From: Wietse Venema <wietse@porcupine.org>
Date: Sun, 29 Jun 2003 05:00:00 +0000 (-0500)
Subject: postfix-2.0.13
X-Git-Tag: v2.0.13^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4c792267e07063b7bd57fc818129591dcd2a3bed;p=thirdparty%2Fpostfix.git

postfix-2.0.13
---

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 85746bbb1..b1ecc72b0 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -7814,11 +7814,40 @@ Apologies for any names omitted.
 	Workaround: Solaris blocking socket read() may hang.  Hernan
 	Perez Masci and Leandro Santi. File: smtpd/smtpd.c.
 
-20030612
+20030611
 
 	Bugfix: the stricter postdrop input filter broke "sendmail
 	-bs". Found by Lutz Jaenicke. File: smtpd/smtpd.c.
 
+20030616
+
+	Cleanup: more accurate "postfix check" warning for files
+	that miss one or more of the required mode 02111 execute
+	permission bits. Matthias Andree. File: conf/postfix-script.
+
+20030618
+
+	Workaround: after "postfix reload", the master daemon now
+	warns when inet_interfaces has changed, and ignores the
+	change, instead of passing incorrect information to the
+	smtp server. File:  master/master_ent.c.
+
+20030620
+
+	Bugfix: after the last change to postdrop, postcat no longer
+	recognized maildrop queue files as valid. File: postcat/postcat.c.
+
+20030621
+
+	Workaround: the safe_open(O_CREAT) race condition exploit
+	avoiding code tries a little harder when it encounters a
+	race condition. File: util/safe_open.c.
+
+20030629
+
+	Cleanup: replaced references to "simulated virtual domains"
+	by "virtual alias domains". Victor Duchovni, Morgan Stanley.
+
 Open problems:
 
 	Low: smtp-source may block when sending large test messages.
diff --git a/postfix/README_FILES/VIRTUAL_README b/postfix/README_FILES/VIRTUAL_README
index 5c9df7613..b0a5e6df5 100644
--- a/postfix/README_FILES/VIRTUAL_README
+++ b/postfix/README_FILES/VIRTUAL_README
@@ -8,7 +8,7 @@ Purpose of this software
 You can use the virtual delivery agent for mailbox delivery of some
 or all domains that are handled by a machine.
 
-This mechanism is different from simulated virtual domains. Those
+This mechanism is different from virtual alias domains. Those
 are implemented by translating every recipient address into a
 different address. For that, see the virtual(5) manual page.
 
diff --git a/postfix/conf/postfix-script b/postfix/conf/postfix-script
index aa9661e8c..036c8b60f 100644
--- a/postfix/conf/postfix-script
+++ b/postfix/conf/postfix-script
@@ -181,7 +181,7 @@ check)
 
 	find $command_directory/postqueue $command_directory/postdrop \
 	    -prune ! -perm -02111 \
-	    -exec $WARN not set-gid: {} \;
+	    -exec $WARN not set-gid or not owner+group+world executable: {} \;
 
 	for name in `ls -d $queue_directory/* | \
 	    egrep '/(bin|etc|lib|usr)$'` ; \
diff --git a/postfix/conf/transport b/postfix/conf/transport
index 3ae93a7f0..b6df3a3ff 100644
--- a/postfix/conf/transport
+++ b/postfix/conf/transport
@@ -16,21 +16,40 @@
 #        relay hosts. The mapping is used by the trivial-rewrite(8)
 #        daemon.
 # 
-#        Normally, the transport table is specified as a text  file
-#        that  serves  as  input  to  the  postmap(1) command.  The
-#        result, an indexed file in dbm or db format, is  used  for
-#        fast  searching  by  the  mail system. Execute the command
-#        postmap /etc/postfix/transport in  order  to  rebuild  the
+#        This mapping overrides the default routing that  is  built
+#        into Postfix:
+# 
+#        mydestination
+#               A  list of domains that is by default delivered via
+#               $local_transport.
+# 
+#        virtual_mailbox_domains
+#               A list of domains that is by default delivered  via
+#               $virtual_transport.
+# 
+#        relay_domains
+#               A  list of domains that is by default delivered via
+#               $relay_transport.
+# 
+#        any other destination
+#               Mail for any other destination is by default deliv-
+#               ered via $default_transport.
+# 
+#        Normally,  the transport table is specified as a text file
+#        that serves as  input  to  the  postmap(1)  command.   The
+#        result,  an  indexed file in dbm or db format, is used for
+#        fast searching by the mail  system.  Execute  the  command
+#        postmap  /etc/postfix/transport  in  order  to rebuild the
 #        indexed file after changing the transport table.
 # 
-#        When  the  table  is provided via other means such as NIS,
-#        LDAP or SQL, the same lookups are  done  as  for  ordinary
+#        When the table is provided via other means  such  as  NIS,
+#        LDAP  or  SQL,  the  same lookups are done as for ordinary
 #        indexed files.
 # 
-#        Alternatively,  the  table  can  be provided as a regular-
+#        Alternatively, the table can be  provided  as  a  regular-
 #        expression map where patterns are given as regular expres-
-#        sions.  In  that  case, the lookups are done in a slightly
-#        different way as described in section "REGULAR  EXPRESSION
+#        sions. In that case, the lookups are done  in  a  slightly
+#        different  way as described in section "REGULAR EXPRESSION
 #        TABLES".
 # 
 # TABLE FORMAT
@@ -41,28 +60,28 @@
 #               domain, use the corresponding result.
 # 
 #        blank lines and comments
-#               Empty lines and whitespace-only lines are  ignored,
-#               as  are  lines whose first non-whitespace character
+#               Empty  lines and whitespace-only lines are ignored,
+#               as are lines whose first  non-whitespace  character
 #               is a `#'.
 # 
 #        multi-line text
-#               A logical line starts with non-whitespace  text.  A
-#               line  that starts with whitespace continues a logi-
+#               A  logical  line starts with non-whitespace text. A
+#               line that starts with whitespace continues a  logi-
 #               cal line.
 # 
-#        The pattern specifies an email address, a domain name,  or
-#        a  domain  name  hierarchy, as described in section "TABLE
+#        The  pattern specifies an email address, a domain name, or
+#        a domain name hierarchy, as described  in  section  "TABLE
 #        LOOKUP".
 # 
-#        The result is of the form transport:nexthop.   The  trans-
-#        port  field  specifies  a  mail delivery transport such as
-#        smtp or local. The nexthop field specifies where  and  how
+#        The  result  is of the form transport:nexthop.  The trans-
+#        port field specifies a mail  delivery  transport  such  as
+#        smtp  or  local. The nexthop field specifies where and how
 #        to deliver mail. More details are given in section "RESULT
 #        FORMAT".
 # 
 # TABLE LOOKUP
 #        With lookups from indexed files such as DB or DBM, or from
-#        networked  tables  such  as NIS, LDAP or SQL, patterns are
+#        networked tables such as NIS, LDAP or  SQL,  patterns  are
 #        tried in the order as listed below:
 # 
 #        user+extension@domain transport:nexthop
@@ -74,134 +93,134 @@
 #               to nexthop.
 # 
 #        domain transport:nexthop
-#               Mail for domain is delivered through  transport  to
+#               Mail  for  domain is delivered through transport to
 #               nexthop.
 # 
 #        .domain transport:nexthop
-#               Mail  for  any  subdomain  of  domain  is delivered
-#               through transport to  nexthop.  This  applies  only
+#               Mail for  any  subdomain  of  domain  is  delivered
+#               through  transport  to  nexthop.  This applies only
 #               when the string transport_maps is not listed in the
 #               parent_domain_matches_subdomains configuration set-
-#               ting.   Otherwise, a domain name matches itself and
+#               ting.  Otherwise, a domain name matches itself  and
 #               its subdomains.
 # 
 #        Note 1: the special pattern * represents any address (i.e.
 #        it functions as the wild-card pattern).
 # 
-#        Note  2:  the  null  recipient  address  is  looked  up as
+#        Note 2:  the  null  recipient  address  is  looked  up  as
 #        $empty_address_recipient@$myhostname (default: mailer-dae-
 #        mon@hostname).
 # 
 # RESULT FORMAT
-#        The  transport field specifies the name of a mail delivery
+#        The transport field specifies the name of a mail  delivery
 #        transport (the first name of a mail delivery service entry
 #        in the Postfix master.cf file).
 # 
-#        The  interpretation  of  the  nexthop  field  is transport
+#        The interpretation  of  the  nexthop  field  is  transport
 #        dependent. In the case of SMTP, specify host:service for a
-#        non-default  server port, and use [host] or [host]:port in
-#        order to disable MX (mail exchanger) DNS lookups.  The  []
+#        non-default server port, and use [host] or [host]:port  in
+#        order  to  disable MX (mail exchanger) DNS lookups. The []
 #        form is required when you specify an IP address instead of
 #        a hostname.
 # 
-#        A null transport and null nexthop  result  means  "do  not
-#        change":  use  the delivery transport and nexthop informa-
-#        tion that would be used when the  entire  transport  table
+#        A  null  transport  and  null nexthop result means "do not
+#        change": use the delivery transport and  nexthop  informa-
+#        tion  that  would  be used when the entire transport table
 #        did not exist.
 # 
-#        A  non-null  transport  field  with  a  null nexthop field
+#        A non-null transport  field  with  a  null  nexthop  field
 #        resets the nexthop information to the recipient domain.
 # 
-#        A null transport field with non-null  nexthop  field  does
+#        A  null  transport  field with non-null nexthop field does
 #        not modify the transport information.
 # 
 # EXAMPLES
-#        In  order to deliver internal mail directly, while using a
-#        mail relay for all other mail, specify a  null  entry  for
-#        internal  destinations  (do not change the delivery trans-
-#        port or the nexthop information) and  specify  a  wildcard
+#        In order to deliver internal mail directly, while using  a
+#        mail  relay  for  all other mail, specify a null entry for
+#        internal destinations (do not change the  delivery  trans-
+#        port  or  the  nexthop information) and specify a wildcard
 #        for all other destinations.
 # 
 #             my.domain    :
 #             .my.domain   :
 #             *            smtp:outbound-relay.my.domain
 # 
-#        In  order  to send mail for foo.org and its subdomains via
+#        In order to send mail for foo.org and its  subdomains  via
 #        the uucp transport to the UUCP host named foo:
 # 
 #             foo.org      uucp:foo
 #             .foo.org     uucp:foo
 # 
-#        When no nexthop host name is  specified,  the  destination
-#        domain  name  is  used instead. For example, the following
-#        directs mail for user@foo.org via the slow transport to  a
-#        mail  exchanger  for foo.org.  The slow transport could be
-#        something that runs at most  one  delivery  process  at  a
+#        When  no  nexthop  host name is specified, the destination
+#        domain name is used instead. For  example,  the  following
+#        directs  mail for user@foo.org via the slow transport to a
+#        mail exchanger for foo.org.  The slow transport  could  be
+#        something  that  runs  at  most  one delivery process at a
 #        time:
 # 
 #             foo.org      slow:
 # 
 #        When no transport is specified, Postfix uses the transport
 #        that matches the address domain class (see TRANSPORT FIELD
-#        discussion  above).   The  following  sends  all  mail for
+#        discussion above).   The  following  sends  all  mail  for
 #        foo.org and its subdomains to host gateway.foo.org:
 # 
 #             foo.org      :[gateway.foo.org]
 #             .foo.org     :[gateway.foo.org]
 # 
-#        In the above example, the  []  are  used  to  suppress  MX
-#        lookups.   The  result  would  likely  point to your local
+#        In  the  above  example,  the  []  are used to suppress MX
+#        lookups.  The result would  likely  point  to  your  local
 #        machine.
 # 
-#        In the case of delivery via SMTP, one  may  specify  host-
+#        In  the  case  of delivery via SMTP, one may specify host-
 #        name:service instead of just a host:
 # 
 #             foo.org      smtp:bar.org:2025
 # 
-#        This  directs  mail  for user@foo.org to host bar.org port
-#        2025. Instead of a numerical port a symbolic name  may  be
-#        used.  Specify  [] around the hostname in order to disable
+#        This directs mail for user@foo.org to  host  bar.org  port
+#        2025.  Instead  of a numerical port a symbolic name may be
+#        used. Specify [] around the hostname in order  to  disable
 #        MX lookups.
 # 
 #        The error mailer can be used to bounce mail:
 # 
-#             .foo.org      error:mail for *.foo.org is not  deliv-
+#             .foo.org       error:mail for *.foo.org is not deliv-
 #        erable
 # 
-#        This  causes  all  mail  for  user@anything.foo.org  to be
+#        This causes  all  mail  for  user@anything.foo.org  to  be
 #        bounced.
 # 
 # REGULAR EXPRESSION TABLES
-#        This section describes how the table lookups  change  when
+#        This  section  describes how the table lookups change when
 #        the table is given in the form of regular expressions. For
-#        a description of regular expression lookup  table  syntax,
+#        a  description  of regular expression lookup table syntax,
 #        see regexp_table(5) or pcre_table(5).
 # 
-#        Each  pattern  is  a regular expression that is applied to
+#        Each pattern is a regular expression that  is  applied  to
 #        the entire domain being looked up. Thus, some.domain.hier-
 #        archy is not broken up into parent domains.
 # 
-#        Patterns  are  applied  in  the  order as specified in the
-#        table, until a pattern is found that  matches  the  search
+#        Patterns are applied in the  order  as  specified  in  the
+#        table,  until  a  pattern is found that matches the search
 #        string.
 # 
-#        Results  are  the  same as with indexed file lookups, with
-#        the additional feature that parenthesized substrings  from
+#        Results are the same as with indexed  file  lookups,  with
+#        the  additional feature that parenthesized substrings from
 #        the pattern can be interpolated as $1, $2 and so on.
 # 
 # CONFIGURATION PARAMETERS
-#        The  following  main.cf parameters are especially relevant
-#        to this topic. See the Postfix  main.cf  file  for  syntax
-#        details  and  for  default  values. Use the postfix reload
+#        The following main.cf parameters are  especially  relevant
+#        to  this  topic.  See  the Postfix main.cf file for syntax
+#        details and for default values.  Use  the  postfix  reload
 #        command after a configuration change.
 # 
 #        empty_address_recipient
-#               The address that is looked up instead of  the  null
+#               The  address  that is looked up instead of the null
 #               sender address.
 # 
 #        parent_domain_matches_subdomains
-#               List  of  Postfix features that use domain.tld pat-
-#               terns  to  match  sub.domain.tld  (as  opposed   to
+#               List of Postfix features that use  domain.tld  pat-
+#               terns   to  match  sub.domain.tld  (as  opposed  to
 #               requiring .domain.tld patterns).
 # 
 #        transport_maps
@@ -214,7 +233,7 @@
 #        regexp_table(5) format of POSIX regular expression tables
 # 
 # LICENSE
-#        The  Secure  Mailer  license must be distributed with this
+#        The Secure Mailer license must be  distributed  with  this
 #        software.
 # 
 # AUTHOR(S)
diff --git a/postfix/html/faq.html b/postfix/html/faq.html
index dba261f2a..660302f4e 100644
--- a/postfix/html/faq.html
+++ b/postfix/html/faq.html
@@ -2618,8 +2618,9 @@ the <b>virtual_mailbox_maps</b> parameter.
 
 <p>
 
-If you want to deliver the domain as a Postfix simulated <a
-href="virtual.8.html">virtual</a>(5) domain, then you should list
+If you want to deliver the domain as a <a href="virtual.8.html">
+virtual</a>(5) alias domain, where each address is aliased to
+a real local or remote address, then you should list
 the virtual domain name in the tables specified with the
 <b>virtual_alias_domains</b> parameter instead.
 
@@ -2638,7 +2639,7 @@ Solutions:
 
 <ul>
 
-<li>Specify a simulated virtual domain as per the
+<li>Specify a virtual alias domain as per the
 <a href="virtual.5.html">virtual(5)</a> manual page.
 
 <p>
diff --git a/postfix/html/rewrite.html b/postfix/html/rewrite.html
index eeb374310..b3760d22a 100644
--- a/postfix/html/rewrite.html
+++ b/postfix/html/rewrite.html
@@ -310,8 +310,8 @@ href="cleanup.8.html">cleanup</a> daemon uses the <a
 href="virtual.5.html">virtual alias</a> table to redirect mail for all
 recipients, local or remote.  The mapping affects only envelope
 recipients; it has no effect on message headers or envelope senders.
-Virtual alias lookups are useful to redirect mail for simulated
-virtual domains to real user mailboxes, and to redirect mail for
+Virtual alias lookups are useful to redirect mail for virtual
+alias domains to real user mailboxes, and to redirect mail for
 domains that no longer exist.  Virtual alias lookups can also be
 used to transform <i> Firstname.Lastname </i> back into UNIX login
 names, although it seems that local <a href="#aliases">aliases</a>
diff --git a/postfix/html/transport.5.html b/postfix/html/transport.5.html
index 3d63496b8..4d6185c8f 100644
--- a/postfix/html/transport.5.html
+++ b/postfix/html/transport.5.html
@@ -17,21 +17,40 @@ TRANSPORT(5)                                         TRANSPORT(5)
        relay hosts. The mapping is used by the <a href="trivial-rewrite.8.html"><b>trivial-rewrite</b>(8)</a>
        daemon.
 
-       Normally, the <b>transport</b> table is specified as a text  file
-       that  serves  as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a> command.  The
-       result, an indexed file in <b>dbm</b> or <b>db</b> format, is  used  for
-       fast  searching  by  the  mail system. Execute the command
-       <b>postmap</b> <b>/etc/postfix/transport</b> in  order  to  rebuild  the
+       This mapping overrides the default routing that  is  built
+       into Postfix:
+
+       <b>mydestination</b>
+              A  list of domains that is by default delivered via
+              <b>$local</b><i>_</i><b>transport</b>.
+
+       <b>virtual</b><i>_</i><b>mailbox</b><i>_</i><b>domains</b>
+              A list of domains that is by default delivered  via
+              <b>$virtual</b><i>_</i><b>transport</b>.
+
+       <b>relay</b><i>_</i><b>domains</b>
+              A  list of domains that is by default delivered via
+              <b>$relay</b><i>_</i><b>transport</b>.
+
+       any other destination
+              Mail for any other destination is by default deliv-
+              ered via <b>$default</b><i>_</i><b>transport</b>.
+
+       Normally,  the <b>transport</b> table is specified as a text file
+       that serves as  input  to  the  <a href="postmap.1.html"><b>postmap</b>(1)</a>  command.   The
+       result,  an  indexed file in <b>dbm</b> or <b>db</b> format, is used for
+       fast searching by the mail  system.  Execute  the  command
+       <b>postmap</b>  <b>/etc/postfix/transport</b>  in  order  to rebuild the
        indexed file after changing the transport table.
 
-       When  the  table  is provided via other means such as NIS,
-       LDAP or SQL, the same lookups are  done  as  for  ordinary
+       When the table is provided via other means  such  as  NIS,
+       LDAP  or  SQL,  the  same lookups are done as for ordinary
        indexed files.
 
-       Alternatively,  the  table  can  be provided as a regular-
+       Alternatively, the table can be  provided  as  a  regular-
        expression map where patterns are given as regular expres-
-       sions.  In  that  case, the lookups are done in a slightly
-       different way as described in section "REGULAR  EXPRESSION
+       sions. In that case, the lookups are done  in  a  slightly
+       different  way as described in section "REGULAR EXPRESSION
        TABLES".
 
 <b>TABLE</b> <b>FORMAT</b>
@@ -42,28 +61,28 @@ TRANSPORT(5)                                         TRANSPORT(5)
               domain, use the corresponding <i>result</i>.
 
        blank lines and comments
-              Empty lines and whitespace-only lines are  ignored,
-              as  are  lines whose first non-whitespace character
+              Empty  lines and whitespace-only lines are ignored,
+              as are lines whose first  non-whitespace  character
               is a `#'.
 
        multi-line text
-              A logical line starts with non-whitespace  text.  A
-              line  that starts with whitespace continues a logi-
+              A  logical  line starts with non-whitespace text. A
+              line that starts with whitespace continues a  logi-
               cal line.
 
-       The <i>pattern</i> specifies an email address, a domain name,  or
-       a  domain  name  hierarchy, as described in section "TABLE
+       The  <i>pattern</i> specifies an email address, a domain name, or
+       a domain name hierarchy, as described  in  section  "TABLE
        LOOKUP".
 
-       The <i>result</i> is of the form <i>transport</i><b>:</b><i>nexthop</i>.   The  <i>trans-</i>
-       <i>port</i>  field  specifies  a  mail delivery transport such as
-       <b>smtp</b> or <b>local</b>. The <i>nexthop</i> field specifies where  and  how
+       The  <i>result</i>  is of the form <i>transport</i><b>:</b><i>nexthop</i>.  The <i>trans-</i>
+       <i>port</i> field specifies a mail  delivery  transport  such  as
+       <b>smtp</b>  or  <b>local</b>. The <i>nexthop</i> field specifies where and how
        to deliver mail. More details are given in section "RESULT
        FORMAT".
 
 <b>TABLE</b> <b>LOOKUP</b>
        With lookups from indexed files such as DB or DBM, or from
-       networked  tables  such  as NIS, LDAP or SQL, patterns are
+       networked tables such as NIS, LDAP or  SQL,  patterns  are
        tried in the order as listed below:
 
        <i>user+extension@domain</i> <i>transport</i>:<i>nexthop</i>
@@ -75,134 +94,134 @@ TRANSPORT(5)                                         TRANSPORT(5)
               to <i>nexthop</i>.
 
        <i>domain</i> <i>transport</i>:<i>nexthop</i>
-              Mail for <i>domain</i> is delivered through  <i>transport</i>  to
+              Mail  for  <i>domain</i> is delivered through <i>transport</i> to
               <i>nexthop</i>.
 
        <i>.domain</i> <i>transport</i>:<i>nexthop</i>
-              Mail  for  any  subdomain  of  <i>domain</i>  is delivered
-              through <i>transport</i> to  <i>nexthop</i>.  This  applies  only
+              Mail for  any  subdomain  of  <i>domain</i>  is  delivered
+              through  <i>transport</i>  to  <i>nexthop</i>.  This applies only
               when the string <b>transport</b><i>_</i><b>maps</b> is not listed in the
               <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b> configuration set-
-              ting.   Otherwise, a domain name matches itself and
+              ting.  Otherwise, a domain name matches itself  and
               its subdomains.
 
        Note 1: the special pattern <b>*</b> represents any address (i.e.
        it functions as the wild-card pattern).
 
-       Note  2:  the  null  recipient  address  is  looked  up as
+       Note 2:  the  null  recipient  address  is  looked  up  as
        <b>$empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>@<b>$myhostname</b> (default: mailer-dae-
        mon@hostname).
 
 <b>RESULT</b> <b>FORMAT</b>
-       The  transport field specifies the name of a mail delivery
+       The transport field specifies the name of a mail  delivery
        transport (the first name of a mail delivery service entry
        in the Postfix <b>master.cf</b> file).
 
-       The  interpretation  of  the  nexthop  field  is transport
+       The interpretation  of  the  nexthop  field  is  transport
        dependent. In the case of SMTP, specify <i>host</i>:<i>service</i> for a
-       non-default  server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i> in
-       order to disable MX (mail exchanger) DNS lookups.  The  []
+       non-default server port, and use [<i>host</i>] or [<i>host</i>]:<i>port</i>  in
+       order  to  disable MX (mail exchanger) DNS lookups. The []
        form is required when you specify an IP address instead of
        a hostname.
 
-       A null <i>transport</i> and null <i>nexthop</i>  result  means  "do  not
-       change":  use  the delivery transport and nexthop informa-
-       tion that would be used when the  entire  transport  table
+       A  null  <i>transport</i>  and  null <i>nexthop</i> result means "do not
+       change": use the delivery transport and  nexthop  informa-
+       tion  that  would  be used when the entire transport table
        did not exist.
 
-       A  non-null  <i>transport</i>  field  with  a  null <i>nexthop</i> field
+       A non-null <i>transport</i>  field  with  a  null  <i>nexthop</i>  field
        resets the nexthop information to the recipient domain.
 
-       A null <i>transport</i> field with non-null  <i>nexthop</i>  field  does
+       A  null  <i>transport</i>  field with non-null <i>nexthop</i> field does
        not modify the transport information.
 
 <b>EXAMPLES</b>
-       In  order to deliver internal mail directly, while using a
-       mail relay for all other mail, specify a  null  entry  for
-       internal  destinations  (do not change the delivery trans-
-       port or the nexthop information) and  specify  a  wildcard
+       In order to deliver internal mail directly, while using  a
+       mail  relay  for  all other mail, specify a null entry for
+       internal destinations (do not change the  delivery  trans-
+       port  or  the  nexthop information) and specify a wildcard
        for all other destinations.
 
             <b>my.domain</b>    <b>:</b>
             <b>.my.domain</b>   <b>:</b>
             <b>*</b>            <b>smtp:outbound-relay.my.domain</b>
 
-       In  order  to send mail for <b>foo.org</b> and its subdomains via
+       In order to send mail for <b>foo.org</b> and its  subdomains  via
        the <b>uucp</b> transport to the UUCP host named <b>foo</b>:
 
             <b>foo.org</b>      <b>uucp:foo</b>
             <b>.foo.org</b>     <b>uucp:foo</b>
 
-       When no nexthop host name is  specified,  the  destination
-       domain  name  is  used instead. For example, the following
-       directs mail for <i>user</i>@<b>foo.org</b> via the <b>slow</b> transport to  a
-       mail  exchanger  for <b>foo.org</b>.  The <b>slow</b> transport could be
-       something that runs at most  one  delivery  process  at  a
+       When  no  nexthop  host name is specified, the destination
+       domain name is used instead. For  example,  the  following
+       directs  mail for <i>user</i>@<b>foo.org</b> via the <b>slow</b> transport to a
+       mail exchanger for <b>foo.org</b>.  The <b>slow</b> transport  could  be
+       something  that  runs  at  most  one delivery process at a
        time:
 
             <b>foo.org</b>      <b>slow:</b>
 
        When no transport is specified, Postfix uses the transport
        that matches the address domain class (see TRANSPORT FIELD
-       discussion  above).   The  following  sends  all  mail for
+       discussion above).   The  following  sends  all  mail  for
        <b>foo.org</b> and its subdomains to host <b>gateway.foo.org</b>:
 
             <b>foo.org</b>      <b>:[gateway.foo.org]</b>
             <b>.foo.org</b>     <b>:[gateway.foo.org]</b>
 
-       In the above example, the  []  are  used  to  suppress  MX
-       lookups.   The  result  would  likely  point to your local
+       In  the  above  example,  the  []  are used to suppress MX
+       lookups.  The result would  likely  point  to  your  local
        machine.
 
-       In the case of delivery via SMTP, one  may  specify  <i>host-</i>
+       In  the  case  of delivery via SMTP, one may specify <i>host-</i>
        <i>name</i>:<i>service</i> instead of just a host:
 
             <b>foo.org</b>      <b>smtp:bar.org:2025</b>
 
-       This  directs  mail  for <i>user</i>@<b>foo.org</b> to host <b>bar.org</b> port
-       <b>2025</b>. Instead of a numerical port a symbolic name  may  be
-       used.  Specify  [] around the hostname in order to disable
+       This directs mail for <i>user</i>@<b>foo.org</b> to  host  <b>bar.org</b>  port
+       <b>2025</b>.  Instead  of a numerical port a symbolic name may be
+       used. Specify [] around the hostname in order  to  disable
        MX lookups.
 
        The error mailer can be used to bounce mail:
 
-            <b>.foo.org</b>      <b>error:mail</b> <b>for</b> <b>*.foo.org</b> <b>is</b> <b>not</b>  <b>deliv-</b>
+            <b>.foo.org</b>       <b>error:mail</b> <b>for</b> <b>*.foo.org</b> <b>is</b> <b>not</b> <b>deliv-</b>
        <b>erable</b>
 
-       This  causes  all  mail  for  <i>user</i>@<i>anything</i><b>.foo.org</b>  to be
+       This causes  all  mail  for  <i>user</i>@<i>anything</i><b>.foo.org</b>  to  be
        bounced.
 
 <b>REGULAR</b> <b>EXPRESSION</b> <b>TABLES</b>
-       This section describes how the table lookups  change  when
+       This  section  describes how the table lookups change when
        the table is given in the form of regular expressions. For
-       a description of regular expression lookup  table  syntax,
+       a  description  of regular expression lookup table syntax,
        see <a href="regexp_table.5.html"><b>regexp</b><i>_</i><b>table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre</b><i>_</i><b>table</b>(5)</a>.
 
-       Each  pattern  is  a regular expression that is applied to
+       Each pattern is a regular expression that  is  applied  to
        the entire domain being looked up. Thus, <i>some.domain.hier-</i>
        <i>archy</i> is not broken up into parent domains.
 
-       Patterns  are  applied  in  the  order as specified in the
-       table, until a pattern is found that  matches  the  search
+       Patterns are applied in the  order  as  specified  in  the
+       table,  until  a  pattern is found that matches the search
        string.
 
-       Results  are  the  same as with indexed file lookups, with
-       the additional feature that parenthesized substrings  from
+       Results are the same as with indexed  file  lookups,  with
+       the  additional feature that parenthesized substrings from
        the pattern can be interpolated as <b>$1</b>, <b>$2</b> and so on.
 
 <b>CONFIGURATION</b> <b>PARAMETERS</b>
-       The  following  <b>main.cf</b> parameters are especially relevant
-       to this topic. See the Postfix  <b>main.cf</b>  file  for  syntax
-       details  and  for  default  values. Use the <b>postfix</b> <b>reload</b>
+       The following <b>main.cf</b> parameters are  especially  relevant
+       to  this  topic.  See  the Postfix <b>main.cf</b> file for syntax
+       details and for default values.  Use  the  <b>postfix</b>  <b>reload</b>
        command after a configuration change.
 
        <b>empty</b><i>_</i><b>address</b><i>_</i><b>recipient</b>
-              The address that is looked up instead of  the  null
+              The  address  that is looked up instead of the null
               sender address.
 
        <b>parent</b><i>_</i><b>domain</b><i>_</i><b>matches</b><i>_</i><b>subdomains</b>
-              List  of  Postfix features that use <i>domain.tld</i> pat-
-              terns  to  match  <i>sub.domain.tld</i>  (as  opposed   to
+              List of Postfix features that use  <i>domain.tld</i>  pat-
+              terns   to  match  <i>sub.domain.tld</i>  (as  opposed  to
               requiring <i>.domain.tld</i> patterns).
 
        <b>transport</b><i>_</i><b>maps</b>
@@ -215,7 +234,7 @@ TRANSPORT(5)                                         TRANSPORT(5)
        <a href="regexp_table.5.html">regexp_table(5)</a> format of POSIX regular expression tables
 
 <b>LICENSE</b>
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 <b>AUTHOR(S)</b>
diff --git a/postfix/man/man5/transport.5 b/postfix/man/man5/transport.5
index e4c69f372..05eba4ca1 100644
--- a/postfix/man/man5/transport.5
+++ b/postfix/man/man5/transport.5
@@ -20,6 +20,21 @@ The optional \fBtransport\fR table specifies a mapping from email
 addresses to message delivery transports and/or relay hosts. The
 mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
 
+This mapping overrides the default routing that is built into
+Postfix:
+.IP \fBmydestination\fR
+A list of domains that is by default delivered via
+\fB$local_transport\fR.
+.IP \fBvirtual_mailbox_domains\fR
+A list of domains that is by default delivered via
+\fB$virtual_transport\fR.
+.IP \fBrelay_domains\fR
+A list of domains that is by default delivered via
+\fB$relay_transport\fR.
+.IP "any other destination"
+Mail for any other destination is by default delivered via
+\fB$default_transport\fR.
+.PP
 Normally, the \fBtransport\fR table is specified as a text file
 that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
diff --git a/postfix/proto/transport b/postfix/proto/transport
index e9ca553a0..122fdfb5d 100644
--- a/postfix/proto/transport
+++ b/postfix/proto/transport
@@ -14,6 +14,21 @@
 #	addresses to message delivery transports and/or relay hosts. The
 #	mapping is used by the \fBtrivial-rewrite\fR(8) daemon.
 #
+#	This mapping overrides the default routing that is built into
+#	Postfix:
+# .IP \fBmydestination\fR
+#	A list of domains that is by default delivered via
+#	\fB$local_transport\fR.
+# .IP \fBvirtual_mailbox_domains\fR
+#	A list of domains that is by default delivered via
+#	\fB$virtual_transport\fR.
+# .IP \fBrelay_domains\fR
+#	A list of domains that is by default delivered via
+#	\fB$relay_transport\fR.
+# .IP "any other destination"
+#	Mail for any other destination is by default delivered via
+#	\fB$default_transport\fR.
+# .PP
 #	Normally, the \fBtransport\fR table is specified as a text file
 #	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format, is used
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index cda2da2fe..b49999f31 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,10 +20,10 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20030611"
+#define MAIL_RELEASE_DATE	"20030629"
 
 #define VAR_MAIL_VERSION	"mail_version"
-#define DEF_MAIL_VERSION	"2.0.12"
+#define DEF_MAIL_VERSION	"2.0.13"
 extern char *var_mail_version;
 
  /*
diff --git a/postfix/src/global/resolve_clnt.c b/postfix/src/global/resolve_clnt.c
index 4d739609f..e729b6184 100644
--- a/postfix/src/global/resolve_clnt.c
+++ b/postfix/src/global/resolve_clnt.c
@@ -59,8 +59,8 @@
 /* .IP RESOLVE_CLASS_LOCAL
 /*	The address domain matches $mydestination or $inet_interfaces.
 /* .IP RESOLVE_CLASS_ALIAS
-/*	The address domain matches $virtual_alias_domains (simulated
-/*	virtual domains, where each address is redirected to a real
+/*	The address domain matches $virtual_alias_domains (virtual
+/*	alias domains, where each address is redirected to a real
 /*	local or remote address).
 /* .IP RESOLVE_CLASS_VIRTUAL
 /*	The address domain matches $virtual_mailbox_domains (true
diff --git a/postfix/src/master/master_ent.c b/postfix/src/master/master_ent.c
index cccaa8ea1..11ff16cc9 100644
--- a/postfix/src/master/master_ent.c
+++ b/postfix/src/master/master_ent.c
@@ -234,10 +234,26 @@ MASTER_SERV *get_master_ent()
     int     n;
     char   *bufp;
     char   *atmp;
+    static char *saved_interfaces = 0;
 
     if (master_fp == 0)
 	msg_panic("get_master_ent: config file not open");
 
+    /*
+     * XXX We cannot change the inet_interfaces setting for a running master
+     * process. Listening sockets are inherited by child processes so that
+     * closing and reopening those sockets in the master does not work.
+     * 
+     * Another problem is that library routines still cache results that are
+     * based on the old inet_interfaces setting. It is too much trouble to
+     * recompute everything.
+     * 
+     * In order to keep our data structures consistent we ignore changes in
+     * inet_interfaces settings, and issue a warning instead.
+     */
+    if (saved_interfaces == 0)
+	saved_interfaces = mystrdup(var_inet_interfaces);
+
     /*
      * Skip blank lines and comment lines.
      */
@@ -274,6 +290,12 @@ MASTER_SERV *get_master_ent()
 
     transport = get_str_ent(&bufp, "transport type", (char *) 0);
     if (STR_SAME(transport, MASTER_XPORT_NAME_INET)) {
+	if (!STR_SAME(saved_interfaces, var_inet_interfaces)) {
+	    msg_warn("service %s: ignoring %s change",
+		     name, VAR_INET_INTERFACES);
+	    msg_warn("to change %s, stop and start Postfix",
+		     VAR_INET_INTERFACES);
+	}
 	serv->type = MASTER_SERV_TYPE_INET;
 	atmp = inet_parse(name, &host, &port);
 	if (*host) {
@@ -284,7 +306,7 @@ MASTER_SERV *get_master_ent()
 	    inet_addr_host(MASTER_INET_ADDRLIST(serv), host);
 	    inet_addr_list_uniq(MASTER_INET_ADDRLIST(serv));
 	    serv->listen_fd_count = MASTER_INET_ADDRLIST(serv)->used;
-	} else if (strcasecmp(var_inet_interfaces, DEF_INET_INTERFACES) == 0) {
+	} else if (strcasecmp(saved_interfaces, DEF_INET_INTERFACES) == 0) {
 	    MASTER_INET_ADDRLIST(serv) = 0;	/* wild-card */
 	    serv->listen_fd_count = 1;
 	} else {
diff --git a/postfix/src/postcat/postcat.c b/postfix/src/postcat/postcat.c
index 4f4ab9d72..83fccadac 100644
--- a/postfix/src/postcat/postcat.c
+++ b/postfix/src/postcat/postcat.c
@@ -57,6 +57,7 @@
 #include <unistd.h>
 #include <time.h>
 #include <fcntl.h>
+#include <string.h>
 
 /* Utility library. */
 
@@ -97,7 +98,7 @@ static void postcat(VSTREAM *fp, VSTRING *buffer)
      * See if this is a plausible file.
      */
     if ((ch = VSTREAM_GETC(fp)) != VSTREAM_EOF) {
-	if (ch != REC_TYPE_TIME && ch != REC_TYPE_SIZE) {
+	if (!strchr(REC_TYPE_ENVELOPE, ch)) {
 	    msg_warn("%s: input is not a valid queue file", VSTREAM_PATH(fp));
 	    return;
 	}
diff --git a/postfix/src/util/safe_open.c b/postfix/src/util/safe_open.c
index 657f9a32a..c047a5bac 100644
--- a/postfix/src/util/safe_open.c
+++ b/postfix/src/util/safe_open.c
@@ -244,12 +244,16 @@ VSTREAM *safe_open(const char *path, int flags, int mode,
 	/*
 	 * Open an existing file or create a new one, carefully. When opening
 	 * an existing file, we are prepared to deal with "no file" errors
-	 * only. Any other error means we better give up trying.
+	 * only. When creating a file, we are prepared for "file exists"
+	 * errors only. Any other error means we better give up trying.
 	 */
     case O_CREAT:
-	if ((fp = safe_open_exist(path, flags, st, why)) == 0)
-	    if (errno == ENOENT)
-		fp = safe_open_create(path, flags, mode, st, user, group, why);
+	fp = safe_open_exist(path, flags, st, why);
+	if (fp == 0 && errno == ENOENT) {
+	    fp = safe_open_create(path, flags, mode, st, user, group, why);
+	    if (fp == 0 && errno == EEXIST)
+		fp = safe_open_exist(path, flags, st, why);
+	}
 	return (fp);
 
 	/*