bound <= 0)
+	msg_panic("vstring_get_nonl_bound: invalid bound %d", bound);
+
+    VSTRING_RESET(vp);
+    while (bound-- > 0 && (c = VSTREAM_GETC(fp)) != VSTREAM_EOF && c != 0)
+	VSTRING_ADDCH(vp, c);
+    VSTRING_TERMINATE(vp);
+    return (c == 0 ? c : VSTRING_GET_RESULT(vp));
+}
+
 #ifdef TEST
 
  /*
diff --git a/postfix/src/util/vstring_vstream.h b/postfix/src/util/vstring_vstream.h
index 897167ca6..68bd8106d 100644
--- a/postfix/src/util/vstring_vstream.h
+++ b/postfix/src/util/vstring_vstream.h
@@ -24,6 +24,7 @@ extern int vstring_get_nonl(VSTRING *, VSTREAM *);
 extern int vstring_get_null(VSTRING *, VSTREAM *);
 extern int vstring_get_bound(VSTRING *, VSTREAM *, int);
 extern int vstring_get_nonl_bound(VSTRING *, VSTREAM *, int);
+extern int vstring_get_null_bound(VSTRING *, VSTREAM *, int);
 
  /*
   * Backwards compatibility for code that still uses the vstring_fgets()
diff --git a/postfix/src/virtual/virtual.c b/postfix/src/virtual/virtual.c
index 14c388e8a..7968dcc28 100644
--- a/postfix/src/virtual/virtual.c
+++ b/postfix/src/virtual/virtual.c
@@ -70,9 +70,11 @@
 /*	numerical user ID values that may be specified in any
 /*	\fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR.
 /* SECURITY
+/* .ad
+/* .fi
 /*	The virtual delivery agent is not security sensitive, provided
-/*	that the lookup tables with recipient information are adequately
-/*	protected. This program is not designed to run chrooted.
+/*	that the lookup tables with recipient user/group ID information are
+/*	adequately protected. This program is not designed to run chrooted.
 /* STANDARDS
 /*	RFC 822 (ARPA Internet Text Messages)
 /* DIAGNOSTICS
@@ -138,7 +140,7 @@
 /*	This setting is ignored with \fBmaildir\fR style delivery,
 /*	because such deliveries are safe without explicit locks.
 /*
-/*	Use the command \fBpostconf -m\fR to find out what locking methods
+/*	Use the command \fBpostconf -l\fR to find out what locking methods
 /*	are available on your system.
 /* .IP \fBdeliver_lock_attempts\fR
 /*	Limit the number of attempts to acquire an exclusive lock