From: Wietse Venema Date: Sun, 4 Aug 2002 05:00:00 +0000 (-0500) Subject: postfix-1.1.11-20020804 X-Git-Tag: v2.0.0~50 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=47348a55a44b739467c67a62c2b54464452ebc54;p=thirdparty%2Fpostfix.git postfix-1.1.11-20020804 --- diff --git a/postfix/HISTORY b/postfix/HISTORY index 47fd82113..105ef60ed 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -6723,6 +6723,8 @@ Apologies for any names omitted. Bugfix: garbage in verbose "flush" server logging. Victor Duchovni. File: flush/flush.c. +20020723 + Incompatibility: smtpd_sasl_local_domain now defaults to the null string. File: smtpd/smtpd.c, smtpd/smtpd_sasl_glue.c. @@ -6744,8 +6746,9 @@ Apologies for any names omitted. 20020731 - Cleanup: permit_naked_ip_address is unsafe and will go - away. Postfix logs a warning. File: smtpd/smtpd_check.c. + Cleanup: permit_naked_ip_address is unsafe (especially when + used with smtpd_recipient_restrictions) and will go away. + Postfix now logs a warning. File: smtpd/smtpd_check.c. 20020801 @@ -6763,6 +6766,16 @@ Apologies for any names omitted. a new queue, which is appropriately named "hold". Files: postsuper/postsuper.c, showq/showq.c. +20020803 + + Feature: when a Delivered-To: mail delivery loop is detected, + send the bounce to the mailing list owner. This required + changes to the local delivery agent, a new bounce client + stub, and a new bounce server stub and support routines + for one recipient bouncing. Files: local/recipient.c, + global/bounce_log.c, global/bounce.c, bounce/bounce.c, + bounce/bounce_notify_util.c, bounce/bounce_one_service.c. + Open problems: Medium: should permit_mx_backup defer delivery if DNS diff --git a/postfix/README_FILES/DEBUG_README b/postfix/README_FILES/DEBUG_README index 8d9a43d82..31466eb2e 100644 --- a/postfix/README_FILES/DEBUG_README +++ b/postfix/README_FILES/DEBUG_README @@ -65,6 +65,14 @@ in a later section. ================================================== Postfix can attach a call tracer whenever a daemon process starts. +Call tracers come in several kinds. + +1) System call tracers such as trace, truss, strace, or ktrace. + These show the communication between the process and the kernel. + +2) Library call tracers such as sotruss and ltrace. These show + calls of library routines, and give a better idea of what is + going on within the process. Append a -D option to the suspect command in /etc/postfix/master.cf, for example: @@ -78,12 +86,10 @@ that it invokes the call tracer of your choice, for example: PATH=/bin:/usr/bin:/usr/local/bin (truss -p $process_id 2>&1 | logger -p mail.info) & sleep 5 -Instead of truss use trace or strace. - Type "postfix reload" and watch the logfile. -6 - Running daemon programs under an interactive debugger -========================================================= +6 - Running daemon programs under a debugger +============================================ Append a -D option to the suspect command in /etc/postfix/master.cf, for example: @@ -91,30 +97,49 @@ for example: smtp inet n - n - - smtpd -D Edit the debugger_command definition in /etc/postfix/main.cf so -that it invokes the debugger of your choice, for example: +that it invokes the debugger of your choice. - debugger_command = - PATH=/usr/bin:/usr/X11R6/bin - xxgdb $daemon_directory/$process_name $process_id & sleep 5 +Two choices are described in detail: -If you do not have X on the Postfix machine, then xxgdb isn't going -to work. Instead, you can try to run gdb in non-interactive mode: +1) If you do not have X Windows installed on the Postfix machine, + or if you are not familiar with interactive debuggers, then you + can try to run gdb in non-interactive mode: + /etc/postfix/main.cf: + -------------------- debugger_command = PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 >$config_directory/$process_name.$process_id.log & sleep 5 -If you use xxgdb, be sure that gdb is in the command search path, -and export XAUTHORITY so that X access control works, for example: + Type "postfix reload" to make the configuration changes effective. + + Whenever a suspect daemon process is started, an output file + is created, named after the daemon and process ID (for example, + smtpd.12345.log). When the process crashes, a stack trace (with + output from the "where" command) is written to its logfile. + +2) If you have X Windows installed on the Postfix machine, then + an interactive debugger such as xxgdb can be convenient. + + /etc/postfix/main.cf: + -------------------- + debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + xxgdb $daemon_directory/$process_name $process_id & sleep 5 + + Be sure that gdb is in the command search path, and export + XAUTHORITY so that X access control works, for example: % setenv XAUTHORITY ~/.Xauthority -Stop and start the Postfix system. + Stop and start the Postfix system. This is necessary so that + Postfix runs with the proper XAUTHORITY and DISPLAY settings. -Whenever the suspect daemon process is started, a debugger window -pops up and you can watch in detail what happens (when using xxgdb) -or a file is created (if using gdb in non-interactive mode). + Whenever the suspect daemon process is started, a debugger window + pops up and you can watch in detail what happens (when using + xxgdb) or a file is created (if using gdb in non-interactive + mode). 7 - Unreasonable behavior ========================= diff --git a/postfix/RELEASE_NOTES b/postfix/RELEASE_NOTES index 6b31fbfe7..a8c522f77 100644 --- a/postfix/RELEASE_NOTES +++ b/postfix/RELEASE_NOTES @@ -12,11 +12,40 @@ snapshot release). Patches change the patchlevel and the release date. Snapshots change only the release date, unless they include the same bugfixes as a patch release. -Incompatible changes with Postfix snapshot 1.1.11-200208XX +Incompatible changes with Postfix snapshot 1.1.11-20020804 ========================================================== +LDAP API version 1 is no longer supported. The memory allocation +and deallocation strategy has changed too much to maintain both +version 1 and 2 at the same time. + In mailq output, the queue ID is followed by the ! character when -the message is in the "hold" queue. +the message is in the "hold" queue. This may break programs that +process mailq output. + +The "permit_naked_ip_address" restriction on HELO command syntax +is unsafe when used with smtpd_recipient_restrictions, and will go +away. The user is requested to use "permit_mynetworks" instead. + +The smtpd_sasl_local_domain setting now defaults to the null string, +rather than $myhostname. This seems to work better with Cyrus SASL +version 2. This change may cause incompatibility with the saslpasswd2 +command. + +Major changes with Postfix snapshot 1.1.11-20020804 +=================================================== + +New "hold" queue for mail that should not be delivered. "postqueue +-h" puts mail on hold, and "postqueue -H" releases mail, moving +mail that was "on hold" to the deferred queue. + +Mail is now sent to the mailing list owner when Postfix detects a +Delivered-To: mail delivery loop. Delivery loops happen when idiots +forward mail that was already stored in a mailbox, setting the +envelope recipient address to the To: address (so that mail would +loop back to the mailing list), and setting the envelope sender +address to the From: address (so that the error report would be +sent to the poster). Incompatible changes with Postfix snapshot 1.1.11-20020717 ========================================================== diff --git a/postfix/html/postqueue.1.html b/postfix/html/postqueue.1.html index 8540fa965..ccc74d664 100644 --- a/postfix/html/postqueue.1.html +++ b/postfix/html/postqueue.1.html @@ -30,10 +30,25 @@ POSTQUEUE(1) POSTQUEUE(1) command, by contacting the Postfix qmgr(8) daemon. -p Produce a traditional sendmail-style queue listing. - This option implements the traditional mailq com- mand, by contacting the Postfix showq(8) daemon. + Each queue entry shows the queue file ID, message + size, arrival time, sender, and the recipients that + still need to be delivered. If mail could not be + delivered upon the last attempt, the reason for + failure is shown. This mode of operation is imple- + mented by executing the postqueue(1) command. The + queue ID string is followed by an optional status + character: + + * The message is in the active queue, i.e. the + message is selected for delivery. + + ! The message is in the hold queue, i.e. no + further delivery attempt will be made until + the mail is taken off hold. + -s site Schedule immediate delivery of all mail that is queued for the named site. The site must be eligi- diff --git a/postfix/html/postsuper.1.html b/postfix/html/postsuper.1.html index 7b08e7eff..ed5368959 100644 --- a/postfix/html/postsuper.1.html +++ b/postfix/html/postsuper.1.html @@ -30,7 +30,7 @@ POSTSUPER(1) POSTSUPER(1) mailq | awk 'BEGIN { RS = "" } \ / user@example\.com$/ { print $1 } \ - ' | postsuper -d - + ' | tr -d '*!' | postsuper -d - Specify -d ALL to remove all messages; for example, specify -d ALL deferred to delete mail in the @@ -74,7 +74,9 @@ POSTSUPER(1) POSTSUPER(1) deferred queue. As a safety measure, the word ALL must be specified in upper case. - Note: mail that is put "on hold" will not expire. + Note: mail that is put "on hold" will not expire + when its time in the queue exceeds the maxi- + mal_queue_lifetime setting. -H queue_id Release mail that was put "on hold". Move one mes- diff --git a/postfix/html/sendmail.1.html b/postfix/html/sendmail.1.html index b273b0e31..fafcf5513 100644 --- a/postfix/html/sendmail.1.html +++ b/postfix/html/sendmail.1.html @@ -34,15 +34,7 @@ SENDMAIL(1) SENDMAIL(1) mail could not be delivered upon the last attempt, the reason for failure is shown. This mode of oper- ation is implemented by executing the postqueue(1) - command. The queue ID string is followed by an - optional status character: - - * The message is in the active queue, i.e. the - message is selected for delivery. - - ! The message is in the hold queue, i.e. no - further delivery attempt will be made until - the mail is taken off hold. + command. newaliases Initialize the alias database. If no input file is diff --git a/postfix/man/man1/postqueue.1 b/postfix/man/man1/postqueue.1 index 394d10b19..da8f3d5ee 100644 --- a/postfix/man/man1/postqueue.1 +++ b/postfix/man/man1/postqueue.1 @@ -32,9 +32,23 @@ This option implements the traditional \fBsendmail -q\fR command, by contacting the Postfix \fBqmgr\fR(8) daemon. .IP \fB-p\fR Produce a traditional sendmail-style queue listing. - This option implements the traditional \fBmailq\fR command, by contacting the Postfix \fBshowq\fR(8) daemon. + +Each queue entry shows the queue file ID, message +size, arrival time, sender, and the recipients that still need to +be delivered. If mail could not be delivered upon the last attempt, +the reason for failure is shown. This mode of operation is implemented +by executing the \fBpostqueue\fR(1) command. The queue ID string +is followed by an optional status character: +.RS +.IP \fB*\fR +The message is in the \fBactive\fR queue, i.e. the message is +selected for delivery. +.IP \fB!\fR +The message is in the \fBhold\fR queue, i.e. no further delivery +attempt will be made until the mail is taken off hold. +.RE .IP "\fB-s \fIsite\fR" Schedule immediate delivery of all mail that is queued for the named \fIsite\fR. The site must be eligible for the "fast flush" service. diff --git a/postfix/man/man1/postsuper.1 b/postfix/man/man1/postsuper.1 index fe4d085a2..ecb6d5ee0 100644 --- a/postfix/man/man1/postsuper.1 +++ b/postfix/man/man1/postsuper.1 @@ -37,7 +37,7 @@ mailq | awk \'BEGIN { RS = "" } \e .ti +4 / user@example\e.com$/ { print $1 } \e .br -\' | postsuper -d - +\' | tr -d '*!' | postsuper -d - .sp Specify \fB-d ALL\fR to remove all messages; for example, specify \fB-d ALL deferred\fR to delete mail in the \fBdeferred\fR queue. @@ -80,7 +80,9 @@ Specify \fB-h ALL\fR to hold all messages; for example, specify As a safety measure, the word \fBALL\fR must be specified in upper case. .sp -Note: mail that is put "on hold" will not expire. +Note: mail that is put "on hold" will not expire when its +time in the queue exceeds the \fBmaximal_queue_lifetime\fR +setting. .IP "\fB-H \fIqueue_id\fR" Release mail that was put "on hold". Move one message with the named queue ID from the named diff --git a/postfix/man/man1/sendmail.1 b/postfix/man/man1/sendmail.1 index 2aa43d9a8..bcf13ba80 100644 --- a/postfix/man/man1/sendmail.1 +++ b/postfix/man/man1/sendmail.1 @@ -36,16 +36,7 @@ List the mail queue. Each entry shows the queue file ID, message size, arrival time, sender, and the recipients that still need to be delivered. If mail could not be delivered upon the last attempt, the reason for failure is shown. This mode of operation is implemented -by executing the \fBpostqueue\fR(1) command. The queue ID string -is followed by an optional status character: -.RS -.IP \fB*\fR -The message is in the \fBactive\fR queue, i.e. the message is -selected for delivery. -.IP \fB!\fR -The message is in the \fBhold\fR queue, i.e. no further delivery -attempt will be made until the mail is taken off hold. -.RE +by executing the \fBpostqueue\fR(1) command. .IP \fBnewaliases\fR Initialize the alias database. If no input file is specified (with the \fB-oA\fR option, see below), the program processes the file(s) diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h index 36fa490b7..74542bfe1 100644 --- a/postfix/src/global/mail_version.h +++ b/postfix/src/global/mail_version.h @@ -20,7 +20,7 @@ * Patches change the patchlevel and the release date. Snapshots change the * release date only, unless they include the same bugfix as a patch release. */ -#define MAIL_RELEASE_DATE "20020803" +#define MAIL_RELEASE_DATE "20020804" #define VAR_MAIL_VERSION "mail_version" #define DEF_MAIL_VERSION "1.1.11-" MAIL_RELEASE_DATE diff --git a/postfix/src/local/Makefile.in b/postfix/src/local/Makefile.in index e38a38a35..c5929d49f 100644 --- a/postfix/src/local/Makefile.in +++ b/postfix/src/local/Makefile.in @@ -413,8 +413,10 @@ recipient.o: ../../include/bounce.h recipient.o: ../../include/defer.h recipient.o: ../../include/mail_params.h recipient.o: ../../include/split_addr.h +recipient.o: ../../include/strip_addr.h recipient.o: ../../include/ext_prop.h recipient.o: ../../include/mypwd.h +recipient.o: ../../include/canon_addr.h recipient.o: local.h recipient.o: ../../include/been_here.h recipient.o: ../../include/tok822.h diff --git a/postfix/src/local/alias.c b/postfix/src/local/alias.c index 717f9f57b..d761c7b5a 100644 --- a/postfix/src/local/alias.c +++ b/postfix/src/local/alias.c @@ -191,7 +191,7 @@ int deliver_alias(LOCAL_STATE state, USER_ATTR usr_attr, for (cpp = alias_maps->argv->argv; *cpp; cpp++) { if ((dict = dict_handle(*cpp)) == 0) msg_panic("%s: dictionary not found: %s", myname, *cpp); - if ((dict->flags & DICT_FLAG_FIXED) == 0) { + if ((dict->flags & ALIAS_DICT_FLAGS) != ALIAS_DICT_FLAGS) { msg_warn("invalid alias map type: %s", *cpp); continue; } @@ -245,7 +245,7 @@ int deliver_alias(LOCAL_STATE state, USER_ATTR usr_attr, expansion = mystrdup(alias_result); if (OWNER_ASSIGN(owner) != 0 - && (owner_rhs = maps_find(alias_maps, owner, DICT_FLAG_FIXED)) != 0) { + && (owner_rhs = maps_find(alias_maps, owner, ALIAS_DICT_FLAGS)) != 0) { canon_owner = canon_addr_internal(vstring_alloc(10), var_exp_own_alias ? owner_rhs : owner); SET_OWNER_ATTR(state.msg_attr, STR(canon_owner), state.level); diff --git a/postfix/src/local/local.c b/postfix/src/local/local.c index fb00a3b75..8394a542c 100644 --- a/postfix/src/local/local.c +++ b/postfix/src/local/local.c @@ -516,6 +516,7 @@ static int local_deliver(DELIVER_REQUEST *rqst, char *service) state.msg_attr.queue_id = rqst->queue_id; state.msg_attr.fp = rqst->fp; state.msg_attr.offset = rqst->data_offset; + state.msg_attr.encoding = rqst->encoding; state.msg_attr.sender = rqst->sender; state.msg_attr.relay = service; state.msg_attr.arrival_time = rqst->arrival_time; diff --git a/postfix/src/local/local.h b/postfix/src/local/local.h index 75fa5b0b3..e5ab862f8 100644 --- a/postfix/src/local/local.h +++ b/postfix/src/local/local.h @@ -68,6 +68,7 @@ typedef struct DELIVER_ATTR { char *queue_name; /* mail queue id */ char *queue_id; /* mail queue id */ long offset; /* data offset */ + char *encoding; /* MIME encoding */ char *sender; /* taken from envelope */ char *recipient; /* taken from resolver */ char *domain; /* recipient domain */ @@ -121,6 +122,9 @@ typedef struct LOCAL_STATE { */ #define BOUNCE_ATTR(attr) attr.queue_id, attr.recipient, attr.relay, \ attr.arrival_time +#define BOUNCE_ONE_ATTR(attr) attr.queue_name, attr.queue_id, attr.encoding, \ + attr.sender, attr.recipient, \ + attr.relay, attr.arrival_time #define SENT_ATTR(attr) attr.queue_id, attr.recipient, attr.relay, \ attr.arrival_time #define OPENED_ATTR(attr) attr.queue_id, attr.sender diff --git a/postfix/src/local/recipient.c b/postfix/src/local/recipient.c index 227910d6d..03d1ade72 100644 --- a/postfix/src/local/recipient.c +++ b/postfix/src/local/recipient.c @@ -84,6 +84,7 @@ #include #include #include +#include #include #include #include @@ -214,6 +215,67 @@ int deliver_recipient(LOCAL_STATE state, USER_ATTR usr_attr) state.level, state.msg_attr.recipient)) return (0); + /* + * With each level of recursion, detect and break external message + * forwarding loops. + * + * If the looping recipient address has an owner- alias, send the error + * report there instead. + * + * XXX A delivery agent cannot change the envelope sender address for + * bouncing. As a workaround we use a one-recipient bounce procedure. + * + * The proper fix would be to record in the bounce logfile an error return + * address for each individual recipient. This would also eliminate the + * need for VERP specific bouncing code, at the cost of complicating the + * normal bounce sending procedure, but would simplify the code below. + */ + if (delivered_find(state.loop_info, state.msg_attr.recipient)) { + VSTRING *canon_owner = 0; + + if (var_ownreq_special) { + char *stripped_recipient; + char *owner_alias; + const char *owner_expansion; + +#define FIND_OWNER(lhs, rhs, addr) { \ + lhs = concatenate("owner-", addr, (char *) 0); \ + (void) split_at_right(lhs, '@'); \ + rhs = maps_find(alias_maps, lhs, ALIAS_DICT_FLAGS); \ + } + + FIND_OWNER(owner_alias, owner_expansion, state.msg_attr.recipient); + if (owner_expansion == 0 + && (stripped_recipient = strip_addr(state.msg_attr.recipient, + (char **) 0, + *var_rcpt_delim)) != 0) { + myfree(owner_alias); + FIND_OWNER(owner_alias, owner_expansion, stripped_recipient); + myfree(stripped_recipient); + } + if (owner_expansion != 0) { + canon_owner = canon_addr_internal(vstring_alloc(10), + var_exp_own_alias ? + owner_expansion : owner_alias); + SET_OWNER_ATTR(state.msg_attr, STR(canon_owner), state.level); + } + myfree(owner_alias); + } + if (canon_owner) { + rcpt_stat = bounce_one(BOUNCE_FLAG_KEEP, + BOUNCE_ONE_ATTR(state.msg_attr), + "mail forwarding loop for %s", + state.msg_attr.recipient); + vstring_free(canon_owner); + } else { + rcpt_stat = bounce_append(BOUNCE_FLAG_KEEP, + BOUNCE_ATTR(state.msg_attr), + "mail forwarding loop for %s", + state.msg_attr.recipient); + } + return (rcpt_stat); + } + /* * Set up the recipient-specific attributes. If this is forwarded mail, * leave the delivered attribute alone, so that the forwarded message @@ -249,42 +311,6 @@ int deliver_recipient(LOCAL_STATE state, USER_ATTR usr_attr) return (bounce_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr), "null username in %s", state.msg_attr.recipient)); - /* - * With each level of recursion, detect and break external message - * forwarding loops. If the looping recipient address has an owner- - * alias, then assume the error report should be sent there instead. - * - * XXX A delivery agent cannot change the envelope sender address for - * bouncing, that would break multi-recipient mail. The fix would be to - * change the delivery agent to bounce service protocol. The bounce - * daemon would have to record in the bounce logfile for each bounced - * recipient the sender address that the recipient would have to be - * bounced to. This could simplify VERP implementation, at the cost of - * greatly complicating the normal bounce sending procedure. - */ - if (delivered_find(state.loop_info, state.msg_attr.delivered)) { - VSTRING *canon_owner = 0; - - if (var_ownreq_special) { - char *owner; - const char *owner_rhs; - - owner = concatenate("owner-", state.msg_attr.user, (char *) 0); - owner_rhs = maps_find(alias_maps, owner, ALIAS_DICT_FLAGS); - if (owner_rhs != 0) { - canon_owner = canon_addr_internal(vstring_alloc(10), - var_exp_own_alias ? owner_rhs : owner); - SET_OWNER_ATTR(state.msg_attr, STR(canon_owner), state.level); - } - myfree(owner); - } - rcpt_stat = bounce_append(BOUNCE_FLAG_KEEP, BOUNCE_ATTR(state.msg_attr), - "mail forwarding loop for %s", state.msg_attr.recipient); - if (canon_owner) - vstring_free(canon_owner); - return (rcpt_stat); - } - /* * Run the recipient through the delivery switch. */ diff --git a/postfix/src/postqueue/postqueue.c b/postfix/src/postqueue/postqueue.c index b7a11acdf..ad8a159b7 100644 --- a/postfix/src/postqueue/postqueue.c +++ b/postfix/src/postqueue/postqueue.c @@ -26,9 +26,23 @@ /* by contacting the Postfix \fBqmgr\fR(8) daemon. /* .IP \fB-p\fR /* Produce a traditional sendmail-style queue listing. -/* /* This option implements the traditional \fBmailq\fR command, /* by contacting the Postfix \fBshowq\fR(8) daemon. +/* +/* Each queue entry shows the queue file ID, message +/* size, arrival time, sender, and the recipients that still need to +/* be delivered. If mail could not be delivered upon the last attempt, +/* the reason for failure is shown. This mode of operation is implemented +/* by executing the \fBpostqueue\fR(1) command. The queue ID string +/* is followed by an optional status character: +/* .RS +/* .IP \fB*\fR +/* The message is in the \fBactive\fR queue, i.e. the message is +/* selected for delivery. +/* .IP \fB!\fR +/* The message is in the \fBhold\fR queue, i.e. no further delivery +/* attempt will be made until the mail is taken off hold. +/* .RE /* .IP "\fB-s \fIsite\fR" /* Schedule immediate delivery of all mail that is queued for the named /* \fIsite\fR. The site must be eligible for the "fast flush" service. diff --git a/postfix/src/postsuper/postsuper.c b/postfix/src/postsuper/postsuper.c index ed07f3a98..23dcc645d 100644 --- a/postfix/src/postsuper/postsuper.c +++ b/postfix/src/postsuper/postsuper.c @@ -31,7 +31,7 @@ /* .ti +4 /* / user@example\e.com$/ { print $1 } \e /* .br -/* \' | postsuper -d - +/* \' | tr -d '*!' | postsuper -d - /* .sp /* Specify \fB-d ALL\fR to remove all messages; for example, specify /* \fB-d ALL deferred\fR to delete mail in the \fBdeferred\fR queue. @@ -74,7 +74,9 @@ /* As a safety measure, the word \fBALL\fR must be specified in upper /* case. /* .sp -/* Note: mail that is put "on hold" will not expire. +/* Note: mail that is put "on hold" will not expire when its +/* time in the queue exceeds the \fBmaximal_queue_lifetime\fR +/* setting. /* .IP "\fB-H \fIqueue_id\fR" /* Release mail that was put "on hold". /* Move one message with the named queue ID from the named diff --git a/postfix/src/sendmail/sendmail.c b/postfix/src/sendmail/sendmail.c index 679bd5ddb..53b9c94a6 100644 --- a/postfix/src/sendmail/sendmail.c +++ b/postfix/src/sendmail/sendmail.c @@ -30,16 +30,7 @@ /* size, arrival time, sender, and the recipients that still need to /* be delivered. If mail could not be delivered upon the last attempt, /* the reason for failure is shown. This mode of operation is implemented -/* by executing the \fBpostqueue\fR(1) command. The queue ID string -/* is followed by an optional status character: -/* .RS -/* .IP \fB*\fR -/* The message is in the \fBactive\fR queue, i.e. the message is -/* selected for delivery. -/* .IP \fB!\fR -/* The message is in the \fBhold\fR queue, i.e. no further delivery -/* attempt will be made until the mail is taken off hold. -/* .RE +/* by executing the \fBpostqueue\fR(1) command. /* .IP \fBnewaliases\fR /* Initialize the alias database. If no input file is specified (with /* the \fB-oA\fR option, see below), the program processes the file(s) diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c index abde395c8..88308b543 100644 --- a/postfix/src/smtpd/smtpd_check.c +++ b/postfix/src/smtpd/smtpd_check.c @@ -1535,7 +1535,7 @@ static int check_table_result(SMTPD_STATE *state, const char *table, msg_warn("SMTPD access map %s has entry with lookup table: %s", table, value); msg_warn("do not specify lookup tables inside SMTPD access maps"); - msg_warn("define a restriction class and specify its name instead"); + msg_warn("define a restriction class and specify its name instead."); longjmp(smtpd_check_buf, smtpd_check_reject(state, MAIL_ERROR_SOFTWARE, "451 Server configuration error")); } @@ -2733,6 +2733,7 @@ int var_relay_code; int var_maps_rbl_code; int var_access_map_code; int var_reject_code; +int var_defer_code; int var_non_fqdn_code; int var_smtpd_delay_reject; int var_allow_untrust_route; @@ -2747,6 +2748,7 @@ static INT_TABLE int_table[] = { VAR_MAPS_RBL_CODE, DEF_MAPS_RBL_CODE, &var_maps_rbl_code, VAR_ACCESS_MAP_CODE, DEF_ACCESS_MAP_CODE, &var_access_map_code, VAR_REJECT_CODE, DEF_REJECT_CODE, &var_reject_code, + VAR_DEFER_CODE, DEF_DEFER_CODE, &var_defer_code, VAR_NON_FQDN_CODE, DEF_NON_FQDN_CODE, &var_non_fqdn_code, VAR_SMTPD_DELAY_REJECT, DEF_SMTPD_DELAY_REJECT, &var_smtpd_delay_reject, VAR_ALLOW_UNTRUST_ROUTE, DEF_ALLOW_UNTRUST_ROUTE, &var_allow_untrust_route, diff --git a/postfix/src/smtpd/smtpd_check.in b/postfix/src/smtpd/smtpd_check.in index 44f969ce9..256b22853 100644 --- a/postfix/src/smtpd/smtpd_check.in +++ b/postfix/src/smtpd/smtpd_check.in @@ -170,3 +170,9 @@ helo 1.2.3.4.5 helo 1..2.3.4 helo .1.2.3.4 helo 1.2.3.4.5. +# +# The defer restriction +# +defer_code 444 +helo_restrictions defer +helo foobar diff --git a/postfix/src/smtpd/smtpd_check.ref b/postfix/src/smtpd/smtpd_check.ref index 121c9e32a..8c1b9e325 100644 --- a/postfix/src/smtpd/smtpd_check.ref +++ b/postfix/src/smtpd/smtpd_check.ref @@ -71,6 +71,7 @@ OK >>> helo_restrictions permit_naked_ip_address,reject_invalid_hostname,reject_unknown_hostname OK >>> helo 123.123.123.123 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead OK >>> # >>> # Test the sender restrictions @@ -303,54 +304,82 @@ OK >>> helo_restrictions permit_naked_ip_address,reject_non_fqdn_hostname OK >>> helo [1.2.3.4] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead OK >>> helo [321.255.255.255] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[321.255.255.255]>: Helo command rejected: invalid ip address; from= 501 <[321.255.255.255]>: Helo command rejected: invalid ip address >>> helo [0.255.255.255] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[0.255.255.255]>: Helo command rejected: invalid ip address; from= 501 <[0.255.255.255]>: Helo command rejected: invalid ip address >>> helo [1.2.3.321] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[1.2.3.321]>: Helo command rejected: invalid ip address; from= 501 <[1.2.3.321]>: Helo command rejected: invalid ip address >>> helo [1.2.3] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[1.2.3]>: Helo command rejected: invalid ip address; from= 501 <[1.2.3]>: Helo command rejected: invalid ip address >>> helo [1.2.3.4.5] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[1.2.3.4.5]>: Helo command rejected: invalid ip address; from= 501 <[1.2.3.4.5]>: Helo command rejected: invalid ip address >>> helo [1..2.3.4] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[1..2.3.4]>: Helo command rejected: invalid ip address; from= 501 <[1..2.3.4]>: Helo command rejected: invalid ip address >>> helo [.1.2.3.4] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[.1.2.3.4]>: Helo command rejected: invalid ip address; from= 501 <[.1.2.3.4]>: Helo command rejected: invalid ip address >>> helo [1.2.3.4.5.] +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <[1.2.3.4.5.]>: Helo command rejected: invalid ip address; from= 501 <[1.2.3.4.5.]>: Helo command rejected: invalid ip address >>> helo 1.2.3.4 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead OK >>> helo 321.255.255.255 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <321.255.255.255>: Helo command rejected: invalid ip address; from= 501 <321.255.255.255>: Helo command rejected: invalid ip address >>> helo 0.255.255.255 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <0.255.255.255>: Helo command rejected: invalid ip address; from= 501 <0.255.255.255>: Helo command rejected: invalid ip address >>> helo 1.2.3.321 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <1.2.3.321>: Helo command rejected: invalid ip address; from= 501 <1.2.3.321>: Helo command rejected: invalid ip address >>> helo 1.2.3 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <1.2.3>: Helo command rejected: invalid ip address; from= 501 <1.2.3>: Helo command rejected: invalid ip address >>> helo 1.2.3.4.5 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <1.2.3.4.5>: Helo command rejected: invalid ip address; from= 501 <1.2.3.4.5>: Helo command rejected: invalid ip address >>> helo 1..2.3.4 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <1..2.3.4>: Helo command rejected: invalid ip address; from= 501 <1..2.3.4>: Helo command rejected: invalid ip address >>> helo .1.2.3.4 +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <.1.2.3.4>: Helo command rejected: invalid ip address; from= 501 <.1.2.3.4>: Helo command rejected: invalid ip address >>> helo 1.2.3.4.5. +./smtpd_check: warning: restriction permit_naked_ip_address is deprecated. Use permit_mynetworks instead ./smtpd_check: reject: HELO from foo[131.155.210.17]: 501 <1.2.3.4.5.>: Helo command rejected: invalid ip address; from= 501 <1.2.3.4.5.>: Helo command rejected: invalid ip address +>>> # +>>> # The defer restriction +>>> # +>>> defer_code 444 +OK +>>> helo_restrictions defer +OK +>>> helo foobar +./smtpd_check: reject: HELO from foo[131.155.210.17]: 444 : Helo command rejected: Try again later; from= +444 : Helo command rejected: Try again later diff --git a/postfix/src/util/Makefile.in b/postfix/src/util/Makefile.in index 32868885c..37e0973e9 100644 --- a/postfix/src/util/Makefile.in +++ b/postfix/src/util/Makefile.in @@ -209,112 +209,112 @@ fifo_rdonly_bug: fifo_rdonly_bug.c $(LIB) select_bug: select_bug.c $(LIB) $(CC) $(CFLAGS) -o $@ $@.c $(LIB) $(SYSLIBS) -translit: $(LIB) $@.o +translit: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -fsspace: $(LIB) $@.o +fsspace: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -exec_command: $(LIB) $@.o +exec_command: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -make_dirs: $(LIB) $@.o +make_dirs: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -mac_parse: $(LIB) $@.o +mac_parse: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -vstream_popen: $(LIB) $@.o +vstream_popen: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -fifo_trigger: $(LIB) $@.o +fifo_trigger: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -doze: $(LIB) $@.o +doze: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -mac_expand: $(LIB) $@.o +mac_expand: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -watchdog: $(LIB) $@.o +watchdog: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -unescape: $(LIB) $@.o +unescape: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -hex_quote: $(LIB) $@.o +hex_quote: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -name_mask: $(LIB) $@.o +name_mask: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -rand_sleep: $(LIB) $@.o +rand_sleep: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -sane_time: $(LIB) $@.o +sane_time: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -ctable: $(LIB) $@.o +ctable: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -inet_addr_list: $(LIB) $@.o +inet_addr_list: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -attr_print64: $(LIB) $@.o +attr_print64: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -attr_scan64: $(LIB) $@.o +attr_scan64: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -base64_code: $(LIB) $@.o +base64_code: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -attr_print0: $(LIB) $@.o +attr_print0: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o -attr_scan0: $(LIB) $@.o +attr_scan0: $(LIB) mv $@.o junk $(CC) $(CFLAGS) -DTEST -o $@ $@.c $(LIB) $(SYSLIBS) mv junk $@.o @@ -378,15 +378,13 @@ attr_scan0_test: attr_print0 attr_scan0 attr_scan0.ref diff attr_scan0.ref attr_scan0.tmp rm -f attr_scan0.tmp -DB_TYPE = `../postconf/postconf -h default_database_type` - dict_test: dict_open testdb dict_test.in dict_test.ref rm -f testdb.db testdb.dir testdb.pag - ../postmap/postmap -N testdb - ./dict_open $(DB_TYPE):testdb write < dict_test.in > dict_test.tmp 2>&1 + ../postmap/postmap -N hash:testdb + ./dict_open hash:testdb write < dict_test.in > dict_test.tmp 2>&1 diff dict_test.ref dict_test.tmp - ../postmap/postmap -n testdb - ./dict_open $(DB_TYPE):testdb write < dict_test.in > dict_test.tmp 2>&1 + ../postmap/postmap -n hash:testdb + ./dict_open hash:testdb write < dict_test.in > dict_test.tmp 2>&1 diff dict_test.ref dict_test.tmp rm -f testdb.db testdb.dir testdb.pag dict_test.tmp